System Status

Real-time health of vspam.org services and processing pipeline.

Partial Service Disruption

Infrastructure

Web Portal
Frontend application (vspam.org)
Checking...
REST API
Core API server (api.vspam.org)
Checking...
Database
PostgreSQL 15 — IOC storage
Checking...
Cache
Redis 7 — rate limiting & sessions
Checking...
Object Storage
MinIO — screenshot & evidence storage
Checking...
DNSBL
PowerDNS Recursor — DNS blocklist
Checking...

Processing Pipeline

Verdict Engine
Community consensus evaluation — confirms or rejects reports based on weighted votes from trusted, contributor, and new reporters
Operational
AI Analysis
Automated threat scoring — URL heuristics, domain age analysis, DNS enrichment, phishing pattern detection
Operational
WHOIS/DNS Enrichment
Background worker — auto-lookups registrar, DNS records, hosting info for every submission
Operational
Feed Generator
STIX 2.1, CSV, JSON feed generation — rebuilds periodically from confirmed IOCs
Operational
DNSBL Zone Sync
RPZ zone file generator — syncs confirmed domains to PowerDNS blocklist
Operational
Credit System
Reputation engine — awards points for submissions, votes, and accurate reports
Operational

Verdict Engine

The Verdict Engine evaluates community votes using a weighted consensus algorithm. Reports are automatically confirmed or rejected based on the following thresholds:

ConditionResult
1 Trusted reporter confirmsConfirmed Phishing
3 Contributor+ reporters confirmConfirmed Phishing
5 community members confirmConfirmed Phishing
1+ confirms (below threshold)Under Review
Majority rejects (3+ total votes)False Positive

AI Analysis Pipeline

Every submission is automatically analyzed by our threat intelligence pipeline:

01
DNS EnrichmentActive

Resolves A, AAAA, MX, NS, TXT records. Identifies hosting provider and IP geolocation.

02
WHOIS AnalysisActive

Looks up domain registrar, creation date, expiry, and registrant. Calculates domain age — newly registered domains are flagged as higher risk.

03
URL HeuristicsActive

Scores URLs based on suspicious TLD, path entropy, brand impersonation patterns, homograph detection, and known phishing keywords.

04
Site Status ProbingPlanned

Checks if reported URLs are still live, redirecting, or taken down. Tracks time-to-takedown metrics.

05
Screenshot AnalysisPlanned

Captures page screenshots via headless browser. Detects login forms, brand logos, and urgency language for phishing classification.

06
Phishing Kit DetectionPlanned

Fingerprints HTML structure to identify known phishing kits. Clusters similar phishing pages across submissions.

Status checks run on page load. For real-time monitoring, contact ops@vspam.org