What is 'rtb2-useast.evolution.ai'?

DannyDPGH · 2025-01-24T22:51:34+00:00

There was an error rendering this rich post.

I am getting a suspicious connection blocked notification and I am unable to determine what it is. The notification is as follows: chrome.exe attempted to establish a connection relying on an expired certificate to rtb2-useast.e-volution.ai. We blocked the connection to keep your data safe since websites must renew their certificates with a certification authority to stay current, and outdated security certificates represent a risk. Can anybody assist with determining what this is and should I be concerned?

Find more posts tagged with

Accepted answers

All comments

Alexandru_BD

Hello,

That's a legitimate detection since that certificate is expired:

https://www.sslshopper.com/ssl-checker.html#hostname=rtb2-useast.e-volution.ai.

Bitdefender’s Online Threat Prevention module may alert you when you try to visit a secured website (HTTPS) with an invalid security certificate. It tends to be websites with lots of ads, such as news websites, and analytics companies with an expired certificate trying to establish a connection.

If you've determined that the site triggering the notification is safe and you want to access it despite the SSL certificate issue, you can add an exception for the website in Bitdefender - Protection - Online Threat Prevention - Manage Exceptions.

More information on this type of notification can be found here:

https://www.bitdefender.com/consumer/support/answer/2471/

I hope this helps.

Regards,

Alex

PHJAMT

I have the the same message shown in my notification board just a few days ago. Thank for the the explanation as it cleared some questions, at least on my side. Cheers.

Alexandru_BD

You're most welcome @jptaisie, I'm glad to hear you've found some useful information here, and I appreciate your feedback. 😊

Cathy Bauch

How do I determine which site is triggering this?

Alexandru_BD

Pay attention to when the detection occurs, does it happen whenever you open your browser, or when navigating on a specific page, etc. In any case, a browser reset and removing any unwanted and unknown extensions from it should be enough, as these redirects are usually browser related.
Or, a website that you are visiting has sub-domain URLs (used for their newsletters, promotional campaigns, tracking, etc.) and sometimes, these can use certificates with another name than the domain used by the website, and this may trigger the notification multiple times in a short period of time, since there would be a certificate mismatch in this scenario.

Cathy Bauch

I'm getting blocked from my Yahoo account too with a message stating "somethings wrong" I thought that might be the culprit

Alexandru_BD

I think that's a different issue.. are you also using a VPN by any chance?

Cathy Bauch

You are correct. I figured out the site it's listed on a report. I am using a VPN

sumo813

I constantly get things blocked and the messages are vague. I also just got the message indicating rtb2-useast.e-volution.ai was blocked. For determining which site, I'd say that's tough when multiple tabs are open all the time (bad habit). Anyhow, this is just more of an "I wish alerts were more detailed" comment.

Alexandru_BD

Hi @sumo813,

I think it's probably the same certificate detection and the one previously reported. Check my previous comments on this. The alert should come from the OTP module, more specifically the Encrypted web scan feature.