[ransackdev]

Think of your average engineer doing mobile development. "Here, hit this url to get the device ip". They write the code, it makes 1 request. The average backend engineer isn't performance focused, why would the average mobile engineer be thinking about a distributed denial of service against some third party api? Most mobile engineers have to be guided to not slam their own backend servers, and do not approach problems in their sphere with the mindset to prevent this type of issue. Not knocking mobile devs, it's just literally not something they have to care about most of the time, and imo only the ones who go out of their way to have a solid understanding of the backend systems would even understand what's in play here

Besides that, odds are that this is malware of some sort hitting this service to get the infected device's public ip to phone it home for use in a command and control situation, and if so, they don't care that they are slamming this service.

Mobile devs who care about this type of thing will not need to make any sort of outbound connection anywhere to get the device ip address, it's right on the device already. These what's my ip sites are used by script kiddies and malicious software running on anything

"There's always an individual with autism-level consideration for what one says, isn't there?" isn't needed and I'd advise you to be more professional, or at least more human.