We recently changed our scanning model to support scanning hosts in a Content Delivery Network (CDN) environment by DNS name and maintaining separate results for each host even if they resolve to the same IP address. This is supported for vulnerability and compliance scans by DNS name.
For example, let's say the CDN includes site1.test.com, site2.test.com and site3.test.com. These sites have different DNS names but the same IP address. If you launch a scan by DNS name and specify site1.test.com, site2.test.com and site3.test.com as the scan target, we will launch the scan on the 3 separate targets, and you'll get separate scan results for the 3 targets. We will also save separate asset records for each scan target. The asset records will have the same IP address but different DNS names. When a new scan is launched by DNS name, only the appropriate asset record for the corresponding DNS name is updated with the new scan results.
To enable the DNS scanning, you need to enable DNS Tracking by going to Scans > Setup > DNS Tracking. If you scan by DNS hostname, the scan will be done based on DNS. DNS will be resolved to IP and the resolved IP will be DNS tracked irrespective of the earlier tracking defined. For example, if the resolved IP was configured as IP tracked, then after the DNS based scanning the IP will be DNS tracked.
Scans are launched on the IP address of an asset, and we use the authentication records in your account to authenticate to each scan target. Authentication is always used for compliance scans and is used for vulnerability scans when authentication is enabled in your option profile. When you launch a scan on a DNS name for a target behind a load balancer, the scanner will resolve the DNS name to the IP address of the load balancer and attempt authentication to the load balancer. This will not give you proper scan results. For targets behind a load balancer, launch the scan on the IP address instead of the DNS name and ensure you have authentication records for those IPs in your account.