Question

Why am I getting port 22 scans from DigitalOcean servers?

Posted February 22, 2015 1.4k views

The following is a list I have compiled over the past few months for port 22 scans coming from Digital Ocean owned IP addresses. :

IP Address Count
128.199.40.193 1
128.199.41.163 6
128.199.46.245 2
128.199.53.176 1
128.199.64.51 3
128.199.65.43 3
128.199.100.180 6
128.199.101.13 3
128.199.116.46 1
128.199.133.77 6
128.199.143.40 6
128.199.150.69 12
128.199.154.171 3
128.199.169.107 12
128.199.185.43 6
128.199.194.193 3
128.199.196.161 9
128.199.198.197 1
128.199.201.53 2
128.199.206.104 1
128.199.206.158 1
128.199.207.10 2
128.199.218.142 1
128.199.219.180 1
128.199.229.55 3
128.199.230.165 4
128.199.232.39 3
128.199.234.223 6
128.199.246.104 2
128.199.246.223 2
128.199.255.44 1

Could these be signs that the servers have been compromised or abused? What other reasons could there be for scans like these?

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

×
1 answer

They are most likely compromised or being used for abuse. Send an e-mail to abuse@digitalocean.com

Submit an Answer