LOGBOOK

HELP

Quiz Entry - updated: 2026.06.19

What is CNAME cloaking, how widespread is it, and what are its risks?

CNAME cloaking disguises third-party cookies as first-party via DNS to bypass browser protections; studies found 76% of analyzed websites use it, and it carries cookie-leakage security risks plus GDPR transparency obligations.

A first-party-looking subdomain is CNAME-redirected at the DNS level to an external tracker, disguising a third party as first party.

* CNAME cloaking: a first-party-looking subdomain is DNS-redirected to an external tracker, dodging third-party-cookie blocking. *

The mechanism (three parts):

  • DNS-CNAME redirection — a site's own subdomain points to a tracking server
  • First-party cookie disguise — the browser treats the subdomain's cookies as first-party, so protections don't block them
  • Server-side forwarding — tracking data is forwarded server-side to the real third party, bypassing browser defenses

Scale: research found 76% of analyzed sites use this technique to undermine tracking protection.

Risks & limits:

  • Security: cookie leakage — first-party cookies (possibly including session tokens) can leak to the tracker
  • Legal: GDPR transparency duties still apply — CNAME tracking is not a free pass; it doesn't replace consent and must be used lawfully

Tip: You can detect it by checking a subdomain's DNS records for CNAME pointers to external tracking domains.

From Quiz: PRIVACY / Web Tracking | Updated: Jun 19, 2026