For context, I have to get involved in incident response from time to time. Typically, when you submit an abuse report with evidence attached it gets actioned relatively quickly, unless you're dealing with Cloudflare.

This was my experience yesterday when trying to report a site distributing malware and collecting stolen information:

- Fill out the 'Phishing and Malware' abuse report

- Recieve an automated email confirmation

- 4 minutes later recieve an automated email saying 'The reported content is no longer visible at the URLs included in your complaint.'

- Verify that the content is indeed still visible using the curl commands I included in the original abuse report

- Reply to the email (not via a simple reply, because that's a no-reply address, instead you have to copy/paste their abusereply email address) explaining the situation again

- 2 minutes later recieve an automated email saying that the abusereply email address doesn't accept or process abuse reports and to fill out the online form instead. You know, the one that I filled out in the first place

Contrasting this with other service providers, Cloudflare seem to actively defend malware distribution sites. I'm at the point where I'm considering blocking anything fronted by Cloudflare to safeguard our environments.

Am I doing something wrong?