Summary
A Concise Overview of the scan result of url https://www.dropbox.com/l/AAA03pTebu2w4R-SyEPN5vHLk7k2-fpeHGU
- Document
- HTML
- 1
- StyleSheets
- 0
- Scripts
- 0
- Font
- 0
- Images
- 1
- Links
- 0
- JavaScript Variables
- 2
- Console log messages
- 0
- Network
- Requests
- 2
- Bytes Transferred
- 3.65KB
- Bytes Total
- 1.82KB
- DNS Record
- CNAME Record
- 2
- A Record
- 1
- AAAA Record
- 1
- Technology
- Issue trackers
- 1
- Reverse proxies
- 1
- Security
- 1
- SSL/TLS certificate authorities
- 1
Document
Links
The outgoing links identified from the page.
Link | Text |
---|
JavaScript Variables
Global JavaScript variables are variables that are defined outside of any function or block scope in JavaScript.
Technology
The technologies identified are present on the scanned URL.
Name | Description | Detected patterns |
---|---|---|
Issue trackers | ||
Canny | Canny is a cloud-based solution that helps small to large businesses collect, analyse, prioritise and track user feedback to make informed product decisions. | Type: headers Name: content-security-policy Regex: \/\/canny\.io |
Security | ||
HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS. | Type: headers Name: strict-transport-security Regex: (?:) | |
Reverse proxies | ||
Envoy is an open-source edge and service proxy, designed for cloud-native applications. | Type: headers Name: server Regex: ^envoy$ | |
SSL/TLS certificate authorities | ||
DigiCert | Type: certIssuer Regex: DigiCert |
Performance
The speed and efficiency of the scanned URL loads and displays its content.
- dns
- 1 msGood
- tcp
- 27 msGood
- requestTime
- 6 msGood
- dom
- 5 msGood
DNS Record
A DNS record maps a domain name to an IP address or other resource information.
Type | Name | Content | DNSSEC |
---|---|---|---|
CNAME | www.dropbox.com | www-env.dropbox-dns.com. | no |
A | www-env.dropbox-dns.com | 162.125.6.18 | no |
CNAME | www.dropbox.com | www-env.dropbox-dns.com. | no |
AAAA | www-env.dropbox-dns.com | 2620:100:601c:18::a27d:612 | no |
SSL Certificate
An SSL certificate is a digital certificate that verifies the authenticity and encrypts the communication between a website and its visitors.
Subject | Issue date | Expiry date | Valid |
---|---|---|---|
*.dropbox.com DigiCert TLS RSA SHA256 2020 CA1 | 10/31/2023 | 11/30/2024 | 1 year 1 month 1 day |
HTTP Headers
HTTP Header
An HTTP header is a component of an HTTP request or response that contains additional information about the message being sent or received.
Name | Value |
---|---|
cache-control | no-cache, no-store |
content-length | 631 |
content-security-policy | base-uri 'self' ; child-src https://www.dropbox.com/static/serviceworker/ blob: ; connect-src https://* ws://127.0.0.1:*/ws wss://dsimports.dropbox.com/ ; default-src 'none' ; font-src https://* data: ; form-action 'self' https://www.dropbox.com/ https://dl-web.dropbox.com/ https://photos.dropbox.com/ https://paper.dropbox.com/ https://showcase.dropbox.com/ https://www.hellofax.com/ https://app.hellofax.com/ https://www.hellosign.com/ https://app.hellosign.com/ https://docsend.com/ https://www.docsend.com/ https://help.dropbox.com/ https://navi.dropbox.jp/ https://a.sprig.com/ https://selfguidedlearning.dropboxbusiness.com/ https://instructorledlearning.dropboxbusiness.com/ https://sales.dropboxbusiness.com/ https://accounts.google.com/ https://api.login.yahoo.com/ https://login.yahoo.com/ https://experience.dropbox.com/ https://pal-test.adyen.com https://2e83413d8036243b-Dropbox-pal-live.adyenpayments.com/ https://onedrive.live.com/picker ; frame-src https://* carousel: dbapi-6: dbapi-7: dbapi-8: dropbox-client: itms-apps: itms-appss: ; img-src https://* data: blob: ; media-src https://* blob: ; object-src 'self' https://cfl.dropboxstatic.com/static/ https://www.dropboxstatic.com/static/ ; report-uri https://www.dropbox.com/csp_log?policy_name=metaserver-whitelist ; script-src 'unsafe-eval' https://www.dropbox.com/static/api/ https://www.dropbox.com/pithos/* https://www.dropbox.com/page_success/ https://cfl.dropboxstatic.com/static/ https://www.dropboxstatic.com/static/ https://accounts.google.com/gsi/client https://canny.io/sdk.js https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ 'unsafe-inline' ; style-src https://* 'unsafe-inline' 'unsafe-eval' ; worker-src https://www.dropbox.com/static/serviceworker/ https://www.dropbox.com/encrypted_folder_download/service_worker.js blob: |
content-type | image/jpeg |
date | Thu, 16 May 2024 20:00:52 GMT |
referrer-policy | strict-origin-when-cross-origin |
server | envoy |
strict-transport-security | max-age=31536000; includeSubDomains max-age=31536000; includeSubDomains |
x-content-type-options | nosniff |
x-dropbox-request-id | 2409b16ea9b94d3487db37bd2056eace |
x-dropbox-response-origin | far_remote |
x-frame-options | SAMEORIGIN |
x-permitted-cross-domain-policies | none |
x-robots-tag | noindex, nofollow, noimageindex |
x-server-response-time | 233 |
x-xss-protection | 1; mode=block |
Content Security Policy
Content Security Policy (CSP) is a security mechanism that helps prevent cross-site scripting (XSS) and other code injection attacks by specifying which content sources are allowed to be loaded on a web page.
Name | Value |
---|---|
base-uri | 'self' |
child-src | https://www.dropbox.com/static/serviceworker/blob: |
connect-src | https://*ws://127.0.0.1:*/wswss://dsimports.dropbox.com/ |
default-src | 'none' |
font-src | https://*data: |
form-action | 'self'https://www.dropbox.com/https://dl-web.dropbox.com/https://photos.dropbox.com/https://paper.dropbox.com/https://showcase.dropbox.com/https://www.hellofax.com/https://app.hellofax.com/https://www.hellosign.com/https://app.hellosign.com/https://docsend.com/https://www.docsend.com/https://help.dropbox.com/https://navi.dropbox.jp/https://a.sprig.com/https://selfguidedlearning.dropboxbusiness.com/https://instructorledlearning.dropboxbusiness.com/https://sales.dropboxbusiness.com/https://accounts.google.com/https://api.login.yahoo.com/https://login.yahoo.com/https://experience.dropbox.com/https://pal-test.adyen.comhttps://2e83413d8036243b-Dropbox-pal-live.adyenpayments.com/https://onedrive.live.com/picker |
frame-src | https://*carousel:dbapi-6:dbapi-7:dbapi-8:dropbox-client:itms-apps:itms-appss: |
img-src | https://*data:blob: |
media-src | https://*blob: |
object-src | 'self'https://cfl.dropboxstatic.com/static/https://www.dropboxstatic.com/static/ |
report-uri | https://www.dropbox.com/csp_log?policy_name=metaserver-whitelist |
script-src | 'unsafe-eval'https://www.dropbox.com/static/api/https://www.dropbox.com/pithos/*https://www.dropbox.com/page_success/https://cfl.dropboxstatic.com/static/https://www.dropboxstatic.com/static/https://accounts.google.com/gsi/clienthttps://canny.io/sdk.jshttps://www.google.com/recaptcha/https://www.gstatic.com/recaptcha/'unsafe-inline' |
style-src | https://*'unsafe-inline''unsafe-eval' |
worker-src | https://www.dropbox.com/static/serviceworker/https://www.dropbox.com/encrypted_folder_download/service_worker.jsblob |
Cookies
Cookies are small pieces of data stored on a user's web browser to track and remember information about their browsing activity on a website.
Name | Value | Domain/Path | Expires | Secure | HTTP Only |
---|---|---|---|---|---|
gvc | MTY1ODEwMzI5MzQ4OTA1NTI3ODcwNDUyNzMxMjUxMDE1NTU2Njcw | www.dropbox.com/ | 6/20/2025, 8:00:53 PM | yes | yes |
t | q4KqkpyAVheC1GDqsimBG5L_ | .dropbox.com/ | 5/16/2025, 8:00:54 PM | yes | yes |
__Host-js_csrf | q4KqkpyAVheC1GDqsimBG5L_ | www.dropbox.com/ | 5/16/2025, 8:00:54 PM | yes | no |
__Host-ss | QmVPdDySBk | www.dropbox.com/ | 5/16/2025, 8:00:54 PM | yes | yes |
locale | en | .dropbox.com/ | 6/20/2025, 8:00:53 PM | yes | no |
ets | Acnv14XUGVqx336GJ7b9eDpmN0AfSVPLBFfBhz/7JHqusNJXVZsKlNHqTjY3UCwRMbNXjMVBCvMg9HH6eVnq4sV8OqFIokihFrxP0kA9uwjYgsJdnLqfUQRneFCD0AJlr90PrwkC2ZOjCBN%2BcRuMU4zi9LNRIfFdsvEGa5d%2B41rYG9/ZNT19HaeOSJKC19DKoFc%3D | .www.dropbox.com/ | 5/16/2024, 9:00:54 PM | yes | yes |