With request like "get/XX HTTP/1.0" it's possible to obtain IP address of internal Web server.
vulners.com/securityvulns/securityvulns:doc:12649