Hi, received a few complaints from users reporting that they could not use their Wechat messaging services (web / desktop versions). Upon inspection, noticed a few logged calls to unknown IP addresses.
An example is: http://14.17.42.45/cgi-bin/micromsg-bin/newreportkvcomm
Visiting http://14.17.42.45 shows the Wechat website (though Chrome marks it as phishing as well).
Some IPs I've noticed:
[ol]Not sure what Fortinet engineers can help to check on this? Otherwise its maintenance hell having to check and update this list. I'm currently setting a bypass for these IPs.
Setting WebFilter -> Overwrite Rating for these IPs didn't work for me.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.