Could someone explain the conditions under which riskAnalysis.reason is set to UNEXPECTED_ENVIRONMENT?
I've read in the document below that
`The event originated from an illegitimate environment.`
https://docs.cloud.google.com/recaptcha/docs/interpret-assessment-website
What criteria are used to determine an illegitimate environment?
There are instances in the log explorer where the same tokenProperties.hostname results in UNEXPECTED_ENVIRONMENT in some cases but not in others.
Is there an internal comparison of IPs happening?
Is there something like a blacklist?
Is there a rate limit imposed on an IP basis?
Without understanding the cause of being marked as UNEXPECTED_ENVIRONMENT, it's challenging to ascertain whether it's a bug and to provide guidance to our customers.
Your feedback would be greatly appreciated.