Content-Security-Policy-Report-Only: script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com/beacon.js https://ssl.google-analytics.com/ga.js https://www.google-analytics.com/analytics.js https://fc.yahoo.com/sdarla/php/client.php https://s.yimg.com/rq/darla/ https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.gemini.yahoo.com https://s.yimg.com/av/gemini/ga/gemini-iframe.js https://s.yimg.com/av/curveball/ https://*.quantserve.com https://*.quantcount.com https://quantcast.mgr.consensu.org 'unsafe-eval' 'nonce-mcwX4n58bBfYv6ho2qkRw1SoSAQ'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports;
Content-Type: text/html; charset=UTF-8
Date: Sat, 28 Nov 2020 17:42:12 GMT
P3p: CP="Tumblr's privacy policy is available here: https://www.tumblr.com/policy/en/privacy"
Referrer-Policy: origin-when-cross-origin
Server: openresty
Set-Cookie: pfg=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.tumblr.com; secure; HttpOnly
Strict-Transport-Security: max-age=31536000; preload
Vary: Accept-Encoding
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Frame-Options: deny
X-Rid: 1528515641226021849017954482246023241838
X-UA-Compatible: IE=Edge,chrome=1
X-Xss-Protection: 1; mode=block
Transfer-Encoding: chunked
x-encoded-content-encoding: gzip
|