httpd incoming connections on mac server?

The process is owned by your server so no this does not prove it is legitimate traffic in fact I would say it is highly likely not to be so.

The IP address the traffic is coming from appears to be in the range owned by a Mexican Internet provider, I would guess one of their customers computers is probing your server. Depending on whether you have your server advertised and deliberately available to the whole Internet either this means they found your server via a search engine and are legitimately wanting to access your website, or if it is a private web server you are running they are as mentioned above probing your server to try and break in.

(Every single IP address on the planet is regularly probed by one crook or another to try and break in or find something interesting.)

Note: The owner of the computer may be totally unaware of this as their computer may have been infected and hijacked and be being controlled by crooks as part of a 'bot-net'.

The ISP in question has a website at http://www.akky.mx

K-M wrote:

Thanks John - I then keep the rule to decline those type of incoming requests. Could you please share how you found out the ISP? I tried "whois" but did not have much success.

Thank you.

I first did a lookup of various IP addresses in the range you mentioned - 201.116.6.xxx using Network Utility this suggested a domain of uninet-ide.com.mx I then tried doing a whois of uninet-ide.com.mx using network utility and also accessing tried visiting www.uninet-ide.com.mx in Safari but neither worked. I then did a Google search for uninet-ide.com.mx and this does give me a whois link for that domain.

See http://who.is/whois/uninet-ide.com.mx

Via that I could see the http://www.akky.mx website address.