Access-Control-Allow-Credentials: true
Access-Control-Allow-Method: OPTIONS
Access-Control-Allow-Origin: https://b-m.facebook.com
Access-Control-Expose-Headers: X-FB-Debug, X-Loader-Length
Cache-Control: private, no-cache, no-store, must-revalidate
Content-Security-Policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' fbstatic-a.akamaihd.net fbcdn-static-b-a.akamaihd.net *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* *.akamaihd.net wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Content-Type: text/html; charset=utf-8
Date: Thu, 05 Oct 2017 16:45:27 GMT
Expires: Sat, 01 Jan 2000 00:00:00 GMT
Pragma: no-cache
Public-Key-Pins-Report-Only: max-age=600; pin-sha256="WoiWRyIOVNa9ihaBciRSC7XHjliYS9VwUGOIud4PB18="; pin-sha256="k2v657xBsOVe1PQRwOsHsw3bsGT2VzIqz5K+59sNQws="; pin-sha256="gMxWOrX4PMQesK9qFNbYBxjBfjUvlkn/vN1n+L9lE5E="; pin-sha256="q4PO2G2cbkZhZ82+JgmRUyGMoAeozA+BSXVXQWB8XWQ="; report-uri="http://reports.fb.com/hpkp/"
Set-Cookie: datr=p2HWWcTQKEiZBPo2U2uZcPCk; expires=Sat, 05-Oct-2019 16:45:27 GMT; Max-Age=63072000; path=/; domain=.facebook.com; secure; httponly reg_fb_ref=https%3A%2F%2Fb-m.facebook.com%2F; path=/; domain=.facebook.com; secure; httponly reg_fb_gate=https%3A%2F%2Fb-m.facebook.com%2F; path=/; domain=.facebook.com; secure; httponly fr=0M2SmzbiZu4pAqFO2..BZ1mGn.4K.AAA.0.0.BZ1mGn.AWUh8ChA; expires=Wed, 03-Jan-2018 16:45:27 GMT; Max-Age=7776000; path=/; domain=.facebook.com; secure; httponly sb=p2HWWY3JEuzW79zvjjqWFy-7; expires=Sat, 05-Oct-2019 16:45:27 GMT; Max-Age=63072000; path=/; domain=.facebook.com; secure; httponly
Status: 200
Strict-Transport-Security: max-age=15552000; preload
Vary: Origin Accept-Encoding
X-Content-Type-Options: nosniff
X-Fb-Debug: LFoVfsutL1lEiXe4tdw3pu1Nb2Qi5WG+e7t8/e20G4MTKThifqZY6tlg4aGP66D9Xr4k09YlNcfbSmUHCLPfEg==
X-Frame-Options: DENY
X-Xss-Protection: 0