This should be immediately intuitive to anyone who spends more than 5 minutes looking at firewall traffic of something public. 99.9% of the bots' requests aren't doing sophisticated penetration attacks, they are blasting all the low hanging fruit: the common ports, the common wordpress endpoints, the common bobby tables style sql injections and xss attacks.

Looking at logs of recently deployed web service. There is large amount of same attacks. Just sprayed all over it. So just for example adding more obscure path could slightly slow down things if the version hosted is ever exploitable. Not that it will save from more sophisticated attacks.