[JoshTriplett]

> Late last year after seeing a similar pattern with a well-known hosting provider, I reached out to them to try and better understand what was going on. I provided a bunch of IP addresses which they promptly investigated and reported back to me on

I'd love to know how to get a hosting provider to actually answer such requests. (I hope the answer isn't just "be high profile". I'm hoping the answer is more like "know the right people to contact or the right phrasing to get through first-line support".)

I've reached out to hosting providers before, providing clear logs of malicious activity, and either gotten no answer, or occasionally gotten a rote "prove it came from us" that would trivially have been answered by actually reading the logs.

(Examples of such logs include SSH brute-forcing attempts, HTTP logs showing attempts to exploit web-app security holes, and spam headers showing the IP that contacted my provider's mail server.)

I've mostly stopped even trying, due to the near-zero response rate.

In an ideal world, I'd love to see reports like this lead to "we can confirm and we've shut down outbound traffic from that system until it gets fixed".

[coderholic]

How are you contacting them? If you use the correct abuse contact you'll usually get a response. We (IPinfo.io) are adding abuse contact info to our API within the next week or so (see https://twitter.com/ipinfoio/status/1138901541937602560) - let me know if you'd like early access.

[JoshTriplett]

Typically via abuse contacts or abuse forms.

The only type of service providers I've ever had useful responses from are email/mailing-list service providers, many of which will very quickly investigate and terminate spammers.