Definition of URL

Before diving into the Scan Scope settings it is important to understand how to differentiate URLs. As an example we will use the below URLs;

http://example.com
https://example.com
http://example.com:81
http://test.example.com

All of the above examples are considered to be different URLs, even though they share the same FQDN (Fully Qualified Domain Name). This is because the second one is using a different protocol from the first one (HTTPS), the third one is running on port 81 and the last one is a different subdomain (test.example.com).

 Therefore even if the root domain (example.com) is redirected to www subdomain (www.example.com), you should enter www.example.com to scan that website. If you enter example.com as target URL Netsparker will not send requests  www subdomain since it is out of scope.