The IP addresses page is the place for understanding which IPs you have on your attack surface - in what country IPs are hosted, who the hosting provider is, and what the ASN is.
Each observation will have a state that says whether the IP is still active or inactive on your attack surface. There will also be a date, telling you when it was first found, and a disappeared timestamp, if it is no longer active on the surface.
Accessing the IP addresses page
Upon accessing the IP addresses page, you'll be presented with a list of all IPs we've identified. You can explore this information at varying levels of detail through the "group by" options.
By default, the page is set to group by IP address. This means each row represents a unique IP, accompanied by relevant metadata. This metadata includes the current status of the IP (active or inactive), indicating whether it is presently found on your attack surface or if the DNS record linking it to a domain has been removed, rendering the IP unused across your domains.
Additionally, you can see how many assets are associated with each IP, as multiple assets or domains may share the same IP address. Other details provided include the provider, ASN, and the country the IP is located in. We include both IPV6 and IPV4 addresses.
The "first seen" date is noted, and if an IP is no longer present, the disappearance date is also listed.
Group by None
This is the most detailed level of the IP data. It shows each domain and each IP that they point to as unique observations. The status shows whether this connection still exists on your attack surface or whether that connection is currently inactive. The dates show when the domain-ip relationship was first established or when it was lost.
Group by Provider
With this grouping, you will immediately see each different provider you have and how many IPs or assets that are associated with it. Clicking the number of assets or the number of IPs will navigate you to the group by None view and filter on this provider. The status shows whether that particular provider is currently in use by any of your IPs and the timestamps show when it was first found and when it disappeared (if applicable).
Group by Country
With this grouping, you will immediately see each different country you are in and how many IPs or assets that are associated with it. Clicking the number of assets or the number of IPs will navigate you to the group by None view and filter on this country. The status shows whether that particular country is currently in use by any of your IPs and the timestamps show when it was first found and when it disappeared (if applicable).