I also tried a number of made-up emails and they were not found. I tried plausible and implausible with the same result. So the lookup seems to be legit, but I don't know how my old email address ended up in so many places.
But if those are common/semi-common and others who used them too and were hacked, those pw's will show up. Improperly designed password generators that use the same default seed will dish out the same random scramble to all who use it. If you download one and it dishes out the same pw on two different phones/PC's, avoid.
How do you see what sites the passwords were used on? I don’t see that on the pwned site when I search on a password.