Dozens of alerts being received daily- 'A DNS query was blocked for a domain'

DavidCES

Hi,

Once again, we are receiving loads of alerts for various URL's, some that I'm sure have been whitelisted previously.

I've submitted these via the submit a sample page and had no response. Below is a typical example

Here are the most recent alerts (1) from Policy Manager.

Warning: A DNS query was blocked for a domain.

From: UCL/XXXX, 2022-09-07 14:55:07 +01:00

Details: A DNS query was blocked for a domain. DNS: platform.twitter.map.fastly.net.

JamesC

Hi,

The DNS was blocked due to heuristic rules, and have now whitelisted the Domain. Can you please check again ?

DavidCES

Thanks. Havent had any alerts for that particular url since yesterday afternoon now.

Just received an alert for 'prod-rotation-v2.guce.aws.oath.cloud' though and again I think I've submitted this as a false positive before too.