Guides
Start typing to search…

WHOIS

whois

The resources of a WHOIS record for a given domain. This can include domain names, IP address blocks, autonomous system information, and/or contact and registration information for a domain.

Attributes

CaptionNameTypeDescription
Autonomous Systemautonomous_systemAutonomous System[]

The autonomous system information associated with a domain.

Registered Atcreated_timeTimestamp

When the domain was registered or WHOIS entry was created.

DNSSEC Statusdnssec_statusString

The normalized value of dnssec_status_id.

DNSSEC Status IDdnssec_status_idInteger

Describes the normalized status of DNS Security Extensions (DNSSEC) for a domain.

  • 0: Unknown (UNKNOWN)
  • 1: Signed (SIGNED)
  • 2: Unsigned (UNSIGNED)
  • 99: Other (OTHER)
DomaindomainString

The domain name corresponding to the WHOIS record.

Domain Contactsdomain_contactsDomain Contact[]

An array of Domain Contact objects.

Registrar Abuse Email Addressemail_addrEmail Address

Entity:EMAIL_ADDRESS
The email address for the registrar's abuse contact

Last Updated Atlast_seen_timeTimestamp

When the WHOIS record was last updated or seen at.

Name Serversname_serversString[]

A collection of name servers related to a domain registration or other record.

Registrar Abuse Phone Numberphone_numberString

The phone number for the registrar's abuse contact

Raw Dataraw_dataJSON

Group:context
The event data as received from the event source.

Record IDrecord_idString

Group:primary
Unique identifier for the object

Domain RegistrarregistrarString

The domain registrar.

Domain StatusstatusString

The status of a domain and its ability to be transferred, e.g., clientTransferProhibited.

SubdomainssubdomainsString[]

An array of subdomain strings. Can be used to collect several subdomains such as those from Domain Generation Algorithms (DGAs).

Subnet BlocksubnetSubnet

Entity:SUBNET
The IP address block (CIDR) associated with a domain.

UnmappedunmappedUnmapped[]

Data from the source that was not mapped into the schema.

Relationships

WHOIS shown in context

Inbound Relationships

These objects and events reference WHOIS in their attributes:

Outbound Relationships

WHOIS references the following objects and events in its attributes:

This page describes ocsf-1.4.0

Updated 10 days ago