Get ASNs that have been used a domain within the last 30 days

  • Updated on May 16, 2023
  • Published on Apr 11, 2023
  • 1 minute(s) read
Prev Next

Silent Push allows you to obtain a list of ASNs that have been used by A records for a domain within the last 30 days, including any subdomains.

Obtaining this data allows security teams to identify the networks and organizations that are hosting the domain and its subdomains, and track patterns of behaviour across groups of threat actors.

ASN analysis also helps in the detection of domain generation algorithms (DGAs) and fast-flux techniques. DGAs are commonly used to generate large numbers of domain names, making it difficult for security teams to identify and block incoming threats.

  1. Navigate to Advanced Query Builder > PADNS Queries > ASNs seen for domain

  2. Specify a domain

  3. Choose to return an ASN list only, or detailed information under result_format

  4. Click Search

Saving queries

Organizational users are able to save individual queries ran from Advanced Query Builder, and store them in the Private Queries menu for future analysis, or to share with their organization.

  1. Specify the query parameters

  2. Click Save Query

  3. Give your query a Name

  4. Specify a Description to add more context

  5. Click Save