Web Access Protection - A Concern

[itman 1,659]

When checking out a screen shot posting on a file share site in a security forum I frequent, hxxps://imx.to/i/1yj02x , Eset detected what appears to be redirect to a malicious porn site based on what other forum posters related:

Time;URL;Status;Application;User;IP address;SHA1
2/12/2019 4:27:17 PM;https://afeuvqrsswz.com;Blocked by internal IP blacklist;C:\Program Files\internet explorer\iexplore.exe;XXX-XX\XXXX-XXX;216.21.13.15;021415D73D02C6247001BAD6E5C9BC6E220F34FC

Eset displayed the above as a small desktop popup alert upon access to the web page. However, the file share web page was still displayed. At that point and knowing better, I should have exited the web site. Instead, I clicked on a "Continue" link displayed which resulted in a locked flashing browser screen with a loud alarm sounding, a voice stating I was infected with malware, and a phone number I needed to call to resolve the issue. Obviously, this was fake malware and I resolved it without issue. However, an average user might have been duped into responding to the fake malware. 

My question is should Eset not have blocked the file share web page from displaying or terminated its connection thereafter at initial IP blacklist detection time? 

Edited February 16, 2019 by itman

[Marcos 5,072]

10 minutes ago, itman said:

My question is should Eset not have blocked the file share web page from displaying or terminated its connection thereafter at initial IP blacklist detection time? 

I assume that the file share web page is not malicious but it was a malicious iframe, ad or whatever that was blocked.

[itman 1,659]

3 minutes ago, Marcos said:

I assume that the file share web page is not malicious but it was a malicious iframe, ad or whatever that was blocked.

That sounds reasonable but I would recommend that a full Eset alert be displayed which would allow the user to terminate the web page connection.