Skip to main content

Before you start

1

Create your account

Go to Osintly. You can sign up with email/password or via Google, Discord, GitHub, X, LinkedIn, or Facebook.
Enable MFA right after signup. It takes 30 seconds and protects your investigation data.
2

Pick a plan

Each search costs credits. Choose based on your expected volume. Full details on osint.ly/pricing:
PlanCredits/monthBest for
Standard (€9.99)25Occasional solo investigations
Pro (€24.99)100Regular analysts, small teams
Advanced (€94.99)200Power users, team workspaces
You can upgrade at any time. Credits do not roll over month to month.
3

Complete your profile

Set your username and avatar. If you’re on a team plan, your display name is visible to teammates.
1

Go to the Search page

The Search page is the default landing page when you log in. If you navigated away, click Search in the left sidebar to get back.
2

Select the input type

Pick the type that matches your target:
TypeExample input
Pseudonymjohndoe42
Email Addressjohn@example.com
Phone+1 555 000 1234
IP address192.168.1.1
Domainexample.com
Cryptocurrency1A1zP1eP5Q...
3

Start the search

Hit Search. Results stream in real time via SSE: module cards appear as each source responds. You don’t need to wait for everything to finish before reading results.
4

Read the result page

Each module card shows a data source. Click any card to expand linked records, images, and geographic context.
Each card represents one data source or provider. The number of cards you see depends on your plan: higher plans unlock more providers, including leak and breach sources.
Profile pictures and media found during the search are grouped in the Images tab for quick visual cross-referencing.
Aggregated data from leak databases. Each row shows the fields exposed: password hash, IP, username, and more. Availability depends on your plan.
Results from breach-specific providers (Snusbase, Breach VIP, Hudson Rock, LeakCheck, and others). Shows which breach an account appeared in, and when.
Only available on Email searches. Shows services and platforms where this email address has a registered account.
Any geolocation signals are plotted on an interactive map.
Available on Pro and Advanced. Open the AI chat to ask questions about the results, generate a timeline, or focus on specific signals. The AI can also run a web search for additional context.
5

Come back to your results anytime

You can leave the result page freely. Every search is saved automatically and accessible from your history. From there you can reopen any past result, continue reading, or attach it to a project later.
Create one project per case. It keeps your search history, attachments, and team context together in one place.

Common first searches by use case

Five quick starting points. For complete step-by-step workflows on each scenario, see the Use cases page.
  1. Select Pseudonym as input type.
  2. Enter the handle exactly as you found it (case matters on some platforms).
  3. Review the social profile cards and breach results.
  4. If you find an email in the results, start a new Email search to expand the profile.
Add both searches to the same project to keep the correlation visible.
  1. Select Email Address as input type.
  2. Paste the target address.
  3. Breach results appear in cards from providers like Snusbase, LeakCheck, Hudson Rock, and others. Availability depends on your plan.
  4. Each breach card shows the data fields exposed (password hash, IP, username, etc.).
Breach provider access is gated by plan. Check Pricing to see what each plan includes.
  1. Select IP address as input type.
  2. Enter the IP (IPv4 or IPv6).
  3. Check geolocation, hosting provider, ASN, and threat intelligence cards.
  1. Select Domain as input type.
  2. Enter the root domain without https:// or trailing slash.
  3. Review DNS records, subdomains, WHOIS, and linked IP addresses.
  4. Cross-reference any discovered IPs with a new IP search.
  1. Select Cryptocurrency as input type.
  2. Paste the full wallet address.
  3. Review transaction history, linked addresses, and risk signals.

Next steps

Investigation playbooks

Structured multi-step workflows for real cases.

Set up a team

Invite members, assign roles, and manage shared credits.

Monitoring & alerts

Get notified when new data appears for a target.