To request a change of IP Address Reputation, simply fill out and submit the form below.
Our Web Analysts typically process all requests within 24 - 48 hours after they are received. If you check the Receive Notifications box on the request page, you will receive two emails from us - the first acknowledging that we received your request, and the second after it has been processed and updates published to our systems. There may be an additional delay in receiving your data updates depending on how frequently your specific product gets updates from BrightCloud. Additionally, Palo Alto Networks customers may have to do a "cache flush" for their change to take effect.
The Windows Exploits category includes active IP addresses offering or distributing malware, shell code, rootkits, worms or viruses.
The Web Attacks category includes cross site scripting, iFrame injection, SQL injection, cross domain injection, or domain password brute force attack.
The Botnets category includes Botnet C&C channels, and infected zombie machines controlled by Bot master.
The Scanners category includes all reconnaissance such as probes, host scan, domain scan, and password brute force attack.
The Denial of Service category includes DOS, DDOS, anomalous sync flood, and anomalous traffic detection.
The Reputation category denies access from IP addresses currently known to be infected with malware. This category also includes IPs with average low Webroot Reputation Index score. Enabling this category will prevent access from sources identified to contact malware distribution points.
The Phishing category includes IP addresses hosting phishing sites and other kinds of fraud activities such as ad click fraud or gaming fraud.
The Proxy category includes IP addresses providing proxy services.
The Spam Sources category includes tunneling spam messages through a proxy, anomalous SMTP activities, and forum spam activities.