IP Leaks API

The IP Leaks API allows users to infostealer related leaks attached to an IP address. The request must include the query parameter and apikey.

IP Leaks API is only available for CTI Firm licenses.

Endpoint

POST /api/get_leaks_by_ip.php

Required Headers

Name

Description

Content-Type

Must be set to application/json

Parameters

Name

Type

Required

Default

Description

apikey

string

Yes

N/A

Your API key.

query

string

Yes

N/A

IPv4 or IPv6 address to search for.

start_date

string

N/A

The start date for retrieving leaks in YYYY-MM-DD format

end_date

string

N/A

The end date for retrieving leaks in YYYY-MM-DD format

limit

int

N/A

Limits the results to given number

If no date is specified, API will return all of the results related to given IP address.

Sample Request

Request URL

POST /api/get_leaks_by_ip.php

{
    "query": "127.0.0.1",
    "apikey": "yourapikey"
}

Example Success Response

{"total_leaks":1,"remaining_daily_api_calls":980,"data":[{"url":"https:\/\/sampleurl.com\/sample_endpoint\/","username":"sampleusername","password":"sample_pass","compromised_device_ip":"IP Address","compromised_host_username":"device_username","compromised_host_hostname":"device_hostname","compromised_host_os":"Windows 10 Home Single Language [x64]","malware_path":"C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\AppLaunch.exe","country":"COUNTRY CODE","log_date":"2024-10-23"}

Example Error Response

{"error":"Missing search parameter."}

Code Examples

Example with Curl

curl -X POST https://whiteintel.io/api/get_leaks_by_ip.php \
     -H "Content-Type: application/json" \
     -d '{
           "apikey": "yourapikey",
           "query": "IP Address"
         }'

Example with Python


import requests

url = "https://whiteintel.io/api/get_leaks_by_ip.php"
payload = {
    "apikey": "yourapikey",
    "query": "IP address"
}
headers = {
    "Content-Type": "application/json"
}

response = requests.post(url, json=payload, headers=headers)

if response.status_code == 200:
    print("Response:", response.json())
else:
    print("Failed to retrieve customer leaks:", response.status_code, response.text)

Last updated 1 year ago