Any help with this would be appreciated.
SOA reports frequent blocking of these two sites on one machine over several days. The URLs are probably randomly-generated by something; they are not sites that the user deliberately navigates to. Perhaps they are contacted by either a commonly-used webmail or banking site.
I can’t get to the sites; the first attempt results in an avast message indicating the sites are blocked. Subsequent attempts simply generate a browser error indicating it can’t connect to the site, with no avast message.
The URLs are:
http://cd5c5c.com/q
http://f08080.com/q
If these are being invoked as part of normal communication with either a webmail or online banking site, then I would suggest they are probably false positives.
But if any of you who have access to online analysis methods can respond, I’d appreciate it.
Thanks.