Skip to content
Cloudflare API
Start here
API Reference
Abuse Reports

Submit an abuse report

POST/accounts/{account_id}/abuse-reports/{report_param}

Submit the Abuse Report of a particular type

Security

API Token

The preferred authorization scheme for interacting with the Cloudflare API. Create a token.

Example:Authorization: Bearer Sn3lZJTBX6kkg7OdcBUAxOO963GEIyGQqnFTOFYY
Path ParametersExpand Collapse
account_id: string
maxLength32
report_param: string

The report type for submitted reports.

Body ParametersJSONExpand Collapse
body: { act, address1, agent_name, 18 more } or { act, email, email2, 14 more } or { act, email, email2, 14 more } or 5 more
One of the following:
AbuseDmca { act, address1, agent_name, 18 more }
act: "abuse_dmca"

The report type for submitted reports.

address1: string

Text not exceeding 100 characters. This field may be released by Cloudflare to third parties such as the Lumen Database (https://lumendatabase.org/).

maxLength100
minLength1
agent_name: string

The name of the copyright holder. Text not exceeding 60 characters. This field may be released by Cloudflare to third parties such as the Lumen Database (https://lumendatabase.org/).

maxLength60
minLength1
agree: 1

Can be 0 for false or 1 for true. Must be value: 1 for DMCA reports

city: string

Text not exceeding 255 characters. This field may be released by Cloudflare to third parties such as the Lumen Database (https://lumendatabase.org/).

maxLength255
minLength1
country: string

Text not exceeding 255 characters. This field may be released by Cloudflare to third parties such as the Lumen Database (https://lumendatabase.org/).

maxLength255
minLength1
email: string

A valid email of the abuse reporter. This field may be released by Cloudflare to third parties such as the Lumen Database (https://lumendatabase.org/).

email2: string

Should match the value provided in email

host_notification: "send"

Notification type based on the abuse type. NOTE: Copyright (DMCA) and Trademark reports cannot be anonymous.

name: string

Text not exceeding 255 characters. This field may be released by Cloudflare to third parties such as the Lumen Database (https://lumendatabase.org/).

maxLength255
minLength1
original_work: string

Text not exceeding 255 characters. This field may be released by Cloudflare to third parties such as the Lumen Database (https://lumendatabase.org/).

maxLength255
minLength1
owner_notification: "send"

Notification type based on the abuse type. NOTE: Copyright (DMCA) and Trademark reports cannot be anonymous.

signature: string

Required for DMCA reports, should be same as Name. An affirmation that all information in the report is true and accurate while agreeing to the policies of Cloudflare’s abuse reports

state: string

Text not exceeding 255 characters. This field may be released by Cloudflare to third parties such as the Lumen Database (https://lumendatabase.org/).

maxLength255
minLength1
urls: string

A list of valid URLs separated by ‘\n’ (new line character). The list of the URLs should not exceed 250 URLs. All URLs should have the same hostname. Each URL should be unique. This field may be released by Cloudflare to third parties such as the Lumen Database (https://lumendatabase.org/).

comments: optional string

Any additional comments about the infringement not exceeding 2000 characters

maxLength2000
minLength1
company: optional string

Text not exceeding 100 characters. This field may be released by Cloudflare to third parties such as the Lumen Database (https://lumendatabase.org/).

maxLength100
minLength1
reported_country: optional string

Text containing 2 characters

maxLength2
minLength2
reported_user_agent: optional string

Text not exceeding 255 characters

maxLength255
minLength1
tele: optional string

Text not exceeding 20 characters. This field may be released by Cloudflare to third parties such as the Lumen Database (https://lumendatabase.org/).

maxLength20
minLength1
title: optional string

Text not exceeding 255 characters

maxLength255
minLength1
AbuseTrademark { act, email, email2, 14 more }
act: "abuse_trademark"

The report type for submitted reports.

email: string

A valid email of the abuse reporter. This field may be released by Cloudflare to third parties such as the Lumen Database (https://lumendatabase.org/).

email2: string

Should match the value provided in email

host_notification: "send"

Notification type based on the abuse type. NOTE: Copyright (DMCA) and Trademark reports cannot be anonymous.

justification: string

A detailed description of the infringement, including any necessary access details and the exact steps needed to view the content, not exceeding 5000 characters.

maxLength5000
minLength1
name: string

Text not exceeding 255 characters. This field may be released by Cloudflare to third parties such as the Lumen Database (https://lumendatabase.org/).

maxLength255
minLength1
owner_notification: "send"

Notification type based on the abuse type. NOTE: Copyright (DMCA) and Trademark reports cannot be anonymous.

trademark_number: string

Text not exceeding 1000 characters

maxLength1000
minLength1
trademark_office: string

Text not exceeding 1000 characters

maxLength1000
minLength1
trademark_symbol: string

Text not exceeding 1000 characters

maxLength1000
minLength1
urls: string

A list of valid URLs separated by ‘\n’ (new line character). The list of the URLs should not exceed 250 URLs. All URLs should have the same hostname. Each URL should be unique. This field may be released by Cloudflare to third parties such as the Lumen Database (https://lumendatabase.org/).

comments: optional string

Any additional comments about the infringement not exceeding 2000 characters

maxLength2000
minLength1
company: optional string

Text not exceeding 100 characters. This field may be released by Cloudflare to third parties such as the Lumen Database (https://lumendatabase.org/).

maxLength100
minLength1
reported_country: optional string

Text containing 2 characters

maxLength2
minLength2
reported_user_agent: optional string

Text not exceeding 255 characters

maxLength255
minLength1
tele: optional string

Text not exceeding 20 characters. This field may be released by Cloudflare to third parties such as the Lumen Database (https://lumendatabase.org/).

maxLength20
minLength1
title: optional string

Text not exceeding 255 characters

maxLength255
minLength1
AbuseGeneral { act, email, email2, 14 more }
act: "abuse_general"

The report type for submitted reports.

email: string

A valid email of the abuse reporter. This field may be released by Cloudflare to third parties such as the Lumen Database (https://lumendatabase.org/).

email2: string

Should match the value provided in email

host_notification: "send" or "send-anon"

Notification type based on the abuse type. NOTE: Copyright (DMCA) and Trademark reports cannot be anonymous.

One of the following:
"send"
"send-anon"
justification: string

A detailed description of the infringement, including any necessary access details and the exact steps needed to view the content, not exceeding 5000 characters.

maxLength5000
minLength1
name: string

Text not exceeding 255 characters. This field may be released by Cloudflare to third parties such as the Lumen Database (https://lumendatabase.org/).

maxLength255
minLength1
owner_notification: "send" or "send-anon"

Notification type based on the abuse type. NOTE: Copyright (DMCA) and Trademark reports cannot be anonymous.

One of the following:
"send"
"send-anon"
urls: string

A list of valid URLs separated by ‘\n’ (new line character). The list of the URLs should not exceed 250 URLs. All URLs should have the same hostname. Each URL should be unique. This field may be released by Cloudflare to third parties such as the Lumen Database (https://lumendatabase.org/).

comments: optional string

Any additional comments about the infringement not exceeding 2000 characters

maxLength2000
minLength1
company: optional string

Text not exceeding 100 characters. This field may be released by Cloudflare to third parties such as the Lumen Database (https://lumendatabase.org/).

maxLength100
minLength1
destination_ips: optional string

A list of IP addresses separated by ‘\n’ (new line character). The list of destination IPs should not exceed 30 IP addresses. Each one of the IP addresses ought to be unique.

ports_protocols: optional string

A comma separated list of ports and protocols e.g. 80/TCP, 22/UDP. The total size of the field should not exceed 2000 characters. Each individual port/protocol should not exceed 100 characters. The list should not have more than 30 unique ports and protocols.

reported_country: optional string

Text containing 2 characters

maxLength2
minLength2
reported_user_agent: optional string

Text not exceeding 255 characters

maxLength255
minLength1
source_ips: optional string

A list of IP addresses separated by ‘\n’ (new line character). The list of source IPs should not exceed 30 IP addresses. Each one of the IP addresses ought to be unique.

tele: optional string

Text not exceeding 20 characters. This field may be released by Cloudflare to third parties such as the Lumen Database (https://lumendatabase.org/).

maxLength20
minLength1
title: optional string

Text not exceeding 255 characters

maxLength255
minLength1
AbusePhishing { act, email, email2, 12 more }
act: "abuse_phishing"

The report type for submitted reports.

email: string

A valid email of the abuse reporter. This field may be released by Cloudflare to third parties such as the Lumen Database (https://lumendatabase.org/).

email2: string

Should match the value provided in email

host_notification: "send" or "send-anon"

Notification type based on the abuse type. NOTE: Copyright (DMCA) and Trademark reports cannot be anonymous.

One of the following:
"send"
"send-anon"
justification: string

A detailed description of the infringement, including any necessary access details and the exact steps needed to view the content, not exceeding 5000 characters.

maxLength5000
minLength20
name: string

Text not exceeding 255 characters. This field may be released by Cloudflare to third parties such as the Lumen Database (https://lumendatabase.org/).

maxLength255
minLength1
owner_notification: "send" or "send-anon"

Notification type based on the abuse type. NOTE: Copyright (DMCA) and Trademark reports cannot be anonymous.

One of the following:
"send"
"send-anon"
urls: string

A list of valid URLs separated by ‘\n’ (new line character). The list of the URLs should not exceed 250 URLs. All URLs should have the same hostname. Each URL should be unique. This field may be released by Cloudflare to third parties such as the Lumen Database (https://lumendatabase.org/).

comments: optional string

Any additional comments about the infringement not exceeding 2000 characters

maxLength2000
minLength1
company: optional string

Text not exceeding 100 characters. This field may be released by Cloudflare to third parties such as the Lumen Database (https://lumendatabase.org/).

maxLength100
minLength1
original_work: optional string

Text not exceeding 255 characters. This field may be released by Cloudflare to third parties such as the Lumen Database (https://lumendatabase.org/).

maxLength255
minLength1
reported_country: optional string

Text containing 2 characters

maxLength2
minLength2
reported_user_agent: optional string

Text not exceeding 255 characters

maxLength255
minLength1
tele: optional string

Text not exceeding 20 characters. This field may be released by Cloudflare to third parties such as the Lumen Database (https://lumendatabase.org/).

maxLength20
minLength1
title: optional string

Text not exceeding 255 characters

maxLength255
minLength1
AbuseChildren { act, email, email2, 13 more }
act: "abuse_children"

The report type for submitted reports.

email: string

A valid email of the abuse reporter. This field may be released by Cloudflare to third parties such as the Lumen Database (https://lumendatabase.org/).

email2: string

Should match the value provided in email

host_notification: "send" or "send-anon"

Notification type based on the abuse type. NOTE: Copyright (DMCA) and Trademark reports cannot be anonymous.

One of the following:
"send"
"send-anon"
justification: string

A detailed description of the infringement, including any necessary access details and the exact steps needed to view the content, not exceeding 5000 characters.

maxLength5000
minLength1
name: string

Text not exceeding 255 characters. This field may be released by Cloudflare to third parties such as the Lumen Database (https://lumendatabase.org/).

maxLength255
minLength1
ncmec_notification: "send" or "send-anon"

Notification type based on the abuse type. NOTE: Copyright (DMCA) and Trademark reports cannot be anonymous.

One of the following:
"send"
"send-anon"
owner_notification: "send" or "send-anon" or "none"

Notification type based on the abuse type. NOTE: Copyright (DMCA) and Trademark reports cannot be anonymous.

One of the following:
"send"
"send-anon"
"none"
urls: string

A list of valid URLs separated by ‘\n’ (new line character). The list of the URLs should not exceed 250 URLs. All URLs should have the same hostname. Each URL should be unique. This field may be released by Cloudflare to third parties such as the Lumen Database (https://lumendatabase.org/).

comments: optional string

Any additional comments about the infringement not exceeding 2000 characters

maxLength2000
minLength1
company: optional string

Text not exceeding 100 characters. This field may be released by Cloudflare to third parties such as the Lumen Database (https://lumendatabase.org/).

maxLength100
minLength1
country: optional string

Text not exceeding 255 characters. This field may be released by Cloudflare to third parties such as the Lumen Database (https://lumendatabase.org/).

maxLength255
minLength1
reported_country: optional string

Text containing 2 characters

maxLength2
minLength2
reported_user_agent: optional string

Text not exceeding 255 characters

maxLength255
minLength1
tele: optional string

Text not exceeding 20 characters. This field may be released by Cloudflare to third parties such as the Lumen Database (https://lumendatabase.org/).

maxLength20
minLength1
title: optional string

Text not exceeding 255 characters

maxLength255
minLength1
AbuseThreat { act, email, email2, 11 more }
act: "abuse_threat"

The report type for submitted reports.

email: string

A valid email of the abuse reporter. This field may be released by Cloudflare to third parties such as the Lumen Database (https://lumendatabase.org/).

email2: string

Should match the value provided in email

host_notification: "send" or "send-anon"

Notification type based on the abuse type. NOTE: Copyright (DMCA) and Trademark reports cannot be anonymous.

One of the following:
"send"
"send-anon"
justification: string

A detailed description of the infringement, including any necessary access details and the exact steps needed to view the content, not exceeding 5000 characters.

maxLength5000
minLength1
name: string

Text not exceeding 255 characters. This field may be released by Cloudflare to third parties such as the Lumen Database (https://lumendatabase.org/).

maxLength255
minLength1
owner_notification: "send" or "send-anon"

Notification type based on the abuse type. NOTE: Copyright (DMCA) and Trademark reports cannot be anonymous.

One of the following:
"send"
"send-anon"
urls: string

A list of valid URLs separated by ‘\n’ (new line character). The list of the URLs should not exceed 250 URLs. All URLs should have the same hostname. Each URL should be unique. This field may be released by Cloudflare to third parties such as the Lumen Database (https://lumendatabase.org/).

comments: optional string

Any additional comments about the infringement not exceeding 2000 characters

maxLength2000
minLength1
company: optional string

Text not exceeding 100 characters. This field may be released by Cloudflare to third parties such as the Lumen Database (https://lumendatabase.org/).

maxLength100
minLength1
reported_country: optional string

Text containing 2 characters

maxLength2
minLength2
reported_user_agent: optional string

Text not exceeding 255 characters

maxLength255
minLength1
tele: optional string

Text not exceeding 20 characters. This field may be released by Cloudflare to third parties such as the Lumen Database (https://lumendatabase.org/).

maxLength20
minLength1
title: optional string

Text not exceeding 255 characters

maxLength255
minLength1
AbuseRegistrarWhois { act, email, email2, 10 more }
act: "abuse_registrar_whois"

The report type for submitted reports.

email: string

A valid email of the abuse reporter. This field may be released by Cloudflare to third parties such as the Lumen Database (https://lumendatabase.org/).

email2: string

Should match the value provided in email

name: string

Text not exceeding 255 characters. This field may be released by Cloudflare to third parties such as the Lumen Database (https://lumendatabase.org/).

maxLength255
minLength1
owner_notification: "send" or "send-anon" or "none"

Notification type based on the abuse type. NOTE: Copyright (DMCA) and Trademark reports cannot be anonymous.

One of the following:
"send"
"send-anon"
"none"
urls: string

A list of valid URLs separated by ‘\n’ (new line character). The list of the URLs should not exceed 250 URLs. All URLs should have the same hostname. Each URL should be unique. This field may be released by Cloudflare to third parties such as the Lumen Database (https://lumendatabase.org/).

comments: optional string

Any additional comments about the infringement not exceeding 2000 characters

maxLength2000
minLength1
company: optional string

Text not exceeding 100 characters. This field may be released by Cloudflare to third parties such as the Lumen Database (https://lumendatabase.org/).

maxLength100
minLength1
reg_who_request: optional { reg_who_good_faith_affirmation, reg_who_lawful_processing_agreement, reg_who_legal_basis, 4 more }

RDP-mandated fields for registrar WHOIS data disclosure requests.

reg_who_good_faith_affirmation: boolean

Affirmation that the request is made in good faith per RDP 10.2.4. Must be true.

reg_who_lawful_processing_agreement: boolean

Agreement to process data lawfully per RDP 10.2.5. Must be true.

reg_who_legal_basis: string

Legal rights and rationale for the request per RDP 10.2.3. Required for all WHOIS requests.

maxLength5000
reg_who_request_type: "disclosure" or "invalid_whois"

The type of WHOIS data request per RDP procedure.

One of the following:
"disclosure"
"invalid_whois"
reg_who_requested_data_elements: array of "registrant_name" or "registrant_organization" or "registrant_email" or 14 more

The specific WHOIS data elements being requested per RDP 10.2.2. Required for all WHOIS requests.

One of the following:
"registrant_name"
"registrant_organization"
"registrant_email"
"registrant_phone"
"registrant_address"
"registrant_address_country"
"registrant_address_postal_code"
"admin_name"
"admin_organization"
"admin_email"
"admin_phone"
"admin_address"
"tech_name"
"tech_organization"
"tech_email"
"tech_phone"
"tech_address"
reg_who_authorization_statement: optional string

Optional authorization statement or power of attorney per RDP 10.2.1.3.

maxLength5000
reg_who_requestor_type: optional "government" or "corporation" or "individual"

The nature of the requestor per RDP 10.2.1.2.

One of the following:
"government"
"corporation"
"individual"
reported_country: optional string

Text containing 2 characters

maxLength2
minLength2
reported_user_agent: optional string

Text not exceeding 255 characters

maxLength255
minLength1
tele: optional string

Text not exceeding 20 characters. This field may be released by Cloudflare to third parties such as the Lumen Database (https://lumendatabase.org/).

maxLength20
minLength1
title: optional string

Text not exceeding 255 characters

maxLength255
minLength1
AbuseNcsei { act, email, email2, 12 more }
act: "abuse_ncsei"

The report type for submitted reports.

email: string

A valid email of the abuse reporter. This field may be released by Cloudflare to third parties such as the Lumen Database (https://lumendatabase.org/).

email2: string

Should match the value provided in email

host_notification: "send" or "send-anon"

Notification type based on the abuse type. NOTE: Copyright (DMCA) and Trademark reports cannot be anonymous.

One of the following:
"send"
"send-anon"
name: string

Text not exceeding 255 characters. This field may be released by Cloudflare to third parties such as the Lumen Database (https://lumendatabase.org/).

maxLength255
minLength1
ncsei_subject_representation: boolean

If the submitter is the target of NCSEI in the URLs of the abuse report.

owner_notification: "send" or "send-anon" or "none"

Notification type based on the abuse type. NOTE: Copyright (DMCA) and Trademark reports cannot be anonymous.

One of the following:
"send"
"send-anon"
"none"
urls: string

A list of valid URLs separated by ‘\n’ (new line character). The list of the URLs should not exceed 250 URLs. All URLs should have the same hostname. Each URL should be unique. This field may be released by Cloudflare to third parties such as the Lumen Database (https://lumendatabase.org/).

comments: optional string

Any additional comments about the infringement not exceeding 2000 characters

maxLength2000
minLength1
company: optional string

Text not exceeding 100 characters. This field may be released by Cloudflare to third parties such as the Lumen Database (https://lumendatabase.org/).

maxLength100
minLength1
country: optional string

Text not exceeding 255 characters. This field may be released by Cloudflare to third parties such as the Lumen Database (https://lumendatabase.org/).

maxLength255
minLength1
reported_country: optional string

Text containing 2 characters

maxLength2
minLength2
reported_user_agent: optional string

Text not exceeding 255 characters

maxLength255
minLength1
tele: optional string

Text not exceeding 20 characters. This field may be released by Cloudflare to third parties such as the Lumen Database (https://lumendatabase.org/).

maxLength20
minLength1
title: optional string

Text not exceeding 255 characters

maxLength255
minLength1
ReturnsExpand Collapse
abuse_rand: string

The identifier for the submitted abuse report.

request: { act }
act: string

The report type for submitted reports.

result: string

The result should be ‘success’ for successful response

Submit an abuse report

curl https://api.cloudflare.com/client/v4/accounts/$ACCOUNT_ID/abuse-reports/$REPORT_PARAM \
    -H 'Content-Type: application/json' \
    -H "Authorization: Bearer $CLOUDFLARE_API_TOKEN" \
    -d '{
          "act": "abuse_dmca",
          "address1": "x",
          "agent_name": "x",
          "agree": 1,
          "city": "x",
          "country": "x",
          "email": "email",
          "email2": "email2",
          "host_notification": "send",
          "name": "x",
          "original_work": "x",
          "owner_notification": "send",
          "signature": "signature",
          "state": "x",
          "urls": "urls"
        }'
{
  "abuse_rand": "abuse_rand",
  "request": {
    "act": "act"
  },
  "result": "result"
}
Returns Examples
{
  "abuse_rand": "abuse_rand",
  "request": {
    "act": "act"
  },
  "result": "result"
}