Strange DNS Issue- Advice Sought

Here's the thing-

I think that a DNS server/set of DNS servers in China are misconfigured, and hitting one of my IP addresses. . .

Looking at my logs, I'm repeatedly getting requests to one of my servers for pages in the domains "www.nudecards.com", "www.leadhound.com", "www.linksynergy.com", "cash.whitestockings.com" and others, and the requests ALWAYS come from IPS in China. Looking up the ip addresses in APNIC says that they are all owned by CHINANET, which must be the state ISP or something.

I wrote a perl script to parse my logs and pull out all the IPS of requests for these pages, which I am getting a lot of, from only 317 unique IP addresses.

This has been going on as long as I have had this IP address. I have all the bandwidth I want, so it's not the use of resources that bugs me, it's just that it's clogging up my log files and ruining the usage reports.

What I'm thinking of doing is just blocking these 317 ips with ipchains. For one thing, all the sites at this IP are english, specific to Massachusetts and for non-profit legal aid agencies. For another, none of the requests from these IPS are for pages I host. . .

Do folks think this is a good/bad idea, and what are your thoughts?

Example log entries from these requests are attached.

I had no idea where to post this, and linux seemed the best place.

Wow, that's definately a screwed up nameserver, but I don't think it's China's fault... check it out...

The host their trying to reach is nudecards.com right?

If you do a whois lookup on nudecards.com you find out it belongs to some guy in palo alto, ca. and what the screwed up name servers are...

Technical Contact:
Conru, Andrew URL
Friendfinder Inc.
445 Sherman Ave., Suite T
Palo Alto, Ca 946306
US
650 324-4867
650 324-99379


Domain servers in listed order:
CASTOR.CONRU.COM
POLLUX.CONRU.COM

I'm assuming if you let him know about the problem, this guy will fix it, cause it means people are going to your site and not his.

Good luck...

Thanks for the feedback.

All the requesting IPs are from China, though. As we all know, DNS entries propagate around the world and each ISP usually provides DNS services to it's own users.

Therefore, when these folks in China try to get "nudecards.com", it goes to their local DNS server, does a lookup, and then sends them to my boxen.

I don't think it's an error in California, I can get nudecards from my terminal, and again all the screwed up requests come from China, which leads me to believe the Chinese DNS servers are wacked.

Honestly, I would send an email to chinanet and/or the guy in california and then block the ip addresses. No matter who's falt it is, it is comming from one area that, in all likelyhood, will never need/want access to your site.
Even though it may not be the site owners fault, he may want to take action to remedy this so that he can get more traffic.