I was logged into my Cloudflare account today attempting to setup Tunnels when I noticed various security events related to my domain. Upon further inspection I realized that they all originated from a Microsoft Owned IP address (I’m assuming somebody running a Azure VM instance).

Looking into the actual request headers I can see that whatever bot was running was looking for common PHP exploits or unsecured endpoints.

I usually ignore such instances as I have proper firewall rules both on the Cloudflare side as well as my local network side so I’m doubting there’s actually any threat to my network. However, I decided today to email the abuse contact provided from the WHOIS details. Was wondering if anybody else had experience with writing these? Is it even worth writing them or do they just end up being a waste of time?

Edit: Thanks everybody for the responses! Seems that it’s up in the air if I’ll ever get a response back. Maybe that’s okay - Looks like the general consensus is that these usually do end up getting taken seriously (at least by some providers). I guess I’ll keep composing away even if it’s just an exercise in good internet stewardship :)

  • @[email protected]
    link
    fedilink
    English
    71 year ago

    I’ve tried to deal with several vendors regarding abusive domains and it’s pretty terrible in general. Everything is a webform with a generic responder - if any at all - and then weeks or months or nothing. Even domains impersonating proper commercial entities.

    • GoDaddy: here’s the real domain, now here’s the domain registered via you, cloned from the real domain (including text, corporate logos, etc with some additional chinese crap) and being used for phishing/scams. Their response: “fill out this bullshit form that goes nowhere”
    • CloudFlare: “uh, we don’t actually host the site (just the DNS and “protection” service that hides who does) sorry” Google: “we’ll continue showing the scam/phishing domain in top search results after your reports because apparently accurate search results aren’t actually our thing”
    • Unaware7013
      link
      fedilink
      21 year ago

      I don’t even bother trying with cloudflare. They refused to stop their ddos protection on actual neonazi sites and misinformation sites, so I have no hope that they’ll deal with basic abuse complaints. Clearly they’re not concerned with the harms their system enabled.