robots.txt names the entire DotNetNuke internal file tree
war.gov's robots.txt lists every internal DotNetNuke path — `/App_Code/`, `/App_GlobalResources/`, `/Controls/`, `/Utility/`, `/Components/`, `/Providers/`, `/Documentation/`, `/Install/`, `/Admin/`, `/bin/`, plus extensions `*.axd`, `*.exe`, `*.bin`, `*.dll`, `*.ssi`.
Belt-and-suspenders: those paths are *already* blocked at the Akamai edge (see finding `iis-404-fingerprint`), but they’re also explicitly named in robots.txt — which is itself a CMS-fingerprinting tell. Anyone curious learns war.gov runs DotNetNuke just from one HTTP request.
Evidence
Sitemap: /DesktopModules/SiteData/SiteMap.ashx
User-agent: *
Disallow: *captcha*
Disallow: /*Print.aspx
Disallow: /*.axd$
Disallow: /*.exe$
Disallow: /bin/
Disallow: /Bin/
Disallow: /*.bin$
Disallow: /*.dll$
Disallow: /*.ssi$
Disallow: /Error/
Disallow: /Controls/
Disallow: /controls/
Disallow: /Utility/
Disallow: /install/
Disallow: /Admin/
Disallow: /App_Browser/
Disallow: /App_Code/
Disallow: /App_Data/
Disallow: /App_GlobalResources/
Disallow: /Components/
Disallow: /Config/
Disallow: /Documentation/
Disallow: /Install/
Disallow: /Providers/
Note: the sitemap path /DesktopModules/SiteData/SiteMap.ashx is itself the canonical DNN sitemap-handler URL. Also: Disallow: *captcha* implies there’s a CAPTCHA somewhere they’d rather Google didn’t index.
The real sitemap (at the DNN ashx URL) contains 390 entries, with sub-sitemaps like DesktopModules/DVIDSVideoPlayer/SiteMap.ashx?moduleid=581 — module IDs 581, 966, 2435, 2440, 2842 are publicly enumerated.