Does Cloudflare have an API to report phishing sites to? I know there is the abuse form but I may find many sites over a period of time, and some companies similar to Cloudflare have APIs for reporting abuse.
Hi @cgreen1888, we do not, but that’s a great suggestion, changing this post to a feature request and voting +1
cloonan. I’m positive that cloudflare does have an API to report abuse. I know of a company that uses it. How can I get more info on it?
Hi @mrspencer, actually, we don’t have an API. Cloudflare.com/abuse is the correct place for reports. That form is easily scriptable though and that may be how your colleagues are automating this.
@Cloonan the security company I used to work with had a trusted partnership with Cloudflare and was afforded an API for reporting phishing. This allowed Cloudflare to reveal the hosting provider and block content. I’m pretty sure it wasn’t scripted. It was claimed to be due to the accuracy and amount of evidence provided . Would. DM of the company name help you?
Spencer {redacted}
Mobile: {redacted}
I dropped you a private note @mrspencer, the update I received was from our head of trust & safety, so it may be that the company you reference is/was helping us test something and the T&S team is not ready to share the details.
I’ll follow up with you on that private note for details.
Greetings.
I am curious to know if it is already implemented or is it in beta.
My company reports daily several sites to which, although you are not the host, we would like to know the original host, but many times we have IP limitations since being protected with Cloudflare the reports are not effective (reporting to the original provider where the site is hosted).
Is there any way you can also provide us with the real IP of the site?
I apologize for revisiting this older case, but after reviewing your response, our company is very interested in collaborating with you and exploring the possibilities of integrating this API. We are currently experiencing a significant percentage of phishing, fraud and malware (C2) related cases within Cloudflare services, and we believe your solution could be beneficial in addressing these challenges.