A/V blocked connection: app Vivaldi
-
Hi - I browsed to my password management site using Vivaldi and McAfee alerted me that it blocked a connection for me. 1st time this had happened and didn't make any sense. The blocked IP was 52.216.109.133. I did a whois search and got it is an address in a AWS range from 52.216.109.1 to 52.216.109.255. Was vivaldi making some sort of background connection? Is this something I need to worry about? What was this?
-
@joesnowdon Welcome to the Vivaldi Community
What's your password management site? Maybe they use AWS and your McAfee thinks mistakenly thinks this is a malicious IP.
Does it happen using other browsers?
Vivaldi might make background connections if you've enabled any of the settings under Privacy > Third Party Services, like the phishing and malware protection. However, I'm pretty sure this is only done on the initial startup, to get updated lists.
-
@Pathduck thanks. It has never happened before, and I only just started using Vivaldi as my primary browser cuz I'm loving the multitasking features. I use Abine Blur for my password management, for a couple years now. Not my first view there using Vivaldi, but for some reason McAfee blocked a process that went there as soon as I refreshed this time. That was why I got suspicious - what caused that all of the sudden? I'll check 3rd party services and see if anything is running in the background. Thanks again. I'll report back.
cheers
-
@joesnowdon said in A/V blocked connection: app Vivaldi:
Abine Blur
Well, this company uses AWS for their website so I'd say there's a good change this is the Abine servers. Maybe like said above an extension or some other process on your system makes this connection, and the AV reports it as a false positive.
but for some reason McAfee blocked a process
What process made the connection?
-
@Gwen-Dragon said in A/V blocked connection: app Vivaldi:
And sometimes the behavioral detection for malware on some security tools is broken and gives false alerts.
Quite right. Download the VirusTotal extension, I believe from google, and enter the URL. It will show a safety rating.
Also if you think you need to update Extensions, go to the Extensions page, turn on Developer Mode. You will see an option to Update, update then turn off Developer Mode.
As said this is usually done in the background and usually is not required, -
@Gwen-Dragon said in A/V blocked connection: app Vivaldi:
vivaldi://serviceworker-internals/
I think that it was a false positive, especially if it looks like Abine is using AWS. It is a cloud password manager that is accessible from multiple devices (any desktop I login with, any mobile device, etc.) so that must be the answer. I checked the serviceworker-internals and everthing there I pretty much expect to see, and I have not had the warning again.
Thanks everyone for all your input and research! I appreciate it!!
-
-