Content-Encoding | gzip |
Content-Security-Policy | default-src 'self' https://*.pinterest.com https://*.pinimg.com *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com https://*.googleapis.com *.gstatic.com https://*.facebook.com *.facebook.com www.googleadservices.com googleads.g.doubleclick.net platform.twitter.com *.tiles.mapbox.com *.online-metrix.net *.bnc.lt bnc.lt *.yozio.com 'unsafe-inline' 'unsafe-eval'; media-src 'self' *.pinimg.com blob:; frame-src *; connect-src 'self' *.mapbox.com *.pinterest.com pinterest-media-upload.s3.amazonaws.com ; img-src * data:; report-uri /_/_/csp_report/ |
Content-Type | text/html; charset=utf-8 |
P3p | CP="This is not a P3P policy. See https://www.pinterest.com/_/_/help/articles/pinterest-and-p3p for more info." |
Pinterest-Generated-By | coreapp-webapp-prod-0a0147a7 |
Pinterest-Version | da9e34f |
Server | nginx |
Strict-Transport-Security | max-age=31556926; |
Vary | User-Agent, Cookie, Accept-Encoding |
X-Content-Type-Options | nosniff |
X-Frame-Options | SAMEORIGIN |
X-Pinterest-RID | 757662818575 |
X-Ua-Compatible | IE=edge |
X-Varnish | 833418270 |
X-Xss-Protection | 1; mode=block |
Transfer-Encoding | chunked |
Connection | keep-alive, Transfer-Encoding |