CNAME Record Checker

Check CNAME DNS records for domains and subdomains.

What does CNAME Record Checker do?

This actor checks CNAME records for domains and subdomains, following the alias chain to find the final target. It resolves CNAME chains (up to 10 hops), showing the full resolution path from the initial hostname to the canonical name. Useful for DNS auditing, CDN detection, and verifying domain aliases. Pass in a list of domains or subdomains and get structured results with the full CNAME chain for each.

Use cases

• SEO specialists -- identify CDN providers and hosting setups by tracing CNAME aliases for competitor domains
• DevOps engineers -- verify that CNAME records point to the correct load balancers or CDN endpoints after infrastructure changes
• DNS administrators -- audit CNAME chain depth across managed domains to prevent excessive resolution hops
• Security analysts -- detect dangling CNAMEs that point to decommissioned services, which can be exploited for subdomain takeover
• Migration planners -- document all CNAME records before making DNS changes to ensure nothing breaks during a migration

Why use CNAME Record Checker?

• Full chain resolution -- follows CNAME chains up to 10 hops deep, showing every intermediate alias
• Batch processing -- check hundreds of domains and subdomains in a single run
• Structured JSON output -- each result includes the domain, CNAME target, full chain, chain length, and any errors
• Pay-per-event pricing -- only $0.001 per domain checked, keeping costs low for large audits
• Fast concurrent lookups -- DNS queries are performed in parallel for quick results
• No setup required -- runs entirely on Apify cloud with no servers to configure

Input parameters

Parameter	Type	Required	Default	Description
domains	array of strings	Yes	--	List of domains or subdomains to check for CNAME records (e.g., www.example.com, mail.google.com)

{
    "domains": ["www.google.com", "www.github.com", "mail.protonmail.com"]
}

Output example

Each domain produces a result object with the following fields:

Field	Type	Description
domain	string	The domain or subdomain that was checked
hasCname	boolean	Whether a CNAME record was found
cname	string/null	The final canonical name target
cnameChain	string[]	Full chain from input domain to final target
chainLength	number	Number of CNAME hops
error	string/null	Error message if the lookup failed

{
    "domain": "www.github.com",
    "hasCname": true,
    "cname": "github.com",
    "cnameChain": ["www.github.com", "github.com"],
    "chainLength": 1,
    "error": null
}

A domain without a CNAME record returns:

{
    "domain": "google.com",
    "hasCname": false,
    "cname": null,
    "cnameChain": [],
    "chainLength": 0,
    "error": null
}

How much does it cost?

Event	Price	Description
Start	$0.035	One-time per run
Domain checked	$0.001	Per domain checked

Example costs:

• 10 domains: $0.035 + 10 x $0.001 = $0.045
• 100 domains: $0.035 + 100 x $0.001 = $0.135
• 1,000 domains: $0.035 + 1,000 x $0.001 = $1.035

Using the Apify API

You can start CNAME Record Checker programmatically from your own applications using the Apify API. The following examples show how to run the actor and retrieve results.

Node.js

import { ApifyClient } from 'apify-client';

const client = new ApifyClient({ token: 'YOUR_TOKEN' });
const run = await client.actor('automation-lab/cname-record-checker').call({
    domains: ['www.google.com', 'www.github.com'],
});
const { items } = await client.dataset(run.defaultDatasetId).listItems();
console.log(items);

Python

from apify_client import ApifyClient

client = ApifyClient('YOUR_TOKEN')
run = client.actor('automation-lab/cname-record-checker').call(run_input={
    'domains': ['www.google.com', 'www.github.com'],
})
items = client.dataset(run['defaultDatasetId']).list_items().items
print(items)

Integrations

CNAME Record Checker works with all major integration platforms supported by Apify. Connect it to Make (formerly Integromat), Zapier, n8n, or Slack to automate DNS monitoring workflows. Export results directly to Google Sheets for collaborative review or use webhooks to trigger downstream actions when a run completes. You can also chain this actor with other DNS-related actors for comprehensive domain audits.

Common integration patterns include:

• Google Sheets -- export CNAME chain results to a spreadsheet for collaborative DNS documentation
• Slack -- get alerts when scheduled runs detect dangling CNAMEs or unexpected chain changes
• Zapier / Make -- automatically check CNAME records when new subdomains are discovered
• Webhooks -- receive results via POST request for real-time processing in your own systems

Tips and best practices

• Check subdomains, not root domains -- CNAME records are most commonly found on subdomains like www.example.com or cdn.example.com. Root domains typically use A or AAAA records instead.
• Watch for dangling CNAMEs -- if a CNAME points to a service you no longer use (e.g., an old CDN or Heroku app), it could be vulnerable to subdomain takeover. Use this actor to find them.
• Combine with NS and MX checks -- for a full DNS audit, run this actor alongside the NS Record Checker and MX Record Checker to get a complete picture of your domain configuration.
• Batch your lookups -- running one actor call with 500 domains is much cheaper than 500 separate runs, since you only pay the $0.035 start fee once.
• Schedule periodic checks -- set up an Apify Schedule to run this actor weekly and detect unexpected CNAME changes that could indicate DNS hijacking or misconfigurations.

FAQ

What is a CNAME record? A CNAME (Canonical Name) record is a DNS record that maps one domain name (an alias) to another domain name (the canonical name). For example, www.example.com might have a CNAME pointing to example.com or to a CDN endpoint.

Why does a domain show no CNAME? Root domains (apex domains like example.com) cannot have CNAME records per the DNS specification. CNAME records are used on subdomains. If a subdomain has no CNAME, it likely uses an A or AAAA record instead.

Can I detect which CDN a site uses with this actor? Yes. Many CDNs are identifiable by their CNAME targets. For example, a CNAME pointing to d1234.cloudfront.net indicates Amazon CloudFront, while example.cdn.cloudflare.net indicates Cloudflare.

What is a dangling CNAME and why is it dangerous? A dangling CNAME is a CNAME record that points to a domain or service that no longer exists (e.g., a deleted Heroku app, decommissioned S3 bucket, or cancelled Azure service). An attacker can register the target service and serve malicious content on your subdomain. This is known as subdomain takeover.

What is the maximum CNAME chain depth this actor follows? The actor follows CNAME chains up to 10 hops. If a chain exceeds 10 hops, it stops and reports the chain discovered so far. In practice, CNAME chains longer than 2-3 hops are rare and often indicate a misconfiguration.