Some browsers (Chrome and Firefox, for example) automatically retry a connection to a website if they encounter a failure. When a browser retries connections, websites that are blocked by the SEDR: Network appliance, or by an endpoint security product such as Symantec Endpoint Protection, may show up as 2 convictions that occur simultaneously on the same endpoint. This is because the appliance detects two distinct attempts to go to the blocked site.