In this article, an example IP of 167.94.138.41 is used.

Navigate to the following URL. Note the inclusion of 'engine=7'.

The indication of engine 7 means that the Options Field is set to IP/Domain/URL, as shown in the screenshot below.

https://www.fortiguard.com/search?q=167.94.138.41&engine=7

Example screenshot:

In this example, the IP is tagged as Malicious under Web Filtering, Antispam, IOC, and IP Geolocation.

IP lookups can be done from the FortiGate as well. Navigate to Policy & Object -> Internet Service Database -> IP Address Lookup.

Put the IP, and it will show its reputation.

Below is the command that can be used to search ISDB for specific IP addresses:

diagnose internet-service match <vdname> <ip> <netmask>

diagnose internet-service match root 167.94.138.41 255.255.255.255
Internet Service: 11337935(Malicious-Malicious.Server), matched entry num: 4, matched num: 4
Internet Service: 10027174(Censys-Scanner), matched entry num: 2, matched num: 2

Note:

Reuse the keyword field and check for IPs that are suspected to be Malicious.

If the IP address is not found or is not categorized correctly, send a submission through the Malicious URL Appeal form to the FortiGuard Team for evaluation.

Related article:

Technical Tip: CVE lookup and other important features in FortiGuard Labs