Last Leaks API

Retrieve the most recent leaks (stealer logs and/or combolists) associated with a given domain or subdomain within a specified time window.

Overview

This endpoint allows you to fetch the latest leaks related to a domain or subdomain by analyzing stealer logs and combolists recorded in the last N days (configurable up to 30). It supports filtering by leak type, breach type.

This is particularly useful for monitoring newly emerging threats linked to your digital assets.

🔗 Endpoint

POST https://api.whiteintel.io/get_last_leaks.php

📥 Request Body (JSON)

Field

Type

Required

Description

apikey

string

✅ Yes

Your API key

query

string

✅ Yes

A domain or subdomain to search (e.g., example.com or mail.example.com)

data_type

string

❌ No

One of stealer, combolist, or all (default: all)

breach_type

string

❌ No

One of consumer, corporate, or all (default: all)

limit

int

❌ No

Max number of records (default: 500, max: 5000)

page

int

❌ No

Pagination (default: 1)

days

int

✅ Yes

How many days back to check (1–30). (default: 7)

✅ Example Request

POST /get_last_leaks.php
Content-Type: application/json

{
  "apikey": "your api key",
  "query": "example.com",
  "data_type": "all",
  "breach_type": "all",
  "limit": 1000,
  "page": 1,
  "days": 3
}

📤 Example Response

{
  "success": true,
  "remaining_daily_calls": 100,
  "results": [
    {
      "data_type": "stealer",
      "breach_type": "corporate",
      "url": "https://example.com/login",
      "username": "[email protected]",
      "password": "plaintext_or_hash",
      "log_date": "2025-04-29 10:15:00",
      "hostname": "DESKTOP-1234",
      "ip": "185.12.34.56",
      "malware_path": "C:\malware\stealer.exe",
      "anti_virus": "Windows Defender"
    },
    {
      "data_type": "combolist",
      "breach_type": "consumer"
      "url": "https://example.com/login",
      "username": "[email protected]",
      "password": "123456",
      "log_date": "2025-04-28 23:02:00"
    }
  ]
}

❌ Error Responses

Invalid Days

{
  "success": false,
  "error": "The days parameter must be an integer between 1 and 30."
}

Invalid Data Type

{
  "success": false,
  "error": "Invalid data type. Allowed values are: 'all', 'stealer', 'combolist'."
}

Invalid Query Format

{
  "success": false,
  "error": "Invalid query format. It should be a valid domain or subdomain."
}

Curl Example

curl -X POST https://api.whiteintel.io/get_last_leaks.php \
  -H "Content-Type: application/json" \
  -H "apikey: YOUR_API_KEY_HERE" \
  -d '{
    "query": "example.com",
    "data_type": "all",
    "breach_type": "all",
    "limit": 1000,
    "page": 1,
    "days": 3
}'

🛡️ Notes

For large exports or automated monitoring, paginate using page and manage limits responsibly.
Always sanitize and securely store the returned results.

PreviousOverall Stats API NextCombolists API

Last updated 1 month ago