While You're Manually Processing Reports,
Attackers Are Already Moving On

Every day, abuse teams waste precious hours copying data from emails, verifying evidence, and reformatting reports. Meanwhile, phishing sites stay up longer, spam campaigns reach more victims, and compromised servers keep attacking.
There's a better way.

XARF v4

Stop Fighting Abuse Reports. Start Fighting Abuse.

The modern standard that turns abuse reporting from a manual chore into automated protection. Reduce response time from hours to minutes. Give your team back their time. Make the internet safer for everyone.

See How It Works Try It Free

phishing-report.json Machine-Readable

{
  "xarf_version": "4.0.0",
  "report_id": "1a5ec293-0849-40a4-9eba-d5926262ff05",
  "timestamp": "2025-01-11T15:15:24Z",
  "reporter": {
    "org": "Example Bank Security",
    "contact": "[email protected]",
    "domain": "example-bank.com"
  },
  "sender": {
    "org": "Example Bank Security",
    "contact": "[email protected]",
    "domain": "example-bank.com"
  },
  "source_identifier": "203.0.113.45",
  "category": "content",
  "type": "phishing",
  "evidence_source": "automated_scan",
  "url": "http://fake-bank.example.com",
  "target_brand": "Example Bank",
  "evidence": [{
    "content_type": "image/png",
    "description": "Screenshot of phishing page",
    "payload": "iVBORw0KGg...",
    "hash": "sha256:a1b2c3d4e5f6..."
  }],
  "tags": ["target:banking", "severity:high"]
}

One Standard. Three Winners. Everyone Benefits.

Finally, Your Reports Get Taken Seriously

Stop explaining the same information over and over. Send structured reports that receivers can process automatically.

✅

Get Processed, Not Ignored

Machine-readable reports go straight into automated systems. No more "lost in email."

⏱️

Send Once, Reach Everyone

Standard format means you don't customize for each receiver. One format, universal acceptance.

📈

Track Your Impact

Structured data means measurable results. See how your reports make the internet safer.

🎯

Build Your Reputation

Consistent, high-quality reports establish you as a trusted source. Better feedback loops.

Turn Abuse Handling Into Your Competitive Advantage

Stop burning money on manual processing. Automate abuse response and reinvest those hours into growing your business.

💰

Massive Time Savings

Process 1,000 reports with the same effort as 10 manual emails. 80% reduction in handling time.

⚡

Respond in Minutes, Not Hours

Automated intake to automated response. Fix problems before customers notice them.

🛡️

Legal Protection Built-In

Structured evidence with integrity hashes. Compliance documentation that holds up in court.

😊

Happier Team, Better Retention

No more soul-crushing manual data entry. Your team handles real threats, not paperwork.

80%

Less Manual Work

10x

Faster Response

$$$

Cost Center → Advantage

A Safer Internet Through Network Effects

Every organization that adopts XARF makes the internet safer for everyone. Here's how collective action creates exponential impact.

⚡

Shrink the Exploitation Window

Faster reporting + faster response = less time for attacks to succeed. Minutes instead of days.

🌐

Universal Language for Safety

One sender can reach 1,000 receivers instantly. One receiver can accept reports from anywhere.

📊

Measurable Progress

Structured data enables real metrics. Track abuse reduction across the entire internet.

⚖️

Level the Playing Field

Small ISPs can match enterprise-grade response. Democratizes internet security.

The Power of Adoption

More senders → More standardized reports → Better automated processing

More receivers → More acceptance → More motivation to send XARF reports

Result: Virtuous cycle that makes everyone safer, faster, stronger

Before XARF vs After XARF

Without XARF

😫

Copy-paste data from email
Download attachments manually
Verify evidence by hand
Convert to internal ticket format
Route to correct team
Hope reporter used correct format
Chase missing information
Result: Hours per report

→

With XARF

🚀

Automated parsing & validation
Evidence extracted automatically
Integrity verified via hashes
Auto-routed to correct team
Ticket created instantly
All required fields guaranteed
Customer notified automatically
Result: Minutes per report

Built for Modern Threats

🚀

Real-Time First

One incident = one report, sent immediately. No batching delays. Respond while attacks are happening.

🔍

Evidence-Based

Screenshots, logs, malware samples with integrity hashes. Everything needed to act decisively.

⚡

Context-Aware

Geolocation, device type, user-agent, referrer. Catch market-specific and device-specific attacks.

🤖

Automation-First

JSON Schema validation, type-specific fields. Designed for immediate machine processing.

🔒

Source-Centric

IP, port, protocol details. Perfect for CGNAT environments. Focus on what matters.

🌍

32 Abuse Types

Phishing, malware, DDoS, spam, CSAM, CSEM, disinformation, and more. Specialized schemas for each threat.

Abuse Types

Abuse Categories

100%

v3 Compatible

5MB

Max Evidence Size

Join the Movement

XARF v4 is in active development with early adopters already seeing results. Be part of building a safer, more responsive internet.

📦

Alpha parsers available
Python library ready for testing

✅

Full JSON Schema validation
32 type-specific schemas

🔄

Automatic v3 conversion
Backward compatible

Start Saving Time Today

See It In Action

Try our interactive validator with real examples. No signup required.

Try Validator Now →

Understand the Format

Review comprehensive docs and sample reports for all 32 abuse types.

Read Documentation →

Integrate & Deploy

Download parser libraries and follow our implementation guide.

Get Started →

While You're Manually Processing Reports,Attackers Are Already Moving On