A report by Trusteer's Rapport product listed IP address 18.104.22.168 as suspicious. On 2013-10-05 the address resolved to admarvel.s3.amazonaws.com . See https://www.virustotal.com/en/ip-address/22.214.171.124/infor
IP Location Results for 126.96.36.199 Korea , Republic of . See http://viewdns.info/iplocation/?ip=188.8.131.52 . Bad Bots see http://www.webmasterworld.com/search_engine_spiders/3828718.
The documents are part of a computer fraud lawsuit filed by Microsoft against a web domain registered to a Chinese businessman named Peng Yong. The company says the domain is a major hub for illicit Internet activity, home base for Nitol and more than 500 other types of malware, which makes it the largest single repository of infected software that Microsoft officials have encountered.
Peng, the owner of an Internet services firm, said he was not aware of the Microsoft suit. He denied the allegations and said his company does not tolerate improper conduct on the domain, 3322.org. Three other unidentified individuals accused by Microsoft of establishing and operating the Nitol network are also named in the suit.
I got a spoofed email sent from X-Originating-IP: [184.108.40.206] an address in Hungry. The spoofed address text is
YouTube Service <service>
The spoofed return address is Return-Path: <ly>. Acxiom is NOT involved and has been notified. The email had a link that appeared to be a Youtube video but the link actually went to http://cherries.sakura.ne.jp/dreading.html. I do not know what the "dreading" code did but it does not sound good. The people at Sakura need to fix their site.
This site attacked my PC on December 19, 2011. NIS reported and blocked the intrusion attempt.