At work my IDS popped up an alert that IP 123 performed a host sweep against our webservers on ports 80 and 443 (and maybe more, but the IDS is not that good…sigh). I check out the IP and it is a webserver for an NBA team. The website itself has little mention of how to contact someone about the site, but I do find an email in the privacy notice. Great. In the privacy notice I see a blurb about how the site is highly secure, blah blah. Great. So I sent an email to the legal address I see and get an immediate undeliverable message. Great.
By now, I have other things to be doing and so on, so I just drop the issue. This web site might be rooted, I might be seeing actual traffic from a malicious script, attacker, or something bad inside their network that I can’t see. Perhaps it is legitimate traffic and someone is just spending some spare time scanning all websites on the Internets to help with the Google. But unless there are clear avenues to report these things, they can only hope their own internal detections will find if something is really wrong. :\