Indicator search: domain information

The following table provides a description of content that appears in the About area of the Indicator Search page when a domain is known to host harmful content.

Additional Domain Information
Information Field Description
Domain Name Domain name that was provided in the search and is known to host harmful content.
Last Categorized as Indicates the threat category that was last assigned to the domain.
Status Indicates the status of the threat in ETP. For example if the threat is a known threat, the status indicates that it is a known threat for a particular threat type.
Category The overall category of the event.

For a threat event, categories can be Malware, Phishing, Command and Control (C&C), Deny List, or Other (if assigned to a custom list).

For an access control event, see Acceptable use policy categories and Application visibility and control categories.

Registrar Domain name registrar where the domain is registered.
Registrant Registrant information, such as name, email, and country of origin.
Created on Date when the domain was registered.
Expires on Date when the registered domain expires.
Last Updated on Date when the domain was last updated.
Name Servers Authoritative name servers of the domain.
Name Servers IPs IP addresses of the domain’s authoritative name servers.
Malicious URLs URLs related to the domain that are known to be malicious. These URLS are organized by the following threat categories:
  • Phishing
  • Malware
  • Command and Control (C&C)