Unexpected HTTP/HTTPS Prefix in Subdomain Enumeration Results
whydee86 opened this issue · comments
Describe the bug
During a routine subdomain enumeration using Subfinder, I encountered an unusual behavior where some of the enumerated subdomains were prefixed with http://
and one with http
, which deviates from the expected format. This issue was observed in a small subset of the results (6 out of 4826 subdomains). Typically, Subfinder outputs subdomains in a plain text format without any protocol prefixes. The unexpected inclusion of http://
and http
in the subdomain names could potentially affect downstream processing or analysis of the enumeration data.
Subfinder version
v2.6.5
Complete command you used to reproduce this
subfinder -d pages.services -all -o bugs.txt
Expected behavior
Subdomains should be listed without any HTTP/HTTPS prefixes, adhering to the format subdomain.domain.com.pages.services,[source]
. For instance:
- info.saubermfg.com.pages.services,[netlas,zoomeyeapi]
- care.weltyhome.org.pages.services,[netlas,zoomeyeapi]
Actual Results
A few subdomains were listed with an unexpected http://
prefix and one with an incorrect http
prefix:
- http://info.saubermfg.com.pages.services,[netlas,zoomeyeapi]
- http://care.weltyhome.org.pages.services,[netlas,zoomeyeapi]
- httpsubdomain.domain.com.pages.services,[rapiddns,zoomeyeapi]
Additional context
This is the first time I've encountered this issue despite using Subfinder for an extended period. The bug only appeared on 6 subdomains out of 4826 in the results, which suggests it might be a rare or conditional occurrence.