We are having trouble resolving our domain address sc.stat-cdn.com by your DNS server.
host sc.stat-cdn.com 8.8.8.8 returns:
sc.stat-cdn.com has address 135.148.29.30
sc.stat-cdn.com has address 177.54.148.191
sc.stat-cdn.com has address 142.44.255.227
It should return the following addresses:
sc.stat-cdn.com has address 212.32.251.176
sc.stat-cdn.com has address 51.195.1.43
sc.stat-cdn.com has address 51.68.187.140
sc.stat-cdn.com has address 178.32.106.183
host sc.stat-cdn.com 1.1.1.1 and host sc.stat-cdn.com 9.9.9.9 return correct IPs
Once every dozen or so attempts, the host sc.stat-cdn.com 8.8.8.8 gives the correct result.
The problem has been occurring since Friday at 9:30 a.m. (UTC+01:00).
Can anyone help me?
@Clickmeeting hello!
I am trying to follow the delegation chain here and here is how it looks:
; <<>> DiG 9.18.24 <<>> -4 sc.stat-cdn.com +trace +nodnssec
;; global options: +cmd
. 87203 IN NS m.root-servers.net.
. 87203 IN NS f.root-servers.net.
. 87203 IN NS i.root-servers.net.
. 87203 IN NS l.root-servers.net.
. 87203 IN NS d.root-servers.net.
. 87203 IN NS a.root-servers.net.
. 87203 IN NS g.root-servers.net.
. 87203 IN NS e.root-servers.net.
. 87203 IN NS h.root-servers.net.
. 87203 IN NS c.root-servers.net.
. 87203 IN NS j.root-servers.net.
. 87203 IN NS k.root-servers.net.
. 87203 IN NS b.root-servers.net.
;; Received 239 bytes from 8.8.8.8#53(8.8.8.8) in 45 ms
com. 172800 IN NS a.gtld-servers.net.
com. 172800 IN NS b.gtld-servers.net.
com. 172800 IN NS c.gtld-servers.net.
com. 172800 IN NS d.gtld-servers.net.
com. 172800 IN NS e.gtld-servers.net.
com. 172800 IN NS f.gtld-servers.net.
com. 172800 IN NS g.gtld-servers.net.
com. 172800 IN NS h.gtld-servers.net.
com. 172800 IN NS i.gtld-servers.net.
com. 172800 IN NS j.gtld-servers.net.
com. 172800 IN NS k.gtld-servers.net.
com. 172800 IN NS l.gtld-servers.net.
com. 172800 IN NS m.gtld-servers.net.
;; Received 840 bytes from 193.0.14.129#53(k.root-servers.net) in 64 ms
stat-cdn.com. 172800 IN NS ns11.constellix.com.
stat-cdn.com. 172800 IN NS ns51.constellix.net.
stat-cdn.com. 172800 IN NS ns41.constellix.net.
stat-cdn.com. 172800 IN NS ns21.constellix.com.
stat-cdn.com. 172800 IN NS ns61.constellix.net.
stat-cdn.com. 172800 IN NS ns31.constellix.com.
;; Received 315 bytes from 192.31.80.30#53(d.gtld-servers.net) in 50 ms
sc.stat-cdn.com. 120 IN A 135.148.29.30
sc.stat-cdn.com. 120 IN A 142.44.255.227
sc.stat-cdn.com. 120 IN A 199.115.114.35
stat-cdn.com. 86400 IN NS ns31.constellix.com.
stat-cdn.com. 86400 IN NS ns41.constellix.net.
stat-cdn.com. 86400 IN NS ns51.constellix.net.
stat-cdn.com. 86400 IN NS ns61.constellix.net.
stat-cdn.com. 86400 IN NS ns11.constellix.com.
stat-cdn.com. 86400 IN NS ns21.constellix.com.
;; Received 231 bytes from 43.247.171.1#53(ns61.constellix.net) in 32 ms
As always the root servers delegate com. to gTLD, TLD delegates stat-cdn.com. to a number of nameservers in constellix -
ns11.constellix.com.
ns51.constellix.net.
ns41.constellix.net.
ns21.constellix.com.
ns61.constellix.net.
ns31.constellix.com.
So these appear to be the authoritative name server for the domain.
Now, if we go and ask either of these servers to give us an A record for sc.stat-cdn.com, here is what we would see:
for ns in ns11.constellix.com. ns51.constellix.net. ns41.constellix.net. ns21.constellix.com. ns61.constellix.net. ns31.constellix.com.; do
for> echo $ns; dig @$ns sc.stat-cdn.com +short;
for> done
ns11.constellix.com.
199.115.114.35
135.148.29.30
142.44.255.227
ns51.constellix.net.
142.44.255.227
199.115.114.35
135.148.29.30
ns41.constellix.net.
142.44.255.227
199.115.114.35
135.148.29.30
ns21.constellix.com.
199.115.114.35
135.148.29.30
142.44.255.227
ns61.constellix.net.
142.44.255.227
199.115.114.35
135.148.29.30
ns31.constellix.com.
142.44.255.227
199.115.114.35
135.148.29.30
Which mean that authoritative name servers (the ultimate source of truth if you will) when asked directly, tell us that the answer should be
199.115.114.35
135.148.29.30
142.44.255.227
I assume there could be some geo location resolution involved, where depending on where the request is coming from authoritative name servers will return different sets of answers. If you check propagation with https://dnschecker.org/ you can notice that most of the requests in North America end up having the set above, while most of the requests coming from EU will resolve to a different set:
212.32.251.176
178.32.106.183
51.68.131.149
51.68.187.140
Since we can see that clearly this is not just Google public resolvers that resolve the domain to 3 addresses, which you consider wrong, I am hesitant to believe that the issue is with Google, and is likely to revolve around either delegation or geo-location of the requests.
You can see pretty much the same resolution result at
The last thing I would like to mention is that Google Public resolvers also return different sets depending on where the request is coming from, and there is more than just two different types of answers - there is one set returned in Africa and EU, two sets for APAC (separate for Australia and the rest), another set for NA and one for SA.
Hope it helps.