Sorry that wasn't clear. They are consistently, every few minutes, trying to access this site that was taken down 3 months ago. I placed a mod_security rule to catch when users would try to access this page so all these attempts have been logged in audit_log for easier parsing (since we have plenty of other websites to monitor).
They aren't performing portscans. However, they seem to be forging their browser identification strings -- the same host uses over 40 different "browsers," some of which appear below from the access_logs:
"Mozilla/5.0 (Macintosh; U; PPC Mac OS X; en) AppleWebKit/412 (KHTML, like Gecko) Safari/412"
"Mozilla/2.0 (compatible; MSIE 2.1; Mac_PowerPC)"
"Mozilla/4.0 (compatible; MSIE 5.0; Windows ME) Opera 5.19 [jp]"
"Mozilla/2.0 (compatible; AOL 3.0; Mac_PowerPC)"
"Mozilla/3.0 (X11; I; OSF1 V4.0 alpha)"
"Cyberdog/2.0 (Macintosh; 68k)"
"Mozilla/5.0 (compatible; Fedora Core 5) FC5 KDE"
"Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8) Gecko/20060206 Songbird/0.1"
"Mozilla/3.0 (Win16; I)"
"Mozilla/2.02Gold (Win95; I)"
"Mozilla/3.0 WebTV/1.2 (compatible; MSIE 2.0)"
This is all from the same host, and then the list cycles again.
My last email to them to request that they cease this activity was over a month ago. They haven't listened. That is what is most frustrating.