DNS Records for
backgammon.com
๐ Hunting for rogue glue records.
DNS Records forbackgammon.com
Domain DNS Health Score
100%
Total Tests
28
Passed
28
Critical Issues
0
First-Visit DNS
~35ms
Excellent
Returning Visit
~0ms
Fully cached
CNAME Depth
None
Direct A record
TTL Strategy
Balanced
TTL values are well-balanced across record types
DNS Provider
Cloudflare
Global Anycast
Avg NS Response
0ms
Fast
Insights
A3
AAAA3
NS2
MX5
TXT3
SPFok
DMARCok
DNSSECinfo
CAAinfo
100%
44/44 tests
TTL cache lifetime
1m
5m
30m
1h
4h
1d
2d
7d
A
Good for CDN or dynamic setups (5 min). Balances freshness with caching.5 min
AAAA
Good for CDN or dynamic setups (5 min). Balances freshness with caching.5 min
NS
9h 36m โ appropriate for nameserver records.9.6 hr
MX
1h โ appropriate for mail server records.1 hr
SOA
30 min
TXT
1h โ appropriate for TXT records.1 hr
Resolution waterfall
First visit ~35msReturning ~0ms
Root โ TLD nameserver
5ms
TLD โ Authoritative NS
20ms
NS โ A record (apex)
15ms
NS โ AAAA record (IPv6)
15ms
Benchmark: excellent
Per-nameserver response time
avg 0msspread 0ms
trevor.ns.cloudflare.com
0ms
magali.ns.cloudflare.com
0ms
Provider Cloudflare Anycast confirmed
www resolution
www.backgammon.comDirect A record โ no CNAME chain
104.26.0.161104.26.1.161172.67.71.12SOA timing
Serial
2398428272Refresh
2.8 hr
How often secondaries re-check
Retry
40 min
Wait after a failed refresh
Expire
7 days
Secondaries stop serving after
Min TTL
30 min
Negative cache duration
Zone last updated
Serial format isn't YYYYMMDDnn โ age can't be inferred.
Negative cache
NXDOMAIN responses are cached for 30 min. Typos against this zone stick around that long.
Glue records at parent
via b.gtld-servers.net
| Nameserver | IPv4 | IPv6 | Zone match |
|---|---|---|---|
| magali.ns.cloudflare.com | 108.162.194.29, 162.159.38.29, 172.64.34.29 | 2606:4700:50::a29f:261d, 2803:f800:50::6ca2:c21d, 2a06:98c1:50::ac40:221d | match |
| trevor.ns.cloudflare.com | 108.162.195.154, 162.159.44.154, 172.64.35.154 | 2606:4700:58::a29f:2c9a, 2803:f800:50::6ca2:c39a, 2a06:98c1:50::ac40:239a | match |
Mail exchange priority
5 MX records
pref 1
aspmx.l.google.com
Primary
pref 5
alt1.aspmx.l.google.com
Tied priority
pref 5
alt2.aspmx.l.google.com
Tied priority
pref 10
alt4.aspmx.l.google.com
Tied priority
pref 10
alt3.aspmx.l.google.com
Tied priority
SPF mechanism chain
v=spf1
include:_spf.google.comDelegate check to another SPF
-allhardfail
DMARC policy
Policy (p=)
reject
Fraudulent mail is rejected outright
Subdomains (sp=)
reject
Inherits from p=
Coverage (pct=)
100%
Applied to all mail
SPF alignment
relaxed
DKIM alignment
relaxed
Aggregate reports โ rua
mailto:[email protected]
Forensic reports โ ruf
mailto:[email protected]
These nameservers are responsible for answering queries about your domain
2 Records
magali.ns.cloudflare.com
trevor.ns.cloudflare.com
Cloudflare
Your domain is using Cloudflare's DNS service, which provides DDoS protection, global CDN, and performance optimization features.
Source: This information was kindly provided by b.gtld-servers.net ๐๐ผ
Good. b.gtld-servers.net has information for your TLD. This confirms your domain is properly delegated.
Good. The parent server has your nameservers listed and they match the actual NS records. This ensures consistent DNS resolution.
Glue Records from Parent Server
Information provided by b.gtld-servers.net
magali.ns.cloudflare.com
Nameserver
IPv4 Addresses:
108.162.194.29162.159.38.29172.64.34.29IPv6 Addresses:
2606:4700:50::a29f:261d2803:f800:50::6ca2:c21d2a06:98c1:50::ac40:221dtrevor.ns.cloudflare.com
Nameserver
IPv4 Addresses:
108.162.195.154162.159.44.154172.64.35.154IPv6 Addresses:
2606:4700:58::a29f:2c9a2803:f800:50::6ca2:c39a2a06:98c1:50::ac40:239aNote:
The parent server is providing glue records for these nameservers. While not required (since the nameservers are not under your domain), this helps optimize DNS resolution.
| Status | Test name | Information |
|---|---|---|
Authoritative Nameservers | These nameservers are responsible for answering queries about your domain 2 Records magali.ns.cloudflare.comtrevor.ns.cloudflare.comCloudflareYour domain is using Cloudflare's DNS service, which provides DDoS protection, global CDN, and performance optimization features. Source: This information was kindly provided by b.gtld-servers.net ๐๐ผ | |
TLD Delegation Check | Good. b.gtld-servers.net has information for your TLD. This confirms your domain is properly delegated. | |
Nameservers Listed at Parent | Good. The parent server has your nameservers listed and they match the actual NS records. This ensures consistent DNS resolution. | |
Glue Records from Parent | Glue Records from Parent ServerInformation provided by b.gtld-servers.net magali.ns.cloudflare.comNameserver IPv4 Addresses: 108.162.194.29162.159.38.29172.64.34.29IPv6 Addresses: 2606:4700:50::a29f:261d2803:f800:50::6ca2:c21d2a06:98c1:50::ac40:221dtrevor.ns.cloudflare.comNameserver IPv4 Addresses: 108.162.195.154162.159.44.154172.64.35.154IPv6 Addresses: 2606:4700:58::a29f:2c9a2803:f800:50::6ca2:c39a2a06:98c1:50::ac40:239aNote: The parent server is providing glue records for these nameservers. While not required (since the nameservers are not under your domain), this helps optimize DNS resolution. |
trevor.ns.cloudflare.com
Cloudflare
IPv4 Addresses
172.64.35.154
108.162.195.154
162.159.44.154
IPv6 Addresses
2803:f800:50::6ca2:c39a
2a06:98c1:50::ac40:239a
2606:4700:58::a29f:2c9a
Authoritative
Non-Recursive
TCP
UDP
TTL: 172,800s (2 days)
magali.ns.cloudflare.com
Cloudflare
IPv4 Addresses
172.64.34.29
108.162.194.29
162.159.38.29
IPv6 Addresses
2a06:98c1:50::ac40:221d
2803:f800:50::6ca2:c21d
2606:4700:50::a29f:261d
Authoritative
Non-Recursive
TCP
UDP
TTL: 172,800s (2 days)
Good. No nameservers allow recursive queries.
Cloudflareโs DNS uses a global network to speed up responses. Normally, the IP addresses at the parent nameservers and Cloudflareโs servers should match. If they donโt, it might just be a short-term update.
Cloudflare manages glue records through their global DNS infrastructure.
Good. The NS records at all your nameservers are identical.
Good. All nameservers listed at the parent server responded.
All NS records appear to be valid hostnames.
You have 2 nameservers. This meets the minimum requirement, though RFC2182 section 5 recommends at least 3 for better reliability.
Good. All nameservers are answering authoritatively for your domain.
Good. All NS records match between parent and nameservers, as required by RFC1034 section 3.6.
Good. All parent-listed nameservers are reported by your nameservers, as required by RFC1034 section 3.6.
Good. No CNAME records found for NS records, as per RFC1912 section 2.4 and RFC2181 section 10.3.
Anycast provider detected (Cloudflare).While 3 IP pair(s) share a
/16
prefix, Cloudflare distributes these across globally diverse datacenters using anycast routing. No subnet diversity concern per RFC2182 section 5.| Status | Test name | Information |
|---|---|---|
Nameserver Records from Zone | trevor.ns.cloudflare.comCloudflare IPv4 Addresses 172.64.35.154 108.162.195.154 162.159.44.154 IPv6 Addresses 2803:f800:50::6ca2:c39a 2a06:98c1:50::ac40:239a 2606:4700:58::a29f:2c9a Authoritative Non-Recursive TCP UDP TTL: 172,800s (2 days) magali.ns.cloudflare.comCloudflare IPv4 Addresses 172.64.34.29 108.162.194.29 162.159.38.29 IPv6 Addresses 2a06:98c1:50::ac40:221d 2803:f800:50::6ca2:c21d 2606:4700:50::a29f:261d Authoritative Non-Recursive TCP UDP TTL: 172,800s (2 days) | |
Open Recursive Queries | Good. No nameservers allow recursive queries. | |
Glue Record Consistency | Cloudflareโs DNS uses a global network to speed up responses. Normally, the IP addresses at the parent nameservers and Cloudflareโs servers should match. If they donโt, it might just be a short-term update. | |
Missing Glue for NS Records | Cloudflare manages glue records through their global DNS infrastructure. | |
Mismatched NS records | Good. The NS records at all your nameservers are identical. | |
DNS servers responded | Good. All nameservers listed at the parent server responded. | |
Name of nameservers are valid | All NS records appear to be valid hostnames. | |
Nameserver Redundancy Check | You have 2 nameservers. This meets the minimum requirement, though RFC2182 section 5 recommends at least 3 for better reliability. | |
Lame Delegation Check | Good. All nameservers are answering authoritatively for your domain. | |
Parent Missing Nameservers | Good. All NS records match between parent and nameservers, as required by RFC1034 section 3.6. | |
Zone Missing Nameservers | Good. All parent-listed nameservers are reported by your nameservers, as required by RFC1034 section 3.6. | |
CNAMEs at Apex Check | Good. No CNAME records found for NS records, as per RFC1912 section 2.4 and RFC2181 section 10.3. | |
NS IP Subnet Diversity | Anycast provider detected (Cloudflare).While 3 IP pair(s) share a /16 prefix, Cloudflare distributes these across globally diverse datacenters using anycast routing. No subnet diversity concern per RFC2182 section 5. |
Info
Primary Nameserver
magali.ns.cloudflare.com
Hostmaster Email
dns.cloudflare.com
Serial Number
2398428272
Non-Standard (Unix Timestamp)
A unique version number that changes whenever the zone file is updated
Time Intervals
Refresh10000 seconds (2 hours)
How often secondary nameservers check for updates (20m - 24h)
Retry2400 seconds (40 minutes)
How long to wait before retrying a failed zone transfer (2m - 2h)
Expire604800 seconds (7 days)
How long secondary servers serve stale zone data (1w - 4w)
TTL1800 seconds (30 minutes)
Default time-to-live for resource records (5m - 24h)
SOA Serial numbers per nameserver:
trevor.ns.cloudflare.com: 2398428272
magali.ns.cloudflare.com: 2398428272
Good. All nameservers report the same SOA serial number.
Pass
OK. magali.ns.cloudflare.com is correctly listed as one of your nameservers.
Info
Your SOA serial number is: 2398428272. Using Cloudflare's automatic serial number management.
Pass
OK. Your SOA REFRESH interval is: 10000 seconds (167 minutes). This is within the recommended range of 1200-43200 seconds as per RFC1912 section 2.2.
Pass
OK. Your SOA RETRY value is: 2400 seconds (40 minutes). This is within the recommended range of 120-7200 seconds as per RFC1912 section 2.2.
Info
Current expire time is 604800 seconds (7 days). Using Cloudflare's optimized SOA expire time.
Pass
OK. Your SOA MINIMUM TTL is: 1800 seconds (30 minutes). This value is used for negative caching and is within the recommended range of 180-86400 seconds as per RFC2308 section 4.
| Status | Test name | Information |
|---|---|---|
SOA record | Primary Nameservermagali.ns.cloudflare.com Hostmaster Emaildns.cloudflare.com Serial Number 2398428272 Non-Standard (Unix Timestamp) A unique version number that changes whenever the zone file is updated Time IntervalsRefresh10000 seconds (2 hours) How often secondary nameservers check for updates (20m - 24h) Retry2400 seconds (40 minutes) How long to wait before retrying a failed zone transfer (2m - 2h) Expire604800 seconds (7 days) How long secondary servers serve stale zone data (1w - 4w) TTL1800 seconds (30 minutes) Default time-to-live for resource records (5m - 24h) | |
SOA Serial Consistency | SOA Serial numbers per nameserver:
trevor.ns.cloudflare.com: 2398428272
magali.ns.cloudflare.com: 2398428272
Good. All nameservers report the same SOA serial number. | |
SOA MNAME entry | OK. magali.ns.cloudflare.com is correctly listed as one of your nameservers. | |
SOA Serial | Your SOA serial number is: 2398428272. Using Cloudflare's automatic serial number management. | |
SOA REFRESH | OK. Your SOA REFRESH interval is: 10000 seconds (167 minutes). This is within the recommended range of 1200-43200 seconds as per RFC1912 section 2.2. | |
SOA RETRY | OK. Your SOA RETRY value is: 2400 seconds (40 minutes). This is within the recommended range of 120-7200 seconds as per RFC1912 section 2.2. | |
SOA EXPIRE | Current expire time is 604800 seconds (7 days). Using Cloudflare's optimized SOA expire time. | |
SOA MINIMUM TTL | OK. Your SOA MINIMUM TTL is: 1800 seconds (30 minutes). This value is used for negative caching and is within the recommended range of 180-86400 seconds as per RFC2308 section 4. |
IPv4 Configuration
Your domain is using Cloudflare's infrastructure for content delivery and security
IPv4 Addresses
104.26.0.161104.26.1.161172.67.71.12Configuration Benefits
Global content delivery
Content served from edge locations worldwide
DDoS protection
Built-in protection against distributed denial-of-service attacks
Load balancing
Intelligent traffic distribution across global network
Automatic failover
Seamless switching to healthy servers during outages
TTL: 300s
Provides a good balance between propagation speed and DNS loadPass
TTL of 300 seconds provides a good balance between propagation speed and DNS load.
| Status | Test name | Information |
|---|---|---|
A Record Configuration | IPv4 ConfigurationYour domain is using Cloudflare's infrastructure for content delivery and security IPv4 Addresses 104.26.0.161104.26.1.161172.67.71.12Configuration Benefits Global content delivery Content served from edge locations worldwide DDoS protection Built-in protection against distributed denial-of-service attacks Load balancing Intelligent traffic distribution across global network Automatic failover Seamless switching to healthy servers during outages TTL: 300s Provides a good balance between propagation speed and DNS load | |
A Record TTL | TTL of 300 seconds provides a good balance between propagation speed and DNS load. |
IPv6 Configuration
Your domain is using Cloudflare's infrastructure for content delivery and security
IPv6 Addresses
2606:4700:20::681a:1a12606:4700:20::681a:a12606:4700:20::ac43:470cTTL: 300s
Provides a good balance between propagation speed and DNS load| Status | Test name | Information |
|---|---|---|
IPv6 Configuration | IPv6 ConfigurationYour domain is using Cloudflare's infrastructure for content delivery and security IPv6 Addresses 2606:4700:20::681a:1a12606:4700:20::681a:a12606:4700:20::ac43:470cTTL: 300s Provides a good balance between propagation speed and DNS load |
All nameservers are reporting the same mail server configuration. This consistency ensures reliable email delivery.
Mail Exchange Configuration
| Priority | Mail Server | Actions |
|---|---|---|
1 | aspmx.l.google.com | |
5 | alt1.aspmx.l.google.com | |
5 | alt2.aspmx.l.google.com | |
10 | alt4.aspmx.l.google.com | |
10 | alt3.aspmx.l.google.com |
All mail server hostnames are properly formatted.
All mail servers use public IP addresses, ensuring global email delivery.
Pass
Mail servers are properly configured without CNAME records.
Pass
Each mail server has unique IP addresses, indicating proper distribution of mail handling.
Using managed mail services: Google Workspace. PTR records are automatically managed by these providers.
| Status | Test name | Information | ||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Mail Server Consistency | All nameservers are reporting the same mail server configuration. This consistency ensures reliable email delivery. | |||||||||||||||||||
Mail Server Configuration | Mail Exchange Configuration
| |||||||||||||||||||
Mail Server Hostname Validation | All mail server hostnames are properly formatted. | |||||||||||||||||||
Public IP Validation | All mail servers use public IP addresses, ensuring global email delivery. | |||||||||||||||||||
CNAME Validation | Mail servers are properly configured without CNAME records. | |||||||||||||||||||
IP Uniqueness | Each mail server has unique IP addresses, indicating proper distribution of mail handling. | |||||||||||||||||||
Reverse DNS Records | Using managed mail services: Google Workspace. PTR records are automatically managed by these providers. |
WWW record type: CDN Proxied (Proxied through Cloudflare)
www.
CDN Proxied Record
IPv4 Addresses
172.67.71.12104.26.0.161104.26.1.161IPv6 Addresses
2606:4700:20::681a:1a12606:4700:20::681a:a12606:4700:20::ac43:470cCDN Configuration
Your WWW record is proxied through Cloudflare, providing:
- Automatic CDN integration and caching
- DDoS protection and security features
- Load balancing and failover capabilities
- Easy infrastructure changes through the provider dashboard
| Status | Test name | Information |
|---|---|---|
WWW Configuration | WWW record type: CDN Proxied (Proxied through Cloudflare) www. CDN Proxied Record IPv4 Addresses 172.67.71.12104.26.0.161104.26.1.161IPv6 Addresses 2606:4700:20::681a:1a12606:4700:20::681a:a12606:4700:20::ac43:470cCDN Configuration Your WWW record is proxied through Cloudflare, providing:
|
Info
This domain uses Cloudflare. DNSSEC queries returned SERVFAIL, which may be due to resolver compatibility rather than a configuration issue. Cloudflare manages DNSSEC through their infrastructure โ check their dashboard for DNSSEC status.
Info
Your domain uses Cloudflare nameservers. Zone transfers are managed securely through Cloudflare's infrastructure using proprietary protocols.
Learn more: https://dnschkr.com/blog/dns-attacks-guide#dns-zone-transfer-attack-axfr
Info
No CAA records found. While optional, CAA records help control which Certificate Authorities can issue certificates for your domain.
Checked 8 common subdomains โ none have external CNAME records. No subdomain takeover risk from dangling CNAMEs.
Learn more: https://dnschkr.com/blog/dns-attacks-guide#subdomain-takeover
| Status | Test name | Information |
|---|---|---|
DNSSEC | This domain uses Cloudflare. DNSSEC queries returned SERVFAIL, which may be due to resolver compatibility rather than a configuration issue. Cloudflare manages DNSSEC through their infrastructure โ check their dashboard for DNSSEC status. | |
Zone Transfer | Your domain uses Cloudflare nameservers. Zone transfers are managed securely through Cloudflare's infrastructure using proprietary protocols.
Learn more: https://dnschkr.com/blog/dns-attacks-guide#dns-zone-transfer-attack-axfr | |
CAA Records | No CAA records found. While optional, CAA records help control which Certificate Authorities can issue certificates for your domain. | |
Subdomain Takeover | Checked 8 common subdomains โ none have external CNAME records. No subdomain takeover risk from dangling CNAMEs.
Learn more: https://dnschkr.com/blog/dns-attacks-guide#subdomain-takeover |
Info
Click any row to copy the raw value
v | spf1 include:_spf.google.com -all |
google-site-verification | XOJAuTx9OrZAdvq48ivnv9QoluOx6zfxkQnQxkHFk6M |
google-site-verification | _nLKJC5-xiRgXp16B3yG92hp5u6OREk05wcwzrBCVw0 |
Showing 3 of 3 records
Pass
Found SPF record: v=spf1 include:_spf.google.com -all
Pass
Found DMARC record: v=DMARC1;p=reject;rua=mailto:[email protected];ruf=mailto:[email protected];
Click any row to copy the raw value
google-site-verification | XOJAuTx9OrZAdvq48ivnv9QoluOx6zfxkQnQxkHFk6M |
google-site-verification | _nLKJC5-xiRgXp16B3yG92hp5u6OREk05wcwzrBCVw0 |
Showing 2 of 2 records
| Status | Test name | Information | ||||||||
|---|---|---|---|---|---|---|---|---|---|---|
TXT Records | Click any row to copy the raw value
Showing 3 of 3 records | |||||||||
SPF Record | Found SPF record: v=spf1 include:_spf.google.com -all | |||||||||
DMARC Record | Found DMARC record: v=DMARC1;p=reject;rua=mailto:[email protected];ruf=mailto:[email protected]; | |||||||||
Domain Verification | Click any row to copy the raw value
Showing 2 of 2 records |