Thanks for the reply, the IPs are FB. We can't outright block as we want shared URLs to have the full preview FB generates. A blend of measures is in place and we are at in a decent spot right now, but the activity is being noticed and no one knows details. https://www.abuseipdb.com/check/173.252.83.112 https://www.abuseipdb.com/check/69.171.230.13

Just allow one requests per URL for this UA in a specified amount of time

Again, a blend of measures is in place for our platform - back to my original question -> Does anyone have any idea what they are doing or what this surge is about?

Like mentioned already: Please try a forum search first, it's not like this hasn't been noticed before

I did and no one is talking about aiohttp in this context: https://developers.facebook.com/community/search?text=aiohttp

I'm referring to the other threads that see a huge spike in such requests.

Also feel free to add example logs if you see a different user agent than other users.

One example FB IP we've recorded over 19,000 hits today in our security layer with the 'Python' user agent. "REMOTE_ADDR": "69.171.249.115", "HTTP_USER_AGENT": "Python/3.10 aiohttp/3.9.3"

88 requests from this same IP have the 'facebookexternalhit' user agent. "REMOTE_ADDR": "69.171.249.115", "HTTP_USER_AGENT":"facebookexternalhit\/1.1 (+http:\/\/www.facebook.com\/externalhit_uatext.php)"