The following are related hacker IPs probably controlled by a command and control bot:
74.118.71.252
124.50.43.214
60.217.227.135
210.191.147.120
203.165.129.2
210.6.97.244
They all hit our site at the same time requesting things our server does not host.
Here's another set shortly before doing something similar, probably also related to the above:
195.49.188.202
71.63.100.55
210.245.147.241
218.233.57.23272.145.6.47
218.48.127.177
71.63.100.55
210.245.147.241
218.233.57.232
Perhaps someone pointed a domain to the wrong IP since they were all hitting the same domain.
These IPs are all requesting php files -- the favorite language of the hacked and hackers as far as I can tell by the percentage of hacks in the logs on various types of web programming and scripting languages.