Last Leaks API

Retrieve the most recent leaks (stealer logs and/or combolists) associated with a given domain or subdomain within a specified time window.

Overview

This endpoint allows you to fetch the latest leaks related to a domain or subdomain by analyzing stealer logs and combolists recorded in the last N days (configurable up to 30). It supports filtering by leak type, breach type.

This is particularly useful for monitoring newly emerging threats linked to your digital assets.

🔗 Endpoint

POST https://api.whiteintel.io/get_last_leaks.php

📥 Request Body (JSON)

Field

Type

Required

Description

apikey

string

✅ Yes

Your API key

query

string

✅ Yes

A domain or subdomain to search (e.g., example.com or mail.example.com)

data_type

string

❌ No

One of stealer, combolist, or all (default: all)

breach_type

string

❌ No

One of consumer, corporate, or all (default: all)

limit

int

❌ No

Max number of records (default: 500, max: 5000)

page

int

❌ No

Pagination (default: 1)

days

int

✅ Yes

How many days back to check (1–30). (default: 7)

✅ Example Request

POST /get_last_leaks.php
Content-Type: application/json

{
  "apikey": "your api key",
  "query": "example.com",
  "data_type": "all",
  "breach_type": "all",
  "limit": 1000,
  "page": 1,
  "days": 3
}

📤 Example Response

{
  "success": true,
  "remaining_daily_calls": 100,
  "results": [
    {
      "data_type": "stealer",
      "breach_type": "corporate",
      "url": "https://example.com/login",
      "username": "admin@example.com",
      "password": "plaintext_or_hash",
      "log_date": "2025-04-29 10:15:00",
      "hostname": "DESKTOP-1234",
      "ip": "185.12.34.56",
      "malware_path": "C:\malware\stealer.exe",
      "anti_virus": "Windows Defender"
    },
    {
      "data_type": "combolist",
      "breach_type": "consumer"
      "url": "https://example.com/login",
      "username": "user@example.com",
      "password": "123456",
      "log_date": "2025-04-28 23:02:00"
    }
  ]
}

❌ Error Responses

Invalid Days

{
  "success": false,
  "error": "The days parameter must be an integer between 1 and 30."
}

Invalid Data Type

{
  "success": false,
  "error": "Invalid data type. Allowed values are: 'all', 'stealer', 'combolist'."
}

Invalid Query Format

{
  "success": false,
  "error": "Invalid query format. It should be a valid domain or subdomain."
}

Curl Example

curl -X POST https://api.whiteintel.io/get_last_leaks.php \
  -H "Content-Type: application/json" \
  -H "apikey: YOUR_API_KEY_HERE" \
  -d '{
    "query": "example.com",
    "data_type": "all",
    "breach_type": "all",
    "limit": 1000,
    "page": 1,
    "days": 3
}'

🛡️ Notes

For large exports or automated monitoring, paginate using page and manage limits responsibly.
Always sanitize and securely store the returned results.

PreviousOverall Stats API NextCombolists API

Last updated 17 days ago

POST /get_last_leaks.php Content-Type: application/json { "apikey": "your api key", "query": "example.com", "data_type": "all", "breach_type": "all", "limit": 1000, "page": 1, "days": 3 }

{ "success": true, "remaining_daily_calls": 100, "results": [ { "data_type": "stealer", "breach_type": "corporate", "url": "https://example.com/login", "username": "admin@example.com", "password": "plaintext_or_hash", "log_date": "2025-04-29 10:15:00", "hostname": "DESKTOP-1234", "ip": "185.12.34.56", "malware_path": "C:\malware\stealer.exe", "anti_virus": "Windows Defender" }, { "data_type": "combolist", "breach_type": "consumer" "url": "https://example.com/login", "username": "user@example.com", "password": "123456", "log_date": "2025-04-28 23:02:00" } ] }

curl -X POST https://api.whiteintel.io/get_last_leaks.php \ -H "Content-Type: application/json" \ -H "apikey: YOUR_API_KEY_HERE" \ -d '{ "query": "example.com", "data_type": "all", "breach_type": "all", "limit": 1000, "page": 1, "days": 3 }'