Hi, antivirus keeps blocking me this url ssl://70.34.213.224:8444 to access \app.asar.unpacked\daemon\start_wallet.exe
Is the folder app.asar.unpacked legitimate? Can my computer be compromised?
Ports forwarded via UPNP
Protocol:
"Time;URL;Status;Detection;Application;User;IP Address;Checksum
06.08.2023 3:12:16;ssl://70.34.213.224:8444;Blocked;Internal IP list of blocked addresses;C:\Users*\AppData\Local\Programs\Chia\resources\app.asar.unpacked\daemon\start_wallet.exe;DESKTOP-*\username*****;70.34.213.224;AE157B4D3D5AD571B40F2385930A40F6AAD9B6A6
"
If it’s actually upset about the IP address, there are a few explanations possible. ISPs can recycle IP addresses if customers aren’t paying for a static one, or possibly a static IP address gets passed on to the next customer after the first clown set up a bot net or other shenanigans with it.
Also https://whatismyipaddress.com/ip/70.34.213.224 is saying it’s a Russian hostname but datacenter is in Sweden? It could be on someone’s list for political reasons due to the climate over there (Russia).
Another fun fact is not just ‘good people’ that farm Chia. It’s like anything in life, even axe murderers go out for fast food and car washes, some real pieces of work also farm Chia (state actors, scammers, etc).
It’s probably safe as they most likely aren’t targeting you directly, but yes, you’d be trading packets with a scumbag (possibly).