How to know why IP is on the black list?

Hello guys

When we acess pages which are proteceted by CloudFlare web firewall from our office, we are getting the “One more step Captcha Verification”. It seems that our office IP was put on some kind of black-list.

Is there way to know why we were put on the black-list? Can we contact cloudflare support? Can we for example pay for this information?

Btw is it possible that subnet with our IP was put on the blac-list or is it always just 1 single IP. We already run some simple network-wide scans for infected devices but didn’t find anything. Knowing the reason why we were put on the black-list could help us determine the source of the issue.

Thank you very much
Petr

Nope. Check your network for any malicious activity.

Almost useless in this case.

Of course. Cloudflare has a firewall feature that allows owners to challenge single IPs, net ranges, ASNs or even whole countries. You could even be violating WAF rules.

1 Like

Hi @vecera.petr, as @MarkMeyer mentions, support cannot really help you with this issue. In addition to the tip mentioned above, there are some resources in this tip, Community Tip - Tools and Resources that may be helpful:

IP Reputation
IP Reputation Investigation
Project Honey Pot

1 Like

Thank you guys. We have checked the IP on the services and everything seems to be OK. Do you know any open-source / free software which we can deploy in our network or trough which you can tunnel your traffict to find out if there are connections to some malicious sites?

Thank you

This topic was automatically closed after 30 days. New replies are no longer allowed.