I witnessed this attack recently, basically it’s just some web crawler trying different file names that somebody could have given a mysql dump that they by accident left inside a public directory of a web project.
Disclaimer: What’s explained in this post could be used in dual use cases. Explaining how the attacker works will ultimately help everybody preventing attacks and raise awareness for the attacks.