Multi-condition PADNS Lookup

GET /explore/padns/lookup/both/{qtype}/{qname}/{qanswer}

Reverse lookup of Passive DNS data

Core Lookup parameters

Parameter	Type	Required	Description
qtype	string	Yes	Specifies the DNS record type to query. Supported types: a: IPv4 address aaaa: IPv6 address cname: Canonical name mx: Mail exchange ns: Name server ptr4: IPv4 reverse lookup tr6: IPv6 reverse lookup
qname	string	Yes	The primary name or IP address to look up. Supports wildcards (*) in names. Accepts IPv4 or IPv6 addresses.
qanswer	string	Yes	The expected answer or IP address to match against. Supports wildcards (*) in names. Accepts IPv4 or IPv6 addresses.

Parameter

Type

Required

Description

qtype

string

Yes

Specifies the DNS record type to query. Supported types:

a: IPv4 address
aaaa: IPv6 address
cname: Canonical name
mx: Mail exchange
ns: Name server
ptr4: IPv4 reverse lookup
tr6: IPv6 reverse lookup

qname

string

Yes

The primary name or IP address to look up.

Supports wildcards (*) in names.
Accepts IPv4 or IPv6 addresses.

qanswer

string

Yes

The expected answer or IP address to match against.

Supports wildcards (*) in names.
Accepts IPv4 or IPv6 addresses.

Matching and Filtering parameters

Parameter	Type	Required	Description
match	string	No	Filters records where the query equals qname and the answer matches or does not match qanswer. eq (default): Answer must match qanswer. neq: Answer must not match qanswer.
name	string	No	Additional names to match against qanswer. Up to 5 names allowed. Wildcards (*) supported.
netmask	int	No	Network mask for qtype=a or aaaa queries to find records in the same subnet. Defaults: IPv4=32, IPv6=128.
net	string	No	For ptr4 or a records, filters IPv4 addresses in or out of the subnet defined by netmask. in (default): Include records in subnet. notin: Exclude records in subnet.
network	string	No	Additional subnets to filter by (format: 1.1.1.1/24). Up to 5 networks allowed.
asnum	int	No	AS (Autonomous System) number to search for. Can be repeated for multiple ASNs. Used with qtype=a or ptr4 to find records in the same AS.
asn	string	No	For ptr4 or a records, filters IPv4 addresses in or out of the ASN defined by asnum. in (default): Include records in ASN. notin: Exclude records in ASN.
asname	string	No	Search all AS numbers where the AS name begins with the given value.
asname_starts_with	string	No	Search all AS numbers where the AS name starts with the given value.
asname_contains	string	No	Search all AS numbers where the AS name contains the given value.

Time-Based filtering parameters

These parameters filter based on first_seen, last_seen, or as_of timestamps. Each accepts one of the following formats:

Date: yyyy-mm-dd (e.g., 2021-07-09) – Fixed date.
Epoch: Integer (e.g., 1625834953) – Fixed Unix timestamp.
Seconds ago: Negative integer (e.g., -172800) – Relative time in seconds.
Time period ago: Negative value with unit (e.g., -36h, -5d, -3w, -6m) – Relative time. Units: h (hours), d(days), w (weeks), m (months).

Parameter	Type	Required	Description
first_seen_after	string/int	No	Records where first_seen timestamp is on or after the specified time.
first_seen_before	string/int	No	Records where first_seen timestamp is on or before the specified time.
last_seen_after	string/int	No	Records where last_seen timestamp is on or after the specified time.
last_seen_before	string/int	No	Records where last_seen timestamp is on or before the specified time.
as_of	string/int	No	Only include records where the equivalent timestamp falls between first_seen and last_seen.

Sorting and Output parameters

Parameter	Type	Required	Description
sort	string	No	Orders results by column. Can be repeated for multi-level sorting. Sort columns: last_seen, last, time_last (synonyms for last seen). first_seen, first, time_first (synonyms for first seen). query, rrname (synonyms for query). answer, rdata (synonyms for answer). Order directions: asc, +, up (ascending). desc, -, down (descending).
output_format	string	No	Output format. padns (default): Silent Push padns format. cof: Common output format.
limit	int	No	Maximum number of results to return. Default: 100.
skip	int	No	Number of results to skip (for pagination).
prefer	string	No	Response preference. result (default): Wait for results (up to max_wait), then return job_id if needed. job_id: Return job ID immediately.
max_wait	int	No	Seconds to wait for results before returning job ID. Default: 25. Range: 0–25.
with_metadata	int	No	Include metadata (e.g., total results, job ID) in response. 0 (default): Exclude. 1: Include.

Request headers

Header	Description
X-API-KEY	API key for authentication.

Note
Wildcards (*) are supported in qname and qanswer.
https://api.silentpush.com/api/v1/merge-api/explore/padns/lookup/both/ns/sil*push.*/*.ns.cloudflare.com

Example request

https://api.silentpush.com/api/v1/merge-api/explore/padns/lookup/both/ns/sil*push.*/*.ns.cloudflare.com \
     ?last_seen_after=2021-07-01 \
     &limit=2

Example response

{
    "status_code": 200,
    "error": null,
    "response": {
        "records": [
            {
                "answer": "vida.ns.cloudflare.com",
                "count": 236,
                "first_seen": "2020-12-24 19:04:43",
                "last_seen": "2021-07-09 16:39:51",
                "nshash": "850c47a684c9ea9c32ece18e7be4cddc",
                "query": "silentpush.com",
                "ttl": 172800,
                "type": "NS"
            },
            {
                "answer": "henry.ns.cloudflare.com",
                "count": 236,
                "first_seen": "2020-12-24 19:04:43",
                "last_seen": "2021-07-09 16:39:51",
                "nshash": "850c47a684c9ea9c32ece18e7be4cddc",
                "query": "silentpush.com",
                "ttl": 172800,
                "type": "NS"
            }
        ]
    }
}

Example Exclusion Search

Similar domains not on the given name servers.

https://api.silentpush.com/api/v1/merge-api/explore/padns/lookup/both/ns/sil*push.*/*.ns.cloudflare.com \
    ?last_seen_after=2021-07-01 \
    &limit=2 \
    &match=neq

{
    "status_code": 200,
    "error": null,
    "response": {
        "records": [
            {
                "answer": "dns1.registrar-servers.com",
                "count": 299,
                "first_seen": "2020-12-25 22:55:52",
                "last_seen": "2021-07-10 19:03:43",
                "nshash": "12241179c5fb5626e98315c13551f23a",
                "query": "silverpush.co",
                "ttl": 3600,
                "type": "NS"
            },
            {
                "answer": "dns2.registrar-servers.com",
                "count": 299,
                "first_seen": "2020-12-25 22:55:52",
                "last_seen": "2021-07-10 19:03:43",
                "nshash": "12241179c5fb5626e98315c13551f23a",
                "query": "silverpush.co",
                "ttl": 3600,
                "type": "NS"
            }
        ]
    }
}