API endpoints

POST /api/scan

{
  "url": "https://example.com",
  "device": "mobile",
  "crawl": { "enabled": true, "maxLinks": 5 },
  "visibility": "unlisted"
}

Returns { id, manageToken } (token is shown once).

GET /api/report/:id

Returns status and preview data. Locked reports may require lead capture before preview fields are returned.

POST /api/report/:id/delete

Requires manageToken from the scan response.

Rate limits

Scan requests are rate-limited per IP + hostname and plan monthly caps. Check response headers/body.