API

This section describes how to use the API and the format of returned data.

Endpoints

GET /json

Performs a search in the index and returns the results as JSON documents.

Parameters
  • q can be used to specify a search query as described by the syntax and field documentation.
  • start can be used to specify the number of results to skip, 20 results are shown by request.
Example
curl https:/files.leakix.net/json?q=filename:backup
Response
  • status will contain success if the request was successful
  • data will contain a array of results
Schema
{
  "status": "success",
  "data": [
    {
      "host": "mail.schreinergoods.com",
      "ip": "173.254.94.127",
      "last-updated": "2023-02-23T12:39:40.310511733Z",
      "url": "https://mail.schreinergoods.com:443/php.ini.php-upgrade-backup",
      "filename": "php.ini.php-upgrade-backup",
      "extension": "php-upgrade-backup",
      "size": 67050,
      "content-type": "",
      "sha1": "18f8ba8ebf0ea07a4e52cf6529dcd0b8b0c84eee",
      "sha256": "eaafe5442b92e078ff0f08214038971f5ae98439ca00dd966c2cfc441b7232df",
      "last-modified": "2015-10-06T17:04:19Z",
      "geoip": {
        "country_name": "United States",
        "country_iso_code": "US"
      },
      "network": {
        "organization_name": "UNIFIEDLAYER-AS-1",
        "asn": 46606
      },
      "infected": false,
      "signature": [],
      "infection": null
    },
    {
      "host": "mail.schreinergoods.com",
      "ip": "173.254.94.127",
      "last-updated": "2023-02-23T12:39:18.423385415Z",
      "url": "http://mail.schreinergoods.com:80/php.ini.php-upgrade-backup",
      "filename": "php.ini.php-upgrade-backup",
      "extension": "php-upgrade-backup",
      "size": 67050,
      "content-type": "",
      "sha1": "18f8ba8ebf0ea07a4e52cf6529dcd0b8b0c84eee",
      "sha256": "eaafe5442b92e078ff0f08214038971f5ae98439ca00dd966c2cfc441b7232df",
      "last-modified": "2015-10-06T17:04:19Z",
      "geoip": {
        "country_name": "United States",
        "country_iso_code": "US"
      },
      "network": {
        "organization_name": "UNIFIEDLAYER-AS-1",
        "asn": 46606
      },
      "infected": false,
      "signature": [],
      "infection": null
    },
    {
      "host": "192.163.224.96",
      "ip": "192.163.224.96",
      "last-updated": "2023-02-23T12:12:54.764778203Z",
      "url": "https://192.163.224.96:443/htaccess-backup-20211229",
      "filename": "htaccess-backup-20211229",
      "extension": "",
      "size": 1209,
      "content-type": "",
      "sha1": "0bb34b72f910a509510d56e4b1d6b952cb76bcc5",
      "sha256": "1956c9ddd5362f6768e3ab4a2c9ca521284dd863a116221e583d1cbe8b99d5bc",
      "last-modified": "2021-12-29T17:45:29Z",
      "geoip": {
        "country_name": "United States",
        "country_iso_code": "US"
      },
      "network": {
        "organization_name": "UNIFIEDLAYER-AS-1",
        "asn": 46606
      },
      "infected": false,
      "signature": [],
      "infection": null
    }
  ]
}

GET /download/{SHA256}.{ext}

Downloads an archived files by SHA256 and extension. We are archiving every file which might be infected.

Parameters
  • sha256 is the SHA256 checksum of the file to retrieve
  • ext is the extension of the file to retrieve
Example
wget https://files.leakix.net/download/164164956801634b8fdf7c5f1a4c1c7afcca9fbc8985f2de108061baea865acf.exe