Omkar API

Add or remove the primary Omkar API key. Changes apply on the server immediately.

Last Time Updated: Never

snitch.click

API Reference

Internal REST API for querying OSINT data sources. All endpoints require a valid session cookie.

Authentication

All API endpoints (except /api/auth) require a valid session cookie obtained by authenticating with the site password.

Session cookies are HttpOnly and SameSite=Strict. They expire after 7 days. Sessions are stored in server memory — a restart clears all sessions.

POST /api/auth

Authenticate with the site password. Sets a session cookie on success.

Request

"Content-Type": "application/json"

{
  "password": "your-site-password"
}

Response — 200 OK

{
  "ok": true
}
// Set-Cookie: snitch_sid=<token>; HttpOnly; SameSite=Strict; Path=/; Max-Age=604800

Error responses

StatusErrorDescription
400Bad requestMalformed JSON body
401Wrong passwordInvalid password
429Too many attemptsRate limited. Includes retryAfter (seconds)

Lookup

Query all connected data sources for an email address or phone number. Responses are normalized — all sources return the same record schema.

POST /api/lookup

Request body

FieldTypeRequiredDescription
valuestringrequiredEmail address or phone number to look up
modestringrequired"email" or "phone"
curl -X POST http://localhost:3000/api/lookup \
  -H "Content-Type: application/json" \
  --cookie "snitch_sid=<token>" \
  -d '{"value": "user@example.com", "mode": "email"}'

Response — 200 OK

{
  "ok":      true,
  "query":   "user@example.com",
  "mode":    "email",
  "summary": { "total_records": 87, "sources_hit": 4 },
  "results": {
    "breachvip":  { /* ServiceResult */ },
    "snusbase":   { /* ServiceResult */ },
    "leakcheck":  { /* ServiceResult */ },
    "hackcheck":  { /* ServiceResult */ },
    "intelvault": { /* ServiceResult */ },
    "seon":       { /* SeonResult */ }
  }
}

ServiceResult schema

{
  "ok":      true,
  "count":   17,
  "records": [
    {
      "source":   "twitter.com",
      "name":     "John Doe",
      "username": "johndoe",
      "password": "hunter2",
      "ip":       "1.2.3.4",
      "phone":    "+12025551234",
      "address":  "123 Main St, Washington, DC"
    }
  ]
}

Record fields

FieldTypeDescription
sourcestring | nullName of the database the record came from
namestring | nullFull name
usernamestring | nullUsername or handle
passwordstring | nullPlaintext or hashed password from the breach
ipstring | nullIP address associated with the record
phonestring | nullPhone number
addressstring | nullPhysical address
city / state / countrystring | nullStructured address fields when available
domainstring | nullParsed domain when the source provides one
categoriesstring[] | undefinedSource-specific tags

SeonResult schema

{
  "ok":            true,
  "score":         0,
  "deliverable":   true,
  "platforms":     ["apple", "facebook"],
  "hibp_breaches": 24,
  "breaches":      [{ "name": "Twitter (200M)", "date": "2021-01" }]
}

Failed service

{ "ok": false, "error": "Upstream error 503" }

Global error responses

StatusCondition
400Invalid JSON or missing value field
401No valid session cookie — authenticate first
429Auth rate limit exceeded