- 16 May 2023
- 2 Minutes to read
- Print
- DarkLight
Search for self-hosted domains
- Updated on 16 May 2023
- 2 Minutes to read
- Print
- DarkLight
Self-hosted domains are domains that are hosted on servers that are owned or controlled by the domain owner. When a domain is self-hosted, the domain owner has complete control over the hosting environment, including the software, hardware, and network configuration.
Self-hosted domains can be used by threat actors to carry out all manner of attacks. For example, an attacker may use a self-hosted domain to host phishing websites, distribute malware, or carry out other malicious activities.
Self-hosted domains are often difficult to detect, and aren't immediately obvious as a potential threat. Silent Push provides a facility to search for self-hosted domains, where the specified nameservers are in the queried domain and hosted on the same IP as the domain A record (where A records have been seen as active within the last 30 days).
Navigate to
Advanced Query Builder > PADNS Queries > Search Self-hosted Domains
Specify a
domain
or wildcard pattern of domain names to search forSpecify a
regular expression
match for a domain (must be valid re2 regular expression. This overrides thedomain
parameterSelect
with_metadata
to include metadata in the responseSpecify an ASN in
domain_asnum
to choose an ASN of domain A records to search (may be repeated multiple time for additional AS numbers. Separate multiple values with semicolon)Specify an ASN in
nssrv_asnum
to choose an ASN of nameserver A records to search (may be repeated multiple time for additional AS numbers. Separate multiple values with semicolon)Choose to search for IP addresses
in
ornot
in the given AS numbersUse
asname
to search for domain and nameserver A records in all AS numbers where the AS name begins with specified value (may be repeated multiple time for additional AS names. Separate multiple values with semicolon)Use
asname_starts_with
to search for domain and name server A records in all AS numbers where the AS name begins withasname
(may be repeated multiple time for additional AS names. Separate multiple values with semicolon)Use
asname_contains
to search for domain and nameserver A records in all AS numbers where the AS Name containsasname
(may be repeated multiple time for additional AS names - separate multiple values with semicolon)Choose an option under
asn_match
to match AS numbers:Any
: Any asnum given or derived from asnameAll
: Timeline must contain all asnums given or derived from asnameLimit
: Apply min and/or max limits as specified by optional asn_match_min and asn_match_max
Choose to
limit
the number of results to returnChoose to
skip
a specified number of resultsClick
Search
Saving queries
Organizational users are able to save individual queries ran from Advanced Query Builder
, and store them in the Private Queries
menu for future analysis, or to share with their organization.
Specify the query parameters
Click
Save Query
Give your query a
Name
Specify a
Description
to add more contextClick
Save