Documentation Index

Fetch the complete documentation index at: https://help.silentpush.com/llms.txt

Use this file to discover all available pages before exploring further.

Subdomain Tab View

Prev Next

A wildcard subdomain, such as *.test.com, catches all unresolved queries under your apex domain. While convenient, it can also mask shadow IT, increase takeover risks, or hide malicious activity. The Subdomains view in Total View gives you complete visibility into every discovered subdomain — including wildcards — at massive scale.

Overview of paypal.com domain metrics and subdomain details in a web analysis tool.

Why Subdomains Matter

  • Subdomains dramatically expand the attack surface

  • Attackers register lookalikes, abuse wildcards, or hijack forgotten subdomains

  • Large enterprise domains like paypal.com can have thousands of active subdomains

  • Sudden spikes in new subdomains often signal reconnaissance or compromise

Key Features in the Updated View

  • Domain Wide View toggle – expands discovery across the entire domain hierarchy

  • Clear display of total subdomain count and associated A records

  • Basic Raw Data button for unfiltered details, including TTLs and raw resolutions

  • Sortable table with First Seen and Last Seen timestamps

  • Color-coded indicators and hover tooltips for quick context

  • Bulk actions: Select All, Download CSV, Monitor, Save To

How It Works

Silent Push continuously aggregates subdomain data from global passive DNS sources. The view is tightly integrated with PADNS, allowing one-click pivots from any subdomain to its full resolution history.

Wildcards are automatically flagged, and Domain Wide View helps reveal hidden or dynamically resolved subdomains that would otherwise stay invisible.

How to Use Subdomains View

  1. Search a domain (e.g. paypal.com) in Total View

  2. Click the Subdomains tab (shows count like 1795)

  3. Toggle Domain Wide View to include full hierarchy

  4. Use filters, Basic Raw Data, or Clear Filters as needed

  5. Click any subdomain to pivot to PADNS, Infrastructure Variance, or Threat Feeds

Real-World Example: paypal.com

The updated interface shows 1,795 subdomains. Examples include long hashed subdomains such as:

0cd20b6fe61233e4a24bf70f30c9ba46.paypal.com

Each entry displays precise First Seen and Last Seen dates, making it easy to track infrastructure changes and detect anomalies.

Use Cases

  • Detect shadow IT and forgotten assets at scale

  • Identify wildcard abuse and potential subdomain takeovers

  • Correlate subdomains with PADNS data to trace resolutions to suspicious IPs

  • Support compliance audits and attack surface management

  • Set up real-time Monitor alerts for new or changed subdomains

Available in both Community and Enterprise editions.

The refreshed Subdomains view turns a traditionally hard-to-manage problem into a clear, actionable intelligence layer — essential for modern threat hunting and attack surface reduction.