Vary: Accept-Encoding,User-Agent
Access-Control-Allow-Methods: GET,HEAD,OPTIONS,POST,PUT
Date: Tue, 23 May 2017 05:42:44 GMT
Server: Apache
HTTP/1.1 200 OK
X-Content-Type-Options: nosniff
Access-Control-Allow-Origin: *
Strict-Transport-Security: max-age=63072000; includeSubdomains;
Access-Control-Allow-Credentials: true
Content-Security-Policy: default-src https://*.tiendo.do; script-src https: 'unsafe-inline' 'unsafe-eval'; style-src https://*.tiendo.do https://fonts.googleapis.com 'unsafe-inline'; font-src https://*.tiendo.do https://fonts.gstatic.com data:; frame-src https:; img-src https: data:; connect-src https:
Set-Cookie: YII_CSRF_TOKEN=d1ced55ece09da4a033f178e44efc4fc8690fe5ds%3A40%3A%22a58b21406bad9e391e17c4b15d01e1969f5715f5%22%3B; path=/
X-Xss-Protection: 1; mode=block
Access-Control-Allow-Headers: Origin,X-Requested-With,Content-Type,Accept,X-Yii-Csrf-Token
Cache-Control: private, no-cache, no-store, proxy-revalidate, no-transform
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
X-Frame-Options: SAMEORIGIN
Set-Cookie: PHPSESSID=a240e6d5fec3945b8b1dd28ca8cf6b4d; path=/
Accept-Ranges: none
Pragma: no-cache
Public-Key-Pins: pin-sha256="zXKBVEoSxaEAcCEhUazt9HeVymp/D+id22W+374wIIo="; pin-sha256="Fbr/5aSOo4KRal8YE49t4lc76IOnK/oto9NWV1cSKWM="; pin-sha256="grX4Ta9HpZx6tSHkmCrvpApTQGo67CYDnvprLg5yRME="; pin-sha256="lCppFqbkrlJ3EcVFAkeip0+44VaoJUymbnOaEUk7tEU="; max-age=5184000
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Access-Control-Max-Age: 1000