What is IP address threat level?
ClickGUARD analyzes many aspects of an IP address in order to assess if an IP address is a known threat. This includes fetching IP information from various anti-fraud, geo-location and blacklist services. That means ClickGUARD is able to learn if an IP address is:
an anonymous proxy (exit address for anonymizing services such as HTTP/Socks proxies, VPNs or Tor)?
a fake crawler (Suspicious web scraper impersonating popular and legitimate crawlers)
a port scanner (port scanning as in the common way to search for exploitable security vulnerabilities in running network services)
an attack source (known source of various cyber attacks), including the type of the attack (web, mail, ssh, ftp, sip, etc.)
hosting a bot (part of a malicious botnet), including botnet type (bad, brute force, scan, spam, referrer spam, etc.)
blacklisted for any other fraud or abuse related reason
By cross-referencing the information about an IP address across multiple services ClickGUARD is able to determine the threat level and classify it as:
low - the default for IP addresses not associated with bad behavior
medium - high probability for unwanted ad clicks
high - high probability for abusive, disruptive and fraudulent ad clicks
an anonymous proxy (exit address for anonymizing services such as HTTP/Socks proxies, VPNs or Tor)?
a fake crawler (Suspicious web scraper impersonating popular and legitimate crawlers)
a port scanner (port scanning as in the common way to search for exploitable security vulnerabilities in running network services)
an attack source (known source of various cyber attacks), including the type of the attack (web, mail, ssh, ftp, sip, etc.)
hosting a bot (part of a malicious botnet), including botnet type (bad, brute force, scan, spam, referrer spam, etc.)
blacklisted for any other fraud or abuse related reason
By cross-referencing the information about an IP address across multiple services ClickGUARD is able to determine the threat level and classify it as:
low - the default for IP addresses not associated with bad behavior
medium - high probability for unwanted ad clicks
high - high probability for abusive, disruptive and fraudulent ad clicks
Updated on: 24/02/2023
Thank you!