The Abuse Reports API was created for sending abuse detection reports for domains and/or hosting services associated with Namecheap. It can be used by cybersecurity entities that qualify as Trusted Providers, specializing in detecting and verifying phishing/fraud attacks.
The API is a privilege and issued at Namecheap’s sole discretion.
If you would like to qualify as a Trusted Provider and use the API to report phishing/fraud to us, please email email@example.com.
1. Submitting and Acceptable Use of the Abuse Reports API. You agree that you will:
- Verify before submission that the links you submit via the API are concerned with phishing/fraud attacks.
- Attach a screenshot to the report you submit as proof of an attack.
- Use the API only to report phishing/fraud attacks. Reports for other types of abuse should be submitted using regular channels. Read How and where can I file abuse complaints? for more information.
- Check the report you submit via the API fits the agreed format.
- Refrain from requesting email or ticket updates on your submissions. Updates may be possible by making a special API call.
2. Namecheap. You acknowledge and understand that Namecheap:
- Independently verifies the reported services and takes action at its discretion.
- Has no obligation to update you on the report status, but you will be able to retrieve this information from your side if this is required.
- Does not guarantee continuous access and/or does not guarantee 100% uptime. Is not under obligation to you for any loss or damage that may result from your use of the Abuse Reports API.
- Has a right to share any submission provided by you with law enforcement, sister companies, and other third parties at its sole discretion. In addition, Namecheap has no obligation to notify you if and/or when such information is shared.
3. Prohibited Actions. Please acknowledge that you understand and agree to the following:
- Access to the API is conditional. Continuous submission of links that target legitimate websites/customers may result in the removal/denial of access to the API, as determined by Namecheap’s discretion.
- Non-disclosure/confidentiality. You are prohibited from sharing all technical and non-technical information and data provided to you by Namecheap, which may include (without limitation): services, configuration information, samples, scripts, techniques, algorithms, software programs, software source documents, development information, decision-making processes and outcomes, investigation/evaluation processes and outcomes, factors that led to certain decisions regarding submissions, mitigation methods used and other intellectual property, customer lists, and employees/independent contractor information. This prohibition includes non-disclosure to wholly-owned subsidiaries and/or sister or parent companies. A single instance of prohibited sharing may result in the removal/denial of access to the API.
- The API is the intellectual property of Namecheap and contains valuable confidential information. You agree that you will not modify, reverse engineer, decompile, create other works from, or disassemble this information.
4. Security and Liability/Indemnification.
- Security. You acknowledge and explicitly agree that you are responsible for properly securing all technical and non-technical information that Namecheap provides to you.
- Liability/Indemnification for Loss. You acknowledge and explicitly agree that if you fail to properly secure API-related information, your API access will be blocked, and you will be obligated to indemnify Namecheap for any costs (and expenses) we and/or our customers incur.