in webmaster world there are servers which used by them to serve their websites. some webmasters likes to have their own server just to handle the more traffic or just to operate on their own. so they buy themselves dedicated servers.
after that they mostly dont check their /var/log/auth.log file. which says a lot of people around the neighbor(Internet) for example
that is acctually a try from that ip for root user to their server.
so this site about those logs. you can upload your auth.log file and put them into sshbruteforcers database. so this way we can know who is attacking us.