Well that sucks - I created a new subdomain on Sunday, and even though I haven't configured a website for it yet or advertised or linked to it anywhere (it's purely in DNS records), I've already got 78 unique IPs within 24 hours, doing HTTP requests for the domain.
These are not IP scans (which I would expect), but HTTP requests that include the new domain name.
It's not even just being nosey at the root level, there are also requests for "../../../xxxxx" and login pages etc.
Only 3 of them are IPv6.
If anyone wants a list, I can provide it.
These addresses are extra ones that are not blocked by the great lists provided by
@stratosphere , as they are filtered out already.