Domain sd.pgsys.ru
Greece
Jsc timeweb
Ubuntu
Software information
nginx 1.18.0
tcp/443
-
GraphQL introspection is enabled.
GraphQL introspection is enabled.
This could leak to data leak if not properly configured.
First seen 2025-12-05 16:12
Last seen 2026-01-01 19:45
Open for 27 days-
Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa3be9dc50adeb0c6ba6118edd4e16a6fba7cf16247GraphQL introspection enabled at /graphql Types: 370 (by kind: ENUM: 35, INPUT_OBJECT: 58, INTERFACE: 2, OBJECT: 256, SCALAR: 12, UNION: 7) Operations: - Query: Queries | fields: applicationBuildChecksum, applicationConfig, autocompleteSearchAgent, autocompleteSearchGeneric, autocompleteSearchIdoitObjectTypes - Mutation: Mutations | fields: adminPasswordAuthSend, adminPasswordAuthVerify, channelEmailAdd, channelEmailGuessConfiguration, channelEmailSetNotificationConfiguration - Subscription: Subscriptions | fields: appMaintenance, checklistTemplateUpdates, configUpdates, linkUpdates, macrosUpdate Directives: deprecated, include, oneOf, skip, specifiedBy (total: 5)
Found on 2026-01-01 19:45463.3 kBytes -
Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa31a0bbaa31a0bbaa31a0bbaa31a0bbaa31a0bbaa3GraphQL introspection enabled at /graphql
Found on 2025-12-13 15:51
-
-
Open service 94.241.171.204:443 · sd.pgsys.ru
2026-01-09 01:52
HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Fri, 09 Jan 2026 01:52:47 GMT Content-Type: text/html; charset=utf-8 Content-Length: 2973 Connection: close X-Frame-Options: SAMEORIGIN X-XSS-Protection: 0 X-Content-Type-Options: nosniff X-Permitted-Cross-Domain-Policies: none Referrer-Policy: strict-origin-when-cross-origin link: </assets/application-03022a78f77a70614c8ab55286980d56de60bfa7113d6521978d0e180aec12b0.css>; rel=preload; as=style; nopush,</assets/application-print-b13bcc6b8c456b67c376ff97d8c717cfa9869ea4412e4f49b65170aa535c5722.css>; rel=preload; as=style; nopush CSRF-TOKEN: ZHdyT9K3GYCJzPIyIrSisUIGUf4sRTp23oBiPJ7IKXWd4eGi6X5VIiCH8g5GWcUFBFqQ6Su6LTnEa8Ob1gEDDA ETag: W/"3c6f6a38f93108cb80fc1637f43d31d5" Cache-Control: max-age=0, private, must-revalidate Content-Security-Policy: base-uri 'self' https://sd.pgsys.ru; default-src 'self' ws: wss: https://images.zammad.com; font-src 'self' data:; img-src * data: blob:; object-src 'none'; script-src 'self' 'unsafe-eval' 'nonce-JZ88XHMhULiU8TMIRtpqpQ=='; style-src 'self' 'unsafe-inline'; frame-src www.youtube.com player.vimeo.com Set-Cookie: _zammad_session_a138cfd0f37=f205dce9db9476a4da69e679214178c1; path=/; secure; HttpOnly X-Request-Id: aa30b8a8-a07c-4656-9f5b-81d92b9c723d X-Runtime: 0.019591 Page title: Поддержка Фиджитал Системс <!DOCTYPE html> <html> <head> <meta charset="utf-8"> <meta name="viewport" content="width=device-width"> <meta http-equiv="X-UA-Compatible" content="IE=edge" /> <title>Поддержка Фиджитал Системс</title> <link rel="apple-touch-icon" href="apple-touch-icon.png" /> <link rel="stylesheet" href="/assets/application-03022a78f77a70614c8ab55286980d56de60bfa7113d6521978d0e180aec12b0.css" media="all" /> <link rel="stylesheet" href="/assets/application-print-b13bcc6b8c456b67c376ff97d8c717cfa9869ea4412e4f49b65170aa535c5722.css" media="print" /> <script nonce="JZ88XHMhULiU8TMIRtpqpQ=="> //<![CDATA[ if(window.MSInputMethodContext && document.documentMode){ var polyfillScriptTag = document.createElement('script'); polyfillScriptTag.setAttribute('src', '/assets/ie11CustomProperties.min-eb19b438c0f5d2010c250595ef6b0b161dacf892c8a6f772dc121e99fc020a2c.js'); polyfillScriptTag.setAttribute('nonce', 'JZ88XHMhULiU8TMIRtpqpQ=='); document.head.appendChild(polyfillScriptTag); } try { if(window.matchMedia('(prefers-color-scheme: dark)').matches && localStorage.getItem('theme') != 'light' && !window.location.href.includes('/tests_') ){ document.documentElement.dataset.theme = 'dark'; } } catch (e) { }; //]]> </script> <script src="/assets/application-cd7d5204d0f4d6dd302c58946a348322df541ccf94ea093e690d16378d2b6992.js" nonce="JZ88XHMhULiU8TMIRtpqpQ==" defer="defer"></script> <script src="/javascripts/../assets/form/form.js" nonce="JZ88XHMhULiU8TMIRtpqpQ==" defer="defer" id="zammad_form_script"></script> <meta name="csrf-param" content="authenticity_token" /> <meta name="csrf-token" content="OMTMVMFEQ57avYv01_qUqhS8IdIc6snjqXEHtbwNnfHBUl-5-o0PPHP2i8izF_MeUuDgxRsV3qyzmqYS9MS3iA" /> </head> <body> <!-- svgstore fallback --> <script nonce="JZ88XHMhULiU8TMIRtpqpQ=="> //<![CDATA[ /* detect if browser is - Chrome 14-20 - Android Browser 4.1+ - iOS 6-7 - Safari 6 - Edge 12 - IE 9-11 */ window.svgPolyfill = /\bEdge\/12\b|\bTrident\/[567]\b|\bVersion\/7.0 Safari\b/.test(navigator.userAgent) || (navigator.userAgent.match(/AppleWebKit\/(\d+)/) || [])[1] < 537; (function (doc) { if(!svgPolyfill) return var scripts = doc.getElementsByTagName('script') var script = scripts[scripts.length - 1] var xhr = new XMLHttpRequest() xhr.onload = function () { var div = doc.createElement('div') div.innerHTML = this.responseText div.style.cssText = 'position: absolute; clip: rect(0, 0, 0, 0); z-index: -1;' script.parentNode.insertBefore(div, script) } xhr.open('get', 'assets/images/icons.svg?1755064230', true) xhr.send() })(document) //]]> </script><div id="app"></div> <div class="splash"> <svg class="icon icon-logo"><use xlink:href="assets/images/icons.svg?1755064230#icon-logo" /></svg> <div class="splash-title">Loading…</div> </div> </body> </html>Found 3 days ago by HttpPluginCreate report
-
Open service 94.241.171.204:443 · sd.pgsys.ru
2026-01-01 19:45
HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Thu, 01 Jan 2026 19:45:42 GMT Content-Type: text/html; charset=utf-8 Content-Length: 2973 Connection: close X-Frame-Options: SAMEORIGIN X-XSS-Protection: 0 X-Content-Type-Options: nosniff X-Permitted-Cross-Domain-Policies: none Referrer-Policy: strict-origin-when-cross-origin link: </assets/application-03022a78f77a70614c8ab55286980d56de60bfa7113d6521978d0e180aec12b0.css>; rel=preload; as=style; nopush,</assets/application-print-b13bcc6b8c456b67c376ff97d8c717cfa9869ea4412e4f49b65170aa535c5722.css>; rel=preload; as=style; nopush CSRF-TOKEN: PK0lY3Q3p1WiBwoAlqumg8xhYxCm8EoPc9sNYTru8p4RPSxufM9qUCqOJdExe7nN-yX7rsJdNIVlIeLAHupmfg ETag: W/"4e33ee6ee509a050bd6d5bd2a0293d58" Cache-Control: max-age=0, private, must-revalidate Content-Security-Policy: base-uri 'self' https://sd.pgsys.ru; default-src 'self' ws: wss: https://images.zammad.com; font-src 'self' data:; img-src * data: blob:; object-src 'none'; script-src 'self' 'unsafe-eval' 'nonce-B4fYFSHwtudkH+5w/Njoiw=='; style-src 'self' 'unsafe-inline'; frame-src www.youtube.com player.vimeo.com Set-Cookie: _zammad_session_a138cfd0f37=d2a8f2590c4e9ecc07fa3090c5c10f0c; path=/; secure; HttpOnly X-Request-Id: 92dc3a82-cb59-4568-8cc3-a0c6c68f1193 X-Runtime: 0.017001 Page title: Поддержка Фиджитал Системс <!DOCTYPE html> <html> <head> <meta charset="utf-8"> <meta name="viewport" content="width=device-width"> <meta http-equiv="X-UA-Compatible" content="IE=edge" /> <title>Поддержка Фиджитал Системс</title> <link rel="apple-touch-icon" href="apple-touch-icon.png" /> <link rel="stylesheet" href="/assets/application-03022a78f77a70614c8ab55286980d56de60bfa7113d6521978d0e180aec12b0.css" media="all" /> <link rel="stylesheet" href="/assets/application-print-b13bcc6b8c456b67c376ff97d8c717cfa9869ea4412e4f49b65170aa535c5722.css" media="print" /> <script nonce="B4fYFSHwtudkH+5w/Njoiw=="> //<![CDATA[ if(window.MSInputMethodContext && document.documentMode){ var polyfillScriptTag = document.createElement('script'); polyfillScriptTag.setAttribute('src', '/assets/ie11CustomProperties.min-eb19b438c0f5d2010c250595ef6b0b161dacf892c8a6f772dc121e99fc020a2c.js'); polyfillScriptTag.setAttribute('nonce', 'B4fYFSHwtudkH+5w/Njoiw=='); document.head.appendChild(polyfillScriptTag); } try { if(window.matchMedia('(prefers-color-scheme: dark)').matches && localStorage.getItem('theme') != 'light' && !window.location.href.includes('/tests_') ){ document.documentElement.dataset.theme = 'dark'; } } catch (e) { }; //]]> </script> <script src="/assets/application-cd7d5204d0f4d6dd302c58946a348322df541ccf94ea093e690d16378d2b6992.js" nonce="B4fYFSHwtudkH+5w/Njoiw==" defer="defer"></script> <script src="/javascripts/../assets/form/form.js" nonce="B4fYFSHwtudkH+5w/Njoiw==" defer="defer" id="zammad_form_script"></script> <meta name="csrf-param" content="authenticity_token" /> <meta name="csrf-token" content="J0GBtmNhaR5kO7MgO5clX8c2uznlNOVi3HepnlEy6HEK0Yi7a5mkG-yynPGcRzoR8HIjh4GZm-jKjUY_dTZ8kQ" /> </head> <body> <!-- svgstore fallback --> <script nonce="B4fYFSHwtudkH+5w/Njoiw=="> //<![CDATA[ /* detect if browser is - Chrome 14-20 - Android Browser 4.1+ - iOS 6-7 - Safari 6 - Edge 12 - IE 9-11 */ window.svgPolyfill = /\bEdge\/12\b|\bTrident\/[567]\b|\bVersion\/7.0 Safari\b/.test(navigator.userAgent) || (navigator.userAgent.match(/AppleWebKit\/(\d+)/) || [])[1] < 537; (function (doc) { if(!svgPolyfill) return var scripts = doc.getElementsByTagName('script') var script = scripts[scripts.length - 1] var xhr = new XMLHttpRequest() xhr.onload = function () { var div = doc.createElement('div') div.innerHTML = this.responseText div.style.cssText = 'position: absolute; clip: rect(0, 0, 0, 0); z-index: -1;' script.parentNode.insertBefore(div, script) } xhr.open('get', 'assets/images/icons.svg?1755064230', true) xhr.send() })(document) //]]> </script><div id="app"></div> <div class="splash"> <svg class="icon icon-logo"><use xlink:href="assets/images/icons.svg?1755064230#icon-logo" /></svg> <div class="splash-title">Loading…</div> </div> </body> </html>Found 2026-01-01 by HttpPluginCreate report
-
Open service 94.241.171.204:443 · sd.pgsys.ru
2025-12-22 20:19
HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Mon, 22 Dec 2025 20:19:09 GMT Content-Type: text/html; charset=utf-8 Content-Length: 2973 Connection: close X-Frame-Options: SAMEORIGIN X-XSS-Protection: 0 X-Content-Type-Options: nosniff X-Permitted-Cross-Domain-Policies: none Referrer-Policy: strict-origin-when-cross-origin link: </assets/application-03022a78f77a70614c8ab55286980d56de60bfa7113d6521978d0e180aec12b0.css>; rel=preload; as=style; nopush,</assets/application-print-b13bcc6b8c456b67c376ff97d8c717cfa9869ea4412e4f49b65170aa535c5722.css>; rel=preload; as=style; nopush CSRF-TOKEN: Pargb-23fQG0RVxKubYsXOq4QegMHZJx9KQHcDwD8W5YkIJlVPlx6loXHAEwiQwPUS1UedynBmC8kPhkm7zMWA ETag: W/"8deedc735c50d7d06eb8f2b422d19f17" Cache-Control: max-age=0, private, must-revalidate Content-Security-Policy: base-uri 'self' https://sd.pgsys.ru; default-src 'self' ws: wss: https://images.zammad.com; font-src 'self' data:; img-src * data: blob:; object-src 'none'; script-src 'self' 'unsafe-eval' 'nonce-bZHBB0pFUE1pMy6PiH8Shg=='; style-src 'self' 'unsafe-inline'; frame-src www.youtube.com player.vimeo.com Set-Cookie: _zammad_session_a138cfd0f37=23bcdd070aad04157fc63d1d88880c5f; path=/; secure; HttpOnly X-Request-Id: 389bff8c-1908-42c4-bc94-70343f680129 X-Runtime: 0.044518 Page title: Поддержка Фиджитал Системс <!DOCTYPE html> <html> <head> <meta charset="utf-8"> <meta name="viewport" content="width=device-width"> <meta http-equiv="X-UA-Compatible" content="IE=edge" /> <title>Поддержка Фиджитал Системс</title> <link rel="apple-touch-icon" href="apple-touch-icon.png" /> <link rel="stylesheet" href="/assets/application-03022a78f77a70614c8ab55286980d56de60bfa7113d6521978d0e180aec12b0.css" media="all" /> <link rel="stylesheet" href="/assets/application-print-b13bcc6b8c456b67c376ff97d8c717cfa9869ea4412e4f49b65170aa535c5722.css" media="print" /> <script nonce="bZHBB0pFUE1pMy6PiH8Shg=="> //<![CDATA[ if(window.MSInputMethodContext && document.documentMode){ var polyfillScriptTag = document.createElement('script'); polyfillScriptTag.setAttribute('src', '/assets/ie11CustomProperties.min-eb19b438c0f5d2010c250595ef6b0b161dacf892c8a6f772dc121e99fc020a2c.js'); polyfillScriptTag.setAttribute('nonce', 'bZHBB0pFUE1pMy6PiH8Shg=='); document.head.appendChild(polyfillScriptTag); } try { if(window.matchMedia('(prefers-color-scheme: dark)').matches && localStorage.getItem('theme') != 'light' && !window.location.href.includes('/tests_') ){ document.documentElement.dataset.theme = 'dark'; } } catch (e) { }; //]]> </script> <script src="/assets/application-cd7d5204d0f4d6dd302c58946a348322df541ccf94ea093e690d16378d2b6992.js" nonce="bZHBB0pFUE1pMy6PiH8Shg==" defer="defer"></script> <script src="/javascripts/../assets/form/form.js" nonce="bZHBB0pFUE1pMy6PiH8Shg==" defer="defer" id="zammad_form_script"></script> <meta name="csrf-param" content="authenticity_token" /> <meta name="csrf-token" content="5YiB_FYwxBSgaNk0gTfqbTleKCu_fWlZ4mOfQmParjqAsuP2737I_046mX8ICMo-gss9um_H_UiqV2BWxGWTDA" /> </head> <body> <!-- svgstore fallback --> <script nonce="bZHBB0pFUE1pMy6PiH8Shg=="> //<![CDATA[ /* detect if browser is - Chrome 14-20 - Android Browser 4.1+ - iOS 6-7 - Safari 6 - Edge 12 - IE 9-11 */ window.svgPolyfill = /\bEdge\/12\b|\bTrident\/[567]\b|\bVersion\/7.0 Safari\b/.test(navigator.userAgent) || (navigator.userAgent.match(/AppleWebKit\/(\d+)/) || [])[1] < 537; (function (doc) { if(!svgPolyfill) return var scripts = doc.getElementsByTagName('script') var script = scripts[scripts.length - 1] var xhr = new XMLHttpRequest() xhr.onload = function () { var div = doc.createElement('div') div.innerHTML = this.responseText div.style.cssText = 'position: absolute; clip: rect(0, 0, 0, 0); z-index: -1;' script.parentNode.insertBefore(div, script) } xhr.open('get', 'assets/images/icons.svg?1755064230', true) xhr.send() })(document) //]]> </script><div id="app"></div> <div class="splash"> <svg class="icon icon-logo"><use xlink:href="assets/images/icons.svg?1755064230#icon-logo" /></svg> <div class="splash-title">Loading…</div> </div> </body> </html>Found 2025-12-22 by HttpPluginCreate report
-
Open service 94.241.171.204:443 · sd.pgsys.ru
2025-12-19 04:53
HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Fri, 19 Dec 2025 04:53:39 GMT Content-Type: text/html; charset=utf-8 Content-Length: 2973 Connection: close X-Frame-Options: SAMEORIGIN X-XSS-Protection: 0 X-Content-Type-Options: nosniff X-Permitted-Cross-Domain-Policies: none Referrer-Policy: strict-origin-when-cross-origin link: </assets/application-03022a78f77a70614c8ab55286980d56de60bfa7113d6521978d0e180aec12b0.css>; rel=preload; as=style; nopush,</assets/application-print-b13bcc6b8c456b67c376ff97d8c717cfa9869ea4412e4f49b65170aa535c5722.css>; rel=preload; as=style; nopush CSRF-TOKEN: gujhTmgcuWBgG9IRCBVnHS8sES8p5I6uqh5I4-M7dxr6M-7rypUsuFKwS1dbtO5VHZyT0vhAgi4SYT00evvKoA ETag: W/"a2c67474dc1d161ea61f40dc205e341b" Cache-Control: max-age=0, private, must-revalidate Content-Security-Policy: base-uri 'self' https://sd.pgsys.ru; default-src 'self' ws: wss: https://images.zammad.com; font-src 'self' data:; img-src * data: blob:; object-src 'none'; script-src 'self' 'unsafe-eval' 'nonce-w8bUFFc7rPUpeTXKLHC2bQ=='; style-src 'self' 'unsafe-inline'; frame-src www.youtube.com player.vimeo.com Set-Cookie: _zammad_session_a138cfd0f37=d890f5c425c672cdb757be9681662d2d; path=/; secure; HttpOnly X-Request-Id: 29d468f0-b8c9-4d5a-911f-aff7163ac26f X-Runtime: 0.037031 Page title: Поддержка Фиджитал Системс <!DOCTYPE html> <html> <head> <meta charset="utf-8"> <meta name="viewport" content="width=device-width"> <meta http-equiv="X-UA-Compatible" content="IE=edge" /> <title>Поддержка Фиджитал Системс</title> <link rel="apple-touch-icon" href="apple-touch-icon.png" /> <link rel="stylesheet" href="/assets/application-03022a78f77a70614c8ab55286980d56de60bfa7113d6521978d0e180aec12b0.css" media="all" /> <link rel="stylesheet" href="/assets/application-print-b13bcc6b8c456b67c376ff97d8c717cfa9869ea4412e4f49b65170aa535c5722.css" media="print" /> <script nonce="w8bUFFc7rPUpeTXKLHC2bQ=="> //<![CDATA[ if(window.MSInputMethodContext && document.documentMode){ var polyfillScriptTag = document.createElement('script'); polyfillScriptTag.setAttribute('src', '/assets/ie11CustomProperties.min-eb19b438c0f5d2010c250595ef6b0b161dacf892c8a6f772dc121e99fc020a2c.js'); polyfillScriptTag.setAttribute('nonce', 'w8bUFFc7rPUpeTXKLHC2bQ=='); document.head.appendChild(polyfillScriptTag); } try { if(window.matchMedia('(prefers-color-scheme: dark)').matches && localStorage.getItem('theme') != 'light' && !window.location.href.includes('/tests_') ){ document.documentElement.dataset.theme = 'dark'; } } catch (e) { }; //]]> </script> <script src="/assets/application-cd7d5204d0f4d6dd302c58946a348322df541ccf94ea093e690d16378d2b6992.js" nonce="w8bUFFc7rPUpeTXKLHC2bQ==" defer="defer"></script> <script src="/javascripts/../assets/form/form.js" nonce="w8bUFFc7rPUpeTXKLHC2bQ==" defer="defer" id="zammad_form_script"></script> <meta name="csrf-param" content="authenticity_token" /> <meta name="csrf-token" content="uTXHlHYOx6z1gaDm7-MOY_z63YwJSCJ-8wxmGGmzgkXB7sgx1IdSdMcqOaC8QocrzkpfcdjsLv5LcxPP8HM__w" /> </head> <body> <!-- svgstore fallback --> <script nonce="w8bUFFc7rPUpeTXKLHC2bQ=="> //<![CDATA[ /* detect if browser is - Chrome 14-20 - Android Browser 4.1+ - iOS 6-7 - Safari 6 - Edge 12 - IE 9-11 */ window.svgPolyfill = /\bEdge\/12\b|\bTrident\/[567]\b|\bVersion\/7.0 Safari\b/.test(navigator.userAgent) || (navigator.userAgent.match(/AppleWebKit\/(\d+)/) || [])[1] < 537; (function (doc) { if(!svgPolyfill) return var scripts = doc.getElementsByTagName('script') var script = scripts[scripts.length - 1] var xhr = new XMLHttpRequest() xhr.onload = function () { var div = doc.createElement('div') div.innerHTML = this.responseText div.style.cssText = 'position: absolute; clip: rect(0, 0, 0, 0); z-index: -1;' script.parentNode.insertBefore(div, script) } xhr.open('get', 'assets/images/icons.svg?1755064230', true) xhr.send() })(document) //]]> </script><div id="app"></div> <div class="splash"> <svg class="icon icon-logo"><use xlink:href="assets/images/icons.svg?1755064230#icon-logo" /></svg> <div class="splash-title">Loading…</div> </div> </body> </html>Found 2025-12-19 by HttpPluginCreate report
sd.pgsys.ru
CN:
sd.pgsys.ru
Not before:
2025-12-05 15:13
Not after:
2026-03-05 15:13