Last friday I got a notification of my host that "a PHP proces" on my website took down their server and the sent me "a yellow card". Checking the access log of that day I see that from [16/Dec/2011:11:00:19 +0100 within a few seconds a few dozen of my book reviews were accessed from the same IP. Then follows one comment post line some more 'get's and 'post's. This stops at [16/Dec/2011:11:00:43 +0100]
After this is goes over to the normal looking (to me) few lines per IP, but I noticed that at [16/Dec/2011:11:08:50 +0100] there is a call for a file of a theme that I do not use GET //wp-content/themes/antisocial/thumb.php?src=http://picasa etc.
Is this something to worry about or did I just have the bad luck of a spam-scanner pumping through a few dozen (which doesn't look all that much to me) posts to find comment fields when the server was already quite busy? (Or is it possible that other sites on the same server had the same access at the same time?)