mastodon.social Open in urlscan Pro
2a04:4e42:e00::347 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://mastodon.social/@CVE_Program/112340085736467849
Submission: On April 26 via api (April 26th 2024, 11:51:38 pm UTC) from TR — Scanned from DE

Summary HTTP 21 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 3 IPs in 1 countries across 1 domains to perform 21 HTTP transactions. The main IP is 2a04:4e42:e00::347, located in United States and belongs to FASTLY, US. The main domain is mastodon.social. The Cisco Umbrella rank of the primary domain is 111469.
TLS certificate: Issued by R3 on March 29th 2024. Valid for: 3 months.

This is the only time mastodon.social was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
8	2a04:4e42:e00... 2a04:4e42:e00::347	54113 (FASTLY) (FASTLY)
11	151.101.1.91 151.101.1.91	54113 (FASTLY) (FASTLY)
2	2a04:4e42:400... 2a04:4e42:400::347	54113 (FASTLY) (FASTLY)
21	3

8 2a04:4e42:e00::347 (United States)

ASN54113 (FASTLY, US)

mastodon.social	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 151.101.1.91 (San Francisco, United States)

ASN54113 (FASTLY, US)

mastodon.social	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
files.mastodon.social	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:400::347 (United States)

ASN54113 (FASTLY, US)

files.mastodon.social	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	mastodon.social mastodon.social — Cisco Umbrella Rank: 111469 files.mastodon.social — Cisco Umbrella Rank: 177367	1 MB
21	1

	Domain	Requested by
17	mastodon.social	mastodon.social
4	files.mastodon.social	mastodon.social
21	2

This site contains links to these domains. Also see Links.

Domain
joinmastodon.org
status.mastodon.social
github.com
medium.com
files.mastodon.social

Subject Issuer	Validity	Valid
mastodon.social R3	`2024-03-29` - `2024-06-27`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://mastodon.social/@CVE_Program/112340085736467849
Frame ID: AB4A2A6F2F7B4B06FB335E4AF28B37CA
Requests: 21 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

CVE Program: "New on the CVE Blog: “New CV…" - Mastodon

Detected technologies

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+data-react

Page Statistics

21
Requests

100 %
HTTPS

67 %
IPv6

1
Domains

2
Subdomains

3
IPs

1
Countries

1281 kB
Transfer

3065 kB
Size

0
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://joinmastodon.org/
Title: Mastodon

Search URL Search Domain Scan URL

URL: https://status.mastodon.social/
Title: Status

Search URL Search Domain Scan URL

URL: https://joinmastodon.org/apps
Title: Get the app

Search URL Search Domain Scan URL

URL: https://github.com/mastodon/mastodon
Title: View source code

Search URL Search Domain Scan URL

URL: https://medium.com/@cve_program/new-cve-record-format-enables-additional-data-fields-at-time-of-disclosure-82eef1d4035e
Title: https://medium.com/@cve_program/new-cve-record-format-enables-additional-data-fields-at-time-of-disclosure-82eef1d4035e

Search URL Search Domain Scan URL

URL: https://files.mastodon.social/media_attachments/files/112/340/084/770/176/543/original/1ef62ee83ffc9d03.png

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

21 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request 112340085736467849 Show response
mastodon.social/@CVE_Program/ 24 KB
12 KB 154ms
89ms Document
text/html 2a04:4e42:e00::347
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://mastodon.social/@CVE_Program/112340085736467849

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:e00::347 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

630a1dd1d7d7424987cd7c071066a07ed1e343df43b13ae9995a922d94f6fbda

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; default-src 'none'; frame-ancestors 'none'; font-src 'self' https://mastodon.social; img-src 'self' data: blob: https://mastodon.social https://files.mastodon.social; style-src 'self' https://mastodon.social 'nonce-pu0tJ7lzeOSSwkUiCSV3CQ=='; media-src 'self' data: https://mastodon.social https://files.mastodon.social; frame-src 'self' https:; manifest-src 'self' https://mastodon.social; form-action 'self'; child-src 'self' blob: https://mastodon.social; worker-src 'self' blob: https://mastodon.social; connect-src 'self' data: blob: https://mastodon.social https://files.mastodon.social wss://streaming.mastodon.social; script-src 'self' https://mastodon.social 'wasm-unsafe-eval'
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cache-control: max-age=10, public
content-encoding: gzip
content-length: 11608
content-security-policy: base-uri 'none'; default-src 'none'; frame-ancestors 'none'; font-src 'self' https://mastodon.social; img-src 'self' data: blob: https://mastodon.social https://files.mastodon.social; style-src 'self' https://mastodon.social 'nonce-pu0tJ7lzeOSSwkUiCSV3CQ=='; media-src 'self' data: https://mastodon.social https://files.mastodon.social; frame-src 'self' https:; manifest-src 'self' https://mastodon.social; form-action 'self'; child-src 'self' blob: https://mastodon.social; worker-src 'self' blob: https://mastodon.social; connect-src 'self' data: blob: https://mastodon.social https://files.mastodon.social wss://streaming.mastodon.social; script-src 'self' https://mastodon.social 'wasm-unsafe-eval'
content-type: text/html; charset=utf-8
date: Fri, 26 Apr 2024 23:51:34 GMT
etag: W/"630a1dd1d7d7424987cd7c071066a07e"
link: <https://mastodon.social/users/CVE_Program/statuses/112340085736467849>; rel="alternate"; type="application/activity+json"
referrer-policy: same-origin
strict-transport-security: max-age=31557600
vary: Accept, Accept-Language, Cookie, Accept-Encoding
via: 1.1 varnish, 1.1 varnish
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-content-type-options: nosniff
x-frame-options: DENY
x-request-id: d4744be882f2ffb18e0ddcc8357003f6
x-runtime: 0.035526
x-served-by: cache-fra-eddf8230054-FRA, cache-fra-eddf8230094-FRA
x-timer: S1714175494.215684,VS0,VE62
x-xss-protection: 0

GET
H2 200 common-34aedb4e.css
mastodon.social/packs/css/ 28 KB
8 KB 29ms
28ms Stylesheet
text/css 2a04:4e42:e00::347
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://mastodon.social/packs/css/common-34aedb4e.css

Requested by

Host: mastodon.social
URL: https://mastodon.social/@CVE_Program/112340085736467849

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:e00::347 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e0d90e7c1b334f9ee5ae7b7b8557139758d0fb580b66aa7256b62ddd45ad7d00

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; default-src 'none'; frame-ancestors 'none'; font-src 'self' https://mastodon.social; img-src 'self' data: blob: https://mastodon.social https://files.mastodon.social; style-src 'self' https://mastodon.social 'nonce-SIbKMrjne6MivZR5BnpyHQ=='; media-src 'self' data: https://mastodon.social https://files.mastodon.social; frame-src 'self' https:; manifest-src 'self' https://mastodon.social; form-action 'self'; child-src 'self' blob: https://mastodon.social; worker-src 'self' blob: https://mastodon.social; connect-src 'self' data: blob: https://mastodon.social https://files.mastodon.social wss://streaming.mastodon.social; script-src 'self' https://mastodon.social 'wasm-unsafe-eval'
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mastodon.social/@CVE_Program/112340085736467849
Origin: https://mastodon.social
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: base-uri 'none'; default-src 'none'; frame-ancestors 'none'; font-src 'self' https://mastodon.social; img-src 'self' data: blob: https://mastodon.social https://files.mastodon.social; style-src 'self' https://mastodon.social 'nonce-SIbKMrjne6MivZR5BnpyHQ=='; media-src 'self' data: https://mastodon.social https://files.mastodon.social; frame-src 'self' https:; manifest-src 'self' https://mastodon.social; form-action 'self'; child-src 'self' blob: https://mastodon.social; worker-src 'self' blob: https://mastodon.social; connect-src 'self' data: blob: https://mastodon.social https://files.mastodon.social wss://streaming.mastodon.social; script-src 'self' https://mastodon.social 'wasm-unsafe-eval'
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 26 Apr 2024 23:51:34 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31557600
age: 1812617
x-cache: MISS, HIT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 7037
x-request-id: dd255c06e0fe29ed5cc22e8d46497065
x-served-by: cache-fra-etou8220052-FRA, cache-fra-eddf8230094-FRA
x-runtime: 0.001225
last-modified: Fri, 05 Apr 2024 02:11:44 GMT
x-timer: S1714175494.310654,VS0,VE0
vary: accept-encoding, Accept-Encoding
content-type: text/css
cache-control: public, max-age=2419200, must-revalidate
accept-ranges: bytes
x-cache-hits: 0, 265

GET
H2 200 mastodon-light-d077752b.chunk.css
mastodon.social/packs/css/ 269 KB
46 KB 38ms
37ms Stylesheet
text/css 2a04:4e42:e00::347
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://mastodon.social/packs/css/mastodon-light-d077752b.chunk.css

Requested by

Host: mastodon.social
URL: https://mastodon.social/@CVE_Program/112340085736467849

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:e00::347 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

927222165f97cfd57ad1380e727e0bf8fa22d7446018ea0c8305a825012f10b6

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; default-src 'none'; frame-ancestors 'none'; font-src 'self' https://mastodon.social; img-src 'self' data: blob: https://mastodon.social https://files.mastodon.social; style-src 'self' https://mastodon.social 'nonce-Q2zD41Sz3QU7M8vQgyV1hQ=='; media-src 'self' data: https://mastodon.social https://files.mastodon.social; frame-src 'self' https:; manifest-src 'self' https://mastodon.social; form-action 'self'; child-src 'self' blob: https://mastodon.social; worker-src 'self' blob: https://mastodon.social; connect-src 'self' data: blob: https://mastodon.social https://files.mastodon.social wss://streaming.mastodon.social; script-src 'self' https://mastodon.social 'wasm-unsafe-eval'
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mastodon.social/@CVE_Program/112340085736467849
Origin: https://mastodon.social
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: base-uri 'none'; default-src 'none'; frame-ancestors 'none'; font-src 'self' https://mastodon.social; img-src 'self' data: blob: https://mastodon.social https://files.mastodon.social; style-src 'self' https://mastodon.social 'nonce-Q2zD41Sz3QU7M8vQgyV1hQ=='; media-src 'self' data: https://mastodon.social https://files.mastodon.social; frame-src 'self' https:; manifest-src 'self' https://mastodon.social; form-action 'self'; child-src 'self' blob: https://mastodon.social; worker-src 'self' blob: https://mastodon.social; connect-src 'self' data: blob: https://mastodon.social https://files.mastodon.social wss://streaming.mastodon.social; script-src 'self' https://mastodon.social 'wasm-unsafe-eval'
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
date: Fri, 26 Apr 2024 23:51:34 GMT
age: 740932
strict-transport-security: max-age=31557600
x-cache: MISS, HIT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 46303
x-request-id: 59fac497b26eb5321149991c56dd7c2c
x-served-by: cache-fra-eddf8230094-FRA, cache-fra-eddf8230094-FRA
x-runtime: 0.000531
last-modified: Thu, 18 Apr 2024 02:12:02 GMT
x-timer: S1714175494.310623,VS0,VE1
vary: accept-encoding, Accept-Encoding
content-type: text/css
cache-control: public, max-age=2419200, must-revalidate
accept-ranges: bytes
x-cache-hits: 0, 308

GET
H2 200 inert-15d4bcde.chunk.css
mastodon.social/packs/css/ 199 B
883 B 68ms
68ms Stylesheet
text/css 2a04:4e42:e00::347
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://mastodon.social/packs/css/inert-15d4bcde.chunk.css

Requested by

Host: mastodon.social
URL: https://mastodon.social/@CVE_Program/112340085736467849

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:e00::347 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

cf122e1d0e81be674d46829c1b5d1506eadd9520508d07b71bb3bb562632a351

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; default-src 'none'; frame-ancestors 'none'; font-src 'self' https://mastodon.social; img-src 'self' data: blob: https://mastodon.social https://files.mastodon.social; style-src 'self' https://mastodon.social 'nonce-HGaXy6jzZSWVaX8YpMbGDQ=='; media-src 'self' data: https://mastodon.social https://files.mastodon.social; frame-src 'self' https:; manifest-src 'self' https://mastodon.social; form-action 'self'; child-src 'self' blob: https://mastodon.social; worker-src 'self' blob: https://mastodon.social; connect-src 'self' data: blob: https://mastodon.social https://files.mastodon.social wss://streaming.mastodon.social; script-src 'self' https://mastodon.social 'wasm-unsafe-eval'
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mastodon.social/@CVE_Program/112340085736467849
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: base-uri 'none'; default-src 'none'; frame-ancestors 'none'; font-src 'self' https://mastodon.social; img-src 'self' data: blob: https://mastodon.social https://files.mastodon.social; style-src 'self' https://mastodon.social 'nonce-HGaXy6jzZSWVaX8YpMbGDQ=='; media-src 'self' data: https://mastodon.social https://files.mastodon.social; frame-src 'self' https:; manifest-src 'self' https://mastodon.social; form-action 'self'; child-src 'self' blob: https://mastodon.social; worker-src 'self' blob: https://mastodon.social; connect-src 'self' data: blob: https://mastodon.social https://files.mastodon.social wss://streaming.mastodon.social; script-src 'self' https://mastodon.social 'wasm-unsafe-eval'
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
date: Fri, 26 Apr 2024 23:51:34 GMT
age: 826410
strict-transport-security: max-age=31557600
x-cache: MISS, HIT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 153
x-request-id: d08371a5a1978b1946780e9fa2b04251
x-served-by: cache-fra-etou8220142-FRA, cache-fra-eddf8230094-FRA
x-runtime: 0.000536
last-modified: Wed, 10 Apr 2024 02:11:32 GMT
x-timer: S1714175494.311394,VS0,VE0
vary: accept-encoding, Accept-Encoding
content-type: text/css
cache-control: public, max-age=2419200, must-revalidate
accept-ranges: bytes
x-cache-hits: 0, 232

GET
H2 200 common-e5c936228a6202da4a6a.js Show response
mastodon.social/packs/js/ 2 MB
471 KB 70ms
69ms Script
application/javascript 2a04:4e42:e00::347
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://mastodon.social/packs/js/common-e5c936228a6202da4a6a.js

Requested by

Host: mastodon.social
URL: https://mastodon.social/@CVE_Program/112340085736467849

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:e00::347 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

c3425c77240c6c767a4cc996db3789722fb8986cca6cdf12b35042e319c2650f

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; default-src 'none'; frame-ancestors 'none'; font-src 'self' https://mastodon.social; img-src 'self' data: blob: https://mastodon.social https://files.mastodon.social; style-src 'self' https://mastodon.social 'nonce-6nuBM8jmlK8ybBFCgP0g5w=='; media-src 'self' data: https://mastodon.social https://files.mastodon.social; frame-src 'self' https:; manifest-src 'self' https://mastodon.social; form-action 'self'; child-src 'self' blob: https://mastodon.social; worker-src 'self' blob: https://mastodon.social; connect-src 'self' data: blob: https://mastodon.social https://files.mastodon.social wss://streaming.mastodon.social; script-src 'self' https://mastodon.social 'wasm-unsafe-eval'
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mastodon.social/@CVE_Program/112340085736467849
Origin: https://mastodon.social
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: base-uri 'none'; default-src 'none'; frame-ancestors 'none'; font-src 'self' https://mastodon.social; img-src 'self' data: blob: https://mastodon.social https://files.mastodon.social; style-src 'self' https://mastodon.social 'nonce-6nuBM8jmlK8ybBFCgP0g5w=='; media-src 'self' data: https://mastodon.social https://files.mastodon.social; frame-src 'self' https:; manifest-src 'self' https://mastodon.social; form-action 'self'; child-src 'self' blob: https://mastodon.social; worker-src 'self' blob: https://mastodon.social; connect-src 'self' data: blob: https://mastodon.social https://files.mastodon.social wss://streaming.mastodon.social; script-src 'self' https://mastodon.social 'wasm-unsafe-eval'
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
date: Fri, 26 Apr 2024 23:51:34 GMT
content-encoding: gzip
strict-transport-security: max-age=31557600
age: 740938
x-cache: MISS, HIT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 480741
x-request-id: 63c2d28928051c154d7d8d26247268db
x-served-by: cache-fra-eddf8230118-FRA, cache-fra-eddf8230094-FRA
x-runtime: 0.000442
last-modified: Thu, 18 Apr 2024 02:12:02 GMT
x-timer: S1714175494.311396,VS0,VE2
vary: accept-encoding, Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=2419200, must-revalidate
accept-ranges: bytes
x-cache-hits: 0, 1

GET
H2 200 en-json-8f37fb6d7b901643a234.chunk.js Show response
mastodon.social/packs/js/locale/ 50 KB
15 KB 36ms
35ms Script
application/javascript 2a04:4e42:e00::347
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://mastodon.social/packs/js/locale/en-json-8f37fb6d7b901643a234.chunk.js

Requested by

Host: mastodon.social
URL: https://mastodon.social/@CVE_Program/112340085736467849

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:e00::347 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f67fcf3a087ec56840a86ccd244e4e6cfc1b9d74aae4757f0a6e7687c8129f9d

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; default-src 'none'; frame-ancestors 'none'; font-src 'self' https://mastodon.social; img-src 'self' data: blob: https://mastodon.social https://files.mastodon.social; style-src 'self' https://mastodon.social 'nonce-/K36o+TBJk1mvDaahMky+w=='; media-src 'self' data: https://mastodon.social https://files.mastodon.social; frame-src 'self' https:; manifest-src 'self' https://mastodon.social; form-action 'self'; child-src 'self' blob: https://mastodon.social; worker-src 'self' blob: https://mastodon.social; connect-src 'self' data: blob: https://mastodon.social https://files.mastodon.social wss://streaming.mastodon.social; script-src 'self' https://mastodon.social 'wasm-unsafe-eval'
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mastodon.social/@CVE_Program/112340085736467849
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: base-uri 'none'; default-src 'none'; frame-ancestors 'none'; font-src 'self' https://mastodon.social; img-src 'self' data: blob: https://mastodon.social https://files.mastodon.social; style-src 'self' https://mastodon.social 'nonce-/K36o+TBJk1mvDaahMky+w=='; media-src 'self' data: https://mastodon.social https://files.mastodon.social; frame-src 'self' https:; manifest-src 'self' https://mastodon.social; form-action 'self'; child-src 'self' blob: https://mastodon.social; worker-src 'self' blob: https://mastodon.social; connect-src 'self' data: blob: https://mastodon.social https://files.mastodon.social wss://streaming.mastodon.social; script-src 'self' https://mastodon.social 'wasm-unsafe-eval'
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
date: Fri, 26 Apr 2024 23:51:34 GMT
age: 740926
strict-transport-security: max-age=31557600
x-cache: MISS, HIT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 14050
x-request-id: c62a5b97ff1bd09c6c52ea9178805a97
x-served-by: cache-fra-eddf8230157-FRA, cache-fra-eddf8230094-FRA
x-runtime: 0.000673
last-modified: Thu, 18 Apr 2024 02:12:02 GMT
x-timer: S1714175494.310989,VS0,VE0
vary: accept-encoding, Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=2419200, must-revalidate
accept-ranges: bytes
x-cache-hits: 0, 398

GET
H2 200 custom.css
mastodon.social/ 0
900 B 69ms
69ms Stylesheet
text/css 2a04:4e42:e00::347
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://mastodon.social/custom.css

Requested by

Host: mastodon.social
URL: https://mastodon.social/@CVE_Program/112340085736467849

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:e00::347 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; default-src 'none'; frame-ancestors 'none'; font-src 'self' https://mastodon.social; img-src 'self' data: blob: https://mastodon.social https://files.mastodon.social; style-src 'self' https://mastodon.social 'nonce-0kRG3BcfHIH9SbARWg/dmA=='; media-src 'self' data: https://mastodon.social https://files.mastodon.social; frame-src 'self' https:; manifest-src 'self' https://mastodon.social; form-action 'self'; child-src 'self' blob: https://mastodon.social; worker-src 'self' blob: https://mastodon.social; connect-src 'self' data: blob: https://mastodon.social https://files.mastodon.social wss://streaming.mastodon.social; script-src 'self' https://mastodon.social 'wasm-unsafe-eval'
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mastodon.social/@CVE_Program/112340085736467849
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: base-uri 'none'; default-src 'none'; frame-ancestors 'none'; font-src 'self' https://mastodon.social; img-src 'self' data: blob: https://mastodon.social https://files.mastodon.social; style-src 'self' https://mastodon.social 'nonce-0kRG3BcfHIH9SbARWg/dmA=='; media-src 'self' data: https://mastodon.social https://files.mastodon.social; frame-src 'self' https:; manifest-src 'self' https://mastodon.social; form-action 'self'; child-src 'self' blob: https://mastodon.social; worker-src 'self' blob: https://mastodon.social; connect-src 'self' data: blob: https://mastodon.social https://files.mastodon.social wss://streaming.mastodon.social; script-src 'self' https://mastodon.social 'wasm-unsafe-eval'
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
date: Fri, 26 Apr 2024 23:51:34 GMT
content-encoding: br
strict-transport-security: max-age=31557600
age: 72
x-cache: MISS, HIT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-xss-protection: 0
x-request-id: 8e8acb9a5a2aaa3abd3ad9a9162d1e0e
x-served-by: cache-fra-etou8220047-FRA, cache-fra-eddf8230094-FRA
x-runtime: 0.010602
referrer-policy: same-origin
x-timer: S1714175494.310978,VS0,VE1
x-frame-options: DENY
vary: Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: max-age=180, public
accept-ranges: none
x-cache-hits: 0, 1

GET
H2 200 application-7896f27381819d38d00b.chunk.js Show response
mastodon.social/packs/js/ 84 KB
25 KB 30ms
30ms Script
application/javascript 2a04:4e42:e00::347
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://mastodon.social/packs/js/application-7896f27381819d38d00b.chunk.js

Requested by

Host: mastodon.social
URL: https://mastodon.social/@CVE_Program/112340085736467849

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:e00::347 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

b1c89cbf5301b6b485d43c4e408ef998694b107160c56d4a07b43c864a1b69ad

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; default-src 'none'; frame-ancestors 'none'; font-src 'self' https://mastodon.social; img-src 'self' data: blob: https://mastodon.social https://files.mastodon.social; style-src 'self' https://mastodon.social 'nonce-iQKMY7qAf5ru87IVCyeh3w=='; media-src 'self' data: https://mastodon.social https://files.mastodon.social; frame-src 'self' https:; manifest-src 'self' https://mastodon.social; form-action 'self'; child-src 'self' blob: https://mastodon.social; worker-src 'self' blob: https://mastodon.social; connect-src 'self' data: blob: https://mastodon.social https://files.mastodon.social wss://streaming.mastodon.social; script-src 'self' https://mastodon.social 'wasm-unsafe-eval'
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mastodon.social/@CVE_Program/112340085736467849
Origin: https://mastodon.social
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: base-uri 'none'; default-src 'none'; frame-ancestors 'none'; font-src 'self' https://mastodon.social; img-src 'self' data: blob: https://mastodon.social https://files.mastodon.social; style-src 'self' https://mastodon.social 'nonce-iQKMY7qAf5ru87IVCyeh3w=='; media-src 'self' data: https://mastodon.social https://files.mastodon.social; frame-src 'self' https:; manifest-src 'self' https://mastodon.social; form-action 'self'; child-src 'self' blob: https://mastodon.social; worker-src 'self' blob: https://mastodon.social; connect-src 'self' data: blob: https://mastodon.social https://files.mastodon.social wss://streaming.mastodon.social; script-src 'self' https://mastodon.social 'wasm-unsafe-eval'
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 26 Apr 2024 23:51:34 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31557600
age: 740935
x-cache: MISS, HIT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 24623
x-request-id: d578b4028d41baa7568f94ac4f53825e
x-served-by: cache-fra-etou8220140-FRA, cache-fra-eddf8230094-FRA
x-runtime: 0.001734
last-modified: Thu, 18 Apr 2024 02:12:02 GMT
x-timer: S1714175494.310981,VS0,VE0
vary: accept-encoding, Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=2419200, must-revalidate
accept-ranges: bytes
x-cache-hits: 0, 273

GET
H3 200 default-cb1b34ec.chunk.css
mastodon.social/packs/css/ 258 KB
44 KB 28ms
28ms Stylesheet
text/css 151.101.1.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://mastodon.social/packs/css/default-cb1b34ec.chunk.css

Requested by

Host: mastodon.social
URL: https://mastodon.social/@CVE_Program/112340085736467849

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.1.91 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

b2bd2299654d55ac668a4d78558446d834f93bf3e97088356824f84477884dd3

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; default-src 'none'; frame-ancestors 'none'; font-src 'self' https://mastodon.social; img-src 'self' data: blob: https://mastodon.social https://files.mastodon.social; style-src 'self' https://mastodon.social 'nonce-i3c+LFz0vVJxET1YArw4iA=='; media-src 'self' data: https://mastodon.social https://files.mastodon.social; frame-src 'self' https:; manifest-src 'self' https://mastodon.social; form-action 'self'; child-src 'self' blob: https://mastodon.social; worker-src 'self' blob: https://mastodon.social; connect-src 'self' data: blob: https://mastodon.social https://files.mastodon.social wss://streaming.mastodon.social; script-src 'self' https://mastodon.social 'wasm-unsafe-eval'
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mastodon.social/@CVE_Program/112340085736467849
Origin: https://mastodon.social
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: base-uri 'none'; default-src 'none'; frame-ancestors 'none'; font-src 'self' https://mastodon.social; img-src 'self' data: blob: https://mastodon.social https://files.mastodon.social; style-src 'self' https://mastodon.social 'nonce-i3c+LFz0vVJxET1YArw4iA=='; media-src 'self' data: https://mastodon.social https://files.mastodon.social; frame-src 'self' https:; manifest-src 'self' https://mastodon.social; form-action 'self'; child-src 'self' blob: https://mastodon.social; worker-src 'self' blob: https://mastodon.social; connect-src 'self' data: blob: https://mastodon.social https://files.mastodon.social wss://streaming.mastodon.social; script-src 'self' https://mastodon.social 'wasm-unsafe-eval'
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
date: Fri, 26 Apr 2024 23:51:34 GMT
age: 740925
strict-transport-security: max-age=31557600
x-cache: MISS, HIT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 44573
x-request-id: 76d9e96bf727d1e2b38ecbc43bb34e8d
x-served-by: cache-fra-eddf8230094-FRA, cache-fra-eddf8230041-FRA
x-runtime: 0.000383
last-modified: Thu, 18 Apr 2024 02:12:02 GMT
x-timer: S1714175494.382088,VS0,VE0
vary: accept-encoding, Accept-Encoding
content-type: text/css
cache-control: public, max-age=2419200, must-revalidate
accept-ranges: bytes
x-cache-hits: 0, 333

GET
H3 206 boop.ogg
mastodon.social/sounds/ 5 KB
6 KB 28ms
28ms Media
application/ogg 151.101.1.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://mastodon.social/sounds/boop.ogg

Requested by

Host: mastodon.social
URL: https://mastodon.social/@CVE_Program/112340085736467849

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.1.91 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

c1dea078c5b9ea758ff20bf8378df551402ad5ed0dc50cfbe1a8dba1f34e9334

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; default-src 'none'; frame-ancestors 'none'; font-src 'self' https://mastodon.social; img-src 'self' data: blob: https://mastodon.social https://files.mastodon.social; style-src 'self' https://mastodon.social 'nonce-Ro8N6J3gmWGo+EINdbaaug=='; media-src 'self' data: https://mastodon.social https://files.mastodon.social; frame-src 'self' https:; manifest-src 'self' https://mastodon.social; form-action 'self'; child-src 'self' blob: https://mastodon.social; worker-src 'self' blob: https://mastodon.social; connect-src 'self' data: blob: https://mastodon.social https://files.mastodon.social wss://streaming.mastodon.social; script-src 'self' https://mastodon.social 'wasm-unsafe-eval'
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Referer: https://mastodon.social/@CVE_Program/112340085736467849
Range: bytes=0-
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: base-uri 'none'; default-src 'none'; frame-ancestors 'none'; font-src 'self' https://mastodon.social; img-src 'self' data: blob: https://mastodon.social https://files.mastodon.social; style-src 'self' https://mastodon.social 'nonce-Ro8N6J3gmWGo+EINdbaaug=='; media-src 'self' data: https://mastodon.social https://files.mastodon.social; frame-src 'self' https:; manifest-src 'self' https://mastodon.social; form-action 'self'; child-src 'self' blob: https://mastodon.social; worker-src 'self' blob: https://mastodon.social; connect-src 'self' data: blob: https://mastodon.social https://files.mastodon.social wss://streaming.mastodon.social; script-src 'self' https://mastodon.social 'wasm-unsafe-eval'
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
date: Fri, 26 Apr 2024 23:51:34 GMT
strict-transport-security: max-age=31557600
age: 1795506
x-cache: MISS, HIT
Content-Range: bytes 0-5246/5247
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
Content-Length: 5247
x-request-id: 62fc500e893ba3c3fba841e7431dc3c2
x-served-by: cache-fra-eddf8230057-FRA, cache-fra-eddf8230041-FRA
x-runtime: 0.000302
last-modified: Fri, 05 Apr 2024 02:08:29 GMT
x-timer: S1714175495.558078,VS0,VE1
content-type: application/ogg
cache-control: public, max-age=3600, stale-while-revalidate, immutable
accept-ranges: bytes
x-cache-hits: 0, 0

GET
H3 200 status-7dcc73a258c3d5e663c9.chunk.js Show response
mastodon.social/packs/js/features/ 34 KB
10 KB 28ms
27ms Script
application/javascript 151.101.1.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://mastodon.social/packs/js/features/status-7dcc73a258c3d5e663c9.chunk.js

Requested by

Host: mastodon.social
URL: https://mastodon.social/packs/js/common-e5c936228a6202da4a6a.js

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.1.91 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

760c2a8e8859a20bf88fbb2afd4fb455791bfa79a95aff95c14c490b6ad715da

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; default-src 'none'; frame-ancestors 'none'; font-src 'self' https://mastodon.social; img-src 'self' data: blob: https://mastodon.social https://files.mastodon.social; style-src 'self' https://mastodon.social 'nonce-QBch8Apgu01RJs2FwmLw+A=='; media-src 'self' data: https://mastodon.social https://files.mastodon.social; frame-src 'self' https:; manifest-src 'self' https://mastodon.social; form-action 'self'; child-src 'self' blob: https://mastodon.social; worker-src 'self' blob: https://mastodon.social; connect-src 'self' data: blob: https://mastodon.social https://files.mastodon.social wss://streaming.mastodon.social; script-src 'self' https://mastodon.social 'wasm-unsafe-eval'
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mastodon.social/@CVE_Program/112340085736467849
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: base-uri 'none'; default-src 'none'; frame-ancestors 'none'; font-src 'self' https://mastodon.social; img-src 'self' data: blob: https://mastodon.social https://files.mastodon.social; style-src 'self' https://mastodon.social 'nonce-QBch8Apgu01RJs2FwmLw+A=='; media-src 'self' data: https://mastodon.social https://files.mastodon.social; frame-src 'self' https:; manifest-src 'self' https://mastodon.social; form-action 'self'; child-src 'self' blob: https://mastodon.social; worker-src 'self' blob: https://mastodon.social; connect-src 'self' data: blob: https://mastodon.social https://files.mastodon.social wss://streaming.mastodon.social; script-src 'self' https://mastodon.social 'wasm-unsafe-eval'
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 26 Apr 2024 23:51:34 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31557600
age: 764897
x-cache: MISS, HIT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 8962
x-request-id: 8674e4fd1c95296e362a3bca3d13fe7d
x-served-by: cache-fra-etou8220029-FRA, cache-fra-eddf8230041-FRA
x-runtime: 0.000516
last-modified: Wed, 10 Apr 2024 02:11:32 GMT
x-timer: S1714175495.574602,VS0,VE0
vary: accept-encoding, Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=2419200, must-revalidate
accept-ranges: bytes
x-cache-hits: 0, 4

GET
H3 200 instance Show response
mastodon.social/api/v2/ 6 KB
3 KB 29ms
28ms XHR
application/json 151.101.1.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://mastodon.social/api/v2/instance

Requested by

Host: mastodon.social
URL: https://mastodon.social/packs/js/common-e5c936228a6202da4a6a.js

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.1.91 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

521f169d8db274ae91164b4988cf58d6086ad9180f4babf59a7e059cc6a6f2d2

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; frame-ancestors 'none'; form-action 'none'
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept: application/json, text/plain, */*
Referer: https://mastodon.social/@CVE_Program/112340085736467849
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'none'; frame-ancestors 'none'; form-action 'none'
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
date: Fri, 26 Apr 2024 23:51:34 GMT
content-encoding: gzip
strict-transport-security: max-age=31557600
age: 95
x-cache: MISS, HIT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 2305
x-xss-protection: 0
x-request-id: 834fe8ae0241a16da6694711048564c3
x-served-by: cache-fra-eddf8230030-FRA, cache-fra-eddf8230041-FRA
x-runtime: 0.009679
referrer-policy: same-origin
x-timer: S1714175495.579426,VS0,VE1
etag: W/"521f169d8db274ae91164b4988cf58d6"
x-frame-options: DENY
x-ratelimit-remaining: 299
content-type: application/json; charset=utf-8
vary: Origin, Accept-Encoding
cache-control: max-age=300, public, stale-while-revalidate=30, stale-if-error=86400
x-ratelimit-reset: 2024-04-26T23:00:00.824610Z
x-ratelimit-limit: 300
accept-ranges: bytes
x-cache-hits: 0, 1

GET
H3 200 logo-d4b5dc90fd3e117d141ae7053b157f58.svg
mastodon.social/packs/media/images/ 2 KB
2 KB 27ms
27ms Image
image/svg+xml 151.101.1.91
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mastodon.social/packs/media/images/logo-d4b5dc90fd3e117d141ae7053b157f58.svg

Requested by

Host: mastodon.social
URL: https://mastodon.social/@CVE_Program/112340085736467849

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.1.91 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e6fa1009ba95f1d100fe7da1c1186d0a308a3d112193edb09ef07ed641fee920

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; default-src 'none'; frame-ancestors 'none'; font-src 'self' https://mastodon.social; img-src 'self' data: blob: https://mastodon.social https://files.mastodon.social; style-src 'self' https://mastodon.social 'nonce-ZqSgOXL+Y2q8p790TdGJaQ=='; media-src 'self' data: https://mastodon.social https://files.mastodon.social; frame-src 'self' https:; manifest-src 'self' https://mastodon.social; form-action 'self'; child-src 'self' blob: https://mastodon.social; worker-src 'self' blob: https://mastodon.social; connect-src 'self' data: blob: https://mastodon.social https://files.mastodon.social wss://streaming.mastodon.social; script-src 'self' https://mastodon.social 'wasm-unsafe-eval'
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mastodon.social/@CVE_Program/112340085736467849
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: base-uri 'none'; default-src 'none'; frame-ancestors 'none'; font-src 'self' https://mastodon.social; img-src 'self' data: blob: https://mastodon.social https://files.mastodon.social; style-src 'self' https://mastodon.social 'nonce-ZqSgOXL+Y2q8p790TdGJaQ=='; media-src 'self' data: https://mastodon.social https://files.mastodon.social; frame-src 'self' https:; manifest-src 'self' https://mastodon.social; form-action 'self'; child-src 'self' blob: https://mastodon.social; worker-src 'self' blob: https://mastodon.social; connect-src 'self' data: blob: https://mastodon.social https://files.mastodon.social wss://streaming.mastodon.social; script-src 'self' https://mastodon.social 'wasm-unsafe-eval'
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
date: Fri, 26 Apr 2024 23:51:34 GMT
content-encoding: gzip
strict-transport-security: max-age=31557600
age: 1721580
x-cache: MISS, HIT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1261
x-request-id: 738acbe3ce266444c7ad712cf3bb0565
x-served-by: cache-fra-eddf8230045-FRA, cache-fra-eddf8230041-FRA
x-runtime: 0.000668
last-modified: Fri, 05 Apr 2024 02:11:43 GMT
x-timer: S1714175495.583168,VS0,VE0
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=2419200, must-revalidate
accept-ranges: bytes
x-cache-hits: 0, 48

GET
H3 200 context Show response
mastodon.social/api/v1/statuses/112340085736467849/ 33 B
632 B 112ms
112ms XHR
application/json 151.101.1.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://mastodon.social/api/v1/statuses/112340085736467849/context

Requested by

Host: mastodon.social
URL: https://mastodon.social/packs/js/common-e5c936228a6202da4a6a.js

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.1.91 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

9f63c6e481d078468cc8e85b74a1e7105959e1ba3f2008a0fe2ce9378de0be9d

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; frame-ancestors 'none'; form-action 'none'
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept: application/json, text/plain, */*
Referer: https://mastodon.social/@CVE_Program/112340085736467849
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'none'; frame-ancestors 'none'; form-action 'none'
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
date: Fri, 26 Apr 2024 23:51:34 GMT
content-encoding: gzip
strict-transport-security: max-age=31557600
age: 0
x-cache: MISS, HIT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 50
x-xss-protection: 0
x-request-id: cd2c19a88778e77a4ba4cbc0d37ff3ee
x-served-by: cache-fra-etou8220023-FRA, cache-fra-eddf8230041-FRA
x-runtime: 0.053419
referrer-policy: same-origin
x-timer: S1714175495.607564,VS0,VE85
etag: W/"9f63c6e481d078468cc8e85b74a1e710"
x-frame-options: DENY
x-ratelimit-remaining: 298
content-type: application/json; charset=utf-8
vary: Authorization, Origin, Accept-Encoding
cache-control: max-age=15, public, stale-while-revalidate=30, stale-if-error=86400
x-ratelimit-reset: 2024-04-26T23:50:00.937744Z
x-ratelimit-limit: 300
accept-ranges: bytes
x-cache-hits: 0, 0

GET
H3 200 112340085736467849 Show response
mastodon.social/api/v1/statuses/ 5 KB
2 KB 1104ms
1104ms XHR
application/json 151.101.1.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://mastodon.social/api/v1/statuses/112340085736467849

Requested by

Host: mastodon.social
URL: https://mastodon.social/packs/js/common-e5c936228a6202da4a6a.js

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.1.91 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

599c1fd7e750e906d0830540bc37531d857175adcdd211bbcc342b8e016784a4

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; frame-ancestors 'none'; form-action 'none'
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept: application/json, text/plain, */*
Referer: https://mastodon.social/@CVE_Program/112340085736467849
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'none'; frame-ancestors 'none'; form-action 'none'
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
date: Fri, 26 Apr 2024 23:51:35 GMT
content-encoding: gzip
strict-transport-security: max-age=31557600
age: 0
x-cache: MISS, MISS
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1564
x-xss-protection: 0
x-request-id: 9eeca0962f3ea1e594cfa0d43bd3c3f7
x-served-by: cache-fra-eddf8230053-FRA, cache-fra-eddf8230041-FRA
x-runtime: 1.051110
referrer-policy: same-origin
x-timer: S1714175495.608903,VS0,VE1073
etag: W/"599c1fd7e750e906d0830540bc37531d"
x-frame-options: DENY
x-ratelimit-remaining: 299
content-type: application/json; charset=utf-8
vary: Authorization, Origin, Accept-Encoding
cache-control: max-age=15, public, stale-while-revalidate=30, stale-if-error=86400
x-ratelimit-reset: 2024-04-26T23:55:00.630304Z
x-ratelimit-limit: 300
accept-ranges: bytes
x-cache-hits: 0, 0

GET
H3 200 oops.png
mastodon.social/ 17 KB
17 KB 28ms
28ms Image
image/png 151.101.1.91
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mastodon.social/oops.png

Requested by

Host: mastodon.social
URL: https://mastodon.social/@CVE_Program/112340085736467849

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.1.91 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

42036fa40418a60a075e8ffeabb83a6bb9fd74a0cc47a531032a318b2539c191

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; default-src 'none'; frame-ancestors 'none'; font-src 'self' https://mastodon.social; img-src 'self' data: blob: https://mastodon.social https://files.mastodon.social; style-src 'self' https://mastodon.social 'nonce-yeBEFP2YSxHPyKDSdeziRA=='; media-src 'self' data: https://mastodon.social https://files.mastodon.social; frame-src 'self' https:; manifest-src 'self' https://mastodon.social; form-action 'self'; child-src 'self' blob: https://mastodon.social; worker-src 'self' blob: https://mastodon.social; connect-src 'self' data: blob: https://mastodon.social https://files.mastodon.social wss://streaming.mastodon.social; script-src 'self' https://mastodon.social 'wasm-unsafe-eval'
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mastodon.social/@CVE_Program/112340085736467849
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: base-uri 'none'; default-src 'none'; frame-ancestors 'none'; font-src 'self' https://mastodon.social; img-src 'self' data: blob: https://mastodon.social https://files.mastodon.social; style-src 'self' https://mastodon.social 'nonce-yeBEFP2YSxHPyKDSdeziRA=='; media-src 'self' data: https://mastodon.social https://files.mastodon.social; frame-src 'self' https:; manifest-src 'self' https://mastodon.social; form-action 'self'; child-src 'self' blob: https://mastodon.social; worker-src 'self' blob: https://mastodon.social; connect-src 'self' data: blob: https://mastodon.social https://files.mastodon.social wss://streaming.mastodon.social; script-src 'self' https://mastodon.social 'wasm-unsafe-eval'
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
date: Fri, 26 Apr 2024 23:51:34 GMT
content-encoding: br
strict-transport-security: max-age=31557600
age: 72840
x-cache: MISS, HIT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-request-id: dc44457e11069a5acf44d2019403c40e
x-served-by: cache-fra-eddf8230099-FRA, cache-fra-eddf8230041-FRA
x-runtime: 0.000560
last-modified: Thu, 18 Apr 2024 02:08:34 GMT
x-timer: S1714175495.611752,VS0,VE1
vary: accept-encoding
content-type: image/png
cache-control: public, max-age=3600, stale-while-revalidate, immutable
accept-ranges: none
x-cache-hits: 0, 1

GET
H2 200 57c12f441d083cde.png
files.mastodon.social/site_uploads/files/000/000/001/@1x/ 225 KB
225 KB 128ms
58ms Image
image/png 2a04:4e42:400::347
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://files.mastodon.social/site_uploads/files/000/000/001/@1x/57c12f441d083cde.png

Requested by

Host: mastodon.social
URL: https://mastodon.social/@CVE_Program/112340085736467849

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::347 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Aleph/0.6.0 /

Resource Hash

a872e03013841dae694bb1a72737cfc0f178eb903375015c04dce886ed473cbd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 26 Apr 2024 23:51:34 GMT
via: 1.1 varnish
strict-transport-security: max-age=31557600
age: 1729161
x-cache: HIT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 230286
x-served-by: cache-fra-eddf8230133-FRA
last-modified: Fri, 14 Oct 2022 21:36:39 GMT
server: Aleph/0.6.0
host: sos-ch-dk-2.exo.io
x-timer: S1714175495.687004,VS0,VE0
etag: "f054a6424c2e605cda2579cdc9628dad"
content-type: image/png
cache-control: public, max-age=315576000, immutable
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 b4ceb19c9c54ec7e.png
files.mastodon.social/accounts/avatars/000/013/179/original/ 50 KB
50 KB 98ms
27ms Image
image/png 2a04:4e42:400::347
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://files.mastodon.social/accounts/avatars/000/013/179/original/b4ceb19c9c54ec7e.png

Requested by

Host: mastodon.social
URL: https://mastodon.social/@CVE_Program/112340085736467849

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::347 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Aleph/0.6.0 /

Resource Hash

f043091bd912f6d3c78a77af10423261d8396b60d4b47eeb72bce72d7f541cc4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 26 Apr 2024 23:51:34 GMT
via: 1.1 varnish
strict-transport-security: max-age=31557600
age: 1731059
x-cache: HIT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 51305
x-served-by: cache-fra-eddf8230133-FRA
last-modified: Wed, 29 Jun 2022 21:13:09 GMT
server: Aleph/0.6.0
host: sos-ch-dk-2.exo.io
x-timer: S1714175495.687018,VS0,VE0
etag: "1d22487fc88ce8f3f66f181537bb3a80"
content-type: image/png
cache-control: public, max-age=315576000, immutable
accept-ranges: bytes
x-cache-hits: 11

GET
H3 200 favicon.ico
mastodon.social/ 15 KB
4 KB 28ms
28ms Other
image/vnd.microsoft.icon 151.101.1.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://mastodon.social/favicon.ico

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.1.91 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

cee18f4a85d51c368fc920e7274c02a138e61eaabbcd8c91e73be29ff9931a93

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; default-src 'none'; frame-ancestors 'none'; font-src 'self' https://mastodon.social; img-src 'self' data: blob: https://mastodon.social https://files.mastodon.social; style-src 'self' https://mastodon.social 'nonce-zh0amF4R9rt16xC47yNIWg=='; media-src 'self' data: https://mastodon.social https://files.mastodon.social; frame-src 'self' https:; manifest-src 'self' https://mastodon.social; form-action 'self'; child-src 'self' blob: https://mastodon.social; worker-src 'self' blob: https://mastodon.social; connect-src 'self' data: blob: https://mastodon.social https://files.mastodon.social wss://streaming.mastodon.social; script-src 'self' https://mastodon.social 'wasm-unsafe-eval'
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://mastodon.social/@CVE_Program/112340085736467849
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: base-uri 'none'; default-src 'none'; frame-ancestors 'none'; font-src 'self' https://mastodon.social; img-src 'self' data: blob: https://mastodon.social https://files.mastodon.social; style-src 'self' https://mastodon.social 'nonce-zh0amF4R9rt16xC47yNIWg=='; media-src 'self' data: https://mastodon.social https://files.mastodon.social; frame-src 'self' https:; manifest-src 'self' https://mastodon.social; form-action 'self'; child-src 'self' blob: https://mastodon.social; worker-src 'self' blob: https://mastodon.social; connect-src 'self' data: blob: https://mastodon.social https://files.mastodon.social wss://streaming.mastodon.social; script-src 'self' https://mastodon.social 'wasm-unsafe-eval'
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
date: Fri, 26 Apr 2024 23:51:34 GMT
content-encoding: gzip
strict-transport-security: max-age=31557600
age: 1801105
x-cache: MISS, HIT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 3475
x-request-id: cd120a80485cdb04b798c85bc5a424a2
x-served-by: cache-fra-etou8220027-FRA, cache-fra-eddf8230041-FRA
x-runtime: 0.000789
last-modified: Fri, 05 Apr 2024 02:08:29 GMT
x-timer: S1714175495.802561,VS0,VE0
vary: Accept-Encoding
content-type: image/vnd.microsoft.icon
cache-control: public, max-age=3600, stale-while-revalidate, immutable
accept-ranges: bytes
x-cache-hits: 0, 81

GET
H3 200 4b056135673f8725.png
files.mastodon.social/accounts/avatars/110/947/035/793/757/493/original/ 7 KB
8 KB 29ms
28ms Image
image/png 151.101.1.91
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://files.mastodon.social/accounts/avatars/110/947/035/793/757/493/original/4b056135673f8725.png

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.1.91 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Aleph/0.6.0 /

Resource Hash

325a5bfdece53ab04bc3cf35fb3e6febb3d9dfd2c20abc3f4bbb399cec7af2db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 26 Apr 2024 23:51:35 GMT
via: 1.1 varnish
strict-transport-security: max-age=31557600
age: 306169
x-cache: HIT
x-amzn-request-id: 1b086564-0a77-4872-99ad-4f8c943e7587
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 7366
x-served-by: cache-fra-eddf8230041-FRA
last-modified: Fri, 25 Aug 2023 16:19:56 GMT
server: Aleph/0.6.0
host: sos-ch-dk-2.exo.io
x-timer: S1714175496.732551,VS0,VE1
etag: "18840cf4e79dbf847e073f960cfb2bf3"
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=315576000, immutable
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-cache-hits: 0

GET
H3 200 1ef62ee83ffc9d03.png
files.mastodon.social/media_attachments/files/112/340/084/770/176/543/small/ 330 KB
331 KB 30ms
30ms Image
image/png 151.101.1.91
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://files.mastodon.social/media_attachments/files/112/340/084/770/176/543/small/1ef62ee83ffc9d03.png

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.1.91 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Aleph/0.6.0 /

Resource Hash

8150ab4221ba07b1fbfe9950edf27953f9edf4a11fa6f178fd05cf06237a22d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 26 Apr 2024 23:51:35 GMT
via: 1.1 varnish
strict-transport-security: max-age=31557600
age: 1838
x-cache: HIT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 338179
x-served-by: cache-fra-eddf8230041-FRA
last-modified: Fri, 26 Apr 2024 23:20:57 GMT
server: Aleph/0.6.0
host: sos-ch-dk-2.exo.io
x-timer: S1714175496.732545,VS0,VE1
etag: "eaffeffbccc92c307e2ebf67f4107850"
content-type: image/png
cache-control: public, max-age=315576000, immutable
accept-ranges: bytes
x-cache-hits: 1

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	base-uri 'none'; default-src 'none'; frame-ancestors 'none'; font-src 'self' https://mastodon.social; img-src 'self' data: blob: https://mastodon.social https://files.mastodon.social; style-src 'self' https://mastodon.social 'nonce-pu0tJ7lzeOSSwkUiCSV3CQ=='; media-src 'self' data: https://mastodon.social https://files.mastodon.social; frame-src 'self' https:; manifest-src 'self' https://mastodon.social; form-action 'self'; child-src 'self' blob: https://mastodon.social; worker-src 'self' blob: https://mastodon.social; connect-src 'self' data: blob: https://mastodon.social https://files.mastodon.social wss://streaming.mastodon.social; script-src 'self' https://mastodon.social 'wasm-unsafe-eval'
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

files.mastodon.social
mastodon.social
151.101.1.91
2a04:4e42:400::347
2a04:4e42:e00::347
325a5bfdece53ab04bc3cf35fb3e6febb3d9dfd2c20abc3f4bbb399cec7af2db
42036fa40418a60a075e8ffeabb83a6bb9fd74a0cc47a531032a318b2539c191
521f169d8db274ae91164b4988cf58d6086ad9180f4babf59a7e059cc6a6f2d2
599c1fd7e750e906d0830540bc37531d857175adcdd211bbcc342b8e016784a4
630a1dd1d7d7424987cd7c071066a07ed1e343df43b13ae9995a922d94f6fbda
760c2a8e8859a20bf88fbb2afd4fb455791bfa79a95aff95c14c490b6ad715da
8150ab4221ba07b1fbfe9950edf27953f9edf4a11fa6f178fd05cf06237a22d7
927222165f97cfd57ad1380e727e0bf8fa22d7446018ea0c8305a825012f10b6
9f63c6e481d078468cc8e85b74a1e7105959e1ba3f2008a0fe2ce9378de0be9d
a872e03013841dae694bb1a72737cfc0f178eb903375015c04dce886ed473cbd
b1c89cbf5301b6b485d43c4e408ef998694b107160c56d4a07b43c864a1b69ad
b2bd2299654d55ac668a4d78558446d834f93bf3e97088356824f84477884dd3
c1dea078c5b9ea758ff20bf8378df551402ad5ed0dc50cfbe1a8dba1f34e9334
c3425c77240c6c767a4cc996db3789722fb8986cca6cdf12b35042e319c2650f
cee18f4a85d51c368fc920e7274c02a138e61eaabbcd8c91e73be29ff9931a93
cf122e1d0e81be674d46829c1b5d1506eadd9520508d07b71bb3bb562632a351
e0d90e7c1b334f9ee5ae7b7b8557139758d0fb580b66aa7256b62ddd45ad7d00
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6fa1009ba95f1d100fe7da1c1186d0a308a3d112193edb09ef07ed641fee920
f043091bd912f6d3c78a77af10423261d8396b60d4b47eeb72bce72d7f541cc4
f67fcf3a087ec56840a86ccd244e4e6cfc1b9d74aae4757f0a6e7687c8129f9d

mastodon.social Open in urlscan Pro 2a04:4e42:e00::347 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

21 Requests

100 %HTTPS

67 %IPv6

1 Domains

2 Subdomains

3 IPs

1 Countries

1281 kBTransfer

3065 kBSize

0 Cookies

6 Outgoing links

Redirected requests

21 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

0 Cookies

Security Headers

Indicators

mastodon.social Open in urlscan Pro
2a04:4e42:e00::347 Public Scan

Screenshot
Live screenshot

Full Image

21
Requests

100 %
HTTPS

67 %
IPv6

1
Domains

2
Subdomains

3
IPs

1
Countries

1281 kB
Transfer

3065 kB
Size

0
Cookies

21 HTTP transactions
0 data transactions