I maintain 30 WordPress sites with WordFence installed. 

I have noticed a pattern. 

I see a lot of bad guy traffic from digital ocean, azure, oracle cloud. Even the bad guys believe them to be very convenient and they are. All of these providers have online methods to report abuse and they are very responsive. 

DO and Microsoft have a ticket queue and I get info back when its “resolved”.

I love the threat intel feed on wordfence.com (https://www.wordfence.com/threat-intel/)

Have y’all ever resolved the top 10% of abuse traffic to their associated providers and attempted to contact them?

How about using the immense view you have of all activity to report bad actors to these providers or just one provider to start?

Getting responses like this is very satisfying.

(And not seeing that source again in your logs too.)

No provider would want to be on dashboard of “Top 10 ISP Abuse Sources”.