Why am I getting port 22 scans from DigitalOcean servers?
The following is a list I have compiled over the past few months for port 22 scans coming from Digital Ocean owned IP addresses. :
| IP Address | Count |
|---|---|
| 128.199.40.193 | 1 |
| 128.199.41.163 | 6 |
| 128.199.46.245 | 2 |
| 128.199.53.176 | 1 |
| 128.199.64.51 | 3 |
| 128.199.65.43 | 3 |
| 128.199.100.180 | 6 |
| 128.199.101.13 | 3 |
| 128.199.116.46 | 1 |
| 128.199.133.77 | 6 |
| 128.199.143.40 | 6 |
| 128.199.150.69 | 12 |
| 128.199.154.171 | 3 |
| 128.199.169.107 | 12 |
| 128.199.185.43 | 6 |
| 128.199.194.193 | 3 |
| 128.199.196.161 | 9 |
| 128.199.198.197 | 1 |
| 128.199.201.53 | 2 |
| 128.199.206.104 | 1 |
| 128.199.206.158 | 1 |
| 128.199.207.10 | 2 |
| 128.199.218.142 | 1 |
| 128.199.219.180 | 1 |
| 128.199.229.55 | 3 |
| 128.199.230.165 | 4 |
| 128.199.232.39 | 3 |
| 128.199.234.223 | 6 |
| 128.199.246.104 | 2 |
| 128.199.246.223 | 2 |
| 128.199.255.44 | 1 |
Could these be signs that the servers have been compromised or abused? What other reasons could there be for scans like these?
Log In to Comment