Recaptcha hitting OUR server with an api2/clr POST call (resulting in 404s)

Recently the last few days, we have been seeing a growing number of 404s all with the following format: (some stuff redacted)

1.1.1.1 - - [11/Jul/2024:14:00:56 +0000] "POST /recaptcha/api2/clr?k={our_site_key} HTTP/1.1" 404 5126 "https://{some_url_on_our_site}" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.5 Safari/605.1.15"
2.2.2.2 - - [11/Jul/2024:14:16:46 +0000] "POST /recaptcha/api2/clr?k={our_site_key} HTTP/1.1" 404 1698 "https://{some_url_on_our_site}" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Edg/126.0.0.0"
3.3.3.3 - - [11/Jul/2024:18:08:07 +0000] "POST /recaptcha/api2/clr?k={our_site_key} HTTP/1.1" 404 1698 "https://{some_url_on_our_site}" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36"
4.4.4.4 - - [11/Jul/2024:18:13:37 +0000] "POST /recaptcha/api2/clr?k={our_site_key} HTTP/1.1" 404 1698 "https://{some_url_on_our_site}" "Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Mobile Safari/537.36"
5.5.5.5 - - [11/Jul/2024:19:11:10 +0000] "POST /recaptcha/api2/clr?k={our_site_key} HTTP/1.1" 404 1698 "https://{some_url_on_our_site}" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:127.0) Gecko/20100101 Firefox/127.0"
6.6.6.6 - - [11/Jul/2024:19:47:14 +0000] "POST /recaptcha/api2/clr?k={our_site_key} HTTP/1.1" 404 1150 "https://{some_url_on_our_site}" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36"

As you can see, its a wide array of machines and browsers. That url doesnt exist on OUR server... that should be going to googles server, but for some reason it's not.

Also, we have not changed our integration of Recaptcha v2 Invisible for a long time now, so this 'new behavior' is not our doing (that we know of). I am also unable to reproduce this myself on my macs/pcs, but the amount of these are growing in frequency (maybe at some point I WILL be able to reproduce it).

Anyone have any ideas what may be going on here?

Edit: While doing a capture of the post body (php://input), the data it's trying to send to our server is an encrypted pile. Its a large amount of binary which needs a key (and neither our public nor secret google keys work that I've tried).

there's an open incident at Google's Recaptcha service: https://status.cloud.google.com/incidents/MzARofVtutSd2HB5vmkT

Same bug on our site, firewall blocking a lot of people because of: Request: POST /recaptcha/api2/clr?k={our key} Action Description:Warning. Justification:Match of "within %{tx.allowed_request_content_type}" against "TX:content_type" required.

We temporary dissabled mod_security rule 920420 (OWASP3), and hope Google will sort it out.

Same bug on our websites. POST on <websitedomain.fr>/recaptcha/api2/clr?k= is call by https://www.gstatic.com/recaptcha/releases//recaptcha__fr.js

We have 404. It happens on 20 websites on different hosting.

Bests, Seb

Same thing happening to us. We're using react-google-recaptcha-v3 library and at first I kept investigating on this level but there's no way this library is messing up with the URL. It must be a problem directly within the Google reCaptcha library so I feel like there's really nothing I can do.