CHECK
Intelligence.
Built-in OSINT bot that scans data breach databases for exposed emails, phones, usernames, domains, and IPs. Reports delivered as self-destructing encrypted Dead Drops.
Ask a Question. Get a Secure Report.
Type a simple command like "check email you@example.com" and CHECK scans breach databases in real time. Results arrive as an encrypted Dead Drop that self-destructs after viewing.
- Scan 7 data types: email, phone, username, name, domain, IP, address
- Conversational interface — just type naturally inside any channel
- Risk scoring from SAFE to CRITICAL with credential leak detection
- Reports self-destruct — no sensitive data persists on the server
- Source-level severity ratings for every exposed record
What Can You Scan?
CHECK searches known breach databases across 7 data types. Type a command, get a detailed report.
Scan any email for breach exposure, leaked credentials, and compromised accounts.
Phone
Check phone numbers against telecom breaches, SIM swap databases, and leaked records.
Username
Search usernames across gaming, social, and service platform breaches.
Name
Look up real names exposed in public data dumps and corporate breaches.
Domain
Scan a domain to find all exposed accounts and credentials associated with it.
IP Address
Check IP addresses for reputation, associated breaches, and abuse reports.
Address
Search physical addresses exposed in data breaches and public record leaks.
Detailed Intelligence. Zero Trace.
Every report includes a risk score, exposure count, source breakdown, credential alerts, and individual exposed records — all inside an encrypted Dead Drop.
- Overview: total records, unique exposures, risk level, and risk score out of 100
- Credential alerts with partially masked passwords when detected
- Per-source breakdown with record count and severity rating
- Report delivered as Dead Drop — self-destructs after reading
Breach Intelligence. Encrypted. Ephemeral.
CHECK combines real-time OSINT with City of Hats encryption. Every report is delivered as a self-destructing Dead Drop — no screenshots, no persistent data.
Multi-Database OSINT
CHECK queries across multiple breach databases, dark web sources, and intelligence feeds — surfacing records from Cit0day, Collections, Naz.API, ALIEN TXTBASE, and more.
OSINTRisk Score & Severity
Every scan returns a risk score from 0–100 with a severity level (SAFE, LOW, MEDIUM, HIGH, CRITICAL). Credential leaks trigger immediate CRITICAL alerts.
RISK ANALYSISEnd-to-End Encrypted Reports
Reports are delivered as encrypted Dead Drops using AES-256-GCM. The server cannot read the report content. Only you can decrypt it.
AES-256-GCMSelf-Destructing Delivery
After you view the report, it is permanently deleted from the server. No history, no logs, no cached copies. Sensitive breach data never persists.
BURN-AFTER-READFrom Command to Report in Seconds
Type a natural language command, get a comprehensive intelligence report delivered as an encrypted self-destructing Dead Drop.
Open the Bot
Start a channel with the CHECK Intelligence Bot. It lives right inside your regular channel list.
Type a Command
Enter a query like "check email john@example.com" or "check domain company.com". Use the quick-action chips for common scan types.
Scan Runs
CHECK queries breach databases in real time. Within seconds you see a summary with risk level and exposure count.
Open Secure Report
Tap "Open Secure Report" to view the full Dead Drop. It shows every exposed record, source, and severity — then self-destructs.
Who Uses CHECK Intelligence?
From personal security hygiene to enterprise breach response — CHECK Intelligence is built for anyone who needs to know if their data is exposed.
Personal Security Audit
Check your own email, phone, and usernames to discover exposures before attackers exploit them. Change compromised passwords immediately.
Enterprise Security Teams
Scan company domains and employee emails to detect corporate credential leaks. Identify exposed accounts before they become attack vectors.
Penetration Testers
Gather OSINT on target domains and emails during reconnaissance. Source-level data helps prioritize attack surfaces.
Investigative Journalists
Verify digital footprints and trace exposed identities without leaving a browser trail. Reports self-destruct, protecting source material.
Legal & Compliance
Document breach exposure for regulatory filings, litigation, or compliance audits. Reports provide source-level evidence with timestamps.
Protecting Family
Check if family members' emails or phone numbers appear in known breaches. Proactively secure accounts before identity theft occurs.
Built on Zero-Trust Principles
CHECK Intelligence inherits City of Hats' zero-knowledge architecture. Reports are encrypted and ephemeral by design.
✓ Enforced by Design
- ✓ Reports encrypted with AES-256-GCM before delivery
- ✓ Self-destructing Dead Drop delivery for all reports
- ✓ Passwords partially masked in all report outputs
- ✓ No report history stored on server after viewing
- ✓ Bot channel uses same E2E encryption as all channels
- ✓ Source-level severity ratings for each exposed record
✗ Never
- ✗ Reports are never cached or stored after delivery
- ✗ Full passwords are never shown — always partially masked
- ✗ No third-party analytics on report content
- ✗ Scan queries are not logged or associated with your identity
- ✗ No server-side copies of decrypted report data
- ✗ No data shared with external services or advertisers