What the hell? Netscan from a SOURCE SERVER?

Got an abuse report from my host.
Since when do source servers netscans?
Can someone explain?

The once thing i could think of it that it scanned for master-servers?
Due it looks like an autoreport from my host, maybe just their system failed and a search for users/masterservers got detected?

##########################################################################

Netscan detected from host xxxxxxxxxxx

##########################################################################

time protocol src_ip src_port dest_ip dest_port

Tue Mar 16 21:17:36 2010 UDP xxx.xxx.xxx.xxx 27015 => xxx.xxx.xxx.xxx 27005
Tue Mar 16 21:17:36 2010 UDP xxx.xxx.xxx.xxx 27015 => xxx.xxx.xxx.xxx 27005
Tue Mar 16 21:17:36 2010 UDP xxx.xxx.xxx.xxx 27015 => xxx.xxx.xxx.xxx 27005
Tue Mar 16 21:17:36 2010 UDP xxx.xxx.xxx.xxx 27015 => xxx.xxx.xxx.xxx 27005
Tue Mar 16 21:17:36 2010 UDP xxx.xxx.xxx.xxx 27015 => xxx.xxx.xxx.xxx 27005
Tue Mar 16 21:17:36 2010 UDP xxx.xxx.xxx.xxx 27015 => xxx.xxx.xxx.xxx 27005
Tue Mar 16 21:17:35 2010 UDP xxx.xxx.xxx.xxx 27015 => xxx.xxx.xxx.xxx 27005
Tue Mar 16 21:17:35 2010 UDP xxx.xxx.xxx.xxx 27015 => xxx.xxx.xxx.xxx 27005
Tue Mar 16 21:17:35 2010 UDP xxx.xxx.xxx.xxx 27015 => xxx.xxx.xxx.xxx 27005
Tue Mar 16 21:17:36 2010 UDP xxx.xxx.xxx.xxx 27015 => xxx.xxx.xxx.xxx 27005
Tue Mar 16 21:17:35 2010 UDP xxx.xxx.xxx.xxx 27015 => xxx.xxx.xxx.xxx 27005
<a lot more here>

Edit:
Isn’t 27005 the client port?
By the way: the ip adresses after the => are all different.

Looks like your hoster just purely failed.
Most probably it is just a reply packet to a server query. Would also explain why the ips are different.
27005 is the default client port.

I tought so. That was my response.
Also, 27011 is the masterservers port.
(Thanks to stoned)