https://www.dropbox.com/l/AAABve1D7GPhWAZh4XQfLSqf_xHx4yS0WSE

ID de exploración:
63e66bae-f9f6-4578-9396-48ef1ce747c8Finalizado
URL enviada:
https://www.dropbox.com/l/AAABve1D7GPhWAZh4XQfLSqf_xHx4yS0WSE
Informe finalizado:

Riesgos: 0 encontrados

Prácticas que pueden implicar riesgos para la seguridad

  • Sin clasificación

Encabezados de seguridad: se ha(n) encontrado 7

Encabezados de respuesta HTTP que pueden mejorar la seguridad de una aplicación web

NombreValorSoporteInformación
Strict-Transport-Securitymax-age=31536000; includeSubDomains max-age=31536000; includeSubDomainsBueno
X-Frame-OptionsSAMEORIGINBueno
X-Content-Type-OptionsnosniffBueno
Content-Security-Policybase-uri 'self'; child-src https://www.dropbox.com/static/serviceworker/ blob:; connect-src https://* ws://127.0.0.1:*/ws blob: wss://dsimports.dropbox.com/; default-src 'none'; font-src https://* data:; form-action 'self' https://www.dropbox.com/ https://dl-web.dropbox.com/ https://photos.dropbox.com/ https://paper.dropbox.com/ https://showcase.dropbox.com/ https://www.hellofax.com/ https://app.hellofax.com/ https://www.hellosign.com/ https://app.hellosign.com/ https://docsend.com/ https://www.docsend.com/ https://help.dropbox.com/ https://navi.dropbox.jp/ https://a.sprig.com/ https://selfguidedlearning.dropboxbusiness.com/ https://instructorledlearning.dropboxbusiness.com/ https://sales.dropboxbusiness.com/ https://accounts.google.com/ https://api.login.yahoo.com/ https://login.yahoo.com/ https://experience.dropbox.com/ https://pal-test.adyen.com https://2e83413d8036243b-Dropbox-pal-live.adyenpayments.com/ https://onedrive.live.com/picker; frame-src https://* carousel: dbapi-6: dbapi-7: dbapi-8: dropbox-client: itms-apps: itms-appss:; img-src https://* data: blob:; media-src https://* blob:; object-src 'self' https://cfl.dropboxstatic.com/static/ https://www.dropboxstatic.com/static/; report-uri https://www.dropbox.com/csp_log?policy_name=metaserver-whitelist; script-src 'unsafe-eval' 'inline-speculation-rules' https://www.dropbox.com/static/api/ https://www.dropbox.com/pithos/* https://www.dropbox.com/page_success/ https://cfl.dropboxstatic.com/static/ https://www.dropboxstatic.com/static/ https://accounts.google.com/gsi/client https://canny.io/sdk.js https://www.paypal.com/sdk/js 'nonce-oWf2ROleM11fJ97LN4i3'; style-src https://* 'unsafe-inline' 'unsafe-eval'; worker-src https://www.dropbox.com/static/serviceworker/ https://www.dropbox.com/encrypted_folder_download/service_worker.js https://www.dropbox.com/service_worker.js blob:; script-src 'unsafe-eval' 'strict-dynamic' 'nonce-oWf2ROleM11fJ97LN4i3' 'nonce-0kiDhCW5XRoyDG8TqKCo'Bueno
Referrer-Policystrict-origin-when-cross-originBueno
Clear-Site-DataBueno
X-Permitted-Cross-Domain-PoliciesnoneBueno
Permissions-PolicyNuevo
Cross-Origin-Embedder-PolicyNuevo
Cross-Origin-Opener-PolicyNuevo
Cross-Origin-Resource-PolicyNuevo
X-XSS-Protection1; mode=blockEliminado
Feature-PolicyEliminado
Expect-CTEliminado
Public-Key-PinsEliminado

Vulneraciones de seguridad: se ha(n) encontrado 0

Solicitudes o recursos que infringen las políticas de seguridad

  • No se encontró ninguno.

Certificados: 1 encontrados

Los certificados SSL/TLS permiten a los sitios web cifrar las transacciones entre el cliente y el servidor y proporcionan verificación de la identidad del servidor

AsuntoFecha de emisiónFecha de caducidad
*.dropbox.com12 nov 2024, 00:00:008 dic 2025, 23:59:59