IP Leaks API

The IP Leaks API allows users to infostealer related leaks attached to an IP address. The request must include the query parameter and apikey.

IP Leaks API is only available for CTI Firm licenses.

Endpoint

POST /api/get_leaks_by_ip.php

Required Headers

Name
Description

Content-Type

Must be set to application/json

Parameters

Name
Type
Required
Default
Description

apikey

string

Yes

N/A

Your API key.

query

string

Yes

N/A

IPv4 or IPv6 address to search for.

start_date

string

No

N/A

The start date for retrieving leaks in YYYY-MM-DD format

end_date

string

No

N/A

The end date for retrieving leaks in YYYY-MM-DD format

limit

int

No

N/A

Limits the results to given number

If no date is specified, API will return all of the results related to given IP address.

Sample Request

Request URL

POST /api/get_leaks_by_ip.php

{
    "query": "127.0.0.1",
    "apikey": "yourapikey"
}

Example Success Response

{"total_leaks":1,"remaining_daily_api_calls":980,"data":[{"url":"https:\/\/sampleurl.com\/sample_endpoint\/","username":"sampleusername","password":"sample_pass","compromised_device_ip":"IP Address","compromised_host_username":"device_username","compromised_host_hostname":"device_hostname","compromised_host_os":"Windows 10 Home Single Language [x64]","malware_path":"C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\AppLaunch.exe","country":"COUNTRY CODE","log_date":"2024-10-23"}

Example Error Response

{"error":"Missing search parameter."}

Code Examples

Example with Curl

curl -X POST https://whiteintel.io/api/get_leaks_by_ip.php \
     -H "Content-Type: application/json" \
     -d '{
           "apikey": "yourapikey",
           "query": "IP Address"
         }'

Example with Python


import requests

url = "https://whiteintel.io/api/get_leaks_by_ip.php"
payload = {
    "apikey": "yourapikey",
    "query": "IP address"
}
headers = {
    "Content-Type": "application/json"
}

response = requests.post(url, json=payload, headers=headers)

if response.status_code == 200:
    print("Response:", response.json())
else:
    print("Failed to retrieve customer leaks:", response.status_code, response.text)
PreviousLast Leaks APINextHostname Leaks API

Last updated