In our WebACL log, we keep seeing requests to our ALB from different countries but targeting the same host ip address in the request header. This ip seems to belong to AWS. Is there a way to find out what endpoint the requests are trying to reach? How did the spammers get the endpoints? And what can I do to protect our endpoints? Thanks.
Wich field of the WebACL log are you considering that tells you "targeting he same host" ?