First 0.0.0.1 is not internet routable so it could be anything in your DMZ, you will need to use packet capture to track the source MAC address of 0.0.0.1 that is comming from your untrustedDMZ network.
http://www.cisco.com/en/US/docs/security/asa/asa80/command/reference/c1.html#wp2108895
asafw(config)#access-list incap permit ip host 0.0.0.1 host 10.x.2.91
asafw(config)#access-list incap permit ip host 10.x.2.91 host 0.0.0.1
asafw(config)#capture incap access-list incap packet-length 1500 interface UntrustedDMZ
asafw#show capture incap detail
the show capture should provide MAC address information from 0.0.0.1, save the output of show capture detail and note the MAC for 0.0.0.1
then track mac address
asafw#show arp | inc ( should privide with mac address and location on the untrustedDMZ )
Once you collect information
remove incap acl
no access-list incap permit ip host 0.0.0.1 host 10.x.2.91
no access-list incap permit ip host 10.x.2.91 host 0.0.0.1
and disable capture
no capture incap
here is also some good resource
http://www.cisco.com/en/US/products/ps6120/products_tech_note09186a00809763ea.shtml
Let us know what you have found.
Rgds
Jorge
Jorge Rodriguez