Hi amenex.
I'd agree that those requests may have been executed by someone who's "up to
no good", it's likely though that someone just set a vulnerability scanner on
you or some spider was doing whatever a spiderpig... uh.. spider does.
To get to your main question: An HTTP HEAD request isn't often used. It's a
way to ask a webserver to send the same information that a GET request would
yield, without the message body. Only the HEAD - makes sense, right? It can
be useful to find out about certain things, saves traffic and keeps bandwidth
usage comparatively low and pretty much retrieves metadata from a webserver.
Some information you'll get is whether the website is up, the content length
or when the website has last been modified.
- PenGNUin