RubyGems: Possible Subdomain Takeover at http://production.s3.rubygems.org/ pointing to Fastly

A DNS record was found that was pointing to Fastly, but there was no Fastly service configured for this domain. We removed the record because it was not needed any longer. A subdomain takeover was not possible because although there was no service configured, we do have control of any subdomain o...

Brave Software: Subdomain Takeover of Brave.com

Summary: Hey! I want to inform you about sub domain takeover issue i.e. when I did your DNS enumeration i came across :- Ip Address Target Name ---------- ----------- 151.101.9.7 www.brave.com 151.101.9.7 prod.p.ssl.global.fastly.net 151.101.9.7 prod.p.ssl.global.fastlylb.net Except the first...

Shopify: Subdomain Takeover in http://genghis-cdn.shopify.io/ pointing to Fastly

Hi, I've found a Shopifu cdn domain here which had an instance of fastly setup but did not remove the dns record when the service was cancelled. a subdomain takeover similar to that of https://hackerone.com/reports/32825 could be possible. Vulnerable URL: http://genghis-cdn.shopify.io Page...

Snapchat: Subdomain takeover on http://fastly.sc-cdn.net/

Hey team, I've found a snapchat cdn domain here which had a test instance of fastly setup but did not remove the dns record when the service was cancelled. This allowed me to create a Fastly instance to take it over. I've confirmed this is a snapchat property via Censys...

New Relic: Potential Subdomain Takeover - http://storefront.newrelic.com/

Hi, The subdomain "storefront.newrelic.com" is currently pointing to Fastly, but is not registered to a service. Depending on whether Fastly permits it, a subdomain takeover similar to that of https://hackerone.com/reports/32825 could be possible. If the subdomain is not needed, it's recommended...

WePay: Subdomain Takeover in http://staging.wepay.com/ pointing to Fastly

Hi. One of your subdomain http://staging.wepay.com/ is vulnerable to subdomain takeover. Since if you visit the site, it will be saying "unknown domain" which indicates that there are no currently deployed services set up with the specified domain and attackers can copy that domain in any hosting...