Domain scan.smjweb.com
United States
Software information
nginx
tcp/443
-
GraphQL introspection is enabled.
GraphQL introspection is enabled.
This could leak to data leak if not properly configured.
First seen 2025-12-02 07:26
Last seen 2026-01-31 08:22
Open for 60 days-
Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3893ac6fc385c5b40c357bb4f4ae358cea9f0a5b2GraphQL introspection enabled at /graphql Types: 35 (by kind: ENUM: 1, INPUT_OBJECT: 4, INTERFACE: 1, OBJECT: 25, SCALAR: 4) Operations: - Query: RootQueryType | fields: allLeads, leadStats, node - Mutation: RootMutationType | fields: createBusinessSearch, deleteLead Directives: include, skip (total: 2)
Found on 2026-01-31 08:2230.0 kBytes
-
-
Open service 34.209.57.169:443 · scan.smjweb.com
2026-01-23 07:46
HTTP/1.1 500 Internal Server Error Cache-Control: max-age=0, private, must-revalidate Content-Length: 21 Content-Security-Policy: form-action 'self'; object-src 'self'; Content-Type: text/html; charset=utf-8 Date: Fri, 23 Jan 2026 07:47:00 GMT Server: Caddy Server: nginx Strict-Transport-Security: max-age=31536000; includeSubDomains; preload X-Content-Type-Options: nosniff X-Frame-Options: ALLOWALL X-Request-Id: ldcmvhbp9pq11fpkhkoaln5ob6a5an6g X-Xss-Protection: 1; mode=block Connection: close Server internal error
Found 2026-01-23 by HttpPluginCreate report
-
Open service 34.209.57.169:443 · scan.smjweb.com
2026-01-10 01:00
HTTP/1.1 500 Internal Server Error Cache-Control: max-age=0, private, must-revalidate Content-Length: 21 Content-Security-Policy: form-action 'self'; object-src 'self'; Content-Type: text/html; charset=utf-8 Date: Sat, 10 Jan 2026 01:00:41 GMT Server: Caddy Server: nginx Strict-Transport-Security: max-age=31536000; includeSubDomains; preload X-Content-Type-Options: nosniff X-Frame-Options: ALLOWALL X-Request-Id: n88360c3e6kb0o1hvk14old4406vfbr2 X-Xss-Protection: 1; mode=block Connection: close Server internal error
Found 2026-01-10 by HttpPluginCreate report