Domain dhp.adboxapp.com
United States
AMAZON-02
Software information
Heroku
tcp/443
-
GraphQL introspection is enabled.
GraphQL introspection is enabled.
This could leak to data leak if not properly configured.
First seen 2025-11-28 22:36
Last seen 2026-01-02 19:01
Open for 34 days-
Severity: medium
Fingerprint: c2db3a1c40d490db1a0bbaa365aed762ca93e532870dcdc37c5253f0e4a9a968GraphQL introspection enabled at /graphql Types: 61 (by kind: ENUM: 9, INPUT_OBJECT: 9, INTERFACE: 1, OBJECT: 35, SCALAR: 7) Operations: - Query: Query | fields: accessGroups, adRequest, adRequests, asset, assignTypes - Mutation: Mutation | fields: archiveJob, assignJob, assignType, createMustacheAsset, deleteCampaign Directives: deprecated, include, skip (total: 3)
Found on 2026-01-02 19:0193.7 kBytes
-
-
Open service 35.71.145.101:443 · dhp.adboxapp.com
2026-01-09 14:09
HTTP/1.1 302 Found Cache-Control: no-cache Content-Security-Policy: default-src 'self'; connect-src 'self' *.amazonaws.com *.pusher.com *.intercom.io *.intercom.com *.sentry.io sentry.io wss://*.pusherapp.com wss://*.pusher.com wss://*.intercom.io *.launchdarkly.com wss://myworkflows-backend-uat.herokuapp.com myworkflows-backend-uat.herokuapp.com myreports-backend-uat.herokuapp.com; font-src 'self' data: fonts.googleapis.com fonts.gstatic.com fonts.intercomcdn.com rsms.me; frame-ancestors 'none'; frame-src 'self' *.amazonaws.com; img-src 'self' data: blob: *.amazonaws.com *.imagekit.io *.intercomcdn.com static.intercomassets.com *.cloudinary.com; manifest-src 'self'; media-src 'self' *.amazonaws.com; object-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' cdn.polyfill.io cdnjs.cloudflare.com *.pusher.com *.intercom.io *.intercom.com *.intercomcdn.com *.google-analytics.com unpkg.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com rsms.me; upgrade-insecure-requests; worker-src 'self' blob: unpkg.com Content-Security-Policy-Report-Only: default-src 'self'; connect-src 'self' *.amazonaws.com *.pusher.com *.intercom.io *.intercom.com *.sentry.io sentry.io wss://*.pusherapp.com wss://*.pusher.com wss://*.intercom.io *.launchdarkly.com wss://myworkflows-backend-uat.herokuapp.com myworkflows-backend-uat.herokuapp.com myreports-backend-uat.herokuapp.com; font-src 'self' data: fonts.googleapis.com fonts.gstatic.com fonts.intercomcdn.com rsms.me; frame-ancestors 'none'; frame-src 'self' *.amazonaws.com; img-src 'self' data: blob: *.amazonaws.com *.imagekit.io *.intercomcdn.com static.intercomassets.com *.cloudinary.com; manifest-src 'self'; media-src 'self' *.amazonaws.com; object-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' cdn.polyfill.io cdnjs.cloudflare.com *.pusher.com *.intercom.io *.intercom.com *.intercomcdn.com *.google-analytics.com unpkg.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com rsms.me; upgrade-insecure-requests; worker-src 'self' blob: unpkg.com Content-Type: text/html; charset=utf-8 Location: https://dhp.adboxapp.com/login Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1} Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=0Zfwnjef2fMYVYhjS0Kf3i8K3J0j8y%2BjDv854FPDAp8%3D\u0026sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add\u0026ts=1767967789"}],"max_age":3600} Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=0Zfwnjef2fMYVYhjS0Kf3i8K3J0j8y%2BjDv854FPDAp8%3D&sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add&ts=1767967789" Server: Heroku Set-Cookie: XSRF-TOKEN=WApPpVJqjQ0glkmeW5QtktmRilqlzuL%2F0WzQjvOVraWSc9EezPE0yTEg1QpUW8T22aGzNBMG0%2BpLTIw1eSTAHg%3D%3D; path=/; secure; SameSite=Lax Set-Cookie: myadbox-session=01698a4f7acf7192329e23375e21c4be; domain=dhp.adboxapp.com; path=/; secure; HttpOnly; SameSite=Lax Strict-Transport-Security: max-age=604800 Vary: Accept-Encoding, Origin Via: 1.1 heroku-router X-Content-Type-Options: nosniff X-Download-Options: noopen X-Frame-Options: sameorigin X-Permitted-Cross-Domain-Policies: none X-Request-Id: 33aa6d36-3816-3706-dfca-353bd31dbed1 X-Runtime: 0.067266 X-Xss-Protection: 1; mode=block Date: Fri, 09 Jan 2026 14:09:49 GMT Content-Length: 96 Connection: close <html><body>You are being <a href="https://dhp.adboxapp.com/login">redirected</a>.</body></html>Found 2026-01-09 by HttpPluginCreate report
-
Open service 35.71.145.101:443 · dhp.adboxapp.com
2026-01-02 19:01
HTTP/1.1 302 Found Cache-Control: no-cache Content-Security-Policy: default-src 'self'; connect-src 'self' *.amazonaws.com *.pusher.com *.intercom.io *.intercom.com *.sentry.io sentry.io wss://*.pusherapp.com wss://*.pusher.com wss://*.intercom.io *.launchdarkly.com wss://myworkflows-backend-uat.herokuapp.com myworkflows-backend-uat.herokuapp.com myreports-backend-uat.herokuapp.com; font-src 'self' data: fonts.googleapis.com fonts.gstatic.com fonts.intercomcdn.com rsms.me; frame-ancestors 'none'; frame-src 'self' *.amazonaws.com; img-src 'self' data: blob: *.amazonaws.com *.imagekit.io *.intercomcdn.com static.intercomassets.com *.cloudinary.com; manifest-src 'self'; media-src 'self' *.amazonaws.com; object-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' cdn.polyfill.io cdnjs.cloudflare.com *.pusher.com *.intercom.io *.intercom.com *.intercomcdn.com *.google-analytics.com unpkg.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com rsms.me; upgrade-insecure-requests; worker-src 'self' blob: unpkg.com Content-Security-Policy-Report-Only: default-src 'self'; connect-src 'self' *.amazonaws.com *.pusher.com *.intercom.io *.intercom.com *.sentry.io sentry.io wss://*.pusherapp.com wss://*.pusher.com wss://*.intercom.io *.launchdarkly.com wss://myworkflows-backend-uat.herokuapp.com myworkflows-backend-uat.herokuapp.com myreports-backend-uat.herokuapp.com; font-src 'self' data: fonts.googleapis.com fonts.gstatic.com fonts.intercomcdn.com rsms.me; frame-ancestors 'none'; frame-src 'self' *.amazonaws.com; img-src 'self' data: blob: *.amazonaws.com *.imagekit.io *.intercomcdn.com static.intercomassets.com *.cloudinary.com; manifest-src 'self'; media-src 'self' *.amazonaws.com; object-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' cdn.polyfill.io cdnjs.cloudflare.com *.pusher.com *.intercom.io *.intercom.com *.intercomcdn.com *.google-analytics.com unpkg.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com rsms.me; upgrade-insecure-requests; worker-src 'self' blob: unpkg.com Content-Type: text/html; charset=utf-8 Location: https://dhp.adboxapp.com/login Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1} Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=57u21K5uaKa5oKYzf5g5Dh4vp%2FQjpRk%2BbcPWdy%2FzpSc%3D\u0026sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add\u0026ts=1767380504"}],"max_age":3600} Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=57u21K5uaKa5oKYzf5g5Dh4vp%2FQjpRk%2BbcPWdy%2FzpSc%3D&sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add&ts=1767380504" Server: Heroku Set-Cookie: XSRF-TOKEN=3149o%2F2huekEc8VvViEbnt0oZuLyDD%2BpILy7MQmPwH17dWSahsZSFNh2JBt3HYhW4jeXHk6clbyyRKj%2Bt6GAcw%3D%3D; path=/; secure; SameSite=Lax Set-Cookie: myadbox-session=4b6ee6aa6b49ed79a9f7385080c3e9be; domain=dhp.adboxapp.com; path=/; secure; HttpOnly; SameSite=Lax Strict-Transport-Security: max-age=604800 Vary: Accept-Encoding, Origin Via: 1.1 heroku-router X-Content-Type-Options: nosniff X-Download-Options: noopen X-Frame-Options: sameorigin X-Permitted-Cross-Domain-Policies: none X-Request-Id: 4e273d33-4431-d7fb-be3f-a8cc107d7d7f X-Runtime: 0.025221 X-Xss-Protection: 1; mode=block Date: Fri, 02 Jan 2026 19:01:44 GMT Content-Length: 96 Connection: close <html><body>You are being <a href="https://dhp.adboxapp.com/login">redirected</a>.</body></html>Found 2026-01-02 by HttpPluginCreate report
-
Open service 35.71.145.101:443 · dhp.adboxapp.com
2025-12-23 05:25
HTTP/1.1 302 Found Cache-Control: no-cache Content-Security-Policy: default-src 'self'; connect-src 'self' *.amazonaws.com *.pusher.com *.intercom.io *.intercom.com *.sentry.io sentry.io wss://*.pusherapp.com wss://*.pusher.com wss://*.intercom.io *.launchdarkly.com wss://myworkflows-backend-uat.herokuapp.com myworkflows-backend-uat.herokuapp.com myreports-backend-uat.herokuapp.com; font-src 'self' data: fonts.googleapis.com fonts.gstatic.com fonts.intercomcdn.com rsms.me; frame-ancestors 'none'; frame-src 'self' *.amazonaws.com; img-src 'self' data: blob: *.amazonaws.com *.imagekit.io *.intercomcdn.com static.intercomassets.com *.cloudinary.com; manifest-src 'self'; media-src 'self' *.amazonaws.com; object-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' cdn.polyfill.io cdnjs.cloudflare.com *.pusher.com *.intercom.io *.intercom.com *.intercomcdn.com *.google-analytics.com unpkg.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com rsms.me; upgrade-insecure-requests; worker-src 'self' blob: unpkg.com Content-Security-Policy-Report-Only: default-src 'self'; connect-src 'self' *.amazonaws.com *.pusher.com *.intercom.io *.intercom.com *.sentry.io sentry.io wss://*.pusherapp.com wss://*.pusher.com wss://*.intercom.io *.launchdarkly.com wss://myworkflows-backend-uat.herokuapp.com myworkflows-backend-uat.herokuapp.com myreports-backend-uat.herokuapp.com; font-src 'self' data: fonts.googleapis.com fonts.gstatic.com fonts.intercomcdn.com rsms.me; frame-ancestors 'none'; frame-src 'self' *.amazonaws.com; img-src 'self' data: blob: *.amazonaws.com *.imagekit.io *.intercomcdn.com static.intercomassets.com *.cloudinary.com; manifest-src 'self'; media-src 'self' *.amazonaws.com; object-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' cdn.polyfill.io cdnjs.cloudflare.com *.pusher.com *.intercom.io *.intercom.com *.intercomcdn.com *.google-analytics.com unpkg.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com rsms.me; upgrade-insecure-requests; worker-src 'self' blob: unpkg.com Content-Type: text/html; charset=utf-8 Location: https://dhp.adboxapp.com/login Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1} Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=PbL20bVB8xokCG9OQFLrdrniTgdGuesKvWC7ub8LEyc%3D\u0026sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add\u0026ts=1766467561"}],"max_age":3600} Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=PbL20bVB8xokCG9OQFLrdrniTgdGuesKvWC7ub8LEyc%3D&sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add&ts=1766467561" Server: Heroku Set-Cookie: XSRF-TOKEN=HfFBYWKa7xxGmgpr3Olo%2FnVev9gYLm4e40y5TguQbBuL1QHfvMPyXMQE0xSRcjW0NEuFRQ8sehSADaCujz1a5Q%3D%3D; path=/; secure; SameSite=Lax Set-Cookie: myadbox-session=b8599ff43550d53f7aecdf039ae58723; domain=dhp.adboxapp.com; path=/; secure; HttpOnly; SameSite=Lax Strict-Transport-Security: max-age=604800 Vary: Accept-Encoding, Origin Via: 1.1 heroku-router X-Content-Type-Options: nosniff X-Download-Options: noopen X-Frame-Options: sameorigin X-Permitted-Cross-Domain-Policies: none X-Request-Id: aaf2e123-47bf-39e9-16f7-2081b0268cb3 X-Runtime: 0.115163 X-Xss-Protection: 1; mode=block Date: Tue, 23 Dec 2025 05:26:01 GMT Content-Length: 96 Connection: close <html><body>You are being <a href="https://dhp.adboxapp.com/login">redirected</a>.</body></html>Found 2025-12-23 by HttpPluginCreate report
-
Open service 35.71.145.101:443 · dhp.adboxapp.com
2025-12-21 01:36
HTTP/1.1 302 Found Cache-Control: no-cache Content-Security-Policy: default-src 'self'; connect-src 'self' *.amazonaws.com *.pusher.com *.intercom.io *.intercom.com *.sentry.io sentry.io wss://*.pusherapp.com wss://*.pusher.com wss://*.intercom.io *.launchdarkly.com wss://myworkflows-backend-uat.herokuapp.com myworkflows-backend-uat.herokuapp.com myreports-backend-uat.herokuapp.com; font-src 'self' data: fonts.googleapis.com fonts.gstatic.com fonts.intercomcdn.com rsms.me; frame-ancestors 'none'; frame-src 'self' *.amazonaws.com; img-src 'self' data: blob: *.amazonaws.com *.imagekit.io *.intercomcdn.com static.intercomassets.com *.cloudinary.com; manifest-src 'self'; media-src 'self' *.amazonaws.com; object-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' cdn.polyfill.io cdnjs.cloudflare.com *.pusher.com *.intercom.io *.intercom.com *.intercomcdn.com *.google-analytics.com unpkg.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com rsms.me; upgrade-insecure-requests; worker-src 'self' blob: unpkg.com Content-Security-Policy-Report-Only: default-src 'self'; connect-src 'self' *.amazonaws.com *.pusher.com *.intercom.io *.intercom.com *.sentry.io sentry.io wss://*.pusherapp.com wss://*.pusher.com wss://*.intercom.io *.launchdarkly.com wss://myworkflows-backend-uat.herokuapp.com myworkflows-backend-uat.herokuapp.com myreports-backend-uat.herokuapp.com; font-src 'self' data: fonts.googleapis.com fonts.gstatic.com fonts.intercomcdn.com rsms.me; frame-ancestors 'none'; frame-src 'self' *.amazonaws.com; img-src 'self' data: blob: *.amazonaws.com *.imagekit.io *.intercomcdn.com static.intercomassets.com *.cloudinary.com; manifest-src 'self'; media-src 'self' *.amazonaws.com; object-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' cdn.polyfill.io cdnjs.cloudflare.com *.pusher.com *.intercom.io *.intercom.com *.intercomcdn.com *.google-analytics.com unpkg.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com rsms.me; upgrade-insecure-requests; worker-src 'self' blob: unpkg.com Content-Type: text/html; charset=utf-8 Location: https://dhp.adboxapp.com/login Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1} Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=gCEjknn0zsVIKqr4i9foVPi8xldZN1dQhSgZLZzcg6U%3D\u0026sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add\u0026ts=1766280990"}],"max_age":3600} Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=gCEjknn0zsVIKqr4i9foVPi8xldZN1dQhSgZLZzcg6U%3D&sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add&ts=1766280990" Server: Heroku Set-Cookie: XSRF-TOKEN=J2UIpTO4Jw10XTdo40lRpSpUlY%2BtvCJIRc7P9YzADZYmt8bFvCsBEUmpdQr2bjzW7tB3qw3blKnROsU8m90CqQ%3D%3D; path=/; secure; SameSite=Lax Set-Cookie: myadbox-session=3b01420e00275dc168bdcfaaa84b284d; domain=dhp.adboxapp.com; path=/; secure; HttpOnly; SameSite=Lax Strict-Transport-Security: max-age=604800 Vary: Accept-Encoding, Origin Via: 1.1 heroku-router X-Content-Type-Options: nosniff X-Download-Options: noopen X-Frame-Options: sameorigin X-Permitted-Cross-Domain-Policies: none X-Request-Id: 363ada6e-a088-f05e-6808-fb294995b0fd X-Runtime: 0.033104 X-Xss-Protection: 1; mode=block Date: Sun, 21 Dec 2025 01:36:30 GMT Content-Length: 96 Connection: close <html><body>You are being <a href="https://dhp.adboxapp.com/login">redirected</a>.</body></html>Found 2025-12-21 by HttpPluginCreate report
-
Open service 35.71.145.101:443 · dhp.adboxapp.com
2025-12-19 05:16
HTTP/1.1 302 Found Cache-Control: no-cache Content-Security-Policy: default-src 'self'; connect-src 'self' *.amazonaws.com *.pusher.com *.intercom.io *.intercom.com *.sentry.io sentry.io wss://*.pusherapp.com wss://*.pusher.com wss://*.intercom.io *.launchdarkly.com wss://myworkflows-backend-uat.herokuapp.com myworkflows-backend-uat.herokuapp.com myreports-backend-uat.herokuapp.com; font-src 'self' data: fonts.googleapis.com fonts.gstatic.com fonts.intercomcdn.com rsms.me; frame-ancestors 'none'; frame-src 'self' *.amazonaws.com; img-src 'self' data: blob: *.amazonaws.com *.imagekit.io *.intercomcdn.com static.intercomassets.com *.cloudinary.com; manifest-src 'self'; media-src 'self' *.amazonaws.com; object-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' cdn.polyfill.io cdnjs.cloudflare.com *.pusher.com *.intercom.io *.intercom.com *.intercomcdn.com *.google-analytics.com unpkg.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com rsms.me; upgrade-insecure-requests; worker-src 'self' blob: unpkg.com Content-Security-Policy-Report-Only: default-src 'self'; connect-src 'self' *.amazonaws.com *.pusher.com *.intercom.io *.intercom.com *.sentry.io sentry.io wss://*.pusherapp.com wss://*.pusher.com wss://*.intercom.io *.launchdarkly.com wss://myworkflows-backend-uat.herokuapp.com myworkflows-backend-uat.herokuapp.com myreports-backend-uat.herokuapp.com; font-src 'self' data: fonts.googleapis.com fonts.gstatic.com fonts.intercomcdn.com rsms.me; frame-ancestors 'none'; frame-src 'self' *.amazonaws.com; img-src 'self' data: blob: *.amazonaws.com *.imagekit.io *.intercomcdn.com static.intercomassets.com *.cloudinary.com; manifest-src 'self'; media-src 'self' *.amazonaws.com; object-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' cdn.polyfill.io cdnjs.cloudflare.com *.pusher.com *.intercom.io *.intercom.com *.intercomcdn.com *.google-analytics.com unpkg.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com rsms.me; upgrade-insecure-requests; worker-src 'self' blob: unpkg.com Content-Type: text/html; charset=utf-8 Location: https://dhp.adboxapp.com/login Nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1} Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin Report-To: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=wBBRZ2jo%2B1Ha1b6wVfuJ%2BNg%2FUkmvB2JgZ4Tcd%2BAo5Mc%3D\u0026sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add\u0026ts=1766121407"}],"max_age":3600} Reporting-Endpoints: heroku-nel="https://nel.heroku.com/reports?s=wBBRZ2jo%2B1Ha1b6wVfuJ%2BNg%2FUkmvB2JgZ4Tcd%2BAo5Mc%3D&sid=c46efe9b-d3d2-4a0c-8c76-bfafa16c5add&ts=1766121407" Server: Heroku Set-Cookie: XSRF-TOKEN=tXdBXbjB1ELJ%2FPs3KyrJwP50usEeKWt0NV63QtO6hkrq7EVuz%2FEp0cIQEUpgXQnPkJKBNs318%2FFElEnnGBXUZg%3D%3D; path=/; secure; SameSite=Lax Set-Cookie: myadbox-session=e6daf6e2f0cb1ebb0b425fecb442f352; domain=dhp.adboxapp.com; path=/; secure; HttpOnly; SameSite=Lax Strict-Transport-Security: max-age=604800 Vary: Accept-Encoding, Origin Via: 1.1 heroku-router X-Content-Type-Options: nosniff X-Download-Options: noopen X-Frame-Options: sameorigin X-Permitted-Cross-Domain-Policies: none X-Request-Id: f61ae2b5-a3de-a479-6f6d-b5ecb37eaebb X-Runtime: 0.031621 X-Xss-Protection: 1; mode=block Date: Fri, 19 Dec 2025 05:16:47 GMT Content-Length: 96 Connection: close <html><body>You are being <a href="https://dhp.adboxapp.com/login">redirected</a>.</body></html>Found 2025-12-19 by HttpPluginCreate report
dhp.adboxapp.com
CN:
dhp.adboxapp.com
Not before:
2025-11-13 03:15
Not after:
2026-02-11 03:15