We are thrilled to announce that the coverage of our premium DNS Database Download significantly improved over the past few months. The most recent measurement in 2024 showed that the database’s total number of DNS records increased by 578% compared to May 2023. 

More precisely, there was a 1,313% increase in A records and a 700% increase in the total number of AAAA records. Overall, DNS Database Download now contains more than 35.3 billion DNS records.

This enhancement is designed to broaden passive DNS analysis for threat detection and monitoring.

With this market-leading coverage, WhoisXML API users can now:

• Accelerate threat detection, response, and monitoring: The massive increase in DNS coverage will enable security teams to detect and track more known malicious domains and IP addresses. Other DNS record types included in the database will allow teams to further uncover attack infrastructure.

• Provide security platforms a complete view of the DNS: Security solutions can be made more robust when supplemented with the enhanced premium DNS Database Download. Integrating DNS insights into SIEM, endpoint security, and network intelligence platforms can pave the way for a holistic view of more potential threats and incidents.

• Widen asset discovery: The DNS coverage expansion will enable security teams to map external attack surfaces more accurately and discover more assets, including unused and forgotten ones that can pose security risks if left unprotected.

• Gain a better understanding of threat actors’ tools, tactics, and procedures (TTPs): The extensive coverage of the premium DNS Database Download makes it possible to map interconnections between domains, IP addresses, and servers used by attackers. With that, security teams can gain insights into threat actors’ command-and-control (C&C) structures, communication channels, and potential attack vectors.

Extensive Coverage with Several DNS Record Types

WhoisXML API offers standard and premium DNS Database Download. Both databases contain files for different DNS record types, including:

• A record: Provides IPv4 addresses associated with a domain.

• AAAA record: Provides IPv6 addresses associated with a domain.

• MX record: Shows the mail server where emails to the domain are sent.

• NS record: Reveals the authoritative name server for the domain name.

• TXT record: Shows any information about a given domain in text format.

• CNAME record: Maps a domain name to a canonical name.

• SOA record: Contains pertinent information about the domain, such as the duration between refreshes and the administrator’s email address.

• PTR record: Provides the domain names associated with an IP address.

For each DNS record type, the database files contain important data points, such as domains or IP addresses, relevant DNS records, and the timestamp of the last update on record.

DNS Database Download is available through a CSV file containing the full database and update files covering daily, weekly, and monthly changes to the full database. You can review the documentation for more information.

Download a database sample now or contact us to learn how DNS Database Download can enrich threat hunting, asset discovery, and other cybersecurity processes and strategies.