XowiaScan
Home Tools Pricing API Docs About Sign in Get started
← All tools

CNAME / DNS Checker

Recon & Discovery

Resolve every core DNS record, follow the CNAME chain, and flag subdomain-takeover candidates — in one lookup.

What is CNAME / DNS Checker?

CNAME / DNS Checker gives you a fast, structured view of a hostname’s DNS — addresses, the full CNAME chain, mail routing, name servers, CAA and text records — without juggling dig commands. Everything is DNS-only, so it never touches the target and is safe to run anywhere.

For bug bounty it does the high-value bits up front: it follows CNAMEs to their final target and tells you when that target is an unclaimed third-party service (a subdomain-takeover lead), detects wildcard DNS, and reads your email-spoofing posture.

What it does

  • Full records — A, AAAA, CNAME, MX, NS, TXT, CAA and SOA together.
  • CNAME chain — follows aliases to the final target (where takeovers live).
  • Takeover fingerprinting — flags CNAMEs pointing at S3, GitHub Pages, Heroku, Azure, Netlify and more.
  • Reverse DNS (PTR) — resolves each A record back to its hostname.
  • Mail posture — SPF presence and the enforced DMARC policy.
  • Wildcard detection — warns when any subdomain resolves (false-positive risk for brute forcing).
  • Provider ID — names the DNS and email providers from NS/MX.

Where it fits in your workflow

  • Confirm where a host points and whether its CNAME is a takeover candidate.
  • Read email-spoofing protection (SPF/DMARC) at a glance.
  • Pivot straight into the Takeover Scanner, Subdomain Discovery or DNS Recon Pro.
Use CNAME / DNS Checker

Run it from your dashboard.

Create free account Sign in Use via API

At a glance

CategoryRecon & Discovery
RunsServer-side
Token cost 2 / run (free tier)
AccessFree · no login to try
Status● Live

Frequently asked questions

How is this different from DNS Recon Pro?

This is the quick single-host view with takeover/SPF/DMARC/wildcard signals. DNS Recon Pro goes deeper — AXFR zone-transfer testing, full SPF/DMARC/DKIM scoring and DNSSEC validation.

A CNAME was flagged as a takeover candidate — is it vulnerable?

Not necessarily. It means the alias points to a third-party service; whether it’s takeover-able depends on the resource being unclaimed. Confirm with the Takeover Scanner.

Explore more tools →