IP Leaks API

This endpoint can be used for retrieving leaks related to the given IP Address.

Endpoint: https://api.whiteintel.io/get_leaks_by_ip.php Method: POST Content-Type: application/json

This endpoint only available for Threat Intel licenses.

Parameters

Parameter

Required

Default

Description

apikey

Yes

N/A

Your API Key

query

Yes

N/A

Target IP address

limit

No

500

Integer value of limit. Min 1, maximum 5000.

page

No

1

Page number for pagination, starts from 1.

Response Fields

Response Key

Response Values

success

true or false

remaining_daily_calls

Intiger

results

Array of returned results. See below for example "results": [ { "data_type": "stealer", "url": "application_login_url", "system_id": 13371337, "username": "leaked_user", "password": "leaked_password", "log_date": "2025-04-29", "hostname": "compromised_computer_name", "ip": "compromised_ip", "malware_path": "malware_path", "anti_virus": null } ]

Full Sample Result

{ "success": true, "remaining_daily_calls": 1974, "results": [ { "data_type": "stealer", "url": "application_login_url", "system_id": 13371337, "username": "leaked_user", "password": "leaked_password", "log_date": "2025-04-29", "hostname": "compromised_computer_name", "ip": "compromised_ip", "malware_path": "malware_path", "anti_virus": null } ] }

Sample Request

curl --location 'https://api.whiteintel.io/get_leaks_by_ip.php' \
--header 'Content-Type: application/json' \
--data '{
           "apikey": "YOUR API KEY",
           "query": "TARGET EMAIL",
           "limit": 1000,
	   "page": 1   
}'

Notes

  • Replace "YOUR API KEY" with your actual API key.

  • query should be a valid IP address such as 192.168.0.1.

PreviousUsername Leaks APINextComputer Leaks API

Last updated