Namecheap status: hosting issues and outage reports

Problems in the last 24 hours

The graph below depicts the number of Namecheap reports received over the last 24 hours by time of day. When the number of reports exceeds the baseline, represented by the red line, an outage is determined.

Most Reported Problems

The following are the most recent problems reported by Namecheap users through our website.

• Hosting (60%)
• Domains (40%)

Live Outage Map

The most recent Namecheap outage reports came from the following cities:

City	Problem Type	Report Time
Noida	Domains	10 days ago
Purmerend	Domains	19 days ago
Istanbul	Hosting	20 days ago
Charleston	Hosting	20 days ago
Greater Noida	Hosting	1 month ago
Paris	Domains	3 months ago

Full Outage Map

Community Discussion

Tips? Frustrations? Share them here. Useful comments include a description of the problem, city and postal code.

Beware of "support numbers" or "recovery" accounts that might be posted below. Make sure to report and downvote those comments. Avoid posting your personal information.

Namecheap Issues Reports

Latest outage, problems and issue reports in social media:

• 
  Baber Rizvi (@BaberRizvi) reported 7 minutes ago

  @NamecheapCEO namecheap support on live chat keep asking for money just to reboot the server which is already down and they can't explain why it's down. We paid for reboot and server is still down now they are asking more money. This is insane. We are already paying for subscription and suffering business loss and they can't even tell us why our server is down for over 2 days now. Server down means all our websites are down and we can't run business. Need HELP

• 
  Tommy Thomas (@0xTommyThomas) reported 8 minutes ago

  @adahstwt I’ve been using Namecheap for a while now, generally good integrations with other apps which make it easy to use. Pork bun is pretty decent too Will never understand why godaddy is called godaddy lol Squarespace in my experience is the most annoying to deal with for domain management tbh

• 
  Shubh Jain (@shubh19) reported 8 minutes ago

  real monthly infra cost of a solo SaaS in 2026: - Supabase free: ₹0 - Railway starter: ₹800 - Resend free (3K emails): ₹0 - Cloudflare free: ₹0 - UptimeRobot free: ₹0 - Sentry free (5K errors): ₹0 - PostHog free (1M events): ₹0 - Vercel hobby: ₹0 - Namecheap domain: ₹900/year - Anthropic API (light usage): ₹500–2K total: under ₹2,000/month the "I can't afford to build" excuse died in 2024. what's the real reason?

• 
  Emmanuel Onuoha (@waverchocs) reported 9 minutes ago

  On this, social media is a powerful tool. I never tagged Namecheap support, but they sent me a mail offering to help address my issues. Figured I will be getting back my domain name. Good to know. And shoutout to the team at Namecheap whoever is in charge of support. That’s how you run a major company. Taking lessons from this as a founder.

• 
  puskevit (@0xpusk) reported 13 minutes ago

  @ImLunaHey well namecheap didn't snitch my domain but after i didn't renew it for a single day they immediately put it down and tried to resell it for 4 figures and they'd probably also snitch a domain aswell if they're doing that

• 
  QARTIFY (@QArtify28) reported 15 minutes ago

  @vivoplt Namecheap is good, but if you want best service after purchase, GoDaddy

• 
  Sharat MR (@cosmos_genius) reported 15 minutes ago

  @captn3m0 I got the same email from namecheap. .in domain never had allowed whois protection AFAIK but for some reason the domain contacts where all weird in namecheap. Had to manually correct it. Didn't know the domain would be suspended so soon. one week is too short a period for warning

• 
  🔥Sven ☠ 2157🔥 (@Sven2157) reported 17 minutes ago

  I have several website issues today, since I switched to @Namecheap from @GoDaddy & GLAD I DID! Took less than 5 min to assess the issue with NC. GD would have me on hold for 1-4 hours, AND STILL NOT FIX ANYTHING! Bob Parsons would be ashamed! Global CPanel/WHM outage.

• 
  Essam (@EssamOptNames) reported 17 minutes ago

  @Karakehayov Spaceship is the best, namecheap and Afternic are the worst.

• 
  Hackology (@Hackology) reported 23 minutes ago

  @Namecheap VPS CP is now responsive, even that was not loading rest even namecheap site appears to off ... VPS etc all down , even the IP associated with it

• 
  Nemo (@captn3m0) reported 28 minutes ago

  So found an email from namecheap from last week. Single email with a boring subject: "Reminder: Update your .IN contact details". But went through my invoices, and I've never bought whois guard for a .in domain. Namecheap doesn't let you afaik.

• 
  Bogey Wilcox (@brasscogg) reported 29 minutes ago

  Unverified conspiracy theory: GoDaddy holds all these inactive domains through a shell company so they can charge finders fees and commission to “find” the owner of the domain, themselves Namecheap would never stoop to such loser levels

• 
  The Trunk Tales (@TheTrunkTales) reported 29 minutes ago

  @GLAsk1d @Namecheap I shut it down for the night after I posted the thread. I'll get it up tomorrow. Ping me if you don't see me posting it before lunch.

• 
  Bhavya (@Bhavyaztwt) reported 30 minutes ago

  @Namecheap No problem man We gng 💥

• 
  josh (@xcopydotexe) reported 31 minutes ago

  @uwunetes i know godaddy is a scam but why is namecheap bad?

• 
  mscode07 (@mscode07) reported 32 minutes ago

  @omarvvvr I never tried namecheap

• 
  Aurelien Dio (@aurelien_dio) reported 35 minutes ago

  Shipping SnappyName v2 this week It's a terrible business idea. I know > Saturated category. Every major registrar has a domain names generator > Most are free > The main keyword "domain name generator" is locked by GoDaddy, Namecheap, Shopify, Hostinger, etc > Domain buying is impulsive. Decisions happen in seconds > Naming is emotional, not rational. The heart picks, not the spreadsheet that tells you what to buy > The average buyer registers 1-2 domains a year. No recurrence, no LTV > The good .coms are gone. Result quality degrades structurally every year So why am I shipping it anyway? 1/ All existing domain name generators are rotten... I think everyone agrees with me on this! 2/ It can still make $200-500/month. Not life-changing. But a real, if modest, cash stream 3/ It's a sellable asset. Even at $300/month, that's a $3-4K exit 4/ This is my first SaaS that I developed 100% on my own and bootstrapped. No more fundraising of hundreds K€ and a technical team of 10 devs behind me. That's the most important thing, I'm very proud of what I've built myself 💪 So, I ship v2 this week and we'll see what happens!

• 
  🛡️Shir Khorshid Noor Cyber Unit🛡️ (@FriendOfTheInst) reported 36 minutes ago

  Sponsored search results are not a trust boundary. A fake ChatGPT download campaign used brand impersonation, malvertising, shared-link abuse, cloaking, platform-specific payloads, CAPTCHA gating, Electron packaging, JavaScript obfuscation, and staged execution to deliver malware to Windows and macOS users. This is not merely another fake download page. It is a clear demonstration of how attackers exploit trust across multiple layers: • Trusted brand • Trusted search flow • Trusted-looking ad placement • Trusted-looking domain patterns • Trusted UI/branding • Trusted installer frameworks • Trusted code-signing assumptions • Trusted AI platform sharing features What happened: Attackers promoted a fake OpenAI/ChatGPT download experience using the domain: openew[.]app The site copied OpenAI-style branding and offered download paths for: • Windows • macOS • Chrome extension The Chrome extension path linked to a legitimate ChatGPT-related extension, further increasing perceived legitimacy. The Windows and macOS download paths delivered malware. Attackers also abused legitimate ChatGPT shared conversation links, including chatgpt[.]com/s/ pages, to host fake outage or download pages. A link hosted on a trusted domain can still deliver attacker-controlled content to users. The campaign employed cloaking and conditional rendering: automated scanners and analysis tools were shown benign content, reportedly an unrelated AR/VR company site, while real browsers received the malicious ChatGPT-themed download experience. That is the key lesson: A trusted domain, HTTPS padlock, sponsored ad, or polished UI does not equal a safe download. Why this campaign matters: Victims were not browsing dark web forums or downloading cracks. They were searching for a legitimate AI tool. That is why malvertising is effective: it targets high-intent users at the exact moment they are ready to install software. The campaign turned normal user behavior into an initial access path. Windows chain: The Windows payload was distributed as: Chat_GPT.exe Reported SHA-256: 56CC26E88C064B0C423AA8AD6530E58F91D1E4D28FAB1A8BCEDEF16A6582B4D2 Additional reported Windows hash: c9e0e6985dca3a179c9bdea4e7b38f7dc57fe00ecedc2fd634256fc53bf2de2d Important: hashes are useful for triage, not sufficient for defense. Campaigns rotate samples. Hunt behaviorally. Windows technical observations: • Installer built with Inno Setup • Electron-based application • Chromium runtime components • resources\app.asar archive • Large obfuscated JavaScript payload identified as winter.js • Hex-encoded strings • Dynamically resolved functions • Control-flow obfuscation • Event-driven execution • CAPTCHA gating before core behavior • Inner Electron payload (App.exe) launched after installation • PowerShell spawned after CAPTCHA completion Observed PowerShell pattern: -ExecutionPolicy Unrestricted -Command - That trailing dash matters. It suggests commands may be supplied through standard input rather than appearing directly in the process command line. This reduces the value of command-line-only detection and makes process-tree and behavioral monitoring much more important. Static red flags: The filename suggested ChatGPT, but embedded metadata reportedly identified the installer as: PovariEGLESVapp Setup The executable was signed by: F.F.A.P. Hurkmans Beheer B.V. That publisher does not align with OpenAI or ChatGPT. Important reminder: a valid code signature does not mean software is safe. It only confirms that the file was signed by a certificate and has not been modified since signing. It does not establish that the software is legitimate or authorized by the brand it imitates. Additional Windows indicators: • App.exe SHA-256: D9AD44D43E57B870793FA5CF7FB3A813990D0CBD0C7087BDE70A5E61FB1F1FE6 • Unexpected Chromium/Electron profile: %APPDATA%\Satoshi • Additional reported path: %APPDATA%\LeronApplication • Reported Electron/Node capabilities: systeminformation, child_process, os, fs, zip-lib, Those modules indicate a capable execution environment: system discovery, file access, archive handling, process execution, and network communication. macOS chain: The macOS payload was delivered as: ChatGpt.dmg Reported SHA-256: 7E5B708F6659B1FAD3AAE7B589A706434FBF21708AEEC5AF5910189B96E25FEF Additional reported macOS hash: c0919e1999eaee67e67aeda0287722775afb04e9a9a0f727928b4d11265fb70b The macOS malware is reported as Odyssey Stealer, a fork of AMOS / Atomic Stealer. Reported macOS targeting includes: • Browser passwords • Browser cookies • Saved logins • macOS keychain data • Telegram sessions • Cryptocurrency wallet directories • Desktop/Documents files with sensitive wallet/key extensions • Ledger Live • Trezor Suite • Exodus • Electrum • Sparrow The most dangerous macOS behavior: Wallet replacement. The malware reportedly attempts to replace legitimate wallet-related applications with trojanized versions. That means a victim may later open what appears to be their normal wallet app, but actually launch an attacker-controlled version. That is not only credential theft. That is long-tail financial compromise. Infrastructure: Reported malicious domain: openew[.]app Reported infrastructure includes: 144[.]172[.]104[.]205 188[.]137[.]246[.]189 192[.]253[.]248[.]181 172[.]94[.]9[.]250 Infrastructure notes: • Recently registered domain • Namecheap / registrar-servers infrastructure reported • RouterHosting infrastructure reported • Passive DNS linked infrastructure to other suspicious or malicious domains • .app domains require HTTPS, so browsers show a padlock The padlock only means the connection is encrypted. It does not mean the site is legitimate. Detection opportunities for defenders: 1. Newly created executables launched from Downloads, Temp, or other user-writable paths 2. Trusted-brand filenames that do not match embedded metadata 3. Installer publisher mismatch: filename says ChatGPT, signer is unrelated 4. Electron apps spawning scripting engines: powershell.exe cmd.exe osascript bash sh zsh 5. PowerShell with: -ExecutionPolicy Unrestricted -Command - 6. Unexpected Chromium/Electron profile directories, such as: %APPDATA%\Satoshi %APPDATA%\LeronApplication or other anomalous Electron profile paths 7. app.asar archives containing large obfuscated JavaScript bundles 8. CAPTCHA or user-interaction gating before malicious behavior 9. Newly registered domains impersonating major software or AI vendors 10. Users installing software from ads instead of official vendor channels 11. Suspicious wallet-app replacement attempts on macOS 12. Post-install network traffic to low-cost VPS infrastructure 13. Legitimate AI sharing URLs that render fake support, outage, update, or installation pages 14. Download pages that show different content to scanners than to real browsers The key defensive point: Do not build detections only around hashes or static strings. This campaign reduces the value of static analysis through: • Obfuscation • Runtime string construction • CAPTCHA gating • Electron packaging • Conditional execution • Cloaking • Staged payload behavior • Shared-link abuse on trusted domains The better approach: • Behavioral detection • Process-tree monitoring • Parent-child process analysis • Script-engine execution monitoring • Browser/download source telemetry • Application control • Newly registered domain monitoring • Publisher and metadata validation • EDR detections for Electron-to-shell execution • Monitoring for AI-platform shared links used as delivery pages • User training focused on sponsored-result and fake-download risk For users: Only download ChatGPT from official OpenAI channels or the Microsoft Store. Do not install software from ads, mirror sites, download portals, unfamiliar domains, or fake support/outage pages. If you installed a “ChatGPT” app from an ad or unfamiliar page: Use a clean device and: • Sign out everywhere from important accounts • Change passwords, starting with primary email • Rotate API keys, SSH keys, cloud credentials, and tokens • Revoke active sessions for email, GitHub, cloud, Discord, Telegram, crypto exchanges, banking, and password managers • Move crypto funds from a clean device • Do not open Ledger/Trezor apps on a potentially infected Mac • Monitor financial accounts • Reinstall the OS • Notify IT/security immediately if it was a work device For AI vendors and platform owners: This is now part of the product security perimeter. Brand impersonation, malicious search ads, fake download pages, clone domains, and abuse of shared AI content are active distribution channels. Practical controls: • Make official download links easy to find • Monitor sponsored ads for brand abuse • Monitor newly registered lookalike domains • Detect abuse of shared-content features • Run takedowns quickly • Publish clear download guidance • Provide signed-installer verification guidance • Coordinate with search/ad platforms • Alert users when major impersonation campaigns are active Bottom line: Attackers are not just exploiting ChatGPT. They are exploiting the trust, urgency, and confusion around fast-moving AI adoption. Today it is ChatGPT. Yesterday it was another AI tool. Tomorrow it will be the next trending product. The malware can rotate. The domain can rotate. The payload can rotate. The brand can rotate. The infrastructure can rotate. The defensive mindset must rotate too: From: “Is this file known bad?” To: “Is this behavior legitimate for this software, this publisher, this user, this source, and this execution context?” That is the difference between signature-based reaction and modern detection engineering. Analysis draws on reporting from Malwarebytes Labs, Evalian SOC, Push Security, BleepingComputer, CybersecurityNews, and OpenAI documentation. #CyberSecurity #Malvertising #ThreatIntelligence

• 
  Tommy Williams 🇺🇦 (@twwilliams) reported 36 minutes ago

  @EleanorKonik I'm really not sure which provider is the most trustworthy these days. I keep my most valuable domains on Network Solutions, but I have no idea if that's a good idea. I do know that I pay a lot more than at Namecheap, where I have most of the others.

• 
  Jamie Madden (@dcwhatwhat) reported 38 minutes ago

  I am down to 1 page of domains on my namecheap account, from 3 pages. AMA

• 
  Adam Holter (@AdamHoltererer) reported 40 minutes ago

  @gauravsapkotanp Definitely not Namecheap, because @theo said they were bad and scammy.

• 
  Longevity World Cup (@LongevityWorldC) reported 41 minutes ago

  Longevity World Cup is temporarily unavailable due to a @Namecheap hosting network incident affecting hosted websites and accounts. We’re monitoring the situation and will be back online once connectivity is restored.

• 
  Shant (@ShantDotMe) reported 46 minutes ago

  NC: 19:05:35 Hey Namecheap odd IP address access 20:06:15 IP address provided earlier does not belong to our service 20:27:17 Yes, the IP address does not belong to our company.

• 
  LAZY YUT3 || Defi Scope (@MylesWRLD) reported 47 minutes ago

  @Namecheap TELL ME HOW I CAN GET A REFUND FOR A SERVICE I DID NOT USE, OR I WILL SUE!

• 
  WP Websites (@WebsitesWp) reported 49 minutes ago

  @katerleonid None. *Godaddy-pricy, had market place problems. *Hostinger+cloudflare-wouldnt use, not their niche *Namesilo-had major security incident, noone cared. *namecheap-not cheap, cluttered UI, intrusive upsells *spaceship-cheaper than internetbs, terrible UI

• 
  David O. Ehibor (@grayontop_) reported 51 minutes ago

  @AlfinCodes Namecheap altho I had a bad experience with them and it took time to get resolved. Cloudfare is a better option.

• 
  Tomodachi Life Updates (@TomoLifeUpdates) reported 53 minutes ago

  @Namecheap We'd appreciate it if your abuse team could take a look at tomodachilife[.]gg and tomoez[.]com (X has flagged both domains in posts already). We've received multiple reports from users who believed these sites were associated with an official web version/port of Nintendo's Tomodachi Life. The sites appear to be hosting a CAPTCHA scam disguised as an in-game Tomodachi Life menu, using Nintendo's branding and trademark in a way that may mislead users. A separate domain hosting the same scam, tomodachilife[.]cc, has already been taken down following reports. Could someone from your team review these domains and their operators or direct us to the appropriate reporting channel?

• 
  Kshitij Vijayvergiya (@kvijay98) reported 54 minutes ago

  @pcshipp I recently bought a .in domain from Namecheap and it was much cheaper than GoDaddy. Cloudfare doesn’t support the registration of .in extension yet.

• 
  Dr. Simon Taki Zaku, D.B.A (@realsimonzaku_) reported 58 minutes ago

  What tools do I need to start? You usually need a domain, hosting, professional website, clear service pages, founder profile, testimonials, analytics, business email, payment route, content plan, and strong WhatsApp or contact funnel. Tools like Namecheap, DreamHost, Hostinger, Geegpay, ClickMeeting, and CartFlows can support the system when used with a clear strategy.

• 
  Spaceship (@spaceship) reported 59 minutes ago

  @Atifel_ We take accusations of front-running very seriously, and we want to assure you with 100% certainty that Spaceship never registers domain names based on customer search queries. The domains you provided are registry premium and not registered with Spaceship or Namecheap. Because the registry determines the base cost for these premium names, the higher price applies to both the initial registration and the annual renewals.