urlscan.io logo urlscan.io
SecurityTrails logo

accounts.firefox.com Open in urlscan Pro
34.110.207.168  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://accounts.firefox.com/settings?context=fx_desktop_v3&entrypoint=preferences&uid=8ad5f3860a214559a6e22f110519655d&email...
Effective URL: https://accounts.firefox.com/signin?redirect_to=%2Fsettings
Submission: On April 15 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 1 countries across 3 domains to perform 27 HTTP transactions. The main IP is 34.110.207.168, located in Kansas City, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is accounts.firefox.com. The Cisco Umbrella rank of the primary domain is 6239.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on June 29th 2023. Valid for: a year.
This is the only time accounts.firefox.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
17 34.110.207.168 396982 (GOOGLE-CL...)
1 34.120.195.249 396982 (GOOGLE-CL...)
8 18.245.46.74 16509 (AMAZON-02)
27 4
Apex Domain
Subdomains		 Transfer
17 firefox.com
accounts.firefox.com — Cisco Umbrella Rank: 6239
graphql.accounts.firefox.com — Cisco Umbrella Rank: 669775
800 KB
8 mozilla.net
accounts-static.cdn.mozilla.net — Cisco Umbrella Rank: 290547
780 KB
1 sentry.io
o1069899.ingest.sentry.io — Cisco Umbrella Rank: 17854
299 B
27 3
Domain Requested by
15 accounts.firefox.com accounts.firefox.com
accounts-static.cdn.mozilla.net
8 accounts-static.cdn.mozilla.net accounts.firefox.com
accounts-static.cdn.mozilla.net
2 graphql.accounts.firefox.com accounts.firefox.com
1 o1069899.ingest.sentry.io accounts.firefox.com
27 4

This site contains links to these domains. Also see Links.

Domain
www.mozilla.org
Subject Issuer Validity Valid
accounts.firefox.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-06-29 -
2024-07-17		 a year crt.sh
ingest.sentry.io
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-11-02 -
2024-12-02		 a year crt.sh
*.cdn.mozilla.net
R3		 2024-04-15 -
2024-07-14		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://accounts.firefox.com/signin?redirect_to=%2Fsettings
Frame ID: 22AA97C89EC287AF545278CC874DD8CA
Requests: 27 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

E-Mail-Adresse eingeben Weiter zu account settings

Page URL History Show full URLs

  1. https://accounts.firefox.com/settings?context=fx_desktop_v3&entrypoint=preferences&uid=8ad5f3860a214559a6... Page URL
  2. https://accounts.firefox.com/signin?redirect_to=%2Fsettings Page URL

Page Statistics

27
Requests

96 %
HTTPS

0 %
IPv6

3
Domains

4
Subdomains

4
IPs

1
Countries

1580 kB
Transfer

4573 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://accounts.firefox.com/settings?context=fx_desktop_v3&entrypoint=preferences&uid=8ad5f3860a214559a6e22f110519655d&email=bart78769%40protonmail.com Page URL
  2. https://accounts.firefox.com/signin?redirect_to=%2Fsettings Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

27 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
settings
accounts.firefox.com/ 		5 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://accounts.firefox.com/settings?context=fx_desktop_v3&entrypoint=preferences&uid=8ad5f3860a214559a6e22f110519655d&email=bart78769%40protonmail.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.110.207.168 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
168.207.110.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
294cb9e048e21331dc444f8c1e60835eda4644ad25ebb911a342ff44eb6c300a
Security Headers
Name Value
Content-Security-Policy connect-src 'self' https://api.accounts.firefox.com https://accounts.firefox.com https://graphql.accounts.firefox.com https://oauth.accounts.firefox.com https://profile.accounts.firefox.com wss://channelserver.services.mozilla.com https://channelserver.services.mozilla.com https://*.sentry.io;default-src 'self';form-action 'self' https://accounts.google.com https://appleid.apple.com;font-src 'self' https://accounts-static.cdn.mozilla.net;frame-src 'none';img-src 'self' blob: data: https://secure.gravatar.com https://firefoxusercontent.com https://profile.accounts.firefox.com https://accounts-static.cdn.mozilla.net;media-src blob:;object-src 'none';report-uri /_/csp-violation;script-src 'self' https://accounts-static.cdn.mozilla.net;style-src 'self' https://accounts-static.cdn.mozilla.net;base-uri 'self';frame-ancestors 'self';script-src-attr 'none';upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-security-policy
connect-src 'self' https://api.accounts.firefox.com https://accounts.firefox.com https://graphql.accounts.firefox.com https://oauth.accounts.firefox.com https://profile.accounts.firefox.com wss://channelserver.services.mozilla.com https://channelserver.services.mozilla.com https://*.sentry.io;default-src 'self';form-action 'self' https://accounts.google.com https://appleid.apple.com;font-src 'self' https://accounts-static.cdn.mozilla.net;frame-src 'none';img-src 'self' blob: data: https://secure.gravatar.com https://firefoxusercontent.com https://profile.accounts.firefox.com https://accounts-static.cdn.mozilla.net;media-src blob:;object-src 'none';report-uri /_/csp-violation;script-src 'self' https://accounts-static.cdn.mozilla.net;style-src 'self' https://accounts-static.cdn.mozilla.net;base-uri 'self';frame-ancestors 'self';script-src-attr 'none';upgrade-insecure-requests
content-type
text/html; charset=utf-8
date
Mon, 15 Apr 2024 23:40:54 GMT
etag
W/"15d2-YLIsHIlGWaJQg2qFtIthp97Lm8Y"
referrer-policy
no-referrer
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
via
1.1 google
x-content-type-options
nosniff
x-frame-options
DENY
x-robots-tag
noindex,nofollow
x-xss-protection
0
main.83cbde4b.js
accounts.firefox.com/settings/static/js/ 		2 MB
522 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://accounts.firefox.com/settings/static/js/main.83cbde4b.js
Requested by
Host: accounts.firefox.com
URL: https://accounts.firefox.com/settings?context=fx_desktop_v3&entrypoint=preferences&uid=8ad5f3860a214559a6e22f110519655d&email=bart78769%40protonmail.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.110.207.168 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
168.207.110.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
7658360e2276c239e6257a84978e15ec029d3874b00e5177a4d956274c94908d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://accounts.firefox.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 15 Apr 2024 23:40:54 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
referrer-policy
no-referrer
last-modified
Thu, 28 Mar 2024 17:30:10 GMT
server
nginx
etag
W/"18993c-18e861cacd0"
vary
Accept-Encoding, Origin
x-frame-options
DENY
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
https://accounts.firefox.com
cache-control
public, max-age=600
main.49c8d15c.css
accounts.firefox.com/settings/static/css/ 		51 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://accounts.firefox.com/settings/static/css/main.49c8d15c.css
Requested by
Host: accounts.firefox.com
URL: https://accounts.firefox.com/settings?context=fx_desktop_v3&entrypoint=preferences&uid=8ad5f3860a214559a6e22f110519655d&email=bart78769%40protonmail.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.110.207.168 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
168.207.110.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
78503f9a8a6a9c7e0cf8913152b1ee69a86262eb5d79d9f1805eb51544fb5183
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://accounts.firefox.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 15 Apr 2024 23:40:54 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
referrer-policy
no-referrer
last-modified
Thu, 28 Mar 2024 17:30:10 GMT
server
nginx
etag
W/"caf8-18e861cacd0"
vary
Accept-Encoding, Origin
x-frame-options
DENY
content-type
text/css; charset=UTF-8
access-control-allow-origin
https://accounts.firefox.com
cache-control
public, max-age=600
/
o1069899.ingest.sentry.io/api/6231069/envelope/ 		2 B
299 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://o1069899.ingest.sentry.io/api/6231069/envelope/?sentry_key=adb27d09f83f43b8852e61ce4c8a487b&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.107.0
Requested by
Host: accounts.firefox.com
URL: https://accounts.firefox.com/settings/static/js/main.83cbde4b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
249.195.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://accounts.firefox.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 15 Apr 2024 23:40:55 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 google
server
nginx
vary
origin,access-control-request-method,access-control-request-headers
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
x-sentry-error,x-sentry-rate-limits,retry-after
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
main.ftl
accounts.firefox.com/settings/locales/en-US/ 		5 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://accounts.firefox.com/settings/locales/en-US/main.ftl
Requested by
Host: accounts.firefox.com
URL: https://accounts.firefox.com/settings/static/js/main.83cbde4b.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.110.207.168 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
168.207.110.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
294cb9e048e21331dc444f8c1e60835eda4644ad25ebb911a342ff44eb6c300a
Security Headers
Name Value
Content-Security-Policy connect-src 'self' https://api.accounts.firefox.com https://accounts.firefox.com https://graphql.accounts.firefox.com https://oauth.accounts.firefox.com https://profile.accounts.firefox.com wss://channelserver.services.mozilla.com https://channelserver.services.mozilla.com https://*.sentry.io;default-src 'self';form-action 'self' https://accounts.google.com https://appleid.apple.com;font-src 'self' https://accounts-static.cdn.mozilla.net;frame-src 'none';img-src 'self' blob: data: https://secure.gravatar.com https://firefoxusercontent.com https://profile.accounts.firefox.com https://accounts-static.cdn.mozilla.net;media-src blob:;object-src 'none';report-uri /_/csp-violation;script-src 'self' https://accounts-static.cdn.mozilla.net;style-src 'self' https://accounts-static.cdn.mozilla.net;base-uri 'self';frame-ancestors 'self';script-src-attr 'none';upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Referer
https://accounts.firefox.com/
baggage
sentry-environment=prod,sentry-release=1.281.2,sentry-public_key=adb27d09f83f43b8852e61ce4c8a487b,sentry-trace_id=3f7aec4e2caf47c2aa0ee093227c40eb,sentry-sample_rate=0.5,sentry-sampled=false
sentry-trace
3f7aec4e2caf47c2aa0ee093227c40eb-8bf212b2a5a446e9-0
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 15 Apr 2024 23:40:55 GMT
strict-transport-security
max-age=31536000; includeSubDomains
referrer-policy
no-referrer
x-content-type-options
nosniff
content-encoding
gzip
server
nginx
content-security-policy
connect-src 'self' https://api.accounts.firefox.com https://accounts.firefox.com https://graphql.accounts.firefox.com https://oauth.accounts.firefox.com https://profile.accounts.firefox.com wss://channelserver.services.mozilla.com https://channelserver.services.mozilla.com https://*.sentry.io;default-src 'self';form-action 'self' https://accounts.google.com https://appleid.apple.com;font-src 'self' https://accounts-static.cdn.mozilla.net;frame-src 'none';img-src 'self' blob: data: https://secure.gravatar.com https://firefoxusercontent.com https://profile.accounts.firefox.com https://accounts-static.cdn.mozilla.net;media-src blob:;object-src 'none';report-uri /_/csp-violation;script-src 'self' https://accounts-static.cdn.mozilla.net;style-src 'self' https://accounts-static.cdn.mozilla.net;base-uri 'self';frame-ancestors 'self';script-src-attr 'none';upgrade-insecure-requests
via
1.1 google
etag
W/"15d2-YLIsHIlGWaJQg2qFtIthp97Lm8Y"
vary
Accept-Encoding
x-frame-options
DENY
content-type
text/html; charset=utf-8
x-robots-tag
noindex,nofollow
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
main.ftl
accounts.firefox.com/settings/locales/en/ 		84 KB
84 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://accounts.firefox.com/settings/locales/en/main.ftl
Requested by
Host: accounts.firefox.com
URL: https://accounts.firefox.com/settings/static/js/main.83cbde4b.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.110.207.168 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
168.207.110.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
b26f65411f78941e2bae57b5372760d2ce8ef783f44e5d6678c19d159c5fd7ac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Referer
https://accounts.firefox.com/
baggage
sentry-environment=prod,sentry-release=1.281.2,sentry-public_key=adb27d09f83f43b8852e61ce4c8a487b,sentry-trace_id=3f7aec4e2caf47c2aa0ee093227c40eb,sentry-sample_rate=0.5,sentry-sampled=false
sentry-trace
3f7aec4e2caf47c2aa0ee093227c40eb-81eb6986ba4f61fc-0
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 15 Apr 2024 23:40:55 GMT
strict-transport-security
max-age=31536000; includeSubDomains
referrer-policy
no-referrer
x-content-type-options
nosniff
last-modified
Thu, 28 Mar 2024 17:30:10 GMT
server
nginx
via
1.1 google
etag
W/"14e2a-18e861cacd0"
x-frame-options
DENY
content-type
application/octet-stream
cache-control
public, max-age=600
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
85546
x-xss-protection
0
main.ftl
accounts.firefox.com/settings/locales/en-GB/ 		84 KB
84 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://accounts.firefox.com/settings/locales/en-GB/main.ftl
Requested by
Host: accounts.firefox.com
URL: https://accounts.firefox.com/settings/static/js/main.83cbde4b.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.110.207.168 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
168.207.110.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
538a0e45a8e16525e69b3c2c957ea139e3de6c0d793150adf8d1ac2bb14e8d75
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Referer
https://accounts.firefox.com/
baggage
sentry-environment=prod,sentry-release=1.281.2,sentry-public_key=adb27d09f83f43b8852e61ce4c8a487b,sentry-trace_id=3f7aec4e2caf47c2aa0ee093227c40eb,sentry-sample_rate=0.5,sentry-sampled=false
sentry-trace
3f7aec4e2caf47c2aa0ee093227c40eb-8caa9a8386f853e1-0
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 15 Apr 2024 23:40:55 GMT
strict-transport-security
max-age=31536000; includeSubDomains
referrer-policy
no-referrer
x-content-type-options
nosniff
last-modified
Thu, 28 Mar 2024 17:30:10 GMT
server
nginx
via
1.1 google
etag
W/"1504b-18e861cacd0"
x-frame-options
DENY
content-type
application/octet-stream
cache-control
public, max-age=600
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
86091
x-xss-protection
0
main.ftl
accounts.firefox.com/settings/locales/en-CA/ 		81 KB
82 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://accounts.firefox.com/settings/locales/en-CA/main.ftl
Requested by
Host: accounts.firefox.com
URL: https://accounts.firefox.com/settings/static/js/main.83cbde4b.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.110.207.168 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
168.207.110.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
1cce4b77d77e483f6dca1dad04abff0b7bc15f91ba34d4e66d8a6e7190f48fe7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Referer
https://accounts.firefox.com/
baggage
sentry-environment=prod,sentry-release=1.281.2,sentry-public_key=adb27d09f83f43b8852e61ce4c8a487b,sentry-trace_id=3f7aec4e2caf47c2aa0ee093227c40eb,sentry-sample_rate=0.5,sentry-sampled=false
sentry-trace
3f7aec4e2caf47c2aa0ee093227c40eb-980f92932c1a775f-0
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 15 Apr 2024 23:40:55 GMT
strict-transport-security
max-age=31536000; includeSubDomains
referrer-policy
no-referrer
x-content-type-options
nosniff
last-modified
Thu, 28 Mar 2024 17:30:10 GMT
server
nginx
via
1.1 google
etag
W/"145af-18e861cacd0"
x-frame-options
DENY
content-type
application/octet-stream
cache-control
public, max-age=600
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
83375
x-xss-protection
0
favicon.ico
accounts.firefox.com/ 		7 KB
7 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://accounts.firefox.com/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.110.207.168 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
168.207.110.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
3e5e524aa82385dc1b35bfdfb4b5b527654164f7c519833d64492588ada9e002
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://accounts.firefox.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 15 Apr 2024 23:40:55 GMT
strict-transport-security
max-age=31536000; includeSubDomains
referrer-policy
no-referrer
x-content-type-options
nosniff
last-modified
Thu, 28 Mar 2024 17:07:52 GMT
server
nginx
via
1.1 google
etag
W/"1cee-18e86084240"
x-frame-options
DENY
content-type
image/x-icon
cache-control
public, max-age=600
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7406
x-xss-protection
0
metrics-flow
accounts.firefox.com/ 		153 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://accounts.firefox.com/metrics-flow
Requested by
Host: accounts.firefox.com
URL: https://accounts.firefox.com/settings/static/js/main.83cbde4b.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.110.207.168 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
168.207.110.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
bc65df4dc2a5f31d3de68071fbe4157d13e433a6b4e9887b1b8e1ad5b03ae176
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Referer
https://accounts.firefox.com/
baggage
sentry-environment=prod,sentry-release=1.281.2,sentry-public_key=adb27d09f83f43b8852e61ce4c8a487b,sentry-trace_id=3f7aec4e2caf47c2aa0ee093227c40eb,sentry-sample_rate=0.5,sentry-sampled=false
sentry-trace
3f7aec4e2caf47c2aa0ee093227c40eb-84daa6b4c3110bbc-0
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 15 Apr 2024 23:40:55 GMT
strict-transport-security
max-age=31536000; includeSubDomains
referrer-policy
no-referrer
x-content-type-options
nosniff
via
1.1 google
server
nginx
etag
W/"99-vcdOSbdZRXskvMPnSpmIVtEjHn0"
x-frame-options
DENY
vary
Origin
content-type
application/json; charset=utf-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
153
x-xss-protection
0
metrics-flow
accounts.firefox.com/ 		153 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://accounts.firefox.com/metrics-flow
Requested by
Host: accounts.firefox.com
URL: https://accounts.firefox.com/settings/static/js/main.83cbde4b.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.110.207.168 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
168.207.110.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
58cc3a9ef94a54ba0be2e6a5b47f080e3de7a98d8dc8367da742c789ece82f22
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Referer
https://accounts.firefox.com/
baggage
sentry-environment=prod,sentry-release=1.281.2,sentry-public_key=adb27d09f83f43b8852e61ce4c8a487b,sentry-trace_id=3f7aec4e2caf47c2aa0ee093227c40eb,sentry-sample_rate=0.5,sentry-sampled=false
sentry-trace
3f7aec4e2caf47c2aa0ee093227c40eb-9638b53ba4952bb5-0
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 15 Apr 2024 23:40:55 GMT
strict-transport-security
max-age=31536000; includeSubDomains
referrer-policy
no-referrer
x-content-type-options
nosniff
via
1.1 google
server
nginx
etag
W/"99-R2if6l19KvaaflkpvQthL5uqT6g"
x-frame-options
DENY
vary
Origin
content-type
application/json; charset=utf-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
153
x-xss-protection
0
graphql
graphql.accounts.firefox.com/ 		124 B
252 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://graphql.accounts.firefox.com/graphql
Requested by
Host: accounts.firefox.com
URL: https://accounts.firefox.com/settings/static/js/main.83cbde4b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.110.207.168 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
168.207.110.34.bc.googleusercontent.com
Software
nginx / Express
Resource Hash
1023126d63be199425f5f5aed57cd8e4e7f08062cfb7e9eacbeed0d60b768244
Security Headers
Name Value
Content-Security-Policy base-uri 'none';default-src 'none';frame-src 'none';object-src 'none';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
authorization
Bearer null
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
content-type
application/json
accept
*/*
Referer
https://accounts.firefox.com/
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 15 Apr 2024 23:40:56 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
base-uri 'none';default-src 'none';frame-src 'none';object-src 'none';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
via
1.1 google
x-powered-by
Express
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
124
x-xss-protection
1; mode=block
server
nginx
etag
W/"7c-HRQMnmGJyZIe7KIoq8HW8DcMMvs"
x-frame-options
DENY
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://accounts.firefox.com
cache-control
no-store
graphql
graphql.accounts.firefox.com/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://graphql.accounts.firefox.com/graphql
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.110.207.168 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
168.207.110.34.bc.googleusercontent.com
Software
nginx / Express
Resource Hash
Security Headers
Name Value
Content-Security-Policy base-uri 'none';default-src 'none';frame-src 'none';object-src 'none';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type
Access-Control-Request-Method
POST
Origin
https://accounts.firefox.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
authorization,content-type
access-control-allow-methods
OPTIONS,POST
access-control-allow-origin
https://accounts.firefox.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-security-policy
base-uri 'none';default-src 'none';frame-src 'none';object-src 'none';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
date
Mon, 15 Apr 2024 23:40:56 GMT
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
vary
Origin, Access-Control-Request-Headers
via
1.1 google
x-content-type-options
nosniff
x-frame-options
DENY
x-powered-by
Express
x-xss-protection
1; mode=block
Primary Request signin
accounts.firefox.com/ 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://accounts.firefox.com/signin?redirect_to=%2Fsettings
Requested by
Host: accounts.firefox.com
URL: https://accounts.firefox.com/settings/static/js/main.83cbde4b.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.110.207.168 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
168.207.110.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
569aa6bb3d0662148624294156a2637f06c28017127b3a483b087f3cb570d00c
Security Headers
Name Value
Content-Security-Policy connect-src 'self' https://api.accounts.firefox.com https://accounts.firefox.com https://graphql.accounts.firefox.com https://oauth.accounts.firefox.com https://profile.accounts.firefox.com wss://channelserver.services.mozilla.com https://channelserver.services.mozilla.com https://*.sentry.io;default-src 'self';form-action 'self' https://accounts.google.com https://appleid.apple.com;font-src 'self' https://accounts-static.cdn.mozilla.net;frame-src 'none';img-src 'self' blob: data: https://secure.gravatar.com https://firefoxusercontent.com https://profile.accounts.firefox.com https://accounts-static.cdn.mozilla.net;media-src blob:;object-src 'none';report-uri /_/csp-violation;script-src 'self' https://accounts-static.cdn.mozilla.net;style-src 'self' https://accounts-static.cdn.mozilla.net;base-uri 'self';frame-ancestors 'self';script-src-attr 'none';upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://accounts.firefox.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-security-policy
connect-src 'self' https://api.accounts.firefox.com https://accounts.firefox.com https://graphql.accounts.firefox.com https://oauth.accounts.firefox.com https://profile.accounts.firefox.com wss://channelserver.services.mozilla.com https://channelserver.services.mozilla.com https://*.sentry.io;default-src 'self';form-action 'self' https://accounts.google.com https://appleid.apple.com;font-src 'self' https://accounts-static.cdn.mozilla.net;frame-src 'none';img-src 'self' blob: data: https://secure.gravatar.com https://firefoxusercontent.com https://profile.accounts.firefox.com https://accounts-static.cdn.mozilla.net;media-src blob:;object-src 'none';report-uri /_/csp-violation;script-src 'self' https://accounts-static.cdn.mozilla.net;style-src 'self' https://accounts-static.cdn.mozilla.net;base-uri 'self';frame-ancestors 'self';script-src-attr 'none';upgrade-insecure-requests
content-type
text/html; charset=utf-8
date
Mon, 15 Apr 2024 23:40:56 GMT
etag
W/"27a1-mIOPu3/sCFXRYh4ESGiGnAGZe9c"
referrer-policy
no-referrer
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
via
1.1 google
x-content-type-options
nosniff
x-frame-options
DENY
x-robots-tag
noindex,nofollow
x-xss-protection
0
/
o1069899.ingest.sentry.io/api/6231069/envelope/ 		0
0
8bbdb7ff.main.css
accounts-static.cdn.mozilla.net/styles/ 		56 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://accounts-static.cdn.mozilla.net/styles/8bbdb7ff.main.css
Requested by
Host: accounts.firefox.com
URL: https://accounts.firefox.com/signin?redirect_to=%2Fsettings
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.46.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-46-74.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
33cc48eec94196461018d01f24e2835bc9716fb29f1f0735f0cf639f77f8b542

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://accounts.firefox.com/
Origin
https://accounts.firefox.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
Xk6Pd.1hUtpHaZMPsEmNYkxZE6OO5eyh
content-encoding
gzip
via
1.1 e999795aa400a9b7027a66ec4ada5728.cloudfront.net (CloudFront)
date
Mon, 15 Apr 2024 03:47:37 GMT
x-amz-cf-pop
FRA56-P9
age
71600
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Wed, 03 Apr 2024 17:22:32 GMT
server
AmazonS3
etag
W/"8bbdb7ffede8b2808a35f9019eeb9756"
vary
Accept-Encoding,Origin
access-control-allow-methods
HEAD, GET
content-type
text/css
access-control-allow-origin
*
cache-control
public,max-age=86400
x-amz-cf-id
941bfuEwnpBIaDg3NuGDZhNF5p6naxU-0ni-Li2SxC1mDnIy_EUbxQ==
ab8681c0.tailwind.out.css
accounts-static.cdn.mozilla.net/styles/ 		88 KB
17 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://accounts-static.cdn.mozilla.net/styles/ab8681c0.tailwind.out.css
Requested by
Host: accounts.firefox.com
URL: https://accounts.firefox.com/signin?redirect_to=%2Fsettings
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.46.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-46-74.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
883f1edfe0429504e0a62144d3c2891b0a1f96ef90b708e936db00f5a117a142

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://accounts.firefox.com/
Origin
https://accounts.firefox.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
1ptsiucIe0MMb3YT8lvd1SWcuFnyLetd
content-encoding
gzip
via
1.1 e999795aa400a9b7027a66ec4ada5728.cloudfront.net (CloudFront)
date
Mon, 15 Apr 2024 03:16:11 GMT
x-amz-cf-pop
FRA56-P9
age
73486
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Wed, 03 Apr 2024 17:22:32 GMT
server
AmazonS3
etag
W/"ab8681c0b5f280f74c071af35d5ec0a2"
vary
Accept-Encoding,Origin
access-control-allow-methods
HEAD, GET
content-type
text/css
access-control-allow-origin
*
cache-control
public,max-age=86400
x-amz-cf-id
dd4IFRRUkCRJZ7_ITDZCR5AAhVrLNV7f4VzTtQxXUMMZBY5zzdf-_Q==
head.bundle.js
accounts-static.cdn.mozilla.net/bundle-ee1c7e113da4266b3593002041d6200c4e8c4e5e/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://accounts-static.cdn.mozilla.net/bundle-ee1c7e113da4266b3593002041d6200c4e8c4e5e/head.bundle.js
Requested by
Host: accounts.firefox.com
URL: https://accounts.firefox.com/signin?redirect_to=%2Fsettings
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.46.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-46-74.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
393e075bf90519cb026d0b11c4e51d6bfc9b8cf529a98afaac213ef7174eae1a

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://accounts.firefox.com/
Origin
https://accounts.firefox.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 15 Apr 2024 04:59:33 GMT
x-amz-version-id
W7nPrEldGywUzPXyMJzxxUo5pHXuEQNs
content-encoding
gzip
via
1.1 e999795aa400a9b7027a66ec4ada5728.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P9
age
67284
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Wed, 03 Apr 2024 17:22:20 GMT
server
AmazonS3
etag
W/"602587e3b228b4eb88ff255871da34dc"
vary
Accept-Encoding,Origin
access-control-allow-methods
HEAD, GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=86400
x-amz-cf-id
n0RwUhMDEQj-AF9WkhYexcu0w4tsvVdVs1Hrw_KIwTlcDLWQksJ87w==
appDependencies.bundle.js
accounts-static.cdn.mozilla.net/bundle-ee1c7e113da4266b3593002041d6200c4e8c4e5e/ 		661 KB
205 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://accounts-static.cdn.mozilla.net/bundle-ee1c7e113da4266b3593002041d6200c4e8c4e5e/appDependencies.bundle.js
Requested by
Host: accounts.firefox.com
URL: https://accounts.firefox.com/signin?redirect_to=%2Fsettings
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.46.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-46-74.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
19654c399d6e483e5401d55d9d71280362449e02be59556c4ff881766e242547

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://accounts.firefox.com/
Origin
https://accounts.firefox.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
fR08EwTrJeoNVvs8g7Khn9VS8UeJGJkF
content-encoding
gzip
via
1.1 e999795aa400a9b7027a66ec4ada5728.cloudfront.net (CloudFront)
date
Mon, 15 Apr 2024 05:28:59 GMT
x-amz-cf-pop
FRA56-P9
age
67284
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Wed, 03 Apr 2024 17:22:17 GMT
server
AmazonS3
etag
W/"d89dc33bc525c51a11354572250bb2c9"
vary
Accept-Encoding,Origin
access-control-allow-methods
HEAD, GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=86400
x-amz-cf-id
gMcWbiwVrFoR3hM-BjoNQbLQRqNbc6oEh0OWq61MQCrkkpoBMXp8cQ==
app.bundle.de.js
accounts-static.cdn.mozilla.net/bundle-ee1c7e113da4266b3593002041d6200c4e8c4e5e/ 		2 MB
537 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://accounts-static.cdn.mozilla.net/bundle-ee1c7e113da4266b3593002041d6200c4e8c4e5e/app.bundle.de.js
Requested by
Host: accounts.firefox.com
URL: https://accounts.firefox.com/signin?redirect_to=%2Fsettings
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.46.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-46-74.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
955dd35a2fe614190d1874693cf3aba0c87bff4bb66d15f4485ff9159e039888

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://accounts.firefox.com/
Origin
https://accounts.firefox.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 15 Apr 2024 05:42:26 GMT
x-amz-version-id
fpRCFhyUIccRW2Sssp78K7SnEwe0l9Lc
content-encoding
gzip
via
1.1 e999795aa400a9b7027a66ec4ada5728.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P9
age
64711
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Wed, 03 Apr 2024 17:22:19 GMT
server
AmazonS3
etag
W/"24b3958b3bd54c8aa7daf5e74256155a"
vary
Accept-Encoding,Origin
access-control-allow-methods
HEAD, GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=86400
x-amz-cf-id
esrzTsynKPmXT3tZ8aeEl7nx-iifjiyHXd3EiwtUeIZW9AohpzC2gw==
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c4f52fd4e5395580cbbaddf71f4340638e7e565e151ce9a163cc8d07730f8be1

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://accounts.firefox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
a7c41087.mozilla.svg
accounts-static.cdn.mozilla.net/images/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://accounts-static.cdn.mozilla.net/images/a7c41087.mozilla.svg
Requested by
Host: accounts-static.cdn.mozilla.net
URL: https://accounts-static.cdn.mozilla.net/styles/8bbdb7ff.main.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.46.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-46-74.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8953c362d12a1ef9a147b46ec5d07b73be5a38e1c1333a0355bab8f82826f006

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://accounts-static.cdn.mozilla.net/styles/8bbdb7ff.main.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
JMXX1nYJ4dMBwKjRR1oJPAjAQ8wx9KaI
content-encoding
gzip
via
1.1 0b328de7c6916513ee4489477445f2e2.cloudfront.net (CloudFront)
date
Mon, 15 Apr 2024 04:38:01 GMT
last-modified
Wed, 03 Apr 2024 17:22:22 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P9
age
68576
x-amz-server-side-encryption
AES256
etag
W/"a7c410872e9e6f151d06c7dbe9eb7ddc"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public,max-age=86400
x-amz-cf-id
9_srbWXPst-34hxaZYRNfOSW9nc1dEsL95JtIDYrer_EYGMfq6FQKg==
1cdc8fce.google_btn_normal.svg
accounts-static.cdn.mozilla.net/images/third_party_auth/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://accounts-static.cdn.mozilla.net/images/third_party_auth/1cdc8fce.google_btn_normal.svg
Requested by
Host: accounts-static.cdn.mozilla.net
URL: https://accounts-static.cdn.mozilla.net/styles/8bbdb7ff.main.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.46.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-46-74.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
464e961b31ded25189184c9688dea54eeb28b1f2bcb9bb6a49d7f4673b962c11

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://accounts-static.cdn.mozilla.net/styles/8bbdb7ff.main.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
HmcLICiB3UImci7waSFAarFO3qm6RPJS
content-encoding
gzip
via
1.1 0b328de7c6916513ee4489477445f2e2.cloudfront.net (CloudFront)
date
Mon, 15 Apr 2024 01:11:11 GMT
last-modified
Wed, 03 Apr 2024 17:22:23 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P9
age
80986
x-amz-server-side-encryption
AES256
etag
W/"1cdc8fce9609d07f0e9d8d0bc4b61f8f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public,max-age=86400
x-amz-cf-id
Lo-MRw1ch6dYQEfW_qf-dT8Gd7K_p9FbdkKBSu0RsBAFp3fFlrKgEw==
37f16dcb.apple_btn_normal.svg
accounts-static.cdn.mozilla.net/images/third_party_auth/ 		687 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://accounts-static.cdn.mozilla.net/images/third_party_auth/37f16dcb.apple_btn_normal.svg
Requested by
Host: accounts-static.cdn.mozilla.net
URL: https://accounts-static.cdn.mozilla.net/styles/8bbdb7ff.main.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.46.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-46-74.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6ff52797f2eaf370586e001d8009121236498b63cbdf5d75c3491e1772cabfdc

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://accounts-static.cdn.mozilla.net/styles/8bbdb7ff.main.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 15 Apr 2024 04:30:38 GMT
x-amz-version-id
CWDC_wpWxBfnZ7l9YF3y6E6v5mway.E2
via
1.1 0b328de7c6916513ee4489477445f2e2.cloudfront.net (CloudFront)
last-modified
Wed, 03 Apr 2024 17:22:23 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P9
age
69019
etag
"37f16dcb86fdfc8e800156ab0d2ead6b"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public,max-age=86400
accept-ranges
bytes
content-length
687
x-amz-cf-id
fJkmTY_ujrbaqkkmbaRr1XWdw6uVuwPyOUZfQfqJiyAI6q9BN55HkA==
f1071f79-e153-4aa0-964e-b6339d7ab110
accounts.firefox.com/submit/accounts-frontend/accounts-events/1/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://accounts.firefox.com/submit/accounts-frontend/accounts-events/1/f1071f79-e153-4aa0-964e-b6339d7ab110
Requested by
Host: accounts-static.cdn.mozilla.net
URL: https://accounts-static.cdn.mozilla.net/bundle-ee1c7e113da4266b3593002041d6200c4e8c4e5e/app.bundle.de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.110.207.168 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
168.207.110.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Content-Encoding
gzip
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
application/json; charset=utf-8
Referer
https://accounts.firefox.com/
X-Telemetry-Agent
Glean/4.0.0 (JS on Windows)
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 15 Apr 2024 23:40:56 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
via
1.1 google, 1.1 google
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, OPTIONS
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://accounts.firefox.com
x-frame-options
DENY
access-control-max-age
1728000
access-control-allow-headers
Accept-Encoding,Connection,Content-Encoding,Content-Length,Content-Type,DNT,Date,Sec-Fetch-Dest,Sec-Fetch-Mode,Sec-Fetch-Site,User-Agent,X-Client-Type,X-Client-Version,X-Debug-ID,X-Forwarded-For,X-Pingsender-Version,X-Pipeline-Proxy,X-Source-Tags,X-Telemetry-Agent
alt-svc
clear, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
metrics
accounts.firefox.com/ 		16 B
35 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://accounts.firefox.com/metrics
Requested by
Host: accounts-static.cdn.mozilla.net
URL: https://accounts-static.cdn.mozilla.net/bundle-ee1c7e113da4266b3593002041d6200c4e8c4e5e/app.bundle.de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.110.207.168 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
168.207.110.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://accounts.firefox.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 15 Apr 2024 23:40:56 GMT
strict-transport-security
max-age=31536000; includeSubDomains
referrer-policy
no-referrer
x-content-type-options
nosniff
via
1.1 google
server
nginx
etag
W/"10-oV4hJxRVSENxc/wX8+mA4/Pe4tA"
x-frame-options
DENY
content-type
application/json; charset=utf-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16
x-xss-protection
0
favicon.ico
accounts.firefox.com/ 		7 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
https://accounts.firefox.com/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.110.207.168 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
168.207.110.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
3e5e524aa82385dc1b35bfdfb4b5b527654164f7c519833d64492588ada9e002
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://accounts.firefox.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 15 Apr 2024 23:40:55 GMT
via
1.1 google
referrer-policy
no-referrer
x-content-type-options
nosniff
last-modified
Thu, 28 Mar 2024 17:07:52 GMT
server
nginx
etag
W/"1cee-18e86084240"
x-frame-options
DENY
content-type
image/x-icon
cache-control
public, max-age=600
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7406
x-xss-protection
0
favicon.ico
accounts.firefox.com/ 		7 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
https://accounts.firefox.com/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.110.207.168 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
168.207.110.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
3e5e524aa82385dc1b35bfdfb4b5b527654164f7c519833d64492588ada9e002
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://accounts.firefox.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 15 Apr 2024 23:40:55 GMT
via
1.1 google
referrer-policy
no-referrer
x-content-type-options
nosniff
last-modified
Thu, 28 Mar 2024 17:07:52 GMT
server
nginx
etag
W/"1cee-18e86084240"
x-frame-options
DENY
content-type
image/x-icon
cache-control
public, max-age=600
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7406
x-xss-protection
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
o1069899.ingest.sentry.io
URL
https://o1069899.ingest.sentry.io/api/6231069/envelope/?sentry_key=adb27d09f83f43b8852e61ce4c8a487b&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.107.0

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery object| Backbone object| webpackChunk function| clearImmediate function| setImmediate object| Glean function| _ object| router

0 Cookies

1 Console Messages

Source Level URL
Text
rendering info URL: https://accounts.firefox.com/?redirect_to=%2Fsettings
Message:
Autofocus processing was blocked because a document already has a focused element.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy connect-src 'self' https://api.accounts.firefox.com https://accounts.firefox.com https://graphql.accounts.firefox.com https://oauth.accounts.firefox.com https://profile.accounts.firefox.com wss://channelserver.services.mozilla.com https://channelserver.services.mozilla.com https://*.sentry.io;default-src 'self';form-action 'self' https://accounts.google.com https://appleid.apple.com;font-src 'self' https://accounts-static.cdn.mozilla.net;frame-src 'none';img-src 'self' blob: data: https://secure.gravatar.com https://firefoxusercontent.com https://profile.accounts.firefox.com https://accounts-static.cdn.mozilla.net;media-src blob:;object-src 'none';report-uri /_/csp-violation;script-src 'self' https://accounts-static.cdn.mozilla.net;style-src 'self' https://accounts-static.cdn.mozilla.net;base-uri 'self';frame-ancestors 'self';script-src-attr 'none';upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts-static.cdn.mozilla.net
accounts.firefox.com
graphql.accounts.firefox.com
o1069899.ingest.sentry.io
o1069899.ingest.sentry.io
18.245.46.74
34.110.207.168
34.120.195.249
1023126d63be199425f5f5aed57cd8e4e7f08062cfb7e9eacbeed0d60b768244
19654c399d6e483e5401d55d9d71280362449e02be59556c4ff881766e242547
1cce4b77d77e483f6dca1dad04abff0b7bc15f91ba34d4e66d8a6e7190f48fe7
294cb9e048e21331dc444f8c1e60835eda4644ad25ebb911a342ff44eb6c300a
33cc48eec94196461018d01f24e2835bc9716fb29f1f0735f0cf639f77f8b542
393e075bf90519cb026d0b11c4e51d6bfc9b8cf529a98afaac213ef7174eae1a
3e5e524aa82385dc1b35bfdfb4b5b527654164f7c519833d64492588ada9e002
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
464e961b31ded25189184c9688dea54eeb28b1f2bcb9bb6a49d7f4673b962c11
538a0e45a8e16525e69b3c2c957ea139e3de6c0d793150adf8d1ac2bb14e8d75
569aa6bb3d0662148624294156a2637f06c28017127b3a483b087f3cb570d00c
58cc3a9ef94a54ba0be2e6a5b47f080e3de7a98d8dc8367da742c789ece82f22
6ff52797f2eaf370586e001d8009121236498b63cbdf5d75c3491e1772cabfdc
7658360e2276c239e6257a84978e15ec029d3874b00e5177a4d956274c94908d
78503f9a8a6a9c7e0cf8913152b1ee69a86262eb5d79d9f1805eb51544fb5183
883f1edfe0429504e0a62144d3c2891b0a1f96ef90b708e936db00f5a117a142
8953c362d12a1ef9a147b46ec5d07b73be5a38e1c1333a0355bab8f82826f006
955dd35a2fe614190d1874693cf3aba0c87bff4bb66d15f4485ff9159e039888
b26f65411f78941e2bae57b5372760d2ce8ef783f44e5d6678c19d159c5fd7ac
bc65df4dc2a5f31d3de68071fbe4157d13e433a6b4e9887b1b8e1ad5b03ae176
c4f52fd4e5395580cbbaddf71f4340638e7e565e151ce9a163cc8d07730f8be1
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97