These subdomains are listed (publicly) in your DNS entries, and attackers will actively scan for dangling subdomains—ones that point to resources that no longer exist.
