jdashn 12 Posted December 1, 2020 Share Posted December 1, 2020 As of this morning i'm getting a lot of alerts across the orginization for: hxxp://ocsp.int-x3.letsencrypt.org/MFMwUTBPME0wSzAJBgUrDgMCGgUABBR+5mrncpqz/PiiIGRsFqEtYHEIXQQUqEpqYwR93brm0Tm3pkVl7/Oo7KECEgRY8NzrWAjZ4J4grl19QqsePQ= For each alert the last bit of the address changes, but this part is the same: hxxp://ocsp.int-x3.letsencrypt.org/MFMwUTBPME0wSzAJBgUrDgMCGgUABBR+5mrncpqz/PiiIGRsFqEtYHEIXQQUqEpqYwR93brm0Tm3pkVl7/Oo7KECEg They all also have a target address of : 104.91.166.211 Just wondering if there is more information on this, what might be causing it, if this is an indicator of a primary infection, etc. Thank you!! Jdashn aparker 1 Link to comment Share on other sites More sharing options...
NFear 1 Posted December 1, 2020 Share Posted December 1, 2020 (edited) Same here. One of the applications I use for a long time obviously tries to validate a letsencrypt certificate via OCSP. Looks like a false entry has made it to the internal ESET blacklist. Edited December 1, 2020 by NFear aparker 1 Link to comment Share on other sites More sharing options...
Administrators Solution Marcos 3,836 Posted December 1, 2020 Administrators Solution Share Posted December 1, 2020 The FP should be already resolved. You can enforce update of the blacklist by rebooting the machine. aparker and jdashn 2 Link to comment Share on other sites More sharing options...
zetafiddler 0 Posted December 1, 2020 Share Posted December 1, 2020 Same problem here. Either X-Plane 11 or some plug-in for it attempts to contact "...ocsp.int-x3.letsencrypt.org..." but gets blocked by ESET Internet Security. Must be recent change as I've not changed X-Plane for several weeks. Link to comment Share on other sites More sharing options...
jdashn 12 Posted December 1, 2020 Author Share Posted December 1, 2020 Awesome!! thanks a ton to both of you for your quick replies! aparker 1 Link to comment Share on other sites More sharing options...
zetafiddler 0 Posted December 1, 2020 Share Posted December 1, 2020 Thanks Marcos, awesome response! Link to comment Share on other sites More sharing options...
Recommended Posts