Yes, this search filter just Internet object but not specific public ip addresses. 

On the search  NOT is not expisting, our I would I have done easily NOT dst:10.0.0.0/8

Did you try below (example from my lab).

Andy

*********************

[Expert@CP-MANAGEMENT:0]# mgmt_cli where-used name "Internet" --format json
Username: admin
Password:
{
"used-directly" : {
"total" : 11,
"objects" : [ ],
"threat-prevention-rules" : [ ],
"nat-rules" : [ ],
"access-control-rules" : [ {
"rule" : {
"uid" : "25b0a4aa-7e12-44cc-8e75-9463990b6958",
"type" : "access-rule",
"domain" : {
"uid" : "41e821a0-3720-11e3-aa6e-0800200c9fde",
"name" : "SMC User",
"domain-type" : "domain"
},
"icon" : "Objects/accessRule",
"color" : "black"
},
"rule-columns" : [ "destination" ],
"position" : "3",
"layer" : {
"uid" : "38271c2f-ab44-4e25-9aa4-e219cb6e12cf",
"name" : "network",
"type" : "access-layer",
"domain" : {
"uid" : "41e821a0-3720-11e3-aa6e-0800200c9fde",
"name" : "SMC User",
"domain-type" : "domain"
},
"icon" : "ApplicationFirewall/rulebase",
"color" : "black"
},
"layer-position" : 1,
"package" : {
"uid" : "0fd04089-8f41-424a-aeb3-0534161618ca",
"name" : "R82-SSL-INSPECTION-LAB-POLICY",
"type" : "package",
"domain" : {
"uid" : "41e821a0-3720-11e3-aa6e-0800200c9fde",
"name" : "SMC User",
"domain-type" : "domain"
},
"icon" : "Blades/Access",
"color" : "cyan"
}
}, {
"rule" : {
"uid" : "2831f491-21b5-437e-a1a4-1b92cf324a9e",
"name" : "AI test rule",
"type" : "access-rule",
"domain" : {
"uid" : "41e821a0-3720-11e3-aa6e-0800200c9fde",
"name" : "SMC User",
"domain-type" : "domain"
},
"icon" : "Objects/accessRule",
"color" : "black"
},
"rule-columns" : [ "destination" ],
"position" : "2",
"layer" : {
"uid" : "0d66fd92-fb01-4862-8005-8871f976ad4f",
"name" : "appc+urlf",
"type" : "access-layer",
"domain" : {
"uid" : "41e821a0-3720-11e3-aa6e-0800200c9fde",
"name" : "SMC User",
"domain-type" : "domain"
},
"icon" : "ApplicationFirewall/rulebase",
"color" : "black"
},
"layer-position" : 2,
"package" : {
"uid" : "0fd04089-8f41-424a-aeb3-0534161618ca",
"name" : "R82-SSL-INSPECTION-LAB-POLICY",
"type" : "package",
"domain" : {
"uid" : "41e821a0-3720-11e3-aa6e-0800200c9fde",
"name" : "SMC User",
"domain-type" : "domain"
},
"icon" : "Blades/Access",
"color" : "cyan"
}
}, {
"rule" : {
"uid" : "fedb9a6c-b55b-42f1-83d2-d3802c602c9c",
"name" : "win11 access rule",
"type" : "access-rule",
"domain" : {
"uid" : "41e821a0-3720-11e3-aa6e-0800200c9fde",
"name" : "SMC User",
"domain-type" : "domain"
},
"icon" : "Objects/accessRule",
"color" : "black"
},
"rule-columns" : [ "destination" ],
"position" : "4",
"layer" : {
"uid" : "38271c2f-ab44-4e25-9aa4-e219cb6e12cf",
"name" : "network",
"type" : "access-layer",
"domain" : {
"uid" : "41e821a0-3720-11e3-aa6e-0800200c9fde",
"name" : "SMC User",
"domain-type" : "domain"
},
"icon" : "ApplicationFirewall/rulebase",
"color" : "black"
},
"layer-position" : 1,
"package" : {
"uid" : "0fd04089-8f41-424a-aeb3-0534161618ca",
"name" : "R82-SSL-INSPECTION-LAB-POLICY",
"type" : "package",
"domain" : {
"uid" : "41e821a0-3720-11e3-aa6e-0800200c9fde",
"name" : "SMC User",
"domain-type" : "domain"
},
"icon" : "Blades/Access",
"color" : "cyan"
}
}, {
"rule" : {
"uid" : "443350ba-388c-4351-9d8d-03734b4e5a29",
"name" : "win11 inspection rule",
"type" : "access-rule",
"domain" : {
"uid" : "41e821a0-3720-11e3-aa6e-0800200c9fde",
"name" : "SMC User",
"domain-type" : "domain"
},
"icon" : "Objects/accessRule",
"color" : "black"
},
"rule-columns" : [ "destination" ],
"position" : "1",
"layer" : {
"uid" : "0d66fd92-fb01-4862-8005-8871f976ad4f",
"name" : "appc+urlf",
"type" : "access-layer",
"domain" : {
"uid" : "41e821a0-3720-11e3-aa6e-0800200c9fde",
"name" : "SMC User",
"domain-type" : "domain"
},
"icon" : "ApplicationFirewall/rulebase",
"color" : "black"
},
"layer-position" : 2,
"package" : {
"uid" : "0fd04089-8f41-424a-aeb3-0534161618ca",
"name" : "R82-SSL-INSPECTION-LAB-POLICY",
"type" : "package",
"domain" : {
"uid" : "41e821a0-3720-11e3-aa6e-0800200c9fde",
"name" : "SMC User",
"domain-type" : "domain"
},
"icon" : "Blades/Access",
"color" : "cyan"
}
}, {
"rule" : {
"uid" : "19c21224-a633-4fa9-814c-827a7f2e3fcd",
"type" : "access-rule",
"domain" : {
"uid" : "41e821a0-3720-11e3-aa6e-0800200c9fde",
"name" : "SMC User",
"domain-type" : "domain"
},
"icon" : "Objects/accessRule",
"color" : "black"
},
"rule-columns" : [ "destination" ],
"position" : "3",
"layer" : {
"uid" : "0d66fd92-fb01-4862-8005-8871f976ad4f",
"name" : "appc+urlf",
"type" : "access-layer",
"domain" : {
"uid" : "41e821a0-3720-11e3-aa6e-0800200c9fde",
"name" : "SMC User",
"domain-type" : "domain"
},
"icon" : "ApplicationFirewall/rulebase",
"color" : "black"
},
"layer-position" : 2,
"package" : {
"uid" : "0fd04089-8f41-424a-aeb3-0534161618ca",
"name" : "R82-SSL-INSPECTION-LAB-POLICY",
"type" : "package",
"domain" : {
"uid" : "41e821a0-3720-11e3-aa6e-0800200c9fde",
"name" : "SMC User",
"domain-type" : "domain"
},
"icon" : "Blades/Access",
"color" : "cyan"
}
} ],
"https-rules" : [ {
"rule" : {
"uid" : "4d020c0f-929e-4e1a-83c1-a8b806174a11",
"name" : "bypass rule",
"type" : "https-rule",
"domain" : {
"uid" : "41e821a0-3720-11e3-aa6e-0800200c9fde",
"name" : "SMC User",
"domain-type" : "domain"
},
"icon" : "General/globalsNa",
"color" : "black"
},
"rule-columns" : [ "destination" ],
"position" : "2",
"layer" : {
"uid" : "ecb98b31-5e17-44c5-bc05-ce1a8b3d1c3d",
"name" : "Default Outbound Layer",
"type" : "https-layer",
"domain" : {
"uid" : "41e821a0-3720-11e3-aa6e-0800200c9fde",
"name" : "SMC User",
"domain-type" : "domain"
},
"icon" : "ApplicationFirewall/rulebase",
"color" : "black"
},
"layer-position" : 1,
"package" : {
"uid" : "0fd04089-8f41-424a-aeb3-0534161618ca",
"name" : "R82-SSL-INSPECTION-LAB-POLICY",
"type" : "package",
"domain" : {
"uid" : "41e821a0-3720-11e3-aa6e-0800200c9fde",
"name" : "SMC User",
"domain-type" : "domain"
},
"icon" : "Blades/Access",
"color" : "cyan"
}
}, {
"rule" : {
"uid" : "4505771d-bef5-40aa-9c03-e4bef68cbf21",
"name" : "Predefined Rule",
"type" : "https-rule",
"domain" : {
"uid" : "41e821a0-3720-11e3-aa6e-0800200c9fde",
"name" : "SMC User",
"domain-type" : "domain"
},
"icon" : "General/globalsNa",
"color" : "black"
},
"rule-columns" : [ "destination" ],
"position" : "1",
"layer" : {
"uid" : "bff64df6-8eec-4d7d-9230-b4e53b5316c1",
"name" : "test-https-inspection-layer",
"type" : "https-layer",
"domain" : {
"uid" : "41e821a0-3720-11e3-aa6e-0800200c9fde",
"name" : "SMC User",
"domain-type" : "domain"
},
"icon" : "ApplicationFirewall/rulebase",
"color" : "black"
}
}, {
"rule" : {
"uid" : "204a2b49-3382-438a-a4f5-ca5af2d1ace6",
"name" : "Health, Finance and Government HTTPS Rule",
"type" : "https-rule",
"domain" : {
"uid" : "a0bbbc99-adef-4ef8-bb6d-defdefdefdef",
"name" : "Check Point Data",
"domain-type" : "data domain"
},
"icon" : "General/globalsNa",
"color" : "black"
},
"rule-columns" : [ "destination" ],
"position" : "1",
"layer" : {
"uid" : "10b93f12-9906-49af-b308-dffc294d0e09",
"name" : "VSX_Outbound_Default",
"type" : "https-layer",
"domain" : {
"uid" : "a0bbbc99-adef-4ef8-bb6d-defdefdefdef",
"name" : "Check Point Data",
"domain-type" : "data domain"
},
"icon" : "ApplicationFirewall/rulebase",
"color" : "black"
}
}, {
"rule" : {
"uid" : "a8146f47-bb00-46d4-8859-e217369b0eb9",
"name" : "Predefined Rule",
"type" : "https-rule",
"domain" : {
"uid" : "41e821a0-3720-11e3-aa6e-0800200c9fde",
"name" : "SMC User",
"domain-type" : "domain"
},
"icon" : "General/globalsNa",
"color" : "black"
},
"rule-columns" : [ "destination" ],
"position" : "3",
"layer" : {
"uid" : "ecb98b31-5e17-44c5-bc05-ce1a8b3d1c3d",
"name" : "Default Outbound Layer",
"type" : "https-layer",
"domain" : {
"uid" : "41e821a0-3720-11e3-aa6e-0800200c9fde",
"name" : "SMC User",
"domain-type" : "domain"
},
"icon" : "ApplicationFirewall/rulebase",
"color" : "black"
},
"layer-position" : 1,
"package" : {
"uid" : "0fd04089-8f41-424a-aeb3-0534161618ca",
"name" : "R82-SSL-INSPECTION-LAB-POLICY",
"type" : "package",
"domain" : {
"uid" : "41e821a0-3720-11e3-aa6e-0800200c9fde",
"name" : "SMC User",
"domain-type" : "domain"
},
"icon" : "Blades/Access",
"color" : "cyan"
}
}, {
"rule" : {
"uid" : "776bd65a-f316-4ff7-b916-8d231763fff0",
"name" : "Predefined Rule",
"type" : "https-rule",
"domain" : {
"uid" : "a0bbbc99-adef-4ef8-bb6d-defdefdefdef",
"name" : "Check Point Data",
"domain-type" : "data domain"
},
"icon" : "General/globalsNa",
"color" : "black"
},
"rule-columns" : [ "destination" ],
"position" : "2",
"layer" : {
"uid" : "10b93f12-9906-49af-b308-dffc294d0e09",
"name" : "VSX_Outbound_Default",
"type" : "https-layer",
"domain" : {
"uid" : "a0bbbc99-adef-4ef8-bb6d-defdefdefdef",
"name" : "Check Point Data",
"domain-type" : "data domain"
},
"icon" : "ApplicationFirewall/rulebase",
"color" : "black"
}
}, {
"rule" : {
"uid" : "de4da8e8-1b60-4a38-8417-7b94a7f43bc9",
"name" : "MS copilot inspect",
"type" : "https-rule",
"domain" : {
"uid" : "41e821a0-3720-11e3-aa6e-0800200c9fde",
"name" : "SMC User",
"domain-type" : "domain"
},
"icon" : "General/globalsNa",
"color" : "black"
},
"rule-columns" : [ "destination" ],
"position" : "1",
"layer" : {
"uid" : "ecb98b31-5e17-44c5-bc05-ce1a8b3d1c3d",
"name" : "Default Outbound Layer",
"type" : "https-layer",
"domain" : {
"uid" : "41e821a0-3720-11e3-aa6e-0800200c9fde",
"name" : "SMC User",
"domain-type" : "domain"
},
"icon" : "ApplicationFirewall/rulebase",
"color" : "black"
},
"layer-position" : 1,
"package" : {
"uid" : "0fd04089-8f41-424a-aeb3-0534161618ca",
"name" : "R82-SSL-INSPECTION-LAB-POLICY",
"type" : "package",
"domain" : {
"uid" : "41e821a0-3720-11e3-aa6e-0800200c9fde",
"name" : "SMC User",
"domain-type" : "domain"
},
"icon" : "Blades/Access",
"color" : "cyan"
}
} ]
}
}
[Expert@CP-MANAGEMENT:0]#