lee <lee(a)yun.yagibdah.de> writes:
Could someone please explain why/how this may be considered as an
attack
or at least as something bad? Someone requesting an URL from a web
server that doesn´t serve this URL --- or doesn´t serve the specified
domain at all --- could be caused by incorrect responses from name
servers, couldn´t it?
What is it in particular that would distinguish the request in question
from others?
This is not an attack, but someone fishing for information. I
understand that apache in some modes give you the first configured vhost
when encountering a query like that. Someone wanted to see if there
was something juicy lying around. The server served the URL
"http://<vhost0>/"
which was the index.{html,htm,php,etc} file in the vhost0 root directory.
-wolfgang