Takedowns in the format hosts now ask for: X-ARF

More and more hosts and ISPs are asking for abuse and copyright reports in the XARF (Extended Abuse Reporting Format). DMCA.com now converts every standard takedown notice into a machine-readable XARF report at the click of a button — so your case lands in the host's automated abuse queue, not stuck behind a human reviewer.

Start a Takedown See a XARF Example FAQ

What is XARF?

XARF (also written X-ARF, the "eXtended Abuse Reporting Format") is an open, structured format for sending abuse reports between networks. Instead of a free-form email that a human at the host has to read, parse, and route, an XARF report is a machine-readable document — today most commonly a JSON or YAML payload — that the host's abuse-handling system can ingest automatically.

For copyright takedowns specifically, XARF carries everything an abuse desk needs to act: the reporter's identity and contact info, the URL or IP of the offending content, the type of report (copyright-infringement), timestamps, a unique report ID, and the original DMCA-style notice as an attachment for legal compliance. Hosts that have already wired XARF into their pipeline can route, deduplicate, and queue your notice without manual triage.

Why it matters now: We are seeing more and more host bouncebacks like “For a quicker resolution, please consider reporting abuse in X-ARF”. At least three of the major hosts DMCA.com works with regularly already prefer XARF, and the trend is accelerating. If your notice is not in the format the host expects, it goes to the bottom of the queue — or gets ignored entirely.

A short history of XARF

XARF was created so that the network-abuse community could finally stop sending each other free-text emails and start sending structured reports that systems can read.

2010 X-ARF 0.1 published. The original schema was developed by a working group of European hosting providers and abuse-desk operators (eco e.V. and Abusix among them) to standardise spam, malware, login-attack, and similar abuse reports between networks.

2012-2018 Adoption by abuse desks. Major hosting providers, ISPs and CDNs began accepting and emitting X-ARF in their abuse pipelines. Schemas expanded to cover phishing, fraud, login-attack, malware, and eventually copyright reports.

2020+ XARF v0.2 (Abusix-led, JSON-first). The format moved to a clean JSON schema, dropped the legacy email-only delivery model, and added a dedicated copyright-infringement report type. The official schemas live at github.com/abusix/xarf.

2024-2026 Hosts start to require it. Several large hosts now bounce free-text DMCA emails with a request for an XARF report. This is why DMCA.com built XARF generation into our takedown service.

Why send your DMCA notice in XARF?

A standard DMCA email and an XARF report can carry exactly the same allegation. The difference is what happens after the host receives them.

Faster takedowns

XARF reports skip the human-triage queue and feed straight into the host's automated abuse pipeline. Many hosts act on machine-readable reports in hours, not days.

Higher acceptance rate

Hosts that explicitly ask for XARF are more likely to honor a notice that arrives in the requested format. No more bouncebacks asking you to re-send.

Legally complete

Our XARF report attaches the full DMCA-style notice (good-faith statement, sworn statement, signature) so the host gets both the machine-readable record and a compliant legal notice.

No re-keying, no errors

The XARF is generated from your existing case data. URLs, IPs, timestamps, and report IDs are pulled directly from your case, so there are no copy-paste mistakes.

One link, every email

Every notice DMCA.com sends includes a link to a stable XARF report URL for the case. Hosts that automate against XARF can pull it directly — no attachment parsing required.

Future-proof

XARF is the direction the abuse-handling industry is moving. By shipping it now, DMCA.com cases stay compatible as more hosts switch their pipelines over.

What DMCA.com's XARF service does

You don't need to learn the XARF schema, hand-edit JSON, or maintain a converter. DMCA.com builds the XARF for you from data you've already entered into your takedown case.

One-click conversion. Open any takedown case in Request Sent status and click Download XARF. The XARF is generated and ready to attach or send.
Stable, linkable XARF URL. Every outbound takedown email includes a link to the case's XARF report at dmca.com/cases/view/xarf.aspx?id=<case_id> — so hosts that prefer to fetch rather than parse can pull it directly.
Schema-correct output. Reports validate against the XARF v0.2 copyright-infringement schema published by Abusix.
Self-serve from the toolkit. DIY toolkit users can attach XARF to their own outbound notices — same generator, same schema.
Handled by us on managed cases. If you've hired DMCA.com to run the takedown, we attach XARF wherever the host has indicated they prefer it, automatically. You don't have to think about it.

Example: a standard DMCA notice converted to XARF

Below is a side-by-side conversion using invented sample data. On the left is what DMCA.com sends today as a standard takedown email. On the right is the same case rendered as an XARF v0.2 copyright-infringement report — the format an increasing number of hosts prefer to receive.

Conventional DMCA email notice

From: takedowns@dmca.com
To: abuse@example-host.net
Subject: DMCA Takedown Notice - Case 7C4F-21A9-DMCA
Date: Fri, 17 Apr 2026 14:23:11 +0000

To Whom It May Concern,

This is a formal notification under the provisions of Section 512(c) of
the Digital Millennium Copyright Act ("DMCA"), seeking the removal of
infringing material made available through your service.

1. The copyrighted work being infringed is the original photograph
   "Sunset Over Half Moon Bay" by Jane A. Sample, first published on
   2025-08-12 at https://janeasample.com/portfolio/sunset.jpg.

2. The infringing material is currently accessible at:
     https://example-host.net/users/u-3318/uploads/stolen-sunset.jpg
   served from IP 203.0.113.42.

3. My contact information is:
     Jane A. Sample
     1500 Elm Street, Springfield, IL 62701, USA
     jane@janeasample.com  /  +1 (217) 555-0142

4. I have a good faith belief that use of the material in the manner
   complained of is not authorized by the copyright owner, its agent,
   or the law.

5. The information in this notification is accurate, and under penalty
   of perjury, I am authorized to act on behalf of the owner of an
   exclusive right that is allegedly infringed.

Signed,
Jane A. Sample
(filed via DMCA.com case 7C4F-21A9-DMCA)

XARF v0.2 report (JSON, generated by DMCA.com)

{
  "Version": "0.2",
  "ReporterInfo": {
    "ReporterOrg":          "DMCA.com",
    "ReporterOrgDomain":    "dmca.com",
    "ReporterOrgEmail":     "takedowns@dmca.com",
    "ReporterContactName":  "DMCA.com Takedown Services",
    "ReporterContactEmail": "takedowns@dmca.com"
  },
  "Report": {
    "ReportClass":   "Content",
    "ReportType":    "copyright-infringement",
    "ReportID":      "7C4F-21A9-DMCA@dmca.com",
    "Date":          "2026-04-17T14:23:11Z",
    "SourceIp":      "203.0.113.42",
    "Source":        "https://example-host.net/users/u-3318/uploads/stolen-sunset.jpg",
    "UserAgent":     "DMCA.com Takedown Service / GenerateXarfReport v1",
    "Schema": {
      "Name":    "copyright-infringement",
      "Version": "0.1"
    }
  },
  "CopyrightInfringement": {
    "OriginalWorkTitle":  "Sunset Over Half Moon Bay",
    "OriginalWorkAuthor": "Jane A. Sample",
    "OriginalWorkURL":    "https://janeasample.com/portfolio/sunset.jpg",
    "OriginalPublished":  "2025-08-12",
    "InfringingURL":      "https://example-host.net/users/u-3318/uploads/stolen-sunset.jpg",
    "GoodFaithStatement": true,
    "AccuracyStatement":  true,
    "AuthorizedToAct":    true
  },
  "RightsHolder": {
    "Name":    "Jane A. Sample",
    "Email":   "jane@janeasample.com",
    "Phone":   "+1-217-555-0142",
    "Address": "1500 Elm Street, Springfield, IL 62701, USA"
  },
  "Attachment": {
    "Type":     "text/plain",
    "Filename": "dmca-notice-7C4F-21A9.txt",
    "URL":      "https://www.dmca.com/cases/view/xarf.aspx?id=7C4F-21A9-DMCA",
    "Note":     "Original DMCA-style notice attached for legal compliance."
  }
}

The data above is invented for illustration. Real cases use the rights-holder, URL, IP, and timestamp data DMCA.com already has on file from your takedown case — you don't re-enter anything.

What the host's system sees. Because every field is named and typed, the host's automation can pull Source, SourceIp, ReportID, and the copyright-infringement block straight into their abuse-case queue — with the original notice still attached for the legal team.

FAQ: how to create a XARF takedown notice with DMCA.com

You don't need to author the XARF yourself. Every DMCA.com takedown case that reaches Request Sent status can be exported as an XARF report. Here is how, and what to expect.

1. How do I create a XARF takedown notice on DMCA.com?

Create a takedown case the way you normally would — rights-holder details, the URL of the infringing content, and any supporting evidence.
Submit the case so it moves into Request Sent status. (XARF generation is only enabled once the notice has been issued, for security reasons.)
Open the case in your dashboard. You'll see a Download XARF button next to the standard notice.
Click Download XARF to get a JSON file you can attach to an email, or copy the stable XARF URL from the case to share with the host.

Managed-takedown clients don't need to do anything — DMCA.com staff attach XARF for hosts that prefer it, automatically.

2. Is XARF a replacement for my standard DMCA notice?

No — it's a companion. The XARF report is what the host's automated abuse system reads. The conventional DMCA-style notice (with the good-faith statement, sworn statement, and signature) is attached inside the XARF report so the legal compliance side is still covered. You always get both.

3. Which hosts accept XARF?

A growing number. Many large hosting providers, CDNs and abuse-handling services already process X-ARF as their primary input. Several hosts now require X-ARF and will bounce free-text DMCA emails. If a host doesn't process XARF natively, sending it does no harm — the human-readable notice is right there in the same payload.

4. What information goes into the XARF DMCA.com generates for me?

Reporter info (DMCA.com as the reporting org, with takedowns@dmca.com as contact).
The rights-holder name and contact details from your case.
The infringing URL and source IP.
The original copyrighted work (title, author, original URL, publication date) where you've supplied it.
A unique, stable ReportID tied to the DMCA.com case ID.
An ISO-8601 timestamp.
The full conventional DMCA notice attached as plain text.

The output validates against the XARF v0.2 copyright-infringement schema.

5. Do I have to send XARF to every host?

No. Use it where it helps — on hosts that have asked for XARF, or hosts with a known automated abuse pipeline. For everyone else, the conventional DMCA notice is fine. DMCA.com lets you do either, or both at once.

6. Is the XARF report public? Can anyone load my case data?

The stable XARF URL (dmca.com/cases/view/xarf.aspx?id=<case_id>) only renders content when the case is in Request Sent status — the same point at which the notice has gone to the host. The case ID itself is opaque and is only included on outbound takedown notices, so the page is intentionally reachable by hosts' automated systems while still gating who can see what.

7. Where can I learn more about the XARF format itself?

The official schemas and reference material are maintained by Abusix at github.com/abusix/xarf.

Ready to send a takedown the way modern hosts want it?

Start a takedown on DMCA.com and we'll generate a XARF v0.2 report for you automatically — alongside the conventional DMCA notice that's been getting content removed from the internet for over a decade.

Start a Takedown Ask a Question

XARF Takedown Notices