Related or not: I have been running ssh on several internal but internet facing systems on non-standard port numbers for years there have been virtually no log in attempts on these ports. In the last 6-9 months activity has increased a lot. Most addresses make 5 connection attempts and then go away. Not really a case for fail2ban. I could ban them after 3 so save 40%...

No country particlarly stands out. Digitalocean and Korea maybe I bit more than I would have expected.

The site itself looks like a front. It's the bare minimum of a website, a template and images with non-transparent backgrounds. Compounding with contact information not working, this should ring alarm bells for most.

Ok, neat. And now I'm motivated to find the source for how nmap picks `--top-ports`.

Clickbaity title