Strange requests for apache

Since a few weeks, my apache status is filled up with very strange entries like:

Code: 
475-1	-	0/0/2	. 	0.04	442	0	0.0	0.00	0.00 	205.209.191.14	serverx.domain.com	GET http://www.rmt-007.com/Form.aspx?id=63509 HTTP/1.1 	
476-1	-	0/0/1	. 	0.01	467	10080	0.0	0.00	0.000 	221.229.253.231	serverx.domain.com	GET http://www.MXDBB.com?DFG=CUQJKQK HTTP/1.1 	
477-1	-	0/0/2	. 	0.01	426	0	0.0	0.00	0.00 	218.6.135.133	serverx.domain.com	GET http://www.9tian.net/wupin/binqi.asp HTTP/1.1 	
479-1	-	0/0/2	. 	0.02	440	5324	0.0	0.00	0.01 	64.34.194.148	serverx.domain.com	GET http://www.autotrader.com/fyc/popup_phone.jsp?&dealer_id=57 	
480-1	-	0/0/1	. 	0.01	467	5059	0.0	0.00	0.000 	85.182.67.67	serverx.domain.com	GET http://www.boylover.net/ubb/profile_ubb6.gif HTTP/1.0 	
481-1	-	0/0/1	. 	0.01	456	0	0.0	0.00	0.00 	205.209.191.14	serverx.domain.com	GET http://www.rmt-007.com/Form.aspx?id=43764 HTTP/1.1 	
482-1	-	0/0/1	. 	0.01	446	0	0.0	0.00	0.00 	218.6.135.133	serverx.domain.com	GET http://www.9tian.net/wupin/binqi.asp HTTP/1.1 	
483-1	-	0/0/2	. 	0.01	432	6445	0.0	0.00	0.05 	24.254.129.138	serverx.domain.com	GET http://www.autotrader.com/fyc/vdp.jsp?car_id=194546658&deal 	
484-1	-	0/0/4	. 	0.01	442	10023	0.0	0.00	0.01 	221.229.253.231	serverx.domain.com	GET http://www.MXDBB.com?DFG=PFJGYMJ HTTP/1.1 	
485-1	-	0/0/1	. 	0.00	459	5041	0.0	0.00	0.00 	193.77.102.156	serverx.domain.com	GET http://welcome.icq.com/img/welcome/ver1/icons/icon_movies.g 	
486-1	-	0/0/2	. 	0.00	444	12094	0.0	0.00	0.02 	83.27.216.23	serverx.domain.com	GET http://www.tfcash.com/tgp-backgrounds/images/keera-title.jp 	
487-1	-	0/0/2	. 	0.01	459	5611	0.0	0.00	0.00 	84.171.180.190	serverx.domain.com	GET http://www.webverzeichnis-xxl.de/jt.php?t=search_0 HTTP/1.0 	
488-1	-	0/0/2	. 	0.00	459	6320	0.0	0.00	0.00 	216.224.114.90	serverx.domain.com	CONNECT sports.centrebet.com:443 HTTP/1.0 	
489-1	-	0/0/1	. 	0.00	464	811	0.0	0.00	0.02 	216.127.92.5	serverx.domain.com	GET http://www.google.com/search?q=gardening+gift&hl=en&lr=&sta 	
490-1	-	0/0/2	. 	0.01	459	6248	0.0	0.00	0.00 	216.224.114.90	serverx.domain.com	CONNECT sports.centrebet.com:443 HTTP/1.0 	
491-1	-	0/0/1	. 	0.00	467	5154	0.0	0.00	0.0000 	85.181.110.154	serverx.domain.com	GET http://62.159.82.27:80/MCUpdateCMS/updatefiles/ip.php HTTP/ 	
492-1	-	0/0/1	. 	0.01	450	0	0.0	0.00	0.00 	205.209.191.14	serverx.domain.com	GET http://www.rmt-007.com/Form.aspx?id=33415 HTTP/1.1 	
493-1	-	0/0/1	. 	0.00	459	5766	0.0	0.00	0.00 	216.224.114.90	serverx.domain.com	CONNECT sports.centrebet.com:443 HTTP/1.0
but I don't host all of this domains. Entries like CONNECT sports.centrebet.com:443 or GET http://www.google.com/search?q=garde...&hl=en&lr=&sta don't make sense anyway.
The requests are only for the hostname's vhost (serverx.domain.com)

I blocked some IP's and urls with mod_sec, but there come new ones every minute.

Here is the head of the apache status page:
Code: 
Apache Server Status for serverx.domain.com
Server Version: Apache/1.3.34 (Unix) mod_auth_passthrough/1.8 mod_log_bytes/1.2 mod_bwlimited/1.4 PHP/4.3.11 FrontPage/5.0.2.2635 mod_ssl/2.8.25 OpenSSL/0.9.7a
Server Built: Oct 27 2005 01:22:52

Current Time: Sunday, 01-Jan-2006 14:16:59 CET
Restart Time: Sunday, 01-Jan-2006 12:46:19 CET
Parent Server Generation: 5 
Server uptime: 1 hour 30 minutes 40 seconds
Total accesses: 186583 - Total Traffic: 2.4 GB
CPU Usage: u1026.13 s178.78 cu1.93 cs1.89 - 22.2% CPU load
34.3 requests/sec - 463.6 kB/second - 13.5 kB/request
322 requests currently being processed, 109 idle servers 

W_W_WWWWWWWK_WWW_W_WW_WWWWWWWW_W_WWWWKWW_W_WWWWWWWWWWWW__WWW__WW
WWW_RWW_WWWW_WWWW_WW_WWWW_WW_W_WWW___.WWWW_WWWWWWWWWWWWW_WW_W_WW
W_WWWWWW_WWWWW_KWWWWWWWWW_WWWWWWKWKW_WWWWWWWWW_WWWWWW_WW_WW_KW_W
__WKWKW__WWWWW_W_WKWWWWW_W_W_WW_W_WWWWR_WWW_WWWW_WWWWWW_WWWWKR_W
_WWWWW_WW_WWW_W_W_WWWWWW_W___WWWWWRWKWRW_WK_WWKWW_WWW_RWW__WWWK_
K___KWWWW_WWWKWW__W_K_WWW_____W__WWW_WWW__WK__W_WKWK_WWWW__WWWKW
WWWWW_WWWW_WKWW_WKWW__WWWWWWWW_WWWWK._W____.WWW._.._......W.....
................................................................
................................................................
................................................................
usually it looks like
Code: 
CPU Usage: u163.1 s24.91 cu5.81 cs3.81 - .0636% CPU load
4.69 requests/sec - 55.6 kB/second - 11.8 kB/request
45 requests currently being processed, 22 idle servers 

KK__KKKKKKK_K__K_KKW_K_KKK_KKKKKK_KKKKKKKKK_KKKKWK_KKKK__K__K___
___.............................................................
................................................................
................................................................
................................................................
................................................................
................................................................
................................................................
................................................................
................................................................
................................................................
................................................................
................................................................
I don't that this is a DOS Attack or some kind of flooding, because this problem occurs for a long time now. Even I don't think that this is on purpose, but I have no clue where the mistake is and/or what I can do.

Have/had anyone of you similar problems?
Any ideas?

Thank you in advance!

 

 

 

 

Top