Gratipay's sub domain http://www.gratipay.com.herokudns.com/ points to Heroku but is not in use.
Upon realization of vulnerability, installed and created a Heroku dependencies and application.
Added http://www.gratipay.com.herokudns.com/ to my list of domains through Heroku CLI.
heroku domains:add www.gratipay.com.herokudns.com
After verifying my Heroku account this was easy to point the sub domain to my application.
If the domain is not in use, then it is recommended to point the dns entry away from the third party program.