- 16 May 2023
- 1 Minute to read
- Print
- DarkLight
Get ASNs that have been used a domain within the last 30 days
- Updated on 16 May 2023
- 1 Minute to read
- Print
- DarkLight
Silent Push allows you to obtain a list of ASNs that have been used by A records for a domain within the last 30 days, including any subdomains.
Obtaining this data allows security teams to identify the networks and organizations that are hosting the domain and its subdomains, and track patterns of behaviour across groups of threat actors.
ASN analysis also helps in the detection of domain generation algorithms (DGAs) and fast-flux techniques. DGAs are commonly used to generate large numbers of domain names, making it difficult for security teams to identify and block incoming threats.
Navigate to
Advanced Query Builder > PADNS Queries > ASNs seen for domain
Specify a
domain
Choose to return an ASN list only, or detailed information under
result_format
Click
Search
Saving queries
Organizational users are able to save individual queries ran from Advanced Query Builder
, and store them in the Private Queries
menu for future analysis, or to share with their organization.
Specify the query parameters
Click
Save Query
Give your query a
Name
Specify a
Description
to add more contextClick
Save