Thanks Steven, I will keep an eye on this. Currently have no database applications running so I might be OK re Injection Attack.
If these are bots, why are they showing up as undesirable type sites? If I was going to camouflage a bot I would disguise it as something benign. What is the bot up to? Harvesting email addresses?
I have also checked all my site links and they all go to the correct URL.