bunkerweb
bunkerweb copied to clipboard
bunkerity
[BUG] The CSRF token expires quickly.
What happened?
Hello.
I built the service through bunkerweb 1.62-rc3, and soon after I log in, the CSRF token says it has expired and I am forced to log out.
Does it occur when there is a large amount of log? Regarding the report, it is not possible to check it in mariadb, but I wonder which DB it can be checked in.
Thank you for the fantastic project.
How to reproduce?
If you don't do anything, you'll get symptoms
Configuration file(s) (yaml or .env)
x-bw-env: &bw-env
# We use an anchor to avoid repeating the same settings for both containers
AUTOCONF_MODE: "yes"
API_WHITELIST_IP: "127.0.0.0/8 10.20.30.0/24"
services:
bunkerweb:
image: bunkerity/bunkerweb:1.6.1
ports:
- "80:8080/tcp"
- "443:8443/tcp"
- "443:8443/udp" # QUIC
labels:
- "bunkerweb.INSTANCE=yes" # Mandatory label for the autoconf service to identify the BunkerWeb instance
environment:
<<: *bw-env
restart: "unless-stopped"
networks:
- bw-universe
- bw-services
bw-scheduler:
image: bunkerity/bunkerweb-scheduler:1.6.1
environment:
<<: *bw-env
BUNKERWEB_INSTANCES: "" # We don't need to specify the BunkerWeb instance here as they are automatically detected by the autoconf service
SERVER_NAME: "" # The server name will be filled with services labels
MULTISITE: "yes" # Mandatory setting for autoconf
DATABASE_URI: "mariadb+pymysql://bunkerweb:changeme@bw-db:3306/db" # Remember to set a stronger password for the database
volumes:
- bw-storage:/data # This is used to persist the cache and other data like the backups
restart: "unless-stopped"
networks:
- bw-universe
- bw-db
bw-autoconf:
image: bunkerity/bunkerweb-autoconf:1.6.1
depends_on:
- bunkerweb
- bw-docker
environment:
AUTOCONF_MODE: "yes"
DATABASE_URI: "mariadb+pymysql://bunkerweb:changeme@bw-db:3306/db" # Remember to set a stronger password for the database
DOCKER_HOST: "tcp://bw-docker:2375" # The Docker socket
restart: "unless-stopped"
networks:
- bw-universe
- bw-docker
- bw-db
bw-docker:
image: tecnativa/docker-socket-proxy:nightly
volumes:
- /var/run/docker.sock:/var/run/docker.sock:ro
environment:
CONTAINERS: "1"
LOG_LEVEL: "warning"
restart: "unless-stopped"
networks:
- bw-docker
bw-db:
image: mariadb:11
environment:
MYSQL_RANDOM_ROOT_PASSWORD: "yes"
MYSQL_DATABASE: "db"
MYSQL_USER: "bunkerweb"
MYSQL_PASSWORD: "changeme" # Remember to set a stronger password for the database
volumes:
- bw-data:/var/lib/mysql
restart: "unless-stopped"
networks:
- bw-db
volumes:
bw-data:
bw-storage:
networks:
bw-universe:
name: bw-universe
ipam:
driver: default
config:
- subnet: 10.20.30.0/24
bw-services:
name: bw-services
bw-docker:
name: bw-docker
bw-db:
name: bw-db
Relevant log output
[2025-06-09 02:00:38 +0000] [flask_wtf.csrf] [49] [ℹ️ ] - The CSRF token has expired.
[2025-06-09 02:00:38 +0000] [UI] [49] [❌] - CSRF token is missing or invalid for /reports/fetch by Anonymous
192.168.1.109 - - [09/Jun/2025:02:00:38 +0000] "POST /reports/fetch HTTP/1.1" 403 199 "https://192.168.1.110/reports" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36"
[2025-06-09 02:01:38 +0000] [flask_wtf.csrf] [47] [ℹ️ ] - The CSRF session token is missing.
[2025-06-09 02:01:38 +0000] [UI] [47] [❌] - CSRF token is missing or invalid for /reports/fetch by Anonymous
192.168.1.109 - - [09/Jun/2025:02:01:38 +0000] "POST /reports/fetch HTTP/1.1" 403 199 "https://192.168.1.110/reports" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36"
[2025-06-09 02:02:09 +0000] [flask_wtf.csrf] [48] [ℹ️ ] - The CSRF session token is missing.
[2025-06-09 02:02:09 +0000] [UI] [48] [❌] - CSRF token is missing or invalid for /login by Anonymous
192.168.1.109 - - [09/Jun/2025:02:02:09 +0000] "POST /login?next=%2Fbans HTTP/1.1" 403 199 "https://192.168.1.110/login?next=%2Fbans" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36"
192.168.1.109 - - [09/Jun/2025:02:02:10 +0000] "GET /favicon.ico HTTP/1.1" 404 207 "https://192.168.1.110/login?next=%2Fbans" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36"
192.168.1.109 - - [09/Jun/2025:02:02:17 +0000] "GET /login HTTP/1.1" 200 73755 "https://192.168.1.110/login?next=%2Fbans" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36"
192.168.1.109 - - [09/Jun/2025:02:02:17 +0000] "GET /css/core.css HTTP/1.1" 200 0 "https://192.168.1.110/login" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36"
192.168.1.109 - - [09/Jun/2025:02:02:17 +0000] "GET /libs/i18next/i18nextHttpBackend.min.js HTTP/1.1" 200 0 "https://192.168.1.110/login" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36"
192.168.1.109 - - [09/Jun/2025:02:02:17 +0000] "GET /libs/jquery/jquery.min.js HTTP/1.1" 200 0 "https://192.168.1.110/login" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36"
192.168.1.109 - - [09/Jun/2025:02:02:17 +0000] "GET /js/menu.js HTTP/1.1" 200 0 "https://192.168.1.110/login" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36"
192.168.1.109 - - [09/Jun/2025:02:02:17 +0000] "GET /libs/i18next/i18next.min.js HTTP/1.1" 200 0 "https://192.168.1.110/login" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36"
192.168.1.109 - - [09/Jun/2025:02:02:17 +0000] "GET /fonts/Public_sans.css HTTP/1.1" 200 0 "https://192.168.1.110/login" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36"
192.168.1.109 - - [09/Jun/2025:02:02:17 +0000] "GET /fonts/Courier_Prime.css HTTP/1.1" 200 0 "https://192.168.1.110/login" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36"
192.168.1.109 - - [09/Jun/2025:02:02:17 +0000] "GET /js/helpers.js HTTP/1.1" 200 0 "https://192.168.1.110/login" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36"
192.168.1.109 - - [09/Jun/2025:02:02:17 +0000] "GET /css/main.css HTTP/1.1" 200 0 "https://192.168.1.110/login" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36"
192.168.1.109 - - [09/Jun/2025:02:02:17 +0000] "GET /css/theme-default.css HTTP/1.1" 200 0 "https://192.168.1.110/login" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36"
192.168.1.109 - - [09/Jun/2025:02:02:17 +0000] "GET /js/config.js HTTP/1.1" 200 0 "https://192.168.1.110/login" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36"
192.168.1.109 - - [09/Jun/2025:02:02:17 +0000] "GET /js/i18n.js HTTP/1.1" 200 0 "https://192.168.1.110/login" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36"
192.168.1.109 - - [09/Jun/2025:02:02:17 +0000] "GET /fonts/DonJose.css HTTP/1.1" 200 0 "https://192.168.1.110/login" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36"
192.168.1.109 - - [09/Jun/2025:02:02:17 +0000] "GET /img/logo-menu.png HTTP/1.1" 200 0 "https://192.168.1.110/login" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36"
192.168.1.109 - - [09/Jun/2025:02:02:17 +0000] "GET /libs/i18next/i18nextBrowserLanguageDetector.min.js HTTP/1.1" 200 0 "https://192.168.1.110/login" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36"
192.168.1.109 - - [09/Jun/2025:02:02:17 +0000] "GET /fonts/boxicons.min.css HTTP/1.1" 200 0 "https://192.168.1.110/login" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36"
192.168.1.109 - - [09/Jun/2025:02:02:17 +0000] "GET /css/overrides.css HTTP/1.1" 200 0 "https://192.168.1.110/login" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36"
192.168.1.109 - - [09/Jun/2025:02:02:17 +0000] "GET /libs/perfect-scrollbar/perfect-scrollbar.css HTTP/1.1" 200 0 "https://192.168.1.110/login" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36"
192.168.1.109 - - [09/Jun/2025:02:02:17 +0000] "GET /css/pages/login.css HTTP/1.1" 200 0 "https://192.168.1.110/login" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36"
192.168.1.109 - - [09/Jun/2025:02:02:17 +0000] "GET /img/login-background.svg HTTP/1.1" 200 0 "https://192.168.1.110/css/overrides.css" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36"
192.168.1.109 - - [09/Jun/2025:02:02:17 +0000] "GET /libs/popper/popper.min.js HTTP/1.1" 200 0 "https://192.168.1.110/login" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36"
192.168.1.109 - - [09/Jun/2025:02:02:17 +0000] "GET /libs/purify/purify.min.js HTTP/1.1" 200 0 "https://192.168.1.110/login" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36"
192.168.1.109 - - [09/Jun/2025:02:02:17 +0000] "GET /libs/perfect-scrollbar/perfect-scrollbar.min.js HTTP/1.1" 200 0 "https://192.168.1.110/login" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36"
192.168.1.109 - - [09/Jun/2025:02:02:17 +0000] "GET /js/common.js HTTP/1.1" 200 0 "https://192.168.1.110/login" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36"
192.168.1.109 - - [09/Jun/2025:02:02:17 +0000] "GET /libs/bootstrap/bootstrap.bundle.min.js HTTP/1.1" 200 0 "https://192.168.1.110/login" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36"
192.168.1.109 - - [09/Jun/2025:02:02:17 +0000] "GET /js/main.js HTTP/1.1" 200 0 "https://192.168.1.110/login" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36"
192.168.1.109 - - [09/Jun/2025:02:02:17 +0000] "GET /fonts/Public_sans/500-normal.ttf HTTP/1.1" 200 0 "https://192.168.1.110/fonts/Public_sans.css" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36"
192.168.1.109 - - [09/Jun/2025:02:02:17 +0000] "GET /js/utils.js HTTP/1.1" 200 0 "https://192.168.1.110/login" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36"
192.168.1.109 - - [09/Jun/2025:02:02:17 +0000] "GET /js/buttons.js HTTP/1.1" 200 0 "https://192.168.1.110/login" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36"
192.168.1.109 - - [09/Jun/2025:02:02:17 +0000] "GET /fonts/boxicons/boxicons.woff2 HTTP/1.1" 200 0 "https://192.168.1.110/fonts/boxicons.min.css" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36"
192.168.1.109 - - [09/Jun/2025:02:02:17 +0000] "GET /fonts/Public_sans/700-normal.ttf HTTP/1.1" 200 0 "https://192.168.1.110/fonts/Public_sans.css" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36"
192.168.1.109 - - [09/Jun/2025:02:02:17 +0000] "GET /fonts/DonJose_Black.otf HTTP/1.1" 200 0 "https://192.168.1.110/fonts/DonJose.css" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36"
192.168.1.109 - - [09/Jun/2025:02:02:17 +0000] "GET /fonts/Public_sans/400-normal.ttf HTTP/1.1" 200 0 "https://192.168.1.110/fonts/Public_sans.css" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36"
192.168.1.109 - - [09/Jun/2025:02:02:17 +0000] "GET /img/flags/us.svg HTTP/1.1" 200 0 "https://192.168.1.110/login" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36"
192.168.1.109 - - [09/Jun/2025:02:02:17 +0000] "GET /img/logo-menu-white.png HTTP/1.1" 200 0 "https://192.168.1.110/login" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36"
192.168.1.109 - - [09/Jun/2025:02:02:17 +0000] "GET /locales/en.json HTTP/1.1" 200 0 "https://192.168.1.110/login" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36"
[2025-06-09 02:02:20 +0000] [UI] [47] [⚠️ ] - Login attempt from 192.168.1.109 with username "admin-sv"
[2025-06-09 02:02:21 +0000] [UI] [47] [ℹ️ ] - User admin-sv logged in successfully
192.168.1.109 - - [09/Jun/2025:02:02:21 +0000] "POST /login HTTP/1.1" 302 225 "https://192.168.1.110/login" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36"
192.168.1.109 - - [09/Jun/2025:02:02:21 +0000] "GET /loading?next=/home HTTP/1.1" 200 60363 "https://192.168.1.110/login" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36"
192.168.1.109 - - [09/Jun/2025:02:02:21 +0000] "GET /libs/lottie-player/lottie-player.min.js HTTP/1.1" 200 0 "https://192.168.1.110/loading?next=/home" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36"
192.168.1.109 - - [09/Jun/2025:02:02:21 +0000] "GET /js/pages/loading.js HTTP/1.1" 200 0 "https://192.168.1.110/loading?next=/home" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36"
192.168.1.109 - - [09/Jun/2025:02:02:21 +0000] "GET /json/blockhaus.min.json HTTP/1.1" 200 0 "https://192.168.1.110/loading?next=/home" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36"
192.168.1.109 - - [09/Jun/2025:02:02:21 +0000] "GET /locales/en.json HTTP/1.1" 200 0 "https://192.168.1.110/loading?next=/home" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36"
192.168.1.109 - - [09/Jun/2025:02:02:21 +0000] "GET /json/blockhaus.min.json HTTP/1.1" 200 0 "https://192.168.1.110/loading?next=/home" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36"
192.168.1.109 - - [09/Jun/2025:02:02:22 +0000] "GET /check_reloading?next=/home HTTP/1.1" 200 20 "https://192.168.1.110/loading?next=/home" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36"
[2025-06-09 02:02:22 +0000] [API] [49] [ℹ️ ] - Successfully sent API request to http://bunkerweb:5000/metrics/requests
[2025-06-09 02:02:22 +0000] [API] [49] [ℹ️ ] - Successfully sent API request to http://bunkerweb:5000/metrics/errors
192.168.1.109 - - [09/Jun/2025:02:02:22 +0000] "GET /home HTTP/1.1" 200 240615 "https://192.168.1.110/loading?next=/home" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36"
192.168.1.109 - - [09/Jun/2025:02:02:22 +0000] "GET /css/theme-default.css HTTP/1.1" 200 0 "https://192.168.1.110/home" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36"
192.168.1.109 - - [09/Jun/2025:02:02:22 +0000] "GET /css/main.css HTTP/1.1" 200 0 "https://192.168.1.110/home" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36"
192.168.1.109 - - [09/Jun/2025:02:02:22 +0000] "GET /css/core.css HTTP/1.1" 200 0 "https://192.168.1.110/home" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36"
192.168.1.109 - - [09/Jun/2025:02:02:22 +0000] "GET /fonts/DonJose.css HTTP/1.1" 200 0 "https://192.168.1.110/home" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36"
192.168.1.109 - - [09/Jun/2025:02:02:22 +0000] "GET /fonts/Public_sans.css HTTP/1.1" 200 0 "https://192.168.1.110/home" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36"
192.168.1.109 - - [09/Jun/2025:02:02:22 +0000] "GET /img/diamond-white.svg HTTP/1.1" 200 0 "https://192.168.1.110/home" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36"
192.168.1.109 - - [09/Jun/2025:02:02:22 +0000] "GET /js/buttons.js HTTP/1.1" 200 0 "https://192.168.1.110/home" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36"
192.168.1.109 - - [09/Jun/2025:02:02:22 +0000] "GET /libs/i18next/i18next.min.js HTTP/1.1" 200 0 "https://192.168.1.110/home" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36"
192.168.1.109 - - [09/Jun/2025:02:02:22 +0000] "GET /css/overrides.css HTTP/1.1" 200 0 "https://192.168.1.110/home" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36"
192.168.1.109 - - [09/Jun/2025:02:02:22 +0000] "GET /fonts/boxicons.min.css HTTP/1.1" 200 0 "https://192.168.1.110/home" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36"
192.168.1.109 - - [09/Jun/2025:02:02:22 +0000] "GET /fonts/Courier_Prime.css HTTP/1.1" 200 0 "https://192.168.1.110/home" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36"
192.168.1.109 - - [09/Jun/2025:02:02:22 +0000] "GET /libs/i18next/i18nextHttpBackend.min.js HTTP/1.1" 200 0 "https://192.168.1.110/home" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36"
192.168.1.109 - - [09/Jun/2025:02:02:22 +0000] "GET /libs/i18next/i18nextBrowserLanguageDetector.min.js HTTP/1.1" 200 0 "https://192.168.1.110/home" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36"
192.168.1.109 - - [09/Jun/2025:02:02:22 +0000] "GET /img/brands/Twitter-X-Logo.svg HTTP/1.1" 200 0 "https://192.168.1.110/home" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36"
192.168.1.109 - - [09/Jun/2025:02:02:22 +0000] "GET /js/pages/home.js HTTP/1.1" 200 0 "https://192.168.1.110/home" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36"
192.168.1.109 - - [09/Jun/2025:02:02:22 +0000] "GET /libs/leaflet/leaflet.css HTTP/1.1" 200 0 "https://192.168.1.110/home" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36"
192.168.1.109 - - [09/Jun/2025:02:02:22 +0000] "GET /libs/apexcharts/apexcharts.min.css HTTP/1.1" 200 0 "https://192.168.1.110/home" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36"
192.168.1.109 - - [09/Jun/2025:02:02:22 +0000] "GET /img/logo-menu-white.png HTTP/1.1" 200 0 "https://192.168.1.110/home" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36"
192.168.1.109 - - [09/Jun/2025:02:02:22 +0000] "GET /libs/perfect-scrollbar/perfect-scrollbar.css HTTP/1.1" 200 0 "https://192.168.1.110/home" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36"
192.168.1.109 - - [09/Jun/2025:02:02:22 +0000] "GET /css/pages/home.css HTTP/1.1" 200 0 "https://192.168.1.110/home" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36"
192.168.1.109 - - [09/Jun/2025:02:02:23 +0000] "GET /img/diamond.svg HTTP/1.1" 200 0 "https://192.168.1.110/home" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36"
192.168.1.109 - - [09/Jun/2025:02:02:23 +0000] "GET /img/avatar_profil_BW-white.png HTTP/1.1" 200 0 "https://192.168.1.110/home" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36"
192.168.1.109 - - [09/Jun/2025:02:02:23 +0000] "GET /libs/jquery/jquery.min.js HTTP/1.1" 200 0 "https://192.168.1.110/home" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36"
192.168.1.109 - - [09/Jun/2025:02:02:23 +0000] "GET /js/i18n.js HTTP/1.1" 200 0 "https://192.168.1.110/home" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36"
192.168.1.109 - - [09/Jun/2025:02:02:23 +0000] "GET /js/config.js HTTP/1.1" 200 0 "https://192.168.1.110/home" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36"
192.168.1.109 - - [09/Jun/2025:02:02:23 +0000] "GET /js/helpers.js HTTP/1.1" 200 0 "https://192.168.1.110/home" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36"
192.168.1.109 - - [09/Jun/2025:02:02:23 +0000] "GET /libs/popper/popper.min.js HTTP/1.1" 200 0 "https://192.168.1.110/home" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36"
192.168.1.109 - - [09/Jun/2025:02:02:23 +0000] "GET /libs/bootstrap/bootstrap.bundle.min.js HTTP/1.1" 200 0 "https://192.168.1.110/home" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36"
192.168.1.109 - - [09/Jun/2025:02:02:23 +0000] "GET /libs/purify/purify.min.js HTTP/1.1" 200 0 "https://192.168.1.110/home" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36"
192.168.1.109 - - [09/Jun/2025:02:02:23 +0000] "GET /fonts/boxicons/boxicons.woff2 HTTP/1.1" 200 0 "https://192.168.1.110/fonts/boxicons.min.css" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36"
192.168.1.109 - - [09/Jun/2025:02:02:23 +0000] "GET /libs/perfect-scrollbar/perfect-scrollbar.min.js HTTP/1.1" 200 0 "https://192.168.1.110/home" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36"
192.168.1.109 - - [09/Jun/2025:02:02:23 +0000] "GET /fonts/Public_sans/500-italic.ttf HTTP/1.1" 200 0 "https://192.168.1.110/fonts/Public_sans.css" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36"
192.168.1.109 - - [09/Jun/2025:02:02:23 +0000] "GET /fonts/Public_sans/500-normal.ttf HTTP/1.1" 200 0 "https://192.168.1.110/fonts/Public_sans.css" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36"
192.168.1.109 - - [09/Jun/2025:02:02:23 +0000] "GET /fonts/Public_sans/400-normal.ttf HTTP/1.1" 200 0 "https://192.168.1.110/fonts/Public_sans.css" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36"
192.168.1.109 - - [09/Jun/2025:02:02:23 +0000] "GET /fonts/Courier_prime/Courier_prime.ttf HTTP/1.1" 200 0 "https://192.168.1.110/fonts/Courier_Prime.css" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36"
192.168.1.109 - - [09/Jun/2025:02:02:23 +0000] "GET /img/flags/us.svg HTTP/1.1" 200 0 "https://192.168.1.110/home" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36"
192.168.1.109 - - [09/Jun/2025:02:02:23 +0000] "GET /js/menu.js HTTP/1.1" 200 0 "https://192.168.1.110/home" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36"
192.168.1.109 - - [09/Jun/2025:02:02:23 +0000] "GET /js/common.js HTTP/1.1" 200 0 "https://192.168.1.110/home" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36"
192.168.1.109 - - [09/Jun/2025:02:02:23 +0000] "GET /js/main.js HTTP/1.1" 200 0 "https://192.168.1.110/home" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36"
192.168.1.109 - - [09/Jun/2025:02:02:23 +0000] "GET /js/utils.js HTTP/1.1" 200 0 "https://192.168.1.110/home" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36"
192.168.1.109 - - [09/Jun/2025:02:02:23 +0000] "GET /libs/leaflet/leaflet.min.js HTTP/1.1" 200 0 "https://192.168.1.110/home" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36"
192.168.1.109 - - [09/Jun/2025:02:02:23 +0000] "GET /libs/apexcharts/apexcharts.min.js HTTP/1.1" 200 0 "https://192.168.1.110/home" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36"
192.168.1.109 - - [09/Jun/2025:02:02:23 +0000] "GET /fonts/DonJose_Black.otf HTTP/1.1" 200 0 "https://192.168.1.110/fonts/DonJose.css" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36"
192.168.1.109 - - [09/Jun/2025:02:02:23 +0000] "GET /fonts/Public_sans/700-normal.ttf HTTP/1.1" 200 0 "https://192.168.1.110/fonts/Public_sans.css" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36"
192.168.1.109 - - [09/Jun/2025:02:02:23 +0000] "GET /json/countries.geojson HTTP/1.1" 200 0 "https://192.168.1.110/home" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36"
192.168.1.109 - - [09/Jun/2025:02:02:23 +0000] "GET /img/tiles/2/1/1.png HTTP/1.1" 200 0 "https://192.168.1.110/home" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36"
192.168.1.109 - - [09/Jun/2025:02:02:23 +0000] "GET /img/tiles/2/0/3.png HTTP/1.1" 200 0 "https://192.168.1.110/home" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36"
192.168.1.109 - - [09/Jun/2025:02:02:23 +0000] "GET /img/tiles/2/3/3.png HTTP/1.1" 200 0 "https://192.168.1.110/home" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36"
192.168.1.109 - - [09/Jun/2025:02:02:23 +0000] "GET /locales/en.json HTTP/1.1" 200 0 "https://192.168.1.110/home" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36"
192.168.1.109 - - [09/Jun/2025:02:02:23 +0000] "GET /img/tiles/2/3/1.png HTTP/1.1" 200 0 "https://192.168.1.110/home" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36"
192.168.1.109 - - [09/Jun/2025:02:02:23 +0000] "GET /img/tiles/2/0/0.png HTTP/1.1" 200 0 "https://192.168.1.110/home" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36"
192.168.1.109 - - [09/Jun/2025:02:02:23 +0000] "GET /img/tiles/2/2/2.png HTTP/1.1" 200 0 "https://192.168.1.110/home" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36"
192.168.1.109 - - [09/Jun/2025:02:02:23 +0000] "GET /fonts/Public_sans/600-normal.ttf HTTP/1.1" 200 0 "https://192.168.1.110/fonts/Public_sans.css" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36"
192.168.1.109 - - [09/Jun/2025:02:02:23 +0000] "GET /img/tiles/2/1/3.png HTTP/1.1" 200 0 "https://192.168.1.110/home" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36"
192.168.1.109 - - [09/Jun/2025:02:02:23 +0000] "GET /img/tiles/2/2/0.png HTTP/1.1" 200 0 "https://192.168.1.110/home" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36"
192.168.1.109 - - [09/Jun/2025:02:02:23 +0000] "GET /img/tiles/2/0/1.png HTTP/1.1" 200 0 "https://192.168.1.110/home" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36"
192.168.1.109 - - [09/Jun/2025:02:02:23 +0000] "GET /img/tiles/2/1/2.png HTTP/1.1" 200 0 "https://192.168.1.110/home" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36"
192.168.1.109 - - [09/Jun/2025:02:02:23 +0000] "GET /img/tiles/2/0/2.png HTTP/1.1" 200 0 "https://192.168.1.110/home" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36"
192.168.1.109 - - [09/Jun/2025:02:02:23 +0000] "GET /img/tiles/2/1/0.png HTTP/1.1" 200 0 "https://192.168.1.110/home" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36"
192.168.1.109 - - [09/Jun/2025:02:02:23 +0000] "GET /img/tiles/2/2/1.png HTTP/1.1" 200 0 "https://192.168.1.110/home" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36"
192.168.1.109 - - [09/Jun/2025:02:02:23 +0000] "GET /img/tiles/2/3/2.png HTTP/1.1" 200 0 "https://192.168.1.110/home" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36"
192.168.1.109 - - [09/Jun/2025:02:02:23 +0000] "GET /img/tiles/2/3/0.png HTTP/1.1" 200 0 "https://192.168.1.110/home" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36"
192.168.1.109 - - [09/Jun/2025:02:02:23 +0000] "GET /img/tiles/2/2/3.png HTTP/1.1" 200 0 "https://192.168.1.110/home" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36"
192.168.1.109 - - [09/Jun/2025:02:02:35 +0000] "GET /reports HTTP/1.1" 200 127444 "https://192.168.1.110/home" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36"
192.168.1.109 - - [09/Jun/2025:02:02:36 +0000] "GET /libs/datatables/datatables.min.js HTTP/1.1" 200 0 "https://192.168.1.110/reports" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36"
192.168.1.109 - - [09/Jun/2025:02:02:36 +0000] "GET /js/pages/reports.js HTTP/1.1" 200 0 "https://192.168.1.110/reports" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36"
192.168.1.109 - - [09/Jun/2025:02:02:36 +0000] "GET /libs/datatables/plugins/ip-address.js HTTP/1.1" 200 0 "https://192.168.1.110/reports" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36"
192.168.1.109 - - [09/Jun/2025:02:02:36 +0000] "GET /js/dataTableInit.js HTTP/1.1" 200 0 "https://192.168.1.110/reports" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36"
192.168.1.109 - - [09/Jun/2025:02:02:36 +0000] "GET /libs/datatables/datatables.min.css HTTP/1.1" 200 0 "https://192.168.1.110/reports" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36"
192.168.1.109 - - [09/Jun/2025:02:02:36 +0000] "GET /locales/en.json HTTP/1.1" 200 0 "https://192.168.1.110/reports" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36"
[2025-06-09 02:02:36 +0000] [API] [47] [ℹ️ ] - Successfully sent API request to http://bunkerweb:5000/metrics/requests
192.168.1.109 - - [09/Jun/2025:02:02:36 +0000] "POST /reports/fetch HTTP/1.1" 200 637336 "https://192.168.1.110/reports" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36"
192.168.1.109 - - [09/Jun/2025:02:02:36 +0000] "GET /img/flags/de.svg HTTP/1.1" 200 0 "https://192.168.1.110/reports" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36"
192.168.1.109 - - [09/Jun/2025:02:02:36 +0000] "GET /img/flags/ru.svg HTTP/1.1" 200 0 "https://192.168.1.110/reports" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36"
192.168.1.109 - - [09/Jun/2025:02:02:36 +0000] "GET /img/flags/fr.svg HTTP/1.1" 200 0 "https://192.168.1.110/reports" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36"
192.168.1.109 - - [09/Jun/2025:02:02:36 +0000] "GET /img/flags/it.svg HTTP/1.1" 200 0 "https://192.168.1.110/reports" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36"
192.168.1.109 - - [09/Jun/2025:02:02:36 +0000] "GET /img/flags/cn.svg HTTP/1.1" 200 0 "https://192.168.1.110/reports" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36"
192.168.1.109 - - [09/Jun/2025:02:02:36 +0000] "GET /img/flags/es.svg HTTP/1.1" 200 0 "https://192.168.1.110/reports" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36"
192.168.1.109 - - [09/Jun/2025:02:02:37 +0000] "GET /img/flags/hk.svg HTTP/1.1" 200 0 "https://192.168.1.110/reports" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36"
192.168.1.109 - - [09/Jun/2025:02:02:37 +0000] "GET /img/flags/zz.svg HTTP/1.1" 200 0 "https://192.168.1.110/reports" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36"
192.168.1.109 - - [09/Jun/2025:02:02:37 +0000] "GET /img/flags/ie.svg HTTP/1.1" 200 0 "https://192.168.1.110/reports" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36"
192.168.1.109 - - [09/Jun/2025:02:02:37 +0000] "GET /img/flags/pl.svg HTTP/1.1" 200 0 "https://192.168.1.110/reports" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36"
192.168.1.109 - - [09/Jun/2025:02:02:37 +0000] "GET /img/flags/gb.svg HTTP/1.1" 200 0 "https://192.168.1.110/reports" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36"
192.168.1.109 - - [09/Jun/2025:02:02:37 +0000] "GET /img/flags/ca.svg HTTP/1.1" 200 0 "https://192.168.1.110/reports" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36"
192.168.1.109 - - [09/Jun/2025:02:02:37 +0000] "GET /img/flags/jp.svg HTTP/1.1" 200 0 "https://192.168.1.110/reports" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36"
192.168.1.109 - - [09/Jun/2025:02:02:37 +0000] "GET /img/flags/sg.svg HTTP/1.1" 200 0 "https://192.168.1.110/reports" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36"
192.168.1.109 - - [09/Jun/2025:02:02:37 +0000] "GET /img/flags/kr.svg HTTP/1.1" 200 0 "https://192.168.1.110/reports" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36"
192.168.1.109 - - [09/Jun/2025:02:02:37 +0000] "GET /img/flags/mx.svg HTTP/1.1" 200 0 "https://192.168.1.110/reports" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36"
192.168.1.109 - - [09/Jun/2025:02:02:37 +0000] "GET /img/flags/vn.svg HTTP/1.1" 200 0 "https://192.168.1.110/reports" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36"
[2025-06-09 02:02:38 +0000] [flask_wtf.csrf] [49] [ℹ️ ] - The CSRF token has expired.
[2025-06-09 02:02:38 +0000] [UI] [49] [❌] - CSRF token is missing or invalid for /reports/fetch by admin-sv
[2025-06-09 02:02:38 +0000] [UI] [49] [ℹ️ ] - Revoking session ID 11 for user admin-sv
[2025-06-09 02:02:38 +0000] [UI] [49] [ℹ️ ] - User admin-sv logged out
192.168.1.109 - - [09/Jun/2025:02:02:38 +0000] "POST /reports/fetch HTTP/1.1" 403 199 "https://192.168.1.110/reports" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36"
BunkerWeb version
1.6.2-rc3
What integration are you using?
Docker
Linux distribution (if applicable)
No response
Removed private data
- [x] I have removed all private data from the configuration file and the logs
Code of Conduct
- [x] I agree to follow this project's Code of Conduct
Hi @dalso0418, Thanks so much for opening this issue—and for the kind words about our project! 🎉 Currently, our CSRF tokens are configured to expire after one hour. While it’s certainly possible to bump that timeout up, doing so would widen the window during which a stolen token could be misused, and thus weaken the security guarantees of the web interface.
As you can see in the log, in less than 2 minutes, I was logged out with the log that csrf expired and requested to log in again. This occurred when you turned the report page.
I have attempted to replicate the problem in my environment but was unable to do so after running the code for approximately 10 minutes. To ensure we can accurately diagnose and resolve the issue, it would be helpful if you could provide a more detailed description of your configuration for the web UI or the specific steps required to reproduce this bug consistently.
Hi @dalso0418, can you try again in the latest release candidate (1.6.2-rc6) ? Thank you!