# Teach Me about this



## 7thswan (Nov 18, 2008)

My computer protection blocked an attack. It shows who it came from and the computer which it came from. How do I find out who this is?
Sourse address 149.47.160.130
attacking computer 149.47.160.130.80


----------



## farmrbrown (Jun 25, 2012)

Try this.

http://whatismyipaddress.com/ip/149.47.160.130


Just paste in the address and it will get you pretty close to who your looking for.

When I put in the last number, .80, it gave an "unknown", to trace to the specific computer.


----------



## 7thswan (Nov 18, 2008)

Thank You. Is this a specific attack or a computer viris of some sort.


----------



## Nevada (Sep 9, 2004)

7thswan said:


> Thank You. Is this a specific attack or a computer viris of some sort.


It's impossible to tell from the skimpy information you are providing. It could be as innocent as a website trying to fetch cookie info.


----------



## 7thswan (Nov 18, 2008)

Oh, I didn't know that I had more info.


----------



## Nevada (Sep 9, 2004)

7thswan said:


> Oh, I didn't know that I had more info.


You didn't say what application blocked it, what the intrusion was reported to be, or what you were doing when you got the warning. All we know is that something blocked something, and that you believe what was blocked was some kind of an attack. That's not a lot of information.


----------



## farmrbrown (Jun 25, 2012)

7thswan said:


> Thank You. Is this a specific attack or a computer viris of some sort.


Yeah, it's really hard to say exactly what it was, could have been a business trying to get cookie info, or a spybot, or even a phishing expedition.


----------



## WhyNot (Jun 21, 2011)

7thswan said:


> My computer protection blocked an attack. It shows who it came from and the computer which it came from. How do I find out who this is?
> Sourse address 149.47.160.130
> attacking computer *149.47.160.130.80*


What I put in bold....could it have been like the following, instead:

149.47.160.130:80 ? If so, most likely what others have mentioned, as this means that the IP address is attempting access to you through port 80 or rather responds at port 80...which points to it just being a website of some sort probably trying to place a cookie on your computer. Port 80 is the port to which/through which http protocol utilizes.

That ip address traces back to a web hosting server...eventually anyway. Again most likely the "attack" was a misplaced query or simply a cookie trying to be placed.

Can I ask what program is warning you of attacks?


----------



## 7thswan (Nov 18, 2008)

I have Norten. It did ask me if I wanted to save it to a clip board, I said yes. It's here somewhere. I get the same protection each year,but this is the first time It poped up like that.


----------



## Zephaniah (Mar 16, 2010)

149.47.160.130 probably should have been nomenclated 149.47.160.130:80 which means port 80, the www port.

149.47.160.130 is owned in Florida and is called 

OrgName: Precipice
OrgId: PRECIP
Address: 11231 U.S. Highway 1
Address: #171
City: North Palm Beach
StateProv: FL
PostalCode: 33408
Country: US

who's physical ip presence is in 
Carson city, NV

and resolves to emmafrost.seowebhosting.net

Probably a zombie in a botnet


----------



## ceresone (Oct 7, 2005)

My Mc Cafee kept blocking one day this week, about 14 times in one day--info said it came from Amsterdam


----------

