Is my computer compromised?

Is my computer/network compromised?

Logger: homeassistant.components.http.ban
Source: components/http/ban.py:124
Integration: HTTP (documentation, issues)
First occurred: 7 November 2021, 07:23:07 (3 occurrences)
Last logged: 11 November 2021, 05:17:43

Login attempt or request with invalid authentication from 192.168.0.168 (192.168.0.168). (Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Edg/95.0.1020.40)
Login attempt or request with invalid authentication from 65.154.226.165 (65.154.226.165). (Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/76.0.3809.71 Safari/537.36)
Login attempt or request with invalid authentication from group-ib.ru (89.248.171.23). (Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.90 Safari/537.36)

The first one is my the local ip of my PC, I am unfamiliar with the second one but the third one is the one that actually scared me.

Also this:

Logger: homeassistant.components.http.security_filter
Source: components/http/security_filter.py:48
Integration: HTTP (documentation, issues)
First occurred: 5 November 2021, 18:57:37 (6 occurrences)
Last logged: 10 November 2021, 23:26:41

Filtered a potential harmful request to: /cgi-bin/.%2e/.%2e/.%2e/.%2e/bin/sh

No. The login attempt was blocked.

How is your remote access setup?

Nabu Casa and I use a DDNS service provided by Synology. HA is accessible through that as well.

When u say the DDNS service, is that a port forwarding?

Yes. I am turning it off right now.

Best to avoid any basic port forwarding. Since any script kiddie can run a port scan automatically for know services and detect something open. You can find dozens of examples about this, like camera’s online http://www.insecam.org/ for example