At 09:38 this morning, @elukey noticed a sudden surge in the requests to text-varnish in ulsfo
Looking at the sampled-1000 data, I found ~ 120k requests with the following characteristics:
* All for `https://wikipedia.org`
* All from IPs from `telus.net` dynamic ip pools, see https://w.wiki/33T9 (restricted to NDA)
* All followed the redirect to `https://www.wikipedia.org`
*All with user-agent `Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/29.0.1547.66 Safari/537.36`
Of note: Chrome 29, according to https://en.wikipedia.org/wiki/Google_Chrome_version_history was released in august 2013.
It looks like some coordinated request, possibly non-malicious, like a connection test from routers. There is a similar spike at around the same time during the Pacific night, between 8 and 9 UTC on January 7th, but I'm not sure if we can still verify what was in those requests.