Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 9 replies
  • Subscribers 27 subscribers
  • Views 894 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Web Proxy and URL Blocked as executable file

Mathias Reitinger

Can someone please test if the following URL is getting blocked if you have enabled Block executable files

This is no file download, just a redirection to another url.

http://track.idealsvdr.com/track/click/30364798/www5.idealsvdr.com?p=eyJzIjoiaXcxSVhFWnVxb0

If i remove from the FileType definition the extension com, the url is working. 



This thread was automatically locked due to age.
Parents
  • FormerMember
    0 FormerMember

    Hi ,

    Thank you for reaching out to the Community! 

    I tried to access the URL in my LAB without the web filtering and I got the following error: 

    However, with the default web filtering profile, the access to the URL is blocked for the following reason: 

    awarrenhttp_access.log:1610716850.213728400 [ 8491/0x7f8d49097000] fwid=3 fwflag="V" iap=12 aap=0 conn_id=2920231552 id="0060" name="web request blocked, at request phase" action="block" method="GET" srcip="10.0.1.6" dstip="54.209.22.5" user="" statuscode=403 cached=0 trxlen=0 rxlen=0 url="">track.idealsvdr.com/.../www5.idealsvdr.com referer="" type="" upload_file_name="" upload_file_type="" download_file_name="" download_file_type="" authtime=0 dnstime=13032 cattime=216 avscantime=0 fullreqtime=1015095 ua="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.141 Safari/537.36" activity="Risky Downloads" av_transaction_id="" categoryname="General Business" category="6" app_id=0 app_name="None" app_cat="None"  exceptions="" reason="acl primary match File Ext URL on Executable Files, acl secondary match Activity on Risky Downloads"

    Is this a legitimate URL that you’re able to access without web filtering or bypassing the firewall? 

    Thanks,

Reply
  • FormerMember
    0 FormerMember

    Hi ,

    Thank you for reaching out to the Community! 

    I tried to access the URL in my LAB without the web filtering and I got the following error: 

    However, with the default web filtering profile, the access to the URL is blocked for the following reason: 

    awarrenhttp_access.log:1610716850.213728400 [ 8491/0x7f8d49097000] fwid=3 fwflag="V" iap=12 aap=0 conn_id=2920231552 id="0060" name="web request blocked, at request phase" action="block" method="GET" srcip="10.0.1.6" dstip="54.209.22.5" user="" statuscode=403 cached=0 trxlen=0 rxlen=0 url="">track.idealsvdr.com/.../www5.idealsvdr.com referer="" type="" upload_file_name="" upload_file_type="" download_file_name="" download_file_type="" authtime=0 dnstime=13032 cattime=216 avscantime=0 fullreqtime=1015095 ua="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.141 Safari/537.36" activity="Risky Downloads" av_transaction_id="" categoryname="General Business" category="6" app_id=0 app_name="None" app_cat="None"  exceptions="" reason="acl primary match File Ext URL on Executable Files, acl secondary match Activity on Risky Downloads"

    Is this a legitimate URL that you’re able to access without web filtering or bypassing the firewall? 

    Thanks,

Children