# IP Leaks API

{% hint style="warning" %}
IP Leaks API is only available for CTI Firm licenses.
{% endhint %}

## Endpoint

`POST /api/get_leaks_by_ip.php`

## Required Headers

| Name         | Description                       |
| ------------ | --------------------------------- |
| Content-Type | Must be set to `application/json` |

## Parameters

<table><thead><tr><th width="247">Name</th><th width="141">Type</th><th>Required</th><th>Default</th><th>Description</th></tr></thead><tbody><tr><td>apikey</td><td>string</td><td>Yes</td><td>N/A</td><td>Your API key.</td></tr><tr><td>query</td><td>string</td><td>Yes</td><td>N/A</td><td>IPv4 or IPv6 address to search for.</td></tr><tr><td>start_date</td><td>string</td><td>No</td><td>N/A</td><td>The start date for retrieving leaks in <code>YYYY-MM-DD</code> format</td></tr><tr><td>end_date</td><td>string</td><td>No</td><td>N/A</td><td>The end date for retrieving leaks in <code>YYYY-MM-DD</code> format</td></tr><tr><td>limit</td><td>int</td><td>No</td><td>N/A</td><td>Limits the results to given number</td></tr></tbody></table>

{% hint style="info" %}
If no date is specified, API will return all of the results related to given IP address.
{% endhint %}

## Sample Request

### Request URL

POST /api/get\_leaks\_by\_ip.php

```json
{
    "query": "127.0.0.1",
    "apikey": "yourapikey"
}
```

### Example Success Response

```json
{"total_leaks":1,"remaining_daily_api_calls":980,"data":[{"url":"https:\/\/sampleurl.com\/sample_endpoint\/","username":"sampleusername","password":"sample_pass","compromised_device_ip":"IP Address","compromised_host_username":"device_username","compromised_host_hostname":"device_hostname","compromised_host_os":"Windows 10 Home Single Language [x64]","malware_path":"C:\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\AppLaunch.exe","country":"COUNTRY CODE","log_date":"2024-10-23"}
```

### Example Error Response

```json
{"error":"Missing search parameter."}
```

## Code Examples

Example with Curl

```bash
curl -X POST https://whiteintel.io/api/get_leaks_by_ip.php \
     -H "Content-Type: application/json" \
     -d '{
           "apikey": "yourapikey",
           "query": "IP Address"
         }'
```

Example with Python

```python

import requests

url = "https://whiteintel.io/api/get_leaks_by_ip.php"
payload = {
    "apikey": "yourapikey",
    "query": "IP address"
}
headers = {
    "Content-Type": "application/json"
}

response = requests.post(url, json=payload, headers=headers)

if response.status_code == 200:
    print("Response:", response.json())
else:
    print("Failed to retrieve customer leaks:", response.status_code, response.text)

```