I’ve started receiving these sentry notices, and I have no idea how to approach fixing / blocking / etc. this [POST] when it doesn’t look like a specific request anywhere on my server. Is someone trying to place orders through my server? Why would I be getting these sentry errors?
curl \
-X POST \
--compressed \
-H "Accept: text/html,application/xhtml+xml,application/xml,*/*" \
-H "Accept-Charset: utf-8;q=0.7,*;q=0.3" \
-H "Accept-Encoding: gzip, deflate, sdch" \
-H "Accept-Language: zh-CN, zh; q=0.8" \
-H "Connection: Keep-Alive" \
-H "Content-Length: 170" \
-H "Content-Type: application/x-www-form-urlencoded" \
-H "Host: store.nike.com" \
-H "Origin: https://www.nike.com" \
-H "Referer: https://store.nike.com/sg/en_gb/pd/epic-react-flyknit-running-shoe/pid-12209499/pgid-12326462" \
-H "User-Agent: Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; Trident/5.0)" \
-H "X-Apple-Service-Profile-Manager-Enabled: true" \
-H "X-Apple-Service-Webcalssl-Enabled: true" \
-H "X-Forwarded-Host: store.nike.com" \
-H "X-Forwarded-Port: 443" \
-H "X-Forwarded-Proto: https" \
-H "X-Forwarded-Server: 127.0.0.1" \
--data "rt=json&skuId=21363159&lang_locale=en_GB&skuAndSize=21363159%3A8&country=SG&price=&view=3&displaySize=8&catalogId=7&action=addItems&qty=1&_=********&productId=12209499" \
"http://store.nike.com/ap/services/jcartService"
This is also confusing (and I’m guessing is spoofed):
REMOTE_ADDR 67.229.34.210
SERVER_NAME store.nike.com
SERVER_PORT 80
…this is definitely not me.