I'm curious about a firewall alert I had yesterday. System attempted to connect to the internet on port nbname(137). I looked up the IP https://ipdb.at/ip/188.8.131.52 and it is registered in Perth, Australia to a company called MetaTECH. I did a whois for the hostname http://whois.domaintools.com/boutiquewealth.com.au rather than visiting the site and they appear to be financial advisers. I also noticed that the site has no WOT or Avast WebRep rating, I don't know whether that is a good or a bad thing, more likely bad I suppose.
I did a bit of Googling as to what nbname is as this is beyond my level of understanding. Apparently NBName is a virus whereas nbname is a legitimate process http://forums.comodo.com/leak-testingattacksvulnerability-research/nbname-port-137-t38043.0.html though I don't see how a company not affiliated with any of the software on my computer can legitimately request an internet connection from my computer?
Anyway, naturally, I blocked this connection attempt but I am very curious as to what this might have been about. Seems pretty dodgy to me. In my naivety it sounds like what may happen if my computer was to be part of a DDoS attack? I am happy to believe this was a harmless occurrence (though don't really see how it can be) but do not know enough about this kind of thing to rule out some nefarious activity. This has happened once before on the same port, but on looking up the IP address it appeared to be registered to Java. I also blocked this connection attempt as I wasn't sure.
Anyone know what this could have been about, or had similar experiences?
Any feedback is appreciated.
-Paranoid internet user.