HTTP/1.1 200 OKx-xss-protection: 1; mode=blockx-content-type-options: nosniffVary: User-Agent, Accept-Encodingx-ua-compatible: IE=edgereporting-endpoints: coop-endpoint="https://www.pinterest.com/_/_/coop_report/", coep-endpoint="https://www.pinterest.com/_/_/coep_report/"cross-origin-opener-policy-report-only: same-origin; report-to="coop-endpoint"cross-origin-embedder-policy-report-only: require-corp; report-to="coep-endpoint"p3p: CP="This is not a P3P policy. See https://www.pinterest.com/_/_/help/articles/pinterest-and-p3p for more info."Content-Security-Policy: default-src 'self' blob: s.pinimg.com; font-src 'self' s.pinimg.com data: fonts.googleapis.com fonts.gstatic.com use.typekit.net; style-src 'self' blob: 'unsafe-inline' data: *.pinimg.com *.pinterest.com accounts.google.com fonts.googleapis.com *.adyen.com *.adyenpayments.com; img-src blob: data: *; base-uri 'none'; connect-src 'self' blob: *.pinimg.com *.pinterest.com accounts.google.com *.adyen.com *.adyenpayments.com *.facebook.com www.googleapis.com *.dropboxapi.com pinterest-aberdeen.s3.amazonaws.com pinterest-aberdeen.s3.us-east-1.amazonaws.com pinterest-anaheim.s3.amazonaws.com pinterest-anaheim.s3.us-east-1.amazonaws.com pinterest-hilo.s3.amazonaws.com pinterest-hilo.s3.us-east-1.amazonaws.com pinterest-media-upload.s3.amazonaws.com pinterest-media-upload.s3.us-east-1.amazonaws.com pinterest-media-upload.s3-accelerate.amazonaws.com pinterest-media-upload.s3-accelerate.us-east-1.amazonaws.com pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-poughkeepsie.s3.amazonaws.com pinterest-poughkeepsie.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinterest-plymouth.s3.amazonaws.com pinterest-plymouth.s3.us-east-1.amazonaws.com pinterest-salvador.s3.us-east-1.amazonaws.com *.cedexis.com *.cedexis-radar.net *.tvpixel.com api.pinadmin.com *.live-video.net https://*.daily.co https://*.pluot.blue wss://*.wss.daily.co; form-action 'self' *.adyen.com *.adyenpayments.com; frame-src 'self' *.pinimg.com *.pinterest.com *.adyen.com static-sandbox.dlocal.com static.dlocal.com *.google.com *.facebook.com www.recaptcha.net pinterest-hilo.s3.amazonaws.com pinterest-hilo.s3.us-east-1.amazonaws.com pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinterest-tolu.s3.amazonaws.com pinterest-sim-toontown.s3.amazonaws.com *.pinterdev.com content.googleapis.com *.youtube.com *.ytimg.com player.vimeo.com calendly.com vine.co bid.g.doubleclick.net *.fls.doubleclick.net pinlogs.s3.amazonaws.com pinlogs.s3.us-east-1.amazonaws.com advertising-delivery-metric-reports.s3.amazonaws.com advertising-delivery-metric-reports.s3.us-east-1.amazonaws.com servedby.flashtalking.com pinterest-uk.admo.tv pinterest-uk-web.admo.tv fbrpc://call *.linkedin.com px.ads.linkedin.com; media-src 'self' blob: data: *.pinimg.com *.live-video.net; object-src 'self'; script-src 'nonce-96437f4a825cc393c426c808a1d25b84' 'strict-dynamic' 'self' blob: 'unsafe-inline' *.pinimg.com *.pinterest.com *.adyen.com js.dlocal.com js-sandbox.dlocal.com static-sandbox.dlocal.com static.dlocal.com *.adyenpayments.com 'report-sample' *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.gstatic.cn/recaptcha/ www.recaptcha.net 'wasm-unsafe-eval'; worker-src 'self' blob: 'unsafe-inline'; report-uri /_/_/csp_report/?rid=7131300402256703; frame-ancestors 'self' , script-src 'self' blob: 'unsafe-inline' *.pinimg.com *.pinterest.com *.adyen.com js.dlocal.com js-sandbox.dlocal.com static-sandbox.dlocal.com static.dlocal.com *.adyenpayments.com 'report-sample' *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.gstatic.cn/recaptcha/ www.recaptcha.net 'wasm-unsafe-eval'; report-uri /_/_/csp_report/?rid=7131300402256703x-frame-options: SAMEORIGINorigin-trial: AvlUIFJouPpJAKljRGh7EnYm2Brnx/eu51h39Z7p11vbzNlw2YhkUhxvxZdkS709VlGGNw4Gcg/a9mAzHDrEcQ0AAAB5eyJvcmlnaW4iOiJodHRwczovL3BpbnRlcmVzdC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==Accept-CH: Sec-CH-UA-Full,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform-VersionContent-Type: text/html; charset=utf-8Link: ; rel=preconnect; crossorigin=anonymous, ; rel=preconnect; crossorigin=anonymous, ; rel=preconnect; crossorigin=anonymousx-envoy-upstream-service-time: 98pinterest-generated-by: coreapp-webapp-prod-0a03f14apinterest-version: 4af831dreferrer-policy: originx-pinterest-rid: 7131300402256703Content-Encoding: gzipDate: Fri, 24 Nov 2023 21:30:05 GMTAlt-Svc: h3=":443"; ma=600Content-Length: 13Connection: keep-aliveSet-Cookie: csrftoken=abb0a4350aeb8431b5a58b8a1490b339; path=/; expires=Sat, 23 Nov 2024 21:30:05 GMT; samesite=lax; secureSet-Cookie: _pinterest_sess=TWc9PSZZcDRFeC9zV09md1ZYRlJmUmM0Qmp5WXdPSkpJYkg1bER2dHorUUNOdjBqMjdtRlZvbUxFbXZDd2M0RWlzVC9OQVVyZ1ZuY3BzYktCSDJ6VkprWHhsVjhMdTJpeE44SldTdkl0YzNIYk00TT0mZWFFeHFBVm16THRVZ0grTVFvWlQ2dGpBSmNZPQ==; path=/; expires=Mon, 18 Nov 2024 21:30:05 GMT; samesite=none; secure; httponlySet-Cookie: _auth=0; path=/; expires=Mon, 18 Nov 2024 21:30:05 GMT; secure; httponlySet-Cookie: _routing_id="a84cc887-ec3a-4d1b-9e19-47ae43390471"; Max-Age=86400; Path=/; HttpOnlyAKAMAI-GRN: 0.d5d31702.1700861405.1eb09d14X-CDN: akamaiStrict-Transport-Security: max-age=31536000 ; includeSubDomains ; preload