CNAME Studio
Subdomain takeover checker
A subdomain that still points at a hosting resource you've since deleted can be claimed by an attacker and used to serve content from your name. This walks the CNAME chain, spots the provider, and checks whether the endpoint is unclaimed.
How subdomain takeover happens
You point blog.example.com at a SaaS platform with a CNAME — a GitHub Pages site, an S3 bucket, a Heroku app, a help desk. Later you delete the resource but forget the DNS record. The CNAME now dangles: it references a hostname on the provider that no longer belongs to anyone. An attacker who registers that same resource name on the provider inherits your subdomain, and can serve their content, phish your users, or steal cookies scoped to your domain.
What this tool checks
We follow the full CNAME chain, identify whether the final target belongs to a known hosting provider, and fetch the host to look for that provider's tell-tale "no such site / bucket / app" page. A dangling CNAME whose target shows that fingerprint — or no longer resolves at all — is flagged as takeover-able. The fix is always the same: remove the stale CNAME, or reclaim the resource on the provider.
Want the background? Read how a forgotten CNAME becomes an attacker's foothold, or resolve a chain end to end with the CNAME resolver.