I saw a minor issue in my logs from a 165.22.*.* host. That /16 is one of Digital Ocean's ranges.
I have my border router, the one which handles my PPPoE link, keep a copy of every packet in or out for as long as it has space for. So I trawled that, looking for anything to or from that /16.
It's basically all doorknob rattling. My data covers over a month (I did this a week or so ago, the range is 2025-04-19 to 2025-05-27). There are 3864 packets in, 644 packets out (exactly one-sixth; I wonder why); apparently my border blacklist stopped most of the traffic. All the incoming traffic is attempts to open TCP connections to ports 23, 80, 443, 4567, 8060, 8082, 8085, and 8088. All the return packets are TCP RSTs, rejecting connections to ports 443, 4567, 8060, and 8082; apparently the rest hit my border blacklist.
And the biggest problem?
Digital Ocean is pushing costs off to the rest of the net. They apparently can't be bothered to staff their abuse desk enough to handle the level of abuse they emit. When, some time ago, I reported something to them, their autoresponse said their abuse@ mail is "processed with automated tooling due to the high volume of abuse submissions [they] receive". They demand X-ARF, "tools such as fail2ban", or jumping through some Webpage hoop. They really need to either decrease the abuse they emit or increase their abuse desk staffing; it is not reasonable to require us to do additional work to make up for their desire to sidestep the costs that inhere in how they're trying to run.
Yes, that would probably mean they'd have to increase their prices. Cry me a frickin' river; at present, their prices are artificially low because they're asking the whole rest of the net to subsidize their prices, in the form of doing some of their abuse desk's work for them.