How to Use Web Search

Updated
  • Updated on Dec 10, 2025
  • Published on Dec 10, 2025
  • 1 minute(s) read
Prev Next

Every domain you look up in Silent Push comes with complete historical web searches — page titles, server banners, detected technologies, favicons, certificates, HTTP headers, and more, going back years. And every blue value is a one-click pivot across the entire global Web Search database.

Open Any Domain in Total View

Search any domain or IP. Click the result, and you’re now in Total View.
Scroll down and click the Web Search tab.

The moment the tab loads, you get:

  • All historical scan dates for this domain/IP

  • Live-captured metadata from every scan

  • Full timeline of when the site changed

Expand Any Scan Date

Click the Expand arrow next to any date, even if the title looks the same.

You now see everything Silent Push captured at that exact moment:

  • Page Title & Meta Description

  • Server banner & full HTTP headers

  • Detected technologies (CMS, frameworks, libraries)

  • Favicon (with MD5/SHA256 hash)

  • SSL/TLS certificate details (CN, issuer, validity)

  • Redirect chains

  • Full response snapshot

One-Click Pivot on Anything Blue

  • Click a blue favicon hash to instantly see every other site using the identical favicon (actor branding gold)

  • Click a blue certificate serial to find every domain using the same cert

  • Click a blue technology (e.g., “Apache/2.4.41” or “WordPress 6.1”) to reveal the actor’s full tech stack footprint

  • Click a blue server banner to uncover every server running the same configuration

Real-World Example Workflows

Who else is using this exact phishing kit template?

  • Open Total View > Web Search > Expand the latest scan, then click the blue favicon hash to see 200+ identical phishing pages instantly.

Did the actor rotate certificates to evade blocking?

  • Look at the certificate history, click an old cert serial to reveal every other domain that used it before the switch.

Is this part of a bigger campaign using the same server setup?

  • Click the blue server banner or specific tech (e.g., “nginx/1.18.0”) to expose hundreds of related malicious hosts.

Tips

  • Always expand multiple scan dates — actors frequently swap pages overnight.

  • Favicon hash is usually the single most powerful pivot in Web Search.

  • Combine with the PADNS tab to see which IPs served the same favicon over time.

  • Combine with the Certificates tab for even deeper cert-based pivots.

Related articles