Abuse reporting

Reporting IP addresses and other network resources used to target your systems might eventually end abuse, even though it won’t happen instantly. At the very least, it may help others protect themselves from the same actors.

IP address

IP addresses sending DDoS traffic to your systems can be reported to their ISP or cloud provider, and/or organisations that maintain blocklists.

To report an IP address to its ISP or cloud provider, go to RIPEstat and look up the address. You can then email the Abuse Contact listed on the resulting page.

IP addresses involved in DDoS attacks can also be reported to AbuseIPDB and/or Spamhaus.

Participants in decentralised systems

Decentralised systems (e.g. federated social networks) may leverage authentication to identify and report abusive participants in purpose-built blocklists.

Law enforcement

DDoS attacks are illegal in many jurisdictions, and can therefore be reported to law enforcement. For example, in the UK and the US, attacks should be reported to the National Cyber Security Centre and the Internet Crime Complaint Center (IC3), respectively.