Public-Key-Pins: pin-sha256="tYkfFN27P1GUjH5ME128BCg302dL2iwOYhz5wwFJb50="; pin-sha256="aR6DUqN8qK4HQGhBpcDLVnkRAvOHH1behpQUU1Xl7fE="; max-age=5356800; includeSubDomains; report-uri="https://docbox.report-uri.io/r/default/hpkp/enforce"
Set-Cookie: laravel_session=eyJpdiI6ImJkZXUrc2ZmbGxIOXFkc3FYSGVsbVE9PSIsInZhbHVlIjoiSTdPRHJGMTR2ZG03TW50Y1h3cXRaQzd6ZlJ2b1BcL1o1anVjdE15WHplMzZUaGlEWFwvbEJ6N0dpT29rUFYxTzVLczR6K3JjTVhmZW8wdnJ6RkdNaTVMZz09IiwibWFjIjoiNWRlMjU1YmY5OWIzYmMwOTAzY2FiOTQxOWJlOTNiNzAyY2M1Zjc4ZWM2ZTNhNTJhYmViOWM2NmViN2U2MWViOCJ9; expires=Mon, 19-Jun-2017 10:08:46 GMT; Max-Age=7200; path=/; httponly
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Server: nginx
Access-Control-Allow-Headers: origin, content-type, accept, access-control-allow-headers, access-control-allow-methods, access-control-allow-origin, authorization
Set-Cookie: XSRF-TOKEN=eyJpdiI6IkVZNUJaUXlyaEhnaERudGQrZkk5c3c9PSIsInZhbHVlIjoiYzFIK3lDWUd5QUF2aWlyVkNDWHlzTWZ6dzFvZVFLZEUwUmlaSWFKRmNzOTZhK2lvTkJ0MDR3M2EyY2Rza0sxd3hqcmR0dzh0MTZQXC9QZkc2bnhiNlwvdz09IiwibWFjIjoiOTc1NWM2MjAzOGVkZjg0NjZjNmQxMTNiNzBmZGJkZWZlZGQ4NzBkOTFkMDUwMjBlNDZlM2I3M2M0YjU3MzIzYiJ9; expires=Mon, 19-Jun-2017 10:08:46 GMT; Max-Age=7200; path=/
HTTP/1.1 200 OK
Date: Mon, 19 Jun 2017 08:08:46 GMT
Cache-Control: no-cache
X-Xss-Protection: 1; mode=block