HTTP/2 200 
date: Thu, 11 Oct 2018 18:43:54 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
server: Mastodon
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
vary: Accept-Encoding
etag: W/"706e6c48957e1d46ecf9d7597a7880af"
cache-control: max-age=0, private, must-revalidate
set-cookie: _mastodon_session=v3kcy%2FW3aZYBBvZUohuwksEKwzYIyEUlEuJ1KqTAfWPKvVQq%2F4UuJ39zp621VyfpQNlvY46TL%2FYutzXowSLYQBNFCJcrEiF04aU0TdtHls9zynMiyeHhoVgCijOXWXNt9%2FCmpQ49RkNEujkv9NaJ0cum32MCVZKjE9%2BMKmLM%2F8ZygZeLBGJ7sg%3D%3D--QGIiU0%2FpXc3Aym8F--he2iRRPePOdtEs3z%2BufSXg%3D%3D; path=/; secure; HttpOnly
x-request-id: a0c0b8e7-cd60-4efa-b79b-cf1b0d5a0784
x-runtime: 0.049566
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
referrer-policy: same-origin
content-security-policy: frame-ancestors 'none'; script-src 'self'; object-src 'self'; img-src * data: blob:; media-src 'self' data:; font-src 'self' data: https://fonts.gstatic.com/; connect-src 'self' blob: wss://mastodonten.de
x-xss-protection: 1; mode=block