Field names
    • 13 May 2024
    • 18 Minutes to read
    • Dark
      Light

    Field names

    • Dark
      Light

    Article summary

    Field names are searchable data categories used in SPQL, and Web Scanner searches.

    Scanned data is grouped into separate repositories, known as a data sources.

    There are 6 data sources available in SPQL, each with their own set of field names that you can use to search through the data contained within them:

    1. webscan
    2. torscan
    3. services
    4. opendirectory
    5. webscanhistory
    6. webscanfailure

    Read this article for more information on each data source, and some example queries.

    Important!

    The "Datestring" data type is taken as YYYY-MM-DD

    'webscan' field names

    Here's a list of field names you can search across using the webscan data source.

    Field nameDescriptionType
    adtech.ads_txtHas /ads.txtBoolean
    adtech.ads_txt_sha256sha256 of /ads.txtString
    adtech.app_ads_txtHas /app-ads.txtBoolean
    adtech.app-ads_txt_sha256sha256 of /app-ads.txtString
    adtech.sellers_jsonHas /sellers.jsonBoolean
    adtech.sellers_json_sha256sha256 of /sellers.jsonString
    body_analysis.adsenseString
    body_analysis.adserverString
    body_analysis.analyticsString
    body_analysis.body_sha256SHA256 hash of the <body>String
    body_analysis.footer_sha256SHA256 hash of the <footer>String
    body_analysis.google-adstagString
    body_analysis.google-GA4GA4 tagString
    body_analysis.google-UAUA tagString
    body_analysis.header_sha256SHA256 hash of the <header>String
    body_analysis.ICP_licenseChinese ICP LIcenseString
    body_analysis.js_sha256List of referenced js files in the HTML content, in the form of "url sha256"String
    body_analysis.js_ssdeepList of referenced js files in the HTML content, in the form of "url ssdeep"String
    body_analysis.languageList of languages found in the HTML content, comma separated, from most used to least usedString
    body_analysis.onionList of onion addresses that are in the HTML responseString
    body_analysis.SHVScript Hash Value, based on js scripts used by a website.String
    datahashA unique hash of the overall scan resultString
    domainThe final domain that the origin domain that was scanned redirects toString
    favicon_avgVisual similarity image hash of the website's favicon fileString
    favicon2_avgVisual similarity image hash of the website's favicon2 fileString
    favicon_md5Favicon MD5 HashString
    favicon_murmur3Favicon Murmur3 HashString
    favicon_pathFavicon PathString
    favicon2_md5Favicon2 MD5 HashString
    favicon2_murmur3Favicon2 Murmur3 HashString
    favicon2_pathFavicon2 PathString
    favicon_urlsList of the URLs of the faviconsString
    fileDoes URL scanned point to a fileBoolean
    file_sha256Hash of file pointed toString
    geoip.asnAutonomous System Name (ASN)Integer
    geoip.as_orgAS OrganizationString
    geoip.city_nameCity of IP geolocationString
    geoip.continent_codeContinent of IP geolocationString
    geoip.country_code2Country code of IP geolocationString
    geoip.country_code3Country code of IP geolocationString
    geoip.country_nameCountry name of IP geolocationString
    geoip.dma_codeDesignated marketing areaString
    geoip.latitudeLatitude value of IP geolocationllFloat
    geoip.location.latLatitude value of IP geolocationFloat
    geoip.location.lonLongtitude value of IP geolocationFloat
    geoip.longitudeLongtitude value of IP geolocationFloat
    geoip.postal_codePostal code of IP geolocationString
    geoip.region_codeRegion code of IP geolocationString
    geoip.region_nameRegion name of IP geolocationString
    geoip.timezoneTimezone of IP geolocationString
    header.cache-controlInstructions that control caching in browsers and shared caches (e.g. Proxies, CDNs)String
    header.connectionWhether the network connection stays open after the current transaction finishesString
    header.content-lengthSize of the message body, in bytes, sent to the recipient.Number
    header.content-typeOriginal media type of the resource (prior to any content encoding applied for sending).String
    header.etagThe ETag (or entity tag) HTTP response headerString
    header.refreshString
    header.serverSoftware used to serve the HTTP response. If a redirect is present, this field shows data from the server that performed the last redirectString
    header.x-powered-byValue returned from server stating whatv it's powered byString
    hhvA hash value based on the header keysString
    hostnameHostname of domain that original domain that was scanned redirects toString
    html_body_murmur3A Murmur3 hash of the HTML bodyNumber
    html_body_lengthNumber of bytes in the HTML bodyInteger
    html_body_sha256A SHA256 hash of the HTML bodyString
    html_body_similarityPercentage difference in the HTML body for this scan versus the previous scan - based on the SSDeep hashNumber
    html_body_ssdeepSSDeep hash of the HTML bodyString
    htmltitleHTML TitleString
    ipIP hosting URL that origin URL that was scanned redirects toString
    jarmJARM Hash fingerprinting the TLS configurations of the hostString
    opendirectoryIs this an open directoryBoolean
    origin_domainDomain that was scannedString
    origin_hostnameHostname of domain that was scannedString
    origin_ipIP hosting URL that was originally scannedString
    origin_pathURL path that was originally scannedString
    origin_portURL port that was originally scannedString
    origin_schemeScheme of URL that was originally scannedString
    origin_urlURL that was originally scannedURL
    pathPath of URL that originally scanned URL redirects toString
    portPort of URL that originally scanned URL redirects toNumber
    redirectDoes the URL scanned result in a redirectBoolean
    redirect_countNumber of URLs involved in a redirectInteger
    redirect_listList of URLs that sit between the origin and destination URLsString
    redirect_to_httpsDoes the URL scanned result in a redirect to httpsBoolean
    responseScan Request Response CodeNumber
    scan_dateThe date that data was scannedDatestring
    schemeScheme of URL that originally scanned URL redirects toString
    ssl.authority_key_idThe authority key identifier (AKI) is an X.509 v3 certificate extension. It contains a key identifier which is derived from the public key in the issuer certificate.String
    ssl.chvA fingerprint on how the issuer creates the certificate based on the certificate's issuer/subject/extension RDN keys/wildcard and SANS countString
    ssl.expiredHas SSL certificate expiredBoolean
    ssl.issuer.common_nameSSL Certificate Issuer Common NameString
    ssl.issuer.countrySSL Certificate Issuer CountryString
    ssl.issuer.organizationSSL Certificate Issuer OrganizationList of strings
    ssl.not_afterSSL Certificate Validity End DateDatetime
    ssl.not_beforeSSL Certificate Validity Start DateDatetime
    ssl.sansSSL Certificate Sans ListList of domains
    ssl.sans_countSSL Certificate Sans List CountNumber
    ssl.serial_numberSSL Certificate Serial NumberString
    ssl.SHA1S1SL Certificate SHA1 HashString
    ssl.SHA256SSL Certificate SHA256 HashString
    ssl.sigalgSSL Certificate Signature AlgorithmString
    ssl.subject.common_nameSSL Certificate Subject Common NameString
    ssl.subject.countrySSL Certificate Subject CountryString
    ssl.subject.namesSSL Certificate Subject NamesList of domains
    ssl.subject.organizationSSL Certificate Subject OrganizationString
    ssl.wildcardIs this a wildcard SAN certificate, i.e. Sans List references wildcardsBoolean
    subdomainThe subdomain value, if it exists, of the final domain that scanned original domain redirects toString
    tldThe top level domain of the final domain that scanned original domain redirects toString
    urlThe final URL that the origin URL that was scanned redirects toString

    'torscan' field names

    Here's a list of field names you can search across using the torscan data source.

    Field nameDescriptionType
    body_analysis.adsenseString
    body_analysis.adserverString
    body_analysis.analyticsString
    body_analysis.body_sha256SHA256 hash of the <body>String
    body_analysis.footer_sha256SHA256 hash of the <footer>String
    body_analysis.google-adstagString
    body_analysis.google-GA4GA4 tagString
    body_analysis.google-UAUA tagString
    body_analysis.header_sha256SHA256 hash of the <header>String
    body_analysis.js_sha256List of referenced js files in the HTML content, in the form of "url sha256"String
    body_analysis.js_ssdeepList of referenced js files in the HTML content, in the form of "url ssdeep"String
    body_analysis.languageList of languages found in the HTML content, comma separated, from most used to least usedString
    body_analysis.onionList of onion addresses that are in the HTML responseString
    body_analysis.SHVScript Hash Value, based on js scripts used by a website.String
    datahashA unique hash of the overall scan resultString
    domainThe final domain that scan redirects toString
    favicon_avgVisual similarity image hash of the website's favicon fileString
    favicon2_avgVisual similarity image hash of the website's favicon2 fileString
    favicon_md5Favicon MD5 HashString
    favicon_murmur3Favicon Murmur3 HashString
    favicon_pathFavicon PathString
    favicon2_md5Favicon2 MD5 HashString
    favicon2_murmur3Favicon2 Murmur3 HashString
    favicon2_pathFavicon2 PathString
    favicon_urlsList of the URLs of the faviconsString
    fileDoes URL scanned point to a fileBoolean
    file_sha256Hash of file pointed toString
    header.cache-controlInstructions that control caching in browsers and shared caches (e.g. Proxies, CDNs)String
    header.connectionWhether the network connection stays open after the current transaction finishesString
    header.content-lengthSize of the message body, in bytes, sent to the recipient.Number
    header.content-typeOriginal media type of the resource (prior to any content encoding applied for sending).String
    header.etagThe ETag (or entity tag) HTTP response headerString
    header.refreshString
    header.serverSoftware used to serve the HTTP response. If a redirect is present, this field shows data from the server that performed the last redirectString
    header.x-powered-byValue returned from server stating whatv it's powered byString
    hhvA hash value based on the header keysString
    hostnameHostname of domain that original domain that was scanned redirects toString
    html_body_murmur3A Murmur3 hash of the HTML bodyNumber
    html_body_sha256A SHA256 hash of the HTML bodyString
    html_body_ssdeepSSDeep hash of the HTML bodyString
    htmltitleHTML TitleString
    opendirectoryIs this an open directoryBoolean
    origin_hostnameHostname of domain that was scannedString
    origin_ipIP hosting URL that was originally scannedString
    origin_pathURL path that was originally scannedString
    origin_portURL port that was originally scannedString
    origin_schemeScheme of URL that was originally scannedString
    origin_urlURL that was originally scannedURL
    pathPath of URL that originally scanned URL redirects toString
    portPort of URL that originally scanned URL redirects toNumber
    redirectDoes the URL scanned result in a redirectBoolean
    redirect_countNumber of URLs involved in a redirectInteger
    redirect_listList of URLs that sit between the origin and destination URLsString
    redirect_to_httpsDoes the URL scanned result in a redirect to httpsBoolean
    responseScan Request Response CodeNumber
    scan_dateThe date that data was scannedDatestring
    schemeScheme of URL that originally scanned URL redirects toString
    ssl.authority_key_idThe authority key identifier (AKI) is an X.509 v3 certificate extension. It contains a key identifier which is derived from the public key in the issuer certificate.String
    ssl.chvA fingerprint on how the issuer creates the certificate based on the certificate's issuer/subject/extension RDN keys/wildcard and SANS countString
    ssl.expiredHas SSL certificate expiredBoolean
    ssl.issuer.common_nameSSL Certificate Issuer Common NameString
    ssl.issuer.countrySSL Certificate Issuer CountryString
    ssl.issuer.organizationSSL Certificate Issuer OrganizationList of strings
    ssl.not_afterSSL Certificate Validity End DateDatetime
    ssl.not_beforeSSL Certificate Validity Start DateDatetime
    ssl.sansSSL Certificate Sans ListList of domains
    ssl.sans_countSSL Certificate Sans List CountNumber
    ssl.serial_numberSSL Certificate Serial NumberString
    ssl.SHA1SSL Certificate SHA1 HashString
    ssl.SHA256SSL Certificate SHA256 HashString
    ssl.sigalgSSL Certificate Signature AlgorithmString
    ssl.subject.common_nameSSL Certificate Subject Common NameString
    ssl.subject.countrySSL Certificate Subject CountryString
    ssl.subject.namesSSL Certificate Subject NamesList of domains
    ssl.subject.organizationSSL Certificate Subject OrganizationString
    ssl.wildcardIs this a wildcard SAN certificate, i.e. Sans List references wildcardsBoolean
    subdomainThe subdomain value, if it exists, of the final domain that scanned original domain redirects toString
    tldThe top level domain of the final domain that scanned original domain redirects toString
    urlThe final URL that the origin URL that was scanned redirects toString

    'services' field names

    Here's a list of field names you can search across using the services data source.

    Field nameDescriptionType
    bannerService banner on a specific portString
    datahashA unique hash of the overall scan resultString
    fingerprints.ECDSAFingerprint of the ECDSA public keyString
    fingerprints.ED25519Fingerprint of the ED25519 public keyString
    fingerprints.RSAFingerprint of the RSA public keyString
    geoip.asnAutonomous System Name (ASN)Integer
    geoip.as_orgAS OrganizationString
    ipIP hosting URL that origin URL that was scanned redirects toString
    portPort of URL that originally scanned URL redirects toNumber
    scan_dateThe date that data was scannedDatestring
    ssl.authority_key_idThe authority key identifier (AKI) is an X.509 v3 certificate extension. It contains a key identifier which is derived from the public key in the issuer certificate.String
    ssl.chvA fingerprint on how the issuer creates the certificate based on the certificate's issuer/subject/extension RDN keys/wildcard and SANS countString
    ssl.expiredHas SSL certificate expiredBoolean
    ssl.issuer.common_nameSSL Certificate Issuer Common NameString
    ssl.issuer.countrySSL Certificate Issuer CountryString
    ssl.issuer.organizationSSL Certificate Issuer OrganizationList of strings
    ssl.not_afterSSL Certificate Validity End DateDatetime
    ssl.not_beforeSSL Certificate Validity Start DateDatetime
    ssl.sansSSL Certificate Sans ListList of domains
    ssl.sans_countSSL Certificate Sans List CountNumber
    ssl.serial_numberSSL Certificate Serial NumberString
    ssl.SHA1SSL Certificate SHA1 HashString
    ssl.SHA256SSL Certificate SHA256 HashString
    ssl.sigalgSSL Certificate Signature AlgorithmString
    ssl.subject.common_nameSSL Certificate Subject Common NameString
    ssl.subject.countrySSL Certificate Subject CountryString
    ssl.subject.namesSSL Certificate Subject NamesList of domains
    ssl.subject.organizationSSL Certificate Subject OrganizationString
    ssl.wildcardIs this a wildcard SAN certificate, i.e. Sans List references wildcardsBoolean

    'opendirectory' field names

    Here's a list of field names you can search across using the opendirectory data source.

    Field nameDescriptionType
    dirIs a directoryBoolean
    geoip.asnAutonomous System Name (ASN)Integer
    geoip.as_orgAS OrganizationString
    hostnameHostname of domain that original domain that was scanned redirects toString
    ipIP hosting URL that origin URL that was scanned redirects toString
    last_modifiedLast modified date of a file in an open directoryDatestring
    nameFilename or directory name of a file in an open directoryString
    portPort of URL that originally scanned URL redirects toNumber
    scan_dateThe date that data was scannedDatestring
    schemeScheme of URL that originally scanned URL redirects toString
    sizeThe filesize in bytesInteger

    'webscanhistory' field names

    Here's a list of field names you can search across using the webscanhistory data source.

    Field nameDescriptionType
    datahashA unique hash of the overall scan resultString
    domainThe final domain that the origin domain that was scanned redirects toString
    hostnameHostname of domain that original domain that was scanned redirects toString
    ipIP hosting URL that origin URL that was scanned redirects toString
    origin_urlURL that was originally scannedURL
    scan_dateThe date that data was scannedDatestring
    schemeScheme of URL that originally scanned URL redirects toString

    'webscanfailure' field names

    Here's a list of field names you can search across using the webscanfailure data source.

    Field nameDescriptionType
    domainThe final domain that the origin domain that was scanned redirects toString
    ipIP hosting URL that origin URL that was scanned redirects toString
    portPort of URL that originally scanned URL redirects toNumber
    reasonThe reason a scanning failure occurredString
    scan_dateThe date that data was scannedDatestring
    schemeScheme of URL that originally scanned URL redirects toString
    urlThe final URL that the origin URL that was scanned redirects toString

    Field name index

    Field nameDescriptionTypeData source
    adtech.ads_txtHas /ads.txtBooleanwebscan
    adtech.ads_txt_sha256sha256 of /ads.txtStringwebscan
    adtech.app_ads_txtHas /app-ads.txtBooleanwebscan
    adtech.app-ads_txt_sha256sha256 of /app-ads.txtStringwebscan
    adtech.sellers_jsonHas /sellers.jsonBooleanwebscan
    adtech.sellers_json_sha256sha256 of /sellers.jsonStringwebscan
    bannerService banner on a specific portStringservices
    body_analysis.adsenseStringwebscan, torscan
    body_analysis.adserverStringwebscan, torscan
    body_analysis.analyticsStringwebscan, torscan
    body_analysis.body_sha256SHA256 hash of the <body>Stringwebscan, torscan
    body_analysis.footer_sha256SHA256 hash of the <footer>Stringwebscan, torscan
    body_analysis.google-adstagStringwebscan, torscan
    body_analysis.google-GA4GA4 tagStringwebscan, torscan
    body_analysis.google-UAUA tagStringwebscan, torscan
    body_analysis.header_sha256SHA256 hash of the <header>Stringwebscan, torscan
    body_analysis.ICP_licenseChinese ICP LIcenseStringwebscan
    body_analysis.js_sha256List of referenced js files in the HTML content, in the form of "url sha256"Stringwebscan, torscan
    body_analysis.js_ssdeepList of referenced js files in the HTML content, in the form of "url ssdeep"Stringwebscan, torscan
    body_analysis.languageList of languages found in the HTML content, comma separated, from most used to least usedStringwebscan, torscan
    body_analysis.onionList of onion addresses that are in the HTML responseStringwebscan, torscan
    body_analysis.SHVScript Hash Value, based on js scripts used by a website.Stringwebscan, torscan
    datahashA unique hash of the overall scan resultStringwebscan, torscan, services, webscanhistory
    datasourceThe index of the dataStringN/A
    dirIs a directoryBooleanopendirectory
    domainThe final domain that the origin domain that was scanned redirects toStringwebscan, torscan, webscanhistory, webscanfailure
    favicon_avgVisual similarity image hash of the website's favicon fileStringwebscan, torscan
    favicon2_avgVisual similarity image hash of the website's favicon2 fileStringwebscan, torscan
    favicon_md5Favicon MD5 HashStringwebscan, torscan
    favicon_murmur3Favicon Murmur3 HashStringwebscan, torscan
    favicon_pathFavicon PathStringwebscan, torscan
    favicon2_md5Favicon2 MD5 HashStringwebscan, torscan
    favicon2_murmur3Favicon2 Murmur3 HashStringwebscan, torscan
    favicon2_pathFavicon2 PathStringwebscan, torscan
    favicon_urlsList of the URLs of the faviconsStringwebscan, torscan
    fileDoes URL scanned point to a fileBooleanwebscan, torscan
    file_sha256Hash of file pointed toStringwebscan, torscan
    fingerprints.ECDSAFingerprint of the ECDSA public keyStringservices
    fingerprints.ED25519Fingerprint of the ED25519 public keyStringservices
    fingerprints.RSAFingerprint of the RSA public keyStringservices
    geoip.asnAutonomous System Name (ASN)Integerwebscan, services, opendir
    geoip.as_orgAS OrganizationStringwebscan, services, opendirectory
    geoip.city_nameCity of IP geolocationStringwebscan
    geoip.continent_codeContinent of IP geolocationStringwebscan
    geoip.country_code2Country code of IP geolocationStringwebscan
    geoip.country_code3Country code of IP geolocationStringwebscan
    geoip.country_nameCountry name of IP geolocationStringwebscan
    geoip.dma_codeDesignated marketing areaStringwebscan
    geoip.latitudeLatitude value of IP geolocationllFloatwebscan
    geoip.location.latLatitude value of IP geolocationFloatwebscan
    geoip.location.lonLongtitude value of IP geolocationFloatwebscan
    geoip.longitudeLongtitude value of IP geolocationFloatwebscan
    geoip.postal_codePostal code of IP geolocationStringwebscan
    geoip.region_codeRegion code of IP geolocationStringwebscan
    geoip.region_nameRegion name of IP geolocationStringwebscan
    geoip.timezoneTimezone of IP geolocationStringwebscan
    header.cache-controlInstructions that control caching in browsers and shared caches (e.g. Proxies, CDNs)Stringwebscan, torscan
    header.connectionWhether the network connection stays open after the current transaction finishesStringwebscan, torscan
    header.content-lengthSize of the message body, in bytes, sent to the recipient.Numberwebscan, torscan
    header.content-typeOriginal media type of the resource (prior to any content encoding applied for sending).Stringwebscan, torscan
    header.etagThe ETag (or entity tag) HTTP response headerStringwebscan, torscan
    header.refreshStringwebscan, torscan
    header.serverSoftware used to serve the HTTP response. If a redirect is present, this field shows data from the server that performed the last redirectStringwebscan, torscan
    header.x-powered-byValue returned from server stating whatv it's powered byStringwebscan, torscan
    hhvA hash value based on the header keysStringwebscan, torscan
    hostnameHostname of domain that original domain that was scanned redirects toStringwebscan, torscan, webscanhistory
    html_body_lengthNumber of bytes in the HTML bodyIntegerwebscan
    html_body_murmur3A Murmur3 hash of the HTML bodyNumberwebscan, torscan
    html_body_sha256A SHA256 hash of the HTML bodyStringwebscan, torscan
    html_body_similarityPercentage difference in the HTML body for this scan versus the previous scan - based on the SSDeep hashNumberwebscan
    html_body_ssdeepSSDeep hash of the HTML bodyStringwebscan, torscan
    htmltitleHTML TitleStringwebscan, torscan
    ipIP hosting URL that origin URL that was scanned redirects toStringwebscan, services, opendirectory, webscanhistory, webscanfailure
    jarmJARM Hash fingerprinting the TLS configurations of the hostStringwebscan
    last_modifiedLast modified date of a file in an open directoryDatestringopendirectory
    nameFilename or directory name of a file in an open directoryStringopendirectory
    opendirectoryIs this an open directoryBooleanwebscan, torscan
    origin_domainDomain that was scannedStringwebscan
    origin_hostnameHostname of domain that was scannedStringwebscan, torscan
    origin_ipIP hosting URL that was originally scannedStringwebscan, torscan
    origin_pathURL path that was originally scannedStringwebscan, torscan
    origin_portURL port that was originally scannedStringwebscan
    origin_schemeScheme of URL that was originally scannedStringwebscan
    origin_urlURL that was originally scannedURLwebscan, torscan, webscanhistory
    pathPath of URL that originally scanned URL redirects toStringwebscan, torscan
    portPort of URL that originally scanned URL redirects toNumberwebscan, torscan, services, opendirectory, webscanfailure
    reasonThe reason a scanning failure occurredStringwebscanfailure
    redirectDoes the URL scanned result in a redirectBooleanwebscan, torscan
    redirect_countNumber of URLs involved in a redirectIntegerwebscan, torscan
    redirect_listList of URLs that sit between the origin and destination URLsStringwebscan, torscan
    redirect_to_httpsDoes the URL scanned result in a redirect to httpsBooleanwebscan, torscan
    responseScan Request Response CodeNumberwebscan, torscan
    scan_dateThe date that data was scannedDatestringwebscan, torscan, services, opendirectory, webscanhistory, webscanfailure
    schemeScheme of URL that originally scanned URL redirects toStringwebscan, torscan, opendirectory, webscanhistory, webscanfailure
    sizeThe filesize in bytesIntegeropendirectory
    ssl.authority_key_idThe authority key identifier (AKI) is an X.509 v3 certificate extension. It contains a key identifier which is derived from the public key in the issuer certificate.Stringwebscan, torscan, services
    ssl.chvA fingerprint on how the issuer creates the certificate based on the certificate's issuer/subject/extension RDN keys/wildcard and SANS countStringwebscan, torscan, services
    ssl.expiredHas SSL certificate expiredBooleanwebscan, torscan, services
    ssl.issuer.common_nameSSL Certificate Issuer Common NameStringwebscan, torscan, services
    ssl.issuer.countrySSL Certificate Issuer CountryStringwebscan, torscan, services
    ssl.issuer.organizationSSL Certificate Issuer OrganizationList of stringswebscan, torscan, services
    ssl.not_afterSSL Certificate Validity End DateDatetimewebscan, torscan, services
    ssl.not_beforeSSL Certificate Validity Start DateDatetimewebscan, torscan, services
    ssl.sansSSL Certificate Sans ListList of domainswebscan, torscan, services
    ssl.sans_countSSL Certificate Sans List CountNumberwebscan, torscan, services
    ssl.serial_numberSSL Certificate Serial NumberStringwebscan, torscan, services
    ssl.SHA1SSL Certificate SHA1 HashStringwebscan, torscan, services
    ssl.SHA256SSL Certificate SHA256 HashStringwebscan, torscan, services
    ssl.sigalgSSL Certificate Signature AlgorithmStringwebscan, torscan, services
    ssl.subject.common_nameSSL Certificate Subject Common NameStringwebscan, torscan, services
    ssl.subject.countrySSL Certificate Subject CountryStringwebscan, torscan, services
    ssl.subject.namesSSL Certificate Subject NamesList of domainswebscan, torscan, services
    ssl.subject.organizationSSL Certificate Subject OrganizationStringwebscan, torscan, services
    ssl.wildcardIs this a wildcard SAN certificate, i.e. Sans List references wildcardsBooleanwebscan, torscan, services
    subdomainThe subdomain value, if it exists, of the final domain that scanned original domain redirects toStringwebscan, torscan
    timestampA date stringString
    tldThe top level domain of the final domain that scanned original domain redirects toStringwebscan, torscan
    urlThe final URL that the origin URL that was scanned redirects toStringwebscan, torscan

    Was this article helpful?

    What's Next