Breach Search
Search leaked credentials and breach data by email, phone, IP, domain.
Breach Search (Dehashed)
Search breach databases for leaked credentials, emails, phone numbers, IP addresses, and more. Powered by Dehashed.
POST /api/v1/dehashed/search
Auth: x402 payment ($0.05 USDC)
Parameters
| Parameter | Type | Required | Description |
|---|---|---|---|
query | string | Yes | Search query in field:value format |
size | number | No | Results per page (1-10000, default varies) |
page | number | No | Page number |
Query Fields
| Field | Example | Description |
|---|---|---|
email | email:user@example.com | Email address |
username | username:johndoe | Username |
password | password:hunter2 | Plaintext password |
hashed_password | hashed_password:5f4dcc... | Password hash |
name | name:John Doe | Full name |
ip_address | ip_address:192.168.1.1 | IP address |
phone | phone:+1234567890 | Phone number |
address | address:123 Main St | Physical address |
domain | domain:example.com | Email domain |
vin | vin:1HGBH41JXMN109186 | Vehicle identification number |
Example Request (cURL)
curl -X POST https://x402.dial.wtf/api/v1/dehashed/search \
-H "Content-Type: application/json" \
-H "Payment-Signature: BASE64_ENCODED_PAYMENT" \
-d '{
"query": "email:target@example.com",
"size": 100,
"page": 1
}'Example Request (JavaScript)
const result = await dial.dehashed.search({
query: "domain:example.com",
size: 50,
});Response
{
"success": true,
"message": "Search complete",
"total": 42,
"entries": [
{
"id": "12345",
"email": "user@example.com",
"username": "johndoe",
"password": "",
"hashed_password": "5f4dcc3b5aa765d61d8327deb882cf99",
"name": "John Doe",
"ip_address": "203.0.113.1",
"address": "",
"phone": "+1234567890",
"vin": "",
"obtained_from": "BreachName_2024"
}
],
"balance": 985
}POST /api/v1/dehashed/search-with-credits
Auth: Bearer token (1 credit)
Same parameters and response. Uses prepaid credits instead of x402 payment.
curl -X POST https://x402.dial.wtf/api/v1/dehashed/search-with-credits \
-H "Content-Type: application/json" \
-H "Authorization: Bearer YOUR_PRIVY_ACCESS_TOKEN" \
-d '{"query": "email:target@example.com"}'Security Note
Breach data is sensitive. By default, the Dial skill for Claude Code redacts password and hashed_password fields when displaying results. Use this data responsibly and only for authorized security research, penetration testing, or credential monitoring.