Host 129.97.152.229
Canada
Software information
Apache 2.4.52
tcp/443 tcp/80
-
SSH is potenitally vulnerable
WARNING: This plugin will generate false positive and is purely informative:
regreSSHion: RCE in OpenSSH's server, on glibc-based Linux systems (CVE-2024-6387)
First seen 2025-04-11 14:09
Last seen 2026-02-08 16:26
Open for 303 days-
Severity: info
Fingerprint: 3f43e0ebb5dce37ab8b59eb53ea6237e8f56bf578f56bf578f56bf578f56bf57Found potentially vulnerable SSH version: SSH-2.0-OpenSSH_8.9p1 Ubuntu-3ubuntu0.13 WARNING, RISK IS ESTIMATED FALSE POSITIVE ARE LIKELY
Found on 2026-02-08 16:26 -
Severity: info
Fingerprint: 3f43e0ebb5dce37ab8b59eb53ea6237c61090c0161090c0161090c0161090c01Found potentially vulnerable SSH version: SSH-2.0-OpenSSH_8.9p1 Ubuntu-3ubuntu0.11 WARNING, RISK IS ESTIMATED FALSE POSITIVE ARE LIKELY
Found on 2025-04-24 02:28
-
-
Swagger API description is publicly available
Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.
Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.
While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.
First seen 2025-12-11 16:24
Last seen 2026-02-01 14:36
Open for 51 days-
Severity: info
Fingerprint: 5733ddf49ff49cd1bf890109bf890109bf890109bf890109bf890109bf890109Public Swagger UI/API detected at path: /api-docs/swagger.json
Found on 2026-02-01 14:36
-
-
Swagger API description is publicly available
Exposing Swagger/OpenAPI documentation is primarily a risk if your API has underlying security flaws, as it gives attackers a precise roadmap to find them.
Those detail every endpoint, parameter, and data model, making it easier to discover and exploit vulnerabilities like broken access control or injection points.
While a perfectly secure API mitigates the danger, protecting your documentation is a critical layer of defense that forces attackers to work without a map.
IP: 129.97.152.229
Domain: scs-math-rocketchat.cs.uwaterloo.ca
Port: 443
URL: https://scs-math-rocketchat.cs.uwaterloo.caFirst seen 2025-10-14 08:58
Last seen 2026-01-23 10:13
Open for 101 days-
Severity: info
Fingerprint: 5733ddf49ff49cd1bf890109bf890109bf890109bf890109bf890109bf890109Public Swagger UI/API detected at path: /api-docs/swagger.json
Found on 2026-01-23 10:13
-
-
Open service 129.97.152.229:80
2026-01-26 16:00
HTTP/1.1 301 Moved Permanently Date: Mon, 26 Jan 2026 16:01:25 GMT Server: Apache/2.4.52 (Ubuntu) Location: https://scs-math-rocketchat.cs.uwaterloo.ca/ Content-Length: 332 Connection: close Content-Type: text/html; charset=iso-8859-1 Page title: 301 Moved Permanently <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"> <html><head> <title>301 Moved Permanently</title> </head><body> <h1>Moved Permanently</h1> <p>The document has moved <a href="https://scs-math-rocketchat.cs.uwaterloo.ca/">here</a>.</p> <hr> <address>Apache/2.4.52 (Ubuntu) Server at 129.97.152.229 Port 80</address> </body></html>
Found 2026-01-26 by HttpPluginCreate report
-
Open service 129.97.152.229:443 ยท scs-math-rocketchat.cs.uwaterloo.ca
2026-01-23 10:13
HTTP/1.1 200 OK Date: Fri, 23 Jan 2026 10:13:02 GMT Server: Apache/2.4.52 (Ubuntu) X-XSS-Protection: 1 X-Content-Type-Options: nosniff X-Frame-Options: sameorigin Content-Security-Policy: default-src 'self' https://cdn.zapier.com; connect-src *; font-src 'self' https://cdn.zapier.com data:; frame-src *; img-src * data: blob:; media-src * data:; script-src 'self' 'unsafe-eval' 'sha256-jqxtvDkBbRAl9Hpqv68WdNOieepg8tJSYu1xIy7zT34=' 'sha256-aui5xYk3Lu1dQcnsPlNZI+qDTdfzdUv3fzsw80VLJgw=' https://cdn.zapier.com https://zapier.com; style-src 'self' 'unsafe-inline' https://cdn.zapier.com X-Instance-ID: 151cb337-4b81-463e-a2c9-67abed5cb61d Access-Control-Allow-Origin: * X-Powered-By: Express Content-Type: text/html; charset=utf-8 Vary: Accept-Encoding Connection: close Transfer-Encoding: chunked Page title: scs-math-rocketchat <!DOCTYPE html> <html> <head> <link rel="stylesheet" type="text/css" class="__meteor-css__" href="/e37e3a526aace32e4ea71108fc18652f860ce79f.css?meteor_css_resource=true"> <script id="scripts" type="text/javascript" src="/scripts_887a5339b2625a8970658c4f5f9bd94f1067ab7a.js"></script> <meta name="referrer" content="same-origin" /> <link rel="icon" sizes="16x16" type="image/png" href=/assets/favicon_16.png /> <link rel="icon" sizes="32x32" type="image/png" href=/assets/favicon_32.png /> <link rel="icon" sizes="any" type="image/svg+xml" href=/assets/favicon.svg /> <title>scs-math-rocketchat</title><meta name="application-name" content="scs-math-rocketchat"><meta name="apple-mobile-web-app-title" content="scs-math-rocketchat"> <meta http-equiv="content-language" content=""><meta name="language" content=""> <meta name="robots" content="INDEX,FOLLOW"> <meta name="msvalidate.01" content=""> <meta name="google-site-verification" content=""> <meta property="fb:app_id" content=""> <base href="/"> </head> <body> <noscript style="color: white; text-align:center"> You need to enable JavaScript to run this app. </noscript> <div id="react-root"> <div class="page-loading" role="alert" aria-busy="true" aria-live="polite" aria-label="loading"> <div class="loading__animation"> <div class="loading__animation__bounce"></div> <div class="loading__animation__bounce"></div> <div class="loading__animation__bounce"></div> </div> </div> </div> <style id='css-variables'> :root {}</style> <script type="text/javascript" src="/meteor_runtime_config.js?hash=ecebc90b5ad01e70f2aa64b34e9e515d3ac74854"></script> <script type="text/javascript" src="/3054b8907c5ff9acb854316cc540d0d364e126dc.js?meteor_js_resource=true"></script> </body> </html>Found 2026-01-23 by HttpPluginCreate report
-
Open service 129.97.152.229:443
2026-01-22 18:28
HTTP/1.1 200 OK Date: Thu, 22 Jan 2026 18:28:53 GMT Server: Apache/2.4.52 (Ubuntu) X-XSS-Protection: 1 X-Content-Type-Options: nosniff X-Frame-Options: sameorigin Content-Security-Policy: default-src 'self' https://cdn.zapier.com; connect-src *; font-src 'self' https://cdn.zapier.com data:; frame-src *; img-src * data: blob:; media-src * data:; script-src 'self' 'unsafe-eval' 'sha256-jqxtvDkBbRAl9Hpqv68WdNOieepg8tJSYu1xIy7zT34=' 'sha256-aui5xYk3Lu1dQcnsPlNZI+qDTdfzdUv3fzsw80VLJgw=' https://cdn.zapier.com https://zapier.com; style-src 'self' 'unsafe-inline' https://cdn.zapier.com X-Instance-ID: 151cb337-4b81-463e-a2c9-67abed5cb61d Access-Control-Allow-Origin: * X-Powered-By: Express Content-Type: text/html; charset=utf-8 Vary: Accept-Encoding Connection: close Transfer-Encoding: chunked Page title: scs-math-rocketchat <!DOCTYPE html> <html> <head> <link rel="stylesheet" type="text/css" class="__meteor-css__" href="/e37e3a526aace32e4ea71108fc18652f860ce79f.css?meteor_css_resource=true"> <script id="scripts" type="text/javascript" src="/scripts_887a5339b2625a8970658c4f5f9bd94f1067ab7a.js"></script> <meta name="referrer" content="same-origin" /> <link rel="icon" sizes="16x16" type="image/png" href=/assets/favicon_16.png /> <link rel="icon" sizes="32x32" type="image/png" href=/assets/favicon_32.png /> <link rel="icon" sizes="any" type="image/svg+xml" href=/assets/favicon.svg /> <title>scs-math-rocketchat</title><meta name="application-name" content="scs-math-rocketchat"><meta name="apple-mobile-web-app-title" content="scs-math-rocketchat"> <meta http-equiv="content-language" content=""><meta name="language" content=""> <meta name="robots" content="INDEX,FOLLOW"> <meta name="msvalidate.01" content=""> <meta name="google-site-verification" content=""> <meta property="fb:app_id" content=""> <base href="/"> </head> <body> <noscript style="color: white; text-align:center"> You need to enable JavaScript to run this app. </noscript> <div id="react-root"> <div class="page-loading" role="alert" aria-busy="true" aria-live="polite" aria-label="loading"> <div class="loading__animation"> <div class="loading__animation__bounce"></div> <div class="loading__animation__bounce"></div> <div class="loading__animation__bounce"></div> </div> </div> </div> <style id='css-variables'> :root {}</style> <script type="text/javascript" src="/meteor_runtime_config.js?hash=ecebc90b5ad01e70f2aa64b34e9e515d3ac74854"></script> <script type="text/javascript" src="/3054b8907c5ff9acb854316cc540d0d364e126dc.js?meteor_js_resource=true"></script> </body> </html>Found 2026-01-22 by HttpPluginCreate report
-
Open service 129.97.152.229:22
2026-01-22 16:25
Found 2026-01-22 by SSHOpenPluginCreate report