# Abuse Reports ## Submit an abuse report `client.abuseReports.create(stringreportParam, AbuseReportCreateParamsparams, RequestOptionsoptions?): AbuseReportCreateResponse` **post** `/accounts/{account_id}/abuse-reports/{report_param}` Submit an abuse report of a particular type. Requires the abuse-reports entitlement on the account (Enterprise accounts have it by default; other accounts must request access) and an API token with the `Account > Abuse Reports > Edit` permission. If the account is not entitled, the request is rejected with an HTTP `401` response (see below). ### Parameters - `reportParam: string` The report type for submitted reports. - `AbuseReportCreateParams = AbuseReportsDmcaReport | AbuseReportsTrademarkReport | AbuseReportsGeneralReport | 5 more` - `AbuseReportCreateParamsBase` - `account_id: string` Path param: Cloudflare Account ID - `act: "abuse_dmca"` Body param: The report type for submitted reports. - `"abuse_dmca"` - `address1: string` Body param: Text not exceeding 100 characters. This field may be released by Cloudflare to third parties such as the Lumen Database (https://lumendatabase.org/). - `agent_name: string` Body param: The name of the copyright holder. Text not exceeding 60 characters. This field may be released by Cloudflare to third parties such as the Lumen Database (https://lumendatabase.org/). - `agree: 1` Body param: Can be `0` for false or `1` for true. Must be value: 1 for DMCA reports - `1` - `city: string` Body param: Text not exceeding 255 characters. This field may be released by Cloudflare to third parties such as the Lumen Database (https://lumendatabase.org/). - `country: string` Body param: Text not exceeding 255 characters. This field may be released by Cloudflare to third parties such as the Lumen Database (https://lumendatabase.org/). - `email: string` Body param: A valid email of the abuse reporter. This field may be released by Cloudflare to third parties such as the Lumen Database (https://lumendatabase.org/). - `email2: string` Body param: Should match the value provided in `email` - `host_notification: "send"` Body param: Notification type based on the abuse type. NOTE: Copyright (DMCA) and Trademark reports cannot be anonymous. - `"send"` - `name: string` Body param: Text not exceeding 255 characters. This field may be released by Cloudflare to third parties such as the Lumen Database (https://lumendatabase.org/). - `original_work: string` Body param: Text not exceeding 255 characters. This field may be released by Cloudflare to third parties such as the Lumen Database (https://lumendatabase.org/). - `owner_notification: "send"` Body param: Notification type based on the abuse type. NOTE: Copyright (DMCA) and Trademark reports cannot be anonymous. - `"send"` - `signature: string` Body param: Required for DMCA reports, should be same as Name. An affirmation that all information in the report is true and accurate while agreeing to the policies of Cloudflare's abuse reports - `state: string` Body param: Text not exceeding 255 characters. This field may be released by Cloudflare to third parties such as the Lumen Database (https://lumendatabase.org/). - `urls: string` Body param: A list of valid URLs separated by ā€˜\n’ (new line character). The list of the URLs should not exceed 250 URLs. All URLs should have the same hostname. Each URL should be unique. This field may be released by Cloudflare to third parties such as the Lumen Database (https://lumendatabase.org/). - `comments?: string` Body param: Any additional comments about the infringement not exceeding 2000 characters - `company?: string` Body param: Text not exceeding 100 characters. This field may be released by Cloudflare to third parties such as the Lumen Database (https://lumendatabase.org/). - `reported_country?: string` Body param: Text containing 2 characters - `reported_user_agent?: string` Body param: Text not exceeding 255 characters - `tele?: string` Body param: Text not exceeding 20 characters. This field may be released by Cloudflare to third parties such as the Lumen Database (https://lumendatabase.org/). - `title?: string` Body param: Text not exceeding 255 characters - `AbuseReportsDmcaReport extends AbuseReportCreateParamsBase` - `AbuseReportsTrademarkReport extends AbuseReportCreateParamsBase` - `AbuseReportsGeneralReport extends AbuseReportCreateParamsBase` - `AbuseReportsPhishingReport extends AbuseReportCreateParamsBase` - `AbuseReportsCsamReport extends AbuseReportCreateParamsBase` - `AbuseReportsThreatReport extends AbuseReportCreateParamsBase` - `AbuseReportsRegistrarWhoisReport extends AbuseReportCreateParamsBase` - `AbuseReportsNcseiReport extends AbuseReportCreateParamsBase` ### Returns - `AbuseReportCreateResponse = string` The result should be 'success' for successful response ### Example ```typescript import Cloudflare from 'cloudflare'; const client = new Cloudflare({ apiToken: process.env['CLOUDFLARE_API_TOKEN'], // This is the default and can be omitted }); const abuseReport = await client.abuseReports.create('report_param', { account_id: '023e105f4ecef8ad9ca31a8372d0c353', act: 'abuse_dmca', address1: 'x', agent_name: 'x', agree: 1, city: 'x', country: 'x', email: 'email', email2: 'email2', host_notification: 'send', name: 'x', original_work: 'x', owner_notification: 'send', signature: 'signature', state: 'x', urls: 'urls', }); console.log(abuseReport); ``` #### Response ```json { "abuse_rand": "abuse_rand", "request": { "act": "act" }, "result": "result" } ``` ## Abuse Report Details `client.abuseReports.get(stringreportParam, AbuseReportGetParamsparams, RequestOptionsoptions?): AbuseReportGetResponse` **get** `/accounts/{account_id}/abuse-reports/{report_param}` Retrieve the details of an abuse report. ### Parameters - `reportParam: string` - `params: AbuseReportGetParams` - `account_id: string` Cloudflare Account ID ### Returns - `AbuseReportGetResponse` - `id: string` Public facing ID of abuse report, aka abuse_rand. - `cdate: string` Creation date of report. Time in RFC 3339 format (https://www.rfc-editor.org/rfc/rfc3339.html) - `domain: string` Domain that relates to the report. - `mitigation_summary: MitigationSummary` A summary of the mitigations related to this report. - `accepted_url_count: number` How many of the reported URLs were confirmed as abusive. - `active_count: number` How many mitigations are active. - `external_host_notified: boolean` Whether the report has been forwarded to an external hosting provider. - `in_review_count: number` How many mitigations are under review. - `pending_count: number` How many mitigations are pending their effective date. - `status: "accepted" | "in_review"` An enum value that represents the status of an abuse record - `"accepted"` - `"in_review"` - `type: "PHISH" | "GEN" | "THREAT" | 6 more` The abuse report type - `"PHISH"` - `"GEN"` - `"THREAT"` - `"DMCA"` - `"EMER"` - `"TM"` - `"REG_WHO"` - `"NCSEI"` - `"NETWORK"` - `justification?: string` Justification for the report. - `original_work?: string` Original work / Targeted brand in the alleged abuse. - `submitter?: Submitter` Information about the submitter of the report. - `company?: string` - `email?: string` - `name?: string` - `telephone?: string` - `urls?: Array` ### Example ```typescript import Cloudflare from 'cloudflare'; const client = new Cloudflare({ apiToken: process.env['CLOUDFLARE_API_TOKEN'], // This is the default and can be omitted }); const abuseReport = await client.abuseReports.get('report_param', { account_id: '023e105f4ecef8ad9ca31a8372d0c353', }); console.log(abuseReport.id); ``` #### Response ```json { "result": { "id": "id", "cdate": "2009-11-10T23:00:00Z", "domain": "domain", "mitigation_summary": { "accepted_url_count": 0, "active_count": 0, "external_host_notified": true, "in_review_count": 0, "pending_count": 0 }, "status": "accepted", "type": "PHISH", "justification": "justification", "original_work": "original_work", "submitter": { "company": "company", "email": "email", "name": "name", "telephone": "telephone" }, "urls": [ "string" ] }, "success": true, "errors": [ { "message": "message", "code": "string" } ], "messages": [ { "message": "message" } ] } ``` ## List abuse reports `client.abuseReports.list(AbuseReportListParamsparams, RequestOptionsoptions?): V4PagePagination` **get** `/accounts/{account_id}/abuse-reports` List the abuse reports for a given account ### Parameters - `params: AbuseReportListParams` - `account_id: string` Path param: Cloudflare Account ID - `created_after?: string` Query param: Returns reports created after the specified date - `created_before?: string` Query param: Returns reports created before the specified date - `domain?: string` Query param: Filter by domain name related to the abuse report - `mitigation_status?: "pending" | "active" | "in_review" | 2 more` Query param: Filter reports that have any mitigations in the given status. - `"pending"` - `"active"` - `"in_review"` - `"cancelled"` - `"removed"` - `page?: number` Query param: Where in pagination to start listing abuse reports - `per_page?: number` Query param: How many abuse reports per page to list - `sort?: string` Query param: A property to sort by, followed by the order (id, cdate, domain, type, status) - `status?: "accepted" | "in_review"` Query param: Filter by the status of the report. - `"accepted"` - `"in_review"` - `type?: "PHISH" | "GEN" | "THREAT" | 6 more` Query param: Filter by the type of the report. - `"PHISH"` - `"GEN"` - `"THREAT"` - `"DMCA"` - `"EMER"` - `"TM"` - `"REG_WHO"` - `"NCSEI"` - `"NETWORK"` ### Returns - `AbuseReportListResponse` - `reports: Array` - `id: string` Public facing ID of abuse report, aka abuse_rand. - `cdate: string` Creation date of report. Time in RFC 3339 format (https://www.rfc-editor.org/rfc/rfc3339.html) - `domain: string` Domain that relates to the report. - `mitigation_summary: MitigationSummary` A summary of the mitigations related to this report. - `accepted_url_count: number` How many of the reported URLs were confirmed as abusive. - `active_count: number` How many mitigations are active. - `external_host_notified: boolean` Whether the report has been forwarded to an external hosting provider. - `in_review_count: number` How many mitigations are under review. - `pending_count: number` How many mitigations are pending their effective date. - `status: "accepted" | "in_review"` An enum value that represents the status of an abuse record - `"accepted"` - `"in_review"` - `type: "PHISH" | "GEN" | "THREAT" | 6 more` The abuse report type - `"PHISH"` - `"GEN"` - `"THREAT"` - `"DMCA"` - `"EMER"` - `"TM"` - `"REG_WHO"` - `"NCSEI"` - `"NETWORK"` - `justification?: string` Justification for the report. - `original_work?: string` Original work / Targeted brand in the alleged abuse. - `submitter?: Submitter` Information about the submitter of the report. - `company?: string` - `email?: string` - `name?: string` - `telephone?: string` - `urls?: Array` ### Example ```typescript import Cloudflare from 'cloudflare'; const client = new Cloudflare({ apiToken: process.env['CLOUDFLARE_API_TOKEN'], // This is the default and can be omitted }); // Automatically fetches more pages as needed. for await (const abuseReportListResponse of client.abuseReports.list({ account_id: '023e105f4ecef8ad9ca31a8372d0c353', })) { console.log(abuseReportListResponse.reports); } ``` #### Response ```json { "success": true, "errors": [ { "message": "message" } ], "messages": [ { "message": "message" } ], "result": { "reports": [ { "id": "id", "cdate": "2009-11-10T23:00:00Z", "domain": "domain", "mitigation_summary": { "accepted_url_count": 0, "active_count": 0, "external_host_notified": true, "in_review_count": 0, "pending_count": 0 }, "status": "accepted", "type": "PHISH", "justification": "justification", "original_work": "original_work", "submitter": { "company": "company", "email": "email", "name": "name", "telephone": "telephone" }, "urls": [ "string" ] } ] }, "result_info": { "count": 0, "page": 0, "per_page": 0, "total_count": 0, "total_pages": 0 } } ``` ## Domain Types ### Abuse Report Create Response - `AbuseReportCreateResponse = string` The result should be 'success' for successful response ### Abuse Report Get Response - `AbuseReportGetResponse` - `id: string` Public facing ID of abuse report, aka abuse_rand. - `cdate: string` Creation date of report. Time in RFC 3339 format (https://www.rfc-editor.org/rfc/rfc3339.html) - `domain: string` Domain that relates to the report. - `mitigation_summary: MitigationSummary` A summary of the mitigations related to this report. - `accepted_url_count: number` How many of the reported URLs were confirmed as abusive. - `active_count: number` How many mitigations are active. - `external_host_notified: boolean` Whether the report has been forwarded to an external hosting provider. - `in_review_count: number` How many mitigations are under review. - `pending_count: number` How many mitigations are pending their effective date. - `status: "accepted" | "in_review"` An enum value that represents the status of an abuse record - `"accepted"` - `"in_review"` - `type: "PHISH" | "GEN" | "THREAT" | 6 more` The abuse report type - `"PHISH"` - `"GEN"` - `"THREAT"` - `"DMCA"` - `"EMER"` - `"TM"` - `"REG_WHO"` - `"NCSEI"` - `"NETWORK"` - `justification?: string` Justification for the report. - `original_work?: string` Original work / Targeted brand in the alleged abuse. - `submitter?: Submitter` Information about the submitter of the report. - `company?: string` - `email?: string` - `name?: string` - `telephone?: string` - `urls?: Array` ### Abuse Report List Response - `AbuseReportListResponse` - `reports: Array` - `id: string` Public facing ID of abuse report, aka abuse_rand. - `cdate: string` Creation date of report. Time in RFC 3339 format (https://www.rfc-editor.org/rfc/rfc3339.html) - `domain: string` Domain that relates to the report. - `mitigation_summary: MitigationSummary` A summary of the mitigations related to this report. - `accepted_url_count: number` How many of the reported URLs were confirmed as abusive. - `active_count: number` How many mitigations are active. - `external_host_notified: boolean` Whether the report has been forwarded to an external hosting provider. - `in_review_count: number` How many mitigations are under review. - `pending_count: number` How many mitigations are pending their effective date. - `status: "accepted" | "in_review"` An enum value that represents the status of an abuse record - `"accepted"` - `"in_review"` - `type: "PHISH" | "GEN" | "THREAT" | 6 more` The abuse report type - `"PHISH"` - `"GEN"` - `"THREAT"` - `"DMCA"` - `"EMER"` - `"TM"` - `"REG_WHO"` - `"NCSEI"` - `"NETWORK"` - `justification?: string` Justification for the report. - `original_work?: string` Original work / Targeted brand in the alleged abuse. - `submitter?: Submitter` Information about the submitter of the report. - `company?: string` - `email?: string` - `name?: string` - `telephone?: string` - `urls?: Array` # Mitigations ## List abuse report mitigations `client.abuseReports.mitigations.list(stringreportID, MitigationListParamsparams, RequestOptionsoptions?): V4PagePagination` **get** `/accounts/{account_id}/abuse-reports/{report_id}/mitigations` List mitigations done to remediate the abuse report. ### Parameters - `reportID: string` - `params: MitigationListParams` - `account_id: string` Path param: Cloudflare Account ID - `effective_after?: string` Query param: Returns mitigation that were dispatched after the given date - `effective_before?: string` Query param: Returns mitigations that were dispatched before the given date - `entity_type?: "url_pattern" | "account" | "zone"` Query param: Filter by the type of entity the mitigation impacts. - `"url_pattern"` - `"account"` - `"zone"` - `page?: number` Query param: Where in pagination to start listing abuse reports - `per_page?: number` Query param: How many abuse reports per page to list - `sort?: "type,asc" | "type,desc" | "effective_date,asc" | 5 more` Query param: A property to sort by, followed by the order - `"type,asc"` - `"type,desc"` - `"effective_date,asc"` - `"effective_date,desc"` - `"status,asc"` - `"status,desc"` - `"entity_type,asc"` - `"entity_type,desc"` - `status?: "pending" | "active" | "in_review" | 2 more` Query param: Filter by the status of the mitigation. - `"pending"` - `"active"` - `"in_review"` - `"cancelled"` - `"removed"` - `type?: "account_suspend" | "copyright_interstitial" | "geo_block" | 17 more` Query param: Filter by the type of mitigation. This filter parameter can be specified multiple times to include multiple types of mitigations in the result set, e.g. ?type=rate_limit_cache&type=legal_block. - `"account_suspend"` - `"copyright_interstitial"` - `"geo_block"` - `"legal_block"` - `"malware_interstitial"` - `"misleading_interstitial"` - `"network_block"` - `"phishing_interstitial"` - `"playfairite_enforce"` - `"r2_takedown_account"` - `"r2_takedown_bucket"` - `"r2_takedown_object"` - `"rate_limit_cache"` - `"redirect_video_stream"` - `"zone_fint"` - `"registrar_freeze"` - `"registrar_parking"` - `"stream_block_account"` - `"user_suspend"` - `"workers_takedown_by_zone_id"` ### Returns - `MitigationListResponse` - `mitigations: Array` - `id: string` ID of remediation. - `effective_date: string` Date when the mitigation will become active. Time in RFC 3339 format (https://www.rfc-editor.org/rfc/rfc3339.html) - `entity_id: string` - `entity_type: "url_pattern" | "account" | "zone"` The type of entity targeted by a mitigation. - `"url_pattern"` - `"account"` - `"zone"` - `status: "pending" | "active" | "in_review" | 2 more` The status of a mitigation - `"pending"` - `"active"` - `"in_review"` - `"cancelled"` - `"removed"` - `type: "account_suspend" | "copyright_interstitial" | "geo_block" | 17 more` The type of mitigation applied to a reported entity. - `"account_suspend"` - `"copyright_interstitial"` - `"geo_block"` - `"legal_block"` - `"malware_interstitial"` - `"misleading_interstitial"` - `"network_block"` - `"phishing_interstitial"` - `"playfairite_enforce"` - `"r2_takedown_account"` - `"r2_takedown_bucket"` - `"r2_takedown_object"` - `"rate_limit_cache"` - `"redirect_video_stream"` - `"zone_fint"` - `"registrar_freeze"` - `"registrar_parking"` - `"stream_block_account"` - `"user_suspend"` - `"workers_takedown_by_zone_id"` ### Example ```typescript import Cloudflare from 'cloudflare'; const client = new Cloudflare({ apiToken: process.env['CLOUDFLARE_API_TOKEN'], // This is the default and can be omitted }); // Automatically fetches more pages as needed. for await (const mitigationListResponse of client.abuseReports.mitigations.list('report_id', { account_id: '023e105f4ecef8ad9ca31a8372d0c353', })) { console.log(mitigationListResponse.mitigations); } ``` #### Response ```json { "success": true, "errors": [ { "message": "message" } ], "messages": [ { "message": "message" } ], "result": { "mitigations": [ { "id": "id", "effective_date": "2009-11-10T23:00:00Z", "entity_id": "entity_id", "entity_type": "url_pattern", "status": "pending", "type": "account_suspend" } ] }, "result_info": { "count": 0, "page": 0, "per_page": 0, "total_count": 0, "total_pages": 0 } } ``` ## Request review on mitigations `client.abuseReports.mitigations.review(stringreportID, MitigationReviewParamsparams, RequestOptionsoptions?): SinglePage` **post** `/accounts/{account_id}/abuse-reports/{report_id}/mitigations/appeal` Request a review for mitigations on an account. ### Parameters - `reportID: string` - `params: MitigationReviewParams` - `account_id: string` Path param: Cloudflare Account ID - `appeals: Array` Body param: List of mitigations to appeal. - `id: string` ID of the mitigation to appeal. - `reason: "removed" | "misclassified"` Reason why the customer is appealing. - `"removed"` - `"misclassified"` ### Returns - `MitigationReviewResponse` - `id: string` ID of remediation. - `effective_date: string` Date when the mitigation will become active. Time in RFC 3339 format (https://www.rfc-editor.org/rfc/rfc3339.html) - `entity_id: string` - `entity_type: "url_pattern" | "account" | "zone"` The type of entity targeted by a mitigation. - `"url_pattern"` - `"account"` - `"zone"` - `status: "pending" | "active" | "in_review" | 2 more` The status of a mitigation - `"pending"` - `"active"` - `"in_review"` - `"cancelled"` - `"removed"` - `type: "account_suspend" | "copyright_interstitial" | "geo_block" | 17 more` The type of mitigation applied to a reported entity. - `"account_suspend"` - `"copyright_interstitial"` - `"geo_block"` - `"legal_block"` - `"malware_interstitial"` - `"misleading_interstitial"` - `"network_block"` - `"phishing_interstitial"` - `"playfairite_enforce"` - `"r2_takedown_account"` - `"r2_takedown_bucket"` - `"r2_takedown_object"` - `"rate_limit_cache"` - `"redirect_video_stream"` - `"zone_fint"` - `"registrar_freeze"` - `"registrar_parking"` - `"stream_block_account"` - `"user_suspend"` - `"workers_takedown_by_zone_id"` ### Example ```typescript import Cloudflare from 'cloudflare'; const client = new Cloudflare({ apiToken: process.env['CLOUDFLARE_API_TOKEN'], // This is the default and can be omitted }); // Automatically fetches more pages as needed. for await (const mitigationReviewResponse of client.abuseReports.mitigations.review('report_id', { account_id: '023e105f4ecef8ad9ca31a8372d0c353', appeals: [{ id: 'id', reason: 'misclassified' }], })) { console.log(mitigationReviewResponse.id); } ``` #### Response ```json { "result_info": { "count": 0, "page": 0, "per_page": 0, "total_count": 0, "total_pages": 0 }, "success": true, "errors": [ { "message": "message" } ], "messages": [ { "message": "message" } ], "result": [ { "id": "id", "effective_date": "2009-11-10T23:00:00Z", "entity_id": "entity_id", "entity_type": "url_pattern", "status": "pending", "type": "account_suspend" } ] } ``` ## Domain Types ### Mitigation List Response - `MitigationListResponse` - `mitigations: Array` - `id: string` ID of remediation. - `effective_date: string` Date when the mitigation will become active. Time in RFC 3339 format (https://www.rfc-editor.org/rfc/rfc3339.html) - `entity_id: string` - `entity_type: "url_pattern" | "account" | "zone"` The type of entity targeted by a mitigation. - `"url_pattern"` - `"account"` - `"zone"` - `status: "pending" | "active" | "in_review" | 2 more` The status of a mitigation - `"pending"` - `"active"` - `"in_review"` - `"cancelled"` - `"removed"` - `type: "account_suspend" | "copyright_interstitial" | "geo_block" | 17 more` The type of mitigation applied to a reported entity. - `"account_suspend"` - `"copyright_interstitial"` - `"geo_block"` - `"legal_block"` - `"malware_interstitial"` - `"misleading_interstitial"` - `"network_block"` - `"phishing_interstitial"` - `"playfairite_enforce"` - `"r2_takedown_account"` - `"r2_takedown_bucket"` - `"r2_takedown_object"` - `"rate_limit_cache"` - `"redirect_video_stream"` - `"zone_fint"` - `"registrar_freeze"` - `"registrar_parking"` - `"stream_block_account"` - `"user_suspend"` - `"workers_takedown_by_zone_id"` ### Mitigation Review Response - `MitigationReviewResponse` - `id: string` ID of remediation. - `effective_date: string` Date when the mitigation will become active. Time in RFC 3339 format (https://www.rfc-editor.org/rfc/rfc3339.html) - `entity_id: string` - `entity_type: "url_pattern" | "account" | "zone"` The type of entity targeted by a mitigation. - `"url_pattern"` - `"account"` - `"zone"` - `status: "pending" | "active" | "in_review" | 2 more` The status of a mitigation - `"pending"` - `"active"` - `"in_review"` - `"cancelled"` - `"removed"` - `type: "account_suspend" | "copyright_interstitial" | "geo_block" | 17 more` The type of mitigation applied to a reported entity. - `"account_suspend"` - `"copyright_interstitial"` - `"geo_block"` - `"legal_block"` - `"malware_interstitial"` - `"misleading_interstitial"` - `"network_block"` - `"phishing_interstitial"` - `"playfairite_enforce"` - `"r2_takedown_account"` - `"r2_takedown_bucket"` - `"r2_takedown_object"` - `"rate_limit_cache"` - `"redirect_video_stream"` - `"zone_fint"` - `"registrar_freeze"` - `"registrar_parking"` - `"stream_block_account"` - `"user_suspend"` - `"workers_takedown_by_zone_id"`