ict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: same-origin
content-security-policy: default-src 'self'; connect-src *; font-src 'self'; form-action *; img-src 'self' data:; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'
content-type: text/css
server: Apache
X-Firefox-Spdy: h2