An example where digging goes wrong.
DNS lookup fails with "254.242.55.65.in-addr.arpa" for instance.
DNSQuerySniffer, running under the browser, does not come up with a reply and cannot resolve.
You often experience that with PTR requests that involve MS.
So then looked here:
id 7223
opcode QUERY
rcode NXDOMAIN
flags QR RD RA
;QUESTION
254.242.55.65.in-addr.arpa. IN A
;ANSWER
;AUTHORITY
55.65.in-addr.arpa. 1799 IN SOA ns1.msft.net. msnhst.microsoft.com. 2019121601 7200 900 7200000 3600
;ADDITIONAL
this with toolbox google app's Dig DNS lookup.
Just like we expected NXDOMAIN, not registered domain or as a result of some server hick-up.
Many folks never really studied DNS and the ways to manipulate DNS.
A shame really, for it is an important issue,
playing out everywhere, also in the background (Cloud, Big Tech data retrieving).
Conclusion here "Parties fail to innovate and to overhaul and that even partly",
or just call it like Americans do "sloppiness", whatever.
Info credits go to luntrus,
Vizualize here:
https://dnsviz.net/d/security.nl/dnssec/also see:
https://dnssec-debugger.verisignlabs.com/polonus