CDN fingerprint detector
Identify the CDN, edge network or hosting platform behind any public URL. The tool fetches the response headers and the DNS records of the domain through the PeopleAreGeek server, then matches the signature against a catalogue of 25+ providers: Cloudflare, Fastly, Akamai, Amazon CloudFront, Google Cloud CDN, Azure Front Door, BunnyCDN, KeyCDN, StackPath, Cloudinary, Imgix, jsDelivr, GitHub Pages, Netlify, Vercel, Shopify, WP Engine, and others. The result tells you who serves the site, with what confidence, and why.
The request is made by the PeopleAreGeek server so CORS does not block it. The URL is not stored or logged after the response is returned.
What a CDN detector tells you about a site
A Content Delivery Network sits between a website and its visitors. It caches static assets close to the user, terminates TLS at the edge, applies firewall rules, and protects the origin against DDoS attacks. The CDN is invisible to the visitor by design, but it leaves fingerprints in the HTTP response headers and in the DNS records: a cf-ray header gives Cloudflare away in one line, an x-served-by with a cache-bos string points to Fastly, a x-amz-cf-id identifies CloudFront, and a CNAME ending in .azureedge.net exposes Azure Front Door. A CDN detector reads all those signals at once and translates them into a single confident answer.
This detector inspects two channels in parallel. Channel one is the HTTP layer: the server runs an HTTP request against the URL and reads every response header that comes back. Channel two is the DNS layer: the server resolves A, AAAA and CNAME records to look for hostnames that map to known CDN ranges. The result is a list of confirmed providers, with the exact evidence that triggered the match. You can use this in vendor due diligence, competitive analysis, troubleshooting, or just to satisfy curiosity about an unfamiliar URL.
How CDN detection actually works
- Normalise the URL. Strip path, query and fragment; keep scheme and hostname; warn on malformed inputs.
- Run an HTTP request via the PeopleAreGeek
/wp-json/peoplearegeek/v1/headersendpoint. Read the full response header set, including non-standard ones likevia,x-served-by,cf-ray,fly-request-id,x-amz-cf-idandx-vercel-id. - Resolve DNS via the
/dnsendpoint for the apex and for thewwwsubdomain when present. Capture A, AAAA and CNAME records. - Match against the catalogue. Each provider has a list of fingerprints: header tokens, response token patterns, CNAME suffixes and IP ranges. The detector marks a provider confirmed when at least one strong signal matches, suspected on weaker signals only, and reports the exact line that triggered the match.
- Summarise. The top provider is shown as the headline result; secondary signals appear under “Evidence” so you can see whether the site sits behind multiple CDNs or is using a CDN-aware platform like Vercel that wraps another network.
Common use cases for a CDN detector
- Vendor due diligence. Before signing with a SaaS supplier, confirm they sit behind a reputable CDN and not on a single origin without protection.
- Performance troubleshooting. Slow page loads from one region can be caused by a misconfigured CDN. Knowing which CDN serves the site is the first step before opening a ticket with the right vendor.
- Competitive teardown. Marketing and engineering teams often want to know which infrastructure a competitor uses. The detector returns the answer in a few seconds.
- Security posture audit. A site without any CDN signal is more exposed to volumetric DDoS. Add this check to your monthly site health review.
- Migration verification. After switching from one CDN to another, confirm the new provider is actually serving traffic and the old DNS record was retired.
- Bug bounty and red team recon. The CDN often determines the available attack surface. Knowing the provider, the rules and the WAF in front of an asset is the first step in a responsible engagement.
Limitations and privacy notes
CDN detection is heuristic. Some providers strip identifying headers on purpose, some self-hosted edge nodes mimic Cloudflare or Akamai, and a few CDNs share infrastructure (for example several enterprise products are built on top of Fastly or CloudFront). When the detector returns “no CDN detected”, it does not always mean the site has no CDN; it can mean the headers are sanitized and the DNS is anonymised. Conversely, a strong header match is reliable: a cf-ray response value, an x-amz-cf-id field or a Vercel x-vercel-id is published by the provider for diagnostic purposes and is hard to forge accidentally.
The HTTP request is issued by the PeopleAreGeek server, not by your browser, so CORS does not block it and your IP is not exposed to the inspected origin. The URL is not stored after the response is returned. The catalogue of fingerprints is shipped with the page and updated when providers change their signatures.
Frequently asked questions
Why does the same site report different CDNs at different times?
Large sites often route different paths through different CDNs: the marketing site through one provider, the API through another, and the assets through a third. The same site can also be in the middle of a migration. Re-run the detector against the specific path you care about and inspect the Evidence tab.
Can a site hide its CDN from this detector?
Yes. Operators who want to anonymise their stack will strip diagnostic headers, use a private CNAME, and front the CDN with their own subdomain. The detector then returns “no signal” and falls back to DNS clues which can also be neutralised.
Is “no CDN detected” the same as “no CDN”?
No. Many small sites genuinely have no CDN, but enterprise sites can have a CDN that is intentionally invisible. Treat “no signal” as inconclusive rather than negative when the site looks otherwise large.
Does the tool detect WAFs and security products?
It detects WAFs that ship with a major CDN (Cloudflare, Akamai, Fastly, AWS WAF). Standalone WAFs without a CDN, or on-premise filters, are not part of the current catalogue.
Why do I sometimes see two CDNs reported as confirmed?
Multi-CDN architectures are common at scale: a site can use Cloudflare for security and Fastly for delivery, or run Cloudflare in front of a CloudFront-backed origin. The Evidence tab shows which signal came from which provider.
Is the URL I inspect logged?
No. The detector forwards the URL to the public REST endpoints of the site only to fetch headers and DNS, and does not log the URL or store the response after the page session ends.
