JavaScript is executed client-side, and a lot of spambots probably don't parse JS so it would be useless as a reporting mechanism. The API can be used with virtually any server-side scripting language.