Skip to content

API

The eCrime.ch API is available at:

https://ecrime.ch/api/v1/

Use the API to pull ransomware and leak-site events, retrieve enriched event details, search indexed leaked file lines, list actor and leak-site intelligence, work with screenshots, and inspect torrent-monitoring observations.

All protected endpoints use the X-API-Key header.

X-API-Key: <your-api-key>

Keep API keys server-side. Do not place keys in browser-side JavaScript, public repositories, shared screenshots, or support tickets.

API responses use a common JSON envelope:

{
"status": "200",
"message": "OK",
"date": 1688913844,
"results": 1,
"data": []
}

The data field contains endpoint-specific objects. Empty successful responses return an empty array.

The machine-readable API contract is available at:

https://ecrime.ch/help/api/openapi.yaml

The OpenAPI file describes the live https://ecrime.ch/api/v1/ API surface for tooling, validation, and generated client integrations.