How does browser resolve unregistered domains like .ph or .ws?

domain-name-system domain domain-name

It depends.

And it depends a lot on which recusive nameserver your browser is using, as it can be lying. Also, it happens more and more today that browsers like Firefox or Google Chrome are able to use DoH (DNS over HTTPS) and hence any external server to do DNS resolution

So whatever DNS resolver you are using can lie to you if a domain does not exist and respond in such a way that your browser will be directed through some specific page. Various extensions or configuration items in your browser can also get you the same behaviour.

But for your specific example, it works because the registry of .PH has a wildcard in its zone.

You can check it easily:

$ dig ph. NS +short
1.ns.ph.
ns2.cuhk.edu.hk.
ph.communitydns.net.
ns4.apnic.net.
$ dig \*.ph A @1.ns.ph. +noall +ans +nottlunits
*.ph.           300 IN A 45.79.222.138

This wildcard means that, no matter which name you query for, if there are no other records (a real registered name), you will get this IP address. Note that the wildcard applies only to A:

$ dig \*.ph AAAA @1.ns.ph. +noall +ans +nottlunits
(no data)
$ dig \*.ph NS @1.ns.ph. +noall +ans +nottlunits
(no data)

This case is only possible for ccTLDs (but few do it) because it is prohibited in gTLDs by ICANN rules, after the infamous Verisign SiteFinder "experiment" in the past.

And when this happens, it does not impact just a browser and HTTP traffic, but everything. Which is root of the problem: imagine there is a valid example.ph domain and you have to send an highly sensitive information (and not encrypting the message), to [email protected] but you do a typo and send to [email protected] where this exanple.ph domain does not exist... but it will resolve and per SMTP rules, even without MX record, the message will be sent over to the IP address (wildcard) that exanple.ph resolves to, and then it depends if an MTA is listening there or not.

.ws ccTLD (yes it is a country) has the same kind of wildcard:

$ dig ws. NS +short
ns5.dns.ws.
us3.dns.ws.
us4.dns.ws.
a.dns.ws.
ns2.dns.ws.
s.dns.ws.
$ dig @s.dns.ws \*.ws. A +noall +ans +nottlunits
*.ws.           300 IN A 64.70.19.203

Related

How to expose services in private AKS cluster?
Why is the WIM Image becoming so large?
Invoke-RestMethod returns 400 error no matter what I do
Wrap text in <td> tag
Alter table add multiple columns ms sql
How to remove gaps between subplots in matplotlib
apt-get install tzdata noninteractive
configure: error: C compiler cannot create executables
MySQL Select Query - Get only first 10 characters of a value
How to remove newlines from beginning and end of a string?
Convert PEM to PPK file format
How to save S3 object to a file using boto3