Namecheap status: hosting issues and outage reports

Problems in the last 24 hours

The graph below depicts the number of Namecheap reports received over the last 24 hours by time of day. When the number of reports exceeds the baseline, represented by the red line, an outage is determined.

Most Reported Problems

The following are the most recent problems reported by Namecheap users through our website.

• Hosting (57%)
• Domains (43%)

Live Outage Map

The most recent Namecheap outage reports came from the following cities:

City	Problem Type	Report Time
Tuxtla	Domains	12 days ago
Centerville	Hosting	13 days ago
Noida	Domains	25 days ago
Purmerend	Domains	1 month ago
Istanbul	Hosting	1 month ago
Charleston	Hosting	1 month ago

Full Outage Map

Community Discussion

Tips? Frustrations? Share them here. Useful comments include a description of the problem, city and postal code.

Beware of "support numbers" or "recovery" accounts that might be posted below. Make sure to report and downvote those comments. Avoid posting your personal information.

Namecheap Issues Reports

Latest outage, problems and issue reports in social media:

• 
  Steve Bailey (@stevebaileyseo) reported 4 minutes ago

  The most powerful thing a platform can do is make you feel like you don't need your guard up. Namecheap does that. Not by promising the world. By just... not being awful.

• 
  ƒrαeყ (@fraey0) reported 9 minutes ago

  it costs about $21/month to run what could become a multi-million dollar startup • human brain = reasoning (free) • claude = coding ($20/mo) • supabase = backend (free) • vercel = deployment (free) • namecheap = domain ($12/yr) • stripe = payments (2.9%/trx) • github = versioning (free) • resend = email (free) • clerk = auth (free) • cloudflare = DNS (free) • posthog = analytics (free) • sentry = error tracking (free) • upstash = redis (free) • pinecone = vector DB (free) everything sums up to roughly $20 to $25 per month so, the tools are not the barrier anymore. most ideas don’t fail because they’re expensive to build. they fail because they never get built at all. what’s stopping you?

• 
  Saud Ilyas (@saud_ilyas) reported 11 minutes ago

  For the first time in 10 years, I moved the .io domain out of Namecheap to save $25 on renewal lol; never thought of moving any of the 2k+ domains I've managed with Namecheap for years. 3x the price is unjustifiable. Could potentially save up to $10k a year by moving every single one to Cloudflare on renewal. But that’s a very big headache doing one by one, so i’ll pass for now!

• 
  DomainHero (@mynamehack) reported 13 minutes ago

  @dynatodd @Namecheap @namecheapceo123 but don't know still they abuse to customer or investors community after VC takeover..

• 
  Tommy Thomas (@0xTommyThomas) reported 14 minutes ago

  @adahstwt I’ve been using Namecheap for a while now, generally good integrations with other apps which make it easy to use. Pork bun is pretty decent too Will never understand why godaddy is called godaddy lol Squarespace in my experience is the most annoying to deal with for domain management tbh

• 
  Gamingtronium (@Gamingtronium) reported 15 minutes ago

  @bybydev Never tried namecheap! 🤧

• 
  K S (@kj_kjato) reported 15 minutes ago

  @Namecheap Never once have you reached out to me properly to verify my claims you know how to find my contact information. I’ve already told you where it is not affiliated with that garbage. Please reach out and rectify the problem. I don’t want to call the police department again😡😡😡

• 
  CodeWithStu (@CodeWithStu) reported 16 minutes ago

  Hey @Namecheap - getting multiple phising attempts from a domain hosted by you trying to be @moonpay - told me that my phone number had been changed and to call them... lol... domain is arewasolutions [dot] com - please can you take down <3

• 
  Gr1zZ (@Gr1zZtv) reported 19 minutes ago

  @Onepeg No one should reach out to them, they request your id to verify your the owner to take down content, you should go to their registarar which I beleive is namecheap and file a DMCA with them

• 
  Prashant Singh (@prashant_gigs) reported 20 minutes ago

  I don't know when the domain registrars will understand user experience is as important as your domain service. --- okish -------- - hostinger - godaddy ---- garbage ---------- - namecheap

• 
  Spaceship (@spaceship) reported 21 minutes ago

  @Atifel_ We take accusations of front-running very seriously, and we want to assure you with 100% certainty that Spaceship never registers domain names based on customer search queries. The domains you provided are registry premium and not registered with Spaceship or Namecheap. Because the registry determines the base cost for these premium names, the higher price applies to both the initial registration and the annual renewals.

• 
  Johnmark Obiefuna (@jayhemz) reported 22 minutes ago

  @Nueltek a few minor inaccuracies here. > low-traffic websites the hypernova VPS subscription on Namecheap accomodates up to 10TB in bandwidth. that's more than enough for most traffic loads. > if the VPS goes down it's still more reliable than shared hosting > if one website gets compromised, the entire server could be at risk true. only if the exploit gets a hold of 'root' > 1 site experiences a major traffic spike cloudflare to the rescue > single point of failure? cloudflare to the rescue hehe.

• 
  Cemal Coban (@uzakyolkaptani) reported 23 minutes ago

  Why @Namecheap Live Support need always 5-10 minutes before speak with you ?

• 
  anderson (@U__anderson) reported 24 minutes ago

  @John_ACW @Namecheap how many businesses with actually good support can you even name? probably none

• 
  Matthias Reinholz (@MattReinholz) reported 26 minutes ago

  Interesting side-fact: they say the issue was about DNSSEC. However, in contrast to .com, @Namecheap doesn't let me configure DNSSEC for .de domains (not because of the current issue but generally). @grok does DENIC use a different layer/method of DNSSEC that doesn't allow configuring it on the registry level?

• 
  Adam Maysonet (@synozeer) reported 28 minutes ago

  @TopShelfNames @spaceship If someone typed in the domain in their browser bar, they would have seen an Afternic lander. The person instead searched for the domain on Namecheap/Spaceship and bought it that way (aka. reg path), so they may never have even seen the lander.

• 
  🛡️Shir Khorshid Noor Cyber Unit🛡️ (@FriendOfTheInst) reported 33 minutes ago

  Sponsored search results are not a trust boundary. A fake ChatGPT download campaign used brand impersonation, malvertising, shared-link abuse, cloaking, platform-specific payloads, CAPTCHA gating, Electron packaging, JavaScript obfuscation, and staged execution to deliver malware to Windows and macOS users. This is not merely another fake download page. It is a clear demonstration of how attackers exploit trust across multiple layers: • Trusted brand • Trusted search flow • Trusted-looking ad placement • Trusted-looking domain patterns • Trusted UI/branding • Trusted installer frameworks • Trusted code-signing assumptions • Trusted AI platform sharing features What happened: Attackers promoted a fake OpenAI/ChatGPT download experience using the domain: openew[.]app The site copied OpenAI-style branding and offered download paths for: • Windows • macOS • Chrome extension The Chrome extension path linked to a legitimate ChatGPT-related extension, further increasing perceived legitimacy. The Windows and macOS download paths delivered malware. Attackers also abused legitimate ChatGPT shared conversation links, including chatgpt[.]com/s/ pages, to host fake outage or download pages. A link hosted on a trusted domain can still deliver attacker-controlled content to users. The campaign employed cloaking and conditional rendering: automated scanners and analysis tools were shown benign content, reportedly an unrelated AR/VR company site, while real browsers received the malicious ChatGPT-themed download experience. That is the key lesson: A trusted domain, HTTPS padlock, sponsored ad, or polished UI does not equal a safe download. Why this campaign matters: Victims were not browsing dark web forums or downloading cracks. They were searching for a legitimate AI tool. That is why malvertising is effective: it targets high-intent users at the exact moment they are ready to install software. The campaign turned normal user behavior into an initial access path. Windows chain: The Windows payload was distributed as: Chat_GPT.exe Reported SHA-256: 56CC26E88C064B0C423AA8AD6530E58F91D1E4D28FAB1A8BCEDEF16A6582B4D2 Additional reported Windows hash: c9e0e6985dca3a179c9bdea4e7b38f7dc57fe00ecedc2fd634256fc53bf2de2d Important: hashes are useful for triage, not sufficient for defense. Campaigns rotate samples. Hunt behaviorally. Windows technical observations: • Installer built with Inno Setup • Electron-based application • Chromium runtime components • resources\app.asar archive • Large obfuscated JavaScript payload identified as winter.js • Hex-encoded strings • Dynamically resolved functions • Control-flow obfuscation • Event-driven execution • CAPTCHA gating before core behavior • Inner Electron payload (App.exe) launched after installation • PowerShell spawned after CAPTCHA completion Observed PowerShell pattern: -ExecutionPolicy Unrestricted -Command - That trailing dash matters. It suggests commands may be supplied through standard input rather than appearing directly in the process command line. This reduces the value of command-line-only detection and makes process-tree and behavioral monitoring much more important. Static red flags: The filename suggested ChatGPT, but embedded metadata reportedly identified the installer as: PovariEGLESVapp Setup The executable was signed by: F.F.A.P. Hurkmans Beheer B.V. That publisher does not align with OpenAI or ChatGPT. Important reminder: a valid code signature does not mean software is safe. It only confirms that the file was signed by a certificate and has not been modified since signing. It does not establish that the software is legitimate or authorized by the brand it imitates. Additional Windows indicators: • App.exe SHA-256: D9AD44D43E57B870793FA5CF7FB3A813990D0CBD0C7087BDE70A5E61FB1F1FE6 • Unexpected Chromium/Electron profile: %APPDATA%\Satoshi • Additional reported path: %APPDATA%\LeronApplication • Reported Electron/Node capabilities: systeminformation, child_process, os, fs, zip-lib, Those modules indicate a capable execution environment: system discovery, file access, archive handling, process execution, and network communication. macOS chain: The macOS payload was delivered as: ChatGpt.dmg Reported SHA-256: 7E5B708F6659B1FAD3AAE7B589A706434FBF21708AEEC5AF5910189B96E25FEF Additional reported macOS hash: c0919e1999eaee67e67aeda0287722775afb04e9a9a0f727928b4d11265fb70b The macOS malware is reported as Odyssey Stealer, a fork of AMOS / Atomic Stealer. Reported macOS targeting includes: • Browser passwords • Browser cookies • Saved logins • macOS keychain data • Telegram sessions • Cryptocurrency wallet directories • Desktop/Documents files with sensitive wallet/key extensions • Ledger Live • Trezor Suite • Exodus • Electrum • Sparrow The most dangerous macOS behavior: Wallet replacement. The malware reportedly attempts to replace legitimate wallet-related applications with trojanized versions. That means a victim may later open what appears to be their normal wallet app, but actually launch an attacker-controlled version. That is not only credential theft. That is long-tail financial compromise. Infrastructure: Reported malicious domain: openew[.]app Reported infrastructure includes: 144[.]172[.]104[.]205 188[.]137[.]246[.]189 192[.]253[.]248[.]181 172[.]94[.]9[.]250 Infrastructure notes: • Recently registered domain • Namecheap / registrar-servers infrastructure reported • RouterHosting infrastructure reported • Passive DNS linked infrastructure to other suspicious or malicious domains • .app domains require HTTPS, so browsers show a padlock The padlock only means the connection is encrypted. It does not mean the site is legitimate. Detection opportunities for defenders: 1. Newly created executables launched from Downloads, Temp, or other user-writable paths 2. Trusted-brand filenames that do not match embedded metadata 3. Installer publisher mismatch: filename says ChatGPT, signer is unrelated 4. Electron apps spawning scripting engines: powershell.exe cmd.exe osascript bash sh zsh 5. PowerShell with: -ExecutionPolicy Unrestricted -Command - 6. Unexpected Chromium/Electron profile directories, such as: %APPDATA%\Satoshi %APPDATA%\LeronApplication or other anomalous Electron profile paths 7. app.asar archives containing large obfuscated JavaScript bundles 8. CAPTCHA or user-interaction gating before malicious behavior 9. Newly registered domains impersonating major software or AI vendors 10. Users installing software from ads instead of official vendor channels 11. Suspicious wallet-app replacement attempts on macOS 12. Post-install network traffic to low-cost VPS infrastructure 13. Legitimate AI sharing URLs that render fake support, outage, update, or installation pages 14. Download pages that show different content to scanners than to real browsers The key defensive point: Do not build detections only around hashes or static strings. This campaign reduces the value of static analysis through: • Obfuscation • Runtime string construction • CAPTCHA gating • Electron packaging • Conditional execution • Cloaking • Staged payload behavior • Shared-link abuse on trusted domains The better approach: • Behavioral detection • Process-tree monitoring • Parent-child process analysis • Script-engine execution monitoring • Browser/download source telemetry • Application control • Newly registered domain monitoring • Publisher and metadata validation • EDR detections for Electron-to-shell execution • Monitoring for AI-platform shared links used as delivery pages • User training focused on sponsored-result and fake-download risk For users: Only download ChatGPT from official OpenAI channels or the Microsoft Store. Do not install software from ads, mirror sites, download portals, unfamiliar domains, or fake support/outage pages. If you installed a “ChatGPT” app from an ad or unfamiliar page: Use a clean device and: • Sign out everywhere from important accounts • Change passwords, starting with primary email • Rotate API keys, SSH keys, cloud credentials, and tokens • Revoke active sessions for email, GitHub, cloud, Discord, Telegram, crypto exchanges, banking, and password managers • Move crypto funds from a clean device • Do not open Ledger/Trezor apps on a potentially infected Mac • Monitor financial accounts • Reinstall the OS • Notify IT/security immediately if it was a work device For AI vendors and platform owners: This is now part of the product security perimeter. Brand impersonation, malicious search ads, fake download pages, clone domains, and abuse of shared AI content are active distribution channels. Practical controls: • Make official download links easy to find • Monitor sponsored ads for brand abuse • Monitor newly registered lookalike domains • Detect abuse of shared-content features • Run takedowns quickly • Publish clear download guidance • Provide signed-installer verification guidance • Coordinate with search/ad platforms • Alert users when major impersonation campaigns are active Bottom line: Attackers are not just exploiting ChatGPT. They are exploiting the trust, urgency, and confusion around fast-moving AI adoption. Today it is ChatGPT. Yesterday it was another AI tool. Tomorrow it will be the next trending product. The malware can rotate. The domain can rotate. The payload can rotate. The brand can rotate. The infrastructure can rotate. The defensive mindset must rotate too: From: “Is this file known bad?” To: “Is this behavior legitimate for this software, this publisher, this user, this source, and this execution context?” That is the difference between signature-based reaction and modern detection engineering. Analysis draws on reporting from Malwarebytes Labs, Evalian SOC, Push Security, BleepingComputer, CybersecurityNews, and OpenAI documentation. #CyberSecurity #Malvertising #ThreatIntelligence

• 
  Michael Knight (@michaelmknight) reported 34 minutes ago

  @cPanel Hi, I upgraded from ImunifyAV+ to Imunify360. I’m now being asked for a license key. I wasn’t provided one and I can’t find a key anywhere in your Client Area and under Orders/Licenses. Your support states to contact Namecheap and is sending me around in circles, but it's nothing to do with them as I purchased the upgrade from you and I can't send a support ticket. Any help would be appreciated.

• 
  elena (@elephnaburky) reported 36 minutes ago

  @ChrisProd_ @Echotheglitch8 What Glitch is probably doing right now is probably consulting with the Registrar (NiceNIC, which they also don't use. Glitch uses Tucows, Namecheap, and GoDaddy) to get the domain taken down. Or, they might not be doing anything. Who knows.

• 
  Phil (@0xPhilH) reported 42 minutes ago

  @milanm_ @levelsio @Cloudflare To add here, since CFs offices are in France, they overcomply with every bs EU request, even if you host a service that is US only. They won't do that for the content part, so namecheap registar + CF dns + CF CDN is actually best of both worlds combo.

• 
  Baber Rizvi (@BaberRizvi) reported 42 minutes ago

  @Namecheap @NamecheapCEO It's been almost a week now since my business websites are down because my namecheap server is down and support team can't even turn on the server so my team can connect to bring my sites back up. Who will be responsible for my business losses. I hope someone from namecheap will show some courage and at least turn on the server which I am paying for. Also there is no phone number to call and speak to someone so only way to communicate is either email or chat. Such a horrible service they don't care what it means to a business which heavily rely on website and it's been down for this long.

• 
  Qirisiti Returns (@QirisitiReturns) reported 43 minutes ago

  @Namecheap upon checking my hosting list there was nothing, talking to support they say that i have been refunded stellar, but there is no confirmation email of that. hmm, on the domain they said it was put on auction and i cant access it or recover it

• 
  مركز مهارات الإبداع للتدريب (@cstcksa) reported 45 minutes ago

  @Namecheap Unfortunately, we have had an extremely poor experience with the current hosting provider. Despite multiple attempts to communicate through email and official support channels, we have received no response regarding our inquiries, technical support requests, or account management matters. The complete lack of communication and customer support has caused significant operational difficulties and has negatively affected the management of our website and educational platform. This level of service raises serious concerns about the provider's reliability, professionalism, and commitment to its contractual obligations. We respectfully request an immediate response to our pending requests and a prompt resolution of all outstanding issues. If the company is unable or unwilling to provide the required support, we request full cooperation in transferring the hosting account and related services to an alternative provider without further delay.

• 
  Rajib Mondal (@rajibmondal_) reported 47 minutes ago

  @jacksimone78 Yeah Namecheap I host with DigitalOcean Droplets, it's support is good and also it seems cost effective

• 
  David Maigari (@maigari_david) reported 50 minutes ago

  @Aditya_181105 Namecheap is a good one. Great customer support, too.

• 
  GatewayToDomains (@gatewaytodomain) reported 51 minutes ago

  @katerleonid No, I use Namecheap, Porkbun, Unstoppable, Regery, Netim, 101Domains based on the support for tld I want to register.

• 
  Fanboy.nz (@fanboynz) reported 53 minutes ago

  @Namecheap What did you find? based on the hundreds of domains it creates weekly on your service.

• 
  Emad (@emad_maker) reported 53 minutes ago

  @ardent__dev I've been using Namecheap and had good experience. They offer competitive pricing and reliable service.

• 
  Umesh Kumar Yadav (@Umesh__digital) reported 54 minutes ago

  GitHub — version control (free) Claude — coding ($20/mo) Namecheap — domain ($12/yr) Cloudflare — DNS (free) Vercel — deploy (free) Clerk — auth (free) Supabase — backend + database (free) Upstash — Redis (free) Pinecone — vector DB (free) Resend — emails (free) Stripe — payments (2.9% per transaction) PostHog — analytics (free) Sentry — error tracking (free) Total cost to run a startup: ~$20/month No servers. No DevOps team. No funding required. Just an idea and WiFi. There has never been a cheaper time to build. 🚀 Today is the best time to bet on yourself and build the things ⭐

• 
  D̸̖͌a̶̞͊r̷̙͒k̶͇͝ḽ̸̃ÿ̸͈́ (@ADesignerDarkly) reported 59 minutes ago

  @Hexangelo5 You are right about that! Pulsechain,com is registered through there, as are lots of other pulsechain project websites. While Namecheap built its brand on privacy advocacy (e.g., fighting for customer data protection in courts), control now sits largely with a Luxembourg-based PE giant whose incentives are financial returns, not ideological privacy maximalism. The registrant data required by ICANN lives in a system where EU corporate oversight meets US legal demands. In an era of rising data breaches, surveillance, and regulatory flux, relying on any large registrar under PE ownership means trusting opaque boardroom decisions with your identity footprint. Diversifying to independent or privacy-first alternatives reduces single points of failure.