url_intelligence
🚧 WARNING: DEPRECATED
URL Threat Intelligence has been deprecated since 1.4.0. Deprecated in QDM 1.4.0
Insights from threat intelligence platforms about URLs
| Caption | Name | Type | Description |
|---|
| Website Categorization IDs | category_ids | Integer[] | The Website categorization identifiers. 0: Unknown (UNKNOWN)1: Adult/Mature Content (ADULT/MATURE_CONTENT)101: Spam (SPAM)102: Potentially Unwanted Software (POTENTIALLY_UNWANTED_SOFTWARE)103: Dynamic DNS Host (DYNAMIC_DNS_HOST)106: E-Card/Invitations (E_CARD/INVITATIONS)107: Informational (INFORMATIONAL)108: Computer/Information Security (COMPUTER/INFORMATION_SECURITY)109: Internet Connected Devices (INTERNET_CONNECTED_DEVICES)11: Gambling (GAMBLING)110: Internet Telephony (INTERNET_TELEPHONY)111: Online Meetings (ONLINE_MEETINGS)112: Media Sharing (MEDIA_SHARING)113: Radio/Audio Streams (RADIO/AUDIO_STREAMS)114: TV/Video Streams (TV/VIDEO_STREAMS)118: Piracy/Copyright Concerns (PIRACY/COPYRIGHT_CONCERNS)121: Marijuana (MARIJUANA)14: Violence/Hate/Racism (VIOLENCE/HATE/RACISM)15: Weapons (WEAPONS)16: Abortion (ABORTION)17: Hacking (HACKING)18: Phishing (PHISHING)20: Entertainment (ENTERTAINMENT)21: Business/Economy (BUSINESS/ECONOMY)22: Alternative Spirituality/Belief (ALTERNATIVE_SPIRITUALITY/BELIEF)23: Alcohol (ALCOHOL)24: Tobacco (TOBACCO)25: Controlled Substances (CONTROLLED_SUBSTANCES)26: Child Pornography (CHILD_PORNOGRAPHY)27: Education (EDUCATION)29: Charitable Organizations (CHARITABLE_ORGANIZATIONS)3: Pornography (PORNOGRAPHY)30: Art/Culture (ART/CULTURE)31: Financial Services (FINANCIAL_SERVICES)32: Brokerage/Trading (BROKERAGE/TRADING)33: Games (GAMES)34: Government/Legal (GOVERNMENT/LEGAL)35: Military (MILITARY)36: Political/Social Advocacy (POLITICAL/SOCIAL_ADVOCACY)37: Health (HEALTH)38: Technology/Internet (TECHNOLOGY/INTERNET)4: Sex Education (SEX_EDUCATION)40: Search Engines/Portals (SEARCH_ENGINES/PORTALS)43: Malicious Sources/Malnets (MALICIOUS_SOURCES/MALNETS)44: Malicious Outbound Data/Botnets (MALICIOUS_OUTBOUND_DATA/BOTNETS)45: Job Search/Careers (JOB_SEARCH/CAREERS)46: News/Media (NEWS/MEDIA)47: Personals/Dating (PERSONALS/DATING)49: Reference (REFERENCE)5: Intimate Apparel/Swimsuit (INTIMATE_APPAREL/SWIMSUIT)50: Mixed Content/Potentially Adult (MIXED_CONTENT/POTENTIALLY_ADULT)51: Chat (IM)/SMS (CHAT_(IM)/SMS)52: Email (EMAIL)53: Newsgroups/Forums (NEWSGROUPS/FORUMS)54: Religion (RELIGION)55: Social Networking (SOCIAL_NETWORKING)56: File Storage/Sharing (FILE_STORAGE/SHARING)57: Remote Access Tools (REMOTE_ACCESS_TOOLS)58: Shopping (SHOPPING)59: Auctions (AUCTIONS)6: Nudity (NUDITY)60: Real Estate (REAL_ESTATE)61: Society/Daily Living (SOCIETY/DAILY_LIVING)63: Personal Sites (PERSONAL_SITES)64: Restaurants/Dining/Food (RESTAURANTS/DINING/FOOD)65: Sports/Recreation (SPORTS/RECREATION)66: Travel (TRAVEL)67: Vehicles (VEHICLES)68: Humor/Jokes (HUMOR/JOKES)7: Extreme (EXTREME)71: Software Downloads (SOFTWARE_DOWNLOADS)83: Peer-to-Peer (P2P) (PEER_TO_PEER_(P2P))84: Audio/Video Clips (AUDIO/VIDEO_CLIPS)85: Office/Business Applications (OFFICE/BUSINESS_APPLICATIONS)86: Proxy Avoidance (PROXY_AVOIDANCE)87: For Kids (FOR_KIDS)88: Web Ads/Analytics (WEB_ADS/ANALYTICS)89: Web Hosting (WEB_HOSTING)9: Scam/Questionable/Illegal (SCAM/QUESTIONABLE/ILLEGAL)90: Uncategorized (UNCATEGORIZED)92: Suspicious (SUSPICIOUS)93: Sexual Expression (SEXUAL_EXPRESSION)95: Translation (TRANSLATION)96: Non-Viewable/Infrastructure (NON_VIEWABLE/INFRASTRUCTURE)97: Content Servers (CONTENT_SERVERS)98: Placeholders (PLACEHOLDERS)99: Other (OTHER)
|
| Details | details | String | Details about the IP address. |
| Findings | findings | Finding[] | The findings from threat intelligence platforms |
| First Seen | first_seen_time | Timestamp | The initial detection time of the activity or object. See specific usage |
| Labels | labels | String[] | The labels or tags in the intelligence. |
| Last Seen | last_seen_time | Timestamp | The most recent detection time of the activity or object. See specific usage. |
| Raw Data | raw_data | JSON | Group:context
The event data as received from the event source. |
| Record ID | record_id | String | Group:primary
Unique identifier for the object |
| Additional references for more information. | references | String[] | A list of reference URLs supporting the finding/detection. |
| Reputations | reputations | Reputation[] | Reputation score as reported by provider |
| Unmapped | unmapped | Unmapped[] | Data from the source that was not mapped into the schema. |
| URL | url | Uniform Resource Locator[] | Entity:UNIFORM_RESOURCE_LOCATOR
The URL the intelligence applies to. |
| Vendor Name | vendor_name | String | The vendor that provided the intelligence. |
URL Threat Intelligence references the following objects and events in its attributes:
This page describes ocsf-1.4.0
