diff --git a/CHANGELOG b/CHANGELOG
index bcffec4c2..18811d927 100644
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -1,5 +1,8 @@
 # Nmap Changelog ($Id$); -*-text-*-
 
+o [NSE] Reduced the number of names tried by http-vhosts by default.
+  [Vlatko Kosturjak]
+
 o Linux unreachable routes are now properly ignored. [David Fifield]
 
 o [NSE] Added smb-vuln-ms10-054 script which check the target system for MS10-054
diff --git a/nselib/data/vhosts-default.lst b/nselib/data/vhosts-default.lst
new file mode 100644
index 000000000..5988dccd2
--- /dev/null
+++ b/nselib/data/vhosts-default.lst
@@ -0,0 +1,28 @@
+admin
+aptest
+backup
+beta
+cvs
+dev
+devel
+development
+devtest
+ftp
+git
+help
+helpdesk
+home
+info
+intra
+intranet
+mail
+s3
+test
+test1
+test2
+testing
+web
+web2test
+wiki
+www
+www2
diff --git a/nselib/data/vhosts-full.lst b/nselib/data/vhosts-full.lst
new file mode 100644
index 000000000..974afcb26
--- /dev/null
+++ b/nselib/data/vhosts-full.lst
@@ -0,0 +1,405 @@
+
+abbot
+admin
+adserver
+alpha
+api
+aptest
+arch
+artifactory
+assembla
+atd
+athena
+atollon
+attask
+attix
+attix5
+automatedqa
+backend
+backup
+bacula
+badboy
+basecamp
+bazaar
+beta
+bitkeeper
+bkp
+branch
+brightwork
+broadwave
+bromine
+bugtracker
+bugzilla
+build
+businessdriver
+campus
+catchlimited
+ccc
+centraldesktop
+cerebro
+civicrm
+clarizen
+clearcase
+clearquest
+clif
+clockingit
+codebeamer
+codendi
+codesourcery
+codeville
+collabtive
+compuware
+concordion
+conformiq
+cppunit
+crm
+cruisecontrol
+cubictest
+cucumber
+cunit
+cvs
+cvsnt
+darcs
+dartenium
+dcvs
+debbugs
+dev
+devel
+development
+devtest
+dieseltest
+digitaltester
+distract
+dolibarr
+dotproject
+dune
+durable
+duxqa
+dynamics
+easy
+egroupware
+eload
+elvior
+empirix
+endeavour
+enterprise
+epesi
+epesibim
+etester
+eventum
+fasttrack
+feng
+firefly
+flumotion
+flyspray
+fogbugz
+foro
+forum
+fossil
+frankenstein
+freecast
+froglogic
+frontend
+ftp
+functional
+functionaltester
+fwptt
+game
+games
+gamma
+gemini
+geniesys
+genietcms
+genius
+git
+glasscubes
+gnats
+goplan
+grinder
+guitar
+gurock
+hammerhead
+hammerora
+harvest
+helix
+help
+helpdesk
+home
+htmlunit
+httpunit
+huddle
+hudson
+hyperoffice
+icecast
+ikiwiki
+images
+incisif
+inflectra
+info
+informup
+intra
+intranet
+issuenet
+isupport
+it
+itcampus
+jabber
+jadeliquid
+jbehave
+jboss
+jcrawler
+jemmy
+jfunc
+jira
+jite
+jmeter
+jotbug
+journyx
+jtest
+jtrack
+junit
+jwebunit
+kayako
+kforge
+kkoop
+launchpad
+liberum
+libresource
+liquidplanner
+liquidtest
+list
+lista
+listas
+listman
+lists
+loadrunner
+magnetic
+mail
+mailman
+mantis
+mantisbt
+manual
+marathon
+matchware
+maven
+mbt
+media
+mercurial
+mercury
+merlin
+messagemagic
+mingle
+mks
+mksintegrity
+mojo
+monotone
+mvn
+nuevosoft
+objentis
+opengoo
+opengroup
+openload
+openproj
+openqa
+opensta
+openwebload
+optimaltest
+orcanos
+origsoft
+otmgr
+otrs
+passmark
+peercast
+perforce
+performancetester
+phpgroupware
+phprojekt
+phpunit
+pivotal
+pjsip
+planisware
+plastic
+postfix
+practitest
+primavera
+principal
+prod
+project
+projecthq
+projectpier
+projectplace
+projectspaces
+projektron
+projistics
+psnext
+pureagent
+pureload
+puretest
+pylot
+qadirector
+qaliber
+qaload
+qamanager
+qatraq
+qmetry
+qmtest
+qpack
+qtest
+qtronic
+qualify
+quickbase
+quicktest
+quicktestpro
+quotium
+rcs
+realese
+redmine
+remedy
+request
+research
+robot
+roundup
+rth
+s3
+sahi
+salome
+sap
+scarab
+sccs
+seam
+seapine
+search
+selenium
+sendmail
+services
+severa
+sharpforge
+shoutcast
+siebel
+silk
+silkcentral
+silkperformer
+simpletest
+simpletestmanagement
+simpleticket
+simulator
+sipp
+sipr
+smartesoft
+smartload
+smartqm
+smartscript
+smartsheet
+soap
+soapui
+software
+softwareresearch
+sourcesafe
+specflow
+spiceworks
+spiratest
+spring
+squish
+staff
+stage
+stagging
+static
+storytestiq
+streaming
+stub
+sugar
+sugarcrm
+supportworks
+svk
+svn
+synergy
+tag
+team
+teamcenter
+teamware
+teamwork
+teamworkpm
+techexcel
+telerik
+tenrox
+test
+test1
+test2
+testbench
+testcase
+testcomplete
+testdirector
+testdrive
+tester
+testing
+testitools
+testlink
+testlog
+testman
+testmanager
+testmaster
+testmasters
+testopia
+testoptimal
+testpartner
+testrail
+testrun
+testsuite
+testtrack
+testuff
+testup
+testworks
+texttest
+tigris
+tomcat
+tplan
+trac
+track
+tracker
+trackersuite
+tricentis
+trunk
+twist
+ubidesk
+unawave
+unreal
+utest
+vault
+verisium
+vnc
+vncrobot
+vperformer
+vpmi
+vtest
+watin
+watir
+web
+web2project
+web2test
+webaii
+webdriver
+webking
+webload
+webspoc
+wiki
+windmill
+winrunner
+wit
+workbook
+workengine
+worklenz
+workspace
+wowza
+wrike
+ws
+www
+www2
+xhtmlunit
+xml-simulator
+xplanner
+xqual
+xstudio
+youtrack
+zentrack
+zephyr
+zoho
diff --git a/scripts/http-vhosts.nse b/scripts/http-vhosts.nse
index 2e50c406c..63fba80f4 100644
--- a/scripts/http-vhosts.nse
+++ b/scripts/http-vhosts.nse
@@ -3,6 +3,7 @@ local shortport = require "shortport"
 local stdnse = require "stdnse"
 local string = require "string"
 local table = require "table"
+local datafiles = require "datafiles"
 
 description = [[
 Searches for web virtual hostnames by making a large number of HEAD requests against http servers using common hostnames.
@@ -26,6 +27,7 @@ various names of the form <name>.example.com are tried.
 -- etc. If not provided, a guess is made based on the hostname.
 -- @arg http-vhosts.path The path to try to retrieve. Default <code>/</code>.
 -- @arg http-vhosts.collapse The limit to start collapsing results by status code. Default <code>20</code>
+-- @arg http-vhosts.filelist file with the vhosts to try. Default <code>nselib/data/vhosts-default.lst</code>
 
 -- @output
 -- PORT   STATE SERVICE REASON
@@ -59,428 +61,9 @@ license = "Same as Nmap--See http://nmap.org/book/man-legal.html"
 
 categories = { "discovery", "intrusive" }
 
-
--- List of domains to try. (Will become names like example.com,
--- abbot.example.com, admin.example.com, etc.) The list is derived from
--- Wikipedia lists of software with a web interface.
-local HOSTNAMES = {
-  "",
-  "abbot",
-  "admin",
-  "adserver",
-  "alpha",
-  "api",
-  "aptest",
-  "arch",
-  "artifactory",
-  "assembla",
-  "atd",
-  "athena",
-  "atollon",
-  "attask",
-  "attix",
-  "attix5",
-  "automatedqa",
-  "backend",
-  "backup",
-  "bacula",
-  "badboy",
-  "basecamp",
-  "bazaar",
-  "beta",
-  "bitkeeper",
-  "bkp",
-  "branch",
-  "brightwork",
-  "broadwave",
-  "bromine",
-  "bugtracker",
-  "bugzilla",
-  "build",
-  "businessdriver",
-  "campus",
-  "catchlimited",
-  "ccc",
-  "centraldesktop",
-  "cerebro",
-  "civicrm",
-  "clarizen",
-  "clearcase",
-  "clearquest",
-  "clif",
-  "clockingit",
-  "codebeamer",
-  "codendi",
-  "codesourcery",
-  "codeville",
-  "collabtive",
-  "compuware",
-  "concordion",
-  "conformiq",
-  "cppunit",
-  "crm",
-  "cruisecontrol",
-  "cubictest",
-  "cucumber",
-  "cunit",
-  "cvs",
-  "cvsnt",
-  "darcs",
-  "dartenium",
-  "dcvs",
-  "debbugs",
-  "dev",
-  "devel",
-  "development",
-  "devtest",
-  "dieseltest",
-  "digitaltester",
-  "distract",
-  "dolibarr",
-  "dotproject",
-  "dune",
-  "durable",
-  "duxqa",
-  "dynamics",
-  "easy",
-  "egroupware",
-  "eload",
-  "elvior",
-  "empirix",
-  "endeavour",
-  "enterprise",
-  "epesi",
-  "epesibim",
-  "etester",
-  "eventum",
-  "fasttrack",
-  "feng",
-  "firefly",
-  "flumotion",
-  "flyspray",
-  "fogbugz",
-  "foro",
-  "forum",
-  "fossil",
-  "frankenstein",
-  "freecast",
-  "froglogic",
-  "frontend",
-  "ftp",
-  "functional",
-  "functionaltester",
-  "fwptt",
-  "game",
-  "games",
-  "gamma",
-  "gemini",
-  "geniesys",
-  "genietcms",
-  "genius",
-  "git",
-  "glasscubes",
-  "gnats",
-  "goplan",
-  "grinder",
-  "guitar",
-  "gurock",
-  "hammerhead",
-  "hammerora",
-  "harvest",
-  "helix",
-  "help",
-  "helpdesk",
-  "home",
-  "htmlunit",
-  "httpunit",
-  "huddle",
-  "hudson",
-  "hyperoffice",
-  "icecast",
-  "ikiwiki",
-  "images",
-  "incisif",
-  "inflectra",
-  "info",
-  "informup",
-  "intra",
-  "intranet",
-  "issuenet",
-  "isupport",
-  "it",
-  "itcampus",
-  "jabber",
-  "jadeliquid",
-  "jbehave",
-  "jboss",
-  "jcrawler",
-  "jemmy",
-  "jfunc",
-  "jira",
-  "jite",
-  "jmeter",
-  "jotbug",
-  "journyx",
-  "jtest",
-  "jtrack",
-  "junit",
-  "jwebunit",
-  "kayako",
-  "kforge",
-  "kkoop",
-  "launchpad",
-  "liberum",
-  "libresource",
-  "liquidplanner",
-  "liquidtest",
-  "list",
-  "lista",
-  "listas",
-  "listman",
-  "lists",
-  "loadrunner",
-  "magnetic",
-  "mail",
-  "mailman",
-  "mantis",
-  "mantisbt",
-  "manual",
-  "marathon",
-  "matchware",
-  "maven",
-  "mbt",
-  "media",
-  "mercurial",
-  "mercury",
-  "merlin",
-  "messagemagic",
-  "mingle",
-  "mks",
-  "mksintegrity",
-  "mojo",
-  "monotone",
-  "mvn",
-  "nuevosoft",
-  "objentis",
-  "opengoo",
-  "opengroup",
-  "openload",
-  "openproj",
-  "openqa",
-  "opensta",
-  "openwebload",
-  "optimaltest",
-  "orcanos",
-  "origsoft",
-  "otmgr",
-  "otrs",
-  "passmark",
-  "peercast",
-  "perforce",
-  "performancetester",
-  "phpgroupware",
-  "phprojekt",
-  "phpunit",
-  "pivotal",
-  "pjsip",
-  "planisware",
-  "plastic",
-  "postfix",
-  "practitest",
-  "primavera",
-  "principal",
-  "prod",
-  "project",
-  "projecthq",
-  "projectpier",
-  "projectplace",
-  "projectspaces",
-  "projektron",
-  "projistics",
-  "psnext",
-  "pureagent",
-  "pureload",
-  "puretest",
-  "pylot",
-  "qadirector",
-  "qaliber",
-  "qaload",
-  "qamanager",
-  "qatraq",
-  "qmetry",
-  "qmtest",
-  "qpack",
-  "qtest",
-  "qtronic",
-  "qualify",
-  "quickbase",
-  "quicktest",
-  "quicktestpro",
-  "quotium",
-  "rcs",
-  "realese",
-  "redmine",
-  "remedy",
-  "request",
-  "research",
-  "robot",
-  "roundup",
-  "rth",
-  "s3",
-  "sahi",
-  "salome",
-  "sap",
-  "scarab",
-  "sccs",
-  "seam",
-  "seapine",
-  "search",
-  "selenium",
-  "sendmail",
-  "services",
-  "severa",
-  "sharpforge",
-  "shoutcast",
-  "siebel",
-  "silk",
-  "silkcentral",
-  "silkperformer",
-  "simpletest",
-  "simpletestmanagement",
-  "simpleticket",
-  "simulator",
-  "sipp",
-  "sipr",
-  "smartesoft",
-  "smartload",
-  "smartqm",
-  "smartscript",
-  "smartsheet",
-  "soap",
-  "soapui",
-  "software",
-  "softwareresearch",
-  "sourcesafe",
-  "specflow",
-  "spiceworks",
-  "spiratest",
-  "spring",
-  "squish",
-  "staff",
-  "stage",
-  "stagging",
-  "static",
-  "storytestiq",
-  "streaming",
-  "stub",
-  "sugar",
-  "sugarcrm",
-  "supportworks",
-  "svk",
-  "svn",
-  "synergy",
-  "tag",
-  "team",
-  "teamcenter",
-  "teamware",
-  "teamwork",
-  "teamworkpm",
-  "techexcel",
-  "telerik",
-  "tenrox",
-  "test",
-  "test1",
-  "test2",
-  "testbench",
-  "testcase",
-  "testcomplete",
-  "testdirector",
-  "testdrive",
-  "tester",
-  "testing",
-  "testitools",
-  "testlink",
-  "testlog",
-  "testman",
-  "testmanager",
-  "testmaster",
-  "testmasters",
-  "testopia",
-  "testoptimal",
-  "testpartner",
-  "testrail",
-  "testrun",
-  "testsuite",
-  "testtrack",
-  "testuff",
-  "testup",
-  "testworks",
-  "texttest",
-  "tigris",
-  "tomcat",
-  "tplan",
-  "trac",
-  "track",
-  "tracker",
-  "trackersuite",
-  "tricentis",
-  "trunk",
-  "twist",
-  "ubidesk",
-  "unawave",
-  "unreal",
-  "utest",
-  "vault",
-  "verisium",
-  "vnc",
-  "vncrobot",
-  "vperformer",
-  "vpmi",
-  "vtest",
-  "watin",
-  "watir",
-  "web",
-  "web2project",
-  "web2test",
-  "webaii",
-  "webdriver",
-  "webking",
-  "webload",
-  "webspoc",
-  "wiki",
-  "windmill",
-  "winrunner",
-  "wit",
-  "workbook",
-  "workengine",
-  "worklenz",
-  "workspace",
-  "wowza",
-  "wrike",
-  "ws",
-  "www",
-  "www2",
-  "xhtmlunit",
-  "xml-simulator",
-  "xplanner",
-  "xqual",
-  "xstudio",
-  "youtrack",
-  "zentrack",
-  "zephyr",
-  "zoho"
-} 
--- uncomment and modify this for shorter scans
--- local HOSTNAMES = {
---   "",
---   "www",
---   "docs",
---   "images"
--- }
-
 -- Defines domain to use, first from user and then from host
 defineDomain = function(host)
-  if stdnse.get_script_args("http-vhosts.domain") then return stdnse.get_script_args("http-vhosts.domain") end
+  if stdnse.get_script_args(SCRIPT_NAME..".domain") then return stdnse.get_script_args(SCRIPT_NAME..".domain") end
 
   local name = stdnse.get_hostname(host)
   if name and name ~= host.ip then
@@ -517,7 +100,7 @@ end
 -- @return string
 local collapse = function(result) 
   local collapsed = {""}
-  local limit = tonumber(stdnse.get_script_args("http-vhosts.collapse")) or 10
+  local limit = tonumber(stdnse.get_script_args(SCRIPT_NAME..".collapse")) or 10
   for code, group in next, result do
     if  #group > limit then
       collapsed[#collapsed + 1] =  #group .. " names had status " ..  code
@@ -539,9 +122,16 @@ portrule = shortport.http
 action = function(host, port)
   local service = "http"
   local domain = defineDomain(host)
-  local path = stdnse.get_script_args("http-vhosts.path") or "/"
+  local path = stdnse.get_script_args(SCRIPT_NAME..".path") or "/"
   local result = {}
 
+  local filelist = stdnse.get_script_args(SCRIPT_NAME..'filelist')
+  local status, HOSTNAMES = datafiles.parse_file(filelist or "nselib/data/vhosts-default.lst" , {})
+  if not status then
+    stdnse.print_debug(1, "Can not open file with vhosts file names list")
+    return {}
+  end
+
   for _,name in ipairs(HOSTNAMES) do
     local http_response
     local targetname