Okay.
There are two situations where you would see this — where you see these requests in your log file analyzer and; one, a compromised computer is trying to hack your site, or two, where a compromised computer thinks your site is already compromised. I will bet heavily on the latter.
This is likely a script-kiddie hack that uses lists of what they think are compromised computers. If this is the case, your site is on that list. It happens when a hack attempt is made on your site that is not successful, however, due to poor coding, your site is added to a large list of hundreds or thousands of computers.
What you are seeing looks like URL insertion attempts.
I studied hackers using a fairly large scale of sites and servers. I set up traps and sensors to capture hacker activities to study methods, pay-offs, pay-loads, etc. I then built a system of self defending networks using C to create new sensors, traps and agents that would defend networks from attacks using the attack trees methodology as well as build trust networks to defend attacks in a more granular manner. This was primarily aimed to defend stuff like the power grid. But most of what I was doing was research to help guide software engineers, companies, government, and cybersecurity experts.
Take it from me, this is annoying, that is for sure(!), but not likely a real problem. Don’t worry about it.
Cheers!!