Alas, it seems 126.96.36.199 (v32747.1blu.de) badly wanted to exploit my server. From the wonderful world of logs, we have (note that the scroll bars won't display in IE for some reason);
The RFI (Remote File Inclusion), comes courtesy of;
Most likely a hacked server, but they've been notified.
The code that they've tried directly injecting is as follows;
I sent this to the ladies and gents at the ISC (Internet Storm Center), and got a reply from Bojan Zdrnj (cheers Bojan :o));