Table 4.
Example attack POST request headers received by the server.
| Host | 192.168.1.13 |
| Accept | text/html,application/xhtml+xml, application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8, application/signed-exchange;v=b3;q=0.7 |
| Cookie | session=.eJwlzLsKwyAARuFXkX8WU VND6guEDC0dsos0NhWsgpcuIe9eoeOBw3dgeUBDXCUT48QEEwMofKwu22f 1KZpSba7QB8jWx_XdKBEjuacvkVwORExaKX1RZL6tOClC2ne3GRhXzYUR9G B2gq05JyiFZeN71JsIfwz2o_r8txcqTh_vpMrnA.ZVZXxw.h1HjL5HRu_cm9I9MK _dJJnbRcqg |
| Origin | https://192.168.1.13 |
| Referer | https://192.168.1.13/login |
| Sec-Ch-Ua | Google Chrome;v=“119”, “Chromium”;v=“119", “Not?A_Brand";v=“24" |
| Connection | keep-alive |
| User-Agent | Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36 |
| Content-Type | application/x-www-form-urlencoded |
| Cache-Control | max-age=0 |
| Content-Length | 30 |
| Sec-Fetch-Dest | document |
| Sec-Fetch-Mode | navigate |
| Sec-Fetch-Site | same-origin |
| Sec-Fetch-User | ?1 |
| Accept-Encoding | gzip, deflate, br |
| Accept-Language | en-US,en;q=0.9 |
| Sec-Ch-Ua-Mobile | ?0 |
| Sec-Ch-Ua-Platform | Windows |
| Upgrade-Insecure-Requests | 1 |