Domain admin.f5mag.cz
The Netherlands
-
GraphQL introspection is enabled.
GraphQL introspection is enabled.
This could leak to data leak if not properly configured.
First seen 2026-01-05 12:23
Last seen 2026-02-02 00:02
Open for 27 days-
Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa320291cf8e5c6aa1c9a1bd41a954b377cf6913e16GraphQL introspection enabled at /graphql Types: 204 (by kind: ENUM: 10, INPUT_OBJECT: 54, OBJECT: 119, SCALAR: 15, UNION: 6) Operations: - Query: Query | fields: i18NLocale, uploadFile, uploadFiles, uploadFolder, uploadFolders - Mutation: Mutation | fields: createUploadFile, createUploadFolder, deleteUploadFile, updateUploadFile, updateUploadFolder Directives: deprecated, include, skip, specifiedBy (total: 4)
Found on 2026-02-02 00:02237.3 kBytes
-
-
Open service 20.105.232.48:443 · admin.f5mag.cz
2026-01-22 21:53
HTTP/1.1 200 OK Connection: close Content-Type: text/html; charset=utf-8 Date: Thu, 22 Jan 2026 21:53:35 GMT Transfer-Encoding: chunked Vary: Origin Strict-Transport-Security: max-age=31536000; includeSubDomains Content-Security-Policy: connect-src 'self' https:;img-src 'self' data: blob: https://f5magstorage.blob.core.windows.net undefined;media-src 'self' data: blob: https://f5magstorage.blob.core.windows.net undefined;default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline' Referrer-Policy: no-referrer X-Content-Type-Options: nosniff X-DNS-Prefetch-Control: off X-Download-Options: noopen X-Frame-Options: SAMEORIGIN X-Permitted-Cross-Domain-Policies: none X-Powered-By: Strapi <strapi.io> Page title: Welcome to your Strapi app <!doctype html> <html> <head> <meta charset="utf-8" /> <meta http-equiv="X-UA-Compatible" content="IE=edge,chrome=1" /> <title>Welcome to your Strapi app</title> <meta name="viewport" content="width=device-width, initial-scale=1" /> <meta name="robots" content="noindex, nofollow"> <link href="https://cdnjs.cloudflare.com/ajax/libs/meyer-reset/2.0/reset.min.css" rel="stylesheet" /> <link href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.11.2/css/all.min.css" rel="stylesheet" /> <link href="https://fonts.googleapis.com/css?family=Lato:400,700&display=swap" rel="stylesheet" /> <style> *{-webkit-box-sizing:border-box;text-decoration:none}body,html{margin:0;padding:0;font-size:62.5%;-webkit-font-smoothing:antialiased}body{font-size:1.3rem;font-family:Lato,Helvetica,Arial,Verdana,sans-serif;background:#fafafb;margin:0;padding:80px 0;color:#333740;line-height:1.8rem}strong{font-weight:700}.wrapper{width:684px;margin:auto}h1{text-align:center}h2{font-size:1.8rem;font-weight:700;margin-bottom:1px}.logo{height:40px;margin-bottom:74px}.informations{position:relative;overflow:hidden;display:flex;justify-content:space-between;width:100%;height:126px;margin-top:18px;padding:20px 30px;background:#fff;border-radius:2px;box-shadow:0 2px 4px 0 #e3e9f3}.informations:before{position:absolute;top:0;left:0;content:'';display:block;width:100%;height:2px;background:#007eff}.environment{display:inline-block;padding:0 10px;height:20px;margin-bottom:36px;background:#e6f0fb;border:1px solid #aed4fb;border-radius:2px;text-transform:uppercase;color:#007eff;font-size:1.2rem;font-weight:700;line-height:20px;letter-spacing:.05rem}.cta{display:inline-block;height:30px;padding:0 15px;margin-top:32px;border-radius:2px;color:#fff;font-weight:700;line-height:28px}.cta i{position:relative;display:inline-block;height:100%;vertical-align:middle;font-size:1rem;margin-right:20px}.cta i:before{position:absolute;top:8px}.cta-primary{background:#007eff}.cta-secondary{background:#6dbb1a}.text-align-right{text-align:right}.lets-started{position:relative;overflow:hidden;width:100%;height:144px;margin-top:18px;padding:20px 30px;background:#fff;border-radius:2px;box-shadow:0 2px 4px 0 #e3e9f3}.people-saying-hello{position:absolute;right:30px;bottom:-8px;width:113px;height:70px}.visible{opacity:1!important}.people-saying-hello img{position:absolute;max-width:100%;opacity:0;transition:opacity .2s ease-out}@media only screen and (max-width:768px){.wrapper{width:auto!important;margin:0 20px}.informations{flex-direction:column;height:auto}.environment{width:100%;text-align:center;margin-bottom:18px}.text-align-right{margin-top:18px;text-align:center}.cta{width:100%;text-align:center}.lets-started{height:auto}.people-saying-hello{display:none}} </style> </head> <body lang="en"> <section class="wrapper"> <h1><img class="logo" src="/assets/images/logo_login.png" /></h1> <div class="informations"> <div> <span class="environment">development</span> <p> The server is running successfully (<strong>v0.1.0)</strong> </p> </div> <div class="text-align-right"> <p>Thu, 22 Jan 2026 21:53:35 GMT</p> <a class="cta cta-primary" href="/admin" target="_blank" title="Click to open the administration" ><i class="fas fa-external-link-alt"></i>Open the administration</a> </div> </div> </section> </body> </html>Found 2026-01-22 by HttpPluginCreate report
-
Open service 20.105.232.48:80 · admin.f5mag.cz
2026-01-05 12:23
HTTP/1.1 301 Moved Permanently Content-Length: 0 Connection: close Date: Mon, 05 Jan 2026 12:23:49 GMT Location: https://admin.f5mag.cz/
Found 2026-01-05 by HttpPluginCreate report
-
Open service 20.105.232.48:443 · admin.f5mag.cz
2026-01-05 12:23
HTTP/1.1 200 OK Connection: close Content-Type: text/html; charset=utf-8 Date: Mon, 05 Jan 2026 12:23:51 GMT Transfer-Encoding: chunked Vary: Origin Strict-Transport-Security: max-age=31536000; includeSubDomains Content-Security-Policy: connect-src 'self' https:;img-src 'self' data: blob: https://f5magstorage.blob.core.windows.net undefined;media-src 'self' data: blob: https://f5magstorage.blob.core.windows.net undefined;default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline' Referrer-Policy: no-referrer X-Content-Type-Options: nosniff X-DNS-Prefetch-Control: off X-Download-Options: noopen X-Frame-Options: SAMEORIGIN X-Permitted-Cross-Domain-Policies: none X-Powered-By: Strapi <strapi.io> Page title: Welcome to your Strapi app <!doctype html> <html> <head> <meta charset="utf-8" /> <meta http-equiv="X-UA-Compatible" content="IE=edge,chrome=1" /> <title>Welcome to your Strapi app</title> <meta name="viewport" content="width=device-width, initial-scale=1" /> <meta name="robots" content="noindex, nofollow"> <link href="https://cdnjs.cloudflare.com/ajax/libs/meyer-reset/2.0/reset.min.css" rel="stylesheet" /> <link href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.11.2/css/all.min.css" rel="stylesheet" /> <link href="https://fonts.googleapis.com/css?family=Lato:400,700&display=swap" rel="stylesheet" /> <style> *{-webkit-box-sizing:border-box;text-decoration:none}body,html{margin:0;padding:0;font-size:62.5%;-webkit-font-smoothing:antialiased}body{font-size:1.3rem;font-family:Lato,Helvetica,Arial,Verdana,sans-serif;background:#fafafb;margin:0;padding:80px 0;color:#333740;line-height:1.8rem}strong{font-weight:700}.wrapper{width:684px;margin:auto}h1{text-align:center}h2{font-size:1.8rem;font-weight:700;margin-bottom:1px}.logo{height:40px;margin-bottom:74px}.informations{position:relative;overflow:hidden;display:flex;justify-content:space-between;width:100%;height:126px;margin-top:18px;padding:20px 30px;background:#fff;border-radius:2px;box-shadow:0 2px 4px 0 #e3e9f3}.informations:before{position:absolute;top:0;left:0;content:'';display:block;width:100%;height:2px;background:#007eff}.environment{display:inline-block;padding:0 10px;height:20px;margin-bottom:36px;background:#e6f0fb;border:1px solid #aed4fb;border-radius:2px;text-transform:uppercase;color:#007eff;font-size:1.2rem;font-weight:700;line-height:20px;letter-spacing:.05rem}.cta{display:inline-block;height:30px;padding:0 15px;margin-top:32px;border-radius:2px;color:#fff;font-weight:700;line-height:28px}.cta i{position:relative;display:inline-block;height:100%;vertical-align:middle;font-size:1rem;margin-right:20px}.cta i:before{position:absolute;top:8px}.cta-primary{background:#007eff}.cta-secondary{background:#6dbb1a}.text-align-right{text-align:right}.lets-started{position:relative;overflow:hidden;width:100%;height:144px;margin-top:18px;padding:20px 30px;background:#fff;border-radius:2px;box-shadow:0 2px 4px 0 #e3e9f3}.people-saying-hello{position:absolute;right:30px;bottom:-8px;width:113px;height:70px}.visible{opacity:1!important}.people-saying-hello img{position:absolute;max-width:100%;opacity:0;transition:opacity .2s ease-out}@media only screen and (max-width:768px){.wrapper{width:auto!important;margin:0 20px}.informations{flex-direction:column;height:auto}.environment{width:100%;text-align:center;margin-bottom:18px}.text-align-right{margin-top:18px;text-align:center}.cta{width:100%;text-align:center}.lets-started{height:auto}.people-saying-hello{display:none}} </style> </head> <body lang="en"> <section class="wrapper"> <h1><img class="logo" src="/assets/images/logo_login.png" /></h1> <div class="informations"> <div> <span class="environment">development</span> <p> The server is running successfully (<strong>v0.1.0)</strong> </p> </div> <div class="text-align-right"> <p>Mon, 05 Jan 2026 12:23:51 GMT</p> <a class="cta cta-primary" href="/admin" target="_blank" title="Click to open the administration" ><i class="fas fa-external-link-alt"></i>Open the administration</a> </div> </div> </section> </body> </html>Found 2026-01-05 by HttpPluginCreate report