Are these HTTP HEAD requests? If so, that's usually a sign that someone (or several someones) is running a brute-force password guessing attack against your site.

The server stats says "HTTP Headers"

ServiceUsageIn (M) Out (M) Total (M) % of All
FTP 112.158 31.677 143.835 0% 
HTTP0.274 742,353.33 742,353.605 56% 
HTTP (Preview) 0.0 0.0 0.0 0% 
HTTP Headers348,231.67 224,281.202 572,512.871 44% 
HTTP Headers (Preview) 0.0 0.0 0.0 0% 
HTTPS 0.0 0.0 0.0 0% 
HTTPS (Preview) 0.0 0.0 0.0 0% 
HTTPS Headers 0.0 0.0 0.0 0% 
HTTPS Headers (Preview) 0.0 0.0 0.0 0% 
IMAP 0.0 0.0 0.0 0% 
POP 1.502 38.975 40.476 0% 
SMTP 0.0 0.0 0.0 0% 
SSH 20.557 4.597 25.154 0% 
TELNET 0.0 0.0 0.0 0% 
Unknown 0.0 0.0 0.0 0% 
All Services348,366.16 966,709.781 1,315,075.941 100%

I think this probably is a result of HEAD requests since they only transmit header information (as opposed to GET requests which actually return a file). If it's a password attack you should also see a dramatic increase in the number of 401 errors (access denied) reported by your stats program.

IE set to always check for new versions will perform a number of HEAD requests equivalent the number of JS, CSS, and images linked to from a page. Due to clueless admins, a site I have access to does 50% of its traffic in 304 responses to HEADs, for 1/6th of its bandwidth. They told the users to change IE's cache validation setting.