Frequently Asked Questions (FAQ)
      Back to home
      1. Support Center
      2. Tools and Scans
      3. Frequently Asked Questions (FAQ)

      Interpreting scan statuses

      When scans don’t go as planned: key statuses and their explanations

      When using our platform and tools you will encounter several scan statuses along the way. Scan statuses refers to the state a scan ends with. Even if the desired one would be Finished ,  sometimes you will find several others which might trigger some questions. We will try to cover the available ones, so that you know when and why encounter most of the time. 

      Start error

      This typically indicates either an error on our end while processing the scan or due to a potential outage that occurred when the scan was initiated.

      You can check for any ongoing or past outages here. If no outages are reported, we recommend trying to rescan after a few minutes.

      Timeout

      The duration of a scan varies depending on the tool and its configuration. For instance, a Port Scan covering the entire port range will take significantly longer than one limited to the Top 5000 range. Similarly, fuzzing a URL with a large wordlist will also increase scan time.

      To ensure optimal performance, we’ve implemented a hard limit of 24 hours per tool. While we anticipate most scans to complete well within this timeframe, this limit is in place to maintain consistent performance on our end. Any scans exceeding this time limit will be stopped and marked with the status mentioned above.

      If you want to ensure full coverage—especially for infrastructure scans where, for example, you’d like to examine as many ports as possible to avoid missing anything—you can set a custom scan duration for most scanners. If the scan reaches your specified time limit, it will be marked as finished which can be beneficial for reporting purposes.

       Aborted

      These issues are typically associated with periods of high demand on our infrastructure. We recommend restarting the scan or, even better, scheduling your scans in advance for a smoother experience.

       VPN Error

      This indicates a problem with the VPN tunnel and/or the agent. We recommend checking the agent for any errors and performing a reboot.

      If the issue continues, please reach out to us by submitting a support ticket.

      Connection Error

      Depending on when the error occurs, there are several possible scenarios:

      1. If the error occurs at the beginning of the scan:

        This indicates that during the accessibility check (performed from our servers in the UK), we were unable to get the target web server to respond to our requests. In this case, whitelisting our IPs would be the recommended solution.

      2. If the error occurs during the scan:

        This means the initial accessibility check was successful, but the scan failed due to the server either responding very slowly to our requests or stopping altogether. If too many consecutive 400–500 error codes are received, our scanner will automatically stop its activity. This behavior could also be triggered by factors such as firewalls, web application firewalls (WAFs), load balancers, or similar systems.

      While we provide a dynamic requests-per-second parameter, we recommend starting with a lower value by using a Custom Scan. Note: Lowering the requests-per-second parameter will increase the duration of the scan.

      Authentication Error

      Our Website Scanner supports various authentication methods that allow you to scan as an authenticated user. This enhances your access to web app resources, potentially uncovering more vulnerabilities, that is, if you aim to run a grey-box scenario.

      However, during these tests, if authentication was tested prior to starting the scan, the process may end with the above error. In such cases, we recommend raising a support ticket so we can assist you with the issue. For the Recorded Authentication method, we also suggest attaching the Selenium file.

      Skipped

      Typically used for our Robots feature, this status will only appear when a specific tool block does not receive the proper input, preventing it from running and causing it to be skipped.

      For example, imagine you have a small robot set up to execute the following blocks in this order:

      Subdomain Finder 

      (that will be run on a domain)

      ⬇️

      Filter Block 1

      (e.g., filtering out all the unique IPs that the previously found subdomains resolve to)

      ⬇️

      Port Scanner

      (to scan the unique IPs)

      ⬇️

      Filter Block 2

      (e.g., filtering out ports containing HTTP services)

      ⬇️

      Run Website Scanner

      (on the results, once transformed into URLs)

       

      If the last filter fails to identify any HTTP services, the final tool block (Website Scanner) will be skipped.