This error is generated when a client requests a website from Caddy that you haven’t configured it to serve.
So you’ve got xxx.duckdns.org configured, but someone requests example.com or an empty string (no hostname) or an IP address. Caddy’s got no clue how to serve that request, hence the response.
You’ll see this kind of thing happen a lot on the public internet - people scan public ports all the time just to collect information or look for vulnerabilities. It’s fairly normal.
The remote in this case was 192.168.0.155, though - which is private, likely a device on your network - and they requested a private IP address. I’m guessing you typed in 192.168.0.16 to your browser’s address bar?