This just started.
I open Firefox and immediately get two blocked URL detections for the same URL;
Time;URL;Status;Detection;Application;User;IP address;Hash
5/22/2024 3:56:32 PM;http://x2.c.lencr.org;Blocked;Internal blacklist;C:\Windows\System32\svchost.exe;NT AUTHORITY\NETWORK SERVICE;2600:1407:7400:d86::21cc;E4E3F6BBAD17B41A42687B3D75ADE4A10B0870EC
Time;URL;Status;Detection;Application;User;IP address;Hash
5/22/2024 4:02:34 PM;http://x2.c.lencr.org;Blocked;Internal blacklist;C:\Windows\System32\svchost.exe;NT AUTHORITY\NETWORK SERVICE;23.44.77.91;E4E3F6BBAD17B41A42687B3D75ADE4A10B0870EC
Later got another alert for the IPv6 address detection.
I cleared Firefox cache and history and so far no more alerts.
The IP address resolves to Akamai.
Well, the block was based on an actual malicious redirector on http://x2.c.lencr.org (it's not there any more) but we're investigating why this url was blacklisted as it shouldn't have been despite the malware detection.
