IP Leaks API

The IP Leaks API allows users to infostealer related leaks attached to an IP address. The request must include the query parameter and apikey.

Endpoint

POST /api/get_leaks_by_ip.php

Required Headers

Name
Description

Content-Type

Must be set to application/json

Parameters

Name
Type
Required
Default
Description

apikey

string

Yes

N/A

Your API key.

query

string

Yes

N/A

IPv4 or IPv6 address to search for.

start_date

string

No

N/A

The start date for retrieving leaks in YYYY-MM-DD format

end_date

string

No

N/A

The end date for retrieving leaks in YYYY-MM-DD format

limit

int

No

N/A

Limits the results to given number

If no date is specified, API will return all of the results related to given IP address.

Sample Request

Request URL

POST /api/get_leaks_by_ip.php

{
    "query": "127.0.0.1",
    "apikey": "yourapikey"
}

Example Success Response

{"total_leaks":1,"remaining_daily_api_calls":980,"data":[{"url":"https:\/\/sampleurl.com\/sample_endpoint\/","username":"sampleusername","password":"sample_pass","compromised_device_ip":"IP Address","compromised_host_username":"device_username","compromised_host_hostname":"device_hostname","compromised_host_os":"Windows 10 Home Single Language [x64]","malware_path":"C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\AppLaunch.exe","country":"COUNTRY CODE","log_date":"2024-10-23"}

Example Error Response

{"error":"Missing search parameter."}

Code Examples

Example with Curl

curl -X POST https://whiteintel.io/api/get_leaks_by_ip.php \
     -H "Content-Type: application/json" \
     -d '{
           "apikey": "yourapikey",
           "query": "IP Address"
         }'

Example with Python


import requests

url = "https://whiteintel.io/api/get_leaks_by_ip.php"
payload = {
    "apikey": "yourapikey",
    "query": "IP address"
}
headers = {
    "Content-Type": "application/json"
}

response = requests.post(url, json=payload, headers=headers)

if response.status_code == 200:
    print("Response:", response.json())
else:
    print("Failed to retrieve customer leaks:", response.status_code, response.text)

Last updated