The apache logs were revieuwed and didn't show any weird values, to give more information: ftp's and other things were tried to be bruteforced. The IP has been traced and the from-host is some Chinese machine that is responsible for more attacks. Probably some hackers-proxy-box

But yes, that's some nice tip too: will do