This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences

Base url category is different from sub url category the traffic was under allow need to know why it was not blocked

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Base url category is different from sub url category the traffic was under allow need to know why it was not blocked

Go to solution
Vijaygvasan
L3 Networker

‎04-27-2021 02:13 AM

Hi Team,

 

Below screenshot states that the base url firebasestorage.googleapis.com comes under content delivery network and the sub Url comes under phishing where customer wants to know why they were not blocking by the firewall.

Also while im checking with the Virsutotal the below urls have been mentioned as phishing. I just wanted to know how to take forward with this. By creating a deny rule on url category or kindly need you assistance here.

Vijaygvasan_1-1619514107687.png

Vijaygvasan_0-1619514053553.png

thanks in advance

0 Likes Likes
1 accepted solution

Accepted Solutions

Go to solution
Vijaygvasan
L3 Networker
In response to hisingh

‎04-28-2021 09:23 PM

Hi Team,

 

Today i just checked with the same site under test-a-site where the risk level as well as the category has been changed.

Thanks guys for assisting.

Vijaygvasan_0-1619669566550.png

 

Regards.

I hope now the

View solution in original post

3 REPLIES 3

Go to solution
Vijaygvasan
L3 Networker

‎04-28-2021 05:42 AM

Hi Team,

 

I just want to know whether this specific urls are phishing or not and how to take it forward. Like blocking the url using url category with decryption enabled?

could that be a solution for all type of email phishing as well?

Regards

0 Likes Likes

Go to solution
hisingh
L4 Transporter

‎04-28-2021 12:29 PM

Hello @Vijaygvasan 

 

A Top-level Domain ( TLD) can have a different priority than a URL.  The reason is a TLD can host many URLs, and sub-domains that may or may not be phishing, malware category. The site may be multi-hosting, where different users are using TLD.

As a next step, you can make a "request change " on this URL by using test-a-site,  and our team will check and give you response back. 

Best

Himani

Himani Singh

Go to solution
Vijaygvasan
L3 Networker
In response to hisingh

‎04-28-2021 09:23 PM

Hi Team,

 

Today i just checked with the same site under test-a-site where the risk level as well as the category has been changed.

Thanks guys for assisting.

Vijaygvasan_0-1619669566550.png

 

Regards.

I hope now the

  • 1 accepted solution
  • 3700 Views
  • 3 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!

LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2024 - Palo Alto Networks