Topic: TalkImg.com - Image hosting for BitcoinTalk - page 2. (Read 20188 times)

One of my machines has Avast free antivirus installed, and it's still falsely flagging your website as a phishing threat. It's clearly a false positive, likely caused by a malicious report. Given the recent DDoS attacks, it's possible that the same jerks are behind these false reports.

This could be a problem for people who rely on free antivirus software and prevent them from accessing your website, so you might want to reach out to Avast support to get this sorted out.

I don't see any signs of cloudflare. joker_josue, did you remove the cloudflare protection? Tried accessing Talkimg from different browsers, different device. There aren't any annoying Cloudflare message, neither the capcha popup! Anyway, good thing everything works fine, for now, at least from my side. The loading time was pretty fast, and there were no issues with upload image either. So far, everything looks good. 

I don't like my history saved anywhere, so I  set my browser to delete history of visited pages each time I close my browser, and I am always starting with a ''clean'' browser.
If there is a need for some cookies not to be deleted there is always an option to add exceptions in browser settings.
There is also alternative to start browser in ''private'' window.

I use the same method, except that in some cases I do another refresh of the page, just to make sure I'm not on the cache. However for a long time now, I almost always check the URL in the address bar. Now I do it automatically.

That's why I type it. What are the odds of me typing the exact same phishing site that someone could have entered into my browser's history?

Be careful.   Replacing a popup (cached) address is easier to modify since EVERYONE has access to the files.

I do both: I type the address, and if my browser pops it up from it's URL history I know for sure it's the correct address.

It appears that everything is back to normal, more or less.
I can still see cloudflare loading sometimes when I am opening the website but it's not asking me so solve anything.
I tested image upload and everything worked fine.

Instead of doing this it's much better to just bookmark the website in browser and click on it later when you need it.
Typing a website address in search engine or in address bar is slower and more dangerous for everyone.

There is no registration page by the way, you need to PM joker_josue if you want to create an account.

I said this in the sense of not using web links to access the site.
Logically, if the person saves the link in their favorites, they won't need to write whenever they need to.

Why do you recommend this?  Each time you visit you have a chance of mistyping and going to a phishing site, and you can be tracked by keyloggers    The best way is to click on a bookmark or favorite since they cannot be modified without admin permissions.

I followed the link in this post by danadc in the Spanish ANN, which correctly points to the https. The image I shared was the 2/2 and you're right that there appears http , but the 1/2 referred to the https, as shown in the following screenshot.



Thank you joker_josue , that's what I thought, but I wanted to share it with you just in case. It must be just an issue with my antivirus.

Thank you for bringing this point to attention. First of all, I want to guarantee that despite the attack suffered, no data was corrupted and no one outside had access to the server. Even if this had happened, it would have no impact at this point as everything was reset based on an offline backup.

That said, I analyzed the situation.

1. The "favicon.ico" file simply does not exist on the server. But what is favicon.ico? This file is used by many websites, to generate the website logo icon that appears in the browser window. In the case of TalkImg, this type of file is not used for this icon. If you look at the source code of the website's home page, you can see that this icon is obtained as follows:

2. The alert is pointing to http:// talkimg.com /... and access to the site must always be via https and not http.

The question is: did you write the address directly in the browser, or click on a link? If so, where was it? It is always recommended to directly type the address to access the site.

3. This was one of the requests used by part of the DDoS attack. Which is normal, this attack usually tends to use non-existent requests on the server to overload it. Since this was one of the links attempted by the attack, in the various reports the link may be associated with some type of threat. But in this case, no such file exists and most requests to this effect have been mitigated by Cloudflare.

In that sense, this is clearly a false positive. And always remember to check the links you click.

I doubt that only forum members use your services; do you track where your images are uploaded? I understand your focus is on Bitcointalk, but some people would prefer to subscribe to help maintain the system rather than make a one-time donation.

Or does your link only work within the forum? Have not tried it elsewhere yet.

Ran some online phishing detectors tools, and some identified it as suspicious/phishing, while others marked it as clean. I'm guessing it's a false positive. joker_josue might be able to give better insight on this!

I don't know, maybe I'm the only one who is receiving this alert, but when I've last tried to visit TalkImg my antivirus prevented me about a phishing attempt. I think that this is not the first time I read about this favicon thing, but I can't remember in which context, and as I don't know much about it I share it with you, just in case:



I hope it is just a false alarm.

---

 

The forum only accepts images up to 2.5MB, so it doesn't make sense to offer a plan that allows for larger uploads.

It continued to accept donations and possible advertising proposals.

Have you considered offering premium service packages to your service? It is quite expensive to run an image hosting site, yet you are providing it for free.

Every free image hosting website is following the paid package trend. Images under 10MB are still permitted on the free package, but anything larger should be charged for upload.

It was down for a few weeks not last week which made many people unable to extract image links from this site. Maybe many members were suffering because they couldn't extract image link from this site they know. They were forced to extract image links from other sites, such as https://imgbb.com/
but the problem that was there is now solved. Members are now grateful to him for that. 

I read the translation of this topic in my local section and I use it when I want to add images.
You really did a great job, it's a great service for the community, I just wanted to come here and say thank you.
I saw there was a bit of a problem last week and I thought it would be fixed in a few days, and it was.