*
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'; base-uri 'none'
x-content-type-options: nosniff
x-server-version-bin: CgoIBBD645TNBhgB
content-type: application/vnd.google.octet-stream-compressible; charset=x-user-defined
content-encoding: gzip
server: scaffolding on HTTPServer2
x-xss-protection: 0
x-frame-options: SAMEORIGIN
server-timing: gfet4t7; dur=32
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2