WHOIS
whois
The resources of a WHOIS record for a given domain. This can include domain names, IP address blocks, autonomous system information, and/or contact and registration information for a domain.
Attributes
Caption | Name | Type | Description |
---|---|---|---|
Autonomous System | autonomous_system |
Autonomous System[] | The autonomous system information associated with a domain. |
Registered At | created_time |
Timestamp | When the domain was registered or WHOIS entry was created. |
DNSSEC Status | dnssec_status |
String | The normalized value of dnssec_status_id. |
DNSSEC Status ID | dnssec_status_id |
Integer |
Describes the normalized status of DNS Security Extensions (DNSSEC) for a domain.
|
Domain | domain |
String | The domain name corresponding to the WHOIS record. |
Domain Contacts | domain_contacts |
Domain Contact[] |
An array of Domain Contact objects.
|
Registrar Abuse Email Address | email_addr |
Email Address |
Entity:EMAIL_ADDRESS The email address for the registrar's abuse contact |
Last Updated At | last_seen_time |
Timestamp | When the WHOIS record was last updated or seen at. |
Name Servers | name_servers |
String[] | A collection of name servers related to a domain registration or other record. |
Registrar Abuse Phone Number | phone_number |
String | The phone number for the registrar's abuse contact |
Raw Data | raw_data |
JSON |
Group:context The event data as received from the event source. |
Record ID | record_id |
String |
Group:primary Unique identifier for the object |
Domain Registrar | registrar |
String | The domain registrar. |
Domain Status | status |
String |
The status of a domain and its ability to be transferred, e.g., clientTransferProhibited .
|
Subdomains | subdomains |
String[] | An array of subdomain strings. Can be used to collect several subdomains such as those from Domain Generation Algorithms (DGAs). |
Subnet Block | subnet |
Subnet |
Entity:SUBNET The IP address block (CIDR) associated with a domain. |
Unmapped | unmapped |
Unmapped[] | Data from the source that was not mapped into the schema. |
Relationships
Inbound Relationships
These objects and events reference WHOIS in their attributes:
Outbound Relationships
WHOIS references the following objects and events in its attributes:
This page describes ocsf-1.4.0
Updated 3 days ago