Attacks from cloudflare IP ranges
From about two weeks I have been seeing a lot attacks from IPs belonging to cloudflare. These are not attacks redirected through their proxy to domains added to CF but ssh or smtp login attempts, port scans etc.
Here's few examples CF IPs that has several dozen reports on abuseipdb:
Has cloudflare recently started selling some VPNs or what's the deal here? I know apple has their private relay working on cloudflare network, but they seem to only allow traffic on http(s) ports? Or maybe it is IP spoofing? What do you think?