Our system has automatically detected an inbound DDoS against your droplet named core with the following IP Address: <IP>
As a precautionary measure, we have temporarily disabled network traffic to your droplet to protect our network and other customers. Once the attack subsides, networking will be automatically reestablished to your droplet. The networking restriction is in place for three hours and then removed.
Please note that we take this measure only as a last resort when other filtering, routing, and network configuration changes have not been effective in routing around the DDoS attack.
It looks like it was 2.1gbps DoS attack at about 200k PPS which would really make me think this was a straight-up SYN flood.
I don't really have more detailed information than that, sadly.
It looks like the blackhole will expire 3 hours after it was
put in place.
If you'd like a different IP, the simplest way would be to power off the droplet, take a snapshot, and bring the snapshot back up as a new droplet. After that's done, you can destroy the old droplet and you should be good to go from there.