Domain omnicellshop.com
Germany
-
GraphQL introspection is enabled.
GraphQL introspection is enabled.
This could leak to data leak if not properly configured.
First seen 2025-10-26 04:35
Last seen 2026-01-22 20:57
Open for 88 days-
Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa363f792ac84d374b0470303cb7d8b6dfb3b30b7b6GraphQL introspection enabled at /graphql Types: 391 (by kind: ENUM: 27, INPUT_OBJECT: 90, INTERFACE: 20, OBJECT: 249, SCALAR: 5) Operations: - Query: Query | fields: availableStores, cart, categories, category, categoryList - Mutation: Mutation | fields: addBundleProductsToCart, addConfigurableProductsToCart, addDownloadableProductsToCart, addProductsToCart, addProductsToCompareList Directives: deprecated, include, skip (total: 3) Detected: Magento
Found on 2026-01-22 20:57737.3 kBytes -
Severity: medium
Fingerprint: c2db3a1c40d490dbf8cbe7e25d88ed878064da351532e00ee46ca5bcf34ef0bbGraphQL introspection enabled at /graphql/api Types: 391 (by kind: ENUM: 27, INPUT_OBJECT: 90, INTERFACE: 20, OBJECT: 249, SCALAR: 5) Operations: - Query: Query | fields: availableStores, cart, categories, category, categoryList - Mutation: Mutation | fields: addBundleProductsToCart, addConfigurableProductsToCart, addDownloadableProductsToCart, addProductsToCart, addProductsToCompareList Directives: deprecated, include, skip (total: 3) Detected: Magento
Found on 2026-01-15 19:42737.3 kBytes -
Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa363f792ac84d374b0470303cb7d8b6dfbf7e596dbGraphQL introspection enabled at /graphql Types: 391 (by kind: ENUM: 27, INPUT_OBJECT: 90, INTERFACE: 20, OBJECT: 249, SCALAR: 5) Operations: - Query: Query | fields: availableStores, cart, categories, category, categoryList - Mutation: Mutation | fields: addBundleProductsToCart, addConfigurableProductsToCart, addDownloadableProductsToCart, addProductsToCart, addProductsToCompareList Directives: deprecated, include, skip (total: 3)
Found on 2025-12-01 13:17737.3 kBytes -
Severity: medium
Fingerprint: c2db3a1c40d490dbf8cbe7e25d88ed878064da351532e00ee46ca5bc684f3f04GraphQL introspection enabled at /graphql/api Types: 391 (by kind: ENUM: 27, INPUT_OBJECT: 90, INTERFACE: 20, OBJECT: 249, SCALAR: 5) Operations: - Query: Query | fields: availableStores, cart, categories, category, categoryList - Mutation: Mutation | fields: addBundleProductsToCart, addConfigurableProductsToCart, addDownloadableProductsToCart, addProductsToCart, addProductsToCompareList Directives: deprecated, include, skip (total: 3)
Found on 2025-11-27 04:34737.3 kBytes -
Severity: medium
Fingerprint: c2db3a1c40d490dbf8cbe7e2f8cbe7e2f8cbe7e2f8cbe7e2f8cbe7e2f8cbe7e2GraphQL introspection enabled at /graphql/api
Found on 2025-10-28 11:25
-
-
GraphQL introspection is enabled.
GraphQL introspection is enabled.
This could leak to data leak if not properly configured.
First seen 2025-10-26 04:35
Last seen 2026-01-23 05:14
Open for 89 days-
Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa363f792ac84d374b0470303cb7d8b6dfb3b30b7b6GraphQL introspection enabled at /graphql Types: 391 (by kind: ENUM: 27, INPUT_OBJECT: 90, INTERFACE: 20, OBJECT: 249, SCALAR: 5) Operations: - Query: Query | fields: availableStores, cart, categories, category, categoryList - Mutation: Mutation | fields: addBundleProductsToCart, addConfigurableProductsToCart, addDownloadableProductsToCart, addProductsToCart, addProductsToCompareList Directives: deprecated, include, skip (total: 3) Detected: Magento
Found on 2026-01-23 05:14737.3 kBytes -
Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa363f792ac84d374b0470303cb7d8b6dfbf7e596dbGraphQL introspection enabled at /graphql Types: 391 (by kind: ENUM: 27, INPUT_OBJECT: 90, INTERFACE: 20, OBJECT: 249, SCALAR: 5) Operations: - Query: Query | fields: availableStores, cart, categories, category, categoryList - Mutation: Mutation | fields: addBundleProductsToCart, addConfigurableProductsToCart, addDownloadableProductsToCart, addProductsToCart, addProductsToCompareList Directives: deprecated, include, skip (total: 3)
Found on 2025-12-11 09:47737.3 kBytes -
Severity: medium
Fingerprint: c2db3a1c40d490dbf8cbe7e25d88ed878064da351532e00ee46ca5bc684f3f04GraphQL introspection enabled at /graphql/api Types: 391 (by kind: ENUM: 27, INPUT_OBJECT: 90, INTERFACE: 20, OBJECT: 249, SCALAR: 5) Operations: - Query: Query | fields: availableStores, cart, categories, category, categoryList - Mutation: Mutation | fields: addBundleProductsToCart, addConfigurableProductsToCart, addDownloadableProductsToCart, addProductsToCart, addProductsToCompareList Directives: deprecated, include, skip (total: 3)
Found on 2025-11-23 02:21737.3 kBytes
-
-
Open service 23.50.131.160:80 · omnicellshop.com
2026-01-23 05:14
HTTP/1.1 302 Moved Temporarily Content-Type: text/html; charset=UTF-8 Content-Length: 0 .com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.certcapture.com https://get.geojs.io *.avada.io *.stripe.com *.cloudflare.com *.paypal.com *.googleapis.com *.addthis.com *.cardinalcommerce.com *.graph.instagram.com *.google-analytics.com c.go-mpulse.net d3hb14vkzrxvla.cloudfront.net beaconapi.helpscout.net robertson.formstack.com/live-form/analytics/3973774/view 'self' 'unsafe-inline'; child-src http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline'; report-uri https://store.fulfillworks.com/rest/all/V1/cspmanager/frontend_report; Strict-Transport-Security: max-age=31536000 X-Content-Type-Options: nosniff X-XSS-Protection: 1; mode=block X-Frame-Options: SAMEORIGIN Location: https://store.fulfillworks.com/ X-UA-Compatible: IE=edge X-Frame-Options: SAMEORIGIN Expires: Fri, 23 Jan 2026 05:14:29 GMT Cache-Control: max-age=0, no-cache, no-store Pragma: no-cache Date: Fri, 23 Jan 2026 05:14:29 GMT Connection: close Set-Cookie: PHPSESSID=ga9it4p77a3tomm1f4ct5dbpko; expires=Fri, 23-Jan-2026 06:14:29 GMT; Max-Age=3600; path=/; domain=store.fulfillworks.com; HttpOnly; SameSite=Lax Server-Timing: edge; dur=1 Server-Timing: origin; dur=558 Server-Timing: cdn-cache; desc=MISS Server-Timing: ak_p; desc="1769145269115_389224224_1098121816_55724_2864_0_0_-";dur=1
Found 2026-01-23 by HttpPluginCreate report
-
Open service 23.50.131.157:443 · omnicellshop.com
2026-01-22 20:57
HTTP/1.1 302 Moved Temporarily Content-Type: text/html; charset=UTF-8 Content-Length: 0 .com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.certcapture.com https://get.geojs.io *.avada.io *.stripe.com *.cloudflare.com *.paypal.com *.googleapis.com *.addthis.com *.cardinalcommerce.com *.graph.instagram.com *.google-analytics.com c.go-mpulse.net d3hb14vkzrxvla.cloudfront.net beaconapi.helpscout.net robertson.formstack.com/live-form/analytics/3973774/view 'self' 'unsafe-inline'; child-src http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline'; report-uri https://store.fulfillworks.com/rest/all/V1/cspmanager/frontend_report; Strict-Transport-Security: max-age=31536000 X-Content-Type-Options: nosniff X-XSS-Protection: 1; mode=block X-Frame-Options: SAMEORIGIN Location: https://store.fulfillworks.com/ X-UA-Compatible: IE=edge X-Frame-Options: SAMEORIGIN Expires: Thu, 22 Jan 2026 20:57:54 GMT Cache-Control: max-age=0, no-cache, no-store Pragma: no-cache Date: Thu, 22 Jan 2026 20:57:54 GMT Connection: close Set-Cookie: PHPSESSID=gc1ticbfvan5oc6d53i7gg3j7s; expires=Thu, 22-Jan-2026 21:57:54 GMT; Max-Age=3600; path=/; domain=store.fulfillworks.com; secure; HttpOnly; SameSite=Lax Server-Timing: cdn-cache; desc=MISS Server-Timing: edge; dur=314 Server-Timing: origin; dur=357 Alt-Svc: h3=":443"; ma=93600 Server-Timing: ak_p; desc="1769115473738_389224221_586857910_66976_3602_251_256_-";dur=1
Found 2026-01-22 by HttpPluginCreate report
-
Open service 23.50.131.160:80 · omnicellshop.com
2026-01-09 12:02
HTTP/1.1 302 Moved Temporarily Content-Type: text/html; charset=UTF-8 Content-Length: 0 .com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.certcapture.com https://get.geojs.io *.avada.io *.stripe.com *.cloudflare.com *.paypal.com *.googleapis.com *.addthis.com *.cardinalcommerce.com *.graph.instagram.com *.google-analytics.com c.go-mpulse.net d3hb14vkzrxvla.cloudfront.net beaconapi.helpscout.net robertson.formstack.com/live-form/analytics/3973774/view 'self' 'unsafe-inline'; child-src http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline'; report-uri https://store.fulfillworks.com/rest/all/V1/cspmanager/frontend_report; Strict-Transport-Security: max-age=31536000 X-Content-Type-Options: nosniff X-XSS-Protection: 1; mode=block X-Frame-Options: SAMEORIGIN Location: https://store.fulfillworks.com/ X-UA-Compatible: IE=edge X-Frame-Options: SAMEORIGIN Expires: Fri, 09 Jan 2026 12:03:07 GMT Cache-Control: max-age=0, no-cache, no-store Pragma: no-cache Date: Fri, 09 Jan 2026 12:03:07 GMT Connection: close Set-Cookie: PHPSESSID=9oaq99hte5hgh9hi2h9d5gskrv; expires=Fri, 09-Jan-2026 13:03:06 GMT; Max-Age=3600; path=/; domain=store.fulfillworks.com; HttpOnly; SameSite=Lax Server-Timing: edge; dur=1 Server-Timing: origin; dur=312 Server-Timing: cdn-cache; desc=MISS Server-Timing: ak_p; desc="1767960186757_389224224_1183645093_31154_3591_0_0_-";dur=1
Found 2026-01-09 by HttpPluginCreate report
-
Open service 23.50.131.157:443 · omnicellshop.com
2026-01-08 19:30
HTTP/1.1 302 Moved Temporarily Content-Type: text/html; charset=UTF-8 Content-Length: 0 .com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.certcapture.com https://get.geojs.io *.avada.io *.stripe.com *.cloudflare.com *.paypal.com *.googleapis.com *.addthis.com *.cardinalcommerce.com *.graph.instagram.com *.google-analytics.com c.go-mpulse.net d3hb14vkzrxvla.cloudfront.net beaconapi.helpscout.net robertson.formstack.com/live-form/analytics/3973774/view 'self' 'unsafe-inline'; child-src http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline'; report-uri https://store.fulfillworks.com/rest/all/V1/cspmanager/frontend_report; Strict-Transport-Security: max-age=31536000 X-Content-Type-Options: nosniff X-XSS-Protection: 1; mode=block X-Frame-Options: SAMEORIGIN Location: https://store.fulfillworks.com/ X-UA-Compatible: IE=edge X-Frame-Options: SAMEORIGIN Expires: Thu, 08 Jan 2026 19:30:05 GMT Cache-Control: max-age=0, no-cache, no-store Pragma: no-cache Date: Thu, 08 Jan 2026 19:30:05 GMT Connection: close Set-Cookie: PHPSESSID=kno468na3e0kln1elk0u3b7rpm; expires=Thu, 08-Jan-2026 20:30:05 GMT; Max-Age=3600; path=/; domain=store.fulfillworks.com; secure; HttpOnly; SameSite=Lax Server-Timing: edge; dur=5 Server-Timing: origin; dur=226 Server-Timing: cdn-cache; desc=MISS Alt-Svc: h3=":443"; ma=93600 Server-Timing: ak_p; desc="1767900604767_389224221_3119494428_23052_5885_132_156_-";dur=1
Found 2026-01-08 by HttpPluginCreate report
-
Open service 23.50.131.160:80 · omnicellshop.com
2026-01-03 01:11
HTTP/1.1 302 Moved Temporarily Content-Type: text/html; charset=UTF-8 Content-Length: 0 .com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.certcapture.com https://get.geojs.io *.avada.io *.stripe.com *.cloudflare.com *.paypal.com *.googleapis.com *.addthis.com *.cardinalcommerce.com *.graph.instagram.com *.google-analytics.com c.go-mpulse.net d3hb14vkzrxvla.cloudfront.net beaconapi.helpscout.net robertson.formstack.com/live-form/analytics/3973774/view 'self' 'unsafe-inline'; child-src http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline'; report-uri https://store.fulfillworks.com/rest/all/V1/cspmanager/frontend_report; Strict-Transport-Security: max-age=31536000 X-Content-Type-Options: nosniff X-XSS-Protection: 1; mode=block X-Frame-Options: SAMEORIGIN Location: https://store.fulfillworks.com/ X-UA-Compatible: IE=edge X-Frame-Options: SAMEORIGIN Expires: Sat, 03 Jan 2026 01:12:03 GMT Cache-Control: max-age=0, no-cache, no-store Pragma: no-cache Date: Sat, 03 Jan 2026 01:12:03 GMT Connection: close Set-Cookie: PHPSESSID=92ae9tlm2cdcqupnkno75gg84v; expires=Sat, 03-Jan-2026 02:12:03 GMT; Max-Age=3600; path=/; domain=store.fulfillworks.com; HttpOnly; SameSite=Lax Server-Timing: edge; dur=1 Server-Timing: origin; dur=223 Server-Timing: cdn-cache; desc=MISS Server-Timing: ak_p; desc="1767402723599_389224224_3669309109_22227_3962_81_0_-";dur=1
Found 2026-01-03 by HttpPluginCreate report
-
Open service 23.50.131.160:80 · omnicellshop.com
2025-12-23 05:35
HTTP/1.1 302 Moved Temporarily Content-Type: text/html; charset=UTF-8 Content-Length: 0 .com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.certcapture.com https://get.geojs.io *.avada.io *.stripe.com *.cloudflare.com *.paypal.com *.googleapis.com *.addthis.com *.cardinalcommerce.com *.graph.instagram.com *.google-analytics.com c.go-mpulse.net d3hb14vkzrxvla.cloudfront.net beaconapi.helpscout.net robertson.formstack.com/live-form/analytics/3973774/view 'self' 'unsafe-inline'; child-src http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline'; report-uri https://store.fulfillworks.com/rest/all/V1/cspmanager/frontend_report; Strict-Transport-Security: max-age=31536000 X-Content-Type-Options: nosniff X-XSS-Protection: 1; mode=block X-Frame-Options: SAMEORIGIN Location: https://store.fulfillworks.com/ X-UA-Compatible: IE=edge X-Frame-Options: SAMEORIGIN Expires: Tue, 23 Dec 2025 05:35:39 GMT Cache-Control: max-age=0, no-cache, no-store Pragma: no-cache Date: Tue, 23 Dec 2025 05:35:39 GMT Connection: close Set-Cookie: PHPSESSID=h4gnt4ke0hqn8dlqdsgvgfrh75; expires=Tue, 23-Dec-2025 06:35:39 GMT; Max-Age=3600; path=/; domain=store.fulfillworks.com; HttpOnly; SameSite=Lax Server-Timing: edge; dur=2 Server-Timing: origin; dur=206 Server-Timing: cdn-cache; desc=MISS Server-Timing: ak_p; desc="1766468139643_389224224_1270144309_20681_4337_167_0_-";dur=1
Found 2025-12-23 by HttpPluginCreate report
-
Open service 23.50.131.157:443 · omnicellshop.com
2025-12-22 15:56
HTTP/1.1 302 Moved Temporarily Content-Type: text/html; charset=UTF-8 Content-Length: 0 .com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com pilot-payflowlink.paypal.com *.certcapture.com https://get.geojs.io *.avada.io *.stripe.com *.cloudflare.com *.paypal.com *.googleapis.com *.addthis.com *.cardinalcommerce.com *.graph.instagram.com *.google-analytics.com c.go-mpulse.net d3hb14vkzrxvla.cloudfront.net beaconapi.helpscout.net robertson.formstack.com/live-form/analytics/3973774/view 'self' 'unsafe-inline'; child-src http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline'; report-uri https://store.fulfillworks.com/rest/all/V1/cspmanager/frontend_report; Strict-Transport-Security: max-age=31536000 X-Content-Type-Options: nosniff X-XSS-Protection: 1; mode=block X-Frame-Options: SAMEORIGIN Location: https://store.fulfillworks.com/ X-UA-Compatible: IE=edge X-Frame-Options: SAMEORIGIN Expires: Mon, 22 Dec 2025 15:56:58 GMT Cache-Control: max-age=0, no-cache, no-store Pragma: no-cache Date: Mon, 22 Dec 2025 15:56:58 GMT Connection: close Set-Cookie: PHPSESSID=nateaua7hpplvn9ib3s4eqa99t; expires=Mon, 22-Dec-2025 16:56:58 GMT; Max-Age=3600; path=/; domain=store.fulfillworks.com; secure; HttpOnly; SameSite=Lax Server-Timing: edge; dur=1 Server-Timing: origin; dur=202 Server-Timing: cdn-cache; desc=MISS Alt-Svc: h3=":443"; ma=93600 Server-Timing: ak_p; desc="1766419018656_389224221_1160167638_20165_3488_83_87_-";dur=1
Found 2025-12-22 by HttpPluginCreate report