Search API Documentation


The "search" API is designed to provide a simple and easy to use endpoint for end-users to search across all indexed breaches.



The leak-lookup API requires an API key to perform queries, to find your API key please click here.

  • Public Key
    • Every user account is provided with a free public API key, this key is limited to 10 requests per day and can be found here.
  • Private Key
    • Private API access is limited to businesses/organizations and is therefore quoted on a case-by-case basis, to find out more please contact us here.

Static IPv4 or CIDR Range

Providing a static IPv4 or CIDR range is optional, we recommend providing this if you run into issues with rate-limiting.


All "search" API requests should be sent as a POST request to the following endpoint:

Each successful request will increment your daily request limit by 1, when this limit hits the rate set by support you will have to wait for your allowance to reset.


API requests require the following parameters:

  • key - This is the clients API key, which can found here.
  • type - This is the clients search query type (please see below).
  • query - This is the clients search query.

Available types:

The fields specified below can be used within the type field to perform more precise searches.

  • email_address
  • username
  • ipaddress
  • phone
  • domain
  • password
  • fullname

* Please note, when using the domain type certain queries have been blacklisted due to abuse concerns.


API requests may contain any of the following fields:

We try to standardize fields across data-breaches, however we cannot guarantee all fields will be present.

  • userid
  • uid
  • memberid
  • member_id
  • email_address
  • emailaddress
  • email
  • email_address2
  • emailaddress2
  • email2
  • membername
  • username
  • uname
  • user_name
  • member_name
  • ipaddress
  • ip_address
  • ip
  • password
  • password2
  • password3
  • password4
  • plaintext
  • hash
  • salt
  • salt2
  • salt3
  • secret
  • key
  • firstname
  • first_name
  • fname
  • lastname
  • last_name
  • lname
  • fullname
  • full_name
  • number
  • phone
  • mobile
  • telephone
  • address
  • address1
  • address2
  • address3
  • city
  • state
  • country
  • county
  • postcode
  • zipcode
  • postalcode
  • zip
  • breachname
  • fb_id
  • facebook_id
  • fbid


Public Response

The following response format is returned if the end-client is using a public API key.

All indexed columns are stripped from the returned response.

    "error": "false",
    "message": {
        "breach_sitename_1": [],
        "breach_sitename_2": [],
        "breach_sitename_3": [],
        "breach_sitename_4": []

Private Response

The following response format is returned if the end-client is using a private API key.

    "error": "false",
    "message": {
        "breach_sitename_1": [
            { "column1": "value1", "column2": "value2", "column3": "value3" },
            { "column1": "value1", "column2": "value2" }
        "breach_sitename_2": [
            { "column1": "value1", "column2": "value2" }
        "breach_sitename_3": [
            { "column1": "value1", "column2": "value2", "column3": "value3", "column4": "value4" }
        "breach_sitename_4": [
            { "column1": "value1", "column2": "value2" }

Error Response

Should an error occur, the follow response will be returned.

Please see below for an expanded explanation of all provided error messages.

    "error": "true",
    "message": ""

Error Messages

  • MISSING SEARCH TYPE - Invalid search API request, the search type parameter is missing.
  • MISSING SEARCH QUERY - Invalid search API request, the search query parameter is missing.
  • MISSING API KEY - Invalid search API request, the search key parameter is missing.
  • MISSING REQUIRED PARAMETERS - Invalid search API request, please refer to the search API documentation.
  • EMPTY VALUE DETECTED - Invalid search API request, empty parameter detected. Please refer to the search API documentation.
  • SEARCH FAILED - Search API request failed, please try again later. If the problem persists please contact support with a log of the request.
  • SEARCH QUERY BLACKLISTED - Invalid search API request, blacklisted query detected, please contact support.
  • REQUEST LIMIT REACHED - API daily request limit has been reached, please wait until your daily allowance renews.
  • RATE LIMIT REACHED - You have performed more than 5 requests in the last minute, please wait a further minute before querying again.
  • INACTIVE API KEY - API key is inactive, please renew under API overview or contact support.
  • INVALID API KEY - API key provided is invalid, please contact support.



Here are some command line examples using CURL, please replace {API_KEY} with the provided API key.

Email address example:

curl '' -d 'key={API_KEY}&type=email_address[email protected]'

Username example:

curl '' -d 'key={API_KEY}&type=username&query=david.smith'

Domain example:

curl '' -d 'key={API_KEY}&type=domain&'

IPv4 address example:

curl '' -d 'key={API_KEY}&type=ipaddress&query='

Third-Party libraries

Leak-Lookup provides support for the following third-party libraries, API integration is as simple as entering your API key.


Please reference third-party documentation for further information.