urlscan.io logo urlscan.io
SecurityTrails logo

accounts.firefox.com Open in urlscan Pro
34.110.207.168  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://accounts.firefox.com/settings#profile-picture
Effective URL: https://accounts.firefox.com/signin?redirect_to=%2Fsettings
Submission: On March 18 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 1 countries across 3 domains to perform 24 HTTP transactions. The main IP is 34.110.207.168, located in Kansas City, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is accounts.firefox.com. The Cisco Umbrella rank of the primary domain is 6000.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on June 29th 2023. Valid for: a year.
This is the only time accounts.firefox.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
14 34.110.207.168 396982 (GOOGLE-CL...)
1 34.120.195.249 396982 (GOOGLE-CL...)
8 18.245.46.74 16509 (AMAZON-02)
24 4
Apex Domain
Subdomains		 Transfer
14 firefox.com
accounts.firefox.com — Cisco Umbrella Rank: 6000
graphql.accounts.firefox.com — Cisco Umbrella Rank: 679075
775 KB
8 mozilla.net
accounts-static.cdn.mozilla.net — Cisco Umbrella Rank: 266602
779 KB
1 sentry.io
o1069899.ingest.sentry.io — Cisco Umbrella Rank: 17626
299 B
24 3
Domain Requested by
12 accounts.firefox.com accounts.firefox.com
accounts-static.cdn.mozilla.net
8 accounts-static.cdn.mozilla.net accounts.firefox.com
accounts-static.cdn.mozilla.net
2 graphql.accounts.firefox.com accounts.firefox.com
1 o1069899.ingest.sentry.io accounts.firefox.com
24 4

This site contains links to these domains. Also see Links.

Domain
www.mozilla.org
Subject Issuer Validity Valid
accounts.firefox.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-06-29 -
2024-07-17		 a year crt.sh
ingest.sentry.io
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-11-02 -
2024-12-02		 a year crt.sh
*.cdn.mozilla.net
R3		 2024-02-08 -
2024-05-08		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://accounts.firefox.com/signin?redirect_to=%2Fsettings
Frame ID: 99EFBE680F17975E82CA9CEDD3EF73E2
Requests: 24 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

E-Mail-Adresse eingeben Weiter zu account settings

Page URL History Show full URLs

  1. https://accounts.firefox.com/settings Page URL
  2. https://accounts.firefox.com/signin?redirect_to=%2Fsettings Page URL

Page Statistics

24
Requests

96 %
HTTPS

0 %
IPv6

3
Domains

4
Subdomains

4
IPs

1
Countries

1554 kB
Transfer

4488 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://accounts.firefox.com/settings Page URL
  2. https://accounts.firefox.com/signin?redirect_to=%2Fsettings Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

24 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
settings
accounts.firefox.com/ 		5 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://accounts.firefox.com/settings
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.110.207.168 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
168.207.110.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
1c6b0ef540dda0c15235d79c5463262cb7e2c8874af0716a42bd586856f1af6c
Security Headers
Name Value
Content-Security-Policy connect-src 'self' https://api.accounts.firefox.com https://accounts.firefox.com https://graphql.accounts.firefox.com https://oauth.accounts.firefox.com https://profile.accounts.firefox.com wss://channelserver.services.mozilla.com https://channelserver.services.mozilla.com https://*.sentry.io;default-src 'self';form-action 'self' https://accounts.google.com https://appleid.apple.com;font-src 'self' https://accounts-static.cdn.mozilla.net;frame-src 'none';img-src 'self' blob: data: https://secure.gravatar.com https://firefoxusercontent.com https://profile.accounts.firefox.com https://accounts-static.cdn.mozilla.net;media-src blob:;object-src 'none';report-uri /_/csp-violation;script-src 'self' https://accounts-static.cdn.mozilla.net;style-src 'self' https://accounts-static.cdn.mozilla.net;base-uri 'self';frame-ancestors 'self';script-src-attr 'none';upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-security-policy
connect-src 'self' https://api.accounts.firefox.com https://accounts.firefox.com https://graphql.accounts.firefox.com https://oauth.accounts.firefox.com https://profile.accounts.firefox.com wss://channelserver.services.mozilla.com https://channelserver.services.mozilla.com https://*.sentry.io;default-src 'self';form-action 'self' https://accounts.google.com https://appleid.apple.com;font-src 'self' https://accounts-static.cdn.mozilla.net;frame-src 'none';img-src 'self' blob: data: https://secure.gravatar.com https://firefoxusercontent.com https://profile.accounts.firefox.com https://accounts-static.cdn.mozilla.net;media-src blob:;object-src 'none';report-uri /_/csp-violation;script-src 'self' https://accounts-static.cdn.mozilla.net;style-src 'self' https://accounts-static.cdn.mozilla.net;base-uri 'self';frame-ancestors 'self';script-src-attr 'none';upgrade-insecure-requests
content-type
text/html; charset=utf-8
date
Mon, 18 Mar 2024 11:15:31 GMT
etag
W/"1527-J3WH8GDJWZESYWa7rK82cmLO9sk"
referrer-policy
no-referrer
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
via
1.1 google
x-content-type-options
nosniff
x-frame-options
DENY
x-robots-tag
noindex,nofollow
x-xss-protection
0
main.b2875427.js
accounts.firefox.com/settings/static/js/ 		1 MB
507 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://accounts.firefox.com/settings/static/js/main.b2875427.js
Requested by
Host: accounts.firefox.com
URL: https://accounts.firefox.com/settings
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.110.207.168 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
168.207.110.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
dd65986716888057374e4d6ad604b47afc4c8965f10fb80f6df784ba3687c152
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://accounts.firefox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 18 Mar 2024 11:15:31 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
referrer-policy
no-referrer
last-modified
Mon, 04 Mar 2024 23:06:04 GMT
server
nginx
etag
W/"17be5c-18e0bb79360"
vary
Accept-Encoding, Origin
x-frame-options
DENY
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
https://accounts.firefox.com
cache-control
public, max-age=600
main.256d07a7.css
accounts.firefox.com/settings/static/css/ 		51 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://accounts.firefox.com/settings/static/css/main.256d07a7.css
Requested by
Host: accounts.firefox.com
URL: https://accounts.firefox.com/settings
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.110.207.168 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
168.207.110.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
c956930abb3b4709888c3434e58aae259f0a1bf658efa36b4b93731c05d82257
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://accounts.firefox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 18 Mar 2024 11:15:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
referrer-policy
no-referrer
last-modified
Mon, 04 Mar 2024 23:06:04 GMT
server
nginx
etag
W/"caee-18e0bb79360"
vary
Accept-Encoding, Origin
x-frame-options
DENY
content-type
text/css; charset=UTF-8
access-control-allow-origin
https://accounts.firefox.com
cache-control
public, max-age=600
/
o1069899.ingest.sentry.io/api/6231069/envelope/ 		2 B
299 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://o1069899.ingest.sentry.io/api/6231069/envelope/?sentry_key=adb27d09f83f43b8852e61ce4c8a487b&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.100.1
Requested by
Host: accounts.firefox.com
URL: https://accounts.firefox.com/settings/static/js/main.b2875427.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
249.195.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://accounts.firefox.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 18 Mar 2024 11:15:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 google
server
nginx
vary
origin,access-control-request-method,access-control-request-headers
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
x-sentry-error,x-sentry-rate-limits,retry-after
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
main.ftl
accounts.firefox.com/settings/locales/en-US/ 		5 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://accounts.firefox.com/settings/locales/en-US/main.ftl
Requested by
Host: accounts.firefox.com
URL: https://accounts.firefox.com/settings/static/js/main.b2875427.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.110.207.168 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
168.207.110.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
1c6b0ef540dda0c15235d79c5463262cb7e2c8874af0716a42bd586856f1af6c
Security Headers
Name Value
Content-Security-Policy connect-src 'self' https://api.accounts.firefox.com https://accounts.firefox.com https://graphql.accounts.firefox.com https://oauth.accounts.firefox.com https://profile.accounts.firefox.com wss://channelserver.services.mozilla.com https://channelserver.services.mozilla.com https://*.sentry.io;default-src 'self';form-action 'self' https://accounts.google.com https://appleid.apple.com;font-src 'self' https://accounts-static.cdn.mozilla.net;frame-src 'none';img-src 'self' blob: data: https://secure.gravatar.com https://firefoxusercontent.com https://profile.accounts.firefox.com https://accounts-static.cdn.mozilla.net;media-src blob:;object-src 'none';report-uri /_/csp-violation;script-src 'self' https://accounts-static.cdn.mozilla.net;style-src 'self' https://accounts-static.cdn.mozilla.net;base-uri 'self';frame-ancestors 'self';script-src-attr 'none';upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://accounts.firefox.com/
accept-language
de-DE,de;q=0.9
baggage
sentry-environment=prod,sentry-release=1.279.1,sentry-public_key=adb27d09f83f43b8852e61ce4c8a487b,sentry-trace_id=6493ee70914948898ef2520f5ec6d338,sentry-sample_rate=1,sentry-sampled=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
sentry-trace
6493ee70914948898ef2520f5ec6d338-b81909526f49186c-1

Response headers

date
Mon, 18 Mar 2024 11:15:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains
referrer-policy
no-referrer
x-content-type-options
nosniff
content-encoding
gzip
server
nginx
content-security-policy
connect-src 'self' https://api.accounts.firefox.com https://accounts.firefox.com https://graphql.accounts.firefox.com https://oauth.accounts.firefox.com https://profile.accounts.firefox.com wss://channelserver.services.mozilla.com https://channelserver.services.mozilla.com https://*.sentry.io;default-src 'self';form-action 'self' https://accounts.google.com https://appleid.apple.com;font-src 'self' https://accounts-static.cdn.mozilla.net;frame-src 'none';img-src 'self' blob: data: https://secure.gravatar.com https://firefoxusercontent.com https://profile.accounts.firefox.com https://accounts-static.cdn.mozilla.net;media-src blob:;object-src 'none';report-uri /_/csp-violation;script-src 'self' https://accounts-static.cdn.mozilla.net;style-src 'self' https://accounts-static.cdn.mozilla.net;base-uri 'self';frame-ancestors 'self';script-src-attr 'none';upgrade-insecure-requests
via
1.1 google
etag
W/"1527-J3WH8GDJWZESYWa7rK82cmLO9sk"
vary
Accept-Encoding
x-frame-options
DENY
content-type
text/html; charset=utf-8
x-robots-tag
noindex,nofollow
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
main.ftl
accounts.firefox.com/settings/locales/en/ 		82 KB
82 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://accounts.firefox.com/settings/locales/en/main.ftl
Requested by
Host: accounts.firefox.com
URL: https://accounts.firefox.com/settings/static/js/main.b2875427.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.110.207.168 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
168.207.110.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
aaa823d8ea779d8132171565312d3c0895f6c53b5c4224b94ca2923fbb9d9b50
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://accounts.firefox.com/
accept-language
de-DE,de;q=0.9
baggage
sentry-environment=prod,sentry-release=1.279.1,sentry-public_key=adb27d09f83f43b8852e61ce4c8a487b,sentry-trace_id=6493ee70914948898ef2520f5ec6d338,sentry-sample_rate=1,sentry-sampled=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
sentry-trace
6493ee70914948898ef2520f5ec6d338-968cff775fbc32a1-1

Response headers

date
Mon, 18 Mar 2024 11:15:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains
referrer-policy
no-referrer
x-content-type-options
nosniff
last-modified
Mon, 04 Mar 2024 23:06:04 GMT
server
nginx
via
1.1 google
etag
W/"14889-18e0bb79360"
x-frame-options
DENY
content-type
application/octet-stream
cache-control
public, max-age=600
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
84105
x-xss-protection
0
main.ftl
accounts.firefox.com/settings/locales/en-GB/ 		83 KB
83 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://accounts.firefox.com/settings/locales/en-GB/main.ftl
Requested by
Host: accounts.firefox.com
URL: https://accounts.firefox.com/settings/static/js/main.b2875427.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.110.207.168 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
168.207.110.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
db5f22f00d5c077a01571240e9554864bec875a47764d41ee2d04b25f4d74b51
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://accounts.firefox.com/
accept-language
de-DE,de;q=0.9
baggage
sentry-environment=prod,sentry-release=1.279.1,sentry-public_key=adb27d09f83f43b8852e61ce4c8a487b,sentry-trace_id=6493ee70914948898ef2520f5ec6d338,sentry-sample_rate=1,sentry-sampled=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
sentry-trace
6493ee70914948898ef2520f5ec6d338-bcd6ca3b8265c8b0-1

Response headers

date
Mon, 18 Mar 2024 11:15:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains
referrer-policy
no-referrer
x-content-type-options
nosniff
last-modified
Mon, 04 Mar 2024 23:06:04 GMT
server
nginx
via
1.1 google
etag
W/"14ab2-18e0bb79360"
x-frame-options
DENY
content-type
application/octet-stream
cache-control
public, max-age=600
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
84658
x-xss-protection
0
main.ftl
accounts.firefox.com/settings/locales/en-CA/ 		81 KB
81 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://accounts.firefox.com/settings/locales/en-CA/main.ftl
Requested by
Host: accounts.firefox.com
URL: https://accounts.firefox.com/settings/static/js/main.b2875427.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.110.207.168 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
168.207.110.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
1cce4b77d77e483f6dca1dad04abff0b7bc15f91ba34d4e66d8a6e7190f48fe7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://accounts.firefox.com/
accept-language
de-DE,de;q=0.9
baggage
sentry-environment=prod,sentry-release=1.279.1,sentry-public_key=adb27d09f83f43b8852e61ce4c8a487b,sentry-trace_id=6493ee70914948898ef2520f5ec6d338,sentry-sample_rate=1,sentry-sampled=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
sentry-trace
6493ee70914948898ef2520f5ec6d338-ace886af709f2c4f-1

Response headers

date
Mon, 18 Mar 2024 11:15:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains
referrer-policy
no-referrer
x-content-type-options
nosniff
last-modified
Mon, 04 Mar 2024 23:06:04 GMT
server
nginx
via
1.1 google
etag
W/"145af-18e0bb79360"
x-frame-options
DENY
content-type
application/octet-stream
cache-control
public, max-age=600
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
83375
x-xss-protection
0
metrics-flow
accounts.firefox.com/ 		153 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://accounts.firefox.com/metrics-flow
Requested by
Host: accounts.firefox.com
URL: https://accounts.firefox.com/settings/static/js/main.b2875427.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.110.207.168 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
168.207.110.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
7572bbe8f76dc480adf10f7c5f380254c22f4b15a84119b0e79d5174814ba58d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://accounts.firefox.com/
accept-language
de-DE,de;q=0.9
baggage
sentry-environment=prod,sentry-release=1.279.1,sentry-public_key=adb27d09f83f43b8852e61ce4c8a487b,sentry-trace_id=6493ee70914948898ef2520f5ec6d338,sentry-sample_rate=1,sentry-sampled=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
sentry-trace
6493ee70914948898ef2520f5ec6d338-b343b8e1f75ccd27-1

Response headers

date
Mon, 18 Mar 2024 11:15:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains
referrer-policy
no-referrer
x-content-type-options
nosniff
via
1.1 google
server
nginx
etag
W/"99-c7TLSkclQWVkyU5YMJoKznW+vVA"
x-frame-options
DENY
vary
Origin
content-type
application/json; charset=utf-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
153
x-xss-protection
0
metrics-flow
accounts.firefox.com/ 		153 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://accounts.firefox.com/metrics-flow
Requested by
Host: accounts.firefox.com
URL: https://accounts.firefox.com/settings/static/js/main.b2875427.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.110.207.168 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
168.207.110.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
e9899b0a9be69da6e807f3a5bdad2097729b4d3ebb936cdfb4d842e12b57ed38
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://accounts.firefox.com/
accept-language
de-DE,de;q=0.9
baggage
sentry-environment=prod,sentry-release=1.279.1,sentry-public_key=adb27d09f83f43b8852e61ce4c8a487b,sentry-trace_id=6493ee70914948898ef2520f5ec6d338,sentry-sample_rate=1,sentry-sampled=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
sentry-trace
6493ee70914948898ef2520f5ec6d338-b280f41706dc3012-1

Response headers

date
Mon, 18 Mar 2024 11:15:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains
referrer-policy
no-referrer
x-content-type-options
nosniff
via
1.1 google
server
nginx
etag
W/"99-XoZFgczbmFr+Lk1b5+U7TRH3igs"
x-frame-options
DENY
vary
Origin
content-type
application/json; charset=utf-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
153
x-xss-protection
0
graphql
graphql.accounts.firefox.com/ 		124 B
252 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://graphql.accounts.firefox.com/graphql
Requested by
Host: accounts.firefox.com
URL: https://accounts.firefox.com/settings/static/js/main.b2875427.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.110.207.168 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
168.207.110.34.bc.googleusercontent.com
Software
nginx / Express
Resource Hash
1023126d63be199425f5f5aed57cd8e4e7f08062cfb7e9eacbeed0d60b768244
Security Headers
Name Value
Content-Security-Policy base-uri 'none';default-src 'none';frame-src 'none';object-src 'none';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept
*/*
Referer
https://accounts.firefox.com/
accept-language
de-DE,de;q=0.9
authorization
Bearer null
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
content-type
application/json

Response headers

date
Mon, 18 Mar 2024 11:15:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
base-uri 'none';default-src 'none';frame-src 'none';object-src 'none';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
via
1.1 google
x-powered-by
Express
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
124
x-xss-protection
1; mode=block
server
nginx
etag
W/"7c-HRQMnmGJyZIe7KIoq8HW8DcMMvs"
x-frame-options
DENY
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://accounts.firefox.com
cache-control
no-store
graphql
graphql.accounts.firefox.com/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://graphql.accounts.firefox.com/graphql
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.110.207.168 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
168.207.110.34.bc.googleusercontent.com
Software
nginx / Express
Resource Hash
Security Headers
Name Value
Content-Security-Policy base-uri 'none';default-src 'none';frame-src 'none';object-src 'none';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type
Access-Control-Request-Method
POST
Origin
https://accounts.firefox.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-headers
authorization,content-type
access-control-allow-methods
OPTIONS,POST
access-control-allow-origin
https://accounts.firefox.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-security-policy
base-uri 'none';default-src 'none';frame-src 'none';object-src 'none';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
date
Mon, 18 Mar 2024 11:15:33 GMT
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
vary
Origin, Access-Control-Request-Headers
via
1.1 google
x-content-type-options
nosniff
x-frame-options
DENY
x-powered-by
Express
x-xss-protection
1; mode=block
Primary Request signin
accounts.firefox.com/ 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://accounts.firefox.com/signin?redirect_to=%2Fsettings
Requested by
Host: accounts.firefox.com
URL: https://accounts.firefox.com/settings/static/js/main.b2875427.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.110.207.168 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
168.207.110.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
589c42cb8131368b931608fdfecb453d611c46c8867212a350ffbeeedf921ef5
Security Headers
Name Value
Content-Security-Policy connect-src 'self' https://api.accounts.firefox.com https://accounts.firefox.com https://graphql.accounts.firefox.com https://oauth.accounts.firefox.com https://profile.accounts.firefox.com wss://channelserver.services.mozilla.com https://channelserver.services.mozilla.com https://*.sentry.io;default-src 'self';form-action 'self' https://accounts.google.com https://appleid.apple.com;font-src 'self' https://accounts-static.cdn.mozilla.net;frame-src 'none';img-src 'self' blob: data: https://secure.gravatar.com https://firefoxusercontent.com https://profile.accounts.firefox.com https://accounts-static.cdn.mozilla.net;media-src blob:;object-src 'none';report-uri /_/csp-violation;script-src 'self' https://accounts-static.cdn.mozilla.net;style-src 'self' https://accounts-static.cdn.mozilla.net;base-uri 'self';frame-ancestors 'self';script-src-attr 'none';upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://accounts.firefox.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-security-policy
connect-src 'self' https://api.accounts.firefox.com https://accounts.firefox.com https://graphql.accounts.firefox.com https://oauth.accounts.firefox.com https://profile.accounts.firefox.com wss://channelserver.services.mozilla.com https://channelserver.services.mozilla.com https://*.sentry.io;default-src 'self';form-action 'self' https://accounts.google.com https://appleid.apple.com;font-src 'self' https://accounts-static.cdn.mozilla.net;frame-src 'none';img-src 'self' blob: data: https://secure.gravatar.com https://firefoxusercontent.com https://profile.accounts.firefox.com https://accounts-static.cdn.mozilla.net;media-src blob:;object-src 'none';report-uri /_/csp-violation;script-src 'self' https://accounts-static.cdn.mozilla.net;style-src 'self' https://accounts-static.cdn.mozilla.net;base-uri 'self';frame-ancestors 'self';script-src-attr 'none';upgrade-insecure-requests
content-type
text/html; charset=utf-8
date
Mon, 18 Mar 2024 11:15:33 GMT
etag
W/"272d-BUdFvkUXKj+mYbFiffwKnes3HE4"
referrer-policy
no-referrer
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
via
1.1 google
x-content-type-options
nosniff
x-frame-options
DENY
x-robots-tag
noindex,nofollow
x-xss-protection
0
/
o1069899.ingest.sentry.io/api/6231069/envelope/ 		0
0
8bbdb7ff.main.css
accounts-static.cdn.mozilla.net/styles/ 		56 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://accounts-static.cdn.mozilla.net/styles/8bbdb7ff.main.css
Requested by
Host: accounts.firefox.com
URL: https://accounts.firefox.com/signin?redirect_to=%2Fsettings
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.46.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-46-74.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
33cc48eec94196461018d01f24e2835bc9716fb29f1f0735f0cf639f77f8b542

Request headers

Referer
https://accounts.firefox.com/
Origin
https://accounts.firefox.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-version-id
uP8kyjkQJn7Zcprb4VM13yOOT6aYUNWc
content-encoding
gzip
via
1.1 b83db9a9904a8f97beb31f810804b6e4.cloudfront.net (CloudFront)
date
Mon, 18 Mar 2024 04:57:19 GMT
x-amz-cf-pop
FRA56-P9
age
22695
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Thu, 14 Mar 2024 19:08:56 GMT
server
AmazonS3
etag
W/"8bbdb7ffede8b2808a35f9019eeb9756"
vary
Accept-Encoding,Origin
access-control-allow-methods
HEAD, GET
content-type
text/css
access-control-allow-origin
*
cache-control
public,max-age=86400
x-amz-cf-id
KV19Jyk_u3OXIoMe2R3tNcE0J8gVUmTbEF5dqt79B0Wco-S8g7TDZA==
399bc28c.tailwind.out.css
accounts-static.cdn.mozilla.net/styles/ 		87 KB
17 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://accounts-static.cdn.mozilla.net/styles/399bc28c.tailwind.out.css
Requested by
Host: accounts.firefox.com
URL: https://accounts.firefox.com/signin?redirect_to=%2Fsettings
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.46.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-46-74.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
aeb016fbb05fe98573a44ff7af133bc754ee9f26bcbc84198009bdf37554d51a

Request headers

Referer
https://accounts.firefox.com/
Origin
https://accounts.firefox.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 18 Mar 2024 02:21:49 GMT
x-amz-version-id
lkpEWOu5FMMjQwa4O_PjmmlhSjSpxcD7
content-encoding
gzip
via
1.1 b83db9a9904a8f97beb31f810804b6e4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P9
age
32025
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Thu, 14 Mar 2024 19:08:56 GMT
server
AmazonS3
etag
W/"399bc28cd131b0ca8e6afa45e66e8a8b"
vary
Accept-Encoding,Origin
access-control-allow-methods
HEAD, GET
content-type
text/css
access-control-allow-origin
*
cache-control
public,max-age=86400
x-amz-cf-id
4XGEXmnq5AAYMquImsixHfpuJQj1wFRbCxN91NbBbIyJxlg2bGWpVQ==
head.bundle.js
accounts-static.cdn.mozilla.net/bundle-1bb4dd62a29324983291d3350b516d4c9757c9f2/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://accounts-static.cdn.mozilla.net/bundle-1bb4dd62a29324983291d3350b516d4c9757c9f2/head.bundle.js
Requested by
Host: accounts.firefox.com
URL: https://accounts.firefox.com/signin?redirect_to=%2Fsettings
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.46.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-46-74.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9c0227cbfb10ecae3479945a7b197efbc56f7fa3d0aff65bcaf2f0c6fb05cce1

Request headers

Referer
https://accounts.firefox.com/
Origin
https://accounts.firefox.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-version-id
3.MAsXVLXErAn6PzVYveaTfLHVX_IYyF
content-encoding
gzip
via
1.1 b83db9a9904a8f97beb31f810804b6e4.cloudfront.net (CloudFront)
date
Mon, 18 Mar 2024 05:35:40 GMT
x-amz-cf-pop
FRA56-P9
age
20394
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Thu, 14 Mar 2024 19:08:42 GMT
server
AmazonS3
etag
W/"15eab1f4a02ad85385b46e5b10792249"
vary
Accept-Encoding,Origin
access-control-allow-methods
HEAD, GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=86400
x-amz-cf-id
V9EFKjL4GJn48QHgXcE9hINJDlXj2dHFocggABcGen-xTAT7Te2ZQw==
appDependencies.bundle.js
accounts-static.cdn.mozilla.net/bundle-1bb4dd62a29324983291d3350b516d4c9757c9f2/ 		661 KB
204 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://accounts-static.cdn.mozilla.net/bundle-1bb4dd62a29324983291d3350b516d4c9757c9f2/appDependencies.bundle.js
Requested by
Host: accounts.firefox.com
URL: https://accounts.firefox.com/signin?redirect_to=%2Fsettings
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.46.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-46-74.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5a3ac16f82e6690b45112835036f42f7ccc557819b41313a21fc22ba65168bd0

Request headers

Referer
https://accounts.firefox.com/
Origin
https://accounts.firefox.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 18 Mar 2024 04:49:01 GMT
x-amz-version-id
LXoW7xw7pGvBRknPojmp_m0OAOa47_Cd
content-encoding
gzip
via
1.1 b83db9a9904a8f97beb31f810804b6e4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P9
age
23192
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Thu, 14 Mar 2024 19:08:42 GMT
server
AmazonS3
etag
W/"9e2705715325335fbc62fe1a057f0237"
vary
Accept-Encoding,Origin
access-control-allow-methods
HEAD, GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=86400
x-amz-cf-id
XlBlzcXNfGroU8EITCrUe-MNgpqgSY330wkQGFTpdtxnipzPH63GCg==
app.bundle.de.js
accounts-static.cdn.mozilla.net/bundle-1bb4dd62a29324983291d3350b516d4c9757c9f2/ 		2 MB
537 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://accounts-static.cdn.mozilla.net/bundle-1bb4dd62a29324983291d3350b516d4c9757c9f2/app.bundle.de.js
Requested by
Host: accounts.firefox.com
URL: https://accounts.firefox.com/signin?redirect_to=%2Fsettings
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.46.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-46-74.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d52a1ad1bcf2329e6183aab8cc06d7dbc4758f7c609250e9d16cf5e738531b55

Request headers

Referer
https://accounts.firefox.com/
Origin
https://accounts.firefox.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-version-id
ZKCVbHIYrzaIbv7yiA6SLHlsaokDATBU
content-encoding
gzip
via
1.1 b83db9a9904a8f97beb31f810804b6e4.cloudfront.net (CloudFront)
date
Mon, 18 Mar 2024 03:41:43 GMT
x-amz-cf-pop
FRA56-P9
age
27230
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Thu, 14 Mar 2024 19:08:41 GMT
server
AmazonS3
etag
W/"5210b8e0ebeba6133e24c3dc4c5e00b8"
vary
Accept-Encoding,Origin
access-control-allow-methods
HEAD, GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=86400
x-amz-cf-id
EEXBwS8Ht-P6QMbxd7sUVOGH0oVgGtN7fBMbl7ZHoRV4WdUo0IviJA==
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c4f52fd4e5395580cbbaddf71f4340638e7e565e151ce9a163cc8d07730f8be1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://accounts.firefox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type
image/svg+xml
a7c41087.mozilla.svg
accounts-static.cdn.mozilla.net/images/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://accounts-static.cdn.mozilla.net/images/a7c41087.mozilla.svg
Requested by
Host: accounts-static.cdn.mozilla.net
URL: https://accounts-static.cdn.mozilla.net/styles/8bbdb7ff.main.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.46.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-46-74.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8953c362d12a1ef9a147b46ec5d07b73be5a38e1c1333a0355bab8f82826f006

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://accounts-static.cdn.mozilla.net/styles/8bbdb7ff.main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-version-id
_rIE4wRji.qH.oO4ZdDcaDrrfzrtKaDh
content-encoding
gzip
via
1.1 e5482755d4e937d4018ce72cd23b55c4.cloudfront.net (CloudFront)
date
Mon, 18 Mar 2024 04:28:22 GMT
last-modified
Thu, 14 Mar 2024 19:08:46 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P9
age
24432
x-amz-server-side-encryption
AES256
etag
W/"a7c410872e9e6f151d06c7dbe9eb7ddc"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public,max-age=86400
x-amz-cf-id
XLS85vjBKDe3UvJoPz6Wlj72h_zv9Y7dYjUu7DqMBwEvstSTUB4mUA==
1cdc8fce.google_btn_normal.svg
accounts-static.cdn.mozilla.net/images/third_party_auth/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://accounts-static.cdn.mozilla.net/images/third_party_auth/1cdc8fce.google_btn_normal.svg
Requested by
Host: accounts-static.cdn.mozilla.net
URL: https://accounts-static.cdn.mozilla.net/styles/8bbdb7ff.main.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.46.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-46-74.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
464e961b31ded25189184c9688dea54eeb28b1f2bcb9bb6a49d7f4673b962c11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://accounts-static.cdn.mozilla.net/styles/8bbdb7ff.main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-version-id
EwH7Q4irjTYrU47ax0jcBNuGHsIancAx
content-encoding
gzip
via
1.1 e5482755d4e937d4018ce72cd23b55c4.cloudfront.net (CloudFront)
date
Mon, 18 Mar 2024 01:09:59 GMT
last-modified
Thu, 14 Mar 2024 19:08:46 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P9
age
36957
x-amz-server-side-encryption
AES256
etag
W/"1cdc8fce9609d07f0e9d8d0bc4b61f8f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public,max-age=86400
x-amz-cf-id
3JEwh3QknQf0LELWJlUmF4n9Kq1v0dt5yLdkjmnpkca1I4sP3TPdXg==
37f16dcb.apple_btn_normal.svg
accounts-static.cdn.mozilla.net/images/third_party_auth/ 		687 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://accounts-static.cdn.mozilla.net/images/third_party_auth/37f16dcb.apple_btn_normal.svg
Requested by
Host: accounts-static.cdn.mozilla.net
URL: https://accounts-static.cdn.mozilla.net/styles/8bbdb7ff.main.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.46.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-46-74.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6ff52797f2eaf370586e001d8009121236498b63cbdf5d75c3491e1772cabfdc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://accounts-static.cdn.mozilla.net/styles/8bbdb7ff.main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-version-id
IVS_UWMf2DTNKmzcR8EuAbwsJ1cQJSxA
date
Mon, 18 Mar 2024 05:34:13 GMT
via
1.1 e5482755d4e937d4018ce72cd23b55c4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P9
age
39617
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
687
last-modified
Thu, 14 Mar 2024 19:08:46 GMT
server
AmazonS3
etag
"37f16dcb86fdfc8e800156ab0d2ead6b"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public,max-age=86400
accept-ranges
bytes
x-amz-cf-id
rJt5G547GXqbBS39eOj06El2Yutv06rd4qy5-M-GWu3cPURgw2Hyog==
2d7153b4-8820-42c6-b7b7-74c192a4ad8e
accounts.firefox.com/submit/accounts-frontend/accounts-events/1/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://accounts.firefox.com/submit/accounts-frontend/accounts-events/1/2d7153b4-8820-42c6-b7b7-74c192a4ad8e
Requested by
Host: accounts-static.cdn.mozilla.net
URL: https://accounts-static.cdn.mozilla.net/bundle-1bb4dd62a29324983291d3350b516d4c9757c9f2/app.bundle.de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.110.207.168 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
168.207.110.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options DENY

Request headers

Content-Encoding
gzip
Referer
https://accounts.firefox.com/
X-Telemetry-Agent
Glean/4.0.0 (JS on Windows)
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
application/json; charset=utf-8

Response headers

date
Mon, 18 Mar 2024 11:15:34 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
via
1.1 google, 1.1 google
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, OPTIONS
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://accounts.firefox.com
x-frame-options
DENY
access-control-max-age
1728000
access-control-allow-headers
Accept-Encoding,Connection,Content-Encoding,Content-Length,Content-Type,DNT,Date,Sec-Fetch-Dest,Sec-Fetch-Mode,Sec-Fetch-Site,User-Agent,X-Client-Type,X-Client-Version,X-Debug-ID,X-Forwarded-For,X-Pingsender-Version,X-Pipeline-Proxy,X-Source-Tags,X-Telemetry-Agent
alt-svc
clear, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
metrics
accounts.firefox.com/ 		16 B
35 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://accounts.firefox.com/metrics
Requested by
Host: accounts-static.cdn.mozilla.net
URL: https://accounts-static.cdn.mozilla.net/bundle-1bb4dd62a29324983291d3350b516d4c9757c9f2/app.bundle.de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.110.207.168 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
168.207.110.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://accounts.firefox.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 18 Mar 2024 11:15:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains
referrer-policy
no-referrer
x-content-type-options
nosniff
via
1.1 google
server
nginx
etag
W/"10-oV4hJxRVSENxc/wX8+mA4/Pe4tA"
x-frame-options
DENY
content-type
application/json; charset=utf-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16
x-xss-protection
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
o1069899.ingest.sentry.io
URL
https://o1069899.ingest.sentry.io/api/6231069/envelope/?sentry_key=adb27d09f83f43b8852e61ce4c8a487b&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.100.1

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery object| Backbone object| webpackChunk function| clearImmediate function| setImmediate object| Glean function| _ object| router

0 Cookies

1 Console Messages

Source Level URL
Text
rendering info URL: https://accounts.firefox.com/?redirect_to=%2Fsettings
Message:
Autofocus processing was blocked because a document already has a focused element.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy connect-src 'self' https://api.accounts.firefox.com https://accounts.firefox.com https://graphql.accounts.firefox.com https://oauth.accounts.firefox.com https://profile.accounts.firefox.com wss://channelserver.services.mozilla.com https://channelserver.services.mozilla.com https://*.sentry.io;default-src 'self';form-action 'self' https://accounts.google.com https://appleid.apple.com;font-src 'self' https://accounts-static.cdn.mozilla.net;frame-src 'none';img-src 'self' blob: data: https://secure.gravatar.com https://firefoxusercontent.com https://profile.accounts.firefox.com https://accounts-static.cdn.mozilla.net;media-src blob:;object-src 'none';report-uri /_/csp-violation;script-src 'self' https://accounts-static.cdn.mozilla.net;style-src 'self' https://accounts-static.cdn.mozilla.net;base-uri 'self';frame-ancestors 'self';script-src-attr 'none';upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts-static.cdn.mozilla.net
accounts.firefox.com
graphql.accounts.firefox.com
o1069899.ingest.sentry.io
o1069899.ingest.sentry.io
18.245.46.74
34.110.207.168
34.120.195.249
1023126d63be199425f5f5aed57cd8e4e7f08062cfb7e9eacbeed0d60b768244
1c6b0ef540dda0c15235d79c5463262cb7e2c8874af0716a42bd586856f1af6c
1cce4b77d77e483f6dca1dad04abff0b7bc15f91ba34d4e66d8a6e7190f48fe7
33cc48eec94196461018d01f24e2835bc9716fb29f1f0735f0cf639f77f8b542
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
464e961b31ded25189184c9688dea54eeb28b1f2bcb9bb6a49d7f4673b962c11
589c42cb8131368b931608fdfecb453d611c46c8867212a350ffbeeedf921ef5
5a3ac16f82e6690b45112835036f42f7ccc557819b41313a21fc22ba65168bd0
6ff52797f2eaf370586e001d8009121236498b63cbdf5d75c3491e1772cabfdc
7572bbe8f76dc480adf10f7c5f380254c22f4b15a84119b0e79d5174814ba58d
8953c362d12a1ef9a147b46ec5d07b73be5a38e1c1333a0355bab8f82826f006
9c0227cbfb10ecae3479945a7b197efbc56f7fa3d0aff65bcaf2f0c6fb05cce1
aaa823d8ea779d8132171565312d3c0895f6c53b5c4224b94ca2923fbb9d9b50
aeb016fbb05fe98573a44ff7af133bc754ee9f26bcbc84198009bdf37554d51a
c4f52fd4e5395580cbbaddf71f4340638e7e565e151ce9a163cc8d07730f8be1
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
c956930abb3b4709888c3434e58aae259f0a1bf658efa36b4b93731c05d82257
d52a1ad1bcf2329e6183aab8cc06d7dbc4758f7c609250e9d16cf5e738531b55
db5f22f00d5c077a01571240e9554864bec875a47764d41ee2d04b25f4d74b51
dd65986716888057374e4d6ad604b47afc4c8965f10fb80f6df784ba3687c152
e9899b0a9be69da6e807f3a5bdad2097729b4d3ebb936cdfb4d842e12b57ed38