Jump to content

Lets Encrypt Internal Blacklist block


jdashn
Go to solution Solved by Marcos,

Recommended Posts

As of this morning i'm getting a lot of alerts across the orginization for:

hxxp://ocsp.int-x3.letsencrypt.org/MFMwUTBPME0wSzAJBgUrDgMCGgUABBR+5mrncpqz/PiiIGRsFqEtYHEIXQQUqEpqYwR93brm0Tm3pkVl7/Oo7KECEgRY8NzrWAjZ4J4grl19QqsePQ=

For each alert the last bit of the address changes, but this part is the same:
hxxp://ocsp.int-x3.letsencrypt.org/MFMwUTBPME0wSzAJBgUrDgMCGgUABBR+5mrncpqz/PiiIGRsFqEtYHEIXQQUqEpqYwR93brm0Tm3pkVl7/Oo7KECEg

They all also have a target address of :

104.91.166.211

Just wondering if there is more information on this, what might be causing it, if this is an indicator of a primary infection, etc.

 

Thank you!!

Jdashn

 

Link to comment
Share on other sites

Same here. One of the applications I use for a long time obviously tries to validate a letsencrypt certificate via OCSP. Looks like a false entry has made it to the internal ESET blacklist.

Edited by NFear
Link to comment
Share on other sites

Same problem here.  Either X-Plane 11 or some plug-in for it attempts to contact "...ocsp.int-x3.letsencrypt.org..." but gets blocked by ESET Internet Security.

Must be recent change as I've not changed X-Plane for several weeks.

 

 

Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...