A brief look at a very small sampling of failed logins. I’ve used green to highlight IP addresses known to be “OK” – Starlink out of Denver where my own connection terminates. Others are highlighted in dark pink and represent attacks with certainty. The orange highlighter is for other “items of interest”. Namely the use of a formerly exposed password from “COMB” entered as a username and, the lower range of IP addresses are also from Starlink – but in Texas. My access never routes through Texas.
Beneath the graphic is output of an information-gathering script that fetches from ipinfo.io, criminalip.io and virustotal.com. You’ll see some fairly nasty hosts described there.
In terms of donning the “Information Security Analyst” hat (do we really ever take it off?) this is an exceptionally small amount of data compared to what we work with every day.
ipInfo.io { "ip": "104.236.5.103", "city": "Clifton", "region": "New Jersey", "country": "US", "loc": "40.8344,-74.1377", "org": "AS14061 DigitalOcean, LLC", "postal": "07014", "timezone": "America/New_York" } criminalIP { "count": 1, "data": [ { "as_name": "DIGITALOCEAN-ASN", "as_no": 14061, "city": "Clifton", "region": "New Jersey", "org_name": "Digital Ocean", "postal_code": "07014", "latitude": 40.8364, "longitude": -74.1403, "org_country_code": "us", "confirmed_time": "2024-01-24 00:00:00" } ] } { "inbound": "Critical", "outbound": "Critical" } Is Malicious: true virustotal reputation 0 shodan 104.236.5.103 City: Clifton Country: United States Organization: DigitalOcean, LLC Updated: 2024-01-23T18:25:57.874506 Number of open ports: 1 Vulnerabilities: CVE-2014-0117 CVE-2014-0118 CVE-2017-9798 CVE-2015-3185 CVE-2015-3184 CVE-2015-3183 CVE-2022-28330 CVE-2020-7071 CVE-2020-7070 CVE-2017-7679 CVE-2013-6438 CVE-2020-7061 CVE-2020-1927 CVE-2020-7063 CVE-2017-3167 CVE-2019-19246 CVE-2020-7060 CVE-2021-44790 CVE-2020-7062 CVE-2022-37436 CVE-2020-7064 CVE-2020-7065 CVE-2020-7066 CVE-2020-7067 CVE-2020-7068 CVE-2020-7069 CVE-2016-4975 CVE-2020-13938 CVE-2020-35452 CVE-2022-22719 CVE-2022-31628 CVE-2022-31629 CVE-2020-1934 CVE-2021-34798 CVE-2019-0217 CVE-2014-3523 CVE-2013-5704 CVE-2019-17567 CVE-2022-31813 CVE-2014-0231 CVE-2021-26690 CVE-2021-26691 CVE-2019-0220 CVE-2022-30556 CVE-2021-39275 CVE-2014-3581 CVE-2016-0736 CVE-2022-29404 CVE-2018-1312 CVE-2022-37454 CVE-2021-21707 CVE-2014-0226 CVE-2022-22721 CVE-2022-22720 CVE-2019-10092 CVE-2021-21706 CVE-2021-21705 CVE-2021-21704 CVE-2021-21703 CVE-2021-21702 CVE-2019-10098 CVE-2016-5387 CVE-2017-15715 CVE-2021-40438 CVE-2022-23943 CVE-2018-17199 CVE-2017-15710 CVE-2018-1301 CVE-2018-1302 CVE-2018-1303 CVE-2022-36760 CVE-2023-25690 CVE-2020-11985 CVE-2013-4352 CVE-2022-26377 CVE-2014-0098 CVE-2016-8743 CVE-2020-7059 CVE-2016-8612 CVE-2019-11048 CVE-2019-11049 CVE-2019-11046 CVE-2019-11047 CVE-2019-11044 CVE-2019-11045 CVE-2019-11043 CVE-2017-9788 CVE-2014-8109 CVE-2016-2161 CVE-2015-0228 CVE-2022-28614 CVE-2006-20001 CVE-2018-1283 CVE-2022-28615 CVE-2019-11050 Ports: 80/tcp Apache httpd (2.4.6) |-- HTTP title: Thar Be booty Thar ipInfo.io { "ip": "104.238.74.150", "hostname": "150.74.238.104.host.secureserver.net", "city": "Phoenix", "region": "Arizona", "country": "US", "loc": "33.4484,-112.0740", "org": "AS398101 GoDaddy.com, LLC", "postal": "85001", "timezone": "America/Phoenix" } criminalIP { "count": 1, "data": [ { "as_name": "GO-DADDY-COM-LLC", "as_no": 398101, "city": null, "region": null, "org_name": "Go-daddy-com-llc", "postal_code": null, "latitude": 37.751, "longitude": -97.822, "org_country_code": "us", "confirmed_time": "2024-01-24 00:00:00" } ] } { "inbound": "Critical", "outbound": "Moderate" } Is Malicious: true virustotal reputation 0 shodan 104.238.74.150 Hostnames: 150.74.238.104.host.secureserver.net;keyahtechnologies.nativeinnovation.org;cpanel.keyahtechnologies.com;www.keyahtechnologies.com;keyahtechnologies.com;s104-238-74-150.secureserver.net;webmail.keyahtechnologies.com;cpcontacts.keyahtechnologies.com;cpcalendars.keyahtechnologies.com;www.keyahtechnologies.nativeinnovation.org;mail.keyahtechnologies.com;webdisk.keyahtechnologies.com City: Phoenix Country: United States Organization: GoDaddy.com, LLC Updated: 2024-01-09T05:00:43.239470 Number of open ports: 6 Vulnerabilities: CVE-2022-31628 CVE-2022-31629 CVE-2017-7272 CVE-2020-28011 CVE-2020-28010 CVE-2020-28013 CVE-2020-28012 CVE-2020-28015 CVE-2020-28014 CVE-2020-28017 CVE-2020-28016 CVE-2020-28019 CVE-2020-28018 CVE-2018-19396 CVE-2018-19395 CVE-2022-37452 CVE-2022-37451 CVE-2019-9639 CVE-2019-9638 CVE-2021-27216 CVE-2015-9253 CVE-2019-9637 CVE-2020-28024 CVE-2020-28025 CVE-2020-28026 CVE-2020-28021 CVE-2020-28022 CVE-2020-28023 CVE-2020-28007 CVE-2020-28008 CVE-2020-28009 CVE-2017-7963 CVE-2019-9641 CVE-2020-8015 CVE-2020-12783 Ports: 143/tcp |-- Cert Issuer: emailAddress=ssl@s104-238-74-150.secureserver.net, CN=s104-238-74-150.secureserver.net |-- Cert Subject: emailAddress=ssl@s104-238-74-150.secureserver.net, CN=s104-238-74-150.secureserver.net |-- SSL Versions: -SSLv2, -SSLv3, TLSv1, TLSv1.1, TLSv1.2 443/tcp Apache httpd |-- Cert Issuer: C=US, L=Houston, CN=cPanel, Inc. Certification Authority, O=cPanel, Inc., ST=TX |-- Cert Subject: CN=keyahtechnologies.com |-- SSL Versions: -SSLv2, -SSLv3, -TLSv1, -TLSv1.1, TLSv1.2, TLSv1.3 |-- Diffie-Hellman Parameters: Bits: 2048 Generator: 2 Fingerprint: RFC3526/Oakley Group 14 587/tcp Exim smtpd (4.93) |-- Cert Issuer: emailAddress=ssl@s104-238-74-150.secureserver.net, CN=s104-238-74-150.secureserver.net |-- Cert Subject: emailAddress=ssl@s104-238-74-150.secureserver.net, CN=s104-238-74-150.secureserver.net |-- SSL Versions: -SSLv2, -SSLv3, -TLSv1.3, TLSv1, TLSv1.1, TLSv1.2 993/tcp |-- Cert Issuer: emailAddress=ssl@s104-238-74-150.secureserver.net, CN=s104-238-74-150.secureserver.net |-- Cert Subject: emailAddress=ssl@s104-238-74-150.secureserver.net, CN=s104-238-74-150.secureserver.net |-- SSL Versions: -SSLv2, -SSLv3, TLSv1, TLSv1.1, TLSv1.2 |-- Diffie-Hellman Parameters: Bits: 1024 Generator: 2 2095/tcp 2096/tcp ipInfo.io { "ip": "51.254.252.229", "hostname": "server1.exum.eu", "city": "Roubaix", "region": "Hauts-de-France", "country": "FR", "loc": "50.6942,3.1746", "org": "AS16276 OVH SAS", "postal": "59051 CEDEX 1", "timezone": "Europe/Paris" } criminalIP { "count": 1, "data": [ { "as_name": "OVH SAS", "as_no": 16276, "city": "Saint-Paul-Trois-Chateaux", "region": "Drôme", "org_name": "OVH SAS", "postal_code": "26130", "latitude": 44.3466, "longitude": 4.7704, "org_country_code": "fr", "confirmed_time": "2024-01-24 00:00:00" } ] } { "inbound": "Safe", "outbound": "Safe" } Is Malicious: false virustotal reputation 0 shodan 51.254.252.229 Hostnames: server1.exum.eu;amministrazioni-immobiliari.it;www.amministrazioni-immobiliari.it City: Roubaix Country: France Organization: OVH SAS Updated: 2024-01-24T15:14:09.143963 Number of open ports: 6 Ports: 21/tcp Pure-FTPd |-- Cert Issuer: C=US, CN=R3, O=Let's Encrypt |-- Cert Subject: CN=server1.exum.eu |-- SSL Versions: -SSLv2, -SSLv3, -TLSv1, -TLSv1.1, TLSv1.2 53/tcp 80/tcp Apache httpd |-- HTTP title: Apache2 Ubuntu Default Page: It works 443/tcp Apache httpd |-- HTTP title: Studio Fontana |-- Cert Issuer: C=US, CN=R3, O=Let's Encrypt |-- Cert Subject: CN=amministrazioni-immobiliari.it |-- SSL Versions: -SSLv2, -SSLv3, -TLSv1, -TLSv1.1, TLSv1.2, TLSv1.3 |-- Diffie-Hellman Parameters: Bits: 4096 Generator: 2 Fingerprint: RFC3526/Oakley Group 16 444/tcp |-- HTTP title: Fireware XTM User Authentication |-- Cert Issuer: OU=Fireware, CN=Fireware web CA, O=WatchGuard |-- Cert Subject: OU=Fireware, CN=Fireware web CA, O=WatchGuard |-- SSL Versions: -SSLv2, -SSLv3, -TLSv1, -TLSv1.1, TLSv1.2 |-- Diffie-Hellman Parameters: Bits: 2048 Generator: 2 8080/tcp Apache httpd ipInfo.io { "ip": "2.58.56.220", "hostname": "2.58.56.220.powered.by.rdp.sh", "city": "Oude Meer", "region": "North Holland", "country": "NL", "loc": "52.2883,4.7861", "org": "AS210558 1337 Services GmbH", "postal": "1438", "timezone": "Europe/Amsterdam" } criminalIP { "count": 1, "data": [ { "as_name": "1337 Services GmbH", "as_no": 210558, "city": "Oude Meer", "region": "North Holland", "org_name": "1337 Services", "postal_code": "1438", "latitude": 52.2862, "longitude": 4.7845, "org_country_code": "nl", "confirmed_time": "2024-01-24 00:00:00" } ] } { "inbound": "Critical", "outbound": "Moderate" } Is Malicious: true virustotal reputation 0 shodan 2.58.56.220 Hostnames: 2.58.56.220.powered.by.rdp.sh City: Oude Meer Country: Netherlands Organization: 1337 Services GmbH Updated: 2024-01-21T15:59:46.576406 Number of open ports: 2 Ports: 111/tcp |-- HTTP title: This is a Tor Exit Router 9001/tcp Tor built-in httpd ipInfo.io { "ip": "199.249.230.180", "hostname": "tor91.quintex.com", "city": "Dallas", "region": "Texas", "country": "US", "loc": "32.7831,-96.8067", "org": "AS62744 Quintex Alliance Consulting", "postal": "75201", "timezone": "America/Chicago" } criminalIP { "count": 1, "data": [ { "as_name": "QUINTEX", "as_no": 62744, "city": null, "region": null, "org_name": "Quintex Alliance Consulting", "postal_code": null, "latitude": 37.751, "longitude": -97.822, "org_country_code": "us", "confirmed_time": "2024-01-24 00:00:00" } ] } { "inbound": "Critical", "outbound": "Dangerous" } Is Malicious: true virustotal reputation 0 shodan 199.249.230.180 City: Dallas Country: United States Organization: Quintex Alliance Consulting Updated: 2024-01-24T17:51:56.030861 Number of open ports: 4 Ports: 22/tcp OpenSSH (8.4p1 Debian 5+deb11u3) 80/tcp Tor built-in httpd |-- HTTP title: This is a Tor Exit Router 111/tcp 111/udp 443/tcp |-- Cert Issuer: CN=www.6d3kwzlzwsln2nkqc.com |-- Cert Subject: CN=www.g3a6gbhmy52p5p3d7.net |-- SSL Versions: -SSLv2, -SSLv3, -TLSv1, -TLSv1.1, TLSv1.2, TLSv1.3 |-- Diffie-Hellman Parameters: Bits: 1024 Generator: 2 Fingerprint: mod_ssl 2.2.x/Hardcoded 1024-bit prime ipInfo.io { "ip": "45.180.22.30", "city": "Saravena", "region": "Departamento de Arauca", "country": "CO", "loc": "6.9632,-71.8823", "org": "AS269742 AVIDTEL E.U.", "postal": "815010", "timezone": "America/Bogota" } criminalIP { "count": 1, "data": [ { "as_name": "AVIDTEL E.U.", "as_no": 269742, "city": "Saravena", "region": "Departamento de Arauca", "org_name": "Avidtel E.u.", "postal_code": "815010", "latitude": 6.9641, "longitude": -71.8863, "org_country_code": "co", "confirmed_time": "2024-01-24 00:00:00" } ] } { "inbound": "Dangerous", "outbound": "Moderate" } Is Malicious: true virustotal reputation 0 shodan ipInfo.io { "ip": "194.26.192.77", "hostname": "194.26.192.77.powered.by.rdp.sh", "city": "Amsterdam", "region": "North Holland", "country": "NL", "loc": "52.3740,4.8897", "org": "AS210558 1337 Services GmbH", "postal": "1012", "timezone": "Europe/Amsterdam" } criminalIP { "count": 1, "data": [ { "as_name": "1337 Services GmbH", "as_no": 210558, "city": "Oude Meer", "region": "North Holland", "org_name": "1337 Services", "postal_code": "1438", "latitude": 52.2862, "longitude": 4.7845, "org_country_code": "nl", "confirmed_time": "2024-01-24 00:00:00" } ] } { "inbound": "Critical", "outbound": "Moderate" } Is Malicious: true virustotal reputation 0 shodan 194.26.192.77 Hostnames: 194.26.192.77.powered.by.rdp.sh City: Amsterdam Country: Netherlands Organization: 1337 Services GmbH Updated: 2024-01-16T03:11:34.867078 Number of open ports: 4 Ports: 111/tcp |-- HTTP title: This is a Tor Exit Router 123/udp 9001/tcp Tor built-in httpd 9101/tcp |-- HTTP title: This is a Tor Exit Router ipInfo.io { "ip": "185.220.103.115", "city": "Borough Park", "region": "New York", "country": "US", "loc": "40.6521,-74.0018", "org": "AS4224 The Calyx Institute", "postal": "11232", "timezone": "America/New_York" } criminalIP { "count": 1, "data": [ { "as_name": "CALYX-AS", "as_no": 4224, "city": null, "region": "New York", "org_name": "The Calyx Institute", "postal_code": null, "latitude": 40.7064, "longitude": -73.9473, "org_country_code": "us", "confirmed_time": "2024-01-24 00:00:00" } ] } { "inbound": "Critical", "outbound": "Dangerous" } Is Malicious: true virustotal reputation 0 shodan 185.220.103.115 City: Borough Park Country: United States Organization: The Calyx Institute Updated: 2024-01-24T09:36:06.441350 Number of open ports: 2 Ports: 80/tcp Tor built-in httpd |-- HTTP title: This is a Tor Exit Router 443/tcp |-- Cert Issuer: CN=www.4b72s5i54.com |-- Cert Subject: CN=www.flnvhs3q4gmbp.net |-- SSL Versions: -SSLv2, -SSLv3, -TLSv1, -TLSv1.1, TLSv1.2, TLSv1.3 |-- Diffie-Hellman Parameters: Bits: 1024 Generator: 2 Fingerprint: mod_ssl 2.2.x/Hardcoded 1024-bit prime ipInfo.io { "ip": "181.4.66.82", "hostname": "host82.181-4-66.telecom.net.ar", "city": "Corrientes", "region": "Corrientes", "country": "AR", "loc": "-27.4678,-58.8344", "org": "AS7303 Telecom Argentina S.A.", "postal": "3400", "timezone": "America/Argentina/Cordoba" } criminalIP { "count": 1, "data": [ { "as_name": "Telecom Argentina S.A.", "as_no": 7303, "city": "Corrientes", "region": "Corrientes", "org_name": "Personal", "postal_code": "3400", "latitude": -27.4838, "longitude": -58.8298, "org_country_code": "ar", "confirmed_time": "2024-01-24 00:00:00" } ] } { "inbound": "Safe", "outbound": "Safe" } Is Malicious: false virustotal reputation 0 shodan 181.4.66.82 Hostnames: host82.181-4-66.telecom.net.ar City: Corrientes Country: Argentina Organization: Telecom Argentina S.A. Updated: 2024-01-16T02:00:37.186085 Number of open ports: 1 Ports: 7547/tcp |-- HTTP title: 401 Unauthorized ipInfo.io { "ip": "207.211.187.8", "city": "Chicago", "region": "Illinois", "country": "US", "loc": "41.8426,-87.6306", "org": "AS31898 Oracle Corporation", "postal": "60616", "timezone": "America/Chicago" } criminalIP { "count": 1, "data": [ { "as_name": "ORACLE-BMC-31898", "as_no": 31898, "city": "Chicago", "region": "Illinois", "org_name": "Oracle Cloud", "postal_code": "60616", "latitude": 41.8486, "longitude": -87.6288, "org_country_code": "us", "confirmed_time": "2024-01-24 00:00:00" } ] } { "inbound": "Moderate", "outbound": "Safe" } Is Malicious: false virustotal reputation 0 shodan ipInfo.io { "ip": "98.97.83.49", "hostname": "customer.dllstxx1.pop.starlinkisp.net", "city": "Dallas", "region": "Texas", "country": "US", "loc": "32.7831,-96.8067", "org": "AS14593 Space Exploration Technologies Corporation", "postal": "75201", "timezone": "America/Chicago" } criminalIP { "count": 1, "data": [ { "as_name": "SPACEX-STARLINK", "as_no": 14593, "city": "Dallas", "region": "Texas", "org_name": "Starlink", "postal_code": "75270", "latitude": 32.7797, "longitude": -96.8022, "org_country_code": "us", "confirmed_time": "2024-01-24 00:00:00" } ] } { "inbound": "Safe", "outbound": "Safe" } Is Malicious: false virustotal reputation 0 shodan ipInfo.io { "ip": "98.97.86.213", "hostname": "customer.dllstxx1.pop.starlinkisp.net", "city": "Dallas", "region": "Texas", "country": "US", "loc": "32.7831,-96.8067", "org": "AS14593 Space Exploration Technologies Corporation", "postal": "75201", "timezone": "America/Chicago" } criminalIP { "count": 1, "data": [ { "as_name": "SPACEX-STARLINK", "as_no": 14593, "city": "Dallas", "region": "Texas", "org_name": "Starlink", "postal_code": "75270", "latitude": 32.7797, "longitude": -96.8022, "org_country_code": "us", "confirmed_time": "2024-01-24 00:00:00" } ] } { "inbound": "Safe", "outbound": "Safe" } Is Malicious: false virustotal reputation 0 shodan ipInfo.io { "ip": "98.97.86.213", "hostname": "customer.dllstxx1.pop.starlinkisp.net", "city": "Dallas", "region": "Texas", "country": "US", "loc": "32.7831,-96.8067", "org": "AS14593 Space Exploration Technologies Corporation", "postal": "75201", "timezone": "America/Chicago" } criminalIP { "count": 1, "data": [ { "as_name": "SPACEX-STARLINK", "as_no": 14593, "city": "Dallas", "region": "Texas", "org_name": "Starlink", "postal_code": "75270", "latitude": 32.7797, "longitude": -96.8022, "org_country_code": "us", "confirmed_time": "2024-01-24 00:00:00" } ] } { "inbound": "Safe", "outbound": "Safe" } Is Malicious: false virustotal reputation 0 shodan ipInfo.io { "ip": "98.97.86.213", "hostname": "customer.dllstxx1.pop.starlinkisp.net", "city": "Dallas", "region": "Texas", "country": "US", "loc": "32.7831,-96.8067", "org": "AS14593 Space Exploration Technologies Corporation", "postal": "75201", "timezone": "America/Chicago" } criminalIP { "count": 1, "data": [ { "as_name": "SPACEX-STARLINK", "as_no": 14593, "city": "Dallas", "region": "Texas", "org_name": "Starlink", "postal_code": "75270", "latitude": 32.7797, "longitude": -96.8022, "org_country_code": "us", "confirmed_time": "2024-01-24 00:00:00" } ] } { "inbound": "Safe", "outbound": "Safe" } Is Malicious: false virustotal reputation 0 shodan ipInfo.io { "ip": "98.97.86.213", "hostname": "customer.dllstxx1.pop.starlinkisp.net", "city": "Dallas", "region": "Texas", "country": "US", "loc": "32.7831,-96.8067", "org": "AS14593 Space Exploration Technologies Corporation", "postal": "75201", "timezone": "America/Chicago" } criminalIP { "count": 1, "data": [ { "as_name": "SPACEX-STARLINK", "as_no": 14593, "city": "Dallas", "region": "Texas", "org_name": "Starlink", "postal_code": "75270", "latitude": 32.7797, "longitude": -96.8022, "org_country_code": "us", "confirmed_time": "2024-01-24 00:00:00" } ] } { "inbound": "Safe", "outbound": "Safe" } Is Malicious: false virustotal reputation 0 shodan ipInfo.io { "ip": "98.97.86.213", "hostname": "customer.dllstxx1.pop.starlinkisp.net", "city": "Dallas", "region": "Texas", "country": "US", "loc": "32.7831,-96.8067", "org": "AS14593 Space Exploration Technologies Corporation", "postal": "75201", "timezone": "America/Chicago" } criminalIP { "count": 1, "data": [ { "as_name": "SPACEX-STARLINK", "as_no": 14593, "city": "Dallas", "region": "Texas", "org_name": "Starlink", "postal_code": "75270", "latitude": 32.7797, "longitude": -96.8022, "org_country_code": "us", "confirmed_time": "2024-01-24 00:00:00" } ] } { "inbound": "Safe", "outbound": "Safe" } Is Malicious: false virustotal reputation 0 shodan ipInfo.io { "ip": "98.97.86.213", "hostname": "customer.dllstxx1.pop.starlinkisp.net", "city": "Dallas", "region": "Texas", "country": "US", "loc": "32.7831,-96.8067", "org": "AS14593 Space Exploration Technologies Corporation", "postal": "75201", "timezone": "America/Chicago" } criminalIP { "count": 1, "data": [ { "as_name": "SPACEX-STARLINK", "as_no": 14593, "city": "Dallas", "region": "Texas", "org_name": "Starlink", "postal_code": "75270", "latitude": 32.7797, "longitude": -96.8022, "org_country_code": "us", "confirmed_time": "2024-01-24 00:00:00" } ] } { "inbound": "Safe", "outbound": "Safe" } Is Malicious: false virustotal reputation 0 shodan ipInfo.io { "ip": "98.97.86.213", "hostname": "customer.dllstxx1.pop.starlinkisp.net", "city": "Dallas", "region": "Texas", "country": "US", "loc": "32.7831,-96.8067", "org": "AS14593 Space Exploration Technologies Corporation", "postal": "75201", "timezone": "America/Chicago" } criminalIP { "count": 1, "data": [ { "as_name": "SPACEX-STARLINK", "as_no": 14593, "city": "Dallas", "region": "Texas", "org_name": "Starlink", "postal_code": "75270", "latitude": 32.7797, "longitude": -96.8022, "org_country_code": "us", "confirmed_time": "2024-01-24 00:00:00" } ] } { "inbound": "Safe", "outbound": "Safe" } Is Malicious: false virustotal reputation 0 shodan ipInfo.io { "ip": "98.97.86.213", "hostname": "customer.dllstxx1.pop.starlinkisp.net", "city": "Dallas", "region": "Texas", "country": "US", "loc": "32.7831,-96.8067", "org": "AS14593 Space Exploration Technologies Corporation", "postal": "75201", "timezone": "America/Chicago" } criminalIP { "count": 1, "data": [ { "as_name": "SPACEX-STARLINK", "as_no": 14593, "city": "Dallas", "region": "Texas", "org_name": "Starlink", "postal_code": "75270", "latitude": 32.7797, "longitude": -96.8022, "org_country_code": "us", "confirmed_time": "2024-01-24 00:00:00" } ] } { "inbound": "Safe", "outbound": "Safe" } Is Malicious: false virustotal reputation 0 shodan