A startup hosting provider you say - who's their ISP? Does that company know their customer is a DDoS-for-hire provider? Did you tell them? How did they respond?

At the minimum they're very likely to have a talk with their customer "keep this shit up and you're outta here"