Skip to content

System Status

Real-time health of vspam.org services and the scoring, review, and publication pipeline.

Partial Service Disruption

Infrastructure

Web Portal
Frontend application (vspam.org)
Checking...
REST API
Core API server (api.vspam.org)
Checking...
Database
PostgreSQL 15 — IOC storage
Checking...
Cache
Redis 7 — rate limiting & sessions
Checking...
Object Storage
MinIO — screenshot & evidence storage
Checking...
DNSBL
PowerDNS Recursor — DNS blocklist
Checking...

Scoring & Publication Pipeline

Canonical Ingest
Normalizes submissions into canonical artifacts. URL submissions collapse to domains while exact IPv4 and IPv6 host reports retain infrastructure precision.
Operational
Deterministic Scoring
Combines direct evidence, historical rollups, domain signals, ASN context, IPv6 exact-host and prefix evidence, and reporter input into explainable scores.
Operational
WHOIS/DNS Enrichment
Background enrichment gathers registrar, DNS, hosting, redirect, and targeted-brand context for submitted artifacts.
Operational
IPv6 / ASN Aggregation
Daily rollups track domain history, ASN reputation, and IPv6 /64, /56, and /48 neighborhood context for score-aware lookups and feeds.
Operational
Feed Publication
Publishes score-aware domain, IPv6 exact-host, IPv6 prefix watch, ASN reputation, and policy/context feeds with explicit selection logic.
Operational
DNSBL Zone Sync
Synchronizes DNSBL outputs for supported blocking surfaces while keeping watch and reputation feeds separate from direct-block policy.
Operational
Review & Delist Workflow
Weighted reporter review, manual overrides, and delist handling work alongside scoring to reduce false positives and keep publication state current.
Operational

Current Report Workflow

Report status transitions still use weighted community review and manual actions. Feed publication and blocking recommendations now also consider score-aware policy, but the workflow thresholds below remain the current report-status rules:

ConditionWorkflow status
1 Trusted reporter confirmsConfirmed
2 Contributor+ reporters confirmConfirmed
3 community members confirmConfirmed
1+ confirms (below threshold)Under Review
Majority rejects (2+ total votes)False Positive

Scoring Policy

Core publication decisions are deterministic and explainable. The main evidence stages are:

01
Canonical ingestActive

Convert submissions into a stable artifact. Domains are the primary phishing artifact; URL path and query detail are kept only as short-lived enrichment evidence.

02
DNS / WHOIS / hosting enrichmentActive

Resolve records, registrar, age, ASN, hosting provider, redirects, and related domain context for each artifact.

03
Deterministic scoringActive

Score direct evidence, historical observations, domain risk, IPv6 neighborhood context, and ASN reputation with explicit reasons and confidence.

04
Publication policyActive

High-confidence domains and exact hosts can be listed for blocking. IPv6 prefix and ASN feeds are published primarily as watch or reputation context.

05
Community review and delist handlingActive

Reporter trust, voting, manual review, and delist requests help resolve ambiguous cases and prevent persistent false positives.

Status checks run on page load. For real-time monitoring, contact ops@vspam.org
For scoring, feed publication, and review policy details, see Methodology.

About vspam.org system status

This page provides real-time health monitoring for all vspam.org services. Each component is polled every 30 seconds and displays current latency, uptime percentage, and error state. All timestamps are UTC.

Monitored services

Incident reporting

If you are experiencing issues not reflected on this page, contact support@vspam.org. For integrators, the API returns a health check at GET /health that can be used in your own monitoring pipeline. See the API documentation for details.