Access-Control-Allow-Headers: Origin,X-Requested-With,Content-Type,Accept,X-Yii-Csrf-Token
X-Xss-Protection: 1; mode=block
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Accept-Ranges: none
Strict-Transport-Security: max-age=63072000; includeSubdomains;
HTTP/1.1 200 OK
Access-Control-Allow-Methods: GET,HEAD,OPTIONS,POST,PUT
Transfer-Encoding: chunked
Set-Cookie: PHPSESSID=a240e6d5fec3945b8b1dd28ca8cf6b4d; path=/
Content-Type: text/html; charset=UTF-8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
X-Frame-Options: SAMEORIGIN
Date: Tue, 23 May 2017 05:42:44 GMT
Set-Cookie: YII_CSRF_TOKEN=d1ced55ece09da4a033f178e44efc4fc8690fe5ds%3A40%3A%22a58b21406bad9e391e17c4b15d01e1969f5715f5%22%3B; path=/
Access-Control-Allow-Origin: *
Vary: Accept-Encoding,User-Agent
Content-Security-Policy: default-src https://*.tiendo.do; script-src https: 'unsafe-inline' 'unsafe-eval'; style-src https://*.tiendo.do https://fonts.googleapis.com 'unsafe-inline'; font-src https://*.tiendo.do https://fonts.gstatic.com data:; frame-src https:; img-src https: data:; connect-src https:
X-Content-Type-Options: nosniff
Server: Apache
Public-Key-Pins: pin-sha256="zXKBVEoSxaEAcCEhUazt9HeVymp/D+id22W+374wIIo="; pin-sha256="Fbr/5aSOo4KRal8YE49t4lc76IOnK/oto9NWV1cSKWM="; pin-sha256="grX4Ta9HpZx6tSHkmCrvpApTQGo67CYDnvprLg5yRME="; pin-sha256="lCppFqbkrlJ3EcVFAkeip0+44VaoJUymbnOaEUk7tEU="; max-age=5184000
Access-Control-Max-Age: 1000
Access-Control-Allow-Credentials: true