Domain. I also host a couple of web sites, but the script kiddies are hitting the ip with the usual dumb password attacks on ssh which isn't exposed. I expect to get hit by the script kiddies about 4 to 8 times a day, lately it has gone up to 12 to 20 times. The sites are getting hit with about a 1.5x higher rate of malformed packets than usual.