invoice.dropbox.com Open in urlscan Pro
18.164.116.46 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://protect-us.mimecast.com/s/Dh0bCyPnmPtvJR8GHZtbSK?domain=invoice.dropbox.com
Effective URL:
https://invoice.dropbox.com/invoices/view/cap_pid_inv%3AAAAAANYVmfZXSV2JnelyiMuKOrT59nz9PpeRUvcaoitoLkm2?utm_campaign=send_i...
Submission: On March 27 via manual (March 27th 2023, 6:54:10 pm UTC) from US — Scanned from US

Summary HTTP 45 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 13 IPs in 1 countries across 8 domains to perform 45 HTTP transactions. The main IP is 18.164.116.46, located in United States and belongs to AMAZON-02, US. The main domain is invoice.dropbox.com.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on February 1st 2023. Valid for: a year.

This is the only time invoice.dropbox.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 2	205.139.111.12 205.139.111.12	30031 (MIMECAST-) (MIMECAST-)
9	18.164.116.46 18.164.116.46	16509 (AMAZON-02) (AMAZON-02)
1	2607:f8b0:400... 2607:f8b0:4006:823::200a	15169 (GOOGLE) (GOOGLE)
4	13.226.39.81 13.226.39.81	16509 (AMAZON-02) (AMAZON-02)
4	162.125.8.20 162.125.8.20	19679 (DROPBOX) (DROPBOX)
2 4	2620:100:6019... 2620:100:6019:18::a27d:412	19679 (DROPBOX) (DROPBOX)
6	2620:100:6019... 2620:100:6019:19::a27d:413	19679 (DROPBOX) (DROPBOX)
1	108.139.29.78 108.139.29.78	16509 (AMAZON-02) (AMAZON-02)
3	2606:4700::68... 2606:4700::6810:631d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	34.198.52.31 34.198.52.31	14618 (AMAZON-AES) (AMAZON-AES)
1	18.164.116.22 18.164.116.22	16509 (AMAZON-02) (AMAZON-02)
1	2620:100:6019... 2620:100:6019:16::a27d:410	19679 (DROPBOX) (DROPBOX)
1 6	104.111.51.107 104.111.51.107	16625 (AKAMAI-AS) (AKAMAI-AS)
2	34.193.106.81 34.193.106.81	14618 (AMAZON-AES) (AMAZON-AES)
45	13

2 205.139.111.12 (United States) 2 redirects

ASN30031 (MIMECAST-, US)
PTR: us-api.mimecast.com

protect-us.mimecast.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 18.164.116.46 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-116-46.jfk50.r.cloudfront.net

invoice.dropbox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:823::200a (Nutley, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.226.39.81 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-39-81.ewr53.r.cloudfront.net

invoice-analytics.dropbox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 162.125.8.20 (United States)

ASN19679 (DROPBOX, US)

d.dropbox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:100:6019:18::a27d:412 (United States) 2 redirects

ASN19679 (DROPBOX, US)

www.dropbox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2620:100:6019:19::a27d:413 (United States)

ASN19679 (DROPBOX, US)

api.dropboxapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.139.29.78 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-139-29-78.jfk50.r.cloudfront.net

cdn.sprig.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6810:631d (United States)

ASN13335 (CLOUDFLARENET, US)

cfl.dropboxstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 34.198.52.31 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-198-52-31.compute-1.amazonaws.com

api.sprig.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.164.116.22 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-116-22.jfk50.r.cloudfront.net

consent.dropbox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:100:6019:16::a27d:410 (United States)

ASN19679 (DROPBOX, US)

uca0a32333820b56ecd4bfaba211.previews.dropboxusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.111.51.107 (Miami, United States) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-51-107.deploy.static.akamaitechnologies.com

c.evidon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.193.106.81 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-193-106-81.compute-1.amazonaws.com

l.evidon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	dropbox.com 2 redirects invoice.dropbox.com invoice-analytics.dropbox.com d.dropbox.com — Cisco Umbrella Rank: 2388 www.dropbox.com — Cisco Umbrella Rank: 2390 consent.dropbox.com — Cisco Umbrella Rank: 18661	2 MB
8	evidon.com 1 redirects c.evidon.com — Cisco Umbrella Rank: 1350 l.evidon.com — Cisco Umbrella Rank: 7448	39 KB
7	sprig.com cdn.sprig.com — Cisco Umbrella Rank: 15428 api.sprig.com — Cisco Umbrella Rank: 7320	54 KB
6	dropboxapi.com api.dropboxapi.com — Cisco Umbrella Rank: 2567	21 KB
3	dropboxstatic.com cfl.dropboxstatic.com — Cisco Umbrella Rank: 6145	145 KB
2	mimecast.com 2 redirects protect-us.mimecast.com — Cisco Umbrella Rank: 8884	3 KB
1	dropboxusercontent.com uca0a32333820b56ecd4bfaba211.previews.dropboxusercontent.com	8 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 31	1 KB
45	8

	Domain	Requested by
9	invoice.dropbox.com	invoice.dropbox.com
6	c.evidon.com	1 redirects cfl.dropboxstatic.com consent.dropbox.com c.evidon.com
6	api.sprig.com	cdn.sprig.com
6	api.dropboxapi.com	invoice.dropbox.com
4	www.dropbox.com	2 redirects invoice.dropbox.com consent.dropbox.com
4	d.dropbox.com	invoice.dropbox.com
4	invoice-analytics.dropbox.com	invoice.dropbox.com
3	cfl.dropboxstatic.com	www.dropbox.com consent.dropbox.com
2	l.evidon.com	consent.dropbox.com
2	protect-us.mimecast.com	2 redirects
1	uca0a32333820b56ecd4bfaba211.previews.dropboxusercontent.com	invoice.dropbox.com
1	consent.dropbox.com	cfl.dropboxstatic.com
1	cdn.sprig.com	invoice.dropbox.com
1	fonts.googleapis.com	invoice.dropbox.com
45	14

This site contains links to these domains. Also see Links.

Domain
www.dropbox.com

Subject Issuer	Validity	Valid
invoice.dropbox.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-01` - `2024-01-03`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
invoice-analytics.dropbox.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-14` - `2024-01-07`	a year	crt.sh
*.dropbox.com DigiCert TLS RSA SHA256 2020 CA1	`2022-10-14` - `2023-11-14`	a year	crt.sh
api.dropboxapi.com DigiCert TLS RSA SHA256 2020 CA1	`2022-09-16` - `2023-10-11`	a year	crt.sh
api.sprig.com Amazon RSA 2048 M01	`2023-02-23` - `2023-10-14`	8 months	crt.sh
cfl.dropboxstatic.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-14` - `2024-02-24`	a year	crt.sh
istio-gateway.sprig.com Amazon RSA 2048 M01	`2022-12-07` - `2024-01-05`	a year	crt.sh
consent.dropbox.com DigiCert TLS RSA SHA256 2020 CA1	`2022-12-28` - `2023-11-29`	a year	crt.sh
*.previews.dropboxusercontent.com DigiCert TLS RSA SHA256 2020 CA1	`2022-09-16` - `2023-09-27`	a year	crt.sh
*.evidon.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-04-12` - `2023-04-12`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://invoice.dropbox.com/invoices/view/cap_pid_inv%3AAAAAANYVmfZXSV2JnelyiMuKOrT59nz9PpeRUvcaoitoLkm2?utm_campaign=send_invoice&utm_medium=email&utm_source=dropbox&utm_term=view_invoice
Frame ID: C11CFFA0877F883A24594B73C26BF541
Requests: 19 HTTP requests in this frame

Frame: https://invoice.dropbox.com/html/user_survey.html
Frame ID: AD99BDB5C99FF198CB65A35F625AE549
Requests: 5 HTTP requests in this frame

Frame: https://consent.dropbox.com/?hide_gdpr=false&is_ccpa_enabled=true&is_migration_gate_enabled=undefined&should_use_floating_button=false&gpc_signal=undefined&origin=https%253A%252F%252Finvoice.dropbox.com&sandbox_redirect=false&locale=en
Frame ID: 351F3AC49D1E10CDE399FB5C39DD419C
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Dropbox Invoice

Page URL History Show full URLs

https://protect-us.mimecast.com/s/Dh0bCyPnmPtvJR8GHZtbSK?domain=invoice.dropbox.com HTTP 307
https://protect-us.mimecast.com/r/zj7kex6ZvsdrLCus0wgjSUVtII87jje6Md7Ot-AThzUER1B_eKW_ZvciYZN1TMIH7r8VIcvQyx... HTTP 307
https://invoice.dropbox.com/invoices/view/cap_pid_inv%3AAAAAANYVmfZXSV2JnelyiMuKOrT59nz9PpeRUvcaoitoLkm2... Page URL

Detected technologies

Crownpeak (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

c\.evidon\.com

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

45
Requests

93 %
HTTPS

36 %
IPv6

8
Domains

14
Subdomains

13
IPs

1
Countries

2236 kB
Transfer

7848 kB
Size

8
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://www.dropbox.com/privacy
Title: Privacy

Search URL Search Domain Scan URL

URL: https://www.dropbox.com/report_abuse
Title: Report Issue

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://protect-us.mimecast.com/s/Dh0bCyPnmPtvJR8GHZtbSK?domain=invoice.dropbox.com HTTP 307
https://protect-us.mimecast.com/r/zj7kex6ZvsdrLCus0wgjSUVtII87jje6Md7Ot-AThzUER1B_eKW_ZvciYZN1TMIH7r8VIcvQyx0ej2GChF8ZUozrIoIgI0p80994e7870V4F5Nt_X5WcPvqmIOBXYLlqXWUBX90u97jcW3xpQSEAQY2VP54gApwOAG7ZvVLoYo_QCbCAb5Jtg3uE3821pTvKvzXFWO2gONH3dCnoRtKX42PmDh5ZN-nUKMZclo_P77UcZUv6cj4f6MND8m5A5-onpOotPIEhK2w_MsxtF5L9UVwCDbzvC4DHR0Pq2LqjlRgWrMT5unbPM4taJOe_D-58zGmyDI_6rUtm3PAJFlslYEeQMDX-OvETZa8vklbWVIJOMbOCsKWrhG-9oNa5xtpvdxdcMHTkGkVhcZUxlp0C_rcV_vtYQGwM38U_U14rVlmRmf4lgRo03aYhVrdF4ZJqmeXbhm9LR5ypHOppJmIQqUym3uEhi2croD5xdY6SxKb0fuifiZRo9nWP5laKbsxXEQs358lf2LH5EDq-4XI29Y0SgROu6ueBA_I15895BFI3PE26jsMF49i57sMlq5O-OGe7nwLhIr2ayd0_yWFYWtzwJv-1XhIoeK3DGy13Tg896u0jb2g_D3Ozp2vAN5z740Tk-0Swc9aRbWoYNom7PufGMEEgjmj3KtiZZQy_YVCZhuraF6ueI_mgmKaZa-3pzEyYuzSjtGG6DSy25rdfrbjkL78V6jsRW7wmFc8Zz3CrAzPg5e_YJgT_wJmVEWopVew0iIL1jfQnrK1o4Yx4fEj6sf8l-aS9Ga1GvzAR9hRz-TcJOMYtzFeA9PhJiKs9OA6g_T7dKHDbA-RN2DQ4okWGUnllraQuX97iy_2p1XHrZ6VudzKzVX4LBnQrzrXOkNLWgATaT1wHxewGBfpe7GetMs84eFiHT1BYX7F-KkLNJZt_bTb0BNbrjQKbbEr8lWMhWhgyBMF02KRGTyeKAbNSreT8GQawvQs1fTz47Tsdw89Q4TjHqiRnpDcLUX_Lf2LHWUfL0FoxkbNU2JX1lQBNxRRUBNEsE_kt-6RPKgHEVHnucKtAqvnTMQ2kjL_-HaQMYxTrJFEQdBwyAcmdbh3QrSSchfg8_4DW1NvoERHLGtwDRVhVg8pFeIXL8jddsVbYSaOPzIL30ceTnE_UyZSXZN9wELGH7WVERkhNl7NvGxd2xYIZqmXa-3L5wWiRmCdLSD_KGgXRBPUBadCifCvLuuLfHcH4IlUewR8ddbfm9ubpsa1_8s1cNn3cba4SsrBLg7n_5eww6EARqiipWQUboL9DyswU0OnIUNWTOFuLOSjEaQN9LAllziWHMLrScprT75Gf1fz085uNjdoULvK1qTW_VlzDzmgJQ0JDSKLZ72kXfdlinbjKHHrnQ630mY0KlaOzvNGAvIRCjCYEWipjCcTpdXARoROjpjA1DkPvm0wzq7FCnf2w36AL3zsv9HMEEO8vtG0xtzUT8Xzl0Hc0ETnh0wui9QxiMZl3S6YVX7y6x9WzwCGAw8daoD7a8fVeN28q23WPWmOrFCE1vdq8fbELz-tZsXLeMIFXJoIWdaRbY5lGAnUUgFpEoxr3OU36jTsdg5PAvBUXd1w8M3O7TRdLs89Q07o4qfrzLoYtoLvrGXl2fXUvUtYEjNefeEjmCj3cx1pS7V6fmPExgy3hAb0z6Nqy2lqSmNYTgfQOjPcCFLcigNjGo80-_NheXB0V4xEG8u2Eh_j-ZV6Hn-x-FsmAIXPwcvR2wbIqJME9pFXqhxNxcjUjbsvz1ZaWsJAYWgd2JDw031n6_5lzlbbDETuwf5nx0gifrsiYHbzt5DnJ7oWBxFR3o9jssbgW5DYEb2uPyh9V9Qje5vF1oe1XPlUQcMgnIH5B9kK2nsKNJr8vbgMNnm6Z8FYntYVCULIACeR-mTSnyzt5My1vsBm0-L_WNITUKmhYmad6IkCa8fVeN_QThf_hJMngwP4mTFLdexmsMetJo_qIE7vMzQ0xxyu-Z08sm7T7VmDtE90 HTTP 307
https://invoice.dropbox.com/invoices/view/cap_pid_inv%3AAAAAANYVmfZXSV2JnelyiMuKOrT59nz9PpeRUvcaoitoLkm2?utm_campaign=send_invoice&utm_medium=email&utm_source=dropbox&utm_term=view_invoice Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10

https://www.dropbox.com/pithos/privacy_consent HTTP 307
https://www.dropbox.com/pithos/host%3Ainvoice.dropbox.com/privacy_consent

Request Chain 30

https://www.dropbox.com/pithos/privacy_consent_service HTTP 307
https://www.dropbox.com/pithos/host%3Aconsent.dropbox.com/privacy_consent_service

Request Chain 39

https://c.evidon.com/sitenotice/3401/dropbox/settings.js HTTP 301
https://c.evidon.com/sitenotice/3401/dropbox/settingsV2.js

45 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request cap_pid_inv%3AAAAAANYVmfZXSV2JnelyiMuKOrT59nz9PpeRUvcaoitoLkm2 Show response
invoice.dropbox.com/invoices/view/
Redirect Chain

https://protect-us.mimecast.com/s/Dh0bCyPnmPtvJR8GHZtbSK?domain=invoice.dropbox.com
https://protect-us.mimecast.com/r/zj7kex6ZvsdrLCus0wgjSUVtII87jje6Md7Ot-AThzUER1B_eKW_ZvciYZN1TMIH7r8VIcvQyx0ej2GChF8ZUozrIoIgI0p80994e7870V4F5Nt_X5WcPvqmIOBXYLlqXWUBX90u97jcW3xpQSEAQY2VP54gApwOAG7...
https://invoice.dropbox.com/invoices/view/cap_pid_inv%3AAAAAANYVmfZXSV2JnelyiMuKOrT59nz9PpeRUvcaoitoLkm2?utm_campaign=send_invoice&utm_medium=email&utm_source=dropbox&utm_term=view_invoice

4 KB
2 KB

294ms
106ms

Document
text/html

18.164.116.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://invoice.dropbox.com/invoices/view/cap_pid_inv%3AAAAAANYVmfZXSV2JnelyiMuKOrT59nz9PpeRUvcaoitoLkm2?utm_campaign=send_invoice&utm_medium=email&utm_source=dropbox&utm_term=view_invoice
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.116.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-116-46.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4943b0f3c37d00d65efb1dc1dafa64092cd83d74862ac099e72c3ae14305d426

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 46
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-type: text/html
date: Mon, 27 Mar 2023 18:53:15 GMT
etag: W/"ad9da51e1b47831bcf4e86e157069b37"
expires: -1
last-modified: Thu, 23 Mar 2023 18:12:11 GMT
pragma: no-cache
server: AmazonS3
vary: Accept-Encoding
via: 1.1 08307cdad31639e360e0351e9156d6ba.cloudfront.net (CloudFront)
x-amz-cf-id: 7_q1SnuZQcCd6GSS-PZ5HCWw1J-X5X-W4YMZx01jzYXX65tjU1ctnA==
x-amz-cf-pop: JFK50-P6
x-cache: Error from cloudfront

Redirect headers

Cache-control: no-store
Connection: keep-alive
Content-Length: 0
Date: Mon, 27 Mar 2023 18:54:00 GMT
Location: https://invoice.dropbox.com/invoices/view/cap_pid_inv%3AAAAAANYVmfZXSV2JnelyiMuKOrT59nz9PpeRUvcaoitoLkm2?utm_campaign=send_invoice&utm_medium=email&utm_source=dropbox&utm_term=view_invoice
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Robots-Tag: noindex, nofollow

GET
H2 200 css2
fonts.googleapis.com/ 18 KB
1 KB 280ms
99ms Stylesheet
text/css 2607:f8b0:4006:823::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Lato:wght@400;700&family=Roboto+Condensed:wght@400;700&family=Roboto:wght@400;500;700&family=Source+Serif+4:opsz,wght@8..60,400;8..60,500;8..60,700&display=swap

Requested by

Host: invoice.dropbox.com
URL: https://invoice.dropbox.com/invoices/view/cap_pid_inv%3AAAAAANYVmfZXSV2JnelyiMuKOrT59nz9PpeRUvcaoitoLkm2?utm_campaign=send_invoice&utm_medium=email&utm_source=dropbox&utm_term=view_invoice

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::200a Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4a1caa69aff8fbfbc30a8e5cd26b484273f1a963b07e4f534fea7fbe70123bfc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://invoice.dropbox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 27 Mar 2023 18:54:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 27 Mar 2023 18:54:00 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 27 Mar 2023 18:54:00 GMT

GET
H2 200 2.d290f05b.chunk.css
invoice.dropbox.com/static/css/ 152 KB
21 KB 76ms
67ms Stylesheet
text/css 18.164.116.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://invoice.dropbox.com/static/css/2.d290f05b.chunk.css
Requested by: Host: invoice.dropbox.com
URL: https://invoice.dropbox.com/invoices/view/cap_pid_inv%3AAAAAANYVmfZXSV2JnelyiMuKOrT59nz9PpeRUvcaoitoLkm2?utm_campaign=send_invoice&utm_medium=email&utm_source=dropbox&utm_term=view_invoice
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.116.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-116-46.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d7c9bf89e47150e274a504cf17f00eccf8d0c4d02903d1c9dcfeb86adca6892f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://invoice.dropbox.com/invoices/view/cap_pid_inv%3AAAAAANYVmfZXSV2JnelyiMuKOrT59nz9PpeRUvcaoitoLkm2?utm_campaign=send_invoice&utm_medium=email&utm_source=dropbox&utm_term=view_invoice
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 18:24:17 GMT
content-encoding: gzip
via: 1.1 08307cdad31639e360e0351e9156d6ba.cloudfront.net (CloudFront)
last-modified: Thu, 23 Mar 2023 18:12:06 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P6
age: 1784
etag: W/"820effed223c13914e9b64f3059d21af"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
cache-control: max-age=3600
x-amz-cf-id: Yjk-VhM8a1nkrN2-4562b8no-_5bdI3B8IYQOK_tx8NxX2-3KBsJEA==

GET
H2 200 main.69a2d04a.chunk.css
invoice.dropbox.com/static/css/ 1 KB
1 KB 84ms
74ms Stylesheet
text/css 18.164.116.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://invoice.dropbox.com/static/css/main.69a2d04a.chunk.css
Requested by: Host: invoice.dropbox.com
URL: https://invoice.dropbox.com/invoices/view/cap_pid_inv%3AAAAAANYVmfZXSV2JnelyiMuKOrT59nz9PpeRUvcaoitoLkm2?utm_campaign=send_invoice&utm_medium=email&utm_source=dropbox&utm_term=view_invoice
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.116.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-116-46.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fd5c64ae471db15aa16d8424a65e4cae32e4349f0d6b93cb8204d6e7fccf7856

Request headers

accept-language: en-US,en;q=0.9
Referer: https://invoice.dropbox.com/invoices/view/cap_pid_inv%3AAAAAANYVmfZXSV2JnelyiMuKOrT59nz9PpeRUvcaoitoLkm2?utm_campaign=send_invoice&utm_medium=email&utm_source=dropbox&utm_term=view_invoice
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 18:24:17 GMT
content-encoding: gzip
via: 1.1 08307cdad31639e360e0351e9156d6ba.cloudfront.net (CloudFront)
last-modified: Thu, 23 Mar 2023 18:12:05 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P6
age: 1784
etag: W/"7e50e22adc3469f38216518b5bbb9193"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
cache-control: max-age=3600
x-amz-cf-id: e2FrWUaQvPlunkx8FXy3t58TnwDYiOex-2zm4pOAiEbQY2KbqPoQrQ==

GET
H2 200 2.905e0d52.chunk.js Show response
invoice.dropbox.com/static/js/ 5 MB
2 MB 95ms
86ms Script
application/javascript 18.164.116.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://invoice.dropbox.com/static/js/2.905e0d52.chunk.js
Requested by: Host: invoice.dropbox.com
URL: https://invoice.dropbox.com/invoices/view/cap_pid_inv%3AAAAAANYVmfZXSV2JnelyiMuKOrT59nz9PpeRUvcaoitoLkm2?utm_campaign=send_invoice&utm_medium=email&utm_source=dropbox&utm_term=view_invoice
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.116.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-116-46.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 89fb77a9800bc6f8f26958bce263c3d2f1dd3fbd91cf270354ba25e94bdf6f87

Request headers

accept-language: en-US,en;q=0.9
Referer: https://invoice.dropbox.com/invoices/view/cap_pid_inv%3AAAAAANYVmfZXSV2JnelyiMuKOrT59nz9PpeRUvcaoitoLkm2?utm_campaign=send_invoice&utm_medium=email&utm_source=dropbox&utm_term=view_invoice
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 18:24:17 GMT
content-encoding: gzip
via: 1.1 08307cdad31639e360e0351e9156d6ba.cloudfront.net (CloudFront)
last-modified: Thu, 23 Mar 2023 18:12:07 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P6
age: 1784
etag: W/"98d3b8f172cc66909b073dbfe29d0913"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
x-amz-cf-id: HTJs8C3UxP7dr9nJHq1i2cLMYDYpRN_r-EFZm0kNK8rNrRbHV2sKIQ==

GET
H2 200 main.e313b05e.chunk.js Show response
invoice.dropbox.com/static/js/ 937 KB
223 KB 97ms
87ms Script
application/javascript 18.164.116.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://invoice.dropbox.com/static/js/main.e313b05e.chunk.js
Requested by: Host: invoice.dropbox.com
URL: https://invoice.dropbox.com/invoices/view/cap_pid_inv%3AAAAAANYVmfZXSV2JnelyiMuKOrT59nz9PpeRUvcaoitoLkm2?utm_campaign=send_invoice&utm_medium=email&utm_source=dropbox&utm_term=view_invoice
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.116.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-116-46.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e4596e655a892774d35a78b330a99ee2410846546d1566cc8e9603789315df00

Request headers

accept-language: en-US,en;q=0.9
Referer: https://invoice.dropbox.com/invoices/view/cap_pid_inv%3AAAAAANYVmfZXSV2JnelyiMuKOrT59nz9PpeRUvcaoitoLkm2?utm_campaign=send_invoice&utm_medium=email&utm_source=dropbox&utm_term=view_invoice
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 18:24:17 GMT
content-encoding: gzip
via: 1.1 08307cdad31639e360e0351e9156d6ba.cloudfront.net (CloudFront)
last-modified: Thu, 23 Mar 2023 18:12:06 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P6
age: 1784
etag: W/"0f3949bf9413fd1c2f57b96e9de2d811"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
x-amz-cf-id: f_o2icSl2Lo4UuY-ExFeZwWQzspCosrA7u9d2egfdQ-dznwuADCb1w==

OPTIONS
H2 200 /
invoice-analytics.dropbox.com/ Frame 0
0 512ms
254ms Preflight 13.226.39.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://invoice-analytics.dropbox.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.39.81 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-226-39-81.ewr53.r.cloudfront.net

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept: */*
Access-Control-Request-Headers: cross-origin-resource-policy
Access-Control-Request-Method: POST
Origin: https://invoice.dropbox.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

access-control-allow-headers: cross-origin-resource-policy
access-control-allow-methods: GET, POST
access-control-allow-origin: *
content-length: 0
date: Mon, 27 Mar 2023 18:54:03 GMT
strict-transport-security: max-age=15768000
via: 1.1 0a84c1b70b100e694edd23e638bf7fa8.cloudfront.net (CloudFront)
x-amz-cf-id: ZMn_sbNP2DEDnsdvvxr_TPCVtMV_kX4nDXK8RfxL8pS0KUXm1s_-Og==
x-amz-cf-pop: EWR53-C2
x-cache: Miss from cloudfront

POST
H2 200 / Show response
invoice-analytics.dropbox.com/ 7 B
360 B 303ms
303ms XHR
text/html 13.226.39.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://invoice-analytics.dropbox.com/

Requested by

Host: invoice.dropbox.com
URL: https://invoice.dropbox.com/static/js/2.905e0d52.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.39.81 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-226-39-81.ewr53.r.cloudfront.net

Software

Resource Hash

aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://invoice.dropbox.com/
Cross-Origin-Resource-Policy: cross-origin
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Mon, 27 Mar 2023 18:54:03 GMT
strict-transport-security: max-age=15768000
via: 1.1 0a84c1b70b100e694edd23e638bf7fa8.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR53-C2
x-cache: Miss from cloudfront
access-control-allow-methods: GET, POST
access-control-allow-origin: *
content-type: text/html;charset=utf-8
trace-id: Root=1-6421e64b-7ca9327f15074f151862a507
content-length: 7
x-amz-cf-id: zqPK3anLMJ_MebcHNK9F43m9kmI-6c4GvdvTAotv6GiR1INkS5zfjA==

GET
H2 200 user_survey.html Show response
invoice.dropbox.com/html/ Frame AD99 5 KB
2 KB 132ms
84ms Document
text/html 18.164.116.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://invoice.dropbox.com/html/user_survey.html
Requested by: Host: invoice.dropbox.com
URL: https://invoice.dropbox.com/static/js/main.e313b05e.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.116.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-116-46.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4c4857da6a2cb2ab3ab309ee4600faca6fda0ac1432947c06a8e4d1a04f224bf

Request headers

Referer: https://invoice.dropbox.com/invoices/view/cap_pid_inv%3AAAAAANYVmfZXSV2JnelyiMuKOrT59nz9PpeRUvcaoitoLkm2?utm_campaign=send_invoice&utm_medium=email&utm_source=dropbox&utm_term=view_invoice
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 17391626
content-encoding: gzip
content-type: text/html
date: Wed, 07 Sep 2022 11:53:38 GMT
etag: W/"fa0854c09e48221ab393d16bee8459a7"
last-modified: Thu, 01 Sep 2022 18:08:51 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 08307cdad31639e360e0351e9156d6ba.cloudfront.net (CloudFront)
x-amz-cf-id: E5Ay-rQNcmnnkh4h0-y4AD5ZGmxrS6CZDhFKvVtiitFMAHYVh3BzEw==
x-amz-cf-pop: JFK50-P6
x-cache: Hit from cloudfront

OPTIONS
H2 200 sessions
d.dropbox.com/crashdash/proxy/ Frame 0
0 417ms
109ms Preflight 162.125.8.20
DROPBOX

General

Check archive.org

Show headers Download Go to

Full URL: https://d.dropbox.com/crashdash/proxy/sessions
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.125.8.20 , United States, ASN19679 (DROPBOX, US),
Reverse DNS
Software: envoy /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: bugsnag-api-key,bugsnag-payload-version,bugsnag-sent-at,content-type
Access-Control-Request-Method: POST
Origin: https://invoice.dropbox.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

access-control-allow-headers: Origin, Content-Type, Accept, Authorization, User-Agent, Referer, X-Forwarded-For, Bugsnag-Api-Key, Bugsnag-Payload-Version, Bugsnag-Sent-At
access-control-allow-methods: POST
access-control-allow-origin: *
content-length: 0
date: Mon, 27 Mar 2023 18:54:03 GMT
server: envoy
x-dropbox-request-id: 10d03c6a7d574953b6c3787a091465ea
x-dropbox-response-origin: far_remote

POST
H2 202 sessions Show response
d.dropbox.com/crashdash/proxy/ 21 B
330 B 212ms
211ms XHR
application/json 162.125.8.20
DROPBOX

General

Check archive.org

Show headers Download Go to

Full URL

https://d.dropbox.com/crashdash/proxy/sessions

Requested by

Host: invoice.dropbox.com
URL: https://invoice.dropbox.com/static/js/2.905e0d52.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

162.125.8.20 , United States, ASN19679 (DROPBOX, US),

Reverse DNS

Software

envoy /

Resource Hash

0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'none'; frame-ancestors 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Bugsnag-Payload-Version: 1
Referer: https://invoice.dropbox.com/
Bugsnag-Sent-At: 2023-03-27T18:54:03.310Z
accept-language: en-US,en;q=0.9
Bugsnag-Api-Key: bbafa5f9-ec9e-40ac-a0e2-dae3efcb6e68
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type: application/json

Response headers

content-security-policy: sandbox; default-src 'none'; frame-ancestors 'none'
date: Mon, 27 Mar 2023 18:54:03 GMT
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
via: 1.1 google
server: envoy
content-type: application/json
access-control-allow-origin: *
x-dropbox-request-id: f60daf1501134e1daa97465b8081dceb
bugsnag-session-uuid: 8bf07911-175b-4470-9514-de90734f0700
x-dropbox-response-origin: far_remote
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21
x-xss-protection: 1; mode=block

GET
H2

200

privacy_consent Show response
www.dropbox.com/pithos/host%3Ainvoice.dropbox.com/
Redirect Chain

https://www.dropbox.com/pithos/privacy_consent
https://www.dropbox.com/pithos/host%3Ainvoice.dropbox.com/privacy_consent

9 KB
5 KB

164ms
163ms

Script
text/javascript

2620:100:6019:18::a27d:412
DROPBOX

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dropbox.com/pithos/host%3Ainvoice.dropbox.com/privacy_consent

Requested by

Protocol

Server

2620:100:6019:18::a27d:412 , United States, ASN19679 (DROPBOX, US),

Reverse DNS

Software

envoy /

Resource Hash

7f9f9602b3da32555b6fce05451cae812ef704fcb21860c99312f281325765ab

Security Headers

Name	Value
Content-Security-Policy	base-uri 'self' ; child-src https://www.dropbox.com/static/serviceworker/ blob: ; connect-src https://* ws://127.0.0.1:/ws ; default-src 'none' ; font-src https:// data: ; form-action 'self' https://www.dropbox.com/ https://dl-web.dropbox.com/ https://photos.dropbox.com/ https://paper.dropbox.com/ https://showcase.dropbox.com/ https://www.hellofax.com/ https://app.hellofax.com/ https://www.hellosign.com/ https://app.hellosign.com/ https://docsend.com/ https://www.docsend.com/ https://help.dropbox.com/ https://navi.dropbox.jp/ https://a.sprig.com/ https://selfguidedlearning.dropboxbusiness.com/ https://instructorledlearning.dropboxbusiness.com/ https://sales.dropboxbusiness.com/ https://accounts.google.com/ https://api.login.yahoo.com/ https://login.yahoo.com/ https://experience.dropbox.com/ https://pal-test.adyen.com https://2e83413d8036243b-Dropbox-pal-live.adyenpayments.com/ ; frame-src https://* carousel: dbapi-6: dbapi-7: dbapi-8: dropbox-client: itms-apps: itms-appss: ; img-src https://* data: blob: ; media-src https://* blob: ; object-src 'self' https://cfl.dropboxstatic.com/static/ https://www.dropboxstatic.com/static/ ; report-uri https://www.dropbox.com/csp_log?policy_name=metaserver-whitelist ; script-src 'unsafe-eval' https://www.dropbox.com/static/api/ https://www.dropbox.com/page_success/ https://cfl.dropboxstatic.com/static/ https://www.dropboxstatic.com/static/ https://accounts.google.com/gsi/client https://canny.io/sdk.js 'nonce-bwhBhpUOWaYAiISB/gLv' ; style-src https://* 'unsafe-inline' 'unsafe-eval' ; worker-src https://www.dropbox.com/static/serviceworker/ blob:, report-uri https://www.dropbox.com/csp_log?policy_name=metaserver-dynamic ; script-src 'unsafe-eval' 'strict-dynamic' 'nonce-bwhBhpUOWaYAiISB/gLv' 'nonce-RE74lOt4OgYCR+OEtZI4'
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://invoice.dropbox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

content-security-policy: base-uri 'self' ; child-src https://www.dropbox.com/static/serviceworker/ blob: ; connect-src https://* ws://127.0.0.1:*/ws ; default-src 'none' ; font-src https://* data: ; form-action 'self' https://www.dropbox.com/ https://dl-web.dropbox.com/ https://photos.dropbox.com/ https://paper.dropbox.com/ https://showcase.dropbox.com/ https://www.hellofax.com/ https://app.hellofax.com/ https://www.hellosign.com/ https://app.hellosign.com/ https://docsend.com/ https://www.docsend.com/ https://help.dropbox.com/ https://navi.dropbox.jp/ https://a.sprig.com/ https://selfguidedlearning.dropboxbusiness.com/ https://instructorledlearning.dropboxbusiness.com/ https://sales.dropboxbusiness.com/ https://accounts.google.com/ https://api.login.yahoo.com/ https://login.yahoo.com/ https://experience.dropbox.com/ https://pal-test.adyen.com https://2e83413d8036243b-Dropbox-pal-live.adyenpayments.com/ ; frame-src https://* carousel: dbapi-6: dbapi-7: dbapi-8: dropbox-client: itms-apps: itms-appss: ; img-src https://* data: blob: ; media-src https://* blob: ; object-src 'self' https://cfl.dropboxstatic.com/static/ https://www.dropboxstatic.com/static/ ; report-uri https://www.dropbox.com/csp_log?policy_name=metaserver-whitelist ; script-src 'unsafe-eval' https://www.dropbox.com/static/api/ https://www.dropbox.com/page_success/ https://cfl.dropboxstatic.com/static/ https://www.dropboxstatic.com/static/ https://accounts.google.com/gsi/client https://canny.io/sdk.js 'nonce-bwhBhpUOWaYAiISB/gLv' ; style-src https://* 'unsafe-inline' 'unsafe-eval' ; worker-src https://www.dropbox.com/static/serviceworker/ blob:, report-uri https://www.dropbox.com/csp_log?policy_name=metaserver-dynamic ; script-src 'unsafe-eval' 'strict-dynamic' 'nonce-bwhBhpUOWaYAiISB/gLv' 'nonce-RE74lOt4OgYCR+OEtZI4'
date: Mon, 27 Mar 2023 18:54:03 GMT
x-content-type-options: nosniff
accept-encoding: identity,gzip
content-encoding: gzip
x-permitted-cross-domain-policies: none
strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
x-dropbox-request-id: 62e4abb2406449c39a4994821f9c0f4d
x-dropbox-response-origin: far_remote
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: envoy
x-server-response-time: 27
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: no-cache, no-store

Redirect headers

content-security-policy: sandbox
date: Mon, 27 Mar 2023 18:54:03 GMT
x-content-type-options: nosniff
accept-encoding: identity,gzip
content-encoding: gzip
x-permitted-cross-domain-policies: none
strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
x-dropbox-request-id: 4af55321ee8746c98179cd21067ac423
x-dropbox-response-origin: far_remote
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: envoy
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/html; charset=utf-8
location: https://www.dropbox.com/pithos/host%3Ainvoice.dropbox.com/privacy_consent
cache-control: no-cache, no-store

POST
H2 200 get_assignments Show response
api.dropboxapi.com/2/stormcrow_servicer/ 182 KB
19 KB 584ms
583ms Fetch
application/json 2620:100:6019:19::a27d:413
DROPBOX

General

Check archive.org

Show headers Download Go to

Full URL

https://api.dropboxapi.com/2/stormcrow_servicer/get_assignments

Requested by

Host: invoice.dropbox.com
URL: https://invoice.dropbox.com/static/js/2.905e0d52.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:100:6019:19::a27d:413 , United States, ASN19679 (DROPBOX, US),

Reverse DNS

Software

envoy /

Resource Hash

0981e211747e44287f3eba69f6790a299f72d19b77cb41638c34389365d72a16

Security Headers

Name	Value
Content-Security-Policy	sandbox
X-Content-Security-Policy	sandbox
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Referer: https://invoice.dropbox.com/
accept-language: en-US,en;q=0.9
Authorization: Basic ZXhqZWtjN2h0bjNhbXl5OnY3dWI4azNya201ODBneg==
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type: application/json

Response headers

content-security-policy: sandbox
date: Mon, 27 Mar 2023 18:54:04 GMT
x-content-type-options: nosniff
content-encoding: gzip
x-dropbox-request-id: 77c666b9aea54c59a6e6a27b7929d1cc
x-dropbox-response-origin: far_remote
content-disposition: attachment
pragma: no-cache
server: envoy
x-server-response-time: 468
x-frame-options: sameorigin
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Range, ETag, Dropbox-API-Result
cache-control: no-cache
x-webkit-csp: sandbox
x-content-security-policy: sandbox

GET
H2 200 shim.js Show response
cdn.sprig.com/ Frame AD99 175 KB
52 KB 290ms
83ms Script
application/javascript 108.139.29.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.sprig.com/shim.js?id=eHSY0Wh44Y
Requested by: Host: invoice.dropbox.com
URL: https://invoice.dropbox.com/html/user_survey.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.29.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-29-78.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ee327ae15a97e69073dcbd2633ef05526e046c01ccaa612713e54f864f4e8168

Request headers

accept-language: en-US,en;q=0.9
Referer: https://invoice.dropbox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 15:37:42 GMT
x-amz-version-id: KYwrxOO6qD_9VWVxaBkjnDxEuCzCxO1d
content-encoding: br
last-modified: Wed, 22 Mar 2023 19:52:45 GMT
server: AmazonS3
via: 1.1 f25b89e7ef738cb8bb7e28e041d8fe54.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P2
etag: W/"9dd7e5505bf6d9dd263dbc75903081db"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
age: 11783
x-amz-cf-id: zrHWazINaqwZalhXKre9HjcQ3eamzIyCHTtl3AucJY4SEDvVGCp0Wg==

OPTIONS
H2 200 get_assignments
api.dropboxapi.com/2/stormcrow_servicer/ Frame 0
0 408ms
105ms Preflight
application/json 2620:100:6019:19::a27d:413
DROPBOX

General

Check archive.org

Show headers Download Go to

Full URL

https://api.dropboxapi.com/2/stormcrow_servicer/get_assignments

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:100:6019:19::a27d:413 , United States, ASN19679 (DROPBOX, US),

Reverse DNS

Software

envoy /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	sandbox
X-Content-Security-Policy	sandbox
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://invoice.dropbox.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

access-control-allow-headers: Authorization, Cache-Control, Content-Type, If-Modified-Since, If-None-Match, Range, Dropbox-API-Arg, Dropbox-API-Select-User, Dropbox-API-User-Locale, Dropbox-API-Select-Admin, Dropbox-API-Path-Root, Accept, Accept-Language, Content-Language, Origin, Referer
access-control-allow-methods: GET, POST
access-control-allow-origin: *
access-control-max-age: 600
cache-control: no-cache
content-disposition: attachment
content-length: 0
content-security-policy: sandbox
content-type: text/plain; charset=utf-8,application/json
date: Mon, 27 Mar 2023 18:54:04 GMT
pragma: no-cache
server: envoy
x-content-security-policy: sandbox
x-content-type-options: nosniff
x-dropbox-request-id: c36828c3fdae44bc8d29267b61909d5e
x-dropbox-response-origin: far_remote
x-frame-options: sameorigin
x-server-response-time: 0
x-webkit-csp: sandbox

GET
H2 200 privacy_consent.bundle-vfluIIH5J.js Show response
cfl.dropboxstatic.com/static/metaserver/static/pithos/ 225 KB
68 KB 531ms
89ms Script
text/javascript 2606:4700::6810:631d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cfl.dropboxstatic.com/static/metaserver/static/pithos/privacy_consent.bundle-vfluIIH5J.js

Requested by

Host: www.dropbox.com
URL: https://www.dropbox.com/pithos/privacy_consent

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700::6810:631d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

61955f3a536c0ea0334e997b505eb8ae549746b32a8ded0a508cde04a3f1952c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://invoice.dropbox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 18:54:04 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 23498
x-dropbox-request-id: 59098cb5eb877579c6b48f9623f31df0
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-cached: HIT
last-modified: Sat, 25 Mar 2023 00:33:39 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public, immutable
timing-allow-origin: https://www.dropbox.com
cf-ray: 7ae9d6ffac548dca-MIA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK config Show response
api.sprig.com/sdk/1/environments/eHSY0Wh44Y/ Frame AD99 407 B
773 B 73ms
66ms Fetch
application/json 34.198.52.31
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.sprig.com/sdk/1/environments/eHSY0Wh44Y/config
Requested by: Host: cdn.sprig.com
URL: https://cdn.sprig.com/shim.js?id=eHSY0Wh44Y
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.198.52.31 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-198-52-31.compute-1.amazonaws.com
Software: istio-envoy /
Resource Hash: 51e041409ca41fb5a6bfbb14f9f5ee87b5218193e92272d82fcd84c971290023

Request headers

x-ul-visitor-id: 3e84b1f0-390d-4e13-a3cc-f34333d735a4
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type: application/json
x-ul-installation-method: web-snippet
Referer: https://invoice.dropbox.com/
x-ul-sdk-version: 2.21.6
x-ul-environment-id: eHSY0Wh44Y
userleap-platform: web

Response headers

date: Mon, 27 Mar 2023 18:54:05 GMT
server: istio-envoy
etag: W/"197-CVRg4ZBAwWxZYqXNq9sNc4j5MgI"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-envoy-upstream-service-time: 7
timing-allow-origin: https://0.0.com, https://0.1.com, https://1.0.com, https://1.1.com
content-length: 407

OPTIONS
H/1.1 204
No Content config
api.sprig.com/sdk/1/environments/eHSY0Wh44Y/ Frame 0
0 683ms
62ms Preflight 34.198.52.31
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.sprig.com/sdk/1/environments/eHSY0Wh44Y/config
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.198.52.31 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-198-52-31.compute-1.amazonaws.com
Software: istio-envoy /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,userleap-platform,x-ul-environment-id,x-ul-installation-method,x-ul-sdk-version,x-ul-visitor-id
Access-Control-Request-Method: GET
Origin: https://invoice.dropbox.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

access-control-allow-headers: content-type,userleap-platform,x-ul-environment-id,x-ul-installation-method,x-ul-sdk-version,x-ul-visitor-id
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
date: Mon, 27 Mar 2023 18:54:04 GMT
server: istio-envoy
timing-allow-origin: https://0.0.com, https://0.1.com, https://1.0.com, https://1.1.com
vary: Access-Control-Request-Headers
x-envoy-upstream-service-time: 2

OPTIONS
H2 200 /
invoice-analytics.dropbox.com/ Frame 0
0 297ms
296ms Preflight 13.226.39.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://invoice-analytics.dropbox.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.39.81 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-226-39-81.ewr53.r.cloudfront.net

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept: */*
Access-Control-Request-Headers: cross-origin-resource-policy
Access-Control-Request-Method: POST
Origin: https://invoice.dropbox.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

access-control-allow-headers: cross-origin-resource-policy
access-control-allow-methods: GET, POST
access-control-allow-origin: *
content-length: 0
date: Mon, 27 Mar 2023 18:54:05 GMT
strict-transport-security: max-age=15768000
via: 1.1 0a84c1b70b100e694edd23e638bf7fa8.cloudfront.net (CloudFront)
x-amz-cf-id: nVxmPydWpk8IqkwlWKq_EkjN2t4ljY_msWl0t79sOPDoDH0rDTN6Qg==
x-amz-cf-pop: EWR53-C2
x-cache: Miss from cloudfront

OPTIONS
H2 200 sessions
d.dropbox.com/crashdash/proxy/ Frame 0
0 3408ms
3406ms Preflight 162.125.8.20
DROPBOX

General

Check archive.org

Show headers Download Go to

Full URL: https://d.dropbox.com/crashdash/proxy/sessions
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.125.8.20 , United States, ASN19679 (DROPBOX, US),
Reverse DNS
Software: envoy /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: bugsnag-api-key,bugsnag-payload-version,bugsnag-sent-at,content-type
Access-Control-Request-Method: POST
Origin: https://invoice.dropbox.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

access-control-allow-headers: Origin, Content-Type, Accept, Authorization, User-Agent, Referer, X-Forwarded-For, Bugsnag-Api-Key, Bugsnag-Payload-Version, Bugsnag-Sent-At
access-control-allow-methods: POST
access-control-allow-origin: *
content-length: 0
date: Mon, 27 Mar 2023 18:54:08 GMT
server: envoy
x-dropbox-request-id: 1f0bdf99486746929723ac075ecd2bf9
x-dropbox-response-origin: far_remote

POST
H2 200 / Show response
invoice-analytics.dropbox.com/ 7 B
359 B 406ms
306ms XHR
text/html 13.226.39.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://invoice-analytics.dropbox.com/

Requested by

Host: invoice.dropbox.com
URL: https://invoice.dropbox.com/static/js/2.905e0d52.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.39.81 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-226-39-81.ewr53.r.cloudfront.net

Software

Resource Hash

aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://invoice.dropbox.com/
Cross-Origin-Resource-Policy: cross-origin
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Mon, 27 Mar 2023 18:54:05 GMT
strict-transport-security: max-age=15768000
via: 1.1 0a84c1b70b100e694edd23e638bf7fa8.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR53-C2
x-cache: Miss from cloudfront
access-control-allow-methods: GET, POST
access-control-allow-origin: *
content-type: text/html;charset=utf-8
trace-id: Root=1-6421e64d-56b3ecf266cfb00e0c71df02
content-length: 7
x-amz-cf-id: NukNU9onkK0bPKvTVBFh0nUf6lb3-lhMG-YnBMcBhr6aT140o_Glyw==

POST
H2 202 sessions Show response
d.dropbox.com/crashdash/proxy/ 21 B
111 B 193ms
191ms XHR
application/json 162.125.8.20
DROPBOX

General

Check archive.org

Show headers Download Go to

Full URL

https://d.dropbox.com/crashdash/proxy/sessions

Requested by

Host: invoice.dropbox.com
URL: https://invoice.dropbox.com/static/js/2.905e0d52.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

162.125.8.20 , United States, ASN19679 (DROPBOX, US),

Reverse DNS

Software

envoy /

Resource Hash

0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'none'; frame-ancestors 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Bugsnag-Payload-Version: 1
Referer: https://invoice.dropbox.com/
Bugsnag-Sent-At: 2023-03-27T18:54:04.987Z
accept-language: en-US,en;q=0.9
Bugsnag-Api-Key: bbafa5f9-ec9e-40ac-a0e2-dae3efcb6e68
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type: application/json

Response headers

content-security-policy: sandbox; default-src 'none'; frame-ancestors 'none'
date: Mon, 27 Mar 2023 18:54:08 GMT
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
via: 1.1 google
server: envoy
content-type: application/json
access-control-allow-origin: *
x-dropbox-request-id: 8baddd992169443f8fc927ea95c98c5b
bugsnag-session-uuid: 8f937cc3-094c-422b-a867-803892a11c19
x-dropbox-response-origin: far_remote
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21
x-xss-protection: 1; mode=block

POST
H2 200 get_invoice_for_recipient Show response
api.dropboxapi.com/2/fbm/ 3 KB
1 KB 419ms
238ms Fetch
application/json 2620:100:6019:19::a27d:413
DROPBOX

General

Check archive.org

Show headers Download Go to

Full URL

https://api.dropboxapi.com/2/fbm/get_invoice_for_recipient

Requested by

Host: invoice.dropbox.com
URL: https://invoice.dropbox.com/static/js/2.905e0d52.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:100:6019:19::a27d:413 , United States, ASN19679 (DROPBOX, US),

Reverse DNS

Software

envoy /

Resource Hash

e56da8cefd5de9f08e28efd377e2ebe1ed2bb4aee06fb2b090e7e647b4f97b98

Security Headers

Name	Value
Content-Security-Policy	sandbox
X-Content-Security-Policy	sandbox
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Referer: https://invoice.dropbox.com/
accept-language: en-US,en;q=0.9
Authorization: Basic ZXhqZWtjN2h0bjNhbXl5OnY3dWI4azNya201ODBneg==
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type: application/json

Response headers

content-security-policy: sandbox
date: Mon, 27 Mar 2023 18:54:05 GMT
x-content-type-options: nosniff
content-encoding: gzip
x-dropbox-request-id: 77a461150473412f8c2f027e3e7a91c9
x-dropbox-response-origin: far_remote
content-disposition: attachment
pragma: no-cache
server: envoy
x-server-response-time: 194
x-frame-options: sameorigin
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Range, ETag, Dropbox-API-Result
cache-control: no-cache
x-webkit-csp: sandbox
x-content-security-policy: sandbox

POST
H2 200 get_branding_settings_for_recipient Show response
api.dropboxapi.com/2/fbm/ 735 B
636 B 381ms
199ms Fetch
application/json 2620:100:6019:19::a27d:413
DROPBOX

General

Check archive.org

Show headers Download Go to

Full URL

https://api.dropboxapi.com/2/fbm/get_branding_settings_for_recipient

Requested by

Host: invoice.dropbox.com
URL: https://invoice.dropbox.com/static/js/2.905e0d52.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:100:6019:19::a27d:413 , United States, ASN19679 (DROPBOX, US),

Reverse DNS

Software

envoy /

Resource Hash

33a064d0462c11c3f51fbe82aec65d31c280bfd6de06debbbbfea8b03e91cd97

Security Headers

Name	Value
Content-Security-Policy	sandbox
X-Content-Security-Policy	sandbox
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Referer: https://invoice.dropbox.com/
accept-language: en-US,en;q=0.9
Authorization: Basic ZXhqZWtjN2h0bjNhbXl5OnY3dWI4azNya201ODBneg==
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type: application/json

Response headers

content-security-policy: sandbox
date: Mon, 27 Mar 2023 18:54:05 GMT
x-content-type-options: nosniff
content-encoding: gzip
x-dropbox-request-id: 33bf5bae9f9b4b729102ba252ae42b82
x-dropbox-response-origin: far_remote
content-disposition: attachment
pragma: no-cache
server: envoy
x-server-response-time: 145
x-frame-options: sameorigin
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Range, ETag, Dropbox-API-Result
cache-control: no-cache
x-webkit-csp: sandbox
x-content-security-policy: sandbox

OPTIONS
H2 200 get_invoice_for_recipient
api.dropboxapi.com/2/fbm/ Frame 0
0 133ms
120ms Preflight
application/json 2620:100:6019:19::a27d:413
DROPBOX

General

Check archive.org

Show headers Download Go to

Full URL

https://api.dropboxapi.com/2/fbm/get_invoice_for_recipient

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:100:6019:19::a27d:413 , United States, ASN19679 (DROPBOX, US),

Reverse DNS

Software

envoy /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	sandbox
X-Content-Security-Policy	sandbox
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://invoice.dropbox.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

access-control-allow-headers: Authorization, Cache-Control, Content-Type, If-Modified-Since, If-None-Match, Range, Dropbox-API-Arg, Dropbox-API-Select-User, Dropbox-API-User-Locale, Dropbox-API-Select-Admin, Dropbox-API-Path-Root, Accept, Accept-Language, Content-Language, Origin, Referer
access-control-allow-methods: GET, POST
access-control-allow-origin: *
access-control-max-age: 600
cache-control: no-cache
content-disposition: attachment
content-length: 0
content-security-policy: sandbox
content-type: text/plain; charset=utf-8,application/json
date: Mon, 27 Mar 2023 18:54:05 GMT
pragma: no-cache
server: envoy
x-content-security-policy: sandbox
x-content-type-options: nosniff
x-dropbox-request-id: fe6b2e220bfb4ec6ae068fd7e7e90940
x-dropbox-response-origin: far_remote
x-frame-options: sameorigin
x-server-response-time: 0
x-webkit-csp: sandbox

OPTIONS
H2 200 get_branding_settings_for_recipient
api.dropboxapi.com/2/fbm/ Frame 0
0 107ms
106ms Preflight
application/json 2620:100:6019:19::a27d:413
DROPBOX

General

Check archive.org

Show headers Download Go to

Full URL

https://api.dropboxapi.com/2/fbm/get_branding_settings_for_recipient

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:100:6019:19::a27d:413 , United States, ASN19679 (DROPBOX, US),

Reverse DNS

Software

envoy /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	sandbox
X-Content-Security-Policy	sandbox
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://invoice.dropbox.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

access-control-allow-headers: Authorization, Cache-Control, Content-Type, If-Modified-Since, If-None-Match, Range, Dropbox-API-Arg, Dropbox-API-Select-User, Dropbox-API-User-Locale, Dropbox-API-Select-Admin, Dropbox-API-Path-Root, Accept, Accept-Language, Content-Language, Origin, Referer
access-control-allow-methods: GET, POST
access-control-allow-origin: *
access-control-max-age: 600
cache-control: no-cache
content-disposition: attachment
content-length: 0
content-security-policy: sandbox
content-type: text/plain; charset=utf-8,application/json
date: Mon, 27 Mar 2023 18:54:05 GMT
pragma: no-cache
server: envoy
x-content-security-policy: sandbox
x-content-type-options: nosniff
x-dropbox-request-id: c81bbd4eb28e48d79e87d938370c042f
x-dropbox-response-origin: far_remote
x-frame-options: sameorigin
x-server-response-time: 0
x-webkit-csp: sandbox

GET
H2 200 / Show response
consent.dropbox.com/ Frame 351F 854 B
1 KB 446ms
73ms Document
text/html 18.164.116.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://consent.dropbox.com/?hide_gdpr=false&is_ccpa_enabled=true&is_migration_gate_enabled=undefined&should_use_floating_button=false&gpc_signal=undefined&origin=https%253A%252F%252Finvoice.dropbox.com&sandbox_redirect=false&locale=en
Requested by: Host: cfl.dropboxstatic.com
URL: https://cfl.dropboxstatic.com/static/metaserver/static/pithos/privacy_consent.bundle-vfluIIH5J.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.116.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-116-22.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c8bce4b4bc1b212ffc445ae939680990a6f4b23eed318c8b9a7f1e21facd1ab1

Request headers

Referer: https://invoice.dropbox.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 9524
content-length: 854
content-type: text/html
date: Mon, 27 Mar 2023 16:17:52 GMT
etag: "dc63fb23d6563676b3090bae3f02ccde"
last-modified: Tue, 06 Sep 2022 19:00:36 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 c70c0d114d0fcf32b9941c29c00266de.cloudfront.net (CloudFront)
x-amz-cf-id: 9p8aVtMxZImGMfRc3wp1qFrZCQsBxt3e-MkqaHG1EeWmtT9Lw5yaoQ==
x-amz-cf-pop: JFK50-P6
x-amz-version-id: jF1fSWiqtJx.5E0VeuXfyr4mbqFqvdbZ
x-cache: Hit from cloudfront

PUT
H/1.1 204
No Content attributes Show response
api.sprig.com/sdk/1/environments/eHSY0Wh44Y/visitors/3e84b1f0-390d-4e13-a3cc-f34333d735a4/ Frame AD99 0
698 B 192ms
104ms Fetch 34.198.52.31
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.sprig.com/sdk/1/environments/eHSY0Wh44Y/visitors/3e84b1f0-390d-4e13-a3cc-f34333d735a4/attributes
Requested by: Host: cdn.sprig.com
URL: https://cdn.sprig.com/shim.js?id=eHSY0Wh44Y
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.198.52.31 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-198-52-31.compute-1.amazonaws.com
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

x-ul-visitor-id: 3e84b1f0-390d-4e13-a3cc-f34333d735a4
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type: application/json
x-ul-installation-method: web-snippet
Referer: https://invoice.dropbox.com/
x-ul-sdk-version: 2.21.6
x-ul-environment-id: eHSY0Wh44Y
userleap-platform: web

Response headers

date: Mon, 27 Mar 2023 18:54:05 GMT
server: istio-envoy
x-ul-visitor-id: 3e84b1f0-390d-4e13-a3cc-f34333d735a4
etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
authorization: Bearer eyJhbGciOiJIUzUxMiIsInR5cCI6IkpXVCJ9.eyJndCI6InZpc2l0b3IiLCJpZCI6ImVIU1kwV2g0NFkiLCJ2aWQiOiIzZTg0YjFmMC0zOTBkLTRlMTMtYTNjYy1mMzQzMzNkNzM1YTQiLCJpYXQiOjE2Nzk5NDMyNDUsImV4cCI6MTY4MDExNjA0NX0.qWW9nFoI3e4kc-H8IpGuWm4A7feXpLAataHqUG6fNWPzNvsjHFBl5zSzBxZqPv_EMOedOSC1TLAjqehBCQW2HA
access-control-allow-origin: *
access-control-expose-headers: Authorization,x-ul-visitor-id
x-envoy-upstream-service-time: 41
timing-allow-origin: https://0.0.com, https://0.1.com, https://1.0.com, https://1.1.com

PUT
H/1.1 204
No Content attributes Show response
api.sprig.com/sdk/1/environments/eHSY0Wh44Y/visitors/3e84b1f0-390d-4e13-a3cc-f34333d735a4/ Frame AD99 0
698 B 90ms
89ms Fetch 34.198.52.31
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.sprig.com/sdk/1/environments/eHSY0Wh44Y/visitors/3e84b1f0-390d-4e13-a3cc-f34333d735a4/attributes
Requested by: Host: cdn.sprig.com
URL: https://cdn.sprig.com/shim.js?id=eHSY0Wh44Y
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.198.52.31 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-198-52-31.compute-1.amazonaws.com
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

x-ul-visitor-id: 3e84b1f0-390d-4e13-a3cc-f34333d735a4
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type: application/json
x-ul-installation-method: web-snippet
Referer: https://invoice.dropbox.com/
x-ul-sdk-version: 2.21.6
x-ul-environment-id: eHSY0Wh44Y
userleap-platform: web

Response headers

date: Mon, 27 Mar 2023 18:54:05 GMT
server: istio-envoy
x-ul-visitor-id: 3e84b1f0-390d-4e13-a3cc-f34333d735a4
etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
authorization: Bearer eyJhbGciOiJIUzUxMiIsInR5cCI6IkpXVCJ9.eyJndCI6InZpc2l0b3IiLCJpZCI6ImVIU1kwV2g0NFkiLCJ2aWQiOiIzZTg0YjFmMC0zOTBkLTRlMTMtYTNjYy1mMzQzMzNkNzM1YTQiLCJpYXQiOjE2Nzk5NDMyNDUsImV4cCI6MTY4MDExNjA0NX0.qWW9nFoI3e4kc-H8IpGuWm4A7feXpLAataHqUG6fNWPzNvsjHFBl5zSzBxZqPv_EMOedOSC1TLAjqehBCQW2HA
access-control-allow-origin: *
access-control-expose-headers: Authorization,x-ul-visitor-id
x-envoy-upstream-service-time: 15
timing-allow-origin: https://0.0.com, https://0.1.com, https://1.0.com, https://1.1.com

OPTIONS
H/1.1 204
No Content attributes
api.sprig.com/sdk/1/environments/eHSY0Wh44Y/visitors/3e84b1f0-390d-4e13-a3cc-f34333d735a4/ Frame 0
0 191ms
78ms Preflight 34.198.52.31
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.sprig.com/sdk/1/environments/eHSY0Wh44Y/visitors/3e84b1f0-390d-4e13-a3cc-f34333d735a4/attributes
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.198.52.31 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-198-52-31.compute-1.amazonaws.com
Software: istio-envoy /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,userleap-platform,x-ul-environment-id,x-ul-installation-method,x-ul-sdk-version,x-ul-visitor-id
Access-Control-Request-Method: PUT
Origin: https://invoice.dropbox.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

access-control-allow-headers: content-type,userleap-platform,x-ul-environment-id,x-ul-installation-method,x-ul-sdk-version,x-ul-visitor-id
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
date: Mon, 27 Mar 2023 18:54:05 GMT
server: istio-envoy
timing-allow-origin: https://0.0.com, https://0.1.com, https://1.0.com, https://1.1.com
vary: Access-Control-Request-Headers
x-envoy-upstream-service-time: 2

OPTIONS
H/1.1 204
No Content attributes
api.sprig.com/sdk/1/environments/eHSY0Wh44Y/visitors/3e84b1f0-390d-4e13-a3cc-f34333d735a4/ Frame 0
0 356ms
69ms Preflight 34.198.52.31
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.sprig.com/sdk/1/environments/eHSY0Wh44Y/visitors/3e84b1f0-390d-4e13-a3cc-f34333d735a4/attributes
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.198.52.31 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-198-52-31.compute-1.amazonaws.com
Software: istio-envoy /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,userleap-platform,x-ul-environment-id,x-ul-installation-method,x-ul-sdk-version,x-ul-visitor-id
Access-Control-Request-Method: PUT
Origin: https://invoice.dropbox.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

access-control-allow-headers: content-type,userleap-platform,x-ul-environment-id,x-ul-installation-method,x-ul-sdk-version,x-ul-visitor-id
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
date: Mon, 27 Mar 2023 18:54:05 GMT
server: istio-envoy
timing-allow-origin: https://0.0.com, https://0.1.com, https://1.0.com, https://1.1.com
vary: Access-Control-Request-Headers
x-envoy-upstream-service-time: 3

GET
H2

200

privacy_consent_service Show response
www.dropbox.com/pithos/host%3Aconsent.dropbox.com/ Frame 351F
Redirect Chain

https://www.dropbox.com/pithos/privacy_consent_service
https://www.dropbox.com/pithos/host%3Aconsent.dropbox.com/privacy_consent_service

12 KB
4 KB

145ms
144ms

Script
text/javascript

2620:100:6019:18::a27d:412
DROPBOX

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dropbox.com/pithos/host%3Aconsent.dropbox.com/privacy_consent_service

Requested by

Host: consent.dropbox.com
URL: https://consent.dropbox.com/?hide_gdpr=false&is_ccpa_enabled=true&is_migration_gate_enabled=undefined&should_use_floating_button=false&gpc_signal=undefined&origin=https%253A%252F%252Finvoice.dropbox.com&sandbox_redirect=false&locale=en

Protocol

Server

2620:100:6019:18::a27d:412 , United States, ASN19679 (DROPBOX, US),

Reverse DNS

Software

envoy /

Resource Hash

cc78f62a3a1fad1deef41f95e65f7cdd5d6f76dae8aefbbf3a3b42f7564e497b

Security Headers

Name	Value
Content-Security-Policy	base-uri 'self' ; child-src https://www.dropbox.com/static/serviceworker/ blob: ; connect-src https://* ws://127.0.0.1:/ws ; default-src 'none' ; font-src https:// data: ; form-action 'self' https://www.dropbox.com/ https://dl-web.dropbox.com/ https://photos.dropbox.com/ https://paper.dropbox.com/ https://showcase.dropbox.com/ https://www.hellofax.com/ https://app.hellofax.com/ https://www.hellosign.com/ https://app.hellosign.com/ https://docsend.com/ https://www.docsend.com/ https://help.dropbox.com/ https://navi.dropbox.jp/ https://a.sprig.com/ https://selfguidedlearning.dropboxbusiness.com/ https://instructorledlearning.dropboxbusiness.com/ https://sales.dropboxbusiness.com/ https://accounts.google.com/ https://api.login.yahoo.com/ https://login.yahoo.com/ https://experience.dropbox.com/ https://pal-test.adyen.com https://2e83413d8036243b-Dropbox-pal-live.adyenpayments.com/ ; frame-src https://* carousel: dbapi-6: dbapi-7: dbapi-8: dropbox-client: itms-apps: itms-appss: ; img-src https://* data: blob: ; media-src https://* blob: ; object-src 'self' https://cfl.dropboxstatic.com/static/ https://www.dropboxstatic.com/static/ ; report-uri https://www.dropbox.com/csp_log?policy_name=metaserver-whitelist ; script-src 'unsafe-eval' https://www.dropbox.com/static/api/ https://www.dropbox.com/page_success/ https://cfl.dropboxstatic.com/static/ https://www.dropboxstatic.com/static/ https://accounts.google.com/gsi/client https://canny.io/sdk.js 'nonce-bwhBhpUOWaYAiISB/gLv' ; style-src https://* 'unsafe-inline' 'unsafe-eval' ; worker-src https://www.dropbox.com/static/serviceworker/ blob:, report-uri https://www.dropbox.com/csp_log?policy_name=metaserver-dynamic ; script-src 'unsafe-eval' 'strict-dynamic' 'nonce-bwhBhpUOWaYAiISB/gLv' 'nonce-RE74lOt4OgYCR+OEtZI4'
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://consent.dropbox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

content-security-policy: base-uri 'self' ; child-src https://www.dropbox.com/static/serviceworker/ blob: ; connect-src https://* ws://127.0.0.1:*/ws ; default-src 'none' ; font-src https://* data: ; form-action 'self' https://www.dropbox.com/ https://dl-web.dropbox.com/ https://photos.dropbox.com/ https://paper.dropbox.com/ https://showcase.dropbox.com/ https://www.hellofax.com/ https://app.hellofax.com/ https://www.hellosign.com/ https://app.hellosign.com/ https://docsend.com/ https://www.docsend.com/ https://help.dropbox.com/ https://navi.dropbox.jp/ https://a.sprig.com/ https://selfguidedlearning.dropboxbusiness.com/ https://instructorledlearning.dropboxbusiness.com/ https://sales.dropboxbusiness.com/ https://accounts.google.com/ https://api.login.yahoo.com/ https://login.yahoo.com/ https://experience.dropbox.com/ https://pal-test.adyen.com https://2e83413d8036243b-Dropbox-pal-live.adyenpayments.com/ ; frame-src https://* carousel: dbapi-6: dbapi-7: dbapi-8: dropbox-client: itms-apps: itms-appss: ; img-src https://* data: blob: ; media-src https://* blob: ; object-src 'self' https://cfl.dropboxstatic.com/static/ https://www.dropboxstatic.com/static/ ; report-uri https://www.dropbox.com/csp_log?policy_name=metaserver-whitelist ; script-src 'unsafe-eval' https://www.dropbox.com/static/api/ https://www.dropbox.com/page_success/ https://cfl.dropboxstatic.com/static/ https://www.dropboxstatic.com/static/ https://accounts.google.com/gsi/client https://canny.io/sdk.js 'nonce-bwhBhpUOWaYAiISB/gLv' ; style-src https://* 'unsafe-inline' 'unsafe-eval' ; worker-src https://www.dropbox.com/static/serviceworker/ blob:, report-uri https://www.dropbox.com/csp_log?policy_name=metaserver-dynamic ; script-src 'unsafe-eval' 'strict-dynamic' 'nonce-bwhBhpUOWaYAiISB/gLv' 'nonce-RE74lOt4OgYCR+OEtZI4'
date: Mon, 27 Mar 2023 18:54:05 GMT
x-content-type-options: nosniff
accept-encoding: identity,gzip
content-encoding: gzip
x-permitted-cross-domain-policies: none
strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
x-dropbox-request-id: d54996ade30547d3885d4e237980688b
x-dropbox-response-origin: far_remote
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: envoy
x-server-response-time: 22
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: no-cache, no-store

Redirect headers

content-security-policy: sandbox
date: Mon, 27 Mar 2023 18:54:05 GMT
x-content-type-options: nosniff
accept-encoding: identity,gzip
content-encoding: gzip
x-permitted-cross-domain-policies: none
strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
x-dropbox-request-id: d462b6d5a0894c49b770952938cce6ed
x-dropbox-response-origin: far_remote
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: envoy
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/html; charset=utf-8
location: https://www.dropbox.com/pithos/host%3Aconsent.dropbox.com/privacy_consent_service
cache-control: no-cache, no-store

GET
H2 200 p.png
uca0a32333820b56ecd4bfaba211.previews.dropboxusercontent.com/p/thumb/AB2K6lNzxQ38SmsDc9hv-l356Qe0JZJmaqS_RX4QLtFT4M4QUALeMdZnM5aqTaJVfCVXHk_r32YNSviN4LLHtvKZyonG9AU8hTzfgUnzXtKC5IKmIDPjFJLSHrd6OQlI... 7 KB
8 KB 357ms
121ms Image
image/png 2620:100:6019:16::a27d:410
DROPBOX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://uca0a32333820b56ecd4bfaba211.previews.dropboxusercontent.com/p/thumb/AB2K6lNzxQ38SmsDc9hv-l356Qe0JZJmaqS_RX4QLtFT4M4QUALeMdZnM5aqTaJVfCVXHk_r32YNSviN4LLHtvKZyonG9AU8hTzfgUnzXtKC5IKmIDPjFJLSHrd6OQlIe4p-3Er3LN6zLeY5V8Z7w5FLvClbOdQ4LJZ5HyQ20j2hlOqk0vZlQmIAtN8pnpLqymaYdoc9Xxc3kydIgYA140oaK_VMdhAzun1Dw8HD_rBzWO9xsqAqe1jfZj7Iz5XvocO9wQ8TDXlUBDomro3ptFH3tyZfSxBMKzXCq0qw7EEnno4gdnBs4VPf6N6v1YK7vGiq8KR6ANErcd_G6pfydlkKYY7dUNVfJp57qbFSgMRBjRxlJFesij5PlJl8vedOiK4/p.png

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:100:6019:16::a27d:410 , United States, ASN19679 (DROPBOX, US),

Reverse DNS

Software

envoy /

Resource Hash

7032b269c114ca660d30f4ac2ab884e43ed0d1334d9d65e51a3f12ac37a97e15

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://invoice.dropbox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 18:54:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
accept-encoding: identity,gzip
x-dropbox-content-length: 7547
x-dropbox-request-id: adfff39b5ef8499d9b2ee25df3fe8893
x-dropbox-response-origin: far_remote
content-disposition: inline; filename="8vedOiK4.png"; filename*=UTF-8''8vedOiK4.png
referrer-policy: no-referrer
server: envoy
x-server-response-time: 34
vary: Origin
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: public, max-age=31536000, no-transform
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, nofollow, noimageindex

GET
H2 200 SharpGroteskDBCyrBook20.d06129f1.woff2
invoice.dropbox.com/static/media/ 53 KB
54 KB 83ms
81ms Font
font/woff2 18.164.116.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://invoice.dropbox.com/static/media/SharpGroteskDBCyrBook20.d06129f1.woff2
Requested by: Host: invoice.dropbox.com
URL: https://invoice.dropbox.com/static/css/2.d290f05b.chunk.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.116.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-116-46.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 00f90db31f42975fcdc5fa1f70660568be68792ec11be2aac36362f435a6e555

Request headers

Referer: https://invoice.dropbox.com/static/css/2.d290f05b.chunk.css
Origin: https://invoice.dropbox.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 18:48:52 GMT
via: 1.1 08307cdad31639e360e0351e9156d6ba.cloudfront.net (CloudFront)
last-modified: Thu, 23 Mar 2023 18:11:53 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P6
age: 314
etag: "ebee194a9b773f166dc16096f8614aaa"
x-cache: Hit from cloudfront
content-type: font/woff2
cache-control: max-age=3600
content-length: 54666
x-amz-cf-id: NO-c9WC5tPsfuIBct5y7TkqL_EdQuHPUMvYk45kBzsM3tBL-W9-Rhg==

GET
H2 200 AtlasGrotesk-Medium-Web.eb783956.woff2
invoice.dropbox.com/static/media/ 45 KB
45 KB 85ms
83ms Font
font/woff2 18.164.116.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://invoice.dropbox.com/static/media/AtlasGrotesk-Medium-Web.eb783956.woff2
Requested by: Host: invoice.dropbox.com
URL: https://invoice.dropbox.com/static/css/2.d290f05b.chunk.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.116.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-116-46.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b5db3e633ec765fc01a19c06b0955d56c2503285e59d8d348d08ec34abbfeaf3

Request headers

Referer: https://invoice.dropbox.com/static/css/2.d290f05b.chunk.css
Origin: https://invoice.dropbox.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 18:48:52 GMT
via: 1.1 08307cdad31639e360e0351e9156d6ba.cloudfront.net (CloudFront)
last-modified: Thu, 23 Mar 2023 18:11:54 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P6
age: 314
etag: "dfc5e24cbc1b134e0c00c61e84ec999a"
x-cache: Hit from cloudfront
content-type: font/woff2
cache-control: max-age=3600
content-length: 46188
x-amz-cf-id: cHMocTXFQ1v0PgTrypEk3p08NctkfjiT74NLT7RskLxHut0sf9lQaA==

GET
H2 200 AtlasGrotesk-Regular-Web.e241b985.woff2
invoice.dropbox.com/static/media/ 42 KB
43 KB 86ms
85ms Font
font/woff2 18.164.116.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://invoice.dropbox.com/static/media/AtlasGrotesk-Regular-Web.e241b985.woff2
Requested by: Host: invoice.dropbox.com
URL: https://invoice.dropbox.com/static/css/2.d290f05b.chunk.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.116.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-116-46.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 43693f7bdd6146e783fab3f75ba0a51aa3cf9530adbf790dbd686fc8a17aa3db

Request headers

Referer: https://invoice.dropbox.com/static/css/2.d290f05b.chunk.css
Origin: https://invoice.dropbox.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 18:48:52 GMT
via: 1.1 08307cdad31639e360e0351e9156d6ba.cloudfront.net (CloudFront)
last-modified: Thu, 23 Mar 2023 18:11:53 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P6
age: 314
etag: "93b6f18ec99bcb7c3fa7ea570a75e240"
x-cache: Hit from cloudfront
content-type: font/woff2
cache-control: max-age=3600
content-length: 43308
x-amz-cf-id: _WQSGnSOvOgRAYyh2n-6GNCmno5_SHTqP33w4EdItn2qLRduH-hjrw==

GET
H2 200 privacy_consent_service.bundle-vflD0Yw0F.js Show response
cfl.dropboxstatic.com/static/metaserver/static/pithos/ Frame 351F 117 KB
34 KB 49ms
46ms Script
text/javascript 2606:4700::6810:631d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cfl.dropboxstatic.com/static/metaserver/static/pithos/privacy_consent_service.bundle-vflD0Yw0F.js

Requested by

Host: www.dropbox.com
URL: https://www.dropbox.com/pithos/privacy_consent_service

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700::6810:631d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

80c6c8cf2327acfb9bb57245988d71dd4c9ed0f2a2f2291d8074d18bdff1e580

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://consent.dropbox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 18:54:06 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 160806
x-dropbox-request-id: 495d1c441d3d69067b4f37c10c3bcf1b
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-cached: HIT
last-modified: Sat, 25 Mar 2023 00:33:39 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public, immutable
timing-allow-origin: https://www.dropbox.com
cf-ray: 7ae9d708dc778dca-MIA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 evidon-sitenotice-tag.js Show response
c.evidon.com/sitenotice/ Frame 351F 74 KB
20 KB 227ms
56ms Script
application/x-javascript 104.111.51.107
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://c.evidon.com/sitenotice/evidon-sitenotice-tag.js
Requested by: Host: cfl.dropboxstatic.com
URL: https://cfl.dropboxstatic.com/static/metaserver/static/pithos/privacy_consent_service.bundle-vflD0Yw0F.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.111.51.107 Miami, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-51-107.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 53336aa630db1e3624ea59594157016c2999c600cc847c90defa1c8560d08b41

Request headers

accept-language: en-US,en;q=0.9
Referer: https://consent.dropbox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 18:54:06 GMT
content-encoding: gzip
last-modified: Tue, 21 Mar 2023 16:41:56 GMT
server: AkamaiNetStorage
etag: "c3ee938bd3d9d03945abc0972e4a1c06:1679416916.28457"
vary: Accept-Encoding, Origin
access-control-max-age: 108000
content-type: application/x-javascript
access-control-allow-origin
access-control-allow-methods: GET,OPTIONS,POST
cache-control: max-age=172800, private;max-age=86400
accept-ranges: bytes
access-control-allow-headers: *
content-length: 19653
expires: Wed, 29 Mar 2023 18:54:06 GMT

GET
H2 200 snthemes.js Show response
c.evidon.com/sitenotice/3401/ Frame 351F 122 KB
6 KB 277ms
107ms Script
application/x-javascript 104.111.51.107
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://c.evidon.com/sitenotice/3401/snthemes.js
Requested by: Host: cfl.dropboxstatic.com
URL: https://cfl.dropboxstatic.com/static/metaserver/static/pithos/privacy_consent_service.bundle-vflD0Yw0F.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.111.51.107 Miami, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-51-107.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 4f71436a97288b116c8b61d62030fa6549acb42827ca7f7aeaacab78132190a8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://consent.dropbox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 18:54:06 GMT
content-encoding: gzip
last-modified: Fri, 29 Jul 2022 21:56:25 GMT
server: AkamaiNetStorage
etag: "0e8f664fca39681028b4b07b5be34f2d:1659131785.898398"
vary: Accept-Encoding, Origin
access-control-max-age: 108000
content-type: application/x-javascript
access-control-allow-origin
access-control-allow-methods: GET,OPTIONS,POST
cache-control: max-age=172800, private;max-age=86400
accept-ranges: bytes
access-control-allow-headers: *
content-length: 5695
expires: Wed, 29 Mar 2023 18:54:06 GMT

GET
H2 200 en.js Show response
c.evidon.com/sitenotice/3401/translations/ Frame 351F 42 KB
7 KB 280ms
112ms Script
application/x-javascript 104.111.51.107
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://c.evidon.com/sitenotice/3401/translations/en.js
Requested by: Host: cfl.dropboxstatic.com
URL: https://cfl.dropboxstatic.com/static/metaserver/static/pithos/privacy_consent_service.bundle-vflD0Yw0F.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.111.51.107 Miami, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-51-107.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 85856b6da83b941b434643e4558d1edc658cb46c69063c6aa770c7289ab4fa9b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://consent.dropbox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 18:54:06 GMT
content-encoding: gzip
last-modified: Tue, 21 Feb 2023 17:44:51 GMT
server: AkamaiNetStorage
etag: "657b6bb22752382cbdc4208cce7687cb:1677001491.712443"
vary: Accept-Encoding, Origin
access-control-max-age: 108000
content-type: application/x-javascript
access-control-allow-origin
access-control-allow-methods: GET,OPTIONS,POST
cache-control: max-age=172800, private;max-age=86400
accept-ranges: bytes
access-control-allow-headers: *
content-length: 6584
expires: Wed, 29 Mar 2023 18:54:06 GMT

GET
H2

200

settingsV2.js Show response
c.evidon.com/sitenotice/3401/dropbox/ Frame 351F
Redirect Chain

https://c.evidon.com/sitenotice/3401/dropbox/settings.js
https://c.evidon.com/sitenotice/3401/dropbox/settingsV2.js

6 KB
2 KB

61ms
53ms

Script
application/x-javascript

104.111.51.107
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://c.evidon.com/sitenotice/3401/dropbox/settingsV2.js
Requested by: Host: consent.dropbox.com
URL: https://consent.dropbox.com/?hide_gdpr=false&is_ccpa_enabled=true&is_migration_gate_enabled=undefined&should_use_floating_button=false&gpc_signal=undefined&origin=https%253A%252F%252Finvoice.dropbox.com&sandbox_redirect=false&locale=en
Protocol: H2
Server: 104.111.51.107 Miami, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-51-107.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: a15aeb744bf1016099ba1d237c3b6940b184ce7de278b87d8caa7e55226a2dd2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://consent.dropbox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 18:54:06 GMT
content-encoding: gzip
last-modified: Tue, 21 Feb 2023 17:44:51 GMT
server: AkamaiNetStorage
etag: "dcb013ce5f00abe84675f6343f644539:1677001492.000343"
vary: Accept-Encoding, Origin
access-control-max-age: 108000
content-type: application/x-javascript
access-control-allow-origin
access-control-allow-methods: GET,OPTIONS,POST
cache-control: max-age=172800, private;max-age=86400
accept-ranges: bytes
access-control-allow-headers: *
content-length: 1739
expires: Wed, 29 Mar 2023 18:54:06 GMT

Redirect headers

date: Mon, 27 Mar 2023 18:54:06 GMT
server: AkamaiGHost
vary: Origin
access-control-max-age: 108000
access-control-allow-methods: GET,OPTIONS,POST
location: https://c.evidon.com/sitenotice/3401/dropbox/settingsV2.js
access-control-allow-origin
cache-control: max-age=432000, private;max-age=86400
access-control-allow-headers: *
content-length: 0

GET
H2 200 evidon-banner.js Show response
c.evidon.com/sitenotice/ Frame 351F 12 KB
4 KB 59ms
58ms Script
application/x-javascript 104.111.51.107
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://c.evidon.com/sitenotice/evidon-banner.js
Requested by: Host: c.evidon.com
URL: https://c.evidon.com/sitenotice/evidon-sitenotice-tag.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.111.51.107 Miami, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-51-107.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 1f1571e1cd601781ae374246e53ea47fd86b33a760620a8dbc9391247cca651d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://consent.dropbox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 18:54:06 GMT
content-encoding: gzip
last-modified: Tue, 21 Mar 2023 16:41:56 GMT
server: AkamaiNetStorage
etag: "cdaadb12aae95d97f7b22c7a6963eb3e:1679416916.867387"
vary: Accept-Encoding, Origin
access-control-max-age: 108000
content-type: application/x-javascript
access-control-allow-origin
access-control-allow-methods: GET,OPTIONS,POST
cache-control: max-age=172800, private;max-age=86400
accept-ranges: bytes
access-control-allow-headers: *
content-length: 3535
expires: Wed, 29 Mar 2023 18:54:06 GMT

GET
H2 204 104138
l.evidon.com/site/v3/3401/59514/1/1/2/2/ Frame 351F 0
121 B 232ms
78ms Image
text/plain 34.193.106.81
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://l.evidon.com/site/v3/3401/59514/1/1/2/2/104138?consent=0&regulationid=0&regulationconsenttypeid=1&d=https://invoice.dropbox.com/
Requested by: Host: consent.dropbox.com
URL: https://consent.dropbox.com/?hide_gdpr=false&is_ccpa_enabled=true&is_migration_gate_enabled=undefined&should_use_floating_button=false&gpc_signal=undefined&origin=https%253A%252F%252Finvoice.dropbox.com&sandbox_redirect=false&locale=en
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.193.106.81 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-193-106-81.compute-1.amazonaws.com
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://consent.dropbox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 18:54:06 GMT
content-encoding: gzip
x-powered-by: Express
etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
vary: Accept-Encoding

GET
H2 204 104138
l.evidon.com/site/v3/3401/59514/1/4/2/2/ Frame 351F 0
120 B 162ms
81ms Image
text/plain 34.193.106.81
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://l.evidon.com/site/v3/3401/59514/1/4/2/2/104138?consent=0&regulationid=0&regulationconsenttypeid=1&d=https://invoice.dropbox.com/
Requested by: Host: consent.dropbox.com
URL: https://consent.dropbox.com/?hide_gdpr=false&is_ccpa_enabled=true&is_migration_gate_enabled=undefined&should_use_floating_button=false&gpc_signal=undefined&origin=https%253A%252F%252Finvoice.dropbox.com&sandbox_redirect=false&locale=en
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.193.106.81 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-193-106-81.compute-1.amazonaws.com
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://consent.dropbox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 18:54:06 GMT
content-encoding: gzip
x-powered-by: Express
etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
vary: Accept-Encoding

GET
H3 200 AtlasGrotesk-Regular-Web.woff2
cfl.dropboxstatic.com/static/metaserver/static/fonts/paper-atlasgrotesk/ Frame 351F 42 KB
43 KB 114ms
72ms Font
font/woff2 2606:4700::6810:631d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cfl.dropboxstatic.com/static/metaserver/static/fonts/paper-atlasgrotesk/AtlasGrotesk-Regular-Web.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:631d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

43693f7bdd6146e783fab3f75ba0a51aa3cf9530adbf790dbd686fc8a17aa3db

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://consent.dropbox.com/
Origin: https://consent.dropbox.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 18:54:06 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 77355
x-dropbox-request-id: 81ec190fc107e4717420e10a812d8e45
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43308
x-cached: HIT
last-modified: Sat, 25 Mar 2023 21:35:38 GMT
server: cloudflare
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
timing-allow-origin: https://www.dropbox.com
cf-ray: 7ae9d70ccefd8da6-MIA
expires: Mon, 27 Mar 2023 21:24:51 GMT

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.dropbox.com/	1970-01-20 20:15:03	Name: gvc Value: NTQ1MjU0NzAxNDczMDg5ODc4OTI1MTM4NjYxNjM0NzkwNzQ3NDk%3D
.dropbox.com/	1970-01-20 20:15:03	Name: t Value: cTU_zdK9xuZjScGnHhTuj1z2
www.dropbox.com/	1970-01-20 20:15:03	Name: __Host-js_csrf Value: cTU_zdK9xuZjScGnHhTuj1z2
www.dropbox.com/	1970-01-20 20:15:03	Name: __Host-ss Value: mqnZgcU86s
.dropbox.com/	1970-01-20 20:15:03	Name: locale Value: en
www.dropbox.com/	1969-12-31 23:59:59	Name: __Host-logged-out-session Value: ChB5u78gjPFSsT6JrSIN6iVAEMzMh6EGGi5BR0dhZUtRcHdVR2ZBUkxHM0M5Rzh6YjAzT3V1eXBBOV9ucnhNOVE5OGRNc0xB
.dropbox.com/	1970-01-20 19:24:39	Name: amp_9d4ea2 Value: GWHlQRNeyl08rAXMnOKWQj...1gsi6n5bh.1gsi6n75b.0.2.2
.invoice.dropbox.com/	1970-01-20 15:04:00	Name: __Secure-dbx_consent Value: {"consentType":1,"consentDate":"2023-03-27T18:54:06.755Z","expireDate":"2023-09-27T18:54:06.755Z","consentMonths":6,"categories":{},"userInteracted":false,"numDots":2}

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	warning	URL: https://invoice.dropbox.com/invoices/view/cap_pid_inv%3AAAAAANYVmfZXSV2JnelyiMuKOrT59nz9PpeRUvcaoitoLkm2?utm_campaign=send_invoice&utm_medium=email&utm_source=dropbox&utm_term=view_invoice Message: The key "height-device-height" is not recognized and ignored.
javascript	warning	URL: https://invoice.dropbox.com/static/js/2.905e0d52.chunk.js(Line 1) Message: Invalid asm.js: Unexpected token
security	warning	URL: https://invoice.dropbox.com/html/user_survey.html Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can remove its sandboxing.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.dropboxapi.com
api.sprig.com
c.evidon.com
cdn.sprig.com
cfl.dropboxstatic.com
consent.dropbox.com
d.dropbox.com
fonts.googleapis.com
invoice-analytics.dropbox.com
invoice.dropbox.com
l.evidon.com
protect-us.mimecast.com
uca0a32333820b56ecd4bfaba211.previews.dropboxusercontent.com
www.dropbox.com
104.111.51.107
108.139.29.78
13.226.39.81
162.125.8.20
18.164.116.22
18.164.116.46
205.139.111.12
2606:4700::6810:631d
2607:f8b0:4006:823::200a
2620:100:6019:16::a27d:410
2620:100:6019:18::a27d:412
2620:100:6019:19::a27d:413
34.193.106.81
34.198.52.31
00f90db31f42975fcdc5fa1f70660568be68792ec11be2aac36362f435a6e555
0981e211747e44287f3eba69f6790a299f72d19b77cb41638c34389365d72a16
0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a
1f1571e1cd601781ae374246e53ea47fd86b33a760620a8dbc9391247cca651d
33a064d0462c11c3f51fbe82aec65d31c280bfd6de06debbbbfea8b03e91cd97
43693f7bdd6146e783fab3f75ba0a51aa3cf9530adbf790dbd686fc8a17aa3db
4943b0f3c37d00d65efb1dc1dafa64092cd83d74862ac099e72c3ae14305d426
4a1caa69aff8fbfbc30a8e5cd26b484273f1a963b07e4f534fea7fbe70123bfc
4c4857da6a2cb2ab3ab309ee4600faca6fda0ac1432947c06a8e4d1a04f224bf
4f71436a97288b116c8b61d62030fa6549acb42827ca7f7aeaacab78132190a8
51e041409ca41fb5a6bfbb14f9f5ee87b5218193e92272d82fcd84c971290023
53336aa630db1e3624ea59594157016c2999c600cc847c90defa1c8560d08b41
61955f3a536c0ea0334e997b505eb8ae549746b32a8ded0a508cde04a3f1952c
7032b269c114ca660d30f4ac2ab884e43ed0d1334d9d65e51a3f12ac37a97e15
7f9f9602b3da32555b6fce05451cae812ef704fcb21860c99312f281325765ab
80c6c8cf2327acfb9bb57245988d71dd4c9ed0f2a2f2291d8074d18bdff1e580
85856b6da83b941b434643e4558d1edc658cb46c69063c6aa770c7289ab4fa9b
89fb77a9800bc6f8f26958bce263c3d2f1dd3fbd91cf270354ba25e94bdf6f87
a15aeb744bf1016099ba1d237c3b6940b184ce7de278b87d8caa7e55226a2dd2
aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27
b5db3e633ec765fc01a19c06b0955d56c2503285e59d8d348d08ec34abbfeaf3
c8bce4b4bc1b212ffc445ae939680990a6f4b23eed318c8b9a7f1e21facd1ab1
cc78f62a3a1fad1deef41f95e65f7cdd5d6f76dae8aefbbf3a3b42f7564e497b
d7c9bf89e47150e274a504cf17f00eccf8d0c4d02903d1c9dcfeb86adca6892f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4596e655a892774d35a78b330a99ee2410846546d1566cc8e9603789315df00
e56da8cefd5de9f08e28efd377e2ebe1ed2bb4aee06fb2b090e7e647b4f97b98
ee327ae15a97e69073dcbd2633ef05526e046c01ccaa612713e54f864f4e8168
fd5c64ae471db15aa16d8424a65e4cae32e4349f0d6b93cb8204d6e7fccf7856

invoice.dropbox.com Open in urlscan Pro 18.164.116.46 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

45 Requests

93 %HTTPS

36 %IPv6

8 Domains

14 Subdomains

13 IPs

1 Countries

2236 kBTransfer

7848 kBSize

8 Cookies

2 Outgoing links

Page URL History

Redirected requests

45 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

invoice.dropbox.com Open in urlscan Pro
18.164.116.46 Public Scan

Screenshot
Live screenshot

Full Image

45
Requests

93 %
HTTPS

36 %
IPv6

8
Domains

14
Subdomains

13
IPs

1
Countries

2236 kB
Transfer

7848 kB
Size

8
Cookies

45 HTTP transactions
0 data transactions