Automated detection, alarming, and removal of subdomain takeovers

What is claimed is: 1. A computer-implemented method comprising: receiving a plurality of canonical name records at a domain name system (DNS) service of a provider network, the DNS service including a subdomain manager; receiving, by a subdomain manager, a request to monitor one or more resources associated with one or more of the canonical name records for subdomain takeover; pinging each resource from the one or more resources; receiving a response from a first resource of the one or more resources, the response including content served by the first resource; sending an application programming interface (API) call to the first resource; receiving a one-time password in response to the API call; determining the one-time password is invalid; and sending a notification indicating that the first resource is invalid using a notification service. 2. The computer-implemented method of claim 1 , further comprising: receiving a response from a second resource associated with a second canonical name record indicating that the second resource does not exist, wherein the response from the second resource is an HTTP 404 error message; and sending a second notification indicating that the second resource does not exist using a notification service. 3. The computer-implemented method of claim 2 , further comprising: before sending the second notification, sending a request to a service monitor to determine a status associated with the second resource; and receiving a status response indicating that a service associated with the second resource is live. 4. A computer-implemented method comprising: receiving, by a subdomain manager, a request to monitor one or more resources associated with one or more canonical name records for subdomain takeover, each canonical name record of the one or more canonical name records comprising a mapping between domain name system (DNS) domain names; periodically scanning each resource from the one or more resources associated with the one or more canonical name records; receiving a response from at least one resource indicating that the at least one resource does not exist or is invalid; and sending a notification indicating that the at least one resource does not exist or is invalid using a notification service. 5. The computer-implemented method of claim 4 , wherein the response from the at least one resource indicating that the at least one resource does not exist is a “not found” error response. 6. The computer-implemented method of claim 4 , further comprising: determining a marker is not included in data received with the response; and generating the notification indicating that the at least one resource is invalid. 7. The computer-implemented method of claim 4 , further comprising: after receiving the response from the at least one resource, sending an application programming interface (API) call to the resource; receiving a one-time password in response to the API call; determining the one time-password is invalid; and generating a notification indicating that the at least one resource is invalid. 8. The computer-implemented method of claim 4 , further comprising: receiving a request to automatically delete a canonical name record associated with at least one resource if the at least one resource is found to no longer exist or if the at least one resource is no longer valid; and updating a record deletion manager to include the at least one resource. 9. The computer-implemented method of claim 8 , further comprising: determining a first resource no longer exists or is no longer valid based on the response received from the first resource; determining the first resource is included in the record deletion manager; and sending a request to a DNS to delete a first canonical name record associated with the first resource. 10. The computer-implemented method of claim 4 , wherein each resource from the one or more resources is scanned at a time interval defined by a user. 11. The computer-implemented method of claim 4 , wherein the one or more canonical name records are a subset of a plurality of canonical name records associated with a user. 12. The computer-implemented method of claim 4 , wherein the notification service includes one or more of an email notification service and a simple message service (SMS) notification service. 13. The computer-implemented method of claim 4 , wherein the subdomain manager is implemented in a domain name system (DNS) service in a provider network. 14. The computer-implemented method of claim 4 , wherein the subdomain manager is implemented in a user's datacenter. 15. A system comprising: a first one or more electronic devices to implement a domain name system (DNS) service; and a second one or more electronic devices to implement a subdomain manager, the subdomain manager including instructions that upon execution cause the subdomain manager to: receive a request to monitor one or more resources associated with one or more canonical name records for subdomain takeover, each canonical name record of the one or more canonical name records comprising a mapping between domain name system (DNS) domain names; periodically scan each resource from the one or more resources; receive a response from at least one resource indicating that the at least one resource does not exist or is invalid; and send a notification indicating that the at least one resource does not exist or is invalid using a notification service. 16. The system of claim 15 , wherein the response from the at least one resource indicating that the at least one resource does not exist is a “not found” error response. 17. The system of claim 15 , wherein the instructions, when executed further cause the subdomain manager to: determine a marker is not included in data received with the response; and generate the notification indicating that the at least one resource is invalid. 18. The system of claim 15 , wherein the instructions, when executed further cause the subdomain manager to: after receiving the response from the at least one resource, send an application programming interface (API) call to the resource; receive a one-time password in response to the API call; determine the one time password is invalid; and generate a notification indicating that the at least one resource is invalid. 19. The system of claim 15 , wherein the instructions, when executed further cause the subdomain manager to: receive a request to automatically delete a canonical name record associated with at least one resource if the at least one resource is found to no longer exist or if the at least one resource is no longer valid; and update a record deletion manager to include the at least one resource. 20. The system of claim 19 , wherein the instructions, when executed further cause the subdomain manager to: determine a first resource no longer exists or is no longer valid based on the response received from the first resource; determine the first resource is included in the record deletion manager; and send a request to a DNS to delete a first canonical name record associated with the first resource.