urlscan.io logo urlscan.io
SecurityTrails logo

accounts.firefox.com Open in urlscan Pro
34.110.207.168  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://accounts.firefox.com/settings?context=fx_desktop_v3&entrypoint=password-manager&uid=bad467e414eb4aeb8f1eadebd3b47a63&...
Effective URL: https://accounts.firefox.com/signin?redirect_to=%2Fsettings
Submission: On April 24 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 1 countries across 3 domains to perform 26 HTTP transactions. The main IP is 34.110.207.168, located in Kansas City, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is accounts.firefox.com. The Cisco Umbrella rank of the primary domain is 6207.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on June 29th 2023. Valid for: a year.
This is the only time accounts.firefox.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
16 34.110.207.168 396982 (GOOGLE-CL...)
1 34.120.195.249 396982 (GOOGLE-CL...)
8 18.245.46.74 16509 (AMAZON-02)
26 4
Apex Domain
Subdomains		 Transfer
16 firefox.com
accounts.firefox.com — Cisco Umbrella Rank: 6207
graphql.accounts.firefox.com — Cisco Umbrella Rank: 550701
805 KB
8 mozilla.net
accounts-static.cdn.mozilla.net — Cisco Umbrella Rank: 260486
780 KB
1 sentry.io
o1069899.ingest.sentry.io — Cisco Umbrella Rank: 17621
299 B
26 3
Domain Requested by
14 accounts.firefox.com accounts.firefox.com
accounts-static.cdn.mozilla.net
8 accounts-static.cdn.mozilla.net accounts.firefox.com
accounts-static.cdn.mozilla.net
2 graphql.accounts.firefox.com accounts.firefox.com
1 o1069899.ingest.sentry.io accounts.firefox.com
26 4

This site contains links to these domains. Also see Links.

Domain
www.mozilla.org
Subject Issuer Validity Valid
accounts.firefox.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-06-29 -
2024-07-17		 a year crt.sh
ingest.sentry.io
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-11-02 -
2024-12-02		 a year crt.sh
*.cdn.mozilla.net
R3		 2024-04-15 -
2024-07-14		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://accounts.firefox.com/signin?redirect_to=%2Fsettings
Frame ID: 7C7401B36EB2DA2225278215F53601BD
Requests: 26 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

E-Mail-Adresse eingeben Weiter zu account settings

Page URL History Show full URLs

  1. https://accounts.firefox.com/settings?context=fx_desktop_v3&entrypoint=password-manager&uid=bad467e414eb4... Page URL
  2. https://accounts.firefox.com/signin?redirect_to=%2Fsettings Page URL

Page Statistics

26
Requests

96 %
HTTPS

0 %
IPv6

3
Domains

4
Subdomains

4
IPs

1
Countries

1585 kB
Transfer

4579 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://accounts.firefox.com/settings?context=fx_desktop_v3&entrypoint=password-manager&uid=bad467e414eb4aeb8f1eadebd3b47a63&email=djthamo%40gmail.com Page URL
  2. https://accounts.firefox.com/signin?redirect_to=%2Fsettings Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

26 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
settings
accounts.firefox.com/ 		5 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://accounts.firefox.com/settings?context=fx_desktop_v3&entrypoint=password-manager&uid=bad467e414eb4aeb8f1eadebd3b47a63&email=djthamo%40gmail.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.110.207.168 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
168.207.110.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
cd8217f80978f8cffc8ae599c58f64bfc7c94cca14272d47e1fbfa034a55d088
Security Headers
Name Value
Content-Security-Policy connect-src 'self' https://api.accounts.firefox.com https://accounts.firefox.com https://graphql.accounts.firefox.com https://oauth.accounts.firefox.com https://profile.accounts.firefox.com wss://channelserver.services.mozilla.com https://channelserver.services.mozilla.com https://*.sentry.io;default-src 'self';form-action 'self' https://accounts.google.com https://appleid.apple.com;font-src 'self' https://accounts-static.cdn.mozilla.net;frame-src 'none';img-src 'self' blob: data: https://secure.gravatar.com https://firefoxusercontent.com https://profile.accounts.firefox.com https://accounts-static.cdn.mozilla.net;media-src blob:;object-src 'none';report-uri /_/csp-violation;script-src 'self' https://accounts-static.cdn.mozilla.net;style-src 'self' https://accounts-static.cdn.mozilla.net;base-uri 'self';frame-ancestors 'self';script-src-attr 'none';upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-security-policy
connect-src 'self' https://api.accounts.firefox.com https://accounts.firefox.com https://graphql.accounts.firefox.com https://oauth.accounts.firefox.com https://profile.accounts.firefox.com wss://channelserver.services.mozilla.com https://channelserver.services.mozilla.com https://*.sentry.io;default-src 'self';form-action 'self' https://accounts.google.com https://appleid.apple.com;font-src 'self' https://accounts-static.cdn.mozilla.net;frame-src 'none';img-src 'self' blob: data: https://secure.gravatar.com https://firefoxusercontent.com https://profile.accounts.firefox.com https://accounts-static.cdn.mozilla.net;media-src blob:;object-src 'none';report-uri /_/csp-violation;script-src 'self' https://accounts-static.cdn.mozilla.net;style-src 'self' https://accounts-static.cdn.mozilla.net;base-uri 'self';frame-ancestors 'self';script-src-attr 'none';upgrade-insecure-requests
content-type
text/html; charset=utf-8
date
Wed, 24 Apr 2024 15:07:37 GMT
etag
W/"15b0-FYLEenREa6pMkVmQOgJBuLTrrVk"
referrer-policy
no-referrer
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
via
1.1 google
x-content-type-options
nosniff
x-frame-options
DENY
x-robots-tag
noindex,nofollow
x-xss-protection
0
main.94491d8d.js
accounts.firefox.com/settings/static/js/ 		2 MB
523 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://accounts.firefox.com/settings/static/js/main.94491d8d.js
Requested by
Host: accounts.firefox.com
URL: https://accounts.firefox.com/settings?context=fx_desktop_v3&entrypoint=password-manager&uid=bad467e414eb4aeb8f1eadebd3b47a63&email=djthamo%40gmail.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.110.207.168 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
168.207.110.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
25c0811e4f0cfd5c72927dc6fa8c34f74d32ca9f411645fbc5a1089a4ff96f6f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://accounts.firefox.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 15:07:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
referrer-policy
no-referrer
last-modified
Wed, 17 Apr 2024 02:42:19 GMT
server
nginx
etag
W/"18afdf-18ee9ef02f8"
vary
Accept-Encoding, Origin
x-frame-options
DENY
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
https://accounts.firefox.com
cache-control
public, max-age=600
main.49c8d15c.css
accounts.firefox.com/settings/static/css/ 		51 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://accounts.firefox.com/settings/static/css/main.49c8d15c.css
Requested by
Host: accounts.firefox.com
URL: https://accounts.firefox.com/settings?context=fx_desktop_v3&entrypoint=password-manager&uid=bad467e414eb4aeb8f1eadebd3b47a63&email=djthamo%40gmail.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.110.207.168 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
168.207.110.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
78503f9a8a6a9c7e0cf8913152b1ee69a86262eb5d79d9f1805eb51544fb5183
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://accounts.firefox.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 15:07:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
referrer-policy
no-referrer
last-modified
Wed, 17 Apr 2024 02:42:19 GMT
server
nginx
etag
W/"caf8-18ee9ef02f8"
vary
Accept-Encoding, Origin
x-frame-options
DENY
content-type
text/css; charset=UTF-8
access-control-allow-origin
https://accounts.firefox.com
cache-control
public, max-age=600
/
o1069899.ingest.sentry.io/api/6231069/envelope/ 		2 B
299 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://o1069899.ingest.sentry.io/api/6231069/envelope/?sentry_key=adb27d09f83f43b8852e61ce4c8a487b&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.109.0
Requested by
Host: accounts.firefox.com
URL: https://accounts.firefox.com/settings/static/js/main.94491d8d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
249.195.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://accounts.firefox.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 24 Apr 2024 15:07:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 google
server
nginx
vary
origin,access-control-request-method,access-control-request-headers
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
x-sentry-error,x-sentry-rate-limits,retry-after
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
main.ftl
accounts.firefox.com/settings/locales/en-US/ 		5 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://accounts.firefox.com/settings/locales/en-US/main.ftl
Requested by
Host: accounts.firefox.com
URL: https://accounts.firefox.com/settings/static/js/main.94491d8d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.110.207.168 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
168.207.110.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
cd8217f80978f8cffc8ae599c58f64bfc7c94cca14272d47e1fbfa034a55d088
Security Headers
Name Value
Content-Security-Policy connect-src 'self' https://api.accounts.firefox.com https://accounts.firefox.com https://graphql.accounts.firefox.com https://oauth.accounts.firefox.com https://profile.accounts.firefox.com wss://channelserver.services.mozilla.com https://channelserver.services.mozilla.com https://*.sentry.io;default-src 'self';form-action 'self' https://accounts.google.com https://appleid.apple.com;font-src 'self' https://accounts-static.cdn.mozilla.net;frame-src 'none';img-src 'self' blob: data: https://secure.gravatar.com https://firefoxusercontent.com https://profile.accounts.firefox.com https://accounts-static.cdn.mozilla.net;media-src blob:;object-src 'none';report-uri /_/csp-violation;script-src 'self' https://accounts-static.cdn.mozilla.net;style-src 'self' https://accounts-static.cdn.mozilla.net;base-uri 'self';frame-ancestors 'self';script-src-attr 'none';upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Referer
https://accounts.firefox.com/
baggage
sentry-environment=prod,sentry-release=1.282.5,sentry-public_key=adb27d09f83f43b8852e61ce4c8a487b,sentry-trace_id=3f1da75bd5df45a5b9de8dd50c021e1e,sentry-sample_rate=0.5,sentry-sampled=false
sentry-trace
3f1da75bd5df45a5b9de8dd50c021e1e-a23c53abb2c517ca-0
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 15:07:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains
referrer-policy
no-referrer
x-content-type-options
nosniff
content-encoding
gzip
server
nginx
content-security-policy
connect-src 'self' https://api.accounts.firefox.com https://accounts.firefox.com https://graphql.accounts.firefox.com https://oauth.accounts.firefox.com https://profile.accounts.firefox.com wss://channelserver.services.mozilla.com https://channelserver.services.mozilla.com https://*.sentry.io;default-src 'self';form-action 'self' https://accounts.google.com https://appleid.apple.com;font-src 'self' https://accounts-static.cdn.mozilla.net;frame-src 'none';img-src 'self' blob: data: https://secure.gravatar.com https://firefoxusercontent.com https://profile.accounts.firefox.com https://accounts-static.cdn.mozilla.net;media-src blob:;object-src 'none';report-uri /_/csp-violation;script-src 'self' https://accounts-static.cdn.mozilla.net;style-src 'self' https://accounts-static.cdn.mozilla.net;base-uri 'self';frame-ancestors 'self';script-src-attr 'none';upgrade-insecure-requests
via
1.1 google
etag
W/"15b0-FYLEenREa6pMkVmQOgJBuLTrrVk"
vary
Accept-Encoding
x-frame-options
DENY
content-type
text/html; charset=utf-8
x-robots-tag
noindex,nofollow
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
main.ftl
accounts.firefox.com/settings/locales/en/ 		84 KB
84 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://accounts.firefox.com/settings/locales/en/main.ftl
Requested by
Host: accounts.firefox.com
URL: https://accounts.firefox.com/settings/static/js/main.94491d8d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.110.207.168 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
168.207.110.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
f60f5ba5725d03b17ec3f99d4c848e4839a0eed7185552cbbaeebf82ce9a67b0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Referer
https://accounts.firefox.com/
baggage
sentry-environment=prod,sentry-release=1.282.5,sentry-public_key=adb27d09f83f43b8852e61ce4c8a487b,sentry-trace_id=3f1da75bd5df45a5b9de8dd50c021e1e,sentry-sample_rate=0.5,sentry-sampled=false
sentry-trace
3f1da75bd5df45a5b9de8dd50c021e1e-9e7ebd23f5e9af5d-0
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 15:07:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains
referrer-policy
no-referrer
x-content-type-options
nosniff
last-modified
Wed, 17 Apr 2024 02:42:19 GMT
server
nginx
via
1.1 google
etag
W/"14f96-18ee9ef02f8"
x-frame-options
DENY
content-type
application/octet-stream
cache-control
public, max-age=600
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
85910
x-xss-protection
0
main.ftl
accounts.firefox.com/settings/locales/en-GB/ 		84 KB
84 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://accounts.firefox.com/settings/locales/en-GB/main.ftl
Requested by
Host: accounts.firefox.com
URL: https://accounts.firefox.com/settings/static/js/main.94491d8d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.110.207.168 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
168.207.110.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
1f5da8a5b689df329fe9caca99d9653b99025af3aa0b3b7a41206435ecaf65f2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Referer
https://accounts.firefox.com/
baggage
sentry-environment=prod,sentry-release=1.282.5,sentry-public_key=adb27d09f83f43b8852e61ce4c8a487b,sentry-trace_id=3f1da75bd5df45a5b9de8dd50c021e1e,sentry-sample_rate=0.5,sentry-sampled=false
sentry-trace
3f1da75bd5df45a5b9de8dd50c021e1e-b826528ec3e60e2c-0
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 15:07:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains
referrer-policy
no-referrer
x-content-type-options
nosniff
last-modified
Wed, 17 Apr 2024 02:42:19 GMT
server
nginx
via
1.1 google
etag
W/"151b7-18ee9ef02f8"
x-frame-options
DENY
content-type
application/octet-stream
cache-control
public, max-age=600
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
86455
x-xss-protection
0
main.ftl
accounts.firefox.com/settings/locales/en-CA/ 		84 KB
84 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://accounts.firefox.com/settings/locales/en-CA/main.ftl
Requested by
Host: accounts.firefox.com
URL: https://accounts.firefox.com/settings/static/js/main.94491d8d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.110.207.168 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
168.207.110.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
c8f20c82dc2d6dea6912424bedebb07409618b6b1225ed4ac8283411b08421e4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Referer
https://accounts.firefox.com/
baggage
sentry-environment=prod,sentry-release=1.282.5,sentry-public_key=adb27d09f83f43b8852e61ce4c8a487b,sentry-trace_id=3f1da75bd5df45a5b9de8dd50c021e1e,sentry-sample_rate=0.5,sentry-sampled=false
sentry-trace
3f1da75bd5df45a5b9de8dd50c021e1e-b3f9d4cf781ca38d-0
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 15:07:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains
referrer-policy
no-referrer
x-content-type-options
nosniff
last-modified
Wed, 17 Apr 2024 02:42:19 GMT
server
nginx
via
1.1 google
etag
W/"151a8-18ee9ef02f8"
x-frame-options
DENY
content-type
application/octet-stream
cache-control
public, max-age=600
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
86440
x-xss-protection
0
favicon.ico
accounts.firefox.com/ 		7 KB
7 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://accounts.firefox.com/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.110.207.168 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
168.207.110.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
3e5e524aa82385dc1b35bfdfb4b5b527654164f7c519833d64492588ada9e002
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://accounts.firefox.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 15:07:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains
referrer-policy
no-referrer
x-content-type-options
nosniff
last-modified
Wed, 17 Apr 2024 02:20:11 GMT
server
nginx
via
1.1 google
etag
W/"1cee-18ee9dabf78"
x-frame-options
DENY
content-type
image/x-icon
cache-control
public, max-age=600
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7406
x-xss-protection
0
graphql
graphql.accounts.firefox.com/ 		124 B
252 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://graphql.accounts.firefox.com/graphql
Requested by
Host: accounts.firefox.com
URL: https://accounts.firefox.com/settings/static/js/main.94491d8d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.110.207.168 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
168.207.110.34.bc.googleusercontent.com
Software
nginx / Express
Resource Hash
Security Headers
Name Value
Content-Security-Policy base-uri 'none';default-src 'none';frame-src 'none';object-src 'none';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
authorization
Bearer null
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
content-type
application/json
accept
*/*
Referer
https://accounts.firefox.com/
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 15:07:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
base-uri 'none';default-src 'none';frame-src 'none';object-src 'none';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
via
1.1 google
x-powered-by
Express
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
124
x-xss-protection
1; mode=block
server
nginx
etag
W/"7c-HRQMnmGJyZIe7KIoq8HW8DcMMvs"
x-frame-options
DENY
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://accounts.firefox.com
cache-control
no-store
graphql
graphql.accounts.firefox.com/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://graphql.accounts.firefox.com/graphql
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.110.207.168 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
168.207.110.34.bc.googleusercontent.com
Software
nginx / Express
Resource Hash
Security Headers
Name Value
Content-Security-Policy base-uri 'none';default-src 'none';frame-src 'none';object-src 'none';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type
Access-Control-Request-Method
POST
Origin
https://accounts.firefox.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
authorization,content-type
access-control-allow-methods
OPTIONS,POST
access-control-allow-origin
https://accounts.firefox.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-security-policy
base-uri 'none';default-src 'none';frame-src 'none';object-src 'none';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
date
Wed, 24 Apr 2024 15:07:39 GMT
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
vary
Origin, Access-Control-Request-Headers
via
1.1 google
x-content-type-options
nosniff
x-frame-options
DENY
x-powered-by
Express
x-xss-protection
1; mode=block
Primary Request signin
accounts.firefox.com/ 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://accounts.firefox.com/signin?redirect_to=%2Fsettings
Requested by
Host: accounts.firefox.com
URL: https://accounts.firefox.com/settings/static/js/main.94491d8d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.110.207.168 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
168.207.110.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
dbe055d370e93e21447893bf142fd732aa70b5366ee0688753fa7e119b9bbb74
Security Headers
Name Value
Content-Security-Policy connect-src 'self' https://api.accounts.firefox.com https://accounts.firefox.com https://graphql.accounts.firefox.com https://oauth.accounts.firefox.com https://profile.accounts.firefox.com wss://channelserver.services.mozilla.com https://channelserver.services.mozilla.com https://*.sentry.io;default-src 'self';form-action 'self' https://accounts.google.com https://appleid.apple.com;font-src 'self' https://accounts-static.cdn.mozilla.net;frame-src 'none';img-src 'self' blob: data: https://secure.gravatar.com https://firefoxusercontent.com https://profile.accounts.firefox.com https://accounts-static.cdn.mozilla.net;media-src blob:;object-src 'none';report-uri /_/csp-violation;script-src 'self' https://accounts-static.cdn.mozilla.net;style-src 'self' https://accounts-static.cdn.mozilla.net;base-uri 'self';frame-ancestors 'self';script-src-attr 'none';upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://accounts.firefox.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-security-policy
connect-src 'self' https://api.accounts.firefox.com https://accounts.firefox.com https://graphql.accounts.firefox.com https://oauth.accounts.firefox.com https://profile.accounts.firefox.com wss://channelserver.services.mozilla.com https://channelserver.services.mozilla.com https://*.sentry.io;default-src 'self';form-action 'self' https://accounts.google.com https://appleid.apple.com;font-src 'self' https://accounts-static.cdn.mozilla.net;frame-src 'none';img-src 'self' blob: data: https://secure.gravatar.com https://firefoxusercontent.com https://profile.accounts.firefox.com https://accounts-static.cdn.mozilla.net;media-src blob:;object-src 'none';report-uri /_/csp-violation;script-src 'self' https://accounts-static.cdn.mozilla.net;style-src 'self' https://accounts-static.cdn.mozilla.net;base-uri 'self';frame-ancestors 'self';script-src-attr 'none';upgrade-insecure-requests
content-type
text/html; charset=utf-8
date
Wed, 24 Apr 2024 15:07:39 GMT
etag
W/"277f-SbdKYXPX9CPxbDwCg+cwMb30VKo"
referrer-policy
no-referrer
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
via
1.1 google
x-content-type-options
nosniff
x-frame-options
DENY
x-robots-tag
noindex,nofollow
x-xss-protection
0
metrics-flow
accounts.firefox.com/ 		153 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://accounts.firefox.com/metrics-flow
Requested by
Host: accounts.firefox.com
URL: https://accounts.firefox.com/settings/static/js/main.94491d8d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.110.207.168 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
168.207.110.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Referer
https://accounts.firefox.com/
baggage
sentry-environment=prod,sentry-release=1.282.5,sentry-public_key=adb27d09f83f43b8852e61ce4c8a487b,sentry-trace_id=3f1da75bd5df45a5b9de8dd50c021e1e,sentry-sample_rate=0.5,sentry-sampled=false
sentry-trace
3f1da75bd5df45a5b9de8dd50c021e1e-a463906dfc23bf32-0
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 15:07:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains
referrer-policy
no-referrer
x-content-type-options
nosniff
via
1.1 google
server
nginx
etag
W/"99-PjtSAzBlCZ13MjBMCtQUuDRETro"
x-frame-options
DENY
vary
Origin
content-type
application/json; charset=utf-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
153
x-xss-protection
0
/
o1069899.ingest.sentry.io/api/6231069/envelope/ 		0
0
8bbdb7ff.main.css
accounts-static.cdn.mozilla.net/styles/ 		56 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://accounts-static.cdn.mozilla.net/styles/8bbdb7ff.main.css
Requested by
Host: accounts.firefox.com
URL: https://accounts.firefox.com/signin?redirect_to=%2Fsettings
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.46.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-46-74.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
33cc48eec94196461018d01f24e2835bc9716fb29f1f0735f0cf639f77f8b542

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://accounts.firefox.com/
Origin
https://accounts.firefox.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
ivZLrqWhi2L8yLBzVqmfy63XN1A0d_Ca
content-encoding
gzip
via
1.1 90b31bff657d66dd87e437e4a49bf7a6.cloudfront.net (CloudFront)
date
Wed, 24 Apr 2024 04:35:12 GMT
x-amz-cf-pop
FRA56-P9
age
37949
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Wed, 17 Apr 2024 17:52:02 GMT
server
AmazonS3
etag
W/"8bbdb7ffede8b2808a35f9019eeb9756"
vary
Accept-Encoding,Origin
access-control-allow-methods
HEAD, GET
content-type
text/css
access-control-allow-origin
*
cache-control
public,max-age=86400
x-amz-cf-id
QXlwfwKeMMtVDdVX0n9Byy03r7weJH0AvAf81m8NBNSnjQTXaBurRw==
ab8681c0.tailwind.out.css
accounts-static.cdn.mozilla.net/styles/ 		88 KB
17 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://accounts-static.cdn.mozilla.net/styles/ab8681c0.tailwind.out.css
Requested by
Host: accounts.firefox.com
URL: https://accounts.firefox.com/signin?redirect_to=%2Fsettings
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.46.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-46-74.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
883f1edfe0429504e0a62144d3c2891b0a1f96ef90b708e936db00f5a117a142

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://accounts.firefox.com/
Origin
https://accounts.firefox.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
jE9zbMOIbNVpZFGe8wDO4fdABLexUogj
content-encoding
gzip
via
1.1 90b31bff657d66dd87e437e4a49bf7a6.cloudfront.net (CloudFront)
date
Wed, 24 Apr 2024 03:17:01 GMT
x-amz-cf-pop
FRA56-P9
age
42640
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Wed, 17 Apr 2024 17:52:02 GMT
server
AmazonS3
etag
W/"ab8681c0b5f280f74c071af35d5ec0a2"
vary
Accept-Encoding,Origin
access-control-allow-methods
HEAD, GET
content-type
text/css
access-control-allow-origin
*
cache-control
public,max-age=86400
x-amz-cf-id
H4c1A_VnNMQEfxln3V9p7X0WvZdqw2zF_hNX0ZksbJVJfPRz0onNpQ==
head.bundle.js
accounts-static.cdn.mozilla.net/bundle-300e060560ceccbee6ebbb0493bb995c4d21f93b/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://accounts-static.cdn.mozilla.net/bundle-300e060560ceccbee6ebbb0493bb995c4d21f93b/head.bundle.js
Requested by
Host: accounts.firefox.com
URL: https://accounts.firefox.com/signin?redirect_to=%2Fsettings
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.46.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-46-74.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
393e075bf90519cb026d0b11c4e51d6bfc9b8cf529a98afaac213ef7174eae1a

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://accounts.firefox.com/
Origin
https://accounts.firefox.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
P2wnNuSn9tCk44e4ty5r7S0kZJKIlz4w
content-encoding
gzip
via
1.1 90b31bff657d66dd87e437e4a49bf7a6.cloudfront.net (CloudFront)
date
Wed, 24 Apr 2024 04:27:11 GMT
x-amz-cf-pop
FRA56-P9
age
38432
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Wed, 17 Apr 2024 17:51:59 GMT
server
AmazonS3
etag
W/"602587e3b228b4eb88ff255871da34dc"
vary
Accept-Encoding,Origin
access-control-allow-methods
HEAD, GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=86400
x-amz-cf-id
8pt7qU9hY9nudq8bvAaU6UYD6Awy4pvwR4C2k-rb1m3_lOOk5hnGmg==
appDependencies.bundle.js
accounts-static.cdn.mozilla.net/bundle-300e060560ceccbee6ebbb0493bb995c4d21f93b/ 		661 KB
204 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://accounts-static.cdn.mozilla.net/bundle-300e060560ceccbee6ebbb0493bb995c4d21f93b/appDependencies.bundle.js
Requested by
Host: accounts.firefox.com
URL: https://accounts.firefox.com/signin?redirect_to=%2Fsettings
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.46.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-46-74.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a3ef40195c7d803202af58a4ae9e0ce1fd99938a02a7abecde8ab3dd0335794c

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://accounts.firefox.com/
Origin
https://accounts.firefox.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
yfqnU6fITGV1CSbNexRDzDrnjhtd_v6B
content-encoding
gzip
via
1.1 90b31bff657d66dd87e437e4a49bf7a6.cloudfront.net (CloudFront)
date
Wed, 24 Apr 2024 04:27:11 GMT
x-amz-cf-pop
FRA56-P9
age
38432
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Wed, 17 Apr 2024 17:51:47 GMT
server
AmazonS3
etag
W/"1b09fcecd72956dbfc41a8ef29e93ca0"
vary
Accept-Encoding,Origin
access-control-allow-methods
HEAD, GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=86400
x-amz-cf-id
yfMF5m5ByT6OxgMS-aN4HLXTInPeDFoB1ILI0unsar6KoLhuWnCdmw==
app.bundle.de.js
accounts-static.cdn.mozilla.net/bundle-300e060560ceccbee6ebbb0493bb995c4d21f93b/ 		2 MB
538 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://accounts-static.cdn.mozilla.net/bundle-300e060560ceccbee6ebbb0493bb995c4d21f93b/app.bundle.de.js
Requested by
Host: accounts.firefox.com
URL: https://accounts.firefox.com/signin?redirect_to=%2Fsettings
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.46.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-46-74.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
32ca68c61aeb91d5c25b858bde9f55cb71cbb9bd0f1bfb34ed7b9f26d8c0bc19

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://accounts.firefox.com/
Origin
https://accounts.firefox.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
AMj23U9dhUb_aLRPxk6xU9OE_b0VZsxM
content-encoding
gzip
via
1.1 90b31bff657d66dd87e437e4a49bf7a6.cloudfront.net (CloudFront)
date
Wed, 24 Apr 2024 03:24:03 GMT
x-amz-cf-pop
FRA56-P9
age
42218
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Wed, 17 Apr 2024 17:51:49 GMT
server
AmazonS3
etag
W/"44381d9e8cf81f39f6bf363fbed5300e"
vary
Accept-Encoding,Origin
access-control-allow-methods
HEAD, GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=86400
x-amz-cf-id
vKc46nCXtkRICbxvl4kFYq7J0n1yLUYmAk0a8MIfoaepKj23jJ5IXg==
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c4f52fd4e5395580cbbaddf71f4340638e7e565e151ce9a163cc8d07730f8be1

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://accounts.firefox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
a7c41087.mozilla.svg
accounts-static.cdn.mozilla.net/images/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://accounts-static.cdn.mozilla.net/images/a7c41087.mozilla.svg
Requested by
Host: accounts-static.cdn.mozilla.net
URL: https://accounts-static.cdn.mozilla.net/styles/8bbdb7ff.main.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.46.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-46-74.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8953c362d12a1ef9a147b46ec5d07b73be5a38e1c1333a0355bab8f82826f006

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://accounts-static.cdn.mozilla.net/styles/8bbdb7ff.main.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
iJjzFfd5FkeOvgZJS9U8QKFVx32wlBx.
content-encoding
gzip
via
1.1 3aedbf31650352660fd3a878f7b791c8.cloudfront.net (CloudFront)
date
Wed, 24 Apr 2024 05:44:57 GMT
last-modified
Wed, 17 Apr 2024 17:51:52 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P9
age
33764
x-amz-server-side-encryption
AES256
etag
W/"a7c410872e9e6f151d06c7dbe9eb7ddc"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public,max-age=86400
x-amz-cf-id
fws_uYDZznX10tebHYRt0IsVBYfQh5Q9j6XDQY2lTX0kCIIGHgo0Ug==
1cdc8fce.google_btn_normal.svg
accounts-static.cdn.mozilla.net/images/third_party_auth/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://accounts-static.cdn.mozilla.net/images/third_party_auth/1cdc8fce.google_btn_normal.svg
Requested by
Host: accounts-static.cdn.mozilla.net
URL: https://accounts-static.cdn.mozilla.net/styles/8bbdb7ff.main.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.46.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-46-74.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
464e961b31ded25189184c9688dea54eeb28b1f2bcb9bb6a49d7f4673b962c11

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://accounts-static.cdn.mozilla.net/styles/8bbdb7ff.main.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
GLVPLeKGaAqLV0BBl8d8FHqZh46eUAU2
content-encoding
gzip
via
1.1 3aedbf31650352660fd3a878f7b791c8.cloudfront.net (CloudFront)
date
Wed, 24 Apr 2024 01:15:17 GMT
last-modified
Wed, 17 Apr 2024 17:51:52 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P9
age
49944
x-amz-server-side-encryption
AES256
etag
W/"1cdc8fce9609d07f0e9d8d0bc4b61f8f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public,max-age=86400
x-amz-cf-id
HJqGhuIJQLxxGwWr-iREZ2V_QOlWTYYtavftfPqapKImHFqoFUdWow==
37f16dcb.apple_btn_normal.svg
accounts-static.cdn.mozilla.net/images/third_party_auth/ 		687 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://accounts-static.cdn.mozilla.net/images/third_party_auth/37f16dcb.apple_btn_normal.svg
Requested by
Host: accounts-static.cdn.mozilla.net
URL: https://accounts-static.cdn.mozilla.net/styles/8bbdb7ff.main.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.46.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-46-74.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6ff52797f2eaf370586e001d8009121236498b63cbdf5d75c3491e1772cabfdc

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://accounts-static.cdn.mozilla.net/styles/8bbdb7ff.main.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
rqIx0hMonHSpjdJxU500HfTSj1JrL7Qu
date
Wed, 24 Apr 2024 04:45:22 GMT
via
1.1 3aedbf31650352660fd3a878f7b791c8.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P9
age
37385
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
687
last-modified
Wed, 17 Apr 2024 17:51:52 GMT
server
AmazonS3
etag
"37f16dcb86fdfc8e800156ab0d2ead6b"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public,max-age=86400
accept-ranges
bytes
x-amz-cf-id
AlxNRmZlzjc8p9Z_B7ghs1vgX8X--v4Qg9wXY_FaZ3EPvaNwQViJcQ==
9353e061-a98c-44b1-864c-94637762f3bf
accounts.firefox.com/submit/accounts-frontend/events/1/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://accounts.firefox.com/submit/accounts-frontend/events/1/9353e061-a98c-44b1-864c-94637762f3bf
Requested by
Host: accounts-static.cdn.mozilla.net
URL: https://accounts-static.cdn.mozilla.net/bundle-300e060560ceccbee6ebbb0493bb995c4d21f93b/app.bundle.de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.110.207.168 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
168.207.110.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Content-Encoding
gzip
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/json; charset=utf-8
Referer
https://accounts.firefox.com/
X-Telemetry-Agent
Glean/4.0.0 (JS on Windows)
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 15:07:40 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
via
1.1 google, 1.1 google
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, OPTIONS
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://accounts.firefox.com
x-frame-options
DENY
access-control-max-age
1728000
access-control-allow-headers
Accept-Encoding,Connection,Content-Encoding,Content-Length,Content-Type,DNT,Date,Sec-Fetch-Dest,Sec-Fetch-Mode,Sec-Fetch-Site,User-Agent,X-Client-Type,X-Client-Version,X-Debug-ID,X-Forwarded-For,X-Pingsender-Version,X-Pipeline-Proxy,X-Source-Tags,X-Telemetry-Agent
alt-svc
clear, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
7dd7fd9b-348f-4563-8675-b020e55b4bed
accounts.firefox.com/submit/accounts-frontend/accounts-events/1/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://accounts.firefox.com/submit/accounts-frontend/accounts-events/1/7dd7fd9b-348f-4563-8675-b020e55b4bed
Requested by
Host: accounts-static.cdn.mozilla.net
URL: https://accounts-static.cdn.mozilla.net/bundle-300e060560ceccbee6ebbb0493bb995c4d21f93b/app.bundle.de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.110.207.168 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
168.207.110.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Content-Encoding
gzip
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/json; charset=utf-8
Referer
https://accounts.firefox.com/
X-Telemetry-Agent
Glean/4.0.0 (JS on Windows)
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 15:07:40 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
via
1.1 google, 1.1 google
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, OPTIONS
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://accounts.firefox.com
x-frame-options
DENY
access-control-max-age
1728000
access-control-allow-headers
Accept-Encoding,Connection,Content-Encoding,Content-Length,Content-Type,DNT,Date,Sec-Fetch-Dest,Sec-Fetch-Mode,Sec-Fetch-Site,User-Agent,X-Client-Type,X-Client-Version,X-Debug-ID,X-Forwarded-For,X-Pingsender-Version,X-Pipeline-Proxy,X-Source-Tags,X-Telemetry-Agent
alt-svc
clear, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
metrics
accounts.firefox.com/ 		16 B
35 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://accounts.firefox.com/metrics
Requested by
Host: accounts-static.cdn.mozilla.net
URL: https://accounts-static.cdn.mozilla.net/bundle-300e060560ceccbee6ebbb0493bb995c4d21f93b/app.bundle.de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.110.207.168 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
168.207.110.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://accounts.firefox.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 24 Apr 2024 15:07:40 GMT
strict-transport-security
max-age=31536000; includeSubDomains
referrer-policy
no-referrer
x-content-type-options
nosniff
via
1.1 google
server
nginx
etag
W/"10-oV4hJxRVSENxc/wX8+mA4/Pe4tA"
x-frame-options
DENY
content-type
application/json; charset=utf-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16
x-xss-protection
0
favicon.ico
accounts.firefox.com/ 		7 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
https://accounts.firefox.com/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.110.207.168 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
168.207.110.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
3e5e524aa82385dc1b35bfdfb4b5b527654164f7c519833d64492588ada9e002
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://accounts.firefox.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 15:07:39 GMT
via
1.1 google
referrer-policy
no-referrer
x-content-type-options
nosniff
last-modified
Wed, 17 Apr 2024 02:20:11 GMT
server
nginx
etag
W/"1cee-18ee9dabf78"
x-frame-options
DENY
content-type
image/x-icon
cache-control
public, max-age=600
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7406
x-xss-protection
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
o1069899.ingest.sentry.io
URL
https://o1069899.ingest.sentry.io/api/6231069/envelope/?sentry_key=adb27d09f83f43b8852e61ce4c8a487b&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.109.0

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery object| Backbone object| webpackChunk function| clearImmediate function| setImmediate object| Glean function| _ object| router

0 Cookies

1 Console Messages

Source Level URL
Text
rendering info URL: https://accounts.firefox.com/?redirect_to=%2Fsettings
Message:
Autofocus processing was blocked because a document already has a focused element.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy connect-src 'self' https://api.accounts.firefox.com https://accounts.firefox.com https://graphql.accounts.firefox.com https://oauth.accounts.firefox.com https://profile.accounts.firefox.com wss://channelserver.services.mozilla.com https://channelserver.services.mozilla.com https://*.sentry.io;default-src 'self';form-action 'self' https://accounts.google.com https://appleid.apple.com;font-src 'self' https://accounts-static.cdn.mozilla.net;frame-src 'none';img-src 'self' blob: data: https://secure.gravatar.com https://firefoxusercontent.com https://profile.accounts.firefox.com https://accounts-static.cdn.mozilla.net;media-src blob:;object-src 'none';report-uri /_/csp-violation;script-src 'self' https://accounts-static.cdn.mozilla.net;style-src 'self' https://accounts-static.cdn.mozilla.net;base-uri 'self';frame-ancestors 'self';script-src-attr 'none';upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts-static.cdn.mozilla.net
accounts.firefox.com
graphql.accounts.firefox.com
o1069899.ingest.sentry.io
o1069899.ingest.sentry.io
18.245.46.74
34.110.207.168
34.120.195.249
1f5da8a5b689df329fe9caca99d9653b99025af3aa0b3b7a41206435ecaf65f2
25c0811e4f0cfd5c72927dc6fa8c34f74d32ca9f411645fbc5a1089a4ff96f6f
32ca68c61aeb91d5c25b858bde9f55cb71cbb9bd0f1bfb34ed7b9f26d8c0bc19
33cc48eec94196461018d01f24e2835bc9716fb29f1f0735f0cf639f77f8b542
393e075bf90519cb026d0b11c4e51d6bfc9b8cf529a98afaac213ef7174eae1a
3e5e524aa82385dc1b35bfdfb4b5b527654164f7c519833d64492588ada9e002
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
464e961b31ded25189184c9688dea54eeb28b1f2bcb9bb6a49d7f4673b962c11
6ff52797f2eaf370586e001d8009121236498b63cbdf5d75c3491e1772cabfdc
78503f9a8a6a9c7e0cf8913152b1ee69a86262eb5d79d9f1805eb51544fb5183
883f1edfe0429504e0a62144d3c2891b0a1f96ef90b708e936db00f5a117a142
8953c362d12a1ef9a147b46ec5d07b73be5a38e1c1333a0355bab8f82826f006
a3ef40195c7d803202af58a4ae9e0ce1fd99938a02a7abecde8ab3dd0335794c
c4f52fd4e5395580cbbaddf71f4340638e7e565e151ce9a163cc8d07730f8be1
c8f20c82dc2d6dea6912424bedebb07409618b6b1225ed4ac8283411b08421e4
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
cd8217f80978f8cffc8ae599c58f64bfc7c94cca14272d47e1fbfa034a55d088
dbe055d370e93e21447893bf142fd732aa70b5366ee0688753fa7e119b9bbb74
f60f5ba5725d03b17ec3f99d4c848e4839a0eed7185552cbbaeebf82ce9a67b0