Strengthening trust and safety across the internet
Spamhaus Project is the authority on IP and domain reputation. This intelligence enables us to shine a light on malicious activity, educate and support those who want to change for the better and hold those who don't to account. We do this together with a like-minded community.
Are you listed in one of Spamhaus' blocklists?
Do you have problems sending email? Do you need to check if an IP address or domain name is on one of our blocklists?
Submit malicious activity to the Threat Intel Community Portal
Be part of our community; share IPs, domains, URLs or raw source of potentially malicious activity or threats.
SubmitSpotlight on Spamhaus data reputation statistics
Last updated: 29th July 2025Countries
Networks
gTLDs
ccTLDs
Registrars
Countries
News feed
Some miscreants come and go - others stay in business for years. An example of the latter is a prolific IP hijacking operation using AS398770 (Twisted Computing Incorporated 🇺🇸) since January, among others. At this time, AS398770 announces hijacked IPv4 networks allocated to 🇨🇱-based Adexus S.A., first hitting our radar in late May. 📡
In the past, we also observed botnet controller hosting at AS398770, as well as more IP hijacking incidents, networks impersonating tier-1 US ISPs, and snowshoe spam.
Involved personas are no strangers at all: Their nefarious activity goes back until 2011 and the (still unresolved) IP hijacking case involving US defense contractor Planning Research Corporation:
👉 https://check.spamhaus.org/results?que...ry=SBL101196
Investigating IP hijacking incidents often requires classic detective work, such as sifting through commercial registers, tracing back network assets of defunct companies, and working with those that are still in business to reclaim their stolen digital goods. 🕵
More information on this topic, and how to protect your network against hijacking and other hijacks (hint: DROP and ASN-DROP 😉), is available here:
Some miscreants come and go - others stay in business for years. An example of the latter is a prolific IP hijacking operation using AS398770 (Twisted Computing Incorporated 🇺🇸) since January, among others. At this time, AS398770 announces hijacked IPv4 networks allocated to 🇨🇱-based Adexus S.A., first hitting our radar in late May. 📡
In the past, we also observed botnet controller hosting at AS398770, as well as more IP hijacking incidents, networks impersonating tier-1 US ISPs, and snowshoe spam.
Involved personas are no strangers at all: Their nefarious activity goes back until 2011 and the (still unresolved) IP hijacking case involving US defense contractor Planning Research Corporation:
👉 https://check.spamhaus.org/results?que...ry=SBL101196
Investigating IP hijacking incidents often requires classic detective work, such as sifting through commercial registers, tracing back network assets of defunct companies, and working with those that are still in business to reclaim their stolen digital goods. 🕵
More information on this topic, and how to protect your network against hijacking and other hijacks (hint: DROP and ASN-DROP 😉), is available here: