API - Public Breaches Search (140+ Billion Records)
π§ NiamonX API β Public Breaches Search (140+ Billion Records)
Comprehensive API documentation for searching public data breaches aggregated from 4,500+ sources.
β οΈ Important Notice
The Public Breaches Search API allows you to query a massive database of publicly available leaks (>140 billion records).
Use it only for legitimate purposes β such as verifying your own data or with explicit authorization.
β Abuse or publication of obtained data will lead to account suspension and permanent API ban.
Some results may contain outdated or incomplete data.
𧩠API Endpoint
Main URL:
Headers:
Body Example:
{ "query": "[email protected]" }Example Request via cURL
curl -X POST https://dash.niamonx.io/api/v2/breaches_search \
-H "Content-Type: application/json" \
-H "X-API-Key: YOUR_API_KEY" \
-d '{"query":"[email protected]"}'π§ Query Parameters
| Field | Type | Description | Example |
|---|---|---|---|
query |
string |
Search term (email, phone, domain, IP, username, etc.) | "[email protected]" |
Supported Search Types
-
Email:
[email protected] -
Login or Username:
nickname123 -
Domain:
domain.com -
IP address:
1.1.1.1 -
Combo (e.g. βemail passwordβ or βname phoneβ)
-
Full name, city, social ID
π‘ Tip: If you get an empty response, try deleting one character from the query and repeat the request β it refreshes the search pipeline.
βοΈ Response Structure
β When Data Is Found
HTTP 200
{
"success": true,
"data": {
"query": "niamonx",
"task_id": "50bab956-4a9c-4548-83ff-a0451be1b18e",
"status": "ok",
"detail": "file_downloaded",
"meta": {
"blocks_total": 3,
"emails": ["[email protected]"],
"names": ["NiaMonx"],
"first_seen": "2021-01-21T05:32:31+00:00",
"last_seen": "2021-01-22T01:51:31+00:00"
},
"risk": {
"score": 9,
"level": "Low"
},
"blocks": [
{
"id": "p1",
"title": "TestNia",
"description": "In November 2021, the TestNia website...",
"groups_normalized": [
{
"fields_map": {
"email": "[email protected]",
"nick": "NiaMonx",
"ip": "2800:***:9824"
}
}
]
}
],
"rate": {
"remaining": 99,
"reset_in_sec": 600
},
"cooldown_sec": 10
}
}
π³οΈ When No Results Found
HTTP 200
{
"success": true,
"data": {
"query": "[email protected]",
"status": "not_found",
"detail": "no results found",
"meta": { "blocks_total": 0 },
"risk": { "score": 0, "level": "Low" }
}
}
π When Data Is Protected
HTTP 200
{
"success": true,
"data": {
"success": false,
"error": "[NiamonX | DataGuard] This data has been removed and is no longer indexed by our search engine at the request of the copyright holder."
}
}
π HTTP Status Codes
| Code | Meaning |
|---|---|
| 200 | Success β request processed |
| 400 | Invalid input or malformed body |
| 401 | Invalid or missing API key |
| 403 | Tool disabled for your account |
| 404 | Unknown endpoint or invalid tool name |
| 405 | Wrong method β use POST |
| 429 | Cooldown or daily limit reached |
𧱠Features Summary
-
π 140+ billion records
-
π 4500+ aggregated sources
-
π Cryptographically protected data
-
π§ Risk Indicator (numeric + level)
-
β‘ Cached results for faster response
-
π§― Automatic data removal for sensitive categories (bank/medical)
π» Code Examples
1. Python (requests)
import requests
url = "https://dash.niamonx.io/api/v2/breaches_search"
headers = {
"Content-Type": "application/json",
"X-API-Key": "YOUR_API_KEY"
}
payload = { "query": "[email protected]" }
response = requests.post(url, json=payload, headers=headers)
print(response.status_code)
print(response.json())
2. JavaScript (Node.js / Axios)
import axios from "axios";
const API_KEY = "YOUR_API_KEY";
const url = "https://dash.niamonx.io/api/v2/breaches_search";
async function searchLeak(query) {
try {
const res = await axios.post(
url,
{ query },
{
headers: {
"Content-Type": "application/json",
"X-API-Key": API_KEY
}
}
);
console.log(res.data);
} catch (err) {
console.error("Error:", err.response?.data || err.message);
}
}
searchLeak("[email protected]");
3. PHP (cURL)
<?php
$api_key = "YOUR_API_KEY";
$url = "https://dash.niamonx.io/api/v2/breaches_search";
$data = ["query" => "[email protected]"];
$options = [
CURLOPT_URL => $url,
CURLOPT_RETURNTRANSFER => true,
CURLOPT_POST => true,
CURLOPT_HTTPHEADER => [
"Content-Type: application/json",
"X-API-Key: $api_key"
],
CURLOPT_POSTFIELDS => json_encode($data)
];
$ch = curl_init();
curl_setopt_array($ch, $options);
$response = curl_exec($ch);
curl_close($ch);
echo $response;
?>
4. Go (net/http)
package main
import (
"bytes"
"fmt"
"io"
"net/http"
)
func main() {
apiKey := "YOUR_API_KEY"
jsonBody := []byte(`{"query":"[email protected]"}`)
req, _ := http.NewRequest("POST", "https://dash.niamonx.io/api/v2/breaches_search", bytes.NewBuffer(jsonBody))
req.Header.Set("Content-Type", "application/json")
req.Header.Set("X-API-Key", apiKey)
client := &http.Client{}
resp, err := client.Do(req)
if err != nil {
panic(err)
}
defer resp.Body.Close()
body, _ := io.ReadAll(resp.Body)
fmt.Println("Status:", resp.Status)
fmt.Println(string(body))
}
π§ Best Practices
-
Wait 3 seconds between requests to respect cooldown (anti-spam).
-
Combine parameters intelligently:
-
"email password" -
"name phone"
-
-
Do not republish or share results publicly.
-
If you detect compromised credentials β change passwords immediately.
-
Sensitive datasets (bank cards, healthcare) are automatically excluded.
π§Ύ Summary
| Feature | Description |
|---|---|
| Endpoint | https://dash.niamonx.io/api/v2/breaches_search |
| Method | POST |
| Authentication | X-API-Key |
| Cooldown | 3 seconds |
| Rate Limit Info | Returned in rate object |
| Data Types Supported | Email, phone, IP, domain, username |
| Data Protection | SHA-256 & DataGuard Compliance |
β Now you can safely integrate the NiamonX Public Breaches API into your OSINT tools, cybersecurity dashboards, or monitoring systems β with full ethical and legal compliance.