Abuse

Reporting

If you wish to report abusive or illegal behavior that is prohibited by our Terms of Use on a site hosted by ngrok, please email abuse@ngrok.com with the offending URL and a description of the type of abuse observed.

You will receive an email confirmation that your report has been submitted and is under review.

Fighting Abuse on the Internet

At ngrok we pursue a multi-pronged strategy to combat malicious use of our services. We've invested deeply in automated systems that flag malicious activity with real-time monitoring of edge traffic, account activity and third party reports. We combine this with human moderation and tools to remove malicious and illegal content from our service with minimal exposure to the public internet.

Browser Warning

To block phishing attacks using our platform, ngrok has added an interstitial page for free accounts receiving requests from browsers. When a user visits an endpoint for the first time, ngrok will serve an interstitial page letting the user know that the content is served via ngrok and that they should not enter sensitive information unless they trust the person that sent them the link. Users should only see this page once per endpoint and it can be completely bypassed by adding the ngrok-skip-browser-warning header to your request.

Anonymity

A strength of ngrok's tunneling technology is that it protects origin servers from attacks by hiding the origin IPs. Unfortunately, this anonymity incentivizes the use of ngrok to host malicious content. ngrok applies the following controls to remove this incentive:

  • Hosting HTML content is only allowed after signing up for an account
  • The origin IPs for all free endpoints are exposed in the ngrok-agent-ips header on all HTTP responses returned by the tunnel endpoint. (New in Dec 2021)
  • The origin IPs for all free endpoints are included in the generated tunnel URL. URLs for free usage are formatted as follows ${random}-${origin-ip}.ngrok.io. For example, the URL 7dd5-31-82-9-25.ngrok.io has an origin IP of 31.82.9.25.

API Integration

If you are an institutional fraud prevention firm, we have made reporting content for removal easier and more efficient by providing a direct API integration for filing reports. If you expect to report a significant volume of abuse, please reach out to us directly to inquire about access to integrate directly with our abuse reporting API.