It certainly does not look like an SQL injection, those are targetted and would involve SQL control characters.. MD5 strings would really not help an attacker here.

Then again, it also doesn’t look like a ‘require/include’ attack. Those tend to exploit known problems of software (you’d see a lot of /someforumsoftware/?root_dir= requests), they really don’t perform queries from random forms on web sites.

Then again, I’ve had spam containing nothing but illegible text. And I’ve have had spam bot registration attempts on my personal site which runs a home-grown CMS.. seriously a waste of time for spammers but hey, whatever keeps them happy.

What to do ?
If you do not use ‘http:’ within your URL’s
Query_String you may simply add the following code
at the beginning of all of your PHP-Files:

As long as the above code is on the FIRST Line, there is no way
your script is able to load external pages, it just gives back an empty Page

As an alternative, if you are able to change
your .htaccess file, you may create
a rewrite rule 403 FORBIDDEN there:

RewriteEngine on
RewriteCond %{QUERY_STRING} http[:%] [NC]
RewriteRule .* /————http———– [F,NC]
RewriteRule http: /———http———– [F,NC]

This is the fastest way and works for all files and all CMS Systems
Source: http://www.whyron.com/http.htm