Jump to content

ip address analyze request


Go to solution Solved by Zynthesist,

Recommended Posts

I guess, ill describe the situation:
i use a paid software that is specialized in lowering online games latency, its called noping > their website https://www.nptunnel.com
so, in the past few days, i believe 2 days ago i started receiving this popup notification from my malwarebytes
image.png.33203705a174182329c372f0fb47f0d8.png
then i came here,more preciselly to the help section and started a post, the one linked above.
The kind sould @Android8888 analyzed my logs and presumed my pc is safe.
But, still concerned i went to the noping website support and asked them about the popup notification and mentioned the ip in question, they gave me the following response:

Quote

Good afternoon Andre, the IP 203.23.128.148 refers to one of the servers that NoPing uses, specifically Oneprovider Hong Kong. When opening the program, NoPing will ping all the servers it has, including the IP mentioned, it is possible that your antivirus has blacklisted the IP for some reason, but it would not be able to tell you the cause, since the IP of the server at that moment belongs to us, it is possible that in the past the IP has been used by other owners who have used the server for other reasons / functions, and this has caused their antivirus to have put the IP as a blacklist.

 

Link to post
Share on other sites

16 minutes ago, Zynthesist said:

Looks like this file is reaching out to the IP:


https://www.virustotal.com/gui/file/d916fe3c2451e9c551d119a97b44eb9515270158083ba1b7c0ea6c6b4f8c3adb/detection

 

Thanks for the quick repply @Zynthesist 
Well, is there a way so i can stop this popup from showing? i mean apart from having to add it to web exclusion of course.
Also im trying again contact with noping support, as i will love to hear their excuse regarding this proof u showed.

Link to post
Share on other sites

1 hour ago, andremelo90 said:

Thanks for the quick repply @Zynthesist 
Well, is there a way so i can stop this popup from showing? i mean apart from having to add it to web exclusion of course.
Also im trying again contact with noping support, as i will love to hear their excuse regarding this proof u showed.

Thay still claim the ip is now of their ownership and that the blacklist should be from past events. But they also forwarded the issue to the server management team, lets wait for their repply. Fortunatelly i just noticed malwarebytes has a function to hide notifications when playing in fullscreen mode, ill have to relly on this for a while! Thanks @Zynthesist for your time and kind support! i only ask you guys not to close this until they give back some feedback. Lets give them a couple of days.

Link to post
Share on other sites

Quote

Good evening Andre, As we sent a verification request to our team about the server that was related to our chat (203.23.128.148 - Hong Kong). According to NoPing's server manager, this server was purchased by the company about a week ago, and as mentioned in our chat, about 2 to 3 months ago in the TrickyBot virus / malware used on the same IP address ( 203.23.128.148) to carry out the attacks. This caused several antivirus tools to add or IP Address 203.23.128.148 to a black list. In this way, some antivirus services are actually sending these notifications as if you were reporting in our chat. However, again: the blacklisting on this IP was performed about 2 months ago and apparently some antivirus services / companies do not update their blacklist and are still showing the IP 203.23.128.148 as malicious.

Anyway, after talking to the person in charge of the NoPing servers,  he managed to make a change in the server's IP. The server had its IP changed to: 203.23.128.241 This IP has not been added to any blacklist at the moment, so your antivirus program may fail to point out a malicious connection attempt by NoPing.exe.
Any questions we are available!

well looks like the problem is finally resolved. Again, thank you guys for all your efforts and time spent on the issue.

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.