Re: Request TRUSTED_REPORTER access for Safe Browsing API reporting (threatHits.create)

[Yuki]

This is the mailing list, not the contact mail.

On Monday, 16 February 2026 at 20:47:48 UTC+1 Rhett Ermis wrote:

Hi Safe Browsing team,

I’m requesting TRUSTED_REPORTER visibility for my Google Cloud project so I can use the Safe Browsing v4 reporting method `threatHits.create` for reporting of confirmed phishing URLs.

• Project name: scam-sentry
• Project number: 135608245032
• Website: https://scam-sentry.com/
• Chrome Web Store listing: https://chromewebstore.google.com/detail/scam-sentry/ehbojhgbiodfbockddehghckdbobnekl?hl=en

Scam Sentry is a website + browser extension focused on identifying and tracking fraudulent checkout pages and credential-harvesting pages. We only report URLs when we have strong demonstrable evidence (screen captures, content fingerprint, and a saved email source or redirect-chain).

Estimated volume: 10-100 per day
Contact email: rh...@richardlerma.com

Thank you.

[Yuki]

You're looking for https://console.cloud.google.com/support

[Google Safe Browsing API]

Hi,

The threatHits.create method will soon be deprecated. Feel free to share more about your use case to determine which APIs may be a good fit.

Thanks!

[Rhett Ermis]

  We need a supported, fully automated way to submit confirmed phishing URLs to Google (not lookup). If threatHits.create is being deprecated, what is the replacement endpoint or program for automated phishing reporting? We currently archive all phishing evidence including email source (if applicable), screenshots and redirect chains, but would like a way to contribute to safe browsing.

[Google Safe Browsing API]

Hi,

The Web Risk Submission API may be appropriate for this use case: https://docs.cloud.google.com/web-risk/docs/submission-api