mirror of https://github.com/MISP/misp-objects
98 lines
2.5 KiB
JSON
98 lines
2.5 KiB
JSON
{
|
|
"requiredOneOf": [
|
|
"registrant-email",
|
|
"registrant-phone",
|
|
"creation-date",
|
|
"registrant-name",
|
|
"registrar",
|
|
"text",
|
|
"domain",
|
|
"ip-address"
|
|
],
|
|
"attributes": {
|
|
"text": {
|
|
"description": "Full whois entry",
|
|
"disable_correlation": true,
|
|
"ui-priority": 1,
|
|
"misp-attribute": "text"
|
|
},
|
|
"registrar": {
|
|
"description": "Registrar of the whois entry",
|
|
"ui-priority": 0,
|
|
"misp-attribute": "whois-registrar"
|
|
},
|
|
"registrant-name": {
|
|
"description": "Registrant name",
|
|
"ui-priority": 0,
|
|
"misp-attribute": "whois-registrant-name"
|
|
},
|
|
"registrant-phone": {
|
|
"description": "Registrant phone number",
|
|
"ui-priority": 0,
|
|
"misp-attribute": "whois-registrant-phone"
|
|
},
|
|
"registrant-email": {
|
|
"description": "Registrant email address",
|
|
"ui-priority": 1,
|
|
"misp-attribute": "whois-registrant-email"
|
|
},
|
|
"registrant-org": {
|
|
"description": "Registrant organisation",
|
|
"ui-priority": 1,
|
|
"misp-attribute": "whois-registrant-org"
|
|
},
|
|
"creation-date": {
|
|
"description": "Initial creation of the whois entry",
|
|
"disable_correlation": true,
|
|
"ui-priority": 0,
|
|
"misp-attribute": "datetime"
|
|
},
|
|
"modification-date": {
|
|
"description": "Last update of the whois entry",
|
|
"disable_correlation": true,
|
|
"ui-priority": 0,
|
|
"misp-attribute": "datetime"
|
|
},
|
|
"expiration-date": {
|
|
"description": "Expiration of the whois entry",
|
|
"disable_correlation": true,
|
|
"ui-priority": 0,
|
|
"misp-attribute": "datetime"
|
|
},
|
|
"nameserver": {
|
|
"description": "Nameserver",
|
|
"ui-priority": 0,
|
|
"misp-attribute": "hostname",
|
|
"disable_correlation": true,
|
|
"multiple": true,
|
|
"to_ids": false
|
|
},
|
|
"domain": {
|
|
"description": "Domain of the whois entry",
|
|
"categories": [
|
|
"Network activity",
|
|
"External analysis"
|
|
],
|
|
"ui-priority": 0,
|
|
"multiple": true,
|
|
"misp-attribute": "domain"
|
|
},
|
|
"comment": {
|
|
"description": "Comment of the whois entry",
|
|
"ui-priority": 0,
|
|
"misp-attribute": "text"
|
|
},
|
|
"ip-address": {
|
|
"description": "IP address of the whois entry",
|
|
"ui-priority": 0,
|
|
"multiple": true,
|
|
"misp-attribute": "ip-src"
|
|
}
|
|
},
|
|
"version": 10,
|
|
"description": "Whois records information for a domain name or an IP address.",
|
|
"meta-category": "network",
|
|
"uuid": "429faea1-34ff-47af-8a00-7c62d3be5a6a",
|
|
"name": "whois"
|
|
}
|