TL;DR It's extremely unlikely (though not technically impossible) that a properly registered domain would have zero* DNS records. The existence of the domain must be announced to the global DNS system by an update provided by the domain registrar. Failure by the Registrar to provide this update would constitute failure to perform the duty delegated to them by the IANA.
At minimum, every domain has one or more DNS glue records
When a domain is registered, the Domain Registrar sends an update to the generic Top-Level Domain (gTLD) servers responsible for the TLD in question. For example, registering the domain example.com
triggers an update to the .com
gTLD servers, which are operated by VeriSign.
This update includes the authoritative name server (NS) records from the domain's WHOIS data. The gTLD server then creates a DNS glue record for the domain pointing to the authoritative name servers. These glue records are what enable the gTLD servers to refer incoming queries to the authoritative name servers for the domain.
Therefore, unless the domain registrar fails to perform the duty delegated to them by IANA, a lookup against any registered domain will return the authoritative name server records for that domain.
Then why aren't lookups for 00000onlinecasino.com
returning any records?
It appears that everything has taken place as described above; in other words, this domain's registrar (NameBright.com) has created the required WHOIS entry and submitted the NS records to the .COM gTLD servers. I confirmed this as follows by running nslookup set to query for NS records:
C:\> nslookup -q=ns 00000onlinecasino.com
Server: my-dns-server.internal.local
Address: 192.168.168.1
Non-authoritative answer:
00000onlinecasino.com nameserver = n2.juming.com
00000onlinecasino.com nameserver = n1.juming.com
n2.juming.com internet address = 112.253.3.26
n2.juming.com internet address = 121.14.157.13
n1.juming.com internet address = 121.14.157.13
n1.juming.com internet address = 220.181.135.142
I also used this handy Glue Record checker from MeBSD.com which confirmed the results:
![enter image description here](../../I/static/images/42e84f3c70c81abae50c74917794d008e15658eefda08936a86cbbba468c06f8.png)
However, the same query when performed against any of these name servers is returning an error:
C:\> nslookup -q=ns 00000onlinecasino.com n1.juming.com
DNS request timed out.
timeout was 2 seconds.
Server: UnKnown
Address: 220.181.135.142
DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
*** Request to UnKnown timed-out
Since these servers are authoritative for this domain, they should at least know about it and identify themselves as the NS records for the domain! Given this, it's clear that these NS servers have been mis-configured.
*I must allow that the definition of "zero DNS records" is open to interpretation. As demonstrated by this question's test case, the authoritative name servers aren't responding, giving cause to the argument that the domain has no records. However, I prefer the view that a domain's glue records are essentially the "other half" of a domain's NS records. After all without the glue records, any attempts to look up the authoritative name servers for a domain would result in the circular instruction to, "go ask [insert name server here]."
More Information
3How did you find these domains? – I say Reinstate Monica – 2018-03-27T12:03:18.390
For example, "dig 00000onlinecasino.com any" can not return any DNS record, even the NS record, although it is a registered domain. In theory, are the domain registration and the DNS two separated systems(although usually they are connected together)? – peter – 2018-03-27T14:26:42.853
To see the NS records (which indeed exist for that domain) I think you need to use
dig +short NS 00000onlinecasino.com
– I say Reinstate Monica – 2018-03-27T14:31:29.190Maybe I'm in bad luck, but that command does not output anything on my machine:-) – peter – 2018-03-27T14:38:26.640
Sorry, I'm not a *nix user. On my machine I used nslookup and got these results.
– I say Reinstate Monica – 2018-03-27T14:42:12.4703"any" might not be as reliable for that purpose as you think - it certainly is not meant to give you a complete copy of a zone. That's what "axfr" is for, and most DNS servers will reject that query for good reasons. – rackandboneman – 2018-03-27T19:37:15.193
Do not use the
ANY
record type, it will become deprecated as it does not do what you think it does. Also when you usedig
always specify which nameserver you query. – Patrick Mevzek – 2018-04-06T05:31:43.857