On Wednesday 27 July 2016 07:58:49 Paras Jha wrote:
Hi Justin,
I have submitted abuse reports in the past, maybe from 2014 - 2015, but I gave up after I consistently did not even get replies and saw no action being taken. It is the same behavior with other providers who host malware knowingly. I appreciate you coming out onto the list though, it's nice to see that CF does maintain a presence here.
I am not seeing Justin's replies hitting my mailbox, only snipets of quotes and replies... but my experience to date with CloudFlare has been exactly the same, no response or action of any kind to abuse reports. ...Searching... here is an example. Banco do Brasil "you must update your details" phishing fraud using compromised hosts. Example email and for details neccessary to confirm sent to abuse@cloudflare.com on 7/17. Ten days later and the compromised CloudFlare-fronted site is still up and still running. Would there be any confusion if the following abuse report (plus attached original email) arrived in your mailbox? ==================== Phishing / Fraud / Compromised server Phishing URL: http://www.rua.edu.kh/joomla/tecno/porta-bb2.com.jpg/ Redirects to: http://fonecomercial.com.br/admin/wip.php/index.php Redirects to: http://app.flipedition.com/css/www2.bb.com.br.jpg/ Compromised server: www.rua.edu.kh - 203.189.134.18 fonecomercial.com.br - 104.27.148.36 104.27.149.36 app.flipedition.com - 62.75.219.22 ==================== Any guesses who 104.27.148.36 104.27.149.36 is? PlusServer.de (62.75.219.22) terminated the final destination compromised pages within 12 hours... The others are still up. Some providers actively monitor and take control of reported abuses. Some providers actively ignore reported abuses.