Get information about an IP including WHOIS, popularity, DNS and more.
id (IP address) must be provided in all queries to this table.
Get IP information
select*fromvirustotal_ipwhereid = '188.8.131.52'
Find all scanner results where result was not clean
selectanalysis.key as scanner,analysis.value ->> 'result' as resultfromvirustotal.virustotal_ip,jsonb_each(last_analysis_results) as analysiswhereid = '184.108.40.206'and analysis.value ->> 'result' != 'clean'order byscanner
Information and analysis for an IP address.
|as_owner||text||Owner of the Autonomous System to which the IP belongs.|
|asn||bigint||Autonomous System Number to which the IP belongs.|
|category||text||Normalized result: harmlaess, undetected, suspicious, malicious.|
|continent||text||Continent where the IP is placed (ISO-3166 continent code).|
|country||text||Country where the IP is placed (ISO-3166 country code).|
|engine_name||text||Complete name of the URL scanning service.|
|id||inet||The IP to retrieve.|
|last_analysis_results||jsonb||Result from URL scanners. Dict with scanner name as key and a dict with notes/result from that scanner as value.|
|last_analysis_stats||jsonb||Number of different results from this scans.|
|last_https_certificate||jsonb||SSL Certificate object retrieved last time the IP was analysed.|
|last_https_certificate_date||timestamp without time zone||Date when the certificate was retrieved by VirusTotal.|
|last_modification_date||timestamp without time zone||Date when any of IP's information was last updated.|
|method||text||Type of service given by that URL scanning service, e.g. blacklist.|
|network||text||IPv4 network range to which the IP belongs.|
|regional_internet_registry||text||One of the current regional internet registries: AFRINIC, ARIN, APNIC, LACNIC or RIPE NCC.|
|reputation||bigint||IP's score calculated from the votes of the VirusTotal's community.|
|result||text||Raw value returned by the URL scanner: e.g. clean, malicious, suspicious, phishing. It may vary from scanner to scanner, hence the need for the category field for normalisation.|
|tags||jsonb||List of representative attributes.|
|total_votes||jsonb||Unweighted number of total votes from the community, divided into harmless and malicious.|
|whois||text||WHOIS information as returned from the pertinent whois server.|
|whois_date||timestamp without time zone||Date of the last update of the whois record in VirusTotal.|