WHOIS
whois
The resources of a WHOIS record for a given domain. This can include domain names, IP address blocks, autonomous system information, and/or contact and registration information for a domain.
Attributes
| Caption | Name | Type | Description |
|---|---|---|---|
| Autonomous System | autonomous_system |
Autonomous System[] | The autonomous system information associated with a domain. |
| Registered At | created_time |
Timestamp | When the domain was registered or WHOIS entry was created. |
| DNSSEC Status | dnssec_status |
String | The normalized value of dnssec_status_id. |
| DNSSEC Status ID | dnssec_status_id |
Integer |
Describes the normalized status of DNS Security Extensions (DNSSEC) for a domain.
|
| Domain | domain |
String | The domain name corresponding to the WHOIS record. |
| Domain Contacts | domain_contacts |
Domain Contact[] |
An array of Domain Contact objects.
|
| Registrar Abuse Email Address | email_addr |
Email Address |
Entity:EMAIL_ADDRESSThe email address for the registrar's abuse contact |
| Last Updated At | last_seen_time |
Timestamp | When the WHOIS record was last updated or seen at. |
| Name Servers | name_servers |
String[] | A collection of name servers related to a domain registration or other record. |
| Registrar Abuse Phone Number | phone_number |
String | The phone number for the registrar's abuse contact |
| Raw Data | raw_data |
JSON |
Group:contextThe event data as received from the event source. |
| Record ID | record_id |
String |
Group:primaryUnique identifier for the object |
| Domain Registrar | registrar |
String | The domain registrar. |
| Domain Status | status |
String |
The status of a domain and its ability to be transferred, e.g., clientTransferProhibited.
|
| Subdomains | subdomains |
String[] | An array of subdomain strings. Can be used to collect several subdomains such as those from Domain Generation Algorithms (DGAs). |
| Subnet Block | subnet |
Subnet |
Entity:SUBNETThe IP address block (CIDR) associated with a domain. |
| Unmapped | unmapped |
Unmapped[] | Data from the source that was not mapped into the schema. |
Relationships
Inbound Relationships
These objects and events reference WHOIS in their attributes:
Outbound Relationships
WHOIS references the following objects and events in its attributes:
This page describes ocsf-1.4.0
Updated 3 days ago