Age | 14027 |
Cache-control | public, max-age=86400, no-cache="set-cookie" |
Content-Encoding | gzip |
Content-Language | en |
Content-Security-Policy | default-src 'self' https://*.bjatraining.org; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.bjatraining.org https://ssl.google-analytics.com https://maps.googleapis.com https://www.google-analytics.com; img-src 'self' data: https://*.bjatraining.org https://ssl.google-analytics.com https://csi.gstatic.com https://maps.gstatic.com https://maps.googleapis.com https://www.google-analytics.com; style-src 'self' 'unsafe-inline' https://*.bjatraining.org https://fonts.googleapis.com https://fonts.gstatic.com; font-src 'self' https://fonts.googleapis.com https://fonts.gstatic.com; object-src 'self'; frame-src 'self' https://*.bjatraining.org https://player.vimeo.com; connect-src 'self' https://www.google-analytics.com |
Content-Type | text/html; charset=utf-8 |
Expires | Sun, 19 Nov 1978 05:00:00 GMT |
Server | nginx |
Strict-Transport-Security | max-age=15768000; includeSubDomains;, max-age=15768000; includeSubDomains; |
Vary | Accept-Encoding, Cookie |
Via | 1.1 varnish (Varnish/5.2) |
X-Content-Type-Options | nosniff, nosniff, nosniff |
X-Frame-Options | SAMEORIGIN, SAMEORIGIN, SAMEORIGIN |
X-Varnish | 537786 274193 |
X-Varnish-Cache | HIT |
X-XSS-Protection | 1; mode=block; |
transfer-encoding | chunked |
Connection | keep-alive |