What Your DNS Records Are Telling Strangers: A Deep Dive into AI Company Infrastructure

Your DNS records are like a company directory posted on the front door of the internet. Anyone can read them. And if you're integrating with major platforms or deploying critical infrastructure, those records are probably broadcasting those relationships right now.

A researcher recently audited the DNS footprints of 39 AI-adjacent companies—including labs, safety organizations, and infrastructure providers—and the results reveal both the surprising transparency of modern infrastructure and some genuinely concerning security gaps.

Let's break down what they found, why it matters, and what you should do about it.

The Verification Map: Who's Building with Claude?

When a company verifies domain ownership with a service provider (say, for API onboarding), that verification token gets stored in a TXT record. It's permanent. It's public. Anyone running a simple DNS query can see it.

Seventeen of the 39 companies audited have anthropic-domain-verification TXT records—a strong signal they've completed Anthropic's enterprise onboarding process for Claude API access. The list reads like a who's-who of the AI ecosystem:

• Infrastructure: Microsoft, NVIDIA, Vercel, Sourcegraph, Modal
• AI Companies: Perplexity, Midjourney, Hugging Face
• Financial: Stripe, Open Philanthropy, Polymarket
• Editor Tools: Cursor

To be clear: this doesn't prove they have an active contract. It means someone at their organization generated a verification token and added it to DNS. For enterprise customers, it's a useful signal of integration depth.

Notably absent? OpenAI, Google, Apple, Amazon, and xAI. That doesn't mean they're not using Claude—they might be using different verification mechanisms, or keeping integrations private at the VLAN level.

Cursor shows a similar pattern, with 14 domains verified. Interestingly, Anthropic itself appears in Cursor's verification records, suggesting shared infrastructure or bidirectional integration testing.

The Surprise Finding: MCP Keys in DNS

This is where things get genuinely interesting.

Multiple companies are storing cryptographic public keys in DNS records with the format v=MCPv1; k=<algorithm>; p=<public-key>. This appears to be a DNS-based identity verification system for the Model Context Protocol (MCP)—Anthropic's new standard for connecting AI systems to external tools and data sources.

The structure mirrors DKIM (the email authentication standard), which makes sense: you're cryptographically proving "this MCP endpoint is really operated by this domain."

Six companies have deployed these records:

| Company | Key Count | Algorithm | |---------|-----------|-----------| | Microsoft | 12 | ecdsap384 | | Stripe | 1 | ed25519 | | Perplexity | 1 | ed25519 | | Hugging Face | 1 | ed25519 | | Vercel | 1 | ed25519 | | Sourcegraph | 1 | ed25519 |

Microsoft's deployment of 12 separate key pairs is particularly interesting—it suggests they're running multiple verified MCP services, likely powering different product integrations.

The catch? There's no public specification for this record format yet. The MCP ecosystem is moving faster than documentation. If you're deploying MCP servers, you should understand what keys you're publishing and why.

Email Security: 23% of Companies Are Vulnerable to Spoofing

This one stung. Nine out of 39 companies (23%) have weak or missing email authentication.

DMARC policy p=none means spoofed emails get delivered anyway. No DMARC record at all means no protection. Here's the breakdown:

Zero Protection:

• Alignment Forum (no DMARC, no SPF)
• Manifold Markets (no DMARC)

Monitoring Only (emails delivered, but reported):

• MIRI, Hugging Face, Inflection AI, xAI, Aleph Alpha, Qdrant, Metaculus

This is particularly concerning for AI safety organizations like MIRI and the Alignment Forum. If adversaries want to impersonate researchers or manipulate consensus in safety discussions, weak email authentication is an open invitation.

The Good News: Anthropic, OpenAI, Stripe, and Cloudflare all enforce p=reject, which blocks spoofed messages outright. If you're handling sensitive work, this should be table stakes.

Unexpected Infrastructure Findings

xAI's domain shows some unusual characteristics:

• SSL certificate from a Chinese issuer (Guangdong Baota Security Technology)
• DMARC reports routed to Alibaba Cloud
• Domain registered in 1994—32 years before the company was founded
• Notably slow response time (660ms)

This warrants investigation, but could also reflect legitimate infrastructure decisions or historical domain acquisitions.

Infrastructure Market Share (across all 39 domains):

• Email: Google Workspace dominates (74%)
• Hosting: Cloudflare leads (46%), followed by Vercel (28%)
• SSL: Let's Encrypt + Google Trust Services (72%)
• Response times: Claude.ai at 14ms (blazing fast) to Meta at 5.8 seconds

What You Should Do

If you're managing infrastructure for an AI company or startup:

1. Audit your TXT records. Run dig +short TXT yourdomain.com and see what's public. You might be surprised.

2. Implement strict DMARC. If you're not enforcing p=reject, you're vulnerable to impersonation attacks. This matters even more if you're in security, safety, or research.

3. Understand your verification tokens. If your company has anthropic-domain-verification or cursor-domain-verification records, know why they're there and who's responsible for them.

4. Plan for MCP. If you're deploying MCP servers, understand the identity verification mechanisms you're using. Document them for your security team.

5. Publish your keys intentionally. Every cryptographic key in DNS is a public commitment. Make sure it's deliberate.

DNS transparency is a feature of the modern internet—it enables security research, allows anyone to audit infrastructure, and keeps companies honest. But it requires vigilance. Your DNS records are your infrastructure resume, visible to everyone. Make sure it says what you want it to say.

Want to verify these claims yourself? You can query any domain's DNS records using standard tools:

dig +short TXT example.com                    # See all TXT records
dig +short TXT _dmarc.example.com            # Check DMARC policy
dig +short MX example.com                    # Find mail servers

All the data in this research is public. Your infrastructure is too.