cowickindustrials.co.uk

The `257 3 13` prefix is unmistakable: this is a DNSKEY record (DNSSEC cryptographic signing key using ECDSA Curve P-256). The admin pasted their highly sensitive DNSSEC key directly into an unencrypted TXT record instead of the DNSKEY record type. This completely breaks DNSSEC's chain of trust and exposes the signing key to any DNS observer.