Date/time of lookup (i.e. not the time that the event was ingested).
A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z".
domain
string
Domain name looked up (i.e. "foo.bad-actor.com" or "foocompany.com").
Additional details about HTTP requests associated with this lookup.
resolved_ip_addresses[]
string
Either IPv4 or IPv6 results. Limited to a max of 5 results. We may want to annotate them with badges if the IPs are in a known IP space (CDN, AWS, Google Cloud Platform, Rackspace, etc).
customer_prevalence
integer
The prevalence of the domain within the customer's environment, defined for v1 as the number of unique assets per day looking up the domain name over the trailing 10 days.