www.netsparker.com Open in urlscan Pro
52.1.25.52 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://ferruh.mavituna.com/sql-injection-cheatsheet-oku
Effective URL:
https://www.netsparker.com/blog/web-security/sql-injection-cheat-sheet/
Submission: On March 21 via manual (March 21st 2018, 5:25:40 pm UTC) from US

Summary HTTP 34 Redirects Links 11 Behaviour Indicators

Summary

This website contacted 8 IPs in 3 countries across 10 domains to perform 34 HTTP transactions. The main IP is 52.1.25.52, located in Ashburn, United States and belongs to AMAZON-AES - Amazon.com, Inc., US. The main domain is www.netsparker.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on October 27th 2017. Valid for: a year.

This is the only time www.netsparker.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	141.138.194.191 141.138.194.191	35470 (XL-AS) (XL-AS)
24	52.1.25.52 52.1.25.52	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
1	216.58.207.72 216.58.207.72	15169 (GOOGLE) (GOOGLE - Google LLC)
2	159.122.87.148 159.122.87.148	36351 (SOFTLAYER) (SOFTLAYER - SoftLayer Technologies Inc.)
1	52.222.163.159 52.222.163.159	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	104.16.92.193 104.16.92.193	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	216.58.208.40 216.58.208.40	15169 (GOOGLE) (GOOGLE - Google LLC)
1	198.145.13.13 198.145.13.13	2044 (IINET-2044) (IINET-2044 - Infinity Internet)
34	8

1 141.138.194.191 (Netherlands) 1 redirects

ASN35470 (XL-AS, NL)
PTR: vps16447-02.public.cloudvps.com

ferruh.mavituna.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 52.1.25.52 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-1-25-52.compute-1.amazonaws.com

www.netsparker.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.207.72 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s25-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 159.122.87.148 (Frankfurt, Germany)

ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US)
PTR: 94.57.7a9f.ip4.static.sl-reverse.com

dev.visualwebsiteoptimizer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.163.159 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-52-222-163-159.fra54.r.cloudfront.net

d5phz18u4wuww.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.92.193 (San Francisco, United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

static.getclicky.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.208.40 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s12-in-f40.1e100.net

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.145.13.13 (Wilsonville, United States)

ASN2044 (IINET-2044 - Infinity Internet, Inc., US)
PTR: getclicky.com

in.getclicky.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
24	netsparker.com www.netsparker.com	629 KB
2	getclicky.com static.getclicky.com in.getclicky.com	7 KB
2	visualwebsiteoptimizer.com dev.visualwebsiteoptimizer.com	940 B
1	google-analytics.com ssl.google-analytics.com	17 KB
1	cloudfront.net d5phz18u4wuww.cloudfront.net	41 KB
1	googletagmanager.com www.googletagmanager.com	16 KB
1	mavituna.com 1 redirects ferruh.mavituna.com	318 B
0	google.com.ua Failed www.google.com.ua Failed
0	google.com Failed www.google.com Failed
0	googleadservices.com Failed www.googleadservices.com Failed
34	10

	Domain	Requested by
24	www.netsparker.com	www.netsparker.com
2	dev.visualwebsiteoptimizer.com	www.netsparker.com
1	in.getclicky.com	static.getclicky.com
1	ssl.google-analytics.com	www.netsparker.com
1	static.getclicky.com	www.netsparker.com
1	d5phz18u4wuww.cloudfront.net	www.netsparker.com
1	www.googletagmanager.com	www.netsparker.com
1	ferruh.mavituna.com	1 redirects
0	www.google.com.ua Failed	www.netsparker.com
0	www.google.com Failed	www.netsparker.com
0	www.googleadservices.com Failed	www.googletagmanager.com
34	11

This site contains links to these domains. Also see Links.

Domain
twitter.com
msdn2.microsoft.com
ferruh.mavituna.com
facebook.com
plus.google.com
www.linkedin.com
feeds.feedburner.com

Subject Issuer	Validity	Valid
www.netsparker.com Go Daddy Secure Certificate Authority - G2	`2017-10-27` - `2018-12-19`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://www.netsparker.com/blog/web-security/sql-injection-cheat-sheet/
Frame ID: E949D5D829BEE76F68D7B112A3C2859A
Requests: 34 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://ferruh.mavituna.com/sql-injection-cheatsheet-oku HTTP 301
https://www.netsparker.com/blog/web-security/sql-injection-cheat-sheet/ Page URL

Detected technologies

Clicky (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /static\.getclicky\.com/i
env /^clicky$/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
env /^gaGlobal$/i

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

env /^google_tag_manager$/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

env /^jQuery$/i

Page Statistics

34
Requests

71 %
HTTPS

0 %
IPv6

10
Domains

11
Subdomains

8
IPs

3
Countries

710 kB
Transfer

1218 kB
Size

9
Cookies

11 Outgoing links

These are links going to different origins than the main page.

URL: https://twitter.com/netsparker
Title: Follow Us @netsparker

Search URL Search Domain Scan URL

URL: http://msdn2.microsoft.com/en-us/library/ms190312.aspx
Title: http://msdn2.microsoft.com/en-us/library/ms190312.aspx

Search URL Search Domain Scan URL

URL: http://ferruh.mavituna.com/fast-way-to-extract-data-from-error-based-sql-injections-oku/
Title: Fast way to extract data from Error Based SQL Injections

Search URL Search Domain Scan URL

URL: https://twitter.com/share?text=SQL%20Injection%20Cheat%20Sheet%20https%3A%2F%2Fwww.netsparker.com%2Fblog%2Fweb-security%2Fsql-injection-cheat-sheet%2F%20via%20%40Netsparker
Title: Tweet

Search URL Search Domain Scan URL

URL: https://facebook.com/sharer/sharer.php?u=https%3A%2F%2Fwww.netsparker.com%2Fblog%2Fweb-security%2Fsql-injection-cheat-sheet%2F
Title: Share

Search URL Search Domain Scan URL

URL: https://plus.google.com/share?url=https%3A%2F%2Fwww.netsparker.com%2Fblog%2Fweb-security%2Fsql-injection-cheat-sheet%2F
Title: +1

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?mini=true&url=https%3A%2F%2Fwww.netsparker.com%2Fblog%2Fweb-security%2Fsql-injection-cheat-sheet%2F
Title: Share

Search URL Search Domain Scan URL

URL: https://facebook.com/netsparker

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/netsparker-ltd

Search URL Search Domain Scan URL

URL: https://plus.google.com/117335596680718226953/posts

Search URL Search Domain Scan URL

URL: https://feeds.feedburner.com/netsparker

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://ferruh.mavituna.com/sql-injection-cheatsheet-oku HTTP 301
https://www.netsparker.com/blog/web-security/sql-injection-cheat-sheet/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 30

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.1&utms=1&utmn=1044696816&utmhn=www.netsparker.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1585x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=SQL%20Injection%20Cheat%20Sheet%20%7C%20Netsparker&utmhid=1442066204&utmr=-&utmp=%2Fblog%2Fweb-security%2Fsql-injection-cheat-sheet%2F&utmht=1521653130291&utmac=UA-27264250-1&utmcc=__utma%3D265600656.969211566.1521653130.1521653130.1521653130.1%3B%2B__utmz%3D265600656.1521653130.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=236102635&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~ HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-27264250-1&cid=969211566.1521653130&jid=236102635&_v=5.7.1&z=1044696816 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-27264250-1&cid=969211566.1521653130&jid=236102635&_v=5.7.1&z=1044696816

34 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request

Cookie set / Show response
www.netsparker.com/blog/web-security/sql-injection-cheat-sheet/
Redirect Chain

http://ferruh.mavituna.com/sql-injection-cheatsheet-oku
https://www.netsparker.com/blog/web-security/sql-injection-cheat-sheet/

67 KB
24 KB

766ms
414ms

Document
text/html

52.1.25.52
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://www.netsparker.com/blog/web-security/sql-injection-cheat-sheet/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

52.1.25.52 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-52-1-25-52.compute-1.amazonaws.com

Software

Resource Hash

0b45369646f2b6e7d4b5bbfa4e7bcf757fd816af7d5cd862d4bd6b400f696004

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-eval' ssl.google-analytics.com static.getclicky.com in.getclicky.com .twitter.com .twimg.com .googletagmanager.com dev.visualwebsiteoptimizer.com heatmap.visualwebsiteoptimizer.com 'unsafe-inline' .visualwebsiteoptimizer.com app.vwo.com d5phz18u4wuww.cloudfront.net; style-src 'self' .twimg.com .twitter.com .googleapis.com app.vwo.com 'unsafe-inline'; frame-src .youtube.com .youtube-nocookie.com www.slideshare.net app.vwo.com .googletagmanager.com; font-src 'self' .gstatic.com app.vwo.com; img-src 'self' ssl.google-analytics.com stats.g.doubleclick.net .twitter.com .twimg.com data: .visualwebsiteoptimizer.com .googleapis.com .google.com.tr *.google.com; object-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.netsparker.com
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Cache-Control: no-cache
Connection: keep-alive
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-eval' ssl.google-analytics.com static.getclicky.com in.getclicky.com *.twitter.com *.twimg.com *.googletagmanager.com dev.visualwebsiteoptimizer.com heatmap.visualwebsiteoptimizer.com 'unsafe-inline' *.visualwebsiteoptimizer.com app.vwo.com d5phz18u4wuww.cloudfront.net; style-src 'self' *.twimg.com *.twitter.com *.googleapis.com app.vwo.com 'unsafe-inline'; frame-src *.youtube.com *.youtube-nocookie.com www.slideshare.net app.vwo.com *.googletagmanager.com; font-src 'self' *.gstatic.com app.vwo.com; img-src 'self' ssl.google-analytics.com stats.g.doubleclick.net *.twitter.com *.twimg.com data: *.visualwebsiteoptimizer.com *.googleapis.com *.google.com.tr *.google.com; object-src 'self'
Content-Encoding: gzip
Referrer-Policy: no-referrer
Date: Wed, 21 Mar 2018 17:25:18 GMT
Expect-CT: max-age=30,report-uri="https://www.netsparker.com/report-ct/"
X-Frame-Options: DENY
Content-Type: text/html; charset=utf-8
Set-Cookie: msluuid=10556e6ae8824340965e7ab91526ffd3; expires=Sat, 21-Mar-2020 17:25:18 GMT; path=/; secure; HttpOnly
X-XSS-Protection: 1; mode=block
Cache-Control: private
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Vary: Accept-Encoding
Content-Length: 23740
X-Content-Type-Options: nosniff

Redirect headers

Date: Wed, 21 Mar 2018 17:25:28 GMT
Server: Microsoft-IIS/7.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: text/html; charset=utf-8
Location: https://www.netsparker.com/blog/web-security/sql-injection-cheat-sheet/
Cache-Control: private
Content-Length: 188

GET
H/1.1 200
OK css
www.netsparker.com/Content/ 145 KB
35 KB 135ms
111ms Stylesheet
text/css 52.1.25.52
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://www.netsparker.com/Content/css?v=BprOBddhV0Dgbh5-gwf4xOe62fcg2OSffBfulaX8V-Y1

Requested by

Host: www.netsparker.com
URL: https://www.netsparker.com/blog/web-security/sql-injection-cheat-sheet/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

52.1.25.52 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-52-1-25-52.compute-1.amazonaws.com

Software

Resource Hash

e204ff85b6c51aecbcf84bf9d8cb2631975d5862d75e8d8cffe26ba0fe0f914d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-eval' ssl.google-analytics.com static.getclicky.com in.getclicky.com; style-src 'self'; frame-src .youtube.com .youtube-nocookie.com; font-src 'self'; img-src 'self' ssl.google-analytics.com stats.g.doubleclick.net; object-src 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.netsparker.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Cookie: msluuid=10556e6ae8824340965e7ab91526ffd3
Connection: keep-alive
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-eval' ssl.google-analytics.com static.getclicky.com in.getclicky.com; style-src 'self'; frame-src *.youtube.com *.youtube-nocookie.com; font-src 'self'; img-src 'self' ssl.google-analytics.com stats.g.doubleclick.net; object-src 'self';
Content-Encoding: gzip
Referrer-Policy: no-referrer
Last-Modified: Wed, 21 Mar 2018 17:25:18 GMT
Date: Wed, 21 Mar 2018 17:25:18 GMT
Expect-CT: max-age=30,report-uri="https://www.netsparker.com/report-ct/"
X-Frame-Options: DENY
Content-Type: text/css; charset=utf-8
X-XSS-Protection: 1; mode=block
Cache-Control: public
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Vary: User-Agent,Accept-Encoding
Content-Length: 35278
X-Content-Type-Options: nosniff
Expires: Thu, 21 Mar 2019 17:25:18 GMT

GET
H/1.1 200
OK custom.css
www.netsparker.com/statics/css/ 176 KB
31 KB 397ms
195ms Stylesheet
text/css 52.1.25.52
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://www.netsparker.com/statics/css/custom.css?v=8A187363755F32A30C66915447A116E7

Requested by

Host: www.netsparker.com
URL: https://www.netsparker.com/blog/web-security/sql-injection-cheat-sheet/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

52.1.25.52 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-52-1-25-52.compute-1.amazonaws.com

Software

Resource Hash

aa2def052c54cf40ca37cbd3508f24b1aba7ae41efbf37c76bc1ab887ae637d9

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-eval' ssl.google-analytics.com static.getclicky.com in.getclicky.com; style-src 'self'; frame-src .youtube.com .youtube-nocookie.com; font-src 'self'; img-src 'self' ssl.google-analytics.com stats.g.doubleclick.net; object-src 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.netsparker.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Cookie: msluuid=10556e6ae8824340965e7ab91526ffd3
Connection: keep-alive
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-eval' ssl.google-analytics.com static.getclicky.com in.getclicky.com; style-src 'self'; frame-src *.youtube.com *.youtube-nocookie.com; font-src 'self'; img-src 'self' ssl.google-analytics.com stats.g.doubleclick.net; object-src 'self';
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Content-Length: 31247
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer
Last-Modified: Tue, 20 Mar 2018 08:38:26 GMT
X-Frame-Options: DENY
Date: Wed, 21 Mar 2018 17:25:18 GMT
Expect-CT: max-age=30,report-uri="https://www.netsparker.com/report-ct/"
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: text/css
Cache-Control: max-age=31536000
ETag: "0ed4ed026c0d31:0"
Accept-Ranges: bytes

GET
H/1.1 200
OK scroll.css
www.netsparker.com/statics/css/ 195 B
1 KB 301ms
97ms Stylesheet
text/css 52.1.25.52
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://www.netsparker.com/statics/css/scroll.css?v=5E2C57971A41CE7293DFF8DBE3E9FFD9

Requested by

Host: www.netsparker.com
URL: https://www.netsparker.com/blog/web-security/sql-injection-cheat-sheet/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

52.1.25.52 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-52-1-25-52.compute-1.amazonaws.com

Software

Resource Hash

412b6e7438cfd59c9003008f2278311a61026a5f077d41ae61b105c2aab15100

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-eval' ssl.google-analytics.com static.getclicky.com in.getclicky.com; style-src 'self'; frame-src .youtube.com .youtube-nocookie.com; font-src 'self'; img-src 'self' ssl.google-analytics.com stats.g.doubleclick.net; object-src 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.netsparker.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Cookie: msluuid=10556e6ae8824340965e7ab91526ffd3
Connection: keep-alive
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-eval' ssl.google-analytics.com static.getclicky.com in.getclicky.com; style-src 'self'; frame-src *.youtube.com *.youtube-nocookie.com; font-src 'self'; img-src 'self' ssl.google-analytics.com stats.g.doubleclick.net; object-src 'self';
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Content-Length: 228
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer
Last-Modified: Thu, 05 Jan 2017 11:48:30 GMT
X-Frame-Options: DENY
Date: Wed, 21 Mar 2018 17:25:18 GMT
Expect-CT: max-age=30,report-uri="https://www.netsparker.com/report-ct/"
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: text/css
Cache-Control: max-age=31536000
ETag: "46e2aba24967d21:0"
Accept-Ranges: bytes

GET
H/1.1 200
OK SQL-Cheat-Sheet.jpg
www.netsparker.com/statics/img/blogposts/ 19 KB
20 KB 111ms
110ms Image
image/jpeg 52.1.25.52
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.netsparker.com/statics/img/blogposts/SQL-Cheat-Sheet.jpg

Requested by

Host: www.netsparker.com
URL: https://www.netsparker.com/blog/web-security/sql-injection-cheat-sheet/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

52.1.25.52 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-52-1-25-52.compute-1.amazonaws.com

Software

Resource Hash

a06f4e6d9f9f6b06cfa706d0b0edf785c1b832a6e2f2bbd3d689d8b6d778cfad

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-eval' ssl.google-analytics.com static.getclicky.com in.getclicky.com; style-src 'self'; frame-src .youtube.com .youtube-nocookie.com; font-src 'self'; img-src 'self' ssl.google-analytics.com stats.g.doubleclick.net; object-src 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.netsparker.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Cache-Control: no-cache
Cookie: msluuid=10556e6ae8824340965e7ab91526ffd3; _vwo_uuid_v2=D22B80E0A9690AD00299C3888E6E15E52|9fde861c25114682bbf5b7f36fc60415; _vis_opt_s=1%7C; _vis_opt_test_cookie=1
Connection: keep-alive
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-eval' ssl.google-analytics.com static.getclicky.com in.getclicky.com; style-src 'self'; frame-src *.youtube.com *.youtube-nocookie.com; font-src 'self'; img-src 'self' ssl.google-analytics.com stats.g.doubleclick.net; object-src 'self';
Referrer-Policy: no-referrer
Last-Modified: Wed, 01 Mar 2017 06:53:11 GMT
ETag: "fd23be7d5892d21:0"
Expect-CT: max-age=30,report-uri="https://www.netsparker.com/report-ct/"
X-Frame-Options: DENY
Content-Type: image/jpeg
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=31536000
Date: Wed, 21 Mar 2018 17:25:19 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Accept-Ranges: bytes
Content-Length: 19813
X-Content-Type-Options: nosniff

GET
S 200 gtm.js Show response
www.googletagmanager.com/ 40 KB
16 KB 16ms
15ms Script
application/javascript 216.58.207.72
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-M7R7MXJ

Requested by

Host: www.netsparker.com
URL: https://www.netsparker.com/blog/web-security/sql-injection-cheat-sheet/

Protocol

SPDY

Server

216.58.207.72 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s25-in-f8.1e100.net

Software

Google Tag Manager (scaffolding) /

Resource Hash

e100053af9971f9dc1e7e9856883b9ec518c0035fb98a647a38209d2342c1f0c

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Wed, 21 Mar 2018 17:25:29 GMT
content-encoding: gzip
server: Google Tag Manager (scaffolding)
access-control-allow-headers: Cache-Control
status: 200
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: http://www.googletagmanager.com
cache-control: private, max-age=900
access-control-allow-credentials: true
alt-svc: hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="41,39,35"
content-length: 15901
x-xss-protection: 1; mode=block
expires: Wed, 21 Mar 2018 17:25:29 GMT

GET
S 200 js_visitor_settings.php Show response
dev.visualwebsiteoptimizer.com/deploy/ 909 B
702 B 13ms
13ms Script
application/javascript 159.122.87.148
SoftLayer Technol...

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/deploy/js_visitor_settings.php?v=1&a=301870&url=https%3A%2F%2Fwww.netsparker.com%2Fblog%2Fweb-security%2Fsql-injection-cheat-sheet%2F&random=0.38905510690158995
Requested by: Host: www.netsparker.com
URL: https://www.netsparker.com/blog/web-security/sql-injection-cheat-sheet/
Protocol: SPDY
Server: 159.122.87.148 Frankfurt, Germany, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),
Reverse DNS: 94.57.7a9f.ip4.static.sl-reverse.com
Software: fra1dacdn /
Resource Hash: 6af54454a62eb95353d1e5b19995faa9027d47d21c55f7730ee75d9637c1807b

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

status: 200
date: Wed, 21 Mar 2018 17:25:28 GMT
content-encoding: gzip
server: fra1dacdn
content-type: application/javascript; charset=UTF-8

GET
S 200 v.gif
dev.visualwebsiteoptimizer.com/ 35 B
238 B 14ms
13ms Image
image/gif 159.122.87.148
SoftLayer Technol...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dev.visualwebsiteoptimizer.com/v.gif?a=301870&d=netsparker.com&u=D22B80E0A9690AD00299C3888E6E15E52&h=9fde861c25114682bbf5b7f36fc60415&r=0.2108051308251282

Requested by

Host: www.netsparker.com
URL: https://www.netsparker.com/blog/web-security/sql-injection-cheat-sheet/

Protocol

SPDY

Server

159.122.87.148 Frankfurt, Germany, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),

Reverse DNS

94.57.7a9f.ip4.static.sl-reverse.com

Software

fra1dacdn /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Mar 2018 17:25:28 GMT
x-content-type-options: nosniff
server: fra1dacdn
content-type: image/gif
status: 200
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length: 35
expires: Mon, 10 Jan 2005 00:00:01 GMT

GET
H/1.1 200
OK vis_opt.js Show response
d5phz18u4wuww.cloudfront.net/ 119 KB
41 KB 352ms
25ms Script
text/javascript 52.222.163.159
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://d5phz18u4wuww.cloudfront.net/vis_opt.js
Requested by: Host: www.netsparker.com
URL: https://www.netsparker.com/blog/web-security/sql-injection-cheat-sheet/
Protocol: HTTP/1.1
Server: 52.222.163.159 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-52-222-163-159.fra54.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b8aced65acad8ed274ab77740780520d7bfa0d78b04e29c5fab3b89ab5fced

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Tue, 31 Oct 2017 02:24:43 GMT
Content-Encoding: gzip
Last-Modified: Mon, 23 Oct 2017 12:19:50 GMT
Server: AmazonS3
Age: 1855
ETag: "093ee92623aa7fd24d2eca604d445a6d"
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Via: 1.1 b454a0b154ae18408006bc2a9abd88ec.cloudfront.net (CloudFront)
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 41572
X-Amz-Cf-Id: hR_2tsjUs1xYam31ZLs79Hn_MYNSx6xp5wixd5WJ-XdprPzqBQVpew==

GET
H/1.1 200
OK 340x395_4.png
www.netsparker.com/statics/img/promo/ 73 KB
74 KB 270ms
99ms Image
image/png 52.1.25.52
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.netsparker.com/statics/img/promo/340x395_4.png

Requested by

Host: www.netsparker.com
URL: https://www.netsparker.com/blog/web-security/sql-injection-cheat-sheet/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

52.1.25.52 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-52-1-25-52.compute-1.amazonaws.com

Software

Resource Hash

217be4f010e3cbbeacf7112c6075e51147cf8188b593a4a8d3e359654cf22d86

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-eval' ssl.google-analytics.com static.getclicky.com in.getclicky.com; style-src 'self'; frame-src .youtube.com .youtube-nocookie.com; font-src 'self'; img-src 'self' ssl.google-analytics.com stats.g.doubleclick.net; object-src 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.netsparker.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Cache-Control: no-cache
Cookie: msluuid=10556e6ae8824340965e7ab91526ffd3; _vwo_uuid_v2=D22B80E0A9690AD00299C3888E6E15E52|9fde861c25114682bbf5b7f36fc60415; _vis_opt_s=1%7C; _vis_opt_test_cookie=1
Connection: keep-alive
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-eval' ssl.google-analytics.com static.getclicky.com in.getclicky.com; style-src 'self'; frame-src *.youtube.com *.youtube-nocookie.com; font-src 'self'; img-src 'self' ssl.google-analytics.com stats.g.doubleclick.net; object-src 'self';
Referrer-Policy: no-referrer
Last-Modified: Thu, 04 Jan 2018 13:01:35 GMT
ETag: "995890265c85d31:0"
Expect-CT: max-age=30,report-uri="https://www.netsparker.com/report-ct/"
X-Frame-Options: DENY
Content-Type: image/png
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=31536000
Date: Wed, 21 Mar 2018 17:25:19 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Accept-Ranges: bytes
Content-Length: 75008
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK ns-logo-transparent_bw.png
www.netsparker.com/statics/img/ 12 KB
13 KB 98ms
98ms Image
image/png 52.1.25.52
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.netsparker.com/statics/img/ns-logo-transparent_bw.png

Requested by

Host: www.netsparker.com
URL: https://www.netsparker.com/blog/web-security/sql-injection-cheat-sheet/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

52.1.25.52 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-52-1-25-52.compute-1.amazonaws.com

Software

Resource Hash

ec3b87d0da6e5ab58f6b66123297767c96dc8d45870f5ad682282a2ad993f277

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-eval' ssl.google-analytics.com static.getclicky.com in.getclicky.com; style-src 'self'; frame-src .youtube.com .youtube-nocookie.com; font-src 'self'; img-src 'self' ssl.google-analytics.com stats.g.doubleclick.net; object-src 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.netsparker.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Cache-Control: no-cache
Cookie: msluuid=10556e6ae8824340965e7ab91526ffd3; _vwo_uuid_v2=D22B80E0A9690AD00299C3888E6E15E52|9fde861c25114682bbf5b7f36fc60415; _vis_opt_s=1%7C; _vis_opt_test_cookie=1
Connection: keep-alive
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-eval' ssl.google-analytics.com static.getclicky.com in.getclicky.com; style-src 'self'; frame-src *.youtube.com *.youtube-nocookie.com; font-src 'self'; img-src 'self' ssl.google-analytics.com stats.g.doubleclick.net; object-src 'self';
Referrer-Policy: no-referrer
Last-Modified: Mon, 12 Dec 2016 12:13:42 GMT
ETag: "3e9ae12d7154d21:0"
Expect-CT: max-age=30,report-uri="https://www.netsparker.com/report-ct/"
X-Frame-Options: DENY
Content-Type: image/png
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=31536000
Date: Wed, 21 Mar 2018 17:25:19 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Accept-Ranges: bytes
Content-Length: 12261
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK blank.png
www.netsparker.com/statics/img/ 119 B
923 B 98ms
97ms Image
image/png 52.1.25.52
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.netsparker.com/statics/img/blank.png

Requested by

Host: www.netsparker.com
URL: https://www.netsparker.com/blog/web-security/sql-injection-cheat-sheet/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

52.1.25.52 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-52-1-25-52.compute-1.amazonaws.com

Software

Resource Hash

dd594f89e8f8adf17ef1fb7ceb79e784691a2e09968189f11c0afdf91d4e1f76

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-eval' ssl.google-analytics.com static.getclicky.com in.getclicky.com; style-src 'self'; frame-src .youtube.com .youtube-nocookie.com; font-src 'self'; img-src 'self' ssl.google-analytics.com stats.g.doubleclick.net; object-src 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.netsparker.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Cache-Control: no-cache
Cookie: msluuid=10556e6ae8824340965e7ab91526ffd3; _vwo_uuid_v2=D22B80E0A9690AD00299C3888E6E15E52|9fde861c25114682bbf5b7f36fc60415; _vis_opt_s=1%7C; _vis_opt_test_cookie=1
Connection: keep-alive
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-eval' ssl.google-analytics.com static.getclicky.com in.getclicky.com; style-src 'self'; frame-src *.youtube.com *.youtube-nocookie.com; font-src 'self'; img-src 'self' ssl.google-analytics.com stats.g.doubleclick.net; object-src 'self';
Referrer-Policy: no-referrer
Last-Modified: Thu, 02 Mar 2017 07:02:32 GMT
ETag: "24da0f72293d21:0"
Expect-CT: max-age=30,report-uri="https://www.netsparker.com/report-ct/"
X-Frame-Options: DENY
Content-Type: image/png
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=31536000
Date: Wed, 21 Mar 2018 17:25:19 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Accept-Ranges: bytes
Content-Length: 119
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK jquery Show response
www.netsparker.com/bundles/ 93 KB
43 KB 198ms
198ms Script
text/javascript 52.1.25.52
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://www.netsparker.com/bundles/jquery?v=EQ6ByoJJ4m_CEpdqicprkSMFqeUbTOmdS136TUOhgKk1

Requested by

Host: www.netsparker.com
URL: https://www.netsparker.com/blog/web-security/sql-injection-cheat-sheet/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

52.1.25.52 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-52-1-25-52.compute-1.amazonaws.com

Software

Resource Hash

4f354401643b335b5e35876f03fd9356f0b920c02e1033d9bbf093661ee2d19b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-eval' ssl.google-analytics.com static.getclicky.com in.getclicky.com; style-src 'self'; frame-src .youtube.com .youtube-nocookie.com; font-src 'self'; img-src 'self' ssl.google-analytics.com stats.g.doubleclick.net; object-src 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.netsparker.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept: */*
Cache-Control: no-cache
Cookie: msluuid=10556e6ae8824340965e7ab91526ffd3; _vwo_uuid_v2=D22B80E0A9690AD00299C3888E6E15E52|9fde861c25114682bbf5b7f36fc60415
Connection: keep-alive
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-eval' ssl.google-analytics.com static.getclicky.com in.getclicky.com; style-src 'self'; frame-src *.youtube.com *.youtube-nocookie.com; font-src 'self'; img-src 'self' ssl.google-analytics.com stats.g.doubleclick.net; object-src 'self';
Content-Encoding: gzip
Referrer-Policy: no-referrer
Last-Modified: Wed, 21 Mar 2018 17:25:19 GMT
Date: Wed, 21 Mar 2018 17:25:18 GMT
Expect-CT: max-age=30,report-uri="https://www.netsparker.com/report-ct/"
X-Frame-Options: DENY
Content-Type: text/javascript; charset=utf-8
X-XSS-Protection: 1; mode=block
Cache-Control: public
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Vary: User-Agent,Accept-Encoding
Content-Length: 42694
X-Content-Type-Options: nosniff
Expires: Thu, 21 Mar 2019 17:25:19 GMT

GET
H/1.1 200
OK bootstrap Show response
www.netsparker.com/bundles/ 40 KB
15 KB 101ms
99ms Script
text/javascript 52.1.25.52
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://www.netsparker.com/bundles/bootstrap?v=-ktyuuYVm8reiCqek-REkH9kFQQZ53F1Ay-TXz9RIew1

Requested by

Host: www.netsparker.com
URL: https://www.netsparker.com/blog/web-security/sql-injection-cheat-sheet/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

52.1.25.52 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-52-1-25-52.compute-1.amazonaws.com

Software

Resource Hash

e5840bc1fc5ecf2ce08305f4eddf2fd9444ac3a2d79e541ae6775a6011ac4531

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-eval' ssl.google-analytics.com static.getclicky.com in.getclicky.com; style-src 'self'; frame-src .youtube.com .youtube-nocookie.com; font-src 'self'; img-src 'self' ssl.google-analytics.com stats.g.doubleclick.net; object-src 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.netsparker.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept: */*
Cache-Control: no-cache
Cookie: msluuid=10556e6ae8824340965e7ab91526ffd3; _vwo_uuid_v2=D22B80E0A9690AD00299C3888E6E15E52|9fde861c25114682bbf5b7f36fc60415; _vis_opt_s=1%7C; _vis_opt_test_cookie=1
Connection: keep-alive
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-eval' ssl.google-analytics.com static.getclicky.com in.getclicky.com; style-src 'self'; frame-src *.youtube.com *.youtube-nocookie.com; font-src 'self'; img-src 'self' ssl.google-analytics.com stats.g.doubleclick.net; object-src 'self';
Content-Encoding: gzip
Referrer-Policy: no-referrer
Last-Modified: Wed, 21 Mar 2018 17:25:19 GMT
Date: Wed, 21 Mar 2018 17:25:18 GMT
Expect-CT: max-age=30,report-uri="https://www.netsparker.com/report-ct/"
X-Frame-Options: DENY
Content-Type: text/javascript; charset=utf-8
X-XSS-Protection: 1; mode=block
Cache-Control: public
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Vary: User-Agent,Accept-Encoding
Content-Length: 14999
X-Content-Type-Options: nosniff
Expires: Thu, 21 Mar 2019 17:25:19 GMT

GET
H/1.1 200
OK jquery.cookieBar.js Show response
www.netsparker.com/statics/js/ 2 KB
2 KB 108ms
107ms Script
application/javascript 52.1.25.52
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://www.netsparker.com/statics/js/jquery.cookieBar.js?v=F5646639-10FD-45C2-9F6A-E06F11BB5FBE

Requested by

Host: www.netsparker.com
URL: https://www.netsparker.com/blog/web-security/sql-injection-cheat-sheet/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

52.1.25.52 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-52-1-25-52.compute-1.amazonaws.com

Software

Resource Hash

3b09dfdbde64828f5eb97ac2c7902a34b691b46c0f453c9d78e073ab1fde338c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-eval' ssl.google-analytics.com static.getclicky.com in.getclicky.com; style-src 'self'; frame-src .youtube.com .youtube-nocookie.com; font-src 'self'; img-src 'self' ssl.google-analytics.com stats.g.doubleclick.net; object-src 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.netsparker.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept: */*
Cache-Control: no-cache
Cookie: msluuid=10556e6ae8824340965e7ab91526ffd3; _vwo_uuid_v2=D22B80E0A9690AD00299C3888E6E15E52|9fde861c25114682bbf5b7f36fc60415; _vis_opt_s=1%7C; _vis_opt_test_cookie=1
Connection: keep-alive
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-eval' ssl.google-analytics.com static.getclicky.com in.getclicky.com; style-src 'self'; frame-src *.youtube.com *.youtube-nocookie.com; font-src 'self'; img-src 'self' ssl.google-analytics.com stats.g.doubleclick.net; object-src 'self';
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Content-Length: 1279
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer
Last-Modified: Fri, 02 Dec 2016 12:24:16 GMT
X-Frame-Options: DENY
Date: Wed, 21 Mar 2018 17:25:18 GMT
Expect-CT: max-age=30,report-uri="https://www.netsparker.com/report-ct/"
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: application/javascript
Cache-Control: max-age=31536000
ETag: "6ae7d2ff964cd21:0"
Accept-Ranges: bytes

GET
H/1.1 200
OK custom.js Show response
www.netsparker.com/statics/js/ 9 KB
4 KB 99ms
98ms Script
application/javascript 52.1.25.52
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://www.netsparker.com/statics/js/custom.js?v=8927C055A93DC7AD5C3AF3CBC75668E0

Requested by

Host: www.netsparker.com
URL: https://www.netsparker.com/blog/web-security/sql-injection-cheat-sheet/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

52.1.25.52 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-52-1-25-52.compute-1.amazonaws.com

Software

Resource Hash

a970906b907e2e4a10be4c8b231e60d81d8cc929bd4142df381eb81d1f53460e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-eval' ssl.google-analytics.com static.getclicky.com in.getclicky.com; style-src 'self'; frame-src .youtube.com .youtube-nocookie.com; font-src 'self'; img-src 'self' ssl.google-analytics.com stats.g.doubleclick.net; object-src 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.netsparker.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept: */*
Cache-Control: no-cache
Cookie: msluuid=10556e6ae8824340965e7ab91526ffd3; _vwo_uuid_v2=D22B80E0A9690AD00299C3888E6E15E52|9fde861c25114682bbf5b7f36fc60415; _vis_opt_s=1%7C; _vis_opt_test_cookie=1
Connection: keep-alive
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-eval' ssl.google-analytics.com static.getclicky.com in.getclicky.com; style-src 'self'; frame-src *.youtube.com *.youtube-nocookie.com; font-src 'self'; img-src 'self' ssl.google-analytics.com stats.g.doubleclick.net; object-src 'self';
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Content-Length: 2758
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer
Last-Modified: Tue, 26 Dec 2017 12:53:17 GMT
X-Frame-Options: DENY
Date: Wed, 21 Mar 2018 17:25:18 GMT
Expect-CT: max-age=30,report-uri="https://www.netsparker.com/report-ct/"
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: application/javascript
Cache-Control: max-age=31536000
ETag: "805cc17f487ed31:0"
Accept-Ranges: bytes

GET
H/1.1 200
OK clicky.js Show response
www.netsparker.com/statics/js/ 408 B
1 KB 476ms
97ms Script
application/javascript 52.1.25.52
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://www.netsparker.com/statics/js/clicky.js?v=962B8504FB3228FB5E79AB778AF4D8E8

Requested by

Host: www.netsparker.com
URL: https://www.netsparker.com/blog/web-security/sql-injection-cheat-sheet/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

52.1.25.52 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-52-1-25-52.compute-1.amazonaws.com

Software

Resource Hash

90f0521858daa786f50bf76102fd693d61466a2c6e32a381e009afe6aa51e957

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-eval' ssl.google-analytics.com static.getclicky.com in.getclicky.com; style-src 'self'; frame-src .youtube.com .youtube-nocookie.com; font-src 'self'; img-src 'self' ssl.google-analytics.com stats.g.doubleclick.net; object-src 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.netsparker.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept: */*
Cache-Control: no-cache
Cookie: msluuid=10556e6ae8824340965e7ab91526ffd3; _vwo_uuid_v2=D22B80E0A9690AD00299C3888E6E15E52|9fde861c25114682bbf5b7f36fc60415; _vis_opt_s=1%7C; _vis_opt_test_cookie=1
Connection: keep-alive
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-eval' ssl.google-analytics.com static.getclicky.com in.getclicky.com; style-src 'self'; frame-src *.youtube.com *.youtube-nocookie.com; font-src 'self'; img-src 'self' ssl.google-analytics.com stats.g.doubleclick.net; object-src 'self';
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Content-Length: 395
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer
Last-Modified: Thu, 05 Jan 2017 11:46:35 GMT
X-Frame-Options: DENY
Date: Wed, 21 Mar 2018 17:25:19 GMT
Expect-CT: max-age=30,report-uri="https://www.netsparker.com/report-ct/"
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: application/javascript
Cache-Control: max-age=31536000
ETag: "d1b2e25d4967d21:0"
Accept-Ranges: bytes

GET
H/1.1 200
OK ga.js Show response
www.netsparker.com/statics/js/ 362 B
1 KB 493ms
97ms Script
application/javascript 52.1.25.52
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://www.netsparker.com/statics/js/ga.js?v=0A99D9F42184ABA167555E9731A9339A

Requested by

Host: www.netsparker.com
URL: https://www.netsparker.com/blog/web-security/sql-injection-cheat-sheet/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

52.1.25.52 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-52-1-25-52.compute-1.amazonaws.com

Software

Resource Hash

6313b7448b6947e9a704cbf277d474fd8f660cb7566cd826d69c0d9177b1ba5f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-eval' ssl.google-analytics.com static.getclicky.com in.getclicky.com; style-src 'self'; frame-src .youtube.com .youtube-nocookie.com; font-src 'self'; img-src 'self' ssl.google-analytics.com stats.g.doubleclick.net; object-src 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.netsparker.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept: */*
Cache-Control: no-cache
Cookie: msluuid=10556e6ae8824340965e7ab91526ffd3; _vwo_uuid_v2=D22B80E0A9690AD00299C3888E6E15E52|9fde861c25114682bbf5b7f36fc60415; _vis_opt_s=1%7C; _vis_opt_test_cookie=1
Connection: keep-alive
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-eval' ssl.google-analytics.com static.getclicky.com in.getclicky.com; style-src 'self'; frame-src *.youtube.com *.youtube-nocookie.com; font-src 'self'; img-src 'self' ssl.google-analytics.com stats.g.doubleclick.net; object-src 'self';
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Content-Length: 396
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer
Last-Modified: Thu, 05 Jan 2017 11:46:35 GMT
X-Frame-Options: DENY
Date: Wed, 21 Mar 2018 17:25:19 GMT
Expect-CT: max-age=30,report-uri="https://www.netsparker.com/report-ct/"
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: application/javascript
Cache-Control: max-age=31536000
ETag: "7b50e05d4967d21:0"
Accept-Ranges: bytes

GET
H/1.1 200
OK ns-logo-transparent.png
www.netsparker.com/statics/img/ 27 KB
28 KB 308ms
108ms Image
image/png 52.1.25.52
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.netsparker.com/statics/img/ns-logo-transparent.png

Requested by

Host: www.netsparker.com
URL: https://www.netsparker.com/blog/web-security/sql-injection-cheat-sheet/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

52.1.25.52 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-52-1-25-52.compute-1.amazonaws.com

Software

Resource Hash

5f343e94f9f3a0003b4b3a2f5766bfaa1301ea55e3abdde972c67f65c3a52ead

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-eval' ssl.google-analytics.com static.getclicky.com in.getclicky.com; style-src 'self'; frame-src .youtube.com .youtube-nocookie.com; font-src 'self'; img-src 'self' ssl.google-analytics.com stats.g.doubleclick.net; object-src 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.netsparker.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Cache-Control: no-cache
Cookie: msluuid=10556e6ae8824340965e7ab91526ffd3; _vwo_uuid_v2=D22B80E0A9690AD00299C3888E6E15E52|9fde861c25114682bbf5b7f36fc60415; _vis_opt_s=1%7C; _vis_opt_test_cookie=1
Connection: keep-alive
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-eval' ssl.google-analytics.com static.getclicky.com in.getclicky.com; style-src 'self'; frame-src *.youtube.com *.youtube-nocookie.com; font-src 'self'; img-src 'self' ssl.google-analytics.com stats.g.doubleclick.net; object-src 'self';
Referrer-Policy: no-referrer
Last-Modified: Thu, 29 Sep 2016 13:12:27 GMT
ETag: "6e51620531ad21:0"
Expect-CT: max-age=30,report-uri="https://www.netsparker.com/report-ct/"
X-Frame-Options: DENY
Content-Type: image/png
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=31536000
Date: Wed, 21 Mar 2018 17:25:19 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Accept-Ranges: bytes
Content-Length: 27964
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK b9QBgL0iMZfDSpmcXcE8nBBQ_Gf4FfI8J4SYljBAylk.woff2
www.netsparker.com/statics/fonts/ 14 KB
15 KB 258ms
196ms Font
application/x-font-woff2 52.1.25.52
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://www.netsparker.com/statics/fonts/b9QBgL0iMZfDSpmcXcE8nBBQ_Gf4FfI8J4SYljBAylk.woff2

Requested by

Host: www.netsparker.com
URL: https://www.netsparker.com/blog/web-security/sql-injection-cheat-sheet/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

52.1.25.52 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-52-1-25-52.compute-1.amazonaws.com

Software

Resource Hash

238b51828174114d6249b9d0c083fc2aebea8141e5e50dd77d114a89f333a789

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-eval' ssl.google-analytics.com static.getclicky.com in.getclicky.com; style-src 'self'; frame-src .youtube.com .youtube-nocookie.com; font-src 'self'; img-src 'self' ssl.google-analytics.com stats.g.doubleclick.net; object-src 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Origin: https://www.netsparker.com
Accept-Encoding: gzip, deflate
Host: www.netsparker.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept: */*
Cache-Control: no-cache
Cookie: msluuid=10556e6ae8824340965e7ab91526ffd3; _vwo_uuid_v2=D22B80E0A9690AD00299C3888E6E15E52|9fde861c25114682bbf5b7f36fc60415; _vis_opt_s=1%7C; _vis_opt_test_cookie=1
Connection: keep-alive
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Origin: https://www.netsparker.com

Response headers

Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-eval' ssl.google-analytics.com static.getclicky.com in.getclicky.com; style-src 'self'; frame-src *.youtube.com *.youtube-nocookie.com; font-src 'self'; img-src 'self' ssl.google-analytics.com stats.g.doubleclick.net; object-src 'self';
Referrer-Policy: no-referrer
Last-Modified: Thu, 29 Sep 2016 15:17:27 GMT
ETag: "2abb9596641ad21:0"
Expect-CT: max-age=30,report-uri="https://www.netsparker.com/report-ct/"
X-Frame-Options: DENY
Content-Type: application/x-font-woff2
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=31536000
Date: Wed, 21 Mar 2018 17:25:18 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Accept-Ranges: bytes
Content-Length: 14512
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK glyphicons-halflings-regular.woff2
www.netsparker.com/fonts/ 18 KB
18 KB 161ms
98ms Font
application/x-font-woff2 52.1.25.52
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://www.netsparker.com/fonts/glyphicons-halflings-regular.woff2

Requested by

Host: www.netsparker.com
URL: https://www.netsparker.com/blog/web-security/sql-injection-cheat-sheet/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

52.1.25.52 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-52-1-25-52.compute-1.amazonaws.com

Software

Resource Hash

fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-eval' ssl.google-analytics.com static.getclicky.com in.getclicky.com; style-src 'self'; frame-src .youtube.com .youtube-nocookie.com; font-src 'self'; img-src 'self' ssl.google-analytics.com stats.g.doubleclick.net; object-src 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Origin: https://www.netsparker.com
Accept-Encoding: gzip, deflate
Host: www.netsparker.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept: */*
Cache-Control: no-cache
Cookie: msluuid=10556e6ae8824340965e7ab91526ffd3; _vwo_uuid_v2=D22B80E0A9690AD00299C3888E6E15E52|9fde861c25114682bbf5b7f36fc60415; _vis_opt_s=1%7C; _vis_opt_test_cookie=1
Connection: keep-alive
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Origin: https://www.netsparker.com

Response headers

Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-eval' ssl.google-analytics.com static.getclicky.com in.getclicky.com; style-src 'self'; frame-src *.youtube.com *.youtube-nocookie.com; font-src 'self'; img-src 'self' ssl.google-analytics.com stats.g.doubleclick.net; object-src 'self';
Referrer-Policy: no-referrer
Last-Modified: Wed, 21 Feb 2018 12:56:48 GMT
ETag: "028116f13abd31:0"
Expect-CT: max-age=30,report-uri="https://www.netsparker.com/report-ct/"
X-Frame-Options: DENY
Content-Type: application/x-font-woff2
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=31536000
Date: Wed, 21 Mar 2018 17:25:18 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Accept-Ranges: bytes
Content-Length: 18028
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK pattern-3.svg
www.netsparker.com/statics/img/ 5 KB
2 KB 269ms
97ms Image
image/svg+xml 52.1.25.52
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.netsparker.com/statics/img/pattern-3.svg

Requested by

Host: www.netsparker.com
URL: https://www.netsparker.com/blog/web-security/sql-injection-cheat-sheet/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

52.1.25.52 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-52-1-25-52.compute-1.amazonaws.com

Software

Resource Hash

ba6e529c86eb677334ed89c10476dc4067542b699a81619c656fa6da63e37e4b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-eval' ssl.google-analytics.com static.getclicky.com in.getclicky.com; style-src 'self'; frame-src .youtube.com .youtube-nocookie.com; font-src 'self'; img-src 'self' ssl.google-analytics.com stats.g.doubleclick.net; object-src 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.netsparker.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Cache-Control: no-cache
Cookie: msluuid=10556e6ae8824340965e7ab91526ffd3; _vwo_uuid_v2=D22B80E0A9690AD00299C3888E6E15E52|9fde861c25114682bbf5b7f36fc60415; _vis_opt_s=1%7C; _vis_opt_test_cookie=1
Connection: keep-alive
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-eval' ssl.google-analytics.com static.getclicky.com in.getclicky.com; style-src 'self'; frame-src *.youtube.com *.youtube-nocookie.com; font-src 'self'; img-src 'self' ssl.google-analytics.com stats.g.doubleclick.net; object-src 'self';
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Content-Length: 1104
X-XSS-Protection: 1; mode=block
Referrer-Policy: no-referrer
Last-Modified: Tue, 10 Oct 2017 06:59:27 GMT
X-Frame-Options: DENY
Date: Wed, 21 Mar 2018 17:25:19 GMT
Expect-CT: max-age=30,report-uri="https://www.netsparker.com/report-ct/"
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: image/svg+xml
Cache-Control: max-age=31536000
ETag: "80b1e14f9541d31:0"
Accept-Ranges: bytes

GET
H/1.1 200
OK raleway-medium.woff
www.netsparker.com/statics/fonts/ 51 KB
52 KB 180ms
109ms Font
application/x-font-woff 52.1.25.52
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://www.netsparker.com/statics/fonts/raleway-medium.woff

Requested by

Host: www.netsparker.com
URL: https://www.netsparker.com/blog/web-security/sql-injection-cheat-sheet/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

52.1.25.52 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-52-1-25-52.compute-1.amazonaws.com

Software

Resource Hash

96947f0a2cd434e45cf778e7604260a8b2af2a444cd6f32350cad7560bc8c0d8

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-eval' ssl.google-analytics.com static.getclicky.com in.getclicky.com; style-src 'self'; frame-src .youtube.com .youtube-nocookie.com; font-src 'self'; img-src 'self' ssl.google-analytics.com stats.g.doubleclick.net; object-src 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Origin: https://www.netsparker.com
Accept-Encoding: gzip, deflate
Host: www.netsparker.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept: */*
Cache-Control: no-cache
Cookie: msluuid=10556e6ae8824340965e7ab91526ffd3; _vwo_uuid_v2=D22B80E0A9690AD00299C3888E6E15E52|9fde861c25114682bbf5b7f36fc60415; _vis_opt_s=1%7C; _vis_opt_test_cookie=1
Connection: keep-alive
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Origin: https://www.netsparker.com

Response headers

Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-eval' ssl.google-analytics.com static.getclicky.com in.getclicky.com; style-src 'self'; frame-src *.youtube.com *.youtube-nocookie.com; font-src 'self'; img-src 'self' ssl.google-analytics.com stats.g.doubleclick.net; object-src 'self';
Referrer-Policy: no-referrer
Last-Modified: Thu, 29 Sep 2016 15:17:24 GMT
ETag: "9f762295641ad21:0"
Expect-CT: max-age=30,report-uri="https://www.netsparker.com/report-ct/"
X-Frame-Options: DENY
Content-Type: application/x-font-woff
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=31536000
Date: Wed, 21 Mar 2018 17:25:18 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Accept-Ranges: bytes
Content-Length: 52348
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK fontawesome-webfont.woff2
www.netsparker.com/fonts/ 63 KB
64 KB 354ms
195ms Font
application/x-font-woff2 52.1.25.52
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://www.netsparker.com/fonts/fontawesome-webfont.woff2?v=4.4.0

Requested by

Host: www.netsparker.com
URL: https://www.netsparker.com/blog/web-security/sql-injection-cheat-sheet/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

52.1.25.52 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-52-1-25-52.compute-1.amazonaws.com

Software

Resource Hash

3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-eval' ssl.google-analytics.com static.getclicky.com in.getclicky.com; style-src 'self'; frame-src .youtube.com .youtube-nocookie.com; font-src 'self'; img-src 'self' ssl.google-analytics.com stats.g.doubleclick.net; object-src 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Origin: https://www.netsparker.com
Accept-Encoding: gzip, deflate
Host: www.netsparker.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept: */*
Cache-Control: no-cache
Cookie: msluuid=10556e6ae8824340965e7ab91526ffd3; _vwo_uuid_v2=D22B80E0A9690AD00299C3888E6E15E52|9fde861c25114682bbf5b7f36fc60415; _vis_opt_s=1%7C; _vis_opt_test_cookie=1
Connection: keep-alive
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Origin: https://www.netsparker.com

Response headers

Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-eval' ssl.google-analytics.com static.getclicky.com in.getclicky.com; style-src 'self'; frame-src *.youtube.com *.youtube-nocookie.com; font-src 'self'; img-src 'self' ssl.google-analytics.com stats.g.doubleclick.net; object-src 'self';
Referrer-Policy: no-referrer
Last-Modified: Wed, 21 Feb 2018 12:56:48 GMT
ETag: "028116f13abd31:0"
Expect-CT: max-age=30,report-uri="https://www.netsparker.com/report-ct/"
X-Frame-Options: DENY
Content-Type: application/x-font-woff2
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=31536000
Date: Wed, 21 Mar 2018 17:25:18 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Accept-Ranges: bytes
Content-Length: 64464
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK raleway-regular.woff
www.netsparker.com/statics/fonts/ 51 KB
52 KB 356ms
196ms Font
application/x-font-woff 52.1.25.52
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://www.netsparker.com/statics/fonts/raleway-regular.woff

Requested by

Host: www.netsparker.com
URL: https://www.netsparker.com/blog/web-security/sql-injection-cheat-sheet/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

52.1.25.52 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-52-1-25-52.compute-1.amazonaws.com

Software

Resource Hash

6e3dfde6f69c1e6141e20b3445100bf4b1fab8e945f9298661403c6358475660

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-eval' ssl.google-analytics.com static.getclicky.com in.getclicky.com; style-src 'self'; frame-src .youtube.com .youtube-nocookie.com; font-src 'self'; img-src 'self' ssl.google-analytics.com stats.g.doubleclick.net; object-src 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Origin: https://www.netsparker.com
Accept-Encoding: gzip, deflate
Host: www.netsparker.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept: */*
Cache-Control: no-cache
Cookie: msluuid=10556e6ae8824340965e7ab91526ffd3; _vwo_uuid_v2=D22B80E0A9690AD00299C3888E6E15E52|9fde861c25114682bbf5b7f36fc60415; _vis_opt_s=1%7C; _vis_opt_test_cookie=1
Connection: keep-alive
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Origin: https://www.netsparker.com

Response headers

Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-eval' ssl.google-analytics.com static.getclicky.com in.getclicky.com; style-src 'self'; frame-src *.youtube.com *.youtube-nocookie.com; font-src 'self'; img-src 'self' ssl.google-analytics.com stats.g.doubleclick.net; object-src 'self';
Referrer-Policy: no-referrer
Last-Modified: Thu, 29 Sep 2016 15:17:26 GMT
ETag: "781d2596641ad21:0"
Expect-CT: max-age=30,report-uri="https://www.netsparker.com/report-ct/"
X-Frame-Options: DENY
Content-Type: application/x-font-woff
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=31536000
Date: Wed, 21 Mar 2018 17:25:18 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Accept-Ranges: bytes
Content-Length: 52732
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK raleway-light.woff
www.netsparker.com/statics/fonts/ 52 KB
52 KB 258ms
98ms Font
application/x-font-woff 52.1.25.52
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://www.netsparker.com/statics/fonts/raleway-light.woff

Requested by

Host: www.netsparker.com
URL: https://www.netsparker.com/blog/web-security/sql-injection-cheat-sheet/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

52.1.25.52 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-52-1-25-52.compute-1.amazonaws.com

Software

Resource Hash

25d025f218106ec36c020a190d2750081f1a3db99c9797eaa727dd5ba5a62d6f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-eval' ssl.google-analytics.com static.getclicky.com in.getclicky.com; style-src 'self'; frame-src .youtube.com .youtube-nocookie.com; font-src 'self'; img-src 'self' ssl.google-analytics.com stats.g.doubleclick.net; object-src 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Origin: https://www.netsparker.com
Accept-Encoding: gzip, deflate
Host: www.netsparker.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept: */*
Cache-Control: no-cache
Cookie: msluuid=10556e6ae8824340965e7ab91526ffd3; _vwo_uuid_v2=D22B80E0A9690AD00299C3888E6E15E52|9fde861c25114682bbf5b7f36fc60415; _vis_opt_s=1%7C; _vis_opt_test_cookie=1
Connection: keep-alive
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Origin: https://www.netsparker.com

Response headers

Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-eval' ssl.google-analytics.com static.getclicky.com in.getclicky.com; style-src 'self'; frame-src *.youtube.com *.youtube-nocookie.com; font-src 'self'; img-src 'self' ssl.google-analytics.com stats.g.doubleclick.net; object-src 'self';
Referrer-Policy: no-referrer
Last-Modified: Thu, 29 Sep 2016 15:17:24 GMT
ETag: "ee66d594641ad21:0"
Expect-CT: max-age=30,report-uri="https://www.netsparker.com/report-ct/"
X-Frame-Options: DENY
Content-Type: application/x-font-woff
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=31536000
Date: Wed, 21 Mar 2018 17:25:18 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Accept-Ranges: bytes
Content-Length: 52816
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK raleway-semibold.woff
www.netsparker.com/statics/fonts/ 52 KB
53 KB 288ms
108ms Font
application/x-font-woff 52.1.25.52
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://www.netsparker.com/statics/fonts/raleway-semibold.woff

Requested by

Host: www.netsparker.com
URL: https://www.netsparker.com/blog/web-security/sql-injection-cheat-sheet/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

52.1.25.52 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-52-1-25-52.compute-1.amazonaws.com

Software

Resource Hash

79b315557679036d5b8b6689e9dbb6ef3a6eefc228141616964d87fd4f41c182

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-eval' ssl.google-analytics.com static.getclicky.com in.getclicky.com; style-src 'self'; frame-src .youtube.com .youtube-nocookie.com; font-src 'self'; img-src 'self' ssl.google-analytics.com stats.g.doubleclick.net; object-src 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Origin: https://www.netsparker.com
Accept-Encoding: gzip, deflate
Host: www.netsparker.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept: */*
Cache-Control: no-cache
Cookie: msluuid=10556e6ae8824340965e7ab91526ffd3; _vwo_uuid_v2=D22B80E0A9690AD00299C3888E6E15E52|9fde861c25114682bbf5b7f36fc60415; _vis_opt_s=1%7C; _vis_opt_test_cookie=1
Connection: keep-alive
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Origin: https://www.netsparker.com

Response headers

Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-eval' ssl.google-analytics.com static.getclicky.com in.getclicky.com; style-src 'self'; frame-src *.youtube.com *.youtube-nocookie.com; font-src 'self'; img-src 'self' ssl.google-analytics.com stats.g.doubleclick.net; object-src 'self';
Referrer-Policy: no-referrer
Last-Modified: Thu, 29 Sep 2016 15:17:27 GMT
ETag: "ef8a9096641ad21:0"
Expect-CT: max-age=30,report-uri="https://www.netsparker.com/report-ct/"
X-Frame-Options: DENY
Content-Type: application/x-font-woff
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=31536000
Date: Wed, 21 Mar 2018 17:25:18 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Accept-Ranges: bytes
Content-Length: 53172
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK raleway-medium-italic.woff
www.netsparker.com/statics/fonts/ 26 KB
27 KB 339ms
98ms Font
application/x-font-woff 52.1.25.52
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://www.netsparker.com/statics/fonts/raleway-medium-italic.woff

Requested by

Host: www.netsparker.com
URL: https://www.netsparker.com/blog/web-security/sql-injection-cheat-sheet/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

52.1.25.52 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-52-1-25-52.compute-1.amazonaws.com

Software

Resource Hash

5993be014fca83d963f297d26a92254556885ebdf829ec8121bc96df06fdf701

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-eval' ssl.google-analytics.com static.getclicky.com in.getclicky.com; style-src 'self'; frame-src .youtube.com .youtube-nocookie.com; font-src 'self'; img-src 'self' ssl.google-analytics.com stats.g.doubleclick.net; object-src 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Origin: https://www.netsparker.com
Accept-Encoding: gzip, deflate
Host: www.netsparker.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept: */*
Cache-Control: no-cache
Cookie: msluuid=10556e6ae8824340965e7ab91526ffd3; _vwo_uuid_v2=D22B80E0A9690AD00299C3888E6E15E52|9fde861c25114682bbf5b7f36fc60415; _vis_opt_s=1%7C; _vis_opt_test_cookie=1
Connection: keep-alive
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Origin: https://www.netsparker.com

Response headers

Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-eval' ssl.google-analytics.com static.getclicky.com in.getclicky.com; style-src 'self'; frame-src *.youtube.com *.youtube-nocookie.com; font-src 'self'; img-src 'self' ssl.google-analytics.com stats.g.doubleclick.net; object-src 'self';
Referrer-Policy: no-referrer
Last-Modified: Tue, 22 Nov 2016 09:09:45 GMT
ETag: "6758f2ba044d21:0"
Expect-CT: max-age=30,report-uri="https://www.netsparker.com/report-ct/"
X-Frame-Options: DENY
Content-Type: application/x-font-woff
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=31536000
Date: Wed, 21 Mar 2018 17:25:18 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Accept-Ranges: bytes
Content-Length: 26504
X-Content-Type-Options: nosniff

GET conversion_async.js
www.googleadservices.com/pagead/ 0
0

GET
S 200 js Show response
static.getclicky.com/ 17 KB
6 KB 85ms
11ms Script
text/javascript 104.16.92.193
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://static.getclicky.com/js
Requested by: Host: www.netsparker.com
URL: https://www.netsparker.com/statics/js/clicky.js?v=962B8504FB3228FB5E79AB778AF4D8E8
Protocol: SPDY
Server: 104.16.92.193 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6c130eaec67485cfb49743675cf2a20e64912cd66820fb482fe9d775710ca52f

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Wed, 21 Mar 2018 17:25:29 GMT
content-encoding: gzip
cf-cache-status: HIT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
p3p: CP='NOI DSP COR CUR OUR NID NOR'
status: 200
cache-control: public, max-age=432000
cf-ray: 3ff21e3e084163eb-FRA
content-type: text/javascript; charset=utf-8
x-proxy-cache: HIT
expires: Mon, 26 Mar 2018 17:25:29 GMT

GET
S 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 20ms
20ms Script
text/javascript 216.58.208.40
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: www.netsparker.com
URL: https://www.netsparker.com/statics/js/ga.js?v=0A99D9F42184ABA167555E9731A9339A

Protocol

SPDY

Server

216.58.208.40 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s12-in-f40.1e100.net

Software

Golfe2 /

Resource Hash

7c2c58fc24e2d3458b88680cfad4577011697df9a1406808f2f7d8f46060d8a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 13 Nov 2017 20:19:12 GMT
server: Golfe2
age: 4491
date: Wed, 21 Mar 2018 16:10:38 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
timing-allow-origin: *
alt-svc: hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="41,39,35"
content-length: 17172
expires: Wed, 21 Mar 2018 18:10:38 GMT

GET

ga-audiences
www.google.com/ads/
Redirect Chain

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.1&utms=1&utmn=1044696816&utmhn=www.netsparker.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1585x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=S...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-27264250-1&cid=969211566.1521653130&jid=236102635&_v=5.7.1&z=1044696816
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-27264250-1&cid=969211566.1521653130&jid=236102635&_v=5.7.1&z=1044696816

0
0

GET ga-audiences
www.google.com.ua/ads/ 0
0

GET
S 200 in.php Show response
in.getclicky.com/ 28 B
353 B 471ms
156ms Script
text/javascript 198.145.13.13
Infinity Internet

General

Check archive.org

Show headers Download Go to

Full URL: https://in.getclicky.com/in.php?site_id=66363168&res=1600x1200&lang=en&secure=1&custom[username]=10556e6ae8824340965e7ab91526ffd3&type=pageview&href=%2Fblog%2Fweb-security%2Fsql-injection-cheat-sheet%2F&title=SQL%20Injection%20Cheat%20Sheet%20%7C%20Netsparker&jsuid=1170696251&mime=js&x=0.5566773007996959
Requested by: Host: static.getclicky.com
URL: https://static.getclicky.com/js
Protocol: SPDY
Server: 198.145.13.13 Wilsonville, United States, ASN2044 (IINET-2044 - Infinity Internet, Inc., US),
Reverse DNS: getclicky.com
Software: nginx /
Resource Hash: 074c4f230e84b969d6170e0cceb89cb662cb436d5e1fbee55d78c3f2075e8e4b

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

date: Wed, 21 Mar 2018 17:25:30 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Accept-Encoding
p3p: CP='NOI DSP COR CUR OUR NID NOR'
status: 200
cache-control: no-cache, must-revalidate, post-check=0, pre-check=0
content-type: text/javascript;charset=UTF-8
expires: Mon, 26 Jul 1997 05:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Domain: www.google.com
URL: https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-27264250-1&cid=969211566.1521653130&jid=236102635&_v=5.7.1&z=1044696816

Domain: www.google.com.ua
URL: https://www.google.com.ua/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-27264250-1&cid=969211566.1521653130&jid=236102635&_v=5.7.1&z=1044696816&slf_rd=1&random=3454091717

Verdicts & Comments Add Verdict or Comment

62 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.netsparker.com/	1970-01-18 14:40:53	Name: __utmt Value: 1
.netsparker.com/	1970-01-18 19:03:41	Name: __utmz Value: 265600656.1521653130.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
.netsparker.com/	1969-12-31 23:59:59	Name: __utmc Value: 265600656
.netsparker.com/	1969-12-31 23:59:59	Name: _vis_opt_test_cookie Value: 1
.netsparker.com/	1970-01-18 17:04:53	Name: _vis_opt_s Value: 1%7C
.netsparker.com/	1970-01-18 14:40:54	Name: __utmb Value: 265600656.1.10.1521653130
.netsparker.com/	1970-01-19 08:12:05	Name: __utma Value: 265600656.969211566.1521653130.1521653130.1521653130.1
.netsparker.com/	1970-01-18 23:27:55	Name: _vwo_uuid_v2 Value: D22B80E0A9690AD00299C3888E6E15E52\|9fde861c25114682bbf5b7f36fc60415
www.netsparker.com/	1970-01-19 08:13:31	Name: msluuid Value: 10556e6ae8824340965e7ab91526ffd3

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-eval' ssl.google-analytics.com static.getclicky.com in.getclicky.com .twitter.com .twimg.com .googletagmanager.com dev.visualwebsiteoptimizer.com heatmap.visualwebsiteoptimizer.com 'unsafe-inline' .visualwebsiteoptimizer.com app.vwo.com d5phz18u4wuww.cloudfront.net; style-src 'self' .twimg.com .twitter.com .googleapis.com app.vwo.com 'unsafe-inline'; frame-src .youtube.com .youtube-nocookie.com www.slideshare.net app.vwo.com .googletagmanager.com; font-src 'self' .gstatic.com app.vwo.com; img-src 'self' ssl.google-analytics.com stats.g.doubleclick.net .twitter.com .twimg.com data: .visualwebsiteoptimizer.com .googleapis.com .google.com.tr *.google.com; object-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

d5phz18u4wuww.cloudfront.net
dev.visualwebsiteoptimizer.com
ferruh.mavituna.com
in.getclicky.com
ssl.google-analytics.com
static.getclicky.com
www.google.com
www.google.com.ua
www.googleadservices.com
www.googletagmanager.com
www.netsparker.com
www.google.com
www.google.com.ua
www.googleadservices.com
104.16.92.193
141.138.194.191
159.122.87.148
198.145.13.13
216.58.207.72
216.58.208.40
52.1.25.52
52.222.163.159
06b8aced65acad8ed274ab77740780520d7bfa0d78b04e29c5fab3b89ab5fced
074c4f230e84b969d6170e0cceb89cb662cb436d5e1fbee55d78c3f2075e8e4b
0b45369646f2b6e7d4b5bbfa4e7bcf757fd816af7d5cd862d4bd6b400f696004
217be4f010e3cbbeacf7112c6075e51147cf8188b593a4a8d3e359654cf22d86
238b51828174114d6249b9d0c083fc2aebea8141e5e50dd77d114a89f333a789
25d025f218106ec36c020a190d2750081f1a3db99c9797eaa727dd5ba5a62d6f
3b09dfdbde64828f5eb97ac2c7902a34b691b46c0f453c9d78e073ab1fde338c
3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019
412b6e7438cfd59c9003008f2278311a61026a5f077d41ae61b105c2aab15100
4f354401643b335b5e35876f03fd9356f0b920c02e1033d9bbf093661ee2d19b
5993be014fca83d963f297d26a92254556885ebdf829ec8121bc96df06fdf701
5f343e94f9f3a0003b4b3a2f5766bfaa1301ea55e3abdde972c67f65c3a52ead
6313b7448b6947e9a704cbf277d474fd8f660cb7566cd826d69c0d9177b1ba5f
6af54454a62eb95353d1e5b19995faa9027d47d21c55f7730ee75d9637c1807b
6c130eaec67485cfb49743675cf2a20e64912cd66820fb482fe9d775710ca52f
6e3dfde6f69c1e6141e20b3445100bf4b1fab8e945f9298661403c6358475660
79b315557679036d5b8b6689e9dbb6ef3a6eefc228141616964d87fd4f41c182
7c2c58fc24e2d3458b88680cfad4577011697df9a1406808f2f7d8f46060d8a7
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
90f0521858daa786f50bf76102fd693d61466a2c6e32a381e009afe6aa51e957
96947f0a2cd434e45cf778e7604260a8b2af2a444cd6f32350cad7560bc8c0d8
a06f4e6d9f9f6b06cfa706d0b0edf785c1b832a6e2f2bbd3d689d8b6d778cfad
a970906b907e2e4a10be4c8b231e60d81d8cc929bd4142df381eb81d1f53460e
aa2def052c54cf40ca37cbd3508f24b1aba7ae41efbf37c76bc1ab887ae637d9
ba6e529c86eb677334ed89c10476dc4067542b699a81619c656fa6da63e37e4b
dd594f89e8f8adf17ef1fb7ceb79e784691a2e09968189f11c0afdf91d4e1f76
e100053af9971f9dc1e7e9856883b9ec518c0035fb98a647a38209d2342c1f0c
e204ff85b6c51aecbcf84bf9d8cb2631975d5862d75e8d8cffe26ba0fe0f914d
e5840bc1fc5ecf2ce08305f4eddf2fd9444ac3a2d79e541ae6775a6011ac4531
ec3b87d0da6e5ab58f6b66123297767c96dc8d45870f5ad682282a2ad993f277
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c

www.netsparker.com Open in urlscan Pro 52.1.25.52 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

34 Requests

71 %HTTPS

0 %IPv6

10 Domains

11 Subdomains

8 IPs

3 Countries

710 kBTransfer

1218 kBSize

9 Cookies

11 Outgoing links

Page URL History

Redirected requests

34 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.netsparker.com Open in urlscan Pro
52.1.25.52 Public Scan

Screenshot
Live screenshot

Full Image

34
Requests

71 %
HTTPS

0 %
IPv6

10
Domains

11
Subdomains

8
IPs

3
Countries

710 kB
Transfer

1218 kB
Size

9
Cookies

34 HTTP transactions
0 data transactions