didn't see in notables
0.pizza public DNS records recon
Google Inc. is the registrar
No A records = no web server (website, ftp, vpn, etc., at least in DNS)
Name Servers are googledomains.com, so Google is hosting the DNS records
Contact info is redacted, typical if you pay a fee to redact records
MX records point to icloud, which means icloud is receiving email for the 0.pizza domain
more interesting, though, is that when we look at the spf records, which are text records you can add to a domain that essentially say: these mail servers (other than the icloud server where the MX records point) are allowed to send mail AS 0.pizza, otherwise, messages sent outside of icloud would get marked as spam because they were not sent by the MX record server
There are two domain verifications in the records:
one for apple, and one for protonmail
these records exist because they were required in order to "verify" the domain was owned by the same entity configuring the mail service at Apple and protonmail
Servers allowed to send as 0.pizza?
_spf.protonmail.ch
icloud.com
What kind of mail is sending from protonmail as 0.pizza? What is coming from the Apple servers?
For those who don't know, .ch was originally for the Swiss, but now ChYna is coveting those domains. Proton Mail is a Swiss company that purports to protect users privacy and doesn't require verification to setup a free account.
o7 anons
sauce: used MXtoolbox to lookup public DNS data
https://mxtoolbox.com/SuperTool.aspx?action=mx:0.pizza&run=toolpage