mc32 parent
Do you know if they are only scanning or reporting the 'www' sites or are they listing the main site even if it's just a single server misconfigured, or subdomain, etc?
Details are sparse, but the text file is literally bare domains and an IP that in my testing is always the A record for domain.blah. I don't think they're even looking at www.domain.blah, let alone actually crawling these sites or otherwise exhausting their domain space.
I suspected as much. It makes this a lot less useful, but, I guess it's more like ringing an alarm than being precise. On the other hand for some sites this might amount to a false alarm if the tested address has no critical service running on it. Mind you they should all be remedied, but some more hurriedly than others.
I think it's particularly misleading because some sites only run redirector services on domain.blah for the purpose of sending you to www.domain.blah.
Yes the problem should still be remedied, but no customer data flows through this service, and the connection would be renegotiated after the redirect on systems that may bear very little resemblance technically.