Skip to main content
GET
/
v1
/
leaks
/
stats
/
email
Get leak statistics for an email (Public)
curl --request GET \
  --url https://api.projectdiscovery.io/v1/leaks/stats/email \
  --header 'X-API-Key: <api-key>'
{
  "leak_devices_count": [
    {
      "devices": 123
    }
  ],
  "leak_customers_count": [
    {
      "customers": 123
    }
  ],
  "leak_user_count": [
    {
      "user": 123
    }
  ],
  "leak_employees_count": [
    {
      "employees": 123
    }
  ],
  "combolist_exposure": [
    {
      "combolist_exposure": 123
    }
  ],
  "leak_country_stats": [
    {
      "Country": "<string>",
      "CredentialsCount": 123
    }
  ],
  "top_used_urls_by_customers": [
    {
      "count": 123,
      "url": "<string>"
    }
  ],
  "top_used_urls_by_employees": [
    {
      "count": 123,
      "url": "<string>"
    }
  ],
  "top_used_urls_by_user": [
    {
      "count": 123,
      "url": "<string>"
    }
  ],
  "leak_customers_timeline": [
    {
      "CredentialsCount": 123,
      "Month": 123,
      "Year": 123
    }
  ],
  "leak_user_timeline": [
    {
      "CredentialsCount": 123,
      "Month": 123,
      "Year": 123
    }
  ],
  "leak_employees_timeline": [
    {
      "CredentialsCount": 123,
      "Month": 123,
      "Year": 123
    }
  ],
  "customers_sample_data": [
    {
      "password": "<string>",
      "username": "<string>",
      "url": "<string>",
      "country": "<string>",
      "log_date": "<string>"
    }
  ],
  "employees_sample_data": [
    {
      "password": "<string>",
      "username": "<string>",
      "url": "<string>",
      "country": "<string>",
      "log_date": "<string>"
    }
  ],
  "user_sample_data": [
    {
      "password": "<string>",
      "username": "<string>",
      "url": "<string>",
      "country": "<string>",
      "log_date": "<string>"
    }
  ]
}

Documentation Index

Fetch the complete documentation index at: https://docs.projectdiscovery.io/llms.txt

Use this file to discover all available pages before exploring further.

Overview

Get statistical information about leaks associated with any email address. This is a public endpoint that doesn’t require authentication, making it ideal for quick breach checks and self-service monitoring.
Public Endpoint: No authentication required. You can check leak statistics for any email address.

Query Parameters

ParameterTypeDescription
emailstringRequired. The email address to get leak statistics for

Response Structure

The response provides comprehensive statistics about leaks for the specified email: 
{
  "email": "user@example.com",
  "total_leaks": 25,
  "leak_classification": {
    "personal_leaks": 15,
    "employee_leaks": 8,
    "customer_leaks": 2
  },
  "recent_activity": {
    "last_30_days": 3,
    "last_7_days": 1
  },
  "compromised_services": [
    {
      "service": "facebook.com",
      "count": 8,
      "last_seen": "2023-03-15T10:30:00Z"
    },
    {
      "service": "linkedin.com",
      "count": 5,
      "last_seen": "2023-02-28T14:20:00Z"
    }
  ],
  "risk_timeline": [
    {
      "date": "2023-03",
      "new_leaks": 3
    },
    {
      "date": "2023-02", 
      "new_leaks": 5
    }
  ]
}

Data Fields Explained

FieldDescription
emailThe email address these statistics apply to
total_leaksTotal number of leaks found for this email
leak_classificationBreakdown by leak type (personal, employee, customer)
recent_activityNew leak discovery in recent time periods
compromised_servicesServices where this email was found in leaks
risk_timelineHistorical trend of leak discovery

Usage Examples

Check email breach status

curl -X GET "https://api.projectdiscovery.io/v1/leaks/stats/email?email=user@example.com"
No API key or authentication header is required for this endpoint.

Use Cases

Personal Breach Check

Allow users to quickly check if their email has been involved in any credential leaks.

Self-Service Monitoring

Build breach notification tools that let users check their own exposure without requiring account creation.

Security Awareness

Integrate into security training tools to show employees their personal exposure risk.

Best Practices

  • Cache results appropriately to minimize API calls
  • Use this for summary data; detailed leak information requires authenticated endpoints
  • Consider rate limiting when building user-facing applications
  • Combine with the domain stats endpoint for comprehensive organizational monitoring

Authorizations

X-API-Key
string
header
required

Query Parameters

email
string

Email to get stats for

unmask_email
boolean

Response

OK

leak_devices_count
DevicesCount · object[]
leak_customers_count
CustomersCount · object[]
leak_user_count
UsersCount · object[]
leak_employees_count
EmployeesCount · object[]
combolist_exposure
CombolistExposureCount · object[]
leak_country_stats
LeakCountryStats · object[]
top_used_urls_by_customers
UsedUrlsCount · object[]
top_used_urls_by_employees
UsedUrlsCount · object[]
top_used_urls_by_user
UsedUrlsCount · object[]
leak_customers_timeline
LeaksTimeline · object[]
leak_user_timeline
LeaksTimeline · object[]
leak_employees_timeline
LeaksTimeline · object[]
customers_sample_data
LeaksUsersSampleData · object[]
employees_sample_data
LeaksUsersSampleData · object[]
user_sample_data
LeaksUsersSampleData · object[]