DNS Records for
uptime.com
๐ Hunting for rogue glue records.
DNS Records foruptime.com
Domain DNS Health Score
100%
Total Tests
30
Passed
30
Critical Issues
0
First-Visit DNS
~35ms
Excellent
Returning Visit
~15ms
Partial re-query
CNAME Depth
None
Direct A record
TTL Strategy
Aggressive Freshness
Very low TTLs prioritize freshness over performance
DNS Provider
AWS Route 53
Global Anycast
Avg NS Response
36ms
Normal
Insights
A4
AAAA8
NS4
MX5
TXT4
SPFok
DMARCok
DNSSECinfo
CAAinfo
100%
45/45 tests
TTL cache lifetime
1m
5m
30m
1h
4h
1d
2d
7d
A
Good for CDN or dynamic setups (1 min). Balances freshness with caching.1 min
AAAA
Good for CDN or dynamic setups (1 min). Balances freshness with caching.1 min
NS
17h 45m โ appropriate for nameserver records.17.8 hr
MX
5 min โ appropriate for mail server records.5 min
SOA
15 min
TXT
5 min โ appropriate for TXT records.5 min
Resolution waterfall
First visit ~35msReturning ~15ms
Root โ TLD nameserver
5ms
TLD โ Authoritative NS
20ms
NS โ A record (apex)
15ms
NS โ AAAA record (IPv6)
15ms
Benchmark: excellent
Per-nameserver response time
avg 36msspread 60ms
ns-1522.awsdns-62.org
60ms
ns-1918.awsdns-47.co.uk
4ms
ns-331.awsdns-41.com
16ms
ns-650.awsdns-17.net
64ms
Provider AWS Route 53Anycast claimed (network)
www resolution
www.uptime.comDirect A record โ no CNAME chain
18.239.6.12418.239.6.7418.239.6.4918.239.6.85SOA timing
Serial
1Refresh
2 hr
How often secondaries re-check
Retry
15 min
Wait after a failed refresh
Expire
14 days
Secondaries stop serving after
Min TTL
1 day
Negative cache duration
Zone last updated
Serial format isn't YYYYMMDDnn โ age can't be inferred.
Negative cache
NXDOMAIN responses are cached for 1 day. Typos against this zone stick around that long.
Glue records at parent
via e.gtld-servers.net
| Nameserver | IPv4 | IPv6 | Zone match |
|---|---|---|---|
| ns-650.awsdns-17.net | 205.251.194.138 | 2600:9000:5302:8a00::1 | match |
| ns-331.awsdns-41.com | 205.251.193.75 | โ | match |
| ns-1918.awsdns-47.co.uk | 205.251.199.126 | 2600:9000:5307:7e00::1 | match |
| ns-1522.awsdns-62.org | 205.251.197.242 | 2600:9000:5305:f200::1 | match |
Mail exchange priority
5 MX records
pref 1
aspmx.l.google.com
Primary
pref 5
alt1.aspmx.l.google.com
Tied priority
pref 5
alt2.aspmx.l.google.com
Tied priority
pref 10
alt3.aspmx.l.google.com
Tied priority
pref 10
alt4.aspmx.l.google.com
Tied priority
SPF mechanism chain
v=spf1
aSenders matching domain's A
mxSenders matching domain's MX
include:_spf.google.comDelegate check to another SPF
include:sendgrid.netDelegate check to another SPF
include:mail.zendesk.comDelegate check to another SPF
include:5040532.spf10.hubspotemail.netDelegate check to another SPF
-allhardfail
DMARC policy
Policy (p=)
reject
Fraudulent mail is rejected outright
Subdomains (sp=)
reject
Inherits from p=
Coverage (pct=)
100%
Applied to all mail
SPF alignment
relaxed
DKIM alignment
relaxed
Aggregate reports โ rua
mailto:[email protected]
These nameservers are responsible for answering queries about your domain
4 Records
ns-650.awsdns-17.net
ns-331.awsdns-41.com
ns-1918.awsdns-47.co.uk
ns-1522.awsdns-62.org
AWS Route 53
Your domain is using Amazon Route 53 DNS service, which provides a globally distributed network of nameservers for high availability and low latency.
Source: This information was kindly provided by e.gtld-servers.net ๐๐ผ
Good. e.gtld-servers.net has information for your TLD. This confirms your domain is properly delegated.
Good. The parent server has your nameservers listed and they match the actual NS records. This ensures consistent DNS resolution.
Glue Records from Parent Server
Information provided by e.gtld-servers.net
ns-650.awsdns-17.net
Nameserver
IPv4 Addresses:
205.251.194.138IPv6 Addresses:
2600:9000:5302:8a00::1ns-331.awsdns-41.com
Nameserver
IPv4 Addresses:
205.251.193.75ns-1918.awsdns-47.co.uk
Nameserver
IPv4 Addresses:
205.251.199.126IPv6 Addresses:
2600:9000:5307:7e00::1ns-1522.awsdns-62.org
Nameserver
IPv4 Addresses:
205.251.197.242IPv6 Addresses:
2600:9000:5305:f200::1Note:
The parent server is providing glue records for these nameservers. While not required (since the nameservers are not under your domain), this helps optimize DNS resolution.
| Status | Test name | Information |
|---|---|---|
Authoritative Nameservers | These nameservers are responsible for answering queries about your domain 4 Records ns-650.awsdns-17.netns-331.awsdns-41.comns-1918.awsdns-47.co.ukns-1522.awsdns-62.orgAWS Route 53Your domain is using Amazon Route 53 DNS service, which provides a globally distributed network of nameservers for high availability and low latency. Source: This information was kindly provided by e.gtld-servers.net ๐๐ผ | |
TLD Delegation Check | Good. e.gtld-servers.net has information for your TLD. This confirms your domain is properly delegated. | |
Nameservers Listed at Parent | Good. The parent server has your nameservers listed and they match the actual NS records. This ensures consistent DNS resolution. | |
Glue Records from Parent | Glue Records from Parent ServerInformation provided by e.gtld-servers.net ns-650.awsdns-17.netNameserver IPv4 Addresses: 205.251.194.138IPv6 Addresses: 2600:9000:5302:8a00::1ns-331.awsdns-41.comNameserver IPv4 Addresses: 205.251.193.75ns-1918.awsdns-47.co.ukNameserver IPv4 Addresses: 205.251.199.126IPv6 Addresses: 2600:9000:5307:7e00::1ns-1522.awsdns-62.orgNameserver IPv4 Addresses: 205.251.197.242IPv6 Addresses: 2600:9000:5305:f200::1Note: The parent server is providing glue records for these nameservers. While not required (since the nameservers are not under your domain), this helps optimize DNS resolution. |
ns-1522.awsdns-62.org
AWS Route 53
IPv4 Addresses
205.251.197.242
IPv6 Addresses
2600:9000:5305:f200::1
Authoritative
Non-Recursive
TCP
UDP
TTL: 172,800s (2 days)
ns-1918.awsdns-47.co.uk
AWS Route 53
IPv4 Addresses
205.251.199.126
IPv6 Addresses
2600:9000:5307:7e00::1
Authoritative
Non-Recursive
TCP
UDP
TTL: 172,800s (2 days)
ns-331.awsdns-41.com
AWS Route 53
IPv4 Addresses
205.251.193.75
IPv6 Addresses
2600:9000:5301:4b00::1
Authoritative
Non-Recursive
TCP
UDP
TTL: 172,800s (2 days)
ns-650.awsdns-17.net
AWS Route 53
IPv4 Addresses
205.251.194.138
IPv6 Addresses
2600:9000:5302:8a00::1
Authoritative
Non-Recursive
TCP
UDP
TTL: 172,800s (2 days)
Good. No nameservers allow recursive queries.
Route 53's DNS uses a global network to speed up responses. Normally, the IP addresses at the parent nameservers and Route 53's servers should match. If they don't, it might just be a short-term update.
Route 53 manages glue records through their global DNS infrastructure.
Good. The NS records at all your nameservers are identical.
Good. All nameservers listed at the parent server responded.
All NS records appear to be valid hostnames.
You have 4 nameservers. This meets the minimum requirement, though RFC2182 section 5 recommends at least 3 for better reliability.
Good. All nameservers are answering authoritatively for your domain.
Good. All NS records match between parent and nameservers, as required by RFC1034 section 3.6.
Good. All parent-listed nameservers are reported by your nameservers, as required by RFC1034 section 3.6.
Good. No CNAME records found for NS records, as per RFC1912 section 2.4 and RFC2181 section 10.3.
Anycast provider detected (AWS Route 53).While 6 IP pair(s) share a
/16
prefix, AWS Route 53 distributes these across globally diverse datacenters using anycast routing. No subnet diversity concern per RFC2182 section 5.| Status | Test name | Information |
|---|---|---|
Nameserver Records from Zone | ns-1522.awsdns-62.orgAWS Route 53 IPv4 Addresses 205.251.197.242 IPv6 Addresses 2600:9000:5305:f200::1 Authoritative Non-Recursive TCP UDP TTL: 172,800s (2 days) ns-1918.awsdns-47.co.ukAWS Route 53 IPv4 Addresses 205.251.199.126 IPv6 Addresses 2600:9000:5307:7e00::1 Authoritative Non-Recursive TCP UDP TTL: 172,800s (2 days) ns-331.awsdns-41.comAWS Route 53 IPv4 Addresses 205.251.193.75 IPv6 Addresses 2600:9000:5301:4b00::1 Authoritative Non-Recursive TCP UDP TTL: 172,800s (2 days) ns-650.awsdns-17.netAWS Route 53 IPv4 Addresses 205.251.194.138 IPv6 Addresses 2600:9000:5302:8a00::1 Authoritative Non-Recursive TCP UDP TTL: 172,800s (2 days) | |
Open Recursive Queries | Good. No nameservers allow recursive queries. | |
Glue Record Consistency | Route 53's DNS uses a global network to speed up responses. Normally, the IP addresses at the parent nameservers and Route 53's servers should match. If they don't, it might just be a short-term update. | |
Missing Glue for NS Records | Route 53 manages glue records through their global DNS infrastructure. | |
Mismatched NS records | Good. The NS records at all your nameservers are identical. | |
DNS servers responded | Good. All nameservers listed at the parent server responded. | |
Name of nameservers are valid | All NS records appear to be valid hostnames. | |
Nameserver Redundancy Check | You have 4 nameservers. This meets the minimum requirement, though RFC2182 section 5 recommends at least 3 for better reliability. | |
Lame Delegation Check | Good. All nameservers are answering authoritatively for your domain. | |
Parent Missing Nameservers | Good. All NS records match between parent and nameservers, as required by RFC1034 section 3.6. | |
Zone Missing Nameservers | Good. All parent-listed nameservers are reported by your nameservers, as required by RFC1034 section 3.6. | |
CNAMEs at Apex Check | Good. No CNAME records found for NS records, as per RFC1912 section 2.4 and RFC2181 section 10.3. | |
NS IP Subnet Diversity | Anycast provider detected (AWS Route 53).While 6 IP pair(s) share a /16 prefix, AWS Route 53 distributes these across globally diverse datacenters using anycast routing. No subnet diversity concern per RFC2182 section 5. |
Info
Primary Nameserver
ns-1918.awsdns-47.co.uk
Hostmaster Email
awsdns-hostmaster.amazon.com
Serial Number
1
Non-Standard (Simple Counter)
A unique version number that changes whenever the zone file is updated
Time Intervals
Refresh7200 seconds (2 hours)
How often secondary nameservers check for updates (20m - 24h)
Retry900 seconds (15 minutes)
How long to wait before retrying a failed zone transfer (2m - 2h)
Expire1209600 seconds (14 days)
How long secondary servers serve stale zone data (1w - 4w)
TTL86400 seconds (1 days)
Default time-to-live for resource records (5m - 24h)
SOA Serial numbers per nameserver:
ns-1522.awsdns-62.org: 1
ns-1918.awsdns-47.co.uk: 1
ns-331.awsdns-41.com: 1
ns-650.awsdns-17.net: 1
Good. All nameservers report the same SOA serial number.
Pass
OK. ns-1918.awsdns-47.co.uk is correctly listed as one of your nameservers.
Info
Your SOA serial number is: 1. Using Amazon DNS automatic serial number management.
Pass
OK. Your SOA REFRESH interval is: 7200 seconds (120 minutes). This is within the recommended range of 1200-43200 seconds as per RFC1912 section 2.2.
Pass
OK. Your SOA RETRY value is: 900 seconds (15 minutes). This is within the recommended range of 120-7200 seconds as per RFC1912 section 2.2.
Pass
Current expire time is 1209600 seconds (14 days).
Pass
OK. Your SOA MINIMUM TTL is: 86400 seconds (1440 minutes). This value is used for negative caching and is within the recommended range of 180-86400 seconds as per RFC2308 section 4.
| Status | Test name | Information |
|---|---|---|
SOA record | Primary Nameserverns-1918.awsdns-47.co.uk Hostmaster Emailawsdns-hostmaster.amazon.com Serial Number 1 Non-Standard (Simple Counter) A unique version number that changes whenever the zone file is updated Time IntervalsRefresh7200 seconds (2 hours) How often secondary nameservers check for updates (20m - 24h) Retry900 seconds (15 minutes) How long to wait before retrying a failed zone transfer (2m - 2h) Expire1209600 seconds (14 days) How long secondary servers serve stale zone data (1w - 4w) TTL86400 seconds (1 days) Default time-to-live for resource records (5m - 24h) | |
SOA Serial Consistency | SOA Serial numbers per nameserver:
ns-1522.awsdns-62.org: 1
ns-1918.awsdns-47.co.uk: 1
ns-331.awsdns-41.com: 1
ns-650.awsdns-17.net: 1
Good. All nameservers report the same SOA serial number. | |
SOA MNAME entry | OK. ns-1918.awsdns-47.co.uk is correctly listed as one of your nameservers. | |
SOA Serial | Your SOA serial number is: 1. Using Amazon DNS automatic serial number management. | |
SOA REFRESH | OK. Your SOA REFRESH interval is: 7200 seconds (120 minutes). This is within the recommended range of 1200-43200 seconds as per RFC1912 section 2.2. | |
SOA RETRY | OK. Your SOA RETRY value is: 900 seconds (15 minutes). This is within the recommended range of 120-7200 seconds as per RFC1912 section 2.2. | |
SOA EXPIRE | Current expire time is 1209600 seconds (14 days). | |
SOA MINIMUM TTL | OK. Your SOA MINIMUM TTL is: 86400 seconds (1440 minutes). This value is used for negative caching and is within the recommended range of 180-86400 seconds as per RFC2308 section 4. |
IPv4 Configuration
Multiple IPv4 addresses configured for redundancy and load balancing
IPv4 Addresses
18.239.6.7418.239.6.4918.239.6.12418.239.6.85Configuration Benefits
DNS-based load balancing
Distributes traffic across multiple servers to improve performance and reliability
Failover capability
Automatic fallback to healthy servers if one becomes unavailable
Geographic distribution potential
Ability to serve content from servers closest to users
TTL: 60s
Provides a good balance between propagation speed and DNS loadInfo
Low TTL of 60 seconds provides quick propagation but may increase DNS load.
| Status | Test name | Information |
|---|---|---|
A Record Configuration | IPv4 ConfigurationMultiple IPv4 addresses configured for redundancy and load balancing IPv4 Addresses 18.239.6.7418.239.6.4918.239.6.12418.239.6.85Configuration Benefits DNS-based load balancing Distributes traffic across multiple servers to improve performance and reliability Failover capability Automatic fallback to healthy servers if one becomes unavailable Geographic distribution potential Ability to serve content from servers closest to users TTL: 60s Provides a good balance between propagation speed and DNS load | |
A Record TTL | Low TTL of 60 seconds provides quick propagation but may increase DNS load. |
IPv6 Configuration
Multiple IPv6 addresses configured for redundancy and load balancing
IPv6 Addresses
2600:9000:28cd:ea00:15:e39f:8a40:93a12600:9000:28cd:3a00:15:e39f:8a40:93a12600:9000:28cd:9000:15:e39f:8a40:93a12600:9000:28cd:fa00:15:e39f:8a40:93a12600:9000:28cd:6e00:15:e39f:8a40:93a12600:9000:28cd:8000:15:e39f:8a40:93a12600:9000:28cd:f800:15:e39f:8a40:93a12600:9000:28cd:b400:15:e39f:8a40:93a1TTL: 60s
Provides a good balance between propagation speed and DNS load| Status | Test name | Information |
|---|---|---|
IPv6 Configuration | IPv6 ConfigurationMultiple IPv6 addresses configured for redundancy and load balancing IPv6 Addresses 2600:9000:28cd:ea00:15:e39f:8a40:93a12600:9000:28cd:3a00:15:e39f:8a40:93a12600:9000:28cd:9000:15:e39f:8a40:93a12600:9000:28cd:fa00:15:e39f:8a40:93a12600:9000:28cd:6e00:15:e39f:8a40:93a12600:9000:28cd:8000:15:e39f:8a40:93a12600:9000:28cd:f800:15:e39f:8a40:93a12600:9000:28cd:b400:15:e39f:8a40:93a1TTL: 60s Provides a good balance between propagation speed and DNS load |
All nameservers are reporting the same mail server configuration. This consistency ensures reliable email delivery.
Mail Exchange Configuration
| Priority | Mail Server | Actions |
|---|---|---|
1 | aspmx.l.google.com | |
5 | alt1.aspmx.l.google.com | |
5 | alt2.aspmx.l.google.com | |
10 | alt3.aspmx.l.google.com | |
10 | alt4.aspmx.l.google.com |
All mail server hostnames are properly formatted.
All mail servers use public IP addresses, ensuring global email delivery.
Pass
Mail servers are properly configured without CNAME records.
Pass
Each mail server has unique IP addresses, indicating proper distribution of mail handling.
Using managed mail services: Google Workspace. PTR records are automatically managed by these providers.
| Status | Test name | Information | ||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Mail Server Consistency | All nameservers are reporting the same mail server configuration. This consistency ensures reliable email delivery. | |||||||||||||||||||
Mail Server Configuration | Mail Exchange Configuration
| |||||||||||||||||||
Mail Server Hostname Validation | All mail server hostnames are properly formatted. | |||||||||||||||||||
Public IP Validation | All mail servers use public IP addresses, ensuring global email delivery. | |||||||||||||||||||
CNAME Validation | Mail servers are properly configured without CNAME records. | |||||||||||||||||||
IP Uniqueness | Each mail server has unique IP addresses, indicating proper distribution of mail handling. | |||||||||||||||||||
Reverse DNS Records | Using managed mail services: Google Workspace. PTR records are automatically managed by these providers. |
WWW record type: A & AAAA
www.
A & AAAA Record
IPv4 Addresses
Matches Apex
18.239.6.7418.239.6.12418.239.6.8518.239.6.49IPv6 Addresses
2600:9000:2873:3000:15:e39f:8a40:93a12600:9000:2873:2000:15:e39f:8a40:93a12600:9000:2873:ae00:15:e39f:8a40:93a12600:9000:2873:c400:15:e39f:8a40:93a12600:9000:2873:e200:15:e39f:8a40:93a12600:9000:2873:9400:15:e39f:8a40:93a12600:9000:2873:5800:15:e39f:8a40:93a12600:9000:2873:aa00:15:e39f:8a40:93a1Multiple records of the same type found:
โข IPv4: 4 A records
โข IPv6: 8 AAAA records
This can provide redundancy if the IPs are on different servers, but doesn't automatically mean load balancing is in use.
| Status | Test name | Information |
|---|---|---|
WWW Configuration | WWW record type: A & AAAA www. A & AAAA Record IPv4 Addresses Matches Apex 18.239.6.7418.239.6.12418.239.6.8518.239.6.49IPv6 Addresses 2600:9000:2873:3000:15:e39f:8a40:93a12600:9000:2873:2000:15:e39f:8a40:93a12600:9000:2873:ae00:15:e39f:8a40:93a12600:9000:2873:c400:15:e39f:8a40:93a12600:9000:2873:e200:15:e39f:8a40:93a12600:9000:2873:9400:15:e39f:8a40:93a12600:9000:2873:5800:15:e39f:8a40:93a12600:9000:2873:aa00:15:e39f:8a40:93a1 | |
Multiple WWW Records | Multiple records of the same type found:
โข IPv4: 4 A records
โข IPv6: 8 AAAA records
This can provide redundancy if the IPs are on different servers, but doesn't automatically mean load balancing is in use. |
Info
This domain uses Amazon Route 53. DNSSEC queries returned SERVFAIL, which may be due to resolver compatibility rather than a configuration issue. Amazon Route 53 manages DNSSEC through their infrastructure โ check their dashboard for DNSSEC status.
Info
Your domain uses Amazon Route 53 nameservers. AWS Route 53 handles zone transfers through their own secure mechanisms. AXFR responses are part of their managed DNS infrastructure.
Learn more: https://dnschkr.com/blog/dns-attacks-guide#dns-zone-transfer-attack-axfr
Info
No CAA records found. While optional, CAA records help control which Certificate Authorities can issue certificates for your domain.
Checked 8 common subdomains โ none have external CNAME records. No subdomain takeover risk from dangling CNAMEs.
Learn more: https://dnschkr.com/blog/dns-attacks-guide#subdomain-takeover
| Status | Test name | Information |
|---|---|---|
DNSSEC | This domain uses Amazon Route 53. DNSSEC queries returned SERVFAIL, which may be due to resolver compatibility rather than a configuration issue. Amazon Route 53 manages DNSSEC through their infrastructure โ check their dashboard for DNSSEC status. | |
Zone Transfer | Your domain uses Amazon Route 53 nameservers. AWS Route 53 handles zone transfers through their own secure mechanisms. AXFR responses are part of their managed DNS infrastructure.
Learn more: https://dnschkr.com/blog/dns-attacks-guide#dns-zone-transfer-attack-axfr | |
CAA Records | No CAA records found. While optional, CAA records help control which Certificate Authorities can issue certificates for your domain. | |
Subdomain Takeover | Checked 8 common subdomains โ none have external CNAME records. No subdomain takeover risk from dangling CNAMEs.
Learn more: https://dnschkr.com/blog/dns-attacks-guide#subdomain-takeover |
Info
Click any row to copy the raw value
ahrefs-site-verification_f7fa88f245c565a36f4ef1d47c6138900e137e58078d7497b84d4fb3c9326108 | N/A |
apple-domain-verification | 1M2miTSCbwbLZIa6 |
atlassian-domain-verification | ehiwXe6c28IK9JRyEhcWoKU8hsaRIfTEX2BJR4jg4237oyFfOj0Rd7XhI2sBKXFP |
Showing 3 of 4 records (limited view)
Pass
Found SPF record: v=spf1 a mx include:_spf.google.com include:sendgrid.net include:mail.zendesk.com include:5040532.spf10.hubspotemail.net -all
Pass
Found DMARC record: v=DMARC1; p=reject; rua=mailto:[email protected]
Click any row to copy the raw value
apple-domain-verification | 1M2miTSCbwbLZIa6 |
Showing 1 of 1 record
| Status | Test name | Information | ||||||||
|---|---|---|---|---|---|---|---|---|---|---|
TXT Records | Click any row to copy the raw value
Showing 3 of 4 records (limited view) | |||||||||
SPF Record | Found SPF record: v=spf1 a mx include:_spf.google.com include:sendgrid.net include:mail.zendesk.com include:5040532.spf10.hubspotemail.net -all | |||||||||
DMARC Record | Found DMARC record: v=DMARC1; p=reject; rua=mailto:[email protected] | |||||||||
Domain Verification | Click any row to copy the raw value
Showing 1 of 1 record |