urlscan.io logo urlscan.io
SecurityTrails logo

www.contrastsecurity.com Open in urlscan Pro
2606:2c40::c73c:67e2  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://protect-us.mimecast.com/s/aQiHCADogZhmpvN5IGuWoE?domain=sales.contrastsecurity.com
Effective URL: https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2...
Submission: On March 15 via manual from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 68 IPs in 2 countries across 46 domains to perform 182 HTTP transactions. The main IP is 2606:2c40::c73c:67e2, located in United States and belongs to CLOUDFLARESPECTRUM Cloudflare, Inc., US. The main domain is www.contrastsecurity.com. The Cisco Umbrella rank of the primary domain is 815836.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 15th 2022. Valid for: a year.
This is the only time www.contrastsecurity.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2 207.211.31.113 14135 (NAVISITE-...)
1 1 54.235.209.62 14618 (AMAZON-AES)
1 1 52.71.157.217 14618 (AMAZON-AES)
38 2606:2c40::c7... 209242 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 3 2a02:6ea0:c45... 60068 (CDN77 ^_^)
2 2a04:4e42::485 54113 (FASTLY)
1 2620:1ec:29:1... 8075 (MICROSOFT...)
8 2606:4700::68... 13335 (CLOUDFLAR...)
2 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
3 2607:f8b0:400... 15169 (GOOGLE)
4 2607:f8b0:400... 15169 (GOOGLE)
3 2620:1ec:c11:... 8068 (MICROSOFT...)
3 146.75.32.157 54113 (FASTLY)
1 2600:1400:d::... 20940 (AKAMAI-ASN1)
1 2a04:4e42::396 54113 (FASTLY)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a04:4e42:600... 54113 (FASTLY)
2 35.167.211.225 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
6 2a03:2880:f01... 32934 (FACEBOOK)
9 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 108.138.106.124 16509 (AMAZON-02)
1 44.209.137.118 14618 (AMAZON-AES)
2 2607:f8b0:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
3 2606:4700:440... 13335 (CLOUDFLAR...)
1 52.85.61.11 16509 (AMAZON-02)
1 1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
3 2607:f8b0:400... 15169 (GOOGLE)
2 209.128.119.150 7151 (BAYAREA-AS)
3 2600:9000:21e... 16509 (AMAZON-02)
4 6 2620:1ec:21::14 8068 (MICROSOFT...)
1 13.107.42.14 8068 (MICROSOFT...)
6 2607:f8b0:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 151.101.1.140 54113 (FASTLY)
1 104.244.42.197 13414 (TWITTER)
1 104.244.42.67 13414 (TWITTER)
4 54.242.17.147 14618 (AMAZON-AES)
1 2001:4860:480... 15169 (GOOGLE)
4 34.111.208.231 396982 (GOOGLE-CL...)
4 18.164.96.87 16509 (AMAZON-02)
1 44.212.189.233 14618 (AMAZON-AES)
3 2606:4700::68... 13335 (CLOUDFLAR...)
4 54.227.196.180 14618 (AMAZON-AES)
5 2a03:2880:f11... 32934 (FACEBOOK)
1 104.244.42.72 13414 (TWITTER)
2 4 100.20.44.23 16509 (AMAZON-02)
2 2 142.250.80.102 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
1 34.214.245.73 16509 (AMAZON-02)
1 46.51.204.8 16509 (AMAZON-02)
1 34.226.2.205 14618 (AMAZON-AES)
1 2 54.83.70.205 14618 (AMAZON-AES)
2 52.37.218.4 16509 (AMAZON-02)
1 18.203.61.230 16509 (AMAZON-02)
1 35.188.42.15 396982 (GOOGLE-CL...)
1 54.230.163.60 16509 (AMAZON-02)
1 34.212.4.35 16509 (AMAZON-02)
1 52.4.213.160 14618 (AMAZON-AES)
2 7 2600:9000:23c... 16509 (AMAZON-02)
1 2 2600:1f18:61c... 14618 (AMAZON-AES)
1 34.235.250.11 14618 (AMAZON-AES)
1 13.226.39.47 16509 (AMAZON-02)
1 52.216.33.130 ()
182 68
2    207.211.31.113 (Providence, United States)

ASN14135 (NAVISITE-EAST-2, US)
PTR: service165-us.mimecast.com
protect-us.mimecast.com
1    54.235.209.62 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-235-209-62.compute-1.amazonaws.com
sales.contrastsecurity.com
1    52.71.157.217 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-71-157-217.compute-1.amazonaws.com
app.salesloft.com
38    2606:2c40::c73c:67e2 (United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)
www.contrastsecurity.com
2    2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
2    2606:4700::6811:f3cc (United States)

ASN13335 (CLOUDFLARENET, US)
cdn2.hubspot.net
3    2a02:6ea0:c454::1 (New York, United States)

ASN60068 (CDN77 ^_^, GB)
cdn.rawgit.com
a.omappapi.com
2    2a04:4e42::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
1    2620:1ec:29:1::40 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
platform.linkedin.com
8    2606:4700::6813:9a53 (United States)

ASN13335 (CLOUDFLARENET, US)
no-cache.hubspot.com
app.hubspot.com
cta-service-cms2.hubspot.com
track.hubspot.com
2    2607:f8b0:4006:816::2008 (Nutley, United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2607:f8b0:4006:817::2001 (Nutley, United States)

ASN15169 (GOOGLE, US)
lh3.googleusercontent.com
3    2607:f8b0:4006:823::200e (Nutley, United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
4    2607:f8b0:4006:816::2002 (Nutley, United States)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
3    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
3    146.75.32.157 (Ashburn, United States)

ASN54113 (FASTLY, US)
static.ads-twitter.com
platform.twitter.com
1    2600:1400:d::17db:5c72 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)
snap.licdn.com
1    2a04:4e42::396 (United States)

ASN54113 (FASTLY, US)
www.redditstatic.com
1    2606:4700::6812:de5a (United States)

ASN13335 (CLOUDFLARENET, US)
scout-cdn.salesloft.com
2    2a04:4e42:600::622 (United States)

ASN54113 (FASTLY, US)
fast.wistia.com
2    35.167.211.225 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-167-211-225.us-west-2.compute.amazonaws.com
api.kickfire.com
1    2606:4700::6812:c9f (United States)

ASN13335 (CLOUDFLARENET, US)
trk.techtarget.com
6    2a03:2880:f012:8:face:b00c:0:1 (Secaucus, United States)

ASN32934 (FACEBOOK, US)
connect.facebook.net
9    2606:4700::6812:1005 (United States)

ASN13335 (CLOUDFLARENET, US)
js.qualified.com
assets.qualified.com
1    2606:4700:3036::ac43:dfcf (United States)

ASN13335 (CLOUDFLARENET, US)
v2.listenloop.com
1    108.138.106.124 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-106-124.jfk50.r.cloudfront.net
static.hotjar.com
1    44.209.137.118 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-209-137-118.compute-1.amazonaws.com
dx.mountain.com
2    2607:f8b0:4006:80b::200e (Nutley, United States)

ASN15169 (GOOGLE, US)
google.com
1    2606:4700::6811:eacc (United States)

ASN13335 (CLOUDFLARENET, US)
js.hsleadflows.net
1    2606:4700::6811:46b0 (United States)

ASN13335 (CLOUDFLARENET, US)
js.hs-analytics.net
3    2606:4700:4400::6812:21ab (United States)

ASN13335 (CLOUDFLARENET, US)
js.hs-banner.com
1    52.85.61.11 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-61-11.ewr53.r.cloudfront.net
api.omappapi.com
1    2606:4700:20::6818:450b (United States)

ASN13335 (CLOUDFLARENET, US)
kriya.ai
1    2606:4700:20::681a:e5c (United States)

ASN13335 (CLOUDFLARENET, US)
kalendar.ai
1    2606:4700::6810:5805 (United States)

ASN13335 (CLOUDFLARENET, US)
forms.hsforms.com
3    2607:f8b0:4004:c1b::9d (Washington, United States)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    209.128.119.150 (United States)

ASN7151 (BAYAREA-AS, US)
PTR: 209-128-119-150.bayarea.net
stats.sa-as.com
3    2600:9000:21ec:2c00:2:53b2:240:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.linkedin.oribi.io
6    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
www.linkedin.com
1    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px4.ads.linkedin.com
6    2607:f8b0:4006:807::2004 (Nutley, United States)

ASN15169 (GOOGLE, US)
www.google.com
1    2606:4700::6810:5605 (United States)

ASN13335 (CLOUDFLARENET, US)
forms-na1.hsforms.com
2    151.101.1.140 (United States)

ASN54113 (FASTLY, US)
alb.reddit.com
1    104.244.42.197 (United States)

ASN13414 (TWITTER, US)
t.co
1    104.244.42.67 (United States)

ASN13414 (TWITTER, US)
analytics.twitter.com
4    54.242.17.147 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-242-17-147.compute-1.amazonaws.com
scout.salesloft.com
scout.us1.salesloft.com
1    2001:4860:4802:32::181 (United States)

ASN15169 (GOOGLE, US)
analytics.google.com
4    34.111.208.231 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 231.208.111.34.bc.googleusercontent.com
ibc-flow.techtarget.com
4    18.164.96.87 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-96-87.jfk50.r.cloudfront.net
script.hotjar.com
1    44.212.189.233 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-212-189-233.compute-1.amazonaws.com
44.212.189.233
3    2606:4700::6810:5705 (United States)

ASN13335 (CLOUDFLARENET, US)
perf.hsforms.com
4    54.227.196.180 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-227-196-180.compute-1.amazonaws.com
abm2.listenloop.com
5    2a03:2880:f112:83:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    104.244.42.72 (United States)

ASN13414 (TWITTER, US)
syndication.twitter.com
4    100.20.44.23 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-100-20-44-23.us-west-2.compute.amazonaws.com
ads.kwanzoo.com
2    142.250.80.102 (Glen Cove, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s36-in-f6.1e100.net
ad.doubleclick.net
1    2607:f8b0:4006:808::2002 (Nutley, United States)

ASN15169 (GOOGLE, US)
adservice.google.com
1    34.214.245.73 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-214-245-73.us-west-2.compute.amazonaws.com
gw.linkedin.oribi.io
1    46.51.204.8 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-46-51-204-8.eu-west-1.compute.amazonaws.com
in.hotjar.com
1    34.226.2.205 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-226-2-205.compute-1.amazonaws.com
app.qualified.com
2    54.83.70.205 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-83-70-205.compute-1.amazonaws.com
segment.prod.bidr.io
2    52.37.218.4 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-37-218-4.us-west-2.compute.amazonaws.com
px.mountain.com
1    18.203.61.230 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-203-61-230.eu-west-1.compute.amazonaws.com
content.hotjar.io
1    35.188.42.15 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 15.42.188.35.bc.googleusercontent.com
sentry.io
1    54.230.163.60 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-163-60.ewr53.r.cloudfront.net
images.kwanzoo.com
1    34.212.4.35 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-212-4-35.us-west-2.compute.amazonaws.com
gs.mountain.com
1    52.4.213.160 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-4-213-160.compute-1.amazonaws.com
pipedream.wistia.com
7    2600:9000:23cb:3800:6:9280:1080:93a1 (United States)

ASN16509 (AMAZON-02, US)
s.adroll.com
2    2600:1f18:61c0:2206:b90b:56a2:60a4:423a (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
d.adroll.com
1    34.235.250.11 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-235-250-11.compute-1.amazonaws.com
ipv4.d.adroll.com
1    13.226.39.47 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-39-47.ewr53.r.cloudfront.net
surveystats.hotjar.io
1    52.216.33.130 (None, )

ASN- ()
qualified-production.s3.us-east-1.amazonaws.com
Apex Domain
Subdomains		 Transfer
39 contrastsecurity.com
sales.contrastsecurity.com
www.contrastsecurity.com — Cisco Umbrella Rank: 815836
3 MB
10 adroll.com
s.adroll.com — Cisco Umbrella Rank: 2412
d.adroll.com — Cisco Umbrella Rank: 1215
ipv4.d.adroll.com — Cisco Umbrella Rank: 11353
26 KB
10 google.com
google.com — Cisco Umbrella Rank: 1
www.google.com — Cisco Umbrella Rank: 2
analytics.google.com — Cisco Umbrella Rank: 292
adservice.google.com — Cisco Umbrella Rank: 68
2 KB
10 qualified.com
js.qualified.com — Cisco Umbrella Rank: 22568
app.qualified.com — Cisco Umbrella Rank: 23721
assets.qualified.com — Cisco Umbrella Rank: 24110
977 KB
9 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 32
stats.g.doubleclick.net — Cisco Umbrella Rank: 76
ad.doubleclick.net — Cisco Umbrella Rank: 168
8 KB
8 hubspot.com
no-cache.hubspot.com — Cisco Umbrella Rank: 10083
app.hubspot.com — Cisco Umbrella Rank: 5247
cta-service-cms2.hubspot.com — Cisco Umbrella Rank: 9851
track.hubspot.com — Cisco Umbrella Rank: 2140
8 KB
8 linkedin.com
platform.linkedin.com — Cisco Umbrella Rank: 3044
px.ads.linkedin.com — Cisco Umbrella Rank: 333
www.linkedin.com — Cisco Umbrella Rank: 564
px4.ads.linkedin.com — Cisco Umbrella Rank: 6243
165 KB
6 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 607
script.hotjar.com — Cisco Umbrella Rank: 738
in.hotjar.com — Cisco Umbrella Rank: 1662
110 KB
6 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 147
439 KB
6 salesloft.com
app.salesloft.com — Cisco Umbrella Rank: 32517
scout-cdn.salesloft.com — Cisco Umbrella Rank: 11317
scout.salesloft.com — Cisco Umbrella Rank: 13430
scout.us1.salesloft.com — Cisco Umbrella Rank: 65637
5 KB
5 kwanzoo.com
ads.kwanzoo.com — Cisco Umbrella Rank: 360060
images.kwanzoo.com — Cisco Umbrella Rank: 938654
42 KB
5 facebook.com
www.facebook.com — Cisco Umbrella Rank: 108
264 B
5 hsforms.com
forms.hsforms.com — Cisco Umbrella Rank: 3785
forms-na1.hsforms.com — Cisco Umbrella Rank: 6124
perf.hsforms.com — Cisco Umbrella Rank: 10723
3 KB
5 listenloop.com
v2.listenloop.com — Cisco Umbrella Rank: 44124
abm2.listenloop.com — Cisco Umbrella Rank: 43658
70 KB
5 techtarget.com
trk.techtarget.com — Cisco Umbrella Rank: 14706
ibc-flow.techtarget.com — Cisco Umbrella Rank: 18793
2 KB
4 oribi.io
cdn.linkedin.oribi.io — Cisco Umbrella Rank: 812
gw.linkedin.oribi.io — Cisco Umbrella Rank: 12958
25 KB
4 twitter.com
platform.twitter.com — Cisco Umbrella Rank: 771
analytics.twitter.com — Cisco Umbrella Rank: 612
syndication.twitter.com — Cisco Umbrella Rank: 1148
131 KB
4 mountain.com
dx.mountain.com — Cisco Umbrella Rank: 6958
px.mountain.com — Cisco Umbrella Rank: 7074
gs.mountain.com — Cisco Umbrella Rank: 12376
8 KB
3 hs-banner.com
js.hs-banner.com — Cisco Umbrella Rank: 1981
16 KB
3 wistia.com
fast.wistia.com — Cisco Umbrella Rank: 3852
pipedream.wistia.com — Cisco Umbrella Rank: 6366
123 KB
3 bing.com
bat.bing.com — Cisco Umbrella Rank: 346
12 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 25
20 KB
3 omappapi.com
a.omappapi.com — Cisco Umbrella Rank: 4674
api.omappapi.com — Cisco Umbrella Rank: 4830
23 KB
2 hotjar.io
content.hotjar.io — Cisco Umbrella Rank: 6133
surveystats.hotjar.io — Cisco Umbrella Rank: 21675
626 B
2 bidr.io
segment.prod.bidr.io — Cisco Umbrella Rank: 6473
1 KB
2 reddit.com
alb.reddit.com — Cisco Umbrella Rank: 1503
230 B
2 sa-as.com
stats.sa-as.com — Cisco Umbrella Rank: 64042
1 KB
2 kickfire.com
api.kickfire.com — Cisco Umbrella Rank: 36097
499 B
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 42
181 KB
2 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 337
9 KB
2 hubspot.net
cdn2.hubspot.net — Cisco Umbrella Rank: 7416
8 KB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 194
90 KB
2 mimecast.com
protect-us.mimecast.com — Cisco Umbrella Rank: 8691
4 KB
1 amazonaws.com
qualified-production.s3.us-east-1.amazonaws.com
10 KB
1 sentry.io
sentry.io — Cisco Umbrella Rank: 237
407 B
1 t.co
t.co — Cisco Umbrella Rank: 507
374 B
1 kalendar.ai
kalendar.ai — Cisco Umbrella Rank: 995335
3 KB
1 kriya.ai
kriya.ai
433 B
1 hs-analytics.net
js.hs-analytics.net — Cisco Umbrella Rank: 1977
21 KB
1 hsleadflows.net
js.hsleadflows.net — Cisco Umbrella Rank: 3917
87 KB
1 redditstatic.com
www.redditstatic.com — Cisco Umbrella Rank: 1352
8 KB
1 licdn.com
snap.licdn.com — Cisco Umbrella Rank: 692
5 KB
1 ads-twitter.com
static.ads-twitter.com — Cisco Umbrella Rank: 619
15 KB
1 googleusercontent.com
lh3.googleusercontent.com — Cisco Umbrella Rank: 59
72 KB
1 rawgit.com
cdn.rawgit.com — Cisco Umbrella Rank: 10703
722 B
0 engagio.com Failed
web-analytics.engagio.com Failed
182 46
Domain Requested by
38 www.contrastsecurity.com www.contrastsecurity.com
8 assets.qualified.com www.contrastsecurity.com
app.qualified.com
assets.qualified.com
7 s.adroll.com 2 redirects www.contrastsecurity.com
s.adroll.com
6 www.google.com www.contrastsecurity.com
6 connect.facebook.net www.contrastsecurity.com
connect.facebook.net
5 track.hubspot.com
5 www.facebook.com www.contrastsecurity.com
5 px.ads.linkedin.com 3 redirects www.contrastsecurity.com
4 ads.kwanzoo.com 2 redirects www.googletagmanager.com
ads.kwanzoo.com
4 abm2.listenloop.com v2.listenloop.com
4 script.hotjar.com static.hotjar.com
script.hotjar.com
4 ibc-flow.techtarget.com trk.techtarget.com
4 googleads.g.doubleclick.net www.googletagmanager.com
3 perf.hsforms.com www.contrastsecurity.com
3 cdn.linkedin.oribi.io snap.licdn.com
3 stats.g.doubleclick.net www.google-analytics.com
www.googletagmanager.com
3 js.hs-banner.com www.contrastsecurity.com
js.hs-banner.com
3 bat.bing.com www.googletagmanager.com
bat.bing.com
www.contrastsecurity.com
3 www.google-analytics.com www.googletagmanager.com
www.contrastsecurity.com
www.google-analytics.com
2 d.adroll.com 1 redirects s.adroll.com
2 px.mountain.com dx.mountain.com
www.contrastsecurity.com
2 segment.prod.bidr.io 1 redirects www.contrastsecurity.com
2 ad.doubleclick.net 2 redirects
2 scout.us1.salesloft.com www.contrastsecurity.com
2 scout.salesloft.com scout-cdn.salesloft.com
2 alb.reddit.com www.contrastsecurity.com
2 stats.sa-as.com www.googletagmanager.com
www.contrastsecurity.com
2 platform.twitter.com www.contrastsecurity.com
platform.twitter.com
2 google.com www.googletagmanager.com
2 api.kickfire.com www.contrastsecurity.com
2 fast.wistia.com www.googletagmanager.com
fast.wistia.com
2 www.googletagmanager.com www.contrastsecurity.com
www.googletagmanager.com
2 a.omappapi.com www.contrastsecurity.com
a.omappapi.com
2 cdn.jsdelivr.net www.contrastsecurity.com
cdn.rawgit.com
2 cdn2.hubspot.net www.contrastsecurity.com
2 cdnjs.cloudflare.com www.contrastsecurity.com
cdnjs.cloudflare.com
2 protect-us.mimecast.com 2 redirects
1 qualified-production.s3.us-east-1.amazonaws.com
1 surveystats.hotjar.io script.hotjar.com
1 ipv4.d.adroll.com
1 pipedream.wistia.com fast.wistia.com
1 gs.mountain.com www.contrastsecurity.com
1 images.kwanzoo.com ads.kwanzoo.com
1 sentry.io assets.qualified.com
1 content.hotjar.io script.hotjar.com
1 app.qualified.com js.qualified.com
1 in.hotjar.com script.hotjar.com
1 gw.linkedin.oribi.io cdn.linkedin.oribi.io
1 adservice.google.com www.contrastsecurity.com
1 syndication.twitter.com platform.twitter.com
1 analytics.google.com www.googletagmanager.com
1 analytics.twitter.com www.contrastsecurity.com
1 t.co www.contrastsecurity.com
1 forms-na1.hsforms.com www.contrastsecurity.com
1 px4.ads.linkedin.com www.contrastsecurity.com
1 www.linkedin.com 1 redirects
1 cta-service-cms2.hubspot.com www.contrastsecurity.com
1 forms.hsforms.com www.contrastsecurity.com
1 kalendar.ai www.contrastsecurity.com
1 kriya.ai 1 redirects
1 app.hubspot.com www.contrastsecurity.com
1 api.omappapi.com a.omappapi.com
1 js.hs-analytics.net www.contrastsecurity.com
1 js.hsleadflows.net www.contrastsecurity.com
1 dx.mountain.com www.contrastsecurity.com
1 static.hotjar.com www.contrastsecurity.com
1 v2.listenloop.com www.contrastsecurity.com
1 js.qualified.com www.googletagmanager.com
1 trk.techtarget.com www.contrastsecurity.com
1 scout-cdn.salesloft.com www.contrastsecurity.com
1 www.redditstatic.com www.googletagmanager.com
1 snap.licdn.com www.googletagmanager.com
1 static.ads-twitter.com www.googletagmanager.com
1 lh3.googleusercontent.com www.contrastsecurity.com
1 no-cache.hubspot.com www.contrastsecurity.com
1 platform.linkedin.com www.contrastsecurity.com
1 cdn.rawgit.com 1 redirects
1 app.salesloft.com 1 redirects
1 sales.contrastsecurity.com 1 redirects
0 web-analytics.engagio.com Failed www.contrastsecurity.com
182 80
Subject Issuer Validity Valid
www.contrastsecurity.com
Cloudflare Inc ECC CA-3		 2022-06-15 -
2023-06-15		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-08-03 -
2023-08-02		 a year crt.sh
hubspot.net
Cloudflare Inc ECC CA-3		 2022-05-06 -
2023-05-06		 a year crt.sh
platform.linkedin.com
DigiCert SHA2 Secure Server CA		 2023-02-27 -
2023-08-27		 6 months crt.sh
hubspot.com
Cloudflare Inc ECC CA-3		 2023-02-05 -
2024-02-05		 a year crt.sh
a.omappapi.com
R3		 2023-02-27 -
2023-05-28		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-02-20 -
2023-05-15		 3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2022 Q4		 2022-12-23 -
2024-01-24		 a year crt.sh
*.googleusercontent.com
GTS CA 1C3		 2023-02-20 -
2023-05-15		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-02-20 -
2023-05-15		 3 months crt.sh
www.bing.com
Microsoft RSA TLS CA 02		 2023-02-16 -
2023-08-16		 6 months crt.sh
ads-twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-07-22 -
2023-08-22		 a year crt.sh
snap.licdn.com
DigiCert SHA2 Secure Server CA		 2023-02-01 -
2024-01-31		 a year crt.sh
www.redditstatic.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-16 -
2023-05-15		 6 months crt.sh
salesloft.com
Sectigo RSA Domain Validation Secure Server CA		 2022-03-16 -
2023-04-14		 a year crt.sh
fast.wistia.com
GlobalSign Atlas R3 DV TLS CA 2022 Q3		 2022-09-28 -
2023-10-30		 a year crt.sh
api.kickfire.com
Amazon RSA 2048 M02		 2023-02-15 -
2024-03-15		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-01-10 -
2023-03-23		 2 months crt.sh
*.hotjar.com
Amazon ECDSA 256 M01		 2023-03-09 -
2024-04-06		 a year crt.sh
*.mountain.com
Go Daddy Secure Certificate Authority - G2		 2022-05-21 -
2023-06-22		 a year crt.sh
*.google.com
GTS CA 1C3		 2023-02-20 -
2023-05-15		 3 months crt.sh
platform.twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-07-21 -
2023-08-21		 a year crt.sh
api.opmnstr.com
Amazon RSA 2048 M01		 2023-03-01 -
2024-02-08		 a year crt.sh
stats.sa-as.com
Sectigo RSA Domain Validation Secure Server CA		 2023-02-09 -
2024-02-09		 a year crt.sh
linkedin.oribi.io
Amazon RSA 2048 M01		 2023-02-24 -
2023-08-06		 5 months crt.sh
www.google.com
GTS CA 1C3		 2023-02-20 -
2023-05-15		 3 months crt.sh
*.reddit.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-16 -
2023-05-14		 6 months crt.sh
t.co
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-01 -
2024-02-01		 a year crt.sh
*.twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-31 -
2024-01-30		 a year crt.sh
ibc-flow.techtarget.com
GTS CA 1D4		 2023-02-05 -
2023-05-06		 3 months crt.sh
44.212.189.233
Sectigo RSA Domain Validation Secure Server CA		 2023-02-15 -
2024-02-15		 a year crt.sh
*.listenloop.com
GeoTrust Global TLS RSA4096 SHA256 2022 CA1		 2022-06-16 -
2023-06-19		 a year crt.sh
syndication.twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-31 -
2024-01-30		 a year crt.sh
*.kwanzoo.com
Amazon RSA 2048 M01		 2023-02-10 -
2024-02-07		 a year crt.sh
www.linkedin.com
DigiCert SHA2 Secure Server CA		 2023-03-07 -
2023-09-07		 6 months crt.sh
app.qualified.com
R3		 2023-01-20 -
2023-04-20		 3 months crt.sh
*.hotjar.io
Amazon ECDSA 256 M02		 2023-03-02 -
2024-03-30		 a year crt.sh
sentry.io
DigiCert TLS RSA SHA256 2020 CA1		 2022-06-03 -
2023-07-04		 a year crt.sh
*.wistia.com
Amazon RSA 2048 M01		 2023-01-31 -
2024-02-29		 a year crt.sh
s.adroll.com
Amazon RSA 2048 M02		 2023-02-24 -
2023-08-01		 5 months crt.sh
d.adroll.com
Amazon RSA 2048 M01		 2022-11-08 -
2023-12-07		 a year crt.sh
s3.amazonaws.com
Amazon RSA 2048 M01		 2022-12-06 -
2023-12-05		 a year crt.sh

This page contains 6 frames:

Primary Page: https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
Frame ID: 15BEDC25EF24DBEE9311F9CC9171A1D5
Requests: 161 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2Fwww.contrastsecurity.com
Frame ID: 550E33313A4F36B749A16D21FF3F5404
Requests: 2 HTTP requests in this frame

Frame: https://app.qualified.com/w/1/PK6AWFzWvCM5V41V/messenger?uuid=66c4e1e1-bb38-44ce-a187-775347536669
Frame ID: 28E8106C8010B4EB16EB14BD69D1498B
Requests: 11 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 50E71CA6C3E2AF38EAD49DFCE549D93F
Requests: 1 HTTP requests in this frame

Frame: https://ads.kwanzoo.com/widget/inactive/10260
Frame ID: 77817D96E059286E91CD2E3055106329
Requests: 2 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: DD9A49D0796A3DEA1B1BCAAEC7B05711
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

JSON-based SQL attacks bypassed WAFs but not Contrast Protect RASP technology | Contrast Security

Page URL History Show full URLs

  1. https://protect-us.mimecast.com/s/aQiHCADogZhmpvN5IGuWoE?domain=sales.contrastsecurity.com HTTP 307
    https://protect-us.mimecast.com/r/YtPTB6TWjTDGl7Pau6h2nyk0VGG9M1mY_E2QlZIr-zaoUjuwb2MvlaxUtMLtJCsgOJM2gqEaXs... HTTP 307
    https://sales.contrastsecurity.com/t/10569/c/d31d9ad1-d130-4943-8fac-cbe1bb1ba3b0/NB2HI4DTHIXS653XO4XGG33OORZGC... HTTP 302
    https://app.salesloft.com/t/10569/c/d31d9ad1-d130-4943-8fac-cbe1bb1ba3b0/NB2HI4DTHIXS653XO4XGG33OORZGC... HTTP 302
    https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-p... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • (?:a|s)\.adroll\.com
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/
Overall confidence: 100%
Detected patterns
  • js\.hs-analytics\.net/analytics
Overall confidence: 100%
Detected patterns
  • //platform\.linkedin\.com/in\.js
Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js
Overall confidence: 100%
Detected patterns
  • //platform\.twitter\.com/widgets\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
  • //cdn\.jsdelivr\.net/

Page Statistics

182
Requests

93 %
HTTPS

53 %
IPv6

46
Domains

80
Subdomains

68
IPs

2
Countries

6053 kB
Transfer

12884 kB
Size

51
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://protect-us.mimecast.com/s/aQiHCADogZhmpvN5IGuWoE?domain=sales.contrastsecurity.com HTTP 307
    https://protect-us.mimecast.com/r/YtPTB6TWjTDGl7Pau6h2nyk0VGG9M1mY_E2QlZIr-zaoUjuwb2MvlaxUtMLtJCsgOJM2gqEaXs-6zACsDVkii6H-pIf1J4R23CDYQXtrZvECi11mHbwL0p5xrlZQg7mh4yS62LdsIT-Hzmg1daN1f_6L5h7JW-hFoElZG0mgvh5rHG6SajUsjawTylUqPRweWzvbTWOgrV8XtaF1NBKwBqiqbMdRlSDP22KPBban-6RyD01LDERe-t_iNS3hLzaWdBloeuH68LIWyKPoe5Upeyc8IUkcjZDw8DzuBB9Z8JDn6u8w_Ug6uwunYbF2ZGr244-cp2BHBtwwRJWYbu6Qn-2jNHIZGoEzm5tK32fR_Ku-0Sy2LUmHZU8psR7Ba5Zfzm828guSKE7LP2eao7BESkg0xVzdAVd3fFfkSogVkQcNRDBUuDoKM1UA40o4UjtJT7kAW6x3AUmWIR3AOwwbiY5HfAr85bEBGW5AAsbkfh5Z91_yJayPMvQed8HPEQzN6oJoLH7Zd4LCcTFuJ2IFx1g9k_DBDUVmtbj-xtMhJ1MhSS9iaAWJrBVHfwFa0UCBy_6eN2Cv4coDxReRRIznOarb9JYJaSJMBqGPbSjvTKjSraRrftPM7BlX6mddbDccHD8RjE-srS2rOVqgI9yRM0m_6kirvECyFWdG-IzQ3YyMoM2fQVwE2NG-pl5NduxhfaRxmX8RKPm3BbRktZCWp66jD0h7LsWyB8_UdImtLr2uHQOt4CfMwKPBQJSMXOc-5daBrWFP3WiG0akJqDabs9TJt1UzTzNxWA_ZIRwQsvdWSVm9rbsq9ocWyZX50MzQRdK3siRdAnHXlccTJFOJQ-3u-MIDAEKQ_aBJJ8xE6Q34Ua-86TWUj4uU-4CAGetxWwKi9ntUsL5SjSuZUTjrkqHPBsGnB2f697G61d2xMXD3ZzEVpz7uPf0awG-ohvjJ0l8NIOLtH_Px3E_JtAJoeTK3VAgQ0r5YZMZizuW9olfN91AO_s5y3TrP6X_jBCTQp3RLb_tFQikgahg624BOqHDSBIhcoGCfMcPRS9rMiv1kKZB9X3crgixT1wu4Eb1h05CHmnrnoPv9DifL276jmG9m9_CPeukmUaidnX2sdhIwzx_nA3V2_xPOXZejmkJH1QJzy_xu07PPqWXJPOrFhiFtXbtrOWWDA6Sm-M9eTueNpqDTaGcfAe2WLn09L5ieYptlR53H6tLO8zlnjaa9HAnPgVorkwPBV1y9Gih0Zz2SUJKRMjoUfk4guLlcxyDJxyhs3ty5ZkG3bfeI0-MNVowDJ79vzoRm7FawUIKcgn-qvcDfF8sIuguMq2nDdHp9fme38p2raz7i9XihWSmB3E-8l1cxwI7mGq3rd7ugOolP_Fh-Dm8OCPCHoj11Rvk4ZTS7_Tzn8kKEALoB6ZhixUR-JH8PrmaiLfvJzQr8s7pS-N4CZYJ9NxB3YUdqGsYken6_Z2k-sxPcgAMBEs2lJOBl8JO5AgjZ8Qvx-54c6TDPRjW3Yy_VwUBMJOHaFF_44JB7LT5RJckTk9kWH2q1_u8nqWGZ30S7vViMKw-LhoXaMQD4Nu1pjaH2MLbn_zZMfvFIuyH-ImzIkexw83IVa2FbNx5eu06wdnFWbkAK4hMH_ABxZeXhBtuzFKIF7rkDCj9ReYPagPlyOEr5IMz-yqEZpc0EA_dMwPEWckjylQ8zM00ilH4kEM7s7457Zqw9IrXkyCBzcIWJz9fcP018nF0d5PdIh0zStXjg42vQurvpOZzP8S66unS1crP-TxulwtGRkgJRipV1IllorvwMNMXfysG4jDlkOM9s-Kg996F4Etx0gu0CTWMiDAmQOM4LpIhfKnVnwONWEQbmvTTwPLoPlg8XyeAAITHgQHOory9Y2aBB4Y-VoFqcTLXycx-MzchDvS53HYCfoA1_6gfgwJ0GGp-aNNiIDiSW5CvUcI61AdL-ZRnA-uOljapJoIuQWaYz3eoZ352ynWFOCSVO5I8_o5rETNlm6IVHMbQEnwAAomCj40Cv9E_YNDMQRVePSqL5Me-zsNm_cTPQgy5whfeuQKW92Hp9ZGUlIv0we6PUu7k8W23NLMJauSIYrJ0MCWGrnAvRSJKN_y8SBsXO3Tjx5zQfBGiH6iVgJZ_ZPiadbMnSVMoQmydbbyDCj1c9n4frl-XNzShS1PyHYWtsHmmtrHz4CJXNw6btMmhc0BK2nT-LOyq0LoeL599bmnrIOGDoMSQxgOmJYz3ZNISeJrJ2gvhWwrlhmqf9hBloHQXzqWoWzX4ktN9Hj-9HiAlscuogdTaPnxyJ6Rs8_agWWWga2P5EMDgXCYVd1hyostgMP0VWJ6g4pcPGiUq7H52EeVEkzqzxTmi5Y5HOnYOwMdm6uEiej2AAvdbkPZr0p3qanPE-XE0aSAqvainryBj9nUiAKMFk9WClYj2mS1H0-HkXcKNIdf6qNbRngbd57D7EoaLHRN3SUWQcbzJw8BYVQzroGV3CqwDxmHHBwy8-yDTBemQptOZ4htn-R6NsWV1Y0rYMNmer7VuSfzQTHGTwz614mkbZngaQJib33PnXUZcp1SGRbs745IHeGnEXwXZx0mKgixX0SaODPNGXgiHdOirVn_6aannAILY7dNspCEVaH0nn-ZUq8SWc5UK4fdd55RJ6LSN2fD9qmzcGIF_XdepwW9Zx_S55ckiOoxi5OA HTTP 307
    https://sales.contrastsecurity.com/t/10569/c/d31d9ad1-d130-4943-8fac-cbe1bb1ba3b0/NB2HI4DTHIXS653XO4XGG33OORZGC43UONSWG5LSNF2HSLTDN5WS643FMN2XE2LUPEWWS3TGNR2WK3TDMVZHGL3KONXW4LLCMFZWKZBNONYWYLLBOR2GCY3LOMWWE6LQMFZXGZLEFV3WCZTTFVRHK5BNNZXXILLDN5XHI4TBON2C24DSN52GKY3UH5YV63LBNFWGS3THL4ZE2MSGGNBEW42FI42HKZSUK5FHUUSFGVJTMMSXM5XEQUKYKVYTC4RUJVJT2UTOK5ZDQQL2MFCXOZBUOY3FOWDZLBTXEUKXIN2HG2TGGJMVAS2KINDWM22HNFDFQ4DUG5YHKNCBGNYU4YK2KB3TEZTQEZZWE4TDHUYXOR3TPFBVC2TSHBYEC52EIRZXSNSII5BHA5ZFGNCCKM2EEUZDI4CFINLGE5BUJRZXOZ3VI5HTA6DYJRJFMNSREUZUIJJTIQ======/www-contrastsecurity-com-security-influencers-json-based-sql-attacks-bypass HTTP 302
    https://app.salesloft.com/t/10569/c/d31d9ad1-d130-4943-8fac-cbe1bb1ba3b0/NB2HI4DTHIXS653XO4XGG33OORZGC43UONSWG5LSNF2HSLTDN5WS643FMN2XE2LUPEWWS3TGNR2WK3TDMVZHGL3KONXW4LLCMFZWKZBNONYWYLLBOR2GCY3LOMWWE6LQMFZXGZLEFV3WCZTTFVRHK5BNNZXXILLDN5XHI4TBON2C24DSN52GKY3UH5YV63LBNFWGS3THL4ZE2MSGGNBEW42FI42HKZSUK5FHUUSFGVJTMMSXM5XEQUKYKVYTC4RUJVJT2UTOK5ZDQQL2MFCXOZBUOY3FOWDZLBTXEUKXIN2HG2TGGJMVAS2KINDWM22HNFDFQ4DUG5YHKNCBGNYU4YK2KB3TEZTQEZZWE4TDHUYXOR3TPFBVC2TSHBYEC52EIRZXSNSII5BHA5ZFGNCCKM2EEUZDI4CFINLGE5BUJRZXOZ3VI5HTA6DYJRJFMNSREUZUIJJTIQ======/www-contrastsecurity-com-security-influencers-json-based-sql-attacks-bypass HTTP 302
    https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10
  • https://cdn.rawgit.com/google/code-prettify/master/loader/run_prettify.js HTTP 301
  • https://cdn.jsdelivr.net/gh/google/code-prettify@master/loader/run_prettify.js
Request Chain 76
  • https://kriya.ai/tracking.min.js?t=1678924800000 HTTP 301
  • https://kalendar.ai/tracking.min.js?t=1678924800000
Request Chain 84
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1283858%2C1155724&time=1678900023140&url=https%3A%2F%2Fwww.contrastsecurity.com%2Fsecurity-influencers%2Fjson-based-sql-attacks-bypassed-wafs-but-not-contrast-protect%3Fq_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS%3DRnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp%26sbrc%3D1wGsyCQjr8pAwDDsy6HGBpw%253D%253D%2524pECVbt4LswguGO0xxLRV6Q%253D%253D HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1283858%2C1155724&time=1678900023140&url=https%3A%2F%2Fwww.contrastsecurity.com%2Fsecurity-influencers%2Fjson-based-sql-attacks-bypassed-wafs-but-not-contrast-protect%3Fq_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS%3DRnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp%26sbrc%3D1wGsyCQjr8pAwDDsy6HGBpw%253D%253D%2524pECVbt4LswguGO0xxLRV6Q%253D%253D&cookiesTest=true HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1283858%252C1155724%26time%3D1678900023140%26url%3Dhttps%253A%252F%252Fwww.contrastsecurity.com%252Fsecurity-influencers%252Fjson-based-sql-attacks-bypassed-wafs-but-not-contrast-protect%253Fq_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS%253DRnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp%2526sbrc%253D1wGsyCQjr8pAwDDsy6HGBpw%25253D%25253D%252524pECVbt4LswguGO0xxLRV6Q%25253D%25253D%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1283858%2C1155724&time=1678900023140&url=https%3A%2F%2Fwww.contrastsecurity.com%2Fsecurity-influencers%2Fjson-based-sql-attacks-bypassed-wafs-but-not-contrast-protect%3Fq_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS%3DRnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp%26sbrc%3D1wGsyCQjr8pAwDDsy6HGBpw%253D%253D%2524pECVbt4LswguGO0xxLRV6Q%253D%253D&cookiesTest=true&liSync=true HTTP 302
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1283858%2C1155724&time=1678900023140&url=https%3A%2F%2Fwww.contrastsecurity.com%2Fsecurity-influencers%2Fjson-based-sql-attacks-bypassed-wafs-but-not-contrast-protect%3Fq_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS%3DRnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp%26sbrc%3D1wGsyCQjr8pAwDDsy6HGBpw%253D%253D%2524pECVbt4LswguGO0xxLRV6Q%253D%253D&cookiesTest=true&liSync=true&e_ipv6=AQIlpwT9ookqYgAAAYbmPVJYc6Aju-uZaFRuLpnlVwz_htF9x-fCn5uADyp5aR70_4G-XQ
Request Chain 127
  • https://ad.doubleclick.net/ddm/activity/src=10230617;type=invmedia;cat=contr0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1772222060399.9373 HTTP 302
  • https://ad.doubleclick.net/ddm/activity/src=10230617;dc_pre=CMuDnfy13v0CFVPThwodlF4Hkg;type=invmedia;cat=contr0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1772222060399.9373 HTTP 302
  • https://adservice.google.com/ddm/fls/z/src=10230617;dc_pre=CMuDnfy13v0CFVPThwodlF4Hkg;type=invmedia;cat=contr0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1772222060399.9373
Request Chain 136
  • https://segment.prod.bidr.io/associate-segment?buzz_key=listenloop&segment_key=listenloop-17338&value= HTTP 303
  • https://segment.prod.bidr.io/associate-segment?buzz_key=listenloop&segment_key=listenloop-17338&value=&_bee_ppp=1
Request Chain 149
  • https://ads.kwanzoo.com/wvt-iframe/load?widgetId=10260 HTTP 302
  • https://ads.kwanzoo.com/widget/inactive/10260
Request Chain 151
  • https://ads.kwanzoo.com/images/kz-activate-large.png HTTP 302
  • https://images.kwanzoo.com/images/kz-activate-large.png
Request Chain 163
  • https://s.adroll.com/j/exp/VJKDLRPA7BENBB4U4RXOU7/index.js HTTP 302
  • https://s.adroll.com/j/exp/index.js
Request Chain 164
  • https://s.adroll.com/j/pre/VJKDLRPA7BENBB4U4RXOU7/VXQG2LUZHVGHXJH2MENZ6J/fpconsent.js HTTP 302
  • https://s.adroll.com/j/pre/index.js
Request Chain 169
  • https://d.adroll.com/pixel/VJKDLRPA7BENBB4U4RXOU7/VXQG2LUZHVGHXJH2MENZ6J?adroll_fpc=7af0a7094b45610196528598fddbc2e4-1678900025495&pv=16715770149.123266&arrfrr=https%3A%2F%2Fwww.contrastsecurity.com%2Fsecurity-influencers%2Fjson-based-sql-attacks-bypassed-wafs-but-not-contrast-protect%3Fq_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS%3DRnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp%26sbrc%3D1wGsyCQjr8pAwDDsy6HGBpw%253D%253D%2524pECVbt4LswguGO0xxLRV6Q%253D%253D&cookie=&adroll_s_ref=&keyw= HTTP 302
  • https://s.adroll.com/pixel/VJKDLRPA7BENBB4U4RXOU7/VXQG2LUZHVGHXJH2MENZ6J/YZGK5PMP5FCABEOUZMDNCL.js

182 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect
www.contrastsecurity.com/security-influencers/
Redirect Chain
  • https://protect-us.mimecast.com/s/aQiHCADogZhmpvN5IGuWoE?domain=sales.contrastsecurity.com
  • https://protect-us.mimecast.com/r/YtPTB6TWjTDGl7Pau6h2nyk0VGG9M1mY_E2QlZIr-zaoUjuwb2MvlaxUtMLtJCsgOJM2gqEaXs-6zACsDVkii6H-pIf1J4R23CDYQXtrZvECi11mHbwL0p5xrlZQg7mh4yS62LdsIT-Hzmg1daN1f_6L5h7JW-hFoEl...
  • https://sales.contrastsecurity.com/t/10569/c/d31d9ad1-d130-4943-8fac-cbe1bb1ba3b0/NB2HI4DTHIXS653XO4XGG33OORZGC43UONSWG5LSNF2HSLTDN5WS643FMN2XE2LUPEWWS3TGNR2WK3TDMVZHGL3KONXW4LLCMFZWKZBNONYWYLLBOR2...
  • https://app.salesloft.com/t/10569/c/d31d9ad1-d130-4943-8fac-cbe1bb1ba3b0/NB2HI4DTHIXS653XO4XGG33OORZGC43UONSWG5LSNF2HSLTDN5WS643FMN2XE2LUPEWWS3TGNR2WK3TDMVZHGL3KONXW4LLCMFZWKZBNONYWYLLBOR2GCY3LOMWW...
  • https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCG...
136 KB
20 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
2de622a0c0f84fd1617039cce0f586d5763e276a62153a96bb6f62693535cb50
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
cf-ray
7a8659a91914d15b-BUF
content-encoding
br
content-security-policy
upgrade-insecure-requests
content-type
text/html; charset=UTF-8
date
Wed, 15 Mar 2023 17:07:01 GMT
edge-cache-tag
CT-100983843633,CG-1493724588,CG-203759,P-203759,CW-63370865255,CW-63372231476,CW-65626090029,E-1787458339,E-63747633477,E-63854006692,E-63854083398,E-63860703006,E-63861701158,E-63863738482,E-65473034250,E-67980816270,E-68647724412,E-68648114856,MENU-63761649167,PGS-ALL,SW-0,B-1493724588,GC-63755362050,GC-63758295990,GC-64005890817,GC-64133034278,GC-65701617199,TS-63863433485
etag
W/"5e24bb5f5ca835ab6f2e1d1af52c5fa8"
last-modified
Sat, 11 Mar 2023 22:21:17 GMT
link
</hs/hsstatic/HubspotToolsMenu/static-1.154/js/index.js>; rel=preload; as=script,</hs/hsstatic/cos-i18n/static-1.53/bundles/project.js>; rel=preload; as=script
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
referrer-policy
no-referrer-when-downgrade
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e7YyqQcTkxrlyXSJvfAfTLS4GXrOctoTim6xhdJbTpIbd%2Fm0uffYv5Y84cuHXX0gPyniO0SqC7xLc8XuN3sRSLlQQCGCGTFvlcThRJN1wRR9nkN4R3rdwQzIjVs7hccLkOL%2F7othMF2cmWF6oSFP3NmcTIA3vg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-hs-cache-config
BrowserCache-0s-EdgeCache-180s
x-hs-cache-control
s-maxage=10800, max-age=0
x-hs-cf-cache-status
MISS
x-hs-content-id
100983843633
x-hs-hub-id
203759
x-hs-prerendered
two-phase;Sat, 11 Mar 2023 22:21:16 GMT

Redirect headers

Cache-Control
no-cache
Connection
keep-alive
Content-Length
356
Content-Type
text/html; charset=utf-8
Date
Wed, 15 Mar 2023 17:07:00 GMT
Location
https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
Strict-Transport-Security
max-age=31536000; includeSubDomains max-age=31536000; includeSubDomains
Vary
Origin
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-Request-Id
a2fd4a843cba6a80a302fa64c718193c
X-Runtime
0.054963
X-XSS-Protection
1; mode=block
index.js
www.contrastsecurity.com/hs/hsstatic/HubspotToolsMenu/static-1.154/js/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.contrastsecurity.com/hs/hsstatic/HubspotToolsMenu/static-1.154/js/index.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
49c050c7a4775b5b84a5ceabf44f33074c79c051306286a8be611e9794704894
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 15 Mar 2023 17:07:01 GMT
strict-transport-security
max-age=31536000
via
1.1 405b8ed0c1df92e14644e6db88a3af5a.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id
zqfoHVEO7SsMjSP1JrsnDQf9ix87l6qJ
age
2942349
x-amz-cf-pop
BOS50-P1
x-amz-server-side-encryption
AES256
content-encoding
br
x-cache
Miss from cloudfront
x-amz-replication-status
COMPLETED
x-hs-https-only
worker
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 09 Feb 2023 15:43:08 GMT
server
cloudflare
etag
W/"d57b3d84e0be8dd0aef0781d100c0d14"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V5U%2FX1nFERGA9l7YXX3asfxdQZX%2Fr0H5Ar6LGQ%2FY6pTOBVnZUwWTOL%2B9pD38eAVWC%2FLP5Ctip7xh6htvVN2C1zhiiRCaHb7NBHHZoRfWNBKnYk4h2fLG%2FizSM00A1LtgIy1gzavLjFPMPYVROPAxfWmYNC%2BmCw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
7a8659abf931d15b-BUF
x-amz-cf-id
RYgYmT9zey4ND8eGUxIMvpKt9ymDrRGd1pe-Y31VLYg-lLpK7czszA==
expires
Thu, 14 Mar 2024 17:07:01 GMT
project.js
www.contrastsecurity.com/hs/hsstatic/cos-i18n/static-1.53/bundles/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.contrastsecurity.com/hs/hsstatic/cos-i18n/static-1.53/bundles/project.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
8da927b6b1240ffca4323fbb2a12c8e5abb541040965c2bc5b7d09a2eb963b02
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 15 Mar 2023 17:07:01 GMT
strict-transport-security
max-age=31536000
via
1.1 f8c9a5da2480a9656a18b3b7a10b0ed5.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id
P9ES7sOpFzrLl1QoRwjEAy5outPo5_GO
age
10886429
x-amz-cf-pop
BOS50-C2
x-amz-server-side-encryption
AES256
content-encoding
br
x-cache
Miss from cloudfront
x-amz-replication-status
COMPLETED
x-hs-https-only
worker
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 09 Nov 2021 16:12:42 GMT
server
cloudflare
etag
W/"61ca66de658cab9587e4636894680d5d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qvZEr%2FBPizTD%2BjDE6DCU4EohLR%2B3VAt7Z6LJl%2F36BbsUScuRnUrUG6XuD52sqBa8a85i9G4mLTgLUACzhVchK%2FZROXAR4xF7%2Bq931CQS8fG12zlfRN4WWndDEepmnDO1aMUBhtVP33ZJ14AXfDLZnbjUmAiS8g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
7a8659abf932d15b-BUF
x-amz-cf-id
cAePgsfcSLo1GvPsX8--wg8z7Akiw-cEYbiwHewwCF4MNgPrlJuxrw==
expires
Thu, 14 Mar 2024 17:07:01 GMT
jquery-1.11.2.js
www.contrastsecurity.com/hs/hsstatic/jquery-libs/static-1.4/jquery/ 		94 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.contrastsecurity.com/hs/hsstatic/jquery-libs/static-1.4/jquery/jquery-1.11.2.js
Requested by
Host: www.contrastsecurity.com
URL: https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 15 Mar 2023 17:07:01 GMT
strict-transport-security
max-age=31536000
via
1.1 2c7d387775f2e52dd268d2f49202b5d2.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id
null
age
28023590
x-amz-cf-pop
EWR53-P1
content-encoding
br
x-cache
Miss from cloudfront
x-hs-https-only
worker
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 08 Jan 2015 18:08:00 GMT
server
cloudflare
etag
W/"5790ead7ad3ba27397aedfa3d263b867"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s2V3xUl38SKHxG2EPmvDz1i8M5RMezOnAKiSjKuGRhJg8gpQhg%2Fn24jkN0r%2FlTiwo9aT2pW4uUrrwJsfdV3X%2Bf9oP6vsctcnClr%2FIARHJ9ua7y8IQmnHXSaTIUcLOvJBedLeHBf%2Bk8OKjilAONd2Dzlo8lsn6w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
7a8659ac0934d15b-BUF
x-amz-cf-id
dm2KYaUi0tQ3Qu1FXKr9OGJF0-7Vx0787pOCNhWOdgjsR45IvrFk6w==
expires
Thu, 14 Mar 2024 17:07:01 GMT
jquery-migrate-1.2.1.js
www.contrastsecurity.com/hs/hsstatic/jquery-libs/static-1.4/jquery-migrate/ 		7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.contrastsecurity.com/hs/hsstatic/jquery-libs/static-1.4/jquery-migrate/jquery-migrate-1.2.1.js
Requested by
Host: www.contrastsecurity.com
URL: https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
1e67d8dbcca1f6fd94e077c85c2fb40fa1c2756c99238daa8da882144260a68d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 15 Mar 2023 17:07:01 GMT
strict-transport-security
max-age=31536000
via
1.1 31b4da0406d8b733add8a3131335a500.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id
null
age
10737427
x-amz-cf-pop
EWR52-C2
content-encoding
br
x-cache
RefreshHit from cloudfront
x-hs-https-only
worker
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 08 Jan 2015 18:08:00 GMT
server
cloudflare
etag
W/"eb05d8d73b5b13d8d84308a4751ece96"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2YChjWnISX%2BrnZi70eo5fgn84kHe9U1TiTB3tY95kyP4x6iU%2Fhbok0%2BWORImmjZkUbvkbHS5JKjmgKnvNWDseKga5yLlyp1%2F7r8WamhQDk3D8Q0LN6TZF0AKJhCq4Q7FQ1tJ7wDkIuupFqdUMnzf8lmjgzOHbg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
7a8659ac0935d15b-BUF
x-amz-cf-id
Jo-qbtnBRsaN0xX3F6YmmMBe6-m758NwCiNOVGV39-nmj0_ZE-1UyQ==
expires
Thu, 14 Mar 2024 17:07:01 GMT
main.min.css
www.contrastsecurity.com/hs-fs/hub/203759/hub_generated/template_assets/63854083398/1653679676641/ContrastSecurity_Hatch/css/ 		469 KB
65 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.contrastsecurity.com/hs-fs/hub/203759/hub_generated/template_assets/63854083398/1653679676641/ContrastSecurity_Hatch/css/main.min.css
Requested by
Host: www.contrastsecurity.com
URL: https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
d64829dad0c6b861a9e39c0c6d99ffb99ef96f299037858f853a024e3af76f35
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 15 Mar 2023 17:07:01 GMT
strict-transport-security
max-age=31536000
via
1.1 68261aebcfc232344da2ef3bf1d3f9ea.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id
xdJ2wSDJa4TaicYHn6M.jmTKH.pSZ4Mp
x-amz-cf-pop
IAD89-P1
x-amz-request-id
AHNKHSWH6KHJCCR3
x-amz-server-side-encryption
AES256
x-hs-alternate-content-type
text/plain
x-cache
Miss from cloudfront
x-amz-storage-class
INTELLIGENT_TIERING
content-encoding
br
x-amz-replication-status
COMPLETED
x-hs-https-only
worker
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 15
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
z+Yda3EzHh+8Z5HyntOyUgooIX0V64yW1nTaRWOC/81ULBpu6AjqLZ4LfPeVbR+izwbcV4yRWSc=
last-modified
Fri, 27 May 2022 19:28:00 GMT
server
cloudflare
etag
W/"6f18395a34da083af654f95d49809b89"
vary
origin, Accept-Encoding
x-amz-meta-created-unix-time-millis
1653679679215
content-type
text/css
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FC6puff1mY2e%2B%2BaZ%2F2J288ZMlRnN8czWVKjjV0Ls9dvdwgXuPbmPP24ROuvA%2FSl7wlTTDkbT0VSi5qd73lMkotf6RZ8XTA4kdSaywXbKdTa2PsFDNQf7i5id1BPiYgo5gLLFebr7do5iy8xb%2FBTCC3b3%2FUnPsg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900, s-maxage=31536000, max-age=31536000
access-control-allow-credentials
false
cf-ray
7a8659ac0933d15b-BUF
x-amz-cf-id
-4kdbacor3v_Tg4uJmsmjOp631IiO5DaqNZHMb1WaA-trxxhsybraA==
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 15
ContrastSecurity_Hatch.min.css
www.contrastsecurity.com/hs-fs/hub/203759/hub_generated/template_assets/63747633477/1655833299996/ContrastSecurity_Hatch/css/ 		26 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.contrastsecurity.com/hs-fs/hub/203759/hub_generated/template_assets/63747633477/1655833299996/ContrastSecurity_Hatch/css/ContrastSecurity_Hatch.min.css
Requested by
Host: www.contrastsecurity.com
URL: https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
9da73c837776901fbc9f8ac134bef3e2575d544a3194f47b1fe23085c8aa8200
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 15 Mar 2023 17:07:01 GMT
strict-transport-security
max-age=31536000
via
1.1 3500e6db5ae43764ed5ca43fc6d56058.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id
oECm_H4sO2f1ACCJarZZbCPnFFvV2VbI
x-amz-cf-pop
IAD89-P1
x-amz-request-id
KRR5C43ZVMM1Y5DN
x-amz-server-side-encryption
AES256
x-hs-alternate-content-type
text/plain
x-cache
Miss from cloudfront
x-amz-storage-class
INTELLIGENT_TIERING
content-encoding
br
x-amz-replication-status
COMPLETED
x-hs-https-only
worker
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 15
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
+72ed09ccjXI48ksAI4GwzSDkIXmYM4DZAik1IuPUgct3LTyD/q3bNOkugdOeeSAJkQ0cOw66l8=
last-modified
Tue, 21 Jun 2022 17:41:42 GMT
server
cloudflare
etag
W/"e369de511d380df38f7d1aa1c2389055"
vary
origin, Accept-Encoding
x-amz-meta-created-unix-time-millis
1655833301212
content-type
text/css
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Yr39hRv8m52CmaukT6xhg7iB5X0foKCmyIFHPrmDJnutnhbMyqQ62B6Hdja8LwVTpgPnmH6pJHWKMX479Jeq0O81DuszRKEQqQdxpsqM6IMSgfNpeHBGCJeBji4FU%2FKUYq2f1FXSo4FdEMZOkjYutdVaf154GA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900, s-maxage=31536000, max-age=31536000
access-control-allow-credentials
false
cf-ray
7a8659ac0936d15b-BUF
x-amz-cf-id
VdMMgKBaAvtWhpqhATLakd8CpQzneau4NBsmP6OobFS3FeZeVxgzDA==
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 15
all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/css/ 		58 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/css/all.min.css
Requested by
Host: www.contrastsecurity.com
URL: https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af1e6edc875a382b338bb25bd7c5c3f474a7f1b36212002a5896dd06f2186325
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 15 Mar 2023 17:07:01 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
17537411
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
10491
last-modified
Mon, 05 Oct 2020 17:43:59 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5f7b5b5f-e7d0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ntP%2F9vIoLC%2BNdJcIaaKrJbccnDP%2BLl36OhvpF8J%2FNaYdtK%2FRTJIsi4B5E4oTywQTH41n9E56x0lgewUpE94DQt5B4o9G5o7HT5T5NogFGf7bOGmL9f6U0%2B4%2Bq%2FDGTKW0XNQLAxPcZvm0v58AfyaEU01T"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7a8659ac6a36d15f-BUF
expires
Mon, 04 Mar 2024 17:07:01 GMT
module_-2712622_Site_Search_Input.min.css
cdn2.hubspot.net/hub/-1/hub_generated/module_assets/-2712622/1678480065854/ 		612 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn2.hubspot.net/hub/-1/hub_generated/module_assets/-2712622/1678480065854/module_-2712622_Site_Search_Input.min.css
Requested by
Host: www.contrastsecurity.com
URL: https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:f3cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
401925a1114f7003121630392768d35516be54a4028f01024528aeae99a45a56

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 15 Mar 2023 17:07:01 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
396980
x-amz-cf-pop
IAD89-P1
x-amz-server-side-encryption
AES256
x-hs-alternate-content-type
text/plain
x-amz-storage-class
INTELLIGENT_TIERING
x-amz-replication-status
COMPLETED
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 15
last-modified
Fri, 10 Mar 2023 20:27:46 GMT
server
cloudflare
etag
W/"c708989561e0cdbfcf996d1b7f47482c"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
x-amz-meta-created-unix-time-millis
1678480065854
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1fKiiIKC9o%2FTNDFCulHSoFEFeh%2FnzXjp6eWzLdJc7FnJ7dWNbTqZGJ094khmmPiIrERmL0dJP960u2Oal0ZK3AH3EqUYbdEdbq4zpy5OoJJA11TCL7068v%2FHNupSlG0II6l%2F41IjRgEY9pc%2BnLk%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
7a8659ac8e00d153-BUF
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 15
module_65626090029_Blog_Listing_01_-_Subscribe_Form_02.min.css
www.contrastsecurity.com/hs-fs/hub/203759/hub_generated/module_assets/65626090029/1656537204139/ 		332 B
918 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.contrastsecurity.com/hs-fs/hub/203759/hub_generated/module_assets/65626090029/1656537204139/module_65626090029_Blog_Listing_01_-_Subscribe_Form_02.min.css
Requested by
Host: www.contrastsecurity.com
URL: https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
abfce9df205238b6b7d8b60f1080f5a1e1bc8c9f731aa2b95e3e7dbcbc0e6d2c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 15 Mar 2023 17:07:01 GMT
strict-transport-security
max-age=31536000
via
1.1 d0d53eedec01ac540f737b5fafb16436.cloudfront.net (CloudFront)
cf-cache-status
REVALIDATED
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id
IzYiMEuVBfftUxQHXCgI0YvFOF3OBPhQ
x-amz-cf-pop
IAD12-P3
x-amz-request-id
2X9JQGR6Z6P9VYK9
x-amz-server-side-encryption
AES256
x-hs-alternate-content-type
text/plain
x-cache
RefreshHit from cloudfront
x-amz-storage-class
INTELLIGENT_TIERING
content-encoding
br
x-amz-replication-status
COMPLETED
x-hs-https-only
worker
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 15
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
lsOmSkdR1gcuy8rUWU2IioDvOlTy7/Pn5eGGnohSVjI0Y2lzk2pikTVeZ/MNIK+rRB53LBfa8Nc=
last-modified
Wed, 29 Jun 2022 21:13:25 GMT
server
cloudflare
etag
W/"a0832fe698bb3c3e12f8985984566183"
vary
origin, Accept-Encoding
x-amz-meta-created-unix-time-millis
1656537204139
content-type
text/css
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RX%2BwolTZwYDcjxit5i6T709mpXYvUMd39UOeXaSuaANpNEOvM5dpZR6MdqNMzhQUawH2LZIRgRQUBLkJn4%2FSH0zMWwWBer6glkvyigdZmPISd0ET779uw64RqzCkVN7GIzLko3xxIytopHkOseuz8PD9fdBllA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900, s-maxage=31536000, max-age=31536000
access-control-allow-credentials
false
cf-ray
7a8659ac0937d15b-BUF
x-amz-cf-id
NRTrjNa8fGIzZB5PivHe3zMauIeHAX-vo3YZ2bmCHeN_5AHK_vNx6Q==
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 15
Contrastmain.js
www.contrastsecurity.com/hs-fs/hub/203759/hub_generated/template_assets/1787458339/1569757647369/Coded_files/Custom/page/Contrast_Security/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.contrastsecurity.com/hs-fs/hub/203759/hub_generated/template_assets/1787458339/1569757647369/Coded_files/Custom/page/Contrast_Security/Contrastmain.js
Requested by
Host: www.contrastsecurity.com
URL: https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
c873c374e3e6639df33ac7635eaf604646bc0968fb93434b0ed0d1593794bf43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 15 Mar 2023 17:07:01 GMT
strict-transport-security
max-age=31536000
via
1.1 f01dafb3bec9893b47152910d47900a4.cloudfront.net (CloudFront)
cf-cache-status
REVALIDATED
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id
r0tIbn0vzEyAptLRqFgaeAmX3lALTF34
x-amz-cf-pop
IAD12-P3
x-amz-request-id
ZD98F0SJP5XBD2AB
content-encoding
br
x-cache
RefreshHit from cloudfront
x-hs-https-only
worker
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 15
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
FIV4dGJeoEYPoDAAi/akGPS0VOlT9SkRwzMKvcs7O/HhMvqBn9moaQubA/16yPiKrciDE5zJNVM=
last-modified
Sun, 29 Sep 2019 11:47:28 GMT
server
cloudflare
etag
W/"87d90b5b9dc70c678c5813cf376d348d"
vary
origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LoqgR3eh%2BbBqbRuHFGGZswHCg%2F2z0YMkTSLCZw%2FFJntvd8RiH6bpb76d%2F%2BTxBPkns5Nm52mdhAznnRJ2cDRYtFOLFAtDELbW6LxUa%2FgiaVi7%2FT4Fr5jmUm0mms%2BM93EmR%2BiXjMi4vYCKNxkGLQ5GrZdfU6IjqQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900, s-maxage=31536000, max-age=31536000
access-control-allow-credentials
false
cf-ray
7a8659ac0938d15b-BUF
x-amz-cf-id
Q6WDbGP_Mt5e5QqktKJKEu9VRXI6bK-x3cy-WkYlxFFHQFvpKL6Hhg==
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 15
run_prettify.js
cdn.jsdelivr.net/gh/google/code-prettify@master/loader/
Redirect Chain
  • https://cdn.rawgit.com/google/code-prettify/master/loader/run_prettify.js
  • https://cdn.jsdelivr.net/gh/google/code-prettify@master/loader/run_prettify.js
18 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/google/code-prettify@master/loader/run_prettify.js
Requested by
Host: www.contrastsecurity.com
URL: https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
Protocol
H2
Server
2a04:4e42::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
7285646ea1d6480a26b5c3d66f75edac636a664b9ef84bbd5fb63122065bb668
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 15 Mar 2023 17:07:01 GMT
x-content-type-options
nosniff
content-encoding
br
age
14827
x-jsd-version
master
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
8508
x-served-by
cache-fra-eddf8230077-FRA, cache-nyc-kteb1890034-NYC
x-jsd-version-type
branch
etag
W/"480b-TyrgZ46CV/5URLUGkuqmgyGFFkY"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*

Redirect headers

date
Wed, 15 Mar 2023 17:07:01 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cdn-edgestorageid
885
age
29465
x-cache
HIT, HIT
cdn-cachedat
03/15/2023 17:06:59
cdn-pullzone
201235
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443", h3-29=":443", h3-27=":443"
content-length
112
x-served-by
cache-fra-eddf8230020-FRA, cache-chi-kigq8000152-CHI
server
BunnyCDN-NY1-885
cdn-proxyver
1.03
cdn-requestpullcode
301
vary
Accept-Encoding
content-type
text/plain; charset=utf-8
location
https://cdn.jsdelivr.net/gh/google/code-prettify@master/loader/run_prettify.js
access-control-allow-origin
*
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
access-control-expose-headers
*
cache-control
public, max-age=2592000
cdn-cache
HIT
cdn-requestid
323e35fe0248594a486a10a6c3e427eb
timing-allow-origin
*
cdn-requestcountrycode
US
cdn-status
301
cdn-requestpullsuccess
True
in.js
platform.linkedin.com/ 		509 KB
160 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.linkedin.com/in.js
Requested by
Host: www.contrastsecurity.com
URL: https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:29:1::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
f0347bd00a1c0a8dcf28594d956c2946eb3b7096351321258f68cd8a5a440e54
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 15 Mar 2023 17:07:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-cdn-client-ip-version
IPV6
x-azure-ref-originshield
00+0RZAAAAACNZHoM9eSLTaUkkSZvAojBTU5aMjIxMDYwNjExMDUxADIyMjZhM2ViLTAxZTAtNDdiZi1hY2EyLTJiMDU4ZGZlYWQ3NQ==
x-cdn
AZUR
x-cache
TCP_HIT
x-cdn-proto
HTTP2
content-length
163382
x-li-uuid
AAX28pMwbdB6FVksN8Solg==
x-li-pop
prod-lva1-x
vary
Accept-Encoding
x-azure-ref
0NfsRZAAAAADjV+xlE6YfSKsamPF/o8ARTU5aMjIxMDYwNjEzMDMzADIyMjZhM2ViLTAxZTAtNDdiZi1hY2EyLTJiMDU4ZGZlYWQ3NQ==
x-li-fabric
prod-lva1
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
x-li-proto
http/1.1
expires
Wed, 15 Mar 2023 17:09:55 GMT
logo.svg
www.contrastsecurity.com/hubfs/Contrast_Security/logos/ 		19 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.contrastsecurity.com/hubfs/Contrast_Security/logos/logo.svg
Requested by
Host: www.contrastsecurity.com
URL: https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
7948632aa46f31e02b30c87213aa522ff16eec2401f4d18ea6b1a0094a9d6bfd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-encoding
br
x-amz-meta-cache-tag
F-63671323573,FD-63670133774,P-203759,FLS-ALL
age
660539
x-amz-request-id
D2PW8823EYDH6NZM
x-amz-server-side-encryption
AES256
edge-cache-tag
F-63671323573,FD-63670133774,P-203759,FLS-ALL
x-amz-replication-status
COMPLETED
x-hs-https-only
worker
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 15
etag
W/"2f9b3ec4e043e134e05aa9f9c1acebd2"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
x-amz-meta-created-unix-time-millis
1641977418663
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag
all
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 15
date
Wed, 15 Mar 2023 17:07:01 GMT
strict-transport-security
max-age=31536000
via
1.1 d5b8ff1568ca9900eb00feb643d95cd4.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id
KDdU9pLy7TdoZW_ECX.4pgR9aZcd0kx3
x-amz-cf-pop
BOS50-P1
x-hs-alternate-content-type
text/plain
x-cache
RefreshHit from cloudfront
cache-tag
F-63671323573,FD-63670133774,P-203759,FLS-ALL
x-amz-meta-index-tag
all
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
OMaKpeKDUlZrDSRMnKqrRdkc4lVZT3Ad8ZoWqZv5rnyei2JK8ZOt9BEypIUEXb0oJe4WHHFWmsk=
last-modified
Wed, 12 Jan 2022 08:50:19 GMT
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t2WqGfzIjJTreq3Xd5KM0OteodrB%2F%2FXlIULQ5JNFAVHfn7Vh0KroU4TDWKq5WXjxPtms6NN9zDbTTCeNsOMXYnEswTAg7s%2FP9uJ19ZE0e8qOv7r%2FV5V8dImLxHIwcWi41yDyBlnxiy%2BihTef66Dgm2ZizVOdRw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
7a8659ae5831d163-BUF
x-amz-cf-id
Rk43NiyjGgID-JNoyWa59L9oU1KyB52OwQjMejYVZq8QpT2DwsE8qg==
logo-white.svg
www.contrastsecurity.com/hubfs/Contrast_Security/logos/ 		17 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.contrastsecurity.com/hubfs/Contrast_Security/logos/logo-white.svg
Requested by
Host: www.contrastsecurity.com
URL: https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
a6ea063096e85ace5627e9e17dd68f50980ee4f9d237275283fd518d3a9469dc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-encoding
br
x-amz-meta-cache-tag
F-63755103887,FD-63670133774,P-203759,FLS-ALL
age
660539
x-amz-request-id
KDNCGSBSDJ6PD1HX
x-amz-server-side-encryption
AES256
edge-cache-tag
F-63755103887,FD-63670133774,P-203759,FLS-ALL
x-amz-replication-status
COMPLETED
x-hs-https-only
worker
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 15
etag
W/"202489cf9f511c5133f88cc7a7aeb0db"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
x-amz-meta-created-unix-time-millis
1642036908234
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag
all
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 15
date
Wed, 15 Mar 2023 17:07:01 GMT
strict-transport-security
max-age=31536000
via
1.1 b5b0850774f11b0c2514532a2d3bdc44.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id
tGUQjdUm4QyD0wElYOhp0zPgo0KkdGtN
x-amz-cf-pop
JFK50-P6
x-hs-alternate-content-type
text/plain
x-cache
RefreshHit from cloudfront
cache-tag
F-63755103887,FD-63670133774,P-203759,FLS-ALL
x-amz-meta-index-tag
all
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
/pSzbbnAYaDgapK6SXxfKEHX6RL3AvtrMdaDHqfz/Q2lkqAd9utEs7qhkmqt2GjvMIH2TzQZSe4=
last-modified
Thu, 13 Jan 2022 01:21:49 GMT
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VYiB98SDEnFOybTdeLAlRi16GWujYhntpKKT3dhJGQlSleLwkD6VFe4OTOKhMxmQiQpVMCd6Y%2BhBDWCClHZtjFiI7c9KKatE%2F1ne4JHetQj4rTQ0sBNy88jWUM2ss1AWHbvn6CoewgoNa1agw0DGs7EGBl86RA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
7a8659ae5832d163-BUF
x-amz-cf-id
4tamRW86qF7oQ45_Y8OYvcfwKGNEZhBlVgyVxHSR4qAqjQXWGtM1hg==
eafb7e72-9819-43d8-8d17-63c5cc055525.png
no-cache.hubspot.com/cta/default/203759/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://no-cache.hubspot.com/cta/default/203759/eafb7e72-9819-43d8-8d17-63c5cc055525.png
Requested by
Host: www.contrastsecurity.com
URL: https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d6e4be13e42cf838e30e64e45e670bc65579cc0156dc1ba5b39f6113fc41ae6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 15 Mar 2023 17:07:01 GMT
x-amz-version-id
null
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-request-id
H6P2BS6PZ07PCFC8
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2633
x-amz-id-2
T8eoMMVJ2lxG1+wOMqdhjNlexISG6EH6bzepzPBf5TD4wgPy0Q/fVxzWYsNKT0ittMwdpFeHvgO28PDNxCK1ZQ==
last-modified
Thu, 01 Dec 2022 15:43:24 GMT
server
cloudflare
etag
"d0bd02401ac51baa7312ff151cb0f4e8"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QpyBTnDhdq1orP6njS2zt3NnwXoazyIZJO45S%2B231DyXPvoarjCztpsq%2FUd0j7KFSozSzH0AsVq3rU38gk%2BRR0m5Z7u3dBGrtiybVkiFG6Puwh%2FYX3f6tCQ1rPkXq1xJ8Cdk09NhK0qvV0o6nt6hR%2BoN"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
no-cache, no-store
accept-ranges
bytes
cf-ray
7a8659aed959d15b-BUF
current.js
www.contrastsecurity.com/hs/cta/cta/ 		16 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.contrastsecurity.com/hs/cta/cta/current.js
Requested by
Host: www.contrastsecurity.com
URL: https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
c325a3a446a33b8dfb329feec9df9c003de983a5c64bc3d27696c646e8d963c6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 15 Mar 2023 17:07:01 GMT
strict-transport-security
max-age=31536000
via
1.1 e21fbbed60133ff896ee44224814dc5c.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id
O_dI.J5OwqlyrSQnZwBt_38jV6NFMeLX
age
297
x-amz-cf-pop
IAD12-P3
x-amz-server-side-encryption
AES256
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=cta-embed-js/static-1.140/bundles/current.js&cfRay=7a0ac65f119b1865-EWR
x-cache
Hit from cloudfront
cache-tag
staticjsapp-CtaEmbed-cloudflare-web-prod,staticjsapp-prod
content-encoding
br
x-amz-replication-status
COMPLETED
x-hs-https-only
worker
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 28 Feb 2023 05:00:29 UTC
server
cloudflare
etag
W/"2a447451325b0ef178f8f05aa802c484"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hgV5VV42Qj7P8JDwVOL2YNtBfxG3QL5jiiwrQH7FZcy5w5qB8FFYLRwXiVqWlc93Kv4iUa0X8i5TJ2tPxeoDhqrUUSgMKmeMZY9LSPRR3pTwhP5uo1mdJ6yV9lz2r94WyJfZ5ys%2B%2F6%2B%2BEDvqlJBL6iR4mpIkbg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
x-hs-cache-status
HIT
cache-control
max-age=600
cf-ray
7a8659ad880dd163-BUF
x-amz-cf-id
8IIe0sELRtS2cpwAuAO4Yu7F_g_27ur1K2og4hLuf24Qz9RN8vTiog==
x-hs-target-asset
cta-embed-js/static-1.140/bundles/current.js
plugins.min.js
www.contrastsecurity.com/hs-fs/hub/203759/hub_generated/template_assets/63861701158/1653679678815/ContrastSecurity_Hatch/js/plugins/ 		203 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.contrastsecurity.com/hs-fs/hub/203759/hub_generated/template_assets/63861701158/1653679678815/ContrastSecurity_Hatch/js/plugins/plugins.min.js
Requested by
Host: www.contrastsecurity.com
URL: https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
eac3d50d814b98b6370dac3b8df2ca0351670e95d578adcc3bb824fadfa2064f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 15 Mar 2023 17:07:01 GMT
strict-transport-security
max-age=31536000
via
1.1 4ee1745ee3cece0fab563f5a32ba165a.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id
hVMD8Xv6rp5VLijvj.WsjPCQ58WJAXTb
x-amz-cf-pop
IAD89-P1
x-amz-request-id
HY3W4CKX0J33GWQT
x-amz-server-side-encryption
AES256
x-hs-alternate-content-type
text/plain
x-cache
RefreshHit from cloudfront
x-amz-storage-class
INTELLIGENT_TIERING
content-encoding
br
x-amz-replication-status
COMPLETED
x-hs-https-only
worker
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 15
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
X7i8t/FjRfCDAXpuLfKU79ynbnhhkHhLmVZ8mRcGjcu05e6QWffqQF+oZ+j9sOtLQEULZ6QZ0J4=
last-modified
Fri, 27 May 2022 19:28:01 GMT
server
cloudflare
etag
W/"d8971681961d6a915972c4aac40b3414"
vary
origin, Accept-Encoding
x-amz-meta-created-unix-time-millis
1653679680507
content-type
application/javascript; charset=utf-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aJcxRE%2BIYkuS3BnYI%2BZHBLOBsOoJSwC%2BcK%2BpgfktN1KeOxlS2xiVxQZu9m03Zcb9HYX0FpCiEhLYcsAfU8Mk9V%2Fb1jL6w74W%2BIzpYRCmu%2Fj5iyM4hkOWx%2BSi1PzRXCMssxUPkyYLTHSZedllZmkqdso1WRCH4A%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900, s-maxage=31536000, max-age=31536000
access-control-allow-credentials
false
cf-ray
7a8659ae5833d163-BUF
x-amz-cf-id
edBRa_8OXt8EsA-OhDt1YMU5Y-lGwagz3oFk5ijcyjNKaG6S0Ey2mw==
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 15
main.min.js
www.contrastsecurity.com/hs-fs/hub/203759/hub_generated/template_assets/63854006692/1653679674424/ContrastSecurity_Hatch/js/ 		29 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.contrastsecurity.com/hs-fs/hub/203759/hub_generated/template_assets/63854006692/1653679674424/ContrastSecurity_Hatch/js/main.min.js
Requested by
Host: www.contrastsecurity.com
URL: https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
17c8101b46ab7661c89495e7c0c1b3ba48df9f2616a4daf71f784ad7a5dd770f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 15 Mar 2023 17:07:01 GMT
strict-transport-security
max-age=31536000
via
1.1 8c1cde7cef0a6f5dc839234d2bb2bca4.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id
OQhz8SLxaR3VtFvRhF9GMXvNC.LKp3Lc
x-amz-cf-pop
IAD89-P1
x-amz-request-id
Q95938BWPXJXBYAC
x-amz-server-side-encryption
AES256
x-hs-alternate-content-type
text/plain
x-cache
RefreshHit from cloudfront
x-amz-storage-class
INTELLIGENT_TIERING
content-encoding
br
x-amz-replication-status
COMPLETED
x-hs-https-only
worker
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 15
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
h162TWJKPAhRQk9nsoPQu9bGMCY4dO0usnZ7FoXLi0S00viz1m6qvsK2NCkbLsZZn7fy2PsWS5w=
last-modified
Fri, 27 May 2022 19:27:55 GMT
server
cloudflare
etag
W/"8cc6344843edccbc29f1372c1cdd9b4e"
vary
Accept-Encoding
x-amz-meta-created-unix-time-millis
1653679674947
content-type
application/javascript; charset=utf-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xQg8WVaxI4aZyUkvRHTQhZyW72qVDjWNag3wYXB92zBvo6ICuiA1gkogIyMlzqp1koanY4LzyBZpu%2F4gBmuV2BVwnez3TJMjdeIBFlWDtI9Ehb9f4CqHd7hZhRSrVcpIroUZS2Lw%2FP0GiUnBlgmsyJtm2VSo2w%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900, s-maxage=31536000, max-age=31536000
access-control-allow-credentials
false
cf-ray
7a8659ae5834d163-BUF
x-amz-cf-id
I7nGGW76Zcg0JD6GspJb9tdfmLWe8qtRC5Gd8mu2f38OUm-S88lmcA==
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 15
ContrastSecurity_Hatch.min.js
www.contrastsecurity.com/hs-fs/hub/203759/hub_generated/template_assets/67980816270/1655807218203/ContrastSecurity_Hatch/js/ 		691 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.contrastsecurity.com/hs-fs/hub/203759/hub_generated/template_assets/67980816270/1655807218203/ContrastSecurity_Hatch/js/ContrastSecurity_Hatch.min.js
Requested by
Host: www.contrastsecurity.com
URL: https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a12d011b1033eb71251b63171ea4598f37efdaede36e23b0a9ac1c96a145409
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 15 Mar 2023 17:07:01 GMT
strict-transport-security
max-age=31536000
via
1.1 a7a1b4c19abc42d237405ce4c4069f10.cloudfront.net (CloudFront)
cf-cache-status
REVALIDATED
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id
CXTCDATO0dF4BIme__wNr_n6Kzs7VdqG
x-amz-cf-pop
IAD89-P1
x-amz-request-id
W6WP154W2J21FNGF
x-amz-server-side-encryption
AES256
x-hs-alternate-content-type
text/plain
x-cache
RefreshHit from cloudfront
x-amz-storage-class
INTELLIGENT_TIERING
content-encoding
br
x-amz-replication-status
COMPLETED
x-hs-https-only
worker
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 15
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
W4FhK/d+E4FasaE2vlsPm0+HzQVGXLv4J763HwPJQnCMMbnERK3rQNg0956XTB1JmIjW5bzwllU=
last-modified
Tue, 21 Jun 2022 10:26:59 GMT
server
cloudflare
etag
W/"0060e62c6bee59ba47b7335089272fa0"
vary
Accept-Encoding
x-amz-meta-created-unix-time-millis
1655807218382
content-type
application/javascript; charset=utf-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=14eSwAgo8tq6TcekwiPurR7wjPx2ZWfd30BhztBOqCZTOdLf2zcCKGmJzs7E2Ohya6s9g6CQX%2BWwXnc37p%2FzkLtLynCARtHPFt3gQiOtJyzs3K89RKty9Z%2BNc38%2FHcM%2BsK3af3b7hm8nqSJX5WzyCTsjaSp9rg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900, s-maxage=31536000, max-age=31536000
access-control-allow-credentials
false
cf-ray
7a8659ade820d163-BUF
x-amz-cf-id
AvIndrt_J-OwdyZo4DvZa25Lo0TDrJkoWqp5U7xpMSAy4q5xdPPPvQ==
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 15
module_-2712622_Site_Search_Input.min.js
cdn2.hubspot.net/hub/-1/hub_generated/module_assets/-2712622/1678480064865/ 		30 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn2.hubspot.net/hub/-1/hub_generated/module_assets/-2712622/1678480064865/module_-2712622_Site_Search_Input.min.js
Requested by
Host: www.contrastsecurity.com
URL: https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:f3cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4801a0074de09ae7dc8dd612ba59deb7cdd056592c80cab9c4bdc2ef608efda7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 15 Mar 2023 17:07:01 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
396980
x-amz-cf-pop
IAD89-P1
x-amz-server-side-encryption
AES256
x-hs-alternate-content-type
text/plain
x-amz-storage-class
INTELLIGENT_TIERING
x-amz-replication-status
COMPLETED
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 15
last-modified
Fri, 10 Mar 2023 20:27:45 GMT
server
cloudflare
etag
W/"5c1ca43721e63684ea6fb45b510a2f0b"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-amz-meta-created-unix-time-millis
1678480064865
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N8S6KDZFQOs0CAgXsokoFOqXkne3CtiIhjn8tZ6bJl2hy9kxyUegXvSguUS6Wx%2FLHhrdG1HPEAB3xFeHmNFTDCrm4unBWFOY2rjK6%2F2Wcy3qxOTpv716gyM9YFWx91k0h9qDpc9CkOc8c1JmMQg%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
7a8659ae2e1cd153-BUF
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 15
v2.js
www.contrastsecurity.com/_hcms/forms/ 		509 KB
165 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.contrastsecurity.com/_hcms/forms/v2.js
Requested by
Host: www.contrastsecurity.com
URL: https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
ec5f7597c123181788fd043c205d990937daab3c1565e7df4ba16d47f030c160
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 15 Mar 2023 17:07:01 GMT
strict-transport-security
max-age=31536000
via
1.1 73c5607bdb5db0d651e25c848846d554.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id
2wXcdIzl9WRVTrxeR26mvDAXbt4ZcTF6
age
366
x-amz-cf-pop
IAD12-P3
x-amz-server-side-encryption
AES256
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=forms-embed/static-1.2802/bundles/project-v2.js&cfRay=7a4b825fb2c617a9-EWR
x-cache
Hit from cloudfront
cache-tag
staticjsapp-forms-embed-v2-web-prod,staticjsapp-prod
content-encoding
br
x-amz-replication-status
COMPLETED
x-hs-https-only
worker
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 08 Mar 2023 01:33:37 UTC
server
cloudflare
etag
W/"ae0386c025bb39c5f937fe3f182d3e80"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vgFDU%2FTOpj2Mb0EoC8iXbP79%2FDQccpGuwSpUYxkNCOx2wtGXGMmgS8esIE%2BT%2Fbl1g1YWW3BwmyO08vJDoJ01zxswRrRAoP2hkAzSHNuxrd1%2Bt%2BkiCD%2BM0cRA2zq9l5D1%2F52PS059Nskg7iUNXSMLEJpCOdXw4g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-hs-cache-status
HIT
cache-control
s-maxage=600, max-age=300
cf-ray
7a8659ae582dd163-BUF
x-amz-cf-id
STrn0Va-YIRfc1CHzTnFKxRSLSdS4Sf_2LU_nMLE41-b35oceZ2axg==
x-hs-target-asset
forms-embed/static-1.2802/bundles/project-v2.js
blog.min.js
www.contrastsecurity.com/hs-fs/hub/203759/hub_generated/template_assets/63860703006/1653679676979/ContrastSecurity_Hatch/js/ 		394 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.contrastsecurity.com/hs-fs/hub/203759/hub_generated/template_assets/63860703006/1653679676979/ContrastSecurity_Hatch/js/blog.min.js
Requested by
Host: www.contrastsecurity.com
URL: https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
57056df141d73a63a3392ff43ebde5e2146161cf642df06b1da2c6a4324c4838
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 15 Mar 2023 17:07:01 GMT
strict-transport-security
max-age=31536000
via
1.1 736ad67f05a9a5a8fd5ed8cba30196f4.cloudfront.net (CloudFront)
cf-cache-status
REVALIDATED
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id
Kk6oIZ06JsB.Y_KvDs8GJL3fJF9Emcq2
x-amz-cf-pop
IAD12-P3
x-amz-request-id
HZAP38Z1EJBQPZAR
x-amz-server-side-encryption
AES256
x-hs-alternate-content-type
text/plain
x-cache
RefreshHit from cloudfront
x-amz-storage-class
INTELLIGENT_TIERING
content-encoding
br
x-amz-replication-status
COMPLETED
x-hs-https-only
worker
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 15
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
6O+o742BVUhoebcVE6Ied9oeHbyfZ132RzRLe9Wr7QpWJpSYOvXe0qXtV0AUDlguFjioWnn+LTo=
last-modified
Fri, 27 May 2022 19:27:58 GMT
server
cloudflare
etag
W/"dba24bc3ae50ea9a360b4d0d28963b56"
vary
origin, Accept-Encoding
x-amz-meta-created-unix-time-millis
1653679677284
content-type
application/javascript; charset=utf-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T2Fm5k2u9QDpZAyOcjuCUdf%2FJqO0Ol83p%2BPocudd%2FWME0Oar3ZZUYuvcx65UH4wVb6Cxa%2BDPWxleYN9QOLXIPfu0m1CO4GDP65N74XxJajETmjVmU%2BmgFxFJ%2Bzc8JqwDkIjuuDhPzANUW757wpgZ6OtQPBhvvQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900, s-maxage=31536000, max-age=31536000
access-control-allow-credentials
false
cf-ray
7a8659ae5830d163-BUF
x-amz-cf-id
cVF_0oVJgr3CB5keBhjUVwVr1AYDvIUQ520XQyR0P3AoOyEnxHzZMg==
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 15
203759.js
www.contrastsecurity.com/hs/scriptloader/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.contrastsecurity.com/hs/scriptloader/203759.js
Requested by
Host: www.contrastsecurity.com
URL: https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
42106839b6c88122b1770ac860e07482f3776c623703298cb4a8c5aa4651c4c2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 15 Mar 2023 17:07:01 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
EXPIRED
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id
a03ce685-72ea-4a5f-819f-7531586994b2
x-hs-https-only
worker
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 15 Mar 2023 16:48:05 GMT
server
cloudflare
x-trace
2B7AF7ABB620A10ED360A1E039AB387A9E8CA10D82000000000000000000
vary
origin, Accept-Encoding
access-control-max-age
3600
content-type
application/javascript;charset=utf-8
access-control-allow-origin
https://www.contrastsecurity.com
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2weqvKeBy9cmxDKIXUQ4hRxcIzX82nI8PRWUq2ZVLy35Dt4ZBP0IGJZFCF4yMLoBzo%2FbLFkhRGu%2FTJb4jWQvaDIpOY3E4CwRUAxn4OEWUqRhrDbtjtcIJs2dQ1NnfbLc%2BuzJhf1wMCh%2Feb5yQ%2BZlYXp9nNykbw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=60
access-control-allow-credentials
true
cf-ray
7a8659ae5835d163-BUF
expires
Wed, 15 Mar 2023 17:08:01 GMT
api.min.js
a.omappapi.com/app/js/ 		50 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.omappapi.com/app/js/api.min.js
Requested by
Host: www.contrastsecurity.com
URL: https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c454::1 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
BunnyCDN-NY1-885 /
Resource Hash
50de719051ac450992625c5ff7b3dc8de4a1b2e83be9a088e9e36ab7452e25be

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 15 Mar 2023 17:07:01 GMT
content-encoding
br
cdn-edgestorageid
885
perma-cache
HIT
cdn-storageserver
NY-346
cdn-cachedat
02/22/2023 04:23:00
cdn-pullzone
293267
last-modified
Wed, 22 Feb 2023 04:22:31 GMT
server
BunnyCDN-NY1-885
cdn-fileserver
562
cdn-requestpullcode
200
cdn-proxyver
1.03
etag
W/"63f59887-c840"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31919000
cdn-requestid
c86c075af20428bce77da99a51820ad5
cdn-requestcountrycode
US
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
gtm.js
www.googletagmanager.com/ 		320 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5XQWKJ9
Requested by
Host: www.contrastsecurity.com
URL: https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2008 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
64fdcd9e8b63895478d8a6c2cb7dc27c44c7197448a4a537d35ada9e09502fda
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 15 Mar 2023 17:07:01 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100162
x-xss-protection
0
last-modified
Wed, 15 Mar 2023 16:10:07 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 15 Mar 2023 17:07:01 GMT
prettify.css
cdn.jsdelivr.net/gh/google/code-prettify@master/loader/ 		655 B
453 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/google/code-prettify@master/loader/prettify.css
Requested by
Host: cdn.rawgit.com
URL: https://cdn.rawgit.com/google/code-prettify/master/loader/run_prettify.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e3b0f209e58b0d412b1e37d9468ab6674dad3860077ad9a918a7462ca67d033d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 15 Mar 2023 17:07:01 GMT
x-content-type-options
nosniff
content-encoding
br
age
14835
x-jsd-version
master
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
316
x-served-by
cache-fra-eddf8230074-FRA, cache-nyc-kteb1890034-NYC
x-jsd-version-type
branch
etag
W/"28f-3AMtzR7l//agOVmpYsx92kQQyCI"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
chevron-down-01.svg
www.contrastsecurity.com/hubfs/Contrast_Security/icons/ 		208 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.contrastsecurity.com/hubfs/Contrast_Security/icons/chevron-down-01.svg
Requested by
Host: www.contrastsecurity.com
URL: https://www.contrastsecurity.com/hs-fs/hub/203759/hub_generated/template_assets/63747633477/1655833299996/ContrastSecurity_Hatch/css/ContrastSecurity_Hatch.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
25b3ccef96912ebb1dc749b3819c01f37ebc16ebc1ad155bed01e74beb97ef7c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.contrastsecurity.com/hs-fs/hub/203759/hub_generated/template_assets/63747633477/1655833299996/ContrastSecurity_Hatch/css/ContrastSecurity_Hatch.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-encoding
br
x-amz-meta-cache-tag
F-64387621169,FD-63671323560,P-203759,FLS-ALL
age
660539
x-amz-request-id
VGFQB12ZS3ZY06DG
x-amz-server-side-encryption
AES256
edge-cache-tag
F-64387621169,FD-63671323560,P-203759,FLS-ALL
x-amz-replication-status
COMPLETED
x-hs-https-only
worker
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 15
etag
W/"673bd037a141adac0d883cb60de2fdcc"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
x-amz-meta-created-unix-time-millis
1642729332633
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag
all
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 15
date
Wed, 15 Mar 2023 17:07:01 GMT
strict-transport-security
max-age=31536000
via
1.1 3ce8b408dfcacf1e62d9fe4b346a6a62.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id
lE0FBT8qibGQOt7W9D2XmIAz.uQzDd5I
x-amz-cf-pop
JFK50-P6
x-hs-alternate-content-type
text/plain
x-cache
RefreshHit from cloudfront
cache-tag
F-64387621169,FD-63671323560,P-203759,FLS-ALL
x-amz-meta-index-tag
all
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
UZdotgZldH3OncyFC/09xQkC8rBLkNe6BYQ1/C94ek6AeH9A8Xr5RX/sZKNKbSgVnNub/LgJ1+nAC1eGl4Ot5Q==
last-modified
Fri, 21 Jan 2022 01:42:13 GMT
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=msb7lEI3KM0MG%2Fh3F%2FxNaf6izBnCaH2R9ny4M8m8AZlbQiX7BYPlSSqqYOBeZ27ZG8N3sBpnd6cvx5KX2m9Pc33qUh6Gv69r%2BTKP5dI%2BgioaAOlZ22mJumIpFajkSj%2BGoTIRoOSZ3Vb8gIU5q6uRqr%2FU4Bg%2BSw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
7a8659ae6836d163-BUF
x-amz-cf-id
JMYwyklFssCXRc91Hg6J1zKO9EwZ9QSkXaXoSwe0mZw3rHBB5o5bVQ==
arrow-up.svg
www.contrastsecurity.com/hubfs/Contrast_Security/icons/mega_menu/ 		152 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.contrastsecurity.com/hubfs/Contrast_Security/icons/mega_menu/arrow-up.svg
Requested by
Host: www.contrastsecurity.com
URL: https://www.contrastsecurity.com/hs-fs/hub/203759/hub_generated/template_assets/63747633477/1655833299996/ContrastSecurity_Hatch/css/ContrastSecurity_Hatch.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
3425458125abf423b1426adbad986b530245a5dcf8d004aec11511aef71ca50d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.contrastsecurity.com/hs-fs/hub/203759/hub_generated/template_assets/63747633477/1655833299996/ContrastSecurity_Hatch/css/ContrastSecurity_Hatch.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-encoding
br
x-amz-meta-cache-tag
F-65104521759,FD-65104000408,P-203759,FLS-ALL
age
403539
x-amz-request-id
8XKA81B3WXGWT74H
x-amz-server-side-encryption
AES256
edge-cache-tag
F-65104521759,FD-65104000408,P-203759,FLS-ALL
x-amz-replication-status
COMPLETED
x-hs-https-only
worker
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 15
etag
W/"76fd9bccbea85cf062db6c20fed0a0ff"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
x-amz-meta-created-unix-time-millis
1643594528665
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag
all
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 15
date
Wed, 15 Mar 2023 17:07:01 GMT
strict-transport-security
max-age=31536000
via
1.1 c36b03c9737c294317e3651e77ee0c4a.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id
FVTP.rmArkOZVZmFKeDlqpQ48xmmy9fy
x-amz-cf-pop
JFK50-P6
x-hs-alternate-content-type
text/plain
x-cache
RefreshHit from cloudfront
cache-tag
F-65104521759,FD-65104000408,P-203759,FLS-ALL
x-amz-meta-index-tag
all
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
jyX7jbKJrG698AAGxpbXUrjegkasCgoO2vbcvJAxv8d02oYi0sRSbDxeJiP5vjt7qYiAGcqsc5yNOQUbWzs5AQ==
last-modified
Mon, 31 Jan 2022 02:02:09 GMT
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hOKjYWOqgQJocuK8MMJ3fy9JuR9cHiQiqbhL9oY%2BGxeOBA0oBEo3N8Cc4cqWKqw4gs23KfFzeEiqtCn1lh5IEZ5JDJoIZ783XEY9EIDln3tgTgufVLB%2B21cpydhdr8Q2xUu8vRgC2nY0v8g2nBXOQteAoR0lLA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
7a8659ae6838d163-BUF
x-amz-cf-id
nrhUlJU1g6kFMuKg49T2Fq3t1MatCOSd56k9ma-PDVkp1YMpa-6C-g==
arrow-right-01.svg
www.contrastsecurity.com/hubfs/Contrast_Security/icons/mega_menu/ 		395 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.contrastsecurity.com/hubfs/Contrast_Security/icons/mega_menu/arrow-right-01.svg
Requested by
Host: www.contrastsecurity.com
URL: https://www.contrastsecurity.com/hs-fs/hub/203759/hub_generated/template_assets/63747633477/1655833299996/ContrastSecurity_Hatch/css/ContrastSecurity_Hatch.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
0ab4dc87b4a60865d47f8eefdf2cd910da31183bed54f2370d4443e4f10a6eea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.contrastsecurity.com/hs-fs/hub/203759/hub_generated/template_assets/63747633477/1655833299996/ContrastSecurity_Hatch/css/ContrastSecurity_Hatch.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-encoding
br
x-amz-meta-cache-tag
F-65104000545,FD-65104000408,P-203759,FLS-ALL
age
403539
x-amz-request-id
XAGZA6YYYG3BSASF
x-amz-server-side-encryption
AES256
edge-cache-tag
F-65104000545,FD-65104000408,P-203759,FLS-ALL
x-amz-replication-status
COMPLETED
x-hs-https-only
worker
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 15
etag
W/"8105272fa670e031dd2688e557bb6674"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
x-amz-meta-created-unix-time-millis
1643594528645
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag
all
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 15
date
Wed, 15 Mar 2023 17:07:01 GMT
strict-transport-security
max-age=31536000
via
1.1 05b3bdb53d1146d1176c185d2da0d530.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id
oC03Bi8gt_dfzIXEHW17BlZ3Asww82Mb
x-amz-cf-pop
JFK50-P6
x-hs-alternate-content-type
text/plain
x-cache
RefreshHit from cloudfront
cache-tag
F-65104000545,FD-65104000408,P-203759,FLS-ALL
x-amz-meta-index-tag
all
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
0+XPMpwTn3wFA+5bkfpMUSNmlNe6DNEUcx57vQl8jNRdqf9L/Rg2CFA7o1ItwGugbE3pI/Au6qk=
last-modified
Mon, 31 Jan 2022 02:02:09 GMT
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=quWSqMm3mo6ZELMbdBclywcM8862HxN4LuZSAV7TMfyC9tMciK02pMLALobYWZU1ycgqlBhVUiVE3Hq4SvSKo8oh8OhYL8ubtzvoI9ClnDRo9u9SNg5DmMqbUEr6ABWmBkylLqsgJVHsWK5aKH9DsLyAUvb9xw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
7a8659ae783cd163-BUF
x-amz-cf-id
sn76-a-veJiMmbD-OtpzKvMnZDZNeq9t_MJ1tI0bWL4a0PUGYQU6jw==
AkkRg_Pro_1.ttf
www.contrastsecurity.com/hubfs/Contrast_Security/fonts/akkurate-pro/ 		102 KB
38 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.contrastsecurity.com/hubfs/Contrast_Security/fonts/akkurate-pro/AkkRg_Pro_1.ttf
Requested by
Host: www.contrastsecurity.com
URL: https://www.contrastsecurity.com/hs-fs/hub/203759/hub_generated/template_assets/63747633477/1655833299996/ContrastSecurity_Hatch/css/ContrastSecurity_Hatch.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba41fa874089941583156d8cf3f27d6e59048e378d60f2b887eabdf93ff5a256
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.contrastsecurity.com/hs-fs/hub/203759/hub_generated/template_assets/63747633477/1655833299996/ContrastSecurity_Hatch/css/ContrastSecurity_Hatch.min.css
Origin
https://www.contrastsecurity.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-encoding
br
x-amz-meta-cache-tag
F-64663385648,FD-64660426355,P-203759,FLS-ALL
age
660539
x-amz-request-id
FBYQQCR8AKZHAZDK
x-amz-server-side-encryption
AES256
edge-cache-tag
F-64663385648,FD-64660426355,P-203759,FLS-ALL
x-amz-replication-status
COMPLETED
x-hs-https-only
worker
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 15
etag
W/"867dfc8fea752c1d6e9d0e27d9d8c6e0"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
font/ttf
access-control-allow-origin
*
x-amz-meta-created-unix-time-millis
1643100771061
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag
all
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 15
date
Wed, 15 Mar 2023 17:07:01 GMT
strict-transport-security
max-age=31536000
via
1.1 b4debb06a98b003776d85ccc4e8f26c0.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id
Q3gEMdTYx_oamjFHjXn8nfjbBfduodGg
x-amz-cf-pop
BOS50-P1
x-hs-alternate-content-type
text/plain
x-cache
RefreshHit from cloudfront
cache-tag
F-64663385648,FD-64660426355,P-203759,FLS-ALL
x-amz-meta-index-tag
all
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
pzV9vi4M/tjLteP7b17uvU3P3IkThH6GSl4Fn7p0d0i4G315P51S53jQFTv1EkcMTeWAPdC8o/E=
last-modified
Tue, 25 Jan 2022 08:52:52 GMT
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2nJMWh%2FU3EPxGSp4ysFdG%2F1sSO9XCchd0lf5xN6MZs4DZ7HN%2FBpMnHJnzm%2FUdbymUsd41MgLnODPFpzYmrR%2BGfKhHw6IFfNh058vumnkXNdouSUqRDL09um4teuNK6L6K12hI%2BpRRjDztY00H0NyjnTLSDm1EQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
7a8659aea845d163-BUF
x-amz-cf-id
hciuiEzHKXSCBBqHYZBd-OSP02Hf-d4On30kmoFGBYyzKOkSE3PVPw==
AkkBd_Pro_1.ttf
www.contrastsecurity.com/hubfs/Contrast_Security/fonts/akkurate-pro/ 		101 KB
38 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.contrastsecurity.com/hubfs/Contrast_Security/fonts/akkurate-pro/AkkBd_Pro_1.ttf
Requested by
Host: www.contrastsecurity.com
URL: https://www.contrastsecurity.com/hs-fs/hub/203759/hub_generated/template_assets/63747633477/1655833299996/ContrastSecurity_Hatch/css/ContrastSecurity_Hatch.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
9be628654bf453f2b5948589ace3ffcdbce4c29a8f5da0c5ed395edbe82c6010
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.contrastsecurity.com/hs-fs/hub/203759/hub_generated/template_assets/63747633477/1655833299996/ContrastSecurity_Hatch/css/ContrastSecurity_Hatch.min.css
Origin
https://www.contrastsecurity.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-encoding
br
x-amz-meta-cache-tag
F-64660426773,FD-64660426355,P-203759,FLS-ALL
age
660539
x-amz-request-id
ZVZD62GD0CFHS844
x-amz-server-side-encryption
AES256
edge-cache-tag
F-64660426773,FD-64660426355,P-203759,FLS-ALL
x-amz-replication-status
COMPLETED
x-hs-https-only
worker
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 15
etag
W/"2241a8241c74de8726977fb0018c7e18"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
font/ttf
access-control-allow-origin
*
x-amz-meta-created-unix-time-millis
1643100971894
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag
all
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 15
date
Wed, 15 Mar 2023 17:07:01 GMT
strict-transport-security
max-age=31536000
via
1.1 ffc407ec9784e618feb8fc53384b80aa.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id
_misTuF.6f555gqtaW.nSsPhMOJqX3x9
x-amz-cf-pop
JFK50-P6
x-hs-alternate-content-type
text/plain
x-cache
RefreshHit from cloudfront
cache-tag
F-64660426773,FD-64660426355,P-203759,FLS-ALL
x-amz-meta-index-tag
all
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
tnD6kOj2GHEC/AdwRrk9gb8wrL0Qp9IVSwwNN34JqGylLdqyTSNguFjEY/o1rDnKl/COjCbag30=
last-modified
Tue, 25 Jan 2022 08:56:12 GMT
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Nc9ZnJX1c6gapVtNo8H1lnml0S%2BqfcwboiX%2FMHelYcCHTF%2Bk%2FB5j83VMSoWF4SNGv0S9x6Us%2FgSXCs6n4QgOsiNOQXdaMIY0GJj%2B%2BiHn%2Fc3ITQzmKPcrvoJE%2Fj1%2FJ2wU8CRCRSaE8kdGxMDgQZuWh44lEd5ycw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
7a8659aea846d163-BUF
x-amz-cf-id
thH21W-RL4gefyOXsS69DAI5QWt53jPZUYrTI7Or-V6DrCIyc7A0ig==
Sharp%20Type%20-%20Simula%20Book.ttf
www.contrastsecurity.com/hubfs/Contrast_Security/fonts/simula/ 		100 KB
41 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.contrastsecurity.com/hubfs/Contrast_Security/fonts/simula/Sharp%20Type%20-%20Simula%20Book.ttf
Requested by
Host: www.contrastsecurity.com
URL: https://www.contrastsecurity.com/hs-fs/hub/203759/hub_generated/template_assets/63747633477/1655833299996/ContrastSecurity_Hatch/css/ContrastSecurity_Hatch.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
da0085998e27c4877b8d53413238d64979158e1efe1f14d7d5a0733f3c4c9128
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.contrastsecurity.com/hs-fs/hub/203759/hub_generated/template_assets/63747633477/1655833299996/ContrastSecurity_Hatch/css/ContrastSecurity_Hatch.min.css
Origin
https://www.contrastsecurity.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-encoding
br
x-amz-meta-cache-tag
F-64660426012,FD-64659871285,P-203759,FLS-ALL
age
660539
x-amz-request-id
8XK7AR66DG270GJD
x-amz-server-side-encryption
AES256
edge-cache-tag
F-64660426012,FD-64659871285,P-203759,FLS-ALL
x-amz-replication-status
COMPLETED
x-hs-https-only
worker
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 15
etag
W/"572ceb9d5b3db07e1a05ca81b42a2481"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
font/ttf
access-control-allow-origin
*
x-amz-meta-created-unix-time-millis
1643100527975
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag
all
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 15
date
Wed, 15 Mar 2023 17:07:01 GMT
strict-transport-security
max-age=31536000
via
1.1 97e44a27a616410da5792d77e9d25f52.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id
iMCLxgSC1BaVWB8gzy4owkFOyKiZHz53
x-amz-cf-pop
JFK50-P6
x-hs-alternate-content-type
text/plain
x-cache
RefreshHit from cloudfront
cache-tag
F-64660426012,FD-64659871285,P-203759,FLS-ALL
x-amz-meta-index-tag
all
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
U3xAVSv75XzRnZBcB7CptO4PYgiDffKpGdU1VPvE3Bo5pnhfAtXf+IESv1GbpXdKzCap1pYKwHE=
last-modified
Tue, 25 Jan 2022 08:48:48 GMT
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0pgPgMSRwOuxovL1GCroyKAJ%2Bo9V0mKLYyC5h4sI7RFoyAmGPk%2Bzl5ATeAZPma3GI8Li1rvjeEMr5bDkrCJl0hkCnFZENgwzB7CkCZVo%2BTOnJXUEKikiQW97HFJr%2BxXT0rkIjl%2FUMwkk%2Fm4SrqETHj%2BUoPsLtw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
7a8659aea847d163-BUF
x-amz-cf-id
6x6IHdJb_TVi5wj8VRvfV1idUl4rQyFyKLPEoNoLaGa2ZxeGasqj5w==
fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/webfonts/ 		78 KB
79 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/webfonts/fa-solid-900.woff2
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/css/all.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
de18f83fe5e106b0ff08097632c801d3b2a5744cb2040302314b3ed08d5c0c8e
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/css/all.min.css
Origin
https://www.contrastsecurity.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 15 Mar 2023 17:07:01 GMT
strict-transport-security
max-age=15780000
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
10713461
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
80300
last-modified
Mon, 05 Oct 2020 17:43:59 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5f7b5b5f-139ac"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uHkWfugVGqWC1wEqvzn1BCfQwr9Pkohy68OG1v%2BGxwb1Z3qwEgmyDpa60%2FPXToYJ1OJVX78tIftz%2FtbUGhkrp7p%2B6IcBC9YFH44i5W3ISZQ3zuLw%2FT643eqFH%2BuXihUB9m2nSR3eZi4JeCfYSboeMP9U"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7a8659aee95bd15b-BUF
expires
Mon, 04 Mar 2024 17:07:01 GMT
facebook-f-brands.svg
www.contrastsecurity.com/hubfs/Contrast_Security/icons/ 		355 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.contrastsecurity.com/hubfs/Contrast_Security/icons/facebook-f-brands.svg
Requested by
Host: www.contrastsecurity.com
URL: https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e9579014061de5fd528b21f1928086d41411dd758ee4def39d93e1f67493bc4e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-encoding
br
x-amz-meta-cache-tag
F-65632711179,FD-63671323560,P-203759,FLS-ALL
x-amz-request-id
CPYFR9KKB0XSJB8E
x-amz-server-side-encryption
AES256
edge-cache-tag
F-65632711179,FD-63671323560,P-203759,FLS-ALL
x-amz-replication-status
COMPLETED
x-hs-https-only
worker
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 15
etag
W/"c55841e4a053d503dbc7b9013219f7ef"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
x-amz-meta-created-unix-time-millis
1644218379353
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag
all
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 15
date
Wed, 15 Mar 2023 17:07:01 GMT
strict-transport-security
max-age=31536000
via
1.1 05b3bdb53d1146d1176c185d2da0d530.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id
V7OMabflCf7DAI4B3jtpxB9C.JnCBazg
x-amz-cf-pop
JFK50-P6
x-hs-alternate-content-type
text/plain
x-cache
RefreshHit from cloudfront
cache-tag
F-65632711179,FD-63671323560,P-203759,FLS-ALL
x-amz-meta-index-tag
all
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
rby7bkPgarfJtMv0uiQ5f7gFaEwaKUyZhPqVRnn8IWeX1iRWYRm7P/j5xDdjN+g3j4yP1DHDaVStUbrYR4E5Xw==
last-modified
Mon, 07 Feb 2022 07:19:40 GMT
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DhDwthdxuewmVA9VE2X9cM9JenZx5%2BiZSFcrIbi6Uu6j0ESilAbKWU27lrjfCJbzeT7i%2Fr7mAsLVChIBb9M8KQdLEocajWEYavV5q9eTKAt8JSN5F6B0DQHPxCs97aQzd8h0W6rmXsR4HOCOL%2B0881RTpGQDGA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
7a8659aed84cd163-BUF
x-amz-cf-id
TMOo4xSr9UMZI-r8v-FfvowwFi8naqzGoNZgLk32D7uNM4SsmN-Htw==
linkedin-in-brands.svg
www.contrastsecurity.com/hubfs/Contrast_Security/icons/ 		727 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.contrastsecurity.com/hubfs/Contrast_Security/icons/linkedin-in-brands.svg
Requested by
Host: www.contrastsecurity.com
URL: https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
6651b6a556b314b90a5d55c7dde2162e46b0be567342b605b1b5c1bd6d59f43f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-encoding
br
x-amz-meta-cache-tag
F-65632882812,FD-63671323560,P-203759,FLS-ALL
x-amz-request-id
DQRYJVBE6FV0HPCK
x-amz-server-side-encryption
AES256
edge-cache-tag
F-65632882812,FD-63671323560,P-203759,FLS-ALL
x-amz-replication-status
COMPLETED
x-hs-https-only
worker
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 15
etag
W/"ebc96103adf4e4d9c015930c3665a66a"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
x-amz-meta-created-unix-time-millis
1644218379433
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag
all
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 15
date
Wed, 15 Mar 2023 17:07:01 GMT
strict-transport-security
max-age=31536000
via
1.1 ffc407ec9784e618feb8fc53384b80aa.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id
zcaw9sGmC_.UgWU7Ttr8wcRtV4npqPm8
x-amz-cf-pop
JFK50-P6
x-hs-alternate-content-type
text/plain
x-cache
RefreshHit from cloudfront
cache-tag
F-65632882812,FD-63671323560,P-203759,FLS-ALL
x-amz-meta-index-tag
all
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
NGZS2oocpo/AE5DsNImIwBaIDv0FVhRry1UT6biGYew2iRfIkoO17AAuN6ZIVgsqWju9GRt7DTw=
last-modified
Mon, 07 Feb 2022 07:19:40 GMT
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YiNEofxUI5yqQTDF8U8Q7yzjRkbTYVeU1TZhqv68z7RSxXwzj%2BsR83oeHFiTxNODgGx6h3hed%2FB1oBDh80XH24S%2FRYO%2FPxuHpzV%2FxOKDpidjdQVtA9GGwwSm%2FaFeeEhpH%2BWr5dT%2F1G4r9lom5ize2OPGWCj%2Bew%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
7a8659aee857d163-BUF
x-amz-cf-id
L7xNflHz5OJHBXtlMlGtxr1Z6HVm4fEFwAzg_mv-SbWxboPgY2PYvQ==
twitter-brands.svg
www.contrastsecurity.com/hubfs/Contrast_Security/icons/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.contrastsecurity.com/hubfs/Contrast_Security/icons/twitter-brands.svg
Requested by
Host: www.contrastsecurity.com
URL: https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
22a22ce06beacdda10d6b2c7fb6b35f67253a160dde48394d92d566f88fa29ea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-encoding
br
x-amz-meta-cache-tag
F-65632848683,FD-63671323560,P-203759,FLS-ALL
x-amz-request-id
BQGK5PTKA46QG03W
x-amz-server-side-encryption
AES256
edge-cache-tag
F-65632848683,FD-63671323560,P-203759,FLS-ALL
x-amz-replication-status
COMPLETED
x-hs-https-only
worker
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 15
etag
W/"def4fb053638580b897f2e3d74a7084d"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
x-amz-meta-created-unix-time-millis
1644218379493
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag
all
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 15
date
Wed, 15 Mar 2023 17:07:01 GMT
strict-transport-security
max-age=31536000
via
1.1 b5b0850774f11b0c2514532a2d3bdc44.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id
cmZO2ts.Emo8lmg22sRNE7oF1YYl4gQd
x-amz-cf-pop
JFK50-P6
x-hs-alternate-content-type
text/plain
x-cache
RefreshHit from cloudfront
cache-tag
F-65632848683,FD-63671323560,P-203759,FLS-ALL
x-amz-meta-index-tag
all
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
/361+iyFtQ6E45vXUkVX0ycJakDQ3fe4jeDPYRzOkIQ+RDujkyeGi7K+L5k5SZLKv8UTFej+fPU=
last-modified
Mon, 07 Feb 2022 07:19:40 GMT
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=47ntRBFzh66a34%2FZRemUy%2Flxkd8x2AjypXGDwFhm%2BkhmXBFhmuUw1N273eXJUZrXCB1sjauOwadwfyE4q7CXRgOvbzpmjg4Kor2dJxzzklEWJqYt6WfpHtDSzpJxRxsl7WyU7V%2BX5NBTTlE%2FuBLHGirikMhhvw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
7a8659aee858d163-BUF
x-amz-cf-id
w9mw-CQm5TriGHEhtBncAWuYaoVUrQUkqGuV_oa2jao_jiF_VVPyMQ==
pinterest-p-brands.svg
www.contrastsecurity.com/hubfs/Contrast_Security/icons/ 		859 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.contrastsecurity.com/hubfs/Contrast_Security/icons/pinterest-p-brands.svg
Requested by
Host: www.contrastsecurity.com
URL: https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
61cc2e8928226171331a00614a1d95b96de0dd64f82ce03f5797dbd3f33ac7af
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-encoding
br
x-amz-meta-cache-tag
F-65632880169,FD-63671323560,P-203759,FLS-ALL
x-amz-request-id
CPYDDP78Q49K6ZA2
x-amz-server-side-encryption
AES256
edge-cache-tag
F-65632880169,FD-63671323560,P-203759,FLS-ALL
x-amz-replication-status
COMPLETED
x-hs-https-only
worker
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 15
etag
W/"e4b54e519257cc7d404b397635f2d432"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
x-amz-meta-created-unix-time-millis
1644218379285
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag
all
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 15
date
Wed, 15 Mar 2023 17:07:01 GMT
strict-transport-security
max-age=31536000
via
1.1 1d45cc40d1dd29d2b3aaefb9f85bceee.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id
nE1d5XF.j3W7vIPBBUoRuHCBiuZEjj.M
x-amz-cf-pop
JFK50-P6
x-hs-alternate-content-type
text/plain
x-cache
RefreshHit from cloudfront
cache-tag
F-65632880169,FD-63671323560,P-203759,FLS-ALL
x-amz-meta-index-tag
all
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
HbHX62vexlSf+hMbcGACkqLkOYSbs1CEU4hOE4CnB251HbTaOh/zKUUa2iW1BgPrw0V+qDtL5nk=
last-modified
Mon, 07 Feb 2022 07:19:40 GMT
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fgAYPGlx%2Ft9H%2FRJA7hhlvh%2F%2Bx8Co0pzrHZMUDbMFLtI%2Fi4KYNRwCtRvLcz4lLYqQYRIsnOYYBq7MLJhk2GcU9ZT03an19s8kGPOfslkiSYS3hZef6TABDx%2Fww%2BK7BYqfv6DajZLewMjY8SvicxJgUnFLaqruUA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
7a8659aee859d163-BUF
x-amz-cf-id
gbQRDEXY8N_C8x-vfg1WQTYBSlPA87P-dS2hDwoE8VmIBMhsR7zWwA==
gmail.svg
www.contrastsecurity.com/hubfs/Contrast_Security/icons/ 		900 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.contrastsecurity.com/hubfs/Contrast_Security/icons/gmail.svg
Requested by
Host: www.contrastsecurity.com
URL: https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2aca9b28abafe871e244e8ac52ce25dce79e30b36b90fb4243410b7870224d6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-encoding
br
x-amz-meta-cache-tag
F-65632882814,FD-63671323560,P-203759,FLS-ALL
x-amz-request-id
WNSE2EGHR2M2A3V8
x-amz-server-side-encryption
AES256
edge-cache-tag
F-65632882814,FD-63671323560,P-203759,FLS-ALL
x-amz-replication-status
COMPLETED
x-hs-https-only
worker
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 15
etag
W/"deda33aea2bfa9216df4b9abc2d17698"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
x-amz-meta-created-unix-time-millis
1644218380253
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag
all
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 15
date
Wed, 15 Mar 2023 17:07:01 GMT
strict-transport-security
max-age=31536000
via
1.1 97e44a27a616410da5792d77e9d25f52.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id
s7nPlcWDmP.P7qTz6weMKde.vWZD44G2
x-amz-cf-pop
JFK50-P6
x-hs-alternate-content-type
text/plain
x-cache
RefreshHit from cloudfront
cache-tag
F-65632882814,FD-63671323560,P-203759,FLS-ALL
x-amz-meta-index-tag
all
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
L8VtUTQBuhqYlNTEIs5nqBSOa//86L7RlIp1ZZ43v21U2Dap7zN32nn41Ci3lE8dejeyBaYeMp/YCf9b6mkllkZgrCg+XwMwe2iLPziq2Vo=
last-modified
Mon, 07 Feb 2022 07:19:41 GMT
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9sMilFUTq921h48HNxlXM8Aa2yfjE9pRoahSnA14WBa68VpS8WdBYJwp7srqz%2FW2aPUBLd4H443he0egf2UGbEFZlobagm%2BVpqnUW5bw4%2FWwsRpVxYaqb0mlVi%2BFjPMDXrFzNJy3A2AYGXZ0KzUXLdJeaMtAFw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
7a8659aef85ad163-BUF
x-amz-cf-id
s6ha1LHG29uzaJBwsZGHPEUiJ1ommH2ogBk7gPgaFA4998dronHLew==
man_glass_dome_lightning_cropped.jpg
www.contrastsecurity.com/hubfs/ 		2 MB
2 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.contrastsecurity.com/hubfs/man_glass_dome_lightning_cropped.jpg
Requested by
Host: www.contrastsecurity.com
URL: https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
40eac68e6c3931f220fa3979d7c5c6ab54234aa99028a18b42783e6d5f82fbe6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-meta-cache-tag
F-100971286168,P-203759,FLS-ALL
x-amz-request-id
BPECKR9EMKWGZVED
x-amz-server-side-encryption
AES256
edge-cache-tag
F-100971286168,P-203759,FLS-ALL
x-amz-replication-status
COMPLETED
x-hs-https-only
worker
content-disposition
inline; filename="man_glass_dome_lightning_cropped.webp"
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 15
cf-bgj
imgq:85,h2pri
etag
"ecfece18435ee8be4bcfe918eed695f5"
vary
Accept, Accept-Encoding
access-control-allow-methods
GET
content-type
image/webp
access-control-allow-origin
*
x-amz-meta-created-unix-time-millis
1675369686824
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag
all
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 15
date
Wed, 15 Mar 2023 17:07:01 GMT
strict-transport-security
max-age=31536000
via
1.1 00266a01055b9f1e1ad959f077c1d96a.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id
NftrKfMlpoD2zvpkpszky3yea7CDgP6c
x-amz-cf-pop
JFK50-P6
x-hs-alternate-content-type
text/plain
cf-polished
qual=85, origFmt=jpeg, origSize=5441337
x-cache
RefreshHit from cloudfront
cache-tag
F-100971286168,P-203759,FLS-ALL
x-amz-meta-index-tag
all
x-amz-storage-class
INTELLIGENT_TIERING
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2577722
x-amz-id-2
e09bMs/aOrKeZKVuJwElwYVo/sRTZslkYKSurQbwbh2mTk4Xl+w4xugbJbeu3m7zAHNyK59daXk=
last-modified
Thu, 02 Feb 2023 20:28:08 GMT
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pfCxkPQni58QPNKjwwVdtJw4%2BvUVM0PzQ7VIjG9l1ZomHYS9UwoFfAUJX2nfMLNsNRw8C%2BKRbGNH%2FToMbXn3SFP0DE2ZkewSF1NqdJnIe6ow1%2FKGgnWT48SLwk7uxmm3GhHZo%2BL8ZYf%2F3dchcfN6vju4zeF9sQ%3D%3D"}],"group":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
7a8659aef85bd163-BUF
x-amz-cf-id
j6zvpdCgugwxiqmuOaLvkGf6z6nZZza2ty6FBhA8Db5Iif3oRkancw==
Screen%20Shot%202023-02-02%20at%203.32.44%20PM.png
www.contrastsecurity.com/hs-fs/hubfs/ 		36 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.contrastsecurity.com/hs-fs/hubfs/Screen%20Shot%202023-02-02%20at%203.32.44%20PM.png?width=1958&height=300&name=Screen%20Shot%202023-02-02%20at%203.32.44%20PM.png
Requested by
Host: www.contrastsecurity.com
URL: https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
881492130e51fad64966f44f7d1ae1f89832c8ef746335362f262f289f2b1568
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 15 Mar 2023 17:07:01 GMT
via
1.1 d5b8ff1568ca9900eb00feb643d95cd4.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
cache-tag
F-100972683381,P-203759,FLS-ALL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37174
cf-resized
internal=ok/m q=0 n=216+0 c=1+1 v=2023.3.3 l=37174
last-modified
Thu, 02 Feb 2023 20:33:14 GMT
cf-bgj
imgq:0,h2pri
server
cloudflare
etag
"cf2NSa4RXfkAWyPQ8zEMYAsQVP2_-6i0fH4eNTHqgUDQ:403e2f00cef616c5f5abb752c9059327"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sL7QxgHD3Mtmt7JaGTRLQjRXiED9jE1TlHIdvbC38bfoyrWEPvNW3vW2TncMDhjFCkg0NZRmWq9qWwnm6KhQJRz%2FG1W8W%2B5g3dBeYieY0gG1w8K3A9Dz5oPPj1Ua3buZiK%2B3CXu%2BlzEmyZ16HvliJqMGwH%2BA%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=1209600, s-maxage=1814400, stale-while-revalidate=900
accept-ranges
bytes
cf-ray
7a8659aef85cd163-BUF
Screen%20Shot%202023-02-02%20at%203.33.46%20PM.png
www.contrastsecurity.com/hs-fs/hubfs/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.contrastsecurity.com/hs-fs/hubfs/Screen%20Shot%202023-02-02%20at%203.33.46%20PM.png?width=1930&height=272&name=Screen%20Shot%202023-02-02%20at%203.33.46%20PM.png
Requested by
Host: www.contrastsecurity.com
URL: https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
9d7703f55a3994974b17dce3efbca33fc5c92c65f374b1fdaf5be444691051de
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 15 Mar 2023 17:07:01 GMT
via
1.1 e88ba146e70cb232a8169a449cfa5954.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
cache-tag
F-100972232880,P-203759,FLS-ALL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
18575
cf-resized
internal=ok/m q=0 n=162+0 c=3+0 v=2023.3.3 l=18575
last-modified
Thu, 02 Feb 2023 20:34:03 GMT
cf-bgj
imgq:0,h2pri
server
cloudflare
etag
"cfeWx1GNy2MQGG17mA5oA7TmDbMWRAEer1VDQt0uDUDQ:eb0d6c84f364fe100de0cad6b3cbdfa2"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YAc0q3MTJADiLu8oxHS1MY0kGlH75ViT1HDOsJfngUpV1KgHgh1hX8Z7yT8MyRWd3NuTznZPavREhq1H2TSWD1g1SGN9xp25FDwZSw9kuFvZp%2F9uMiUn7EJukBDz7Z68yc5FwqvvYigw%2F7CGv5X%2FsoOokhyO9g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=1209600, s-maxage=1814400, stale-while-revalidate=900
accept-ranges
bytes
cf-ray
7a8659aef85dd163-BUF
Screen%20Shot%202023-02-02%20at%203.34.28%20PM.png
www.contrastsecurity.com/hs-fs/hubfs/ 		52 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.contrastsecurity.com/hs-fs/hubfs/Screen%20Shot%202023-02-02%20at%203.34.28%20PM.png?width=1908&height=316&name=Screen%20Shot%202023-02-02%20at%203.34.28%20PM.png
Requested by
Host: www.contrastsecurity.com
URL: https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e785ceee94f6daec07bf17ae489cf8fe23a7d97e65ee0826033216fcb1646cf
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 15 Mar 2023 17:07:01 GMT
via
1.1 32d22faf217d2eff86ab6f104edb19d4.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
cache-tag
F-100971286454,P-203759,FLS-ALL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
53469
cf-resized
internal=ok/m q=0 n=220+0 c=2+0 v=2023.3.3 l=53469
last-modified
Thu, 02 Feb 2023 20:34:45 GMT
cf-bgj
imgq:0,h2pri
server
cloudflare
etag
"cf915T1jXvyxqNCFXio6CtskPeiOhuy5ZbxLEI7oRxDQ:f8dcc21f9bfdf61d00cb873997a37dc0"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3dVjfyhAjkLHVk1FLfAzlD7lnZR%2BR0zcwWlY8Effbc9HCEyxX0GxCux9Ix%2BMguCDyttrbQX08QT%2BwpTwi76zf2zHYrGqiGs3OBVK%2BrLOsXPqE7tQN%2F4XXAOOFNCuCWTamyBTHHJLSr09SWDHdOMamn8cG5xNxw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=1209600, s-maxage=1814400, stale-while-revalidate=900
accept-ranges
bytes
cf-ray
7a8659aef85ed163-BUF
JMSS3XwkTGodArsWjtIqq35biw7kYPntEow779qx-ioD9rE80Djn1OLYPPudKjifAO77L5FwawRuXehEnRmM6DeeN7UPlZd0sgppXvF9vlXLdGc6HwGr9blI3V3JJHVJ0ERoxeumXaTtexZNolNzZFQ
lh3.googleusercontent.com/ 		71 KB
72 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/JMSS3XwkTGodArsWjtIqq35biw7kYPntEow779qx-ioD9rE80Djn1OLYPPudKjifAO77L5FwawRuXehEnRmM6DeeN7UPlZd0sgppXvF9vlXLdGc6HwGr9blI3V3JJHVJ0ERoxeumXaTtexZNolNzZFQ
Requested by
Host: www.contrastsecurity.com
URL: https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
1e8505a9f55bcffc855116b87119c3fb382ea8d2557840abdf9df8d97dfd03b7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 15 Mar 2023 17:07:01 GMT
x-content-type-options
nosniff
server
fife
etag
"v1"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="Screen Shot 2023-01-31 at 12.48.31 PM.png"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
73125
x-xss-protection
0
expires
Thu, 16 Mar 2023 17:07:01 GMT
AkkLg_Pro_1.ttf
www.contrastsecurity.com/hubfs/Contrast_Security/fonts/akkurate-pro/ 		101 KB
38 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.contrastsecurity.com/hubfs/Contrast_Security/fonts/akkurate-pro/AkkLg_Pro_1.ttf
Requested by
Host: www.contrastsecurity.com
URL: https://www.contrastsecurity.com/hs-fs/hub/203759/hub_generated/template_assets/63747633477/1655833299996/ContrastSecurity_Hatch/css/ContrastSecurity_Hatch.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
184f68dfffd42cc5980b3fafc7d33e943796bd9d8fdc086f63a7062389ae7127
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.contrastsecurity.com/hs-fs/hub/203759/hub_generated/template_assets/63747633477/1655833299996/ContrastSecurity_Hatch/css/ContrastSecurity_Hatch.min.css
Origin
https://www.contrastsecurity.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-encoding
br
x-amz-meta-cache-tag
F-65117832295,FD-64660426355,P-203759,FLS-ALL
age
660539
x-amz-request-id
8XK07QE4E4GGM2MW
x-amz-server-side-encryption
AES256
edge-cache-tag
F-65117832295,FD-64660426355,P-203759,FLS-ALL
x-amz-replication-status
COMPLETED
x-hs-https-only
worker
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 15
etag
W/"183a2ae14f709d5764dae94c01343595"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
font/ttf
access-control-allow-origin
*
x-amz-meta-created-unix-time-millis
1643617101855
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag
all
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 15
date
Wed, 15 Mar 2023 17:07:01 GMT
strict-transport-security
max-age=31536000
via
1.1 b863f5ba2fad5306016f04b0ec05bd82.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id
4M7bICZqrgOuJG4fzzSWZ8grLFPxBfXw
x-amz-cf-pop
JFK50-P6
x-hs-alternate-content-type
text/plain
x-cache
RefreshHit from cloudfront
cache-tag
F-65117832295,FD-64660426355,P-203759,FLS-ALL
x-amz-meta-index-tag
all
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
6nhhW6wqst6D7AHW5vQ7ghMMyidTE13bjMexUMWLnwA9PeLcP+IDD4vRuwoSUxmMYc8wlfRLLdPSiEpt9RTAug==
last-modified
Mon, 31 Jan 2022 08:18:22 GMT
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ualqd8fd6%2BjmJ%2FFg3rpOwgQwdAdJNfuMWrhbhQIyz8rn%2FzoelP%2FTTy40ypPAai%2F6KFeC8lzZnXScjqh37j2JGtX5jzA02zyATwe6BbdmP4HL5V3K43N6Uxww%2BQUcUXlJlIQox2NnjUiIkBsBsPPyxlVjaBQlTg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
7a8659af185fd163-BUF
x-amz-cf-id
7uHGdzdVyQS82lDytnw1BcyunHEP_azLVaxt0rnXHPNYTzPG3cPi2g==
tyler-rosonke-full.jpeg
www.contrastsecurity.com/hubfs/ 		113 KB
114 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.contrastsecurity.com/hubfs/tyler-rosonke-full.jpeg
Requested by
Host: www.contrastsecurity.com
URL: https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
9a14437f373437d7ffa44e47eb56544d1be479b9c9bceeb1bb30c80ae743a003
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-meta-cache-tag
F-100970748709,P-203759,FLS-ALL
x-amz-request-id
DTSQ078KE3F60FTR
x-amz-server-side-encryption
AES256
edge-cache-tag
F-100970748709,P-203759,FLS-ALL
x-amz-replication-status
COMPLETED
x-hs-https-only
worker
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 15
etag
"6186e1fc2de65f85a89596bf5eb73e79"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
x-amz-meta-created-unix-time-millis
1675368841437
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag
all
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 15
date
Wed, 15 Mar 2023 17:07:01 GMT
strict-transport-security
max-age=31536000
via
1.1 98e8d6a25a47d8c375b8e41be88fdb58.cloudfront.net (CloudFront)
cf-cache-status
MISS
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id
cUw2P0I_KZnNui12qhrO2j63apdmBjzP
x-amz-cf-pop
ORD51-C2
x-hs-alternate-content-type
text/plain
x-cache
RefreshHit from cloudfront
cache-tag
F-100970748709,P-203759,FLS-ALL
x-amz-meta-index-tag
all
x-amz-storage-class
INTELLIGENT_TIERING
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
115893
x-amz-id-2
BZDABVXmNJDBOSdfNhVSASWvwlZ0+tnF2vQIq2FQjKMoiD2PdGI0KReoUb3eJndpy5yZOrPr3sY=
last-modified
Thu, 02 Feb 2023 20:14:02 GMT
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3Z0YNCgrfdJ1BBeH4ATI09pDbtUVbKTsIm1gyFSmoj0O%2FojzJs8IjwUCwl1MF4mi4RvGjEanl%2BkadmzE0qfOQCp6mDlfAqr8a690q8RI%2FgYJYyjROrh%2BNTKNVm0yfS9%2BchM0%2BpTQdZ5uSIhZn%2FpEJc63VNyq8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
7a8659af2861d163-BUF
x-amz-cf-id
-sOQNuWvOUOSy8eKdSA6HwuzfnXyV09rg4U3e2cIk1kaslaKzaLL4Q==
json
www.contrastsecurity.com/_hcms/forms/embed/v3/form/203759/d5119674-29b8-49ed-84e9-c6474317557a/ 		99 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.contrastsecurity.com/_hcms/forms/embed/v3/form/203759/d5119674-29b8-49ed-84e9-c6474317557a/json?hs_static_app=forms-embed&hs_static_app_version=1.2802&X-HubSpot-Static-App-Info=forms-embed-1.2802
Requested by
Host: www.contrastsecurity.com
URL: https://www.contrastsecurity.com/_hcms/forms/v2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
d828b7c2a3efb24e7febcd1f5ceea0341d17a17cbad2408514323a526081aaa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-origin-hublet
na1
date
Wed, 15 Mar 2023 17:07:01 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id
317e9c3b-e94c-432b-bed0-a2c010c881b7
x-hs-https-only
worker
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
server
cloudflare
x-trace
2B1D9FC38D881677A31BCBB12E2A4CE8C91D131453000000000000000000
vary
origin, Accept-Encoding
access-control-allow-methods
OPTIONS, GET
content-type
application/json;charset=utf-8
access-control-max-age
180
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4FeoqpYqIgAsGH2JlLaIUiK%2Bs0xo5hlyNYP2kZNij6wwCN6j4y%2FpTE4OZqAur38IEYCKQLdDv1m0%2FWmbXZj7FYVfcpHJc8rP8zFrwvtsQmw5j%2Bn4BeNLPp7g60FuMKLFBmt%2FgifEjlWIMQXebsOX5AsVPiYz3Q%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
X-Origin-Hublet
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
false
cf-ray
7a8659afa86ad163-BUF
access-control-allow-headers
*
x-robots-tag
none
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5XQWKJ9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::200e Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 15 Mar 2023 16:57:25 GMT
last-modified
Tue, 10 Jan 2023 21:29:14 GMT
server
Golfe2
age
577
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20085
expires
Wed, 15 Mar 2023 18:57:25 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/950431113/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/950431113/?random=1678900022107&cv=11&fst=1678900022107&bg=ffffff&guid=ON&async=1&gtm=45He33d0&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.contrastsecurity.com%2Fsecurity-influencers%2Fjson-based-sql-attacks-bypassed-wafs-but-not-contrast-protect%3Fq_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS%3DRnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp%26sbrc%3D1wGsyCQjr8pAwDDsy6HGBpw%253D%253D%2524pECVbt4LswguGO0xxLRV6Q%253D%253D&tiba=JSON-based%20SQL%20attacks%20bypassed%20WAFs%20but%20not%20Contrast%20Protect%20RASP%20technology%20%7C%20Contrast%20Security&auid=1654955265.1678900022&uamb=0&uaw=0&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5XQWKJ9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c773f82a0574fc3faa66aaf223b1e10320d5ada56e0856f75b07acf6ab9e761a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Mar 2023 17:07:02 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1449
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bat.js
bat.bing.com/ 		40 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5XQWKJ9
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
a2137ebfe2b9ff55e1f280dbb1eef301290c50db609c5d6a0494ae8f3c98c253
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
date
Wed, 15 Mar 2023 17:07:01 GMT
last-modified
Thu, 16 Feb 2023 18:31:53 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: E49C14222B92479D90AC4E300E524454 Ref B: NYCEDGE1717 Ref C: 2023-03-15T17:07:02Z
etag
"8072cff03442d91:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
11894
uwt.js
static.ads-twitter.com/ 		56 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5XQWKJ9
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.32.157 Ashburn, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 15 Mar 2023 17:07:02 GMT
content-encoding
gzip
last-modified
Thu, 27 Oct 2022 18:55:37 GMT
x-amz-server-side-encryption
AES256
etag
"32ad004436155ec972bc50e6238b5b67+gzip"
vary
Accept-Encoding,Host
x-cache
HIT
content-type
application/javascript; charset=utf-8
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn
FT
cache-control
no-cache
accept-ranges
bytes
content-length
15375
x-served-by
cache-iad-kjyo7100124-IAD
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/650436320/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/650436320/?random=1678900022118&cv=11&fst=1678900022118&bg=ffffff&guid=ON&async=1&gtm=45He33d0&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.contrastsecurity.com%2Fsecurity-influencers%2Fjson-based-sql-attacks-bypassed-wafs-but-not-contrast-protect%3Fq_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS%3DRnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp%26sbrc%3D1wGsyCQjr8pAwDDsy6HGBpw%253D%253D%2524pECVbt4LswguGO0xxLRV6Q%253D%253D&tiba=JSON-based%20SQL%20attacks%20bypassed%20WAFs%20but%20not%20Contrast%20Protect%20RASP%20technology%20%7C%20Contrast%20Security&auid=1654955265.1678900022&uamb=0&uaw=0&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5XQWKJ9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
11b59d3405edafbb270bb5675c1283aab203a7a8d5c3266e0f70e1bb87132f10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Mar 2023 17:07:02 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1451
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/650497777/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/650497777/?random=1678900022120&cv=11&fst=1678900022120&bg=ffffff&guid=ON&async=1&gtm=45He33d0&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.contrastsecurity.com%2Fsecurity-influencers%2Fjson-based-sql-attacks-bypassed-wafs-but-not-contrast-protect%3Fq_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS%3DRnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp%26sbrc%3D1wGsyCQjr8pAwDDsy6HGBpw%253D%253D%2524pECVbt4LswguGO0xxLRV6Q%253D%253D&tiba=JSON-based%20SQL%20attacks%20bypassed%20WAFs%20but%20not%20Contrast%20Protect%20RASP%20technology%20%7C%20Contrast%20Security&auid=1654955265.1678900022&uamb=0&uaw=0&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5XQWKJ9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8f1e000eb589eb04573bd931a115e5bcf06035ccb8ca702baee06d68926d10fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Mar 2023 17:07:02 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1449
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/461755762/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/461755762/?random=1678900022121&cv=11&fst=1678900022121&bg=ffffff&guid=ON&async=1&gtm=45He33d0&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.contrastsecurity.com%2Fsecurity-influencers%2Fjson-based-sql-attacks-bypassed-wafs-but-not-contrast-protect%3Fq_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS%3DRnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp%26sbrc%3D1wGsyCQjr8pAwDDsy6HGBpw%253D%253D%2524pECVbt4LswguGO0xxLRV6Q%253D%253D&tiba=JSON-based%20SQL%20attacks%20bypassed%20WAFs%20but%20not%20Contrast%20Protect%20RASP%20technology%20%7C%20Contrast%20Security&auid=1654955265.1678900022&uamb=0&uaw=0&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5XQWKJ9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3f005b4cb1c2061c7f512888a26e01f128d5ea66f41203bde06fe12237706ac8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Mar 2023 17:07:02 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1450
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
insight.min.js
snap.licdn.com/li.lms-analytics/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5XQWKJ9
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d::17db:5c72 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
f56ccb2db87aacedd9415232e40f80bff9939703df2f9c3f9ec8a092e545349f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 15 Mar 2023 17:07:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 10 Jan 2023 17:22:56 GMT
x-cdn
AKAM
vary
Accept-Encoding
content-type
application/x-javascript;charset=utf-8
cache-control
max-age=33964
accept-ranges
bytes
content-length
4777
pixel.js
www.redditstatic.com/ads/ 		23 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.redditstatic.com/ads/pixel.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5XQWKJ9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
cda252dc01c656d59193d8d696f26c3e95f10b87711e2413e28362532bae984a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 15 Mar 2023 17:07:02 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
last-modified
Mon, 23 Jan 2023 21:56:14 GMT
server
snooserv
nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
etag
"03d5db9dfd00a5719bb4c9261e6fa1bb"
vary
Accept-Encoding,Origin
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}
content-type
application/javascript
cache-control
public, max-age=60
accept-ranges
bytes
content-length
7356
sl.js
scout-cdn.salesloft.com/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scout-cdn.salesloft.com/sl.js
Requested by
Host: www.contrastsecurity.com
URL: https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:de5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4a007af67f716c30c8848ab0ad0bfaab8a5fcf3e36dedf918b59c9429d522440
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 15 Mar 2023 17:07:02 GMT
x-amz-version-id
6anzvBQcvmaBDc8BSO9zI6Th.IIiwArc
content-encoding
br
cf-cache-status
HIT
strict-transport-security
max-age=0
x-amz-request-id
V5V4X1CS8R3NF516
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
mHK55DTlRGpmh0qjbPbactKwshrd2mD6k1NWU74F1MkFLI+oRT8S3XP6qvvP6rbYB+MKS+k/0+Y=
last-modified
Mon, 13 Dec 2021 16:28:37 GMT
server
cloudflare
etag
W/"d74cc4825c8e333b2116da3fcc649db1"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=14400
cf-ray
7a8659b33d7ad157-BUF
expires
Wed, 15 Mar 2023 21:07:02 GMT
integrations-hubspot-v1.js
fast.wistia.com/static/ 		15 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fast.wistia.com/static/integrations-hubspot-v1.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5XQWKJ9
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:600::622 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
687447b1c8ee82ab58bbe298a20ad491a79c54bdccb3bad19198d635252d21d6
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 15 Mar 2023 17:07:02 GMT
content-encoding
br
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=0
age
492
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
4005
x-served-by
cache-iad-kiad7000027-IAD, cache-ewr18132-EWR
x-browser-version
111
last-modified
Tue, 07 Mar 2023 01:17:35 GMT
server
AmazonS3
x-timer
S1678900022.297370,VS0,VE0
etag
"c4b9c137dc4e560a04cc1f2c591e35a5"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=3600
x-browser
chrome
asset-version
8b5a8e2942aa22cc6aa787307a527a76f1188dd2
x-ecma-v
modern
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
4, 2
gip
api.kickfire.com/ 		20 B
149 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.kickfire.com/gip
Requested by
Host: www.contrastsecurity.com
URL: https://www.contrastsecurity.com/hs/hsstatic/jquery-libs/static-1.4/jquery/jquery-1.11.2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.167.211.225 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-167-211-225.us-west-2.compute.amazonaws.com
Software
Apache / PHP/7.2.34
Resource Hash
b7074e890c28182579f0eb12696eac276a9d7f937af3c91e0167b7a9c7284fc3

Request headers

Accept
*/*
Referer
https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 15 Mar 2023 17:07:02 GMT
server
Apache
x-powered-by
PHP/7.2.34
content-type
text/html; charset=UTF-8
tracking.js
trk.techtarget.com/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://trk.techtarget.com/tracking.js
Requested by
Host: www.contrastsecurity.com
URL: https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:c9f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c07b854855b0e2bd7839c3659defa45307e96e281b3c00571d09f213eb6a76e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 15 Mar 2023 17:07:02 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Tue, 13 Dec 2022 15:01:39 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=1200
cf-ray
7a8659b36abbd15f-BUF
expires
Wed, 15 Mar 2023 17:08:24 GMT
fbevents.js
connect.facebook.net/en_US/ 		107 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.contrastsecurity.com
URL: https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0fca0294cfaf24a4db0852415eee7bcdea7b9766d59e443fb2d5f0c77eb23363
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 15 Mar 2023 17:07:02 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27907
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
9Jsn1eO5002xHp1ULf2uZOJ7Ta4A0IU5bb/Bc9/n11WFAUOBSCPwalQ4oq/EPnlug3O18oeXuGixawlBZZ5+qg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
1512268381
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
qualified.js
js.qualified.com/ 		205 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.qualified.com/qualified.js?token=PK6AWFzWvCM5V41V
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5XQWKJ9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1005 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8d1a9ea42204a6bb7cd5dbb488fb1b0fdd26a2020cd3a39bd6aab817df3e408c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 15 Mar 2023 17:07:02 GMT
content-encoding
gzip
via
1.1 spaces-router (b3988cb8a3c5)
strict-transport-security
max-age=63072000; includeSubDomains
cf-cache-status
HIT
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
x-xss-protection
1; mode=block
x-request-id
7ca27318-8a83-1cb9-2487-9f039c775852
x-runtime
0.015582
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"1c26906c599fb60851c5eab08a7a1dd7"
x-download-options
noopen
vary
Accept,Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
public, max-age=14400
cf-ray
7a8659b3af05d153-BUF
expires
Wed, 15 Mar 2023 21:07:02 GMT
loop.bundle.js
v2.listenloop.com/ 		194 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://v2.listenloop.com/loop.bundle.js
Requested by
Host: www.contrastsecurity.com
URL: https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:dfcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c5e9293ea82b1586a5d5727fbee2a0344a3423c422e276015743da8011d2ef9c
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 15 Mar 2023 17:07:02 GMT
x-amz-version-id
5Ig0Py7TBiugipZvNLcx2fASo5_3f9I_
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
CZSRQA15PET9X0C9
age
5067
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
nelkRJHBQYu137xsCpPdcnby37dbersT5fviryNGTq0ewiduvwLZfLCZp3LCpUc79Ri+VPeNMNY=
last-modified
Mon, 13 Mar 2023 07:15:01 GMT
server
cloudflare
etag
W/"60d66ef2ec1c2acf3fa3552ca948e4f8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wm%2FrjSKPs90otmDmiZoOzkaVfbA84nczVyHzm5gSYvg%2BKJ6wRC8S8Cfu0ySogDYJc%2BnOw0Nz9ucbllXEEkko65DKe0VgSGFUtSDjfHKViV8NY059R3kVodRBQRFWWE9f1tPFE80%2FtrFC1bj3LwS3uw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
SAMEORIGIN
cache-control
max-age=1800
cf-ray
7a8659b3adcdc3f0-EWR
hotjar-2245678.js
static.hotjar.com/c/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-2245678.js?sv=6
Requested by
Host: www.contrastsecurity.com
URL: https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.106.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-106-124.jfk50.r.cloudfront.net
Software
/
Resource Hash
f87af415922ee2089349c94a4fa8e803e39b8cd5fbcd925c87a29f91bf52cc95
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
br
x-content-type-options
nosniff
date
Wed, 15 Mar 2023 17:07:02 GMT
via
1.1 6104f765cfecf9c49eb7195c359eea46.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P3
age
4
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
etag
W/02185cf4fdbffb40126dceeae711217c
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
cache-control
max-age=60
x-amz-cf-id
WRWbUZdwpNCfHdkgNkWQxffDFRzaOcGiGKExvL_EYXCQIm4qZ4g0pg==
spx
dx.mountain.com/ 		14 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dx.mountain.com/spx?dxver=4.0.0&shaid=33821&tdr=&plh=https%3A%2F%2Fwww.contrastsecurity.com%2Fsecurity-influencers%2Fjson-based-sql-attacks-bypassed-wafs-but-not-contrast-protect%3Fq_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS%3DRnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp%26sbrc%3D1wGsyCQjr8pAwDDsy6HGBpw%253D%253D%2524pECVbt4LswguGO0xxLRV6Q%253D%253D&cb=14296875196601788term=value
Requested by
Host: www.contrastsecurity.com
URL: https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.209.137.118 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-209-137-118.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
97b0e1537131a895a2a2d9ac6beb9519c2a862e50913c18bd647b4493567447a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 15 Mar 2023 17:07:02 GMT
content-encoding
gzip
server
istio-envoy
vary
origin,access-control-request-method,access-control-request-headers,accept-encoding
transfer-encoding
chunked
content-type
application/javascript;charset=utf-8
x-envoy-upstream-service-time
3
be
spx-prod
expires
Thu, 01 Jan 1970 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		245 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-LVG2KS7RHZ&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5XQWKJ9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2008 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
49f3ae9f44e3fbdd37f8f8bb595236e58eeb708b0c03b10bce6b0cbda4575e4d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 15 Mar 2023 17:07:02 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
84173
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 15 Mar 2023 17:07:02 GMT
950431113
google.com/pagead/form-data/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://google.com/pagead/form-data/950431113?em=tv.1&gtm=45He33d0&auid=1654955265.1678900022
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5XQWKJ9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::200e Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers
950431113
google.com/ccm/form-data/ 		0
172 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://google.com/ccm/form-data/950431113?em=tv.1&gtm=45He33d0&auid=1654955265.1678900022
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5XQWKJ9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::200e Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Mar 2023 17:07:02 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.contrastsecurity.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ei.js
web-analytics.engagio.com/js/ 		0
0
all.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/all.js
Requested by
Host: www.contrastsecurity.com
URL: https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
5a1c33f841d234aa6239999b503f9221f38b0fd85360dc5be4309f762beb42ac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 15 Mar 2023 17:07:02 GMT
content-md5
efXiwpajlLZYQPsPhxyUww==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1686
x-fb-rlafr
0
x-fb-debug
kQya/o1OSMG2Ll4N2YeP1COXYzW/bWzDf3ertIWfUoHVdow3AieaDP+eyTbM957wOPtOVaBmOhjdjd0aAl2+1Q==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
1512268381
x-fb-content-md5
fc103b16b8d8736758c56c78c524397d
cross-origin-opener-policy
same-origin-allow-popups
etag
"3e1284de23d35fc739c258a7e437423b"
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?0
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
x-frame-options
DENY
timing-allow-origin
*
priority
u=3,i
expires
Wed, 15 Mar 2023 17:26:14 GMT
widgets.js
platform.twitter.com/ 		91 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: www.contrastsecurity.com
URL: https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.32.157 Ashburn, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
392c9fa9cd1273a2a89d1a83a69cd1f63f21d1d55e7be21e1d8f51f25145668b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 15 Mar 2023 17:07:02 GMT
content-encoding
gzip
x-amz-server-side-encryption
AES256
x-cache
HIT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-length
27630
x-served-by
cache-iad-kjyo7100159-IAD
last-modified
Tue, 24 Jan 2023 21:41:51 GMT
etag
"9e99725b7a4cd730a934afba2a438bb5+gzip"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=1800
accept-ranges
bytes
tw-cdn
FT
leadflows.js
js.hsleadflows.net/ 		545 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hsleadflows.net/leadflows.js
Requested by
Host: www.contrastsecurity.com
URL: https://www.contrastsecurity.com/hs/scriptloader/203759.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:eacc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fab06beda6c8c452e25e0adee818c31d7fb0b8381d370d3dcbb9d62ec8107860

Request headers

Referer
https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
Origin
https://www.contrastsecurity.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 15 Mar 2023 17:07:02 GMT
x-amz-version-id
waE9SUXeTvXi6sWFWRT4B49N3dJ8yImu
via
1.1 d0d53eedec01ac540f737b5fafb16436.cloudfront.net (CloudFront)
cf-cache-status
HIT
content-encoding
br
x-amz-cf-pop
IAD12-P3
x-amz-server-side-encryption
AES256
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=lead-flows-js/static-1.1163/bundle/main/lead-flows-release.js&cfRay=7a85e7b33c43c452-IAD
x-cache
Hit from cloudfront
cache-tag
staticjsapp-lead-flows-cloudflare-web-prod,staticjsapp-prod
x-amz-replication-status
COMPLETED
last-modified
Thu, 02 Mar 2023 09:43:53 UTC
server
cloudflare
etag
W/"15b55a577dac25b07b6c519f5d1a3aec"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-hs-cache-status
MISS
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
cache-control
s-maxage=86400, max-age=0
cf-ray
7a8659b68dd5d157-BUF
x-amz-cf-id
Q7hLV0pVTfgHdW52ykaLF5RYsxJYMxrI2wcQO9tSPqIbpBVe1TjzQQ==
x-hs-target-asset
lead-flows-js/static-1.1163/bundle/main/lead-flows-release.js
203759.js
js.hs-analytics.net/analytics/1678899900000/ 		65 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-analytics.net/analytics/1678899900000/203759.js
Requested by
Host: www.contrastsecurity.com
URL: https://www.contrastsecurity.com/hs/scriptloader/203759.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:46b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6aad33bea9ac6904dd79d4d47f0433b1eaa26e6c188e3652f7f0ddac9189b0a7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 15 Mar 2023 17:07:02 GMT
x-amz-version-id
null
content-encoding
br
cf-cache-status
MISS
x-amz-request-id
GQ65QPH6WJ7ME5MQ
x-amz-server-side-encryption
AES256
x-amz-id-2
UTZvJpdei6qFmJQZ2vh96N3ap8TG9O3aUmQckJfI58CPrxj0nsxOnyLduRNSTuMl9ge8FV6ZPNhCTxCLU87XGg==
last-modified
Tue, 07 Mar 2023 17:57:43 GMT
server
cloudflare
etag
W/"1efb303e9a8b9d654a153bd9a9e1c6fa"
vary
origin, Accept-Encoding
content-type
text/javascript
cache-control
max-age=300, public
access-control-allow-credentials
false
cf-ray
7a8659b679a4d15b-BUF
expires
Wed, 15 Mar 2023 17:12:02 GMT
203759.js
js.hs-banner.com/ 		60 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-banner.com/203759.js
Requested by
Host: www.contrastsecurity.com
URL: https://www.contrastsecurity.com/hs/scriptloader/203759.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:21ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c99b5a4820a459f0dd39399be5fe6af5f8b4574524c1e8de67fad8cf0098cdad

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 15 Mar 2023 17:07:02 GMT
x-amz-version-id
niyWyIyBc5kkc9dPAVD3dImJ.NRU1XVp
content-encoding
br
cf-cache-status
REVALIDATED
x-amz-request-id
SQ7YGKZW39CCPQ5A
x-amz-server-side-encryption
AES256
x-amz-id-2
rxOxmCrK1wgBk14JIndRqqTK+6+vgl98mmhbsZAMwpUvVrQTbwfMAaSxwa4UYhc3dG0V7KRtmXc=
last-modified
Tue, 07 Mar 2023 01:47:49 GMT
server
cloudflare
etag
W/"4061140d85f1963813f8bad4ce90495d"
access-control-max-age
604800
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
https://www.contrastsecurity.com
access-control-expose-headers
x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control
max-age=300, public
access-control-allow-credentials
true
vary
origin, Accept-Encoding
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray
7a8659b68f33d153-BUF
expires
Wed, 15 Mar 2023 17:12:02 GMT
api.min.css
a.omappapi.com/app/js/ 		18 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://a.omappapi.com/app/js/api.min.css
Requested by
Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c454::1 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
BunnyCDN-NY1-885 /
Resource Hash
103f4d3fbc08fff41f2ddb722186887b3d8977d2a7da27e7ed0f2f5752dc339f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 15 Mar 2023 17:07:02 GMT
content-encoding
br
cdn-edgestorageid
885
perma-cache
HIT
cdn-storageserver
NY-266
cdn-cachedat
02/22/2023 04:23:21
cdn-pullzone
293267
last-modified
Wed, 22 Feb 2023 04:22:39 GMT
server
BunnyCDN-NY1-885
cdn-fileserver
426
cdn-requestpullcode
200
cdn-proxyver
1.03
etag
W/"63f5988f-464c"
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
efcab737-66db-4b75-ab55-ed485d5a01dd
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=31919000
cdn-requestid
97545c77ba59ec27d08a511d86d4e042
cdn-requestcountrycode
US
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
80926
api.omappapi.com/v2/embed/ 		165 B
613 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.omappapi.com/v2/embed/80926?d=contrastsecurity.com
Requested by
Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.61.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-61-11.ewr53.r.cloudfront.net
Software
Pagely Gateway/1.5.1 /
Resource Hash
b934ce9883949e7bceb88fa78a354125eefc85715f7e54da8ff529c94ebab0fe

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 15 Mar 2023 17:07:02 GMT
x-user-agent
standard--
via
1.1 0146c8129cacdacca96753291cf27ec4.cloudfront.net (CloudFront)
x-cache-config
0 0
server
Pagely Gateway/1.5.1
x-amz-cf-pop
EWR53-P1
vary
Accept-Encoding, User-Agent
x-cache
Error from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=120, stale-while-revalidate=1800
access-control-allow-headers
X-CSRF-Token
content-length
165
x-amz-cf-id
7usmESXkpK7fiKwD3wTQvWeVcym5XWP9H4KYHoNNmZU_odRyYXlTiw==
expires
Wed, 15 Mar 2023 17:08:17 GMT
has-permission
app.hubspot.com/content-tools-menu/api/v1/tools-menu/ 		0
343 B 		Script
General
Check archive.org
Download Go to
Full URL
https://app.hubspot.com/content-tools-menu/api/v1/tools-menu/has-permission?portalId=203759&callback=jsonpHandler
Requested by
Host: www.contrastsecurity.com
URL: https://www.contrastsecurity.com/hs/hsstatic/HubspotToolsMenu/static-1.154/js/index.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 15 Mar 2023 17:07:03 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
DYNAMIC
x-hs-worker-debug-mode
false
server
cloudflare
x-hubspot-correlation-id
54599904-d588-45db-8d92-a34d8ada7e72
x-trace
2B9DD928625A3A2EA4EA1EDF83014D476C54B9B509000000000000000000
vary
origin, Accept-Encoding
access-control-allow-methods
GET
report-to
{"group":"default","max_age":86400,"endpoints":[{"url":"https://exceptions.hubspot.com/csp/reports"}]}
cache-control
max-age=0
access-control-allow-credentials
true
cf-ray
7a8659b669a3d15b-BUF
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
reporting-endpoints
default="https://exceptions.hubspot.com/csp/reports?cfRay=7a8659b669a3d15b&resource=unknown"
tracking.min.js
kalendar.ai/
Redirect Chain
  • https://kriya.ai/tracking.min.js?t=1678924800000
  • https://kalendar.ai/tracking.min.js?t=1678924800000
5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kalendar.ai/tracking.min.js?t=1678924800000
Requested by
Host: www.contrastsecurity.com
URL: https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
Protocol
H2
Server
2606:4700:20::681a:e5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
593de17f9bd2a63685ce3283b87d8c94ccb96cab26c48d4c1e80b72077f31dc7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 15 Mar 2023 17:07:03 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 15 Mar 2023 09:50:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
6902
etag
W/"641194c8-14f2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ay6LbiCb74h4ZBjPJbZnVN8nPLhuE8j3gE6ZgxU3W4uIfz51uZzTRb6eyPjxuTgzaGtu1NB4ImTrFwG%2B5IRUMXfR1olWfXYINtIPXrP%2FqYacWZCf07UdM0Ilhx9r3qu7c%2Fq4OORR3DaB"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
7a8659b9fac342a4-EWR

Redirect headers

date
Wed, 15 Mar 2023 17:07:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qyzTp6DdTdOgiJQDksa%2FBAZvnqnb3jBaWxVC0aJcTyURM0wbXDAsc5SFhd8TCPFG%2F0MNOS4hsPTKOEfH9Mokv9aRAvjgrVhjbS8PzP3CTcBScen8Q8GsQ31vK9s7Ya3sXS2XZ7D4"}],"group":"cf-nel","max_age":604800}
location
https://kalendar.ai/tracking.min.js?t=1678924800000
cache-control
max-age=3600
cf-ray
7a8659b6dc6541bd-EWR
expires
Wed, 15 Mar 2023 18:07:02 GMT
counters.gif
forms.hsforms.com/embed/v3/ 		35 B
667 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://forms.hsforms.com/embed/v3/counters.gif?key=forms-embed-v2-DEFINITION_SUCCESS&count=1
Requested by
Host: www.contrastsecurity.com
URL: https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5805 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Wed, 15 Mar 2023 17:07:03 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
CF-Cache-Status
DYNAMIC
X-HubSpot-Correlation-Id
38fa3213-2133-4b8f-bfad-f03de7f41346
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
35
Server
cloudflare
X-Trace
2BD075FA3D16CD8BE61459AFD29925A31260860F4E000000000000000000
Vary
origin
Content-Type
image/gif
Access-Control-Expose-Headers
X-Origin-Hublet
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
false
X-Robots-Tag
none
CF-RAY
7a8659b8498cd163-BUF
collect
stats.g.doubleclick.net/j/ 		2 B
353 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-32996095-1&cid=1563720877.1678900023&jid=1420359281&gjid=867226364&_gid=2142880641.1678900023&_u=YGBAgEABAAAAAEAAI~&z=776698514
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Wed, 15 Mar 2023 17:07:03 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.contrastsecurity.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j99&a=420312183&t=pageview&_s=1&dl=https%3A%2F%2Fwww.contrastsecurity.com%2Fsecurity-influencers%2Fjson-based-sql-attacks-bypassed-wafs-but-not-contrast-protect%3Fq_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS%3DRnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp%26sbrc%3D1wGsyCQjr8pAwDDsy6HGBpw%253D%253D%2524pECVbt4LswguGO0xxLRV6Q%253D%253D&ul=en-us&de=UTF-8&dt=JSON-based%20SQL%20attacks%20bypassed%20WAFs%20but%20not%20Contrast%20Protect%20RASP%20technology%20%7C%20Contrast%20Security&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgEABAAAAAAAAI~&jid=1420359281&gjid=867226364&cid=1563720877.1678900023&tid=UA-32996095-1&_gid=2142880641.1678900023&gtm=45He33d0n815XQWKJ9&z=2116665557
Requested by
Host: www.contrastsecurity.com
URL: https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::200e Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Mar 2023 03:29:54 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
49029
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
company:(all)
api.kickfire.com/v2/ 		143 B
350 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.kickfire.com/v2/company:(all)?ip=UU3d75C5G6OWcm0%3D&key=a87c7733efaab751
Requested by
Host: www.contrastsecurity.com
URL: https://www.contrastsecurity.com/hs/hsstatic/jquery-libs/static-1.4/jquery/jquery-1.11.2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.167.211.225 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-167-211-225.us-west-2.compute.amazonaws.com
Software
Apache / PHP/7.2.34
Resource Hash
2cabb172719c507c74a377112eee344baab7b522fdcb5a90f516b076589a6e13

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 15 Mar 2023 17:07:03 GMT
server
Apache
x-powered-by
PHP/7.2.34
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
*
content-type
application/json
lib.js
stats.sa-as.com/ 		1 KB
986 B 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.sa-as.com/lib.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5XQWKJ9
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.128.119.150 , United States, ASN7151 (BAYAREA-AS, US),
Reverse DNS
209-128-119-150.bayarea.net
Software
Apache /
Resource Hash
44b7fb6f761a2e8bf64400e3311c4c4bf343e888ee1b8bbf125881c4617ed70f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Wed, 15 Mar 2023 17:00:02 GMT
Strict-Transport-Security
max-age=15552000; includeSubDomains
Content-Encoding
gzip
Last-Modified
Fri, 14 Apr 2017 20:48:27 GMT
Server
Apache
ETag
"7200a7-52e-54d2690345cc0"
Vary
Accept-Encoding
Content-Type
text/javascript
Connection
close
Accept-Ranges
bytes
Content-Length
630
cta-json
cta-service-cms2.hubspot.com/ctas/v2/public/cs/ 		5 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cta-service-cms2.hubspot.com/ctas/v2/public/cs/cta-json?canon=https%3A%2F%2Fwww.contrastsecurity.com%2Fsecurity-influencers%2Fjson-based-sql-attacks-bypassed-wafs-but-not-contrast-protect&pageId=100983843633&pid=203759&sv=cta-embed-js-static-1.140&rdy=1&cos=1&df=t&pg=eafb7e72-9819-43d8-8d17-63c5cc055525
Requested by
Host: www.contrastsecurity.com
URL: https://www.contrastsecurity.com/hs/cta/cta/current.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e49aa5dc047c6e400f50c9f1c079b5097612785ac980662f6a92220fbf1ff00f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-origin-hublet
na1
date
Wed, 15 Mar 2023 17:07:03 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id
3a857125-c2c1-4bfc-ab77-ef90ffa527bb
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
server
cloudflare
x-trace
2B03A01F1F71ECBCED5A3D6C9B6B7E83650AFEE41E000000000000000000
vary
origin
access-control-allow-methods
OPTIONS, GET
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.contrastsecurity.com
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tiNBieiB6nI6IEjrbi7m05PsfGqOlbXpXXtnwIbJK4ENNsi6eBDQbS9eA6WUEHZfYvuSe7JpNEAPwwns2n8o9PhJ5JEqGJgYfnZ9%2FWSS2OMUwlT%2ByRfmNLl%2B86ZSoDfRjDN7WVeIB9prJEAUBIaaSLExyomqaddp6Is%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
X-Origin-Hublet
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
access-control-max-age
180
x-robots-tag
noindex, follow
access-control-allow-headers
Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent
cf-ray
7a8659b879dbd15b-BUF
token
cdn.linkedin.oribi.io/partner/1155724,1283858/domain/contrastsecurity.com/ 		40 B
381 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.linkedin.oribi.io/partner/1155724,1283858/domain/contrastsecurity.com/token
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21ec:2c00:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
7068c1b8692f0dd5312190a1ff76f4ac6e0791d8bbd7e47c08acf1436daffac8

Request headers

Accept
*
Referer
https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 15 Mar 2023 16:39:44 GMT
content-encoding
gzip
via
1.1 671b6837b1f5908956524bc8798dab1e.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK51-C1
age
1639
vary
accept-encoding
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=3600
x-amz-cf-id
BvetJUpPDBX2wYvebn_Q68w0Mj-aBzj4WIME00klDZ4CqOV9EfwmNQ==
collect
px4.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1283858%2C1155724&time=1678900023140&url=https%3A%2F%2Fwww.contrastsecurity.com%2Fsecurity-influencers%2Fjson-based-sql-attacks-bypassed-wafs-but-...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1283858%2C1155724&time=1678900023140&url=https%3A%2F%2Fwww.contrastsecurity.com%2Fsecurity-influencers%2Fjson-based-sql-attacks-bypassed-wafs-but-...
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1283858%252C1155724%26time%3D1678900023140%26url%3Dhttps%253A%252F%252Fwww.contra...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1283858%2C1155724&time=1678900023140&url=https%3A%2F%2Fwww.contrastsecurity.com%2Fsecurity-influencers%2Fjson-based-sql-attacks-bypassed-wafs-but-...
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1283858%2C1155724&time=1678900023140&url=https%3A%2F%2Fwww.contrastsecurity.com%2Fsecurity-influencers%2Fjson-based-sql-attacks-bypassed-wafs-but...
0
490 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1283858%2C1155724&time=1678900023140&url=https%3A%2F%2Fwww.contrastsecurity.com%2Fsecurity-influencers%2Fjson-based-sql-attacks-bypassed-wafs-but-not-contrast-protect%3Fq_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS%3DRnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp%26sbrc%3D1wGsyCQjr8pAwDDsy6HGBpw%253D%253D%2524pECVbt4LswguGO0xxLRV6Q%253D%253D&cookiesTest=true&liSync=true&e_ipv6=AQIlpwT9ookqYgAAAYbmPVJYc6Aju-uZaFRuLpnlVwz_htF9x-fCn5uADyp5aR70_4G-XQ
Requested by
Host: www.contrastsecurity.com
URL: https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 15 Mar 2023 17:07:03 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: DB31771BC1DA426CB98DC39DB44ECDFE Ref B: EWR311000107047 Ref C: 2023-03-15T17:07:04Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
content-type
application/javascript
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAX281+L8C1B0oX3RPHivw==

Redirect headers

date
Wed, 15 Mar 2023 17:07:03 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 2FDA6805B9314B14BD81536E8841D9BB Ref B: EWR311000101029 Ref C: 2023-03-15T17:07:03Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
location
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1283858%2C1155724&time=1678900023140&url=https%3A%2F%2Fwww.contrastsecurity.com%2Fsecurity-influencers%2Fjson-based-sql-attacks-bypassed-wafs-but-not-contrast-protect%3Fq_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS%3DRnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp%26sbrc%3D1wGsyCQjr8pAwDDsy6HGBpw%253D%253D%2524pECVbt4LswguGO0xxLRV6Q%253D%253D&cookiesTest=true&liSync=true&e_ipv6=AQIlpwT9ookqYgAAAYbmPVJYc6Aju-uZaFRuLpnlVwz_htF9x-fCn5uADyp5aR70_4G-XQ
x-li-proto
http/2
content-length
0
x-li-uuid
AAX281+JiSFNRv9H/xOiPw==
token
cdn.linkedin.oribi.io/partner/1155724,1283858/domain/contrastsecurity.com/ 		40 B
380 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.linkedin.oribi.io/partner/1155724,1283858/domain/contrastsecurity.com/token
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21ec:2c00:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
7068c1b8692f0dd5312190a1ff76f4ac6e0791d8bbd7e47c08acf1436daffac8

Request headers

Accept
*
Referer
https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 15 Mar 2023 16:39:44 GMT
content-encoding
gzip
via
1.1 671b6837b1f5908956524bc8798dab1e.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK51-C1
age
1639
vary
accept-encoding
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=3600
x-amz-cf-id
X35TjC-K7gLX2YwefO0HzmYfrFVK4OBPiZQEV28a7VHudGNFaXhUqg==
ga-audiences
www.google.com/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-32996095-1&cid=1563720877.1678900023&jid=1420359281&_u=YGBAgEABAAAAAEAAI~&z=811594843
Requested by
Host: www.contrastsecurity.com
URL: https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:807::2004 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Mar 2023 17:07:03 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
counters.gif
forms-na1.hsforms.com/embed/v3/ 		35 B
667 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://forms-na1.hsforms.com/embed/v3/counters.gif?key=forms-embed-v2-RENDER_SUCCESS&count=1
Requested by
Host: www.contrastsecurity.com
URL: https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5605 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Wed, 15 Mar 2023 17:07:03 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
CF-Cache-Status
DYNAMIC
X-HubSpot-Correlation-Id
851c8ee4-481c-475f-98c1-25e32cb91d47
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
35
Server
cloudflare
X-Trace
2BADBD3A728421B6D50700B81C1137B8D72FC2F65E000000000000000000
Vary
origin
Content-Type
image/gif
Access-Control-Expose-Headers
X-Origin-Hublet
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
false
X-Robots-Tag
none
CF-RAY
7a8659b949bdd163-BUF
rp.gif
alb.reddit.com/ 		42 B
157 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://alb.reddit.com/rp.gif?ts=1678900023158&id=t2_epbh77bg&event=PageVisit&m.itemCount=undefined&m.value=&m.valueDecimal=undefined&m.currency=undefined&m.transactionId=&m.customEventName=&m.products=&uuid=c43d56e7-f673-41b5-9901-93664aa41988&aaid=&em=&external_id=&idfa=&integration=gtm&opt_out=0&sh=1600&sw=1200&v=rdt_65e23bc4
Requested by
Host: www.contrastsecurity.com
URL: https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.140 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 15 Mar 2023 17:07:03 GMT
via
1.1 varnish
server
Varnish
content-type
image/gif
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
42
retry-after
0
rp.gif
alb.reddit.com/ 		42 B
73 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://alb.reddit.com/rp.gif?ts=1678900023159&id=t2_uob78mj3&event=PageVisit&m.itemCount=undefined&m.value=&m.valueDecimal=undefined&m.currency=undefined&m.transactionId=&m.customEventName=&m.products=&uuid=c43d56e7-f673-41b5-9901-93664aa41988&aaid=&em=&external_id=&idfa=&integration=gtm&opt_out=0&sh=1600&sw=1200&v=rdt_65e23bc4
Requested by
Host: www.contrastsecurity.com
URL: https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.140 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 15 Mar 2023 17:07:03 GMT
via
1.1 varnish
server
Varnish
content-type
image/gif
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
42
retry-after
0
/
www.google.com/pagead/1p-user-list/950431113/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/950431113/?random=1678900022107&cv=11&fst=1678899600000&bg=ffffff&guid=ON&async=1&gtm=45He33d0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.contrastsecurity.com%2Fsecurity-influencers%2Fjson-based-sql-attacks-bypassed-wafs-but-not-contrast-protect%3Fq_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS%3DRnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp%26sbrc%3D1wGsyCQjr8pAwDDsy6HGBpw%253D%253D%2524pECVbt4LswguGO0xxLRV6Q%253D%253D&tiba=JSON-based%20SQL%20attacks%20bypassed%20WAFs%20but%20not%20Contrast%20Protect%20RASP%20technology%20%7C%20Contrast%20Security&fmt=3&is_vtc=1&random=2549471666&rmt_tld=0&ipr=y
Requested by
Host: www.contrastsecurity.com
URL: https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:807::2004 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Mar 2023 17:07:03 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/650436320/ 		42 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/650436320/?random=1678900022118&cv=11&fst=1678899600000&bg=ffffff&guid=ON&async=1&gtm=45He33d0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.contrastsecurity.com%2Fsecurity-influencers%2Fjson-based-sql-attacks-bypassed-wafs-but-not-contrast-protect%3Fq_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS%3DRnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp%26sbrc%3D1wGsyCQjr8pAwDDsy6HGBpw%253D%253D%2524pECVbt4LswguGO0xxLRV6Q%253D%253D&tiba=JSON-based%20SQL%20attacks%20bypassed%20WAFs%20but%20not%20Contrast%20Protect%20RASP%20technology%20%7C%20Contrast%20Security&fmt=3&is_vtc=1&random=4185098750&rmt_tld=0&ipr=y
Requested by
Host: www.contrastsecurity.com
URL: https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:807::2004 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Mar 2023 17:07:03 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/650497777/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/650497777/?random=1678900022120&cv=11&fst=1678899600000&bg=ffffff&guid=ON&async=1&gtm=45He33d0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.contrastsecurity.com%2Fsecurity-influencers%2Fjson-based-sql-attacks-bypassed-wafs-but-not-contrast-protect%3Fq_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS%3DRnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp%26sbrc%3D1wGsyCQjr8pAwDDsy6HGBpw%253D%253D%2524pECVbt4LswguGO0xxLRV6Q%253D%253D&tiba=JSON-based%20SQL%20attacks%20bypassed%20WAFs%20but%20not%20Contrast%20Protect%20RASP%20technology%20%7C%20Contrast%20Security&fmt=3&is_vtc=1&random=2702137162&rmt_tld=0&ipr=y
Requested by
Host: www.contrastsecurity.com
URL: https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:807::2004 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Mar 2023 17:07:03 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adsct
t.co/i/ 		43 B
374 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/i/adsct?bci=3&eci=2&event_id=b8fcb382-a06a-4224-8408-d919b15399f8&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=b2b74fb0-fd89-49d0-bcd3-8580eb647f5b&tw_document_href=https%3A%2F%2Fwww.contrastsecurity.com%2Fsecurity-influencers%2Fjson-based-sql-attacks-bypassed-wafs-but-not-contrast-protect%3Fq_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS%3DRnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp%26sbrc%3D1wGsyCQjr8pAwDDsy6HGBpw%253D%253D%2524pECVbt4LswguGO0xxLRV6Q%253D%253D&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o2o98&type=javascript&version=2.3.29
Requested by
Host: www.contrastsecurity.com
URL: https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.197 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_b /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-response-time
6
date
Wed, 15 Mar 2023 17:07:02 GMT
strict-transport-security
max-age=0
server
tsa_b
content-type
image/gif;charset=utf-8
x-transaction-id
70011ee1db7b410e
cache-control
no-cache, no-store, max-age=0
perf
7626143928
x-connection-hash
dd9f4aa19f5be6831f197a2a7d2a3986db204129244f7b7f30e583ed2a761ed2
content-length
43
adsct
analytics.twitter.com/i/ 		43 B
393 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=b8fcb382-a06a-4224-8408-d919b15399f8&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=b2b74fb0-fd89-49d0-bcd3-8580eb647f5b&tw_document_href=https%3A%2F%2Fwww.contrastsecurity.com%2Fsecurity-influencers%2Fjson-based-sql-attacks-bypassed-wafs-but-not-contrast-protect%3Fq_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS%3DRnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp%26sbrc%3D1wGsyCQjr8pAwDDsy6HGBpw%253D%253D%2524pECVbt4LswguGO0xxLRV6Q%253D%253D&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o2o98&type=javascript&version=2.3.29
Requested by
Host: www.contrastsecurity.com
URL: https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.67 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_b /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-response-time
7
date
Wed, 15 Mar 2023 17:07:03 GMT
strict-transport-security
max-age=631138519
server
tsa_b
content-type
image/gif;charset=utf-8
x-transaction-id
75ea4fc5d8bde7c7
cache-control
no-cache, no-store, max-age=0
perf
7626143928
x-connection-hash
465207fbc535cd20890cfdf4e2fb6061d956587686daa9518b81c8656c106f26
content-length
43
embed_shepherd-v1.js
fast.wistia.com/assets/external/ 		651 KB
118 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fast.wistia.com/assets/external/embed_shepherd-v1.js
Requested by
Host: fast.wistia.com
URL: https://fast.wistia.com/static/integrations-hubspot-v1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:600::622 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
99b213915b46d454d3ee652c92d025312ea1a8971427ed0e955c2b08f2be4940
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 15 Mar 2023 17:07:03 GMT
content-encoding
br
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=0
age
493
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
120695
x-served-by
cache-iad-kcgs7200095-IAD, cache-ewr18132-EWR
x-browser-version
111
last-modified
Tue, 07 Mar 2023 01:17:35 GMT
server
AmazonS3
x-timer
S1678900023.186139,VS0,VE0
etag
"fdbd9fa978785b443ed3707e25469008"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=3600
x-browser
chrome
asset-version
8b5a8e2942aa22cc6aa787307a527a76f1188dd2
x-ecma-v
modern
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
4, 2
r
scout.salesloft.com/ 		41 B
409 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://scout.salesloft.com/r?tid=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ0IjoxMDU2OX0.FyjMKNdXuG4_eAesJd9uLpQ36wLg_UDlYdXtWhoTRs8
Requested by
Host: scout-cdn.salesloft.com
URL: https://scout-cdn.salesloft.com/sl.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.242.17.147 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-242-17-147.compute-1.amazonaws.com
Software
/
Resource Hash
e05ae076790852a21a47535d8a06e4ebdfc3079536d9c3f9f91d9f5b29303f0e
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains, max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 15 Mar 2023 17:07:03 GMT
strict-transport-security
max-age=15724800; includeSubDomains, max-age=31536000; includeSubDomains
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.contrastsecurity.com
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
content-length
41
x-request-id
06f577815efcd73ce4b69c1fcffe52b0
1315828585415353
connect.facebook.net/signals/config/ 		377 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1315828585415353?v=2.9.98&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
77fb24f2ca87606a8babc24f37b91b3a24b71d61546153b28d2f8f87159e0614
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 15 Mar 2023 17:07:03 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
IX2Pv6SJjlsX9NMUygUkb8ACV2Ea4UTrfiOD/T4mO0+oBH1aCkSpaIayJtxWp0R6r4aeDOGNuJboYrP/mwnBJw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
1512268381
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
analytics.google.com/g/ 		0
251 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-LVG2KS7RHZ&gtm=45je33d0&_p=420312183&_gaz=1&cid=1563720877.1678900023&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1678900023&sct=1&seg=0&dl=https%3A%2F%2Fwww.contrastsecurity.com%2Fsecurity-influencers%2Fjson-based-sql-attacks-bypassed-wafs-but-not-contrast-protect%3Fq_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS%3DRnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp%26sbrc%3D1wGsyCQjr8pAwDDsy6HGBpw%253D%253D%2524pECVbt4LswguGO0xxLRV6Q%253D%253D&dt=JSON-based%20SQL%20attacks%20bypassed%20WAFs%20but%20not%20Contrast%20Protect%20RASP%20technology%20%7C%20Contrast%20Security&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LVG2KS7RHZ&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Mar 2023 17:07:03 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.contrastsecurity.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
47 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-LVG2KS7RHZ&cid=1563720877.1678900023&gtm=45je33d0&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LVG2KS7RHZ&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Mar 2023 17:07:03 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.contrastsecurity.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gif.gif
ibc-flow.techtarget.com/a/ 		43 B
466 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ibc-flow.techtarget.com/a/gif.gif?actTypeId=31&cid=16560021&r=1678900023240&ref=https%3A%2F%2Fwww.contrastsecurity.com%2Fsecurity-influencers%2Fjson-based-sql-attacks-bypassed-wafs-but-not-contrast-protect%3Fq_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS%3DRnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp%26sbrc%3D1wGsyCQjr8pAwDDsy6HGBpw%253D%253D%2524pECVbt4LswguGO0xxLRV6Q%253D%253D&version=2.4
Requested by
Host: trk.techtarget.com
URL: https://trk.techtarget.com/tracking.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.208.231 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
231.208.111.34.bc.googleusercontent.com
Software
nginx/1.20.2 /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

ibc_rate_tier
16560021
Referer
https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 15 Mar 2023 17:07:03 GMT
via
1.1 google
x-guploader-uploadid
ADPycdsngXKBIJfYuFH7mzGdU7VFT84zuZEH5eizJ5f4PI3AaeNCK6BGIs9In3wHyU2FnDP2BZW5nwcicTUXEqGY61B_og
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
last-modified
Thu, 08 Dec 2022 21:19:29 GMT
server
nginx/1.20.2
etag
"fc94fb0c3ed8a8f909dbc7630a0987ff"
vary
Origin
x-goog-generation
1670534369365034
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=7uenZA==, md5=/JT7DD7YqPkJ28djCgmH/w==
cache-control
public, max-age=3600
access-control-allow-methods
GET, POST, OPTIONS
x-goog-stored-content-length
43
accept-ranges
bytes
access-control-allow-headers
ibc_header,ibc_rate_tier,User-Agent,X-Requested-With,Cache-Control,Content-Type,Range
expires
Wed, 15 Mar 2023 18:07:03 GMT
modules.b58f4dbb50ff88fc1f15.js
script.hotjar.com/ 		262 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.b58f4dbb50ff88fc1f15.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2245678.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.96.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-96-87.jfk50.r.cloudfront.net
Software
/
Resource Hash
833e9ac3fd9706f7c5db171919041e789fa53325a0a390e8600738ebcb524e3f
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 15 Mar 2023 16:17:07 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 f8b0654d6e6bbf12f54a635de5db7ee4.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P5
age
2996
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
68544
last-modified
Wed, 15 Mar 2023 16:16:09 GMT
etag
"091dc0b7a90675e0aa9a621de17b6353"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
Ig9HXwFAulaHFLh_d-mpX-CFzkwdAjzCklBaxd2vqP_G2oVciXNpug==
/
www.google.com/pagead/1p-user-list/461755762/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/461755762/?random=1678900022121&cv=11&fst=1678899600000&bg=ffffff&guid=ON&async=1&gtm=45He33d0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.contrastsecurity.com%2Fsecurity-influencers%2Fjson-based-sql-attacks-bypassed-wafs-but-not-contrast-protect%3Fq_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS%3DRnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp%26sbrc%3D1wGsyCQjr8pAwDDsy6HGBpw%253D%253D%2524pECVbt4LswguGO0xxLRV6Q%253D%253D&tiba=JSON-based%20SQL%20attacks%20bypassed%20WAFs%20but%20not%20Contrast%20Protect%20RASP%20technology%20%7C%20Contrast%20Security&fmt=3&is_vtc=1&random=3746881884&rmt_tld=0&ipr=y
Requested by
Host: www.contrastsecurity.com
URL: https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:807::2004 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Mar 2023 17:07:03 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gif.gif
ibc-flow.techtarget.com/a/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ibc-flow.techtarget.com/a/gif.gif?actTypeId=31&cid=16560021&r=1678900023240&ref=https%3A%2F%2Fwww.contrastsecurity.com%2Fsecurity-influencers%2Fjson-based-sql-attacks-bypassed-wafs-but-not-contrast-protect%3Fq_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS%3DRnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp%26sbrc%3D1wGsyCQjr8pAwDDsy6HGBpw%253D%253D%2524pECVbt4LswguGO0xxLRV6Q%253D%253D&version=2.4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.208.231 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
231.208.111.34.bc.googleusercontent.com
Software
nginx/1.20.2 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
ibc_rate_tier
Access-Control-Request-Method
GET
Origin
https://www.contrastsecurity.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-headers
ibc_header,ibc_rate_tier,User-Agent,X-Requested-With,Cache-Control,Content-Type,Range
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-length
0
content-type
text/html; charset=UTF-8
date
Wed, 15 Mar 2023 17:07:03 GMT
expires
Wed, 15 Mar 2023 17:07:03 GMT
server
nginx/1.20.2
vary
Origin
via
1.1 google
x-guploader-uploadid
ADPycdv4PrVC19wLvTJquprmPEdNhaJ7o-wdlpcdiWu0p5nikWMbknS6ESvVBmBcTPQZRs7NngAQJmS-f7TA1-I1yoI3udvP-tbI
is
44.212.189.233/ 		32 B
437 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://44.212.189.233/is
Requested by
Host: dx.mountain.com
URL: https://dx.mountain.com/spx?dxver=4.0.0&shaid=33821&tdr=&plh=https%3A%2F%2Fwww.contrastsecurity.com%2Fsecurity-influencers%2Fjson-based-sql-attacks-bypassed-wafs-but-not-contrast-protect%3Fq_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS%3DRnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp%26sbrc%3D1wGsyCQjr8pAwDDsy6HGBpw%253D%253D%2524pECVbt4LswguGO0xxLRV6Q%253D%253D&cb=14296875196601788term=value
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
44.212.189.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-212-189-233.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
b044bf52ef44e9e4672510fb141b9bf079772bba15bb24c96597265cccd69747

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 15 Mar 2023 17:07:03 GMT
server
istio-envoy
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain;charset=utf-8
access-control-allow-origin
*
x-envoy-upstream-service-time
2
connection
close
access-control-allow-headers
Accept, Content-Type, x-requested-with, X-Custom-Header
content-length
32
x-application-context
application:prod:8080
view
js.hs-banner.com/cookie-banner-public/v1/activity/ 		0
85 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://js.hs-banner.com/cookie-banner-public/v1/activity/view
Requested by
Host: js.hs-banner.com
URL: https://js.hs-banner.com/203759.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:21ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 15 Mar 2023 17:07:03 GMT
cf-cache-status
DYNAMIC
server
cloudflare
x-hubspot-correlation-id
0af29c33-fb44-4eaf-afed-afc00639382a
access-control-max-age
604800
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-origin
https://www.contrastsecurity.com
access-control-expose-headers
x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
vary
origin
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray
7a8659baefa1d153-BUF
view
js.hs-banner.com/cookie-banner-public/v1/activity/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://js.hs-banner.com/cookie-banner-public/v1/activity/view
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:21ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.contrastsecurity.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-origin
https://www.contrastsecurity.com
access-control-expose-headers
x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
access-control-max-age
604800
cf-cache-status
DYNAMIC
cf-ray
7a8659ba3f8ed153-BUF
content-length
0
content-type
application/octet-stream
date
Wed, 15 Mar 2023 17:07:03 GMT
server
cloudflare
timing-allow-origin
*
vary
origin
56279431.js
bat.bing.com/p/action/ 		0
118 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/56279431.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private,max-age=1800
date
Wed, 15 Mar 2023 17:07:03 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 4F6B7F6AFBF049ADB896A930EB5AFE5B Ref B: NYCEDGE1717 Ref C: 2023-03-15T17:07:03Z
x-cache
CONFIG_NOCACHE
0
bat.bing.com/action/ 		0
360 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=56279431&tm=gtm002&Ver=2&mid=78ddd210-b05b-4285-a364-6d3a4933aa87&sid=ce8db830c35311ed9d63a36273bb6545&vid=ce8dc9e0c35311ed8322993a4039398a&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=JSON-based%20SQL%20attacks%20bypassed%20WAFs%20but%20not%20Contrast%20Protect%20RASP%20technology%20%7C%20Contrast%20Security&p=https%3A%2F%2Fwww.contrastsecurity.com%2Fsecurity-influencers%2Fjson-based-sql-attacks-bypassed-wafs-but-not-contrast-protect%3Fq_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS%3DRnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp%26sbrc%3D1wGsyCQjr8pAwDDsy6HGBpw%253D%253D%2524pECVbt4LswguGO0xxLRV6Q%253D%253D&r=&lt=13314&evt=pageLoad&sv=1&rn=828325
Requested by
Host: www.contrastsecurity.com
URL: https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 15 Mar 2023 17:07:02 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: BC9E677B807440099E4BC8313C0B6142 Ref B: NYCEDGE1717 Ref C: 2023-03-15T17:07:03Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		4 B
24 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j99&a=420312183&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.contrastsecurity.com%2Fsecurity-influencers%2Fjson-based-sql-attacks-bypassed-wafs-but-not-contrast-protect%3Fq_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS%3DRnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp%26sbrc%3D1wGsyCQjr8pAwDDsy6HGBpw%253D%253D%2524pECVbt4LswguGO0xxLRV6Q%253D%253D&ul=en-us&de=UTF-8&dt=JSON-based%20SQL%20attacks%20bypassed%20WAFs%20but%20not%20Contrast%20Protect%20RASP%20technology%20%7C%20Contrast%20Security&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=KickFire%20API&ea=error&el=&_u=aHDAAEABAAAAAGAAI~&jid=1785556605&gjid=2044054259&cid=1563720877.1678900023&tid=UA-32996095-1&_gid=2142880641.1678900023&_r=1&_slc=1&gtm=45He33d0n815XQWKJ9&z=112451701
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::200e Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 15 Mar 2023 17:07:03 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.contrastsecurity.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
cta-loaded.js
www.contrastsecurity.com/hs/cta/ctas/v2/public/cs/ 		0
858 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.contrastsecurity.com/hs/cta/ctas/v2/public/cs/cta-loaded.js?pid=203759&pg=eafb7e72-9819-43d8-8d17-63c5cc055525&lt=1678900021487&dt=1678900021488&at=1678900023390&ae=1&an=1
Requested by
Host: www.contrastsecurity.com
URL: https://www.contrastsecurity.com/hs/cta/cta/current.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-origin-hublet
na1
date
Wed, 15 Mar 2023 17:07:03 GMT
strict-transport-security
max-age=31536000
cf-cache-status
MISS
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id
f8172180-e58a-4bbd-87c7-37a3ed2ccad0
x-hs-https-only
worker
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 15 Mar 2023 17:07:03 GMT
server
cloudflare
x-trace
2B33E0D4186A4D7AD48941D95967E4D8F750547A64000000000000000000
vary
origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9yLJeiTZjTo3s1XPrrfhoA6nyzQituvkv1LGy6hgK807UNDCE3pgu6xG25%2Fhr5xrl5u1sIj8rtXoDL8kuybW5PCHpYqiQzXIbk%2FSubvPKmKerx7GpJrh8K3paLo36GvZyRqe%2FF8v8IsT7107koYVbhZD0%2B3KkA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
X-Origin-Hublet
cache-control
max-age=0, no-cache, no-store
cf-ray
7a8659ba49dfd163-BUF
x-robots-tag
noindex, follow
counters.gif
perf.hsforms.com/embed/v3/ 		35 B
749 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://perf.hsforms.com/embed/v3/counters.gif?key=cta-json-success&value=1
Requested by
Host: www.contrastsecurity.com
URL: https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5705 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Wed, 15 Mar 2023 17:07:03 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
CF-Cache-Status
MISS
X-HubSpot-Correlation-Id
fa7840ff-cd9f-4d39-bcce-2483ce6f4883
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
35
Last-Modified
Wed, 15 Mar 2023 17:07:03 GMT
Server
cloudflare
X-Trace
2B89D952F85D17C65580CD60F69FB8B43B8298B120000000000000000000
Vary
origin, Accept-Encoding
Content-Type
image/gif
Access-Control-Expose-Headers
X-Origin-Hublet
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
X-Robots-Tag
none
CF-RAY
7a8659bace46d157-BUF
counters.gif
perf.hsforms.com/embed/v3/ 		35 B
749 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://perf.hsforms.com/embed/v3/counters.gif?key=cta-render-success&value=1
Requested by
Host: www.contrastsecurity.com
URL: https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5705 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Wed, 15 Mar 2023 17:07:03 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
CF-Cache-Status
MISS
X-HubSpot-Correlation-Id
aad8b74c-cdbb-4ea9-88a7-47816756877f
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
35
Last-Modified
Wed, 15 Mar 2023 17:07:03 GMT
Server
cloudflare
X-Trace
2BBD74F7ACD33D6163AFCE224240BE3511F03A7D48000000000000000000
Vary
origin, Accept-Encoding
Content-Type
image/gif
Access-Control-Expose-Headers
X-Origin-Hublet
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
X-Robots-Tag
none
CF-RAY
7a8659bacf9fd153-BUF
oribili.js
cdn.linkedin.oribi.io/1283858/ 		72 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.linkedin.oribi.io/1283858/oribili.js
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21ec:2c00:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
9425e201802508d3508b64c3a5d9e7443d268271ed9536a5fadc2961ec633afa

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 15 Mar 2023 17:04:41 GMT
content-encoding
gzip
via
1.1 f141d4a0b9a72779a9dd3a57c2c25f52.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK51-C1
age
142
vary
accept-encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript;charset=UTF-8
cache-control
public, max-age=300
x-amz-cf-id
Uo3T3AUc04B5K3ihUG9HtIemnXk2MaIoyZg4j7BxP6c_6GeJxaTeWw==
all.js
connect.facebook.net/en_US/ 		303 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/all.js?hash=c171681cbea3456f717c1dd41b1fd92b
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9f656aa0fb67540ba48aab5597bb751d78636d52f68bbb889ccd2cc61d67b0e8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
Origin
https://www.contrastsecurity.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 15 Mar 2023 17:07:03 GMT
content-md5
Uuo5qeBvu5j8MPQH2T2OVg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
86950
x-fb-rlafr
0
x-fb-debug
B9PaUPxXdenB6cjoWUUYWvRWYc3vYCOMNR7hn3Q6bvPlSYubNWX+vU2qkv4uQB6jqNuwCrkv1a9TAmxgK7+fZw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
d2be9c1bd012a6e267d08e6a60b304b6
cross-origin-opener-policy
same-origin-allow-popups
etag
"8781ae1bbcbf20073d2a2458ca36619b"
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?0
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
x-frame-options
DENY
timing-allow-origin
*
priority
u=3,i
expires
Thu, 14 Mar 2024 15:09:11 GMT
widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html
platform.twitter.com/widgets/ Frame 550E 		320 KB
103 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2Fwww.contrastsecurity.com
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.32.157 Ashburn, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4002d65e95f94dc87ae8ad170eb8dbc3644921032ac76dcb376537d9304a6fbf

Request headers

Referer
https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
public, max-age=315360000
content-encoding
gzip
content-length
105435
content-type
text/html; charset=utf-8
date
Wed, 15 Mar 2023 17:07:03 GMT
etag
"95e1b50b0c179aefb47b5b211bb347b5+gzip"
last-modified
Tue, 24 Jan 2023 21:41:13 GMT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
tw-cdn
FT
vary
Accept-Encoding
x-cache
HIT
x-served-by
cache-iad-kjyo7100159-IAD
i
scout.salesloft.com/ 		48 B
516 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://scout.salesloft.com/i
Requested by
Host: scout-cdn.salesloft.com
URL: https://scout-cdn.salesloft.com/sl.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.242.17.147 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-242-17-147.compute-1.amazonaws.com
Software
/
Resource Hash
01cd9553421c47091737a74d184f3e11c51dfd3cf634b5103e11a25f1e9e70f6
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains, max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 15 Mar 2023 17:07:03 GMT
strict-transport-security
max-age=15724800; includeSubDomains, max-age=31536000; includeSubDomains
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.contrastsecurity.com
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
content-length
48
x-request-id
d6233f70ae700e964e5dc5f657e5bd92
me
abm2.listenloop.com/api/v1/public/organizations/ 		574 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://abm2.listenloop.com/api/v1/public/organizations/me?public_key=efuwGqFyAE2223hAzxSB
Requested by
Host: v2.listenloop.com
URL: https://v2.listenloop.com/loop.bundle.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.227.196.180 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-227-196-180.compute-1.amazonaws.com
Software
nginx /
Resource Hash
5e4b697c169d7699ac35cc3ba329f55e3e2187a369900439e9e0315d910d83c7

Request headers

Accept
*/*
Referer
https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Wed, 15 Mar 2023 17:07:03 GMT
Content-Encoding
gzip
Connection
keep-alive
Content-Length
344
X-Request-Id
a080ac16-769c-4ce4-bc75-91d894d95383
Pragma
no-cache
X-Runtime
0.005260
Server
nginx
ETag
W/"a81decf21e3546268ac48972690fea7a"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST,DELETE,PUT,PATCH,OPTIONS,HEAD
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.contrastsecurity.com
Cache-Control
no-cache, no-store
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Access-Control-Request-Headers,X-User-Token,X-User-email,content-type,X-RateLimit-Limit,X-RateLimit-Remaining,X-RateLimit-Reset,Authorization
retargeting_segments
abm2.listenloop.com/api/v1/public/ 		27 B
778 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://abm2.listenloop.com/api/v1/public/retargeting_segments
Requested by
Host: v2.listenloop.com
URL: https://v2.listenloop.com/loop.bundle.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.227.196.180 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-227-196-180.compute-1.amazonaws.com
Software
nginx /
Resource Hash
1cddcd88d3332d560856627ab2cecc7d9aa6c9d616729701ae13902d1671d0b0

Request headers

Accept
*/*
Referer
https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date
Wed, 15 Mar 2023 17:07:03 GMT
Content-Encoding
gzip
Connection
keep-alive
Content-Length
53
X-Request-Id
bbc07c46-cb69-4444-ba0f-d430f6375cc1
Pragma
no-cache
X-Runtime
0.016939
Server
nginx
ETag
W/"e3abe71756e3f2f8bb4623eff9927893"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST,DELETE,PUT,PATCH,OPTIONS,HEAD
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.contrastsecurity.com
Cache-Control
no-cache, no-store
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Access-Control-Request-Headers,X-User-Token,X-User-email,content-type,X-RateLimit-Limit,X-RateLimit-Remaining,X-RateLimit-Reset,Authorization
collect
stats.g.doubleclick.net/j/ 		2 B
23 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-32996095-1&cid=1563720877.1678900023&jid=1785556605&gjid=2044054259&_gid=2142880641.1678900023&_u=aHDAAEABAAAAAGAAI~&z=1569331868
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Wed, 15 Mar 2023 17:07:03 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.contrastsecurity.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
481436106484709
connect.facebook.net/signals/config/ 		377 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/481436106484709?v=2.9.98&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
12257d8f529a77c206dc9a93efcec8a86e333554616da00ce7b948b8a03f5a0c
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 15 Mar 2023 17:07:03 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
8hXbIPzvlelg4ISzPuqrBkvIolOsvq87/HlXkl6cFlgfXM1J8uk0UtkN1z2ek/B8eyMUzuUrY8CCCXP5ZIxsJw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1315828585415353&ev=PageView&dl=https%3A%2F%2Fwww.contrastsecurity.com%2Fsecurity-influencers%2Fjson-based-sql-attacks-bypassed-wafs-but-not-contrast-protect%3Fq_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS%3DRnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp%26sbrc%3D1wGsyCQjr8pAwDDsy6HGBpw%253D%253D%2524pECVbt4LswguGO0xxLRV6Q%253D%253D&rl=&if=false&ts=1678900023543&sw=1600&sh=1200&v=2.9.98&r=stable&ec=0&o=30&cs_est=true&fbp=fb.1.1678900023542.809535551&it=1678900023190&coo=false&rqm=GET
Requested by
Host: www.contrastsecurity.com
URL: https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 15 Mar 2023 17:07:03 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
6d13b22b-e1d7-4099-b41b-b8b5ef29116c
https://www.contrastsecurity.com/ 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
blob:https://www.contrastsecurity.com/6d13b22b-e1d7-4099-b41b-b8b5ef29116c
Requested by
Host: www.contrastsecurity.com
URL: https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Length
43
Content-Type
image/gif
settings
syndication.twitter.com/ Frame 550E 		664 B
604 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://syndication.twitter.com/settings?session_id=22b91a662e63645f596801507fb05793b3516dc1
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2Fwww.contrastsecurity.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.72 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_b /
Resource Hash
b0e3dea3ead4a88d28a0203a5dd56155100bf5d61b73c371992aa9f211ff5480
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
en-US,en;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-response-time
7
date
Wed, 15 Mar 2023 17:07:03 GMT
content-encoding
gzip
strict-transport-security
max-age=631138519
last-modified
Wed, 15 Mar 2023 17:07:03 GMT
server
tsa_b
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://platform.twitter.com
x-transaction-id
0fdaee4b5600a4ab
cache-control
must-revalidate, max-age=600
access-control-allow-credentials
true
perf
7626143928
x-connection-hash
c03e806ef3108523a6eefd8fb8733c8389b2cd36b2ab42a384121c592f955958
content-length
284
s
scout.us1.salesloft.com/ 		42 B
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scout.us1.salesloft.com/s?type=landed&hitId=161255192&rand=833490047&monitorResolution=1600x1200&viewportResolution=1600x1200&pageTitle=JSON-based%20SQL%20attacks%20bypassed%20WAFs%20but%20not%20Contrast%20Protect%20RASP%20technology%20%7C%20Contrast%20Security&url=https%3A%2F%2Fwww.contrastsecurity.com%2Fsecurity-influencers%2Fjson-based-sql-attacks-bypassed-wafs-but-not-contrast-protect%3Fq_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS%3DRnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp%26sbrc%3D1wGsyCQjr8pAwDDsy6HGBpw%253D%253D%2524pECVbt4LswguGO0xxLRV6Q%253D%253D&sessionCount=1&hasWS=true&time=398&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F111.0.5563.64%20Safari%2F537.36&sli=1wGsyCQjr8pAwDDsy6HGBpw%253D%253D%2524pECVbt4LswguGO0xxLRV6Q%253D%253D&guid=5ce8ae9c-e895-4eb5-b65a-812e0734b30f&tid=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ0IjoxMDU2OX0.FyjMKNdXuG4_eAesJd9uLpQ36wLg_UDlYdXtWhoTRs8
Requested by
Host: www.contrastsecurity.com
URL: https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.242.17.147 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-242-17-147.compute-1.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains, max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 15 Mar 2023 17:07:03 GMT
strict-transport-security
max-age=15724800; includeSubDomains, max-age=31536000; includeSubDomains
content-type
image/gif; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
content-length
42
x-request-id
0a39a2cf13588b7b63692f237334f511
index.php
stats.sa-as.com/ 		95 B
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.sa-as.com/index.php?DID=249993&MyPage=undefined&MyID=undefined&MySearch=undefined&TitleTag=JSON-based%20SQL%20attacks%20bypassed%20WAFs%20but%20not%20Contrast%20Protect%20RASP%20technology%20%7C%20Contrast%20Security&Hst=www.contrastsecurity.com&width=1600&height=1200&ColDep=24&Lang=en-US&Cook=true&Page=%2Fsecurity-influencers%2Fjson-based-sql-attacks-bypassed-wafs-but-not-contrast-protect&Reff=&FullPage=https%3A%2F%2Fwww.contrastsecurity.com%2Fsecurity-influencers%2Fjson-based-sql-attacks-bypassed-wafs-but-not-contrast-protect%3Fq_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS%3DRnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp%26sbrc%3D1wGsyCQjr8pAwDDsy6HGBpw%253D%253D%2524pECVbt4LswguGO0xxLRV6Q%253D%253D&PMCD=https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D&r=0.8026202489611736
Requested by
Host: www.contrastsecurity.com
URL: https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.128.119.150 , United States, ASN7151 (BAYAREA-AS, US),
Reverse DNS
209-128-119-150.bayarea.net
Software
Apache /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Wed, 15 Mar 2023 17:00:03 GMT
Strict-Transport-Security
max-age=15552000; includeSubDomains
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Content-Type
IMAGE/PNG
Connection
close
Content-Length
102
10260
ads.kwanzoo.com/embed-code/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.kwanzoo.com/embed-code/10260
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5XQWKJ9
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
100.20.44.23 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-100-20-44-23.us-west-2.compute.amazonaws.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
c9b5e23cd0dd01c1a5ba67aabed4dd0ca1df7e3ac04d7813b6afafe6730c7337

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Mar 2023 17:07:04 GMT
content-encoding
gzip
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
content-language
en-US
content-type
text/javascript;charset=ISO-8859-1
cache-control
no-store
content-length
1194
expires
Thu, 01 Jan 1970 00:00:00 GMT
src=10230617;dc_pre=CMuDnfy13v0CFVPThwodlF4Hkg;type=invmedia;cat=contr0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1772222060399.9373
adservice.google.com/ddm/fls/z/
Redirect Chain
  • https://ad.doubleclick.net/ddm/activity/src=10230617;type=invmedia;cat=contr0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1772222060399.9373?
  • https://ad.doubleclick.net/ddm/activity/src=10230617;dc_pre=CMuDnfy13v0CFVPThwodlF4Hkg;type=invmedia;cat=contr0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1772222060399.9373?
  • https://adservice.google.com/ddm/fls/z/src=10230617;dc_pre=CMuDnfy13v0CFVPThwodlF4Hkg;type=invmedia;cat=contr0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1772222060399.9373
42 B
401 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/src=10230617;dc_pre=CMuDnfy13v0CFVPThwodlF4Hkg;type=invmedia;cat=contr0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1772222060399.9373
Requested by
Host: www.contrastsecurity.com
URL: https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
Protocol
H2
Server
2607:f8b0:4006:808::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Mar 2023 17:07:04 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 15 Mar 2023 17:07:03 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://adservice.google.com/ddm/fls/z/src=10230617;dc_pre=CMuDnfy13v0CFVPThwodlF4Hkg;type=invmedia;cat=contr0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1772222060399.9373
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-32996095-1&cid=1563720877.1678900023&jid=1785556605&_u=aHDAAEABAAAAAGAAI~&z=1711888004
Requested by
Host: www.contrastsecurity.com
URL: https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:807::2004 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Mar 2023 17:07:03 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
event
gw.linkedin.oribi.io/ 		0
192 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gw.linkedin.oribi.io/event
Requested by
Host: cdn.linkedin.oribi.io
URL: https://cdn.linkedin.oribi.io/1283858/oribili.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.214.245.73 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-214-245-73.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
*
Referer
https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.contrastsecurity.com
date
Wed, 15 Mar 2023 17:07:03 GMT
access-control-allow-credentials
true
content-length
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
text/plain
/
px.ads.linkedin.com/ws_collect/ 		0
157 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/ws_collect/?pid=1155724&timestamp=1678900023684&raw_event_id=1283858-0f768dc9-bd3a-33df-ff28-ed69a85f2aad-1678900023681
Requested by
Host: www.contrastsecurity.com
URL: https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 15 Mar 2023 17:07:03 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 305AEA2BA8E741F78E76CF7AEA4947FF Ref B: EWR311000101029 Ref C: 2023-03-15T17:07:03Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAX281+HGK7qmoc73PQgcA==
/
px.ads.linkedin.com/ws_collect/ 		0
144 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/ws_collect/?pid=1283858&timestamp=1678900023684&raw_event_id=1283858-0f768dc9-bd3a-33df-ff28-ed69a85f2aad-1678900023681
Requested by
Host: www.contrastsecurity.com
URL: https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 15 Mar 2023 17:07:03 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 16780457A8F34877A8644B67B8FFBAF0 Ref B: EWR311000101029 Ref C: 2023-03-15T17:07:03Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAX281+HGzn8UgAVaV64cg==
visit-data
in.hotjar.com/api/v2/client/sites/2245678/ 		147 B
322 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://in.hotjar.com/api/v2/client/sites/2245678/visit-data?sv=6
Requested by
Host: script.hotjar.com
URL: https://script.hotjar.com/modules.b58f4dbb50ff88fc1f15.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
46.51.204.8 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-46-51-204-8.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef6c1f3e60c738e0efe4050ab6cb05bd536d01e116a656270e2e93c25bc82ce3

Request headers

Referer
https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

date
Wed, 15 Mar 2023 17:07:04 GMT
content-encoding
br
vary
Accept-Encoding
access-control-max-age
86400
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, no-store
access-control-allow-credentials
true
gif.gif
ibc-flow.techtarget.com/a/ 		43 B
73 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ibc-flow.techtarget.com/a/gif.gif?actTypeId=31&cid=16560021&r=1678900023819&ref=https%3A%2F%2Fwww.contrastsecurity.com%2Fsecurity-influencers%2Fjson-based-sql-attacks-bypassed-wafs-but-not-contrast-protect%3Fq_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS%3DRnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp%26sbrc%3D1wGsyCQjr8pAwDDsy6HGBpw%253D%253D%2524pECVbt4LswguGO0xxLRV6Q%253D%253D&version=2.4
Requested by
Host: trk.techtarget.com
URL: https://trk.techtarget.com/tracking.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.208.231 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
231.208.111.34.bc.googleusercontent.com
Software
nginx/1.20.2 /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

ibc_rate_tier
16560021
Referer
https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 15 Mar 2023 17:07:03 GMT
via
1.1 google
x-guploader-uploadid
ADPycdtcdc2WtJ6PGiJ_gy1jvoPD4ASY60jbNF8ISOuOanndznKpUauUCDZ00i1SFbKt4pWh1q_y23ZPqv97wQf2disOIA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
last-modified
Thu, 08 Dec 2022 21:19:29 GMT
server
nginx/1.20.2
etag
"fc94fb0c3ed8a8f909dbc7630a0987ff"
vary
Origin
x-goog-generation
1670534369365034
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=7uenZA==, md5=/JT7DD7YqPkJ28djCgmH/w==
cache-control
public, max-age=3600
access-control-allow-methods
GET, POST, OPTIONS
x-goog-stored-content-length
43
accept-ranges
bytes
access-control-allow-headers
ibc_header,ibc_rate_tier,User-Agent,X-Requested-With,Cache-Control,Content-Type,Range
expires
Wed, 15 Mar 2023 18:07:03 GMT
gif.gif
ibc-flow.techtarget.com/a/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ibc-flow.techtarget.com/a/gif.gif?actTypeId=31&cid=16560021&r=1678900023819&ref=https%3A%2F%2Fwww.contrastsecurity.com%2Fsecurity-influencers%2Fjson-based-sql-attacks-bypassed-wafs-but-not-contrast-protect%3Fq_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS%3DRnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp%26sbrc%3D1wGsyCQjr8pAwDDsy6HGBpw%253D%253D%2524pECVbt4LswguGO0xxLRV6Q%253D%253D&version=2.4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.208.231 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
231.208.111.34.bc.googleusercontent.com
Software
nginx/1.20.2 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
ibc_rate_tier
Access-Control-Request-Method
GET
Origin
https://www.contrastsecurity.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-headers
ibc_header,ibc_rate_tier,User-Agent,X-Requested-With,Cache-Control,Content-Type,Range
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-length
0
content-type
text/html; charset=UTF-8
date
Wed, 15 Mar 2023 17:07:03 GMT
expires
Wed, 15 Mar 2023 17:07:03 GMT
server
nginx/1.20.2
vary
Origin
via
1.1 google
x-guploader-uploadid
ADPycdvC2Q85Hc3CE2VG9zp21UIxHFXQ2Bu9fl3MkNHAOK3JEXd0mb_YYDMxsTHVcEgLdnPPQCwfN0K_yr_nilytPlkH5r6-V3a8
messenger
app.qualified.com/w/1/PK6AWFzWvCM5V41V/ Frame 28E8 		5 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://app.qualified.com/w/1/PK6AWFzWvCM5V41V/messenger?uuid=66c4e1e1-bb38-44ce-a187-775347536669
Requested by
Host: js.qualified.com
URL: https://js.qualified.com/qualified.js?token=PK6AWFzWvCM5V41V
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.226.2.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-226-2-205.compute-1.amazonaws.com
Software
nginx /
Resource Hash
6dc9b79794e5b5b9778f3ece391cf87a040c0d2d0d06715f05df5bf09282b82c
Security Headers
Name Value
Content-Security-Policy
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, private, must-revalidate
Content-Encoding
gzip
Content-Length
1648
Content-Security-Policy
Content-Type
text/html; charset=utf-8
Date
Wed, 15 Mar 2023 17:07:04 GMT
Etag
W/"6dc9b79794e5b5b9778f3ece391cf87a"
Link
<https://assets.qualified.com/packs/css/vendors~widget/sandboxed/messenger-94e6eccc.chunk.css>; rel=preload; as=style; nopush,<https://assets.qualified.com/packs/css/widget/sandboxed/messenger-84a66aeb.chunk.css>; rel=preload; as=style; nopush
Referrer-Policy
strict-origin-when-cross-origin
Server
nginx
Strict-Transport-Security
max-age=63072000; includeSubDomains
Vary
Accept-Encoding
Via
1.1 spaces-router (b3988cb8a3c5)
X-Content-Type-Options
nosniff
X-Download-Options
noopen
X-Permitted-Cross-Domain-Policies
none
X-Request-Id
5c11d8e6-66d9-e567-30c1-36bddee49ae0
X-Runtime
0.019178
X-Xss-Protection
1; mode=block
associate-segment
segment.prod.bidr.io/
Redirect Chain
  • https://segment.prod.bidr.io/associate-segment?buzz_key=listenloop&segment_key=listenloop-17338&value=
  • https://segment.prod.bidr.io/associate-segment?buzz_key=listenloop&segment_key=listenloop-17338&value=&_bee_ppp=1
43 B
796 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://segment.prod.bidr.io/associate-segment?buzz_key=listenloop&segment_key=listenloop-17338&value=&_bee_ppp=1
Requested by
Host: www.contrastsecurity.com
URL: https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
Protocol
HTTP/1.1
Server
54.83.70.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-83-70-205.compute-1.amazonaws.com
Software
gunicorn /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
Date
Wed, 15 Mar 2023 17:07:04 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
content-type
image/gif
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
43
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://segment.prod.bidr.io/associate-segment?buzz_key=listenloop&segment_key=listenloop-17338&value=&_bee_ppp=1
Date
Wed, 15 Mar 2023 17:07:04 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
/
www.facebook.com/tr/ 		0
31 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=481436106484709&ev=PageView&dl=https%3A%2F%2Fwww.contrastsecurity.com%2Fsecurity-influencers%2Fjson-based-sql-attacks-bypassed-wafs-but-not-contrast-protect%3Fq_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS%3DRnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp%26sbrc%3D1wGsyCQjr8pAwDDsy6HGBpw%253D%253D%2524pECVbt4LswguGO0xxLRV6Q%253D%253D&rl=&if=false&ts=1678900023896&sw=1600&sh=1200&v=2.9.98&r=stable&ec=0&o=30&cs_est=true&fbp=fb.1.1678900023542.809535551&it=1678900023190&coo=false&rqm=GET
Requested by
Host: www.contrastsecurity.com
URL: https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 15 Mar 2023 17:07:03 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
st
px.mountain.com/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://px.mountain.com/st?ga_tracking_id=UA-32996095-1&ga_client_id=1563720877.1678900023&shpt=JSON-based%20SQL%20attacks%20bypassed%20WAFs%20but%20not%20Contrast%20Protect%20RASP%20technology%20%7C%20Contrast%20Security&ga_info=%7B%22status%22%3A%22OK%22%2C%22ga_tracking_id%22%3A%22UA-32996095-1%22%2C%22ga_client_id%22%3A%221563720877.1678900023%22%2C%22shpt%22%3A%22JSON-based%20SQL%20attacks%20bypassed%20WAFs%20but%20not%20Contrast%20Protect%20RASP%20technology%20%7C%20Contrast%20Security%22%2C%22dcm_cid%22%3A%221678900023.1%22%2C%22dcm_gid%22%3A%222142880641.1678900023%22%2C%22mntnis%22%3A%22Cam8M%2BoTHVGjFP6WivbE4NFpCzAd20xh%22%2C%22execution_workflow%22%3A%7B%22iteration%22%3A4%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%2C%22dcm_gid%22%3A%22OK%22%7D%7D&dcm_cid=1678900023.1&dcm_gid=2142880641.1678900023&dxver=4.0.0&shaid=33821&plh=https%3A%2F%2Fwww.contrastsecurity.com%2Fsecurity-influencers%2Fjson-based-sql-attacks-bypassed-wafs-but-not-contrast-protect%3Fq_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS%3DRnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp%26sbrc%3D1wGsyCQjr8pAwDDsy6HGBpw%253D%253D%2524pECVbt4LswguGO0xxLRV6Q%253D%253D&cb=14296875196601788term%3Dvalue&shadditional=googletagmanager%3Dtrue%2C&shoid=1563720877.1678900023
Requested by
Host: dx.mountain.com
URL: https://dx.mountain.com/spx?dxver=4.0.0&shaid=33821&tdr=&plh=https%3A%2F%2Fwww.contrastsecurity.com%2Fsecurity-influencers%2Fjson-based-sql-attacks-bypassed-wafs-but-not-contrast-protect%3Fq_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS%3DRnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp%26sbrc%3D1wGsyCQjr8pAwDDsy6HGBpw%253D%253D%2524pECVbt4LswguGO0xxLRV6Q%253D%253D&cb=14296875196601788term=value
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.37.218.4 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-37-218-4.us-west-2.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
dac81296b4032db40f3749c5ed87a477ca67e2b1ba7182278a9ed5c2e70f4a42

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 15 Mar 2023 17:07:04 GMT
content-encoding
gzip
server
istio-envoy
transfer-encoding
chunked
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
p3p
CP="NON DSP COR NID CURa ADMa DEVa PSAa PSDa OUR STP UNI COM NAV INT STA PRE"
x-envoy-upstream-service-time
1
connection
close
99292697-4c74-4b65-a22a-715c06eed5aa
https://www.contrastsecurity.com/ 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
blob:https://www.contrastsecurity.com/99292697-4c74-4b65-a22a-715c06eed5aa
Requested by
Host: www.contrastsecurity.com
URL: https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Length
43
Content-Type
image/gif
messenger-94e6eccc.chunk.css
assets.qualified.com/packs/css/vendors~widget/sandboxed/ Frame 28E8 		35 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets.qualified.com/packs/css/vendors~widget/sandboxed/messenger-94e6eccc.chunk.css
Requested by
Host: www.contrastsecurity.com
URL: https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1005 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb3487cae40a55bf31dc6e6191ab0d88ec8c8f85c62bf28ad25ad0a40c16a611

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.qualified.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 15 Mar 2023 17:07:04 GMT
x-amz-version-id
CR7RLVOSvN8A59.U_Z8vAhDQbuXMYHqb
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 04 Jan 2023 23:05:35 GMT
server
cloudflare
x-amz-request-id
Z6N72PCZ86RG6N45
etag
W/"a788ecf510f83ee517cbaf79306145dd"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=14400
cf-ray
7a8659be5fecd153-BUF
x-amz-id-2
PAew2WG98xRwLN1lTumCjseFWyNE8IvAdoo2QvBE5Jsn6KcpF3AgZnfsQoifupM36dGozcEqVSU=
expires
Wed, 15 Mar 2023 21:07:04 GMT
messenger-84a66aeb.chunk.css
assets.qualified.com/packs/css/widget/sandboxed/ Frame 28E8 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets.qualified.com/packs/css/widget/sandboxed/messenger-84a66aeb.chunk.css
Requested by
Host: www.contrastsecurity.com
URL: https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1005 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6ec35ab99388f6afab345622a22772619b83b7d63705d98df3c404da782fcabb

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.qualified.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 15 Mar 2023 17:07:04 GMT
x-amz-version-id
5Ydu6k4rPSG3QXcV_n2ryczMueyoFhYW
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 04 Jan 2023 23:05:35 GMT
server
cloudflare
x-amz-request-id
Z6NDV90FNYHECPDW
etag
W/"22d5f23e695250d3c5a5b1e76a015c5e"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=14400
cf-ray
7a8659be5fedd153-BUF
x-amz-id-2
FdHD6TiZzydrLmKioBc2uMpoUynytzTcb4xiAR0IRg+nu4VCW3IBxxLwINnpUKwIgkXTu7YB1yI=
expires
Wed, 15 Mar 2023 21:07:04 GMT
messenger~runtime-29e71294b8daca9d4f18.js
assets.qualified.com/packs/js/widget/sandboxed/ Frame 28E8 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.qualified.com/packs/js/widget/sandboxed/messenger~runtime-29e71294b8daca9d4f18.js
Requested by
Host: app.qualified.com
URL: https://app.qualified.com/w/1/PK6AWFzWvCM5V41V/messenger?uuid=66c4e1e1-bb38-44ce-a187-775347536669
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1005 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d90727ca282a01532e09a99bb22d19cce09bc4f8663fc55f9b94ae4d113e1aaf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.qualified.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 15 Mar 2023 17:07:04 GMT
x-amz-version-id
oSu07uuFO6fz2vkFf25JHGrw1KgaObJs
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 14 Mar 2023 22:03:52 GMT
server
cloudflare
x-amz-request-id
CMW9MYPV2CSM8JY9
etag
W/"0da02d555351bfd7fb9ffcb83b65f816"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=14400
cf-ray
7a8659be5feed153-BUF
x-amz-id-2
FKndCuI/VXWb3a9gVdflxJYmyxA8/OAkBSPKgYcwaAyRQRKQgF5A/sRmsUQWcYsmzuPjWdn/8iZ7fTztVFwKkA==
expires
Wed, 15 Mar 2023 21:07:04 GMT
messenger-e5bc15a244e14cefb03f.chunk.js
assets.qualified.com/packs/js/widget-sandboxed-chunks/vendors~widget/sandboxed/ Frame 28E8 		1 MB
335 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.qualified.com/packs/js/widget-sandboxed-chunks/vendors~widget/sandboxed/messenger-e5bc15a244e14cefb03f.chunk.js
Requested by
Host: app.qualified.com
URL: https://app.qualified.com/w/1/PK6AWFzWvCM5V41V/messenger?uuid=66c4e1e1-bb38-44ce-a187-775347536669
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1005 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
87c59711bd76834c64fb9f70a5afe9d9d853509330f8bca1c64db6a32a186cf5

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.qualified.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 15 Mar 2023 17:07:04 GMT
x-amz-version-id
LOdMFpEfIwuvbCVvN65DV74fVbUTTJnm
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 14 Mar 2023 20:23:12 GMT
server
cloudflare
x-amz-request-id
5KMEBVF8B0PVKHWJ
etag
W/"3ed78d8fee4c21b1962cf281f1f5f850"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=14400
cf-ray
7a8659be5fefd153-BUF
x-amz-id-2
JAd5qXwy20uywU9qzP4u3gpO/44oznBhNK9kGUhGJbzfq7+UFF3dNdNjucNlIt5u5ZqyNyqmS14=
expires
Wed, 15 Mar 2023 21:07:04 GMT
messenger-cf552429f11915363d7a.chunk.js
assets.qualified.com/packs/js/widget-sandboxed-chunks/widget/sandboxed/ Frame 28E8 		534 KB
143 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.qualified.com/packs/js/widget-sandboxed-chunks/widget/sandboxed/messenger-cf552429f11915363d7a.chunk.js
Requested by
Host: app.qualified.com
URL: https://app.qualified.com/w/1/PK6AWFzWvCM5V41V/messenger?uuid=66c4e1e1-bb38-44ce-a187-775347536669
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1005 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c575486b52917bca3ef840445a27ba6b25a8ff6a467206d3353a4b1d8c4f6d9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.qualified.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 15 Mar 2023 17:07:04 GMT
x-amz-version-id
hQqYCASnwb3vnJXM6FngPwoNL2TEwvXC
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 14 Mar 2023 22:03:53 GMT
server
cloudflare
x-amz-request-id
CMWE8NT1ZBYJZVF6
etag
W/"cf52128abe267ace3409574957b6e407"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=14400
cf-ray
7a8659beefffd153-BUF
x-amz-id-2
UCxHDGBmZ/Bg+UT0HXg3eaDuarV6oRSwfXEl8PgRn2uIVlDA1Q3GL7QQ5E5BTQV7bu7mXRXmkwE=
expires
Wed, 15 Mar 2023 21:07:04 GMT
Inter-Regular-c8ba52b05a9ef10f47584d08ece2ec5c.woff2
assets.qualified.com/packs/media/fonts/inter/ Frame 28E8 		97 KB
97 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets.qualified.com/packs/media/fonts/inter/Inter-Regular-c8ba52b05a9ef10f47584d08ece2ec5c.woff2
Requested by
Host: app.qualified.com
URL: https://app.qualified.com/w/1/PK6AWFzWvCM5V41V/messenger?uuid=66c4e1e1-bb38-44ce-a187-775347536669
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1005 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d612f1212b452af07f1a5defb2b672e76a91f7139e7499fa48bb9b2b985c22d6

Request headers

Referer
https://app.qualified.com/
Origin
https://app.qualified.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 15 Mar 2023 17:07:04 GMT
x-amz-version-id
Ts0p7fbKsZIFu_VEk6HOvm9iYpTRKuos
cf-cache-status
HIT
x-amz-request-id
TFBMCGD9SXP71X8F
age
8347658
content-length
98868
x-amz-id-2
KcOuJ4JMU4in8WDSSP4JvW19HFZKP5+6B8lHxFOBeHZXQtEtaMJZ57thntv6hkAu+1t1kfo51Vs=
last-modified
Thu, 08 Dec 2022 23:17:25 GMT
server
cloudflare
etag
"dc131113894217b5031000575d9de002"
access-control-max-age
3600
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control
public, max-age=31557600
accept-ranges
bytes
cf-ray
7a8659bebffbd153-BUF
expires
Thu, 14 Mar 2024 23:07:04 GMT
Inter-SemiBold-b5f0f109bc88052d4000c58ca615671d.woff2
assets.qualified.com/packs/media/fonts/inter/ Frame 28E8 		103 KB
104 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets.qualified.com/packs/media/fonts/inter/Inter-SemiBold-b5f0f109bc88052d4000c58ca615671d.woff2
Requested by
Host: app.qualified.com
URL: https://app.qualified.com/w/1/PK6AWFzWvCM5V41V/messenger?uuid=66c4e1e1-bb38-44ce-a187-775347536669
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1005 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
152261291c938aa5aad6a56d52b47ffcb893d1c0387e76d7f270a7382ff786d5

Request headers

Referer
https://app.qualified.com/
Origin
https://app.qualified.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 15 Mar 2023 17:07:04 GMT
x-amz-version-id
ePBeoMCujYBxKBCWHO9COs36tHcpJSw9
cf-cache-status
HIT
x-amz-request-id
TFBPW5SZ9J9S5QA0
age
8347658
content-length
105804
x-amz-id-2
ymLSH3BX+9x9yDhH1Q9FrUVeo4neVq6ZcQ6DllkoG7M2ySN9pZ4U0BJZbLxBegDQvAlpuBX0PfU=
last-modified
Thu, 08 Dec 2022 23:17:25 GMT
server
cloudflare
etag
"007ad31a53f4ab3f58ee74f2308482ce"
access-control-max-age
3600
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control
public, max-age=31557600
accept-ranges
bytes
cf-ray
7a8659bebffcd153-BUF
expires
Thu, 14 Mar 2024 23:07:04 GMT
/
content.hotjar.io/ 		56 B
161 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://content.hotjar.io/
Requested by
Host: script.hotjar.com
URL: https://script.hotjar.com/modules.b58f4dbb50ff88fc1f15.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.203.61.230 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-61-230.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
28a7d6c35cc97b51616ee0026d9b0b01a0670975203a46332a37ee884e4fa9a3

Request headers

Referer
https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

access-control-allow-origin
*
date
Wed, 15 Mar 2023 17:07:05 GMT
content-length
56
vary
Origin
content-type
application/json
/
www.facebook.com/tr/ Frame 50E7 		0
18 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: www.contrastsecurity.com
URL: https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://www.contrastsecurity.com
Referer
https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
https://www.contrastsecurity.com
alt-svc
h3=":443"; ma=86400
content-length
0
content-type
text/plain
cross-origin-resource-policy
cross-origin
date
Wed, 15 Mar 2023 17:07:04 GMT
priority
u=0,i
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
10260
ads.kwanzoo.com/widget/inactive/ Frame 7781
Redirect Chain
  • https://ads.kwanzoo.com/wvt-iframe/load?widgetId=10260
  • https://ads.kwanzoo.com/widget/inactive/10260
525 B
621 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.kwanzoo.com/widget/inactive/10260
Requested by
Host: ads.kwanzoo.com
URL: https://ads.kwanzoo.com/embed-code/10260
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
100.20.44.23 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-100-20-44-23.us-west-2.compute.amazonaws.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
5a359be4677a2dcc76e6f59b5a41a7a591b379ae483f2010d711dc4a6065ec58

Request headers

Referer
https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store
content-encoding
gzip
content-language
en-US
content-length
345
content-type
text/html;charset=ISO-8859-1
date
Wed, 15 Mar 2023 17:07:04 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding

Redirect headers

content-encoding
gzip
content-language
en-US
content-length
20
content-type
text/html; charset=UTF-8
date
Wed, 15 Mar 2023 17:07:04 GMT
location
https://ads.kwanzoo.com/widget/inactive/10260
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
/
sentry.io/api/1332833/envelope/ Frame 28E8 		2 B
407 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://sentry.io/api/1332833/envelope/?sentry_key=b5158ee3382d49b28a864fb2b91bcaaf&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.11.1
Requested by
Host: assets.qualified.com
URL: https://assets.qualified.com/packs/js/widget-sandboxed-chunks/vendors~widget/sandboxed/messenger-e5bc15a244e14cefb03f.chunk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.188.42.15 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
15.42.188.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://app.qualified.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Wed, 15 Mar 2023 17:07:04 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Server
nginx
vary
Origin
Content-Type
application/json
access-control-allow-origin
https://app.qualified.com
access-control-expose-headers
x-sentry-error, x-sentry-rate-limits, retry-after
x-envoy-upstream-service-time
0
Connection
keep-alive
Content-Length
2
kz-activate-large.png
images.kwanzoo.com/images/ Frame 7781
Redirect Chain
  • https://ads.kwanzoo.com/images/kz-activate-large.png
  • https://images.kwanzoo.com/images/kz-activate-large.png
39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.kwanzoo.com/images/kz-activate-large.png
Requested by
Host: ads.kwanzoo.com
URL: https://ads.kwanzoo.com/widget/inactive/10260
Protocol
HTTP/1.1
Server
54.230.163.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-163-60.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9fcdcccd084ab89832c3cf5404ce3212599866192c11af993ee762c977f0b7a2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.kwanzoo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Wed, 15 Mar 2023 14:47:51 GMT
Via
1.1 1e50ca9ac269e92d749f11227b12760c.cloudfront.net (CloudFront)
Last-Modified
Sun, 14 Jun 2015 07:22:25 GMT
Server
AmazonS3
X-Amz-Cf-Pop
EWR53-C3
Age
8502
ETag
"2e77bb8a09df570a7e5f2a087cd13131"
X-Cache
Hit from cloudfront
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
39866
X-Amz-Cf-Id
Lgpj6LSX554J1Ux33NH0GLRiwU9GYgby83uZFNLuRjxVMX84pCXVXQ==

Redirect headers

location
https://images.kwanzoo.com/images/kz-activate-large.png
date
Wed, 15 Mar 2023 17:07:04 GMT
server
Apache/2.2.15 (CentOS)
content-length
321
content-type
text/html; charset=iso-8859-1
/
www.facebook.com/tr/ Frame DD9A 		0
15 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: www.contrastsecurity.com
URL: https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://www.contrastsecurity.com
Referer
https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
https://www.contrastsecurity.com
alt-svc
h3=":443"; ma=86400
content-length
0
content-type
text/plain
cross-origin-resource-policy
cross-origin
date
Wed, 15 Mar 2023 17:07:04 GMT
priority
u=0,i
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
gs
gs.mountain.com/ 		144 B
733 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gs.mountain.com/gs
Requested by
Host: www.contrastsecurity.com
URL: https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.212.4.35 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-212-4-35.us-west-2.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
4587bdb829a22bc1299f7d27af21e01c13bc403bdf6ff34f719f59790c51e1c4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 15 Mar 2023 17:07:04 GMT
last-modified
Thu, 01 Jan 1970 00:00:00 GMT
server
istio-envoy
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
p3p
CP="NON DSP COR NID CURa ADMa DEVa PSAa PSDa OUR STP UNI COM NAV INT STA PRE"
cache-control
public, max-age=31536000
x-envoy-upstream-service-time
0
connection
close
access-control-allow-headers
Accept, Content-Type, x-requested-with, X-Custom-Header
content-length
144
x-application-context
application:prod:8080
st
px.mountain.com/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://px.mountain.com/st?ga_tracking_id=UA-32996095-1&ga_client_id=1563720877.1678900023&shpt=JSON-based%20SQL%20attacks%20bypassed%20WAFs%20but%20not%20Contrast%20Protect%20RASP%20technology%20%7C%20Contrast%20Security&ga_info=%7B%22status%22%3A%22OK%22%2C%22ga_tracking_id%22%3A%22UA-32996095-1%22%2C%22ga_client_id%22%3A%221563720877.1678900023%22%2C%22shpt%22%3A%22JSON-based%20SQL%20attacks%20bypassed%20WAFs%20but%20not%20Contrast%20Protect%20RASP%20technology%20%7C%20Contrast%20Security%22%2C%22dcm_cid%22%3A%221678900023.1%22%2C%22dcm_gid%22%3A%222142880641.1678900023%22%2C%22mntnis%22%3A%22Cam8M%2BoTHVGjFP6WivbE4NFpCzAd20xh%22%2C%22execution_workflow%22%3A%7B%22iteration%22%3A4%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%2C%22dcm_gid%22%3A%22OK%22%7D%7D&dcm_cid=1678900023.1&dcm_gid=2142880641.1678900023&dxver=4.0.0&shaid=33821&plh=https%3A%2F%2Fwww.contrastsecurity.com%2Fsecurity-influencers%2Fjson-based-sql-attacks-bypassed-wafs-but-not-contrast-protect%3Fq_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS%3DRnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp%26sbrc%3D1wGsyCQjr8pAwDDsy6HGBpw%253D%253D%2524pECVbt4LswguGO0xxLRV6Q%253D%253D&shadditional=googletagmanager%3Dtrue%2C&shoid=1563720877.1678900023&cb=1678900024182722&shguid=adf96b8a-7640-340d-be1c-199e49f51c4b&shgts=1678900024781
Requested by
Host: www.contrastsecurity.com
URL: https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.37.218.4 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-37-218-4.us-west-2.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
422b962aff597c5aca5f9c3aa114fcea7f3fda6abcad9584510b36b3eecd0f09

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 15 Mar 2023 17:07:05 GMT
content-encoding
gzip
server
istio-envoy
transfer-encoding
chunked
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
p3p
CP="NON DSP COR NID CURa ADMa DEVa PSAa PSDa OUR STP UNI COM NAV INT STA PRE"
x-envoy-upstream-service-time
15
connection
close
__ptq.gif
track.hubspot.com/ 		45 B
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=1413633234&v=1.1&a=203759&pi=100983843633&ct=blog-post&ccu=https%3A%2F%2Fwww.contrastsecurity.com%2Fsecurity-influencers%2Fjson-based-sql-attacks-bypassed-wafs-but-not-contrast-protect&cpi=100983843633&cgi=1493724588&lpi=100983843633&lvi=100983843633&lvc=en-us&tc=105870667651-105870667652-5&pu=https%3A%2F%2Fwww.contrastsecurity.com%2Fsecurity-influencers%2Fjson-based-sql-attacks-bypassed-wafs-but-not-contrast-protect%3Fq_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS%3DRnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp%26sbrc%3D1wGsyCQjr8pAwDDsy6HGBpw%253D%253D%2524pECVbt4LswguGO0xxLRV6Q%253D%253D&t=JSON-based+SQL+attacks+bypassed+WAFs+but+not+Contrast+Protect+RASP+technology+%7C+Contrast+Security&cts=1678900025075&vi=9599f7f585717ca4ea682837a01c06d0&nc=true&ce=false&pt=1&cc=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 15 Mar 2023 17:07:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id
a80725cc-a849-4356-8ba8-d2bc2f01cf52
p3p
CP="NOI CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
45
server
cloudflare
vary
origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FSD49QWawByR48piJJ7cmGpPIXR72NObA02bf4MeczTMjcR93egIAJ7nuWJoH39xanqdpoDJXnZWgKUEgs%2FjkZDyl%2FdFXIhohkmYGhap6LR9LmMuhJNPFauBGxrseBPBMyZlKbQsA6Z5WwPlUryI"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
no-cache, no-store, no-transform
access-control-allow-credentials
false
cf-ray
7a8659c4ea97d15b-BUF
x-robots-tag
none
counters.gif
perf.hsforms.com/embed/v3/ 		35 B
435 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://perf.hsforms.com/embed/v3/counters.gif?key=cta-with-analytics&value=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5705 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 15 Mar 2023 17:07:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
MISS
x-hubspot-correlation-id
f9815da2-4776-4706-b9ea-9bd65dfbf639
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
35
last-modified
Wed, 15 Mar 2023 17:07:05 GMT
server
cloudflare
x-trace
2B7AC38736315488514685E049D7932619324550C7000000000000000000
vary
origin, Accept-Encoding
content-type
image/gif
access-control-expose-headers
X-Origin-Hublet
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
false
accept-ranges
bytes
x-robots-tag
none
cf-ray
7a8659c50b89d163-BUF
__pto.gif
track.hubspot.com/ 		45 B
464 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.hubspot.com/__pto.gif?w=1678900025076&m=ReferenceError%3A+hasVars+is+not+defined&j=1.1&n=ReferenceError&x=ReferenceError%3A+hasVars+is+not+defined%0A++++at+https%3A%2F%2Fwww.contrastsecurity.com%2Fhs%2Fcta%2Fcta%2Fcurrent.js%3A1%3A1564%0A++++at+i+(https%3A%2F%2Fjs.hs-analytics.net%2Fanalytics%2F1678899900000%2F203759.js%3A23%3A43464)%0A++++at+hstc.tracking.Runner.processHsq+(https%3A%2F%2Fjs.hs-analytics.net%2Fanalytics%2F1678899900000%2F203759.js%3A23%3A44210)%0A++++at+hstc.tracking.Runner.run+(https%3A%2F%2Fjs.hs-analytics.net%2Fanalytics%2F1678899900000%2F203759.js%3A23%3A43408)%0A++++at+i+(https%3A%2F%2Fjs.hs-analytics.net%2Fanalytics%2F1678899900000%2F203759.js%3A23%3A65462)
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 15 Mar 2023 17:07:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id
239218f5-fd4d-4805-86be-80484ed1ee75
p3p
CP="NOI CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
45
server
cloudflare
vary
origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Lhut%2BQEZIAUVs9yaVNshD87kVBwReWRd%2FQzf14Ej%2B%2BlBtTfaN9C%2FnAuQilA%2F93d11sgc1cIgWLpMwS2j%2FeOXjGMnemGJitWi9SNvPghMeMkmngL%2B0FBOMHq0cb0E4NEt0hl5mRN1blSKedng%2BDv5"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
no-cache, no-store, no-transform
access-control-allow-credentials
false
cf-ray
7a8659c4ea98d15b-BUF
x-robots-tag
none
__ptq.gif
track.hubspot.com/ 		45 B
392 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.hubspot.com/__ptq.gif?k=15&fi=d5119674-29b8-49ed-84e9-c6474317557a&fci=aaec0888-1191-42a2-af42-833232bddb80&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=1413633234&v=1.1&a=203759&pi=100983843633&ct=blog-post&ccu=https%3A%2F%2Fwww.contrastsecurity.com%2Fsecurity-influencers%2Fjson-based-sql-attacks-bypassed-wafs-but-not-contrast-protect&cpi=100983843633&cgi=1493724588&lpi=100983843633&lvi=100983843633&lvc=en-us&tc=105870667651-105870667652-5&pu=https%3A%2F%2Fwww.contrastsecurity.com%2Fsecurity-influencers%2Fjson-based-sql-attacks-bypassed-wafs-but-not-contrast-protect%3Fq_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS%3DRnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp%26sbrc%3D1wGsyCQjr8pAwDDsy6HGBpw%253D%253D%2524pECVbt4LswguGO0xxLRV6Q%253D%253D&t=JSON-based+SQL+attacks+bypassed+WAFs+but+not+Contrast+Protect+RASP+technology+%7C+Contrast+Security&cts=1678900025078&vi=9599f7f585717ca4ea682837a01c06d0&nc=true&ce=false&pt=1&cc=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 15 Mar 2023 17:07:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id
b00d0f57-395b-4d3e-8020-66b136df6618
p3p
CP="NOI CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
45
server
cloudflare
vary
origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G3nMOkMPdGTKup%2BTWGbjn4a3CbKZYIlfCDvEtu90aeItYb3%2BLgeeU2wZRsIIBClYBPOtledadr49ewBzQ8m326DQHsRNelM%2BAiPckBaWZvdwF8eyLg5Nj7dhvzLEx%2FSiJaSt9TIH%2FykzFyQRuhZ6"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
no-cache, no-store, no-transform
access-control-allow-credentials
false
cf-ray
7a8659c4ea9ad15b-BUF
x-robots-tag
none
__ptq.gif
track.hubspot.com/ 		45 B
378 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.hubspot.com/__ptq.gif?k=17&fi=d5119674-29b8-49ed-84e9-c6474317557a&fci=aaec0888-1191-42a2-af42-833232bddb80&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=1413633234&v=1.1&a=203759&pi=100983843633&ct=blog-post&ccu=https%3A%2F%2Fwww.contrastsecurity.com%2Fsecurity-influencers%2Fjson-based-sql-attacks-bypassed-wafs-but-not-contrast-protect&cpi=100983843633&cgi=1493724588&lpi=100983843633&lvi=100983843633&lvc=en-us&tc=105870667651-105870667652-5&pu=https%3A%2F%2Fwww.contrastsecurity.com%2Fsecurity-influencers%2Fjson-based-sql-attacks-bypassed-wafs-but-not-contrast-protect%3Fq_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS%3DRnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp%26sbrc%3D1wGsyCQjr8pAwDDsy6HGBpw%253D%253D%2524pECVbt4LswguGO0xxLRV6Q%253D%253D&t=JSON-based+SQL+attacks+bypassed+WAFs+but+not+Contrast+Protect+RASP+technology+%7C+Contrast+Security&cts=1678900025079&vi=9599f7f585717ca4ea682837a01c06d0&nc=true&ce=false&pt=1&cc=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 15 Mar 2023 17:07:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id
1d714783-a2c2-4386-9d1a-b0308e799724
p3p
CP="NOI CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
45
server
cloudflare
vary
origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T72aidjPu1oR%2BcuduVNV9QWQk1UdaGxW5dBtSOPg%2FDnXJz6UBGQVZs32VeGrbDbzN%2FHgYn57x3Viii617eHk4fvS3%2Bfk%2Bk1I2ptl38pik4%2F5WHJQ1S263qiTtOjLSYDJjOAvFFF2U4%2FElkNIUl0F"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
no-cache, no-store, no-transform
access-control-allow-credentials
false
cf-ray
7a8659c4ea99d15b-BUF
x-robots-tag
none
__ptq.gif
track.hubspot.com/ 		45 B
462 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.hubspot.com/__ptq.gif?k=12&aij=%5B%22eafb7e72-9819-43d8-8d17-63c5cc055525%22%2C%22735ca258-f37b-454a-ae22-e31e403a64f5%22%5D&rfc=8&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=1413633234&v=1.1&a=203759&pi=100983843633&ct=blog-post&ccu=https%3A%2F%2Fwww.contrastsecurity.com%2Fsecurity-influencers%2Fjson-based-sql-attacks-bypassed-wafs-but-not-contrast-protect&cpi=100983843633&cgi=1493724588&lpi=100983843633&lvi=100983843633&lvc=en-us&tc=105870667651-105870667652-5&pu=https%3A%2F%2Fwww.contrastsecurity.com%2Fsecurity-influencers%2Fjson-based-sql-attacks-bypassed-wafs-but-not-contrast-protect%3Fq_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS%3DRnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp%26sbrc%3D1wGsyCQjr8pAwDDsy6HGBpw%253D%253D%2524pECVbt4LswguGO0xxLRV6Q%253D%253D&t=JSON-based+SQL+attacks+bypassed+WAFs+but+not+Contrast+Protect+RASP+technology+%7C+Contrast+Security&cts=1678900025082&vi=9599f7f585717ca4ea682837a01c06d0&nc=true&ce=false&pt=1&cc=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 15 Mar 2023 17:07:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id
a54c3cec-9584-4b2f-a341-088939855c36
p3p
CP="NOI CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
45
server
cloudflare
vary
origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5vbOsWq9qKeawiSKk0aOytDDpTsBELHnZ%2B9ZfZ74GEe5laJVJONS7h6DDoKCfG4Z4TSl4GNyVbyMj2LSZq9g7TJ99oz38DCHySBO8Gz04rYJ5%2BXHWpNin1n743vxTzJPduD0krqHR3CF7r3O8xDe"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
no-cache, no-store, no-transform
access-control-allow-credentials
false
cf-ray
7a8659c4ea9bd15b-BUF
x-robots-tag
none
mput
pipedream.wistia.com/ 		2 B
136 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pipedream.wistia.com/mput?topic=metrics
Requested by
Host: fast.wistia.com
URL: https://fast.wistia.com/static/integrations-hubspot-v1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.4.213.160 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-213-160.compute-1.amazonaws.com
Software
/
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer
https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
*
date
Wed, 15 Mar 2023 17:07:05 GMT
content-length
2
access-control-allow-methods
POST, OPTIONS
content-type
text/plain; charset=utf-8
roundtrip.js
s.adroll.com/j/ 		57 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.adroll.com/j/roundtrip.js
Requested by
Host: www.contrastsecurity.com
URL: https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:23cb:3800:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1e883e2f7756a89ffc5c6762792b18e8f3e92316c7e2e1fd92f487a9acfabf53

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

X-Amz-Version-Id
XeQrim4dk9MkkbNLmy.58peQe_oovwl8
Content-Encoding
gzip
Via
1.1 667392b7601b2f20a44ef149f6859dae.cloudfront.net (CloudFront)
Date
Wed, 15 Mar 2023 16:15:48 GMT
Age
3078
X-Amz-Cf-Pop
JFK50-P1
X-Amz-Server-Side-Encryption
AES256
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Thu, 09 Mar 2023 23:45:41 GMT
Server
AmazonS3
Etag
W/"19ec07fb842a6e7506aa17575241300d"
Vary
Accept-Encoding
Access-Control-Max-Age
600
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET
Cache-Control
max-age=3600, must-revalidate
Access-Control-Allow-Credentials
false
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
lSme7AeVJ9gotY_R395YMADpt7eo45IAD0P2su_dODoHlm6TJW7Cpw==
index.js
s.adroll.com/j/exp/
Redirect Chain
  • https://s.adroll.com/j/exp/VJKDLRPA7BENBB4U4RXOU7/index.js
  • https://s.adroll.com/j/exp/index.js
28 B
785 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.adroll.com/j/exp/index.js
Protocol
HTTP/1.1
Server
2600:9000:23cb:3800:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

X-Amz-Version-Id
vl4sIq5L75I77eKRxMdoJ1ZCUifm_NK5
Date
Wed, 15 Mar 2023 06:26:28 GMT
Via
1.1 694c2ab22098fd212b8d6808ee6c5aaa.cloudfront.net (CloudFront)
Age
38441
X-Amz-Cf-Pop
JFK50-P1
X-Amz-Server-Side-Encryption
AES256
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
28
Last-Modified
Thu, 02 Mar 2023 00:16:22 GMT
Server
AmazonS3
Etag
"5816cced8568d223aa09d889f300692b"
Vary
Accept-Encoding
Access-Control-Max-Age
600
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
mJC-2n-H-j8iQlunPEghZYZ4aEcT-WhRkCgupv4ZcSTMR_gLZV5HVw==

Redirect headers

Date
Wed, 15 Mar 2023 09:17:54 GMT
Via
1.1 667392b7601b2f20a44ef149f6859dae.cloudfront.net (CloudFront)
Age
28150
X-Amz-Cf-Pop
JFK50-P1
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
0
Server
AmazonS3
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET
Content-Type
application/xml
Location
https://s.adroll.com/j/exp/index.js
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
0jU2OAXMbu_R1-GUMHHRiaHabHQS1CdCBguoxpzEDa8jJaK_jE801w==
index.js
s.adroll.com/j/pre/
Redirect Chain
  • https://s.adroll.com/j/pre/VJKDLRPA7BENBB4U4RXOU7/VXQG2LUZHVGHXJH2MENZ6J/fpconsent.js
  • https://s.adroll.com/j/pre/index.js
0
756 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.adroll.com/j/pre/index.js
Protocol
HTTP/1.1
Server
2600:9000:23cb:3800:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

X-Amz-Version-Id
nQEe8wQ7h0ROt7P4GJfDfstto6x684Hy
Date
Wed, 15 Mar 2023 08:00:39 GMT
Via
1.1 667392b7601b2f20a44ef149f6859dae.cloudfront.net (CloudFront)
Age
32787
X-Amz-Cf-Pop
JFK50-P1
X-Amz-Server-Side-Encryption
AES256
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
0
Last-Modified
Wed, 15 Jan 2020 23:54:18 GMT
Server
AmazonS3
Etag
"d41d8cd98f00b204e9800998ecf8427e"
Vary
Accept-Encoding
Access-Control-Max-Age
600
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
Nx_iXVp6ITItDPg0IsSfoqxlKbTss65R2W1UohZUAIiS4rabwTJmwg==

Redirect headers

Date
Wed, 15 Mar 2023 11:21:28 GMT
Via
1.1 667392b7601b2f20a44ef149f6859dae.cloudfront.net (CloudFront)
Age
20737
X-Amz-Cf-Pop
JFK50-P1
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
0
Server
AmazonS3
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET
Content-Type
application/xml
Location
https://s.adroll.com/j/pre/index.js
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
MhkIClMzXnDQO9eV72oU3C-vmtVGdvG3-DhwDfrFir75OEj8hlED2g==
index.js
s.adroll.com/j/pre/VJKDLRPA7BENBB4U4RXOU7/VXQG2LUZHVGHXJH2MENZ6J/ 		0
809 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.adroll.com/j/pre/VJKDLRPA7BENBB4U4RXOU7/VXQG2LUZHVGHXJH2MENZ6J/index.js
Requested by
Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:23cb:3800:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

X-Amz-Version-Id
kUFTcpNnO_CqCqlcmB5RvonLr8MEcXrn
Date
Wed, 15 Mar 2023 16:44:08 GMT
Via
1.1 b5c1f99a1985819c0c422c9ce2cc03fc.cloudfront.net (CloudFront)
Age
1648
X-Amz-Cf-Pop
JFK50-P1
X-Amz-Server-Side-Encryption
AES256
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
0
Last-Modified
Wed, 15 Mar 2023 06:48:54 GMT
Server
AmazonS3
Etag
"d41d8cd98f00b204e9800998ecf8427e"
Vary
Accept-Encoding
Access-Control-Max-Age
600
Content-Type
text/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET
Cache-Control
max-age=3600, must-revalidate
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
mFOExNJmGt8U-8K_4nzhSZxRftnBlWGoDUD_W-rdgUUhVpPopTr67Q==
VJKDLRPA7BENBB4U4RXOU7
d.adroll.com/consent/check/ 		465 B
948 B 		Script
General
Check archive.org
Download Go to
Full URL
https://d.adroll.com/consent/check/VJKDLRPA7BENBB4U4RXOU7?pv=16715770149.123266&arrfrr=https%3A%2F%2Fwww.contrastsecurity.com%2Fsecurity-influencers%2Fjson-based-sql-attacks-bypassed-wafs-but-not-contrast-protect%3Fq_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS%3DRnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp%26sbrc%3D1wGsyCQjr8pAwDDsy6HGBpw%253D%253D%2524pECVbt4LswguGO0xxLRV6Q%253D%253D&_s=efcc45da1272640e5d2deef9133e3a54&_b=2
Requested by
Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:61c0:2206:b90b:56a2:60a4:423a Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.22.1 /
Resource Hash
b0c1d2e5b1037fbc1d05de41ebde848162f7ed992678d1b46a055ddd8adad9ee

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-type
application/javascript
pragma
no-cache
date
Wed, 15 Mar 2023 17:07:05 GMT
cache-control
no-store, no-cache, must-revalidate
server
nginx/1.22.1
content-length
465
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
page_views
abm2.listenloop.com/api/v1/public/ 		539 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://abm2.listenloop.com/api/v1/public/page_views
Requested by
Host: v2.listenloop.com
URL: https://v2.listenloop.com/loop.bundle.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.227.196.180 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-227-196-180.compute-1.amazonaws.com
Software
nginx /
Resource Hash
c100190f061b7091cda36c027ae8abe8625174171f2039b4624db48573c49f41

Request headers

Referer
https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type
application/json

Response headers

Date
Wed, 15 Mar 2023 17:07:05 GMT
Content-Encoding
gzip
Connection
keep-alive
Content-Length
402
X-Request-Id
ea9e5639-4e06-4dde-bcf1-448b7890dfd9
Pragma
no-cache
X-Runtime
0.009987
Server
nginx
ETag
W/"f47a235c4c0a826b62232bff4ba1d5dc"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST,DELETE,PUT,PATCH,OPTIONS,HEAD
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.contrastsecurity.com
Cache-Control
no-cache, no-store
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Access-Control-Request-Headers,X-User-Token,X-User-email,content-type,X-RateLimit-Limit,X-RateLimit-Remaining,X-RateLimit-Reset,Authorization
page_views
abm2.listenloop.com/api/v1/public/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://abm2.listenloop.com/api/v1/public/page_views
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.227.196.180 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-227-196-180.compute-1.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.contrastsecurity.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Access-Control-Request-Headers,X-User-Token,X-User-email,content-type,X-RateLimit-Limit,X-RateLimit-Remaining,X-RateLimit-Reset,Authorization
Access-Control-Allow-Methods
GET,POST,DELETE,PUT,PATCH,OPTIONS,HEAD
Access-Control-Allow-Origin
https://www.contrastsecurity.com
Connection
keep-alive
Date
Wed, 15 Mar 2023 17:07:05 GMT
Server
nginx
YZGK5PMP5FCABEOUZMDNCL.js
s.adroll.com/pixel/VJKDLRPA7BENBB4U4RXOU7/VXQG2LUZHVGHXJH2MENZ6J/
Redirect Chain
  • https://d.adroll.com/pixel/VJKDLRPA7BENBB4U4RXOU7/VXQG2LUZHVGHXJH2MENZ6J?adroll_fpc=7af0a7094b45610196528598fddbc2e4-1678900025495&pv=16715770149.123266&arrfrr=https%3A%2F%2Fwww.contrastsecurity.co...
  • https://s.adroll.com/pixel/VJKDLRPA7BENBB4U4RXOU7/VXQG2LUZHVGHXJH2MENZ6J/YZGK5PMP5FCABEOUZMDNCL.js
3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.adroll.com/pixel/VJKDLRPA7BENBB4U4RXOU7/VXQG2LUZHVGHXJH2MENZ6J/YZGK5PMP5FCABEOUZMDNCL.js
Protocol
HTTP/1.1
Server
2600:9000:23cb:3800:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
aa747768e908f5d32fd6dc49351e1c09123ed0fa164087754d085aab2329f02d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

X-Amz-Version-Id
p53gCH_t4pk7deM0X5trw18AAftGpEMI
Content-Encoding
gzip
Via
1.1 667392b7601b2f20a44ef149f6859dae.cloudfront.net (CloudFront)
Date
Wed, 15 Mar 2023 16:44:09 GMT
Age
3557
X-Amz-Cf-Pop
JFK50-P1
X-Amz-Server-Side-Encryption
AES256
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Mon, 23 Jan 2023 14:49:53 GMT
Server
AmazonS3
Etag
W/"1c04e6313091e0c37a768b291f7b65bc"
Vary
Accept-Encoding
Access-Control-Max-Age
600
Content-Type
text/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET
Cache-Control
max-age=3600, must-revalidate
Access-Control-Allow-Credentials
false
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
TSJ8kvw8EViJLetU1GTQhRkH8vtLDT3LE-OtBsIfefomv2jqyCVJUA==

Redirect headers

date
Wed, 15 Mar 2023 17:07:05 GMT
x-segment-display-name
Visitors to Unsegmented Pages
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
x-rule-type
p
content-length
0
pragma
no-cache
x-conversion-value
0.00
server
nginx/1.22.1
x-rule
*
x-segment-eid
YZGK5PMP5FCABEOUZMDNCL
location
https://s.adroll.com/pixel/VJKDLRPA7BENBB4U4RXOU7/VXQG2LUZHVGHXJH2MENZ6J/YZGK5PMP5FCABEOUZMDNCL.js
cache-control
no-store, no-cache, must-revalidate
x-pixel-eid
VXQG2LUZHVGHXJH2MENZ6J
x-segment-name
*
x-advertisable-eid
VJKDLRPA7BENBB4U4RXOU7
x-conversion-currency
VXQG2LUZHVGHXJH2MENZ6J
ipv4.d.adroll.com/px4/VJKDLRPA7BENBB4U4RXOU7/ 		42 B
176 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ipv4.d.adroll.com/px4/VJKDLRPA7BENBB4U4RXOU7/VXQG2LUZHVGHXJH2MENZ6J?adroll_fpc=7af0a7094b45610196528598fddbc2e4-1678900025495&pv=16715770149.123266&arrfrr=https%3A%2F%2Fwww.contrastsecurity.com%2Fsecurity-influencers%2Fjson-based-sql-attacks-bypassed-wafs-but-not-contrast-protect%3Fq_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS%3DRnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp%26sbrc%3D1wGsyCQjr8pAwDDsy6HGBpw%253D%253D%2524pECVbt4LswguGO0xxLRV6Q%253D%253D&cookie=&adroll_s_ref=&keyw=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.235.250.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-235-250-11.compute-1.amazonaws.com
Software
nginx/1.22.1 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Mar 2023 17:07:05 GMT
cache-control
no-store, no-cache, must-revalidate
server
nginx/1.22.1
content-length
42
content-type
image/gif
567743780401155
connect.facebook.net/signals/config/ 		377 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/567743780401155?v=2.9.98&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
1ba894c3e067d4c2dedd383f28dbece046dceeba2fa5b09b056f9846c0cd2711
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 15 Mar 2023 17:07:05 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
igBMet5KFMP0VWngUNkrMEUQE5CseG0505JZfrZGVULFcAsZZpbcs0+3gO1k4LE4rEDL7V+NGzdDqmJK6MZ3lg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=567743780401155&ev=PageView&dl=https%3A%2F%2Fwww.contrastsecurity.com%2Fsecurity-influencers%2Fjson-based-sql-attacks-bypassed-wafs-but-not-contrast-protect%3Fq_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS%3DRnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp%26sbrc%3D1wGsyCQjr8pAwDDsy6HGBpw%253D%253D%2524pECVbt4LswguGO0xxLRV6Q%253D%253D&rl=&if=false&ts=1678900025710&cd[segment_eid]=YZGK5PMP5FCABEOUZMDNCL&sw=1600&sh=1200&v=2.9.98&r=stable&ec=0&o=29&cs_est=true&fbp=fb.1.1678900023542.809535551&it=1678900023190&coo=false&dpo=LDU&dpoco=0&dpost=0&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 15 Mar 2023 17:07:05 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
priority
u=3,i
survey-v2.375451001cdc9b4534c0.js
script.hotjar.com/ 		169 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/survey-v2.375451001cdc9b4534c0.js
Requested by
Host: script.hotjar.com
URL: https://script.hotjar.com/modules.b58f4dbb50ff88fc1f15.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.96.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-96-87.jfk50.r.cloudfront.net
Software
/
Resource Hash
92a373b0a4ea195479bcf38d632f28c500520aef9967623ddd7f11d3febd06c4
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 15 Mar 2023 11:33:10 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 f8b0654d6e6bbf12f54a635de5db7ee4.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P5
age
20036
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
34474
last-modified
Wed, 15 Mar 2023 11:32:09 GMT
etag
"f0560972ca59d5fc575ef29b0cf33a93"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
UNwQueIC_bloPVRunhAg77VnFeu846Zihz5qCTbXc3j0i63Mq1kObg==
hit
surveystats.hotjar.io/ 		0
465 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://surveystats.hotjar.io/hit?id=852587&device=desktop
Requested by
Host: script.hotjar.com
URL: https://script.hotjar.com/modules.b58f4dbb50ff88fc1f15.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.39.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-39-47.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Fri, 03 Mar 2023 14:14:17 GMT
via
1.1 ef8392d3895fa7368e6a67a055402788.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-C2
age
1047171
x-cache
Hit from cloudfront
content-length
0
last-modified
Wed, 27 Jan 2021 15:23:17 GMT
server
AmazonS3
etag
"d41d8cd98f00b204e9800998ecf8427e"
access-control-max-age
0
access-control-allow-methods
GET, HEAD
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
public,max-age=0
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges
bytes
x-amz-cf-id
O76o2J1D6DhJ62YGm3mvi_2WUYCRupiTLQvrurYi1PG1MvzX8zBRiA==
hotjar-black-mono.a08482.svg
script.hotjar.com/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://script.hotjar.com/hotjar-black-mono.a08482.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.96.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-96-87.jfk50.r.cloudfront.net
Software
/
Resource Hash
7037822981e0a99374c4d8c9a4fec5d6f67c2ccaf7a086ccdaa7db89f66c9c2f
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 11:15:35 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 f8b0654d6e6bbf12f54a635de5db7ee4.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P5
age
5377892
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
1259
last-modified
Wed, 11 Jan 2023 10:06:14 GMT
etag
"f4697ebb9548b1947de6051218f9c194"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
v_yH-Xsj1qQsZHxfROYW5AG6K_-FQAb8gGjjq1eUH3vcWBdmUX_VPw==
widget_icons_light.766225.png
script.hotjar.com/ 		781 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://script.hotjar.com/widget_icons_light.766225.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.96.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-96-87.jfk50.r.cloudfront.net
Software
/
Resource Hash
ddaac6771f6d199e295c16e6738da51b19481b72f91cb6dedd9e5e42049ef021
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.contrastsecurity.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Thu, 29 Dec 2022 09:11:56 GMT
strict-transport-security
max-age=2592000; includeSubDomains
x-content-type-options
nosniff
via
1.1 f8b0654d6e6bbf12f54a635de5db7ee4.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P5
age
6594911
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
781
last-modified
Thu, 22 Dec 2022 08:06:23 GMT
etag
"ea930802b332190322de1fb6b03f74de"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
2cXzPfCkdfOJmbv13sMM3ZXoeovGF4BPb-kGd6rhrKVgXbtcG4hnzg==
perf
www.contrastsecurity.com/_hcms/ 		2 B
616 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.contrastsecurity.com/_hcms/perf
Requested by
Host: www.contrastsecurity.com
URL: https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:2c40::c73c:67e2 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-type
application/json

Response headers

date
Wed, 15 Mar 2023 17:07:08 GMT
strict-transport-security
max-age=31536000
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id
577f5c84-863e-491b-9cd2-706319f516e5
x-hs-https-only
worker
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2
server
cloudflare
x-trace
2B9546B5C480782F984266A4D91404545D350CF894000000000000000000
vary
origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cSXeaI%2BohSnGwD5LdVestMLW7hWeBuBWpIDXdcaj6qQC3IvrWRbHym7RoaHR%2FeKRN76tzINSab0u5pgCht%2BWrGSm%2FqWnDeaJ63nE%2F1riuU7IbTr5jDv%2By9pEft1%2FzoUWe0PxpMzCzDxce%2FFYYqFEh%2F%2BH%2BGPD1Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=utf-8
access-control-allow-credentials
false
cf-ray
7a8659d78eb6d163-BUF
x-robots-tag
none
s
scout.us1.salesloft.com/ 		42 B
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scout.us1.salesloft.com/s?type=tick&hitId=161255192&rand=875675977&monitorResolution=1600x1200&viewportResolution=1600x1200&pageTitle=JSON-based%20SQL%20attacks%20bypassed%20WAFs%20but%20not%20Contrast%20Protect%20RASP%20technology%20%7C%20Contrast%20Security&url=https%3A%2F%2Fwww.contrastsecurity.com%2Fsecurity-influencers%2Fjson-based-sql-attacks-bypassed-wafs-but-not-contrast-protect%3Fq_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS%3DRnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp%26sbrc%3D1wGsyCQjr8pAwDDsy6HGBpw%253D%253D%2524pECVbt4LswguGO0xxLRV6Q%253D%253D&sessionCount=2&hasWS=true&time=5398&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F111.0.5563.64%20Safari%2F537.36&sli=1wGsyCQjr8pAwDDsy6HGBpw%253D%253D%2524pECVbt4LswguGO0xxLRV6Q%253D%253D&guid=5ce8ae9c-e895-4eb5-b65a-812e0734b30f&tid=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ0IjoxMDU2OX0.FyjMKNdXuG4_eAesJd9uLpQ36wLg_UDlYdXtWhoTRs8
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.242.17.147 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-242-17-147.compute-1.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains, max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.contrastsecurity.com/security-influencers/json-based-sql-attacks-bypassed-wafs-but-not-contrast-protect?q_mailing_2M2F3BKsEG4ufTWJzRE5S62WgnHQXUq1r4MS=RnWr8AzaEwd4v6WXyXgrQWCtsjf2YPKJCGfkGiFXpt7pu4A3qNaZPw2fp&sbrc=1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 15 Mar 2023 17:07:08 GMT
strict-transport-security
max-age=15724800; includeSubDomains, max-age=31536000; includeSubDomains
content-type
image/gif; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
content-length
42
x-request-id
4b54a67c0b12030b3d97a003a8d9aff7
645cef5bb8a0d711e3fc02cf3aceffe55b5165cebac3ff719f947c7d676210da.png
qualified-production.s3.us-east-1.amazonaws.com/uploads/ Frame 28E8 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://qualified-production.s3.us-east-1.amazonaws.com/uploads/645cef5bb8a0d711e3fc02cf3aceffe55b5165cebac3ff719f947c7d676210da.png
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.33.130 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3e8b69b0cd302b5f596014aa08360162fbc408c6fc1a834ecaa8b3d1916c6d43

Request headers

accept-language
en-US,en;q=0.9
Referer
https://app.qualified.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date
Wed, 15 Mar 2023 17:07:12 GMT
Last-Modified
Wed, 16 Feb 2022 00:15:42 GMT
Server
AmazonS3
x-amz-request-id
DQB5D7NS4930C7EY
ETag
"7babe0e567f2226bc187d507f9046c41"
Content-Type
image/png
Cache-Control
Cache-Control: public, max-age=31536000
Accept-Ranges
bytes
Content-Length
9609
x-amz-id-2
QOT5blXwr4vWDkethyPMBWNhE0GDq5IvmpfTWyE5/G32kXfIgwM4H2VkOe11hmwYrycBsJ9vnvM=
Inter-roman.var-ba4caefcdf5b36b438db92786991c845.woff2
assets.qualified.com/packs/media/fonts/inter/ Frame 28E8 		222 KB
222 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets.qualified.com/packs/media/fonts/inter/Inter-roman.var-ba4caefcdf5b36b438db92786991c845.woff2
Requested by
Host: assets.qualified.com
URL: https://assets.qualified.com/packs/css/widget/sandboxed/messenger-84a66aeb.chunk.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1005 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
17fe38ab302c7e5dbfb5c3d87801092d79be958500db6412ed3bc0f126bd53d3

Request headers

Referer
https://assets.qualified.com/packs/css/widget/sandboxed/messenger-84a66aeb.chunk.css
Origin
https://app.qualified.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date
Wed, 15 Mar 2023 17:07:11 GMT
x-amz-version-id
8iJAUpJd6e_Yyn0OiVIrGWhC4aEObLYF
cf-cache-status
HIT
x-amz-request-id
54DXMHSW0MQG1Z13
age
3245776
content-length
227180
x-amz-id-2
WnR2rxeeW1rYjE3LManQ6JssjDEAWPWLF8wXFjort74RB4VYJwYl2kOx/NaQrWSgkml1GQfbd48=
last-modified
Thu, 08 Dec 2022 23:17:25 GMT
server
cloudflare
etag
"66c6e40883646a7ad993108b2ce2da32"
access-control-max-age
3600
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control
public, max-age=31557600
accept-ranges
bytes
cf-ray
7a8659edbc4ad153-BUF
expires
Thu, 14 Mar 2024 23:07:11 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
web-analytics.engagio.com
URL
https://web-analytics.engagio.com/js/ei.js

Verdicts & Comments Add Verdict or Comment

189 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 boolean| credentialless function| $ function| jQuery function| hsjQuery object| dataLayer object| _hsp function| equalheight object| jQuery1112070649797591644 boolean| PR_SHOULD_USE_CONTINUATION object| PR object| __core-js_shared__ object| Sslac object| IN object| _hsq object| hbspt function| sticky_element object| hsVars function| hs_i18n_log function| hs_i18n_substituteStrings function| hs_i18n_insertPlaceholders function| hs_i18n_getMessage undefined| module_2712622 function| i18n_getmessage function| i18n_getlanguage object| hubspot object| HubSpotForms object| hsFormsOnReady object| options object| google_tag_manager function| postscribe object| google_tag_manager_external object| google_tag_data string| GoogleAnalyticsObject function| ga object| GooglebQhCsO function| twq string| _linkedin_data_partner_id function| rdt string| SLScoutObject function| slscout string| adroll_adv_id string| adroll_pix_id object| kickfireGTM object| techtargetic function| fbq function| _fbq string| QualifiedObject function| qualified function| hj object| _hjSettings object| _eiq object| _engagio_settings string| _linkedin_partner_id object| _linkedin_data_partner_ids object| webpackChunkom_api_js object| _omapp string| OptinMonsterApp boolean| om_loaded object| om91003_80926 object| _omq function| omq function| ScrollReveal function| EvEmitter function| imagesLoaded function| jQueryBridget function| getSize function| matchesSelector object| fizzyUIUtils function| Outlayer function| Isotope function| Masonry function| Typed function| TimezZ object| tocbot function| jarallax function| jsonpHandler function| kriya number| headerHeight object| gaplugins object| gaGlobal object| gaData number| DID string| pssl function| lintrk boolean| _already_called_lintrk object| configArgs number| pixelRatio number| width number| height object| screenSize object| labels function| UET function| UET_init function| UET_push object| regeneratorRuntime object| twttr object| Wistia function| wistiaEmbedShepherdReady function| onYouTubeIframeAPIReady object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules string| dcm_cid undefined| dcm_tid undefined| dcm_gid function| toggle_ll_logging boolean| _q_widgetInitialized string| _q_lastClientActivityAt boolean| _hspb_ran boolean| _hspb_loaded object| _paq function| sanitizeKey boolean| _hstc_loaded object| globalRoot undefined| hns function| bindToWindowOnError function| defineProperties object| leadflows function| OutpostErrorReporter function| _registerAvailablePopup object| _availablePopups boolean| popupPoliceActive undefined| hns2 undefined| jade undefined| I18n undefined| Pikaday undefined| reqwest undefined| exports undefined| define boolean| LEAD_FLOWS_RAN boolean| COMMON_SETUP_RAN object| ueto_7e769fa9ea object| uetq object| FB object| __twttrll object| __twttr function| ll_conversion string| _wistiaElemId object| _wq object| wistiaEmbeds function| wistiaBindIframes function| wistiaDispatch function| VSCapture function| VSLT undefined| pagename undefined| MyPageName undefined| MyID undefined| MySearch object| sniffer string| axel number| a object| ORIBILI object| __buffer object| irongate object| mntn boolean| __adroll_loaded boolean| _hstc_ran string| __hsUserToken number| expireDateTime string| adroll_sid object| adroll object| __adroll boolean| adroll_optout object| adroll_loaded object| adroll_ext_network object| adroll_callbacks undefined| adroll_tpc_callback object| adroll_exp_list object| __adroll_consent_data boolean| __adroll_consent boolean| __adroll_consent_is_gdpr string| __adroll_consent_user_country string| __adroll_consent_adv_country number| adroll_lex33_called object| adroll_currency object| adroll_conversion_value object| adroll_conversion_value_in_dollars string| adroll_seg_eid boolean| adroll_sendrolling_cross_device object| adroll_form_fields string| adroll_rule_type

51 Cookies

Domain/Path Name / Value
.www.contrastsecurity.com/ Name: __cf_bm
Value: dwnJCWCcay34AE3WxUY9sgXjwGAplJjN3PDrzUWkPoo-1678900021-0-AdBiZ9LE6QO/T67WTzrVcY6Xy3BW0hLJncQx7yV7zH1uNUqKRHM/S6jWY09TNBcHuQFQvsf2HLIPEJUKWnGl2mU=
.www.contrastsecurity.com/ Name: __cfruid
Value: a2bd7a8fd533fb4d0658bb11ff6e28d5b64e6945-1678900021
.hubspot.com/ Name: __cf_bm
Value: ovBWEW14Syl1WYwwf3Hs5LFtPr77eVrOczy7JnXpJHI-1678900021-0-AVAcm9o+4QuRqar081Ba4xOoZ6Tj0v2TwUzf/ppI+XhYe19lH0wql/2R/VhusqvmtB/mSsVsza9hcjyrJimnGlg=
.contrastsecurity.com/ Name: _gcl_au
Value: 1.1.1654955265.1678900022
www.contrastsecurity.com/ Name: kickfire_api_session_cookie
Value: 1
.techtarget.com/ Name: __cf_bm
Value: W489sM1bp0Bz2QERJf5tw43Ob0HN.Z_xj3Cmwbysuno-1678900022-0-AQ3OOdnVkzMUWv/PiUdaTuVBm3mCAeocIfKx8cjFDgr50oFUcLzJGreyb6PevrXM2hzZzC+9mMPffvqRF7sqXXc=
www.contrastsecurity.com/ Name: _omappvp
Value: XFpx4nXdQiMfU8ZvHlY3gfujk2qM043t0fYNcawbYuqqoa139vlH45qMpzITH6IvTlOdGambFtGl8UnNKnyyG2UvVOXWxNhp
www.contrastsecurity.com/ Name: _omappvs
Value: 1678900022736
.contrastsecurity.com/ Name: _gid
Value: GA1.2.2142880641.1678900023
.contrastsecurity.com/ Name: _dc_gtm_UA-32996095-1
Value: 1
.contrastsecurity.com/ Name: _rdt_uuid
Value: 1678900023156.c43d56e7-f673-41b5-9901-93664aa41988
www.contrastsecurity.com/ Name: sli_token
Value: 1wGsyCQjr8pAwDDsy6HGBpw%3D%3D%24pECVbt4LswguGO0xxLRV6Q%3D%3D
.contrastsecurity.com/ Name: _ga_LVG2KS7RHZ
Value: GS1.1.1678900023.1.0.1678900023.60.0.0
.contrastsecurity.com/ Name: __q_state_PK6AWFzWvCM5V41V
Value: eyJ1dWlkIjoiNjZjNGUxZTEtYmIzOC00NGNlLWExODctNzc1MzQ3NTM2NjY5IiwiY29va2llRG9tYWluIjoiY29udHJhc3RzZWN1cml0eS5jb20ifQ==
.linkedin.com/ Name: li_sugr
Value: 6a6de400-2fa8-4054-a1ed-f32db90d0388
.linkedin.com/ Name: bcookie
Value: "v=2&2e77ac2f-cc8e-4601-8bd9-dd2dedab6bae"
.linkedin.com/ Name: lidc
Value: "b=TGST04:s=T:r=T:a=T:p=T:g=2901:u=1:x=1:i=1678900023:t=1678986423:v=2:sig=AQG3XGeCPJkih_GoavvMkxeGLisKrxpc"
.contrastsecurity.com/ Name: _uetsid
Value: ce8db830c35311ed9d63a36273bb6545
.contrastsecurity.com/ Name: _uetvid
Value: ce8dc9e0c35311ed8322993a4039398a
.contrastsecurity.com/ Name: _ga
Value: GA1.2.1563720877.1678900023
.contrastsecurity.com/ Name: _gat_UA-32996095-1
Value: 1
.bing.com/ Name: MUID
Value: 189BBE96DCC96BD93D22AC43DD466A9F
.bat.bing.com/ Name: MR
Value: 0
www.contrastsecurity.com/ Name: ln_or
Value: eyIxMTU1NzI0LDEyODM4NTgiOiIxMjgzODU4In0%3D
www.contrastsecurity.com/ Name: slireg
Value: https://scout.us1.salesloft.com
.t.co/ Name: muc_ads
Value: 17cec31c-4d59-48f2-9d96-1d4000dc3c96
.twitter.com/ Name: personalization_id
Value: "v1_GVcF4692v35P6O2JbtneKg=="
.linkedin.com/ Name: UserMatchHistory
Value: AQIooCLmQSV7bgAAAYbmPVCklv4sX91ax58kLZF5Hls0YHC2rMPuyXwZBqirwB0OVwq4cI-F2szbPA
.linkedin.com/ Name: AnalyticsSyncHistory
Value: AQJWbIcBCEoaeAAAAYbmPVCkDMIAKBkG6lysJJT3PCFcryZSsC9zNlAGYdVHSD2jlE8ASB6XpgUie4fbo0Q5jA
.contrastsecurity.com/ Name: _fbp
Value: fb.1.1678900023542.809535551
www.contrastsecurity.com/ Name: __kriya_uid
Value: 1-ym6hro8v-lf9xq519
www.contrastsecurity.com/ Name: sliguid
Value: 5ce8ae9c-e895-4eb5-b65a-812e0734b30f
www.contrastsecurity.com/ Name: slirequested
Value: true
.www.linkedin.com/ Name: bscookie
Value: "v=1&20230315170703854df784-8464-417f-8d0c-c1ed09292a3eAQEUnpeaBzVJstjPK4DhsdPIQgaCTrjc"
.contrastsecurity.com/ Name: oribili_user_guid
Value: 5b54f62a-f606-d96b-9ae6-f4f46bbe2f38
.contrastsecurity.com/ Name: _hjSessionUser_2245678
Value: eyJpZCI6IjQ2NDJlODZkLWU0ZGUtNTQxYi1iNTNhLTI3YjQ2M2UxNDlmNyIsImNyZWF0ZWQiOjE2Nzg5MDAwMjM3MDksImV4aXN0aW5nIjpmYWxzZX0=
.contrastsecurity.com/ Name: _hjFirstSeen
Value: 1
.contrastsecurity.com/ Name: _hjIncludedInSessionSample_2245678
Value: 1
.contrastsecurity.com/ Name: _hjSession_2245678
Value: eyJpZCI6IjEwMmVhYjNlLTc0OGMtNDE0OS05NDgyLTA0Njk5OTc1NDI1MyIsImNyZWF0ZWQiOjE2Nzg5MDAwMjM3MTgsImluU2FtcGxlIjp0cnVlfQ==
www.contrastsecurity.com/ Name: _hjIncludedInPageviewSample
Value: 1
.contrastsecurity.com/ Name: _hjAbsoluteSessionInProgress
Value: 0
.doubleclick.net/ Name: IDE
Value: AHWqTUkpqFCDs0g2BmRrkRDLeKI0OZJ9mRqFgTpBfEVrPTNAKE3Ti5t0XtZmjc6Q4HU
.bidr.io/ Name: bito
Value: AAUl7U7II_YAACAFAuHD2A
.bidr.io/ Name: bitoIsSecure
Value: ok
.mountain.com/ Name: guid
Value: cf0d718c-c353-11ed-827b-9d4a64b73821
.px.mountain.com/ Name: tt
Value: H4sIAAAAAAAAAKtWKlOyMqoFAP609q8HAAAA
.d.adroll.com/ Name: __adroll
Value: b2ed614252b4eaf0a7262351020f4232-a_1678900025
.adroll.com/ Name: __adroll_shared
Value: b2ed614252b4eaf0a7262351020f4232-a_1678900025
.www.contrastsecurity.com/ Name: __adroll_fpc
Value: 7af0a7094b45610196528598fddbc2e4-1678900025495
.www.contrastsecurity.com/ Name: __ar_v4
Value: %7CVJKDLRPA7BENBB4U4RXOU7%3A20230314%3A1%7CVXQG2LUZHVGHXJH2MENZ6J%3A20230314%3A1%7CYZGK5PMP5FCABEOUZMDNCL%3A20230314%3A1
.contrastsecurity.com/ Name: _hjDonePolls
Value: 852587

3 Console Messages

Source Level URL
Text
network error URL: https://web-analytics.engagio.com/js/ei.js
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://api.omappapi.com/v2/embed/80926?d=contrastsecurity.com
Message:
Failed to load resource: the server responded with a status of 401 ()
network error URL: https://api.kickfire.com/v2/company:(all)?ip=UU3d75C5G6OWcm0%3D&key=a87c7733efaab751
Message:
Failed to load resource: the server responded with a status of 429 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.omappapi.com
abm2.listenloop.com
ad.doubleclick.net
ads.kwanzoo.com
adservice.google.com
alb.reddit.com
analytics.google.com
analytics.twitter.com
api.kickfire.com
api.omappapi.com
app.hubspot.com
app.qualified.com
app.salesloft.com
assets.qualified.com
bat.bing.com
cdn.jsdelivr.net
cdn.linkedin.oribi.io
cdn.rawgit.com
cdn2.hubspot.net
cdnjs.cloudflare.com
connect.facebook.net
content.hotjar.io
cta-service-cms2.hubspot.com
d.adroll.com
dx.mountain.com
fast.wistia.com
forms-na1.hsforms.com
forms.hsforms.com
google.com
googleads.g.doubleclick.net
gs.mountain.com
gw.linkedin.oribi.io
ibc-flow.techtarget.com
images.kwanzoo.com
in.hotjar.com
ipv4.d.adroll.com
js.hs-analytics.net
js.hs-banner.com
js.hsleadflows.net
js.qualified.com
kalendar.ai
kriya.ai
lh3.googleusercontent.com
no-cache.hubspot.com
perf.hsforms.com
pipedream.wistia.com
platform.linkedin.com
platform.twitter.com
protect-us.mimecast.com
px.ads.linkedin.com
px.mountain.com
px4.ads.linkedin.com
qualified-production.s3.us-east-1.amazonaws.com
s.adroll.com
sales.contrastsecurity.com
scout-cdn.salesloft.com
scout.salesloft.com
scout.us1.salesloft.com
script.hotjar.com
segment.prod.bidr.io
sentry.io
snap.licdn.com
static.ads-twitter.com
static.hotjar.com
stats.g.doubleclick.net
stats.sa-as.com
surveystats.hotjar.io
syndication.twitter.com
t.co
track.hubspot.com
trk.techtarget.com
v2.listenloop.com
web-analytics.engagio.com
www.contrastsecurity.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.linkedin.com
www.redditstatic.com
web-analytics.engagio.com
100.20.44.23
104.244.42.197
104.244.42.67
104.244.42.72
108.138.106.124
13.107.42.14
13.226.39.47
142.250.80.102
146.75.32.157
151.101.1.140
18.164.96.87
18.203.61.230
2001:4860:4802:32::181
207.211.31.113
209.128.119.150
2600:1400:d::17db:5c72
2600:1f18:61c0:2206:b90b:56a2:60a4:423a
2600:9000:21ec:2c00:2:53b2:240:93a1
2600:9000:23cb:3800:6:9280:1080:93a1
2606:2c40::c73c:67e2
2606:4700:20::6818:450b
2606:4700:20::681a:e5c
2606:4700:3036::ac43:dfcf
2606:4700:4400::6812:21ab
2606:4700::6810:5605
2606:4700::6810:5705
2606:4700::6810:5805
2606:4700::6811:190e
2606:4700::6811:46b0
2606:4700::6811:eacc
2606:4700::6811:f3cc
2606:4700::6812:1005
2606:4700::6812:c9f
2606:4700::6812:de5a
2606:4700::6813:9a53
2607:f8b0:4004:c1b::9d
2607:f8b0:4006:807::2004
2607:f8b0:4006:808::2002
2607:f8b0:4006:80b::200e
2607:f8b0:4006:816::2002
2607:f8b0:4006:816::2008
2607:f8b0:4006:817::2001
2607:f8b0:4006:823::200e
2620:1ec:21::14
2620:1ec:29:1::40
2620:1ec:c11::200
2a02:6ea0:c454::1
2a03:2880:f012:8:face:b00c:0:1
2a03:2880:f112:83:face:b00c:0:25de
2a04:4e42:600::622
2a04:4e42::396
2a04:4e42::485
34.111.208.231
34.212.4.35
34.214.245.73
34.226.2.205
34.235.250.11
35.167.211.225
35.188.42.15
44.209.137.118
44.212.189.233
46.51.204.8
52.216.33.130
52.37.218.4
52.4.213.160
52.71.157.217
52.85.61.11
54.227.196.180
54.230.163.60
54.235.209.62
54.242.17.147
54.83.70.205
01cd9553421c47091737a74d184f3e11c51dfd3cf634b5103e11a25f1e9e70f6
0a12d011b1033eb71251b63171ea4598f37efdaede36e23b0a9ac1c96a145409
0ab4dc87b4a60865d47f8eefdf2cd910da31183bed54f2370d4443e4f10a6eea
0c07b854855b0e2bd7839c3659defa45307e96e281b3c00571d09f213eb6a76e
0fca0294cfaf24a4db0852415eee7bcdea7b9766d59e443fb2d5f0c77eb23363
103f4d3fbc08fff41f2ddb722186887b3d8977d2a7da27e7ed0f2f5752dc339f
11b59d3405edafbb270bb5675c1283aab203a7a8d5c3266e0f70e1bb87132f10
12257d8f529a77c206dc9a93efcec8a86e333554616da00ce7b948b8a03f5a0c
152261291c938aa5aad6a56d52b47ffcb893d1c0387e76d7f270a7382ff786d5
17c8101b46ab7661c89495e7c0c1b3ba48df9f2616a4daf71f784ad7a5dd770f
17fe38ab302c7e5dbfb5c3d87801092d79be958500db6412ed3bc0f126bd53d3
184f68dfffd42cc5980b3fafc7d33e943796bd9d8fdc086f63a7062389ae7127
1ba894c3e067d4c2dedd383f28dbece046dceeba2fa5b09b056f9846c0cd2711
1cddcd88d3332d560856627ab2cecc7d9aa6c9d616729701ae13902d1671d0b0
1e67d8dbcca1f6fd94e077c85c2fb40fa1c2756c99238daa8da882144260a68d
1e8505a9f55bcffc855116b87119c3fb382ea8d2557840abdf9df8d97dfd03b7
1e883e2f7756a89ffc5c6762792b18e8f3e92316c7e2e1fd92f487a9acfabf53
22a22ce06beacdda10d6b2c7fb6b35f67253a160dde48394d92d566f88fa29ea
25b3ccef96912ebb1dc749b3819c01f37ebc16ebc1ad155bed01e74beb97ef7c
28a7d6c35cc97b51616ee0026d9b0b01a0670975203a46332a37ee884e4fa9a3
2cabb172719c507c74a377112eee344baab7b522fdcb5a90f516b076589a6e13
2de622a0c0f84fd1617039cce0f586d5763e276a62153a96bb6f62693535cb50
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0
3425458125abf423b1426adbad986b530245a5dcf8d004aec11511aef71ca50d
392c9fa9cd1273a2a89d1a83a69cd1f63f21d1d55e7be21e1d8f51f25145668b
3e8b69b0cd302b5f596014aa08360162fbc408c6fc1a834ecaa8b3d1916c6d43
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f005b4cb1c2061c7f512888a26e01f128d5ea66f41203bde06fe12237706ac8
4002d65e95f94dc87ae8ad170eb8dbc3644921032ac76dcb376537d9304a6fbf
401925a1114f7003121630392768d35516be54a4028f01024528aeae99a45a56
40eac68e6c3931f220fa3979d7c5c6ab54234aa99028a18b42783e6d5f82fbe6
42106839b6c88122b1770ac860e07482f3776c623703298cb4a8c5aa4651c4c2
422b962aff597c5aca5f9c3aa114fcea7f3fda6abcad9584510b36b3eecd0f09
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44b7fb6f761a2e8bf64400e3311c4c4bf343e888ee1b8bbf125881c4617ed70f
4587bdb829a22bc1299f7d27af21e01c13bc403bdf6ff34f719f59790c51e1c4
4801a0074de09ae7dc8dd612ba59deb7cdd056592c80cab9c4bdc2ef608efda7
49c050c7a4775b5b84a5ceabf44f33074c79c051306286a8be611e9794704894
49f3ae9f44e3fbdd37f8f8bb595236e58eeb708b0c03b10bce6b0cbda4575e4d
4a007af67f716c30c8848ab0ad0bfaab8a5fcf3e36dedf918b59c9429d522440
50de719051ac450992625c5ff7b3dc8de4a1b2e83be9a088e9e36ab7452e25be
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
57056df141d73a63a3392ff43ebde5e2146161cf642df06b1da2c6a4324c4838
593de17f9bd2a63685ce3283b87d8c94ccb96cab26c48d4c1e80b72077f31dc7
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5a1c33f841d234aa6239999b503f9221f38b0fd85360dc5be4309f762beb42ac
5a359be4677a2dcc76e6f59b5a41a7a591b379ae483f2010d711dc4a6065ec58
5e4b697c169d7699ac35cc3ba329f55e3e2187a369900439e9e0315d910d83c7
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
61cc2e8928226171331a00614a1d95b96de0dd64f82ce03f5797dbd3f33ac7af
64fdcd9e8b63895478d8a6c2cb7dc27c44c7197448a4a537d35ada9e09502fda
6651b6a556b314b90a5d55c7dde2162e46b0be567342b605b1b5c1bd6d59f43f
687447b1c8ee82ab58bbe298a20ad491a79c54bdccb3bad19198d635252d21d6
6aad33bea9ac6904dd79d4d47f0433b1eaa26e6c188e3652f7f0ddac9189b0a7
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6dc9b79794e5b5b9778f3ece391cf87a040c0d2d0d06715f05df5bf09282b82c
6ec35ab99388f6afab345622a22772619b83b7d63705d98df3c404da782fcabb
7037822981e0a99374c4d8c9a4fec5d6f67c2ccaf7a086ccdaa7db89f66c9c2f
7068c1b8692f0dd5312190a1ff76f4ac6e0791d8bbd7e47c08acf1436daffac8
7285646ea1d6480a26b5c3d66f75edac636a664b9ef84bbd5fb63122065bb668
77fb24f2ca87606a8babc24f37b91b3a24b71d61546153b28d2f8f87159e0614
7948632aa46f31e02b30c87213aa522ff16eec2401f4d18ea6b1a0094a9d6bfd
7d6e4be13e42cf838e30e64e45e670bc65579cc0156dc1ba5b39f6113fc41ae6
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
833e9ac3fd9706f7c5db171919041e789fa53325a0a390e8600738ebcb524e3f
87c59711bd76834c64fb9f70a5afe9d9d853509330f8bca1c64db6a32a186cf5
881492130e51fad64966f44f7d1ae1f89832c8ef746335362f262f289f2b1568
8c575486b52917bca3ef840445a27ba6b25a8ff6a467206d3353a4b1d8c4f6d9
8d1a9ea42204a6bb7cd5dbb488fb1b0fdd26a2020cd3a39bd6aab817df3e408c
8da927b6b1240ffca4323fbb2a12c8e5abb541040965c2bc5b7d09a2eb963b02
8f1e000eb589eb04573bd931a115e5bcf06035ccb8ca702baee06d68926d10fb
92a373b0a4ea195479bcf38d632f28c500520aef9967623ddd7f11d3febd06c4
9425e201802508d3508b64c3a5d9e7443d268271ed9536a5fadc2961ec633afa
97b0e1537131a895a2a2d9ac6beb9519c2a862e50913c18bd647b4493567447a
99b213915b46d454d3ee652c92d025312ea1a8971427ed0e955c2b08f2be4940
9a14437f373437d7ffa44e47eb56544d1be479b9c9bceeb1bb30c80ae743a003
9be628654bf453f2b5948589ace3ffcdbce4c29a8f5da0c5ed395edbe82c6010
9d7703f55a3994974b17dce3efbca33fc5c92c65f374b1fdaf5be444691051de
9da73c837776901fbc9f8ac134bef3e2575d544a3194f47b1fe23085c8aa8200
9e785ceee94f6daec07bf17ae489cf8fe23a7d97e65ee0826033216fcb1646cf
9f656aa0fb67540ba48aab5597bb751d78636d52f68bbb889ccd2cc61d67b0e8
9fcdcccd084ab89832c3cf5404ce3212599866192c11af993ee762c977f0b7a2
a2137ebfe2b9ff55e1f280dbb1eef301290c50db609c5d6a0494ae8f3c98c253
a6ea063096e85ace5627e9e17dd68f50980ee4f9d237275283fd518d3a9469dc
aa747768e908f5d32fd6dc49351e1c09123ed0fa164087754d085aab2329f02d
abfce9df205238b6b7d8b60f1080f5a1e1bc8c9f731aa2b95e3e7dbcbc0e6d2c
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af1e6edc875a382b338bb25bd7c5c3f474a7f1b36212002a5896dd06f2186325
b044bf52ef44e9e4672510fb141b9bf079772bba15bb24c96597265cccd69747
b0c1d2e5b1037fbc1d05de41ebde848162f7ed992678d1b46a055ddd8adad9ee
b0e3dea3ead4a88d28a0203a5dd56155100bf5d61b73c371992aa9f211ff5480
b7074e890c28182579f0eb12696eac276a9d7f937af3c91e0167b7a9c7284fc3
b934ce9883949e7bceb88fa78a354125eefc85715f7e54da8ff529c94ebab0fe
ba41fa874089941583156d8cf3f27d6e59048e378d60f2b887eabdf93ff5a256
c100190f061b7091cda36c027ae8abe8625174171f2039b4624db48573c49f41
c325a3a446a33b8dfb329feec9df9c003de983a5c64bc3d27696c646e8d963c6
c5e9293ea82b1586a5d5727fbee2a0344a3423c422e276015743da8011d2ef9c
c773f82a0574fc3faa66aaf223b1e10320d5ada56e0856f75b07acf6ab9e761a
c873c374e3e6639df33ac7635eaf604646bc0968fb93434b0ed0d1593794bf43
c99b5a4820a459f0dd39399be5fe6af5f8b4574524c1e8de67fad8cf0098cdad
c9b5e23cd0dd01c1a5ba67aabed4dd0ca1df7e3ac04d7813b6afafe6730c7337
cda252dc01c656d59193d8d696f26c3e95f10b87711e2413e28362532bae984a
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
d2aca9b28abafe871e244e8ac52ce25dce79e30b36b90fb4243410b7870224d6
d612f1212b452af07f1a5defb2b672e76a91f7139e7499fa48bb9b2b985c22d6
d64829dad0c6b861a9e39c0c6d99ffb99ef96f299037858f853a024e3af76f35
d828b7c2a3efb24e7febcd1f5ceea0341d17a17cbad2408514323a526081aaa4
d90727ca282a01532e09a99bb22d19cce09bc4f8663fc55f9b94ae4d113e1aaf
da0085998e27c4877b8d53413238d64979158e1efe1f14d7d5a0733f3c4c9128
dac81296b4032db40f3749c5ed87a477ca67e2b1ba7182278a9ed5c2e70f4a42
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
ddaac6771f6d199e295c16e6738da51b19481b72f91cb6dedd9e5e42049ef021
de18f83fe5e106b0ff08097632c801d3b2a5744cb2040302314b3ed08d5c0c8e
e05ae076790852a21a47535d8a06e4ebdfc3079536d9c3f9f91d9f5b29303f0e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3b0f209e58b0d412b1e37d9468ab6674dad3860077ad9a918a7462ca67d033d
e49aa5dc047c6e400f50c9f1c079b5097612785ac980662f6a92220fbf1ff00f
e9579014061de5fd528b21f1928086d41411dd758ee4def39d93e1f67493bc4e
eac3d50d814b98b6370dac3b8df2ca0351670e95d578adcc3bb824fadfa2064f
eb3487cae40a55bf31dc6e6191ab0d88ec8c8f85c62bf28ad25ad0a40c16a611
ec5f7597c123181788fd043c205d990937daab3c1565e7df4ba16d47f030c160
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef6c1f3e60c738e0efe4050ab6cb05bd536d01e116a656270e2e93c25bc82ce3
f0347bd00a1c0a8dcf28594d956c2946eb3b7096351321258f68cd8a5a440e54
f56ccb2db87aacedd9415232e40f80bff9939703df2f9c3f9ec8a092e545349f
f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52
f87af415922ee2089349c94a4fa8e803e39b8cd5fbcd925c87a29f91bf52cc95
fab06beda6c8c452e25e0adee818c31d7fb0b8381d370d3dcbb9d62ec8107860