(deprecated) Timeline
We are retiring and replacing this timeline with a new timeline as a part of the Passive DNS feature. For more information on the new timeline, see Passive DNS Timeline. To learn more about passive DNS, see Passive DNS.
The Timeline section displays a timeline chart to show when when a domain, IP or URL was given attribution of a particular security categorization or threat typeâindicators of compromise. It also shows when the attribution changed, whether thatâs an added attribution, a subtracted attribution, or an attribution that's been re-added later. This can be used to determine if a blocked domain, IP or URL is a newly discovered threat or has been blocked for a long period of time.
Timeline example for verify-goole.comâA Threat
Timeline example for cisco.comâNot a Threat
Often domains, IP or URLs are flagged as malicious in our research, but the site owner takes time to patch the server from any exploits or malware being hosted. The categorization is updated on our end, and the /timeline/ endpoint reflects the change.
Note: While we have made a best effort approach to reconstruct the past timeline of events, categorization information for indicators of compromise prior to August 2017 may be inaccurate.
Timeline Details
- Current CategorizationâThe Umbrella security category, if any.
- First QueriedâThe first time that Umbrella saw this domain being queried, in epoch time. This time only applies to new domains, which are defined as domains first queried some time after we started tracking it's availability.
- Last Updatedâ Date the record was last updated.
- ExpiresâThe date the record expires.
- RegisteredâDate the domain was registered.
- Content CategoriesâThe Umbrella content category, if any.
Categories Changed, Added and Removed
Malicious domainsâthose that pose a security threatâare displayed in red and include informational tags across the timeline to help you determine when changes occurredâyou are presented with a historical record of activity. For example, if a domain has been categorized previously, then categorized againâfor example, if it were hosting malware, then was found to be cleaned, then found again to be hosting malwareâyou will have a historical record of the tagging for this activity.
Scroll your mouse over an icon to access information.
Categories Added shows you when and where on the timeline the categorization of the domain occurred.
You can also see when a categorization was removed for the domain.
Notification Alerts < Timeline > Passive DNS Timeline
Updated about 1 month ago