Re: Question about Attack Warning

Looking for an opinion on an "Attack" message I received:   "NETGEAR Armor detected that a suspicious remote location 188.240.13.2 attempted a connection to Pixel-7-Pro and blocked that connection.  We will keep an eye on the this device for you.  You're protected and don't need to do anything."   I was concerned because it is an attack on a specific device and the message alerted 4 to 5 times and on different days. 

Has anyone received this message or know if this is something to worry further about?

Thanks,

Just Armor letting you know that it's doing it's job. 

Can do a Whois look up on that IP address to see where that is coming from if you like. 

Otherwise, normal to get notices from Armor about items it blocks. 

Do you think it is odd that it was tied to a specific device such as my phone?

No. Could be picked up on any or maybe some targeted attempt. 

IP shows from this company:

inetnum: 188.240.13.0 - 188.240.13.255
netname: NL-DATAWEBGLOBALGROUP-20090623
country: NL

https://datawebgroup.com 

Hey, I'm having the same issue. 

“NETGEAR Armor detected that a suspicious location 151.101.1.91 attempted a connection to [device here] and blocked that connection.”

It's always the same IP. The IP is owned by a company called Fastly, and they can't figure out what's going on. 

Is there anything I can do or should be doing about this?

Thank you. 

One resource that may be helpful when investigating suspicious IP addresses is the Abuse IP Database service.

Ah, so likely something not to worry about then. Okay, great. Thank you!