To stay updated on your favorite discussions, please create an account or log in. Then, click the Bookmark icon to subscribe and receive notifications.

Dozens of alerts being received daily- 'A DNS query was blocked for a domain'

DavidCES
DavidCES W/ Member Posts: 27 Cyber Knight

Hi,

Once again, we are receiving loads of alerts for various URL's, some that I'm sure have been whitelisted previously.

I've submitted these via the submit a sample page and had no response. Below is a typical example


Here are the most recent alerts (1) from Policy Manager.

Warning: A DNS query was blocked for a domain.

From: UCL/XXXX, 2022-09-07 14:55:07 +01:00

Details: A DNS query was blocked for a domain. DNS: platform.twitter.map.fastly.net.

Best Answer

  • JamesC
    JamesC W/ Partner, W/ Staff, W/ Moderator Posts: 488 Moderator
    Answer ✓

    Hi,

    The DNS was blocked due to heuristic rules, and have now whitelisted the Domain. Can you please check again ?

Answers

  • DavidCES
    DavidCES W/ Member Posts: 27 Cyber Knight

    Thanks. Havent had any alerts for that particular url since yesterday afternoon now.


    Just received an alert for 'prod-rotation-v2.guce.aws.oath.cloud' though and again I think I've submitted this as a false positive before too.

This discussion has been closed.