Where it resided: at IP -138.68.0.152 ; nginx 1.14.0 (Ubuntu) ; Digital Ocean LLC AS14061 Linux 3.1.-3.10 last seen 2019-01-31
See: https://www.shodan.io/host/138.68.0.152 Remove semantic-ui from dependencies:
RE: https://snyk.io/test/npm/semantic-ui and https://snyk.io/test/npm/semantic-ui
Detected via: https://github.com/GreyNoise-Intelligence/api.greynoise.io/blob/master/README.md
From that same Santa Clara base: -https://beta.finret.com/ Did not follow redirect to -https://68.183.249.126/
44 hints to improve that website:
https://webhint.io/scanner/4a63b065-1a5b-4291-aa12-e3a08b3d7e71
of which 15 security related: https://webhint.io/scanner/4a63b065-1a5b-4291-aa12-e3a08b3d7e71#Security
Vulnerable: Security Checks for -https://beta.finret.com
(4) Susceptible to man-in-the-middle attacks
HTTP Strict Transport Security (HSTS) not enforced
HSTS header does not contain max-age
HSTS header does not contain includeSubDomains
HSTS header not prepared for preload list inclusion
Vulnerabilities can be uncovered more easily
(2) Unnecessary open ports
App ports open
Administration ports open
Also consider: https://toolbar.netcraft.com/site_report?url=https://beta.finret.com (1 red out of 10 Netcraft Risk rating).
earlier known as Date resolved Domain on IP 68.183.249.126
2019-03-01 dns102.monetizar2.com
2019-02-26 dns102.motoaxdb.com no secure connection: NET::ERR_CERT_COMMON_NAME_INVALID
Into what kind of abuse is IP involved:
NETIS_ROUTER_ADMIN_SCANNER_HIGH activity Null high 2019-02-02 2019-02-02Info credits go to GreyNoise Visualizer
REALTEK_MINIIGD_UPNP_WORM_CVE_2014_8361 worm malicious high 2019-02-02 2019-02-02
SSH_WORM_HIGH worm malicious high 2019-02-01 2019-02-03
SSH_SCANNER_HIGH activity Null high 2019-02-01 2019-02-03
HUAWEI_HG532_UPNP_WORM_CVE_2017_17215 worm malicious high 2019-02-01 2019-02-01
AVTECH_IP_CAMERA_WORM worm malicious high 2019-01-31 2019-01-31
WEB_CRAWLER activity Null high 2019-01-31 2019-02-02
CGI_SCRIPT_SCANNER scanner malicious low 2019-01-31 2019-01-31
WEB_SCANNER_HIGH activity Null high 2019-01-31 2019-02-02
SSDP_UPNP_SCANNER_LOW activity Null low 2019-01-31 2019-01-31
HTTP_ALT_SCANNER_LOW activity Null low 2019-01-31 2019-01-31
ZMAP_CLIENT tool Null high 2019-01-31 2019-02-04
polonus