https://www.pinterest.com/

Scan ID:: e8d37b69-0c9f-466f-8b59-b90135ada8c5Finished
Submitted URL:: https://pinterest.com/Redirected
Report Finished:: Jan 8, 2025, 09:20:37

Risks · 0 found

Practices that may pose security risks

Security Headers · 6 found

HTTP response headers that can harden the security of a web application

Name	Value	Support	Info
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload	Good	Declare that a website is only accessible over a secure connection (HTTPS). Click to learn more...
X-Frame-Options	SAMEORIGIN	Good	Indicate whether a browser should be allowed to render a page in a <frame>, <iframe>, <embed> or <object>. Click to learn more...
X-Content-Type-Options	nosniff	Good	Indicate that the MIME types advertised in the Content-Type headers should be followed and not be changed. Click to learn more...
Content-Security-Policy	default-src 'self' blob: s.pinimg.com; font-src 'self' s.pinimg.com data: fonts.googleapis.com fonts.gstatic.com use.typekit.net; style-src 'self' blob: 'unsafe-inline' data: .pinimg.com .pinterest.com accounts.google.com fonts.googleapis.com .adyen.com .adyenpayments.com; img-src blob: data: ; base-uri* 'none'; connect-src 'self' blob: m.media-amazon.com .amazon-adsystem.com .ada.support .pinimg.com .pinterest.com accounts.google.com .adyen.com pinterest-salvador.s3.amazonaws.com .adyenpayments.com .facebook.com www.googleapis.com .dropboxapi.com pinterest-aberdeen.s3.amazonaws.com pinterest-aberdeen.s3.us-east-1.amazonaws.com pinterest-anaheim.s3.amazonaws.com pinterest-anaheim.s3.us-east-1.amazonaws.com pinterest-hilo.s3.amazonaws.com pinterest-hilo.s3.us-east-1.amazonaws.com pinterest-sim-toontown.s3.amazonaws.com pinterest-sim-toontown.s3.us-east-1.amazonaws.com pinterest-media-upload.s3.amazonaws.com pinterest-media-upload.s3.us-east-1.amazonaws.com pinterest-media-upload.s3-accelerate.amazonaws.com pinterest-media-upload.s3-accelerate.us-east-1.amazonaws.com pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-poughkeepsie.s3.amazonaws.com pinterest-poughkeepsie.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinterest-plymouth.s3.amazonaws.com pinterest-plymouth.s3.us-east-1.amazonaws.com pinterest-salvador.s3.us-east-1.amazonaws.com pinterest-yamagata.s3.amazonaws.com pinterest-yamagata.s3.us-east-1.amazonaws.com .cedexis.com .cedexis-radar.net .tvpixel.com api.pinadmin.com .live-video.net https://.daily.co https://.pluot.blue wss://.wss.daily.co api.basistheory.com; form-action* 'self' .adyen.com .sofort.com .tink.com .adyenpayments.com; frame-src 'self' .ada.support .pinimg.com .pinterest.com .adyen.com static-sandbox.dlocal.com static.dlocal.com .google.com .facebook.com www.recaptcha.net pinterest-hilo.s3.amazonaws.com pinterest-hilo.s3.us-east-1.amazonaws.com pinterest-sim-toontown.s3.amazonaws.com pinterest-sim-toontown.s3.us-east-1.amazonaws.com pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinterest-tolu.s3.amazonaws.com .pinterdev.com content.googleapis.com .youtube.com .youtube-nocookie.com .ytimg.com player.vimeo.com calendly.com vine.co bid.g.doubleclick.net .fls.doubleclick.net pinlogs.s3.amazonaws.com pinlogs.s3.us-east-1.amazonaws.com advertising-delivery-metric-reports.s3.amazonaws.com advertising-delivery-metric-reports.s3.us-east-1.amazonaws.com servedby.flashtalking.com pinterest-uk.admo.tv pinterest-uk-web.admo.tv fbrpc://call .linkedin.com px.ads.linkedin.com api.basistheory.com js.basistheory.com 3ds.basistheory.com; media-src 'self' blob: m.media-amazon.com data: .pinimg.com .live-video.net; object-src 'self'; script-src 'nonce-b2a3da7dba63434a607ed60e5daa5bc3' 'strict-dynamic' 'self' blob: 'unsafe-inline' .pinimg.com .pinterest.com .adyen.com js.dlocal.com js-sandbox.dlocal.com static-sandbox.dlocal.com static.dlocal.com .adyenpayments.com 'report-sample' .google.com connect.facebook.net .google-analytics.com .facebook.com .googleadservices.com .doubleclick.net .googletagmanager.com radar.cedexis.com .cedexis-test.com www.gstatic.com/recaptcha/ www.gstatic.cn/recaptcha/ www.recaptcha.net 'wasm-unsafe-eval' js.basistheory.com 3ds.basistheory.com; worker-src* 'self' blob: 'unsafe-inline'; report-uri /_/_/csp_report/?rid=9858247930164927; frame-ancestors 'self'; script-src 'self' blob: 'unsafe-inline' .pinimg.com .pinterest.com .adyen.com js.dlocal.com js-sandbox.dlocal.com static-sandbox.dlocal.com static.dlocal.com .adyenpayments.com 'report-sample' .google.com connect.facebook.net .google-analytics.com .facebook.com .googleadservices.com .doubleclick.net .googletagmanager.com radar.cedexis.com .cedexis-test.com www.gstatic.com/recaptcha/ www.gstatic.cn/recaptcha/ www.recaptcha.net 'wasm-unsafe-eval' js.basistheory.com 3ds.basistheory.com; report-uri* /_/_/csp_report/?rid=9858247930164927	Good	Control resources the user agent is allowed to load for a given page. Click to learn more...
Referrer-Policy	origin	Good	Control how much referrer information should be included with requests. Click to learn more...
Clear-Site-Data	—	Good	Control the data stored by a client browser for their origins. Click to learn more...
X-Permitted-Cross-Domain-Policies	—	Good	Control whether a web client such as Adobe Flash Player or Adobe Acrobat has permission to handle data across domains. Click to learn more...
Permissions-Policy	—	New	Allow and deny the use of browser features in a document or iframe. Click to learn more...
Cross-Origin-Embedder-Policy	—	New	Configure embedding cross-origin resources into the document. Click to learn more...
Cross-Origin-Opener-Policy	—	New	Ensure a top-level document does not share a browsing context group with cross-origin documents. Click to learn more...
Cross-Origin-Resource-Policy	—	New	Request that the browser blocks no-cors cross-origin/cross-site requests to the given resource. Click to learn more...
X-XSS-Protection	1; mode=block	Deprecated	Deprecated. Stops pages from loading when they detect reflected cross-site scripting (XSS) attacks. Click to learn more...
Feature-Policy	—	Deprecated	Deprecated. Replaced by the Permissions-Policy header. Click to learn more...
Expect-CT	—	Deprecated	Deprecated. Opt in to reporting and/or enforcement of Certificate Transparency requirements. Click to learn more...
Public-Key-Pins	—	Deprecated	Deprecated. Allows HTTPS websites to resist impersonation by attackers using mis-issued or otherwise fraudulent certificates. Click to learn more...

Security Violations · 42 found

Requests or resources offending security policies

Violation	Type	Info
Resource https://www.pinterest.com/ Description Access to script at 'https://s.pinimg.com/webapp/83119-d78956af31d8949a.mjs' from origin 'https://www.pinterest.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: It does not have HTTP ok status.	Cross-Origin Resource Sharing	Controls which external origins are allowed load resources. Click to learn more...
Resource https://www.pinterest.com/ Description Access to script at 'https://s.pinimg.com/webapp/96639-de034f43e4032298.mjs' from origin 'https://www.pinterest.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: It does not have HTTP ok status.	Cross-Origin Resource Sharing	Controls which external origins are allowed load resources. Click to learn more...
Resource https://www.pinterest.com/ Description Access to script at 'https://s.pinimg.com/webapp/runtime-9bdb82168c6d27d1.mjs' from origin 'https://www.pinterest.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: It does not have HTTP ok status.	Cross-Origin Resource Sharing	Controls which external origins are allowed load resources. Click to learn more...
Resource https://www.pinterest.com/ Description Access to script at 'https://s.pinimg.com/webapp/64302-8110fa5d41b1556d.mjs' from origin 'https://www.pinterest.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: It does not have HTTP ok status.	Cross-Origin Resource Sharing	Controls which external origins are allowed load resources. Click to learn more...
Resource https://www.pinterest.com/ Description Access to script at 'https://s.pinimg.com/webapp/94974-8775e43c475f255c.mjs' from origin 'https://www.pinterest.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: It does not have HTTP ok status.	Cross-Origin Resource Sharing	Controls which external origins are allowed load resources. Click to learn more...
Resource https://www.pinterest.com/ Description Access to script at 'https://s.pinimg.com/webapp/3741-fdabfcdd0a73de41.mjs' from origin 'https://www.pinterest.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: It does not have HTTP ok status.	Cross-Origin Resource Sharing	Controls which external origins are allowed load resources. Click to learn more...
Resource https://www.pinterest.com/ Description Access to script at 'https://s.pinimg.com/webapp/DefaultPinRep-3905dd1e97556259.mjs' from origin 'https://www.pinterest.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: It does not have HTTP ok status.	Cross-Origin Resource Sharing	Controls which external origins are allowed load resources. Click to learn more...
Resource https://www.pinterest.com/ Description Access to script at 'https://s.pinimg.com/webapp/95298-66a6ae68bd9ded8d.mjs' from origin 'https://www.pinterest.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: It does not have HTTP ok status.	Cross-Origin Resource Sharing	Controls which external origins are allowed load resources. Click to learn more...
Resource https://www.pinterest.com/ Description Access to script at 'https://s.pinimg.com/webapp/8279-b3ef879bc1bb4c57.mjs' from origin 'https://www.pinterest.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: It does not have HTTP ok status.	Cross-Origin Resource Sharing	Controls which external origins are allowed load resources. Click to learn more...
Resource https://www.pinterest.com/ Description Access to script at 'https://s.pinimg.com/webapp/35532-07509d25b70fbc4b.mjs' from origin 'https://www.pinterest.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: It does not have HTTP ok status.	Cross-Origin Resource Sharing	Controls which external origins are allowed load resources. Click to learn more...
Resource https://www.pinterest.com/ Description Access to script at 'https://s.pinimg.com/webapp/locale-en_US-lite-js-5829619688fdd495.mjs' from origin 'https://www.pinterest.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: It does not have HTTP ok status.	Cross-Origin Resource Sharing	Controls which external origins are allowed load resources. Click to learn more...
Resource https://www.pinterest.com/ Description Access to script at 'https://s.pinimg.com/webapp/62079-5018679bade231dc.mjs' from origin 'https://www.pinterest.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: It does not have HTTP ok status.	Cross-Origin Resource Sharing	Controls which external origins are allowed load resources. Click to learn more...
Resource https://www.pinterest.com/ Description Access to script at 'https://s.pinimg.com/webapp/76594-740918e37d7f533c.mjs' from origin 'https://www.pinterest.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: It does not have HTTP ok status.	Cross-Origin Resource Sharing	Controls which external origins are allowed load resources. Click to learn more...
Resource https://www.pinterest.com/ Description Access to script at 'https://s.pinimg.com/webapp/31283-219e957829d9ddae.mjs' from origin 'https://www.pinterest.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: It does not have HTTP ok status.	Cross-Origin Resource Sharing	Controls which external origins are allowed load resources. Click to learn more...
Resource https://www.pinterest.com/ Description Access to script at 'https://s.pinimg.com/webapp/89820-1e94043d0892ff85.mjs' from origin 'https://www.pinterest.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: It does not have HTTP ok status.	Cross-Origin Resource Sharing	Controls which external origins are allowed load resources. Click to learn more...
Resource https://www.pinterest.com/ Description Access to script at 'https://s.pinimg.com/webapp/27234-1e310a3b98739937.mjs' from origin 'https://www.pinterest.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: It does not have HTTP ok status.	Cross-Origin Resource Sharing	Controls which external origins are allowed load resources. Click to learn more...
Resource https://www.pinterest.com/ Description Access to script at 'https://s.pinimg.com/webapp/42298-2294378363a9ea40.mjs' from origin 'https://www.pinterest.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: It does not have HTTP ok status.	Cross-Origin Resource Sharing	Controls which external origins are allowed load resources. Click to learn more...
Resource https://www.pinterest.com/ Description Access to script at 'https://s.pinimg.com/webapp/38226-c50584d768ef75d6.mjs' from origin 'https://www.pinterest.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: It does not have HTTP ok status.	Cross-Origin Resource Sharing	Controls which external origins are allowed load resources. Click to learn more...
Resource https://www.pinterest.com/ Description Access to script at 'https://s.pinimg.com/webapp/49923-6d9698954b6adb6e.mjs' from origin 'https://www.pinterest.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: It does not have HTTP ok status.	Cross-Origin Resource Sharing	Controls which external origins are allowed load resources. Click to learn more...
Resource https://www.pinterest.com/ Description Access to script at 'https://s.pinimg.com/webapp/32859-799cd4624248efdd.mjs' from origin 'https://www.pinterest.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: It does not have HTTP ok status.	Cross-Origin Resource Sharing	Controls which external origins are allowed load resources. Click to learn more...
Resource https://www.pinterest.com/ Description Access to script at 'https://s.pinimg.com/webapp/15787-76d37e939b226ae7.mjs' from origin 'https://www.pinterest.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: It does not have HTTP ok status.	Cross-Origin Resource Sharing	Controls which external origins are allowed load resources. Click to learn more...
Resource https://www.pinterest.com/ Description Access to script at 'https://s.pinimg.com/webapp/vendor-react-0eecf423a6626d75.mjs' from origin 'https://www.pinterest.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: It does not have HTTP ok status.	Cross-Origin Resource Sharing	Controls which external origins are allowed load resources. Click to learn more...
Resource https://www.pinterest.com/ Description Access to script at 'https://s.pinimg.com/webapp/www/_client-f46f2bcf737d2d4f.mjs' from origin 'https://www.pinterest.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: It does not have HTTP ok status.	Cross-Origin Resource Sharing	Controls which external origins are allowed load resources. Click to learn more...
Resource https://www.pinterest.com/ Description Access to script at 'https://s.pinimg.com/webapp/9073-480700220944c5de.mjs' from origin 'https://www.pinterest.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: It does not have HTTP ok status.	Cross-Origin Resource Sharing	Controls which external origins are allowed load resources. Click to learn more...
Resource https://www.pinterest.com/ Description Access to script at 'https://s.pinimg.com/webapp/polyfills-c7429f6e7afc4831.mjs' from origin 'https://www.pinterest.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: It does not have HTTP ok status.	Cross-Origin Resource Sharing	Controls which external origins are allowed load resources. Click to learn more...
Resource https://www.pinterest.com/ Description Access to script at 'https://s.pinimg.com/webapp/90917-273527afd839e8cb.mjs' from origin 'https://www.pinterest.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: It does not have HTTP ok status.	Cross-Origin Resource Sharing	Controls which external origins are allowed load resources. Click to learn more...
Resource https://www.pinterest.com/ Description Access to script at 'https://s.pinimg.com/webapp/59770-c64f0b16bf6820ee.mjs' from origin 'https://www.pinterest.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: It does not have HTTP ok status.	Cross-Origin Resource Sharing	Controls which external origins are allowed load resources. Click to learn more...
Resource https://www.pinterest.com/ Description Access to script at 'https://s.pinimg.com/webapp/91496-71f37a4f2eb8f3be.mjs' from origin 'https://www.pinterest.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: It does not have HTTP ok status.	Cross-Origin Resource Sharing	Controls which external origins are allowed load resources. Click to learn more...
Resource https://www.pinterest.com/ Description Access to script at 'https://s.pinimg.com/webapp/74377-3560f34e65e5d23c.mjs' from origin 'https://www.pinterest.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: It does not have HTTP ok status.	Cross-Origin Resource Sharing	Controls which external origins are allowed load resources. Click to learn more...
Resource https://www.pinterest.com/ Description Access to script at 'https://s.pinimg.com/webapp/88027-392938b430a4571a.mjs' from origin 'https://www.pinterest.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: It does not have HTTP ok status.	Cross-Origin Resource Sharing	Controls which external origins are allowed load resources. Click to learn more...
Resource https://www.pinterest.com/ Description Access to script at 'https://s.pinimg.com/webapp/168-068b25dc4c1ba210.mjs' from origin 'https://www.pinterest.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: It does not have HTTP ok status.	Cross-Origin Resource Sharing	Controls which external origins are allowed load resources. Click to learn more...
Resource https://www.pinterest.com/ Description Access to script at 'https://s.pinimg.com/webapp/39573-4d4fa8db204b7b8c.mjs' from origin 'https://www.pinterest.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: It does not have HTTP ok status.	Cross-Origin Resource Sharing	Controls which external origins are allowed load resources. Click to learn more...
Resource https://www.pinterest.com/ Description Access to script at 'https://s.pinimg.com/webapp/93939-9e3974060a8a08ad.mjs' from origin 'https://www.pinterest.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: It does not have HTTP ok status.	Cross-Origin Resource Sharing	Controls which external origins are allowed load resources. Click to learn more...
Resource https://www.pinterest.com/ Description Access to script at 'https://s.pinimg.com/webapp/13158-945dbe24d9188adf.mjs' from origin 'https://www.pinterest.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: It does not have HTTP ok status.	Cross-Origin Resource Sharing	Controls which external origins are allowed load resources. Click to learn more...
Resource https://www.pinterest.com/ Description Access to script at 'https://s.pinimg.com/webapp/58170-868e646c18de2e07.mjs' from origin 'https://www.pinterest.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: It does not have HTTP ok status.	Cross-Origin Resource Sharing	Controls which external origins are allowed load resources. Click to learn more...
Resource https://www.pinterest.com/ Description Access to script at 'https://s.pinimg.com/webapp/www/index-46acb17b994fca52.mjs' from origin 'https://www.pinterest.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: It does not have HTTP ok status.	Cross-Origin Resource Sharing	Controls which external origins are allowed load resources. Click to learn more...
Resource https://www.pinterest.com/ Description Access to script at 'https://s.pinimg.com/webapp/77596-2edeb4f6c1983982.mjs' from origin 'https://www.pinterest.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: It does not have HTTP ok status.	Cross-Origin Resource Sharing	Controls which external origins are allowed load resources. Click to learn more...
Resource https://www.pinterest.com/ Description Access to script at 'https://s.pinimg.com/webapp/68072-5a4388b93c2e0af3.mjs' from origin 'https://www.pinterest.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: It does not have HTTP ok status.	Cross-Origin Resource Sharing	Controls which external origins are allowed load resources. Click to learn more...
Resource https://www.pinterest.com/ Description Access to script at 'https://s.pinimg.com/webapp/81507-042b7d7b707abc11.mjs' from origin 'https://www.pinterest.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: It does not have HTTP ok status.	Cross-Origin Resource Sharing	Controls which external origins are allowed load resources. Click to learn more...
Resource https://www.pinterest.com/ Description Access to script at 'https://s.pinimg.com/webapp/77653-d68f78185c5f4366.mjs' from origin 'https://www.pinterest.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: It does not have HTTP ok status.	Cross-Origin Resource Sharing	Controls which external origins are allowed load resources. Click to learn more...
Resource https://www.pinterest.com/ Description Access to script at 'https://s.pinimg.com/webapp/5710-f9d638613a039e72.mjs' from origin 'https://www.pinterest.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: It does not have HTTP ok status.	Cross-Origin Resource Sharing	Controls which external origins are allowed load resources. Click to learn more...
Resource https://www.pinterest.com/ Description Access to script at 'https://s.pinimg.com/webapp/50289-f92599755e1ea5bf.mjs' from origin 'https://www.pinterest.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: It does not have HTTP ok status.	Cross-Origin Resource Sharing	Controls which external origins are allowed load resources. Click to learn more...

Certificates · 1 found

SSL/TLS Certificates enable websites to encrypt transactions between the client and the server and provide server identity verification

Subject	Issue date	Expiry date
*.pinterest.com	Aug 5, 2024, 00:00:00	Aug 7, 2025, 23:59:59