There are two possibilities. Either someones DNS server is acting up, which means they end up at your site instead of the not so nice one they wanted. Another cause could be referrer log spamming, but those normally just go for the main index. The principle there is that a robot pretends to have arrived at your site through a link from another one, with the intent to get you to look at their site when you see the log entry. In either case, your nice visitors won't be affected in any way.

Looks like a referer.
If I place a code with your image on my site, then my site will show as a referer for requests for those images.

Are the images they are referring to on your site? If so they are probably just hot linking to your stuff. That's what it looks like to me anyway.

If they were trying to hot-link to images on that site they weren't doing a very good job of it - they all returned 404's :)

- tony

The images in the log file are NOT on my site.
NOT my URL...
NOT my images...

The reason I'm thinking it might be an ad parasite is because a friend of mine is seeing popups from her professional site from her browser at home. These popups appear to be generated from her site - when they're not. They're actually generated by the user's browser by some ad software that most of the time people are unaware that they've even downloaded. Similar to the Gator software that is generating FedEx popup ads from the UPS site.

Serving popups from a browser application (like Gator) would not produce a hiot on you webserver - and therefore not an entry in your log file.

Someone - or something IS hitting your server asking for these files - whether or not they exsist. The question is why?

We will probably never know for sure and any guess is as good as mine - so Iĝll just leave it with the (good) ones that has come up.

If the requests bothers you block the agent or IP and get on with something more fun :)

I just received a response from my hosting service....

"This looks like someone probing to see if they could exploit the site as an anonymous open proxy. Notice the result codes are all 404. If the proxy was vulnerable the response would show '200' or 'OK'. Nothing to worry about here."

I haven't a clue what this means (anonymous open proxy) - but I guess it's not a problem.

If the proxy was vulnerable the response would show '200' or 'OK'.

I hope this isn't true. I get hits asking for other domains (usually yahoo or google) that return 200's.

From what I understand, apache tries to match these domains to a virtual host. If one is not found it defaults to your main site. Therefore you get a 200 OK code, but the person is just seeing your homepage.

If a 200 means your server is misconfigured to act as an anonymous proxy, I'm in trouble!