Hi DavidR,
Here we go, some more detailed information about that url being suspicious/malicious.
It is not only this IP, it is the hoster which is "high risk" one:
http://www.abuseipdb.com/check/15chan.net "commercial adware and e-mail spam"
High Risk so-called EMD classification:
http://hosts-file.net/?s=jolts-online.net&wn=1This is the initial url that was flagged by badmalware: 646312 2012-10-21 fedwireclearance dot com 188.40.205.219 24940 htxp://fedwireclearance.com/info/view/dir/content/check/default_files/ and a couple of other attack probes....
More instances of PHP malcode attacks there, see: htxp://bbrlplc.com/lot/show/conf/Duk/?MD (suspended domain)
see: etc/ transferringEXEtax.php, view/dir/content/check/uploadpic.php, see this Exploit being exploited Google Dork : inurl:uploadpic.php intext:Powered by phpBB, the particular exploit info was removed, bit the initial information could be retrieved via the Google cache, the exploit method is to perform a changed log with TamperData To shell.php, and transferringEXEatc.php, transf8.jpg etc. (so the firefox add-on tamper data can also be used for malicious purposes).
I think this information is sufficient for marking these urls as suspicious, probably the attacks are to launch spam,
polonus