Status:  Production
IPv4, IPv6

Cloud DNS:  <key>
Rsync File
:  lists/

Return Codes:,
Test Points
:,, ::FFFF:7F00:2, ::FFFF:7F00:3

Listing duration:  Approximately 5.2 days from when traffic was last seen 


This list contains the IP addresses of hosts that have sent email to our “pristine” traps (only our trap domains that have never been used for genuine mail) along with some network entries that we manually maintain.  

Common causes for being listed here include compromised accounts, infected hosts, botnets, spam gangs, purchased email address lists, poor sign-up processes, bad webforms, open proxies, TOR exit nodes and VPNs

Any matching IP address found by this data will return

Additionally, there is also some automated heuristics which use all of our trap network and partner transaction feeds to look for IP addresses with very low reputation and IPs found in this data will return

This list can also be safely used to check each  "Received" header hop found within a message.

Example query:

$ host<key><key> has address<key> has address

Did this answer your question?