You might want to add to that link it costs money and logs take up drive space.
IpNetInfo is free. Anyway here's what I found.
% [whois.apnic.net node-2]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html
inetnum: 18.104.22.168 - 22.214.171.124
descr: CHINANET Hubei province network
descr: Data Communication Division
descr: China Telecom
status: ALLOCATED PORTABLE
remarks: This object can only be updated by APNIC hostmasters.
remarks: To update this object, please contact APNIC
remarks: hostmasters and include your organisation's account
remarks: name in the subject line.
role: CHINANET HB ADMIN
address: 8th floor of JinGuang Building
address: #232 of Macao Road
address: HanKou Wuhan Hubei Province
phone: +86 27 82862199
fax-no: +86 27 82861499
trouble: send spam reports to firstname.lastname@example.org
trouble: and abuse reports to email@example.com
trouble: Please include detailed information and
trouble: times in GMT+8
person: Chinanet Hostmaster
address: No.31 ,jingrong street,beijing
Now just because it's from China doesn't means it was instigated from a user there. You script kiddies should know hackers will make zombie armies and use those to mask themselves.
And David your server side security should have caught that. When that many requests come in it should have put any more requests in a que untill the amount cooled down. If it doesn't then you get a server overload.