Dns Zone Transfer Attack. This uses the type axfr in an attempt to get a copy of the zone. A zone transfer that is from an external ip address is used as part of an attackers reconnaissance phase.
Some external dns servers will return a list of ip address and valid hostnames. You can use different mechanisms for dns zone transfer but the simplest one is axfr technically speaking axfr refers to the protocol used during a dns zone transfer. Its how you can have more than one dns server able to answer queries about a particular zone.
This is why dns zone transfer is needed.
You just pretend you are a secondary and ask the primary for a copy of the zone records. Sometimes dns servers are misconfigured. Dns zone transfer is the process where a dns server passes a copy of part of its database which is called a zone to another dns servera basic dns zone transfer attack isnt very fancy. With effective dns enumeration you can clone dns zones manually using scripts or by exploiting dns zone transfer vulnerabilities known as axfr asynchronous transfer full range transfer.