[altharaz]

Blind-querying is a common technique and is even tested by tools such as SQLMap (https://github.com/sqlmapproject/sqlmap/wiki/Usage#sql-injec...).

You have full details on what these requests look like here: https://www.owasp.org/index.php/Blind_SQL_Injection