Well now, this is an interesting development. :
I first noticed an “encrypted” tag name on servers in Switzerland registered to Credit Suisse. Namely 169.54.85.39, and also .45.
Then the same sort of encrypted tag names appear now on this server you bring up, which, depending upon who you believe comes from Durham, NC, or Canada and is register in Canada to IBM. 152.85.77.188
Before I blocked the one you mentioned (Canada) it downloaded over 1 MB from my machine in New Hampshire.
I have taken two precautions. I blocked a range in both Switzerland and in Canada that includes the first two blocks of the quatrains involved to be sure I catch all associated servers since they often daisy chain until they find a point of entry.
I am also in process of blocking all of Switzerland and all of Canada since I have no personal business in either country.
I heartily recommend the program here if you do serious research in these matters: http://www.beethink.com/
Warm Regards, Captain Risu
Post Script: After posting another server showed up displaying the same pattern. I blocked range of 70.32.0.0-70.32.255.255 to eliminated any further contacts from "NOBIS, “Ubiquity” in Phoenix AZ, which is I would guess a research arm on contract to someone handling computer “of interest”,although is is a mystery why anyone would be interested in our home computer. Just us chickens around here !
Post Post Script: MYSTERY SOLVED, I THINK
Got a probe from AVAST using this IP 158.85.77.188, and so I suppose AVAST is in business with the others at NC, Canada, and in Arizona, and this is all part of our security program. I do not like, nor will I accept IP’s that use “encrypted tags”. Thank you AVAST, however, for your very excellent work! Let’s keep it visual for those who can see anyway. :-*