urlscan.io logo urlscan.io
SecurityTrails logo

www.hacksplaining.com Open in urlscan Pro
52.70.146.201  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.hacksplaining.com/exercises/sql-injection
Submission: On September 26 via manual from MR — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 2 countries across 6 domains to perform 30 HTTP transactions. The main IP is 52.70.146.201, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is www.hacksplaining.com.
TLS certificate: Issued by R3 on September 7th 2021. Valid for: 3 months.
This is the only time www.hacksplaining.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 7 52.70.146.201 14618 (AMAZON-AES)
14 143.204.101.60 16509 (AMAZON-02)
2 142.250.184.238 15169 (GOOGLE)
1 104.16.18.94 13335 (CLOUDFLAR...)
1 172.253.120.156 15169 (GOOGLE)
6 3.213.42.86 14618 (AMAZON-AES)
30 7
7    52.70.146.201 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-70-146-201.compute-1.amazonaws.com
www.hacksplaining.com
14    143.204.101.60 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-101-60.fra50.r.cloudfront.net
d1o5lmfp4gliop.cloudfront.net
2    142.250.184.238 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f14.1e100.net
www.google-analytics.com
1    104.16.18.94 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    172.253.120.156 (United States)

ASN15169 (GOOGLE, US)
PTR: wd-in-f156.1e100.net
stats.g.doubleclick.net
6    3.213.42.86 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-213-42-86.compute-1.amazonaws.com
app-hacksplaining.herokuapp.com
Domain Requested by
14 d1o5lmfp4gliop.cloudfront.net www.hacksplaining.com
d1o5lmfp4gliop.cloudfront.net
7 www.hacksplaining.com 1 redirects www.hacksplaining.com
app-hacksplaining.herokuapp.com
6 app-hacksplaining.herokuapp.com www.hacksplaining.com
2 www.google-analytics.com d1o5lmfp4gliop.cloudfront.net
www.google-analytics.com
1 stats.g.doubleclick.net cdnjs.cloudflare.com
1 cdnjs.cloudflare.com www.hacksplaining.com
30 6

This site contains links to these domains. Also see Links.

Domain
www.netsparker.com
wikipedia.org
cookieinfoscript.com
Subject Issuer Validity Valid
www.hacksplaining.com
R3		 2021-09-07 -
2021-12-06		 3 months crt.sh
*.cloudfront.net
Amazon		 2021-03-19 -
2022-03-17		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-09-21 -
2022-09-20		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
*.herokuapp.com
Amazon		 2021-05-29 -
2022-06-27		 a year crt.sh

This page contains 3 frames:

Primary Page: https://www.hacksplaining.com/exercises/sql-injection
Frame ID: 4F3636D2A6EF41DAC66909D7B4B47203
Requests: 21 HTTP requests in this frame

Frame: https://www.hacksplaining.com/embedded/sql-injection/
Frame ID: 79A6E67456CF0D44B8ECA33B576D5894
Requests: 5 HTTP requests in this frame

Frame: https://www.hacksplaining.com/embedded/sql-injection/logs
Frame ID: 30157FDA397E196511F97AF9AEA1A517
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

SQL Injection

Detected technologies

Overall confidence: 100%
Detected patterns
  • rollbar\.js/([0-9.]+)
Overall confidence: 75%
Detected patterns
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Page Statistics

30
Requests

100 %
HTTPS

0 %
IPv6

6
Domains

6
Subdomains

7
IPs

2
Countries

2676 kB
Transfer

5193 kB
Size

5
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 12
  • https://www.hacksplaining.com/embedded/sql-injection/logout HTTP 302
  • https://www.hacksplaining.com/embedded/sql-injection/

30 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set sql-injection
www.hacksplaining.com/exercises/ 		26 KB
26 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.hacksplaining.com/exercises/sql-injection
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.70.146.201 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-70-146-201.compute-1.amazonaws.com
Software
Super Secret Unhackable Server /
Resource Hash
4c02a4c46bdc1135b41a939c85873cb5410d27992251d02d6bdb442557948d7d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options ALLOW-FROM godaddy.com

Request headers

Host
www.hacksplaining.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Date
Sun, 26 Sep 2021 18:42:10 GMT
Connection
keep-alive
X-Frame-Options
ALLOW-FROM godaddy.com
Server
Super Secret Unhackable Server
Via
Mumbleshanks, 1.1 vegur
Access-Control-Allow-Origin
*
Access-Control-Request-Method
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Etag
W/"4c02a4c46bdc1135b41a939c85873cb5"
Cache-Control
max-age=0, private, must-revalidate
Set-Cookie
_session_id=725c96e29a58d7872ac3954218d87888; path=/; secure; HttpOnly
X-Request-Id
91dcbdc6-90fb-48cd-a39e-69a7d01ed16a
X-Runtime
0.007830
Strict-Transport-Security
max-age=31536000; includeSubDomains
Transfer-Encoding
chunked
application-9f28aa82009cb471364c7e1bbf3fb6a4e79a6ee5a8aa7c9a68ca03015e5bcef8.css
d1o5lmfp4gliop.cloudfront.net/assets/ 		3 MB
2 MB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d1o5lmfp4gliop.cloudfront.net/assets/application-9f28aa82009cb471364c7e1bbf3fb6a4e79a6ee5a8aa7c9a68ca03015e5bcef8.css
Requested by
Host: www.hacksplaining.com
URL: https://www.hacksplaining.com/exercises/sql-injection
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-101-60.fra50.r.cloudfront.net
Software
Cowboy /
Resource Hash
6414920ec829eb546a8fd1fc369b4e4aa6bc64e345e41f728e420a233a65dc99
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hacksplaining.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Via
1.1 vegur, 1.1 055d899361491602a9ef1eb0cdc5e337.cloudfront.net (CloudFront)
Last-Modified
Sun, 06 Jun 2021 18:48:22 GMT
Server
Cowboy
Age
47747
Date
Sun, 26 Sep 2021 05:26:23 GMT
Vary
Accept-Encoding
X-Edge-Origin-Shield-Skipped
0
Content-Type
text/css
Connection
keep-alive
X-Cache
Hit from cloudfront
X-Amz-Cf-Pop
FRA50-C1
Content-Encoding
gzip
Content-Length
1748123
X-Amz-Cf-Id
lbjB6GaDIKx4_8PSs39tnUsIp8bXPr3GDGuA6UGgIF_clzrVYevnDg==
application-b3d04e8ce7493b0a07d400dda55ed5a7d0fed75e77162354b68673d2b02e42ce.js
d1o5lmfp4gliop.cloudfront.net/assets/ 		571 KB
169 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1o5lmfp4gliop.cloudfront.net/assets/application-b3d04e8ce7493b0a07d400dda55ed5a7d0fed75e77162354b68673d2b02e42ce.js
Requested by
Host: www.hacksplaining.com
URL: https://www.hacksplaining.com/exercises/sql-injection
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-101-60.fra50.r.cloudfront.net
Software
Cowboy /
Resource Hash
cdd53b982a26e868f6f6b94a6fa7ea243c4649062b95c6fdcdb07ad50982dfc8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hacksplaining.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Via
1.1 vegur, 1.1 80c1ad5f9352d00b95a9da73eb6b6be5.cloudfront.net (CloudFront)
Last-Modified
Sat, 08 Aug 2020 22:43:04 GMT
Server
Cowboy
Age
7801
Date
Sun, 26 Sep 2021 18:25:12 GMT
Vary
Accept-Encoding
X-Edge-Origin-Shield-Skipped
0
Content-Type
application/javascript
Connection
keep-alive
X-Cache
Hit from cloudfront
X-Amz-Cf-Pop
FRA50-C1
Content-Encoding
gzip
Content-Length
172911
X-Amz-Cf-Id
daxRQB4hsqhXKE0tYM7ofdgfUmnkhMthRr_fNEQ1Zk46k3Ko5GooLA==
icon.gif
d1o5lmfp4gliop.cloudfront.net/images/exercises/sql-injection/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1o5lmfp4gliop.cloudfront.net/images/exercises/sql-injection/icon.gif
Requested by
Host: www.hacksplaining.com
URL: https://www.hacksplaining.com/exercises/sql-injection
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-101-60.fra50.r.cloudfront.net
Software
Cowboy /
Resource Hash
627a8e8d5f4ba736a511efc9af64b62c9bdb0d77de4edf6b76707568e038a497
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hacksplaining.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Via
1.1 vegur, 1.1 80c1ad5f9352d00b95a9da73eb6b6be5.cloudfront.net (CloudFront)
Last-Modified
Wed, 22 Sep 2021 05:14:32 GMT
Server
Cowboy
X-Edge-Origin-Shield-Skipped
0
Date
Sun, 26 Sep 2021 18:42:11 GMT
X-Cache
Hit from cloudfront
Content-Type
image/gif
Connection
keep-alive
X-Amz-Cf-Pop
FRA50-C1
Content-Length
2107
X-Amz-Cf-Id
2Gh7Je7kRpHmQoAGzTIGMqjCIcK1k6ZsVRQhEakd6MZVWxHepU-ClA==
skull-48bdb4077813afe9762f27e229e64207ec59c3891a54a3adf931c2c91a6d99bd.png
d1o5lmfp4gliop.cloudfront.net/assets/ 		57 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1o5lmfp4gliop.cloudfront.net/assets/skull-48bdb4077813afe9762f27e229e64207ec59c3891a54a3adf931c2c91a6d99bd.png
Requested by
Host: www.hacksplaining.com
URL: https://www.hacksplaining.com/exercises/sql-injection
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-101-60.fra50.r.cloudfront.net
Software
Cowboy /
Resource Hash
48bdb4077813afe9762f27e229e64207ec59c3891a54a3adf931c2c91a6d99bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hacksplaining.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Via
1.1 vegur, 1.1 055d899361491602a9ef1eb0cdc5e337.cloudfront.net (CloudFront)
Last-Modified
Sat, 19 Oct 2019 21:38:01 GMT
Server
Cowboy
Age
46262
Date
Sun, 26 Sep 2021 05:51:09 GMT
X-Edge-Origin-Shield-Skipped
0
Content-Type
image/png
Connection
keep-alive
X-Cache
Hit from cloudfront
X-Amz-Cf-Pop
FRA50-C1
Content-Length
58789
X-Amz-Cf-Id
0UT3Krrpbn5c2qCtpVhusp6UWngL7ChwJx3CG0-Wn3w7CmBD2O11wA==
netsparker-5f9b475fbff5afb0c4a6ec5d1c490d664c225daeba42e509b213603d4dd3b0d9.jpg
d1o5lmfp4gliop.cloudfront.net/assets/ 		124 KB
124 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1o5lmfp4gliop.cloudfront.net/assets/netsparker-5f9b475fbff5afb0c4a6ec5d1c490d664c225daeba42e509b213603d4dd3b0d9.jpg
Requested by
Host: www.hacksplaining.com
URL: https://www.hacksplaining.com/exercises/sql-injection
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-101-60.fra50.r.cloudfront.net
Software
Cowboy /
Resource Hash
5f9b475fbff5afb0c4a6ec5d1c490d664c225daeba42e509b213603d4dd3b0d9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hacksplaining.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Via
1.1 vegur, 1.1 80c1ad5f9352d00b95a9da73eb6b6be5.cloudfront.net (CloudFront)
Last-Modified
Sun, 23 May 2021 22:57:56 GMT
Server
Cowboy
Age
56919
Date
Sun, 26 Sep 2021 02:53:31 GMT
X-Edge-Origin-Shield-Skipped
0
Content-Type
image/jpeg
Connection
keep-alive
X-Cache
Hit from cloudfront
X-Amz-Cf-Pop
FRA50-C1
Content-Length
126625
X-Amz-Cf-Id
zBvqmx05nOHDuSdpBF8x27xpxClXqdUuNjGS7ckxm_Ng8hkWWWd-pQ==
exercise-9b3c48e2759169d4fc8a24424e0b156eb55a96b7023d803534fca668978e0e34.js
d1o5lmfp4gliop.cloudfront.net/assets/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1o5lmfp4gliop.cloudfront.net/assets/exercise-9b3c48e2759169d4fc8a24424e0b156eb55a96b7023d803534fca668978e0e34.js
Requested by
Host: www.hacksplaining.com
URL: https://www.hacksplaining.com/exercises/sql-injection
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-101-60.fra50.r.cloudfront.net
Software
Cowboy /
Resource Hash
eddb2f4b55383e451d747923e80fb026a0853b688b3ab7bb5535e213b364fe15
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hacksplaining.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Via
1.1 vegur, 1.1 80c1ad5f9352d00b95a9da73eb6b6be5.cloudfront.net (CloudFront)
Last-Modified
Fri, 01 Nov 2019 03:01:03 GMT
Server
Cowboy
Age
74095
Date
Sat, 25 Sep 2021 22:07:15 GMT
Vary
Accept-Encoding
X-Edge-Origin-Shield-Skipped
0
Content-Type
application/javascript
Connection
keep-alive
X-Cache
Hit from cloudfront
X-Amz-Cf-Pop
FRA50-C1
Content-Encoding
gzip
Content-Length
2715
X-Amz-Cf-Id
Y29vlHXAYJx3tgdLD9mqCMD1Uv5Ha2DQWUVmHqqfT9Q7uj7KBGE0RQ==
cookieinfo-6dd275d814bed26cfc661b1c6ca53cd3bf1f96cccb433d7d61932517d0f10981.js
d1o5lmfp4gliop.cloudfront.net/assets/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1o5lmfp4gliop.cloudfront.net/assets/cookieinfo-6dd275d814bed26cfc661b1c6ca53cd3bf1f96cccb433d7d61932517d0f10981.js
Requested by
Host: www.hacksplaining.com
URL: https://www.hacksplaining.com/exercises/sql-injection
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-101-60.fra50.r.cloudfront.net
Software
Cowboy /
Resource Hash
e39526e7aa80843bd7e093226bff23d4b20927157f49b7bbbc4e9078b6da50e2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hacksplaining.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Via
1.1 vegur, 1.1 055d899361491602a9ef1eb0cdc5e337.cloudfront.net (CloudFront)
Last-Modified
Mon, 02 Dec 2019 00:18:02 GMT
Server
Cowboy
Age
83369
Date
Sat, 25 Sep 2021 19:32:41 GMT
Vary
Accept-Encoding
X-Edge-Origin-Shield-Skipped
0
Content-Type
application/javascript
Connection
keep-alive
X-Cache
Hit from cloudfront
X-Amz-Cf-Pop
FRA50-C1
Content-Encoding
gzip
Content-Length
2987
X-Amz-Cf-Id
ebJKsBWmaj4mzw8FrElA5nzfwheOON1gtIMtwtrT1EEKI4Iei7Zz2g==
analytics.js
www.google-analytics.com/ 		48 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: d1o5lmfp4gliop.cloudfront.net
URL: https://d1o5lmfp4gliop.cloudfront.net/assets/application-b3d04e8ce7493b0a07d400dda55ed5a7d0fed75e77162354b68673d2b02e42ce.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hacksplaining.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 11 Aug 2021 00:32:57 GMT
server
Golfe2
age
6611
date
Sun, 26 Sep 2021 16:52:00 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19747
expires
Sun, 26 Sep 2021 18:52:00 GMT
rollbar.min.js
cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.13.0/ 		66 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.13.0/rollbar.min.js
Requested by
Host: www.hacksplaining.com
URL: https://www.hacksplaining.com/exercises/sql-injection
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.18.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
079467bf30de7c16831ec3428c9451d910dcccdab7625f963d458d7dfeaa5cfd
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.hacksplaining.com/
Origin
https://www.hacksplaining.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 18:42:11 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1182034
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
18223
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:16:01 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03fc1-108b2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2t73Z%2B5m576CVRyeKw0gqSK1Wd9YH%2BghbEfLbYSQZ0tKIy4F26KZgr1CaoxufhCjfaSSJdpke6%2B%2BZ%2BzXTn8crfrFmUPyz%2BrxIQ79nIpwKEnxqatn30gv92fbc07tcngQC%2FSCP2nP"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
694ea1754bf9691f-FRA
expires
Fri, 16 Sep 2022 18:42:11 GMT
franchise-light.woff
d1o5lmfp4gliop.cloudfront.net/fonts/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d1o5lmfp4gliop.cloudfront.net/fonts/franchise-light.woff
Requested by
Host: d1o5lmfp4gliop.cloudfront.net
URL: https://d1o5lmfp4gliop.cloudfront.net/assets/application-9f28aa82009cb471364c7e1bbf3fb6a4e79a6ee5a8aa7c9a68ca03015e5bcef8.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-101-60.fra50.r.cloudfront.net
Software
Cowboy /
Resource Hash
5eed1e33edcf8e7a83b00ad2625a5d60a5bcf62d2578962c1bbcc2182ca9ed87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://d1o5lmfp4gliop.cloudfront.net/assets/application-9f28aa82009cb471364c7e1bbf3fb6a4e79a6ee5a8aa7c9a68ca03015e5bcef8.css
Origin
https://www.hacksplaining.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Via
1.1 vegur, 1.1 ad46d498157a92ab1076f74db460670d.cloudfront.net (CloudFront)
Age
78347
X-Edge-Origin-Shield-Skipped
0
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
20024
Last-Modified
Wed, 22 Sep 2021 05:14:32 GMT
Server
Cowboy
Date
Sat, 25 Sep 2021 20:56:23 GMT
Access-Control-Max-Age
3628800
Access-Control-Allow-Methods
GET
Content-Type
application/font-woff
Access-Control-Allow-Origin
*
X-Amz-Cf-Pop
FRA50-C1
Access-Control-Allow-Headers
x-requested-with
X-Amz-Cf-Id
hUm0U4h7cFbKls0HzXvcxquWhb09dsOYtKpjqNYEjKhanEwPa9s8WA==
droid-sans.ttf
d1o5lmfp4gliop.cloudfront.net/fonts/ 		40 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d1o5lmfp4gliop.cloudfront.net/fonts/droid-sans.ttf
Requested by
Host: d1o5lmfp4gliop.cloudfront.net
URL: https://d1o5lmfp4gliop.cloudfront.net/assets/application-9f28aa82009cb471364c7e1bbf3fb6a4e79a6ee5a8aa7c9a68ca03015e5bcef8.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-101-60.fra50.r.cloudfront.net
Software
Cowboy /
Resource Hash
90f0a053d61ba5042e1c2db00e49584bc8b0d0b3e07fb1609c391b541b0ab4fa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://d1o5lmfp4gliop.cloudfront.net/assets/application-9f28aa82009cb471364c7e1bbf3fb6a4e79a6ee5a8aa7c9a68ca03015e5bcef8.css
Origin
https://www.hacksplaining.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 26 Sep 2021 06:45:43 GMT
Content-Encoding
gzip
Age
42987
Transfer-Encoding
chunked
X-Edge-Origin-Shield-Skipped
0
Access-Control-Max-Age
3628800
X-Cache
Hit from cloudfront
Connection
keep-alive
Access-Control-Allow-Origin
*
Last-Modified
Wed, 22 Sep 2021 05:14:32 GMT
Server
Cowboy
Access-Control-Allow-Methods
GET
Vary
Accept-Encoding
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
application/x-font-ttf
Via
1.1 vegur, 1.1 6b4954a8411e7b2a232537f8000c5c9d.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA50-C1
Access-Control-Allow-Headers
x-requested-with
X-Amz-Cf-Id
uamVv6Tz5m_z2FuIJ7d3d5Z1HaPNjFvwoTgZWwZDiSNPBw_m4eW8Uw==
droid-sans-bold.ttf
d1o5lmfp4gliop.cloudfront.net/fonts/ 		41 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d1o5lmfp4gliop.cloudfront.net/fonts/droid-sans-bold.ttf
Requested by
Host: d1o5lmfp4gliop.cloudfront.net
URL: https://d1o5lmfp4gliop.cloudfront.net/assets/application-9f28aa82009cb471364c7e1bbf3fb6a4e79a6ee5a8aa7c9a68ca03015e5bcef8.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-101-60.fra50.r.cloudfront.net
Software
Cowboy /
Resource Hash
b0e676ab52e9859a10bda9f4493bc819ed844ce4d1b055b9ba818e26d287c1fc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://d1o5lmfp4gliop.cloudfront.net/assets/application-9f28aa82009cb471364c7e1bbf3fb6a4e79a6ee5a8aa7c9a68ca03015e5bcef8.css
Origin
https://www.hacksplaining.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Via
1.1 vegur, 1.1 1f49a084ca923f375f74b42fa36ef429.cloudfront.net (CloudFront)
Vary
Accept-Encoding
Age
37795
Transfer-Encoding
chunked
X-Edge-Origin-Shield-Skipped
0
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Encoding
gzip
Last-Modified
Wed, 22 Sep 2021 05:14:32 GMT
Server
Cowboy
Date
Sun, 26 Sep 2021 08:12:16 GMT
Access-Control-Max-Age
3628800
Access-Control-Allow-Methods
GET
Content-Type
application/x-font-ttf
Access-Control-Allow-Origin
*
X-Amz-Cf-Pop
FRA50-C1
Access-Control-Allow-Headers
x-requested-with
X-Amz-Cf-Id
N3HX5xJjrmiWzRIvXxWlUM3T4iddPMpBgeGUd5qEV3UETKtnTpOhSQ==
Cookie set /
www.hacksplaining.com/embedded/sql-injection/ Frame 79A6
Redirect Chain
  • https://www.hacksplaining.com/embedded/sql-injection/logout
  • https://www.hacksplaining.com/embedded/sql-injection/
3 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.hacksplaining.com/embedded/sql-injection/
Requested by
Host: www.hacksplaining.com
URL: https://www.hacksplaining.com/exercises/sql-injection
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.70.146.201 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-70-146-201.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
7794b943e54ea02e103c44124e079f67d63fabcf65af3d9f4118f18b7a77ab29
Security Headers
Name Value
Content-Security-Policy frame-ancestors *
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Host
www.hacksplaining.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.hacksplaining.com/exercises/sql-injection
Accept-Encoding
gzip, deflate, br
Cookie
_session_id=725c96e29a58d7872ac3954218d87888; _ga=GA1.2.1548621314.1632681731; _gid=GA1.2.412735506.1632681731; _gat=1; _vulnerable-app_session=V3JJUHRzVlp3cnZ1SjZTYXozM3BtbURQWWd3ZmMzRlZ5Y1JGS3pvVnhONWlQWVV6SS9QcGhkWEg4Y2lsTzA1ZjNHd0xHZ3RvS3ZNMmNCdFdyMllUNEE9PS0tUytZYkZubEpRM01EZTJRNUV6YXVCQT09--5709504a0f0bb2c7f655b903fe0f736f60ad1073
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.hacksplaining.com/exercises/sql-injection

Response headers

Connection
keep-alive
Server
Cowboy
Date
Sun, 26 Sep 2021 18:42:11 GMT
Access-Control-Allow-Origin
*
Access-Control-Request-Method
GET
Content-Type
text/html; charset=utf-8
Content-Security-Policy
frame-ancestors *
Etag
W/"7794b943e54ea02e103c44124e079f67"
Cache-Control
max-age=0, private, must-revalidate
X-Runtime
0.008793
Strict-Transport-Security
max-age=31536000; includeSubDomains
Via
1.1 vegur, 1.1 vegur
X-Request-Id
a6cb541a-39a1-4650-a675-fda03d829c87
Set-Cookie
_vulnerable-app_session=dkk2QjZtN21DTnNRWUNYTmF0V0NKTFhBME5uaVQySEhya0UyOThBOVEwS0Jrb2F2djVEY3BJMHpUY1FYMzREZ3FsWjgzN2hUSWpEbjdkVjdkOFBnTHpHZGJ0WExMZi9LcjUrUktwVDFxNkZuVnNuOGIvM3MycDZsVXBsZUdJT0huZnFsMnlueEVFYnZWTU94YmFIcHR3PT0tLUVWQ04rQ3F3SmZSeVpjdkx3WmhZTlE9PQ%3D%3D--65c8c8e9329daab35c959fbdfe0c43515634f19b; path=/; secure; HttpOnly; SameSite=None
Transfer-Encoding
chunked

Redirect headers

Connection
keep-alive
Server
Cowboy
Date
Sun, 26 Sep 2021 18:42:11 GMT
Access-Control-Allow-Origin
*
Access-Control-Request-Method
GET
Location
https://www.hacksplaining.com/embedded/sql-injection/
Content-Security-Policy
frame-ancestors *
Content-Type
text/html; charset=utf-8
Cache-Control
no-cache
X-Runtime
0.007397
Strict-Transport-Security
max-age=31536000; includeSubDomains
Via
1.1 vegur, 1.1 vegur
X-Request-Id
ea7f5078-dae5-4ac4-a061-55c885b4d049
Set-Cookie
_vulnerable-app_session=V3JJUHRzVlp3cnZ1SjZTYXozM3BtbURQWWd3ZmMzRlZ5Y1JGS3pvVnhONWlQWVV6SS9QcGhkWEg4Y2lsTzA1ZjNHd0xHZ3RvS3ZNMmNCdFdyMllUNEE9PS0tUytZYkZubEpRM01EZTJRNUV6YXVCQT09--5709504a0f0bb2c7f655b903fe0f736f60ad1073; path=/; secure; HttpOnly; SameSite=None
Transfer-Encoding
chunked
logs
www.hacksplaining.com/embedded/sql-injection/ Frame 3015 		947 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.hacksplaining.com/embedded/sql-injection/logs
Requested by
Host: www.hacksplaining.com
URL: https://www.hacksplaining.com/exercises/sql-injection
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.70.146.201 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-70-146-201.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
9e0063fde63a0548c09916d3ec02515f45d5005f8d86e467b5e308f574cf207e
Security Headers
Name Value
Content-Security-Policy frame-ancestors *
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Host
www.hacksplaining.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.hacksplaining.com/exercises/sql-injection
Accept-Encoding
gzip, deflate, br
Cookie
_session_id=725c96e29a58d7872ac3954218d87888
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.hacksplaining.com/exercises/sql-injection

Response headers

Connection
keep-alive
Server
Cowboy
Date
Sun, 26 Sep 2021 18:42:11 GMT
Access-Control-Allow-Origin
*
Access-Control-Request-Method
GET
Content-Security-Policy
frame-ancestors *
Content-Type
text/html; charset=utf-8
Cache-Control
no-cache
X-Runtime
0.005602
Strict-Transport-Security
max-age=31536000; includeSubDomains
Via
1.1 vegur, 1.1 vegur
X-Request-Id
0b7ce59f-ad15-4d6e-81fe-35e19f7a9a4c
Transfer-Encoding
chunked
prev.png
d1o5lmfp4gliop.cloudfront.net/images/lightbox/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1o5lmfp4gliop.cloudfront.net/images/lightbox/prev.png
Requested by
Host: d1o5lmfp4gliop.cloudfront.net
URL: https://d1o5lmfp4gliop.cloudfront.net/assets/application-9f28aa82009cb471364c7e1bbf3fb6a4e79a6ee5a8aa7c9a68ca03015e5bcef8.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-101-60.fra50.r.cloudfront.net
Software
Cowboy /
Resource Hash
7fd9273f20fdb1229c224341271a119020a5eee74ccf6b4605730917c864caf2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d1o5lmfp4gliop.cloudfront.net/assets/application-9f28aa82009cb471364c7e1bbf3fb6a4e79a6ee5a8aa7c9a68ca03015e5bcef8.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 26 Sep 2021 06:23:41 GMT
Via
1.1 vegur, 1.1 80c1ad5f9352d00b95a9da73eb6b6be5.cloudfront.net (CloudFront)
Last-Modified
Wed, 22 Sep 2021 05:14:32 GMT
Server
Cowboy
Age
44309
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Edge-Origin-Shield-Skipped
0
Content-Type
image/png
Connection
keep-alive
X-Cache
Hit from cloudfront
X-Amz-Cf-Pop
FRA50-C1
Content-Length
1360
X-Amz-Cf-Id
X6BiWMi_eAhQDzLRkYOGLrva86bQj2eCbIovbrS6hCoiu5IR-osmyw==
next.png
d1o5lmfp4gliop.cloudfront.net/images/lightbox/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1o5lmfp4gliop.cloudfront.net/images/lightbox/next.png
Requested by
Host: d1o5lmfp4gliop.cloudfront.net
URL: https://d1o5lmfp4gliop.cloudfront.net/assets/application-9f28aa82009cb471364c7e1bbf3fb6a4e79a6ee5a8aa7c9a68ca03015e5bcef8.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-101-60.fra50.r.cloudfront.net
Software
Cowboy /
Resource Hash
15b869b02c6fbaa8c6c26445a2dd2d9bad80fd27b1409f8179e5dd89dc89d90a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d1o5lmfp4gliop.cloudfront.net/assets/application-9f28aa82009cb471364c7e1bbf3fb6a4e79a6ee5a8aa7c9a68ca03015e5bcef8.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 26 Sep 2021 05:09:06 GMT
Via
1.1 vegur, 1.1 055d899361491602a9ef1eb0cdc5e337.cloudfront.net (CloudFront)
Last-Modified
Wed, 22 Sep 2021 05:14:32 GMT
Server
Cowboy
Age
48784
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Edge-Origin-Shield-Skipped
0
Content-Type
image/png
Connection
keep-alive
X-Cache
Hit from cloudfront
X-Amz-Cf-Pop
FRA50-C1
Content-Length
1350
X-Amz-Cf-Id
xkCNOxIxHT7Z9Qxt209p8kpVmEsKP25JXp_Dx3uSThu7Hci2eJqaEw==
loading.gif
d1o5lmfp4gliop.cloudfront.net/images/lightbox/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1o5lmfp4gliop.cloudfront.net/images/lightbox/loading.gif
Requested by
Host: d1o5lmfp4gliop.cloudfront.net
URL: https://d1o5lmfp4gliop.cloudfront.net/assets/application-9f28aa82009cb471364c7e1bbf3fb6a4e79a6ee5a8aa7c9a68ca03015e5bcef8.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-101-60.fra50.r.cloudfront.net
Software
Cowboy /
Resource Hash
225aa88b6ab02c06222ec9468d62e15fa188e39cdb9431d1f55401ad380753ed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d1o5lmfp4gliop.cloudfront.net/assets/application-9f28aa82009cb471364c7e1bbf3fb6a4e79a6ee5a8aa7c9a68ca03015e5bcef8.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Via
1.1 vegur, 1.1 055d899361491602a9ef1eb0cdc5e337.cloudfront.net (CloudFront)
Last-Modified
Wed, 22 Sep 2021 05:14:32 GMT
Server
Cowboy
X-Edge-Origin-Shield-Skipped
0
Date
Sun, 26 Sep 2021 18:42:11 GMT
X-Cache
Hit from cloudfront
Content-Type
image/gif
Connection
keep-alive
X-Amz-Cf-Pop
FRA50-C1
Content-Length
8476
X-Amz-Cf-Id
RraD90gxckDWudoGorcOQyzExO4dwtXvYJuAjVSTxHAeITQ9bfcy_Q==
close.png
d1o5lmfp4gliop.cloudfront.net/images/lightbox/ 		280 B
772 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1o5lmfp4gliop.cloudfront.net/images/lightbox/close.png
Requested by
Host: d1o5lmfp4gliop.cloudfront.net
URL: https://d1o5lmfp4gliop.cloudfront.net/assets/application-9f28aa82009cb471364c7e1bbf3fb6a4e79a6ee5a8aa7c9a68ca03015e5bcef8.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-101-60.fra50.r.cloudfront.net
Software
Cowboy /
Resource Hash
5d62e6c90005bfb71f6abb440f9e4753681cb23bbd5e60477ab6f442d2f0e69c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d1o5lmfp4gliop.cloudfront.net/assets/application-9f28aa82009cb471364c7e1bbf3fb6a4e79a6ee5a8aa7c9a68ca03015e5bcef8.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Via
1.1 vegur, 1.1 80c1ad5f9352d00b95a9da73eb6b6be5.cloudfront.net (CloudFront)
Last-Modified
Wed, 22 Sep 2021 05:14:32 GMT
Server
Cowboy
X-Edge-Origin-Shield-Skipped
0
Date
Sun, 26 Sep 2021 18:42:11 GMT
X-Cache
Hit from cloudfront
Content-Type
image/png
Connection
keep-alive
X-Amz-Cf-Pop
FRA50-C1
Content-Length
280
X-Amz-Cf-Id
eQKwQdcwdJc2Pgk-NOZJ22GkzQ1sGmuhxB89pvzrZnQiSot_6lnpnA==
truncated
/ 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/ 		37 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/gif
collect
www.google-analytics.com/j/ 		4 B
213 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j93&a=464492223&t=pageview&_s=1&dl=https%3A%2F%2Fwww.hacksplaining.com%2Fexercises%2Fsql-injection&ul=en-us&de=UTF-8&dt=SQL%20Injection&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=683847243&gjid=1202531049&cid=1548621314.1632681731&uid=&tid=UA-72842038-1&_gid=412735506.1632681731&_r=1&_slc=1&z=952661481
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.hacksplaining.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 26 Sep 2021 18:42:11 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.hacksplaining.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
464 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-72842038-1&cid=1548621314.1632681731&jid=683847243&gjid=1202531049&_gid=412735506.1632681731&_u=IEBAAEAAAAAAAC~&z=2070669863
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.13.0/rollbar.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.120.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wd-in-f156.1e100.net
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.hacksplaining.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Sun, 26 Sep 2021 18:42:11 GMT
content-type
text/plain
access-control-allow-origin
https://www.hacksplaining.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
application-b5fe8eced4667b62d7b604f7eb8f80b9937b5137e7c5221f0ed6d349050fb9ff.css
app-hacksplaining.herokuapp.com/assets/ Frame 3015 		161 KB
29 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app-hacksplaining.herokuapp.com/assets/application-b5fe8eced4667b62d7b604f7eb8f80b9937b5137e7c5221f0ed6d349050fb9ff.css
Requested by
Host: www.hacksplaining.com
URL: https://www.hacksplaining.com/embedded/sql-injection/logs
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.213.42.86 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-213-42-86.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
15b83ec9942ba2b4832436ab2027698f025da6ffaa163e3f9419c2dc2e7383db
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hacksplaining.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 26 Sep 2021 18:42:11 GMT
Content-Encoding
gzip
Last-Modified
Wed, 30 Oct 2019 02:38:45 GMT
Server
Cowboy
Vary
Accept-Encoding
Content-Type
text/css
Via
1.1 vegur
Connection
keep-alive
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Length
29197
application-90fba03fb570014b9c67de195e3eed232f088506657454a08797e9fb0634c2b4.js
app-hacksplaining.herokuapp.com/assets/ Frame 3015 		359 KB
102 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app-hacksplaining.herokuapp.com/assets/application-90fba03fb570014b9c67de195e3eed232f088506657454a08797e9fb0634c2b4.js
Requested by
Host: www.hacksplaining.com
URL: https://www.hacksplaining.com/embedded/sql-injection/logs
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.213.42.86 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-213-42-86.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
74c251340829234c70ce1193d7cdd56ce21747c2a98562355354eaa36340366d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hacksplaining.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 26 Sep 2021 18:42:11 GMT
Content-Encoding
gzip
Last-Modified
Thu, 31 Oct 2019 04:34:10 GMT
Server
Cowboy
Vary
Accept-Encoding
Content-Type
application/javascript
Via
1.1 vegur
Connection
keep-alive
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Length
104183
application-b5fe8eced4667b62d7b604f7eb8f80b9937b5137e7c5221f0ed6d349050fb9ff.css
app-hacksplaining.herokuapp.com/assets/ Frame 79A6 		161 KB
29 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app-hacksplaining.herokuapp.com/assets/application-b5fe8eced4667b62d7b604f7eb8f80b9937b5137e7c5221f0ed6d349050fb9ff.css
Requested by
Host: www.hacksplaining.com
URL: https://www.hacksplaining.com/embedded/sql-injection/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.213.42.86 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-213-42-86.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
15b83ec9942ba2b4832436ab2027698f025da6ffaa163e3f9419c2dc2e7383db
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hacksplaining.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 26 Sep 2021 18:42:11 GMT
Content-Encoding
gzip
Last-Modified
Wed, 30 Oct 2019 02:38:45 GMT
Server
Cowboy
Vary
Accept-Encoding
Content-Type
text/css
Via
1.1 vegur
Connection
keep-alive
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Length
29197
application-90fba03fb570014b9c67de195e3eed232f088506657454a08797e9fb0634c2b4.js
app-hacksplaining.herokuapp.com/assets/ Frame 79A6 		359 KB
102 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app-hacksplaining.herokuapp.com/assets/application-90fba03fb570014b9c67de195e3eed232f088506657454a08797e9fb0634c2b4.js
Requested by
Host: www.hacksplaining.com
URL: https://www.hacksplaining.com/embedded/sql-injection/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.213.42.86 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-213-42-86.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
74c251340829234c70ce1193d7cdd56ce21747c2a98562355354eaa36340366d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hacksplaining.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 26 Sep 2021 18:42:11 GMT
Content-Encoding
gzip
Last-Modified
Thu, 31 Oct 2019 04:34:10 GMT
Server
Cowboy
Vary
Accept-Encoding
Content-Type
application/javascript
Via
1.1 vegur
Connection
keep-alive
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Length
104183
logo-2-4f4d28f2398c1615c25433c4bbad04839ee4ff4ee5b8cbb51c7a9b0a90ac5c9a.png
app-hacksplaining.herokuapp.com/assets/ Frame 79A6 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app-hacksplaining.herokuapp.com/assets/logo-2-4f4d28f2398c1615c25433c4bbad04839ee4ff4ee5b8cbb51c7a9b0a90ac5c9a.png
Requested by
Host: www.hacksplaining.com
URL: https://www.hacksplaining.com/embedded/sql-injection/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.213.42.86 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-213-42-86.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
4f4d28f2398c1615c25433c4bbad04839ee4ff4ee5b8cbb51c7a9b0a90ac5c9a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hacksplaining.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 26 Sep 2021 18:42:11 GMT
Via
1.1 vegur
Last-Modified
Tue, 15 Nov 2016 00:15:03 GMT
Server
Cowboy
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
image/png
Connection
keep-alive
Content-Length
23440
banking-2-d60ae3885602c0720fb7f9257a56c951ecb4eed918801797b0308db26f516c6e.png
app-hacksplaining.herokuapp.com/assets/ Frame 79A6 		162 KB
162 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app-hacksplaining.herokuapp.com/assets/banking-2-d60ae3885602c0720fb7f9257a56c951ecb4eed918801797b0308db26f516c6e.png
Requested by
Host: www.hacksplaining.com
URL: https://www.hacksplaining.com/embedded/sql-injection/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.213.42.86 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-213-42-86.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
d60ae3885602c0720fb7f9257a56c951ecb4eed918801797b0308db26f516c6e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hacksplaining.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 26 Sep 2021 18:42:11 GMT
Via
1.1 vegur
Last-Modified
Tue, 15 Nov 2016 00:15:03 GMT
Server
Cowboy
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
image/png
Connection
keep-alive
Content-Length
165737
Cookie set stream
www.hacksplaining.com/embedded/sql-injection/logs/ Frame 3015 		35 B
839 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.hacksplaining.com/embedded/sql-injection/logs/stream
Requested by
Host: app-hacksplaining.herokuapp.com
URL: https://app-hacksplaining.herokuapp.com/assets/application-90fba03fb570014b9c67de195e3eed232f088506657454a08797e9fb0634c2b4.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.70.146.201 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-70-146-201.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
6a260b9a8628d86f6bec67cb6ca33dd8ced3487c795a67cc3fda3d2a33433f48
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.hacksplaining.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
cors
Accept
application/json, text/javascript, */*; q=0.01
Cache-Control
no-cache
Sec-Fetch-Dest
empty
X-Requested-With
XMLHttpRequest
Cookie
_session_id=725c96e29a58d7872ac3954218d87888; _ga=GA1.2.1548621314.1632681731; _gid=GA1.2.412735506.1632681731; _gat=1; _vulnerable-app_session=dkk2QjZtN21DTnNRWUNYTmF0V0NKTFhBME5uaVQySEhya0UyOThBOVEwS0Jrb2F2djVEY3BJMHpUY1FYMzREZ3FsWjgzN2hUSWpEbjdkVjdkOFBnTHpHZGJ0WExMZi9LcjUrUktwVDFxNkZuVnNuOGIvM3MycDZsVXBsZUdJT0huZnFsMnlueEVFYnZWTU94YmFIcHR3PT0tLUVWQ04rQ3F3SmZSeVpjdkx3WmhZTlE9PQ%3D%3D--65c8c8e9329daab35c959fbdfe0c43515634f19b
Connection
keep-alive
Referer
https://www.hacksplaining.com/embedded/sql-injection/logs
Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.hacksplaining.com/embedded/sql-injection/logs
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

X-Runtime
0.006017
Date
Sun, 26 Sep 2021 18:42:12 GMT
Access-Control-Request-Method
GET
Server
Cowboy
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Transfer-Encoding
chunked
Set-Cookie
_vulnerable-app_session=d3FSZWExSkx2OWVrTGJ2YXM3SEczSTY4blN2YW50N3R1WmZDWVhJSElPTHQrV1hhTHlST3pYZTZnMFd6UytrWlZ5YnMwSXFraWpNbVpSNmxMWk9XMXFXeWJKRytDT0QvVGlvL0FFeXdJL01LMXE3MW92NCtnSmdMN0hlbE53dS9FK3pFeHBOWkZGaDllZTV6cWcwZ1pBPT0tLXhNZ3pwdGgxY0JFeThFZmJWUHFyZGc9PQ%3D%3D--6071da6f237bbba95501d6448cee011c40c0e8c8; path=/; secure; HttpOnly; SameSite=None
Via
1.1 vegur, 1.1 vegur
X-Request-Id
92721cdb-9c50-4829-a6c3-d13228907460
Cookie set stream
www.hacksplaining.com/embedded/sql-injection/logs/ Frame 3015 		16 B
820 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.hacksplaining.com/embedded/sql-injection/logs/stream
Requested by
Host: app-hacksplaining.herokuapp.com
URL: https://app-hacksplaining.herokuapp.com/assets/application-90fba03fb570014b9c67de195e3eed232f088506657454a08797e9fb0634c2b4.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.70.146.201 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-70-146-201.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
e50904972996b97686ec1f65a0e5e69de3c30254c4ecd839be7b83bb211f3e53
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.hacksplaining.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
cors
Accept
application/json, text/javascript, */*; q=0.01
Cache-Control
no-cache
Sec-Fetch-Dest
empty
X-Requested-With
XMLHttpRequest
Cookie
_session_id=725c96e29a58d7872ac3954218d87888; _ga=GA1.2.1548621314.1632681731; _gid=GA1.2.412735506.1632681731; _gat=1; _vulnerable-app_session=d3FSZWExSkx2OWVrTGJ2YXM3SEczSTY4blN2YW50N3R1WmZDWVhJSElPTHQrV1hhTHlST3pYZTZnMFd6UytrWlZ5YnMwSXFraWpNbVpSNmxMWk9XMXFXeWJKRytDT0QvVGlvL0FFeXdJL01LMXE3MW92NCtnSmdMN0hlbE53dS9FK3pFeHBOWkZGaDllZTV6cWcwZ1pBPT0tLXhNZ3pwdGgxY0JFeThFZmJWUHFyZGc9PQ%3D%3D--6071da6f237bbba95501d6448cee011c40c0e8c8
Connection
keep-alive
Referer
https://www.hacksplaining.com/embedded/sql-injection/logs
Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.hacksplaining.com/embedded/sql-injection/logs
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

X-Runtime
0.003824
Date
Sun, 26 Sep 2021 18:42:13 GMT
Access-Control-Request-Method
GET
Server
Cowboy
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Transfer-Encoding
chunked
Set-Cookie
_vulnerable-app_session=UUtWVVk3NXlBaHFDTWNtUG1jYlBXRkFrWjROMGk1bU1VZEI0VkNWd1krdWwrWjdNYzVvaTh5NXhHcUVFcmF5MnA3Uk1uTFhoelJ5YW9VNUkxNUMxK3ErNzlRWTlhVmwvREFWbzJDa2ZqQ0kyM3J3QzEzcW5nbXZsODY2RDZvdzc1OVlmK0xDRUJXcUVKUTBGMVhnayt3PT0tLUZBWUhWb0daeVk2djFMc2tYdGw3Wmc9PQ%3D%3D--bd9c6d2c2b9330787baec1f3f75b2e5691ec84f3; path=/; secure; HttpOnly; SameSite=None
Via
1.1 vegur, 1.1 vegur
X-Request-Id
7ba03d14-28e0-447e-b095-ecd2a937dd82
Cookie set stream
www.hacksplaining.com/embedded/sql-injection/logs/ Frame 3015 		16 B
820 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.hacksplaining.com/embedded/sql-injection/logs/stream
Requested by
Host: app-hacksplaining.herokuapp.com
URL: https://app-hacksplaining.herokuapp.com/assets/application-90fba03fb570014b9c67de195e3eed232f088506657454a08797e9fb0634c2b4.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.70.146.201 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-70-146-201.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
e50904972996b97686ec1f65a0e5e69de3c30254c4ecd839be7b83bb211f3e53
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.hacksplaining.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
cors
Accept
application/json, text/javascript, */*; q=0.01
Cache-Control
no-cache
Sec-Fetch-Dest
empty
X-Requested-With
XMLHttpRequest
Cookie
_session_id=725c96e29a58d7872ac3954218d87888; _ga=GA1.2.1548621314.1632681731; _gid=GA1.2.412735506.1632681731; _gat=1; _vulnerable-app_session=UUtWVVk3NXlBaHFDTWNtUG1jYlBXRkFrWjROMGk1bU1VZEI0VkNWd1krdWwrWjdNYzVvaTh5NXhHcUVFcmF5MnA3Uk1uTFhoelJ5YW9VNUkxNUMxK3ErNzlRWTlhVmwvREFWbzJDa2ZqQ0kyM3J3QzEzcW5nbXZsODY2RDZvdzc1OVlmK0xDRUJXcUVKUTBGMVhnayt3PT0tLUZBWUhWb0daeVk2djFMc2tYdGw3Wmc9PQ%3D%3D--bd9c6d2c2b9330787baec1f3f75b2e5691ec84f3
Connection
keep-alive
Referer
https://www.hacksplaining.com/embedded/sql-injection/logs
Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.hacksplaining.com/embedded/sql-injection/logs
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

X-Runtime
0.003702
Date
Sun, 26 Sep 2021 18:42:14 GMT
Access-Control-Request-Method
GET
Server
Cowboy
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Transfer-Encoding
chunked
Set-Cookie
_vulnerable-app_session=d205eGtTek1BZ1E4aGNLd3pJZUpHRmxRYU90VWtIN3pNYjAvbVFpQnZLckZ3cGQ0cVhrc0FsRFpLS0gzaDZkaWFnOEp6MGYrcHVaSHlrb20zTWpUVEYxaTNReG9jK2lJSC9mZUZGUjRocE5vNm1vSXdOckI1N2V0bnFTMUFCY1RKb3lFdTZLL0M4RU5VNnJlT212UGRnPT0tLTNGa0tLQUZ5dzlVbnNGLzF6YnpmdlE9PQ%3D%3D--2144c203cfd7199f4036c5f76c4c84e13bdcf22b; path=/; secure; HttpOnly; SameSite=None
Via
1.1 vegur, 1.1 vegur
X-Request-Id
8dc34031-d801-40f6-ace4-7e00fd79c3af

Verdicts & Comments Add Verdict or Comment

50 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| onbeforexrselect boolean| originAgentCluster function| track string| GoogleAnalyticsObject function| ga function| $ function| jQuery function| Popper function| Tether object| lightbox object| hljs object| _rollbarConfig object| _rollbarShims object| _rollbarWrappedError function| _rollbarURH object| Rollbar function| rollbar string| footerClass string| lessonBackground function| invalidLogin function| unexpectedError function| authenticationBypassed function| animating function| done function| recalculateVisibility function| recalculateComponentWidths function| currentInstruction function| awaitingInteraction function| interactionOccurred function| nextStep function| isScrolledIntoView function| updateProgressBaubles function| enumerateInstructions function| triggerEvent object| sounds boolean| screencast object| instructions function| inputEventOnChild number| animation_count function| cookieinfo object| cbinstance object| google_tag_data object| gaplugins object| gaGlobal object| gaData number| _rollbarStartTime boolean| _rollbarDidLoad boolean| _rollbarInitialized

5 Cookies

Domain/Path Name / Value
www.hacksplaining.com/ Name: _session_id
Value: 725c96e29a58d7872ac3954218d87888
.hacksplaining.com/ Name: _ga
Value: GA1.2.1548621314.1632681731
.hacksplaining.com/ Name: _gid
Value: GA1.2.412735506.1632681731
.hacksplaining.com/ Name: _gat
Value: 1
www.hacksplaining.com/ Name: _vulnerable-app_session
Value: d205eGtTek1BZ1E4aGNLd3pJZUpHRmxRYU90VWtIN3pNYjAvbVFpQnZLckZ3cGQ0cVhrc0FsRFpLS0gzaDZkaWFnOEp6MGYrcHVaSHlrb20zTWpUVEYxaTNReG9jK2lJSC9mZUZGUjRocE5vNm1vSXdOckI1N2V0bnFTMUFCY1RKb3lFdTZLL0M4RU5VNnJlT212UGRnPT0tLTNGa0tLQUZ5dzlVbnNGLzF6YnpmdlE9PQ%3D%3D--2144c203cfd7199f4036c5f76c4c84e13bdcf22b

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options ALLOW-FROM godaddy.com

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app-hacksplaining.herokuapp.com
cdnjs.cloudflare.com
d1o5lmfp4gliop.cloudfront.net
stats.g.doubleclick.net
www.google-analytics.com
www.hacksplaining.com
104.16.18.94
142.250.184.238
143.204.101.60
172.253.120.156
3.213.42.86
52.70.146.201
079467bf30de7c16831ec3428c9451d910dcccdab7625f963d458d7dfeaa5cfd
15b83ec9942ba2b4832436ab2027698f025da6ffaa163e3f9419c2dc2e7383db
15b869b02c6fbaa8c6c26445a2dd2d9bad80fd27b1409f8179e5dd89dc89d90a
225aa88b6ab02c06222ec9468d62e15fa188e39cdb9431d1f55401ad380753ed
48bdb4077813afe9762f27e229e64207ec59c3891a54a3adf931c2c91a6d99bd
4c02a4c46bdc1135b41a939c85873cb5410d27992251d02d6bdb442557948d7d
4f4d28f2398c1615c25433c4bbad04839ee4ff4ee5b8cbb51c7a9b0a90ac5c9a
5d62e6c90005bfb71f6abb440f9e4753681cb23bbd5e60477ab6f442d2f0e69c
5eed1e33edcf8e7a83b00ad2625a5d60a5bcf62d2578962c1bbcc2182ca9ed87
5f9b475fbff5afb0c4a6ec5d1c490d664c225daeba42e509b213603d4dd3b0d9
627a8e8d5f4ba736a511efc9af64b62c9bdb0d77de4edf6b76707568e038a497
6414920ec829eb546a8fd1fc369b4e4aa6bc64e345e41f728e420a233a65dc99
6a260b9a8628d86f6bec67cb6ca33dd8ced3487c795a67cc3fda3d2a33433f48
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
74c251340829234c70ce1193d7cdd56ce21747c2a98562355354eaa36340366d
7794b943e54ea02e103c44124e079f67d63fabcf65af3d9f4118f18b7a77ab29
7fd9273f20fdb1229c224341271a119020a5eee74ccf6b4605730917c864caf2
90f0a053d61ba5042e1c2db00e49584bc8b0d0b3e07fb1609c391b541b0ab4fa
9e0063fde63a0548c09916d3ec02515f45d5005f8d86e467b5e308f574cf207e
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b0e676ab52e9859a10bda9f4493bc819ed844ce4d1b055b9ba818e26d287c1fc
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
cdd53b982a26e868f6f6b94a6fa7ea243c4649062b95c6fdcdb07ad50982dfc8
d60ae3885602c0720fb7f9257a56c951ecb4eed918801797b0308db26f516c6e
e39526e7aa80843bd7e093226bff23d4b20927157f49b7bbbc4e9078b6da50e2
e50904972996b97686ec1f65a0e5e69de3c30254c4ecd839be7b83bb211f3e53
eddb2f4b55383e451d747923e80fb026a0853b688b3ab7bb5535e213b364fe15
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62