Skip to content
  • Register

    • Protection - Malware/ Firmware/etc.

    Protection - Malware/ Firmware/etc.

    What is 'rtb2-useast.evolution.ai'?

    edited January 28 in Protection - Malware/ Firmware/etc.

    I am getting a suspicious connection blocked notification and I am unable to determine what it is. The notification is as follows: chrome.exe attempted to establish a connection relying on an expired certificate to rtb2-useast.e-volution.ai. We blocked the connection to keep your data safe since websites must renew their certificates with a certification authority to stay current, and outdated security certificates represent a risk. Can anybody assist with determining what this is and should I be concerned?

    Welcome!

    It looks like you're new here. Sign in or register to get started.
    Sign In
    Register

    Answers

    • admin

      Hello,

      That's a legitimate detection since that certificate is expired:

      https://www.sslshopper.com/ssl-checker.html#hostname=rtb2-useast.e-volution.ai.

      Bitdefender’s Online Threat Prevention module may alert you when you try to visit a secured website (HTTPS) with an invalid security certificate. It tends to be websites with lots of ads, such as news websites, and analytics companies with an expired certificate trying to establish a connection.

      If you've determined that the site triggering the notification is safe and you want to access it despite the SSL certificate issue, you can add an exception for the website in Bitdefender - Protection - Online Threat Prevention - Manage Exceptions.

      More information on this type of notification can be found here:

      https://www.bitdefender.com/consumer/support/answer/2471/

      I hope this helps.

      Regards,

      Alex

      Premium Security & Bitdefender Endpoint Security Tools user

    • Mr

      I have the the same message shown in my notification board just a few days ago. Thank for the the explanation as it cleared some questions, at least on my side. Cheers.

    • admin

      You're most welcome @jptaisie, I'm glad to hear you've found some useful information here, and I appreciate your feedback. 😊

      Premium Security & Bitdefender Endpoint Security Tools user

    • How do I determine which site is triggering this?

    • admin
      edited April 3

      Pay attention to when the detection occurs, does it happen whenever you open your browser, or when navigating on a specific page, etc. In any case, a browser reset and removing any unwanted and unknown extensions from it should be enough, as these redirects are usually browser related.
      Or, a website that you are visiting has sub-domain URLs (used for their newsletters, promotional campaigns, tracking, etc.) and sometimes, these can use certificates with another name than the domain used by the website, and this may trigger the notification multiple times in a short period of time, since there would be a certificate mismatch in this scenario.

      Premium Security & Bitdefender Endpoint Security Tools user

    • I'm getting blocked from my Yahoo account too with a message stating "somethings wrong" I thought that might be the culprit

    • admin

      I think that's a different issue.. are you also using a VPN by any chance?

      Premium Security & Bitdefender Endpoint Security Tools user

    • You are correct. I figured out the site it's listed on a report. I am using a VPN

    Welcome!

    It looks like you're new here. Sign in or register to get started.
    Sign In
    Register

    Welcome!

    It looks like you're new here. Sign in or register to get started.
    Sign In
    Register

    Quick Links

    All Time Leaders

    Categories

    Defenders of the month - March