Threat intelligence API Docs Pricing Blog Contact us

Threat intelligence analysis docs

IP resolutions

Analyzes domain's IP addresses and their geographical distribution and performs reverse IP lookup.

Main infrastructure servers

Type: Info

List of the IP addresses the target domain name is resolved to, considering the domain's name servers, mail servers and subdomains. To build a report for one of the domains, click "Build report".

Output column
Sample output
What it means?
Domain name google.com The IP resolution search term
Kind web The kind of the resource. The available resource kinds list is provided below.
IPv4 127.0.0.1 The resource's IPv4 address

Available resource kinds:

Indicator
What it means?
web The target website
www.web The WWW subdomain if exists
Subdomain

If the target website is a subdomain having an 'A' record, TIP shows all the subdomains which also have 'A' records.

Example: for sub1.sub2.example.com TIP checks IP resolution sub1.sub2.example.com,sub2.example.com and example.com

MX Mail exchanger server (see 'mail servers' section)
NS Name server (see 'name servers' section)

Other domains on the same IP

Type: Info

List of the domains which resolved to the same IP as the target website. To build a report for one of the domains, click "Build report".

Output column
Sample output
What it means?
Domain name google.com The domain name which is resolved to the same IP address.

IP distribution

Type: Info

Shows the map with the geographical distribution of the IP addresses related to the target website.

Indicator
What it means?
web The target website
www.web The WWW subdomain if exists
Subdomain

If the target website is a subdomain having an 'A' record, TIP shows all the subdomains which also have 'A' records.

Example: for sub1.sub2.example.com TIP checks IP resolution sub1.sub2.example.com,sub2.example.com and example.com

Connected domains The domain is referenced from the target website (see "Website analysis" section)
MX Mail exchanger server (see "mail servers" section)
NS Name server (see "name servers" section)

Example output:

map

To see an IP geo and subnet information, click any marker on the map.

map

Geo IP information block:

Output column
Sample output
What it means?
Domain name google.com The domain name connected to the selected IP.
Post Address USA California Los Angeles 90001 The possible postal address where the selected IP is registered.
Coordinates 34''3.13338'/118''14.6208' The latitude and the longitude corresponding to the selected IP.
Time zone GMT-8 Timezone of the selected IP.

Subnet information block:

Output column
Sample output
What it means?
Network name IANA-BLK The name of a range of IP address space.
IP block 0.0.0.0 - 255.255.255.255 The range of IP address space, which the target IP address belongs to.
Country US Country where the IP Block is registered.
Registered on 10.10.12 IP Block registration date.
Updated on 10.10.15 IP Block last update.

Known subdomains

Type: Info

List of the known subdomains for the target domain. To build a report for one of the domains, click "Build report".

Output column
Sample output
What it means?
Domain name google.com The IP resolution search term
IPv4 74.125.23.26 The resource's IPv4 address

Connected domains

Type: Info

List of domains referenced from the target website, considering subdomains as separate domain names. These include links, external images, CSS, scripts or Iframe sources. Only unique occurrences are displayed. To build a report for one of the connected domains, click "Build report".

Indicator Sample output What it means?
Outgoing link itunes.apple.com Found links to the domain name specified. it's referenced in the <a> tag.
External JavaScript code.jquery.com Found scripts loaded from the domain name specified. In most cases, it's referenced in the <script> tag.
External image cdn.images.com Found images loaded from the domain name specified. In most cases, it's referenced in the <img> tag.
External CSS maxcdn.bootstrapcdn.com Found CSS loaded from the domain name specified. In most cases, it's referenced from the <link> tag.
Iframe source example.com Found Iframe loaded from the domain name specified. It's referenced from the <iframe> tag.
Have questions?
support@threatintelligenceplatform.com
We will get back to you within a day.
Threat Intelligence Platform, LLC

California
USA

Contact us