IP Object

The IP object is returned in the IP API as well various datasets: VPN, Tor, etc.

Object Information

Address and Version

The address and ip_version are the required fields in the IP Object. Other fields may or not be present.

Anycast Detection

The is_anycast flag will appear if the IP address is using Anycast.

Bogon Detection

The is_bogon flag will appear if the IP address is using considered an Internet bogon.

Shared/Shared Score

The shared_score provides information on IP sharing amongst different applications. Every IP is given a score from 0 (dedicated) to 100 (shared). This score is published in the shared_score field.

Score Description
-1 Analysis has not been completed.
0-10 Dedicated IP detected: dedicated network ASNs, IP certificate matches, reverse DNS matches.
10-20 Dedicated IP detected, high probability.
20-40 Dedicated IP detected, but possibility of sharing detected through heuristics / machine learning.
40-60 Gah. This often happens when IPs are churned (dedicated to one app, then later dedicated to a different app).
60-80 Shared IP detected, but possibility that it is dedicated.
80-90 Shared IP detected, high probability.
90-100 Shared IP detected: raw Netify intelligence data confirms sharing.

rDNS / Reverse DNS

The rdns JSON block provides the hostname (reverse DNS lookup) of the IP. Details: rDNS property.

TLS Certificate

The tls_certificate field provides the common name of the IP's primary TLS certificate, along with the associated application (if any). Details: TLS certificate property.

Platform - CDN / Hosting / SaaS

The platform JSON block provides the platform related to the IP. "Platform" is a generic term we use for a CDN, hosting, and SaaS providers. The JSON format is identical to the application property.

Network

The network JSON block provides the network related to the IP. The format is identical to the application property.

FAQ: What is a Network?

PoP

The pop JSON block provides the point-of-presence (PoP) for the IP. PoP property.

ASN and ASN Route

The asn_route and asn (Autonomous System Number) provides the ASN information for the IP. Details: ASN property.

Geolocation

The geolocation JSON block provides location information for the IP. Details: geolocation property.

Application List

The application_list JSON property provides a list of active applications on the IP. Many IPs are dedicated to a single application, so only one application will be listed. Details: application property.

Hostnames

The hostnames property provides a simple list of known application hostnames on the IP. If you would like more details on a hostname provided in the list, you can use the hostname API to retrieve details.

Mobile Gateway

If the IP hosts a mobile gateway, the mobile_gateway JSON property is provided. Details: mobile gateway property.

Tor

If the IP hosts a Tor server, the tor JSON property is provided. Details: Tor property.

VPN List

If the IP hosts at least one VPN service, the vpn_list property is provided. Most servers are dedicated to one VPN service, but there are some cases where different brands are serviced by a single IP. Details: VPN property.

Speed Test List

If the IP hosts at least one speed test server, the speedtest_list property is provided. Most servers are dedicated to one speed test server, but there are some cases where multiple servers are on one IP. Details: speed test property.

IP Object - JSON Overview

"ip": {
    "address": "13.55.4.2",
    "version": "ipv4",
    "shared_score": 95,
    "is_bogon": true,
    "is_anycast": true,

    // Properties
    { rDNS Property },
    { TLS Certificate Property },
    { Platform Property },
    { Network Property },
    { PoP Property },
    "asn_route": "13.54.0.0/15",
    { ASN Property },
    { Geolocation Property },
    { Mobile Gateway Property },
    { Tor Property },

    // Property Lists
    "application_list": [
        { Application Property },
        { Application Property },
        ...
    ],
    "speedtest_list": [
        { Speed Test Property },
        { Speed Test Property },
        ...
    ],
    "vpn_list": [
        { VPN Property },
        { VPN Property },
        ...
    ],
    "hostnames": [
        "www.example.com",
        ...
    ],
}

IP Object - JSON Example

"ip": {
   "address": "13.55.4.2",
   "version": "ipv4",
   "shared_score": 95,
   "is_bogon": true,
   "is_anycast": true,
   "rdns": {
      "hostname": "ec2-13-55-4-2.ap-southeast...",
      { Application Object for rDNS hostname }
   },
   "tls_certificate": {
      "common_name": "t.nc0.co",
      { Application Object for TLS common name }
   },
   "platform": {
      "id": 10843,
      "tag": "ensighten",
      "label": "Ensighten",
      "description": "Ensighten is a ...",
      ...
   },
   "network": {
     "id": 10091,
     "tag": "amazon-aws",
     "label": "Amazon AWS",
     "category": {
        "id": 36,
        "tag": "hosting",
        "label": "Hosting"
     },
     "favicon": "https://static.netify.ai...",
     "icon": "https://static.netify.ai...",
     "logo": "https://static.netify.ai...",
     ...
   },
   "pop": {
      "id": 80,
      "label": "Asia Pacific (Sydney)",
      "internal_tag": "ap-southeast-2",
   },
   "asn_route": "13.54.0.0/15",
   "asn": {
      "tag": "AS16509",
      "label": "Amazon.com Inc",
      "entity": {
         "id": 178,
         "tag": "amazon",
         "label": "Amazon",
         "category": {
            "id": 5,
            "tag": "business",
            "label": "Business"
         }
         ...
      }
   },
   "geolocation": {
      "city": {
         "geoname_id": 2147714,
         "label": "Sydney"
      },
      "region": {
         "geoname_id": 2155400,
         "label": "New South Wales"
      },
      "country": {
         "code": "AU",
         "label": "Australia"
      },
      "coordinates": {
         "scale": "city",
         "latitude": "-33.87150",
         "longitude": "151.20060"
      }
   }
}

Integration and Custom Solutions

Do you have any questions about integration, APIs or custom development?

Contact Us