Search
The search endpoint allows you to search for results in the index and get results as endpoint.
GET /search
Parameters
| name | placement | comment |
|---|---|---|
| accept | header | Must be set to application/json |
| api-key | header | Your API key |
| scope | url parameter | Must be either service or leak |
| q | url parameter | Must be an url encoded search query |
| page | url parameter | Indicates the page to start at, default is 0 |
Curl example
1curl -H 'accept: application/json' "https://leakix.net/search?scope=leak&page=0&q=searchquery"
Successful response
Receiving 200 means the request was successful and array of
l9events is returned :
1[
2 {
3 "event_type": "leak",
4 "event_source": "DotDsStoreOpenPlugin",
5 "event_pipeline": [
6 "ip4scout",
7 "l9tcpid",
8 "l9explore",
9 "l9dnsextract",
10 "l9tcpid",
11 "l9explore",
12 "DotDsStoreOpenPlugin"
13 ],
14 "event_fingerprint": "5f32cf5d6962f09c026392ab026392ab2102d61cba3ab5c5373bc7624ba0ddeb",
15 "ip": "206.189.154.196",
16 "host": "www.ossphinc.com",
17 "reverse": "",
18 "port": "443",
19 "mac": "",
20 "vendor": "",
21 "transport": ["tcp", "tls", "http"],
22 "protocol": "https",
23 "http": {
24 "root": "",
25 "url": "/",
26 "status": 200,
27 "length": 0,
28 "header": {
29 "content-type": "text/html; charset=UTF-8",
30 "server": "Apache/2.4.18 (Ubuntu)"
31 },
32 "title": "OSSPHincOpenSource Support",
33 "favicon_hash": ""
34 },
35 "summary": "Found 7 files trough .DS_Store spidering:\n\n/images\n/images/client\n/images/header\n/sched\n/sched/includes\n/sms\n/videos",
36 "time": "2021-08-14T16:57:04.387052639Z",
37 "ssl": {
38 "detected": false,
39 "enabled": true,
40 "jarm": "29d29d15d29d29d21c29d29d29d29dc7639a2c8ee8049d85e08031e30b69d9",
41 "cypher_suite": "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256",
42 "version": "TLSv1.2",
43 "certificate": {
44 "cn": "ossphinc.com",
45 "domain": [
46 "ossphinc.com",
47 "www.ossphinc.com",
48 "ossphinc.com",
49 "www.ossphinc.com"
50 ],
51 "fingerprint": "2a3515620c31ff811d6e6e4e7599213fbe9bec5e35dedd9ac7b4d03d25484db2",
52 "key_algo": "RSA",
53 "key_size": 2048,
54 "issuer_name": "R3",
55 "not_before": "2021-07-19T01:07:26Z",
56 "not_after": "2021-10-17T01:07:24Z",
57 "valid": true
58 }
59 },
60 "ssh": {
61 "fingerprint": "",
62 "version": 0,
63 "banner": "",
64 "motd": ""
65 },
66 "service": {
67 "credentials": {
68 "noauth": false,
69 "username": "",
70 "password": "",
71 "key": "",
72 "raw": null
73 },
74 "software": {
75 "name": "Apache",
76 "version": "2.4.18",
77 "os": "Ubuntu",
78 "modules": null,
79 "fingerprint": ""
80 }
81 },
82 "leak": {
83 "stage": "open",
84 "type": "",
85 "severity": "low",
86 "dataset": {
87 "rows": 0,
88 "files": 7,
89 "size": 0,
90 "collections": 0,
91 "infected": false,
92 "ransom_notes": null
93 }
94 },
95 "tags": null,
96 "geoip": {
97 "continent_name": "Asia",
98 "region_iso_code": "",
99 "city_name": "Singapore",
100 "country_iso_code": "SG",
101 "country_name": "Singapore",
102 "region_name": "",
103 "location": {
104 "lat": 1.3078,
105 "lon": 103.6818
106 }
107 },
108 "network": {
109 "organization_name": "DIGITALOCEAN-ASN",
110 "asn": 14061,
111 "network": "206.189.0.0/16"
112 }
113 }
114]
Rate limiting
All requests to LeakIX.net's API are limited at ~1 request per second.
If the limit is reached, the API will return a 429 http status code and a
x-limited-for header.
The client MUST wait for the duration of x-limited-for before the next
request.
1HTTP/1.1 429 Rate-limited
2Date: Mon, 27 Jul 2009 12:28:53 GMT
3x-limited-for: 344.24ms