Get ASN information for a list of IPv4 addresses

  • Updated on May 16, 2023
  • Published on Apr 11, 2023
  • 1 minute(s) read

An ASN is a unique identifier assigned by the Internet Assigned Numbers Authority (IANA) to a network operator that controls a block of IP addresses.

Threat actors often use multiple IP addresses and domains to carry out their attacks. ASN information allows security analysts to group these disparate elements into larger networks or organizations, helping to identify patterns of behavior and to more accurately attribute attacks to specific threat actors or groups.

Incorporating ASN information into threat intelligence management allows security teams to better understand the nature and scope of threats facing their organization and take more effective measures to defend against them.

  1. Navigate to Advanced Query Builder > IPv4 Queries > history information - bulk

  2. Specify a list of IPs and dates one line at a time

  3. Click Search

  4. Data is outputted in the box to the right, in descending order, corresponding to each line

  5. Click Save to save your query

Saving queries

Organizational users are able to save individual queries ran from Advanced Query Builder, and store them in the Private Queries menu for future analysis, or to share with their organization.

  1. Specify the query parameters

  2. Click Save Query

  3. Give your query a Name

  4. Specify a Description to add more context

  5. Click Save