Server | BarorAdiance |
Referrer-Policy | strict-origin-when-cross-origin |
Strict-Transport-Security | max-age=31536000; preload |
X-Frame-Options | DENY |
X-Content-Type-Options | nosniff |
X-XSS-Protection | 1; mode=block |
Content-Type | text/html; charset=utf-8 |
Vary | Accept-Encoding |
Content-Encoding | gzip |
ETag | W/"4f4957ce590cbfe41542f44a83b376f9" |
Cache-Control | max-age=0, private, must-revalidate |
X-Request-Id | 5302c224-05f0-4b69-ba7c-c2b28ce49655 |
X-Runtime | 0.155830 |
X-Service | Equestria.Social |
X-Software | Mastodon |
X-Powered-By | Ponies |
Content-Security-Policy | default-src 'none'; base-uri 'self' equestria.social *.equestria.social; child-src 'self' https:; connect-src 'self' equestria.social ws://equestria.social wss://equestria.social; font-src 'self' assets.equestria.social; img-src 'self' data: media.equestria.social ponyfrance.net; media-src 'self' media.equestria.social; object-src 'self'; script-src 'self' assets.equestria.social; style-src 'self' 'unsafe-inline' assets.equestria.social; upgrade-insecure-requests |
Public-Key-Pins | max-age=31536000; pin-sha256="H1CeUpeehHUAP5FEMog4LRojfHm2f0mV0NwIcfYbwJ8="; pin-sha256="YLh1dUR9y6Kja30RrAn7JKnbQG/uEtLMkBgFF2Fuihg="; pin-sha256="Vjs8r4z+80wjNcr1YKepWQboSIRi63WsWXhIMN+eWys="; includeSubDomains; preload |
Keep-Alive | timeout=5, max=99 |
Connection | Keep-Alive |
Transfer-Encoding | chunked |