Is it normal for (fake) host in HTTP request header to recieve requests?
Yes, in fact it is so common to have such requests forwarded to your application that Django documentation devotes a paragraph just to discussing how to address common seemingly-secure configurations, explicitly warning
in many common web servers a configuration that seems to validate the Host header may not in fact do so
The simplest most obvious such case is the attacker entirely bypassing your load balancer when your application backend is accessible without going through your proxy.
In any case, because it is so notoriously hard to get right on the proxy, it may be entirely acceptable to just point out that the access log not just logs these requests, but also logs that they have been correctly rejected with a 400
HTTP status code.
Remember your application is not vulnerable to that class of spoofing attacks just because it receives these requests. What would make it vulnerable would be acting on them in any fashion that might reveal or change state. Your application should be correctly configured to validate the header and respond HTTP 400
accordingly if receiving requests with unexpected hosts.