Just to clarify - the "/blahblah" is the actual path of the request - I havent changed the log entry!

Probably someone gathering info about your server. If you send some random HEAD request, you get back the 404 (NOT FOUND) response. However you also get info about the server (OS you are running, server software, etc).

You see it all the time from spammers/script kiddies/robots. If you saw it on multiple machines, it's probably some idiot scanning ip blocks hoping to find easy targets. It is amusing though when they are too lazy to even come up with a request that even looks semi-legitimite.

Thanks Sequencher

I just thought it strange someone scanning for a path of "blahblah".

If someone was just trying to gather information about a server - couldn't they just have used something like netcraft's web site?

Sorry to keep adding to my own posts ;)

There are alot of scripts/tools available that just rapidly scan a range of ip addresses. They then process the server responses looking for vulnerable systems. That way you end up with a list of high-probability targets with minimal effort rather than going through each ip address by hand. Plenty of viruses/worms do the same thing as well.

Unless your machine in question is hosting a "high-profile" site like microsoft or AOL, I doubt someone is specifically targeting your server, but you never know. One good way to tell if it is an automated scanner is if you see the same scan profile across multiple servers one after the other in quick succession.

Yeah the blahblah is strange, but you'll see stuff like that every once in a while (like the "GET /Sumthin" scan). If your machine is updated and secure, I wouldn't lose sleep.