Locate IPs associated with a specific domain name (forward A)
- 26 Jul 2024
- 1 Minute to read
- Print
- DarkLight
Locate IPs associated with a specific domain name (forward A)
- Updated on 26 Jul 2024
- 1 Minute to read
- Print
- DarkLight
Article summary
Did you find this summary helpful?
Thank you for your feedback
A "forward A" lookup is a DNS query that maps a domain name to its corresponding IP address.
By using a forward A lookup to locate IPs associated with a specific domain name, security teams can identify the servers or hosts associated with the domain, and identify other domains or IPs that are associated with the same infrastructure or threat activity.
By verifying the accuracy and completeness of DNS information for a particular domain, security teams can identify potential instances of DNS hijacking or spoofing, where a malicious actor may have taken control of a domain and redirected traffic to a different IP address or domain.
Execute a forward A lookup
Navigate to Explore DNS Data > IPs Hosting a Domain
Enter the server's
domain nameSelect the
type of recordto output (A/AAAA)(Optional) Specify the time frame when the A record was
first seen(Optional) Set the time frame when the A record was
last seen(Optional) Tick
Last 24 Hoursto only show A records first observed in the last 24 hoursSpecify a
Sort Orderthat applies itself to outputted resultsClick
Search
Monitoring forward A lookup data
You can monitor results populated on the Explore screen for any changes, saving you time and resources by automating key queries across a range of internal workflows.
Monitors run once every 24 hours. You'll be alerted when Silent Push detects new results via email (filtering/sorting options are not applied)
Once you've received a set of results, click the
Monitorbutton on the top rightSpecify a
Monitor nameEnter a
DescriptionClick
SaveYour monitored query is now visible in
Monitors > Monitored QueriesRead this article for information on how to share a monitor
Was this article helpful?