HTTP/1.1 200 OKp3p: CP="This is not a P3P policy. See https://www.pinterest.com/_/_/help/articles/pinterest-and-p3p for more info."content-security-policy: script-src 'nonce-9dc2f77f6c3d21a6f60d045cb38af93a' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com *.bnc.lt bnc.lt *.branch.io cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com 'unsafe-inline' 'unsafe-eval'; connect-src 'self' *.pinimg.com *.pinterest.com accounts.google.com *.branch.io *.facebook.com *.dropboxapi.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org pinterest-aberdeen.s3.amazonaws.com pinterest-anaheim.s3.amazonaws.com pinterest-media-upload.s3.amazonaws.com pinterest-poughkeepsie.s3.amazonaws.com pinterest-waterloo.s3.amazonaws.com *.cedexis.com *.cedexis-radar.net blob: *.appcues.com *.appcues.net; media-src 'self' *.pinimg.com blob: data:; object-src 'self'; form-action 'self'; base-uri 'none'; report-uri /_/_/csp_report/?rid=5893340499662459; frame-ancestors 'self'content-security-policy-report-only: frame-src 'self' *.google.com *.pinimg.com *.pinterest.com *.pinterdev.com *.facebook.com player.grabnetworks.com www.kickstarter.com staging.slideshare.com player.anyclip.com verify.vote.org movieclips.com scache.vevo.com *.adyen.com www.voteplz.org player.hulu.com www.crackle.com www.dailymotion.com cache.vevo.com www.slideshare.net crackle.com embed.5min.com embed.ted.com register.vote.org absentee.vote.org www.crunchyroll.com videoplayer.vevo.com w.soundcloud.com embed-ssl.ted.com www.youtube.com player.vimeo.com vine.co scache.vevo.com bid.g.doubleclick.net *.fls.doubleclick.net pinterest-waterloo.s3.amazonaws.com rich_pin_feeds.s3.amazonaws.com pinlogs.s3.amazonaws.com advertising-delivery-metric-reports.s3.amazonaws.com; report-uri /_/_/csp_report/?reportonlyx-frame-options: SAMEORIGINx-xss-protection: 1; mode=blockx-content-type-options: nosniffVary: User-Agent, Accept-Encodingx-ua-compatible: IE=edgeContent-Type: text/html; charset=utf-8x-envoy-upstream-service-time: 70x-pinterest-direct: truepinterest-generated-by: coreapp-webapp-prod-0a010287pinterest-version: cf08824x-pinterest-rid: 5893340499662459Content-Length: 1Date: Tue, 07 Apr 2020 00:07:18 GMTConnection: keep-aliveSet-Cookie: csrftoken=78c1bb5517e6081791535351fc685b73; path=/; expires=Wed, 07 Apr 2021 00:07:18 GMT; secureSet-Cookie: _pinterest_sess=TWc9PSZZK211RGdJZk9KcTQwUG1reC9iRzU5b3ZhQ250WVBIT09mWWpkdjRBU1NUVE5ERVRjZGRsak9wamlneDV0YURQOE5UV3NiOS9ZSVpuaU1MWUF3S3JpUmk4SzlHMFFEeURGVkRiTCtQMk9TSDlIeU14d1JOdUZ3c0VFQUNiRDlVZ1kvcDVJWWNObENIS2RRZEY1R3oweSszU2V1QUhEeG5hZm1kN0w1TEM2MEE9JnpkOVVkcHlnQ0RNTVpTb2U3bStXTjRvZEFwYz0=; path=/; expires=Fri, 02 Apr 2021 00:07:18 GMT; domain=.pinterest.com; samesite=None; secure; httponlySet-Cookie: _auth=0; path=/; expires=Fri, 02 Apr 2021 00:07:18 GMT; domain=.pinterest.com; secure; httponlySet-Cookie: _routing_id="6a7344e5-fc8c-4359-88e2-5bcaadf93f81"; Max-Age=86400; Path=/; HttpOnlyX-CDN: akamaiStrict-Transport-Security: max-age=31536000 ; includeSubDomains ; preload