Bitdefender Online Threat Prevention blocking Firefox from making suspicious connection
“Firefox.exe attempted to establish a connection relying on an unmatching security certificate to gitcdn.xyz. We blocked the connection to keep your data safe since the used certificate was issued for a different web address than the targeted one.”
Does anyone know what this is about? Thanks.
Carter
Gekose oplossing
In my opinion, the url that you cited is "not" good.
You see, legitimate websites have 100% no issue with using URL's that are understandable and are associated to their brand.
But of course, legitimate websites might also push the boundaries to aggregate info from your computer for marketing purposes. However, what these legitimate websites do are by no comparison of the evil websites that disguise themselves, lure you to their websites and then do all kinds of things - things that the tech industry is fighting against.
So to make a long story short, that URL you cited looks like "garbage" to me and nobody in their right minds should go to it.
However, people are likely going to it because they are being "re-directed" to it via some other phony website that looks legitimate but is it not.
For example, a website that would look legitimate to most people would be something like www.walmart.con instead of walmart.com
And then from walmart.con the user would unknowingly be sent to that .xyz cite
It's best just to take heed of what the browsers recommend and say about suspicious sites. Ultimately, if the user takes the risk to visit these sites, then the user will likely experience days and weeks of computer malfunction due to infection.
Lees dié antwoord in konteks 👍 0All Replies (6)
hello carter,
i think FF would have given you the same warming without BitDefender. Attached is a warning i got for another site. And the warning was also provided to me by a different browser.
These warnings is part of the tech industry fighting for you/us against bad websites.
Websites that we have been using for many years, could have also been aggregating information about us and without our knowledge.
So i would suggest to take notice of such warnings about suspicious websites and think twice about patronizing them. On the other hand, there could be legitimate websites that are trustworthy. But they need to take affirmative action like updating their "certificates", which browsers use to validate the websites
Thank you for your reply and the useful information therein. What I would like to know is if gitcdn.xyz is a part of Mozilla and legitimate, or not.
Carter
Gekose oplossing
In my opinion, the url that you cited is "not" good.
You see, legitimate websites have 100% no issue with using URL's that are understandable and are associated to their brand.
But of course, legitimate websites might also push the boundaries to aggregate info from your computer for marketing purposes. However, what these legitimate websites do are by no comparison of the evil websites that disguise themselves, lure you to their websites and then do all kinds of things - things that the tech industry is fighting against.
So to make a long story short, that URL you cited looks like "garbage" to me and nobody in their right minds should go to it.
However, people are likely going to it because they are being "re-directed" to it via some other phony website that looks legitimate but is it not.
For example, a website that would look legitimate to most people would be something like www.walmart.con instead of walmart.com
And then from walmart.con the user would unknowingly be sent to that .xyz cite
It's best just to take heed of what the browsers recommend and say about suspicious sites. Ultimately, if the user takes the risk to visit these sites, then the user will likely experience days and weeks of computer malfunction due to infection.
Thank you both for your replies and good advice. Coincidentally, there were no warnings from Firefox about this bogus link.
Carter
A website like http://gitcdn.xyz/ needs to be accessed via the open http:// protocol because there is currently no valid certificate installed, so if you use of force https:// then you get an error page. This is a so called CDN (Content Delivery Network) website for fast access to GitHub content.
You will have to use http for now or accept the risk if you need to access this website. See this subreddit:
Websites prove their identity via certificates. Firefox does not trust this site because it uses a certificate that is not valid for gitcdn.xyz. The certificate is only valid for the following names: *.herokuapp.com, herokuapp.com Error code: SSL_ERROR_BAD_CERT_DOMAIN
Gewysig op
Thank you for your cogent explanation, cor-el.
Carter