Tags are labels automatically applied to requests to help classify, detect, and analyze traffic based on content, security risks, authentication, language, and more. Tags can be used as filters on the traffic dashboard to include or exclude requests with specific characteristics.
SQL Injection Tags
- SQL injection present
- SQL injection present in header
- SQL injection present in body
- GraphQL variable with SQL injection present
- SQL injection in GraphQL
Request Tags
- Request successful
- Invalid request
- Request redirected successfully
- Request made from a public IP address
- Request made from an internal IP address
- Health check request
- HTTP request
- Request payload is malformed JSON
- Response payload is malformed JSON
- Bad request
- Bad authentication request
- Missing referrer
- Internal server error
- Not API Traffic
- The request is suspicious
- The request is malicious
User Agent & Bot Detection Tags
- Browser based user agent
- User agent is from a non standard browser
- User agent is from a non standard OS
- User agent is from a bot
- Bot detected
- The endpoint is a known bot requested endpoint
Suspicious PHP Injection Tags
- PHP payload contains string base64_decode
- PHP payload contains string eval
- PHP payload contains string exec
- PHP payload contains string system
- PHP payload contains string passthru
- PHP payload contains string shell_exec
- PHP payload contains string popen
- PHP payload contains string proc_open
- PHP payload contains string pcntl_exec
XSS (Cross-Site Scripting) Tags
- Potential XSS in either the request body or headers
- Request body contains the potential XSS
- Request headers contains the potential XSS
Authentication Tags
- Request contains basic authentication
- API key authentication
- OAuth authentication
- Digest authentication
- Request contains hoba authentication
- Request contains mutual authentication
- Request contains ntlm authentication
- Request contains vapid authentication
- Request contains scram authentication
- Request contains hawk authentication
- Request contains aws authentication
- Request contains unrecognized authentication
Secret and Sensitive Data Tags
- Request contains an AWS Secret Access Key
- Request contains an AWS Secret Access Key ID
- Request contains an AWS MWS Auth Token
- Request contains a JWT Token
- Request contains a Meta (Facebook) Access Token
- Request contains a Github Personal Access Token
- Request contains a Gitlab Trigger Token
- Request contains a Gitlab Runner Registration Token
- Request contains a Google API Key
- Request contains a Google OAuth Token
- Request contains a Google OAuth Access Token
- Request contains a MailGun API Keyn
- Request contains a PayPal Braintree Access Token
- Request contains a Picatic API Key
- Request contains a SendGrid API Key
- Request contains a Slack Token
- Request contains a Slack Webhook
- Request contains a Square Access Token
- Request contains a Stripe API Key
- Request contains a Twilio API Key
- PII: Email address present
- PII: Email address present in input
- PII: Email address present in output
- Request contains a banking IBAN number
GraphQL Tags
- GraphQL Query detected
- GraphQL Mutation detected
- GraphQL Subscription detected
Miscellaneous Tags
- Request contains multiple languages
- Request contains base64 encoded content
- Request contains English language in input
- Request contains English language in output
- Temporary email domain used
- Contains cookie(s)
Language Tags
Dozens of languages are automatically detected and tagged in requests, such as Italian, Tamil, Latvian, Japanese, Punjabi and so on.
