Skip to main content
The LeakCheck API lets you check whether an identifier — an email address, username, phone number, domain or password hash — appears in known data breaches and info-stealer logs. There are two APIs:
  • Pro API v2 — authenticated with an API key. Returns full breach records (including passwords and all leaked fields), supports every search type and pagination. Available on paid plans.
  • Public API — no authentication required. Returns only the list of breach sources and the categories of exposed data, never the data itself. Free, including commercial use.

Pro API vs Public API

Pro API v2Public API
Search by e-mail, username
Sources display
Passwords display
Full data exposure
Allowed RPS3 (upgradeable)1
Search by password, domain name✅ (from Enterprise)
Pricingfrom $9.99/mofree

Base URLs

Pro API v2:  https://leakcheck.io/api/v2
Public API:  https://leakcheck.io/api/public

Quick start

curl "https://leakcheck.io/api/v2/query/example@example.com" \
  -H "Accept: application/json" \
  -H "X-API-Key: $LEAKCHECK_APIKEY"

Pro API v2 lookup

The main query endpoint: request, response and pagination.

Search types

Everything you can search by, from emails to info-stealer origins.

Public API

Free breach-source lookups without an API key.

Python wrapper & CLI

Official leakcheck package on PyPI, with a CLI tool included.

Commercial usage

You are free to use the Public API for commercial purposes — the only requirement is a “Powered by LeakCheck” link on your website (see Public API terms). If you wish to use the Pro API commercially, please contact our support team at the@leakcheck.net and describe your project.