Three requests, in the same second:
Those robot requests make no sense to me. They looked like random letters. But I notice the file name begins "xml"
Are these in fact known names of vulnerable files in a specific application?
They got 403, but not sure why. Perhaps by IP ban because of a prior visit caught with suspicious activity. Like a request for admin, or login, or register, or upload, or etc. etc.
Meanwhile, as a separate question. If a filename seems to be just random letters, should I assume they are not in fact random (a real target somewhere) or what would be the purpose of a random file name request?