Contents x
      Get ASNs that have been used a domain within the last 30 days
      • 16 May 2023
      • 1 Minute to read
      • Print
      • Dark
        Light
      Contents

      Get ASNs that have been used a domain within the last 30 days

      • Updated on 16 May 2023
      • 1 Minute to read
      • Print
      • Dark
        Light
      Article summary

      Silent Push allows you to obtain a list of ASNs that have been used by A records for a domain within the last 30 days, including any subdomains.

      Obtaining this data allows security teams to identify the networks and organizations that are hosting the domain and its subdomains, and track patterns of behaviour across groups of threat actors.

      ASN analysis also helps in the detection of domain generation algorithms (DGAs) and fast-flux techniques. DGAs are commonly used to generate large numbers of domain names, making it difficult for security teams to identify and block incoming threats.

      1. Navigate to Advanced Query Builder > PADNS Queries > ASNs seen for domain

      2. Specify a domain

      3. Choose to return an ASN list only, or detailed information under result_format

      4. Click Search

      Saving queries

      Organizational users are able to save individual queries ran from Advanced Query Builder, and store them in the Private Queries menu for future analysis, or to share with their organization.

      1. Specify the query parameters

      2. Click Save Query

      3. Give your query a Name

      4. Specify a Description to add more context

      5. Click Save

      Was this article helpful?
      What's Next