Obtain enriched data for an IPv4 address

  • Updated on May 16, 2023
  • Published on Apr 3, 2023
  • 1 minute(s) read
Prev Next

Use Silent Push's enriched IPv4 scanning to obtain enriched data types for a given IPv4 address, including (but not limited to):

  1. ASN data, including reputational scores
  2. Subnet information
  3. IP density
  4. Reputational scoring
  5. Expired certificates
  6. Open directories
  7. Location
  8. Silent Push risk score

  1. Navigate to Advanced Query Builder > Enrichment Queries > IPv4

  2. Specify an IPv4 address

  3. (Optional) Click explain to show details of data used to calculate the different scores in the response

  4. Click scan_data to show details of data collected from host scanning

  5. Click Search

Saving queries

Organizational users are able to save individual queries ran from Advanced Query Builder, and store them in the Private Queries menu for future analysis, or to share with their organization.

  1. Specify the query parameters

  2. Click Save Query

  3. Give your query a Name

  4. Specify a Description to add more context

  5. Click Save

Sample output

{
  "status_code": 200,
  "error": null,
  "response": {
    "ip2asn": [
      {
        "asn": 13335,
        "asn_allocation_age": 4655,
        "asn_allocation_date": 20100714,
        "asn_rank": 0,
        "asn_rank_score": 0,
        "asn_reputation": 0,
        "asn_reputation_explain": {},
        "asn_reputation_score": 0,
        "asn_takedown_reputation": 8,
        "asn_takedown_reputation_explain": {
          "ips_active": 302751,
          "ips_in_asn": 2464000,
          "ips_num_listed": 3,
          "items_num_listed": 3,
          "lifetime_avg": 4,
          "lifetime_max": 4,
          "lifetime_total": 12
        },
        "asn_takedown_reputation_score": 8,
        "asname": "CLOUDFLARENET, US",
        "benign_info": {
          "actor": "",
          "known_benign": false,
          "tags": []
        },
        "date": 20230412,
        "density": 529,
        "ip": "104.26.10.149",
        "ip_has_expired_certificate": false,
        "ip_has_open_directory": false,
        "ip_is_dsl_dynamic": false,
        "ip_is_dsl_dynamic_score": 0,
        "ip_is_ipfs_node": false,
        "ip_is_tor_exit_node": false,
        "ip_location": {
          "continent_code": "NA",
          "continent_name": "North America",
          "country_code": "US",
          "country_is_in_european_union": false,
          "country_name": "United States"
        },
        "ip_ptr": "",
        "ip_reputation": 0,
        "ip_reputation_explain": {},
        "ip_reputation_score": 0,
        "listing_score": 0,
        "listing_score_explain": {},
        "listing_score_feeds_explain": [],
        "malscore": 8,
        "sinkhole_info": {
          "known_sinkhole_ip": false,
          "tags": []
        },
        "sp_risk_score": 8,
        "sp_risk_score_explain": {
          "sp_risk_score_decider": "asn_takedown_reputation"
        },
        "subnet": "104.26.0.0/20",
        "subnet_allocation_age": "UNKNOWN",
        "subnet_allocation_date": "UNKNOWN",
        "subnet_reputation": 0,
        "subnet_reputation_explain": {},
        "subnet_reputation_score": 0
      }
    ]
  }
}