Is there any legitimate reason a single IP would make hundreds of requests only for /libs/granite/csrf/token.json?
I notice the IP has valid URLs as the referrer but hasn't made any requests for anything other than: /libs/granite/csrf/token.json.
www-access_log:10.xxx.xx.xx x.x.x.x:56601 - - [04/Nov/2023:10:09:42 -0400] "GET /libs/granite/csrf/token.json HTTP/1.1" 200 2 "https://www.foo.com/bar/moose/fee/fi/fo/fum.html" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.0.0 Safari/537.36" 1013 321
I see this from time to time.
Thanks!