Abuse Handling


  • Send one reasonable email to abuse at from a valid email containing all required details

We reject emails from noreply addresses

If you send us emails from an invalid or designed to be unusable email address, your abuse report will be dropped silently.
If you want any action to be taken, you will need to send your report from an email address at which we can reach you for confirmation
or for inquiring further details.

Do not repeat

If you repeat reports for the same incident multiple times, the whole report will be closed silently. We don not provide
resources for de-duplication and consider repetitions spamming our abuse system.

Include all necessary details

An abuse report includes at the minimum:

  • Date and time of the incident
  • Resources involved (destination IP addresses, ports, protocols, etc.)
  • The reason why you believe it is abuse

Trivial issues and legit traffic

If you report trivial issues such as:

  • Issuing a HTTP GET request to a protected resource
  • Ping probes
  • A single failed login
  • One port scan

They will silently be dropped, as these might be legit requests and can easily be prevented with
default security measures on your side.

Exempt from above rule are the following:

  • Floods (lot of x with a clear malicious intent)
  • DoS / DDoS attacks
  • Systematic scanning / targeting of breach

Our measures

  • We do not record traffic nor user actions on our networks nor do we have access to the workload in the virtual machines or hosted services we provide.
  • In case of believable abuse report we will suspend customer resources and get in touch with the appropriate customer(s).
  • In case systems are clearly malfunctioning ("hacked", "infiltrated", "part of an unwanted bot network"), the systems will be required to be setup freshly

Updated by Nico Schottelius about 3 years ago · 2 revisions