A quick review of the site in question solved this question. It was setup with IP Address Restrictions
, the 404.503 is logged for every request that is not from an allowed IP address.
Normally a 403 (Forbidden) status is sent, but in IIS 7+ you can specify which status to return. In the
'Edit Feature Settings' for IP restrictions choose the 'Deny Action Type':
Unauthorized - results in a 401 Unauthorized - IIS-Logs: 401.503
Forbidden - results in a 403 Forbidden - IIS-Logs: 403.503
NotFound - results in a 404 Not Found - IIS-Logs: 404.503
AbortRequest - results in a Aborted - IIS-Logs: not logged