List of specific sub-domains seen as CNAMEs
bayotop opened this issue · 8 comments
Hi, I wanted to share a list of CNAMEs (or rather just substrings), seen for sub-domains from public BBPs/VDPs on various platforms that might indicate a takeover-able sub-domain. I created the list a few months ago (it might be dated) and never found time to utilize it further so I'm sharing it publicly as it might be helpful to extend what this repository covers:
- .herokudns.com, .herokuapp.com, herokussl.com
- .azurewebsites.net, .cloudapp.net, .azure-api.net, .trafficmanager.net, .azureedge.net, .cloudapp.azure.com
- .cloudfront.net, .s3.amazonaws.com, .awsptr.com, .elasticbeanstalk.com,
- .uservoice.com
- unbouncepages.com
- ghs.google.com, ghs.googlehosted.com, .ghs-ssl.googlehosted.com
- .github.io, www.gitbooks.io
- sendgrid.net
- .feedpress.me
- .fastly.net
- .webflow.io, proxy.webflow.com
- .helpscoutdocs.com
- .readmessl.com
- .desk.com
- .zendesk.com
- .mktoweb.com
- .wordpress.com, .wpengine.com
- .cloudflare.net
- .netlify.com
- .bydiscourse.com
- .netdna-cdn.com
- .pageserve.co
- .pantheonsite.io
- .arlo.co
- .apigee.net
- .pmail5.com
- .cm-hosting.com
- ext-cust.squarespace.com, ext.squarespace.com, www.squarespace6.com
- .locationinsight.com
- .helpsite.io
- saas.moonami.com
- custom.bnc.lt
- .qualtrics.com
- .dotcmscloud.net, .dotcmscloud.com
- .knowledgeowl.com
- .atlashost.eu
- headwayapp.co
- domain.pixieset.com
- cname.bitly.com
- .awmdm.com
- .meteor.com
- .postaffiliatepro.com, na.iso.postaffiliatepro.com
- .copiny.com
- .kxcdn.com
- phs.getpostman.com
- .appdirect.com
- .streamshark.io
The ones below need an approved registration, a demo or similar stuff so it's hard to tell if they are takeover-able or not:
- .ethosce.com
- .custhelp.com
- .onelink-translations.com
- .mashery.com
- .edgesuite.net
- .akadns.net
- .edgekey.net
- akamaiedge.net
- .edgekey-staging.net
- .lldns.net
- .edgecastcdn.net
- centercode.com
- .jivesoftware.com
- .cvent.com
- .covisint.com
- .digitalrivercontent.net
- .akahost.net
- .connectedcommunity.org
- .lithium.com
- .sl.smartling.com
- pfsweb.com
- .bsd.net
- .vovici.net
- .extole.com
- .ent-sessionm.com
- .eloqua.com
- .inscname.net
- insnw.net
- .2o7.net
- .wnmh.net
- .footprint.net
- .llnwd.net
- .cust.socrata.net
- .scrool.se
- .phenompeople.com
- .investis.com
- .skilljar.com
- .imomentous.com
- .cleverbridge.com
- .insnw.net
- sailthru.com
- static.captora.com
- .q4web.com
- .omtrdc.net
- .devzing.com
- .pphosted.com
- .securepromotion.com
- .getbynder.com
- .certain.com
- .certainaws.com
- .eds.com
- .bluetie.com
- .relayware.com
- .yodlee.com
- .mrooms.net
- ssl.cdntwrk.com
- secure.gooddata.com
- .deltacdn.net
- .happyfox.com
- .proformaprostores.com
- .yext-cdn.com
- .edgecastdns.net
- .ecdns.net
Have fun.
@EdOverflow will chat about how to organise this with you over other networks? Seems like there's a variety of approaches that we could take here.
Most of these are now resolved/check or duplicates of existing content. Closing issue.
How to claim ghs?
I tried and said I was Sammy but domain was not taken as I tested another one which said it was taken
Hi i saw a error (Web Page Blocked
Access to the web page you were trying to visit has been blocked in accordance with company policy. Please contact your system administrator if you believe this is in error) is it vulnerable?
The CName is pointed to the cloudflare
Hi, Can anyone guide me how to sign up in overvoice.com
It is asking for business email id, But I don't have any business email id.
Could anyone please help me here in creating an uservoice account as I need to test for the subdomain.
Thanks,
Sushmitha
Hi,
How can I do that with apigee.net
Please help