oidc-client-ts icon indicating copy to clipboard operation
oidc-client-ts copied to clipboard

Published 20 hours ago verified publisher icon authts

Spam of token requests from single IP

Open verdie-g opened this issue 2 years ago • 0 comments
trafficstars

Hi, I've noticed a spam of token requests coming from a single IP. Here is the pattern:

2023-07-24T03:15:58.035Z,POST https://api.c-rpg.eu/connect/token 200 SA.ME.I.P
2023-07-24T03:15:58.038Z,POST https://api.c-rpg.eu/connect/token 200 SA.ME.I.P
2023-07-24T03:16:05.720Z,POST https://api.c-rpg.eu/connect/token 499 SA.ME.I.P
2023-07-24T03:16:05.823Z,POST https://api.c-rpg.eu/connect/token 499 SA.ME.I.P
2023-07-24T03:16:05.823Z,POST https://api.c-rpg.eu/connect/token 499 SA.ME.I.P
2023-07-24T03:16:05.823Z,POST https://api.c-rpg.eu/connect/token 499 SA.ME.I.P
2023-07-24T03:16:05.823Z,POST https://api.c-rpg.eu/connect/token 499 SA.ME.I.P
2023-07-24T03:16:05.823Z,POST https://api.c-rpg.eu/connect/token 499 SA.ME.I.P
2023-07-24T03:16:05.823Z,POST https://api.c-rpg.eu/connect/token 499 SA.ME.I.P
2023-07-24T03:16:05.823Z,POST https://api.c-rpg.eu/connect/token 499 SA.ME.I.P
2023-07-24T03:16:05.823Z,POST https://api.c-rpg.eu/connect/token 499 SA.ME.I.P
2023-07-24T03:16:05.823Z,POST https://api.c-rpg.eu/connect/token 499 SA.ME.I.P
2023-07-24T03:16:05.823Z,POST https://api.c-rpg.eu/connect/token 499 SA.ME.I.P
2023-07-24T03:16:06.066Z,POST https://api.c-rpg.eu/connect/token 200 SA.ME.I.P
2023-07-24T03:16:06.066Z,POST https://api.c-rpg.eu/connect/token 200 SA.ME.I.P
2023-07-24T03:16:06.066Z,POST https://api.c-rpg.eu/connect/token 200 SA.ME.I.P
2023-07-24T03:16:06.066Z,POST https://api.c-rpg.eu/connect/token 200 SA.ME.I.P
2023-07-24T03:16:06.066Z,POST https://api.c-rpg.eu/connect/token 200 SA.ME.I.P
2023-07-24T03:16:06.066Z,POST https://api.c-rpg.eu/connect/token 200 SA.ME.I.P
...

22x200 + 87x499 + 87x502

Then 1 hour later (access token lifespan), just

2023-07-24T04:15:07.887Z,POST https://api.c-rpg.eu/connect/token 200 SA.ME.I.P

1x200

And 1 hour later again

2023-07-24T05:14:17.108Z,POST https://api.c-rpg.eu/connect/token 499 SA.ME.I.P
2023-07-24T05:14:17.108Z,POST https://api.c-rpg.eu/connect/token 499 SA.ME.I.P
2023-07-24T05:14:17.108Z,POST https://api.c-rpg.eu/connect/token 499 SA.ME.I.P
2023-07-24T05:14:17.108Z,POST https://api.c-rpg.eu/connect/token 499 SA.ME.I.P
2023-07-24T05:14:17.108Z,POST https://api.c-rpg.eu/connect/token 499 SA.ME.I.P
2023-07-24T05:14:17.108Z,POST https://api.c-rpg.eu/connect/token 499 SA.ME.I.P
2023-07-24T05:14:17.108Z,POST https://api.c-rpg.eu/connect/token 499 SA.ME.I.P
2023-07-24T05:14:17.108Z,POST https://api.c-rpg.eu/connect/token 499 SA.ME.I.P
2023-07-24T05:14:17.108Z,POST https://api.c-rpg.eu/connect/token 499 SA.ME.I.P
2023-07-24T05:14:17.108Z,POST https://api.c-rpg.eu/connect/token 499 SA.ME.I.P
2023-07-24T05:14:17.108Z,POST https://api.c-rpg.eu/connect/token 499 SA.ME.I.P
2023-07-24T05:14:17.108Z,POST https://api.c-rpg.eu/connect/token 499 SA.ME.I.P
2023-07-24T05:14:17.108Z,POST https://api.c-rpg.eu/connect/token 499 SA.ME.I.P
2023-07-24T05:14:17.108Z,POST https://api.c-rpg.eu/connect/token 499 SA.ME.I.P
2023-07-24T05:14:17.108Z,POST https://api.c-rpg.eu/connect/token 499 SA.ME.I.P
2023-07-24T05:14:17.108Z,POST https://api.c-rpg.eu/connect/token 499 SA.ME.I.P
2023-07-24T05:14:17.108Z,POST https://api.c-rpg.eu/connect/token 499 SA.ME.I.P
2023-07-24T05:14:17.108Z,POST https://api.c-rpg.eu/connect/token 499 SA.ME.I.P
2023-07-24T05:14:17.108Z,POST https://api.c-rpg.eu/connect/token 499 SA.ME.I.P
2023-07-24T05:14:17.797Z,POST https://api.c-rpg.eu/connect/token 499 SA.ME.I.P
2023-07-24T05:14:17.798Z,POST https://api.c-rpg.eu/connect/token 499 SA.ME.I.P
2023-07-24T05:14:17.798Z,POST https://api.c-rpg.eu/connect/token 499 SA.ME.I.P
2023-07-24T05:14:17.799Z,POST https://api.c-rpg.eu/connect/token 499 SA.ME.I.P
2023-07-24T05:14:18.210Z,POST https://api.c-rpg.eu/connect/token 499 SA.ME.I.P
2023-07-24T05:14:18.210Z,POST https://api.c-rpg.eu/connect/token 499 SA.ME.I.P
2023-07-24T05:14:18.210Z,POST https://api.c-rpg.eu/connect/token 499 SA.ME.I.P
2023-07-24T05:14:18.210Z,POST https://api.c-rpg.eu/connect/token 499 SA.ME.I.P
2023-07-24T05:14:18.210Z,POST https://api.c-rpg.eu/connect/token 499 SA.ME.I.P
2023-07-24T05:14:18.210Z,POST https://api.c-rpg.eu/connect/token 499 SA.ME.I.P
2023-07-24T05:14:18.210Z,POST https://api.c-rpg.eu/connect/token 499 SA.ME.I.P
2023-07-24T05:14:18.210Z,POST https://api.c-rpg.eu/connect/token 499 SA.ME.I.P
...

1x408 + 667x499 + 146x502

Here is my setup: https://github.com/verdie-g/crpg/blob/e479c048e220af15f80272b4c4650b9fde057ae1/src/WebUI/src/services/auth-service.ts#L26-L35

Any idea what could cause that?

verdie-g avatar Jul 24 '23 14:07 verdie-g