HTTP/1.1 200 OK
Date: Thu, 25 Apr 2024 20:57:20 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 6911
Connection: keep-alive
Set-Cookie: AWSALB=VNsMptKQnjKvdPq8Ph4ufNMANyszEFCUrjVwkrSDBTS1yhTeboI88QzJEZFGbnYcMSc9fODwCwQojx8aloibEHANDI2aQ619O1e8NDl5gZuQaXVxo++VnQ230OJu; Expires=Thu, 02 May 2024 20:57:20 GMT; Path=/
AWSALBCORS=VNsMptKQnjKvdPq8Ph4ufNMANyszEFCUrjVwkrSDBTS1yhTeboI88QzJEZFGbnYcMSc9fODwCwQojx8aloibEHANDI2aQ619O1e8NDl5gZuQaXVxo++VnQ230OJu; Expires=Thu, 02 May 2024 20:57:20 GMT; Path=/; SameSite=None; Secure
hf_user=3c6f15de18d6f188a673614f71245138e7517486c470746f706e6265036e7ba1:7320b834dc6717d5fda2b06964108bb092c55def; path=/; domain=app.hellosign.com; secure; httponly
hf_ref=KltdKmh0dHBzOi8vYXBwLmhlbGxvc2lnbi5jb20vc2lnbi84ZTU0ZTUxNTM3OWZiZGRiYjhhYWM2OTZmNjliOWQ0ODk0YWE0MGY5; expires=Sat, 25 May 2024 20:57:20 GMT; Max-Age=2592000; path=/; domain=hellosign.com
hf_ref_lt=KltdKmh0dHBzOi8vYXBwLmhlbGxvc2lnbi5jb20vc2lnbi84ZTU0ZTUxNTM3OWZiZGRiYjhhYWM2OTZmNjliOWQ0ODk0YWE0MGY5; expires=Sat, 25 May 2024 20:57:20 GMT; Max-Age=2592000; path=/; domain=hellosign.com
hs_puuid=c1811c38d851456469427c05c92a368f6b10eef3; expires=Sun, 23 Apr 2034 20:57:20 GMT; Max-Age=315360000; path=/; domain=hellosign.com
ambidex=eyJlNTIxZGRmMSI6ImUyYWE1YjliIn0=; expires=Wed, 24 Jul 2024 20:57:20 GMT; Max-Age=7776000; path=/; domain=hellosign.com; httponly
Server: Apache
Strict-Transport-Security: max-age=31536000
Cache-Control: private
X-Content-Type-Options: nosniff
Referrer-Policy: origin-when-cross-origin
X-Ua-Compatible: IE=Edge
Content-Security-Policy: base-uri 'none'; connect-src 'self' https://www.google-analytics.com https://stats.g.doubleclick.net https://heapanalytics.com https://api.sprig.com/sdk/ https://sentry.io https://d.dropbox.com https://dpiprodesntls.112.2o7.net/b/ss/dpi.prod.esntls/1/JS-2.22.0/ https://www.dropbox.com/amplitude_proxy/ingest_lenient https://*.dropbox.com/log/ux_analytics; frame-ancestors 'self'; object-src 'none'; script-src https: https://api.userleap.com 'nonce-NvqYJPkFAXdGzrYJLxkK7Ddf' 'unsafe-inline' 'strict-dynamic'; style-src 'self' https://code.ionicframework.com https://*.marketo.com https://fonts.googleapis.com https://cdn.hellosign.com 'unsafe-inline'; report-uri https://app.hellosign.com/csp_report; upgrade-insecure-requests
X-Content-Security-Policy: base-uri 'none'; connect-src 'self' https://www.google-analytics.com https://stats.g.doubleclick.net https://heapanalytics.com https://api.sprig.com/sdk/ https://sentry.io https://d.dropbox.com https://dpiprodesntls.112.2o7.net/b/ss/dpi.prod.esntls/1/JS-2.22.0/ https://www.dropbox.com/amplitude_proxy/ingest_lenient https://*.dropbox.com/log/ux_analytics; frame-ancestors 'self'; object-src 'none'; script-src https: https://api.userleap.com 'nonce-NvqYJPkFAXdGzrYJLxkK7Ddf' 'unsafe-inline' 'strict-dynamic'; style-src 'self' https://code.ionicframework.com https://*.marketo.com https://fonts.googleapis.com https://cdn.hellosign.com 'unsafe-inline'; report-uri https://app.hellosign.com/csp_report; upgrade-insecure-requests
X-Webkit-Csp: base-uri 'none'; connect-src 'self' https://www.google-analytics.com https://stats.g.doubleclick.net https://heapanalytics.com https://api.sprig.com/sdk/ https://sentry.io https://d.dropbox.com https://dpiprodesntls.112.2o7.net/b/ss/dpi.prod.esntls/1/JS-2.22.0/ https://www.dropbox.com/amplitude_proxy/ingest_lenient https://*.dropbox.com/log/ux_analytics; frame-ancestors 'self'; object-src 'none'; script-src https: https://api.userleap.com 'nonce-NvqYJPkFAXdGzrYJLxkK7Ddf' 'unsafe-inline' 'strict-dynamic'; style-src 'self' https://code.ionicframework.com https://*.marketo.com https://fonts.googleapis.com https://cdn.hellosign.com 'unsafe-inline'; report-uri https://app.hellosign.com/csp_report; upgrade-insecure-requests
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Encoding: gzip
P3P: CP="NOP3PPOLICY"

HTTP/1.1 200 OK
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://app.hellosign.com
Access-Control-Allow-Methods: GET
Access-Control-Expose-Headers: Access-Control-Allow-Headers, Access-Control-Allow-Methods, Access-Control-Allow-Origin, Access-Control-Expose-Headers, Access-Control-Max-Age
Access-Control-Max-Age: 3000
Access-Control-Allow-Credentials: true
Last-Modified: Tue, 23 Apr 2024 16:18:14 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: wD5_vR.wNOmqFxH7xNEyGyBwX7w6iRrZ
Server: AmazonS3
Content-Encoding: br
Date: Thu, 25 Apr 2024 17:54:23 GMT
ETag: W/"d55317d04a20bd0483c1eee7051db6cf"
Vary: Accept-Encoding,Origin,Access-Control-Request-Method
X-Cache: Hit from cloudfront
Via: 1.1 2afd697fc5d0058ea30d6c4b939e714c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: mP-kmw3UVrhyl2INAluHLyxI8PYolS6FFCtIFtw2Yn6kCVrPXwuf7Q==
Age: 10990

HTTP/1.1 200 OK
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Date: Thu, 25 Apr 2024 05:39:14 GMT
Access-Control-Allow-Origin: https://app.hellosign.com
Access-Control-Allow-Methods: GET
Access-Control-Expose-Headers: Access-Control-Allow-Headers, Access-Control-Allow-Methods, Access-Control-Allow-Origin, Access-Control-Expose-Headers, Access-Control-Max-Age
Access-Control-Max-Age: 3000
Access-Control-Allow-Credentials: true
Last-Modified: Tue, 23 Apr 2024 16:17:59 GMT
ETag: W/"78cc5772fbec6be36fd19a2dc23b8997"
x-amz-server-side-encryption: AES256
x-amz-version-id: N4eO2OR20qihX6qwYnTRvSEFa4SY7Z5.
Server: AmazonS3
Content-Encoding: br
Vary: Accept-Encoding,Origin,Access-Control-Request-Method
X-Cache: Hit from cloudfront
Via: 1.1 b9f0050ca4d212d7c855e005be54b1ac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: _QWcAfa1-mMvs0wsCbNr-pesblkPM_fmu19VQ9h7mmaF6iQLBj4hmA==
Age: 55088

HTTP/1.1 200 OK
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 23 Apr 2024 16:17:59 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: A6aFYV_QAfDGzyaONiVabm04sI.2y0a_
Server: AmazonS3
Content-Encoding: br
Date: Thu, 25 Apr 2024 17:54:20 GMT
ETag: W/"2baa994e4d097d23f0331754e69f562d"
X-Cache: Hit from cloudfront
Via: 1.1 814e8c24454087e83cd261a6cf477166.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: nkBBvFRJO_k3kWlaIcr_8nEQ43azTo2DkfT4crsqSn5puAIEJjgk3g==
Age: 10982
Vary: Accept-Encoding, Origin

HTTP/1.1 200 OK
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 23 Apr 2024 16:17:59 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: 5G5mUgxHfyCIUQZxwPLeReG6H..HIiP1
Server: AmazonS3
Content-Encoding: br
Date: Thu, 25 Apr 2024 17:54:23 GMT
ETag: W/"1b1c29f487f08d8bd2cf4ced41485a54"
X-Cache: Hit from cloudfront
Via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 3ABXTZ14e96EkcGxVvv6O-Es_oe0d45iXrnKr5X_mXzQmuV9NeMFRg==
Age: 10982
Vary: Accept-Encoding, Origin

HTTP/2 200 OK
content-type: application/javascript
last-modified: Wed, 17 Apr 2024 20:58:27 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: xSZ.KXFJkBrvWYG0cevIt4QyeAWD2hXn
server: AmazonS3
content-encoding: br
date: Thu, 25 Apr 2024 19:17:12 GMT
etag: W/"a3d2c5f139c21bc84fa435f2252271d3"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a6d89f7e2d55548b941f1ff5d5b3c8d4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: rX0YnFbaYIOS1Pfh2eJoDMMHSi0yWxT7iQ-ABa6cVOg_dVyj0rFhJw==
age: 6052
X-Firefox-Spdy: h2

HTTP/1.1 200 OK
Content-Type: image/vnd.microsoft.icon
Content-Length: 149662
Connection: keep-alive
Date: Thu, 25 Apr 2024 03:34:48 GMT
Last-Modified: Tue, 23 Apr 2024 16:18:07 GMT
ETag: "069108453ab500e95dc37a9bac5123d0"
x-amz-server-side-encryption: AES256
x-amz-version-id: HJ26F22_7Aerzy1Yx8Nn4HKazbq552i9
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Hit from cloudfront
Via: 1.1 814e8c24454087e83cd261a6cf477166.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: RkZPo6z7lLUuyzjKvN-7p5fKzYmXSf-1VDUQeeK-bKUsnguS1gZlEw==
Age: 62556
Vary: Origin

HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 6014
Connection: keep-alive
Date: Thu, 25 Apr 2024 18:23:04 GMT
Last-Modified: Tue, 23 Apr 2024 16:18:09 GMT
ETag: "a1a6d18963237a637ada6e07e168a011"
x-amz-server-side-encryption: AES256
x-amz-version-id: obm3StYwr42HowrwYbmuR7MI_HBKbL0K
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Hit from cloudfront
Via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 5RNU9CRXQtVeipYqmVdJMI1hARV0q1uXnLQjDRgCozHQfre2e1gYsQ==
Age: 9260
Vary: Origin

HTTP/2 301 Moved Permanently
location: https://www.gstatic.com/charts/loader.js
x-content-type-options: nosniff
server: sffe
content-length: 237
x-xss-protection: 0
date: Thu, 25 Apr 2024 20:31:53 GMT
expires: Thu, 25 Apr 2024 21:01:53 GMT
cache-control: public, max-age=1800
content-type: text/html; charset=UTF-8
age: 1530
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-credentials: true
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gviz
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gviz"
report-to: {"group":"gviz","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gviz"}]}
content-length: 18534
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 25 Apr 2024 20:03:24 GMT
expires: Thu, 25 Apr 2024 21:03:24 GMT
cache-control: public, max-age=3600
last-modified: Tue, 04 Apr 2023 17:52:30 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
age: 3239
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

HTTP/2 200 OK
date: Thu, 25 Apr 2024 20:57:23 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
last-modified: Thu, 18 Apr 2024 23:41:37 GMT
x-dropbox-request-id: df15fcc45654f97bf58f456afc5e9928
x-content-type-options: nosniff
x-cached: HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public, immutable
access-control-allow-origin: *
timing-allow-origin: https://www.dropbox.com
content-encoding: br
cf-cache-status: HIT
age: 535307
server: cloudflare
cf-ray: 87a13ec399991bfe-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

HTTP/3 200 OK
date: Thu, 25 Apr 2024 20:57:24 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
last-modified: Thu, 21 Jul 2022 21:40:54 GMT
x-dropbox-request-id: 692d1ce39aa43893a1dd65e7df44183b
x-content-type-options: nosniff
x-cached: HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public, immutable
access-control-allow-origin: *
timing-allow-origin: https://www.dropbox.com
cf-cache-status: HIT
age: 13353097
server: cloudflare
cf-ray: 87a13ec78fd5569c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

HTTP/2 302 Found
content-security-policy: child-src https://www.dropbox.com/static/serviceworker/ blob: ; img-src https://* data: blob: ; script-src 'unsafe-eval' https://www.dropbox.com/static/api/ https://www.dropbox.com/pithos/* https://www.dropbox.com/page_success/ https://cfl.dropboxstatic.com/static/ https://www.dropboxstatic.com/static/ https://accounts.google.com/gsi/client https://canny.io/sdk.js 'nonce-vyDrZksPcdJmZ/2SIihS6ihs5+o=' ; form-action 'self' https://www.dropbox.com/ https://dl-web.dropbox.com/ https://photos.dropbox.com/ https://paper.dropbox.com/ https://showcase.dropbox.com/ https://www.hellofax.com/ https://app.hellofax.com/ https://www.hellosign.com/ https://app.hellosign.com/ https://docsend.com/ https://www.docsend.com/ https://help.dropbox.com/ https://navi.dropbox.jp/ https://a.sprig.com/ https://selfguidedlearning.dropboxbusiness.com/ https://instructorledlearning.dropboxbusiness.com/ https://sales.dropboxbusiness.com/ https://accounts.google.com/ https://api.login.yahoo.com/ https://login.yahoo.com/ https://experience.dropbox.com/ https://pal-test.adyen.com https://2e83413d8036243b-Dropbox-pal-live.adyenpayments.com/ https://onedrive.live.com/picker ; media-src https://* blob: ; style-src https://* 'unsafe-inline' 'unsafe-eval' ; connect-src https://* ws://127.0.0.1:*/ws wss://dsimports.dropbox.com/ ; base-uri 'self' ; font-src https://* data: ; frame-src https://* carousel: dbapi-6: dbapi-7: dbapi-8: dropbox-client: itms-apps: itms-appss: ; frame-ancestors 'self' https://*.dropbox.com https://api.dropboxapi.com https://dropbox-prod.adobemsbasic.com https://dropbox-stage.adobemsbasic.com https://author-dropbox-stage.adobemsbasic.com https://author-dropbox-prod.adobemsbasic.com https://*.dropboxforum.com https://hellosign.com https://*.hellosign.com https://hellosign-prod.webflow.io https://*.staging-hellosign.com https://*.qa-hellosign.com https://*.dev-hellosign.com https://*.hellofax.com https://*.staging-hellofax.com https://*.qa-hellofax.com https://*.dev-hellofax.com https://*.helloworks.com https://*.staging-helloworks.com https://*.qa-helloworks.com https://*.dev-helloworks.com https://docsend.com https://*.docsend.com https://docsendstaging.wpengine.com https://docsenddev.wpengine.com https://docsend.local https://*.docsend.local https://www.docsendlocal.com https://ducksend.com https://platsend.com https://parrotsend.com https://dogesend.com https://yeetsend.com https://codsend.com https://ottersend.com https://*.ducksend.com https://*.platsend.com https://*.parrotsend.com https://*.dogesend.com https://*.yeetsend.com https://*.codsend.com https://*.ottersend.com https://dropbox.tech https://dropbox-stg.tech https://d1wiipx8u53ex4.amplifyapp.com https://*.d1wiipx8u53ex4.amplifyapp.com https://d3bpch7nmgjx4e.amplifyapp.com https://*.d3bpch7nmgjx4e.amplifyapp.com https://freddie-stage.netlify.app https://dropbox.gcs-web.com https://dropbox-preview.gcs-web.com https://d2dzj839csize7.amplifyapp.com https://*.d2dzj839csize7.amplifyapp.com https://dropboxdesignstandards.com https://docsend-6191183.hs-sites.com https://portal.dropboxpartners.com https://dbx--uiux.sandbox.my.site.com https://sit-dropboxcommunity.cs171.force.com https://dbx--sit.sandbox.my.site.com https://dbxjobs.com https://d1y1b0jlagepgu.amplifyapp.com https://*.d1y1b0jlagepgu.amplifyapp.com https://loc.formswift.com https://staging.formswift.com https://formswift.com https://sign.dropbox.com https://dropbox-sign.webflow.io https://*.safebase.io https://d2unov8w0g44qf.amplifyapp.com https://*.d2unov8w0g44qf.amplifyapp.com https://dash.ai https://*.dash.ai https://dash-dropbox.webflow.io https://dropboxdash.com https://*.dash-dropbox.webflow.io https://*.dropboxdash.com ; object-src 'self' https://cfl.dropboxstatic.com/static/ https://www.dropboxstatic.com/static/ ; report-uri https://www.dropbox.com/csp_log?policy_name=metaserver-whitelist ; default-src 'none' ; worker-src https://www.dropbox.com/static/serviceworker/ https://www.dropbox.com/encrypted_folder_download/service_worker.js blob:, report-uri https://www.dropbox.com/csp_log?policy_name=metaserver-dynamic ; script-src 'unsafe-eval' 'strict-dynamic' 'nonce-vyDrZksPcdJmZ/2SIihS6ihs5+o=' 'nonce-lISBlD2UaErF1Zlljgi3r21wJI8='
content-type: text/html; charset=utf-8
location: /en/ccpa_iframe?hide_gdpr=false&is_ccpa_enabled=true&should_disable_banner=false&gpc_signal=false&origin=https%253A%252F%252Fapp.hellosign.com&sandbox_redirect=false&uri_for_logging=app.hellosign.com&locale_override=en&should_auto_open_options=false&privacy_consent_upgrade_flag=true&csrf_origin=https%253A%252F%252Fapp.hellosign.com
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
set-cookie: t=t8q9ASfUIZ-XLwZ1jGonjx_0; Path=/; Domain=dropbox.com; Expires=Sun, 25 Apr 2027 20:57:23 GMT; HttpOnly; Secure; SameSite=None
__Host-js_csrf=t8q9ASfUIZ-XLwZ1jGonjx_0; Path=/; Expires=Sun, 25 Apr 2027 20:57:23 GMT; Secure; SameSite=None
__Host-ss=XAUSEqSdYs; Path=/; Expires=Sun, 25 Apr 2027 20:57:23 GMT; HttpOnly; Secure; SameSite=Strict
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-robots-tag: noindex, nofollow, noimageindex
x-xss-protection: 1; mode=block
date: Thu, 25 Apr 2024 20:57:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: envoy
cache-control: no-cache, no-store
content-encoding: gzip
vary: Accept-Encoding
x-dropbox-response-origin: far_remote
x-dropbox-request-id: 719529f49f0f429cbadd08b69641cab7
X-Firefox-Spdy: h2

HTTP/1.1 200 OK
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://app.hellosign.com
Access-Control-Allow-Methods: GET
Access-Control-Expose-Headers: Access-Control-Allow-Headers, Access-Control-Allow-Methods, Access-Control-Allow-Origin, Access-Control-Expose-Headers, Access-Control-Max-Age
Access-Control-Max-Age: 3000
Access-Control-Allow-Credentials: true
Last-Modified: Tue, 23 Apr 2024 16:17:53 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: lOsNfrXXeK4eHCpCEPtefU9g8RtFg_RA
Server: AmazonS3
Content-Encoding: br
Date: Thu, 25 Apr 2024 17:54:41 GMT
ETag: W/"9231b6fe4d413a28142530ea02f91238"
Vary: Accept-Encoding,Origin,Access-Control-Request-Method
X-Cache: Hit from cloudfront
Via: 1.1 b9f0050ca4d212d7c855e005be54b1ac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: XO7lmqxinNsreQgLHCDOfed3gG2XU3HGBPMQop6jrW5mJ0lDMCp4NQ==
Age: 10964

HTTP/2 307 Temporary Redirect
content-type: text/html; charset=utf-8
content-security-policy: sandbox
location: https://www.dropbox.com/pithos/host%3Aapp.hellosign.com/privacy_consent
referrer-policy: strict-origin-when-cross-origin
set-cookie: gvc=MTI0Njg3MDE5Mjc2NjIwNjg1NTY0NjU4OTk4ODYyNDg4NzYzMzAx; expires=Tue, 24 Apr 2029 20:57:21 GMT; HttpOnly; Path=/; SameSite=None; Secure
t=t8q9ASfUIZ-XLwZ1jGonjx_0; Domain=dropbox.com; expires=Sun, 25 Apr 2027 20:57:21 GMT; HttpOnly; Path=/; SameSite=None; Secure
__Host-js_csrf=t8q9ASfUIZ-XLwZ1jGonjx_0; expires=Sun, 25 Apr 2027 20:57:21 GMT; Path=/; SameSite=None; Secure
__Host-ss=XAUSEqSdYs; expires=Sun, 25 Apr 2027 20:57:21 GMT; HttpOnly; Path=/; SameSite=Strict; Secure
locale=en; Domain=dropbox.com; expires=Tue, 24 Apr 2029 20:57:21 GMT; Path=/; SameSite=None; Secure
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
date: Thu, 25 Apr 2024 20:57:21 GMT
server: envoy
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache, no-store
content-encoding: gzip
vary: Accept-Encoding
x-dropbox-response-origin: far_remote
x-dropbox-request-id: 49ccae4303bb48ba835e6f93c08e50b6
X-Firefox-Spdy: h2

HTTP/1.1 200 OK
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Date: Thu, 25 Apr 2024 04:34:53 GMT
Access-Control-Allow-Origin: https://app.hellosign.com
Access-Control-Allow-Methods: GET
Access-Control-Expose-Headers: Access-Control-Allow-Headers, Access-Control-Allow-Methods, Access-Control-Allow-Origin, Access-Control-Expose-Headers, Access-Control-Max-Age
Access-Control-Max-Age: 3000
Access-Control-Allow-Credentials: true
Last-Modified: Tue, 23 Apr 2024 16:18:01 GMT
ETag: W/"beb84a732cc7d31e943d4152335da10d"
x-amz-server-side-encryption: AES256
x-amz-version-id: IaJuef1_vD_QSJbAmhpec.sfFsyh5Pmj
Server: AmazonS3
Content-Encoding: br
Vary: Accept-Encoding,Origin,Access-Control-Request-Method
X-Cache: Hit from cloudfront
Via: 1.1 b9f0050ca4d212d7c855e005be54b1ac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 0qarQE8XMP_w1m-wlac0T7fRx1CLpW3zjEB89zgIWcZ18MfFQHIfuQ==
Age: 58951

HTTP/1.1 200 OK
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://app.hellosign.com
Access-Control-Allow-Methods: GET
Access-Control-Expose-Headers: Access-Control-Allow-Headers, Access-Control-Allow-Methods, Access-Control-Allow-Origin, Access-Control-Expose-Headers, Access-Control-Max-Age
Access-Control-Max-Age: 3000
Access-Control-Allow-Credentials: true
Last-Modified: Tue, 23 Apr 2024 16:17:54 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: Y8gNXtomUY89Av8pZwKUswGTyCq4qkhM
Server: AmazonS3
Content-Encoding: br
Date: Thu, 25 Apr 2024 17:54:47 GMT
ETag: W/"22c95434724ea9431ba94245571c0215"
Vary: Accept-Encoding,Origin,Access-Control-Request-Method
X-Cache: Hit from cloudfront
Via: 1.1 b9f0050ca4d212d7c855e005be54b1ac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 8DcjjUKCZoVCuCRBc9kqobwCykT1-yZDj3tmABH98Xm3EpL8pC-p7g==
Age: 10958

HTTP/3 200 OK
date: Thu, 25 Apr 2024 20:57:24 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
last-modified: Fri, 05 Apr 2024 20:27:21 GMT
x-dropbox-request-id: 9dff7727a7d9b5133b100260f80ec39d
x-content-type-options: nosniff
x-cached: MISS
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public, immutable
access-control-allow-origin: *
timing-allow-origin: https://www.dropbox.com
content-encoding: br
cf-cache-status: HIT
age: 1583890
server: cloudflare
cf-ray: 87a13ec858a9569c-OSL
alt-svc: h3=":443"; ma=86400

HTTP/1.1 200 OK
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://app.hellosign.com
Access-Control-Allow-Methods: GET
Access-Control-Expose-Headers: Access-Control-Allow-Headers, Access-Control-Allow-Methods, Access-Control-Allow-Origin, Access-Control-Expose-Headers, Access-Control-Max-Age
Access-Control-Max-Age: 3000
Access-Control-Allow-Credentials: true
Last-Modified: Tue, 23 Apr 2024 16:17:57 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: UG.eLcN22V2_Df9C.eXGfqT5dlPwqrIB
Server: AmazonS3
Content-Encoding: br
Date: Thu, 25 Apr 2024 17:55:16 GMT
ETag: W/"3e1ec139d047c6734f890f5130a77174"
Vary: Accept-Encoding,Origin,Access-Control-Request-Method
X-Cache: Hit from cloudfront
Via: 1.1 b9f0050ca4d212d7c855e005be54b1ac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 0-w88gDHtcBRC3VU6uR2-CFgsdnYpABfzmc881CdyUA6MP-Z5vCCug==
Age: 10958

HTTP/1.1 200 OK
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://app.hellosign.com
Access-Control-Allow-Methods: GET
Access-Control-Expose-Headers: Access-Control-Allow-Headers, Access-Control-Allow-Methods, Access-Control-Allow-Origin, Access-Control-Expose-Headers, Access-Control-Max-Age
Access-Control-Max-Age: 3000
Access-Control-Allow-Credentials: true
Last-Modified: Tue, 23 Apr 2024 16:17:59 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: rNhpke3vZHyjF_tr1a4XuQ7M2Mfh9Dfe
Server: AmazonS3
Content-Encoding: br
Date: Thu, 25 Apr 2024 17:54:47 GMT
ETag: W/"770701ff1a8ed1aca63c54f6e3f7d333"
Vary: Accept-Encoding,Origin,Access-Control-Request-Method
X-Cache: Hit from cloudfront
Via: 1.1 2afd697fc5d0058ea30d6c4b939e714c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 94sNN_MAsg9VhwXxNNQxOq9x9tUqpEvLkESFhJCz5DcS4zRYmomNrQ==
Age: 10958

HTTP/3 200 OK
date: Thu, 25 Apr 2024 20:57:24 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
last-modified: Fri, 05 Jan 2024 02:29:15 GMT
x-dropbox-request-id: 137cb43ada48c6b8dc6055b342efbf4e
x-content-type-options: nosniff
x-cached: HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public, immutable
access-control-allow-origin: *
timing-allow-origin: https://www.dropbox.com
cf-cache-status: HIT
age: 2007734
server: cloudflare
cf-ray: 87a13ec78fd8569c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

HTTP/1.1 200 OK
Date: Thu, 25 Apr 2024 20:57:24 GMT
Content-Type: application/json
Content-Length: 89
Connection: keep-alive
Set-Cookie: AWSALB=jguUSzlhwb9VXuHAqpqlw5mzfyRVKWzAQs28xyMgdvECq7GVIHLDXJ+4G0pRqpzgEhCtGDAUWIH2GlRmm3WzPpIw3t1PBJZSATkB9zLupVvXteqSOwD+f8/q7ZoR; Expires=Thu, 02 May 2024 20:57:24 GMT; Path=/
AWSALBCORS=jguUSzlhwb9VXuHAqpqlw5mzfyRVKWzAQs28xyMgdvECq7GVIHLDXJ+4G0pRqpzgEhCtGDAUWIH2GlRmm3WzPpIw3t1PBJZSATkB9zLupVvXteqSOwD+f8/q7ZoR; Expires=Thu, 02 May 2024 20:57:24 GMT; Path=/; SameSite=None; Secure
hf_ref_lt=aHR0cHM6Ly9hcHAuaGVsbG9zaWduLmNvbS9zaWduLzhlNTRlNTE1Mzc5ZmJkZGJiOGFhYzY5NmY2OWI5ZDQ4OTRhYTQwZjkqW10qaHR0cHM6Ly9hcHAuaGVsbG9zaWduLmNvbS9zaWduYXR1cmUvbGlzdD90eXBlX2NvZGU9UyZ1eF92ZXJzaW9uPTImcHJlbG9hZGVkX3RzbV9ncm91cF9rZXk9ZGVmYXVsdA==; expires=Sat, 25 May 2024 20:57:24 GMT; Max-Age=2592000; path=/; domain=hellosign.com
Server: Apache
Strict-Transport-Security: max-age=31536000
Cache-Control: private
X-Content-Type-Options: nosniff
Referrer-Policy: origin-when-cross-origin
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Encoding: gzip
P3P: CP="NOP3PPOLICY"

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Thu, 25 Apr 2024 20:57:25 GMT
Last-Modified: Thu, 25 Apr 2024 19:45:55 GMT
Server: ECAcc (ska/F749)
X-Cache: Miss from cloudfront
Via: 1.1 c9f2a4d2bcd548d1a3cbe1617a22f216.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 1zyxTsGcobsjCpNT2q9-zKiCScVevtWKctBTKHzzeHmzrdl7KY-T6w==
Age: 4290

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Thu, 25 Apr 2024 20:57:25 GMT
Last-Modified: Thu, 25 Apr 2024 19:45:55 GMT
Server: ECAcc (ska/F749)
X-Cache: Miss from cloudfront
Via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: QU4sxDyjYW0sUeeB2J8pM_t8KvXSC9h_ih2hsLrBemROiDviVKz4kQ==
Age: 4290

HTTP/1.1 200 OK
Date: Thu, 25 Apr 2024 20:57:25 GMT
Content-Type: application/json
Content-Length: 317
Connection: keep-alive
Set-Cookie: AWSALB=o75EJSNkTToJ/Ph0Zye4ygFNY3QTF6Nl/VRR8PGQgePco1bvETctJvtoYk4XXXpijEzwcai55ot1HsDHN+ECdobR42k0OZ7Z9/A5feyb/0tYgLfGpWLv01PMyl7a; Expires=Thu, 02 May 2024 20:57:24 GMT; Path=/
AWSALBCORS=o75EJSNkTToJ/Ph0Zye4ygFNY3QTF6Nl/VRR8PGQgePco1bvETctJvtoYk4XXXpijEzwcai55ot1HsDHN+ECdobR42k0OZ7Z9/A5feyb/0tYgLfGpWLv01PMyl7a; Expires=Thu, 02 May 2024 20:57:24 GMT; Path=/; SameSite=None; Secure
hf_ref_lt=aHR0cHM6Ly9hcHAuaGVsbG9zaWduLmNvbS9zaWduLzhlNTRlNTE1Mzc5ZmJkZGJiOGFhYzY5NmY2OWI5ZDQ4OTRhYTQwZjkqW10qaHR0cHM6Ly9hcHAuaGVsbG9zaWduLmNvbS9hcGkvc2lnbi11cC1kYXRhPw==; expires=Sat, 25 May 2024 20:57:25 GMT; Max-Age=2592000; path=/; domain=hellosign.com
Server: Apache
Strict-Transport-Security: max-age=31536000
Cache-Control: private
Vary: Accept-Encoding
Content-Encoding: gzip
P3P: CP="NOP3PPOLICY"

HTTP/1.1 200 OK
Content-Type: font/woff2
Content-Length: 43308
Connection: keep-alive
Date: Thu, 25 Apr 2024 05:39:39 GMT
Access-Control-Allow-Origin: https://app.hellosign.com
Access-Control-Allow-Methods: GET
Access-Control-Expose-Headers: Access-Control-Allow-Headers, Access-Control-Allow-Methods, Access-Control-Allow-Origin, Access-Control-Expose-Headers, Access-Control-Max-Age
Access-Control-Max-Age: 3000
Access-Control-Allow-Credentials: true
Last-Modified: Tue, 23 Apr 2024 16:17:56 GMT
ETag: "93b6f18ec99bcb7c3fa7ea570a75e240"
x-amz-server-side-encryption: AES256
x-amz-version-id: 3Os6wXx4ppGR1HEiOHJDXP4kyOZ_t6iz
Accept-Ranges: bytes
Server: AmazonS3
Vary: Origin,Access-Control-Request-Method
X-Cache: Hit from cloudfront
Via: 1.1 1d8cf7c8865ed1078c19a98771ad34ca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: e4xrmw8WD4ieK4PT52NcXlagzWTGglccEHkDGqNrFkKMnJe_U3MjoQ==
Age: 55067

HTTP/1.1 200 OK
Content-Type: font/ttf
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://app.hellosign.com
Access-Control-Allow-Methods: GET
Access-Control-Expose-Headers: Access-Control-Allow-Headers, Access-Control-Allow-Methods, Access-Control-Allow-Origin, Access-Control-Expose-Headers, Access-Control-Max-Age
Access-Control-Max-Age: 3000
Access-Control-Allow-Credentials: true
Last-Modified: Tue, 23 Apr 2024 16:17:56 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: LASrTSi6t2o90IM6Kx4jniy2BWQeHf3y
Server: AmazonS3
Content-Encoding: gzip
Date: Thu, 25 Apr 2024 06:55:52 GMT
ETag: W/"ca03ffd9dde27ddf9a4786ddf6ad492a"
Vary: Accept-Encoding,Origin,Access-Control-Request-Method
X-Cache: Hit from cloudfront
Via: 1.1 1d8cf7c8865ed1078c19a98771ad34ca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: wbj7yL9VCpvRJdzINqreKYmQePOLkPoYuNH15HKTmpJEedNF2Ylx7w==
Age: 50494

HTTP/1.1 200 OK
Content-Type: font/woff2
Content-Length: 46188
Connection: keep-alive
Access-Control-Allow-Origin: https://app.hellosign.com
Access-Control-Allow-Methods: GET
Access-Control-Expose-Headers: Access-Control-Allow-Headers, Access-Control-Allow-Methods, Access-Control-Allow-Origin, Access-Control-Expose-Headers, Access-Control-Max-Age
Access-Control-Max-Age: 3000
Access-Control-Allow-Credentials: true
Last-Modified: Tue, 23 Apr 2024 16:17:58 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: 5UH5SvF2nj1I4uJsPLoMbnKlvoCQzffa
Accept-Ranges: bytes
Server: AmazonS3
Date: Thu, 25 Apr 2024 18:00:28 GMT
ETag: "dfc5e24cbc1b134e0c00c61e84ec999a"
Vary: Accept-Encoding,Origin,Access-Control-Request-Method
X-Cache: Hit from cloudfront
Via: 1.1 2afd697fc5d0058ea30d6c4b939e714c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: DzBfmyj8o1RTbXsDgp1AGC7Ta7GAM0GsA8rOtxPezf3D2npL2jAE-Q==
Age: 10618

HTTP/1.1 200 OK
Content-Type: font/woff2
Content-Length: 54666
Connection: keep-alive
Access-Control-Allow-Origin: https://app.hellosign.com
Access-Control-Allow-Methods: GET
Access-Control-Expose-Headers: Access-Control-Allow-Headers, Access-Control-Allow-Methods, Access-Control-Allow-Origin, Access-Control-Expose-Headers, Access-Control-Max-Age
Access-Control-Max-Age: 3000
Access-Control-Allow-Credentials: true
Last-Modified: Tue, 23 Apr 2024 16:17:58 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: nUugFTt8mqIgdRSGWZ_RMxit9hz8krkX
Accept-Ranges: bytes
Server: AmazonS3
Date: Thu, 25 Apr 2024 17:56:35 GMT
ETag: "ebee194a9b773f166dc16096f8614aaa"
Vary: Accept-Encoding,Origin,Access-Control-Request-Method
X-Cache: Hit from cloudfront
Via: 1.1 b9f0050ca4d212d7c855e005be54b1ac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: to6HxiCfppNZMbJDz4eCNTh3mz7chKlXP-6kwov37Pqoz9wnZDTHSg==
Age: 10850

HTTP/3 200 OK
date: Thu, 25 Apr 2024 20:57:24 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
last-modified: Fri, 22 Mar 2024 00:45:47 GMT
x-dropbox-request-id: 0f305d56eb9e6813747cf9c558e6dfff
x-content-type-options: nosniff
x-cached: HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public, immutable
access-control-allow-origin: *
timing-allow-origin: https://www.dropbox.com
content-encoding: br
cf-cache-status: HIT
age: 2602506
server: cloudflare
cf-ray: 87a13ec898f2569c-OSL
alt-svc: h3=":443"; ma=86400

HTTP/3 200 OK
date: Thu, 25 Apr 2024 20:57:24 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
last-modified: Fri, 05 Apr 2024 20:27:20 GMT
x-dropbox-request-id: 8b695a9bcb06b78a775e82a04d822f20
x-content-type-options: nosniff
x-cached: MISS
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public, immutable
access-control-allow-origin: *
timing-allow-origin: https://www.dropbox.com
content-encoding: br
cf-cache-status: HIT
age: 1583888
server: cloudflare
cf-ray: 87a13ecaab53569c-OSL
alt-svc: h3=":443"; ma=86400

HTTP/2 200 OK
content-type: application/json
content-length: 2
access-control-allow-origin: *
vary: origin,access-control-request-method,access-control-request-headers
access-control-expose-headers: x-sentry-error,x-sentry-rate-limits,retry-after
cross-origin-resource-policy: cross-origin
server: envoy
date: Thu, 25 Apr 2024 20:57:24 GMT
x-dropbox-response-origin: far_remote
x-dropbox-request-id: 61529ef9d6aa46c2b6c20de3e6bbb10a
X-Firefox-Spdy: h2

HTTP/1.1 200 OK
timing-allow-origin: https://0.0.com, https://0.1.com, https://1.0.com, https://1.1.com
access-control-allow-origin: *
content-type: application/json; charset=utf-8
content-length: 681
etag: W/"2a9-Svz8pq50V9MU8YUwWrgSAJ8P/kY"
vary: Accept-Encoding
date: Thu, 25 Apr 2024 20:57:25 GMT
x-envoy-upstream-service-time: 51
server: istio-envoy

HTTP/1.1 204 No Content
timing-allow-origin: https://0.0.com, https://0.1.com, https://1.0.com, https://1.1.com
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
vary: Access-Control-Request-Headers
access-control-allow-headers: content-type,userleap-platform,x-ul-environment-id,x-ul-installation-method,x-ul-sdk-version,x-ul-visitor-id
date: Thu, 25 Apr 2024 20:57:25 GMT
x-envoy-upstream-service-time: 199
server: istio-envoy

HTTP/1.1 204 No Content
timing-allow-origin: https://0.0.com, https://0.1.com, https://1.0.com, https://1.1.com
access-control-allow-origin: *
authorization: Bearer eyJhbGciOiJIUzUxMiIsInR5cCI6IkpXVCJ9.eyJndCI6InZpc2l0b3IiLCJpZCI6IkIwZ1l4OExwWk0iLCJ2aWQiOiI1MjU4ZWFjNy02ZDQ0LTQ0MzgtYmU2MS1iY2I5NDY3ODBmYjciLCJpYXQiOjE3MTQwNzg2NDYsImV4cCI6MTcxNDI1MTQ0Nn0.iaOzlVtni5ognfIcFl3q-y_-CuYx-W3GIjr2gCe5-SgfwMde9ySlj6mImOtmRZ0x_JUS8NdLCFDDzzz69fGSZw
x-ul-visitor-id: 5258eac7-6d44-4438-be61-bcb946780fb7
access-control-expose-headers: Authorization,x-ul-visitor-id
etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
date: Thu, 25 Apr 2024 20:57:26 GMT
x-envoy-upstream-service-time: 46
server: istio-envoy

HTTP/3 200 OK
date: Thu, 25 Apr 2024 20:57:24 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
last-modified: Thu, 04 Apr 2024 00:37:08 GMT
x-dropbox-request-id: bb02d5fc10c17693c5fc53502f6e7fca
x-content-type-options: nosniff
x-cached: HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public, immutable
access-control-allow-origin: *
timing-allow-origin: https://www.dropbox.com
content-encoding: br
cf-cache-status: HIT
age: 1864765
server: cloudflare
cf-ray: 87a13ec7fcea712d-OSL
alt-svc: h3=":443"; ma=86400

HTTP/3 200 OK
date: Thu, 25 Apr 2024 20:57:24 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
last-modified: Fri, 05 Apr 2024 00:50:37 GMT
x-dropbox-request-id: ae8e11eb58344eaf3ae74241d466984a
x-content-type-options: nosniff
x-cached: HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public, immutable
access-control-allow-origin: *
timing-allow-origin: https://www.dropbox.com
content-encoding: br
cf-cache-status: HIT
age: 1774685
server: cloudflare
cf-ray: 87a13ec78fd2569c-OSL
alt-svc: h3=":443"; ma=86400

HTTP/3 200 OK
date: Thu, 25 Apr 2024 20:57:24 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
last-modified: Wed, 17 Apr 2024 20:53:12 GMT
x-dropbox-request-id: 44757e52e873178d0421b946b5c70931
x-content-type-options: nosniff
x-cached: HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public, immutable
access-control-allow-origin: *
timing-allow-origin: https://www.dropbox.com
content-encoding: br
cf-cache-status: HIT
age: 617381
server: cloudflare
cf-ray: 87a13ec78fd4569c-OSL
alt-svc: h3=":443"; ma=86400

HTTP/3 200 OK
date: Thu, 25 Apr 2024 20:57:24 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
last-modified: Fri, 05 Apr 2024 00:50:37 GMT
x-dropbox-request-id: 23a86dd18e0078d3acdb0b1736af500b
x-content-type-options: nosniff
x-cached: HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public, immutable
access-control-allow-origin: *
timing-allow-origin: https://www.dropbox.com
content-encoding: br
cf-cache-status: HIT
age: 1758208
server: cloudflare
cf-ray: 87a13ec78fda569c-OSL
alt-svc: h3=":443"; ma=86400

HTTP/2 200 OK
content-type: text/plain; charset=utf-8
access-control-allow-credentials: true
access-control-allow-origin: https://www.dropbox.com
access-control-expose-headers: Accept-Ranges, Content-Disposition, Content-Encoding, Content-Length, Content-Range, X-Dropbox-Metadata, X-Dropbox-Request-Id, X-JSON, X-Server-Response-Time, Timing-Allow-Origin, x-dropbox-pdf-password-needed
content-disposition: attachment
content-security-policy: base-uri 'self' ; child-src https://www.dropbox.com/static/serviceworker/ blob: ; connect-src https://* ws://127.0.0.1:*/ws wss://dsimports.dropbox.com/ ; default-src 'none' ; font-src https://* data: ; form-action 'self' https://www.dropbox.com/ https://dl-web.dropbox.com/ https://photos.dropbox.com/ https://paper.dropbox.com/ https://showcase.dropbox.com/ https://www.hellofax.com/ https://app.hellofax.com/ https://www.hellosign.com/ https://app.hellosign.com/ https://docsend.com/ https://www.docsend.com/ https://help.dropbox.com/ https://navi.dropbox.jp/ https://a.sprig.com/ https://selfguidedlearning.dropboxbusiness.com/ https://instructorledlearning.dropboxbusiness.com/ https://sales.dropboxbusiness.com/ https://accounts.google.com/ https://api.login.yahoo.com/ https://login.yahoo.com/ https://experience.dropbox.com/ https://pal-test.adyen.com https://2e83413d8036243b-Dropbox-pal-live.adyenpayments.com/ https://onedrive.live.com/picker ; frame-src https://* carousel: dbapi-6: dbapi-7: dbapi-8: dropbox-client: itms-apps: itms-appss: ; img-src https://* data: blob: ; media-src https://* blob: ; object-src 'self' https://cfl.dropboxstatic.com/static/ https://www.dropboxstatic.com/static/ ; report-uri https://www.dropbox.com/csp_log?policy_name=metaserver-whitelist ; script-src 'unsafe-eval' https://www.dropbox.com/static/api/ https://www.dropbox.com/pithos/* https://www.dropbox.com/page_success/ https://cfl.dropboxstatic.com/static/ https://www.dropboxstatic.com/static/ https://accounts.google.com/gsi/client https://canny.io/sdk.js 'nonce-vyDrZksPcdJmZ/2SIihS' ; style-src https://* 'unsafe-inline' 'unsafe-eval' ; worker-src https://www.dropbox.com/static/serviceworker/ https://www.dropbox.com/encrypted_folder_download/service_worker.js blob:, report-uri https://www.dropbox.com/csp_log?policy_name=metaserver-dynamic ; script-src 'unsafe-eval' 'strict-dynamic' 'nonce-vyDrZksPcdJmZ/2SIihS' 'nonce-70gWgL3GlcydYYPnfIfN'
referrer-policy: strict-origin-when-cross-origin
set-cookie: t=t8q9ASfUIZ-XLwZ1jGonjx_0; Domain=dropbox.com; expires=Sun, 25 Apr 2027 20:57:37 GMT; HttpOnly; Path=/; SameSite=None; Secure
__Host-js_csrf=t8q9ASfUIZ-XLwZ1jGonjx_0; expires=Sun, 25 Apr 2027 20:57:37 GMT; Path=/; SameSite=None; Secure
__Host-ss=XAUSEqSdYs; expires=Sun, 25 Apr 2027 20:57:37 GMT; HttpOnly; Path=/; SameSite=Strict; Secure
vary: Origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-server-response-time: 48
x-xss-protection: 1; mode=block
date: Thu, 25 Apr 2024 20:57:36 GMT
server: envoy
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 0
cache-control: no-cache, no-store
x-dropbox-response-origin: far_remote
x-dropbox-request-id: 2bf5c28bfa7845e8898645cb82f9bcda
X-Firefox-Spdy: h2

HTTP/2 200 OK
content-type: text/plain; charset=utf-8
access-control-allow-credentials: true
access-control-allow-origin: https://www.dropbox.com
access-control-expose-headers: Accept-Ranges, Content-Disposition, Content-Encoding, Content-Length, Content-Range, X-Dropbox-Metadata, X-Dropbox-Request-Id, X-JSON, X-Server-Response-Time, Timing-Allow-Origin, x-dropbox-pdf-password-needed
content-disposition: attachment
content-security-policy: base-uri 'self' ; child-src https://www.dropbox.com/static/serviceworker/ blob: ; connect-src https://* ws://127.0.0.1:*/ws wss://dsimports.dropbox.com/ ; default-src 'none' ; font-src https://* data: ; form-action 'self' https://www.dropbox.com/ https://dl-web.dropbox.com/ https://photos.dropbox.com/ https://paper.dropbox.com/ https://showcase.dropbox.com/ https://www.hellofax.com/ https://app.hellofax.com/ https://www.hellosign.com/ https://app.hellosign.com/ https://docsend.com/ https://www.docsend.com/ https://help.dropbox.com/ https://navi.dropbox.jp/ https://a.sprig.com/ https://selfguidedlearning.dropboxbusiness.com/ https://instructorledlearning.dropboxbusiness.com/ https://sales.dropboxbusiness.com/ https://accounts.google.com/ https://api.login.yahoo.com/ https://login.yahoo.com/ https://experience.dropbox.com/ https://pal-test.adyen.com https://2e83413d8036243b-Dropbox-pal-live.adyenpayments.com/ https://onedrive.live.com/picker ; frame-src https://* carousel: dbapi-6: dbapi-7: dbapi-8: dropbox-client: itms-apps: itms-appss: ; img-src https://* data: blob: ; media-src https://* blob: ; object-src 'self' https://cfl.dropboxstatic.com/static/ https://www.dropboxstatic.com/static/ ; report-uri https://www.dropbox.com/csp_log?policy_name=metaserver-whitelist ; script-src 'unsafe-eval' https://www.dropbox.com/static/api/ https://www.dropbox.com/pithos/* https://www.dropbox.com/page_success/ https://cfl.dropboxstatic.com/static/ https://www.dropboxstatic.com/static/ https://accounts.google.com/gsi/client https://canny.io/sdk.js 'nonce-vyDrZksPcdJmZ/2SIihS' ; style-src https://* 'unsafe-inline' 'unsafe-eval' ; worker-src https://www.dropbox.com/static/serviceworker/ https://www.dropbox.com/encrypted_folder_download/service_worker.js blob:, report-uri https://www.dropbox.com/csp_log?policy_name=metaserver-dynamic ; script-src 'unsafe-eval' 'strict-dynamic' 'nonce-vyDrZksPcdJmZ/2SIihS' 'nonce-70gWgL3GlcydYYPnfIfN'
referrer-policy: strict-origin-when-cross-origin
set-cookie: t=t8q9ASfUIZ-XLwZ1jGonjx_0; Domain=dropbox.com; expires=Sun, 25 Apr 2027 20:57:40 GMT; HttpOnly; Path=/; SameSite=None; Secure
__Host-js_csrf=t8q9ASfUIZ-XLwZ1jGonjx_0; expires=Sun, 25 Apr 2027 20:57:40 GMT; Path=/; SameSite=None; Secure
__Host-ss=XAUSEqSdYs; expires=Sun, 25 Apr 2027 20:57:40 GMT; HttpOnly; Path=/; SameSite=Strict; Secure
vary: Origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-server-response-time: 22
x-xss-protection: 1; mode=block
date: Thu, 25 Apr 2024 20:57:39 GMT
server: envoy
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 0
cache-control: no-cache, no-store
x-dropbox-response-origin: far_remote
x-dropbox-request-id: f5f612d0eb4944f68189088df31a8457
X-Firefox-Spdy: h2

HTTP/2 200 OK
content-type: text/plain; charset=utf-8
access-control-allow-credentials: true
access-control-allow-origin: https://www.dropbox.com
access-control-expose-headers: Accept-Ranges, Content-Disposition, Content-Encoding, Content-Length, Content-Range, X-Dropbox-Metadata, X-Dropbox-Request-Id, X-JSON, X-Server-Response-Time, Timing-Allow-Origin, x-dropbox-pdf-password-needed
content-disposition: attachment
content-security-policy: base-uri 'self' ; child-src https://www.dropbox.com/static/serviceworker/ blob: ; connect-src https://* ws://127.0.0.1:*/ws wss://dsimports.dropbox.com/ ; default-src 'none' ; font-src https://* data: ; form-action 'self' https://www.dropbox.com/ https://dl-web.dropbox.com/ https://photos.dropbox.com/ https://paper.dropbox.com/ https://showcase.dropbox.com/ https://www.hellofax.com/ https://app.hellofax.com/ https://www.hellosign.com/ https://app.hellosign.com/ https://docsend.com/ https://www.docsend.com/ https://help.dropbox.com/ https://navi.dropbox.jp/ https://a.sprig.com/ https://selfguidedlearning.dropboxbusiness.com/ https://instructorledlearning.dropboxbusiness.com/ https://sales.dropboxbusiness.com/ https://accounts.google.com/ https://api.login.yahoo.com/ https://login.yahoo.com/ https://experience.dropbox.com/ https://pal-test.adyen.com https://2e83413d8036243b-Dropbox-pal-live.adyenpayments.com/ https://onedrive.live.com/picker ; frame-src https://* carousel: dbapi-6: dbapi-7: dbapi-8: dropbox-client: itms-apps: itms-appss: ; img-src https://* data: blob: ; media-src https://* blob: ; object-src 'self' https://cfl.dropboxstatic.com/static/ https://www.dropboxstatic.com/static/ ; report-uri https://www.dropbox.com/csp_log?policy_name=metaserver-whitelist ; script-src 'unsafe-eval' https://www.dropbox.com/static/api/ https://www.dropbox.com/pithos/* https://www.dropbox.com/page_success/ https://cfl.dropboxstatic.com/static/ https://www.dropboxstatic.com/static/ https://accounts.google.com/gsi/client https://canny.io/sdk.js 'nonce-vyDrZksPcdJmZ/2SIihS' ; style-src https://* 'unsafe-inline' 'unsafe-eval' ; worker-src https://www.dropbox.com/static/serviceworker/ https://www.dropbox.com/encrypted_folder_download/service_worker.js blob:, report-uri https://www.dropbox.com/csp_log?policy_name=metaserver-dynamic ; script-src 'unsafe-eval' 'strict-dynamic' 'nonce-vyDrZksPcdJmZ/2SIihS' 'nonce-70gWgL3GlcydYYPnfIfN'
referrer-policy: strict-origin-when-cross-origin
set-cookie: t=t8q9ASfUIZ-XLwZ1jGonjx_0; Domain=dropbox.com; expires=Sun, 25 Apr 2027 20:57:45 GMT; HttpOnly; Path=/; SameSite=None; Secure
__Host-js_csrf=t8q9ASfUIZ-XLwZ1jGonjx_0; expires=Sun, 25 Apr 2027 20:57:45 GMT; Path=/; SameSite=None; Secure
__Host-ss=XAUSEqSdYs; expires=Sun, 25 Apr 2027 20:57:45 GMT; HttpOnly; Path=/; SameSite=Strict; Secure
vary: Origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-server-response-time: 44
x-xss-protection: 1; mode=block
date: Thu, 25 Apr 2024 20:57:45 GMT
server: envoy
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 0
cache-control: no-cache, no-store
x-dropbox-response-origin: far_remote
x-dropbox-request-id: 13175d871fc141758964c39f0e53afc4
X-Firefox-Spdy: h2