- 30 Aug 2024
- 3 Minutes to read
- Print
- DarkLight
Total View screen
- Updated on 30 Aug 2024
- 3 Minutes to read
- Print
- DarkLight
Enriching an IPv4 or domain presents the Total View screen.
Total View provides data across a multitude of Silent Push queries, scans and features from one central location, providing a one stop shop for domain and IPv4 intelligence, without the need to access multiple menus at once, or perform extended analysis on an observable.
As with other screens across the Silent Push platform, pivotable data on the Total View screen is highlighted in blue. Left click a blue data point anywhere on the Total View screen to be presented with a contextual pivot menu.
Total View 'Highlights'
The top section of the Total View screen contains highlights that provide at-a-glance information for your chosen domain or IP.
Highlight categories are different, based on wether or not you're enriching a domain or an IPv4 address.
Domain highlights
- Silent Push Risk Score, including a diagram of how we arrived at the score by using secondary scoring data
- Passive DNS record count, per record type
- WHOIS registrar and created date
- Infrastructure Variance
- ASN diversity
- IP diversity
- Nameservers changes
- Live Scan highlights
- Response
- Scan date
- Favicon
- HTML title
- Header server
- Screenshot
IPv4 highlights
- Silent Push Risk Score, including a diagram of how we arrived at the score by using secondary scoring data
- Passive DNS record count, per record type
- IP infrastructure
- AS number
- AS name
- Subnet
- Live Scan highlights
- Response
- Scan date
- HTML title
- Header server
- Screenshot
DNS and web content data
The bottom section of the Total View screen contains extended data on the given domain or IPv4 address, returned from various built-in queries and features.
As with Total View Highlights, data categories are different for domains and IPv4 addresses.
Data is displayed on a single table. Categories are accessible as tabs, across the top of the table.
Domain-based data categories
PADNS
- A list of all DNS records associated with the domain, populated on an Explore tableInfrastructure Variance
- A list of ASNs associated with the domain
- The domain's IP Diversity metrics (visual timelines of AS hops, IP diversity score, ASN diversity)
- Nameserver data (nameserver domain density, nameserver reputation scores)
Web Scanner
- Runs the following Web Scanner query on the given domain, with tabulated, pivotable results displayed on the same screen:origin_hostname = [domain] AND hostname = [domain]
WHOIS
- Displays a graphical and tabulated list of WHOIS changes, and the latest SOA recordThreat Feeds
- Displays data related to the domain's historical existence within a threat feed, and a list of live threat feeds where the domain currently existsScreenshots
- A timeline of domain screenshots, taken at various intervalsDangling DNS
- A count and a list of dangling DNS records associated with the domainSubdomains
- A list of all subdomains associated with the domainCertificates
- A pivotable list of all active and expired certificates associated with the domain, including a graphical list of certificate issuers
IPv4-based data categories
PADNS
- A list of all DNS records associated with the domain, populated on an Explore tableIP Infrastructure
- ASN and subnet data, related to the IP address- Basic ASN information
- ASN domain takedown reputation (including a 30-day graph of the ASN's takedown score)
- ASN reputation (including a 30-day graph of the ASN's reputation score)
- WHOIS RDAP data
- Associated subnets
Threat Feeds
- Displays data related to the IPv4's historical existence within a threat feed, and a list of live threat feeds where the IPv4 currently existsWeb Scanner
- Runs the following Web Scanner query on the given domain, with tabulated, pivotable results displayed on the same screen:origin_hostname = [IP] AND hostname = [IP]
Screenshots
- A timeline of screenshots, taken at various intervals