'siteurl' : The analyzed URL/URI. 'sitedomain' : The Fully Qualified Domain Name (FQDN). 'pagetitle' : The title presented by the crawled webpage. 'firstseentime' : The first time StalkPhish checked the site url. 'firstseencode' : The HTTP code retrieved the first time we connected. 'ipaddress' : IP v4 address linked to the FQDN. 'asn' : The Autonomous System number. 'asndesc' : The Autonomous System description. 'asnreg' : The Autonomous System registrar. 'extracted_emails' : Emails embedded in the phishing kit source code, if a phishing kit source code is retrieved.
'GoogleSafebrowsing' : The Google Safe Browsing web threat type, when URL/URI is analyzed. 'phishing_score' : A phishing threat score associated to the potential phishing URL/URI. 'SSLcert_countryName' : The SSL/TLS certificate declared country. 'SSLcert_Issuer' : The entity that verified the information and signed the certificate. 'SSLcert_commonName' : The SSL/TLS certificate Common Name (CN). 'SSLcert_notBefore' : The earliest time and date on which the certificate is valid. 'SSLcert_notAfter' : The time and date past which the certificate is no longer valid. 'SSLcert_subjectAltName' : The list of domain names covered by the certificate. 'SSLcert_serialNumber_hex' : Used to uniquely identify the certificate within a CA's systems (Hex). 'SSLcert_md5' : The MD5 hash of the certificate. 'SSLcert_sha1' : The SHA1 hash of the certificate. 'SSLcert_sha256' : The SHA256 hash of the certificate.
'zipfilename' : The potential phishing kit file name stored in our database. 'zipfilehash' : The zipfilename's SHA256 hash. 'page_hash' : The hash (without headers) of the webpage. 'targeted_brand' : The brand name URL/URI impersonate.