dropbox.com Review

 N/A

HTTP/1.1 301 Moved Permanently
location: https://dropbox.com/
date: Sat, 13 Sep 2025 17:30:26 GMT
server: envoy
x-dropbox-request-id: b6ad0c23ce3a4031b1b6e19084e54b91
content-length: 0

HTTP/1.1 301 Moved Permanently
Location: https://www.dropbox.com/
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Cache-Control: no-cache, no-store
Alt-Svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Vary: Accept-Encoding
X-Dropbox-Response-Origin: local
Date: Sat, 13 Sep 2025 17:30:25 GMT
Server: envoy
X-Dropbox-Request-Id: eeb44ac02dfb45b78c57fc6a9a86c90b
Content-Length: 0

HTTP/1.1 200 OK
Content-Security-Policy: frame-ancestors 'self' ; report-uri https://www.dropbox.com/csp_log?policy_name=metaserver-whitelist ; connect-src https://* ws://127.0.0.1:*/ws blob: wss://dsimports.dropbox.com/ ; object-src 'self' https://cfl.dropboxstatic.com/static/ https://www.dropboxstatic.com/static/ ; default-src 'none' ; child-src https://www.dropbox.com/static/serviceworker/ blob: ; font-src https://* data: ; style-src https://* 'unsafe-inline' 'unsafe-eval' ; form-action 'self' https://www.dropbox.com/ https://dl-web.dropbox.com/ https://photos.dropbox.com/ https://paper.dropbox.com/ https://showcase.dropbox.com/ https://www.hellofax.com/ https://app.hellofax.com/ https://www.hellosign.com/ https://app.hellosign.com/ https://docsend.com/ https://www.docsend.com/ https://help.dropbox.com/ https://navi.dropbox.jp/ https://a.sprig.com/ https://selfguidedlearning.dropboxbusiness.com/ https://instructorledlearning.dropboxbusiness.com/ https://sales.dropboxbusiness.com/ https://accounts.google.com/ https://api.login.yahoo.com/ https://login.yahoo.com/ https://experience.dropbox.com/ https://pal-test.adyen.com https://2e83413d8036243b-Dropbox-pal-live.adyenpayments.com/ https://onedrive.live.com/picker ; script-src 'unsafe-eval' 'inline-speculation-rules' https://www.dropbox.com/static/api/ https://www.dropbox.com/pithos/ https://cfl.dropboxstatic.com/static/ https://www.dropboxstatic.com/static/ https://accounts.google.com/gsi/client https://canny.io/sdk.js https://www.paypal.com/sdk/js 'nonce-GzDHkquD66i2EsrclYmY3RsMEtU=' ; base-uri 'self' ; img-src https://* data: blob: ; frame-src https://* dbapi-6: dbapi-7: dbapi-8: dropbox-client: itms-apps: itms-appss: blob: ; worker-src https://www.dropbox.com/static/serviceworker/ https://www.dropbox.com/encrypted_folder_download/service_worker.js https://www.dropbox.com/service_worker.js blob: ; media-src https://* blob:
Content-Security-Policy: script-src 'unsafe-eval' 'strict-dynamic' 'nonce-GzDHkquD66i2EsrclYmY3RsMEtU=' 'nonce-uTZDv9YzsxobigyZSoh6qqQKeBY=' ; report-uri https://www.dropbox.com/csp_log?policy_name=metaserver-dynamic
Content-Type: text/html; charset=utf-8
Pragma: no-cache
Referrer-Policy: strict-origin-when-cross-origin
Set-Cookie: gvc=MjUwMjIwOTY3MjM1MDE0ODk3MjMzNjg4MTAxNDQ4MDU0MzQwMzgw; Path=/; Expires=Thu, 12 Sep 2030 17:30:26 GMT; HttpOnly; Secure
Set-Cookie: t=GiknXssgq-W-lR_C3xmGgkih; Path=/; Domain=dropbox.com; Expires=Sun, 13 Sep 2026 17:30:26 GMT; HttpOnly; Secure
Set-Cookie: __Host-js_csrf=GiknXssgq-W-lR_C3xmGgkih; Path=/; Expires=Sun, 13 Sep 2026 17:30:26 GMT; Secure
Set-Cookie: __Host-ss=ItxZ5rAyQE; Path=/; Expires=Sun, 13 Sep 2026 17:30:26 GMT; HttpOnly; Secure; SameSite=Strict
Set-Cookie: locale=ja; Path=/; Domain=dropbox.com; Expires=Thu, 12 Sep 2030 17:30:26 GMT
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-Permitted-Cross-Domain-Policies: none
X-Xss-Protection: 1; mode=block
Date: Sat, 13 Sep 2025 17:30:26 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Server: envoy
Cache-Control: no-cache, no-store
Alt-Svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Encoding: gzip
Vary: Accept-Encoding
X-Dropbox-Response-Origin: far_remote
X-Dropbox-Request-Id: 0f57f394195b467f90c95b690bebf1f4
Transfer-Encoding: chunked