turbot/virustotal

steampipe plugin install virustotalsteampipe plugin install virustotal

Table: virustotal_domain

Get information about a domain including WHOIS, popularity, DNS and more.

Note: An id (registered domain name) must be provided in all queries to this table.

Examples

Get domain information

select
*
from
virustotal_domain
where
id = 'steampipe.io'

.inspect virustotal_domain

Information and analysis for a domain.

NameTypeDescription
categoriesjsonbMapping that relates categorisation services with the category it assigns the domain to. These services are, among others: Alexa, BitDefender, TrendMicro, Websense ThreatSeeker, etc.
creation_datetimestamp without time zoneCreation date extracted from the Domain's whois.
faviconjsonbDictionary including difference hash and md5 hash of the domain's favicon. Only available for premium users.
idtextThe domain name to retrieve.
jarmtextJARM is an active Transport Layer Security (TLS) server fingerprint.
last_analysis_resultsjsonbResult from URL scanners. dict with scanner name as key and a dict with notes/result from that scanner as value.
last_analysis_statsjsonbNumber of different results from this scans.
last_dns_recordsjsonbDomain's DNS records on its last scan.
last_dns_records_datetimestamp without time zoneDate when the dns records list was retrieved by VirusTotal.
last_https_certificatejsonbSSL Certificate object retrieved last time the domain was analysed.
last_https_certificate_datetimestamp without time zoneDate when the certificate was retrieved by VirusTotal.
last_modification_datetimestamp without time zoneDate when any of domain's information was last updated.
last_update_datetimestamp without time zoneUpdated date extracted from whois.
popularity_ranksjsonbDomain's position in popularity ranks such as Alexa, Quantcast, Statvoo, etc.
registrartextCompany that registered the domain.
reputationjsonbDomain's score calculated from the votes of the VirusTotal's community.
tagsjsonbList of representative attributes.
total_votesjsonbUnweighted number of total votes from the community, divided into harmless and malicious.
whoistextWHOIS information as returned from the pertinent whois server.
whois_datetimestamp without time zoneDate of the last update of the whois record in VirusTotal.