Port scan from another DO address
I am running a Debian droplet and I have shorewall installed. I block all ports except the ones I need. I use logwatch to keep an eye on my logs for any suspicious activity. I noticed a tcp sync scan to what appears to be every port from 1 to 65535. When I did a whois on the offending ip4 address the net block is assigned to digital ocean. Is this worth creating a trouble ticket for this? I use non-standard ports for services like ssh and of course this scan has revealed these ports to someone. Does DO care that one of their addresses is involved in a port scan like this? This appears to be the only time this address has appeared in my logs for the past month or so.
Thanks for any comments.