API Documentation

Introduction

The BreachHub API provides access to a comprehensive suite of OSINT and data breach intelligence tools through a unified interface. All endpoints use GET requests and require authentication via API key.

Base URL

https://breachhub.org

Request Format

GET https://breachhub.org/api/{endpoint}?{parameters}&key={YOUR_API_KEY}

Rate Limits

Maximum 10 requests per second and 120 requests per minute. Exceeding these limits will result in a 30-minute access block.

Plan Type	Daily Limit	Rate Limit
Premium	500 searches/day	10 req/sec, 120 req/min
Premium Advanced	2000 searches/day	10 req/sec, 120 req/min
Lifetime	Unlimited	10 req/sec, 120 req/min

API Status

Check the real-time status of all BreachHub sources. This endpoint tests every API with real queries every 3 hours (first check 5s after startup) and returns their current availability, description, category, and endpoints.

GET /api/status?key={KEY_API}

Parameters

key (string, required): Your API key

Example Request

cURL

curl -X GET "https://breachhub.org/api/status?key=your_api_key"

Response

JSON

{
  "success": true,
  "status": "partial_outage",
  "summary": {
    "total_sources": 44,
    "total_endpoints": 120,
    "operational": 40,
    "down": 2,
    "timeout": 1,
    "errors": 1
  },
  "categories": [
    "breach",
    "intelligence_platform",
    "network_intelligence",
    "social_osint",
    "specialized_tools",
    "user_lookup"
  ],
  "sources": [
    {
      "id": "breachhub",
      "name": "BreachHub",
      "description": "Unified breach intelligence — data leaks, digital footprints, and public document metadata.",
      "category": "intelligence_platform",
      "status": "operational",
      "response_time_ms": 125,
      "endpoints": [
        {
          "path": "/api/breachhub/search",
          "supportedParams": ["query"],
          "supportedTypes": ["email", "username", "ip", "discord_id", "fivem_license"]
        }
      ]
    },
    {
      "id": "snusbase",
      "name": "Snusbase",
      "description": "Large-scale breach database — combo lists, stealer logs, and leaked credentials.",
      "category": "breach",
      "status": "operational",
      "response_time_ms": 312,
      "endpoints": [
        {
          "path": "/api/snusbase/search",
          "supportedParams": ["query", "type"],
          "supportedTypes": ["email", "username", "password", "hash", "name", "ip"]
        }
      ]
    },
    {
      "id": "intelx",
      "name": "IntelX",
      "description": "Intelligence X — darknet, paste sites, public leaks, and OSINT feeds.",
      "category": "breach",
      "status": "timeout",
      "response_time_ms": 15001,
      "error": "TIMEOUT",
      "endpoints": [
        {
          "path": "/api/intelx/search",
          "supportedParams": ["query"],
          "supportedTypes": ["email", "domain", "ip", "url", "phone", "bitcoin"]
        }
      ]
    }
  ],
  "timestamp": "2026-03-21T10:45:23.456Z",
  "next_check": "2026-03-21T13:45:23.456Z"
}

Source Status Values

Status	Description
`operational`	Source is working correctly
`down`	Source is unreachable (connection refused, DNS error, 500)
`timeout`	Source did not respond within 15 seconds
`rate_limited`	Source returned a rate limit or quota error
`auth_error`	API key issue (expired, invalid)
`error`	Other error
`partial`	Source partially working (some endpoints failing)

Overall Status

Value	Description
`all_operational`	All sources are working
`partial_outage`	Some sources are down or have issues
`major_outage`	All sources are down

Category	Description
`breach`	Breach databases, combo lists, stealer logs, leaked credentials
`intelligence_platform`	Unified OSINT and intelligence platforms
`social_osint`	Social media lookup, identity verification, phone/email intelligence
`specialized_tools`	BIN lookup, VIN decoder, document metadata, specialized searches
`network_intelligence`	IP geolocation, port scanning, network infrastructure
`user_lookup`	Platform-specific user lookups (GitHub, Discord, etc.)

BreachHub

Access comprehensive breach and OSINT intelligence through our unified API, including data leaks, digital footprints, and public document metadata.

GET /api/breachhub/google-osint/docs?query={query}&key={KEY_API}

Parameters

query (string, required): Url Docs Google
key (string, required): Your API key

Example Request

cURL

curl -X GET "https://breachhub.org/api/breachhub/google-osint/docs?query=https://docs.google.com/document/d/13P3p5bA3lslqEJT1BGeTL1L5ZrQq_fSov_56jT9vf0I&key=your_api_key"

GET /api/breachhub/ganknow/profil?username={query}&key={KEY_API}

Parameters

username (string, required): Username to lookup
key (string, required): Your API key

Example Request

cURL

curl -X GET "https://breachhub.org/api/breachhub/ganknow/profil?username=user&key=your_api_key"

GET /api/breachhub/xbox-lookup?query={query}&key={KEY_API}

Parameters

query (string, required): Username Xbox
key (string, required): Your API key

Example Request

cURL

curl -X GET "https://breachhub.org/api/breachhub/xbox-lookup?query=user&key=your_api_key"

GET /api/breachhub/steam?steam_id={query}&key={KEY_API}

Parameters

steam_id (string, required): SteamID64, SteamID hex, SteamID decimal, or vanity URL
key (string, required): Your API key

Example Request

cURL - Steam Lookup

curl -X GET "https://breachhub.org/api/breachhub/steam?steam_id=76561198012345678&key=your_api_key"

GET /api/breachhub/crypto?category={btc|eth}&term={address}&key={KEY_API}

Parameters

category (string, required): btc or eth
term (string, required): Wallet address
key (string, required): Your API key

Example Requests

cURL - BTC Wallet

curl -X GET "https://breachhub.org/api/breachhub/crypto?category=btc&term=1A1zP1eP5QGefi2DMPTfTL5SLmv7DivfNa&key=your_api_key"

cURL - ETH Wallet

curl -X GET "https://breachhub.org/api/breachhub/crypto?category=eth&term=0xde0B295669a9FD93d5F28D9Ec85E40f4cb697BAe&key=your_api_key"

StalkMe — Discord Intelligence

Search Discord messages and users via the StalkMe network.

GET /api/breachhub/stalkme/lookup?id={discord_id}&key={KEY_API}

Parameters

id (string, required): Discord user ID
key (string, required): Your API key

Example Request

cURL

curl -X GET "https://breachhub.org/api/breachhub/stalkme/lookup?id=80351110224678912&key=your_api_key"

GET /api/breachhub/stalkme/search?query={query}&key={KEY_API}

Parameters

query (string, required): Search keyword
key (string, required): Your API key

Example Request

cURL

curl -X GET "https://breachhub.org/api/breachhub/stalkme/search?query=hello&key=your_api_key"

GET /api/breachhub/stalkme/suggest?query={prefix}&key={KEY_API}

Parameters

query (string, required): Username prefix
key (string, required): Your API key

Example Request

cURL

curl -X GET "https://breachhub.org/api/breachhub/stalkme/suggest?query=test&key=your_api_key"

Snusbase

Comprehensive database search with advanced filtering capabilities.

GET /api/snusbase?query={query}&key={KEY_API}

Parameters

query (string, required): Search term (email, username, etc.)
key (string, required): Your API key

Example Request

cURL

curl -X GET "https://breachhub.org/api/[email protected]&key=your_api_key"

GET /api/snusbase/combo-lookup?type={type}&query={query}&key={KEY_API}

Parameters

type (string, required): username or password
query (string, required): Search term
key (string, required): Your API key

GET /api/snusbase/hash-lookup?type=hash&query={hash}&key={KEY_API}

Parameters

type (string, required): hash or password
query (string, required): Password hash (MD5, SHA1, etc.)
key (string, required): Your API key

GET /api/snusbase/ip-whois?query={ip}&key={KEY_API}

Parameters

query (string, required): IP address
key (string, required): Your API key

LeakOsint

OSINT search for leaked information across multiple sources.

GET /api/leakosint?query={query}&key={KEY_API}

Parameters

query (string, required): Search term
key (string, required): Your API key

Example Request

cURL

curl -X GET "https://breachhub.org/api/[email protected]&key=your_api_key"

LeakCheck V2

Advanced search with pagination and filtering options.

GET /api/leakcheck/v2?query={query}&key={KEY_API}

Parameters

query (string, required): Search term
key (string, required): Your API key

Example Request

cURL

curl -X GET "https://breachhub.org/api/leakcheck/[email protected]&key=your_api_key"

Breachbase

Comprehensive breach database with email, username, and password search.

GET /api/breachbase?category={type}&term={term}&key={KEY_API}

Parameters

category (string, required): email, username
term (string, required): Search value
key (string, required): Your API key

IntelVault

Access IntelVault's comprehensive breach database and stealer logs for targeted searches.

Endpoint	Module	Description
/api/intelvault	Email (legacy)	Quick lookup by email — backward-compat single field
/api/intelvault/breaches	Breach Search	Multi-field breach search with wildcard support
/api/intelvault/stealer-logs	Stealer Logs	Free-text stealer logs search (min 4 chars)

GET /api/intelvault?email={email}&key={KEY_API}

Parameters

email (string, required): Target email
key (string, required): Your API key

Example Request

cURL

curl -X GET "https://breachhub.org/api/[email protected]&key=your_api_key"

GET /api/intelvault/breaches?{fields}&useWildcard={true|false}&key={KEY_API}

Parameters

Supported fields (any combination): email, username, first_name, last_name, phone, password, ip, city, state, post_code, country, domain
useWildcard (boolean, optional): When true, use _ for one character and % for zero or more characters
field (JSON array, alternative): URL-encoded JSON like [{"first_name":"John"},{"last_name":"Doe"}]
key (string, required): Your API key

Example Request — name lookup with wildcard

cURL — simple params

curl -X GET "https://breachhub.org/api/intelvault/breaches?first_name=John&last_name=Doe&useWildcard=true&key=your_api_key"

cURL — JSON field array

curl -X GET 'https://breachhub.org/api/intelvault/breaches?field=%5B%7B%22first_name%22%3A%22John%22%7D%2C%7B%22last_name%22%3A%22Doe%22%7D%5D&useWildcard=true&key=your_api_key'

GET /api/intelvault/stealer-logs?query={search_string}&key={KEY_API}

Parameters

query (string, required): Search string (minimum 4 characters)
key (string, required): Your API key

Example Request

cURL

curl -X GET "https://breachhub.org/api/intelvault/stealer-logs?query=corp.com&key=your_api_key"

BreachDirectory

Comprehensive breach intelligence API enabling searches across leaked credentials, emails, usernames, IP addresses, and paste data, with structured JSON responses for automated OSINT and data breach analysis.

GET /api/breachdirectory?type={type}&query={query}&key={KEY_API}

Parameters

type (string, required): email, username, ip
query (string, required): Search term
key (string, required): Your API key

Example Request

cURL

curl -X GET "https://breachhub.org/api/[email protected]&key=your_api_key"

HackCheck

Fast breach checker supporting email, username, and password queries.

GET /api/hackcheck?category={type}&term={term}&key={KEY_API}

Parameters

category (string, required): email, username, or password
term (string, required): Search value
key (string, required): Your API key

OsintKit

Multi-category OSINT search supporting email, phone, and name lookups.

Note: OsintKit has a rate limit that resets automatically every day at 00:00 AM.

Search Type	Description	Example
email	Email address search	[email protected]
phone	Phone number search	+13334567890
name	Name search	JohnDoe

GET /api/osintkit?category={type}&term={term}&key={KEY_API}

Parameters

category (string, required): email, phone, or name
term (string, required): Search value
key (string, required): Your API key

Breach.vip

Category-based breach search supporting multiple data types.

GET /api/breachvip?category={type}&query={query}&key={KEY_API}

Parameters

category (string, required): One of: email, password, domain, username, ip, name, uuid, steamid, phone, discordid
query (string, required): Search term
key (string, required): Your API key

Example Request

cURL

curl -X GET "https://breachhub.org/api/[email protected]&key=your_api_key"

Cord.cat

Discord user lookup service.

GET /api/cordcat?id={query}&key={KEY_API}

Parameters

id (string, required): Discord user ID
key (string, required): Your API key

GET /api/cordcat/ip?ip={term}&key={KEY_API}

Parameters

ip (string, required): IP
key (string, required): Your API key

Melissa

Validate and enrich emails, names, phones, or addresses using Melissa's lookup service.

GET /api/melissa?input={term}&key={KEY_API}

Parameters

input (string, required): Any supported identifier (email, phone, name, or address). The service automatically detects the type.
key (string, required): Your API key

IntelX

Retrieve raw file content from the IntelX database. Two modes: UUID or Storage ID + Bucket.

Requires IntelX addon plan or Premium / Lifetime. Daily quota resets at midnight UTC.

GET /api/intelx?system_id={uuid}&key={KEY_API}

system_id string required IntelX system UUID — xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx

key string required Your API key

cURL

curl "https://breachhub.org/api/intelx?system_id=67283122-710f-477c-82dd-2edb8db140ed&key=your_api_key"

GET /api/intelx?storage_id={storageid}&bucket={name}&key={KEY_API}

storage_id string required IntelX Storage ID

bucket string required IntelX bucket name — see list below

key string required Your API key

Available Buckets

darknet.i2p darknet.tor documents.public.scihub dumpster dumpster.web.1 dumpster.web.ssn leaks.logs leaks.private.general leaks.public.general leaks.public.wikileaks pastes patent.us usenet web.gov.ru web.public.af web.public.ams web.public.aq web.public.business web.public.cee web.public.cn whois

Example

storage_id ac3ad5b290946ffc68afa2963e8d1ff350e56f6e40b501e3bbc4b8e0ce010c250f59e922a073abee3d914e83895265041b2cf265fcd7ff8b4f05ecb765971f1d

bucket leaks.logs

cURL

curl "https://breachhub.org/api/intelx?storage_id=ac3ad5b290946ffc68afa2963e8d1ff350e56f6e40b501e3bbc4b8e0ce010c250f59e922a073abee3d914e83895265041b2cf265fcd7ff8b4f05ecb765971f1d&bucket=leaks.logs&key=your_api_key"

Osintcat

Comprehensive OSINT platform with email, domain, Twitter, and public data search.

GET /api/osintcat/database-search?query={query}&key={KEY_API}

Parameters

query (string, required): Email or Domain
key (string, required): Your API key

cURL

curl -X GET "https://breachhub.org/api/osintcat/[email protected]&key=your_api_key"

GET /api/osintcat/twitter-osint?username={username}&key={KEY_API}

Parameters

username (string, required): username twitter
key (string, required): Your API key

cURL

curl -X GET "https://breachhub.org/api/osintcat/twitter-osint?username=elonmusk&key=your_api_key"

Machine Viewer (Stealer Logs)

Browse, search and download stealer log machines and their files.

GET /api/osintcat/machine-viewer/search?query={query}&key={KEY_API}

Parameters

query (string, required): Search term (email, domain, etc.)
key (string, required): Your API key

GET /api/osintcat/machine-viewer/machines/{machine_id}/info?key={KEY_API}

Parameters

machine_id (path, required): Machine identifier
key (string, required): Your API key

GET /api/osintcat/machine-viewer/machines/{machine_id}/files/treeview?key={KEY_API}

Parameters

machine_id (path, required): Machine identifier
key (string, required): Your API key

GET /api/osintcat/machine-viewer/machines/{machine_id}/download?key={KEY_API}

Parameters

machine_id (path, required): Machine identifier
key (string, required): Your API key

Returns ZIP archive of all machine files.

GET /api/osintcat/machine-viewer/files/{file_id}/info?key={KEY_API}

Parameters

file_id (path, required): File identifier
key (string, required): Your API key

GET /api/osintcat/machine-viewer/files/{file_id}/download?key={KEY_API}

Parameters

file_id (path, required): File identifier
key (string, required): Your API key

Returns raw file content.

xOsint Searcher

Specialized French database search engine providing access to breach data from French sources and databases.

GET /api/xosint/search?query={query}&key={KEY_API}

Parameters

query (string, required): Search term (email, username, phone, etc.) - 1-200 characters
key (string, required): Your API key

See-Know

A European OSINT and dark web search platform providing access to intelligence data, exposed information, and investigation tools through aggregated public and underground sources.

GET /api/seeknow/search?query={query}&key={KEY_API}

Parameters

query (string, required): Search term
key (string, required): Your API key

Seekria

OSINT toolkit: username footprint, email & domain intelligence, Discord & Minecraft lookups, IP/DNS analysis and multi-source breach searches. Every endpoint takes ?query=.

Endpoint	Description
/api/seekria/user-footprint	Username presence across 16+ social, gaming & breach sources
/api/seekria/email-osint	Email — registered platforms & profile data
/api/seekria/domain-lookup	Domain WHOIS, DNS & hosting metadata
/api/seekria/discord	Discord ID lookup (Medal, Roblox, FiveM, username history)
/api/seekria/roblox	Roblox profile lookup (username, avatar, metadata)
/api/seekria/minecraft	Minecraft player lookup (UUID, name history, breach records)
/api/seekria/ip	IP intelligence, geolocation, ASN, VPN/proxy & breach checks
/api/seekria/dns-resolver	DNS resolver (A, AAAA, MX, TXT, NS records)
/api/seekria/email-breach	Email breach search across multiple databases
/api/seekria/username-breach	Username/domain breach & stealer-log search
/api/seekria/phone-breach	Phone number breach search

GET /api/seekria/user-footprint?query={username}&key={KEY_API}

Deep footprint on a username — presence across 16+ social platforms, gaming networks and breach datasets.

Parameters

query (string, required): Username to investigate
key (string, required): Your API key

Example Request

cURL

curl -X GET "https://breachhub.org/api/seekria/user-footprint?query=admin&key=your_api_key"

GET /api/seekria/email-osint?query={email}&key={KEY_API}

Full OSINT on an email — validates format, lists registered platforms and profile metadata.

Parameters

query (string, required): Email address
key (string, required): Your API key

Example Request

cURL

curl -X GET "https://breachhub.org/api/seekria/[email protected]&key=your_api_key"

GET /api/seekria/domain-lookup?query={domain}&key={KEY_API}

Resolve a domain to WHOIS registration, DNS records and hosting metadata.

Parameters

query (string, required): Domain name (e.g. example.com)
key (string, required): Your API key

Example Request

cURL

curl -X GET "https://breachhub.org/api/seekria/domain-lookup?query=example.com&key=your_api_key"

GET /api/seekria/discord?query={discord_id}&key={KEY_API}

Discord ID lookup — aggregates Medal, Roblox, FiveM server logs and username history.

Parameters

query (string, required): Discord user ID
key (string, required): Your API key

Example Request

cURL

curl -X GET "https://breachhub.org/api/seekria/discord?query=123456789012345678&key=your_api_key"

GET /api/seekria/roblox?query={username}&key={KEY_API}

Roblox profile lookup — username, avatar, account metadata.

Parameters

query (string, required): Roblox username
key (string, required): Your API key

Example Request

cURL

curl -X GET "https://breachhub.org/api/seekria/roblox?query=Builderman&key=your_api_key"

GET /api/seekria/minecraft?query={username_or_uuid}&key={KEY_API}

Minecraft player lookup — UUID, name history and breach records.

Parameters

query (string, required): Minecraft username or UUID
key (string, required): Your API key

Example Request

cURL

curl -X GET "https://breachhub.org/api/seekria/minecraft?query=Notch&key=your_api_key"

GET /api/seekria/ip?query={ip}&key={KEY_API}

Deep IP intelligence — geolocation, ASN, hosting/VPN/proxy/tor flags and breach checks.

Parameters

query (string, required): IPv4 or IPv6 address
key (string, required): Your API key

Example Request

cURL

curl -X GET "https://breachhub.org/api/seekria/ip?query=8.8.8.8&key=your_api_key"

GET /api/seekria/dns-resolver?query={domain}&key={KEY_API}

DNS resolution — A, AAAA, MX, TXT and NS records for a hostname.

Parameters

query (string, required): Hostname or domain
key (string, required): Your API key

Example Request

cURL

curl -X GET "https://breachhub.org/api/seekria/dns-resolver?query=example.com&key=your_api_key"

GET /api/seekria/email-breach?query={email}&key={KEY_API}

Cross-reference an email against multiple breach databases.

Parameters

query (string, required): Email address
key (string, required): Your API key

Example Request

cURL

curl -X GET "https://breachhub.org/api/seekria/[email protected]&key=your_api_key"

Example Response

JSON

{
  "success": true,
  "credit": "Lookup made by https://breachhub.org",
  "service": "OsintBat - Email Breach",
  "query": "[email protected]",
  "count": 10199,
  "results": [
    {
      "email": "[email protected]",
      "name": "ASFDASD ADSADSA",
      "_domain": "gmail.com",
      "created": "06/07/2024",
      "state": "AK",
      "country": "US",
      "gender": "F",
      "last_active": "06/07/2024",
      "source": "SnusBase"
    }
  ],
  "version": "2.0"
}

GET /api/seekria/username-breach?query={username}&key={KEY_API}

Search stealer logs and breach datasets by username, handle or domain.

Parameters

query (string, required): Username, handle or domain
key (string, required): Your API key

Example Request

cURL

curl -X GET "https://breachhub.org/api/seekria/username-breach?query=admin&key=your_api_key"

GET /api/seekria/phone-breach?query={phone}&key={KEY_API}

Look up breach occurrences associated with a phone number.

Parameters

query (string, required): Phone number (e.g. +14155550199)
key (string, required): Your API key

Example Request

cURL

curl -X GET "https://breachhub.org/api/seekria/phone-breach?query=%2B14155550199&key=your_api_key"

Eye-All

Lightweight OSINT search platform focused on quick lookups of digital footprints, public data, and cross-source intelligence.

GET /api/eye-all?query={query}&key={KEY_API}

Parameters

query (string, required): Search term
key (string, required): Your API key

Checko

Russian company OSINT lookup via Checko.ru. Search any registered Russian company by INN (tax ID) or OGRN (state registration number). Returns company name, legal status, address, КПП, region, director, and full registration data.

GET /api/checko?inn={inn}&key={KEY_API}

Parameters

Parameter	Type	Required	Description
inn	string	One of	Company INN — 10-digit tax ID (mutually exclusive with `ogrn`)
ogrn	string	One of	Company OGRN — 13-digit registration number (mutually exclusive with `inn`)
key	string	Yes	Your API key

Examples

cURL — by INN

curl -X GET "https://breachhub.org/api/checko?inn=7707083893&key=your_api_key"

cURL — by OGRN

curl -X GET "https://breachhub.org/api/checko?ogrn=1027700132195&key=your_api_key"

Wentyn

Stealer logs search powered by Wentyn. Search by email or domain across millions of compromised credentials updated weekly. Returns structured records with URL, login, and password.

GET /api/wentyn?type={email|domain}&query={query}&key={KEY_API}

Parameters

type (string, required): email or domain
query (string, required): Email address or domain to search
key (string, required): Your API key

Example Request

cURL — by email

curl -X GET "https://breachhub.org/api/wentyn?type=email&query=user%40example.com&key=your_api_key"

cURL — by domain

curl -X GET "https://breachhub.org/api/wentyn?type=domain&query=example.com&key=your_api_key"

HudsonRock

Hudson Rock infostealer intelligence (v3): compromised machines, stolen credentials, domain exposure and stealer log data. Drawn from millions of machines infected by global Infostealer campaigns. Optional parameters on most endpoints: sort_by, sort_direction, cursor, start_date, end_date, filter_credentials. List parameters accept comma-separated values.

GET /api/hudsonrock/search-by-domain?domain={domain}&key={KEY_API}

Stealer and credential hits for a domain. Optional: types, keywords, filter_credentials.

Parameters

domain (string, required): Domain to query (comma-separated for multiple)
key (string, required): Your API key

Example Request

cURL

curl -X GET "https://breachhub.org/api/hudsonrock/search-by-domain?domain=tesla.com&key=your_api_key"

GET /api/hudsonrock/search-by-domain/overview?domain={domain}&key={KEY_API}

Aggregated compromise overview for a domain (compromised employees/users, industry, sensitive applications).

Parameters

domain (string, required): Domain to query
key (string, required): Your API key

Example Request

cURL

curl -X GET "https://breachhub.org/api/hudsonrock/search-by-domain/overview?domain=tesla.com&key=your_api_key"

GET /api/hudsonrock/search-by-domain/assessment?domain={domain}&key={KEY_API}

Domain risk assessment with exposed employee/user URLs.

Parameters

domain (string, required): Domain to assess
key (string, required): Your API key

Example Request

cURL

curl -X GET "https://breachhub.org/api/hudsonrock/search-by-domain/assessment?domain=tesla.com&key=your_api_key"

GET /api/hudsonrock/search-by-domain/discovery?domain={domain}&key={KEY_API}

Related assets and domains discovered in stealer data.

Parameters

domain (string, required): Domain to query
key (string, required): Your API key

Example Request

cURL

curl -X GET "https://breachhub.org/api/hudsonrock/search-by-domain/discovery?domain=tesla.com&key=your_api_key"

GET /api/hudsonrock/search-by-login/emails?email={email}&key={KEY_API}

Search stealer logs by email address.

Parameters

email (string, required): Email to query (comma-separated for multiple)
key (string, required): Your API key

Example Request

cURL

curl -X GET "https://breachhub.org/api/hudsonrock/search-by-login/[email protected]&key=your_api_key"

GET /api/hudsonrock/search-by-login/usernames?username={username}&key={KEY_API}

Search stealer logs by username.

Parameters

username (string, required): Username to query
key (string, required): Your API key

Example Request

cURL

curl -X GET "https://breachhub.org/api/hudsonrock/search-by-login/usernames?username=admin&key=your_api_key"

GET /api/hudsonrock/search-by-ip?ip={ip}&key={KEY_API}

Search by IPv4/IPv6 address or CIDR range. Returns infected machine details and credentials. The ip field in each result (format [COUNTRY_CODE]IP) can be passed to /search-by-stealer/infection-analysis.

Parameters

ip (string): IP address (comma-separated for multiple) — OR
cidr (string): CIDR range (e.g. 1.2.3.0/24)
key (string, required): Your API key

Example Request

cURL

curl -X GET "https://breachhub.org/api/hudsonrock/search-by-ip?ip=8.8.8.8&key=your_api_key"

GET /api/hudsonrock/search-by-keyword?keyword={keyword}&key={KEY_API}

Keyword search across stealer data.

Parameters

keyword (string, required): Keyword to search (comma-separated for multiple)
key (string, required): Your API key

Example Request

cURL

curl -X GET "https://breachhub.org/api/hudsonrock/search-by-keyword?keyword=tesla&key=your_api_key"

GET /api/hudsonrock/search-by-keyword/urls?keyword={keyword}&key={KEY_API}

URLs matching a keyword in compromised browsing data.

Parameters

keyword (string, required): Keyword to search
key (string, required): Your API key

Example Request

cURL

curl -X GET "https://breachhub.org/api/hudsonrock/search-by-keyword/urls?keyword=tesla&key=your_api_key"

GET /api/hudsonrock/search-by-stealer/infection-analysis?stealer={id}&key={KEY_API}

AI infection analysis for a compromised machine: how the device was most likely infected, with a confidence score, reasoning and the full browsing flow leading to the infection.

Parameters

stealer (string, required): Stealer identifier in the format [COUNTRY_CODE]IP — e.g. [IN]175.101.37.65. You get this value from the ip field of results returned by /search-by-ip or /search-by-login/emails.
key (string, required): Your API key

Example Request

cURL

curl -X GET "https://breachhub.org/api/hudsonrock/search-by-stealer/infection-analysis?stealer=%5BIN%5D175.101.37.65&key=your_api_key"

Example Response

JSON

{
  "success": true,
  "service": "HudsonRock",
  "endpoint": "search-by-stealer/infection-analysis",
  "results": {
    "likely_infection_url": "https://www.mediafire.com/.../Adobe.Premiere.Pro.2025.rar/file",
    "infection_confidence": 0.95,
    "infection_reasoning": "Cracked software downloaded from a file-sharing site...",
    "infection_flow": [
      { "timestamp": "2025-05-06T10:13:36.000Z", "url": "https://www.youtube.com/watch?v=...", "notes": "Watched a video about getting the software for free." },
      { "timestamp": "2025-05-06T10:15:09.000Z", "url": "https://www.mediafire.com/.../Adobe...rar", "notes": "Downloaded cracked RAR, high risk for infostealers." }
    ],
    "analyst_summary": "Device infected via a cracked software download following YouTube guidance."
  }
}

LeakSight Platform

Advanced breach intelligence platform providing comprehensive leak detection across multiple data types including credentials, personal information, network reconnaissance, and threat intelligence.

Available Search Types

Type	Value	Description
`username`	string	Username or email address lookup
`url`	string	Website URL breach search
`search_url_all_database`	string	Search URL across all databases
`url2`	string	Alternative URL search method
`subdomainsearch`	string	Subdomain enumeration + leak detection
`subdmains`	string	List all subdomains for a domain
`domainmapper`	string	Domain credentials + subdomain mapping
`password`	string	Password breach lookup
`number`	string	Phone number search (includes Facebook data)
`ip`	string	IP address breach lookup
`ipgeo`	string	IP geolocation information
`subnet`	string	Subnet /24 network scan
`hwid`	string	Hardware ID breach search
`proxydetect`	string	Proxy/VPN detection
`portscam`	string	Open port scanning
`twitter`	string	Twitter/X account analysis & breach correlation
`name`	string	Name search (Brazil only)
`cpf`	string	Brazilian CPF document search
`searchstring`	string	Universal string search across all data types

GET /api/leaksight?type={type}&query={query}&key={KEY_API}

Query Parameters

type (string, required): Search type (see table above, default: username)
query (string, required): Search term/value
key (string, required): Your API key

cURL - Username Search

curl -X GET "https://breachhub.org/api/[email protected]&key=your_api_key"

cURL - URL Search (All Databases)

curl -X GET "https://breachhub.org/api/leaksight?type=search_url_all_database&query=https://roblox.com&key=your_api_key"

cURL - Twitter Analysis

curl -X GET "https://breachhub.org/api/leaksight?type=twitter&query=elonmusk&key=your_api_key"

cURL - Phone Number Lookup

curl -X GET "https://breachhub.org/api/leaksight?type=number&query=5551234567&key=your_api_key"

cURL - Subdomain Scan

curl -X GET "https://breachhub.org/api/leaksight?type=subdomainsearch&query=example.com&key=your_api_key"

Cypher Dynamics

Threat intelligence search engine covering IOC lookups, stealer log data, and underground intel. Search across credentials, tokens, cookies, darkweb forums, and more.

Available Categories

Category	Type	Description
`ip`	IOC	IPv4/IPv6 address lookup
`domain`	IOC	Domain name lookup
`hash`	IOC	File hash lookup (MD5, SHA1, SHA256)
`url`	IOC	URL lookup
`asn`	IOC	Autonomous System Number lookup
`hostname`	IOC	Hostname lookup
`uuid`	IOC	Machine UUID lookup
`wallet`	IOC	Cryptocurrency wallet lookup
`phone`	IOC	Phone number lookup
`email`	Stealer	Email address in stealer logs
`username`	Stealer	Username in stealer logs
`password`	Stealer	Password in stealer logs
`email_pass`	Stealer	Email:password combo lookup
`cookie`	Stealer	Session cookies in stealer logs
`token`	Stealer	API tokens in stealer logs
`telegram`	Underground	Telegram channel/message search
`forum`	Underground	Clearnet forum search
`darkweb`	Underground	Dark web forum search

GET /api/cypherdynamics?category={category}&query={query}&key={KEY_API}

Query Parameters

category (string, required): Search category (see table above)
query (string, required): Search term
key (string, required): Your API key

cURL - Email Stealer Search

curl -X GET "https://breachhub.org/api/[email protected]&key=your_api_key"

cURL - Domain IOC Lookup

curl -X GET "https://breachhub.org/api/cypherdynamics?category=domain&query=example.com&key=your_api_key"

cURL - Darkweb Forum Search

curl -X GET "https://breachhub.org/api/cypherdynamics?category=darkweb&query=target_keyword&key=your_api_key"

cURL - Crypto Wallet Lookup

curl -X GET "https://breachhub.org/api/cypherdynamics?category=wallet&query=bc1qxy2kgdygjrsqtzq2n0yrf2493p83kkfjhx0wlh&key=your_api_key"

cURL - Password Stealer Search

curl -X GET "https://breachhub.org/api/cypherdynamics?category=password&query=mypassword123&key=your_api_key"

Response Fields

results — Array of matching records (email, password, url, domain, machine_id, upload_date, etc.)
total — Total number of matches in the database
count — Number of results returned in this page
next_cursor — Cursor for pagination (use to fetch next page)
quality — Aggregated stats (unique passwords, domains, upload timeline, email domain distribution)
analysis — AI-generated risk assessment, exposure summary, and recommendations

Room 101

Advanced Reddit user analysis and intelligence platform with AI-powered insights.

GET /api/room101/analyze?username={user}&key={KEY_API}

Parameters

username (string, required): Reddit username
key (string, required): Your API key

GET /api/room101/search?query={query}&key={KEY_API}

Parameters

query (string, required): Reddit search term
key (string, required): Your API key

GET /api/room101/v2/search?query={query}&key={KEY_API}

Parameters

query (string, required): Reddit search term (v2 engine)
key (string, required): Your API key

GET /api/room101/user?username={username}&key={KEY_API}

Parameters

username (string, required): Reddit username for profile lookup
key (string, required): Your API key

GET /api/room101/subreddit?name={subreddit}&key={KEY_API}

Parameters

name (string, required): Subreddit name
key (string, required): Your API key

SEON

Email, phone, IP and payment card intelligence with risk scoring and digital footprint analysis.

Endpoint	Method	Description
/api/seon/phone	GET	Phone number validation, carrier, location, risk & social footprint
/api/seon/email	GET	Email intelligence, social profiles, breach history & risk score
/api/seon/ip	GET	IP geolocation, ISP, proxy/VPN detection & fraud indicators
/api/seon/bin	GET	Bank card BIN/IIN lookup — issuer, card type, country & brand
/api/seon/email-verification	GET	Fast email syntax, MX records & disposable/temporary check

GET /api/seon/phone?phone={phone}&key={KEY_API}

Query Parameters

phone (string, required): Phone number (E.164 format recommended: +12025550123)
key (string, required): Your API key

Example Request

Phone Lookup

curl -X GET "https://breachhub.org/api/seon/phone?phone=+12025550123&key=your_api_key"

GET /api/seon/email?email={email}&key={KEY_API}

Query Parameters

email (string, required): Email address to analyze
key (string, required): Your API key

Returns

Social media linked accounts, data breach exposure, reputation score, suspicious patterns, disposable/temporary status, etc.

Example Request

Email Intelligence

curl -X GET "https://breachhub.org/api/seon/[email protected]&key=your_api_key"

GET /api/seon/ip?ip={ip}&key={KEY_API}

Query Parameters

ip (string, required): IPv4 or IPv6 address
key (string, required): Your API key

Returns

Geolocation, ISP, organization, proxy/VPN/Tor detection, abuse velocity, fraud score

Example Request

IP Analysis

curl -X GET "https://breachhub.org/api/seon/ip?ip=185.220.101.12&key=your_api_key"

GET /api/seon/bin?bin={bin}&key={KEY_API}

Query Parameters

bin (string, required): First 6–8 digits of the card (BIN/IIN)
key (string, required): Your API key

Returns

Card brand (Visa, Mastercard…), issuing bank, card type (debit/credit/prepaid), country, category

Example Request

BIN Lookup

curl -X GET "https://breachhub.org/api/seon/bin?bin=457173&key=your_api_key"

GET /api/seon/email-verification?email={email}&key={KEY_API}

Query Parameters

email (string, required): Email address to verify
key (string, required): Your API key

Returns

Deliverability status, syntax validity, MX records, disposable/temporary email detection, catch-all detection

Example Request

Email Verification

curl -X GET "https://breachhub.org/api/seon/[email protected]&key=your_api_key"

Oathnet

Comprehensive social media and gaming platform OSINT with multiple specialized endpoints. /breach and /stealer use Mira Results as primary source with Oathnet as fallback.

Endpoint	Module	Description
/api/oathnet/breach	Breach	General data breach search (Mira primary, Oathnet fallback)
/api/oathnet/stealer	Stealer	Stealer logs search by email/domain (Mira primary, Oathnet fallback)
/api/oathnet/stealer-subdomain	Stealer Subdomain	Subdomains found in stealer logs for a domain
/api/oathnet/victims	Victims Search	Search victims database by email/domain
/api/oathnet/victims/{log_id}	Victims Manifest	Get file manifest for a stealer log
/api/oathnet/victims/{log_id}/files/{file_id}	Victims File	Download single file from a stealer log
/api/oathnet/victims/{log_id}/archive	Victims Archive	Download full ZIP archive of a stealer log
/api/oathnet/discord-to-roblox	Discord → Roblox	Resolve Discord ID to Roblox account
/api/oathnet/discord-userinfo	Discord Userinfo	Discord user details by ID
/api/oathnet/discord-username-history	Discord Username History	Past Discord usernames
/api/oathnet/steam	Steam	Steam profile lookup
/api/oathnet/xbox	Xbox	Xbox Live profile lookup
/api/oathnet/roblox-userinfo	Roblox Userinfo	Roblox user details by ID/username
/api/oathnet/mc-history	Minecraft History	Minecraft username history
/api/oathnet/ip-info	IP Info	IP geolocation and ASN
/api/oathnet/holehe	Holehe	Email account check across services
/api/oathnet/ghunt	GHunt	Google account OSINT
/api/oathnet/extract-subdomain	Extract Subdomain	Subdomain enumeration for a domain

GET /api/oathnet/breach?query={query}&key={KEY_API}

Parameters

query (string, required): Email, username, or other search term
key (string, required): Your API key

Example Request

cURL

curl -X GET "https://breachhub.org/api/oathnet/[email protected]&key=your_api_key"

GET /api/oathnet/stealer?query={email/domain}&key={KEY_API}

Parameters

query (string, required): Email, password, or domain
key (string, required): Your API key

Example Request

cURL

curl -X GET "https://breachhub.org/api/oathnet/stealer?query=corp.com&key=your_api_key"

GET /api/oathnet/stealer-subdomain?domain={domain}&key={KEY_API}

Parameters

domain (string, required): Target domain
key (string, required): Your API key

GET /api/oathnet/victims?query={query}&key={KEY_API}

Parameters

query (string, required): Email or domain
key (string, required): Your API key

GET /api/oathnet/victims/{log_id}?key={KEY_API}

Parameters

log_id (path, required): Log identifier
key (string, required): Your API key

GET /api/oathnet/victims/{log_id}/files/{file_id}?key={KEY_API}

Parameters

log_id (path, required): Log identifier
file_id (path, required): File identifier
key (string, required): Your API key

Returns raw text/plain content as file download.

GET /api/oathnet/victims/{log_id}/archive?key={KEY_API}

Parameters

log_id (path, required): Log identifier
key (string, required): Your API key

Returns ZIP archive of all files in the log.

GET /api/oathnet/discord-to-roblox?discord_id={discord_id}&key={KEY_API}

Parameters

discord_id (string, required): Discord user ID
key (string, required): Your API key

GET /api/oathnet/discord-userinfo?discord_id={discord_id}&key={KEY_API}

Parameters

discord_id (string, required): Discord user ID (14-19 digits)
key (string, required): Your API key

GET /api/oathnet/discord-username-history?discord_id={discord_id}&key={KEY_API}

Parameters

discord_id (string, required): Discord user ID
key (string, required): Your API key

GET /api/oathnet/steam?steam_id={steam_id}&key={KEY_API}

Parameters

steam_id (string, required): Steam64 ID or vanity URL name
key (string, required): Your API key

GET /api/oathnet/xbox?xbl_id={xbl_id}&key={KEY_API}

Parameters

xbl_id (string, required): Xbox gamertag or XUID
key (string, required): Your API key

GET /api/oathnet/roblox-userinfo?user_id={user_id}&username={username}&key={KEY_API}

Parameters

user_id (string, optional): Roblox user ID
username (string, optional): Roblox username
key (string, required): Your API key

At least one of user_id or username required.

GET /api/oathnet/mc-history?username={username}&key={KEY_API}

Parameters

username (string, required): Minecraft username
key (string, required): Your API key

GET /api/oathnet/ip-info?ip={ip}&key={KEY_API}

Parameters

ip (string, required): IPv4 or IPv6 address
key (string, required): Your API key

GET /api/oathnet/holehe?email={email}&key={KEY_API}

Parameters

email (string, required): Email to check
key (string, required): Your API key

GET /api/oathnet/ghunt?email={email}&key={KEY_API}

Parameters

email (string, required): Gmail address
key (string, required): Your API key

GET /api/oathnet/extract-subdomain?domain={domain}&is_alive={true|false}&key={KEY_API}

Parameters

domain (string, required): Target domain
is_alive (string, optional): Set to "true" to filter alive subdomains
key (string, required): Your API key

Memory.lol

Social media username history and tracking across platforms.

GET /api/memory?username={username}&key={KEY_API}

Parameters

username (string, required): Username to query
key (string, required): Your API key

Example Request

cURL

curl -X GET "https://breachhub.org/api/memory?username=exampleuser&key=your_api_key"

NoSINT

Multi-module OSINT search engine. Streams results in real time via SSE across 30+ modules (social media, breaches, public records). Supports email, username and phone lookups. Also provides IP geolocation.

Endpoint	Description
/api/nosint/search	Multi-module OSINT search (email, username, phone)
/api/nosint/ip	IP geolocation lookup

GET /api/nosint/search?type={type}&query={query}&key={KEY_API}

Parameters

query (string, required): The value to search (email, username, phone number)
type (string, required): Target type — email, username or phone
key (string, required): Your API key

Notes

Results are streamed via Server-Sent Events (SSE) — use Accept: text/event-stream
Each module result is emitted as a separate data: event
Stream ends with {"done": true}
A 10-second cooldown is applied between searches

GET /api/nosint/ip?ip={ip}&key={KEY_API}

Parameters

ip (string, required): IPv4 or IPv6 address
key (string, required): Your API key

Reconly

Advanced Open Source Intelligence (OSINT) terminal. Modern modules for comprehensive data analysis and digital footprint tracking — covering Discord, gaming platforms, social profiles, and breach databases via a unified mode parameter.

Mode	Query	Description
discord	Discord ID	Multi-source Discord lookup (discord1 + discord2)
discord-leak	Discord ID	Discord leak databases (3 sources)
discord-lookup	Discord ID	Discord profile lookup
discord-search	Query string	Discord search across 2 sources
itemsatis	Username	ItemSatis marketplace profile + data + ID
craftrisecraftlime	Query string	CraftRise / CraftLime player lookup
dcturkiye	Username	DC Türkiye username lookup
fivem	Query string	FiveM player lookup
github	Username	GitHub profile lookup
leakcheck	Query string	LeakCheck breach search
owobot	Discord ID	OwO bot profile lookup
pinterest	Username	Pinterest profile lookup

GET /api/reconly?mode={mode}&query={query}&key={KEY_API}

Parameters

mode (string, required): The lookup mode (see table above)
query (string, required): Discord ID, username, or search string depending on mode
key (string, required): Your API key

Example Request

cURL — Discord lookup

curl -X GET "https://breachhub.org/api/reconly?mode=discord&query=123456789012345678&key=your_api_key"

cURL — GitHub lookup

curl -X GET "https://breachhub.org/api/reconly?mode=github&query=torvalds&key=your_api_key"

cURL — Discord leak search

curl -X GET "https://breachhub.org/api/reconly?mode=discord-leak&query=123456789012345678&key=your_api_key"

TikTok Osint

Comprehensive TikTok user intelligence and profile analysis.

GET /api/tiktok?type={type}&username={username}&key={KEY_API}

Parameters

type (string, required): basic & full
username (string, required): Username to query
key (string, required): Your API key

Type	Description	Response Time
Basic	Profile info, followers, bio	~2-5 seconds
Full	Video history, engagement metrics	~10-30 seconds

Binlist

Bank Identification Number (BIN) lookup for card validation.

GET /api/binlist?bin={BIN}&key={KEY_API}

Parameters

bin (string, required): 6-8 digit BIN number
key (string, required): Your API key

Example Request

cURL

curl -X GET "https://breachhub.org/api/binlist?bin=45717360&key=your_api_key"

Inf0sec

Multi-module intelligence platform with specialized search capabilities.

INF0SEC Modules: INF0SEC uses a modular approach where each endpoint represents a specialized search capability. All endpoints follow the same pattern /api/inf0sec?module={module}&query={query}&key={KEY_API}

Endpoint	Module	Description
/api/inf0sec?module=leaks	Leaks	General data breach search
/api/inf0sec?module=npd	NPD	National Public Data search with multiple criteria
/api/inf0sec?module=ip-info	IP INFO	National Public Data search with multiple criteria
/api/inf0sec?module=domain	Domain	Domain intelligence and WHOIS data
/api/inf0sec?module=username	Username	Username analysis across multiple platforms
/api/inf0sec?module=hlr	HLR	Phone number lookup and carrier information
/api/inf0sec?module=cfx	CFX	CFX gaming platform data (FiveM/RedM)

GET /api/inf0sec?module=leaks&query={query}&key={KEY_API}

query (string, optional): Search term
key (string, required): Your API key

Example Request

Leaks Module

curl -X GET "https://breachhub.org/api/[email protected]&key=your_api_key"

GET /api/inf0sec?module=npd&firstname={query}&lastname={query}&phone={query}&key={KEY_API}

Parameters

firstname (string, optional): First name
lastname (string, optional): Last name
phone (string, optional): Phone number
key (string, required): Your API key

VIN Decoder

Comprehensive Vehicle Identification Number (VIN) decoding with manufacturer data, vehicle specifications, engine details, production plant information, and more.

Endpoint	Method	Type	Description
/api/vin	GET	`decode`	Decode a single VIN (standard or extended information)
/api/vin	GET	`batch`	Batch decode multiple VINs at once
/api/vin	GET	`makes`	Get list of vehicle makes for a specific year
/api/vin	GET	`wmi`	World Manufacturer Identifier (WMI) lookup
/api/vin	GET	`manufacturers`	Get full list of vehicle manufacturers
/api/vin	GET	`variables`	Get list of available variables / fields
/api/vin	GET	`canadian`	Canadian vehicle specifications lookup

GET /api/vin?type=decode&query={vin}&key={KEY_API}

Query Parameters (type=decode)

type (string, required): decode
query (string, required): VIN to decode (17 characters)
extended (boolean, optional): true for more detailed output
model_year (string, optional): Specific model year filter
key (string, required): Your API key

Example Requests

Standard Decode

curl -X GET "https://breachhub.org/api/vin?type=decode&query=1HGBH41JXMN109186&key=your_api_key"

Extended Decode

curl -X GET "https://breachhub.org/api/vin?type=decode&query=1HGBH41JXMN109186&extended=true&key=your_api_key"

GET /api/vin?type=batch&query={vin1,vin2,...}&key={KEY_API}

Query Parameters (type=batch)

type (string, required): batch
query (string, required): VINs separated by commas (e.g. VIN1,VIN2,VIN3)
key (string, required): Your API key

Example Request

Batch Decode (3 VINs)

curl -X GET "https://breachhub.org/api/vin?type=batch&query=1HGBH41JXMN109186,5YJSA1E26JF123456,4T1BF1FK0CU123456&key=your_api_key"

GET /api/vin?type=makes&year={year}&key={KEY_API}

Query Parameters (type=makes)

type (string, required): makes
year (string, optional): Desired year (e.g. 2024)
key (string, required): Your API key

Example Request

Makes for 2024

curl -X GET "https://breachhub.org/api/vin?type=makes&year=2024&key=your_api_key"

GET /api/vin?type=wmi&query={wmi}&key={KEY_API}

Query Parameters (type=wmi)

type (string, required): wmi
query (string, required): WMI code (first 3 characters of the VIN)
key (string, required): Your API key

Example Request

WMI Lookup (Honda)

curl -X GET "https://breachhub.org/api/vin?type=wmi&query=1HG&key=your_api_key"

PropertyRadar

US property and owner intelligence for OSINT. Search properties by address or owner name, retrieve property owners (name, age, gender, mailing address, linked properties), and skip-trace contact data (phone numbers and email addresses). All endpoints draw from the included free quota.

GET /api/propertyradar/search?State={state}&ZipFive={zip}&key={KEY_API}

Search properties by criteria. Combine any of: Address, City, State, County, ZipFive, APN, OwnerName, FirstName, LastName, OwnerPhone, OwnerEmail. Reverse-lookup is supported: pass OwnerPhone or OwnerEmail to find the property and owner from a phone number or email. Returns RadarID, address, owner, APN, AVM, equity, geo-coordinates.

Parameters

State, ZipFive, Address, City, OwnerName, etc. (at least one required): Search criteria
OwnerPhone (string): Reverse-lookup — find the property/owner from a phone number (digits only, e.g. 3058356552)
OwnerEmail (string): Reverse-lookup — find the property/owner from an email address
limit (integer, optional): Max results, 1-100 (default 10)
start (integer, optional): Pagination offset (default 0)
key (string, required): Your API key

Example Request

cURL — search by address

curl -X GET "https://breachhub.org/api/propertyradar/search?Address=710%20S%207TH%20ST&State=NV&ZipFive=89101&key=your_api_key"

cURL — reverse-lookup by phone

curl -X GET "https://breachhub.org/api/propertyradar/search?OwnerPhone=3058356552&key=your_api_key"

GET /api/propertyradar/persons?radar_id={RadarID}&key={KEY_API}

Get the owners of a property. Returns PersonKey, name, age, gender, mailing address, linked properties, and contact data.

Parameters

radar_id (string, required): RadarID returned by the search endpoint
key (string, required): Your API key

Example Request

cURL

curl -X GET "https://breachhub.org/api/propertyradar/persons?radar_id=PF0775E6&key=your_api_key"

GET /api/propertyradar/phone?radar_id={RadarID}&key={KEY_API}

Phone numbers of a property's owners (skip-trace). Returns each number with type (mobile/landline), status, and the owner it belongs to (PersonKey, PersonName). Use the optional person_key to return numbers for a single owner only.

Parameters

radar_id (string, required): RadarID returned by the search endpoint
person_key (string, optional): Filter to a single owner's PersonKey
key (string, required): Your API key

Example Request

cURL

curl -X GET "https://breachhub.org/api/propertyradar/phone?radar_id=PF0775E6&key=your_api_key"

GET /api/propertyradar/email?radar_id={RadarID}&key={KEY_API}

Email addresses of a property's owners (skip-trace). Returns each email with status and the owner it belongs to (PersonKey, PersonName). Use the optional person_key to return emails for a single owner only.

Parameters

radar_id (string, required): RadarID returned by the search endpoint
person_key (string, optional): Filter to a single owner's PersonKey
key (string, required): Your API key

Example Request

cURL

curl -X GET "https://breachhub.org/api/propertyradar/email?radar_id=PF0775E6&key=your_api_key"

GET /api/propertyradar/skiptrace?radar_id={RadarID}&key={KEY_API}

Full OSINT chain in one call: resolves a property and returns all owners with their phone numbers and email addresses inline (Phone / Email arrays). Accepts a radar_id directly, or search criteria (Address, City, State, ZipFive, OwnerName, OwnerPhone, OwnerEmail) to resolve the property automatically — including reverse-lookup from a phone number or email.

Parameters

radar_id (string): RadarID — OR search criteria below
Address, City, State, ZipFive, OwnerName (string): Used to resolve the property when no radar_id is given
key (string, required): Your API key

Example Request

cURL

curl -X GET "https://breachhub.org/api/propertyradar/skiptrace?radar_id=PF0775E6&key=your_api_key"

Matrix

US identity intelligence. Search by SSN, phone number or full name — the engine auto-detects the input type (9 digits = SSN, 10/11 digits = phone, text = name) and returns matched person records (name, DOB, address, SSN, phone, AKAs).

GET /api/matrix/search?query={query}&key={KEY_API}

Auto-routing: 626-34-7582 → SSN match, 2093679418 → phone match, Susan Leslie Los Angeles → name match.

Parameters

query (string, required): SSN, phone number, or full name
key (string, required): Your API key

Example Request

cURL

curl -X GET "https://breachhub.org/api/matrix/search?query=626-34-7582&key=your_api_key"

Example Response

JSON

{
  "success": true,
  "credit": "Lookup made by https://breachhub.org",
  "service": "Matrix",
  "query": "626-34-7582",
  "count": 12,
  "search_mode": "Direct SSN Point-Index Match",
  "results": [
    {
      "id": "23145462",
      "firstname": "SUSAN",
      "middlename": "MARIE",
      "lastname": "LESLIE",
      "dob": "1984-11-23",
      "address": "123 MAPLE ST",
      "city": "LOS ANGELES",
      "county_name": "LOS ANGELES COUNTY",
      "state": "CA",
      "zip": "90001",
      "phone1": "2093679418",
      "ssn": "626347582"
    }
  ],
  "version": "2.0"
}

DataVoid

National People DB intelligence for the US, Canada and Israel, plus universal identifier recovery and stealer-log search. Every endpoint takes q and returns the source's JSON verbatim (shape varies per provider). Max query length 500 characters; slow sources may take up to 60s.

GET /api/datavoid/recovery?q={identifier}&key={KEY_API}

Universal recovery — accepts any identifier (email, phone, username, name, etc.).

Parameters

q (string, required): Any identifier
key (string, required): Your API key

Example Request

cURL

curl -X GET "https://breachhub.org/api/datavoid/[email protected]&key=your_api_key"

GET /api/datavoid/us?q={name|ssn|address}&key={KEY_API}

NPD US — search the US national people database by name, SSN or address.

Parameters

q (string, required): Name, SSN or address
key (string, required): Your API key

Example Request

cURL

curl -X GET "https://breachhub.org/api/datavoid/us?q=John Smith&key=your_api_key"

GET /api/datavoid/ca?q={name|sin|address}&key={KEY_API}

NPD Canada — search the Canadian national people database by name, SIN or address.

Parameters

q (string, required): Name, SIN or address
key (string, required): Your API key

Example Request

cURL

curl -X GET "https://breachhub.org/api/datavoid/ca?q=John Smith&key=your_api_key"

GET /api/datavoid/il?q={name|id|address}&key={KEY_API}

NPD Israel — search the Israeli national people database by name, ID or address.

Parameters

q (string, required): Name, ID or address
key (string, required): Your API key

Example Request

cURL

curl -X GET "https://breachhub.org/api/datavoid/il?q=Cohen&key=your_api_key"

GET /api/datavoid/stealer?q={email|domain}&key={KEY_API}

Stealer-log search by email or domain.

Parameters

q (string, required): Email or domain
key (string, required): Your API key

Example Request

cURL

curl -X GET "https://breachhub.org/api/datavoid/[email protected]&key=your_api_key"

IPinfo

Retrieves detailed information about an IP address.

GET /api/ipinfo?ip={query}&key={KEY_API}

Parameters

ip (string, required): Search term
key (string, required): Your API key

Example Request

cURL

curl -X GET "https://breachhub.org/api/ipinfo?ip=8.8.8.8&key=your_api_key"

Shodan

Search engine for Internet-connected devices. Query hosts, search vulnerabilities, analyze infrastructure.

GET /api/shodan/{module}?ip={query}&key={KEY_API}

Parameters

module (string, required): host, honeyscore, search, dns, dns/reverse
query (string, required): Search term
key (string, required): Your API key

Example Request

cURL — host

curl -X GET "https://breachhub.org/api/shodan/host?ip=8.8.8.8&key=your_api_key"

cURL — honeyscore

curl -X GET "https://breachhub.org/api/shodan/honeyscore?ip=1.1.1.1&key=your_api_key"

cURL — search

curl -X GET "https://breachhub.org/api/shodan/search?query=apashe&key=your_api_key"

cURL — dns

curl -X GET "https://breachhub.org/api/shodan/dns?domain=google.com&key=your_api_key"

cURL — dns/reverse

curl -X GET "https://breachhub.org/api/shodan/dns/reverse?ip=8.8.8.8&key=your_api_key"

GitHub OSINT

Find GitHub accounts and activity via email or username.

GET /api/github?email={email}&key={KEY_API}

Parameters

email (string, required): Email to search
key (string, required): Your API key

Example Request

cURL

curl -X GET "https://breachhub.org/api/[email protected]&key=your_api_key"

GET /api/github?username={username}&key={KEY_API}

Parameters

username (string, required): GitHub username to search
key (string, required): Your API key

Example Request

cURL

curl -X GET "https://breachhub.org/api/github?username=john&key=your_api_key"

GET /api/github?query={query}&key={KEY_API}

Parameters

query (string, required): Email or username (auto-detected)
key (string, required): Your API key

Example Request

cURL

curl -X GET "https://breachhub.org/api/[email protected]&key=your_api_key"

Discord OSINT

Discord user lookup and stalking tools with comprehensive profile data.

Endpoint	Description
/api/discord/discord-lookup	Basic Discord user lookup
/api/discord/discord-stalker	Advanced Discord user tracking

GET /api/discord/discord-lookup?query={query}&key={KEY_API}

Parameters

query (string, required): Discord user ID
key (string, required): Your API key

GET /api/discord/discord-stalker?query={query}&key={KEY_API}

Parameters

query (string, required): Discord user ID
key (string, required): Your API key

Error Handling

The API uses standard HTTP status codes to indicate success or failure.

Error Handling

HTTP status codes

200 Success Request completed

400 Bad Request Invalid parameters

401 Unauthorized Invalid API key

403 Forbidden Key revoked

429 Rate Limited Limit exceeded

500 Server Error Internal error

Example Error Response

401 Unauthorized

{
  "success": false,
  "error": "Invalid key"
}

Introduction

Base URL

Request Format

Authentication

Query Parameter Format

Getting an API Key

Rate Limits

API Status

Parameters

Example Request

Response

Source Status Values

Overall Status

Categories

BreachHub

Parameters

Example Request

Parameters

Example Request

Parameters

Example Request

Parameters

Example Request

Parameters

Example Requests

StalkMe — Discord Intelligence

Parameters

Example Request

Parameters

Example Request

Parameters

Example Request

Snusbase

Parameters

Example Request

Parameters

Parameters

Parameters

LeakOsint

Parameters

Example Request

LeakCheck V2

Parameters

Example Request

Breachbase

Parameters

IntelVault

Parameters

Example Request

Parameters

Example Request — name lookup with wildcard

Parameters

Example Request

BreachDirectory

Parameters

Example Request

HackCheck

Parameters

OsintKit

Parameters

Breach.vip

Parameters

Example Request

Cord.cat

Parameters

Parameters

Melissa

Parameters

IntelX

Osintcat

Parameters

Parameters

Machine Viewer (Stealer Logs)

Parameters

Parameters

Parameters

Parameters

Parameters

Parameters