dropbox.com Review

 N/A

HTTP/1.1 301 Moved Permanently
location: https://dropbox.com/
date: Sun, 02 Nov 2025 17:54:02 GMT
server: envoy
x-dropbox-request-id: 39881fd0d8bf43a6aa53a4a969079aba
content-length: 0

HTTP/1.1 301 Moved Permanently
Location: https://www.dropbox.com/
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Cache-Control: no-cache, no-store
Alt-Svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Vary: Accept-Encoding
X-Dropbox-Response-Origin: local
Date: Sun, 02 Nov 2025 17:54:02 GMT
Server: envoy
X-Dropbox-Request-Id: f52c239fde0545b1afcf539f69079aba
Content-Length: 0

HTTP/1.1 200 OK
Content-Security-Policy: font-src https://* data: ; connect-src https://* ws://127.0.0.1:*/ws blob: wss://dsimports.dropbox.com/ ; report-uri https://www.dropbox.com/csp_log?policy_name=metaserver-whitelist ; style-src https://* 'unsafe-inline' 'unsafe-eval' ; worker-src https://www.dropbox.com/static/serviceworker/ https://www.dropbox.com/encrypted_folder_download/service_worker.js https://www.dropbox.com/service_worker.js blob: ; frame-src https://* dbapi-6: dbapi-7: dbapi-8: dropbox-client: itms-apps: itms-appss: blob: ; object-src 'self' https://cfl.dropboxstatic.com/static/ https://www.dropboxstatic.com/static/ ; img-src https://* data: blob: ; child-src https://www.dropbox.com/static/serviceworker/ blob: ; default-src 'none' ; script-src 'unsafe-eval' 'inline-speculation-rules' https://www.dropbox.com/static/api/ https://www.dropbox.com/pithos/ https://cfl.dropboxstatic.com/static/ https://www.dropboxstatic.com/static/ https://accounts.google.com/gsi/client https://canny.io/sdk.js https://www.paypal.com/sdk/js https://applepay.cdn-apple.com 'nonce-wv+AjmOMDvoHyJE6EIDUOVp3fd4=' ; base-uri 'self' ; frame-ancestors 'self' ; media-src https://* blob: ; form-action 'self' https://www.dropbox.com/ https://dl-web.dropbox.com/ https://photos.dropbox.com/ https://paper.dropbox.com/ https://showcase.dropbox.com/ https://www.hellofax.com/ https://app.hellofax.com/ https://www.hellosign.com/ https://app.hellosign.com/ https://docsend.com/ https://www.docsend.com/ https://help.dropbox.com/ https://navi.dropbox.jp/ https://a.sprig.com/ https://selfguidedlearning.dropboxbusiness.com/ https://instructorledlearning.dropboxbusiness.com/ https://sales.dropboxbusiness.com/ https://accounts.google.com/ https://api.login.yahoo.com/ https://login.yahoo.com/ https://experience.dropbox.com/ https://pal-test.adyen.com https://2e83413d8036243b-Dropbox-pal-live.adyenpayments.com/ https://onedrive.live.com/picker
Content-Security-Policy: report-uri https://www.dropbox.com/csp_log?policy_name=metaserver-dynamic ; script-src 'unsafe-eval' 'strict-dynamic' 'nonce-wv+AjmOMDvoHyJE6EIDUOVp3fd4=' 'nonce-VEdWYPKGAmSmeqp3TUG7081GqSE='
Content-Type: text/html; charset=utf-8
Pragma: no-cache
Referrer-Policy: strict-origin-when-cross-origin
Set-Cookie: gvc=MjA5NzYyMDY1NDk2MTUzNjk2MjIzMDY3Nzc3ODg0NjM4NDc5MDIw; Path=/; Expires=Fri, 01 Nov 2030 17:54:02 GMT; HttpOnly; Secure
Set-Cookie: t=KdqjQGbvVx9xT7njYJU5YR7T; Path=/; Domain=dropbox.com; Expires=Mon, 02 Nov 2026 17:54:02 GMT; HttpOnly; Secure
Set-Cookie: __Host-js_csrf=KdqjQGbvVx9xT7njYJU5YR7T; Path=/; Expires=Mon, 02 Nov 2026 17:54:02 GMT; Secure
Set-Cookie: __Host-ss=0KxceBSpI8; Path=/; Expires=Mon, 02 Nov 2026 17:54:02 GMT; HttpOnly; Secure; SameSite=Strict
Set-Cookie: locale=ja; Path=/; Domain=dropbox.com; Expires=Fri, 01 Nov 2030 17:54:02 GMT
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-Permitted-Cross-Domain-Policies: none
X-Xss-Protection: 1; mode=block
Date: Sun, 02 Nov 2025 17:54:02 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Server: envoy
Cache-Control: no-cache, no-store
Alt-Svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Encoding: gzip
Vary: Accept-Encoding
X-Dropbox-Response-Origin: far_remote
X-Dropbox-Request-Id: 2f0953bb7cb049a4b917448f69079aba
Transfer-Encoding: chunked