blocklist's People
Forkers
raymondghost sebmonty gagliardetto solanamonkeybusiness arrowana harii94 faridmovsumov moflo rafeh90 isabella232 greenygh0st xxmafiaxxx vidorge ns858 gratefulamadeus njok2 doc-izaz exolocity fiorento solchef fanitrade stndkng turshija ondradvorak mcintyre94 m30m devyuhan arabpunks mestirman juli0-concerto vanmancool lvshaoping007 nkootstra 4akers21 cryptordx chrisinvb dpazdan tarballqc cloakd whalewhite jterry1 shamile7335 0xinfra 0xstendhal cryptoloutre nemojon leonsbuddydave crafolsph oss-el zlibert lfernandezpt chronicintrovert henshinhelmet tadesigntree justinmky nchild swaroopmaddu boyquotes vytick bouse2vache jayjax1 gooduser1 auditorua marty-mcflai atguag bfriel kevindkim boomboozle doppelxyz dbnewman piessenslander tonydears lekkerelou perelman322 thefreecat1 t-proctor foreverdead228 spencerisgiddy vile sebaseek elcancer2013 sadbhabie yugure-orca mjmaster66 mikemaccana b12e 0x4c756b65 reverseos nikitavr kdenhartog beeman bin-umar lexer sea-snake indirasieben 4everlandorg cutemonstersnft stuff2600 izrake julianhzhublocklist's Issues
[Legitimate Site Blocked] usdcswap.com
Our website usdcswap.com was flagged as potentially deceptive here.
The website is owned and managed by Ultra Stellar and is linked to at the company website ultrastellar.com
This is a legitimate website however the USDC swap tool has been temporarily disabled some time ago. We are planning on resuming the operations over the next few months.
Please remove usdcswap.com from this blocklist as soon as possible. Metamask issue link attached.
[Legitimate Site Blocked] my.ether-room.xyz
This has already been resolved at Metamask.
MetaMask/eth-phishing-detect#11497
Wrongfully flagged domain. Thank you, please let me know how I can be of any help.
[Legitimate Site Unblocked]akiprotocol.io
**Domain: https://akiprotocol.io
**Details: The site is loyal to its users and we didn't find any malicious activity so far. Let metamask wallet access able to this site.
Adding more info about Aki Network / Aki Protocol.
Aki introduces two layers to organize the web3 world’s information and make it universally accessible and useful.
An open infrastructural multi-chain knowledge base that provides oracle services and rewards data layer contributors - Aki Protocol
A consumer-facing application suite built on top of Aki Protocol with a specific focus on influencer-centered graphs - Aki Network
Whitepaper: https://aki-network.gitbook.io/aki-general-whitepaper/
Twitter: https://twitter.com/aki_protocol
Email: [email protected]
Feel free to DM/email and book a call with us if you have more questions
[Legitimate Site Blocked] Exodus.icu - a Revolt Chat clone
Hello!
I believe exodus.icu was automatically flagged due to its resemblance of exodus.com, or possible past use in phishing activities. I just recently registered the domain 2 days ago and plan to run my own personal instance of the Revolt Chat app. It's currently up and live now, and a few friends alerted me that MetaMask or Phantom are flagging it.
If I could request the flag be removed, that would be great. I also utilize a few subdomains such as https://app.exodus.icu/ https://autumn.exodus.icu/ https://docs.exodus.icu/ https://support.exodus.icu/ https://endpoint.exodus.icu/ and have plans to use a few others in the future.
Update blocklist.yaml
nft-blocklist.yaml coverage
Hi, thanks for this resource!
For the nft-blocklist, is the coverage ETH only? or are these contracts also malicious in other networks (e.g. MATIC)?
I'm working on an API which tracks malicious domains from a variety of sources, alongside malicious NFT contracts for ETH & MATIC (and AVAX, FTM & BSC in future) at https://github.com/smk762/no_phish_nfts
Happy to coordinate with sharing data back upstream. Do you have any licence or attribution requirements?
Little example how to use Phantom block list with PHP
Somehow blocklist file is not being parsed with Symfony parser so I needed to make some changes. Purpose of this example is to help someone who is struggling to use it with php.
<?php
namespace App\Utils\Nft;
use Symfony\Component\Yaml\Yaml;
class ScamPrevention
{
const SCAM_URL_SOURCE = 'https://raw.githubusercontent.com/phantom-labs/blocklist/master/blocklist.yaml';
private static array $scamWebsites = [];
public static function isScamNft(array $nftMetadata): bool
{
if (empty($nftMetadata['external_url'])) {
return false;
}
$website = $nftMetadata['external_url'];
$website = preg_replace("(^https?://)", "", $website);
$website = str_replace('www.', '', $website);
if (in_array($website, self::fetchListOfScamWebsites())) {
return true;
}
return false;
}
public static function fetchListOfScamWebsites(): array
{
if (!empty(self::$scamWebsites)) {
return self::$scamWebsites;
}
try {
$scamWebsitesAsYaml = file_get_contents(self::SCAM_URL_SOURCE);
$parsedWebsites = Yaml::parse(str_replace(': ', '', $scamWebsitesAsYaml));
$parsedWebsites = str_replace('- url', '', $parsedWebsites);
self::$scamWebsites = explode(' ', $parsedWebsites);
} catch (\Throwable $throwable) {
self::$scamWebsites = [];
}
return self::$scamWebsites;
}
}
How can you test?
<?php
namespace Tests\Unit;
use App\Utils\Nft\NftException;
use App\Utils\Nft\NftHelper;
use App\Utils\Nft\ScamPrevention;
use Tests\TestCase;
class ScamPreventionTest extends TestCase
{
public function testFetchListOfScamWebsites(){
$scamWebsites = ScamPrevention::fetchListOfScamWebsites();
$this->assertIsArray($scamWebsites);
$this->assertNotEmpty($scamWebsites);
}
public function testIsScamNft(){
$this->assertTrue(ScamPrevention::isScamNft(['external_url' => 'officialnftgift.com']));
$this->assertFalse(ScamPrevention::isScamNft(['external_url' => 'movsumov.com']));
}
}
NEW SCAM SITE
link on dropbox with stealer on site
https://www.dropbox.com/s/dl/9aerkhjab8s3wjs/Magical%20World%20%28BETA%29.zip
News about same (old) scam - https://www.bleepingcomputer.com/news/security/fake-cthulhu-world-p2e-project-used-to-push-info-stealing-malware/
Legitimate site blocked
Hello,
Please remove fatcatsupgrade.com from your blocklist. This is a legitimate site and we will be launching an art upgrade for the FatCats Collection here.
It is a fresh domain so I can see how it was flagged, but I can assure you it is legitimate.
For some proof of my reputation, you can see some code contributions I've made to metaplex and various other projects in the solana ecosystem here. Let me know if you need me to provide any more proof.
metaplex-foundation/candy-machine-ui#12
metaplex-foundation/sugar#348
NEW SCAM SITE
link on dropbox with stealer on site
https://www.dropbox.com/s/dl/9aerkhjab8s3wjs/Magical%20World%20%28BETA%29.zip
News about same (old) scam - https://www.bleepingcomputer.com/news/security/fake-cthulhu-world-p2e-project-used-to-push-info-stealing-malware/
Scam site
Stealer in download button
NEW SCAM SITE. BLOCK IT!
stealer in launcher.
https://www.[dropbox].com/s/dl/xinamt4gdfzvb8q/CeladonLauncher.exe - link on download from website
virustotal
[Legitimate Site Unblocked] cryptoleakvn.com
Hello, my website has been blocked by mistake. Please help to verify.
Error in Blocklisting (BanterBubbles.com)
https://banterbubbles.com/ Hi there guys, hope you're well, we've just noticed our website being flagged as dangerous with malicious activity present.
I assure you this is not the case. Please visit our site and notice there are absolutely no requirements for any metamask or other wallet addresses. It's not even an available option.
Banter Bubbles is a platform we built for users in the Crypto Banter community to track major price movements in Crypto. We allow users to chat through use of their Twitter account.
Please correct this issue as it is causing major issues for our community.
Correspondence will be much appreciated
Best regards
Josh (Product Manager)
btcs.love in blacklist
http://btcs.love/ is the official domain controlled by COREDAO. I believe it should not be on the blacklist
scam site
SCAM WITH STEALLER!!!
Is it correct that netlify.app is on the list?
Hi everyone
I had the error pop up when trying to open my non-blockchain related app on Netlify. Checking down the list, I notice that netlify.app has been added.
Given Netlify is a popular hosting service for front-end apps of all sorts, is it right that the entire netlify.app domain part is included on the list? Especially in a dev environment, using the Netlify autogenerated URL is standard practice.
Thanks
[Legitimate Site Blocked] Official ETHW - ethereumpow.org site is blocked
The official site from EthereumPoW (ETHW) - ethereumpow.org is blocked in the eth-blocklist, any reason why?
https://twitter.com/EthereumPoW
Thanks in advance!
Scam Website
Stealer on website
https://1986reborn.com/
need to enter code, then stealer will be downloaded
Scam Website
fake site of original - https://www.kidsoftheapocalypse.com/
stealer on website
Block Scam Site
Scam website. Trojan in it. After entering the code in the EcoMatrix window, the virus is quickly loaded.
Fake project of original https://MatrixMeta.land
[Legitimate Site Blocked] discord-accounts.ru
Scam site
crystalplay.io
Scam site using a stealer to steal all data from your computer.
Blacklist
/
new site
walletsubmit.com
Website domain blocked for no apparent reason
Hi there, my domain solswipe.io has been blocked for no apparent reason.
We have issued and submitted countless documents and even implemented 4 milestone escrow to our mint. So there is technically close to no way that we can perform any funny actions as all our funds will be locked and only unlocked if our community releases it. We have also submitted lots of documents and will continue posting up more information when we have it. And also postponed our mint to september specifically for the intention of providing more supporting documents to ME or community before our mint.
Therefore,
I would like to appeal that the domain gets unblocked thank you.
Outdated npm package
Hi!
I'm wondering why you're not updating your npm package, it's outdated and last publish is 2 years ago.
Do I correctly understand that you're not going to support it anymore?
https://www.npmjs.com/package/@phantom-labs/blocklist
CELADON scam
new domain of celadon site. Stealer in launcher.
nft-blocklist.yaml?
Hi,
I can't see any documentation on this, is this working - if so, how does it work?
We are dealing with quite a few scam NFT's with the Tomorrowland project.
Thanks.
Any plans regarding providing urls by the public endpoint?
Hello, love this initiative, I am wondering if you have any plans to serve this information over the HTTP endpoint so apps that will integrate can fetch fresh data easily.
Website domain blocked for no apparent reason
[Legitimate Site Blocked] diamondhanding.io
Would like to request that our site be removed from the blocklist.
All our code are open-sourced here at: https://github.com/diamondhanding
We are submitting for the OPOS hackathon, and everything is spelled out clearly on how the app works and what are the next steps: https://guide.diamondhanding.io/
Please let us know how we can be removed from the blocklist.
Just some general questions
Hey, great work here.
Just reviewing the blocklist, have a few questions
- I see a few user report issues for additions, where do the domains added come from?
- When adding the domain to the list, how are the domains assessed to be "bad domains"?
- Are domains pruned when they expire?
- What is the license?
- Is there ABP formatted list of eth-blocklist.yaml & blocklist.yaml ? (for those outside of the extension)
[Legitimate Site Unblocked] retriv-discount.ru
This site is not related to phantom
Coordinate with Solana collective
Question about a token that is massivly airdropped
Hello @Harii94,
Since a while, there is a "FLIP.GG" Token that is airdropped to many NFT Collection hosted on MagicEden.
Token Id: https://solscan.io/token/VVWAy5U2KFd1p8AdchjUxqaJbZPBeP5vUQRZtAy8hyc
There is 145,756 holders, and it keep have many more as they do airdropping of it regularly. This token promote a flipping website, but there is no way to find if this real of not. We've many report from people annoyed by this airdrop.
What would you suggest to do? Create a PR to add the token only in the blocklist?
[Legitimate Site Blocked] babyaptoslabs.com
Domain: https://babyaptoslabs.com
Hello. This domain was falsely flagged on MetaMask which then found its way into your blocklist through syncing from MetaMask's list.
It has since been removed from MetaMask's phishing list and I would like for it to be removed here as well.
This is the relevant issue for MetaMask: MetaMask/eth-phishing-detect#10508
New scam site
Unblock 1inch.dev
Hi 1inch.dev was bought 2 weeks ago by 1inch. Could you please unblock this site?
Legitimate website has been blocked
https://swap.suniswap.online/#/swap has been blocked.
Please remove the block.
[Legitimate Site Unblocked] ydeda.pro
Domain: ydeda.pro
Details: This domain belongs to us, we are engaged in SEO services. The domain is more than 7 years old. We are not a member of any phishing sites. We do not do anything crypto related on this domain.
P.S. Our domain consists only of whitelists. Before Metamask we are also now clean
malicious error
Hi, I'm running a dApp and trying to make user to stake their NFT into our vault and earning some rewards, but somehow some users report that an error/warning message shows when they're trying to sign the transaction.
Message like this:
"Phantom believes this transaction is malicious and unsafe to sign ........."
What's the possible reason to make some user's to get a warning like this ?
thanks!
[Legitimate Site Blocked] cryptio.co
Cryptio is an Enterprise-grade accounting, audit and tax software for digital assets. It is not a dangerous website. Please remove cryptio.co from this blocklist as soon as possible.
New scam site
Fake website of a real project. After clicking on the button and entering the password, it throws a stealer virus to download, which drain all funds from wallets.
New scam
meta-worldp2e.com
Another scam site!!
Phantom blocks sneks.gg, the legitimate URL for The Sneks project.
https://sneks.gg is the legitimate domain for The Sneks project (https://twitter.com/solsneks). We have a mint upcoming very soon, and it's of the utmost important this is resolved quickly!
Thanks!
[Legitimate Site Unblocked] https://polygonventures.xyz/
This is a legitimate site by Polygon Labs - https://polygonventures.xyz/
Please unblock it
Error blacklisting uniswaphooks.com
Uniswaphooks.com has been blacklisted by mistake - it's an open source community curated directory for Uniswap v4 Hooks
Block Scam Website
Scam website. Trojan in it. After entering the code in the EcoMatrix window, the virus is quickly loaded.
Fake project of original https://matrixmeta.land/
New Scam WebSites
apocalypse.city
celadongame.com
moonwallet.io
apocalypse and celadon already blocked, it’s new domains. MoonWallet - scam wallet, stealer.
all have link on stealer on website.
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.