Data Types¶
Data types represent all different entities that can be referenced (see
Object References for details) in the API response object. Each data
type defines a unique value for a type field as well as any other
type-specific fields.
IPv4 Address¶
-
IPv4 Address IPv4 address.
Object Properties: - type (string) – Type definition. Always present and has a
value of
ipv4. - address (string) – IPv4 address. Always present.
- closest_prefix (
Prefix Reference) – A reference to the smallest network prefix which contains this IP address. Always present. - prefixes (list of
Prefix Reference) – A list of references to multiple network prefixes which together represent a full prefix chain for this IP (from the smallest to 0.0.0.0/0). Always present. - reputation (list of
IP Reputation Entry) – List of IP reputation entries containing information from reputation feeds in which this IP address was observed throughout its lifespan. Always present.
- type (string) – Type definition. Always present and has a
value of
-
Prefix Reference¶ A reference to Network Prefix which contains an IP address.
Object Properties: - _ref (int) – Reference number. Always present.
-
IP Reputation Entry¶ IP reputation feed entry. Instances of this type are always located in
reputationlist ofIPv4 AddressorIPv6 Addressobjects as they are generated dynamically for a specific IP returned in the API response.Object Properties: - name (string) – Name of IP reputation feed to which this entry belongs to. Always pressent.
- current (bool) – Flag which determines whether this reputation feed entry is current (exists in a source reputation feed when the response is returned). Always present.
- first_seen (int) – Unix timestamp of when this entry was first observed. Always present.
- last_seen (int) – Unix timestamp of when this entry was last observed. Always present.
Todo
Replace IPv4 address data type example with an actual output from the API. Currently it is a stub.
Example of IPv4 Address data type instance (truncated for
clarity):
{
"type": "ipv4",
"address": "8.8.8.8",
"closest_prefix": {"_ref": 1},
"prefixes": [
{"_ref": 1},
{"_ref": 3},
{"_ref": 4}
],
"reputation": [
{
"name": "firehol-coinbl-hosts",
"current": false,
"first_seen": 1584712048,
"last_seen": 1584720037
},
{
"name": "firehol-dshield-top-1000",
"current": true,
"first_seen": 1584714021,
"last_seen": 1584720037
}
]
}
IPv6 Address¶
IPv6 address. Structure is near identical to IPv4 Address thus a
lot of nested object definitions are re-used.
-
IPv6 Address IPv6 address.
Object Properties: - type (string) – Type definition. Always present and has a
value of
ipv6. - address (string) – IPv6 address. Always present.
- closest_prefix (
Prefix Reference) – A reference to the smallest network prefix which contains this IP address. Always present. - prefixes (list of
Prefix Reference) – A list of references to multiple network prefixes which together represent a full prefix chain for this IP (from the smallest to 0.0.0.0/0). Always present. - reputation (list of
IP Reputation Entry) – List of IP reputation entries containing information from reputation feeds in which this IP address was observed throughout its lifespan. Always present.
- type (string) – Type definition. Always present and has a
value of
Todo
Replace IPv6 address data type example with an actual output from the API. Currently it is a stub.
Example (truncated for clarity):
{
"type": "ipv6",
"address": "2001:4860:4860::8888",
"closest_prefix": {"_ref": 3},
"prefixes": [
{"_ref": 3},
{"_ref": 4},
{"_ref": 12}
],
"reputation": [
{
"name": "firehol-coinbl-hosts",
"current": false,
"first_seen": 1584712048,
"last_seen": 1584720037
},
{
"name": "firehol-dshield-top-1000",
"current": true,
"first_seen": 1584714021,
"last_seen": 1584720037
}
]
}
Network Prefix¶
Todo
Replace Network Prefix data type stub with an actual definition
-
Network Prefix Network prefix.
Object Properties:
Example:
{
"type": "netpref",
"prefix": "0.0.0.0/0"
}