Security Concern: Potentially Malicious IPs Detected in Libre Tube

[ghost]

Steps to reproduce

.

Expected behavior

Issue Description:
During a security analysis of the LibreTube app using VirusTotal, I noticed that the app communicates with certain IP addresses that have been flagged for malicious activity. The detailed report shows detections on multiple IPs associated with AS13335 (Cloudflare) and a Suricata IDS alert for an invalid timestamp.

https://www.virustotal.com/gui/file/83619facf4bdadb642e417028d37768638591e8138c7eb8f5d87e232b14e5530/detection

Question:
Do I need to be concerned about these findings, or is it safe to install and use the app?

I appreciate your time in reviewing this issue!

Best regards

Actual behavior

.

LibreTube version

0.27.1

Android version

13

Other details

No response

Acknowledgements

• I have searched the existing issues and this is a new ticket, NOT a duplicate or related to another open issue.
• I have written a short but informative title.
• I will fill out all of the requested information in this form.

[Bnyro]

I'm not sure where these IPs come from, my only guess would be that as some instances (e.g. kavin.rocks) are behind a Cloudflare reverse proxy, it's possible that these IPs are shared among different Cloudflare users. Thus they could have been flagged malicious as different, unrelated people have been abusing these Cloudflare services.

If you visit one of the IPs, Cloudflare tells you that it's part of its network and associated with multiple different hostnames/servers.