No active case
Systems Online
TV
Sign in to your account
Don't have an account? Sign up
New Trace
Create a new intelligence trace
No active case
Subject Selectors
Name
Email Address
Phone Number
Username / Handle
Domain / URL
IP Address
Physical Address
Business / Organization
Image / Photo
Intelligence Modules 0 active
Identifiers
Digital
Location & Verification
Records
Selectors0
Modules0
Cost0 credits
AI Report
Export
Identity Resolution 7 Records
full_name
aliasesj.doe.93 · jd_writes · jdoe_official
dob
addressStafford, VA (current)
address_history4 records on file
employer
confidence97.3% — Pipl/Intelius match
Breach Exposure 4 Breaches
LinkedIn 20212021Email · Phone · Employment
Adobe 20132013Email · Password hash
Collection #12019Email · Password (plain)
Canva 20192019Name · Email
Social Profiles 11 Found
Twitter/X
LinkedIn
Reddit
GitHub
Instagram
Facebook
TikTok
Pinterest
Telegram
Discord
Flickr
Snapchat
Risk Flags 3 High
HighPassword exposed in plain text in Collection #1 breach. Credential stuffing risk.
HighGPS coordinates embedded in 2 Instagram images — location pattern analysis recommended.
High3 domains registered via privacy proxy — beneficial ownership concealed.
MedPhone number linked to VoIP provider — potentially non-traceable.
LowAccount creation timestamps cluster between 02:00–04:00 local — atypical activity pattern.
AI Intelligence Report Claude Sonnet Generated 5.1s · 8 modules
Subject Assessment. Cross-referencing seven identity records, the subject operates under at least three confirmed aliases across 11 active social media platforms. The highest-confidence identity match — established through Trestle Real Contact and Pipl correlation at 97.3% — places the primary residence in Stafford, Virginia, with address history spanning the Southeast United States from 2017 to present.

Critical finding: Password credentials were exposed in plain text in the Collection #1 breach, representing an active credential-stuffing risk across all linked accounts. DeHashed confirms two additional exposures with plaintext passwords. Recommend immediate cross-reference of exposed credentials against the subject's active email and social platform access.

Digital Footprint. The subject maintains a consistent username pattern — jdoe.93 / jd_writes — across 9 of 11 discovered platforms, enabling high-confidence attribution. Two dormant accounts (pre-2019) contain archived content that may be relevant to the timeline. GPS metadata embedded in two Instagram posts geocodes to Coral Gables, Florida, which correlates with an associate address cluster and a business registration filed under the subject's middle name.

Recommended Next Steps. (1) Subpoena carrier records for linked phone number — Twilio Identity Match flags a SIM swap in January. (2) Conduct shadow analysis on the two geotagged images to establish time-of-day and verify location. (3) Identify beneficial owner of three privacy-proxy domains via registrar legal process. (4) Pull OpenCorporates filing history for the Miami business entity and cross-reference officers against known associate list.
Filter
Street View Google Maps
Select a location
to preview Street View
Case Files
Active Cases4
Archived Evidence31
AI Reports8
Exports22
Trash3
Cases / Active Cases
Trace
INV-0041 Full Profile
Mar 14 · 8 modules
AI Report
INV-0041 Intelligence Summary
Mar 14 · 5.1s gen
Archive
INV-0041 Social Evidence
Mar 14 · 23 posts
Trace
INV-0039 Domain Network
Mar 12 · 5 modules
Export
INV-0039 Report.pdf
Mar 12 · PDF
AI Report
INV-0037 Risk Assessment
Mar 10 · 3.8s gen
Archive
INV-0037 Web Pages
Mar 10 · 11 pages
Export
INV-0034 Data.json
Mar 8 · JSON
Trace
INV-0034 Phone Network
Mar 8 · 4 selectors
Export
AI Report Engine
System Health
Status
Uptime
Node
Env configured
Audit log entries
Recent error rate
Accrued cost
Active Probes
Connect to load probes…
Click a probe to run a live connectivity test against that service.
API Key Configuration
Connect to load…
Recent Errors
Connect to load…
Claude AI Ops Chat
👋 I'm your Tracevoyant ops assistant. Ask me to diagnose errors, explain system state, or write a fix. I'm pre-loaded with your current health data and recent errors.
Help & Guide

Three steps to your first trace:

  1. Add selectors — enter a name, email, phone, username, domain, or IP in the New Trace tab. Mix types.
  2. Pick modules — toggle on the intelligence layers you want. Each module runs 3–8 APIs in parallel.
  3. Run Trace — results appear in the Results tab. Check Discovered Pivots for follow-up selectors.

Paste any value into a selector row — the type (email, phone, domain, etc.) is auto-detected.

Each selector type routes to different APIs. Mix freely in one trace.

TypeBest forModules triggered
Full NameSubject identificationPersonCompanies
EmailDigital breadcrumbsBreachDigitalDomain
PhoneCarrier + messaging appsPhoneBreach
UsernameSocial platform mappingDigitalBreach
DomainWHOIS + DNS + threat intelDomainArchiveCompanies
IP AddressGeolocation + ASN + abuseDomainGeo
AddressPhysical location lookupPersonGeo
Business NameCorporate recordsCompaniesPerson
Image / PhotoReverse face searchMedia
ModuleWhat it findsKey APIs
PersonName, DOB, addresses, employment, social linksPeople Data Labs, Enformion
DigitalRegistered accounts on 200+ platforms, profile dataSherlock, Maigret, holehe
BreachEmail/password exposure, breach source namesHIBP, DeHashed, BreachDirectory
PhoneCarrier, line type, caller ID, SIM swap, WhatsApp/TelegramTwilio Lookup v2
DomainWHOIS, DNS records, subdomains, IP geo, threat scoreWhoisXML, HackerTarget, Pulsedive
GeolocationGeocoded coordinates, Street View imageryGoogle Maps API
MediaReverse face search, social image matchingFaceCheck.ID, SocialFinder
ArchiveHistorical snapshots of domains and URLsWayback Machine, Archive.today
CompaniesFilings, officers, sanctions, federal contractsSEC EDGAR, Companies House, OpenSanctions
AI ReportClaude-written intelligence narrative from all resultsAnthropic Claude API

The Results tab shows a card for each module that returned data.

  • Trace summary card — every API called, its status (green/red dot), and latency. Click failed services to see the error.
  • Breach Exposure — breach count in amber/red = active risk. Plaintext password warnings are flagged in red.
  • Platform Presence — green chips = confirmed registered account. Dim chips = not found. Click a green chip to open the profile.
  • Phone Intelligence — includes SIM swap history, WhatsApp/Telegram registration, and ICEHook risk score.
  • Discovered Pivots — new selectors uncovered during the trace (e.g., alternate emails, phone numbers). Click to add to the current trace.
  • AI Report — click "Generate Report" after the trace. Streams a structured narrative with findings and risk flags.

Pivots are new selectors the platform finds automatically while running your trace — an alternate email in a breach record, a phone number from a person lookup, a domain from a company filing.

They appear as blue chips at the bottom of the Results panel. Click any pivot to instantly add it as a selector and run a deeper trace without switching tabs.

Already-queried pivots appear dimmed. The trace builds a growing graph of connected identifiers across runs.

Cases accumulate profiles across multiple trace runs. Every trace you run inside a case adds to the same subject profile — you don't start over each time.

Use ↓ Save in the top bar to save a case to your library. Open saved cases from the Case Files tab.

Export formats:

  • .DOCX / .DOC — Word document with full report (Investigator+ plan)
  • .PDF — PDF version of the report
  • .JSON — raw profile data for further processing
  • .CSV — flat table of all data points

Important Tracevoyant is for lawful investigative purposes only — licensed private investigators, fraud analysts, HR background checks, and journalists conducting due diligence.

Every query is logged with your investigator ID, case ID, and timestamp. Do not use this platform to harass, stalk, or target individuals without a lawful basis.

FCRA-restricted data sources (credit headers, employment verification) require a permissible purpose. Trestle and Enformion are Tier B — they require your attestation at login that you have a lawful basis for each query.