GSA Bounty: Subdomain Takeover due to unclaimed domain pointing to AWS

Note: I know this is on an out of scope domain, however felt it should still be raised as it was the only subdomain of data.gov to be vulnerable. Issue Details The consultant identified that subdomain https://18f.domains.api.data.gov/ is pointing to dn9rrjaiux2m0.cloudfront.net via a DNS CNAME...