(Author here.) That’s missing from the article. But I have logs of the network. There’s nothing out of the ordinary. “I don’t know what I did wrong,” as I started the article, means “I’ve checked logs and such and there’s no indication of anything wrong on my end.”

A task that would be made much easier and less likely to miss something if the affected person had some indication as to what the problem was.

Devil's advocate - would it not then be pretty easy to engineer malicious bots to avoid detection?

Depends on the level of detail provided. That much detail isn't necessary in order to provide a helpful pointer to innocent bystanders.

Do you expect the average user to know how to "eliminate the possibility that a device on their network is compromised"? That is untenable.

No, but I wouldn't expect the average user to write a blog post with unsubstantiated technical claims, either.

I do think Cloudflare could do better here to let the owner of an IP know why they're suffering from poor reputation.

However, it's not immediately clear to me how they could accomplish this without weakening their side of the car vs. mouse game.