IPInfo

this readme file provides information and instructions on how to use the ipinfo io connector integration, which allows you to retrieve ip address information directly from the ipinfo io api ipinfo provides detailed ip address data, including geolocation and asn information, for enhanced security and analytics ipinfo is a leading provider of ip address data, offering detailed insights into ip addresses worldwide this connector allows users to retrieve comprehensive information about specific ip addresses and discover domains hosted on them by integrating ipinfo with swimlane turbine, users can enrich security events with ip intelligence, enhancing threat detection and response capabilities this integration empowers security teams to automate ip data retrieval and streamline their security workflows without writing code prerequisites before you can use the ipinfo connector for turbine, you'll need access to the ipinfo api this requires the following an ipinfo asset using the following parameter token a valid ipinfo enterprise plan token required for authentication requirements to use the ipinfo io connector integration, you will need a valid ipinfo io api key an active subscription to the ipinfo io service keep in mind that to use all possible outputs, a business subscription is needed actions the ipinfo io connector currently exposes the following actions action description api method get ip returns ip address details (geolocation, asn, company, privacy, abuse, etc ) get /{ip} hosted domains returns a list of domains hosted on the provided ip address supports pagination via page and limit requires an ipinfo enterprise plan token get /domains/{ip} api documentation for full documentation on the ipinfo io api, including detailed information on available endpoints and response formats, please refer to the official ipinfo io documentation https //ipinfo io/developers for details on the hosted domains endpoint specifically, see the hosted domains api documentation https //ipinfo io/developers/hosted domains configurations ipinfo asset ipinfo asset configuration parameters parameter description type required token the api key string required actions get ip retrieve detailed information about a specific ip address using ipinfo this action requires the ip address as input endpoint method get input argument name type required description ip string required parameter for get ip input example {"ip" "66 87 125 5"} output parameter type description status code number http status code of the response reason string response reason phrase headers object http headers for the request details object output field details details ip string output field details ip details hostname string name of the resource details city string output field details city details region string output field details region details country string output field details country details loc string output field details loc details postal string output field details postal details timezone string output field details timezone details asn object output field details asn details asn asn string output field details asn asn details asn name string name of the resource details asn domain string output field details asn domain details asn route string output field details asn route details asn type string type of the resource details company object output field details company details company name string name of the resource details company domain string output field details company domain details company type string type of the resource details carrier object output field details carrier details carrier name string name of the resource details carrier mcc string output field details carrier mcc output example {"status code" 200,"reason" "ok","headers"\ null,"details" {"ip" "66 87 125 5","hostname" "ip 66 87 125 5 spfdma spcsdns net","city" "springfield","region" "massachusetts","country" "us","loc" "42 1015, 72 5898","postal" "01101","timezone" "america/new york","asn" {"asn" "as10507","name" "sprint personal communications systems","domain" "sprint pl","route" "66 87 125 0/24","type" "isp"},"company" {"name" "t mobile usa, inc ","domain" "t mobile com","type" "isp"},"carrier" {"name" "t mobile","mcc" hosted domains retrieve a list of domains hosted on a specified ip address with pagination support requires an ipinfo enterprise plan token endpoint url /domains/{ip} method get input argument name type required description ip string required the ip address to look up hosted domains for page integer optional zero based page index used to paginate through results the page parameter is echoed back in the response when included in the request limit integer optional maximum number of domains to return per page the api caps results at 1,000 domains per ip address input example {"ip" "198 35 26 96","page" 0,"limit" 100} output parameter type description status code number http status code of the response reason string response reason phrase headers object http headers for the request response object output field response response ip string output field response ip response total number total number of domains hosted on the ip address response page number page index echoed back when the page parameter is supplied response domains array list of domains hosted on the ip address for this page output example {"status code" 200,"reason" "ok","headers"\ null,"response" {"ip" "198 35 26 96","total" 16596,"page" 0,"domains" \["wikipedia org","wikimedia org","wiktionary org"]}} response headers header description example content type the media type of the resource application/json date the date and time at which the message was originated thu, 01 jan 2024 00 00 00 gmt