I think the idea was that because this typod domain was being used behind the CDN, you could trick mastercard.com (that uses the CDN) somehow to serve from the hijacked domain that was misconfigured at the CDN.
At least that's my guess, but it's not super clear what attacks would be possible here.
If JavaScript is served from those domains, there may be something interesting. Or if data is submitted to the domains.