HTTP/1.1 200 OK Date: Fri, 26 Dec 2025 07:25:52 GMT Content-Type: text/html; charset=utf-8 Transfer-Encoding: chunked Connection: keep-alive Vary: Accept-Encoding server: Mastodon x-frame-options: DENY x-content-type-options: nosniff x-xss-protection: 0 referrer-policy: same-origin vary: Accept, Accept-Language, Cookie, Origin cache-control: max-age=15, public, stale-while-revalidate=30, stale-if-error=3600 etag: W/"e1aef8862abd1cf0c8b9fcf12bea59a6" content-security-policy: base-uri 'none'; default-src 'none'; frame-ancestors 'none'; font-src 'self' https://social.lfx.dev; img-src 'self' data: blob: https://social.lfx.dev https://cdn.masto.host; media-src 'self' data: https://social.lfx.dev https://cdn.masto.host; manifest-src 'self' https://social.lfx.dev; form-action 'none'; child-src 'self' blob: https://social.lfx.dev; worker-src 'self' blob: https://social.lfx.dev; connect-src 'self' data: blob: https://social.lfx.dev https://cdn.masto.host wss://social.lfx.dev; script-src 'self' https://social.lfx.dev 'wasm-unsafe-eval'; frame-src 'self' https:; style-src 'self' https://social.lfx.dev 'nonce-4pRfnXvPkEg8EHh6sGBhZg==' x-request-id: 812fb3a3-8ddd-410a-a2cf-5632aaf60c55 x-runtime: 0.026134 strict-transport-security: max-age=63072000; includeSubDomains Strict-Transport-Security: max-age=31536000 Content-Encoding: gzip