List of specific sub-domains seen as CNAMEs

[bayotop]

Hi, I wanted to share a list of CNAMEs (or rather just substrings), seen for sub-domains from public BBPs/VDPs on various platforms that might indicate a takeover-able sub-domain. I created the list a few months ago (it might be dated) and never found time to utilize it further so I'm sharing it publicly as it might be helpful to extend what this repository covers:

• .herokudns.com, .herokuapp.com, herokussl.com
• .azurewebsites.net, .cloudapp.net, .azure-api.net, .trafficmanager.net, .azureedge.net, .cloudapp.azure.com
• .cloudfront.net, .s3.amazonaws.com, .awsptr.com, .elasticbeanstalk.com,
• .uservoice.com
• unbouncepages.com
• ghs.google.com, ghs.googlehosted.com, .ghs-ssl.googlehosted.com
• .github.io, www.gitbooks.io
• sendgrid.net
• .feedpress.me
• .fastly.net
• .webflow.io, proxy.webflow.com
• .helpscoutdocs.com
• .readmessl.com
• .desk.com
• .zendesk.com
• .mktoweb.com
• .wordpress.com, .wpengine.com
• .cloudflare.net
• .netlify.com
• .bydiscourse.com
• .netdna-cdn.com
• .pageserve.co
• .pantheonsite.io
• .arlo.co
• .apigee.net
• .pmail5.com
• .cm-hosting.com
• ext-cust.squarespace.com, ext.squarespace.com, www.squarespace6.com
• .locationinsight.com
• .helpsite.io
• saas.moonami.com
• custom.bnc.lt
• .qualtrics.com
• .dotcmscloud.net, .dotcmscloud.com
• .knowledgeowl.com
• .atlashost.eu
• headwayapp.co
• domain.pixieset.com
• cname.bitly.com
• .awmdm.com
• .meteor.com
• .postaffiliatepro.com, na.iso.postaffiliatepro.com
• .copiny.com
• .kxcdn.com
• phs.getpostman.com
• .appdirect.com
• .streamshark.io

The ones below need an approved registration, a demo or similar stuff so it's hard to tell if they are takeover-able or not:

• .ethosce.com
• .custhelp.com
• .onelink-translations.com
• .mashery.com
• .edgesuite.net
• .akadns.net
• .edgekey.net
• akamaiedge.net
• .edgekey-staging.net
• .lldns.net
• .edgecastcdn.net
• centercode.com
• .jivesoftware.com
• .cvent.com
• .covisint.com
• .digitalrivercontent.net
• .akahost.net
• .connectedcommunity.org
• .lithium.com
• .sl.smartling.com
• pfsweb.com
• .bsd.net
• .vovici.net
• .extole.com
• .ent-sessionm.com
• .eloqua.com
• .inscname.net
• insnw.net
• .2o7.net
• .wnmh.net
• .footprint.net
• .llnwd.net
• .cust.socrata.net
• .scrool.se
• .phenompeople.com
• .investis.com
• .skilljar.com
• .imomentous.com
• .cleverbridge.com
• .insnw.net
• sailthru.com
• static.captora.com
• .q4web.com
• .omtrdc.net
• .devzing.com
• .pphosted.com
• .securepromotion.com
• .getbynder.com
• .certain.com
• .certainaws.com
• .eds.com
• .bluetie.com
• .relayware.com
• .yodlee.com
• .mrooms.net
• ssl.cdntwrk.com
• secure.gooddata.com
• .deltacdn.net
• .happyfox.com
• .proformaprostores.com
• .yext-cdn.com
• .edgecastdns.net
• .ecdns.net

Have fun.

[codingo]

@EdOverflow will chat about how to organise this with you over other networks? Seems like there's a variety of approaches that we could take here.

[codingo]

Also thank-you @bayotop, and good work!

[EdOverflow]

@codingo, yep, we will have to figure out how to approach each item.

Thank you for sharing this list, @bayotop.

[codingo]

Most of these are now resolved/check or duplicates of existing content. Closing issue.

[bluedangerforyou]

How to claim ghs?
I tried and said I was Sammy but domain was not taken as I tested another one which said it was taken

[ziak2677]

Hi i saw a error (Web Page Blocked
Access to the web page you were trying to visit has been blocked in accordance with company policy. Please contact your system administrator if you believe this is in error) is it vulnerable?
The CName is pointed to the cloudflare

[skatikitala078]

Hi, Can anyone guide me how to sign up in overvoice.com

It is asking for business email id, But I don't have any business email id.

Could anyone please help me here in creating an uservoice account as I need to test for the subdomain.

Thanks,
Sushmitha

[Tounsi007]

Hi,
How can I do that with apigee.net
Please help