Execute passive DNS scans that focus on specific record types

Updated
  • Updated on Jul 28, 2025
  • Published on Apr 17, 2023
  • 1 minute(s) read
Prev Next

Silent Push provides robust capabilities for performing detailed DNS lookups, allowing users to target specific DNS record types by either domain or IP address.

Results are populated in the Explore screen. From this screen, users can:

Forward lookups are available for:

  • A: Maps a domain to an IPv4 address (e.g., 192.0.2.1).

  • AAAA: Maps a domain to an IPv6 address (e.g., 2001.0db8:85a3:0000:0000:8a2e:0370:7334).

  • CNAME: Creates an alias from one domain name to another.

  • MX: Identifies the mail server responsible for receiving email for the domain.

  • NS: Specifies the authoritative name servers for the domain.

  • PTR4: Used for reverse lookup of IP44 addresses, mapping an IP to a domain (though typically associated with reverse lookups, it may be included here for specific forward contexts).

  • TXT: Stores text information, often for verification or (Sender Policy Framework) SPF/ (DomainKey Identified Mail) DKIM settings.

  • SOA: Defines the start of authority, providing administrative details for the DNS zone.

  • Any IPv4 or IPv6 addresses: Allows broad queries across all address types.

Reverse lookups, which resolve IP addresses back to domain names, are available for:

  • A: Can be used to identify domains associated with an IP (less common in reverse context).

  • AAAA: Identifies domains linked to an IPv6 address.

  • PTR4: Maps an IPv6 address to a domain name, extending reverse lookup to IPv6.

  • CNAME: Can reveal aliases linked to an IP address.

  • MX: Identifies mail servers associated with an IP.

  • TXT: Retrieves text records tied to an IP

  1. Navigate to Explore DNS Data > Explore Indicator DNS Data

  2. Enter a domain or IP in the search bar

  3. Select a forward (Query) or reverse (Answer) lookup type from the list provided

  4. Click Lookup PADNS

Monitoring passive DNS data

You can monitor results populated on the Explore screen for any changes, saving you time and resources by automating key queries across various internal workflows.

Monitors run once every 24 hours. You'll be alerted when Silent Push detects new results via email (filtering/sorting options are not applied)

  1. After receiving results, click the Monitor button on the top right

  2. Specify a Monitor name

  3. Enter a Description

  4. Click Save

  5. Your monitored query is now visible in Monitors > Monitored Queries

  6. Read this article for information on how to share a monitor