Webhook-url-http-3a-2f-2f169.254.169.254-2fmetadata-2fidentity-2foauth2-2ftoken -

The provided string webhook-url-http-3A-2F-2F169.254.169.254-2Fmetadata-2Fidentity-2Foauth2-2Ftoken decodes to a URL targeting the Azure Instance Metadata Service (IMDS). This is a high-severity security finding indicative of a Server-Side Request Forgery (SSRF) attack attempt, specifically aimed at cloud credential theft.

/metadata/identity/oauth2/token is more dangerous than the older /latest/meta-data/ because: The provided string webhook-url-http-3A-2F-2F169

Check Headers: The request to IMDS requires the header Metadata: true. Check logs for this specific header in outgoing requests.

Rotate Credentials: If a successful request is suspected, immediately rotate the Managed Identity keys or certificates for the affected VM.

Discord Community

Content with creators & coders, join our discord crew!

Join Server Now

Get fresh updates, free resources, exclusive offers, & product news—straight to your inbox.

Webhook-url-http-3a-2f-2f169.254.169.254-2fmetadata-2fidentity-2foauth2-2ftoken -

Community and Updates

Discord Community

Newsletter