I’m trying to use CanaryTokens in one of my servers. The token kept failing to work on the droplet but worked everywhere else. I found that running “nslookup canarytokens.com” on the server failed:

;; Got SERVFAIL reply from, trying next server
;; Got SERVFAIL reply from, trying next server

** server can't find canarytokens.com: SERVFAIL

So I tried https://www.digitalocean.com/community/tools/dns and it also fails but the domain exists.

Can you please take a look? Thanks in advance.

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

Submit an Answer
2 answers

Hi there @ghecho,

As far as I can see something looks off with your nameservers:


When did you last change your nameservers? Note that it might take up to 24-48 hours after a DNS change for the DNS cache to clear over the Globe.


  • I don’t own that domain, it’s a service from Thinkst Canary. I’ll try to contact them and see if they have more info about the issue.


At the moment you can apply a workaround for this problem by adding a line in /etc/hosts file. canarytokens.com

Next, try to set up a Canary Token. But bear in mind that their server IP may be changed in process of time, so you must control it from time to time.

  • Thank you, I think I will investigate further and try to get the root issue solved because of the exact problem you mention, that I don’t want to have to monitor the DNS changes manually.