The full set of threat types that can be determined in the API is listed below:
| Name |
Is Malicious |
C2 |
true |
Botnet |
true |
Hijacked |
true |
Phishing |
true |
Malware |
true |
Exploit |
true |
Scanner |
true |
Zombie |
true |
Spam |
true |
Suspicious |
true |
Compromised |
true |
Whitelist |
false |
Brute Force |
true |
Info |
false |
Suspicious subcategory
| Name |
Is Malicious |
Suspicious Application |
false |
Suspicious Website |
false |
Reverse Proxy |
false |
C2 Panel |
false |
| Name |
Is Malicious |
MiningPool |
true |
CoinMiner |
true |
Phishing subcategory
| Name |
Is Malicious |
Fake Website |
true |
C2 (Remote Control) subcategory
| Name |
Is Malicious |
Sinkhole C2 |
true |
Brute Force subcategory
| Name |
Is Malicious |
SSH Brute Force |
true |
FTP Brute Force |
true |
SMTP Brute Force |
true |
Http Brute Force |
true |
Web Login Brute Force |
true |
Info subcategory
| Name |
Is Malicious |
Bogon |
false |
FullBogon |
false |
Gateway |
false |
IDC |
false |
Dynamic IP |
false |
Edu |
false |
DDNS |
false |
Mobile |
false |
Search Engine Crawler |
false |
CDN |
false |
Advertisement |
false |
DNS |
false |
BTtracker |
false |
Backbone |
false |
ICP |
false |
IoT Device |
false |
Game Server |
false |
CloudWAF |
false |
HTTP Proxy |
false |
Socks Proxy |
false |
VPN |
false |
Tor |
false |