Content-Encoding | gzip |
Content-Security-Policy | default-src 'self' https://*.pinterest.com https://*.pinimg.com *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com https://*.googleapis.com *.gstatic.com https://*.facebook.com *.facebook.com www.googleadservices.com googleads.g.doubleclick.net platform.twitter.com *.tiles.mapbox.com *.online-metrix.net *.bnc.lt bnc.lt *.yozio.com https://cdn.ampproject.org 'unsafe-inline' 'unsafe-eval'; media-src 'self' *.pinimg.com blob:; frame-src *; connect-src 'self' *.mapbox.com *.pinterest.com pinterest-media-upload.s3.amazonaws.com ; img-src * data:; report-uri /_/_/csp_report/ |
Content-Type | text/html; charset=utf-8 |
P3p | CP="This is not a P3P policy. See https://www.pinterest.com/_/_/help/articles/pinterest-and-p3p for more info." |
Pinterest-Generated-By | coreapp-webapp-prod-0a010ea2 |
Pinterest-Version | 12dec05 |
Server | nginx |
Strict-Transport-Security | max-age=31556926; |
Vary | User-Agent, Cookie, Accept-Encoding |
X-Content-Type-Options | nosniff |
X-Frame-Options | SAMEORIGIN |
X-Pinterest-RID | 725716560521 |
X-Ua-Compatible | IE=edge |
X-Varnish | 516105387 |
X-Xss-Protection | 1; mode=block |
Transfer-Encoding | chunked |
Connection | keep-alive, Transfer-Encoding |