A single clientIp hit one of our endpoints with a brute force dictionary attack. To what end, I have no idea.
Among the 2500 requests they sent over a 20 second period, they sent some very weird ones
As well as some that make it look like they’re just trying to discover real endpoints to call, such as
Here’s the full list (none of these are valid requests)
And all of our actual endpoints under item/v5 are all supposed to be consumer facing, so they’re not going to discover anything they’re not supposed to be able to access anyway.
Only practical purpose I can guess is they are testing if they’ll get rate limited.