Osintly can enrich a search with leak and breach intelligence when those sources are enabled for your plan.Documentation Index
Fetch the complete documentation index at: https://docs.osint.ly/llms.txt
Use this file to discover all available pages before exploring further.
Leak data is streamed progressively and merged into the same result workflow as standard modules.
What Osintly shows
Osintly exposes two related but different datasets:Leaked Results (raw leak records)
Leaked Results (raw leak records)
Record-level data fetched from leak repositories.
These records are often heterogeneous (source-dependent) and can include identifiers such as emails, usernames, phone numbers, IPs, hashes, profile fields, and metadata.Schema is not identical across sources: field names and completeness vary by dataset.
These records are often heterogeneous (source-dependent) and can include identifiers such as emails, usernames, phone numbers, IPs, hashes, profile fields, and metadata.Schema is not identical across sources: field names and completeness vary by dataset.
Breached Accounts (breach event summary)
Breached Accounts (breach event summary)
Event-style breach summaries tied to known breach sources and breach dates.
In the current panel view, this is primarily a source/date-oriented summary block (not a full dump of exposed fields).
In the current panel view, this is primarily a source/date-oriented summary block (not a full dump of exposed fields).
Where leak/breach data appears
Leak and breach intelligence is visible in multiple UI areas on the result page:-
Leaked Results tab
Dedicated leak browsing area with source tabs, loading states, and large-dataset handling. -
All Results tab
Leak-related cards can also appear in the broader result flow, alongside other modules. -
Breach & Pictures synthesis block (top section)
Includes a Breached Accounts panel (source + date timeline style) and profile picture extraction when available.
Leaked Results tab behavior
The Leaked Results tab is built for large and uneven datasets:- Source-level tabs are generated from enabled/available leak sources
- Sources can be loading, resolved, empty, or failed independently
- Big sources are paginated and appended progressively
- Empty/No-source states are explicit (so “no data” is distinguishable from “still loading”)
Searching and filtering leak data
Use the result search bar and filters to narrow leak output without launching a new search:- Keyword search across returned leak cards (email fragments, usernames, domains, etc.)
- Source filters (from enabled leak providers)
- Data-type filters (when available through the filter modal)
Provider access by plan
Leak-source access is plan-gated.| Capability | Standard | Pro | Advanced |
|---|---|---|---|
| Leak source access | No | Yes | Yes |
| Sources available | None | Snusbase, Breach VIP, Hudson Rock, Leak Check, Leak Osint, Breach Base | Snusbase, Breach VIP, Hudson Rock, Leak Check, Leak Osint, Breach Base |
- the Leaked Results tab is disabled/hidden in practice for that search context
- leak-source options are locked in Search settings
- those providers are not queried
Source selection and query scope
Before launching a search, leak source scope can be adjusted in Search settings.Only selected + allowed sources are queried for that run. So two searches with the same identifier can return different leak coverage if source selection differs.
Data interpretation notes
- Leak records are provider-native and may contain duplicates or partial fields
- Breach dates come from source data and usually represent breach-event timing, not “indexed at” timing
- “No leaked results” can mean either:
- no matches in queried sources, or
- source unavailable/failed/rate-limited for that run