Scanning URLs
Use the Scan screen to check a list of up to 10 website URLs for potential threats without exposing yourself to those threats. For example, if a customer reports phishing attempts using your company’s brand, you can safely check the URL related to that attempt.
This feature is intended for use with websites only. If you want to scan a social media site or app store, use the corresponding Bolster module.
Step 1: Choose up to 2 IP locations (proxies)
Using different locations for the scanner IP enables you to probe geo-fencing of scam sites. For example, a scam site phishing Australian users might prevent US users from discovering the site.
Step 2: Select a user agent (optional)
Specifying different user agents for the same site enables you to probe scam sites that are phishing users on Windows laptops, but not iOS devices.
Step 3: Select a timeout for page scans (optional)
If previous scans have timed out, use the slider to adjust the amount of time to spend scanning a page.
Step 4: Enter the URLs to be scanned
Enter up to 10 website URLs, each on a separate line. For example, you might enter multiple variants of the domains you own.
Note: Only websites are supported. Do not try to scan social media or other specialized URLs.
Step 5: Review results
Once the scan is finished, scroll down to review the results. The key fields of interest are:
- Disposition
- Category
See Dispositions for Websites for more information on each type of disposition. See Intent Categories for more information on each category.
Step 6: Respond to Dispositions (optional)
You have the option to respond to dispositions by:
- disputing dispositions
- requesting a takedown
Disputing Dispositions
If you disagree with a disposition, you can dispute a verdict. Just select the card for the URL and click Dispute Disposition.
Use the displayed form to provide the information we need to reconsider the disposition.
Submitting the form creates a customer ticket and sends it to the Bolster support desk for review. You do not need to create a separate customer support ticket. If you are logged into your Bolster account, the dispute ticket will include your email address for a response or follow up by Bolster.
Requesting a Takedown
All sites marked as phish will automatically get takedowns sent out to the ISP/Hosting Provider on a daily cadence. If you need an immediate takedown sent, click Request Takedown.
Use the displayed form to provide supporting information and indicate whether you want to report the site to available security sources.