Avast WEBforum

Other => Viruses and worms => Topic started by: Lodovico3 on February 24, 2023, 04:03:30 PM

Title: URL:Phishing on every webpage I open
Post by: Lodovico3 on February 24, 2023, 04:03:30 PM

Hello,

As of this morning, whenever I open any webpage I am met with an Avast Web Shield alert of the following:

We've blocked a threat URL:Phishing on https://ipfs.io/api/v0/name/resolve/[web domain]

I even got one for this forum URL:Phishing on https://ipfs.io/api/v0/name/resolve/forum.avast.com


I am an avid web3 user but have I been compromised somehow?

Title: Re: URL:Phishing on every webpage I open
Post by: Roch BAMBOU on February 28, 2023, 07:30:41 PM

The seme for me (on Brave Browser).

Title: Re: URL:Phishing on every webpage I open
Post by: DavidR on February 28, 2023, 07:48:08 PM

Start by clearing your browser cache, cookies, etc.

Next when did this start, e.g. after updating/adding a new browser add extension, add-on ?
If so that could be what is reaching out to sites you aren't trying to connect to and is this always to the same site being blocked ?

Try running your browser without add-ons/extensions, does the behaviour/avast alerts stop  ?

Title: Re: URL:Phishing on every webpage I open
Post by: polonus on March 03, 2023, 01:38:52 PM

I get

Quote

{"Message":"invalid IPNS root: \"\"","Code":0,"Type":"error"} 

there.

This is part of an Ubuntu-linux bug report not an answer.

So ipfs get`: tar has invalid root when a filename contains double dot `

See Netcraft risk rating here: https://sitereport.netcraft.com/?url=https://ipfs.io

-https://ipfs.tech/ is not being blocked by avast's.

See domain records here: https://www.shodan.io/domain/ipfs.tech
and https://www.shodan.io/host/107.182.163.162  etc.

polonus (volunteer 3rd party cold reconnaissance website security-analyst and website error-hunter)