Blocked and Unresolved

[DaveB-Opt 0]

We're getting lots of blocked notifications which are showing as unresolved. 

1. Is this normal behaviour?

2. Lots of them are going to one domain name. What can we do to mitigate? 

See messages below

 

More details

Hash

A57DF2FDEBBCE21F5E1913B73797DF0B50BFA03E

Uniform Resource Identifier (URI)

https://hardyload.com

Process name

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

Event

An attempt to connect to URL

Rule

Blocked by internal blacklist

Scanner

HTTP filter

Target address

172.64.205.27

[mxp 0]

As you see, the URL that was tried is blocked by ESET's internal blacklist. Without researching the link, i'd say that it will have it's reasons to why it's blocked by ESET.

If this is an URL your users need to get access to, you can manually set the policy to allow connections to that specific URL.

The event gets logged as "unresolved" as you as the admin haven't checked the problem yet. Basically ESETs way of saying "Hey, we did something for you, maybe you wanna have a look on it real quick?"


You should be fine, nothing to worry about here.

[Nightowl 202]

 

If you have the ability to block it from your hardware firewall , you can save ESET the struggle.

[Marcos 5,070]

A link to the blocked domain is injected in legitimate websites that were compromised.