Skip to main content
GET
/
v1
/
leaks
/
stats
/
email
Get leak statistics for an email address
curl --request GET \
  --url https://api.projectdiscovery.io/v1/leaks/stats/email \
  --header 'X-API-Key: <api-key>'
{
  "leak_devices_count": [
    {
      "devices": 123
    }
  ],
  "leak_customers_count": [
    {
      "customers": 123
    }
  ],
  "leak_user_count": [
    {
      "user": 123
    }
  ],
  "leak_employees_count": [
    {
      "employees": 123
    }
  ],
  "combolist_exposure": [
    {
      "combolist_exposure": 123
    }
  ],
  "leak_country_stats": [
    {
      "Country": "<string>",
      "CredentialsCount": 123
    }
  ],
  "top_used_urls_by_customers": [
    {
      "count": 123,
      "url": "<string>"
    }
  ],
  "top_used_urls_by_employees": [
    {
      "count": 123,
      "url": "<string>"
    }
  ],
  "top_used_urls_by_user": [
    {
      "count": 123,
      "url": "<string>"
    }
  ],
  "leak_customers_timeline": [
    {
      "CredentialsCount": 123,
      "Month": 123,
      "Year": 123
    }
  ],
  "leak_user_timeline": [
    {
      "CredentialsCount": 123,
      "Month": 123,
      "Year": 123
    }
  ],
  "leak_employees_timeline": [
    {
      "CredentialsCount": 123,
      "Month": 123,
      "Year": 123
    }
  ],
  "customers_sample_data": [
    {
      "password": "<string>",
      "username": "<string>",
      "url": "<string>",
      "country": "<string>",
      "log_date": "<string>"
    }
  ],
  "employees_sample_data": [
    {
      "password": "<string>",
      "username": "<string>",
      "url": "<string>",
      "country": "<string>",
      "log_date": "<string>"
    }
  ],
  "user_sample_data": [
    {
      "password": "<string>",
      "username": "<string>",
      "url": "<string>",
      "country": "<string>",
      "log_date": "<string>"
    }
  ]
}

Overview

Get statistical information about leaks associated with a specific email address. This endpoint provides aggregate data for personal leak monitoring and analysis.
This endpoint is primarily used for personal email leak statistics. For organizational monitoring, consider using the domain stats endpoint instead.

Query Parameters

ParameterTypeDescription
emailstringRequired. The email address to get leak statistics for
unmask_emailbooleanWhether to unmask email addresses in the response

Response Structure

The response provides comprehensive statistics about leaks for the specified email: 
{
  "email": "user@example.com",
  "total_leaks": 25,
  "open_leaks": 18,
  "fixed_leaks": 7,
  "leak_classification": {
    "personal_leaks": 15,
    "employee_leaks": 8,
    "customer_leaks": 2
  },
  "recent_activity": {
    "last_30_days": 3,
    "last_7_days": 1
  },
  "compromised_services": [
    {
      "service": "facebook.com",
      "count": 8,
      "last_seen": "2023-03-15T10:30:00Z"
    },
    {
      "service": "linkedin.com",
      "count": 5,
      "last_seen": "2023-02-28T14:20:00Z"
    }
  ],
  "risk_timeline": [
    {
      "date": "2023-03",
      "new_leaks": 3,
      "fixed_leaks": 1
    },
    {
      "date": "2023-02", 
      "new_leaks": 5,
      "fixed_leaks": 2
    }
  ]
}

Data Fields Explained

FieldDescription
emailThe email address these statistics apply to
total_leaksTotal number of leaks found for this email
open_leaksNumber of leaks that haven’t been marked as fixed
fixed_leaksNumber of leaks marked as remediated
leak_classificationBreakdown by leak type (personal, employee, customer)
recent_activityNew leak discovery in recent time periods
compromised_servicesServices where this email was found in leaks
risk_timelineHistorical trend of leak discovery and remediation

Usage Examples

Get basic email stats

curl -X GET "https://api.projectdiscovery.io/v1/leaks/stats/email?email=user@example.com" \
  -H "Authorization: Bearer YOUR_API_KEY"

Get stats with unmasked emails

curl -X GET "https://api.projectdiscovery.io/v1/leaks/stats/email?email=user@example.com&unmask_email=true" \
  -H "Authorization: Bearer YOUR_API_KEY"

Privacy Considerations

Access Control

  • You can only access stats for emails you’re authorized to view
  • Personal emails: accessible to the account owner
  • Employee emails: requires domain verification

Data Sensitivity

  • Email statistics may reveal sensitive information about user behavior
  • Consider data retention policies for stored statistics
  • Implement appropriate access controls in your applications

Best Practices

Regular Monitoring

  • Check email stats periodically for accounts under your management
  • Set up alerts for new leak discoveries
  • Track remediation progress to ensure security improvements

Integration Tips

  • Use this endpoint for summary dashboards and reports
  • Combine with detailed leak endpoints for comprehensive security monitoring
  • Cache results appropriately to minimize API usage

Security Recommendations

  • Encourage users to fix open leaks promptly
  • Provide guidance on changing passwords for compromised services
  • Monitor trends to identify systemic security issues

Authorizations

X-API-Key
string
header
required

Query Parameters

email
string

Email to get stats for

unmask_email
boolean

Response

OK

leak_devices_count
DevicesCount · object[]
leak_customers_count
CustomersCount · object[]
leak_user_count
UsersCount · object[]
leak_employees_count
EmployeesCount · object[]
combolist_exposure
CombolistExposureCount · object[]
leak_country_stats
LeakCountryStats · object[]
top_used_urls_by_customers
UsedUrlsCount · object[]
top_used_urls_by_employees
UsedUrlsCount · object[]
top_used_urls_by_user
UsedUrlsCount · object[]
leak_customers_timeline
LeaksTimeline · object[]
leak_user_timeline
LeaksTimeline · object[]
leak_employees_timeline
LeaksTimeline · object[]
customers_sample_data
LeaksUsersSampleData · object[]
employees_sample_data
LeaksUsersSampleData · object[]
user_sample_data
LeaksUsersSampleData · object[]