Looking at the logs over the past 7 years I see 130 instances from 52 IP addresses of the OPTIONS query being received by my web server (as opposed to the GET command, for example). The vast majority of those happening in the earlier years, with none happening in 2020 or 2021. These are always received on HTTP (port 80) not HTTPS, and my server (IIS 4) doesn't redirect them to HTTPS (if that is even possible with OPTIONS). I see that my server is responding to these requests (code 200). I'd have to putz around with the server's INET control panel to figure out if I can disallow OPTIONS calls.

A common user-agent making these requests is typically one of these:

Microsoft Data Access Internet Publishing Provider Cache Manager
Microsoft Office PowerPoint
Microsoft Office Protocol Discovery
MicrosoftWebDAVMiniRedir/5.1.2600

Most seem to be coming from legit IP's (edu or institutional). I assume that my URL is being incorporated into various document files (Word and Powerpoint primarily) and then clicked on by the user from within the document. For example I do see many more hits where the user agent is Word or Excel, but I hardly see the OPTIONS command associated with those hits.

After not seeing any for the past couple of years, I see that I got one today from 87.115.231.138 - British Telecom, I would guess a residential subscriber IP. The user-agent being

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

And also requests from the same IP for my default.html and index.html (and no other files), user-agent being

Mozilla/5.0 (Linux; Android 8.0; Pixel 2 Build/OPD3.170816.012) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3765.0 Mobile Safari/537.36

I also note requests for the landing page from 87.115.231.234 on May 6 and 7. So something is going on with 87.115.231.0/24 (dyn.plus.net, British Telecom) that doesn't look right. Maybe it's a proxy of some sort?

Do browsers send OPTIONS queries?