Alright. I figured it out. I think after Mastodon had that security vulnerability they changed how they fetch data. I needed to parse the Accept header correctly to not redirect Mastodon to njump.me. It's fixed in Mastodon now.