Server | Apache |
Strict-Transport-Security | max-age=631138520; includeSubDomains; preload |
X-Frame-Options | SAMEORIGIN |
Content-Security-Policy-Report-Only | default-src *; script-src 'unsafe-inline' 'unsafe-eval' https://*.etsy.com https://*.etsystatic.com *.googletagmanager.com *.go-mpulse.net *.btstatic.com *.google-analytics.com *.netmng.com *.thebrighttag.com *.googleadservices.com *.facebook.net *.facebook.com *.google.com *.dwin1.com *.tumblr.com *.twitter.com *.steelhousemedia.com t.cxt.ms connexity.net; style-src 'unsafe-inline' 'self'; connect-src https://*.etsy.com http://*.etsy.com; report-uri /beacon/csp.php |
X-XSS-Protection | 1; mode=block; report=/beacon/csp.php |
X-Content-Type-Options | nosniff |
X-Recruiting | Is code your craft? https://www.etsy.com/careers |
Content-Encoding | gzip |
Expires | Thu, 19 Nov 1981 08:52:00 GMT |
Cache-Control | private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0 |
X-Cnection | close |
Content-Type | text/html; charset=UTF-8 |
Accept-Ranges | bytes |
Via | 1.1 varnish |
Age | 0 |
Connection | keep-alive |
X-Served-By | cache-jfk1020-JFK |
X-Cache | MISS |
X-Cache-Hits | 0 |
X-Timer | S1446900350.702937,VS0,VE477 |
Vary | Accept-Encoding |