Records that defy easy categorisation. Hundreds of letter As. Counting to twenty. An 8-level HTML entity escaping loop. Legal demands served to the Wayback Machine. Truly unhinged.
1. Session-specific backend admin portal URL exposed in DNS
Instead of verifying their domain, the administrator pasted the exact, session-specific backend URL to their web builder's admin portal into DNS. This exposes their internal tenant ID (`ORLp89n2T7fi6cgBkJRmXGplliE3`), the platform they use, and configuration state flags (`isPreviewing=true&tutorial=false`) to any automated crawler scanning the .uk zone.
2. ACME client configuration leaked into public DNS
An administrator appears to have accidentally copied their internal ACME client environment variables or configuration file and pasted it into the public DNS zone file while trying to set up an SSL certificate. `dns_acmedns_api_url = http://acmedns-server/` and `dns_acmedns_registration_file = /data/acme-registration.json` expose internal infrastructure hostnames and file paths to the public internet.
3. Registrar suspended the domain and announced it via TXT record
djhammy.co.uk was suspended for fraud, abuse, or false WHOIS data. Rather than simply taking the domain offline, the registrar injected a TXT record to publicly broadcast the suspension: "This domain name has been disabled due to false/incomplete whois data, violation of the terms and conditions of the registration, abuse, fraud or other illegal use!" The DNS record itself is the public shaming mechanism.
This domain name has been disabled due to false/incomplete whois data, violation of the terms and conditions of the registration, abuse, fraud or other illegal use!
4. Pasted a private Gmail compose window URL into DNS
This admin didn't just paste a Google search result β they pasted the literal, session-specific URL of a blank Gmail compose window from their own browser. The `u/4/` in the URL means it was the 5th Google account they were logged into at the time. The compose token reveals a real draft context. Their private email session is now permanently baked into global DNS.
5. Zero-width spaces silently corrupting the verification token
The `\226\128\139` byte sequence (UTF-8 for a Zero-Width Space character) appears inside what looks like a valid Google verification token. The likely cause: the service provider displayed the token on mobile with zero-width spaces for visual word-wrapping. The admin copied the token β invisible characters included β and the silent corruption made the verification permanently fail. A bug that's invisible by definition.
6. Facebook Messenger link from a private chat β in DNS
The administrator copied a link out of a Facebook Messenger chat (`l.messenger.com` is Facebook's outbound link tracker) and pasted it directly into their domain's public DNS. Decoding the URL reveals they were sharing a Medscape article titled "Five minutes activity a day keeps anxiety at bay." They have permanently enshrined their private chat history in the global DNS registry. The article is about exercise reducing anxiety. The irony is rich.
7. Broadcasting a system migration status memo via global DNS
Instead of putting up a maintenance page on their website, or sending an internal Slack message, the infrastructure team at bluepeakcyber.co.uk decided to broadcast their system migration status to the entire internet via a DNS TXT record: "Legacy systems have been left running while the new infrastructure is under maintenance. To contact the infrastructure team get in contact with support@coventry.r032.bluepeakcyber.co.uk". A cybersecurity company.
Legacy systems have been left running while the new infrastructure is under maintenance. To contact the infrastructure team get in contact with support@coventry.r032.bluepeakcyber.co.uk
8. Base64-encoded internal mail subdomain in DNS for no reason
The TXT record `MAltYWlsLjEwYWxvZ28uY28udWsuCg==` decodes from Base64 to `1-mail.10alogo.co.uk.
`. A broken programmatic DNS update script Base64-encoded an internal mail subdomain and pushed it as a raw TXT value instead of parsing it as plain text. The subdomain is now globally visible encoded in Base64 in the zone file.
The TXT records for 1058fm.co.uk and 1215am.co.uk both contain: "Ben Matthew +44 (0)207 432 3457". Someone used the DNS TXT record as a makeshift WHOIS contact note or business card. This phone number is now trivially discoverable by any bot scanning the .co.uk zone file for PII β which many do.
10. Two TXT records filled entirely with the letter A
bedbugsmotel.co.uk has two massive DNS TXT records containing nothing but hundreds of repeated letter A characters. This is almost certainly the result of a broken automated provisioning script β a developer testing the character limit of their DNS provider's API β that accidentally pushed to production and was never cleaned up.
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA...
[Second record, also just letter A, repeated ~200 times]
No token, no verification string, no SPF policy, no private key. Just someone counting to twenty out loud in their DNS TXT record: "one two three four five six seven eight nine ten eleven twelve thirteen fourteen fifteen sixteen seventeen eighteen nineteen twenty". We don't know why. We may never know.
one two three four five six seven eight nine ten eleven twelve thirteen fourteen fifteen sixteen seventeen eighteen nineteen twenty
Someone tried to use hash `#` symbols to create a visual ASCII art banner inside their DNS TXT record, as if it were a bash script or shell config file. "########################## # # Space Separated ##########################" β treating the global DNS zone like a README.md. Honestly, we respect the effort.
########################## # # Space Separated ########################## conister.co.uk...
This poor administrator fell victim to a broken CMS. They pasted a `<meta>` tag for Google verification into their domain dashboard. The backend sanitized the HTML entities. They likely hit "save," saw the code look weird, and saved it again β creating a cascading chain of double-encodings. The final result is `&amp;amp;amp;amp;amp;amp;amp;lt;meta name=google-site-verification...`, where the opening `<` is encoded 8 times over.
14. When prompted to enter a TXT record, they typed "text"
The TXT record for 127themix.co.uk contains only the word `text`. When the registrar's DNS management interface prompted the user to "enter a text record", they appear to have responded by typing the word "text" into the value field. Technically accurate. Completely useless.
The TXT record for 120oxfordstreet.co.uk contains only the `@` symbol. The admin almost certainly typed `@` into the TXT value field when they meant to put it in the host/name field (where it represents the root domain). The result is a TXT record that says nothing except "at symbol".
The TXT record for 12pc.co.uk contains only the word `cobweb`. No token, no verification string, no SPF policy, no explanation. Just: cobweb. Is it a test? A thought? A mood? We may never know.
The TXT record contains `hgeh5eh` β a classic random keyboard smash. An admin almost certainly typed random characters to test whether a TXT record would actually propagate through the DNS system. It did. They never came back to remove it.
18. Premium 3-character domain, TXT record is just "test"
007.co.uk is an extraordinarily valuable short domain β three characters, a globally recognised number. The only custom TXT record its owner ever added was the word `test`. They presumably meant to come back and add a real record. That was some time ago. The word "test" remains.
Three domains (1001parts.co.uk, 1001menus.co.uk, 1001hobbies.co.uk) all have pipe-delimited TXT records: `1|www.1001parts.co.uk`, `1|1001menus.com`, `2|https://www.1001modelkits.co.uk`. A lightweight proxy or routing engine is actively querying DNS TXT records to decide where to 301 redirect incoming traffic β using the numeric prefix (`1|` vs `2|`) as the redirect type. An unconventional but functional use of the DNS system.