Enriching an IPv4 or domain presents the Total View screen.

Total View provides data across a multitude of Silent Push queries, scans and features from one central location, providing a one stop shop for domain and IPv4 intelligence, without the need to access multiple menus at once, or perform extended analysis on an observable.

Total View 'Highlights'

The top section of the Total View screen contains highlights that provide at-a-glance information for your chosen domain or IP.

Highlight categories are different, based on wether or not you're enriching a domain or an IPv4 address.

Domain highlights

1. Silent Push Risk Score, including a diagram of how we arrived at the score by using secondary scoring data
2. Passive DNS record count, per record type
3. WHOIS registrar and created date
4. Infrastructure Variance
   1. ASN diversity
   2. IP diversity
   3. Nameservers changes
5. Live Scan highlights
   1. Response
   2. Scan date
   3. Favicon
   4. HTML title
   5. Header server
   6. Screenshot

IPv4 highlights

1. Silent Push Risk Score, including a diagram of how we arrived at the score by using secondary scoring data
2. Passive DNS record count, per record type
3. IP infrastructure
   1. AS number
   2. AS name
   3. Subnet
4. Live Scan highlights
   1. Response
   2. Scan date
   3. HTML title
   4. Header server
   5. Screenshot

DNS and web content data

The bottom section of the Total View screen contains extended data on the given domain or IPv4 address, returned from various built-in queries and features.

As with Total View Highlights, data categories are different for domains and IPv4 addresses.

Data is displayed on a single table. Categories are accessible as tabs, across the top of the table.

Domain-based data categories

1. PADNS - A list of all DNS records associated with the domain, populated on an Explore table

2. Infrastructure Variance

   1. A list of ASNs associated with the domain
   2. The domain's IP Diversity metrics (visual timelines of AS hops, IP diversity score, ASN diversity)
   3. Nameserver data (nameserver domain density, nameserver reputation scores)

3. Web Scanner - Runs the following Web Scanner query on the given domain, with tabulated, pivotable results displayed on the same screen: origin_hostname = [domain] AND hostname = [domain]

4. WHOIS - Displays a graphical and tabulated list of WHOIS changes, and the latest SOA record

5. Threat Feeds - Displays data related to the domain's historical existence within a threat feed, and a list of live threat feeds where the domain currently exists

6. Screenshots - A timeline of domain screenshots, taken at various intervals

7. Dangling DNS - A count and a list of dangling DNS records associated with the domain

8. Subdomains - A list of all subdomains associated with the domain

9. Certificates - A pivotable list of all active and expired certificates associated with the domain, including a graphical list of certificate issuers

IPv4-based data categories

1. PADNS - A list of all DNS records associated with the domain, populated on an Explore table
2. IP Infrastructure - ASN and subnet data, related to the IP address
   1. Basic ASN information
   2. ASN domain takedown reputation (including a 30-day graph of the ASN's takedown score)
   3. ASN reputation (including a 30-day graph of the ASN's reputation score)
   4. WHOIS RDAP data
   5. Associated subnets
3. Threat Feeds - Displays data related to the IPv4's historical existence within a threat feed, and a list of live threat feeds where the IPv4 currently exists
4. Web Scanner - Runs the following Web Scanner query on the given domain, with tabulated, pivotable results displayed on the same screen: origin_hostname = [IP] AND hostname = [IP]
5. 7. Screenshots - A timeline of screenshots, taken at various intervals