Content-Security-Policy-Report-Only: script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com/beacon.js https://ssl.google-analytics.com/ga.js https://www.google-analytics.com/analytics.js https://fc.yahoo.com/sdarla/php/client.php https://s.yimg.com/rq/darla/ https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://consent.cmp.oath.com https://*.gemini.yahoo.com https://s.yimg.com/av/gemini/ga/gemini-iframe.js https://s.yimg.com/av/curveball/ https://*.quantserve.com https://*.quantcount.com https://quantcast.mgr.consensu.org 'unsafe-eval' 'nonce-9ri66OPzj5gYXhaxzvPZasHuCdU' https://www.google.com/recaptcha/api.js https://www.gstatic.com; object-src 'none'; worker-src blob:; base-uri 'self';
Content-Type: text/html; charset=UTF-8
Date: Fri, 27 Nov 2020 16:55:38 GMT
P3p: CP="Tumblr's privacy policy is available here: https://www.tumblr.com/policy/en/privacy"
Referrer-Policy: origin-when-cross-origin
Server: openresty
Set-Cookie: pfg=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.tumblr.com; secure; HttpOnly
Strict-Transport-Security: max-age=31536000; preload
Vary: Accept-Encoding
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Frame-Options: deny
X-Rid: 243777359543900343413401466795359213134
X-UA-Compatible: IE=Edge,chrome=1
X-Xss-Protection: 1; mode=block
Transfer-Encoding: chunked
x-encoded-content-encoding: gzip
|