Passive DNS Daily Files Endpoint

The Passive DNS Daily Files Endpoint allows a user to download dumps of passive DNS daily files using HTTPS. These files are in a CSV format and are compressed using gzip. The previous days files are available by 00:30 UTC.

Supported Files

Address IPv4

The address IPv4 files contain data of hostname and IPv4 pairs with the Epoch timestamp of the query. The filename is in the format of ‘address_ipv4_YYYYMMDD.csv.gz’ where ‘YYYYMMDD’ is the format of the date of the file. The contents of the file are in the format below:

timestamp | ipv4 | hostname

Address IPv6

The address IPv6 files contain data of hostname and IPv6 pairs with the Epoch timestamp of the query. The filename is in the format of ‘address_ipv6_YYYYMMDD.csv.gz’ where ‘YYYYMMDD’ is the format of the date of the file. The contents of the file are in the format below:

timestamp | ipv6 | hostname

CNAME

The cname files contain data of canonical hostname and hostname pairs with the Epoch timestamp of the query. The filename is in the format of ‘cname_YYYYMMDD.csv.gz’ where ‘YYYYMMDD’ is the format of the date of the file. The contents of the file are in the format below:

timestamp | canonical hostname | hostname

MX

The mx files contain data of domain and mx pairs (priority included) with the Epoch timestamp of the query. The filename is in the format of ‘mx_YYYYMMDD.csv.gz’ where ‘YYYYMMDD’ is the format of the date of the file. The contents of the file are in the format below:

timestamp | domain | mx

Nameserver

The nameserver files contain data of domain and nameserver pairs with the Epoch timestamp of the query. The filename is in the format of ‘mx_YYYYMMDD.csv.gz’ where ‘YYYYMMDD’ is the format of the date of the file. The contents of the file are in the format below:

timestamp | domain | nameserver

Example Script

Below is an example script for downloading the files:

timestamp | domain | mx
timestamp | domain | nameserver
#!/bin/sh 
USER=user 
DATADIR=/tmp 
PASSWORD=password 
BASE_URL=example.com
DATE=`date --date="yesterday" "+%Y%m%d"` 
/usr/bin/curl --silent --user ${USER}:${PASSWORD} ${BASE_URL}/address_ipv4_${DATE}.csv.gz  -o ${DATADIR}/address_ipv4_$
{DATE}.csv.gz 
/usr/bin/curl --silent --user ${USER}:${PASSWORD} ${BASE_URL}/address_ipv6_${DATE}.csv.gz  -o ${DATADIR}/address_ipv6_$
{DATE}.csv.gz 
/usr/bin/curl --silent --user ${USER}:${PASSWORD} ${BASE_URL}/cname_${DATE}.csv.gz  -o ${DATADIR}/cname_${DATE}.csv.gz 
/usr/bin/curl --silent --user ${USER}:${PASSWORD} ${BASE_URL}/mx_${DATE}.csv.gz   -o ${DATADIR}/mx_${DATE}.csv.gz 
/usr/bin/curl --silent --user ${USER}:${PASSWORD} ${BASE_URL}/nameserver_${DATE}.csv.gz  -o ${DATADIR}/nameserver_$
{DATE}.csv.gz