diff --git a/src/registrar/migrations/0044_create_groups_v04.py b/src/registrar/migrations/0044_create_groups_v04.py
new file mode 100644
index 000000000..ecb48e335
--- /dev/null
+++ b/src/registrar/migrations/0044_create_groups_v04.py
@@ -0,0 +1,37 @@
+# This migration creates the create_full_access_group and create_cisa_analyst_group groups
+# It is dependent on 0035 (which populates ContentType and Permissions)
+# If permissions on the groups need changing, edit CISA_ANALYST_GROUP_PERMISSIONS
+# in the user_group model then:
+# [NOT RECOMMENDED]
+# step 1: docker-compose exec app ./manage.py migrate --fake registrar 0035_contenttypes_permissions
+# step 2: docker-compose exec app ./manage.py migrate registrar 0036_create_groups
+# step 3: fake run the latest migration in the migrations list
+# [RECOMMENDED]
+# Alternatively:
+# step 1: duplicate the migration that loads data
+# step 2: docker-compose exec app ./manage.py migrate
+
+from django.db import migrations
+from registrar.models import UserGroup
+from typing import Any
+
+
+# For linting: RunPython expects a function reference,
+# so let's give it one
+def create_groups(apps, schema_editor) -> Any:
+    UserGroup.create_cisa_analyst_group(apps, schema_editor)
+    UserGroup.create_full_access_group(apps, schema_editor)
+
+
+class Migration(migrations.Migration):
+    dependencies = [
+        ("registrar", "0043_domain_expiration_date"),
+    ]
+
+    operations = [
+        migrations.RunPython(
+            create_groups,
+            reverse_code=migrations.RunPython.noop,
+            atomic=True,
+        ),
+    ]
diff --git a/src/registrar/templates/401.html b/src/registrar/templates/401.html
index a419dab53..21ac9db35 100644
--- a/src/registrar/templates/401.html
+++ b/src/registrar/templates/401.html
@@ -26,7 +26,7 @@
         Would you like to <a href="{% url 'login' %}"> try logging in again?</a>
       </p>
       <p>
-     If you'd like help with this error <a href="{% public_site_url 'contact/' %}"> contact us </a>.
+     If you'd like help with this error <a class="usa-link" rel="noopener noreferrer" target="_blank" href="{% public_site_url 'contact/' %}">contact us</a>.
       </p>
 
       {% if log_identifier %}
diff --git a/src/registrar/templates/403.html b/src/registrar/templates/403.html
index 93d32f65a..08057dfba 100644
--- a/src/registrar/templates/403.html
+++ b/src/registrar/templates/403.html
@@ -26,7 +26,7 @@
         Would you like to <a href="{% url 'login' %}"> try logging in again</a>?
       </p>
       <p>
-        If you'd like help with this error <a href="{% public_site_url 'contact' %}"> contact us </a>.
+        If you'd like help with this error <a class="usa-link" rel="noopener noreferrer" target="_blank" href="{% public_site_url 'contact' %}">contact us</a>.
       </p>
       
       {% if log_identifier %}
diff --git a/src/registrar/templates/404.html b/src/registrar/templates/404.html
index deec71ce2..cf6983c60 100644
--- a/src/registrar/templates/404.html
+++ b/src/registrar/templates/404.html
@@ -15,7 +15,7 @@
         {% translate "Status 404" %}
       </h2>
 
-      <p> Try going to the <a href="/">homepage</a>. If you can’t find what you’re looking for, <a href="{% public_site_url 'contact' %}"> contact us </a>.
+      <p> Try going to the <a href="/">homepage</a>. If you can’t find what you’re looking for, <a class="usa-link" rel="noopener noreferrer" target="_blank" href="{% public_site_url 'contact' %}">contact us</a>.
       </p>
     </div>
 
diff --git a/src/registrar/templates/500.html b/src/registrar/templates/500.html
index 5749c0ad3..3c95900b2 100644
--- a/src/registrar/templates/500.html
+++ b/src/registrar/templates/500.html
@@ -19,7 +19,7 @@
       {% else %}
         <p>
         Sorry! Try waiting a few minutes and then reloading the page.
-        <a href="{% public_site_url 'contact' %}"> contact us </a> if you need help.
+        <a class="usa-link" rel="noopener noreferrer" target="_blank" href="{% public_site_url 'contact' %}"> Contact us</a> if you need help.
         </p>
       {% endif %}
 
diff --git a/src/registrar/templates/application_authorizing_official.html b/src/registrar/templates/application_authorizing_official.html
index 2ac99be80..859a47520 100644
--- a/src/registrar/templates/application_authorizing_official.html
+++ b/src/registrar/templates/application_authorizing_official.html
@@ -12,7 +12,7 @@
     {% include "includes/ao_example.html" %}
   </div>
 
-<p>We typically don’t reach out to the authorizing official, but if contact is necessary, our practice is to coordinate first with you, the requestor. Read more about <a href="{% public_site_url 'domains/eligibility/#you-must-have-approval-from-an-authorizing-official-within-your-organization' %}">who can serve as an authorizing official</a>.</p>
+<p>We typically don’t reach out to the authorizing official, but if contact is necessary, our practice is to coordinate first with you, the requestor. Read more about <a class="usa-link" rel="noopener noreferrer" target="_blank" href="{% public_site_url 'domains/eligibility/#you-must-have-approval-from-an-authorizing-official-within-your-organization' %}">who can serve as an authorizing official</a>.</p>
 
 {% endblock %}
 
diff --git a/src/registrar/templates/application_dotgov_domain.html b/src/registrar/templates/application_dotgov_domain.html
index fd6ce9604..0d11203ad 100644
--- a/src/registrar/templates/application_dotgov_domain.html
+++ b/src/registrar/templates/application_dotgov_domain.html
@@ -2,7 +2,7 @@
 {% load static field_helpers url_helpers %}
 
 {% block form_instructions %}
-  <p>Before requesting a .gov domain, <a href="{% public_site_url 'domains/choosing' %}">please make sure it
+  <p>Before requesting a .gov domain, <a class="usa-link" rel="noopener noreferrer" target="_blank" href="{% public_site_url 'domains/choosing' %}">please make sure it
   meets our naming requirements</a>. Your domain name must:
     <ul class="usa-list">
       <li>Be available </li>
diff --git a/src/registrar/templates/application_purpose.html b/src/registrar/templates/application_purpose.html
index ca2ff7287..5135e6678 100644
--- a/src/registrar/templates/application_purpose.html
+++ b/src/registrar/templates/application_purpose.html
@@ -8,7 +8,7 @@ domain name or for mainly internal use.</p>
   <p>Describe the reason for your domain request. Explain how you plan to use this domain. 
 Who is your intended audience? Will you use it for a website and/or email? Are you moving 
 your website from another top-level domain (like .com or .org)? 
-Read about <a href="{% public_site_url 'domains/requirements/' %}">activities that are prohibited on .gov domains.</a></p>
+Read about <a class="usa-link" rel="noopener noreferrer" target="_blank" href="{% public_site_url 'domains/requirements/' %}">activities that are prohibited on .gov domains.</a></p>
 
 {% endblock %}
 
diff --git a/src/registrar/templates/application_tribal_government.html b/src/registrar/templates/application_tribal_government.html
index 3c2a8999f..bdca60907 100644
--- a/src/registrar/templates/application_tribal_government.html
+++ b/src/registrar/templates/application_tribal_government.html
@@ -7,7 +7,7 @@
   {% with sublabel_text="Please include the entire name of your tribe as recognized by the Bureau of Indian Affairs." %}
     {% with link_text="Bureau of Indian Affairs" %}
       {% with link_href="https://www.federalregister.gov/documents/2023/01/12/2023-00504/indian-entities-recognized-by-and-eligible-to-receive-services-from-the-united-states-bureau-of" %}
-        {% with target_blank="true" %}
+        {% with external_link="true" target_blank="true" %}
           {% input_with_errors forms.0.tribe_name %}
         {% endwith %}
       {% endwith %}
diff --git a/src/registrar/templates/domain_authorizing_official.html b/src/registrar/templates/domain_authorizing_official.html
index c12f1f290..93b4b1b50 100644
--- a/src/registrar/templates/domain_authorizing_official.html
+++ b/src/registrar/templates/domain_authorizing_official.html
@@ -10,7 +10,7 @@
   <h1>Authorizing official</h1>
 
   <p>Your authorizing official is the person within your organization who can
-  authorize domain requests. This person must be in a role of significant, executive responsibility within the organization. Read more about <a class="usa-link" href="{% public_site_url 'domains/eligibility/#you-must-have-approval-from-an-authorizing-official-within-your-organization' %}">who can serve as an authorizing official</a>.</p>
+  authorize domain requests. This person must be in a role of significant, executive responsibility within the organization. Read more about <a class="usa-link" rel="noopener noreferrer" target="_blank" href="{% public_site_url 'domains/eligibility/#you-must-have-approval-from-an-authorizing-official-within-your-organization' %}">who can serve as an authorizing official</a>.</p>
 
   {% include "includes/required_fields.html" %}
 
diff --git a/src/registrar/templates/domain_base.html b/src/registrar/templates/domain_base.html
index d2870a82c..b5f70d341 100644
--- a/src/registrar/templates/domain_base.html
+++ b/src/registrar/templates/domain_base.html
@@ -16,49 +16,60 @@
   </div>
   <div class="grid-row grid-gap">
     <div class="tablet:grid-col-3">
-      {% include 'domain_sidebar.html' %}
+      {% if domain.domain_info %}
+        {% include 'domain_sidebar.html' %}
+      {% endif %}
     </div>
 
     <div class="tablet:grid-col-9">
       <main id="main-content" class="grid-container">
-
-      {% if is_analyst_or_superuser and analyst_action == 'edit' and analyst_action_location == domain.pk %}
-      <div class="usa-alert usa-alert--warning margin-bottom-2">
-        <div class="usa-alert__body">
-          <h4 class="usa-alert__heading larger-font-sizing">Attention!</h4>
-          <p class="usa-alert__text ">
-            You are making changes to a registrant’s domain. When finished making changes, close this tab and inform the registrant of your updates.
-          </p>
-        </div>
-      </div>
-      {% else %}
-      <a href="{% url 'home' %}" class="breadcrumb__back">
-        <svg class="usa-icon" aria-hidden="true" focusable="false" role="img">
-        <use xlink:href="{% static 'img/sprite.svg' %}#arrow_back"></use>
-        </svg>
-
-        <p class="margin-left-05 margin-top-0 margin-bottom-0 line-height-sans-1">
-        Back to manage your domains
-        </p>
-      </a>
-      {% endif %}
-      {# messages block is under the back breadcrumb link #}
-      {% if messages %}
-      {% for message in messages %}
-      <div class="usa-alert usa-alert--{{ message.tags }} usa-alert--slim margin-bottom-3">
+      {% if not domain.domain_info %}
+        <div class="usa-alert usa-alert--error margin-bottom-2">
           <div class="usa-alert__body">
-          {{ message }}
+            <h4 class="usa-alert__heading larger-font-sizing">Domain missing domain information</h4>
+            <p class="usa-alert__text ">
+              You are attempting to manage a domain, {{ domain.name }}, which does not have a domain information object. Please correct this in the admin by editing the domain, and adding domain information, as appropriate.
+            </p>
           </div>
-      </div>
-      {% endfor %}
+        </div>
+      {% else %}
+        {% if is_analyst_or_superuser and analyst_action == 'edit' and analyst_action_location == domain.pk %}
+        <div class="usa-alert usa-alert--warning margin-bottom-2">
+          <div class="usa-alert__body">
+            <h4 class="usa-alert__heading larger-font-sizing">Attention!</h4>
+            <p class="usa-alert__text ">
+              You are making changes to a registrant’s domain. When finished making changes, close this tab and inform the registrant of your updates.
+            </p>
+          </div>
+        </div>
+        {% else %}
+        <a href="{% url 'home' %}" class="breadcrumb__back">
+          <svg class="usa-icon" aria-hidden="true" focusable="false" role="img">
+          <use xlink:href="{% static 'img/sprite.svg' %}#arrow_back"></use>
+          </svg>
+
+          <p class="margin-left-05 margin-top-0 margin-bottom-0 line-height-sans-1">
+          Back to manage your domains
+          </p>
+        </a>
+        {% endif %}
+        {# messages block is under the back breadcrumb link #}
+        {% if messages %}
+        {% for message in messages %}
+        <div class="usa-alert usa-alert--{{ message.tags }} usa-alert--slim margin-bottom-3">
+            <div class="usa-alert__body">
+            {{ message }}
+            </div>
+        </div>
+        {% endfor %}
+        {% endif %}
+
+        {% block domain_content %}
+
+        <h1 class="break-word">{{ domain.name }}</h1>
+
+        {% endblock %}  {# domain_content #}
       {% endif %}
-
-      {% block domain_content %}
-
-      <h1 class="break-word">{{ domain.name }}</h1>
-
-      {% endblock %}  {# domain_content #}
-
       </main>
     </div>
   </div>
diff --git a/src/registrar/templates/domain_security_email.html b/src/registrar/templates/domain_security_email.html
index 8fb0ccfb0..7958d7ac1 100644
--- a/src/registrar/templates/domain_security_email.html
+++ b/src/registrar/templates/domain_security_email.html
@@ -7,7 +7,7 @@
 
   <h1>Security email</h1>
 
-  <p>We strongly recommend that you provide a security email. This email will allow the  public to report observed or suspected security issues on your domain. Security emails are made public and included in the <a href="{% public_site_url 'about/data/' %}">.gov domain data</a> we provide.</p>
+  <p>We strongly recommend that you provide a security email. This email will allow the  public to report observed or suspected security issues on your domain. Security emails are made public and included in the <a class="usa-link" rel="noopener noreferrer" target="_blank" href="{% public_site_url 'about/data/' %}">.gov domain data</a> we provide.</p>
 
   <p>A security contact should be capable of evaluating or triaging security reports for your entire domain. Use a team email address, not an individual’s email. We recommend using an alias, like security@domain.gov.</p>
 
diff --git a/src/registrar/templates/includes/ao_example.html b/src/registrar/templates/includes/ao_example.html
index 8a9d22915..dfdbb3775 100644
--- a/src/registrar/templates/includes/ao_example.html
+++ b/src/registrar/templates/includes/ao_example.html
@@ -44,7 +44,7 @@
   <p>Domain requests from state legislatures and courts must be authorized by an agency’s <strong>Chief Information Officer</strong> or <strong>highest-ranking executive</strong>.</p>
 
 {% elif organization_type == 'tribal' %}
-  <p><strong>Domain requests from federally-recognized tribal governments must be authorized by the leader of the tribe</strong>, as recognized by the <a href="https://www.bia.gov/service/tribal-leaders-directory" class="usa-link">Bureau of Indian Affairs.</a></p>
+  <p><strong>Domain requests from federally-recognized tribal governments must be authorized by the leader of the tribe</strong>, as recognized by the <a class="usa-link usa-link--external" rel="noopener noreferrer" target="_blank" href="https://www.bia.gov/service/tribal-leaders-directory">Bureau of Indian Affairs</a>.</p>
 <p><strong>Domain requests from state-recognized tribal governments must be authorized by the leader of the tribe</strong>, as determined by the state’s tribal recognition initiative.</p>
 
 {% endif %}
diff --git a/src/registrar/templates/includes/domain_example.html b/src/registrar/templates/includes/domain_example.html
index 8f803aa24..3b34b8e80 100644
--- a/src/registrar/templates/includes/domain_example.html
+++ b/src/registrar/templates/includes/domain_example.html
@@ -55,7 +55,7 @@
   </ul>
 
 {% elif organization_type == 'county' %}
-  <p>Most county .gov domains must include the two-letter state abbreviation or the full state name. County names that aren’t shared by any other city, county, parish, town, borough, village or equivalent in the U.S., at the time a domain is granted, can be requested without referring to the state. Counties can include “county” in their domain to distinguish it from other places with similar names. We use the <a href="https://www.census.gov/geographies/reference-files/time-series/geo/gazetteer-files.html">Census Bureau’s National Places Gazetteer Files</a> to determine if county names are unique.</p>
+  <p>Most county .gov domains must include the two-letter state abbreviation or the full state name. County names that aren’t shared by any other city, county, parish, town, borough, village or equivalent in the U.S., at the time a domain is granted, can be requested without referring to the state. Counties can include “county” in their domain to distinguish it from other places with similar names. We use the <a class="usa-link usa-link--external" rel="noopener noreferrer" target="_blank" href="https://www.census.gov/geographies/reference-files/time-series/geo/gazetteer-files.html">Census Bureau’s National Places Gazetteer Files</a> to determine if county names are unique.</p>
   <p><strong>Examples:</strong></p>
   <ul class="usa-list">
     <li>AdamsCountyMS.gov</li>
@@ -68,7 +68,7 @@
   <p>Most city domains must include the two-letter state abbreviation or clearly spell out the state name. Using phrases like “City of” or “Town of” is optional.</p>
   <p>Cities that meet one of the criteria below don’t have to refer to their state in the domain name.
     <ul class="usa-list">
-      <li>City names that are not shared by any other U.S. city, town, or village can be requested without referring to the state. We use the <a href="https://www.census.gov/geographies/reference-files/time-series/geo/gazetteer-files.html">Census Bureau’s National Places Gazetteer Files</a> to determine if names are unique.</li>
+      <li>City names that are not shared by any other U.S. city, town, or village can be requested without referring to the state. We use the <a class="usa-link usa-link--external" rel="noopener noreferrer" target="_blank" href="https://www.census.gov/geographies/reference-files/time-series/geo/gazetteer-files.html">Census Bureau’s National Places Gazetteer Files</a> to determine if names are unique.</li>
       <li>Certain cities are so well-known that they may not require a state reference to communicate location. We use the list of U.S. “dateline cities” in the Associated Press Stylebook to make this determination.</li>
       <li>The 50 largest cities, as measured by population according to the Census Bureau, can have .gov domain names that don’t refer to their state.</li>
     </ul>
@@ -81,7 +81,7 @@
   </p>
 
 {% elif organization_type == 'special_district' %}
-  <p>Domain names must represent your organization or institutional name, not solely the services you provide. It also needs to include your two-letter state abbreviation or clearly spell out the state name unless <a href="{% public_site_url 'domains/choosing/#counties' %}">county or city exceptions apply</a>.</p>
+  <p>Domain names must represent your organization or institutional name, not solely the services you provide. It also needs to include your two-letter state abbreviation or clearly spell out the state name unless <a class="usa-link" rel="noopener noreferrer" target="_blank" href="{% public_site_url 'domains/choosing/#counties' %}">county or city exceptions apply</a>.</p>
   <p><strong>Examples:</strong></p>
   <ul class="usa-list">
     <li>ElectionsShelbyTN.gov</li>
diff --git a/src/registrar/templates/includes/footer.html b/src/registrar/templates/includes/footer.html
index 869d6007b..47d4836f1 100644
--- a/src/registrar/templates/includes/footer.html
+++ b/src/registrar/templates/includes/footer.html
@@ -27,11 +27,11 @@
             <address class="usa-footer__address">
               <div class="usa-footer__contact-info grid-row grid-gap-md">
                 <div class="grid-col-auto">
-                   <a href="{% public_site_url 'help/' %}" class="usa-link"> Help </a>
+                   <a class="usa-link" rel="noopener noreferrer" target="_blank" href="{% public_site_url 'help/' %}">Help </a>
                 </div>
                 <span class=""> | </span>
                 <div class="grid-col-auto">
-                  <a href="{% public_site_url 'contact/' %}" class="usa-link">Contact us</a>
+                  <a class="usa-link" rel="noopener noreferrer" target="_blank" href="{% public_site_url 'contact/' %}">Contact us</a>
                 </div>
               </div>
             </address>
@@ -47,7 +47,7 @@
     >
       <div class="usa-identifier__container">
         <div class="usa-identifier__logos">
-          <a href="https://www.cisa.gov" class="usa-identifier__logo"
+          <a rel="noopener noreferrer" target="_blank" href="https://www.cisa.gov" class="usa-identifier__logo"
             ><img
               class="usa-identifier__logo-img"
               src="{% static 'img/CISA_logo.png' %}"
@@ -62,7 +62,7 @@
         >
           <p class="usa-identifier__identity-domain">get.gov</p>
           <p class="usa-identifier__identity-disclaimer">
-            An official website of the <a href="https://www.cisa.gov" class="usa-link">Cybersecurity and Infrastructure Security Agency</a>
+            An official website of the <a rel="noopener noreferrer" target="_blank" href="https://www.cisa.gov" class="usa-link">Cybersecurity and Infrastructure Security Agency</a>
           </p>
         </section>
       </div>
@@ -74,35 +74,35 @@
       <div class="usa-identifier__container">
         <ul class="usa-identifier__required-links-list">
           <li class="usa-identifier__required-links-item">
-        <a href="{% public_site_url 'about/' %}"
+        <a rel="noopener noreferrer" target="_blank" href="{% public_site_url 'about/' %}"
               class="usa-identifier__required-link usa-link">About .gov</a>
           </li>
           <li class="usa-identifier__required-links-item">
-            <a
+            <a rel="noopener noreferrer" target="_blank"
               href="https://github.com/cisagov/getgov"
               class="usa-identifier__required-link usa-link usa-link--external"
               >.gov on Github</a
             >
           </li>
           <li class="usa-identifier__required-links-item">
- <a href="{% public_site_url 'privacy-policy/' %}" class="usa-identifier__required-link usa-link">Privacy policy</a>
+ <a rel="noopener noreferrer" target="_blank" href="{% public_site_url 'privacy-policy/' %}" class="usa-identifier__required-link usa-link">Privacy policy</a>
           </li>
           <li class="usa-identifier__required-links-item">
-            <a href="https://www.dhs.gov/accessibility" class="usa-identifier__required-link usa-link usa-link--external"
+            <a rel="noopener noreferrer" target="_blank" href="https://www.dhs.gov/accessibility" class="usa-identifier__required-link usa-link usa-link--external"
               >Accessibility</a
             >
           </li>
           <li class="usa-identifier__required-links-item">
-            <a href="{% public_site_url 'vulnerability-disclosure-policy/' %}" class="usa-identifier__required-link usa-link"
+            <a rel="noopener noreferrer" target="_blank" href="{% public_site_url 'vulnerability-disclosure-policy/' %}" class="usa-identifier__required-link usa-link"
               >Vulnerability disclosure policy</a>
           </li>
           <li class="usa-identifier__required-links-item">
-            <a href="https://www.cisa.gov/cisa-no-fear-act-reporting" class="usa-identifier__required-link usa-link"
+            <a rel="noopener noreferrer" target="_blank" href="https://www.cisa.gov/cisa-no-fear-act-reporting" class="usa-identifier__required-link usa-link"
               >No FEAR Act data</a
             >
           </li>
           <li class="usa-identifier__required-links-item">
-            <a href="https://www.dhs.gov/freedom-information-act-foia" class="usa-identifier__required-link usa-link usa-link--external"
+            <a rel="noopener noreferrer" target="_blank" href="https://www.dhs.gov/freedom-information-act-foia" class="usa-identifier__required-link usa-link usa-link--external"
               >FOIA requests</a
             >
           </li>
@@ -117,6 +117,6 @@
         <div class="usa-identifier__usagov-description">
           Looking for U.S. government information and services?
         </div>
-        <a href="https://www.usa.gov/" class="usa-link usa-link--external">Visit USA.gov</a>
+        <a rel="noopener noreferrer" target="_blank" href="https://www.usa.gov/" class="usa-link usa-link--external">Visit USA.gov</a>
       </div>
     </section>
diff --git a/src/registrar/templates/includes/input_with_errors.html b/src/registrar/templates/includes/input_with_errors.html
index 2adc08984..56bd0b111 100644
--- a/src/registrar/templates/includes/input_with_errors.html
+++ b/src/registrar/templates/includes/input_with_errors.html
@@ -37,7 +37,7 @@ error messages, if necessary.
         {% with link_index=sublabel_text|find_index:link_text %}
           {{ sublabel_text|slice:link_index }}
           {% comment %} HTML will convert a new line into a space, resulting with a space before the fullstop in case link_text is at the end of sublabel_text, hence the unfortunate line below {% endcomment %}
-          <a {% if target_blank == "true" %}target="_blank" {% endif %}href="{{ link_href }}">{{ link_text }}</a>{% with sublabel_part_after=sublabel_text|slice_after:link_text %}{{ sublabel_part_after }}{% endwith %}
+          <a {% if external_link == "true" %}rel="noopener noreferrer" class="usa-link usa-link--external" {% endif %}{% if target_blank == "true" %}target="_blank" {% endif %}href="{{ link_href }}">{{ link_text }}</a>{% with sublabel_part_after=sublabel_text|slice_after:link_text %}{{ sublabel_part_after }}{% endwith %}
         {% endwith %}
       {% else %}
         {{ sublabel_text }}
diff --git a/src/registrar/tests/common.py b/src/registrar/tests/common.py
index ad464bb3e..ed6ea3366 100644
--- a/src/registrar/tests/common.py
+++ b/src/registrar/tests/common.py
@@ -453,7 +453,7 @@ def create_user():
     p = "userpass"
     user = User.objects.create_user(
         username="staffuser",
-        email="user@example.com",
+        email="staff@example.com",
         is_staff=True,
         password=p,
     )
diff --git a/src/registrar/tests/test_views.py b/src/registrar/tests/test_views.py
index c30e84248..681f25468 100644
--- a/src/registrar/tests/test_views.py
+++ b/src/registrar/tests/test_views.py
@@ -5,7 +5,7 @@ from django.conf import settings
 from django.test import Client, TestCase
 from django.urls import reverse
 from django.contrib.auth import get_user_model
-from .common import MockEppLib, completed_application  # type: ignore
+from .common import MockEppLib, completed_application, create_user  # type: ignore
 
 from django_webtest import WebTest  # type: ignore
 import boto3_mocking  # type: ignore
@@ -1105,6 +1105,9 @@ class TestWithDomainPermissions(TestWithUser):
         self.domain_just_nameserver, _ = Domain.objects.get_or_create(
             name="justnameserver.com"
         )
+        self.domain_no_information, _ = Domain.objects.get_or_create(
+            name="noinformation.gov"
+        )
 
         self.domain_dsdata, _ = Domain.objects.get_or_create(name="dnssec-dsdata.gov")
         self.domain_multdsdata, _ = Domain.objects.get_or_create(
@@ -1278,6 +1281,29 @@ class TestDomainOverview(TestWithDomainPermissions, WebTest):
         self.assertContains(detail_page, "(1.2.3.4,")
         self.assertContains(detail_page, "2.3.4.5)")
 
+    def test_domain_with_no_information_or_application(self):
+        """Test that domain management page returns 200 and displays error
+        when no domain information or domain application exist"""
+        # have to use staff user for this test
+        staff_user = create_user()
+        # staff_user.save()
+        self.client.force_login(staff_user)
+
+        # need to set the analyst_action and analyst_action_location
+        # in the session to emulate user clicking Manage Domain
+        # in the admin interface
+        session = self.client.session
+        session["analyst_action"] = "foo"
+        session["analyst_action_location"] = self.domain_no_information.id
+        session.save()
+
+        detail_page = self.client.get(
+            reverse("domain", kwargs={"pk": self.domain_no_information.id})
+        )
+
+        self.assertContains(detail_page, "noinformation.gov")
+        self.assertContains(detail_page, "Domain missing domain information")
+
 
 class TestDomainManagers(TestDomainOverview):
     def test_domain_managers(self):
diff --git a/src/registrar/views/utility/mixins.py b/src/registrar/views/utility/mixins.py
index 02cc25d64..f49359588 100644
--- a/src/registrar/views/utility/mixins.py
+++ b/src/registrar/views/utility/mixins.py
@@ -100,8 +100,15 @@ class DomainPermission(PermissionsLoginMixin):
         if DomainInformation.objects.filter(id=pk).exists():
             requested_domain = DomainInformation.objects.get(id=pk)
 
-        domain_application = requested_domain.domain_application
-        if domain_application.status not in valid_domain_statuses:
+        # if no domain information or application exist, the user
+        # should be able to manage the domain; however, if domain information
+        # and domain application exist, and application is not in valid status,
+        # user should not be able to manage domain
+        if (
+            requested_domain
+            and requested_domain.domain_application
+            and requested_domain.domain_application.status not in valid_domain_statuses
+        ):
             return False
 
         # Valid session keys exist,
