This guy is likely just a hacker, or probing to see our 401/404 page.
However how can he do this? I cannot reproduce it.
The Log: 2 different times but here is one
2008-02-13 20:52:57 172.16.0.30 GET / - 80 - 209.4.20.34 - 401 1 64
However if I telnet and do a get:
Connect: 172.16.0.30 (local IP address for website)
Port: 80
GET / HTTP/1.1
host: www.xxxxx.com
I'll get my Index.html page. This is what it looks like in the log
2008-02-14 16:06:02 172.16.0.30 GET /index.html - 80 - 172.16.1.16 - 200 0 0
or
GET / HTTP/1.0
I'll again get my index.html page.
I tried putting in special characters
GET /_ HTTP/1.0
then I get a 404 page.
But how is this guy able to get it to not direct '/' to 'index.html'... and he gets a 401 error?