Real-time status of the SoleDrop storefront and drop infrastructure.
The storefront and checkout are running normally.
/api/v1/products and probing /search, /.env, and /api/v1/admin. SQL injection payloads were injected into the search query parameters to dump the product/inventory tables. Every request carried a spoofed X-Forwarded-For header./login โ 60k+ attempts โ hunting for accounts with saved payment methods and existing raffle entries to hijack. The 401 error rate on the auth endpoint spiked 400ร. Successful logins from the swarm's JA4 were flagged as suspected account takeover./api/v1/checkout combined with carding (rapid-fire validation of stolen card numbers) and cart-hoarding to lock inventory away from real buyers. An SSRF probe targeting 169.254.169.254 (cloud metadata endpoint) was injected into a webhook URL field. Cloudflare Rate Limiting and the checkout Waiting Room absorbed the flood.| Source Origin | Datacenter ASN + residential proxy pool โ rotating spoofed IPs via X-Forwarded-For |
| TLS Fingerprint (JA4) | t13d1516h2_8daaf6152771_b0da82dd1658 โ headless automation, constant across all traffic |
| Bot Score | 24 / 100 โ Source: Heuristics โ Tags: ["automation", "checkout"] |
| Peak Request Rate | 3,400 req/s against /api/v1/products and /api/v1/checkout |
| Credential Stuffing | 60k+ attempts on /login โ 401 rate spike > 400x baseline |
| Attack Duration | 4-phase campaign โ recon โ bot swarm โ credential stuffing โ checkout abuse |
No incidents in the past 90 days.