SANS ISC highlighted awstats attacks today in the diary. I’m seeing the same sort of thing. Scans looking for
I think that is a 9 month old awstats vuln. If you’re running it you should patch it, and password protect the directory it is installed in.