See #2

September 19, 2016 was in Pacific Daylight Time (PDT), not Pacific Standard Time (PST) as indicated.

Yet another reason we need to kill daylight savings time.

Us folks from the rest of the world aren't to familiar with other timezones however to make life easier you could use UTC (as everyone should know their relevancy to UTC), a quick google says PDT is UTC-7, not too sure though.

In which way the author of the misconfiguration will be executed?

I suggest:

• flamethrower
• mini nuclear bomb
• anti-aircraft gun
• pocket-size H-bomb
• scaphism

I noticed this README references the TLD Records Archive as TL;DR but the projects README says TLDR with no semi-colon. Was this intentional or was this a typo?

Other such DNS scanning services provide an opt-out.
Does this have such a "feature"

To be honest, other than "mildly interesting" what good is this continual scan and zone transfer request of every NS?

Can you provide the rationale for this being a leak rather than a deliberate move to make these sites globally public?

For example the domain gnu.rep.kp. doesn't have any A records listed in this project, but there currently are some. Were these recently added or are they just missing in the repo?

$ dig ANY gnu.rep.kp +trace

[snip]

gnu.rep.kp.         43200   IN      SOA     ns1.gnu.rep.kp. postmaster.gnu.rep.kp. 2012110810 28800 7200 1209600 3600
gnu.rep.kp.         43200   IN      NS      ns2.gnu.rep.kp.
gnu.rep.kp.         43200   IN      NS      ns1.gnu.rep.kp.
gnu.rep.kp.         43200   IN      A       175.45.176.83
gnu.rep.kp.         43200   IN      A       175.45.176.73
;; Received 175 bytes from 175.45.176.9#53(175.45.176.9) in 307 ms

On Sept 20, 2016 at approximately 10:00PM

This threw me off when I saw it, because it's currently 11:55 EDT (15:55 UTC) when I read this. Maybe include a timezone? :-)

On the README it says: On Sept 20, 2016 at approximately 10:00PM (PST),
At time of writing that event will be in ~12 hours. Did this happen last night, the 19th?