Information available to users with Premium Access

Kaspersky Threat Intelligence Portal provides the following detailed information about the requested IP address, if available, to users with Premium Access.

DNS resolutions tab

Information about DNS resolutions

Table name

Description

Table fields

DNS resolutions for IP address

pDNS information for the requested IP address.

Status—Status of domains.

Hits—Number of times that the domain resolved to the requested IP address.

Domain—Domain that resolves to the requested IP address.

First resolved—Date and time when the domain first resolved to the requested IP address.

Last resolved—Date and time when the domain last resolved to the requested IP address.

Peak date—Date of maximum number of domain resolutions to the requested IP address.

Daily peak—Maximum number of domain resolutions to the requested IP address per day.

Related files tab

Information about related files

Table name

Description

Table fields

Files related to IP address

MD5 hashes of files downloaded from web addresses containing domains that resolve to the requested IP address.

Status—Status of downloaded files.

Hits—Number of times that a file was downloaded from the requested IP address, as detected by Kaspersky expert systems.

File MD5—MD5 hash of the downloaded file.

Detection name—Name of the detected object (for example, HEUR:Exploit.Script.Blocker).

Web address—Web addresses used to download the file.

Last seen—Date and time that the file was last downloaded from the requested IP address.

First seen—Date and time the file was first downloaded from the requested IP address.

Hosted web addresses tab

Information about hosted web addresses

Table name

Description

Table fields

Hosted web addresses

Web addresses of the domain that resolves to the requested IP address.

Status—Status of web addresses and domains.

Hits—Number of web address detections by Kaspersky expert systems.

Web address—Detected web address.

First seen—Date and time when the web address was first detected.

Last seen—Date and time when the web address was last detected.

Web address masks tab

Information about web address masks

Table name

Description

Table fields

Web address masks

Masks of detected by Kaspersky expert systems addresses that contain the IP addresses and web addresses of the domain that resolves to the requested IP address.

Status—Status of web addresses covered by the corresponding mask (Dangerous or Adware and other).

Type—Type of the mask.

Mask—Web address mask.

Feeds—Threat Data Feeds that contain the web address mask.

Page top