I doubt it has anything to do with the web server. More than likely it is a scanner that is just going through an entire subnet looking for machines that are susceptible to that particular type of...