(google_oauth2) Authentication failure! csrf_detected: OmniAuth::Strategies::OAuth2::CallbackError, csrf_detected | CSRF detected

What is this:

hostname	foorumi-hel-app
process_id	1077
application_version	3cde55b76f6d681a243876b360bd8368c0a81ac6
HTTP_HOST	foorumi.katiska.eu
REQUEST_METHOD	GET
HTTP_USER_AGENT	Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Mobile Safari/537.36
HTTP_ACCEPT	text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
HTTP_REFERER	https://foorumi.katiska.eu/
HTTP_X_FORWARDED_FOR	85.76.111.65
HTTP_X_REAL_IP	85.76.111.65
time	30 Nov 7:34 am
params	
state	edc470bf5dbcc14f46f8f0a69387802c2bb6ae8e11e4c860
code	4/0AeanS0ZgDJNVUeQlVTnboHXxXH2c7jimPnAH9-CrvMhUD6AULR8YxnYy0W9g4CCcg7RqrA
scope	em

I got similar ones every now and then, but not too often. I would like to understand what was happening.

Sometimes, as this, the IP is legit per se — the biggest mobile IPS in Finland — but sometimes it is as the latest 37.33.208.84, I can’t solve that, but it looks like Hetzner VPS :man_shrugging:

Are someone trying something funny, but the system stopped it? Or do I have issues with google logins?

This isn’t bothering me anymore. So I mark my answer as solution to close this unanswered question. There is no need to keep dead open topics in this category.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.