This user-friendly API quickly checks if an email address has been involved in any known data
breaches. It searches a comprehensive database of breaches and alerts you if the email is at risk.
This tool is invaluable for maintaining digital security and understanding the breach history of an
email. It's a step towards better digital safety and awareness.
Example of Successful Breach Detection: When a breach is detected, you'll receive a JSON response like this:https://api.xposedornot.com/v1/check-email/[[email protected]]
{ "breaches": [ [ "Tesco", "KiwiFarms", "Vermillion", "Verified", "LizardSquad", "2fast4u", "Autotrader", "MyRepoSpace", "SweClockers" ] ] }The response is in JSON format, making it simple to parse with any scripting language. This lets you easily integrate the data into your applications.
{"Error":"Not found"}
Our API offers an in-depth analysis of an email address's data breach history. It reveals when and where breaches occurred, providing essential analytics to gauge the impact and severity of these incidents. This tool is key for understanding data exposure levels and enhancing security strategies.
https://api.xposedornot.com/v1/breach-analytics?email=[email-address]
The API responds with two possible outcomes: success or failure. Below are the key components of a successful response:
This comprehensive suite of analytics tools offers a deep dive into the data breach history of any email, providing the insights needed for better digital security management.
{ "BreachMetrics": { "get_details": [], "industry": [ [ [ "elec", 1 ], [ "misc", 0 ], [ "mini", 0 ], [ "musi", 0 ], [ "manu", 0 ], [ "ener", 0 ], [ "news", 0 ], [ "ente", 0 ], [ "hosp", 0 ], [ "heal", 0 ], [ "food", 0 ], [ "phar", 0 ], [ "educ", 0 ], [ "cons", 0 ], [ "agri", 0 ], [ "tele", 0 ], [ "info", 0 ], [ "tran", 0 ], [ "aero", 0 ], [ "fina", 0 ], [ "reta", 0 ], [ "nonp", 0 ], [ "govt", 0 ], [ "spor", 0 ], [ "envi", 0 ] ] ], "passwords_strength": [ { "EasyToCrack": 0, "PlainText": 0, "StrongHash": 1, "Unknown": 0 } ], "risk": [ { "risk_label": "Low", "risk_score": 3 } ], "xposed_data": [ { "children": [ { "children": [ { "colname": "level3", "group": "A", "name": "data_Usernames", "value": 1 } ], "colname": "level2", "name": "👤 Personal Identification" }, { "children": [ { "colname": "level3", "group": "D", "name": "data_Passwords", "value": 1 } ], "colname": "level2", "name": "🔒 Security Practices" }, { "children": [ { "colname": "level3", "group": "F", "name": "data_Email addresses", "value": 1 } ], "colname": "level2", "name": "📞 Communication and Social Interactions" } ] } ], "yearwise_details": [ { "y2007": 0, "y2008": 0, "y2009": 0, "y2010": 0, "y2011": 0, "y2012": 0, "y2013": 0, "y2014": 0, "y2015": 1, "y2016": 0, "y2017": 0, "y2018": 0, "y2019": 0, "y2020": 0, "y2021": 0, "y2022": 0, "y2023": 0 } ] }, "BreachesSummary": { "site": "SweClockers" }, "ExposedBreaches": { "breaches_details": [ { "breach": "SweClockers", "details": "SweClockers experienced a data breach in early 2015, where 255k accounts were exposed. As a result, usernames, email addresses, and salted hashes of passwords—which were stored using a combination of MD5 and SHA512—were disclosed. Exposed data: Usernames, Email addresses, Passwords.", "domain": "sweclockers.com", "industry": "Electronics", "logo": "Sweclockers.png", "password_risk": "hardtocrack", "references": "", "searchable": "Yes", "verified": "Yes", "xposed_data": "Usernames;Email addresses;Passwords", "xposed_date": "2015", "xposed_records": 254967 } ] }, "ExposedPastes": null, "PasteMetrics": null, "PastesSummary": { "cnt": 0, "domain": "", "tmpstmp": "" } }A few of the data points used in the BreachMetrics are as follows:
{ "Error": "Not found"}
This also means that the email searched is not found in any of the data breaches loaded in XposedOrNot.
If you're interested in checking for exposed passwords, this API is perfect for you. It provides results in two forms: successful or unsuccessful. Imagine you want to check the widely used password "123456" - this API can help.
Sample JSON output on successfully finding a matching password hash:https://passwords.xposedornot.com/v1/pass/anon/[first 10 characters of SHA3-keccak-512 hash]
{ "SearchPassAnon": { "anon": "808d63ba47", "char": "D:6;A:0;S:0;L:6", "count": "11999477", "wordlist": 0 } }
The API delivers results in a JSON format, which is more informative than a simple yes/no. This detailed output enables further analysis and enhancement of the extensive list of real-time exposed passwords.
This API is not only useful for identifying exposed passwords but also helps in developing stronger, more secure password policies.
Digits | Count of numbers |
Alphabets | Count of alphabets |
Special chars | Count of special chars |
Length | Length of the password |
1e2e9fc2002b002d75198b7503210c05a1baac4560916a3c6d93bcce3a50d7f00fd395bf1647b9abb8d1afcc9c76c289b0c9383ba386a956da4b38934417789e
adf34f3e63a8e0bd2938f3e09ddc161125a031c3c86d06ec59574a5c723e7fdbe04c2c15d9171e05e90a9c822936185f12b9d7384b2bedb02e75c4c5fe89e4d4
{ "Error": "Not found"}
The API returns a successful response in the format of JSON only.https://api.xposedornot.com/v1/breaches
{ "exposedBreaches": [ { "breachID": "APK.TW", "breachedDate": "2022-09-01T00:00:00+00:00", "domain": "apk.tw", "exposedData": [ "Email addresses", "Usernames", "Passwords", "IP addresses" ], "exposedRecords": 2457094, "exposureDescription": "APK.TW, a Taiwanese Android forum, experienced a data breach in September 2022, affecting 3.7 million members. This incident exposed usernames, email addresses, IP addresses, and passwords encrypted with salted MD5 hashes.", "industry": "Information Technology", "logo": "https://xposedornot.com/static/logos/APKTW.png", "passwordRisk": "easytocrack", "referenceURL": "", "searchable": true, "sensitive": false, "verified": true }, { "breachID": "Habibs", "breachedDate": "2021-08-01T00:00:00+00:00", "domain": "habibs.com.br", "exposedData": [ "Email addresses", "Names", "Phone numbers", "Dates of birth", "IP addresses" ], "exposedRecords": 3519666, "exposureDescription": "Habib's, a Brazilian fast food restaurant, experienced a significant data breach in August 2021, that impacted 3.5 million users, revealing personal information like email addresses, IP addresses, names, phone numbers, and dates of birth, along with CPF numbers and social media profile links. ", "industry": "Food", "logo": "https://xposedornot.com/static/logos/Habibs.png", "passwordRisk": "unknown", "referenceURL": "", "searchable": true, "sensitive": false, "verified": true }, { "breachID": "GreenGaming", "breachedDate": "2024-03-01T00:00:00+00:00", "domain": "mrgreengaming.com", "exposedData": [ "Email addresses", "IP addresses", "Geographic locations", "Usernames", "Dates of birth" ], "exposedRecords": 27142, "exposureDescription": "MrGreenGaming announced on their community forum reported a security breach due to unauthorized access via an inactive administrator account leading to a data breach on 01-Mar-2024. The intrusion led to vandalism and the potential exposure of user data, including usernames, email addresses, IP addresses at account creation, and birthdays.", "industry": "Entertainment", "logo": "https://xposedornot.com/static/logos/GreenGaming.png", "passwordRisk": "unknown", "referenceURL": "https://forums.mrgreengaming.com/topic/30151-%E2%9A%A0%EF%B8%8Fdata-breach%E2%9A%A0%EF%B8%8F/#comment-536079", "searchable": true, "sensitive": false, "verified": true }, { "breachID": "CutoutPro", "breachedDate": "2024-02-01T00:00:00+00:00", "domain": "cutout.pro", "exposedData": [ "Names", "Passwords", "Email addresses", "IP addresses" ], "exposedRecords": 20021813, "exposureDescription": "Cutout.Pro, an AI-powered photo editing platform, experienced a data breach affecting 20 million users. Information exposed includes email addresses, hashed passwords, IP addresses, and names. A cybercriminal posted 5.93 GB of data on hacker forum, including a 41.4 million record database dump with unique email addresses.", "industry": "Information Technology", "logo": "https://xposedornot.com/static/logos/Cutout.pro.png", "passwordRisk": "easytocrack", "referenceURL": "https://www.bleepingcomputer.com/news/security/20-million-cutoutpro-user-records-leaked-on-data-breach-forum/", "searchable": true, "sensitive": false, "verified": true }, and so on...
https://api.xposedornot.com/v1/breaches?domain=[twitter.com]
{ "Exposed Breaches": [ { "Breach ID": "Twitter-Scraped", "Breached Date": "2021-01-01T00:00:00+00:00", "Domain": "twitter.com", "Exposed Data": "Usernames;Email addresses;Names;Geographic locations;Profile photos;Phone numbers", "Exposed Records": 208918735, "Exposure Description": "\"The \"\"Twitter Email Addresses Leak\"\" involves a data leak of over 200 million Twitter user profiles around 2021. The leak includes email addresses, names, screen names, follow counts, and account creation dates. The data was obtained through a Twitter API vulnerability that allowed the input of email addresses and phone numbers to confirm their association with Twitter IDs.\"", "Industry": "Information Technology", "Logo": "Twitter.png", "Password Risk": "unknown", "Searchable": "Yes", "Sensitive": "No", "Verified": "Yes" } ], "status": "success" }The API returns a successful response in the format of JSON only.
This is a POST request and requires the valid API key to be included in the header with the key 'x-api-key'. This endpoint does not accept any request body, hence, the content length header should be set to '0'.https://api.xposedornot.com/v1/domain-breaches/
The response of the API is in JSON format. The main key 'metrics' contains details about the breach. Below are the description of each sub-key in 'metrics':curl -L -X POST -H "x-api-key: 2a447449965fe2b3f1729b65ee94197d" -H "Content-Length: 0" https://api.xposedornot.com/v1/domain-breaches/
{ "metrics": { "Breach_Summary": { "AerServ": 1 }, "Breaches_Details": [ { "breach": "AerServ", "domain": "xposedornot.com", "email": "[email protected]" } ], "Detailed_Breach_Info": { "AerServ": { "breached_date": "Tue, 01 Apr 2014 00:00:00 GMT", "logo": "Aerserv.png", "password_risk": "plaintext", "searchable": "Yes", "xposed_data": "Email Addresses", "xposed_records": 64777, "xposure_desc": "AerServ, an ad management platform, experienced a data breach in April 2018. This incident occurred after its acquisition by InMobi and affected more than 64,000 unique email addresses. The exposed data included contact information and passwords, which were stored as salted SHA-512 hashes. Later in 2018, the breached data was publicly posted on Twitter, prompting InMobi to acknowledge the incident " } }, "Domain_Summary": { "xposedornot.com": 1 }, "Top10_Breaches": { "AerServ": 1 }, "Yearly_Metrics": { "2010": 0, "2011": 0, "2012": 0, "2013": 0, "2014": 1, "2015": 0, "2016": 0, "2017": 0, "2018": 0, "2019": 0, "2020": 0, "2021": 0, "2022": 0, "2023": 0 } }, "status": "success" }Error Handling: In case of an invalid or missing API key, the response would be as follows:
{ "message":"Invalid or missing API key", "status":"error" }The message field will contain a description of the error, and the status field will contain the string "error" to indicate that an error has occurred.
Code | Description |
---|---|
200 | Success will output JSON response |
401 | Invalid/un-authorised API key |
404 | Error in input ( no data found ) |
429 | Speed throttle hit - time to slow down |
502/503 | Server fault - Totally my problem to fix. Please shout across, if you see this ;) |