CORE FEATURES

Takedown Services

11min

Flare provides external threat takedown services designed to reduce the risks posed by threats such as malicious domains, code repository leaks, social media impersonation, and more.

Service Availability

Takedown services are offered as a paid feature. Certain Flare subscription packages include a set number of annual takedown requests. Additional individual takedowns or takedown packages can also be purchased separately. For pricing details, contact your Flare Customer Success Manager.

Document image


Types of Takedown Requests

Flare can facilitate takedown requests for threats across the following categories:

  • Domains
    • Websites
    • Phishing emails
  • Source Code
  • Cloud Storage
  • Paste Sites
  • APK/ Third Party App Stores
  • Social Media 
  • Phone Numbers

Flare proactively monitors external threats by correlating customer identifiers with data from domain registrations, websites, code repositories (e.g., GitHub), cloud storage platforms, paste sites, and mobile app stores. Customers may submit takedown requests directly within the Flare platform or through Flare for threats identified externally.

Reasons to Initiate a Takedown Request

There are two primary reasons for submitting takedown requests:

1. Malicious Content or Terms of Service Violations

Most platforms, including domain registrars, web hosting providers, GitHub, cloud storage services, and app stores, prohibit malicious activities, privacy violations, or abuse as part of their terms of service. A takedown request may be submitted if a threat clearly violates these policies.

Examples:

  • A threat actor registers a look-alike domain to conduct phishing attacks. A takedown request can be submitted to the domain registrar.
  • A fraudulent LinkedIn account engages in fake recruitment scams. A takedown request can be sent to LinkedIn to remove the fraudulent profile.

2. Copyright & Trademark Infringement

Most platforms enforce policies related to copyright and trademark infringement, commonly guided by the principles of the Digital Millennium Copyright Act (DMCA), even internationally. Takedown requests can be submitted when unauthorized use of copyrighted materials, brand trademarks, or proprietary content is identified. It is essential to consider "Fair Use" exceptions, including news reporting, product reviews, parody, comparative advertising, and compatibility claims.

Examples:

  • A travel booking site illegally uses an airline’s logo for unauthorized promotions. A takedown request can be sent to the web hosting provider.
  • Unauthorized advertisements on Google or Meta platforms promote potentially counterfeit athletic products. The brand can submit a takedown request citing trademark infringement and brand harm.

Letter of Authorization (LOA)

For copyright and trademark-related takedowns, customers must submit a Letter of Authorization (LOA), permitting Flare and its partners to act on their behalf. Social media platforms, app stores, and other platforms typically require this document to confirm the legitimacy of requests.

Though technically not required for other types of takedowns, it is recommended that all Flare customers who have purchased takedown service complete an LOA. 

The LOA should include:

  • Original URLs protected by Flare
  • Company registration number and jurisdiction
  • Registration numbers and jurisdictions for trademarks and copyrights
  • Information on related brands (if applicable)

A template LOA form is available upon request. Contact your Flare Customer Success representative for more information.

How to Submit a Takedown Request

Takedown requests can be initiated in two ways:

Within the Flare App

  • Navigate to the event card related to the threat (domain, source code leak, paste site, cloud storage bucket).
  • Click "Request Takedown" to be directed to Flare’s customer support portal, where you can complete the required form.
  • Alternatively, you can request a takedown within the “Help” tab and the “Takedown” button. 

Via Flare Customer Support Portal

  • Directly access the customer support portal at https://support.flare.io (accessible via SSO from the Flare app). 
  • This submission workflow is particularly useful for threats discovered outside of Flare.

Upon submission, you will receive an email from [email protected] with a link to track your request. Further status updates, including resolution notifications, will be communicated via email. You can track all of your open takedown requests within the support center.

For a full walkthrough of the process, you can check out a short demo below:



Erroneous Takedown Requests

Certain scenarios do not qualify for takedown requests because they lack clear evidence of malicious intent, trademark infringement, or violation of terms of service. Submitting such requests is unlikely to result in successful action. Examples include:

  • Empty or Unused Websites: Websites or domains without content or clear malicious intent, even if registered similarly to your brand name (typosquatting), typically do not warrant takedown actions.
  • Parked Domains: Domains parked for future use or sale, even if they contain typosquatting, generally do not qualify unless actively used for fraudulent activities or trademark infringement. Note: certain registrars may voluntarily disable parked domains upon request if the typosquatting is clearly targeted and non-generic.
  • Tutorial or Informational Websites: Sites providing educational content, tutorials, or guides—even if monetized through advertisements—are considered legitimate online activities as long as they clearly state they are unaffiliated with your brand.
  • Social Media Criticism: Requesting takedowns for social media posts or accounts that criticize or negatively comment on your brand, but do not violate platform terms of service or intellectual property rights, will usually be unsuccessful.