Search
The search endpoint allows you to search for results in the index and get results as endpoint.
GET /search
Parameters
| name | placement | comment |
|---|---|---|
| accept | header | Must be set to application/json |
| api-key | header | Your API key |
| scope | url parameter | Must be either service or leak |
| q | url parameter | Must be an url encoded search query |
| page | url parameter | Indicates the page to start at, default is 0 |
Curl example
1curl -H 'accept: application/json' "https://leakix.net/search?scope=leak&page=0&q=searchquery"
Successful response
Receiving 200 means the request was successful and array of l9events is returned :
1[
2 {
3 "event_type": "leak",
4 "event_source": "DotDsStoreOpenPlugin",
5 "event_pipeline": [
6 "ip4scout",
7 "l9tcpid",
8 "l9explore",
9 "l9dnsextract",
10 "l9tcpid",
11 "l9explore",
12 "DotDsStoreOpenPlugin"
13 ],
14 "event_fingerprint": "5f32cf5d6962f09c026392ab026392ab2102d61cba3ab5c5373bc7624ba0ddeb",
15 "ip": "206.189.154.196",
16 "host": "www.ossphinc.com",
17 "reverse": "",
18 "port": "443",
19 "mac": "",
20 "vendor": "",
21 "transport": [
22 "tcp",
23 "tls",
24 "http"
25 ],
26 "protocol": "https",
27 "http": {
28 "root": "",
29 "url": "/",
30 "status": 200,
31 "length": 0,
32 "header": {
33 "content-type": "text/html; charset=UTF-8",
34 "server": "Apache/2.4.18 (Ubuntu)"
35 },
36 "title": "OSSPHincOpenSource Support",
37 "favicon_hash": ""
38 },
39 "summary": "Found 7 files trough .DS_Store spidering:\n\n/images\n/images/client\n/images/header\n/sched\n/sched/includes\n/sms\n/videos",
40 "time": "2021-08-14T16:57:04.387052639Z",
41 "ssl": {
42 "detected": false,
43 "enabled": true,
44 "jarm": "29d29d15d29d29d21c29d29d29d29dc7639a2c8ee8049d85e08031e30b69d9",
45 "cypher_suite": "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256",
46 "version": "TLSv1.2",
47 "certificate": {
48 "cn": "ossphinc.com",
49 "domain": [
50 "ossphinc.com",
51 "www.ossphinc.com",
52 "ossphinc.com",
53 "www.ossphinc.com"
54 ],
55 "fingerprint": "2a3515620c31ff811d6e6e4e7599213fbe9bec5e35dedd9ac7b4d03d25484db2",
56 "key_algo": "RSA",
57 "key_size": 2048,
58 "issuer_name": "R3",
59 "not_before": "2021-07-19T01:07:26Z",
60 "not_after": "2021-10-17T01:07:24Z",
61 "valid": true
62 }
63 },
64 "ssh": {
65 "fingerprint": "",
66 "version": 0,
67 "banner": "",
68 "motd": ""
69 },
70 "service": {
71 "credentials": {
72 "noauth": false,
73 "username": "",
74 "password": "",
75 "key": "",
76 "raw": null
77 },
78 "software": {
79 "name": "Apache",
80 "version": "2.4.18",
81 "os": "Ubuntu",
82 "modules": null,
83 "fingerprint": ""
84 }
85 },
86 "leak": {
87 "stage": "open",
88 "type": "",
89 "severity": "low",
90 "dataset": {
91 "rows": 0,
92 "files": 7,
93 "size": 0,
94 "collections": 0,
95 "infected": false,
96 "ransom_notes": null
97 }
98 },
99 "tags": null,
100 "geoip": {
101 "continent_name": "Asia",
102 "region_iso_code": "",
103 "city_name": "Singapore",
104 "country_iso_code": "SG",
105 "country_name": "Singapore",
106 "region_name": "",
107 "location": {
108 "lat": 1.3078,
109 "lon": 103.6818
110 }
111 },
112 "network": {
113 "organization_name": "DIGITALOCEAN-ASN",
114 "asn": 14061,
115 "network": "206.189.0.0/16"
116 }
117 }
118]
Rate limiting
All requests to LeakIX.net's API are limited at ~1 request per second.
If the limit is reached, the API will return a 429 http status code and a x-limited-for header.
The client MUST wait for the duration of x-limited-for before the next request.
1HTTP/1.1 429 Rate-limited
2Date: Mon, 27 Jul 2009 12:28:53 GMT
3x-limited-for: 344.24ms