- 13 Jun 2024
- 2 Minutes to read
- Print
- DarkLight
Use bulk data feeds
- Updated on 13 Jun 2024
- 2 Minutes to read
- Print
- DarkLight
'Bulk Data' feeds are unenriched feeds containing domains, URLs, and nameservers that are exportable as a text file, or as an API endpoint.
Feeds are categorized by data type, and contain information on important changes and additions across the global IPv4/6 range that organizations can use to inform their cyber defense operations - e.g. a list of new nameservers, or a list of new country code top level domains (ccTLDS).
To access Bulk Data Feeds:
Login to your Enterprise account
Navigate to
Data Marketplace > Bulk Data Feeds
To export the data using an API endpoint:
Login to your Enterprise account
Navigate to
Data Marketplace > Bulk Data Feeds
Click the
Automate Export
button on your chosen feedSelect the required
file type
Click the
Copy API Endpoint
buttonThe endpoint will retrieve a time-limited URL (3h) that you can call to download the file
Click on the
cURL
,Python
orpHp
tabs to copy code samples and call it from another security tool
To export the data as a text file:
Login to your Enterprise account
Navigate to
Data Marketplace > Bulk Data Feeds
Click the
Automate Export
button on your chosen feedSelect the
file type
requiredClick the
Download File
button
List of Bulk Data Feeds
Feed name | Description |
---|---|
New Global Domains | A list of new domains, collected from daily ICANN zone file updates (exportable as a text file) |
New ccTLD Domains (ICANN) | A list of new country code top level domains (ccTLDS), first seen within the last 24 hours (exportable as a text file) |
New Nameservers | A list of new nameservers, first seen within the last 24 hours. (exportable as a text file) |
New Self-Named Nameservers | A list of new self-named nameservers, first seen within the last 24 hours (exportable as a text file) |
Domains With NS Changes | A list of Domains that have changed nameservers within the last 24 hours (exportable as a JSON) |
Domains With Self-Named NS Changes | Domains that have changed to a self-named nameserver within the last 24 hours (exportable as a JSON) |
New Mail Servers | New mail servers, seen for the first seen within the last 24 hours (exportable as a text file) |
Open Redirect Vulnerabilities | Domains that are vulnerable to open re-directs (exportable as a text file) |
IPFS Nodes (IPv4) | IPv4 addresses that have acted as IPFS nodes within the last 7 days (exportable as a text file) |
IPFS Nodes (IPv6) | IPv6 addresses that have acted as IPFS nodes within the last 7 days (exportable as a text file) |
Merlin C2 IPs | IP addresses suspected of acting as Merlin C2 servers (exportable as a text file) |
Poor AS Reputation (IPv4) | IPv4 addresses taken from autonomous systems (AS) with the worst Silent Push Takedown Scores (exportable as a text file) |
Poor Subnet Reputation (IPv4) | IPv4 addresses taken from subnets with the worst Silent Push Takedown Scores (exportable as a text file) |