Multi-condition PADNS Lookup

GET /explore/padns/lookup/both/{qtype}/{qname}/{qanswer}

Reverse lookup of Passive DNS data.

Query Parameters:

qtype (string) (required) –
- the following qypes are supported:
  - a
  - aaaa
  - cname
  - mx
  - ns
  - ptr4
  - ptr6
qname (string) (required) –
- specify a name or IP address to lookup
  - name - wildcards (*) are supported in name string
  - IPv4
  - IPv6
qanswer (string) (required) –
- specify a name or IP address to lookup
  - name - wildcards (*) are supported in name string
  - IPv4
  - IPv6
match = (string) (optional) –
- find records where query = and answer equal or not equal to
  - eq (default) - answer must match
  - neq - answer must not match
name = (string) (optional) –
- additional name to match qanswer
- up to 5 additional names may be given - wildcards are supported
netmask = (int) (optional) –
- net mask may be given for qtypes a or aaaa
  - use to find records in the same subnet
  - defaults: IPv4 = 32, IPv6 = 128
net = (string) (optional) –
- find ptr4 or a records where ipv4 in or not in subnet defined by netmask
  - in (default) - find records in subnet
  - notin - find records not in subnet
network = (string) (optional) –
- additional network and net mask
- give option as 1.1.1.1/24
- up to 5 additional networks may be given
asnum = (int) (optional) –
- AS number to search, may be repeated multiple time for additional AS numbers
- parameter may be used with qtype=a or qtype=ptr4
- use to find records in the same AS number
asn = (string) (optional) –
- find ptr4 or a records where ipv4 in or not in ASN defined by asnum
  - in (default) - find records in ASN
  - notin - find records not in ASN
asname = (string) (optional) –
- search all AS numbers where the AS Name begins with
asname_starts_with = (string) (optional) –
- search all AS numbers where the AS Name begins with
asname_contains = (string) (optional) –
- search all AS numbers where the AS Name contains
first_seen_after = (optional) –
- first_seen timestamp must be on or after this time
- date: yyyy-mm-dd (2021-07-09) - fixed date
  - epoch: number (1625834953) - fixed time in epoch format
  - sec: negative number (-172800) - relative time seconds ago
  - time period: negative number with time period (-36h / -5d / -3w / -6m) - relative time ago
    - h : hours
    - d : days
    - w : weeks
    - m : months
first_seen_before = (optional) –
- first_seen timestamp must be on or before this time
  - date: yyyy-mm-dd (2021-07-09) - fixed date
  - epoch: number (1625834953) - fixed time in epoch format
  - sec: negative number (-172800) - relative time seconds ago
  - time period: negative number with time period (-36h / -5d / -3w / -6m) - relative time ago
    - h : hours
    - d : days
    - w : weeks
    - m : months
last_seen_after = (optional) –
- last_seen timestamp must be on or after this time
  - date: yyyy-mm-dd (2021-07-09) - fixed date
  - epoch: number (1625834953) - fixed time in epoch format
  - sec: negative number (-172800) - relative time seconds ago
  - time period: negative number with time period (-36h / -5d / -3w / -6m) - relative time ago
    - h : hours
    - d : days
    - w : weeks
    - m : months
last_seen_before = (optional) –
- last_seen timestamp must be on or before this time
  - date: yyyy-mm-dd (2021-07-09) - fixed date
  - epoch: number (1625834953) - fixed time in epoch format
  - sec: negative number (-172800) - relative time seconds ago
  - time period: negative number with time period (-36h / -5d / -3w / -6m) - relative time ago
    - h : hours
    - d : days
    - w : weeks
    - m : months
as_of = (optional) –
- only return records where the as_of timestamp equivalent is between the first_seen and the last_seen timestamp
  - date: yyyy-mm-dd (2021-07-09) - fixed date
  - epoch: number (1625834953) - fixed time in epoch format
  - sec: negative number (-172800) - relative time seconds ago
  - time period: negative number with time period (-36h / -5d / -3w / -6m) - relative time ago
    - h : hours
    - d : days
    - w : weeks
    - m : months
sort = (optional) –
- order results in specified order - parameter may be repeated with different column names to produce a nested sorting effect
  - sort:
    - last_seen/last/time_last - synonyms for last_seen column
    - first_seen/first/time_first - synonyms for first_seen column
    - query/rrname - synonyms for query column
    - answer/rdata - synonyms for answer_seen column
  - order:
    - asc/+/up - synonyms for ascending order
    - desc/-/down - synonyms for descending order
output_format = (optional) –
- padns (default) - Silent Push padns output format
- cof - common output format
limit = (int) (optional) –
- number of results to return
  - default = 100
skip = (int) (optional) –
- number of results to skip
prefer = (string) (optional) –
- result (default) - return results if available before max_wait timeout, otherwise return job_id
- job_id - return job_id immediately
max_wait = (int) (optional) –
- number of seconds to wait for results before returning job_id
- default = 25
- value in the range from 0 to 25
with_metadata =<0|1> (int) (optional) –
- include metadata object in response : returned results, total results, job_id
  - 0 (default) = do not include
  - 1 = include metadata

Request headers:

X-API-KEY - api-key

Note
Wildcards (*) are supported in qname and qanswer.
https://api.silentpush.com/api/v1/merge-api/explore/padns/lookup/both/ns/sil*push.*/*.ns.cloudflare.com

Example request

https://api.silentpush.com/api/v1/merge-api/explore/padns/lookup/both/ns/sil*push.*/*.ns.cloudflare.com \
     ?last_seen_after=2021-07-01 \
     &limit=2

Example response

{
    "status_code": 200,
    "error": null,
    "response": {
        "records": [
            {
                "answer": "vida.ns.cloudflare.com",
                "count": 236,
                "first_seen": "2020-12-24 19:04:43",
                "last_seen": "2021-07-09 16:39:51",
                "nshash": "850c47a684c9ea9c32ece18e7be4cddc",
                "query": "silentpush.com",
                "ttl": 172800,
                "type": "NS"
            },
            {
                "answer": "henry.ns.cloudflare.com",
                "count": 236,
                "first_seen": "2020-12-24 19:04:43",
                "last_seen": "2021-07-09 16:39:51",
                "nshash": "850c47a684c9ea9c32ece18e7be4cddc",
                "query": "silentpush.com",
                "ttl": 172800,
                "type": "NS"
            }
        ]
    }
}

Example Exclusion Search

Similar domains not on the given name servers.

https://api.silentpush.com/api/v1/merge-api/explore/padns/lookup/both/ns/sil*push.*/*.ns.cloudflare.com \
    ?last_seen_after=2021-07-01 \
    &limit=2 \
    &match=neq

{
    "status_code": 200,
    "error": null,
    "response": {
        "records": [
            {
                "answer": "dns1.registrar-servers.com",
                "count": 299,
                "first_seen": "2020-12-25 22:55:52",
                "last_seen": "2021-07-10 19:03:43",
                "nshash": "12241179c5fb5626e98315c13551f23a",
                "query": "silverpush.co",
                "ttl": 3600,
                "type": "NS"
            },
            {
                "answer": "dns2.registrar-servers.com",
                "count": 299,
                "first_seen": "2020-12-25 22:55:52",
                "last_seen": "2021-07-10 19:03:43",
                "nshash": "12241179c5fb5626e98315c13551f23a",
                "query": "silverpush.co",
                "ttl": 3600,
                "type": "NS"
            }
        ]
    }
}