Note The API is currently available for beta-testers. If you want to be part of the test, you may request an API key by contacting support[at]onyphe.io. The current API is subject to change, we will update the documentation page as it happens.
  • 30+ scanned TCP ports
  • 30,000+ pastes per day
  • 1,000,000+ open ports per day
  • Unique OS fingerprinting technology
  • Geolocation updated once a month
  • Netblock data updated once a week

Geolocation data

We keep track of changes in geolocation data for IP addresses. We have data about country, city, localtime or latitude/longitude

Netblock information

Publicly accessible netblock information is regulary downloaded. We have data about netnames, subnet and description of netblocks

Active Internet scanning

We collect information about open TCP ports along with fingerprinted Operating System. We are able to reliably identify the remote OS with a single packet

Reverse DNS resolution

The full IP address space is regularly resolved for the PTR record

Threatlist lookups

We download every day publicly available threatlist information from various sources. For instance, we lookup EmergingThreats, iblocklist, Abuse.ch or inThreat

Paste sites lookups

We monitor public paste sites and search for IP address strings. Thus, we correlate data from pastebin to enrich other information