I've never had luck with this. Even when I get communication back, the respondent gives reasons why they will ignore it. When I don't hear back, the problem persists (at least for as far as I have even attempted to follow up).

Latest example: Three of several dozen visitors were sent to a malicious unrelated site when attempting to visit https://cspinet.org/eating-healthy/ingredients-of-concern/caffeine-chart

Before contacting the Center for Science in the Public Interest, I looked into it a bit.

Since one of the simplest forms of page hijacking involves altering a webpage to contain a malicious inline frame which can allow an exploit kit to load, I checked for that.

No dice, but I did see a frame-like content object labeled "not indexed" at some past saves of that page (e.g. https://archive.org/search.php?query=https%3A%2F%2Fcspinet.org%2Feating-healthy%2Fingredients-of-concern%2Fcaffeine-chart )

As I always do, I contacted the site (via a couple of their contact emails), but I wondered if anyone had a best practice or idea beyond including webmaster@ admin@ plus any emails on their contact page?