it uses hash1 generator their is no one to trust but yourself in order to check the your own password was ever been hacked first we change our password to hash1 then using the first five charactor of hash1password we send a request to check if there is a hacked password before that begans with those five charactor
so finally we check our hash1password and the one we get from server list when we get the match we print out the count