Submitted URL: http://ferruh.mavituna.com/sql-injection-cheatsheet-oku/
Effective URL: https://www.netsparker.com/blog/web-security/sql-injection-cheat-sheet/
Submission: On July 10 via manual from CL

Summary

This website contacted 8 IPs in 3 countries across 11 domains to perform 38 HTTP transactions. The main IP is 52.1.25.52, located in Ashburn, United States and belongs to AMAZON-02 - Amazon.com, Inc., US. The main domain is www.netsparker.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on October 27th 2017. Valid for: a year.
This is the only time www.netsparker.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2400:cb00:204... 13335 (CLOUDFLAR...)
23 52.1.25.52 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
4 159.122.87.148 36351 (SOFTLAYER)
1 13.32.158.200 16509 (AMAZON-02)
1 2400:cb00:204... 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
1 198.145.13.11 2044 (IINET-2044)
38 8
Domain Requested by
23 www.netsparker.com www.netsparker.com
4 dev.visualwebsiteoptimizer.com www.netsparker.com
3 ssl.google-analytics.com www.netsparker.com
1 in.getclicky.com static.getclicky.com
1 static.getclicky.com www.netsparker.com
1 d5phz18u4wuww.cloudfront.net www.netsparker.com
1 www.googletagmanager.com www.netsparker.com
1 ferruh.mavituna.com 1 redirects
0 www.google.de Failed www.netsparker.com
0 www.google.com Failed www.netsparker.com
0 sjs.bizographics.com Failed www.googletagmanager.com
0 www.googleadservices.com Failed www.googletagmanager.com
38 12
Subject Issuer Validity Valid
www.netsparker.com
Go Daddy Secure Certificate Authority - G2
2017-10-27 -
2018-12-19
a year crt.sh

This page contains 1 frames:

Primary Page: https://www.netsparker.com/blog/web-security/sql-injection-cheat-sheet/
Frame ID: 5D94992EA6CE80D6ECBBC5D9FE1AFA51
Requests: 38 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. http://ferruh.mavituna.com/sql-injection-cheatsheet-oku/ HTTP 301
    https://www.netsparker.com/blog/web-security/sql-injection-cheat-sheet/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • script /static\.getclicky\.com/i
  • env /^clicky$/i

Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
  • env /^gaGlobal$/i

Overall confidence: 100%
Detected patterns
  • html /googletagmanager\.com\/ns\.html[^>]+><\/iframe>/i
  • env /^google_tag_manager$/i

Overall confidence: 100%
Detected patterns
  • env /^jQuery$/i

Page Statistics

38
Requests

61 %
HTTPS

50 %
IPv6

11
Domains

12
Subdomains

8
IPs

3
Countries

738 kB
Transfer

1317 kB
Size

13
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://ferruh.mavituna.com/sql-injection-cheatsheet-oku/ HTTP 301
    https://www.netsparker.com/blog/web-security/sql-injection-cheat-sheet/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 32
  • https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=546449948&utmhn=www.netsparker.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1585x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=SQL%20Injection%20Cheat%20Sheet%20%7C%20Netsparker&utmhid=765695114&utmr=-&utmp=%2Fblog%2Fweb-security%2Fsql-injection-cheat-sheet%2F&utmht=1531249670855&utmac=UA-27264250-1&utmcc=__utma%3D265600656.1128614366.1531249671.1531249671.1531249671.1%3B%2B__utmz%3D265600656.1531249671.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1482050551&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~ HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-27264250-1&cid=1128614366.1531249671&jid=1482050551&_v=5.7.2&z=546449948 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-27264250-1&cid=1128614366.1531249671&jid=1482050551&_v=5.7.2&z=546449948

38 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request Cookie set /
www.netsparker.com/blog/web-security/sql-injection-cheat-sheet/
Redirect Chain
  • http://ferruh.mavituna.com/sql-injection-cheatsheet-oku/
  • https://www.netsparker.com/blog/web-security/sql-injection-cheat-sheet/
68 KB
25 KB
Document
General
Full URL
https://www.netsparker.com/blog/web-security/sql-injection-cheat-sheet/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
52.1.25.52 Ashburn, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-1-25-52.compute-1.amazonaws.com
Software
/
Resource Hash
daa6e8697ffd16027599b393c71e529b9d29f35b878b5b46c992eeb0efc83e4b
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-eval' ssl.google-analytics.com static.getclicky.com in.getclicky.com *.twitter.com *.twimg.com *.googletagmanager.com dev.visualwebsiteoptimizer.com heatmap.visualwebsiteoptimizer.com 'unsafe-inline' *.visualwebsiteoptimizer.com app.vwo.com d5phz18u4wuww.cloudfront.net; style-src 'self' *.twimg.com *.twitter.com *.googleapis.com app.vwo.com 'unsafe-inline'; frame-src *.youtube.com *.youtube-nocookie.com www.slideshare.net w.soundcloud.com app.vwo.com *.googletagmanager.com; font-src 'self' *.gstatic.com app.vwo.com; img-src 'self' ssl.google-analytics.com stats.g.doubleclick.net *.twitter.com *.twimg.com data: *.visualwebsiteoptimizer.com *.googleapis.com *.google.com.tr *.google.com; object-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Host
www.netsparker.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id
5D94992EA6CE80D6ECBBC5D9FE1AFA51

Response headers

Cache-Control
private
Content-Type
text/html; charset=utf-8
Content-Encoding
gzip
Vary
Accept-Encoding
Set-Cookie
msluuid=f33f16cb95c040569a748a41a0e3117f; expires=Fri, 10-Jul-2020 19:07:41 GMT; path=/; secure; HttpOnly
Content-Security-Policy
default-src 'self'; script-src 'self' 'unsafe-eval' ssl.google-analytics.com static.getclicky.com in.getclicky.com *.twitter.com *.twimg.com *.googletagmanager.com dev.visualwebsiteoptimizer.com heatmap.visualwebsiteoptimizer.com 'unsafe-inline' *.visualwebsiteoptimizer.com app.vwo.com d5phz18u4wuww.cloudfront.net; style-src 'self' *.twimg.com *.twitter.com *.googleapis.com app.vwo.com 'unsafe-inline'; frame-src *.youtube.com *.youtube-nocookie.com www.slideshare.net w.soundcloud.com app.vwo.com *.googletagmanager.com; font-src 'self' *.gstatic.com app.vwo.com; img-src 'self' ssl.google-analytics.com stats.g.doubleclick.net *.twitter.com *.twimg.com data: *.visualwebsiteoptimizer.com *.googleapis.com *.google.com.tr *.google.com; object-src 'self'
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
X-Frame-Options
DENY
Referrer-Policy
same-origin
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Expect-CT
max-age=30,report-uri="https://www.netsparker.com/report-ct/"
Date
Tue, 10 Jul 2018 19:07:41 GMT
Content-Length
23954

Redirect headers

Date
Tue, 10 Jul 2018 19:07:48 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
__cfduid=d1a95d77a2ce8c52a72cb5f4ce3f4a2ed1531249668; expires=Wed, 10-Jul-19 19:07:48 GMT; path=/; domain=.mavituna.com; HttpOnly
Cache-Control
private
Location
https://www.netsparker.com/blog/web-security/sql-injection-cheat-sheet/
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Server
cloudflare
CF-RAY
438550bdf5fd97c8-FRA
css
www.netsparker.com/Content/
145 KB
35 KB
Stylesheet
General
Full URL
https://www.netsparker.com/Content/css?v=cS4AqqiY66sk_p-CCItOUT-5FVBlvz7NDVX-jbW2O7k1
Requested by
Host: www.netsparker.com
URL: https://www.netsparker.com/blog/web-security/sql-injection-cheat-sheet/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
52.1.25.52 Ashburn, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-1-25-52.compute-1.amazonaws.com
Software
/
Resource Hash
ccb414c5655397b580b48fd723d4fa48be9f05416c06db4bf41a760b1b1008b3
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-eval' ssl.google-analytics.com static.getclicky.com in.getclicky.com; style-src 'self'; frame-src *.youtube.com *.youtube-nocookie.com; font-src 'self'; img-src 'self' ssl.google-analytics.com stats.g.doubleclick.net; object-src 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.netsparker.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
https://www.netsparker.com/blog/web-security/sql-injection-cheat-sheet/
Cookie
msluuid=f33f16cb95c040569a748a41a0e3117f
Connection
keep-alive
Cache-Control
no-cache
Referer
https://www.netsparker.com/blog/web-security/sql-injection-cheat-sheet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Security-Policy
default-src 'self'; script-src 'self' 'unsafe-eval' ssl.google-analytics.com static.getclicky.com in.getclicky.com; style-src 'self'; frame-src *.youtube.com *.youtube-nocookie.com; font-src 'self'; img-src 'self' ssl.google-analytics.com stats.g.doubleclick.net; object-src 'self';
Content-Encoding
gzip
Referrer-Policy
same-origin
Last-Modified
Tue, 10 Jul 2018 19:07:42 GMT
Date
Tue, 10 Jul 2018 19:07:41 GMT
Expect-CT
max-age=30,report-uri="https://www.netsparker.com/report-ct/"
X-Frame-Options
DENY
Content-Type
text/css; charset=utf-8
X-XSS-Protection
1; mode=block
Cache-Control
public
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Vary
User-Agent,Accept-Encoding
Content-Length
35249
X-Content-Type-Options
nosniff
Expires
Wed, 10 Jul 2019 19:07:42 GMT
custom.css
www.netsparker.com/statics/css/
181 KB
32 KB
Stylesheet
General
Full URL
https://www.netsparker.com/statics/css/custom.css?v=BB006754F9DC3BC4D9575C329E62FD2E
Requested by
Host: www.netsparker.com
URL: https://www.netsparker.com/blog/web-security/sql-injection-cheat-sheet/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
52.1.25.52 Ashburn, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-1-25-52.compute-1.amazonaws.com
Software
/
Resource Hash
296783744c8ec7ce44f44ea20ed4f719617dc3180f0f9925ae643c029a8c82a9
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-eval' ssl.google-analytics.com static.getclicky.com in.getclicky.com; style-src 'self'; frame-src *.youtube.com *.youtube-nocookie.com; font-src 'self'; img-src 'self' ssl.google-analytics.com stats.g.doubleclick.net; object-src 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.netsparker.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
https://www.netsparker.com/blog/web-security/sql-injection-cheat-sheet/
Cookie
msluuid=f33f16cb95c040569a748a41a0e3117f
Connection
keep-alive
Cache-Control
no-cache
Referer
https://www.netsparker.com/blog/web-security/sql-injection-cheat-sheet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Security-Policy
default-src 'self'; script-src 'self' 'unsafe-eval' ssl.google-analytics.com static.getclicky.com in.getclicky.com; style-src 'self'; frame-src *.youtube.com *.youtube-nocookie.com; font-src 'self'; img-src 'self' ssl.google-analytics.com stats.g.doubleclick.net; object-src 'self';
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Vary
Accept-Encoding
Content-Length
32131
X-XSS-Protection
1; mode=block
Referrer-Policy
same-origin
Last-Modified
Thu, 05 Jul 2018 12:38:25 GMT
X-Frame-Options
DENY
Date
Tue, 10 Jul 2018 19:07:41 GMT
Expect-CT
max-age=30,report-uri="https://www.netsparker.com/report-ct/"
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Type
text/css
Cache-Control
max-age=31536000
ETag
"8036fb105d14d41:0"
Accept-Ranges
bytes
scroll.css
www.netsparker.com/statics/css/
195 B
1 KB
Stylesheet
General
Full URL
https://www.netsparker.com/statics/css/scroll.css?v=5E2C57971A41CE7293DFF8DBE3E9FFD9
Requested by
Host: www.netsparker.com
URL: https://www.netsparker.com/blog/web-security/sql-injection-cheat-sheet/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
52.1.25.52 Ashburn, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-1-25-52.compute-1.amazonaws.com
Software
/
Resource Hash
412b6e7438cfd59c9003008f2278311a61026a5f077d41ae61b105c2aab15100
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-eval' ssl.google-analytics.com static.getclicky.com in.getclicky.com; style-src 'self'; frame-src *.youtube.com *.youtube-nocookie.com; font-src 'self'; img-src 'self' ssl.google-analytics.com stats.g.doubleclick.net; object-src 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.netsparker.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
https://www.netsparker.com/blog/web-security/sql-injection-cheat-sheet/
Cookie
msluuid=f33f16cb95c040569a748a41a0e3117f
Connection
keep-alive
Cache-Control
no-cache
Referer
https://www.netsparker.com/blog/web-security/sql-injection-cheat-sheet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Security-Policy
default-src 'self'; script-src 'self' 'unsafe-eval' ssl.google-analytics.com static.getclicky.com in.getclicky.com; style-src 'self'; frame-src *.youtube.com *.youtube-nocookie.com; font-src 'self'; img-src 'self' ssl.google-analytics.com stats.g.doubleclick.net; object-src 'self';
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Vary
Accept-Encoding
Content-Length
228
X-XSS-Protection
1; mode=block
Referrer-Policy
same-origin
Last-Modified
Thu, 05 Jan 2017 11:48:30 GMT
X-Frame-Options
DENY
Date
Tue, 10 Jul 2018 19:07:41 GMT
Expect-CT
max-age=30,report-uri="https://www.netsparker.com/report-ct/"
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Type
text/css
Cache-Control
max-age=31536000
ETag
"46e2aba24967d21:0"
Accept-Ranges
bytes
SQL-Cheat-Sheet.jpg
www.netsparker.com/statics/img/blogposts/
19 KB
20 KB
Image
General
Full URL
https://www.netsparker.com/statics/img/blogposts/SQL-Cheat-Sheet.jpg
Requested by
Host: www.netsparker.com
URL: https://www.netsparker.com/blog/web-security/sql-injection-cheat-sheet/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
52.1.25.52 Ashburn, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-1-25-52.compute-1.amazonaws.com
Software
/
Resource Hash
a06f4e6d9f9f6b06cfa706d0b0edf785c1b832a6e2f2bbd3d689d8b6d778cfad
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-eval' ssl.google-analytics.com static.getclicky.com in.getclicky.com; style-src 'self'; frame-src *.youtube.com *.youtube-nocookie.com; font-src 'self'; img-src 'self' ssl.google-analytics.com stats.g.doubleclick.net; object-src 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.netsparker.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://www.netsparker.com/blog/web-security/sql-injection-cheat-sheet/
Cookie
msluuid=f33f16cb95c040569a748a41a0e3117f; _vwo_uuid_v2=DDA9ADA0765F249A8FA017BCD9B375946|3b1036cf3db9c96b3b69b8f36d49ee43; _vis_opt_s=1%7C; _vis_opt_test_cookie=1
Connection
keep-alive
Cache-Control
no-cache
Referer
https://www.netsparker.com/blog/web-security/sql-injection-cheat-sheet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Security-Policy
default-src 'self'; script-src 'self' 'unsafe-eval' ssl.google-analytics.com static.getclicky.com in.getclicky.com; style-src 'self'; frame-src *.youtube.com *.youtube-nocookie.com; font-src 'self'; img-src 'self' ssl.google-analytics.com stats.g.doubleclick.net; object-src 'self';
Referrer-Policy
same-origin
Last-Modified
Wed, 01 Mar 2017 06:53:11 GMT
ETag
"fd23be7d5892d21:0"
Expect-CT
max-age=30,report-uri="https://www.netsparker.com/report-ct/"
X-Frame-Options
DENY
Content-Type
image/jpeg
X-XSS-Protection
1; mode=block
Cache-Control
max-age=31536000
Date
Tue, 10 Jul 2018 19:07:42 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Accept-Ranges
bytes
Content-Length
19813
X-Content-Type-Options
nosniff
340x395_4.png
www.netsparker.com/statics/img/promo/
73 KB
74 KB
Image
General
Full URL
https://www.netsparker.com/statics/img/promo/340x395_4.png
Requested by
Host: www.netsparker.com
URL: https://www.netsparker.com/blog/web-security/sql-injection-cheat-sheet/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
52.1.25.52 Ashburn, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-1-25-52.compute-1.amazonaws.com
Software
/
Resource Hash
217be4f010e3cbbeacf7112c6075e51147cf8188b593a4a8d3e359654cf22d86
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-eval' ssl.google-analytics.com static.getclicky.com in.getclicky.com; style-src 'self'; frame-src *.youtube.com *.youtube-nocookie.com; font-src 'self'; img-src 'self' ssl.google-analytics.com stats.g.doubleclick.net; object-src 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.netsparker.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://www.netsparker.com/blog/web-security/sql-injection-cheat-sheet/
Cookie
msluuid=f33f16cb95c040569a748a41a0e3117f; _vwo_uuid_v2=DDA9ADA0765F249A8FA017BCD9B375946|3b1036cf3db9c96b3b69b8f36d49ee43; _vis_opt_s=1%7C; _vis_opt_test_cookie=1
Connection
keep-alive
Cache-Control
no-cache
Referer
https://www.netsparker.com/blog/web-security/sql-injection-cheat-sheet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Security-Policy
default-src 'self'; script-src 'self' 'unsafe-eval' ssl.google-analytics.com static.getclicky.com in.getclicky.com; style-src 'self'; frame-src *.youtube.com *.youtube-nocookie.com; font-src 'self'; img-src 'self' ssl.google-analytics.com stats.g.doubleclick.net; object-src 'self';
Referrer-Policy
same-origin
Last-Modified
Thu, 04 Jan 2018 13:01:35 GMT
ETag
"995890265c85d31:0"
Expect-CT
max-age=30,report-uri="https://www.netsparker.com/report-ct/"
X-Frame-Options
DENY
Content-Type
image/png
X-XSS-Protection
1; mode=block
Cache-Control
max-age=31536000
Date
Tue, 10 Jul 2018 19:07:41 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Accept-Ranges
bytes
Content-Length
75008
X-Content-Type-Options
nosniff
ns-logo-transparent_bw.png
www.netsparker.com/statics/img/
12 KB
13 KB
Image
General
Full URL
https://www.netsparker.com/statics/img/ns-logo-transparent_bw.png
Requested by
Host: www.netsparker.com
URL: https://www.netsparker.com/blog/web-security/sql-injection-cheat-sheet/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
52.1.25.52 Ashburn, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-1-25-52.compute-1.amazonaws.com
Software
/
Resource Hash
ec3b87d0da6e5ab58f6b66123297767c96dc8d45870f5ad682282a2ad993f277
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-eval' ssl.google-analytics.com static.getclicky.com in.getclicky.com; style-src 'self'; frame-src *.youtube.com *.youtube-nocookie.com; font-src 'self'; img-src 'self' ssl.google-analytics.com stats.g.doubleclick.net; object-src 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.netsparker.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://www.netsparker.com/blog/web-security/sql-injection-cheat-sheet/
Cookie
msluuid=f33f16cb95c040569a748a41a0e3117f; _vwo_uuid_v2=DDA9ADA0765F249A8FA017BCD9B375946|3b1036cf3db9c96b3b69b8f36d49ee43; _vis_opt_s=1%7C; _vis_opt_test_cookie=1
Connection
keep-alive
Cache-Control
no-cache
Referer
https://www.netsparker.com/blog/web-security/sql-injection-cheat-sheet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Security-Policy
default-src 'self'; script-src 'self' 'unsafe-eval' ssl.google-analytics.com static.getclicky.com in.getclicky.com; style-src 'self'; frame-src *.youtube.com *.youtube-nocookie.com; font-src 'self'; img-src 'self' ssl.google-analytics.com stats.g.doubleclick.net; object-src 'self';
Referrer-Policy
same-origin
Last-Modified
Mon, 12 Dec 2016 12:13:42 GMT
ETag
"3e9ae12d7154d21:0"
Expect-CT
max-age=30,report-uri="https://www.netsparker.com/report-ct/"
X-Frame-Options
DENY
Content-Type
image/png
X-XSS-Protection
1; mode=block
Cache-Control
max-age=31536000
Date
Tue, 10 Jul 2018 19:07:42 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Accept-Ranges
bytes
Content-Length
12261
X-Content-Type-Options
nosniff
blank.png
www.netsparker.com/statics/img/
119 B
923 B
Image
General
Full URL
https://www.netsparker.com/statics/img/blank.png
Requested by
Host: www.netsparker.com
URL: https://www.netsparker.com/blog/web-security/sql-injection-cheat-sheet/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
52.1.25.52 Ashburn, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-1-25-52.compute-1.amazonaws.com
Software
/
Resource Hash
dd594f89e8f8adf17ef1fb7ceb79e784691a2e09968189f11c0afdf91d4e1f76
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-eval' ssl.google-analytics.com static.getclicky.com in.getclicky.com; style-src 'self'; frame-src *.youtube.com *.youtube-nocookie.com; font-src 'self'; img-src 'self' ssl.google-analytics.com stats.g.doubleclick.net; object-src 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.netsparker.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://www.netsparker.com/blog/web-security/sql-injection-cheat-sheet/
Cookie
msluuid=f33f16cb95c040569a748a41a0e3117f; _vwo_uuid_v2=DDA9ADA0765F249A8FA017BCD9B375946|3b1036cf3db9c96b3b69b8f36d49ee43; _vis_opt_s=1%7C; _vis_opt_test_cookie=1
Connection
keep-alive
Cache-Control
no-cache
Referer
https://www.netsparker.com/blog/web-security/sql-injection-cheat-sheet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Security-Policy
default-src 'self'; script-src 'self' 'unsafe-eval' ssl.google-analytics.com static.getclicky.com in.getclicky.com; style-src 'self'; frame-src *.youtube.com *.youtube-nocookie.com; font-src 'self'; img-src 'self' ssl.google-analytics.com stats.g.doubleclick.net; object-src 'self';
Referrer-Policy
same-origin
Last-Modified
Thu, 02 Mar 2017 07:02:32 GMT
ETag
"24da0f72293d21:0"
Expect-CT
max-age=30,report-uri="https://www.netsparker.com/report-ct/"
X-Frame-Options
DENY
Content-Type
image/png
X-XSS-Protection
1; mode=block
Cache-Control
max-age=31536000
Date
Tue, 10 Jul 2018 19:07:42 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Accept-Ranges
bytes
Content-Length
119
X-Content-Type-Options
nosniff
gtm.js
www.googletagmanager.com/
57 KB
20 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-M7R7MXJ
Requested by
Host: www.netsparker.com
URL: https://www.netsparker.com/blog/web-security/sql-injection-cheat-sheet/
Protocol
SPDY
Server
2a00:1450:4001:81b::2008 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager (scaffolding) /
Resource Hash
60a096095a6cfc7f640c32fe0a68105e96fa215cdebb6f3fcc2ece8df66fe7cd
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 10 Jul 2018 19:07:50 GMT
content-encoding
gzip
server
Google Tag Manager (scaffolding)
access-control-allow-headers
Cache-Control
status
200
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
http://www.googletagmanager.com
cache-control
private, max-age=900
access-control-allow-credentials
true
alt-svc
quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length
20274
x-xss-protection
1; mode=block
expires
Tue, 10 Jul 2018 19:07:50 GMT
js_visitor_settings.php
dev.visualwebsiteoptimizer.com/deploy/
9 KB
3 KB
Script
General
Full URL
https://dev.visualwebsiteoptimizer.com/deploy/js_visitor_settings.php?v=1&a=301870&url=https%3A%2F%2Fwww.netsparker.com%2Fblog%2Fweb-security%2Fsql-injection-cheat-sheet%2F&random=0.23378580554500017
Requested by
Host: www.netsparker.com
URL: https://www.netsparker.com/blog/web-security/sql-injection-cheat-sheet/
Protocol
SPDY
Server
159.122.87.148 Frankfurt, Germany, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),
Reverse DNS
94.57.7a9f.ip4.static.sl-reverse.com
Software
fra1dacdn /
Resource Hash
9e3e35874c9018b3d61a03b9f40c9f08d17a451c14ff42e8bab9bbabf1f1eb4c

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

status
200
date
Tue, 10 Jul 2018 19:07:49 GMT
content-encoding
gzip
server
fra1dacdn
content-type
application/javascript; charset=UTF-8
jquery
www.netsparker.com/bundles/
177 KB
80 KB
Script
General
Full URL
https://www.netsparker.com/bundles/jquery?v=IebpbcrmAs8fWybcVGrJMoXEU_imWpcRfh3uC50aILo1
Requested by
Host: www.netsparker.com
URL: https://www.netsparker.com/blog/web-security/sql-injection-cheat-sheet/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
52.1.25.52 Ashburn, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-1-25-52.compute-1.amazonaws.com
Software
/
Resource Hash
257475b22bfffb08f7903e07bc4bebe150a92769cda4284bb00260e862fbd7fb
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-eval' ssl.google-analytics.com static.getclicky.com in.getclicky.com; style-src 'self'; frame-src *.youtube.com *.youtube-nocookie.com; font-src 'self'; img-src 'self' ssl.google-analytics.com stats.g.doubleclick.net; object-src 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.netsparker.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
https://www.netsparker.com/blog/web-security/sql-injection-cheat-sheet/
Cookie
msluuid=f33f16cb95c040569a748a41a0e3117f; _vwo_uuid_v2=DDA9ADA0765F249A8FA017BCD9B375946|3b1036cf3db9c96b3b69b8f36d49ee43; _vis_opt_s=1%7C; _vis_opt_test_cookie=1
Connection
keep-alive
Cache-Control
no-cache
Referer
https://www.netsparker.com/blog/web-security/sql-injection-cheat-sheet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Security-Policy
default-src 'self'; script-src 'self' 'unsafe-eval' ssl.google-analytics.com static.getclicky.com in.getclicky.com; style-src 'self'; frame-src *.youtube.com *.youtube-nocookie.com; font-src 'self'; img-src 'self' ssl.google-analytics.com stats.g.doubleclick.net; object-src 'self';
Content-Encoding
gzip
Referrer-Policy
same-origin
Last-Modified
Tue, 10 Jul 2018 19:07:42 GMT
Date
Tue, 10 Jul 2018 19:07:41 GMT
Expect-CT
max-age=30,report-uri="https://www.netsparker.com/report-ct/"
X-Frame-Options
DENY
Content-Type
text/javascript; charset=utf-8
X-XSS-Protection
1; mode=block
Cache-Control
public
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Vary
User-Agent,Accept-Encoding
X-Content-Type-Options
nosniff
Expires
Wed, 10 Jul 2019 19:07:42 GMT
bootstrap
www.netsparker.com/bundles/
40 KB
16 KB
Script
General
Full URL
https://www.netsparker.com/bundles/bootstrap?v=-g7cxTWQV6ve_iRyKtg7LoBytQltgj_w8zTNeaLaBc41
Requested by
Host: www.netsparker.com
URL: https://www.netsparker.com/blog/web-security/sql-injection-cheat-sheet/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
52.1.25.52 Ashburn, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-1-25-52.compute-1.amazonaws.com
Software
/
Resource Hash
3f959d88727d64ae731699491ec0a17e0de889419ef0bba6fcc56176598e4532
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-eval' ssl.google-analytics.com static.getclicky.com in.getclicky.com; style-src 'self'; frame-src *.youtube.com *.youtube-nocookie.com; font-src 'self'; img-src 'self' ssl.google-analytics.com stats.g.doubleclick.net; object-src 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.netsparker.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
https://www.netsparker.com/blog/web-security/sql-injection-cheat-sheet/
Cookie
msluuid=f33f16cb95c040569a748a41a0e3117f; _vwo_uuid_v2=DDA9ADA0765F249A8FA017BCD9B375946|3b1036cf3db9c96b3b69b8f36d49ee43; _vis_opt_s=1%7C; _vis_opt_test_cookie=1
Connection
keep-alive
Cache-Control
no-cache
Referer
https://www.netsparker.com/blog/web-security/sql-injection-cheat-sheet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Security-Policy
default-src 'self'; script-src 'self' 'unsafe-eval' ssl.google-analytics.com static.getclicky.com in.getclicky.com; style-src 'self'; frame-src *.youtube.com *.youtube-nocookie.com; font-src 'self'; img-src 'self' ssl.google-analytics.com stats.g.doubleclick.net; object-src 'self';
Content-Encoding
gzip
Referrer-Policy
same-origin
Last-Modified
Tue, 10 Jul 2018 19:07:42 GMT
Date
Tue, 10 Jul 2018 19:07:41 GMT
Expect-CT
max-age=30,report-uri="https://www.netsparker.com/report-ct/"
X-Frame-Options
DENY
Content-Type
text/javascript; charset=utf-8
X-XSS-Protection
1; mode=block
Cache-Control
public
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Vary
User-Agent,Accept-Encoding
Content-Length
15103
X-Content-Type-Options
nosniff
Expires
Wed, 10 Jul 2019 19:07:42 GMT
jquery.cookieBar.js
www.netsparker.com/statics/js/
2 KB
2 KB
Script
General
Full URL
https://www.netsparker.com/statics/js/jquery.cookieBar.js?v=F5646639-10FD-45C2-9F6A-E06F11BB5FBE
Requested by
Host: www.netsparker.com
URL: https://www.netsparker.com/blog/web-security/sql-injection-cheat-sheet/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
52.1.25.52 Ashburn, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-1-25-52.compute-1.amazonaws.com
Software
/
Resource Hash
3b09dfdbde64828f5eb97ac2c7902a34b691b46c0f453c9d78e073ab1fde338c
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-eval' ssl.google-analytics.com static.getclicky.com in.getclicky.com; style-src 'self'; frame-src *.youtube.com *.youtube-nocookie.com; font-src 'self'; img-src 'self' ssl.google-analytics.com stats.g.doubleclick.net; object-src 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.netsparker.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
https://www.netsparker.com/blog/web-security/sql-injection-cheat-sheet/
Cookie
msluuid=f33f16cb95c040569a748a41a0e3117f; _vwo_uuid_v2=DDA9ADA0765F249A8FA017BCD9B375946|3b1036cf3db9c96b3b69b8f36d49ee43; _vis_opt_s=1%7C; _vis_opt_test_cookie=1
Connection
keep-alive
Cache-Control
no-cache
Referer
https://www.netsparker.com/blog/web-security/sql-injection-cheat-sheet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Security-Policy
default-src 'self'; script-src 'self' 'unsafe-eval' ssl.google-analytics.com static.getclicky.com in.getclicky.com; style-src 'self'; frame-src *.youtube.com *.youtube-nocookie.com; font-src 'self'; img-src 'self' ssl.google-analytics.com stats.g.doubleclick.net; object-src 'self';
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Vary
Accept-Encoding
Content-Length
1279
X-XSS-Protection
1; mode=block
Referrer-Policy
same-origin
Last-Modified
Fri, 02 Dec 2016 12:24:16 GMT
X-Frame-Options
DENY
Date
Tue, 10 Jul 2018 19:07:41 GMT
Expect-CT
max-age=30,report-uri="https://www.netsparker.com/report-ct/"
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Type
application/javascript
Cache-Control
max-age=31536000
ETag
"6ae7d2ff964cd21:0"
Accept-Ranges
bytes
custom.js
www.netsparker.com/statics/js/
9 KB
4 KB
Script
General
Full URL
https://www.netsparker.com/statics/js/custom.js?v=38CFBD361E4A150C9BD1FEBB868A8645
Requested by
Host: www.netsparker.com
URL: https://www.netsparker.com/blog/web-security/sql-injection-cheat-sheet/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
52.1.25.52 Ashburn, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-1-25-52.compute-1.amazonaws.com
Software
/
Resource Hash
6489f828ba95c2d7df578a568d2932ab527aae7dc88b7bd67c3382ee6bcc8001
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-eval' ssl.google-analytics.com static.getclicky.com in.getclicky.com; style-src 'self'; frame-src *.youtube.com *.youtube-nocookie.com; font-src 'self'; img-src 'self' ssl.google-analytics.com stats.g.doubleclick.net; object-src 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.netsparker.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
https://www.netsparker.com/blog/web-security/sql-injection-cheat-sheet/
Cookie
msluuid=f33f16cb95c040569a748a41a0e3117f; _vwo_uuid_v2=DDA9ADA0765F249A8FA017BCD9B375946|3b1036cf3db9c96b3b69b8f36d49ee43; _vis_opt_s=1%7C; _vis_opt_test_cookie=1
Connection
keep-alive
Cache-Control
no-cache
Referer
https://www.netsparker.com/blog/web-security/sql-injection-cheat-sheet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Security-Policy
default-src 'self'; script-src 'self' 'unsafe-eval' ssl.google-analytics.com static.getclicky.com in.getclicky.com; style-src 'self'; frame-src *.youtube.com *.youtube-nocookie.com; font-src 'self'; img-src 'self' ssl.google-analytics.com stats.g.doubleclick.net; object-src 'self';
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Vary
Accept-Encoding
Content-Length
2836
X-XSS-Protection
1; mode=block
Referrer-Policy
same-origin
Last-Modified
Fri, 08 Jun 2018 08:24:44 GMT
X-Frame-Options
DENY
Date
Tue, 10 Jul 2018 19:07:41 GMT
Expect-CT
max-age=30,report-uri="https://www.netsparker.com/report-ct/"
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Type
application/javascript
Cache-Control
max-age=31536000
ETag
"0ae67272ffd31:0"
Accept-Ranges
bytes
clicky.js
www.netsparker.com/statics/js/
408 B
1 KB
Script
General
Full URL
https://www.netsparker.com/statics/js/clicky.js?v=962B8504FB3228FB5E79AB778AF4D8E8
Requested by
Host: www.netsparker.com
URL: https://www.netsparker.com/blog/web-security/sql-injection-cheat-sheet/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
52.1.25.52 Ashburn, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-1-25-52.compute-1.amazonaws.com
Software
/
Resource Hash
90f0521858daa786f50bf76102fd693d61466a2c6e32a381e009afe6aa51e957
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-eval' ssl.google-analytics.com static.getclicky.com in.getclicky.com; style-src 'self'; frame-src *.youtube.com *.youtube-nocookie.com; font-src 'self'; img-src 'self' ssl.google-analytics.com stats.g.doubleclick.net; object-src 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.netsparker.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
https://www.netsparker.com/blog/web-security/sql-injection-cheat-sheet/
Cookie
msluuid=f33f16cb95c040569a748a41a0e3117f; _vwo_uuid_v2=DDA9ADA0765F249A8FA017BCD9B375946|3b1036cf3db9c96b3b69b8f36d49ee43; _vis_opt_s=1%7C; _vis_opt_test_cookie=1
Connection
keep-alive
Cache-Control
no-cache
Referer
https://www.netsparker.com/blog/web-security/sql-injection-cheat-sheet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Security-Policy
default-src 'self'; script-src 'self' 'unsafe-eval' ssl.google-analytics.com static.getclicky.com in.getclicky.com; style-src 'self'; frame-src *.youtube.com *.youtube-nocookie.com; font-src 'self'; img-src 'self' ssl.google-analytics.com stats.g.doubleclick.net; object-src 'self';
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Vary
Accept-Encoding
Content-Length
395
X-XSS-Protection
1; mode=block
Referrer-Policy
same-origin
Last-Modified
Thu, 05 Jan 2017 11:46:35 GMT
X-Frame-Options
DENY
Date
Tue, 10 Jul 2018 19:07:41 GMT
Expect-CT
max-age=30,report-uri="https://www.netsparker.com/report-ct/"
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Type
application/javascript
Cache-Control
max-age=31536000
ETag
"d1b2e25d4967d21:0"
Accept-Ranges
bytes
ga.js
www.netsparker.com/statics/js/
362 B
1 KB
Script
General
Full URL
https://www.netsparker.com/statics/js/ga.js?v=0A99D9F42184ABA167555E9731A9339A
Requested by
Host: www.netsparker.com
URL: https://www.netsparker.com/blog/web-security/sql-injection-cheat-sheet/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
52.1.25.52 Ashburn, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-1-25-52.compute-1.amazonaws.com
Software
/
Resource Hash
6313b7448b6947e9a704cbf277d474fd8f660cb7566cd826d69c0d9177b1ba5f
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-eval' ssl.google-analytics.com static.getclicky.com in.getclicky.com; style-src 'self'; frame-src *.youtube.com *.youtube-nocookie.com; font-src 'self'; img-src 'self' ssl.google-analytics.com stats.g.doubleclick.net; object-src 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.netsparker.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
https://www.netsparker.com/blog/web-security/sql-injection-cheat-sheet/
Cookie
msluuid=f33f16cb95c040569a748a41a0e3117f; _vwo_uuid_v2=DDA9ADA0765F249A8FA017BCD9B375946|3b1036cf3db9c96b3b69b8f36d49ee43; _vis_opt_s=1%7C; _vis_opt_test_cookie=1
Connection
keep-alive
Cache-Control
no-cache
Referer
https://www.netsparker.com/blog/web-security/sql-injection-cheat-sheet/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Security-Policy
default-src 'self'; script-src 'self' 'unsafe-eval' ssl.google-analytics.com static.getclicky.com in.getclicky.com; style-src 'self'; frame-src *.youtube.com *.youtube-nocookie.com; font-src 'self'; img-src 'self' ssl.google-analytics.com stats.g.doubleclick.net; object-src 'self';
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Vary
Accept-Encoding
Content-Length
396
X-XSS-Protection
1; mode=block
Referrer-Policy
same-origin
Last-Modified
Thu, 05 Jan 2017 11:46:35 GMT
X-Frame-Options
DENY
Date
Tue, 10 Jul 2018 19:07:42 GMT
Expect-CT
max-age=30,report-uri="https://www.netsparker.com/report-ct/"
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Type
application/javascript
Cache-Control
max-age=31536000
ETag
"7b50e05d4967d21:0"
Accept-Ranges
bytes
v.gif
dev.visualwebsiteoptimizer.com/
35 B
238 B
Image
General
Full URL
https://dev.visualwebsiteoptimizer.com/v.gif?a=301870&d=netsparker.com&u=DDA9ADA0765F249A8FA017BCD9B375946&h=3b1036cf3db9c96b3b69b8f36d49ee43&r=0.14115836918135294
Requested by
Host: www.netsparker.com
URL: https://www.netsparker.com/blog/web-security/sql-injection-cheat-sheet/
Protocol
SPDY
Server
159.122.87.148 Frankfurt, Germany, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),
Reverse DNS
94.57.7a9f.ip4.static.sl-reverse.com
Software
fra1dacdn /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 10 Jul 2018 19:07:49 GMT
x-content-type-options
nosniff
server
fra1dacdn
content-type
image/gif
status
200
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length
35
expires
Mon, 10 Jan 2005 00:00:01 GMT
vis_opt.js
d5phz18u4wuww.cloudfront.net/
119 KB
41 KB
Script
General
Full URL
https://d5phz18u4wuww.cloudfront.net/vis_opt.js
Requested by
Host: www.netsparker.com
URL: https://www.netsparker.com/blog/web-security/sql-injection-cheat-sheet/
Protocol
HTTP/1.1
Server
13.32.158.200 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-32-158-200.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b8aced65acad8ed274ab77740780520d7bfa0d78b04e29c5fab3b89ab5fced

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date
Thu, 30 Nov 2017 19:31:37 GMT
Content-Encoding
gzip
Last-Modified
Mon, 23 Oct 2017 12:19:50 GMT
Server
AmazonS3
Age
2837
ETag
"093ee92623aa7fd24d2eca604d445a6d"
X-Cache
Hit from cloudfront
Content-Type
text/javascript
Via
1.1 617456b5ad99c756ee702b235ecfe148.cloudfront.net (CloudFront)
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
41572
X-Amz-Cf-Id
U-RT_ac2cTAfTrSYuGXwglG9xL5Cc2YG16BnhsY5-46pPfLdjoCxPQ==
ns-logo-transparent.png
www.netsparker.com/statics/img/
27 KB
28 KB
Image
General
Full URL
https://www.netsparker.com/statics/img/ns-logo-transparent.png
Requested by
Host: www.netsparker.com
URL: https://www.netsparker.com/blog/web-security/sql-injection-cheat-sheet/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
52.1.25.52 Ashburn, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-1-25-52.compute-1.amazonaws.com
Software
/
Resource Hash
5f343e94f9f3a0003b4b3a2f5766bfaa1301ea55e3abdde972c67f65c3a52ead
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-eval' ssl.google-analytics.com static.getclicky.com in.getclicky.com; style-src 'self'; frame-src *.youtube.com *.youtube-nocookie.com; font-src 'self'; img-src 'self' ssl.google-analytics.com stats.g.doubleclick.net; object-src 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.netsparker.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://www.netsparker.com/statics/css/custom.css?v=BB006754F9DC3BC4D9575C329E62FD2E
Cookie
msluuid=f33f16cb95c040569a748a41a0e3117f; _vwo_uuid_v2=DDA9ADA0765F249A8FA017BCD9B375946|3b1036cf3db9c96b3b69b8f36d49ee43; _vis_opt_s=1%7C; _vis_opt_test_cookie=1
Connection
keep-alive
Cache-Control
no-cache
Referer
https://www.netsparker.com/statics/css/custom.css?v=BB006754F9DC3BC4D9575C329E62FD2E
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Security-Policy
default-src 'self'; script-src 'self' 'unsafe-eval' ssl.google-analytics.com static.getclicky.com in.getclicky.com; style-src 'self'; frame-src *.youtube.com *.youtube-nocookie.com; font-src 'self'; img-src 'self' ssl.google-analytics.com stats.g.doubleclick.net; object-src 'self';
Referrer-Policy
same-origin
Last-Modified
Thu, 29 Sep 2016 13:12:27 GMT
ETag
"6e51620531ad21:0"
Expect-CT
max-age=30,report-uri="https://www.netsparker.com/report-ct/"
X-Frame-Options
DENY
Content-Type
image/png
X-XSS-Protection
1; mode=block
Cache-Control
max-age=31536000
Date
Tue, 10 Jul 2018 19:07:41 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Accept-Ranges
bytes
Content-Length
27964
X-Content-Type-Options
nosniff
raleway-regular.woff
www.netsparker.com/statics/fonts/
51 KB
52 KB
Font
General
Full URL
https://www.netsparker.com/statics/fonts/raleway-regular.woff
Requested by
Host: www.netsparker.com
URL: https://www.netsparker.com/blog/web-security/sql-injection-cheat-sheet/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
52.1.25.52 Ashburn, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-1-25-52.compute-1.amazonaws.com
Software
/
Resource Hash
6e3dfde6f69c1e6141e20b3445100bf4b1fab8e945f9298661403c6358475660
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-eval' ssl.google-analytics.com static.getclicky.com in.getclicky.com; style-src 'self'; frame-src *.youtube.com *.youtube-nocookie.com; font-src 'self'; img-src 'self' ssl.google-analytics.com stats.g.doubleclick.net; object-src 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Origin
https://www.netsparker.com
Accept-Encoding
gzip, deflate
Host
www.netsparker.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
https://www.netsparker.com/statics/css/custom.css?v=BB006754F9DC3BC4D9575C329E62FD2E
Cookie
msluuid=f33f16cb95c040569a748a41a0e3117f; _vwo_uuid_v2=DDA9ADA0765F249A8FA017BCD9B375946|3b1036cf3db9c96b3b69b8f36d49ee43; _vis_opt_s=1%7C; _vis_opt_test_cookie=1
Connection
keep-alive
Cache-Control
no-cache
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.netsparker.com/statics/css/custom.css?v=BB006754F9DC3BC4D9575C329E62FD2E
Origin
https://www.netsparker.com

Response headers

Content-Security-Policy
default-src 'self'; script-src 'self' 'unsafe-eval' ssl.google-analytics.com static.getclicky.com in.getclicky.com; style-src 'self'; frame-src *.youtube.com *.youtube-nocookie.com; font-src 'self'; img-src 'self' ssl.google-analytics.com stats.g.doubleclick.net; object-src 'self';
Referrer-Policy
same-origin
Last-Modified
Thu, 29 Sep 2016 15:17:26 GMT
ETag
"781d2596641ad21:0"
Expect-CT
max-age=30,report-uri="https://www.netsparker.com/report-ct/"
X-Frame-Options
DENY
Content-Type
application/x-font-woff
X-XSS-Protection
1; mode=block
Cache-Control
max-age=31536000
Date
Tue, 10 Jul 2018 19:07:41 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Accept-Ranges
bytes
Content-Length
52732
X-Content-Type-Options
nosniff
b9QBgL0iMZfDSpmcXcE8nBBQ_Gf4FfI8J4SYljBAylk.woff2
www.netsparker.com/statics/fonts/
14 KB
15 KB
Font
General
Full URL
https://www.netsparker.com/statics/fonts/b9QBgL0iMZfDSpmcXcE8nBBQ_Gf4FfI8J4SYljBAylk.woff2
Requested by
Host: www.netsparker.com
URL: https://www.netsparker.com/blog/web-security/sql-injection-cheat-sheet/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
52.1.25.52 Ashburn, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-1-25-52.compute-1.amazonaws.com
Software
/
Resource Hash
238b51828174114d6249b9d0c083fc2aebea8141e5e50dd77d114a89f333a789
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-eval' ssl.google-analytics.com static.getclicky.com in.getclicky.com; style-src 'self'; frame-src *.youtube.com *.youtube-nocookie.com; font-src 'self'; img-src 'self' ssl.google-analytics.com stats.g.doubleclick.net; object-src 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Origin
https://www.netsparker.com
Accept-Encoding
gzip, deflate
Host
www.netsparker.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
https://www.netsparker.com/statics/css/custom.css?v=BB006754F9DC3BC4D9575C329E62FD2E
Cookie
msluuid=f33f16cb95c040569a748a41a0e3117f; _vwo_uuid_v2=DDA9ADA0765F249A8FA017BCD9B375946|3b1036cf3db9c96b3b69b8f36d49ee43; _vis_opt_s=1%7C; _vis_opt_test_cookie=1
Connection
keep-alive
Cache-Control
no-cache
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.netsparker.com/statics/css/custom.css?v=BB006754F9DC3BC4D9575C329E62FD2E
Origin
https://www.netsparker.com

Response headers

Content-Security-Policy
default-src 'self'; script-src 'self' 'unsafe-eval' ssl.google-analytics.com static.getclicky.com in.getclicky.com; style-src 'self'; frame-src *.youtube.com *.youtube-nocookie.com; font-src 'self'; img-src 'self' ssl.google-analytics.com stats.g.doubleclick.net; object-src 'self';
Referrer-Policy
same-origin
Last-Modified
Thu, 29 Sep 2016 15:17:27 GMT
ETag
"2abb9596641ad21:0"
Expect-CT
max-age=30,report-uri="https://www.netsparker.com/report-ct/"
X-Frame-Options
DENY
Content-Type
application/x-font-woff2
X-XSS-Protection
1; mode=block
Cache-Control
max-age=31536000
Date
Tue, 10 Jul 2018 19:07:41 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Accept-Ranges
bytes
Content-Length
14512
X-Content-Type-Options
nosniff
pattern-3.svg
www.netsparker.com/statics/img/
5 KB
2 KB
Image
General
Full URL
https://www.netsparker.com/statics/img/pattern-3.svg
Requested by
Host: www.netsparker.com
URL: https://www.netsparker.com/blog/web-security/sql-injection-cheat-sheet/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
52.1.25.52 Ashburn, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-1-25-52.compute-1.amazonaws.com
Software
/
Resource Hash
ba6e529c86eb677334ed89c10476dc4067542b699a81619c656fa6da63e37e4b
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-eval' ssl.google-analytics.com static.getclicky.com in.getclicky.com; style-src 'self'; frame-src *.youtube.com *.youtube-nocookie.com; font-src 'self'; img-src 'self' ssl.google-analytics.com stats.g.doubleclick.net; object-src 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.netsparker.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://www.netsparker.com/statics/css/custom.css?v=BB006754F9DC3BC4D9575C329E62FD2E
Cookie
msluuid=f33f16cb95c040569a748a41a0e3117f; _vwo_uuid_v2=DDA9ADA0765F249A8FA017BCD9B375946|3b1036cf3db9c96b3b69b8f36d49ee43; _vis_opt_s=1%7C; _vis_opt_test_cookie=1
Connection
keep-alive
Cache-Control
no-cache
Referer
https://www.netsparker.com/statics/css/custom.css?v=BB006754F9DC3BC4D9575C329E62FD2E
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Security-Policy
default-src 'self'; script-src 'self' 'unsafe-eval' ssl.google-analytics.com static.getclicky.com in.getclicky.com; style-src 'self'; frame-src *.youtube.com *.youtube-nocookie.com; font-src 'self'; img-src 'self' ssl.google-analytics.com stats.g.doubleclick.net; object-src 'self';
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Vary
Accept-Encoding
Content-Length
1104
X-XSS-Protection
1; mode=block
Referrer-Policy
same-origin
Last-Modified
Tue, 10 Oct 2017 06:59:27 GMT
X-Frame-Options
DENY
Date
Tue, 10 Jul 2018 19:07:41 GMT
Expect-CT
max-age=30,report-uri="https://www.netsparker.com/report-ct/"
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Type
image/svg+xml
Cache-Control
max-age=31536000
ETag
"80b1e14f9541d31:0"
Accept-Ranges
bytes
raleway-medium.woff
www.netsparker.com/statics/fonts/
51 KB
52 KB
Font
General
Full URL
https://www.netsparker.com/statics/fonts/raleway-medium.woff
Requested by
Host: www.netsparker.com
URL: https://www.netsparker.com/blog/web-security/sql-injection-cheat-sheet/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
52.1.25.52 Ashburn, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-1-25-52.compute-1.amazonaws.com
Software
/
Resource Hash
96947f0a2cd434e45cf778e7604260a8b2af2a444cd6f32350cad7560bc8c0d8
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-eval' ssl.google-analytics.com static.getclicky.com in.getclicky.com; style-src 'self'; frame-src *.youtube.com *.youtube-nocookie.com; font-src 'self'; img-src 'self' ssl.google-analytics.com stats.g.doubleclick.net; object-src 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Origin
https://www.netsparker.com
Accept-Encoding
gzip, deflate
Host
www.netsparker.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
https://www.netsparker.com/statics/css/custom.css?v=BB006754F9DC3BC4D9575C329E62FD2E
Cookie
msluuid=f33f16cb95c040569a748a41a0e3117f; _vwo_uuid_v2=DDA9ADA0765F249A8FA017BCD9B375946|3b1036cf3db9c96b3b69b8f36d49ee43; _vis_opt_s=1%7C; _vis_opt_test_cookie=1
Connection
keep-alive
Cache-Control
no-cache
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.netsparker.com/statics/css/custom.css?v=BB006754F9DC3BC4D9575C329E62FD2E
Origin
https://www.netsparker.com

Response headers

Content-Security-Policy
default-src 'self'; script-src 'self' 'unsafe-eval' ssl.google-analytics.com static.getclicky.com in.getclicky.com; style-src 'self'; frame-src *.youtube.com *.youtube-nocookie.com; font-src 'self'; img-src 'self' ssl.google-analytics.com stats.g.doubleclick.net; object-src 'self';
Referrer-Policy
same-origin
Last-Modified
Thu, 29 Sep 2016 15:17:24 GMT
ETag
"9f762295641ad21:0"
Expect-CT
max-age=30,report-uri="https://www.netsparker.com/report-ct/"
X-Frame-Options
DENY
Content-Type
application/x-font-woff
X-XSS-Protection
1; mode=block
Cache-Control
max-age=31536000
Date
Tue, 10 Jul 2018 19:07:41 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Accept-Ranges
bytes
Content-Length
52348
X-Content-Type-Options
nosniff
fontawesome-webfont.woff2
www.netsparker.com/fonts/
63 KB
64 KB
Font
General
Full URL
https://www.netsparker.com/fonts/fontawesome-webfont.woff2?v=4.4.0
Requested by
Host: www.netsparker.com
URL: https://www.netsparker.com/blog/web-security/sql-injection-cheat-sheet/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
52.1.25.52 Ashburn, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-1-25-52.compute-1.amazonaws.com
Software
/
Resource Hash
3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-eval' ssl.google-analytics.com static.getclicky.com in.getclicky.com; style-src 'self'; frame-src *.youtube.com *.youtube-nocookie.com; font-src 'self'; img-src 'self' ssl.google-analytics.com stats.g.doubleclick.net; object-src 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Origin
https://www.netsparker.com
Accept-Encoding
gzip, deflate
Host
www.netsparker.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
https://www.netsparker.com/Content/css?v=cS4AqqiY66sk_p-CCItOUT-5FVBlvz7NDVX-jbW2O7k1
Cookie
msluuid=f33f16cb95c040569a748a41a0e3117f; _vwo_uuid_v2=DDA9ADA0765F249A8FA017BCD9B375946|3b1036cf3db9c96b3b69b8f36d49ee43; _vis_opt_s=1%7C; _vis_opt_test_cookie=1
Connection
keep-alive
Cache-Control
no-cache
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.netsparker.com/Content/css?v=cS4AqqiY66sk_p-CCItOUT-5FVBlvz7NDVX-jbW2O7k1
Origin
https://www.netsparker.com

Response headers

Content-Security-Policy
default-src 'self'; script-src 'self' 'unsafe-eval' ssl.google-analytics.com static.getclicky.com in.getclicky.com; style-src 'self'; frame-src *.youtube.com *.youtube-nocookie.com; font-src 'self'; img-src 'self' ssl.google-analytics.com stats.g.doubleclick.net; object-src 'self';
Referrer-Policy
same-origin
Last-Modified
Thu, 24 May 2018 12:30:44 GMT
ETag
"0b2da85bf3d31:0"
Expect-CT
max-age=30,report-uri="https://www.netsparker.com/report-ct/"
X-Frame-Options
DENY
Content-Type
application/x-font-woff2
X-XSS-Protection
1; mode=block
Cache-Control
max-age=31536000
Date
Tue, 10 Jul 2018 19:07:41 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Accept-Ranges
bytes
Content-Length
64464
X-Content-Type-Options
nosniff
raleway-light.woff
www.netsparker.com/statics/fonts/
52 KB
52 KB
Font
General
Full URL
https://www.netsparker.com/statics/fonts/raleway-light.woff
Requested by
Host: www.netsparker.com
URL: https://www.netsparker.com/blog/web-security/sql-injection-cheat-sheet/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
52.1.25.52 Ashburn, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-1-25-52.compute-1.amazonaws.com
Software
/
Resource Hash
25d025f218106ec36c020a190d2750081f1a3db99c9797eaa727dd5ba5a62d6f
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-eval' ssl.google-analytics.com static.getclicky.com in.getclicky.com; style-src 'self'; frame-src *.youtube.com *.youtube-nocookie.com; font-src 'self'; img-src 'self' ssl.google-analytics.com stats.g.doubleclick.net; object-src 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Origin
https://www.netsparker.com
Accept-Encoding
gzip, deflate
Host
www.netsparker.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
https://www.netsparker.com/statics/css/custom.css?v=BB006754F9DC3BC4D9575C329E62FD2E
Cookie
msluuid=f33f16cb95c040569a748a41a0e3117f; _vwo_uuid_v2=DDA9ADA0765F249A8FA017BCD9B375946|3b1036cf3db9c96b3b69b8f36d49ee43; _vis_opt_s=1%7C; _vis_opt_test_cookie=1
Connection
keep-alive
Cache-Control
no-cache
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.netsparker.com/statics/css/custom.css?v=BB006754F9DC3BC4D9575C329E62FD2E
Origin
https://www.netsparker.com

Response headers

Content-Security-Policy
default-src 'self'; script-src 'self' 'unsafe-eval' ssl.google-analytics.com static.getclicky.com in.getclicky.com; style-src 'self'; frame-src *.youtube.com *.youtube-nocookie.com; font-src 'self'; img-src 'self' ssl.google-analytics.com stats.g.doubleclick.net; object-src 'self';
Referrer-Policy
same-origin
Last-Modified
Thu, 29 Sep 2016 15:17:24 GMT
ETag
"ee66d594641ad21:0"
Expect-CT
max-age=30,report-uri="https://www.netsparker.com/report-ct/"
X-Frame-Options
DENY
Content-Type
application/x-font-woff
X-XSS-Protection
1; mode=block
Cache-Control
max-age=31536000
Date
Tue, 10 Jul 2018 19:07:41 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Accept-Ranges
bytes
Content-Length
52816
X-Content-Type-Options
nosniff
raleway-semibold.woff
www.netsparker.com/statics/fonts/
52 KB
53 KB
Font
General
Full URL
https://www.netsparker.com/statics/fonts/raleway-semibold.woff
Requested by
Host: www.netsparker.com
URL: https://www.netsparker.com/blog/web-security/sql-injection-cheat-sheet/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
52.1.25.52 Ashburn, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-1-25-52.compute-1.amazonaws.com
Software
/
Resource Hash
79b315557679036d5b8b6689e9dbb6ef3a6eefc228141616964d87fd4f41c182
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-eval' ssl.google-analytics.com static.getclicky.com in.getclicky.com; style-src 'self'; frame-src *.youtube.com *.youtube-nocookie.com; font-src 'self'; img-src 'self' ssl.google-analytics.com stats.g.doubleclick.net; object-src 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Origin
https://www.netsparker.com
Accept-Encoding
gzip, deflate
Host
www.netsparker.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
https://www.netsparker.com/statics/css/custom.css?v=BB006754F9DC3BC4D9575C329E62FD2E
Cookie
msluuid=f33f16cb95c040569a748a41a0e3117f; _vwo_uuid_v2=DDA9ADA0765F249A8FA017BCD9B375946|3b1036cf3db9c96b3b69b8f36d49ee43; _vis_opt_s=1%7C; _vis_opt_test_cookie=1
Connection
keep-alive
Cache-Control
no-cache
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.netsparker.com/statics/css/custom.css?v=BB006754F9DC3BC4D9575C329E62FD2E
Origin
https://www.netsparker.com

Response headers

Content-Security-Policy
default-src 'self'; script-src 'self' 'unsafe-eval' ssl.google-analytics.com static.getclicky.com in.getclicky.com; style-src 'self'; frame-src *.youtube.com *.youtube-nocookie.com; font-src 'self'; img-src 'self' ssl.google-analytics.com stats.g.doubleclick.net; object-src 'self';
Referrer-Policy
same-origin
Last-Modified
Thu, 29 Sep 2016 15:17:27 GMT
ETag
"ef8a9096641ad21:0"
Expect-CT
max-age=30,report-uri="https://www.netsparker.com/report-ct/"
X-Frame-Options
DENY
Content-Type
application/x-font-woff
X-XSS-Protection
1; mode=block
Cache-Control
max-age=31536000
Date
Tue, 10 Jul 2018 19:07:41 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Accept-Ranges
bytes
Content-Length
53172
X-Content-Type-Options
nosniff
raleway-medium-italic.woff
www.netsparker.com/statics/fonts/
26 KB
27 KB
Font
General
Full URL
https://www.netsparker.com/statics/fonts/raleway-medium-italic.woff
Requested by
Host: www.netsparker.com
URL: https://www.netsparker.com/blog/web-security/sql-injection-cheat-sheet/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
52.1.25.52 Ashburn, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-1-25-52.compute-1.amazonaws.com
Software
/
Resource Hash
5993be014fca83d963f297d26a92254556885ebdf829ec8121bc96df06fdf701
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-eval' ssl.google-analytics.com static.getclicky.com in.getclicky.com; style-src 'self'; frame-src *.youtube.com *.youtube-nocookie.com; font-src 'self'; img-src 'self' ssl.google-analytics.com stats.g.doubleclick.net; object-src 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Origin
https://www.netsparker.com
Accept-Encoding
gzip, deflate
Host
www.netsparker.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
https://www.netsparker.com/statics/css/custom.css?v=BB006754F9DC3BC4D9575C329E62FD2E
Cookie
msluuid=f33f16cb95c040569a748a41a0e3117f; _vwo_uuid_v2=DDA9ADA0765F249A8FA017BCD9B375946|3b1036cf3db9c96b3b69b8f36d49ee43; _vis_opt_s=1%7C; _vis_opt_test_cookie=1
Connection
keep-alive
Cache-Control
no-cache
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.netsparker.com/statics/css/custom.css?v=BB006754F9DC3BC4D9575C329E62FD2E
Origin
https://www.netsparker.com

Response headers

Content-Security-Policy
default-src 'self'; script-src 'self' 'unsafe-eval' ssl.google-analytics.com static.getclicky.com in.getclicky.com; style-src 'self'; frame-src *.youtube.com *.youtube-nocookie.com; font-src 'self'; img-src 'self' ssl.google-analytics.com stats.g.doubleclick.net; object-src 'self';
Referrer-Policy
same-origin
Last-Modified
Tue, 22 Nov 2016 09:09:45 GMT
ETag
"6758f2ba044d21:0"
Expect-CT
max-age=30,report-uri="https://www.netsparker.com/report-ct/"
X-Frame-Options
DENY
Content-Type
application/x-font-woff
X-XSS-Protection
1; mode=block
Cache-Control
max-age=31536000
Date
Tue, 10 Jul 2018 19:07:41 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Accept-Ranges
bytes
Content-Length
26504
X-Content-Type-Options
nosniff
conversion_async.js
www.googleadservices.com/pagead/
0
0

insight.min.js
sjs.bizographics.com/
0
0

js
static.getclicky.com/
17 KB
6 KB
Script
General
Full URL
https://static.getclicky.com/js
Requested by
Host: www.netsparker.com
URL: https://www.netsparker.com/statics/js/clicky.js?v=962B8504FB3228FB5E79AB778AF4D8E8
Protocol
SPDY
Server
2400:cb00:2048:1::6810:59c1 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
d9a41a35cc9faecce3c3cecd834be797fc3f6fcc902722046c8622e7462a3730

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 10 Jul 2018 19:07:50 GMT
content-encoding
gzip
cf-cache-status
HIT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding
content-type
text/javascript; charset=utf-8
status
200
expires
Sun, 15 Jul 2018 19:07:50 GMT
cache-control
public, max-age=432000
cf-ray
438550c95bfcbed0-FRA
x-proxy-cache
HIT
ga.js
ssl.google-analytics.com/
45 KB
17 KB
Script
General
Full URL
https://ssl.google-analytics.com/ga.js
Requested by
Host: www.netsparker.com
URL: https://www.netsparker.com/statics/js/ga.js?v=0A99D9F42184ABA167555E9731A9339A
Protocol
SPDY
Server
2a00:1450:4001:817::2008 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 18 May 2018 01:10:24 GMT
server
Golfe2
age
3391
date
Tue, 10 Jul 2018 18:11:19 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length
17168
expires
Tue, 10 Jul 2018 20:11:19 GMT
l.gif
dev.visualwebsiteoptimizer.com/
35 B
238 B
Image
General
Full URL
https://dev.visualwebsiteoptimizer.com/l.gif?experiment_id=103&account_id=301870&combination=2&s=1&u=DDA9ADA0765F249A8FA017BCD9B375946&ed={%22lt%22:%221531249670697%22,%22r%22:%22%22,%22ul%22:%22en-us%22,%22de%22:%22UTF-8%22,%22sc%22:%2224%22,%22sr%22:%221600x1200%22}&random=0.39329974893005204
Requested by
Host: www.netsparker.com
URL: https://www.netsparker.com/blog/web-security/sql-injection-cheat-sheet/
Protocol
SPDY
Server
159.122.87.148 Frankfurt, Germany, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),
Reverse DNS
94.57.7a9f.ip4.static.sl-reverse.com
Software
fra1dacdn /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 10 Jul 2018 19:07:50 GMT
x-content-type-options
nosniff
server
fra1dacdn
content-type
image/gif
status
200
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length
35
expires
Mon, 10 Jan 2005 00:00:01 GMT
l.gif
dev.visualwebsiteoptimizer.com/
35 B
238 B
Image
General
Full URL
https://dev.visualwebsiteoptimizer.com/l.gif?experiment_id=99&account_id=301870&combination=2&s=1&u=DDA9ADA0765F249A8FA017BCD9B375946&ed={%22lt%22:%221531249670699%22,%22r%22:%22%22,%22ul%22:%22en-us%22,%22de%22:%22UTF-8%22,%22sc%22:%2224%22,%22sr%22:%221600x1200%22}&random=0.19954348926384569
Requested by
Host: www.netsparker.com
URL: https://www.netsparker.com/blog/web-security/sql-injection-cheat-sheet/
Protocol
SPDY
Server
159.122.87.148 Frankfurt, Germany, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),
Reverse DNS
94.57.7a9f.ip4.static.sl-reverse.com
Software
fra1dacdn /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 10 Jul 2018 19:07:50 GMT
x-content-type-options
nosniff
server
fra1dacdn
content-type
image/gif
status
200
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length
35
expires
Mon, 10 Jan 2005 00:00:01 GMT
ga-audiences
www.google.com/ads/
Redirect Chain
  • https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=546449948&utmhn=www.netsparker.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1585x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=SQ...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-27264250-1&cid=1128614366.1531249671&jid=1482050551&_v=5.7.2&z=546449948
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-27264250-1&cid=1128614366.1531249671&jid=1482050551&_v=5.7.2&z=546449948
0
0

__utm.gif
ssl.google-analytics.com/
35 B
93 B
Image
General
Full URL
https://ssl.google-analytics.com/__utm.gif?utmwv=5.7.2&utms=2&utmn=1372518003&utmhn=www.netsparker.com&utmt=event&utme=5(VWO*Visit*)(0)8(4!VWO-103)9(4!Variation-1)11(4!1)&utmcs=UTF-8&utmsr=1600x1200&utmvp=1585x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=SQL%20Injection%20Cheat%20Sheet%20%7C%20Netsparker&utmhid=765695114&utmr=-&utmp=%2Fblog%2Fweb-security%2Fsql-injection-cheat-sheet%2F&utmht=1531249670859&utmac=UA-27264250-1&utmni=1&utmcc=__utma%3D265600656.1128614366.1531249671.1531249671.1531249671.1%3B%2B__utmz%3D265600656.1531249671.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=&utmu=6QAAAAAAAAAAAAAAAAAAAAAE~
Requested by
Host: www.netsparker.com
URL: https://www.netsparker.com/blog/web-security/sql-injection-cheat-sheet/
Protocol
SPDY
Server
2a00:1450:4001:817::2008 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Jul 2018 14:38:36 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
707354
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
__utm.gif
ssl.google-analytics.com/
35 B
197 B
Image
General
Full URL
https://ssl.google-analytics.com/__utm.gif?utmwv=5.7.2&utms=3&utmn=192379592&utmhn=www.netsparker.com&utmt=event&utme=5(VWO*Visit*)(0)8(4!VWO-99)9(4!Variation-1)11(4!1)&utmcs=UTF-8&utmsr=1600x1200&utmvp=1585x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=SQL%20Injection%20Cheat%20Sheet%20%7C%20Netsparker&utmhid=765695114&utmr=-&utmp=%2Fblog%2Fweb-security%2Fsql-injection-cheat-sheet%2F&utmht=1531249670862&utmac=UA-27264250-1&utmni=1&utmcc=__utma%3D265600656.1128614366.1531249671.1531249671.1531249671.1%3B%2B__utmz%3D265600656.1531249671.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=&utmu=6QAAAAAAAAAAAAAAAAAAAAAE~
Requested by
Host: www.netsparker.com
URL: https://www.netsparker.com/blog/web-security/sql-injection-cheat-sheet/
Protocol
SPDY
Server
2a00:1450:4001:817::2008 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 02 Jul 2018 14:38:36 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
707354
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
0
0

in.php
in.getclicky.com/
28 B
318 B
Script
General
Full URL
https://in.getclicky.com/in.php?site_id=66363168&res=1600x1200&lang=en&secure=1&custom[username]=f33f16cb95c040569a748a41a0e3117f&type=pageview&href=%2Fblog%2Fweb-security%2Fsql-injection-cheat-sheet%2F&title=SQL%20Injection%20Cheat%20Sheet%20%7C%20Netsparker&jsuid=1849303459&mime=js&x=0.5417265492103727
Requested by
Host: static.getclicky.com
URL: https://static.getclicky.com/js
Protocol
SPDY
Server
198.145.13.11 Wilsonville, United States, ASN2044 (IINET-2044 - Infinity Internet, Inc., US),
Reverse DNS
getclicky.com
Software
nginx /
Resource Hash
69561fc2aa2efb6dd3b74268025a1e7125bb333bff0634a3f86fedb7c8881bc3

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 10 Jul 2018 19:07:51 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Accept-Encoding
content-type
text/javascript;charset=UTF-8
status
200
cache-control
no-cache, must-revalidate, post-check=0, pre-check=0
expires
Mon, 26 Jul 1997 05:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.googleadservices.com
URL
https://www.googleadservices.com/pagead/conversion_async.js
Domain
sjs.bizographics.com
URL
https://sjs.bizographics.com/insight.min.js
Domain
www.google.com
URL
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-27264250-1&cid=1128614366.1531249671&jid=1482050551&_v=5.7.2&z=546449948
Domain
www.google.de
URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-27264250-1&cid=1128614366.1531249671&jid=1482050551&_v=5.7.2&z=546449948&slf_rd=1&random=4094700280

Verdicts & Comments Add Verdict or Comment

70 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| dataLayer number| _vis_opt_account_id string| _vis_opt_protocol boolean| _vis_opt_settings_loaded number| _vwo_acc_id object| _vwo_exp_ids object| _vwo_exp string| _vwo_cookieDomain string| _vwo_uuid string| _vwo_lib_cb object| vwo_iehack_queue object| VWO string| _vis_opt_file_name function| vwo_$ string| _vwo_server_url object| _vis_opt_queue object| _vwo_evq function| _vwo_ev object| _vwo_api_section_callback object| _vis_opt_comb_name function| _vwo_s object| _vwo_campaignData function| _vis_opt_top_initialize function| _vis_opt_bottom_initialize function| _vis_opt_goal_conversion function| _vis_opt_revenue_conversion function| _vis_opt_pause function| _vis_opt_readCookie function| _vis_opt_createCookie function| _vis_opt_element_loaded function| _vis_opt_GA_track function| _vis_opt_register_conversion string| _vis_opt_experiment_id object| google_tag_manager string| _bizo_data_partner_id undefined| _bizo_data_partner_title undefined| _bizo_data_partner_domain undefined| _bizo_data_partner_company undefined| _bizo_data_partner_location undefined| _bizo_data_partner_employee_range undefined| _bizo_data_partner_sics undefined| _bizo_data_partner_email function| htmlEncode function| somethingChanged function| somethingCompleted function| getQueryStrings function| encodeSelector function| showInvalidTab function| replaceUrlParam object| helpers object| ncLocalStorage object| global object| SURROGATE_PAIR_REGEXP object| NON_ALPHANUMERIC_REGEXP function| $ function| jQuery object| visibleif object| respond function| onScroll object| clicky_custom object| clicky_site_ids object| _gaq function| a object| clicky_obj object| clicky undefined| clicky_site_id object| _genericStats object| _genericStatsCustom object| _gat object| gaGlobal

13 Cookies

Domain/Path Name / Value
.netsparker.com/ Name: __utmt
Value: 1
.netsparker.com/ Name: __utmz
Value: 265600656.1531249671.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
.netsparker.com/ Name: __utma
Value: 265600656.1128614366.1531249671.1531249671.1531249671.1
.netsparker.com/ Name: __utmv
Value: 265600656.|4=VWO-99=Variation-1=1
.netsparker.com/ Name: __utmc
Value: 265600656
.netsparker.com/ Name: _vwo_uuid
Value: DDA9ADA0765F249A8FA017BCD9B375946
.netsparker.com/ Name: __utmb
Value: 265600656.3.8.1531249671
.netsparker.com/ Name: _vis_opt_exp_99_combi
Value: 2
.netsparker.com/ Name: _vis_opt_test_cookie
Value: 1
.netsparker.com/ Name: _vis_opt_exp_103_combi
Value: 2
.netsparker.com/ Name: _vis_opt_s
Value: 1%7C
.netsparker.com/ Name: _vwo_uuid_v2
Value: DDA9ADA0765F249A8FA017BCD9B375946|3b1036cf3db9c96b3b69b8f36d49ee43
www.netsparker.com/ Name: msluuid
Value: f33f16cb95c040569a748a41a0e3117f

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-eval' ssl.google-analytics.com static.getclicky.com in.getclicky.com *.twitter.com *.twimg.com *.googletagmanager.com dev.visualwebsiteoptimizer.com heatmap.visualwebsiteoptimizer.com 'unsafe-inline' *.visualwebsiteoptimizer.com app.vwo.com d5phz18u4wuww.cloudfront.net; style-src 'self' *.twimg.com *.twitter.com *.googleapis.com app.vwo.com 'unsafe-inline'; frame-src *.youtube.com *.youtube-nocookie.com www.slideshare.net w.soundcloud.com app.vwo.com *.googletagmanager.com; font-src 'self' *.gstatic.com app.vwo.com; img-src 'self' ssl.google-analytics.com stats.g.doubleclick.net *.twitter.com *.twimg.com data: *.visualwebsiteoptimizer.com *.googleapis.com *.google.com.tr *.google.com; object-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

d5phz18u4wuww.cloudfront.net
dev.visualwebsiteoptimizer.com
ferruh.mavituna.com
in.getclicky.com
sjs.bizographics.com
ssl.google-analytics.com
static.getclicky.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.netsparker.com
sjs.bizographics.com
www.google.com
www.google.de
www.googleadservices.com
13.32.158.200
159.122.87.148
198.145.13.11
2400:cb00:2048:1::6810:59c1
2400:cb00:2048:1::681b:ac78
2a00:1450:4001:817::2008
2a00:1450:4001:81b::2008
52.1.25.52
06b8aced65acad8ed274ab77740780520d7bfa0d78b04e29c5fab3b89ab5fced
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
217be4f010e3cbbeacf7112c6075e51147cf8188b593a4a8d3e359654cf22d86
238b51828174114d6249b9d0c083fc2aebea8141e5e50dd77d114a89f333a789
257475b22bfffb08f7903e07bc4bebe150a92769cda4284bb00260e862fbd7fb
25d025f218106ec36c020a190d2750081f1a3db99c9797eaa727dd5ba5a62d6f
296783744c8ec7ce44f44ea20ed4f719617dc3180f0f9925ae643c029a8c82a9
3b09dfdbde64828f5eb97ac2c7902a34b691b46c0f453c9d78e073ab1fde338c
3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019
3f959d88727d64ae731699491ec0a17e0de889419ef0bba6fcc56176598e4532
412b6e7438cfd59c9003008f2278311a61026a5f077d41ae61b105c2aab15100
5993be014fca83d963f297d26a92254556885ebdf829ec8121bc96df06fdf701
5f343e94f9f3a0003b4b3a2f5766bfaa1301ea55e3abdde972c67f65c3a52ead
60a096095a6cfc7f640c32fe0a68105e96fa215cdebb6f3fcc2ece8df66fe7cd
6313b7448b6947e9a704cbf277d474fd8f660cb7566cd826d69c0d9177b1ba5f
6489f828ba95c2d7df578a568d2932ab527aae7dc88b7bd67c3382ee6bcc8001
69561fc2aa2efb6dd3b74268025a1e7125bb333bff0634a3f86fedb7c8881bc3
6e3dfde6f69c1e6141e20b3445100bf4b1fab8e945f9298661403c6358475660
79b315557679036d5b8b6689e9dbb6ef3a6eefc228141616964d87fd4f41c182
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
90f0521858daa786f50bf76102fd693d61466a2c6e32a381e009afe6aa51e957
96947f0a2cd434e45cf778e7604260a8b2af2a444cd6f32350cad7560bc8c0d8
9e3e35874c9018b3d61a03b9f40c9f08d17a451c14ff42e8bab9bbabf1f1eb4c
a06f4e6d9f9f6b06cfa706d0b0edf785c1b832a6e2f2bbd3d689d8b6d778cfad
ba6e529c86eb677334ed89c10476dc4067542b699a81619c656fa6da63e37e4b
ccb414c5655397b580b48fd723d4fa48be9f05416c06db4bf41a760b1b1008b3
d9a41a35cc9faecce3c3cecd834be797fc3f6fcc902722046c8622e7462a3730
daa6e8697ffd16027599b393c71e529b9d29f35b878b5b46c992eeb0efc83e4b
dd594f89e8f8adf17ef1fb7ceb79e784691a2e09968189f11c0afdf91d4e1f76
ec3b87d0da6e5ab58f6b66123297767c96dc8d45870f5ad682282a2ad993f277