Expected Findings
- `promo.example.com` CNAMEs to a deleted Heroku app.
- Vendor returns the stock 404 marker that signals the name is claimable.
- DNS records have not been audited since 2023.
DNS Drift
Subdomain Takeover
A marketing subdomain still points at an old Heroku app that has been deleted, leaving the CNAME free to be claimed by anyone.
DNS check
Primary Flows
- DNS check Shows dangling CNAME
- Vendor 404 Heroku no-such-app body
- Asset inventory Other risky records
Signals
DNS
promo.example.com. CNAME old-marketing.herokuapp.com. ; deleted