Weird GET request on internet facing Nginx

Question

I spun up an internet facing nginx server in AWS and the logs started showing weird get requests with a search engine's spider as user agent.

172.31.43.193 - - [19/Aug/2020:20:09:19 +0000] "GET /rexcategory?categoryCodes=SHPCAT33&t=1360657001168 HTTP/1.1" 404 153 "-" "Sogou web spider/4.0(+http://www.sogou.com/docs/help/webmasters.htm#07)" "49.7.20.159"

2020/08/19 20:08:39 [error] 29#29: *14 open() "/usr/share/nginx/html/eyloyrewards/category" failed (2: No such file or directory), client: 172.31.43.193, server: localhost, request: "GET /eyloyrewards/category?categoryCode=SHPCAT118&t=1314948609334 HTTP/1.1", host: "www.rewards.etihadguest.com"

172.31.43.193 - - [19/Aug/2020:20:08:39 +0000] "GET /eyloyrewards/category?categoryCode=SHPCAT118&t=1314948609334 HTTP/1.1" 404 153 "-" "Sogou web spider/4.0(+http://www.sogou.com/docs/help/webmasters.htm#07)" "49.7.20.159"

The domain mentioned in the second line does not belong to me. What is the meaning of these logs? Is my server being used to attack the mentioned domain, "www.rewards.etihadguest.com" ?

Related: https://security.stackexchange.com/questions/40291/strange-requests-to-web-server and https://security.stackexchange.com/questions/116504/why-am-i-receiving-http-gets-for-a-domain-i-dont-own?noredirect=1&lq=1 — mti2935, Aug 20 '20 at 02:28
I think this is more likely a duplicate of the other question mti2935 linked. — Esa Jokinen, Aug 20 '20 at 05:47

Weird GET request on internet facing Nginx

0 Answers0