eitanc 2 Posted January 25, 2018 Share Posted January 25, 2018 Hi, Your online scanner that run on Windows, access a host name of "onlinescanner.eset.com:80" and path of "/query/chsquery.php", but the request is like: POST hxxp://onlinescanner.eset.com/query/chsquery.php Content-Type: multipart/form-data; boundary=------------------------[random string with timestamp] Host: onlinescanner.eset.com:80 Content-Length: 1987 While in usual request the payload for the HTTP method (POST in this case) is the relative path from the root, using a full URL instead, which is typical for a proxy activity. This cause web gateways/IPS systems - to flag it as proxy activity and usually block it, when proxy is prohibited as part of the security policy. So, please change this behavior and use relative path to have a normal request, non-proxy one. Thanks! Link to comment Share on other sites More sharing options...
ESET Moderators Peter Randziak 1,130 Posted January 25, 2018 ESET Moderators Share Posted January 25, 2018 Hello, thank you for your report, I opened a ticket with the devs to check it. Regards, P.R. Link to comment Share on other sites More sharing options...
eitanc 2 Posted January 25, 2018 Author Share Posted January 25, 2018 Greath Peter! Thank you! I will be glad if you will post here the results once you know them. Thank you. Link to comment Share on other sites More sharing options...
Recommended Posts