And not just DDoS protection, but privacy. Cloudflare offers a huge amount of privacy protection which causes huge headaches for IP holders. You can read online about the feedback loop of Cloudflare/OVH for example sending automated notices back and forth. Usually the process is:

1. IP holder representative sends notice to Cloudflare 2. Cloudflare sends automated notice to account manager 3. Cloudflare informs person from step 1 of who actually hosts the site 4. Person from #1 emails web host who is probably a shady company who in turn ignores email 5. Nothing happens