diff options
Diffstat (limited to 'security')
210 files changed, 10186 insertions, 10787 deletions
diff --git a/security/certverifier/ExtendedValidation.cpp b/security/certverifier/ExtendedValidation.cpp index 8ac5828de..37c028c54 100644 --- a/security/certverifier/ExtendedValidation.cpp +++ b/security/certverifier/ExtendedValidation.cpp @@ -1285,15 +1285,7 @@ LoadExtendedValidationInfo() UniqueCERTCertificate cert(CERT_FindCertByIssuerAndSN(nullptr, &ias)); - // If an entry is missing in the NSS root database, it may be because the - // root database is out of sync with what we expect (e.g. a different - // version of system NSS is installed). - if (!cert) { - // The entries for the debug EV roots are at indices 0 through - // NUM_TEST_EV_ROOTS - 1. Since they're not built-in, they probably - // haven't been loaded yet. - MOZ_ASSERT(iEV < NUM_TEST_EV_ROOTS, "Could not find built-in EV root"); - } else { + if (cert) { unsigned char certFingerprint[SHA256_LENGTH]; srv = PK11_HashBuf(SEC_OID_SHA256, certFingerprint, cert->derCert.data, AssertedCast<int32_t>(cert->derCert.len)); diff --git a/security/manager/locales/en-US/chrome/pipnss/pipnss.properties b/security/manager/locales/en-US/chrome/pipnss/pipnss.properties index 9c732ce9d..23d7a323c 100755 --- a/security/manager/locales/en-US/chrome/pipnss/pipnss.properties +++ b/security/manager/locales/en-US/chrome/pipnss/pipnss.properties @@ -279,8 +279,7 @@ certErrorExpiredNow=The certificate expired on %1$S. The current time is %2$S. # LOCALIZATION NOTE (certErrorNotYetValidNow): Do not translate %1$S (date+time certificate will become valid) or %2$S (current date+time) certErrorNotYetValidNow=The certificate will not be valid until %1$S. The current time is %2$S. -# LOCALIZATION NOTE (certErrorCodePrefix2): Do not translate <a id="errorCode" title="%1$S">%1$S</a> -certErrorCodePrefix2=Error code: <a id="errorCode" title="%1$S">%1$S</a> +certErrorCodePrefix=(Error code: %S) P12DefaultNickname=Imported Certificate CertUnknown=Unknown diff --git a/security/manager/ssl/DataStorage.cpp b/security/manager/ssl/DataStorage.cpp index 2d9dbf5c4..c765fed00 100644 --- a/security/manager/ssl/DataStorage.cpp +++ b/security/manager/ssl/DataStorage.cpp @@ -276,9 +276,6 @@ DataStorage::Reader::Run() } } } while (true); - - Telemetry::Accumulate(Telemetry::DATA_STORAGE_ENTRIES, - mDataStorage->mPersistentDataTable.Count()); } return NS_OK; diff --git a/security/manager/ssl/SSLServerCertVerification.cpp b/security/manager/ssl/SSLServerCertVerification.cpp index 4ef79f54a..757534955 100644 --- a/security/manager/ssl/SSLServerCertVerification.cpp +++ b/security/manager/ssl/SSLServerCertVerification.cpp @@ -567,15 +567,12 @@ CertErrorRunnable::CheckCertOverrides() // want a ballpark answer, we don't care. if (mErrorCodeTrust != 0) { uint32_t probeValue = MapOverridableErrorToProbeValue(mErrorCodeTrust); - Telemetry::Accumulate(Telemetry::SSL_CERT_ERROR_OVERRIDES, probeValue); } if (mErrorCodeMismatch != 0) { uint32_t probeValue = MapOverridableErrorToProbeValue(mErrorCodeMismatch); - Telemetry::Accumulate(Telemetry::SSL_CERT_ERROR_OVERRIDES, probeValue); } if (mErrorCodeTime != 0) { uint32_t probeValue = MapOverridableErrorToProbeValue(mErrorCodeTime); - Telemetry::Accumulate(Telemetry::SSL_CERT_ERROR_OVERRIDES, probeValue); } // all errors are covered by override rules, so let's accept the cert @@ -660,7 +657,6 @@ CreateCertErrorRunnable(CertVerifier& certVerifier, MOZ_ASSERT(cert); uint32_t probeValue = MapCertErrorToProbeValue(defaultErrorCodeToReport); - Telemetry::Accumulate(Telemetry::SSL_CERT_VERIFICATION_ERRORS, probeValue); uint32_t collected_errors = 0; PRErrorCode errorCodeTrust = 0; @@ -869,19 +865,11 @@ void AccumulateSubjectCommonNameTelemetry(const char* commonName, bool commonNameInSubjectAltNames) { - if (!commonName) { - // 1 means no common name present - Telemetry::Accumulate(Telemetry::BR_9_2_2_SUBJECT_COMMON_NAME, 1); - } else if (!commonNameInSubjectAltNames) { + if (!commonNameInSubjectAltNames) { MOZ_LOG(gPIPNSSLog, LogLevel::Debug, ("BR telemetry: common name '%s' not in subject alt. names " "(or the subject alt. names extension is not present)\n", commonName)); - // 2 means the common name is not present in subject alt names - Telemetry::Accumulate(Telemetry::BR_9_2_2_SUBJECT_COMMON_NAME, 2); - } else { - // 0 means the common name is present in subject alt names - Telemetry::Accumulate(Telemetry::BR_9_2_2_SUBJECT_COMMON_NAME, 0); } } @@ -947,8 +935,6 @@ GatherBaselineRequirementsTelemetry(const UniqueCERTCertList& certList) MOZ_LOG(gPIPNSSLog, LogLevel::Debug, ("BR telemetry: no subject alt names extension for '%s'\n", commonName.get())); - // 1 means there is no subject alt names extension - Telemetry::Accumulate(Telemetry::BR_9_2_1_SUBJECT_ALT_NAMES, 1); AccumulateSubjectCommonNameTelemetry(commonName.get(), false); return; } @@ -960,8 +946,6 @@ GatherBaselineRequirementsTelemetry(const UniqueCERTCertList& certList) MOZ_LOG(gPIPNSSLog, LogLevel::Debug, ("BR telemetry: could not decode subject alt names for '%s'\n", commonName.get())); - // 2 means the subject alt names extension could not be decoded - Telemetry::Accumulate(Telemetry::BR_9_2_1_SUBJECT_ALT_NAMES, 2); AccumulateSubjectCommonNameTelemetry(commonName.get(), false); return; } @@ -1044,24 +1028,6 @@ GatherBaselineRequirementsTelemetry(const UniqueCERTCertList& certList) currentName = CERT_GetNextGeneralName(currentName); } while (currentName && currentName != subjectAltNames); - if (nonDNSNameOrIPAddressPresent) { - // 3 means there's an entry that isn't an ip address or dns name - Telemetry::Accumulate(Telemetry::BR_9_2_1_SUBJECT_ALT_NAMES, 3); - } - if (malformedDNSNameOrIPAddressPresent) { - // 4 means there's a malformed ip address or dns name entry - Telemetry::Accumulate(Telemetry::BR_9_2_1_SUBJECT_ALT_NAMES, 4); - } - if (nonFQDNPresent) { - // 5 means there's a DNS name entry with a non-fully-qualified domain name - Telemetry::Accumulate(Telemetry::BR_9_2_1_SUBJECT_ALT_NAMES, 5); - } - if (!nonDNSNameOrIPAddressPresent && !malformedDNSNameOrIPAddressPresent && - !nonFQDNPresent) { - // 0 means the extension is acceptable - Telemetry::Accumulate(Telemetry::BR_9_2_1_SUBJECT_ALT_NAMES, 0); - } - AccumulateSubjectCommonNameTelemetry(commonName.get(), commonNameInSubjectAltNames); } @@ -1111,7 +1077,6 @@ GatherEKUTelemetry(const UniqueCERTCertList& certList) } if (!foundEKU) { - Telemetry::Accumulate(Telemetry::SSL_SERVER_AUTH_EKU, 0); return; } @@ -1133,18 +1098,6 @@ GatherEKUTelemetry(const UniqueCERTCertList& certList) foundOther = true; } } - - // Cases 3 is included only for completeness. It should never - // appear in these statistics, because CheckExtendedKeyUsage() - // should require the EKU extension, if present, to contain the - // value id_kp_serverAuth. - if (foundServerAuth && !foundOther) { - Telemetry::Accumulate(Telemetry::SSL_SERVER_AUTH_EKU, 1); - } else if (foundServerAuth && foundOther) { - Telemetry::Accumulate(Telemetry::SSL_SERVER_AUTH_EKU, 2); - } else if (!foundServerAuth) { - Telemetry::Accumulate(Telemetry::SSL_SERVER_AUTH_EKU, 3); - } } // Gathers telemetry on which CA is the root of a given cert chain. @@ -1210,9 +1163,6 @@ GatherEndEntityTelemetry(const UniqueCERTCertList& certList) if (durationInWeeks > (2 * ONE_YEAR_IN_WEEKS)) { durationInWeeks = (2 * ONE_YEAR_IN_WEEKS) + 1; } - - Telemetry::Accumulate(Telemetry::SSL_OBSERVED_END_ENTITY_CERTIFICATE_LIFETIME, - durationInWeeks); } // There are various things that we want to measure about certificate @@ -1229,75 +1179,14 @@ GatherSuccessfulValidationTelemetry(const UniqueCERTCertList& certList) void GatherTelemetryForSingleSCT(const ct::SignedCertificateTimestamp& sct) { - // See SSL_SCTS_ORIGIN in Histograms.json. - uint32_t origin = 0; - switch (sct.origin) { - case ct::SignedCertificateTimestamp::Origin::Embedded: - origin = 1; - break; - case ct::SignedCertificateTimestamp::Origin::TLSExtension: - origin = 2; - break; - case ct::SignedCertificateTimestamp::Origin::OCSPResponse: - origin = 3; - break; - default: - MOZ_ASSERT_UNREACHABLE("Unexpected SCT::Origin type"); - } - Telemetry::Accumulate(Telemetry::SSL_SCTS_ORIGIN, origin); - - // See SSL_SCTS_VERIFICATION_STATUS in Histograms.json. - uint32_t verificationStatus = 0; - switch (sct.verificationStatus) { - case ct::SignedCertificateTimestamp::VerificationStatus::OK: - verificationStatus = 1; - break; - case ct::SignedCertificateTimestamp::VerificationStatus::UnknownLog: - verificationStatus = 2; - break; - case ct::SignedCertificateTimestamp::VerificationStatus::InvalidSignature: - verificationStatus = 3; - break; - case ct::SignedCertificateTimestamp::VerificationStatus::InvalidTimestamp: - verificationStatus = 4; - break; - default: - MOZ_ASSERT_UNREACHABLE("Unexpected SCT::VerificationStatus type"); - } - Telemetry::Accumulate(Telemetry::SSL_SCTS_VERIFICATION_STATUS, - verificationStatus); +/* STUB */ } void GatherCertificateTransparencyTelemetry(const UniqueCERTCertList& certList, const CertificateTransparencyInfo& info) { - if (!info.enabled) { - // No telemetry is gathered when CT is disabled. - return; - } - - if (!info.processedSCTs) { - // We didn't receive any SCT data for this connection. - Telemetry::Accumulate(Telemetry::SSL_SCTS_PER_CONNECTION, 0); - return; - } - - for (const ct::SignedCertificateTimestamp& sct : info.verifyResult.scts) { - GatherTelemetryForSingleSCT(sct); - } - - // Decoding errors are reported to the 0th bucket - // of the SSL_SCTS_VERIFICATION_STATUS enumerated probe. - for (size_t i = 0; i < info.verifyResult.decodingErrors; ++i) { - Telemetry::Accumulate(Telemetry::SSL_SCTS_VERIFICATION_STATUS, 0); - } - - // Handle the histogram of SCTs counts. - uint32_t sctsCount = static_cast<uint32_t>(info.verifyResult.scts.length()); - // Note that sctsCount can be 0 in case we've received SCT binary data, - // but it failed to parse (e.g. due to unsupported CT protocol version). - Telemetry::Accumulate(Telemetry::SSL_SCTS_PER_CONNECTION, sctsCount); +/* STUB */ } // Note: Takes ownership of |peerCertChain| if SECSuccess is not returned. @@ -1350,29 +1239,6 @@ AuthCertificate(CertVerifier& certVerifier, uint32_t evStatus = (rv != Success) ? 0 // 0 = Failure : (evOidPolicy == SEC_OID_UNKNOWN) ? 1 // 1 = DV : 2; // 2 = EV - Telemetry::Accumulate(Telemetry::CERT_EV_STATUS, evStatus); - - if (ocspStaplingStatus != CertVerifier::OCSP_STAPLING_NEVER_CHECKED) { - Telemetry::Accumulate(Telemetry::SSL_OCSP_STAPLING, ocspStaplingStatus); - } - if (keySizeStatus != KeySizeStatus::NeverChecked) { - Telemetry::Accumulate(Telemetry::CERT_CHAIN_KEY_SIZE_STATUS, - static_cast<uint32_t>(keySizeStatus)); - } - if (sha1ModeResult != SHA1ModeResult::NeverChecked) { - Telemetry::Accumulate(Telemetry::CERT_CHAIN_SHA1_POLICY_STATUS, - static_cast<uint32_t>(sha1ModeResult)); - } - - if (pinningTelemetryInfo.accumulateForRoot) { - Telemetry::Accumulate(Telemetry::CERT_PINNING_FAILURES_BY_CA, - pinningTelemetryInfo.rootBucket); - } - - if (pinningTelemetryInfo.accumulateResult) { - Telemetry::Accumulate(pinningTelemetryInfo.certPinningResultHistogram, - pinningTelemetryInfo.certPinningResultBucket); - } if (rv == Success) { // Certificate verification succeeded. Delete any potential record of @@ -1517,7 +1383,6 @@ SSLServerCertVerificationJob::Run() new SSLServerCertVerificationResult(mInfoObject, 0, successTelemetry, interval)); restart->Dispatch(); - Telemetry::Accumulate(Telemetry::SSL_CERT_ERROR_OVERRIDES, 1); return NS_OK; } @@ -1527,7 +1392,6 @@ SSLServerCertVerificationJob::Run() { TimeStamp now = TimeStamp::Now(); MutexAutoLock telemetryMutex(*gSSLVerificationTelemetryMutex); - Telemetry::AccumulateTimeDelta(failureTelemetry, mJobStartTime, now); } if (error != 0) { RefPtr<CertErrorRunnable> runnable( @@ -1694,7 +1558,6 @@ AuthCertificateHook(void* arg, PRFileDesc* fd, PRBool checkSig, PRBool isServer) MOZ_ASSERT(peerCertChain || rv != SECSuccess, "AuthCertificate() should take ownership of chain on failure"); if (rv == SECSuccess) { - Telemetry::Accumulate(Telemetry::SSL_CERT_ERROR_OVERRIDES, 1); return SECSuccess; } @@ -1782,10 +1645,6 @@ SSLServerCertVerificationResult::Dispatch() NS_IMETHODIMP SSLServerCertVerificationResult::Run() { - // TODO: Assert that we're on the socket transport thread - if (mTelemetryID != Telemetry::HistogramCount) { - Telemetry::Accumulate(mTelemetryID, mTelemetryValue); - } // XXX: This cast will be removed by the next patch ((nsNSSSocketInfo*) mInfoObject.get()) ->SetCertVerificationResult(mErrorCode, mErrorMessageType); diff --git a/security/manager/ssl/TransportSecurityInfo.cpp b/security/manager/ssl/TransportSecurityInfo.cpp index fe39f4017..0e2238ad0 100644 --- a/security/manager/ssl/TransportSecurityInfo.cpp +++ b/security/manager/ssl/TransportSecurityInfo.cpp @@ -854,7 +854,7 @@ AppendErrorTextCode(PRErrorCode errorCodeToReport, nsString formattedString; nsresult rv; - rv = component->PIPBundleFormatStringFromName("certErrorCodePrefix2", + rv = component->PIPBundleFormatStringFromName("certErrorCodePrefix", params, 1, formattedString); if (NS_SUCCEEDED(rv)) { diff --git a/security/manager/ssl/nsKeygenHandler.cpp b/security/manager/ssl/nsKeygenHandler.cpp index c4529f877..9196e200c 100644 --- a/security/manager/ssl/nsKeygenHandler.cpp +++ b/security/manager/ssl/nsKeygenHandler.cpp @@ -399,48 +399,7 @@ loser: void GatherKeygenTelemetry(uint32_t keyGenMechanism, int keysize, char* curve) { - if (keyGenMechanism == CKM_RSA_PKCS_KEY_PAIR_GEN) { - if (keysize > 8196 || keysize < 0) { - return; - } - - nsCString telemetryValue("rsa"); - telemetryValue.AppendPrintf("%d", keysize); - mozilla::Telemetry::Accumulate( - mozilla::Telemetry::KEYGEN_GENERATED_KEY_TYPE, telemetryValue); - } else if (keyGenMechanism == CKM_EC_KEY_PAIR_GEN) { - nsCString secp384r1 = NS_LITERAL_CSTRING("secp384r1"); - nsCString secp256r1 = NS_LITERAL_CSTRING("secp256r1"); - - mozilla::UniqueSECItem decoded = DecodeECParams(curve); - if (!decoded) { - switch (keysize) { - case 2048: - mozilla::Telemetry::Accumulate( - mozilla::Telemetry::KEYGEN_GENERATED_KEY_TYPE, secp384r1); - break; - case 1024: - case 512: - mozilla::Telemetry::Accumulate( - mozilla::Telemetry::KEYGEN_GENERATED_KEY_TYPE, secp256r1); - break; - } - } else { - if (secp384r1.EqualsIgnoreCase(curve, secp384r1.Length())) { - mozilla::Telemetry::Accumulate( - mozilla::Telemetry::KEYGEN_GENERATED_KEY_TYPE, secp384r1); - } else if (secp256r1.EqualsIgnoreCase(curve, secp256r1.Length())) { - mozilla::Telemetry::Accumulate( - mozilla::Telemetry::KEYGEN_GENERATED_KEY_TYPE, secp256r1); - } else { - mozilla::Telemetry::Accumulate( - mozilla::Telemetry::KEYGEN_GENERATED_KEY_TYPE, NS_LITERAL_CSTRING("other_ec")); - } - } - } else { - MOZ_CRASH("Unknown keygen algorithm"); - return; - } +/* STUB */ } nsresult diff --git a/security/manager/ssl/nsNSSCallbacks.cpp b/security/manager/ssl/nsNSSCallbacks.cpp index 941101265..6bac59f51 100644 --- a/security/manager/ssl/nsNSSCallbacks.cpp +++ b/security/manager/ssl/nsNSSCallbacks.cpp @@ -490,31 +490,6 @@ nsNSSHttpRequestSession::internal_send_receive_attempt(bool &retryable_error, } } - if (!event->mStartTime.IsNull()) { - if (request_canceled) { - Telemetry::Accumulate(Telemetry::CERT_VALIDATION_HTTP_REQUEST_RESULT, 0); - Telemetry::AccumulateTimeDelta( - Telemetry::CERT_VALIDATION_HTTP_REQUEST_CANCELED_TIME, - event->mStartTime, TimeStamp::Now()); - } - else if (NS_SUCCEEDED(mListener->mResultCode) && - mListener->mHttpResponseCode == 200) { - Telemetry::Accumulate(Telemetry::CERT_VALIDATION_HTTP_REQUEST_RESULT, 1); - Telemetry::AccumulateTimeDelta( - Telemetry::CERT_VALIDATION_HTTP_REQUEST_SUCCEEDED_TIME, - event->mStartTime, TimeStamp::Now()); - } - else { - Telemetry::Accumulate(Telemetry::CERT_VALIDATION_HTTP_REQUEST_RESULT, 2); - Telemetry::AccumulateTimeDelta( - Telemetry::CERT_VALIDATION_HTTP_REQUEST_FAILED_TIME, - event->mStartTime, TimeStamp::Now()); - } - } - else { - Telemetry::Accumulate(Telemetry::CERT_VALIDATION_HTTP_REQUEST_RESULT, 3); - } - if (request_canceled) { return Result::ERROR_OCSP_SERVER_ERROR; } @@ -996,7 +971,6 @@ PreliminaryHandshakeDone(PRFileDesc* fd) } else { infoObject->SetNegotiatedNPN(nullptr, 0); } - mozilla::Telemetry::Accumulate(Telemetry::SSL_NPN_TYPE, state); } else { infoObject->SetNegotiatedNPN(nullptr, 0); } @@ -1091,9 +1065,6 @@ CanFalseStartCallback(PRFileDesc* fd, void* client_data, PRBool *canFalseStart) } } - Telemetry::Accumulate(Telemetry::SSL_REASONS_FOR_NOT_FALSE_STARTING, - reasonsForNotFalseStarting); - if (reasonsForNotFalseStarting == 0) { *canFalseStart = PR_TRUE; infoObject->SetFalseStarted(); @@ -1118,7 +1089,6 @@ AccumulateNonECCKeySize(Telemetry::ID probe, uint32_t bits) : bits < 8192 ? 17 : bits == 8192 ? 18 : bits < 16384 ? 19 : bits == 16384 ? 20 : 0; - Telemetry::Accumulate(probe, value); } // XXX: This attempts to map a bit count to an ECC named curve identifier. In @@ -1134,7 +1104,6 @@ AccumulateECCCurve(Telemetry::ID probe, uint32_t bits) : bits == 384 ? 24 // P-384 : bits == 521 ? 25 // P-521 : 0; // Unknown - Telemetry::Accumulate(probe, value); } static void @@ -1197,7 +1166,6 @@ AccumulateCipherSuite(Telemetry::ID probe, const SSLChannelInfo& channelInfo) break; } MOZ_ASSERT(value != 0); - Telemetry::Accumulate(probe, value); } // In the case of session resumption, the AuthCertificate hook has been bypassed @@ -1318,7 +1286,6 @@ void HandshakeCallback(PRFileDesc* fd, void* client_data) { // 1=tls1, 2=tls1.1, 3=tls1.2 unsigned int versionEnum = channelInfo.protocolVersion & 0xFF; MOZ_ASSERT(versionEnum > 0); - Telemetry::Accumulate(Telemetry::SSL_HANDSHAKE_VERSION, versionEnum); AccumulateCipherSuite( infoObject->IsFullHandshake() ? Telemetry::SSL_CIPHER_SUITE_FULL : Telemetry::SSL_CIPHER_SUITE_RESUMED, @@ -1331,13 +1298,6 @@ void HandshakeCallback(PRFileDesc* fd, void* client_data) { if (rv == SECSuccess) { usesFallbackCipher = channelInfo.keaType == ssl_kea_dh; - // keyExchange null=0, rsa=1, dh=2, fortezza=3, ecdh=4 - Telemetry::Accumulate( - infoObject->IsFullHandshake() - ? Telemetry::SSL_KEY_EXCHANGE_ALGORITHM_FULL - : Telemetry::SSL_KEY_EXCHANGE_ALGORITHM_RESUMED, - channelInfo.keaType); - MOZ_ASSERT(infoObject->GetKEAUsed() == channelInfo.keaType); if (infoObject->IsFullHandshake()) { @@ -1359,9 +1319,6 @@ void HandshakeCallback(PRFileDesc* fd, void* client_data) { break; } - Telemetry::Accumulate(Telemetry::SSL_AUTH_ALGORITHM_FULL, - channelInfo.authType); - // RSA key exchange doesn't use a signature for auth. if (channelInfo.keaType != ssl_kea_rsa) { switch (channelInfo.authType) { @@ -1380,12 +1337,6 @@ void HandshakeCallback(PRFileDesc* fd, void* client_data) { } } } - - Telemetry::Accumulate( - infoObject->IsFullHandshake() - ? Telemetry::SSL_SYMMETRIC_CIPHER_FULL - : Telemetry::SSL_SYMMETRIC_CIPHER_RESUMED, - cipherInfo.symCipher); } } diff --git a/security/manager/ssl/nsNSSComponent.cpp b/security/manager/ssl/nsNSSComponent.cpp index 025f4bda2..4fc8c142e 100644 --- a/security/manager/ssl/nsNSSComponent.cpp +++ b/security/manager/ssl/nsNSSComponent.cpp @@ -805,29 +805,22 @@ nsNSSComponent::MaybeEnableFamilySafetyCompatibility() if (familySafetyMode > 2) { familySafetyMode = 0; } - Telemetry::Accumulate(Telemetry::FAMILY_SAFETY, familySafetyMode); if (familySafetyMode == 0) { return; } bool familySafetyEnabled; nsresult rv = AccountHasFamilySafetyEnabled(familySafetyEnabled); if (NS_FAILED(rv)) { - Telemetry::Accumulate(Telemetry::FAMILY_SAFETY, 3); return; } if (!familySafetyEnabled) { - Telemetry::Accumulate(Telemetry::FAMILY_SAFETY, 4); return; } - Telemetry::Accumulate(Telemetry::FAMILY_SAFETY, 5); if (familySafetyMode == 2) { rv = LoadFamilySafetyRoot(); if (NS_FAILED(rv)) { - Telemetry::Accumulate(Telemetry::FAMILY_SAFETY, 6); MOZ_LOG(gPIPNSSLog, LogLevel::Debug, ("failed to load Family Safety root")); - } else { - Telemetry::Accumulate(Telemetry::FAMILY_SAFETY, 7); } } #endif // XP_WIN @@ -1376,12 +1369,18 @@ static const CipherPref sCipherPrefs[] = { TLS_RSA_WITH_AES_256_CBC_SHA, true }, // Expensive/deprecated/weak +// Deprecated { "security.ssl3.rsa_aes_128_gcm_sha256", TLS_RSA_WITH_AES_128_GCM_SHA256, false }, // Deprecated { "security.ssl3.rsa_aes_128_sha256", TLS_RSA_WITH_AES_128_CBC_SHA256, false }, // Deprecated +// Weak/vulnerable { "security.ssl3.rsa_des_ede3_sha", - TLS_RSA_WITH_3DES_EDE_CBC_SHA, false }, // Weak (3DES) + TLS_RSA_WITH_3DES_EDE_CBC_SHA, false, true }, // Weak (3DES) + { "security.ssl3.rsa_rc4_128_sha", + TLS_RSA_WITH_RC4_128_SHA, false, true }, // RC4 + { "security.ssl3.rsa_rc4_128_md5", + TLS_RSA_WITH_RC4_128_MD5, false, true }, // RC4, HMAC-MD5 // All the rest are disabled @@ -1391,8 +1390,8 @@ static const CipherPref sCipherPrefs[] = { // Bit flags indicating what weak ciphers are enabled. // The bit index will correspond to the index in sCipherPrefs. // Wrtten by the main thread, read from any threads. -static Atomic<uint32_t> sEnabledWeakCiphers; -static_assert(MOZ_ARRAY_LENGTH(sCipherPrefs) - 1 <= sizeof(uint32_t) * CHAR_BIT, +static uint64_t sEnabledWeakCiphers; +static_assert(MOZ_ARRAY_LENGTH(sCipherPrefs) - 1 <= sizeof(uint64_t) * CHAR_BIT, "too many cipher suites"); /*static*/ bool @@ -1404,10 +1403,10 @@ nsNSSComponent::AreAnyWeakCiphersEnabled() /*static*/ void nsNSSComponent::UseWeakCiphersOnSocket(PRFileDesc* fd) { - const uint32_t enabledWeakCiphers = sEnabledWeakCiphers; + const uint64_t enabledWeakCiphers = sEnabledWeakCiphers; const CipherPref* const cp = sCipherPrefs; for (size_t i = 0; cp[i].pref; ++i) { - if (enabledWeakCiphers & ((uint32_t)1 << i)) { + if (enabledWeakCiphers & ((uint64_t)1 << i)) { SSL_CipherPrefSet(fd, cp[i].id, true); } } @@ -1534,11 +1533,11 @@ CipherSuiteChangeObserver::Observe(nsISupports* aSubject, // are enabled in prefs. They are only used on specific // sockets as a part of a fallback mechanism. // Only the main thread will change sEnabledWeakCiphers. - uint32_t enabledWeakCiphers = sEnabledWeakCiphers; + uint64_t enabledWeakCiphers = sEnabledWeakCiphers; if (cipherEnabled) { - enabledWeakCiphers |= ((uint32_t)1 << i); + enabledWeakCiphers |= ((uint64_t)1 << i); } else { - enabledWeakCiphers &= ~((uint32_t)1 << i); + enabledWeakCiphers &= ~((uint64_t)1 << i); } sEnabledWeakCiphers = enabledWeakCiphers; } else { @@ -1574,13 +1573,6 @@ void nsNSSComponent::setValidationOptions(bool isInitialSetting, bool ocspRequired = ocspEnabled && Preferences::GetBool("security.OCSP.require", false); - // We measure the setting of the pref at startup only to minimize noise by - // addons that may muck with the settings, though it probably doesn't matter. - if (isInitialSetting) { - Telemetry::Accumulate(Telemetry::CERT_OCSP_ENABLED, ocspEnabled); - Telemetry::Accumulate(Telemetry::CERT_OCSP_REQUIRED, ocspRequired); - } - bool ocspStaplingEnabled = Preferences::GetBool("security.ssl.enable_ocsp_stapling", true); PublicSSLState()->SetOCSPStaplingEnabled(ocspStaplingEnabled); @@ -1932,20 +1924,6 @@ nsNSSComponent::InitializeNSS() return NS_ERROR_FAILURE; } - // TLSServerSocket may be run with the session cache enabled. It is necessary - // to call this once before that can happen. This specifies a maximum of 1000 - // cache entries (the default number of cache entries is 10000, which seems a - // little excessive as there probably won't be that many clients connecting to - // any TLSServerSockets the browser runs.) - // Note that this must occur before any calls to SSL_ClearSessionCache - // (otherwise memory will leak). - if (SSL_ConfigServerSessionIDCache(1000, 0, 0, nullptr) != SECSuccess) { -#ifdef ANDROID - MOZ_RELEASE_ASSERT(false); -#endif - return NS_ERROR_FAILURE; - } - // ensure the CertBlocklist is initialised nsCOMPtr<nsICertBlocklist> certList = do_GetService(NS_CERTBLOCKLIST_CONTRACTID); #ifdef ANDROID @@ -1986,9 +1964,6 @@ nsNSSComponent::InitializeNSS() return NS_ERROR_FAILURE; } - if (PK11_IsFIPS()) { - Telemetry::Accumulate(Telemetry::FIPS_ENABLED, true); - } MOZ_LOG(gPIPNSSLog, LogLevel::Debug, ("NSS Initialization done\n")); return NS_OK; } @@ -2476,7 +2451,7 @@ InitializeCipherSuite() } // Now only set SSL/TLS ciphers we knew about at compile time - uint32_t enabledWeakCiphers = 0; + uint64_t enabledWeakCiphers = 0; const CipherPref* const cp = sCipherPrefs; for (size_t i = 0; cp[i].pref; ++i) { bool cipherEnabled = Preferences::GetBool(cp[i].pref, @@ -2485,7 +2460,7 @@ InitializeCipherSuite() // Weak ciphers are not used by default. See the comment // in CipherSuiteChangeObserver::Observe for details. if (cipherEnabled) { - enabledWeakCiphers |= ((uint32_t)1 << i); + enabledWeakCiphers |= ((uint64_t)1 << i); } } else { SSL_CipherPrefSetDefault(cp[i].id, cipherEnabled); diff --git a/security/manager/ssl/nsNSSErrors.cpp b/security/manager/ssl/nsNSSErrors.cpp index fc8bd3e31..1613eb4e7 100644 --- a/security/manager/ssl/nsNSSErrors.cpp +++ b/security/manager/ssl/nsNSSErrors.cpp @@ -84,7 +84,7 @@ nsNSSErrors::getErrorMessageFromCode(PRErrorCode err, params[0] = idU.get(); nsString formattedString; - rv = component->PIPBundleFormatStringFromName("certErrorCodePrefix2", + rv = component->PIPBundleFormatStringFromName("certErrorCodePrefix", params, 1, formattedString); if (NS_SUCCEEDED(rv)) { diff --git a/security/manager/ssl/nsNSSIOLayer.cpp b/security/manager/ssl/nsNSSIOLayer.cpp index 2d49540fb..93fca396b 100644 --- a/security/manager/ssl/nsNSSIOLayer.cpp +++ b/security/manager/ssl/nsNSSIOLayer.cpp @@ -237,9 +237,6 @@ nsNSSSocketInfo::NoteTimeUntilReady() mNotedTimeUntilReady = true; - // This will include TCP and proxy tunnel wait time - Telemetry::AccumulateTimeDelta(Telemetry::SSL_TIME_UNTIL_READY, - mSocketCreationTimestamp, TimeStamp::Now()); MOZ_LOG(gPIPNSSLog, LogLevel::Debug, ("[%p] nsNSSSocketInfo::NoteTimeUntilReady\n", mFd)); } @@ -259,16 +256,6 @@ nsNSSSocketInfo::SetHandshakeCompleted() : mFalseStarted ? FalseStarted : mFalseStartCallbackCalled ? ChoseNotToFalseStart : NotAllowedToFalseStart; - - // This will include TCP and proxy tunnel wait time - Telemetry::AccumulateTimeDelta(Telemetry::SSL_TIME_UNTIL_HANDSHAKE_FINISHED, - mSocketCreationTimestamp, TimeStamp::Now()); - - // If the handshake is completed for the first time from just 1 callback - // that means that TLS session resumption must have been used. - Telemetry::Accumulate(Telemetry::SSL_RESUMED_SESSION, - handshakeType == Resumption); - Telemetry::Accumulate(Telemetry::SSL_HANDSHAKE_TYPE, handshakeType); } @@ -623,11 +610,6 @@ nsNSSSocketInfo::SetCertVerificationResult(PRErrorCode errorCode, SetCanceled(errorCode, errorMessageType); } - if (mPlaintextBytesRead && !errorCode) { - Telemetry::Accumulate(Telemetry::SSL_BYTES_BEFORE_CERT_CALLBACK, - AssertedCast<uint32_t>(mPlaintextBytesRead)); - } - mCertVerificationState = after_cert_verification; } @@ -1121,8 +1103,6 @@ retryDueToTLSIntolerance(PRErrorCode err, nsNSSSocketInfo* socketInfo) PRErrorCode originalReason = helpers.getIntoleranceReason(socketInfo->GetHostName(), socketInfo->GetPort()); - Telemetry::Accumulate(Telemetry::SSL_VERSION_FALLBACK_INAPPROPRIATE, - tlsIntoleranceTelemetryBucket(originalReason)); helpers.forgetIntolerance(socketInfo->GetHostName(), socketInfo->GetPort()); @@ -1144,11 +1124,8 @@ retryDueToTLSIntolerance(PRErrorCode err, nsNSSSocketInfo* socketInfo) helpers.mUnrestrictedRC4Fallback) { if (helpers.rememberStrongCiphersFailed(socketInfo->GetHostName(), socketInfo->GetPort(), err)) { - Telemetry::Accumulate(Telemetry::SSL_WEAK_CIPHERS_FALLBACK, - tlsIntoleranceTelemetryBucket(err)); return true; } - Telemetry::Accumulate(Telemetry::SSL_WEAK_CIPHERS_FALLBACK, 0); } } @@ -1191,18 +1168,12 @@ retryDueToTLSIntolerance(PRErrorCode err, nsNSSSocketInfo* socketInfo) return false; } - // The difference between _PRE and _POST represents how often we avoided - // TLS intolerance fallback due to remembered tolerance. - Telemetry::Accumulate(pre, reason); - if (!helpers.rememberIntolerantAtVersion(socketInfo->GetHostName(), socketInfo->GetPort(), range.min, range.max, err)) { return false; } - Telemetry::Accumulate(post, reason); - return true; } @@ -1242,8 +1213,6 @@ reportHandshakeResult(int32_t bytesTransferred, bool wasReading, PRErrorCode err } else { bucket = 671; } - - Telemetry::Accumulate(Telemetry::SSL_HANDSHAKE_RESULT, bucket); } int32_t diff --git a/security/manager/ssl/nsNTLMAuthModule.cpp b/security/manager/ssl/nsNTLMAuthModule.cpp index a0564118a..46a4a21a0 100644 --- a/security/manager/ssl/nsNTLMAuthModule.cpp +++ b/security/manager/ssl/nsNTLMAuthModule.cpp @@ -1009,11 +1009,6 @@ nsNTLMAuthModule::Init(const char *serviceName, static bool sTelemetrySent = false; if (!sTelemetrySent) { - mozilla::Telemetry::Accumulate( - mozilla::Telemetry::NTLM_MODULE_USED_2, - serviceFlags & nsIAuthModule::REQ_PROXY_AUTH - ? NTLM_MODULE_GENERIC_PROXY - : NTLM_MODULE_GENERIC_DIRECT); sTelemetrySent = true; } diff --git a/security/manager/ssl/nsPKCS11Slot.cpp b/security/manager/ssl/nsPKCS11Slot.cpp index 780a7c4b2..015f86901 100644 --- a/security/manager/ssl/nsPKCS11Slot.cpp +++ b/security/manager/ssl/nsPKCS11Slot.cpp @@ -541,10 +541,6 @@ nsPKCS11ModuleDB::ToggleFIPSMode() return NS_ERROR_FAILURE; } - if (PK11_IsFIPS()) { - Telemetry::Accumulate(Telemetry::FIPS_ENABLED, true); - } - return NS_OK; } diff --git a/security/manager/ssl/nsSTSPreloadList.errors b/security/manager/ssl/nsSTSPreloadList.errors index 4cfa9bd84..243fdce2c 100644 --- a/security/manager/ssl/nsSTSPreloadList.errors +++ b/security/manager/ssl/nsSTSPreloadList.errors @@ -1,19 +1,22 @@ 0-1.party: could not connect to host +0.me.uk: did not receive HSTS header 00001.am: max-age too low: 129600 00002.am: max-age too low: 129600 0005.com: could not connect to host 0005aa.com: could not connect to host +0005pay.com: did not receive HSTS header 00220022.net: could not connect to host 007-preisvergleich.de: could not connect to host 007kf.com: could not connect to host 007sascha.de: did not receive HSTS header +00880088.net: could not connect to host 00wbf.com: could not connect to host 01100010011001010111001101110100.com: could not connect to host 016298.com: did not receive HSTS header 020wifi.nl: could not connect to host +0222.mg: did not receive HSTS header 0222aa.com: did not receive HSTS header 023838.com: did not receive HSTS header -02607.com: could not connect to host 029inno.com: could not connect to host 02dl.net: could not connect to host 03-09-2016.wedding: could not connect to host @@ -26,7 +29,6 @@ 066928.com: could not connect to host 066938.com: could not connect to host 070709.net: could not connect to host -09115.com: could not connect to host 0c.eu: did not receive HSTS header 0cdn.ga: could not connect to host 0day.su: could not connect to host @@ -41,11 +43,12 @@ 0w0.vc: could not connect to host 0x0a.net: could not connect to host 0x1337.eu: could not connect to host -0x44.net: did not receive HSTS header +0x44.net: could not connect to host 0x4b0c131e.pub: could not connect to host 0x52.org: could not connect to host 0x539.be: did not receive HSTS header 0x539.pw: did not receive HSTS header +0x5f3759df.cf: could not connect to host 0x65.net: did not receive HSTS header 0x90.fi: could not connect to host 0x90.in: could not connect to host @@ -54,8 +57,11 @@ 0xb612.org: could not connect to host 0xcafec0.de: did not receive HSTS header 1.0.0.1: max-age too low: 0 +10000v.ru: could not connect to host 1000hats.com: did not receive HSTS header +1000serien.com: could not connect to host 1001.best: could not connect to host +1001firms.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] 100onrainkajino.com: could not connect to host 1017scribes.com: could not connect to host 1018hosting.nl: did not receive HSTS header @@ -64,38 +70,47 @@ 10gbit.ovh: could not connect to host 10tacle.io: could not connect to host 10x.ooo: could not connect to host +1116pay.com: did not receive HSTS header 11recruitment.com.au: did not receive HSTS header 12.net: did not receive HSTS header 120dayweightloss.com: could not connect to host 123110.com: could not connect to host +123comparer.fr: did not receive HSTS header +123djdrop.com: did not receive HSTS header 123movies.fyi: did not receive HSTS header 123share.org: did not receive HSTS header +123termpapers.com: could not connect to host 123test.de: did not receive HSTS header 123test.es: did not receive HSTS header 123test.fr: did not receive HSTS header 126ium.moe: could not connect to host 127011-networks.ch: could not connect to host +1288fc.com: could not connect to host 12vpn.org: could not connect to host 12vpnchina.com: could not connect to host 1359826938.rsc.cdn77.org: did not receive HSTS header 135vv.com: could not connect to host 13826145000.com: could not connect to host -1396.cc: did not receive HSTS header +1396.cc: could not connect to host +1396.net: did not receive HSTS header +15-10.com: did not receive HSTS header 1536.cf: could not connect to host +160887.com: did not receive HSTS header 16164f.com: could not connect to host 163pwd.com: could not connect to host 168bet9.com: could not connect to host +168esb.com: could not connect to host 16deza.com: did not receive HSTS header 16packets.com: could not connect to host 173vpn.cn: did not receive HSTS header 173vpns.com: could not connect to host 173vpnv.com: could not connect to host 174.net.nz: did not receive HSTS header -174343.com: did not receive HSTS header +174343.com: could not connect to host 188522.com: did not receive HSTS header +18888msc.com: could not connect to host 1888zr.com: could not connect to host 188betwarriors.co.uk: could not connect to host -188da.com: could not connect to host 188trafalgar.ca: did not receive HSTS header 1912x.com: could not connect to host 1921958389.rsc.cdn77.org: could not connect to host @@ -107,6 +122,7 @@ 1day1ac.red: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] 1er-secours.ch: could not connect to host 1gsoft.com: could not connect to host +1item.co.il: did not receive HSTS header 1k8b.com: could not connect to host 1nian.vip: could not connect to host 1pw.ca: did not receive HSTS header @@ -114,7 +130,9 @@ 1s.tn: could not connect to host 1st4abounce.co.uk: did not receive HSTS header 1stcapital.com.sg: did not receive HSTS header +1ststop.co.uk: did not receive HSTS header 1three1.net: did not receive HSTS header +1upinternet.com: could not connect to host 1xcess.com: did not receive HSTS header 1years.cc: did not receive HSTS header 2-cpu.de: could not connect to host @@ -127,27 +145,29 @@ 21lg.co: could not connect to host 21stnc.com: could not connect to host 2333.press: could not connect to host -233boy.com: could not connect to host +233ss.net: did not receive HSTS header +247a.co.uk: could not connect to host 247quickbooks.com: did not receive HSTS header 2488.ch: did not receive HSTS header 249cq.com: could not connect to host 24hourpaint.com: could not connect to host -24hrs.shopping: did not receive HSTS header +24hrs.shopping: could not connect to host 24kbet.com: could not connect to host 24pcr.com: could not connect to host 24sihu.com: could not connect to host 256k.me: could not connect to host 25daysof.io: could not connect to host +260887.com: did not receive HSTS header 2859cc.com: could not connect to host 29227.com: could not connect to host 2acbi-asso.fr: did not receive HSTS header -2au.ru: could not connect to host 2b3b.com: could not connect to host 2bitout.com: could not connect to host 2bizi.ru: could not connect to host 2brokegirls.org: could not connect to host 2carpros.com: did not receive HSTS header 2fl.me: did not receive HSTS header +2gen.com: could not connect to host 2intermediate.co.uk: did not receive HSTS header 2or3.tk: could not connect to host 2smart4food.com: could not connect to host @@ -160,11 +180,13 @@ 3133780x.com: did not receive HSTS header 314166.com: could not connect to host 314chan.org: could not connect to host +31tv.ru: did not receive HSTS header 32ph.com: could not connect to host 330.net: could not connect to host 338da.com: could not connect to host -33drugstore.com: did not receive HSTS header -341.mg: did not receive HSTS header +33drugstore.com: could not connect to host +341.mg: could not connect to host +34oztonic.eu: did not receive HSTS header 3555500.com: could not connect to host 3555aa.com: could not connect to host 35792.de: could not connect to host @@ -175,9 +197,9 @@ 368mibn.com: could not connect to host 3778xl.com: did not receive HSTS header 3839.ca: could not connect to host -388da.com: could not connect to host +38888msc.com: could not connect to host +38blog.com: could not connect to host 38sihu.com: could not connect to host -3aandl.com: did not receive HSTS header 3candy.com: could not connect to host 3chit.cf: could not connect to host 3click-loan.com: could not connect to host @@ -187,12 +209,11 @@ 3dm.audio: could not connect to host 3dproteinimaging.com: did not receive HSTS header 3fl.com: did not receive HSTS header -3hl0.net: could not connect to host -3lot.ru: could not connect to host 3mbo.de: did not receive HSTS header 3sreporting.com: did not receive HSTS header 3vlnaeet.cz: could not connect to host 3wecommerce.com.br: could not connect to host +3xx.link: could not connect to host 4036aa.com: did not receive HSTS header 4036bb.com: did not receive HSTS header 4036cc.com: did not receive HSTS header @@ -202,23 +223,37 @@ 404404.info: could not connect to host 404forest.com: did not receive HSTS header 41844.de: could not connect to host -41studio.com: could not connect to host 420dongstorm.com: could not connect to host +4237.com: max-age too low: 86400 +42entrepreneurs.fr: did not receive HSTS header 42ms.org: could not connect to host 42t.ru: could not connect to host 439191.com: did not receive HSTS header +440887.com: did not receive HSTS header 440hz-radio.de: did not receive HSTS header 440hz.radio: did not receive HSTS header +442887.com: did not receive HSTS header +443887.com: did not receive HSTS header +444887.com: did not receive HSTS header 4455software.com: could not connect to host +445887.com: did not receive HSTS header 44957.com: could not connect to host +44sec.com: could not connect to host +4500.co.il: did not receive HSTS header 4679.space: did not receive HSTS header +4706666.com: did not receive HSTS header +4716666.com: did not receive HSTS header +4726666.com: did not receive HSTS header +4756666.com: did not receive HSTS header +4786666.com: did not receive HSTS header +478933.com: did not receive HSTS header 47tech.com: could not connect to host -4azino777.ru: could not connect to host +4997777.com: could not connect to host +4azino777.ru: did not receive HSTS header 4baby.com.br: could not connect to host 4bike.eu: did not receive HSTS header 4cclothing.com: could not connect to host 4d2.xyz: could not connect to host -4flex.info: could not connect to host 4hvac.com: did not receive HSTS header 4loc.us: could not connect to host 4miners.net: could not connect to host @@ -236,48 +271,62 @@ 517vpn.cn: could not connect to host 518maicai.com: could not connect to host 51aifuli.com: could not connect to host +52b9.com: could not connect to host +52b9.net: could not connect to host 52kb.net: could not connect to host 52kb1.com: could not connect to host 52neptune.com: could not connect to host 540.co: did not receive HSTS header +5432.cc: did not receive HSTS header 54bf.com: could not connect to host 555fl.com: max-age too low: 129600 555xl.com: could not connect to host 56877.com: could not connect to host 56ct.com: could not connect to host 57aromas.com: did not receive HSTS header +57he.com: did not receive HSTS header +5chat.it: could not connect to host 5piecesofadvice.com: could not connect to host 605508.cc: could not connect to host 605508.com: could not connect to host 60ych.net: did not receive HSTS header 6120.eu: did not receive HSTS header -62755.com: could not connect to host +62755.com: did not receive HSTS header 64616e.xyz: could not connect to host -660011.com: max-age too low: 0 +64bitgaming.de: could not connect to host +660011.com: could not connect to host +6677.us: did not receive HSTS header +668da.com: did not receive HSTS header 68277.me: could not connect to host +688da.com: could not connect to host 692b8c32.de: could not connect to host 69mentor.com: could not connect to host 69square.com: could not connect to host +6z3.net: could not connect to host +7045h.com: could not connect to host 7183.org: could not connect to host -721av.com: max-age too low: 2592000 +721av.com: could not connect to host 724go.com: could not connect to host 7261696e626f77.net: could not connect to host 72ty.com: could not connect to host 72ty.net: could not connect to host 73223.com: did not receive HSTS header -776573.net: could not connect to host +73info.com: did not receive HSTS header +771122.tv: did not receive HSTS header +776573.net: did not receive HSTS header 7777av.co: could not connect to host 77890k.com: could not connect to host -77book.cn: did not receive HSTS header -7bwin.com: max-age too low: 3600 +77book.cn: could not connect to host +789zr.com: max-age too low: 86400 7f-wgg.cf: could not connect to host 7links.com.br: did not receive HSTS header +7nw.eu: could not connect to host 7thheavenrestaurant.com: could not connect to host 8.net.co: could not connect to host 8003pay.com: could not connect to host 808.lv: did not receive HSTS header 808phone.net: could not connect to host -81818app.com: did not receive HSTS header +81818app.com: could not connect to host 81uc.com: could not connect to host 826468.com: could not connect to host 826498.com: could not connect to host @@ -286,8 +335,11 @@ 8522.am: could not connect to host 8522cn.com: did not receive HSTS header 8560.be: could not connect to host +8722.com: did not receive HSTS header 87577.com: could not connect to host 88.to: could not connect to host +887.ag: did not receive HSTS header +8884553.com: could not connect to host 8887999.com: could not connect to host 8888av.co: could not connect to host 888azino.com: did not receive HSTS header @@ -295,37 +347,50 @@ 88d.com: could not connect to host 88laohu.cc: could not connect to host 88laohu.com: could not connect to host +8989k3.com: could not connect to host 89955.com: could not connect to host 899699.com: did not receive HSTS header 89he.com: could not connect to host -8azino777.ru: could not connect to host +8azino777.ru: did not receive HSTS header 8ballbombom.uk: could not connect to host -8dabet.com: could not connect to host +8da2018.com: could not connect to host 8mpay.com: did not receive HSTS header -8svn.com: could not connect to host 8t88.biz: could not connect to host 90smthng.com: could not connect to host 91-freedom.com: could not connect to host +910kj.com: did not receive HSTS header 9118b.com: could not connect to host 911911.pw: could not connect to host 915ers.com: did not receive HSTS header +918gd.com: could not connect to host +918yy.com: did not receive HSTS header +919945.com: did not receive HSTS header 91dh.cc: could not connect to host 91lt.info: could not connect to host 922.be: could not connect to host 92bmh.com: did not receive HSTS header +9454.com: max-age too low: 86400 94cs.cn: did not receive HSTS header 95778.com: could not connect to host 960news.ca: could not connect to host +9617818.com: could not connect to host +9617818.net: could not connect to host 9651678.ru: could not connect to host +9822.com: did not receive HSTS header +987987.com: did not receive HSTS header 99511.fi: did not receive HSTS header -9998722.com: could not connect to host 99buffets.com: could not connect to host +9iwan.net: did not receive HSTS header 9jadirect.com: could not connect to host 9point6.com: could not connect to host -a-intel.com: did not receive HSTS header +9ss6.com: could not connect to host +9vies.ca: could not connect to host +9y.at: did not receive HSTS header +a-intel.com: could not connect to host a-ix.net: could not connect to host a-plus.space: could not connect to host a-rickroll-n.pw: could not connect to host +a-shafaat.ir: did not receive HSTS header a-theme.com: could not connect to host a1-autopartsglasgow.com: could not connect to host a1798.com: could not connect to host @@ -333,7 +398,6 @@ a200k.xyz: did not receive HSTS header a2c-co.net: could not connect to host a2it.gr: did not receive HSTS header a3workshop.swiss: could not connect to host -a8q.org: could not connect to host a9c.co: could not connect to host aa7733.com: could not connect to host aaeblog.com: did not receive HSTS header @@ -342,18 +406,21 @@ aaeblog.org: did not receive HSTS header aaoo.net: could not connect to host aapp.space: could not connect to host aariefhaafiz.com: could not connect to host -aarkue.eu: did not receive HSTS header aaron-gustafson.com: did not receive HSTS header +aaronhorler.com.au: could not connect to host aaronmcguire.me: did not receive HSTS header aarvinproperties.com: could not connect to host -aati.info: could not connect to host +abandonedmines.gov: could not connect to host abareplace.com: did not receive HSTS header abasky.net: could not connect to host +abcdef.be: could not connect to host abcdentalcare.com: did not receive HSTS header abcdobebe.com: did not receive HSTS header abchelp.net: did not receive HSTS header +abdullah.pw: could not connect to host abearofsoap.com: could not connect to host abecodes.net: could not connect to host +abeontech.com: could not connect to host abi-fvs.de: could not connect to host abigailstark.com: could not connect to host abilitylist.org: did not receive HSTS header @@ -371,6 +438,7 @@ aboutmyip.info: did not receive HSTS header aboutmyproperty.ca: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] aboutyou-deals.de: could not connect to host absinthium.ch: could not connect to host +absolutewaterproofingsolutions.com: did not receive HSTS header abstractbarista.com: could not connect to host abstractbarista.net: could not connect to host abt.de: did not receive HSTS header @@ -387,6 +455,7 @@ acadianapatios.com: did not receive HSTS header acai51.net: could not connect to host acaonegocios.com.br: could not connect to host acbc.ie: max-age too low: 0 +accbay.com: could not connect to host accelerate.network: could not connect to host accelerole.com: did not receive HSTS header accelight.co.jp: did not receive HSTS header @@ -394,11 +463,11 @@ accelight.jp: did not receive HSTS header access-sofia.org: did not receive HSTS header accolade.com.br: could not connect to host accoun.technology: could not connect to host -accountradar.com: max-age too low: 86400 accounts-p.com: could not connect to host accountsuspended.club: could not connect to host accwing.com: could not connect to host aceadvisory.biz: did not receive HSTS header +acelpb.com: could not connect to host acg.mn: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] acg.sb: could not connect to host acgaudio.com: could not connect to host @@ -424,7 +493,9 @@ actiontowingroundrock.com: could not connect to host activateplay.com: did not receive HSTS header active-escape.com: did not receive HSTS header activeweb.top: could not connect to host +activistasconstructivos.org: did not receive HSTS header activiti.alfresco.com: did not receive HSTS header +actu-film.com: max-age too low: 0 actu-medias.com: could not connect to host actualite-videos.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] acuve.jp: could not connect to host @@ -435,6 +506,7 @@ adambryant.ca: could not connect to host adamcoffee.net: could not connect to host adamdixon.co.uk: could not connect to host adamricheimer.com: could not connect to host +adamsfoundationrepair.com: did not receive HSTS header adamwk.com: did not receive HSTS header adastra.re: could not connect to host adblock.ovh: could not connect to host @@ -445,28 +517,32 @@ addvocate.com: could not connect to host adec-emsa.ae: could not connect to host adelaides.com: did not receive HSTS header adelevie.com: could not connect to host -adeline.mobi: could not connect to host adelinlydia-coach.com: did not receive HSTS header adequatetechnology.com: could not connect to host aderal.io: could not connect to host adesa-asesoria.com: did not receive HSTS header adfa-1.com: could not connect to host -adhigamindia.com: did not receive HSTS header +adhigamindia.com: could not connect to host adhosting.nl: did not receive HSTS header adhs-chaoten.net: did not receive HSTS header adigitali.biz: did not receive HSTS header adindexr.com: could not connect to host +adint.net: could not connect to host adlerweb.info: did not receive HSTS header admin-forms.co.uk: did not receive HSTS header +admin-numerique.com: did not receive HSTS header admin.google.com: did not receive HSTS header (error ignored - included regardless) admins.tech: could not connect to host +adminwerk.com: did not receive HSTS header adminwerk.net: did not receive HSTS header +admirable.one: did not receive HSTS header admiral.dp.ua: did not receive HSTS header admitcard.co.in: could not connect to host admsel.ec: could not connect to host adoal.net: did not receive HSTS header adoge.me: could not connect to host adonairelogios.com.br: could not connect to host +adoniscabaret.co.uk: could not connect to host adopteunsiteflash.com: could not connect to host adprospb.com: did not receive HSTS header adquisitio.de: could not connect to host @@ -475,6 +551,7 @@ adrenaline-gaming.ru: could not connect to host adrianajewelry.my: could not connect to host adriancohea.ninja: did not receive HSTS header adrianseo.ro: did not receive HSTS header +adrinet.tk: could not connect to host adrl.ca: could not connect to host adsfund.org: could not connect to host aduedu.de: did not receive HSTS header @@ -487,6 +564,7 @@ advanced-online.eu: could not connect to host advancedplasticsurgerycenter.com: did not receive HSTS header advancedseotool.it: did not receive HSTS header advancedstudio.ro: could not connect to host +advancedwriters.com: could not connect to host advantagemechanicalinc.com: did not receive HSTS header adventistdeploy.org: could not connect to host adventures.is: did not receive HSTS header @@ -495,7 +573,6 @@ advertisemant.com: could not connect to host adviespuntklokkenluiders.nl: could not connect to host adzie.xyz: could not connect to host adzuna.co.uk: did not receive HSTS header -aelurus.com: could not connect to host aemoria.com: could not connect to host aeon.wiki: could not connect to host aerialmediapro.net: could not connect to host @@ -510,20 +587,25 @@ aevpn.org: could not connect to host aeyoun.com: did not receive HSTS header af-fotografie.net: did not receive HSTS header afdkompakt.de: max-age too low: 86400 +afeefzarapackages.com: did not receive HSTS header affily.io: could not connect to host +affinity.vc: did not receive HSTS header affordablebouncycastle.co.uk: did not receive HSTS header +affordablepapers.com: could not connect to host aficotroceni.ro: did not receive HSTS header afiru.net: could not connect to host +aflamtorrent.com: could not connect to host afmchandler.com: did not receive HSTS header afp548.tk: could not connect to host after.im: did not receive HSTS header afterstack.net: could not connect to host -afvallendoeje.nu: could not connect to host +afvallendoeje.nu: did not receive HSTS header afyou.co.kr: could not connect to host agalaxyfarfaraway.co.uk: could not connect to host agatheetraphael.fr: could not connect to host agbremen.de: could not connect to host agdalieso.com.ba: could not connect to host +ageg.ca: could not connect to host agelesscitizen.com: could not connect to host agelesscitizens.com: could not connect to host agenbettingasia.com: did not receive HSTS header @@ -531,7 +613,9 @@ agenciagriff.com: did not receive HSTS header agencymanager.be: could not connect to host agentseeker.ca: could not connect to host agevio.com: could not connect to host +agileecommerce.com.br: could not connect to host agingstop.net: could not connect to host +agonswim.com: did not receive HSTS header agoravm.tk: could not connect to host agowa.eu: did not receive HSTS header agowa338.de: did not receive HSTS header @@ -541,13 +625,12 @@ agrias.com.br: did not receive HSTS header agrikulturchic.com: could not connect to host agrimap.com: did not receive HSTS header agro-id.gov.ua: did not receive HSTS header +agro.rip: did not receive HSTS header agroglass.com.br: did not receive HSTS header -agroline.by: could not connect to host agtv.com.br: did not receive HSTS header ahabingo.com: did not receive HSTS header ahelos.tk: could not connect to host ahlz.sk: could not connect to host -ahmedcharles.com: could not connect to host aholic.co: did not receive HSTS header ahoynetwork.com: could not connect to host ahri.ovh: could not connect to host @@ -555,36 +638,39 @@ ahsin.online: could not connect to host ahwah.net: could not connect to host ahwatukeefoothillsmontessori.com: did not receive HSTS header ai1989.com: could not connect to host +aibaoyou.com: could not connect to host aibsoftware.mx: could not connect to host -aicial.co.uk: could not connect to host aicial.com: did not receive HSTS header aicial.com.au: could not connect to host aid-web.ch: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] aidanwoods.com: did not receive HSTS header -aide-admin.com: could not connect to host +aide-admin.com: did not receive HSTS header aidikofflaw.com: did not receive HSTS header aiesecarad.ro: could not connect to host aifreeze.ru: could not connect to host aify.eu: could not connect to host aignermunich.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] aignermunich.de: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] -aignermunich.jp: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] aikenorganics.com: could not connect to host aim-consultants.com: could not connect to host +aimerworld.com: did not receive HSTS header aimrom.org: could not connect to host ainrb.com: could not connect to host -aintevenmad.ch: could not connect to host aioboot.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] aip-marine.com: could not connect to host aiphyron.com: could not connect to host aiponne.com: could not connect to host airconsalberton.co.za: did not receive HSTS header +airconsboksburg.co.za: did not receive HSTS header +airconsfourways.co.za: did not receive HSTS header +airconsmidrand.co.za: did not receive HSTS header airedaleterrier.com.br: could not connect to host airfax.io: could not connect to host airlea.com: could not connect to host airlinecheckins.com: did not receive HSTS header airmazinginflatables.com: could not connect to host airproto.com: did not receive HSTS header +airsick.guide: did not receive HSTS header airtimefranchise.com: did not receive HSTS header aishnair.com: could not connect to host aisle3.space: could not connect to host @@ -604,16 +690,21 @@ akgundemirbas.com: could not connect to host akhilindurti.com: could not connect to host akhras.at: did not receive HSTS header akiba-server.info: could not connect to host +akihiro.xyz: could not connect to host akita-stream.com: could not connect to host akkadia.cc: could not connect to host +akoch.net: could not connect to host akombakom.net: could not connect to host akoww.de: could not connect to host -akselimedia.fi: did not receive HSTS header +akronet.cz: did not receive HSTS header +akropol.cz: did not receive HSTS header +akselimedia.fi: could not connect to host akstudentsfirst.org: could not connect to host -aktivist.in: did not receive HSTS header +aktan.com.br: could not connect to host +aktivist.in: could not connect to host +akul.co.in: could not connect to host al-f.net: could not connect to host al-shami.net: could not connect to host -alamgir.works: could not connect to host alanhuang.name: did not receive HSTS header alanlee.net: could not connect to host alanrickmanflipstable.com: did not receive HSTS header @@ -626,31 +717,36 @@ alauda-home.de: could not connect to host alaundeil.xyz: could not connect to host albanien.guide: could not connect to host alberguecimballa.es: could not connect to host -albertbogdanowicz.pl: did not receive HSTS header albertify.xyz: could not connect to host +albertonplumber24-7.co.za: did not receive HSTS header albertopimienta.com: did not receive HSTS header alcantarafleuriste.com: did not receive HSTS header alcatraz.online: could not connect to host alcazaar.com: could not connect to host alchemia.co.il: did not receive HSTS header alcorao.org: could not connect to host +aldes.co.za: did not receive HSTS header aleax.me: could not connect to host alecvannoten.be: did not receive HSTS header -aleksejjocic.tk: could not connect to host alenan.org: could not connect to host aleph.land: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] alertaenlinea.gov: did not receive HSTS header alessandro.pw: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] +alessandroz.ddns.net: could not connect to host alessandroz.pro: could not connect to host alethearose.com: did not receive HSTS header alexandernorth.ch: could not connect to host alexandre.sh: did not receive HSTS header -alexbaker.org: did not receive HSTS header alexdodge.ca: did not receive HSTS header alexei.su: could not connect to host alexfisherhealth.com.au: did not receive HSTS header alexhaydock.co.uk: did not receive HSTS header +alexischaussy.xyz: could not connect to host +alexismeza.com: could not connect to host +alexismeza.com.mx: could not connect to host alexismeza.dk: could not connect to host +alexismeza.es: could not connect to host +alexismeza.nl: could not connect to host alexkidd.de: did not receive HSTS header alexmak.net: did not receive HSTS header alexmol.tk: could not connect to host @@ -662,9 +758,11 @@ alfirous.com: could not connect to host alfredxing.com: did not receive HSTS header algarmatic-automatismos.pt: could not connect to host algebraaec.com: did not receive HSTS header -alghaib.com: did not receive HSTS header -alghanimcatering.com: did not receive HSTS header +alghaib.com: could not connect to host alibababee.com: did not receive HSTS header +alicialab.org: could not connect to host +alien.bz: did not receive HSTS header +alikulov.me: did not receive HSTS header alilialili.ga: could not connect to host alinemaciel.adm.br: could not connect to host alistairpialek.com: max-age too low: 86400 @@ -674,9 +772,11 @@ aljammaz.holdings: did not receive HSTS header aljmz.com: did not receive HSTS header alkami.com: max-age too low: 0 alkamitech.com: max-age too low: 0 +alkel.info: could not connect to host all-subtitles.com: could not connect to host all.tf: could not connect to host all4os.com: did not receive HSTS header +allaboutbelgaum.com: did not receive HSTS header allangirvan.net: could not connect to host alldaymonitoring.com: could not connect to host alldm.ru: could not connect to host @@ -690,8 +790,10 @@ alliance-compacts.com: did not receive HSTS header allinnote.com: could not connect to host allinonecyprus.com: did not receive HSTS header allkindzabeats.com: did not receive HSTS header +allladyboys.com: could not connect to host allmbw.com: could not connect to host allmystery.de: did not receive HSTS header +allo-symo.fr: did not receive HSTS header allods-zone.ru: did not receive HSTS header alloffice.com.ua: did not receive HSTS header alloinformatique.net: could not connect to host @@ -699,7 +801,9 @@ alloutatl.com: could not connect to host allpropertyservices.com: did not receive HSTS header allprorisk.com: did not receive HSTS header allrealty.co.za: could not connect to host +allroundpvp.net: did not receive HSTS header allscammers.exposed: could not connect to host +allseasons-cleaning.co.uk: could not connect to host allsortscastles.co.uk: could not connect to host allstarswithus.com: could not connect to host allstorebrasil.com.br: could not connect to host @@ -707,7 +811,7 @@ alltheducks.com: max-age too low: 43200 allthingsfpl.com: could not connect to host allvips.ru: could not connect to host almagalla.com: could not connect to host -almatinki.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] +almatinki.com: could not connect to host aloalabs.com: did not receive HSTS header alocato.com: could not connect to host alparque.com: did not receive HSTS header @@ -717,6 +821,7 @@ alphabuild.io: could not connect to host alphagamers.net: did not receive HSTS header alphahunks.com: could not connect to host alphalabs.xyz: could not connect to host +alqassam.net: did not receive HSTS header als-hardware.co.za: did not receive HSTS header alspolska.pl: max-age too low: 2592000 alt-tab-design.com: did not receive HSTS header @@ -724,25 +829,32 @@ alt33c3.org: could not connect to host altahrim.net: could not connect to host altaide.com: did not receive HSTS header altailife.ru: did not receive HSTS header -altamarea.se: could not connect to host +altamarea.se: did not receive HSTS header +altbinaries.com: could not connect to host alteqnia.com: could not connect to host altercpa.ru: did not receive HSTS header +altered.network: could not connect to host altfire.ca: could not connect to host altiacaselight.com: could not connect to host altitudemoversdenver.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] -altmv.com: max-age too low: 7776000 +altoneum.com: could not connect to host altporn.xyz: could not connect to host aluminium-scaffolding.co.uk: could not connect to host alunjam.es: did not receive HSTS header alunonaescola.com.br: could not connect to host -aluoblog.top: did not receive HSTS header +aluoblog.pw: could not connect to host +aluoblog.top: could not connect to host alusta.co: could not connect to host am8888.top: could not connect to host -amaderelectronics.com: could not connect to host +amaderelectronics.com: max-age too low: 2592000 +amadilo.de: did not receive HSTS header +amadoraslindas.com: could not connect to host amaforums.org: did not receive HSTS header amagical.net: did not receive HSTS header amandaonishi.com: could not connect to host amaranthus.com.ph: could not connect to host +amartinz.at: could not connect to host +amateri.com: could not connect to host amatzen.dk: did not receive HSTS header amavis.org: did not receive HSTS header amazing-gaming.fr: could not connect to host @@ -763,17 +875,24 @@ americansforcommunitydevelopment.org: did not receive HSTS header americansportsinstitute.org: did not receive HSTS header americanworkwear.nl: did not receive HSTS header amethystcards.co.uk: could not connect to host +ameza.co.uk: could not connect to host +ameza.com.mx: could not connect to host +ameza.io: could not connect to host +ameza.me: could not connect to host +ameza.net: could not connect to host amicsdelbus.com: did not receive HSTS header amigogeek.net: could not connect to host amihub.com: could not connect to host amilum.org: could not connect to host amilx.com: could not connect to host amilx.org: could not connect to host -amimoto-ami.com: max-age too low: 3153600 +amimoto-ami.com: did not receive HSTS header +amin.ga: did not receive HSTS header +amin.one: could not connect to host amishsecurity.com: could not connect to host amitse.com: did not receive HSTS header amitube.com: did not receive HSTS header -amleeds.co.uk: did not receive HSTS header +amleeds.co.uk: could not connect to host amlvfs.net: could not connect to host ammoulianiapartments.com: did not receive HSTS header amo-entreprise-et-commerce.fr: could not connect to host @@ -789,15 +908,18 @@ amunoz.org: could not connect to host amv-crm.ru: could not connect to host anabol.nl: could not connect to host anacruz.es: did not receive HSTS header +anadoluefessk.org: did not receive HSTS header anadoluefessporkulubu.org: could not connect to host anagra.ms: could not connect to host -anaisypirueta.es: did not receive HSTS header anakros.me: could not connect to host +analangelsteen.com: could not connect to host analpantyhose.org: could not connect to host +analteengirls.net: could not connect to host analytic-s.ml: could not connect to host analytics-shop.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] analyticsinmotion.net: could not connect to host analyzemyfriends.com: could not connect to host +anastasiafond.com: did not receive HSTS header ancarda.net: could not connect to host anchorgrounds.com: did not receive HSTS header anchorinmarinainc.com: did not receive HSTS header @@ -807,21 +929,20 @@ ancientkarma.com: could not connect to host andbraiz.com: did not receive HSTS header andere-gedanken.net: max-age too low: 10 anderslind.dk: could not connect to host -andre-ballensiefen.de: could not connect to host andreagobetti.com: did not receive HSTS header andreas-kluge.eu: could not connect to host andreasanti.net: did not receive HSTS header +andreasbasurto.com: could not connect to host andreasbreitenlohner.de: max-age too low: 600000 andreasfritz-fotografie.de: could not connect to host andreaskluge.eu: could not connect to host andreastoneman.com: could not connect to host andrei-coman.com: could not connect to host -andrei-nakov.org: did not receive HSTS header andreigec.net: did not receive HSTS header andrerose.ca: did not receive HSTS header andrew.fi: did not receive HSTS header -andrew.london: did not receive HSTS header andrewbroekman.com: did not receive HSTS header +andrewdavidwong.com: did not receive HSTS header andrewdaws.co: could not connect to host andrewdaws.info: could not connect to host andrewdaws.me: could not connect to host @@ -829,10 +950,9 @@ andrewdaws.tv: could not connect to host andrewmichaud.beer: could not connect to host andrewrdaws.com: could not connect to host andrewregan.me: could not connect to host -andrewtebert.com: could not connect to host +andrewtebert.com: did not receive HSTS header andrewthelott.net: could not connect to host andrewvoce.com: did not receive HSTS header -andrewx.net: could not connect to host andrewyg.net: could not connect to host andreypopp.com: could not connect to host android: could not connect to host @@ -853,21 +973,24 @@ anfenglish.com: did not receive HSTS header anfsanchezo.co: could not connect to host anfsanchezo.me: could not connect to host angelic47.com: could not connect to host +angelicare.co.uk: did not receive HSTS header angeloroberto.ch: did not receive HSTS header angeloventuri.com: did not receive HSTS header angervillelorcher.fr: did not receive HSTS header anghami.com: did not receive HSTS header anglictinatabor.cz: could not connect to host +angrut.com: did not receive HSTS header angry-monk.com: could not connect to host angrydragonproductions.com: could not connect to host angrylab.com: did not receive HSTS header angryroute.com: could not connect to host -animal-nature-human.com: could not connect to host animalnet.de: max-age too low: 7776000 animalstropic.com: could not connect to host +anime1.top: could not connect to host anime1video.tk: could not connect to host animeday.ml: could not connect to host animesfusion.com.br: could not connect to host +animorphsfanforum.com: did not receive HSTS header animurecs.com: could not connect to host aniplus.cf: could not connect to host aniplus.gq: could not connect to host @@ -876,42 +999,47 @@ anisekai.com: max-age too low: 2592000 anita-mukorom.hu: did not receive HSTS header anitklib.ml: could not connect to host anitube-nocookie.ch: could not connect to host -anivar.net: could not connect to host +anivar.net: did not receive HSTS header ankakaak.com: could not connect to host ankaraprofesyonelnakliyat.com: did not receive HSTS header ankaraprofesyonelnakliyat.com.tr: did not receive HSTS header ankitha.in: max-age too low: 0 annabellaw.com: did not receive HSTS header annahmeschluss.de: did not receive HSTS header -annarbor.group: could not connect to host +annarbor.group: did not receive HSTS header annetaan.fi: could not connect to host annevankesteren.com: could not connect to host annevankesteren.org: could not connect to host annsbouncycastles.com: could not connect to host anomaly.ws: did not receive HSTS header anonboards.com: could not connect to host +anoneko.com: could not connect to host +anonrea.ch: could not connect to host +anonym-surfen.de: could not connect to host anonymo.co.uk: could not connect to host anonymo.uk: could not connect to host anonymousstatecollegelulzsec.com: could not connect to host anothermilan.net: could not connect to host -anoxinon.de: max-age too low: 2628000 ansdell.info: could not connect to host anseo.ninja: could not connect to host ansermfg.com: max-age too low: 0 ansgar.tk: could not connect to host -anshuman-chatterjee.com: could not connect to host +anshuman-chatterjee.com: did not receive HSTS header anshumanbiswas.com: could not connect to host -ansibeast.net: could not connect to host answers-online.ru: could not connect to host ant.land: could not connect to host +antecim.fr: could not connect to host antenasmundosat.com.br: did not receive HSTS header anthenor.co.uk: could not connect to host +anthony-rouanet.com: could not connect to host anthonyavon.com: could not connect to host anthonyloop.com: did not receive HSTS header anthro.id: did not receive HSTS header +antifraud.net.ru: could not connect to host antimatiere.space: could not connect to host antimine.kr: could not connect to host antipa.ch: could not connect to host +antirayapmalang.com: did not receive HSTS header antoine-roux.fr: did not receive HSTS header antoinebetas.be: max-age too low: 0 antoined.fr: did not receive HSTS header @@ -933,21 +1061,25 @@ aojao.cn: could not connect to host aojf.fr: could not connect to host aolabs.nz: did not receive HSTS header aomberg.com: did not receive HSTS header +aomonk.com: did not receive HSTS header aooobo.com: could not connect to host aov.io: could not connect to host aovcentrum.nl: did not receive HSTS header aozora.moe: could not connect to host -apac-tech.com: did not receive HSTS header apachelounge.com: did not receive HSTS header apadrinaunolivo.org: did not receive HSTS header apaginastore.com.br: could not connect to host apeasternpower.com: could not connect to host +aperim.com: max-age too low: 43200 aperture-laboratories.science: did not receive HSTS header api.mega.co.nz: could not connect to host apibot.de: could not connect to host apience.com: did not receive HSTS header +apis.blue: could not connect to host apis.google.com: did not receive HSTS header (error ignored - included regardless) apis.world: could not connect to host +apivia.fr: did not receive HSTS header +apkdv.com: could not connect to host apkoyunlar.club: could not connect to host apkriver.com: did not receive HSTS header apl2bits.net: did not receive HSTS header @@ -955,7 +1087,6 @@ apm.com.tw: did not receive HSTS header apmg-certified.com: did not receive HSTS header apmg-cyber.com: did not receive HSTS header apnakliyat.com: did not receive HSTS header -apogeephoto.com: did not receive HSTS header apolloyl.com: could not connect to host aponkral.site: could not connect to host aponkralsunucu.com: could not connect to host @@ -970,14 +1101,18 @@ appdrinks.com: could not connect to host appeldorn.me: did not receive HSTS header appengine.google.com: did not receive HSTS header (error ignored - included regardless) appimlab.it: could not connect to host -apple-watch-zubehoer.de: did not receive HSTS header +apple-watch-zubehoer.de: could not connect to host apple.ax: could not connect to host applejacks-bouncy-castles.co.uk: could not connect to host applez.xyz: could not connect to host +appliancerepairlosangeles.com: did not receive HSTS header applic8.com: did not receive HSTS header +apply55gx.com: could not connect to host appointed.at: did not receive HSTS header appraisal-comps.com: could not connect to host appreciationkards.com: did not receive HSTS header +apprenticeship.gov: did not receive HSTS header +apprenticeships.gov: did not receive HSTS header approlys.fr: did not receive HSTS header apps-for-fishing.com: could not connect to host apps4all.sytes.net: could not connect to host @@ -985,19 +1120,20 @@ appsbystudio.co.uk: did not receive HSTS header appsdash.io: could not connect to host apptoutou.com: could not connect to host appuro.com: did not receive HSTS header +appxcrypto.com: did not receive HSTS header aprpullmanportermuseum.org: did not receive HSTS header aptitude9.com: could not connect to host -aqilacademy.com.au: could not connect to host aqqrate.com: could not connect to host -aquariumaccessories.shop: did not receive HSTS header +aquariumaccessories.shop: could not connect to host +aquaundine.net: could not connect to host aquilaguild.com: could not connect to host aquilalab.com: could not connect to host -aquireceitas.com: could not connect to host +aquireceitas.com: did not receive HSTS header ar.al: did not receive HSTS header arabdigitalexpression.org: did not receive HSTS header +arabsexi.info: could not connect to host aradulconteaza.ro: could not connect to host aran.me.uk: could not connect to host -arawaza.info: could not connect to host arboineuropa.nl: did not receive HSTS header arbu.eu: max-age too low: 2419200 arcadiaeng.com: did not receive HSTS header @@ -1011,9 +1147,6 @@ ardao.me: could not connect to host ardorlabs.se: could not connect to host area3.org: could not connect to host areallyneatwebsite.com: could not connect to host -arenlor.com: could not connect to host -arenlor.info: could not connect to host -arenns.com: could not connect to host arent.kz: could not connect to host arenzanaphotography.com: could not connect to host arewedubstepyet.com: did not receive HSTS header @@ -1021,7 +1154,6 @@ areyouever.me: could not connect to host argama-nature.com: did not receive HSTS header argennon.xyz: could not connect to host argh.io: could not connect to host -argovpay.com: did not receive HSTS header arguggi.co.uk: could not connect to host ariacreations.net: did not receive HSTS header arifburhan.online: could not connect to host @@ -1033,6 +1165,8 @@ arka.gq: did not receive HSTS header arknodejs.com: could not connect to host arlen.io: could not connect to host arlen.se: could not connect to host +arlingtonwine.net: could not connect to host +arm-host.com: did not receive HSTS header armazemdaminiatura.com.br: could not connect to host armenians.online: could not connect to host armingrodon.de: did not receive HSTS header @@ -1042,7 +1176,7 @@ armored.ninja: did not receive HSTS header armory.consulting: could not connect to host armory.supplies: could not connect to host armsday.com: could not connect to host -armyofbane.com: did not receive HSTS header +armyofbane.com: could not connect to host armytricka.cz: did not receive HSTS header arne-petersen.net: did not receive HSTS header arnesolutions.com: could not connect to host @@ -1052,7 +1186,6 @@ aroundme.org: did not receive HSTS header arpa.ph: did not receive HSTS header arpr.co: did not receive HSTS header arrayify.com: could not connect to host -arresttracker.com: could not connect to host arrivedconsulting.com: could not connect to host arrow-cloud.nl: could not connect to host arrowfunction.com: could not connect to host @@ -1072,6 +1205,7 @@ arthan.me: could not connect to host articaexports.com: could not connect to host artifex21.com: did not receive HSTS header artifex21.fr: did not receive HSTS header +artificial.army: could not connect to host artiming.com: could not connect to host artisanhd.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] artisavotins.com: could not connect to host @@ -1079,10 +1213,11 @@ artisense.de: could not connect to host artisphere.ch: did not receive HSTS header artisticedgegranite.net: could not connect to host artistnetwork.nl: did not receive HSTS header +artnims.com: could not connect to host arto.bg: did not receive HSTS header artofeyes.nl: could not connect to host artsinthevalley.net.au: did not receive HSTS header -arturkohut.com: could not connect to host +artstopinc.com: did not receive HSTS header artyland.ru: could not connect to host arvamus.eu: could not connect to host arzaroth.com: did not receive HSTS header @@ -1093,9 +1228,7 @@ asahikoji.net: could not connect to host asana.studio: did not receive HSTS header asasuou.pw: could not connect to host asc16.com: could not connect to host -ascamso.com: could not connect to host aschaefer.net: could not connect to host -ascii.moe: could not connect to host asciitable.tips: could not connect to host asdpress.cn: could not connect to host asepms.com: max-age too low: 7776000 @@ -1104,16 +1237,16 @@ ashleakunowski.com: could not connect to host ashleyadum.com: could not connect to host ashleyfoley.photography: could not connect to host ashleymedway.com: could not connect to host -ashutoshmishra.org: did not receive HSTS header +asian-archi.com.tw: did not receive HSTS header asianbet77.co: did not receive HSTS header -asianbet77.net: could not connect to host +asianbet77.net: did not receive HSTS header +asiesvenezuela.com: did not receive HSTS header asisee.co.il: could not connect to host -ask.fedoraproject.org: did not receive HSTS header -ask.stg.fedoraproject.org: could not connect to host +ask.pe: could not connect to host askfit.cz: did not receive HSTS header askmagicconch.com: could not connect to host -asm-x.com: did not receive HSTS header -asmm.cc: did not receive HSTS header +asm-x.com: could not connect to host +asmik-armenie.com: did not receive HSTS header asmui.ga: could not connect to host asmui.ml: could not connect to host asoftwareco.com: did not receive HSTS header @@ -1126,11 +1259,11 @@ assadrivesloirecher.com: could not connect to host assdecoeur.org: could not connect to host assekuranzjobs.de: could not connect to host asset-alive.com: did not receive HSTS header -asset-alive.net: did not receive HSTS header +asset-alive.net: could not connect to host assetsupervision.com: could not connect to host assindia.nl: could not connect to host assurancesmons.be: did not receive HSTS header -astaninki.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] +astaninki.com: could not connect to host asthon.cn: could not connect to host astraalivankila.net: could not connect to host astral.gq: did not receive HSTS header @@ -1139,13 +1272,14 @@ astrea-voetbal-groningen.nl: could not connect to host astrolpost.com: could not connect to host astromelody.com: did not receive HSTS header astronomie-fulda.de: did not receive HSTS header -astural.org: did not receive HSTS header +astrosnail.pt.eu.org: could not connect to host astutr.co: could not connect to host asuhe.cc: could not connect to host asuhe.win: did not receive HSTS header asuhe.xyz: could not connect to host async.be: could not connect to host at1.co: could not connect to host +atacadodesandalias.com.br: could not connect to host atacadooptico.com.br: could not connect to host atavio.at: could not connect to host atavio.ch: could not connect to host @@ -1156,15 +1290,15 @@ atelier-rk.com: did not receive HSTS header atelier-viennois-cannes.fr: did not receive HSTS header ateliernihongo.ch: did not receive HSTS header ateliersantgervasi.com: did not receive HSTS header -atencionbimbo.com: max-age too low: 86400 athaliasoft.com: could not connect to host athenelive.com: could not connect to host -athensbusinessresources.us: did not receive HSTS header +athensbusinessresources.us: could not connect to host athi.pl: did not receive HSTS header athul.xyz: could not connect to host atkdesign.pt: did not receive HSTS header atlas-5.site: could not connect to host atlas-staging.ml: could not connect to host +atlas.co: did not receive HSTS header atlassian.net: did not receive HSTS header atlayo.com: did not receive HSTS header atlex.nl: did not receive HSTS header @@ -1173,8 +1307,8 @@ atomic.menu: could not connect to host atomik.pro: did not receive HSTS header atop.io: could not connect to host atracaosexshop.com.br: could not connect to host +atrevillot.com: could not connect to host attic118.com: could not connect to host -attilagyorffy.com: could not connect to host attimidesigns.com: did not receive HSTS header attogproductions.com: did not receive HSTS header au-pair24.de: did not receive HSTS header @@ -1185,6 +1319,8 @@ audiense.com: did not receive HSTS header audiovisualdevices.com.au: did not receive HSTS header audividi.shop: did not receive HSTS header aufmerksamkeitsstudie.com: could not connect to host +aufprise.de: did not receive HSTS header +augaware.org: could not connect to host augenblicke-blog.de: could not connect to host augias.org: could not connect to host augix.net: could not connect to host @@ -1201,10 +1337,9 @@ auroratownshipfd.org: could not connect to host aurugs.com: did not receive HSTS header ausec.ch: could not connect to host auskunftsbegehren.at: did not receive HSTS header -auslandsjahr-usa.de: did not receive HSTS header +auslandsjahr-usa.de: could not connect to host ausnah.me: could not connect to host -ausschreibungen-suedtirol.it: did not receive HSTS header -aussiecable.org: did not receive HSTS header +aussiecable.org: could not connect to host aussiehq.com.au: did not receive HSTS header aussiewebmarketing.com.au: did not receive HSTS header austinmobilemechanics.net: did not receive HSTS header @@ -1212,6 +1347,7 @@ austinstore.com.br: could not connect to host austinsutphin.com: could not connect to host australiancattle.dog: could not connect to host australianfreebets.com.au: did not receive HSTS header +australianimmigrationadvisors.com.au: could not connect to host auth.mail.ru: did not receive HSTS header authenitech.com: did not receive HSTS header authentication.io: could not connect to host @@ -1219,6 +1355,7 @@ authint.com: could not connect to host authland.com: could not connect to host author24.ru: did not receive HSTS header authoritynutrition.com: did not receive HSTS header +authorsguild.in: did not receive HSTS header authsrv.nl.eu.org: could not connect to host auto-serwis.zgorzelec.pl: could not connect to host auto3d.cn: could not connect to host @@ -1228,32 +1365,30 @@ autobedrijfschalkoort.nl: did not receive HSTS header autocarparts.ro: could not connect to host autodeploy.it: could not connect to host autoecolebudget.ch: did not receive HSTS header -autoecoledumontblanc.com: did not receive HSTS header +autoecoledumontblanc.com: could not connect to host autoeet.cz: did not receive HSTS header autojuhos.sk: could not connect to host automobiles5.com: could not connect to host autos-retro-plaisir.com: did not receive HSTS header -autosearch.me: could not connect to host +autosearch.me: did not receive HSTS header autosiero.nl: did not receive HSTS header autostock.me: could not connect to host autostop-occasions.be: could not connect to host autotsum.com: could not connect to host autoxy.it: did not receive HSTS header -autozane.com: could not connect to host autumnwindsagility.com: could not connect to host auverbox.ovh: could not connect to host -auvernet.org: could not connect to host auvious.com: did not receive HSTS header auxetek.se: could not connect to host auxiliumincrementum.co.uk: could not connect to host av.de: did not receive HSTS header +av01.tv: could not connect to host av163.cc: could not connect to host avadatravel.com: did not receive HSTS header -avalon-island.ru: could not connect to host avantmfg.com: did not receive HSTS header avaq.fr: did not receive HSTS header avastantivirus.ro: did not receive HSTS header -avdelivers.com: could not connect to host +avdelivers.com: did not receive HSTS header avdh.top: could not connect to host avec-ou-sans-ordonnance.fr: could not connect to host aveling-adventure.co.uk: did not receive HSTS header @@ -1262,7 +1397,10 @@ avi9526.pp.ua: could not connect to host aviacao.pt: did not receive HSTS header avidcruiser.com: did not receive HSTS header aviodeals.com: could not connect to host +avitres.com: could not connect to host +avmemo.com: could not connect to host avmo.pw: could not connect to host +avmoo.com: could not connect to host avonlearningcampus.com: could not connect to host avso.pw: could not connect to host avspot.net: could not connect to host @@ -1270,12 +1408,14 @@ avus-automobile.com: did not receive HSTS header avxo.pw: could not connect to host awan.tech: could not connect to host awanderlustadventure.com: did not receive HSTS header +awccanadianpharmacy.com: could not connect to host awei.pub: could not connect to host awf0.xyz: could not connect to host awg-mode.de: did not receive HSTS header aww.moe: did not receive HSTS header awxg.eu.org: could not connect to host awxg.org: could not connect to host +axa-middleeast.com: could not connect to host axado.com.br: could not connect to host axel-fischer.net: could not connect to host axel-fischer.science: could not connect to host @@ -1286,42 +1426,53 @@ axfr.it: did not receive HSTS header axg.io: did not receive HSTS header axialsports.com: did not receive HSTS header axiumacademy.com: did not receive HSTS header +axolotlfarm.org: could not connect to host axolsoft.com: max-age too low: 10540800 +axtudo.com: did not receive HSTS header +axtux.tk: could not connect to host axxial.tk: could not connect to host ayahuascaadvisor.com: could not connect to host ayatk.com: did not receive HSTS header -aymerick.fr: did not receive HSTS header +aymericlagier.com: could not connect to host ayor.jp: could not connect to host ayor.tech: could not connect to host ayuru.info: could not connect to host -az-moga.bg: could not connect to host az-vinyl-boden.de: could not connect to host -azabani.com: did not receive HSTS header azamra.com: did not receive HSTS header +azia.info: could not connect to host azino777.ru: could not connect to host azirevpn.com: did not receive HSTS header azlo.com: did not receive HSTS header azprep.us: could not connect to host -b-boom.nl: could not connect to host +azun.pl: did not receive HSTS header +azuxul.fr: could not connect to host b-entropy.com: could not connect to host b-pi.duckdns.org: could not connect to host b-rickroll-e.pw: could not connect to host -b-space.de: did not receive HSTS header +b-space.de: could not connect to host b1236.com: could not connect to host +b2and.com: could not connect to host b2b-nestle.com.br: could not connect to host b2bpromoteit.com: did not receive HSTS header b3orion.com: could not connect to host +b61688.com: could not connect to host b8a.me: could not connect to host b9520.com: could not connect to host b9568.com: could not connect to host b96899.com: could not connect to host +b9886.com: could not connect to host b98886.com: could not connect to host b9930.com: could not connect to host +b99520.com: could not connect to host b9970.com: could not connect to host b9980.com: could not connect to host +b99881.com: could not connect to host +b99882.com: could not connect to host +b99883.com: could not connect to host +b99885.com: could not connect to host b9winner.com: could not connect to host babelfisch.eu: could not connect to host -babursahvizeofisi.com: did not receive HSTS header +babursahvizeofisi.com: could not connect to host baby-click.de: could not connect to host babybee.ie: could not connect to host babybic.hu: could not connect to host @@ -1330,7 +1481,7 @@ babyhouse.xyz: could not connect to host babyliss-pro.com: could not connect to host babyliss-pro.net: did not receive HSTS header babysaying.me: could not connect to host -babystep.tv: could not connect to host +babystep.tv: did not receive HSTS header bacchanallia.com: could not connect to host bacimg.com: did not receive HSTS header back-bone.nl: did not receive HSTS header @@ -1338,7 +1489,9 @@ backenmachtgluecklich.de: max-age too low: 2592000 backgroundchecks.online: did not receive HSTS header backgroundz.net: could not connect to host backintomotionphysiotherapy.com: did not receive HSTS header +backlogapp.io: could not connect to host backscattering.de: did not receive HSTS header +backupsinop.com.br: did not receive HSTS header backyardbbqbash.com: did not receive HSTS header baconate.com: did not receive HSTS header bad.show: could not connect to host @@ -1346,6 +1499,7 @@ badai.at: could not connect to host badbee.cc: could not connect to host badcronjob.com: could not connect to host badenhard.eu: could not connect to host +badgirlsbible.com: could not connect to host badkamergigant.com: could not connect to host badlink.org: could not connect to host baff.lu: could not connect to host @@ -1366,13 +1520,15 @@ balatoni-nyar.hu: did not receive HSTS header balcan-underground.net: could not connect to host baldwinkoo.com: could not connect to host baleares.party: could not connect to host -balidesignshop.com.br: could not connect to host +balenciaspa.com: did not receive HSTS header balihai.com: did not receive HSTS header +balilingo.ooo: did not receive HSTS header +ballbusting-cbt.com: could not connect to host balloonphp.com: could not connect to host -ballparkbuns.com: max-age too low: 86400 balnearionaturaspa.com: did not receive HSTS header balonmano.co: could not connect to host bals.org: did not receive HSTS header +balticer.de: did not receive HSTS header bambambaby.com.br: could not connect to host bamtoki.com: could not connect to host bamtoki.se: could not connect to host @@ -1383,28 +1539,37 @@ banbanchs.com: could not connect to host banchethai.com: could not connect to host bandally.net: could not connect to host bandar303.cc: did not receive HSTS header +bandar303.id: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] +bandar303.win: did not receive HSTS header bandarifamily.com: could not connect to host -bandb.xyz: could not connect to host -bandrcrafts.com: did not receive HSTS header +bandb.xyz: did not receive HSTS header +bandrcrafts.com: could not connect to host banduhn.com: did not receive HSTS header +bangdream.ga: could not connect to host bangzafran.com: did not receive HSTS header bank: could not connect to host bankcircle.co.in: could not connect to host +bankersonline.com: did not receive HSTS header +bankitt.network: could not connect to host bankmilhas.com.br: did not receive HSTS header bankofrealty.review: could not connect to host banksaround.com: did not receive HSTS header bannisbierblog.de: could not connect to host banqingdiao.com: could not connect to host banri.me: could not connect to host +banxehoi.com: did not receive HSTS header baosuckhoedoisong.net: could not connect to host +baptistboard.com: did not receive HSTS header baptiste-destombes.fr: did not receive HSTS header baraxolka.ru: could not connect to host -barbershop-harmony.org: could not connect to host -barcel.com.mx: max-age too low: 86400 +barcouniforms.com: did not receive HSTS header +bardiel.de: max-age too low: 0 bardiharborow.com: did not receive HSTS header barely.sexy: could not connect to host bargainmovingcompany.com: could not connect to host bariller.fr: did not receive HSTS header +barisi.me: could not connect to host +barnrats.com: could not connect to host baropkamp.be: did not receive HSTS header barprive.com: could not connect to host barqo.co: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] @@ -1415,20 +1580,25 @@ barrut.me: did not receive HSTS header barshout.co.uk: could not connect to host barss.io: could not connect to host bartbania.com: did not receive HSTS header +bartelldrugs.com: did not receive HSTS header barunisystems.com: could not connect to host +bascht.com: did not receive HSTS header basculasconfiables.com: could not connect to host bashc.at: could not connect to host bashcode.ninja: could not connect to host basicsolutionsus.com: could not connect to host basilisk.io: could not connect to host +basilm.co: could not connect to host baskettemple.com: did not receive HSTS header basnieuwenhuizen.nl: did not receive HSTS header bassh.net: did not receive HSTS header batfoundry.com: could not connect to host +batten.eu.org: could not connect to host baud.ninja: could not connect to host baudairenergyservices.com: could not connect to host baum.ga: did not receive HSTS header baumstark.ca: could not connect to host +bayerstefan.eu: could not connect to host bayinstruments.com: could not connect to host bayrisch-fuer-anfaenger.de: did not receive HSTS header baysse.eu: did not receive HSTS header @@ -1437,10 +1607,10 @@ bazisszoftver.hu: could not connect to host bb-shiokaze.jp: did not receive HSTS header bbb1991.me: could not connect to host bbdos.ru: could not connect to host +bbj.io: did not receive HSTS header bbkanews.com: did not receive HSTS header bblovess.cn: could not connect to host bbrinck.eu: could not connect to host -bbuio.com: max-age too low: 86400 bbw-wrestling.com: could not connect to host bbwdom.xyz: could not connect to host bbwf.de: did not receive HSTS header @@ -1454,16 +1624,19 @@ bccx.com: could not connect to host bcheng.cf: did not receive HSTS header bckp.de: could not connect to host bcm.com.au: did not receive HSTS header -bcnet.hk: did not receive HSTS header +bcnet.hk: could not connect to host +bcodeur.com: did not receive HSTS header bcradio.org: could not connect to host bcsytv.com: could not connect to host bcweightlifting.ca: could not connect to host +bdata.cl: did not receive HSTS header bddemir.com: could not connect to host bde-epitech.fr: could not connect to host bdenzer.com: did not receive HSTS header bdenzer.xyz: could not connect to host bdsmxxxpics.com: could not connect to host be-real.life: did not receive HSTS header +be9966.com: could not connect to host beach-inspector.com: did not receive HSTS header beachi.es: could not connect to host beaglewatch.com: could not connect to host @@ -1471,22 +1644,26 @@ beagreenbean.co.uk: could not connect to host beamitapp.com: could not connect to host beanbot.party: could not connect to host beanworks.ca: did not receive HSTS header -bearden.io: did not receive HSTS header +bearden.io: could not connect to host beardydave.com: did not receive HSTS header beasel.biz: could not connect to host beastlog.tk: could not connect to host beastowner.com: did not receive HSTS header +beautyconcept.co: did not receive HSTS header beavers.io: could not connect to host bebeefy.uk: could not connect to host bebesurdoue.com: could not connect to host beccajoshwedding.com: could not connect to host -becklove.cn: did not receive HSTS header +becklove.cn: could not connect to host becubed.co: could not connect to host bedabox.com: did not receive HSTS header bedeta.de: could not connect to host +bedouille.com: could not connect to host bedreid.dk: did not receive HSTS header bedrijvenadministratie.nl: could not connect to host +beelen.fr: could not connect to host beerboutique.com.br: could not connect to host +beermedlar.com: could not connect to host beersandco.ch: could not connect to host beetgroup.id: could not connect to host beetleroadstories.com: could not connect to host @@ -1512,10 +1689,15 @@ bemcorp.de: did not receive HSTS header bemvindoaolar.com.br: did not receive HSTS header bemyvictim.com: max-age too low: 2678400 bendechrai.com: did not receive HSTS header +benedikt-tuchen.de: did not receive HSTS header benediktdichgans.de: did not receive HSTS header beneffy.com: did not receive HSTS header benevisim.com: could not connect to host +benevita.life: could not connect to host +benevita.live: could not connect to host +benevita.organic: could not connect to host benfairclough.com: could not connect to host +benhchuyenkhoa.net: could not connect to host benjakesjohnson.com: could not connect to host benjamin-horvath.com: could not connect to host benjamin-suess.de: could not connect to host @@ -1529,21 +1711,21 @@ benzkosmetik.de: did not receive HSTS header benzou-space.com: could not connect to host beourvictim.com: max-age too low: 2678400 bep.gov: did not receive HSTS header -bep362.vn: did not receive HSTS header +bep362.vn: could not connect to host beraru.tk: could not connect to host +beraten-entwickeln-steuern.de: could not connect to host berdu.id: did not receive HSTS header berduri.com: could not connect to host berger.work: could not connect to host +bergfex.at: did not receive HSTS header bergland-seefeld.at: did not receive HSTS header +bergstoneware.com: could not connect to host berhampore-gateway.tk: could not connect to host berlatih.com: did not receive HSTS header -berliancom.com: did not receive HSTS header berlin-kohlefrei.de: could not connect to host berlinleaks.com: could not connect to host bermytraq.bm: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] bernexskiclub.ch: did not receive HSTS header -berr.yt: could not connect to host -berry.cat: could not connect to host berrymark.be: did not receive HSTS header berseb.se: could not connect to host berthelier.me: could not connect to host @@ -1556,7 +1738,7 @@ besixdouze.world: could not connect to host beslider.com: could not connect to host besnik.de: could not connect to host besola.de: could not connect to host -best-wedding-quotes.com: did not receive HSTS header +best-wedding-quotes.com: could not connect to host bestattorney.com: did not receive HSTS header bestbeards.ca: could not connect to host bestbestbitcoin.com: could not connect to host @@ -1570,11 +1752,13 @@ bestof1001.de: could not connect to host bestorangeseo.com: could not connect to host bestpaintings.nl: did not receive HSTS header bestschools.top: did not receive HSTS header +bestwarezone.com: could not connect to host +bet990.com: could not connect to host betaclean.fr: did not receive HSTS header betafive.net: could not connect to host betakah.net: could not connect to host betamint.org: did not receive HSTS header -betcafearena.ro: could not connect to host +betcafearena.ro: did not receive HSTS header betformular.com: could not connect to host bethditto.com: did not receive HSTS header betkoo.com: could not connect to host @@ -1583,20 +1767,22 @@ betonmoney.com: could not connect to host betplanning.it: did not receive HSTS header bets.de: did not receive HSTS header bets.gg: did not receive HSTS header +betshoot.com: could not connect to host betsonlinefree.com.au: could not connect to host betterlifemakers.com: max-age too low: 200 -bettertest.it: could not connect to host bettween.com: did not receive HSTS header betz.ro: could not connect to host beulahtabernacle.com: could not connect to host bevapehappy.com: did not receive HSTS header bewerbungsfibel.de: did not receive HSTS header +bewertet.de: could not connect to host bexit-hosting.nl: could not connect to host bexit-security.eu: could not connect to host bexit-security.nl: could not connect to host bey.io: could not connect to host beylikduzum.com: did not receive HSTS header beyond-edge.com: could not connect to host +beyond-rational.com: did not receive HSTS header beyuna.co.uk: did not receive HSTS header beyuna.eu: did not receive HSTS header beyuna.nl: did not receive HSTS header @@ -1613,6 +1799,8 @@ bffm.biz: could not connect to host bfrailwayclub.cf: could not connect to host bgcparkstad.nl: did not receive HSTS header bgdaddy.com: did not receive HSTS header +bgenlisted.com: could not connect to host +bgfashion.net: could not connect to host bgneuesheim.de: did not receive HSTS header bhatia.at: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] bianinapiccanovias.com: could not connect to host @@ -1620,9 +1808,12 @@ biaoqingfuhao.net: did not receive HSTS header biaoqingfuhao.org: did not receive HSTS header biapinheiro.com.br: max-age too low: 5184000 biblerhymes.com: did not receive HSTS header +bibliafeminina.com.br: could not connect to host +bichines.es: did not receive HSTS header bichonfrise.com.br: could not connect to host bichonmaltes.com.br: could not connect to host bidon.ca: did not receive HSTS header +bidorbuy.co.ke: did not receive HSTS header bieberium.de: could not connect to host biego.cn: did not receive HSTS header bielsa.me: did not receive HSTS header @@ -1630,17 +1821,18 @@ bienenblog.cc: could not connect to host bier.jp: did not receive HSTS header bierbringer.at: could not connect to host bierochs.org: could not connect to host -biftin.net: could not connect to host big-black.de: did not receive HSTS header bigbbqbrush.bid: could not connect to host bigbounceentertainment.co.uk: could not connect to host bigbrownpromotions.com.au: did not receive HSTS header bigcorporateevents.com: could not connect to host bigerbio.com: could not connect to host +bigfunbouncycastles.com: could not connect to host biglagoonrentals.com: did not receive HSTS header biglou.com: max-age too low: 3153600 bigshinylock.minazo.net: could not connect to host biguixhe.net: could not connect to host +bijoux.com.br: could not connect to host bijouxdegriffe.com.br: could not connect to host bijugeral.com.br: could not connect to host bikelifetvkidsquads.co.uk: could not connect to host @@ -1652,19 +1844,17 @@ biletua.de: could not connect to host biletyplus.com: could not connect to host biletyplus.ru: did not receive HSTS header bill-nye-the.science: did not receive HSTS header +billaud.eu.org: could not connect to host billdestler.com: did not receive HSTS header billigssl.dk: did not receive HSTS header -billin.net: did not receive HSTS header billkiss.com: could not connect to host billninja.com: did not receive HSTS header billrobinson.io: could not connect to host billrusling.com: could not connect to host -bimbo.com: max-age too low: 86400 -bimbo.com.ar: max-age too low: 86400 -bimbobakeriesusa.com: max-age too low: 86400 binam.center: could not connect to host +binarization.net: could not connect to host +binarization.org: did not receive HSTS header binaryabstraction.com: could not connect to host -binaryevolved.com: did not receive HSTS header binaryfigments.com: max-age too low: 86400 binderapp.net: could not connect to host bingcheung.com: could not connect to host @@ -1672,17 +1862,22 @@ bingcheung.org: could not connect to host bingo-wear.com: could not connect to host bingo9.net: could not connect to host bingofriends.com: could not connect to host +bingostars.com: did not receive HSTS header binimo.com: could not connect to host +binsp.net: could not connect to host biocrafting.net: could not connect to host bioespuna.eu: did not receive HSTS header biofam.ru: did not receive HSTS header -bioknowme.com: did not receive HSTS header biologis.ch: could not connect to host +biomax-mep.com.br: did not receive HSTS header bionicspirit.com: did not receive HSTS header biophysik-ssl.de: did not receive HSTS header +biopreferred.gov: could not connect to host biou.me: could not connect to host biovalue.eu: could not connect to host bip.gov.sa: could not connect to host +birdandbranchnyc.com: max-age too low: 43200 +birkengarten.ch: could not connect to host birkman.com: did not receive HSTS header bischoff-mathey.family: could not connect to host biscuits-rec.com: could not connect to host @@ -1690,7 +1885,7 @@ biscuits-shop.com: could not connect to host bismarck.moe: did not receive HSTS header bisterfeldt.com: did not receive HSTS header biswas.me: could not connect to host -bit.biz.tr: could not connect to host +bitace.com: did not receive HSTS header bitbit.org: did not receive HSTS header bitbr.net: did not receive HSTS header bitcantor.com: did not receive HSTS header @@ -1698,12 +1893,15 @@ bitchan.it: could not connect to host bitcoin-casino-no-deposit-bonus.com: max-age too low: 0 bitcoin-class.com: could not connect to host bitcoin-daijin.com: could not connect to host +bitcoin.com: did not receive HSTS header bitcoinec.info: could not connect to host +bitcoinfo.jp: did not receive HSTS header bitcoinhk.org: did not receive HSTS header bitcoinjpn.com: could not connect to host -bitcoinprivacy.net: did not receive HSTS header -bitcoinworld.me: did not receive HSTS header +bitcoinprivacy.net: could not connect to host +bitcoinworld.me: could not connect to host bitconcepts.co.uk: could not connect to host +bitedge.com: did not receive HSTS header bitenose.net: could not connect to host bitenose.org: could not connect to host biteoftech.com: did not receive HSTS header @@ -1713,29 +1911,33 @@ bitfarm-archiv.com: did not receive HSTS header bitfarm-archiv.de: did not receive HSTS header bitheus.com: could not connect to host bithosting.io: did not receive HSTS header -bitk.co: could not connect to host -bitk.co.uk: could not connect to host -bitk.eu: could not connect to host bitmain.com.ua: could not connect to host bitmaincare.com.ua: could not connect to host bitmaincare.ru: could not connect to host +bitmainwarranty.com.ua: could not connect to host +bitmainwarranty.ru: could not connect to host +bitmex.com: did not receive HSTS header bitmexin.com: could not connect to host -bitmoe.com: did not receive HSTS header +bitmon.net: did not receive HSTS header bitnet.io: did not receive HSTS header bitplay.space: could not connect to host bitpod.de: could not connect to host +bitpoll.de: could not connect to host +bitpoll.org: could not connect to host bitrage.de: could not connect to host bitraum.io: could not connect to host +bitroll.com: could not connect to host bitsafe.systems: did not receive HSTS header bitsensor.io: did not receive HSTS header -bitskins.co: did not receive HSTS header bitstep.ca: could not connect to host bittervault.xyz: could not connect to host +bituptick.com: did not receive HSTS header +bitvegas.com: did not receive HSTS header bitvigor.com: could not connect to host bitwrought.net: could not connect to host bityes.org: could not connect to host bivsi.com: could not connect to host -bizcms.com: did not receive HSTS header +bizcms.com: could not connect to host bizon.sk: did not receive HSTS header bizpare.com: did not receive HSTS header bizzartech.com: did not receive HSTS header @@ -1746,26 +1948,27 @@ bkb-skandal.ch: could not connect to host black-armada.com: could not connect to host black-armada.com.pl: could not connect to host black-armada.pl: could not connect to host +black-gay-porn.biz: could not connect to host black-octopus.ru: could not connect to host -black-pool.net: did not receive HSTS header blackberrycentral.com: could not connect to host blackburn.link: could not connect to host blackdiam.net: did not receive HSTS header +blackilli.de: could not connect to host +blackkeg.ca: could not connect to host blacklane.com: did not receive HSTS header blacklightparty.be: could not connect to host blackly.uk: max-age too low: 0 -blackmagic.sk: did not receive HSTS header +blackmagic.sk: could not connect to host blackmirror.com.au: did not receive HSTS header -blackmonday.gr: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] +blacknova.io: could not connect to host blackpayment.ru: did not receive HSTS header blackphantom.de: could not connect to host blackscreen.me: could not connect to host blackunicorn.wtf: could not connect to host bladesmith.io: did not receive HSTS header blakerandall.xyz: could not connect to host -blameomar.com: could not connect to host blantik.net: could not connect to host -blarg.co: could not connect to host +blarg.co: did not receive HSTS header blauwwit.be: did not receive HSTS header blazeit.io: could not connect to host bleep.zone: could not connect to host @@ -1773,12 +1976,12 @@ blendlecdn.com: could not connect to host blenheimchalcot.com: did not receive HSTS header blessnet.jp: did not receive HSTS header blha303.com.au: could not connect to host -bliesekow.net: could not connect to host blindaryproduction.tk: could not connect to host blindsexdate.nl: did not receive HSTS header blinkenlight.co.uk: could not connect to host blinkenlight.com.au: could not connect to host blmiller.com: did not receive HSTS header +blockchainced.com: could not connect to host blocksatz-medien.de: could not connect to host blockshopauto.com: could not connect to host blog-ritaline.com: could not connect to host @@ -1787,11 +1990,10 @@ blog.cyveillance.com: did not receive HSTS header blog.gparent.org: could not connect to host blog.torproject.org: max-age too low: 1000 blogabout.ru: could not connect to host -blogarts.net: did not receive HSTS header blogdieconomia.it: did not receive HSTS header blogdimoda.com: did not receive HSTS header blogdimotori.it: did not receive HSTS header -bloglife-bb.com: did not receive HSTS header +bloglife-bb.com: could not connect to host bloglikepro.com: could not connect to host blognone.com: did not receive HSTS header blognr.com: could not connect to host @@ -1805,18 +2007,21 @@ blowjs.com: could not connect to host bls-fiduciaire.be: did not receive HSTS header bltc.co: could not connect to host blubbablasen.de: could not connect to host +blubberladen.de: did not receive HSTS header blucas.org: did not receive HSTS header blue17.co.uk: did not receive HSTS header bluebill.net: did not receive HSTS header bluecon.eu: did not receive HSTS header +bluefinger.nl: did not receive HSTS header blueglobalmedia.com: could not connect to host bluehawk.cloud: did not receive HSTS header blueliv.com: did not receive HSTS header -bluemosh.com: could not connect to host -blueoakart.com: could not connect to host +bluemoonroleplaying.com: could not connect to host bluepoint.foundation: could not connect to host bluepoint.institute: could not connect to host +blueridgesecuritycameras.com: did not receive HSTS header bluescloud.xyz: could not connect to host +bluesecure.com.br: did not receive HSTS header bluetenmeer.com: did not receive HSTS header bluezonehealth.co.uk: did not receive HSTS header bluketing.com: did not receive HSTS header @@ -1834,14 +2039,17 @@ bm-immo.ch: could not connect to host bm-trading.nl: did not receive HSTS header bmet.de: did not receive HSTS header bmoattachments.org: did not receive HSTS header +bn4t.me: could not connect to host bngsecure.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] bnhlibrary.com: did not receive HSTS header board-buy.ru: could not connect to host bobaobei.net: could not connect to host bobaobei.org: could not connect to host +bobep.ru: could not connect to host bobiji.com: did not receive HSTS header +boboates.com: did not receive HSTS header bodo-wolff.de: could not connect to host -bodrumfarm.com: did not receive HSTS header +bodrumfarm.com: could not connect to host bodyblog.nl: did not receive HSTS header bodybuilding-legends.com: could not connect to host bodybuilding.events: could not connect to host @@ -1855,7 +2063,9 @@ bohyn.cz: could not connect to host boiadeirodeberna.com: could not connect to host boilesen.com: did not receive HSTS header bokeyy.com: could not connect to host +bokutake.com: could not connect to host bolainfoasia.com: did not receive HSTS header +bolivarfm.com.ve: did not receive HSTS header boltdata.io: could not connect to host boltn.uk: did not receive HSTS header bolwerk.com.br: did not receive HSTS header @@ -1863,8 +2073,9 @@ bomberus.de: could not connect to host bombsquad.studio: could not connect to host bonamihome.ro: could not connect to host bonapp.restaurant: could not connect to host +bondagefetishstore.com: could not connect to host bondtofte.dk: did not receive HSTS header -boneko.de: could not connect to host +boneko.de: did not receive HSTS header bonigo.de: did not receive HSTS header bonitabrazilian.co.nz: did not receive HSTS header bonnin.fr: did not receive HSTS header @@ -1880,29 +2091,33 @@ bookingentertainment.com: did not receive HSTS header bookmakersfreebets.com.au: could not connect to host bookofraonlinecasinos.com: could not connect to host bookreport.ga: could not connect to host +bookwitty.social: could not connect to host boomerang.com: did not receive HSTS header boomsaki.com: did not receive HSTS header boomsakis.com: did not receive HSTS header boosterlearnpro.com: did not receive HSTS header -boostgame.win: could not connect to host boote.wien: did not receive HSTS header booter.es: could not connect to host booth.in.th: could not connect to host bootikexpress.fr: did not receive HSTS header boozinyan.com: could not connect to host bopera.co.uk: could not connect to host +borchers-media.de: could not connect to host +borchers.ninja: did not receive HSTS header borderlinegroup.com: could not connect to host boringsecurity.net: could not connect to host -boris.one: did not receive HSTS header +boris.one: could not connect to host borisavstankovic.rs: could not connect to host borisbesemer.com: could not connect to host born-to-learn.com: did not receive HSTS header borrelioz.com: did not receive HSTS header borscheid-wenig.com: did not receive HSTS header boschee.net: could not connect to host +botmanager.pl: could not connect to host botox.bz: did not receive HSTS header boueki.jp: did not receive HSTS header boueki.org: did not receive HSTS header +bouk.co: could not connect to host bounce-r-us.co.uk: did not receive HSTS header bounceboxspc.com: did not receive HSTS header bouncecoffee.com: did not receive HSTS header @@ -1925,12 +2140,13 @@ boxlitepackaging.com: did not receive HSTS header boxview.com: could not connect to host boyan.in: could not connect to host boyfriendhusband.men: did not receive HSTS header -bozemancarpetcleaningservices.com: could not connect to host +boypoint.de: could not connect to host +bozemancarpetcleaningservices.com: did not receive HSTS header bp-wahl.at: did not receive HSTS header bpadvisors.eu: could not connect to host bqcp.net: could not connect to host bqtoolbox.com: could not connect to host -bracoitaliano.com.br: did not receive HSTS header +braemer-it-consulting.de: could not connect to host bragasoft.com.br: did not receive HSTS header bragaweb.com.br: could not connect to host brainbuxa.com: did not receive HSTS header @@ -1947,7 +2163,6 @@ brainvation.de: did not receive HSTS header brakstad.org: could not connect to host bran.cc: could not connect to host bran.soy: could not connect to host -branchtrack.com: did not receive HSTS header branchzero.com: did not receive HSTS header brand-foo.com: did not receive HSTS header brand-foo.jp: did not receive HSTS header @@ -1960,12 +2175,10 @@ brandred.net: could not connect to host brandspray.com: could not connect to host brasilien.guide: could not connect to host brasilmorar.com: did not receive HSTS header -bratteng.xyz: did not receive HSTS header bravz.de: could not connect to host brb.city: did not receive HSTS header breatheav.com: did not receive HSTS header breatheproduction.com: did not receive HSTS header -breest.net: could not connect to host breeswish.org: did not receive HSTS header brenden.net.au: could not connect to host bress.cloud: could not connect to host @@ -1976,7 +2189,6 @@ brianpcurran.com: did not receive HSTS header brickoo.com: could not connect to host brickwerks.io: could not connect to host brickyardbuffalo.com: did not receive HSTS header -brideandgroomdirect.ie: could not connect to host bridgeout.com: could not connect to host bridholm.se: could not connect to host brightfuturemadebyme.com: could not connect to host @@ -1986,30 +2198,35 @@ brightstarkids.net: did not receive HSTS header brightstarkids.sg: did not receive HSTS header brilliantbuilders.co.uk: did not receive HSTS header brimspark.com: could not connect to host +brinkhu.is: could not connect to host brinkmann.one: could not connect to host +brinquedoseducativos.art.br: did not receive HSTS header brio-ukraine.store: could not connect to host +britishmeat.com: could not connect to host britzer-toner.de: did not receive HSTS header brivadois.ovh: did not receive HSTS header brix.ninja: did not receive HSTS header brks.xyz: could not connect to host brmascots.com: could not connect to host -brmsalescommunity.com: could not connect to host broerweb.nl: could not connect to host broken-oak.com: could not connect to host brookechase.com: did not receive HSTS header brookframework.org: could not connect to host +brossman.it: could not connect to host brownlawoffice.us: did not receive HSTS header browserid.org: could not connect to host brplusdigital.com: could not connect to host brrd.io: could not connect to host brrr.fr: could not connect to host -brunix.net: did not receive HSTS header +brunix.net: could not connect to host brunoonline.co.uk: could not connect to host +brunoramos.com: could not connect to host +brunoramos.org: could not connect to host bryancastillo.site: could not connect to host bryanshearer.accountant: did not receive HSTS header bryn.xyz: could not connect to host brynnan.nl: could not connect to host -brztec.com: did not receive HSTS header +brztec.com: could not connect to host bsagan.fr: did not receive HSTS header bsalyzer.com: could not connect to host bsc01.dyndns.org: could not connect to host @@ -2021,7 +2238,7 @@ bsohoekvanholland.nl: could not connect to host bsuess.de: could not connect to host btc-e.com: did not receive HSTS header btcdlc.com: could not connect to host -btcgo.nl: could not connect to host +btcgo.nl: did not receive HSTS header btcp.space: could not connect to host btcpot.ltd: did not receive HSTS header btku.org: could not connect to host @@ -2034,7 +2251,7 @@ buchheld.at: could not connect to host buchverlag-scholz.de: did not receive HSTS header bucket.tk: could not connect to host buckmulligans.com: did not receive HSTS header -buddhistische-weisheiten.org: did not receive HSTS header +buddhistische-weisheiten.org: could not connect to host budgetenergievriendenvoordeel.nl: could not connect to host budgetthostels.nl: did not receive HSTS header budskap.eu: did not receive HSTS header @@ -2042,6 +2259,7 @@ buenosairesestetica.com.ar: could not connect to host buenotour.ru: did not receive HSTS header buettgens.net: max-age too low: 2592000 buffalodrinkinggame.beer: did not receive HSTS header +bugtrack.co.uk: did not receive HSTS header bugtrack.io: could not connect to host bugwie.com: did not receive HSTS header buhler.pro: did not receive HSTS header @@ -2063,6 +2281,7 @@ buldogueingles.com.br: could not connect to host bulgarien.guide: could not connect to host bulkbuy.tech: could not connect to host bullbits.com: max-age too low: 0 +bulldoghire.co.uk: did not receive HSTS header bulletbabu.com: could not connect to host bulletpoint.cz: could not connect to host bullterrier.me: could not connect to host @@ -2072,9 +2291,9 @@ bumshow.ru: did not receive HSTS header bunadarbankinn.is: could not connect to host bunaken.asia: could not connect to host bunbomenu.de: could not connect to host +bundaberg.com: did not receive HSTS header bunsenlabs.org: max-age too low: 2592000 -buonventosbt.eu: could not connect to host -bupu.ml: did not receive HSTS header +buonventosbt.eu: did not receive HSTS header burckardtnet.de: did not receive HSTS header bureaubolster.nl: did not receive HSTS header bureaugravity.com: did not receive HSTS header @@ -2082,6 +2301,7 @@ burian-server.cz: could not connect to host burlesquemakeup.com: did not receive HSTS header burningcrash.de: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] burpsuite.site: could not connect to host +burroughsid.com: could not connect to host burrow.ovh: could not connect to host burrowingsec.com: could not connect to host burtrum.top: could not connect to host @@ -2098,21 +2318,24 @@ businessloanconnection.org: did not receive HSTS header businessmodeler.se: could not connect to host bustabit.com: could not connect to host bustimes.org.uk: did not receive HSTS header -busybee360.com: did not receive HSTS header +busybee360.com: could not connect to host butchersworkshop.com: did not receive HSTS header butian518.com: did not receive HSTS header butt.repair: could not connect to host buttercoin.com: could not connect to host butterfieldstraining.com: could not connect to host buturyu.org: did not receive HSTS header -buvinghausen.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] +buvinghausen.com: max-age too low: 86400 buybaby.eu: could not connect to host +buybike.shop: could not connect to host buydesired.com: did not receive HSTS header +buyessay.org: could not connect to host +buyessays.net: could not connect to host buyfox.de: did not receive HSTS header buyharpoon.com: could not connect to host -buyhealth.shop: could not connect to host buyingsellingflorida.com: could not connect to host buynowdepot.com: did not receive HSTS header +buyplussize.shop: could not connect to host buyshoe.org: could not connect to host buywood.shop: could not connect to host buzzconcert.com: did not receive HSTS header @@ -2127,16 +2350,11 @@ bxdev.me: could not connect to host by1896.com: could not connect to host by1898.com: could not connect to host by1899.com: could not connect to host -by2230.com: max-age too low: 3600 -by2238.com: max-age too low: 3600 -by2239.com: max-age too low: 3600 -by2251.com: max-age too low: 3600 -by2253.com: max-age too low: 3600 -by2254.com: max-age too low: 3600 by4cqb.cn: could not connect to host by77.com: could not connect to host by777.com: did not receive HSTS header byji.com: could not connect to host +byken.cn: did not receive HSTS header bynet.cz: could not connect to host bypass.kr: could not connect to host bypassed.bid: could not connect to host @@ -2158,9 +2376,12 @@ bypassed.today: could not connect to host bypassed.works: could not connect to host bypassed.world: could not connect to host bypro.xyz: could not connect to host +byronwade.com: could not connect to host byte.chat: did not receive HSTS header byte.wtf: did not receive HSTS header bytelog.org: could not connect to host +bytema.re: could not connect to host +bytepen.com: could not connect to host bytesatwork.eu: could not connect to host byteshift.ca: could not connect to host bytesofcode.de: could not connect to host @@ -2179,40 +2400,46 @@ c3b.info: could not connect to host c3bbs.com: could not connect to host c3ie.com: did not receive HSTS header c4.hk: could not connect to host -cabaladada.org: could not connect to host cabsites.com: could not connect to host cabusar.fr: could not connect to host +cachethq.io: did not receive HSTS header caconnect.org: could not connect to host cadao.me: did not receive HSTS header cadburymovies.in.net: could not connect to host cadenadg.gr: did not receive HSTS header caerostris.com: could not connect to host caesreon.com: could not connect to host -cafe-murr.de: could not connect to host +cafe-murr.de: did not receive HSTS header cafe-scientifique.org.ec: could not connect to host cafechesscourt.com: could not connect to host +cafefresco.pe: did not receive HSTS header caferagazzi.de: did not receive HSTS header cafesg.net: could not connect to host +caibi.io: could not connect to host caim.cz: did not receive HSTS header caipai.fm: could not connect to host cairnterrier.com.br: could not connect to host -cais.de: could not connect to host +cais.de: did not receive HSTS header cajapopcorn.com: did not receive HSTS header +cake-time.co.uk: could not connect to host cake.care: could not connect to host cal.goip.de: could not connect to host calcularpagerank.com.br: could not connect to host calculatoaresecondhand.xyz: could not connect to host +calebmorris.com: did not receive HSTS header calgaryconstructionjobs.com: did not receive HSTS header callabs.net: could not connect to host +callanbryant.co.uk: did not receive HSTS header calleveryday.com: could not connect to host callision.com: did not receive HSTS header callmereda.com: did not receive HSTS header callsigns.ca: could not connect to host calltrackingreports.com: could not connect to host +calomel.org: max-age too low: 2764800 calories.org: could not connect to host caltonnutrition.com: did not receive HSTS header calvin.me: did not receive HSTS header -calvinallen.net: could not connect to host +calypso-tour.net: could not connect to host calypsogames.net: could not connect to host calyxinstitute.org: could not connect to host camashop.de: did not receive HSTS header @@ -2223,7 +2450,6 @@ camda.online: could not connect to host camisadotorcedor.com.br: could not connect to host camjackson.net: did not receive HSTS header cammarkets.com: could not connect to host -camolist.com: could not connect to host campaignelves.com: did not receive HSTS header campbellsoftware.co.uk: could not connect to host campfire.co.il: did not receive HSTS header @@ -2231,9 +2457,8 @@ campfourpaws.com: did not receive HSTS header campingcarlovers.com: could not connect to host campingdreams.com: did not receive HSTS header campus-cybersecurity.team: did not receive HSTS header -campusportalng.com: did not receive HSTS header camsanalytics.com: could not connect to host -canadabread.com: max-age too low: 86400 +camshowhub.com: could not connect to host canadiangamblingchoice.com: did not receive HSTS header canarianlegalalliance.com: did not receive HSTS header cancelmyprofile.com: could not connect to host @@ -2243,27 +2468,28 @@ candratech.com: could not connect to host candygirl.shop: could not connect to host candykidsentertainment.co.uk: did not receive HSTS header canifis.net: did not receive HSTS header -canterbury.ws: did not receive HSTS header +canterbury.ws: could not connect to host canyonshoa.com: did not receive HSTS header caodecristachines.com.br: could not connect to host caoyu.info: did not receive HSTS header +capacitacionyautoempleo.com: did not receive HSTS header capecycles.co.za: did not receive HSTS header capeyorkfire.com.au: did not receive HSTS header -capitalonecardservice.com: did not receive HSTS header -caps.is: could not connect to host +capitalonecardservice.com: could not connect to host +captainark.net: could not connect to host captchatheprize.com: could not connect to host captianseb.de: could not connect to host captivatedbytabrett.com: could not connect to host captivationscience.com: could not connect to host captivationtheory.com: could not connect to host +capturethepen.co.uk: could not connect to host car-navi.ph: did not receive HSTS header -car-rental24.com: could not connect to host +car-rental24.com: did not receive HSTS header car-shop.top: did not receive HSTS header carano-service.de: did not receive HSTS header caraudio69.cz: could not connect to host -carboneselectricosnettosl.info: did not receive HSTS header card-cashing.com: max-age too low: 0 -card-toka.jp: did not receive HSTS header +card-toka.jp: could not connect to host cardloan-manual.net: could not connect to host cardoni.net: did not receive HSTS header cardstream.com: did not receive HSTS header @@ -2271,26 +2497,28 @@ cardurl.com: did not receive HSTS header careeraid.in: could not connect to host careerstuds.com: could not connect to host careplasticsurgery.com: did not receive HSTS header -carey.bio: could not connect to host +carey.bio: did not receive HSTS header carif-idf.net: did not receive HSTS header carif-idf.org: did not receive HSTS header carlgo11.com: did not receive HSTS header carlo.mx: did not receive HSTS header carlolly.co.uk: could not connect to host carlosalves.info: could not connect to host -carloshmm.com: could not connect to host carloshmm.stream: could not connect to host carlovanwyk.com: could not connect to host carlsbouncycastlesandhottubs.co.uk: did not receive HSTS header carlscatering.com: did not receive HSTS header -carpliyz.com: could not connect to host +caroli.biz: could not connect to host +carpliyz.com: did not receive HSTS header carrando.de: could not connect to host carredejardin.com: could not connect to host carroarmato0.be: did not receive HSTS header carsforbackpackers.com: could not connect to host +carsten.pw: could not connect to host carstenfeuls.de: did not receive HSTS header carterorland.com: could not connect to host cartesunicef.be: did not receive HSTS header +carun.us: did not receive HSTS header carwashvapeur.be: could not connect to host casajardininsecticidas.com: did not receive HSTS header casamorelli.com.br: did not receive HSTS header @@ -2303,11 +2531,11 @@ cashfortulsahouses.com: could not connect to host cashless.fr: did not receive HSTS header cashmyphone.ch: could not connect to host cashsector.ga: could not connect to host -casinolegal.pt: did not receive HSTS header +casinolistings.com: could not connect to host +casinoluck.com: could not connect to host casinoreal.com: could not connect to host casinostest.com: could not connect to host casioshop.eu: did not receive HSTS header -casjay.cloud: did not receive HSTS header casjay.us: could not connect to host casjaygames.com: could not connect to host casovi.cf: could not connect to host @@ -2316,28 +2544,26 @@ castagnonavocats.com: did not receive HSTS header cata.ga: could not connect to host catalin.pw: did not receive HSTS header catarsisvr.com: could not connect to host -catchers.cc: did not receive HSTS header catcontent.cloud: could not connect to host +catdecor.ru: could not connect to host caterkids.com: did not receive HSTS header -catfooddispensersreviews.com: did not receive HSTS header +catgirl.me: could not connect to host catgirl.pics: could not connect to host catharisme.org: could not connect to host catherinesarasin.com: did not receive HSTS header -catinmay.com: could not connect to host +catinmay.com: did not receive HSTS header catnapstudios.com: could not connect to host catnmeow.com: could not connect to host catsmagic.pp.ua: could not connect to host -caughtredhanded.co.nz: could not connect to host causae-fincas.es: did not receive HSTS header causae.es: did not receive HSTS header -cav.ac: could not connect to host cavaleria.ro: did not receive HSTS header cavalierkingcharlesspaniel.com.br: could not connect to host caveclan.org: did not receive HSTS header cavedevs.de: could not connect to host cavedroid.xyz: could not connect to host cavern.tv: did not receive HSTS header -cayafashion.de: did not receive HSTS header +cayafashion.de: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] cayounglab.co.jp: did not receive HSTS header cbamo.org: did not receive HSTS header cbengineeringinc.com: max-age too low: 86400 @@ -2349,9 +2575,9 @@ ccl-sti.ch: could not connect to host ccretreatandfarm.com: did not receive HSTS header cctech.ph: could not connect to host cctld.com: could not connect to host +ccv.eu: did not receive HSTS header cd0.us: could not connect to host cdcpartners.gov: could not connect to host -cdeck.net: could not connect to host cdkeyworld.de: did not receive HSTS header cdmhp.org.nz: could not connect to host cdmon.tech: could not connect to host @@ -2364,21 +2590,23 @@ cdt.org: did not receive HSTS header ce-agentur.de: did not receive HSTS header cecilwalker.com.au: did not receive HSTS header cee.io: could not connect to host -cefak.org.br: could not connect to host +cefak.org.br: did not receive HSTS header cegfw.com: could not connect to host ceilingpac.org: could not connect to host +cekaja.com: did not receive HSTS header celebphotos.blog: could not connect to host -celebrityhealthcritic.com: did not receive HSTS header celec.gob.ec: could not connect to host celeirorural.com.br: did not receive HSTS header celigo.com: did not receive HSTS header celina-reads.de: could not connect to host +cellartracker.com: could not connect to host cellsites.nz: could not connect to host cencalvia.org: could not connect to host centennialrewards.com: did not receive HSTS header centerforpolicy.org: could not connect to host +centerpereezd.ru: could not connect to host centos.pub: could not connect to host -central4.me: did not receive HSTS header +central4.me: could not connect to host centralcountiesservices.org: did not receive HSTS header centralfor.me: did not receive HSTS header centrallead.net: could not connect to host @@ -2390,6 +2618,7 @@ centrolavoro.org: did not receive HSTS header centsforchange.net: could not connect to host ceoimon.com: did not receive HSTS header cercevelet.com: did not receive HSTS header +ceres1.space: did not receive HSTS header ceresia.ch: could not connect to host ceritamalam.net: could not connect to host cerize.love: could not connect to host @@ -2402,15 +2631,18 @@ certifix.eu: did not receive HSTS header certly.io: could not connect to host certmgr.org: could not connect to host ceruleanmainbeach.com.au: did not receive HSTS header +cervejista.com: could not connect to host cesal.net: could not connect to host cesidianroot.eu: could not connect to host cevrimici.com: could not connect to host +ceyizlikelisleri.com: could not connect to host +cf11.de: did not receive HSTS header cfcnexus.org: could not connect to host cfcproperties.com: did not receive HSTS header -cfda.gov: could not connect to host cfetengineering.com: could not connect to host cfneia.org: could not connect to host cfoitplaybook.com: could not connect to host +cfsh.tk: could not connect to host cganx.org: could not connect to host cgerstner.eu: did not receive HSTS header cgsshelper.tk: could not connect to host @@ -2419,6 +2651,7 @@ chadklass.com: could not connect to host chahub.com: could not connect to host chainmonitor.com: could not connect to host challengeskins.com: could not connect to host +chameleon-ents.co.uk: could not connect to host chameth.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] chamilo.org: did not receive HSTS header champ.dog: did not receive HSTS header @@ -2436,15 +2669,16 @@ chaos.fail: could not connect to host chaospott.de: did not receive HSTS header chaoswebs.net: did not receive HSTS header chaouby.com: could not connect to host +charakato.com: could not connect to host charge.co: could not connect to host chargejuice.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] charityclear.com: could not connect to host charitystreet.co.uk: could not connect to host -charlenevondell.com: could not connect to host charlestonsecuritysystems.net: did not receive HSTS header charliemcneive.com: could not connect to host charlimarie.com: did not receive HSTS header charlipopkids.com.au: could not connect to host +charmyadesara.com: could not connect to host charnleyhouse.co.uk: did not receive HSTS header charonsecurity.com: could not connect to host charp.eu: could not connect to host @@ -2456,24 +2690,27 @@ chasse-et-plaisir.com: did not receive HSTS header chat-porc.eu: did not receive HSTS header chatbot.me: did not receive HSTS header chatbots.email: could not connect to host +chateau-belvoir.com: did not receive HSTS header chateauconstellation.ch: did not receive HSTS header chateaudevaugrigneuse.com: did not receive HSTS header chatint.com: did not receive HSTS header chatnbook.com: could not connect to host chatup.cf: could not connect to host +chatxp.com: could not connect to host chaulootz.com: did not receive HSTS header +chaverde.org: could not connect to host chcemvediet.sk: max-age too low: 1555200 cheah.xyz: could not connect to host cheapdns.org: could not connect to host -cheapwritingservice.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] +cheapssl.com.tr: could not connect to host +cheapwritingservice.com: could not connect to host cheazey.net: did not receive HSTS header chebedara.com: could not connect to host chebwebb.com: could not connect to host checkhost.org: could not connect to host -checkmatewebsolutions.com: did not receive HSTS header +checkmatewebsolutions.com: max-age too low: 0 checkout.google.com: could not connect to host (error ignored - included regardless) -checkrente.nl: did not receive HSTS header -checkyourmeds.com: did not receive HSTS header +checkyourmeds.com: could not connect to host cheekylittlerascals.co.uk: did not receive HSTS header cheerflow.com: could not connect to host cheesetart.my: could not connect to host @@ -2494,14 +2731,16 @@ cherrydropscandycarts.co.uk: did not receive HSTS header cherylsoleway.com: did not receive HSTS header chessreporter.nl: did not receive HSTS header chesterbrass.uk: did not receive HSTS header -chestnut.cf: could not connect to host chiamata-aiuto.ch: could not connect to host chib.chat: could not connect to host chicorycom.net: could not connect to host chihiro.xyz: could not connect to host chijiokeindustries.co.uk: could not connect to host +chikatomo-ryugaku.com: did not receive HSTS header +chikory.com: could not connect to host childcaresolutionscny.org: did not receive HSTS header childrendeservebetter.org: did not receive HSTS header +chilli943.info: could not connect to host chimparoo.ca: did not receive HSTS header china-dhl.org: could not connect to host china-line.org: could not connect to host @@ -2510,14 +2749,18 @@ chiphell.com: did not receive HSTS header chirgui.eu: could not connect to host chloca.jp: did not receive HSTS header chloe.re: did not receive HSTS header +chloeallison.co.uk: could not connect to host +chloehorler.com: could not connect to host chlouis.net: could not connect to host chm.vn: did not receive HSTS header chocolat-suisse.ch: could not connect to host chodobien.com: could not connect to host +chodocu.com: did not receive HSTS header +choe.fi: could not connect to host choiralberta.ca: did not receive HSTS header chontalpa.pw: could not connect to host chopperforums.com: could not connect to host -chordso.com: could not connect to host +chordso.com: did not receive HSTS header chorkley.me: could not connect to host choruscrowd.com: could not connect to host chotu.net: could not connect to host @@ -2525,13 +2768,11 @@ chris-web.info: could not connect to host chrisandsarahinasia.com: could not connect to host chrisbrakebill.com: did not receive HSTS header chrisbrown.id.au: could not connect to host -chriscowley.me.uk: did not receive HSTS header chrisebert.net: could not connect to host chrisfaber.com: could not connect to host chrisfinazzo.com: did not receive HSTS header chriskirchner.de: did not receive HSTS header chriskyrouac.com: could not connect to host -chrisnicholas.io: did not receive HSTS header chrisopperwall.com: did not receive HSTS header chrisself.xyz: could not connect to host christiaandruif.nl: could not connect to host @@ -2539,7 +2780,8 @@ christianbro.gq: could not connect to host christianhoffmann.info: could not connect to host christianhospitaltank.org: did not receive HSTS header christiansayswords.com: could not connect to host -christina-quast.de: could not connect to host +christianscholz.eu: could not connect to host +christina-quast.de: did not receive HSTS header christophebarbezat.ch: could not connect to host christophercolumbusfoundation.gov: could not connect to host christophersole.com: could not connect to host @@ -2555,25 +2797,33 @@ chrome.google.com: did not receive HSTS header (error ignored - included regardl chronogram.me: did not receive HSTS header chronoproject.com: did not receive HSTS header chrst.ph: could not connect to host -chs.us: max-age too low: 0 +chs.us: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] chsh.moe: could not connect to host chua.cf: could not connect to host +chua.family: could not connect to host chuckame.fr: did not receive HSTS header chulado.com: did not receive HSTS header chundelac.com: could not connect to host churchux.co: did not receive HSTS header +churchwebcanada.ca: did not receive HSTS header +churchwebsupport.com: did not receive HSTS header churrasqueirafacil.com.br: could not connect to host ci-labo.com.tw: max-age too low: 7889238 cianmawhinney.xyz: could not connect to host +cidadedopoker.com.br: did not receive HSTS header +ciderclub.com: could not connect to host cidr.ml: could not connect to host +cielly.com: could not connect to host cienbeaute-lidl.fr: could not connect to host cigarblogs.net: could not connect to host +cigarterminal.com: could not connect to host cigi.site: could not connect to host ciicutini.ro: did not receive HSTS header cim2b.de: could not connect to host cimalando.eu: could not connect to host cinartelorgu.com: did not receive HSTS header cinefilia.tk: could not connect to host +cinema5.ru: did not receive HSTS header cinemaclub.co: could not connect to host cinerama.com.br: did not receive HSTS header cintdirect.com: could not connect to host @@ -2582,33 +2832,34 @@ cipher.co.th: did not receive HSTS header cipher.land: could not connect to host cipherli.st: did not receive HSTS header ciplanutrition.com: could not connect to host +cipriano.nl: did not receive HSTS header cira.email: could not connect to host circ-logic.com: did not receive HSTS header circlebox.rocks: could not connect to host -cirrohost.com: did not receive HSTS header +cirrohost.com: could not connect to host ciscohomeanalytics.com: could not connect to host ciscommerce.net: could not connect to host citiagent.cz: could not connect to host citra-emu.org: did not receive HSTS header +citroner.blog: could not connect to host citybusexpress.com: did not receive HSTS header cityoflaurel.org: did not receive HSTS header citywalkr.com: could not connect to host ciuciucadou.ro: could not connect to host cium.ru: could not connect to host -ciurcasdan.eu: did not receive HSTS header +civicunicorn.com: could not connect to host +civicunicorn.us: could not connect to host cjcaron.org: could not connect to host -cjdpenterprises.com: could not connect to host -cjdpenterprises.com.au: could not connect to host cjessett.com: max-age too low: 0 cjtkfan.club: could not connect to host ckcameron.net: could not connect to host ckp.io: could not connect to host claimit.ml: could not connect to host clan-ww.com: did not receive HSTS header -clapping-rhymes.com: did not receive HSTS header +clapping-rhymes.com: could not connect to host clara-baumert.de: could not connect to host claralabs.com: did not receive HSTS header -claretandbanter.uk: did not receive HSTS header +claretandbanter.uk: could not connect to host clarity-c2ced.appspot.com: did not receive HSTS header claritysrv.com: did not receive HSTS header clarksgaragedoorrepair.com: did not receive HSTS header @@ -2630,7 +2881,7 @@ cleanstar.org: could not connect to host clear.ml: could not connect to host clearc.tk: could not connect to host clearchatsandbox.com: could not connect to host -clearsky.me: did not receive HSTS header +clearsky.me: could not connect to host clearviewwealthprojector.com.au: could not connect to host clemovementlaw.com: could not connect to host clerkendweller.uk: could not connect to host @@ -2644,6 +2895,7 @@ clickandgo.com: did not receive HSTS header clickandshoot.nl: could not connect to host clickclickphish.com: did not receive HSTS header clickgram.biz: could not connect to host +clickomobile.com: did not receive HSTS header clicks.co.za: max-age too low: 1800 clicktenisdemesa.com.br: did not receive HSTS header clicn.bio: could not connect to host @@ -2657,7 +2909,9 @@ clintonbloodworth.com: could not connect to host clintonbloodworth.io: could not connect to host clintwilson.technology: max-age too low: 2592000 clipped4u.com: could not connect to host +clod-hacking.com: could not connect to host cloghercastles.co.uk: did not receive HSTS header +clorik.com: could not connect to host closient.com: did not receive HSTS header closingholding.com: could not connect to host cloud-crowd.com.au: did not receive HSTS header @@ -2665,18 +2919,23 @@ cloud-project.com: could not connect to host cloud.wtf: could not connect to host cloud2go.de: did not receive HSTS header cloudapi.vc: could not connect to host -cloudbased.info: could not connect to host +cloudbased.info: did not receive HSTS header cloudbasedsite.com: did not receive HSTS header cloudberlin.goip.de: could not connect to host cloudbleed.info: could not connect to host +cloudbolin.es: could not connect to host cloudcert.org: did not receive HSTS header cloudcy.net: could not connect to host clouddesktop.co.nz: could not connect to host cloudfren.com: did not receive HSTS header cloudimag.es: could not connect to host +cloudimprovedtest.com: could not connect to host cloudlink.club: could not connect to host +cloudmigrator365.com: did not receive HSTS header cloudns.com.au: could not connect to host cloudopt.net: did not receive HSTS header +cloudpagesforwork.com: did not receive HSTS header +cloudpebble.net: did not receive HSTS header clouds.webcam: could not connect to host cloudspotterapp.com: did not receive HSTS header cloudstoragemaus.com: could not connect to host @@ -2693,22 +2952,25 @@ clownish.co.il: could not connect to host clsimplex.com: did not receive HSTS header clubcall.com: did not receive HSTS header clubdeslecteurs.net: could not connect to host +clubmate.rocks: could not connect to host clubmix.co.kr: could not connect to host +cluefulca.com: could not connect to host +cluefulca.net: could not connect to host +cluefulca.org: could not connect to host cluj.apartments: could not connect to host -cluster.biz.tr: could not connect to host cluster.id: could not connect to host clvrwebdesign.com: did not receive HSTS header clvs7.com: did not receive HSTS header clycat.ru: could not connect to host clywedogmaths.co.uk: could not connect to host -cmangos.net: could not connect to host +cmangos.net: did not receive HSTS header cmc-versand.de: did not receive HSTS header cmcc.network: could not connect to host cmci.dk: did not receive HSTS header cmdtelecom.net.br: did not receive HSTS header cmitao.com: could not connect to host cmpr.es: could not connect to host -cmrss.com: did not receive HSTS header +cmrss.com: could not connect to host cms-weble.jp: did not receive HSTS header cmsbattle.com: could not connect to host cmscafe.ru: did not receive HSTS header @@ -2719,16 +2981,19 @@ cnaprograms.online: could not connect to host cncfraises.fr: did not receive HSTS header cncn.us: did not receive HSTS header cnetw.xyz: could not connect to host -cnitdog.com: did not receive HSTS header +cnitdog.com: could not connect to host cnlic.com: could not connect to host cnrd.me: did not receive HSTS header cnsyear.com: did not receive HSTS header cnwage.com: could not connect to host cnwarn.com: could not connect to host -co-driversphoto.se: could not connect to host +co-driversphoto.se: did not receive HSTS header co-yutaka.com: could not connect to host -coach-sportif.paris: did not receive HSTS header +coach-sportif.paris: could not connect to host coachingconsultancy.com: did not receive HSTS header +coathangerstrangla.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] +coathangerstrangler.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] +coatl-industries.com: could not connect to host cobaltlp.com: could not connect to host cobrax.net: could not connect to host coccinellaskitchen.com: could not connect to host @@ -2740,6 +3005,7 @@ cockerspanielamericano.com.br: could not connect to host cockerspanielingles.com.br: could not connect to host cocktailfuture.fr: could not connect to host coco-cool.fr: could not connect to host +cocodemy.com: did not receive HSTS header cocolovesdaddy.com: could not connect to host codabix.com: did not receive HSTS header codabix.de: could not connect to host @@ -2753,12 +3019,11 @@ codeco.pw: could not connect to host codecontrollers.de: could not connect to host codedelarouteenligne.fr: did not receive HSTS header codeforce.io: could not connect to host -codeforhakodate.org: did not receive HSTS header -codejunkie.de: did not receive HSTS header +codeforhakodate.org: could not connect to host codelayer.ca: could not connect to host codelitmus.com: did not receive HSTS header codeloop.pw: could not connect to host -codelove.de: could not connect to host +codelove.de: did not receive HSTS header codemonkeyrawks.net: did not receive HSTS header codemperium.com: could not connect to host codenlife.xyz: could not connect to host @@ -2767,6 +3032,7 @@ codeplay.org: could not connect to host codepoet.de: did not receive HSTS header codeproxy.ddns.net: could not connect to host codepx.com: did not receive HSTS header +coderhangout.com: could not connect to host codewiththepros.org: could not connect to host codewiz.xyz: could not connect to host codigosddd.com.br: did not receive HSTS header @@ -2775,12 +3041,11 @@ coffeedino.com: did not receive HSTS header coffeeetc.co.uk: could not connect to host coffeestrategies.com: max-age too low: 5184000 cogniflex.com: did not receive HSTS header -cogsquad.house: could not connect to host cogumelosmagicos.org: could not connect to host cohesive.io: did not receive HSTS header +coimmvest.com: could not connect to host coin-exchange.cz: could not connect to host coindam.com: could not connect to host -coins2001.ru: could not connect to host colarelli.ch: could not connect to host coldlostsick.net: could not connect to host coldwatericecream.com: did not receive HSTS header @@ -2788,7 +3053,7 @@ colearnr.com: could not connect to host collablynk.com: could not connect to host collabra.email: did not receive HSTS header collard.tk: could not connect to host -collectiblebeans.com: could not connect to host +collbox.co: did not receive HSTS header collectosaurus.com: did not receive HSTS header colleencornez.com: could not connect to host collegepulse.org: could not connect to host @@ -2802,14 +3067,19 @@ colmexpro.com: did not receive HSTS header colognegaming.net: could not connect to host coloradocomputernetworking.net: could not connect to host colorcentertoner.com.br: did not receive HSTS header +coloringnotebook.com: could not connect to host colorlib.com: did not receive HSTS header +colorlifesupport.com: max-age too low: 0 colorunhas.com.br: did not receive HSTS header coltonrb.com: could not connect to host com.cc: could not connect to host combatshield.cz: did not receive HSTS header +comchezmeme.com: could not connect to host +comdotgame.com: could not connect to host comefollowme2016.com: did not receive HSTS header comeoncolleen.com: did not receive HSTS header comercialtrading.eu: could not connect to host +cometrueunlimited.com: could not connect to host comfortdom.ua: did not receive HSTS header comfortticket.de: did not receive HSTS header comfy.cafe: could not connect to host @@ -2821,20 +3091,20 @@ comicspines.com: could not connect to host comiq.io: could not connect to host comitesaustria.at: could not connect to host comiteshopping.com: could not connect to host -commania.co.kr: could not connect to host commencepayments.com: did not receive HSTS header -commerciallocker.com: did not receive HSTS header +commerciallocker.com: could not connect to host commercialplanet.eu: could not connect to host commune-preuilly.fr: did not receive HSTS header community-cupboard.org: did not receive HSTS header -communityflow.info: could not connect to host comocurarlagastritis24.online: did not receive HSTS header comocurarlashemorroides.org: could not connect to host comocurarlashemorroidesya.com: did not receive HSTS header +comoimportar.net: did not receive HSTS header +comosecarabarriga.net: did not receive HSTS header +comoseduzir.net: did not receive HSTS header comotalk.com: could not connect to host compalytics.com: could not connect to host comparamejor.com: did not receive HSTS header -compareandrecycle.co.uk: did not receive HSTS header comparejewelleryprices.co.uk: could not connect to host comparetravelinsurance.com.au: did not receive HSTS header compassionate-biology.com: could not connect to host @@ -2847,8 +3117,10 @@ compliance-systeme.de: could not connect to host complt.xyz: could not connect to host complymd.com: did not receive HSTS header compredietlight.com.br: did not receive HSTS header -comprefitasadere.com.br: did not receive HSTS header +comprefitasadere.com.br: could not connect to host comprehensiveihc.com: could not connect to host +compromised.com: could not connect to host +compsmag.com: did not receive HSTS header comptrollerofthecurrency.gov: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] compucorner.com.mx: could not connect to host computeremergency.com.au: did not receive HSTS header @@ -2861,22 +3133,20 @@ concerts-metal.ch: did not receive HSTS header conclave.global: could not connect to host concord-group.co.jp: did not receive HSTS header concretehermit.com: did not receive HSTS header -conectalmeria.com: could not connect to host +conectalmeria.com: did not receive HSTS header confirm365.com: could not connect to host conformal.com: could not connect to host -confucio.cl: could not connect to host congz.me: could not connect to host +conkret.ch: could not connect to host conkret.co.uk: could not connect to host conkret.eu: could not connect to host conkret.in: did not receive HSTS header -connaitre-les-astres.com: could not connect to host -connect-me.com: did not receive HSTS header +connaitre-les-astres.com: did not receive HSTS header connect.ua: could not connect to host connected-verhuurservice.nl: did not receive HSTS header connectfss.com: could not connect to host connectingconcepts.com: did not receive HSTS header conrad.am: could not connect to host -conrail.blue: could not connect to host consciousandglamorous.com: could not connect to host consciousbrand.org.au: could not connect to host consciousbranding.org.au: could not connect to host @@ -2884,8 +3154,8 @@ consciousbrands.net.au: could not connect to host consejosdehogar.com: did not receive HSTS header console.python.org: did not receive HSTS header console.support: did not receive HSTS header +construct-trust.com: could not connect to host constructive.men: could not connect to host -consultation.biz.tr: could not connect to host consultcelerity.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] consultingroupitaly.com: did not receive HSTS header consultorcr.net: did not receive HSTS header @@ -2900,7 +3170,6 @@ continuation.io: could not connect to host continuumgaming.com: could not connect to host contraout.com: could not connect to host controlcenter.gigahost.dk: did not receive HSTS header -controleer-maar-een-ander.nl: did not receive HSTS header convergemagazine.com: did not receive HSTS header convertimg.com: could not connect to host convoitises.com: did not receive HSTS header @@ -2914,8 +3183,9 @@ cooljs.me: could not connect to host coolkidsbouncycastles.co.uk: did not receive HSTS header coolvox.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] coonelnel.net: did not receive HSTS header -cooxa.com: did not receive HSTS header +cooxa.com: could not connect to host copshop.com.br: could not connect to host +coptic-treasures.com: max-age too low: 2592000 copycaught.com: could not connect to host cor-ser.es: could not connect to host coralproject.net: did not receive HSTS header @@ -2929,10 +3199,11 @@ coreapm.com: could not connect to host corecdn.org: could not connect to host coreinfrastructure.org: did not receive HSTS header corenetworking.de: could not connect to host +coresos.com: could not connect to host corex.io: could not connect to host corgicloud.com: could not connect to host corinnanese.de: could not connect to host -coriver.me: could not connect to host +coriver.me: did not receive HSTS header corkyoga.site: could not connect to host cormactagging.ie: could not connect to host cormilu.com.br: did not receive HSTS header @@ -2950,7 +3221,7 @@ corruption-mc.net: could not connect to host corruption-rsps.net: could not connect to host corruption-server.net: could not connect to host corzntin.fr: could not connect to host -cosmeticosnet.com.br: could not connect to host +cosmeticosnet.com.br: did not receive HSTS header cosmiatria.pe: could not connect to host cosmoluziluminacion.com: did not receive HSTS header cosmoss-departure.com: did not receive HSTS header @@ -2969,6 +3240,7 @@ course.pp.ua: did not receive HSTS header course.rs: could not connect to host coursella.com: did not receive HSTS header courses.nl: could not connect to host +courseworkbank.info: could not connect to host cove.sh: could not connect to host covenantbank.net: could not connect to host coverdat.com: could not connect to host @@ -2979,10 +3251,10 @@ cozy.io: did not receive HSTS header cozycloud.cc: did not receive HSTS header cpaneltips.com: could not connect to host cpbanq.com: could not connect to host -cpu.biz.tr: could not connect to host cpuvinf.eu.org: could not connect to host +cqchome.com: did not receive HSTS header cracking.org: did not receive HSTS header -crackingking.com: did not receive HSTS header +crackingking.com: could not connect to host crackpfer.de: could not connect to host crackslut.eu: could not connect to host craftbeerbarn.co.uk: could not connect to host @@ -2991,12 +3263,12 @@ craftination.net: could not connect to host craftmain.eu: could not connect to host craftmine.cz: could not connect to host craftngo.hu: could not connect to host +craftwmcp.xyz: could not connect to host craftydev.design: could not connect to host -craigsimpson.scot: did not receive HSTS header cranems.com.ua: could not connect to host cranesafe.com: max-age too low: 7889238 cranioschule.com: did not receive HSTS header -crashsec.com: could not connect to host +crashsec.com: did not receive HSTS header crate.io: did not receive HSTS header cravelyrics.com: could not connect to host crazifyngers.com: could not connect to host @@ -3004,27 +3276,31 @@ crazy-crawler.de: did not receive HSTS header crazycen.com: did not receive HSTS header crazycraftland.de: did not receive HSTS header crazycraftland.net: did not receive HSTS header +crazyfamily11.de: did not receive HSTS header crazyhotseeds.com: did not receive HSTS header crazyker.com: did not receive HSTS header crbug.com: did not receive HSTS header (error ignored - included regardless) creaescola.com: did not receive HSTS header -crealogix-online.com: could not connect to host creamybuild.com: could not connect to host +create-ls.jp: could not connect to host create-test-publish.co.uk: could not connect to host +creative-coder.de: did not receive HSTS header creativeapple.ltd: did not receive HSTS header creativeartifice.com: did not receive HSTS header creativecommonscatpictures.com: could not connect to host -creativeink.de: could not connect to host creativephysics.ml: could not connect to host creativeplayuk.com: did not receive HSTS header creato.top: could not connect to host +crecips.com: could not connect to host crecket.me: could not connect to host credia.jp: did not receive HSTS header creditclear.com.au: did not receive HSTS header -creditreporttips.net: could not connect to host +creditreporttips.net: did not receive HSTS header crendontech.com: did not receive HSTS header +creorin.com: did not receive HSTS header crestoncottage.com: could not connect to host crewplanner.eu: did not receive HSTS header +crge.eu: max-age too low: 0 crimewatch.net.za: could not connect to host crisissurvivalspecialists.com: could not connect to host cristianhares.com: could not connect to host @@ -3035,7 +3311,7 @@ crmdemo.website: did not receive HSTS header crockett.io: did not receive HSTS header croco.vision: did not receive HSTS header croeder.net: could not connect to host -cronix.cc: could not connect to host +croisieres.discount: did not receive HSTS header croods-mt2.fr: did not receive HSTS header croome.no-ip.org: could not connect to host crop-alert.com: could not connect to host @@ -3050,23 +3326,28 @@ crownbouncycastlehire.co.uk: did not receive HSTS header crownruler.com: did not receive HSTS header crox.co: could not connect to host crrev.com: did not receive HSTS header (error ignored - included regardless) +crt.cloud: could not connect to host crtvmgmt.com: could not connect to host crudysql.com: could not connect to host crufad.org: did not receive HSTS header -cruikshank.com.au: could not connect to host +cruikshank.com.au: did not receive HSTS header crushroom.com: max-age too low: 43200 cruzeiropedia.org: did not receive HSTS header cruzr.xyz: could not connect to host crypalert.com: could not connect to host crypt.guru: did not receive HSTS header cryptify.eu: could not connect to host +cryptobells.com: did not receive HSTS header cryptobin.org: could not connect to host cryptocaseproject.com: could not connect to host cryptodash.net: could not connect to host +cryptoegg.ca: could not connect to host +cryptofrog.co: could not connect to host +cryptoisnotacrime.org: could not connect to host cryptojar.io: could not connect to host +cryptojourney.com: did not receive HSTS header cryptolab.pro: could not connect to host cryptolab.tk: could not connect to host -cryptolosophy.io: could not connect to host cryptoparty.dk: could not connect to host cryptopartyatx.org: could not connect to host cryptopartynewcastle.org: could not connect to host @@ -3082,34 +3363,38 @@ csawctf.poly.edu: could not connect to host cscau.com: did not receive HSTS header csehnyelv.hu: could not connect to host cselzer.com: did not receive HSTS header -cser.me: did not receive HSTS header +cser.me: could not connect to host +csfcloud.com: did not receive HSTS header csfs.org.uk: could not connect to host csgf.ru: did not receive HSTS header csgo.help: could not connect to host csgo77.com: could not connect to host -csgodicegame.com: did not receive HSTS header +csgodicegame.com: could not connect to host csgoelemental.com: could not connect to host +csgogamers.com: could not connect to host +csgohandouts.com: did not receive HSTS header csgokings.eu: could not connect to host csgoshifter.com: could not connect to host csilies.de: could not connect to host csinfo.us: could not connect to host -csinterstargeneve.ch: could not connect to host csohack.tk: could not connect to host -cspbuilder.info: could not connect to host -cspeti.hu: could not connect to host +cspbuilder.info: did not receive HSTS header cssps.org: could not connect to host cssu.in: did not receive HSTS header csvape.com: did not receive HSTS header +cswarzone.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] ct-status.org: could not connect to host ct-watches.dk: did not receive HSTS header ctrl.blog: did not receive HSTS header +ctyi.me: did not receive HSTS header cuanhua3s.com: did not receive HSTS header cubecart.net: could not connect to host +cubecraftstore.com: could not connect to host +cubecraftstore.net: could not connect to host cubela.tech: could not connect to host cubeserver.eu: could not connect to host cubewano.com: could not connect to host cubix.host: did not receive HSTS header -cublick.com: did not receive HSTS header cucc.date: could not connect to host cuecamania.com.br: could not connect to host cujanovic.com: did not receive HSTS header @@ -3118,19 +3403,20 @@ culinae.nl: could not connect to host culture-school.top: did not receive HSTS header cumparama.com: did not receive HSTS header cumshots-video.ru: could not connect to host -cuni-cuni-club.com: could not connect to host +cunha.be: could not connect to host +cuni-cuni-club.com: did not receive HSTS header cuni-rec.com: could not connect to host -cuntflaps.me: could not connect to host cuongquach.com: did not receive HSTS header cuongthach.com: did not receive HSTS header cuonic.com: could not connect to host cupcake.io: did not receive HSTS header cupcake.is: did not receive HSTS header +cupofarchitects.net: could not connect to host curacao-license.com: could not connect to host curarnosensalud.com: could not connect to host -curatedgeek.com: did not receive HSTS header curiouscat.me: max-age too low: 2592000 curlyroots.com: did not receive HSTS header +current.com: did not receive HSTS header curroapp.com: could not connect to host cursosdnc.cl: did not receive HSTS header curveweb.co.uk: did not receive HSTS header @@ -3139,17 +3425,21 @@ custe.rs: could not connect to host customadesign.com: did not receive HSTS header customd.com: did not receive HSTS header customfilmworks.com: could not connect to host +customizeyourshower.com: could not connect to host +custompapers.com: could not connect to host +customromlist.com: could not connect to host +customwritings.com: could not connect to host cutelariafiveladeouro.com.br: did not receive HSTS header cutorrent.com: could not connect to host cuvva.insure: did not receive HSTS header cvjm-memmingen.de: did not receive HSTS header -cvsoftub.com: could not connect to host +cvsoftub.com: did not receive HSTS header cvtparking.co.uk: did not receive HSTS header cw-bw.de: could not connect to host cwage.com: could not connect to host -cwarren.is: could not connect to host cwbw.network: could not connect to host cwilson.ga: could not connect to host +cwningen.cymru: could not connect to host cy.technology: did not receive HSTS header cyanogenmod.xxx: could not connect to host cybbh.space: could not connect to host @@ -3162,53 +3452,54 @@ cyberdos.de: did not receive HSTS header cyberlab.kiev.ua: did not receive HSTS header cyberlab.team: did not receive HSTS header cyberpeace.nl: could not connect to host -cyberpioneer.net: could not connect to host cyberprey.com: did not receive HSTS header cyberpunk.ca: could not connect to host -cybersafesolutions.com: did not receive HSTS header cyberscan.io: did not receive HSTS header +cyberserver.org: could not connect to host cybershambles.com: could not connect to host cyberspace.today: could not connect to host -cyberxpert.nl: could not connect to host +cybit.io: did not receive HSTS header cyclehackluxembourgcity.lu: could not connect to host cyclingjunkies.com: could not connect to host cydia-search.io: could not connect to host cyelint.com: could not connect to host +cygu.ch: did not receive HSTS header cymtech.net: could not connect to host cynoshair.com: could not connect to host cyoda.com: did not receive HSTS header -cypherpunk.com: could not connect to host +cype.dedyn.io: could not connect to host cypherpunk.ws: could not connect to host cyphertite.com: could not connect to host +cypressinheritancesaga.com: could not connect to host cytadel.fr: did not receive HSTS header +cytegic-update-packages.com: could not connect to host czaw.org: did not receive HSTS header czirnich.org: did not receive HSTS header czlx.co: could not connect to host d-academia.com: did not receive HSTS header +d-macindustries.com: did not receive HSTS header d-rickroll-e.pw: could not connect to host d00r.de: did not receive HSTS header d0xq.net: could not connect to host d1ves.io: did not receive HSTS header d3x.pw: could not connect to host -d4rkdeagle.tk: could not connect to host +d4wson.com: could not connect to host d8studio.net: could not connect to host da8.cc: could not connect to host dabblegoat.com: could not connect to host dabbot.org: did not receive HSTS header dad256.tk: could not connect to host dadtheimpaler.com: could not connect to host -daemon.xin: did not receive HSTS header dah5.com: did not receive HSTS header dahl-pind.dk: did not receive HSTS header dai-rin.co.jp: could not connect to host -dailybunda.com: could not connect to host +dailybunda.com: did not receive HSTS header dailystormerpodcasts.com: could not connect to host dailytopix.com: could not connect to host daimadi.com: could not connect to host daisuki.pw: could not connect to host -daiwai.de: could not connect to host daiyuu.jp: could not connect to host -dakerealestate.com: could not connect to host +dakerealestate.com: did not receive HSTS header dakl-shop.de: did not receive HSTS header dakotasilencer.com: did not receive HSTS header dakrib.net: could not connect to host @@ -3221,9 +3512,12 @@ damedrogy.cz: could not connect to host damianuv-blog.cz: did not receive HSTS header damjanovic.work: could not connect to host danbarrett.com.au: could not connect to host +dancebuzz.co.uk: did not receive HSTS header dancerdates.net: did not receive HSTS header +dandenongroadapartments.com.au: did not receive HSTS header dandymrsb.com: could not connect to host dane-bre.net: max-age too low: 172800 +dango.in: could not connect to host daniel-mosquera.com: could not connect to host daniel-seifert.com: max-age too low: 600000 daniel-stahl.net: could not connect to host @@ -3233,6 +3527,7 @@ danieldk.eu: did not receive HSTS header danielgraziano.ca: could not connect to host danieliancu.com: could not connect to host danielkratz.com: max-age too low: 172800 +danielsteiner.net: could not connect to host danielverlaan.nl: could not connect to host danielworthy.com: did not receive HSTS header danielzuzevich.com: could not connect to host @@ -3242,6 +3537,7 @@ dankeblog.com: could not connect to host danmark.guide: did not receive HSTS header dannycrichton.com: did not receive HSTS header danrl.de: could not connect to host +dansa.com.co: did not receive HSTS header danskringsporta.be: did not receive HSTS header danwillenberg.com: did not receive HSTS header daolerp.xyz: could not connect to host @@ -3249,10 +3545,10 @@ dargasia.is: could not connect to host dario.im: did not receive HSTS header dariosirangelo.me: did not receive HSTS header dark-x.cf: could not connect to host -darkanzali.pl: max-age too low: 0 +darkanzali.pl: could not connect to host darkdestiny.ch: could not connect to host darkfriday.ddns.net: could not connect to host -darkhole.cn: did not receive HSTS header +darkhole.cn: could not connect to host darkishgreen.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] darkkeepers.dk: max-age too low: 172800 darknebula.space: could not connect to host @@ -3263,7 +3559,6 @@ darkstance.org: could not connect to host darktree.in: could not connect to host darlastudio66.com: did not receive HSTS header darlo.co.uk: could not connect to host -daropia.org: could not connect to host darrenellis.xyz: could not connect to host darrenm.net: could not connect to host das-tyrol.at: did not receive HSTS header @@ -3278,24 +3573,29 @@ data.haus: could not connect to host data.qld.gov.au: did not receive HSTS header datacave.is: could not connect to host datacubed.com: did not receive HSTS header +datafd.com: could not connect to host +datafd.net: could not connect to host datahoarder.download: could not connect to host -datahoarder.xyz: could not connect to host +datahoarderschool.club: did not receive HSTS header dataisme.com: did not receive HSTS header datajapan.co.jp: did not receive HSTS header datamatic.ru: could not connect to host dataretention.solutions: could not connect to host +datasharesystem.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] datasnitch.co.uk: could not connect to host datatekniikka.com: could not connect to host datedeposit.com: could not connect to host datengrab.ws: could not connect to host +datenlast.de: could not connect to host datenreiter.cf: could not connect to host datenreiter.gq: could not connect to host datenreiter.ml: could not connect to host datenreiter.tk: could not connect to host -datenschutzhelden.org: did not receive HSTS header +datenschutzhelden.org: could not connect to host datine.com.br: could not connect to host datorb.com: could not connect to host datortipsen.se: did not receive HSTS header +datsound.ru: could not connect to host datsumou-q.com: did not receive HSTS header daverandom.com: could not connect to host davidandkailey.com: could not connect to host @@ -3304,32 +3604,36 @@ davidglidden.eu: did not receive HSTS header davidgrudl.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] davidhunter.scot: did not receive HSTS header davidletellier.com: did not receive HSTS header +davidlillo.com: could not connect to host davidnoren.com: did not receive HSTS header davidreinhardt.de: could not connect to host davidscherzer.at: could not connect to host davros.eu: could not connect to host davros.ru: could not connect to host +daw.nz: could not connect to host dawnofeden.org: did not receive HSTS header dawnson.is: could not connect to host +dawnsonb.com: could not connect to host day.vip: did not receive HSTS header daylightcompany.com: did not receive HSTS header days.one: could not connect to host daytonaseaside.com: did not receive HSTS header db.gy: could not connect to host +dbjc.duckdns.org: did not receive HSTS header dblx.io: could not connect to host dbox.ga: could not connect to host dbpmedia.se: did not receive HSTS header -dbx.ovh: could not connect to host +dbx.ovh: did not receive HSTS header dbyz.co.uk: max-age too low: 43200 dcaracing.nl: could not connect to host -dcc.moe: did not receive HSTS header +dcc.moe: could not connect to host dccode.gov: could not connect to host dccoffeeproducts.com: did not receive HSTS header dccraft.net: could not connect to host -dclaisse.fr: could not connect to host dctxf.com: did not receive HSTS header dcuofriends.net: could not connect to host dcw.io: did not receive HSTS header +dd.art.pl: could not connect to host ddatsh.com: did not receive HSTS header dden.website: could not connect to host dden.xyz: could not connect to host @@ -3339,20 +3643,23 @@ ddocu.me: did not receive HSTS header ddos-mitigation.co.uk: could not connect to host ddos-mitigation.info: could not connect to host de-servers.de: could not connect to host +de-spil.be: could not connect to host deadmann.com: could not connect to host -deadsoul.net: max-age too low: 0 +deadsoul.net: could not connect to host +deanjerkovich.com: could not connect to host debank.tv: did not receive HSTS header debatch.se: could not connect to host debian-vhost.de: could not connect to host debiton.dk: could not connect to host debitoutil.com: did not receive HSTS header +debitpaie.com: did not receive HSTS header deborahmarinelli.eu: could not connect to host debtkit.co.uk: did not receive HSTS header debtprotectionreporting.com: did not receive HSTS header decafu.co: could not connect to host decentralizedweb.net: did not receive HSTS header decesus.com: could not connect to host -decibelios.li: could not connect to host +decibelios.li: max-age too low: 0 decloverly.com: did not receive HSTS header deco.me: could not connect to host decoboutique.com: did not receive HSTS header @@ -3367,10 +3674,10 @@ decoyrouting.com: could not connect to host dedeo.tk: did not receive HSTS header dedicatutiempo.es: could not connect to host dedietrich-asia.com: could not connect to host +deep.club: could not connect to host deepcovelabs.net: could not connect to host deepcreampie.com: could not connect to host deepearth.uk: could not connect to host -deephill.com: could not connect to host deeprecce.com: could not connect to host deeprecce.link: could not connect to host deeprecce.tech: could not connect to host @@ -3380,6 +3687,7 @@ deepvalley.tech: could not connect to host deepvision.com.ua: did not receive HSTS header deetz.nl: did not receive HSTS header deetzen.de: did not receive HSTS header +def-pos.ru: could not connect to host defi-metier.com: did not receive HSTS header defi-metier.fr: did not receive HSTS header defi-metier.org: could not connect to host @@ -3391,7 +3699,7 @@ defimetier.fr: could not connect to host defimetier.org: did not receive HSTS header defimetiers.com: did not receive HSTS header defimetiers.fr: did not receive HSTS header -degroetenvanrosaline.nl: did not receive HSTS header +degroetenvanrosaline.nl: could not connect to host deight.co: could not connect to host deight.in: could not connect to host dekasan.ru: could not connect to host @@ -3401,10 +3709,10 @@ deliberatedigital.com: [Exception... "Component returned failure code: 0x8000400 deliver.moe: did not receive HSTS header deliverance.co.uk: could not connect to host deloittequant.com: could not connect to host -deltaconcepts.de: did not receive HSTS header +deltaconcepts.de: could not connect to host delvj.org: could not connect to host -demandware.com: could not connect to host -demarche-expresse.com: could not connect to host +demandware.com: did not receive HSTS header +demarche-expresse.com: did not receive HSTS header demdis.org: could not connect to host demilitarized.ninja: could not connect to host demo-server.us: could not connect to host @@ -3413,8 +3721,6 @@ democracy.io: did not receive HSTS header democraticdifference.com: did not receive HSTS header demomanca.com: did not receive HSTS header demotops.com: could not connect to host -dempsters.ca: max-age too low: 86400 -dengchangdong.com: could not connect to host denh.am: did not receive HSTS header denisjean.fr: could not connect to host dennispotter.eu: did not receive HSTS header @@ -3431,12 +3737,14 @@ depedtayo.ph: could not connect to host depijl-mz.nl: did not receive HSTS header depixion.agency: could not connect to host depo.space: could not connect to host +deprobe.pro: could not connect to host +depth-co.jp: could not connect to host dequehablamos.es: could not connect to host derbyshiredotnet.co.uk: did not receive HSTS header derchris.me: could not connect to host derekseaman.com: did not receive HSTS header derekseaman.studio: did not receive HSTS header -derevtsov.com: did not receive HSTS header +derevtsov.com: could not connect to host derivativeshub.pro: could not connect to host derive.cc: could not connect to host dermacarecomplex.com: could not connect to host @@ -3463,31 +3771,38 @@ detecte-fuite.ch: could not connect to host detecte.ch: could not connect to host detectefuite.ch: could not connect to host detector.exposed: could not connect to host -detest.org: could not connect to host +detest.org: did not receive HSTS header dethikiemtra.com: did not receive HSTS header +detroitrocs.org: did not receive HSTS header detteflies.com: max-age too low: 7889238 detutorial.com: max-age too low: 36000 +deuchnord.fr: could not connect to host deusu.de: could not connect to host deusu.org: could not connect to host +deux.solutions: could not connect to host +deuxsol.co: could not connect to host +deuxsol.com: could not connect to host +deuxsolutions.com: could not connect to host deuxvia.com: could not connect to host dev: could not connect to host dev-aegon.azurewebsites.net: did not receive HSTS header dev-bluep.pantheonsite.io: did not receive HSTS header dev-talk.eu: did not receive HSTS header -dev-talk.net: could not connect to host +dev-talk.net: did not receive HSTS header devafterdark.com: could not connect to host devdesco.com: could not connect to host +devdom.io: max-age too low: 172800 develop.fitness: could not connect to host +developermail.io: did not receive HSTS header developersclub.website: could not connect to host developyourelement.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] devh.de: could not connect to host deviltraxxx.de: could not connect to host devin-balimuhac.de: did not receive HSTS header devincrow.me: could not connect to host -devinpacker.com: did not receive HSTS header +devinpacker.com: could not connect to host devisonline.ch: could not connect to host devistravaux.org: did not receive HSTS header -devkit.cc: could not connect to host devlux.ch: did not receive HSTS header devmsg.com: did not receive HSTS header devnsec.com: could not connect to host @@ -3495,15 +3810,16 @@ devnull.team: could not connect to host devopps.me: did not receive HSTS header devops.moe: could not connect to host devopsconnected.com: could not connect to host -devpsy.info: could not connect to host devtestfan1.gov: could not connect to host devtub.com: could not connect to host devuan.org: did not receive HSTS header dewebwerf.nl: did not receive HSTS header dewin.io: could not connect to host dfixit.com: could not connect to host +dfl.mn: could not connect to host dfrance.com.br: did not receive HSTS header dfviana.com.br: max-age too low: 2592000 +dgby.org: did not receive HSTS header dggwp.de: did not receive HSTS header dharamkot.com: could not connect to host dharma.ai: did not receive HSTS header @@ -3515,10 +3831,10 @@ dhub.xyz: could not connect to host dhxxls.com: could not connect to host diablotine.rocks: could not connect to host diabolic.chat: could not connect to host -diagnocentro.cl: could not connect to host diagnosia.com: did not receive HSTS header diagonale-deco.fr: did not receive HSTS header -diamondcare.com.br: could not connect to host +dialoegue.com: did not receive HSTS header +diamondcare.com.br: did not receive HSTS header diamondpkg.org: could not connect to host diamondt.us: did not receive HSTS header dianlujitao.com: did not receive HSTS header @@ -3534,13 +3850,14 @@ dicio.com.br: did not receive HSTS header dicionariofinanceiro.com: did not receive HSTS header dicionariopopular.com: did not receive HSTS header dick.red: could not connect to host -didierlaumen.be: could not connect to host -die-besten-weisheiten.de: did not receive HSTS header +dickpics.ru: could not connect to host +didierlaumen.be: did not receive HSTS header +die-besten-weisheiten.de: could not connect to host die-gruenen-teufel.de: could not connect to host dieb.photo: could not connect to host -diegobarrosmaia.com.br: could not connect to host diejanssens.net: did not receive HSTS header diemogebhardt.com: could not connect to host +dierencompleet.nl: did not receive HSTS header dierenkruiden.nl: did not receive HSTS header dieser.me: could not connect to host dietagespresse.com: did not receive HSTS header @@ -3551,12 +3868,15 @@ diggable.co: max-age too low: 2592000 digihyp.ch: could not connect to host digikol.net: could not connect to host diginota.com: did not receive HSTS header +digioccumss.ddns.net: could not connect to host digired.xyz: could not connect to host +digital1world.com: did not receive HSTS header digitalbank.kz: could not connect to host digitalcloud.ovh: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] digitalcraftmarketing.co.uk: did not receive HSTS header digitaldaddy.net: did not receive HSTS header digitalero.rip: did not receive HSTS header +digitalewelten.de: could not connect to host digitalexhale.com: did not receive HSTS header digitalhurricane.io: did not receive HSTS header digitalimpostor.co.uk: could not connect to host @@ -3572,7 +3892,7 @@ digiworks.se: did not receive HSTS header diguass.us: could not connect to host dijks.com: could not connect to host dikshant.net: could not connect to host -diletec.com.br: did not receive HSTS header +diletec.com.br: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] dillynbarber.com: did not receive HSTS header dim.lighting: could not connect to host dimes.com.tr: did not receive HSTS header @@ -3580,10 +3900,11 @@ dimitrisotiropoulosbooks.com: max-age too low: 7889238 din-tools.com: did not receive HSTS header dinamoelektrik.com: could not connect to host dingcc.com: could not connect to host -dingcc.me: could not connect to host -dingcc.org: did not receive HSTS header +dingcc.org: could not connect to host dingcc.xyz: could not connect to host +dingelbob-schuhcreme.gq: could not connect to host dingss.com: could not connect to host +dinheirolucrar.com: did not receive HSTS header dinkum.online: could not connect to host dinotv.at: could not connect to host dintillat.fr: could not connect to host @@ -3592,6 +3913,7 @@ dionysus.se: could not connect to host dipconsultants.com: could not connect to host direct2uk.com: could not connect to host directhskincream.com: could not connect to host +directinsure.in: did not receive HSTS header directorinegocis.cat: could not connect to host directtwo.solutions: could not connect to host directtwosolutions.org: could not connect to host @@ -3599,9 +3921,10 @@ directwatertanks.co.uk: did not receive HSTS header direnv.net: did not receive HSTS header direwolfsoftware.ca: could not connect to host dirk-weise.de: could not connect to host +dirkwolf.de: could not connect to host dirtycat.ru: could not connect to host disadattamentolavorativo.it: could not connect to host -disclosure.io: could not connect to host +disclosure.io: did not receive HSTS header disco-crazy-world.de: could not connect to host discord-chan.net: could not connect to host discountmania.eu: did not receive HSTS header @@ -3612,13 +3935,13 @@ discoverrsv.com: did not receive HSTS header discoverwellness.center: did not receive HSTS header discovery.lookout.com: did not receive HSTS header discoveryballoon.org: could not connect to host -discoveryottawa.ca: did not receive HSTS header disking.co.uk: did not receive HSTS header dislocated.de: did not receive HSTS header +dismail.de: did not receive HSTS header disorderboutique.com: did not receive HSTS header -displayideas.gr: max-age too low: 0 disruptivelabs.net: could not connect to host disruptivelabs.org: could not connect to host +dissieux.com: did not receive HSTS header dissimulo.me: could not connect to host distinctivephotography.com.au: could not connect to host distinguishedwindows.co.uk: did not receive HSTS header @@ -3630,35 +3953,34 @@ dittvertshus.no: could not connect to host diva-ey.com: could not connect to host divegearexpress.com.cn: did not receive HSTS header diversity-spielzeug.de: did not receive HSTS header -divingwithnic.com: could not connect to host divvi.co.nz: did not receive HSTS header -divvymonkey.com: did not receive HSTS header divvyradio.com: did not receive HSTS header diwei.vip: did not receive HSTS header dixiediner.com: did not receive HSTS header dixmag.com: could not connect to host -diz.in.ua: could not connect to host +diz.in.ua: did not receive HSTS header dizihocasi.com: could not connect to host dizorg.net: could not connect to host dj4et.de: could not connect to host -djieno.com: could not connect to host djul.net: could not connect to host djxmmx.net: did not receive HSTS header -djz4music.com: did not receive HSTS header dkniss.de: could not connect to host dko-steiermark.ml: did not receive HSTS header dl.google.com: did not receive HSTS header (error ignored - included regardless) -dlbouncers.co.uk: did not receive HSTS header +dlbouncers.co.uk: could not connect to host dlc.viasinc.com: could not connect to host dlemper.de: did not receive HSTS header +dlouwrink.nl: could not connect to host dlyl888.com: could not connect to host dmarketer.com: did not receive HSTS header dmcglobaltravel.com.mx: did not receive HSTS header dmcibulldog.com: did not receive HSTS header dmdre.com: did not receive HSTS header dmenergy.ru: did not receive HSTS header +dmfd.net: could not connect to host dmix.ca: could not connect to host dmlogic.com: could not connect to host +dmmkenya.co.ke: could not connect to host dmtry.me: did not receive HSTS header dmwall.cn: could not connect to host dmz.ninja: could not connect to host @@ -3666,19 +3988,21 @@ dnmaze.com: could not connect to host dns.google.com: did not receive HSTS header (error ignored - included regardless) dnsbird.net: could not connect to host dnsbird.org: could not connect to host -dnscrypt.org: could not connect to host +dnscrypt.nl: could not connect to host +dnscrypt.org: max-age too low: 0 dnsknowledge.com: did not receive HSTS header dnsql.io: could not connect to host do-do.tk: could not connect to host doak.io: did not receive HSTS header dobet.in: could not connect to host -doc-justice.com: could not connect to host +dobsnet.net: could not connect to host +doc-justice.com: did not receive HSTS header docid.io: could not connect to host +dockerturkiye.com: could not connect to host docket.news: could not connect to host -doclot.io: did not receive HSTS header +doclot.io: could not connect to host docplexus.in: did not receive HSTS header docset.io: could not connect to host -doctorsonmaps.com: could not connect to host docufiel.com: could not connect to host doculus.io: did not receive HSTS header documentations-sociales.com: could not connect to host @@ -3691,6 +4015,7 @@ dogespeed.ga: could not connect to host doggieholic.net: could not connect to host dognlife.com: could not connect to host dogoodbehappyllc.com: did not receive HSTS header +dogprograms.net: could not connect to host dohosting.ru: could not connect to host dojifish.space: could not connect to host dojin.nagoya: could not connect to host @@ -3702,8 +4027,9 @@ dollarstore24.com: could not connect to host dollywiki.co.uk: could not connect to host dolphin-cloud.com: could not connect to host dolphin-hosting.com: could not connect to host -dolphincorp.co.uk: did not receive HSTS header +dolphincorp.co.uk: could not connect to host dolphinswithlasers.com: could not connect to host +dolt.xyz: did not receive HSTS header domaine-aigoual-cevennes.com: did not receive HSTS header domainelaremejeanne.com: did not receive HSTS header domaris.de: did not receive HSTS header @@ -3713,17 +4039,18 @@ domenicocatelli.com: did not receive HSTS header domfee.com: could not connect to host dominikanskarepubliken.guide: could not connect to host dominioanimal.com: could not connect to host -dominique-mueller.de: did not receive HSTS header +dominique-mueller.de: could not connect to host don.yokohama: could not connect to host donateway.com: did not receive HSTS header dong8.top: could not connect to host donhoward.org: did not receive HSTS header donmez.uk: could not connect to host donmez.ws: could not connect to host +donnoval.ru: could not connect to host donotcall.gov: did not receive HSTS header donotspampls.me: could not connect to host donotspellitgav.in: did not receive HSTS header -donsbach-edv.de: did not receive HSTS header +donpaginasweb.com: did not receive HSTS header donthedragonwilson.com: could not connect to host dontpayfull.com: did not receive HSTS header donttrustrobots.nl: could not connect to host @@ -3735,22 +4062,20 @@ dooku.cz: could not connect to host doomleika.com: did not receive HSTS header doooonoooob.com: could not connect to host dopost.it: could not connect to host -dorfbaeck.at: did not receive HSTS header -doridian.com: could not connect to host -doridian.de: could not connect to host -doridian.org: could not connect to host doriginal.es: did not receive HSTS header dorkfarm.com: did not receive HSTS header dormebebe.com.br: could not connect to host dosipe.com: could not connect to host doska.kz: could not connect to host dostavkakurierom.ru: could not connect to host -dot42.no: could not connect to host +dotacni-parazit.cz: could not connect to host dotadata.me: could not connect to host +dotb.dn.ua: did not receive HSTS header dotbrick.co.th: did not receive HSTS header dotkod.com: could not connect to host dotnetsandbox.ca: could not connect to host dotspaperie.com: could not connect to host +doubleaste.com: did not receive HSTS header doublethink.online: could not connect to host doubleyummy.uk: did not receive HSTS header dougferris.id.au: could not connect to host @@ -3766,14 +4091,15 @@ download.jitsi.org: did not receive HSTS header downsouthweddings.com.au: did not receive HSTS header doyoulyft.com: could not connect to host dpangerl.de: did not receive HSTS header -dpg.no: could not connect to host dps.srl: did not receive HSTS header dpsart.it: did not receive HSTS header +dr-knirr.de: could not connect to host dr2dr.ca: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] -drabim.org: did not receive HSTS header +drabbin.com: could not connect to host draghive.club: did not receive HSTS header draghive.net: could not connect to host draghive.photos: did not receive HSTS header +dragoncityhack.tips: could not connect to host dragonisles.net: could not connect to host dragons-of-highlands.cz: did not receive HSTS header dragonsmoke.cloud: could not connect to host @@ -3789,7 +4115,7 @@ drastosasports.com.br: could not connect to host drawvesly.ovh: did not receive HSTS header drdevil.ru: could not connect to host dreadbyte.com: could not connect to host -dreadd.org: did not receive HSTS header +dreadd.org: could not connect to host dreamaholic.club: could not connect to host dreamcatcherblog.de: could not connect to host dreaming.solutions: could not connect to host @@ -3797,7 +4123,7 @@ dreamlighteyeserum.com: could not connect to host dreamof.net: could not connect to host dreamsforabetterworld.com.au: did not receive HSTS header dredgepress.com: did not receive HSTS header -dreischneidiger.de: did not receive HSTS header +dreischneidiger.de: could not connect to host dreizwosechs.de: could not connect to host drewgle.net: could not connect to host drhopeson.com: could not connect to host @@ -3831,7 +4157,7 @@ droomhuis-in-zeeland-kopen.nl: could not connect to host droomhuis-in-zuid-holland-kopen.nl: could not connect to host droomhuisindestadverkopen.nl: could not connect to host droomhuisophetplattelandverkopen.nl: could not connect to host -dropcam.com: did not receive HSTS header +dropcam.com: could not connect to host drostschocolates.com: did not receive HSTS header drpure.pw: did not receive HSTS header drtroyhendrickson.com: could not connect to host @@ -3839,7 +4165,6 @@ drtti.io: could not connect to host drturner.com.au: did not receive HSTS header drugagodba.si: did not receive HSTS header drumbandesperanto.nl: could not connect to host -drummondframing.com: could not connect to host drupal123.com: could not connect to host druznek.rocks: could not connect to host druznek.xyz: could not connect to host @@ -3849,8 +4174,11 @@ drybasementkansas.com: did not receive HSTS header drycreekapiary.com: could not connect to host ds-christiansen.de: could not connect to host dshiv.io: could not connect to host +dsouzamusic.com: could not connect to host +dsuinnovation.com: could not connect to host +dsyunmall.com: could not connect to host +dtp-mstdn.jp: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] dtub.co: could not connect to host -dtx.sk: could not connect to host duan.li: could not connect to host dubik.su: did not receive HSTS header duckyubuntu.tk: could not connect to host @@ -3858,8 +4186,8 @@ ducohosting.com: did not receive HSTS header dudesunderwear.com.br: could not connect to host duelsow.eu: could not connect to host duelysthub.com: could not connect to host -duerls.de: did not receive HSTS header -duesee.org: could not connect to host +duerls.de: could not connect to host +dugnet.tech: could not connect to host dujsq.com: could not connect to host dujsq.top: could not connect to host dukec.me: did not receive HSTS header @@ -3867,42 +4195,47 @@ dukefox.com: could not connect to host duks.com.br: did not receive HSTS header dullsir.com: did not receive HSTS header dunashoes.com: could not connect to host -dune.io: could not connect to host +dundalkdonnie.com: could not connect to host +dune.io: did not receive HSTS header dunea.nl: did not receive HSTS header dung-massage.fr: did not receive HSTS header -dungi.org: did not receive HSTS header +dunklau.fr: could not connect to host duo.money: could not connect to host duole30.com: could not connect to host -duoluodeyu.com: could not connect to host duongpho.com: did not receive HSTS header durangoenergyllc.com: could not connect to host dushu.cat: could not connect to host duskopy.top: could not connect to host +dutchessuganda.com: did not receive HSTS header dutchrank.com: did not receive HSTS header dutyfreeonboard.com: did not receive HSTS header duuu.ch: could not connect to host duyao.de: max-age too low: 86400 -dv189.com: did not receive HSTS header dvotx.org: did not receive HSTS header dwellstudio.com: did not receive HSTS header dwhd.org: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] dwnld.me: could not connect to host dycem-ns.com: did not receive HSTS header +dycoa.com: did not receive HSTS header dycontrol.de: could not connect to host dylanscott.com.au: did not receive HSTS header dynamic-innovations.net: could not connect to host dynamic-networks.be: could not connect to host +dynamictostatic.com: could not connect to host dynamize.solutions: did not receive HSTS header +dyncdn.me: could not connect to host dynts.pro: could not connect to host +dyz.pw: did not receive HSTS header dziekonski.com: could not connect to host dzimejl.sk: did not receive HSTS header dzlibs.io: could not connect to host +dzsibi.com: could not connect to host dzytdl.com: did not receive HSTS header e-aut.net: could not connect to host -e-baraxolka.ru: could not connect to host e-deca2.org: did not receive HSTS header e-isfa.eu: did not receive HSTS header e-mak.eu: could not connect to host +e-migration.ch: could not connect to host e-newshub.com: could not connect to host e-pokupki.eu: did not receive HSTS header e-rickroll-r.pw: could not connect to host @@ -3917,6 +4250,7 @@ e3amn2l.com: could not connect to host e3kids.com: did not receive HSTS header e3q.de: could not connect to host e505.net: did not receive HSTS header +e51888.com: could not connect to host eagle-aluminum.com: did not receive HSTS header eagle-yard.de: could not connect to host eagleridgecampground.com: could not connect to host @@ -3927,6 +4261,7 @@ earlybirdsnacks.com: could not connect to host earth-people.org: could not connect to host earthrise16.com: could not connect to host easew.com: could not connect to host +eastcoastinflatables.co.uk: did not receive HSTS header easthokkaido-5airport.jp: did not receive HSTS header eastmidlandsstargazers.org.uk: did not receive HSTS header eastmontgroup.com: did not receive HSTS header @@ -3934,9 +4269,10 @@ easy-factures.fr: could not connect to host easychiller.org: could not connect to host easykonto.de: could not connect to host easyplane.it: did not receive HSTS header -easysimplecrm.com: did not receive HSTS header -eat-mine.ml: max-age too low: 0 +easyreal.ru: could not connect to host +easysimplecrm.com: could not connect to host eat-the-world.ch: could not connect to host +eat4happiness.com: did not receive HSTS header eatfitoutlet.com.br: could not connect to host eatlowcarb.de: did not receive HSTS header eattherich.us: did not receive HSTS header @@ -3960,9 +4296,11 @@ eccux.com: could not connect to host ecfs.link: could not connect to host ecg.fr: could not connect to host echipstore.com: did not receive HSTS header -echomanchester.net: did not receive HSTS header +echo.cc: could not connect to host +echomanchester.net: could not connect to host echoteen.com: did not receive HSTS header eckro.com: did not receive HSTS header +ecodedi.com: did not receive HSTS header ecole-en-danger.fr: could not connect to host ecole-iaf.fr: could not connect to host ecole-maternelle-saint-joseph.be: could not connect to host @@ -3972,13 +4310,13 @@ ecomlane.com: could not connect to host ecomparemo.com: did not receive HSTS header econativa.pt: could not connect to host economy.st: did not receive HSTS header +economycarrentalscyprus.com: could not connect to host ecorus.eu: did not receive HSTS header +ecosoftconsult.com: could not connect to host ecotruck-pooling.com: did not receive HSTS header -ecpannualmeeting.com: could not connect to host ecrimex.net: did not receive HSTS header ectora.com: could not connect to host ed-matters.org: did not receive HSTS header -edanni.io: could not connect to host edati.lv: could not connect to host edcphenix.tk: could not connect to host eddmixpanel.com: could not connect to host @@ -3989,30 +4327,33 @@ eden-noel.at: could not connect to host edenaya.com: could not connect to host edenmal.net: did not receive HSTS header edenvaleplumber24-7.co.za: did not receive HSTS header +edenvalerubbleremovals.co.za: did not receive HSTS header edgecustomersportal.com: could not connect to host edgereinvent.com: did not receive HSTS header +edh.email: did not receive HSTS header edhrealtor.com: did not receive HSTS header edilservizi.it: did not receive HSTS header edilservizivco.it: did not receive HSTS header -ediscomp.sk: did not receive HSTS header +edisonchee.com: could not connect to host edissecurity.sk: did not receive HSTS header edition-pommern.com: did not receive HSTS header editoraacademiacrista.com.br: could not connect to host edix.ru: could not connect to host edk.com.tr: did not receive HSTS header -edpubs.gov: could not connect to host edsh.de: did not receive HSTS header +eduardnikolenko.com: could not connect to host +eduardnikolenko.ru: could not connect to host educaid.be: did not receive HSTS header educatio.tech: could not connect to host educatoys.com.br: could not connect to host educatweb.de: did not receive HSTS header educnum.fr: did not receive HSTS header educourse.ga: could not connect to host -eductf.org: could not connect to host eduif.nl: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] eduvance.in: did not receive HSTS header +edvgarbe.de: could not connect to host ee-terminals.com: could not connect to host -eeb98.com: did not receive HSTS header +eeb98.com: could not connect to host eeetrust.org: could not connect to host eenekorea.com: could not connect to host eengezinswoning-in-alphen-aan-den-rijn-kopen.nl: could not connect to host @@ -4028,12 +4369,16 @@ eengezinswoning-in-zuidplas-kopen.nl: could not connect to host eengezinswoning-in-zwartewaterland-kopen.nl: could not connect to host eengezinswoningverkopen.nl: could not connect to host eenhoorn.ga: could not connect to host +eeqj.com: did not receive HSTS header eesistumine2017.ee: could not connect to host eez.ee: could not connect to host effectiveosgi.com: could not connect to host +effectivepapers.com: could not connect to host efficienthealth.com: did not receive HSTS header effortlesshr.com: did not receive HSTS header +efinity.io: did not receive HSTS header eftcorp.biz: max-age too low: 0 +egfl.org.uk: did not receive HSTS header egge.com: max-age too low: 0 egit.co: could not connect to host ego-world.org: did not receive HSTS header @@ -4047,12 +4392,17 @@ ehuber.info: could not connect to host eicfood.com: could not connect to host eidolonhost.com: did not receive HSTS header eifelindex.de: did not receive HSTS header +eiga-movie.com: max-age too low: 0 eigenbubi.de: could not connect to host +eightyfour.ca: could not connect to host eigo.work: could not connect to host -eimanavicius.lt: did not receive HSTS header +eimanavicius.lt: could not connect to host einfachmaldiefressehalten.de: could not connect to host einhorn.space: could not connect to host +einmonolog.de: could not connect to host einsatzstiefel.info: could not connect to host +einsit.com: could not connect to host +einsitapis.com: could not connect to host ejgconsultancy.co.uk: did not receive HSTS header ejusu.com: did not receive HSTS header ekbanden.nl: could not connect to host @@ -4067,13 +4417,15 @@ elanguest.ro: could not connect to host elanguest.ru: could not connect to host elaxy-online.de: could not connect to host elblein.de: did not receive HSTS header +elderoost.com: could not connect to host elearningpilot.com: did not receive HSTS header -electicofficial.com: could not connect to host +electicofficial.com: did not receive HSTS header electricalcontrolpanels.co.uk: could not connect to host electricant.com: did not receive HSTS header electricant.nl: did not receive HSTS header electriccitysf.com: could not connect to host -electrician-umhlanga.co.za: could not connect to host +electricfencealberton.co.za: did not receive HSTS header +electrician-umhlanga.co.za: did not receive HSTS header electricianforum.co.uk: did not receive HSTS header electricianumhlangarocks.co.za: did not receive HSTS header electricoperaduo.com: did not receive HSTS header @@ -4082,7 +4434,7 @@ eled.io: could not connect to host elektronring.com: could not connect to host element-43.com: did not receive HSTS header elementalict.com: did not receive HSTS header -elementalrobotics.com: did not receive HSTS header +elementalrobotics.com: could not connect to host elemenx.com: did not receive HSTS header elemprendedor.com.ve: could not connect to host elena-baykova.ru: did not receive HSTS header @@ -4094,29 +4446,30 @@ eleonorengland.com: did not receive HSTS header eletesstilus.hu: could not connect to host elevateandprosper.com: could not connect to host elgacien.de: could not connect to host -elglobo.com.mx: max-age too low: 86400 elguillatun.cl: did not receive HSTS header elhall.pro: did not receive HSTS header elhall.ru: did not receive HSTS header +elia.cloud: could not connect to host elias-nicolas.com: could not connect to host eliasojala.me: did not receive HSTS header elimdengelen.com: did not receive HSTS header eliott.be: could not connect to host -elistor6100.xyz: did not receive HSTS header elite-box.com: did not receive HSTS header elite-box.org: did not receive HSTS header +elite-porno.ru: could not connect to host elitecovering.fr: did not receive HSTS header elitefishtank.com: could not connect to host -elitesensual.com.br: did not receive HSTS header -ellegaard.dk: could not connect to host +elitesensual.com.br: could not connect to host ellen-skye.de: max-age too low: 604800 elliotgluck.com: did not receive HSTS header +elliquiy.com: could not connect to host elmar-kraamzorg.nl: did not receive HSTS header elna-service.com.ua: did not receive HSTS header elnutricionista.es: could not connect to host elohna.ch: did not receive HSTS header elonbase.com: could not connect to host elpay.kz: did not receive HSTS header +elpo.net: could not connect to host elpo.xyz: could not connect to host elsamakhin.com: could not connect to host elsemanario.com: did not receive HSTS header @@ -4124,16 +4477,21 @@ elsensohn.ch: did not receive HSTS header elsitar.com: could not connect to host elsword.moe: could not connect to host eltransportquevolem.org: could not connect to host +eltrox.me: could not connect to host +elyisus.info: could not connect to host elytronsecurity.com: could not connect to host email.lookout.com: could not connect to host email2rss.net: could not connect to host emanatepixels.com: could not connect to host emanga.su: did not receive HSTS header -emavok.eu: did not receive HSTS header +emanuelduss.ch: did not receive HSTS header +emavok.eu: could not connect to host embellir-aroma.com: could not connect to host embellir-kyujin.com: could not connect to host embracethedarkness.co.uk: could not connect to host embroidered-stuff.com: could not connect to host +embudospro.net: did not receive HSTS header +emedworld.com: did not receive HSTS header emeldi-commerce.com: max-age too low: 0 emergencymedicinefoundations.com: did not receive HSTS header emergentvisiontec.com: did not receive HSTS header @@ -4146,6 +4504,7 @@ eminovic.me: could not connect to host emjainteractive.com: did not receive HSTS header emjimadhu.com: could not connect to host emmable.com: could not connect to host +emmaliddell.com: did not receive HSTS header emmanuelle-et-julien.ch: could not connect to host emmdy.com: did not receive HSTS header emmehair.com: could not connect to host @@ -4162,11 +4521,14 @@ employeestore.org: did not receive HSTS header emporiovinareal.com.br: could not connect to host empty-r.com: could not connect to host emptypath.com: did not receive HSTS header +emyself.info: could not connect to host en4u.org: could not connect to host enaia.fr: did not receive HSTS header +encadrer-mon-enfant.com: did not receive HSTS header encode.space: could not connect to host encode.uk.com: did not receive HSTS header encoder.pw: could not connect to host +encoderx.uk: could not connect to host encontrebarato.com.br: did not receive HSTS header encrypted.google.com: did not receive HSTS header (error ignored - included regardless) encryptedaudience.com: could not connect to host @@ -4184,24 +4546,31 @@ endohaus.us: could not connect to host endspamwith.us: could not connect to host enecoshop.nl: did not receive HSTS header enefan.jp: could not connect to host +energethik-tulln.at: did not receive HSTS header +enersaveapp.org: could not connect to host +enersec.co.uk: could not connect to host +enfoqueseguro.com: did not receive HSTS header enginsight.com: did not receive HSTS header +enginx.cn: could not connect to host englerts.de: did not receive HSTS header +englishclub.com: did not receive HSTS header englishdirectory.de: could not connect to host englishyamal.ru: did not receive HSTS header enigmacpt.com: did not receive HSTS header enigmail.net: did not receive HSTS header -enixgaming.com: could not connect to host enjen.net: did not receive HSTS header enjoymayfield.com: max-age too low: 0 -enlighten10x.ga: max-age too low: 0 +enjoystudio.ro: did not receive HSTS header +enlatte.com: did not receive HSTS header +enlightened.si: could not connect to host enoou.com: could not connect to host -enpalmademallorca.info: did not receive HSTS header +enpalmademallorca.info: could not connect to host ensemble-vos-idees.fr: could not connect to host entaurus.com: could not connect to host enteente.club: could not connect to host +enteente.com: could not connect to host enteente.space: could not connect to host enteente.xyz: could not connect to host -entercenter.ru: could not connect to host enterdev.co: did not receive HSTS header enterprisecarclub.co.uk: did not receive HSTS header enterprivacy.com: did not receive HSTS header @@ -4211,22 +4580,46 @@ entrepreneur.or.id: could not connect to host enum.eu.org: could not connect to host enumify.com: could not connect to host envelope.co.nz: could not connect to host +enviam.de: did not receive HSTS header enviapresentes.com.br: could not connect to host enviatufoto.com: max-age too low: 604800 +environment.ai: could not connect to host +envoyworld.com: did not receive HSTS header envygeeks.com: could not connect to host eol34.com: could not connect to host eoldb.org: could not connect to host eolme.ml: could not connect to host epanurse.com: could not connect to host epaygateway.net: could not connect to host -epdeveloperchallenge.com: did not receive HSTS header +ephe.be: could not connect to host ephry.com: could not connect to host epicmc.games: could not connect to host epitesz.co: did not receive HSTS header +epos-distributor.co.uk: could not connect to host +eposbirmingham.co.uk: could not connect to host +eposbrighton.co.uk: could not connect to host +eposbristol.co.uk: could not connect to host +eposcardiff.co.uk: could not connect to host eposcloud.net: could not connect to host +eposkent.co.uk: could not connect to host +eposleeds.co.uk: could not connect to host +eposleicester.co.uk: could not connect to host +eposliverpool.co.uk: could not connect to host +eposlondon.co.uk: could not connect to host +eposmidlands.co.uk: could not connect to host +eposnewport.co.uk: could not connect to host +eposnottingham.co.uk: could not connect to host +eposreading.co.uk: could not connect to host +eposreview.co.uk: could not connect to host +epossheffield.co.uk: could not connect to host +epossurrey.co.uk: could not connect to host +epossussex.co.uk: could not connect to host +eposswansea.co.uk: could not connect to host +epossystems.co.uk: could not connect to host +eposwales.co.uk: could not connect to host +eposyork.co.uk: could not connect to host epoxate.com: could not connect to host eprofitacademy.com: did not receive HSTS header -epsilon.dk: could not connect to host eq8.net.au: could not connect to host eqib.nl: did not receive HSTS header eqim.me: could not connect to host @@ -4250,55 +4643,71 @@ ericloud.tk: could not connect to host ericorporation.com: did not receive HSTS header ericyl.com: did not receive HSTS header eriel.com.br: could not connect to host -eriser.fr: did not receive HSTS header +erikwagner.de: did not receive HSTS header +erinlin.com: did not receive HSTS header +eriser.fr: could not connect to host ernaehrungsberatung-rapperswil.ch: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] ernaehrungsberatung-zurich.ch: could not connect to host ernesto.at: could not connect to host eroimatome.com: could not connect to host eromixx.com: could not connect to host +eroskines.com: did not receive HSTS header erotalia.es: could not connect to host erotic4me.ch: did not receive HSTS header -eroticforce.com: could not connect to host erotische-aanbiedingen.nl: could not connect to host +erotpo.cz: could not connect to host errolz.com: did not receive HSTS header errors.zenpayroll.com: could not connect to host erspro.net: could not connect to host eru.me: did not receive HSTS header erwinvanlonden.net: did not receive HSTS header +es8888.net: could not connect to host es888999.com: could not connect to host -esaborit.ddns.net: could not connect to host esafar.cz: did not receive HSTS header esb111.com: could not connect to host esb111.net: could not connect to host esb112.com: could not connect to host esb112.net: could not connect to host +esb1668.com: could not connect to host esb16888.com: could not connect to host +esb17888.com: could not connect to host esb222.net: could not connect to host esb555.com: could not connect to host +esb556.com: could not connect to host esb666.com: could not connect to host esb666.net: could not connect to host esb66666.com: could not connect to host esb688.com: could not connect to host esb68888.com: could not connect to host +esb777.cc: could not connect to host +esb777.com: could not connect to host +esb777.net: could not connect to host esb777.us: could not connect to host esb9588.info: did not receive HSTS header esb999.biz: could not connect to host +esb999.com: could not connect to host +esb999.info: could not connect to host esb999.us: could not connect to host +esba11.cc: could not connect to host +esba11.net: could not connect to host esba11.us: could not connect to host esball.in: could not connect to host +esball888.com: could not connect to host +esball888.net: could not connect to host esbuilders.co.nz: did not receive HSTS header -escael.org: did not receive HSTS header escalate.eu: could not connect to host escapees.com: did not receive HSTS header escolaengenharia.com.br: did not receive HSTS header escort-fashion.com: could not connect to host escortdisplay.com: could not connect to host -escortshotsexy.com: max-age too low: 2592000 +escortshotsexy.com: could not connect to host escotour.com: did not receive HSTS header escueladewordpress.com: did not receive HSTS header esec.rs: did not receive HSTS header eseth.de: did not receive HSTS header esh.ink: could not connect to host +eshepperd.com: did not receive HSTS header +eshtapay.com: could not connect to host esko.bar: could not connect to host esln.org: did not receive HSTS header esn-ypci.com: did not receive HSTS header @@ -4311,9 +4720,14 @@ espacemontmorency.com: did not receive HSTS header especificosba.com.mx: could not connect to host espo.com.ua: did not receive HSTS header espra.com: could not connect to host -espressivo.com.br: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] +espressivo.com.br: did not receive HSTS header +esprit-cloture.fr: did not receive HSTS header esquonic.com: could not connect to host esrs.gov: could not connect to host +essayforum.com: could not connect to host +essaylib.com: could not connect to host +essayscam.org: could not connect to host +essayshark.com: could not connect to host essenceofvitalitydetox.com: could not connect to host essential12.com: could not connect to host essentialoilsimports.com: could not connect to host @@ -4323,11 +4737,13 @@ esseriumani.com: could not connect to host essexghosthunters.co.uk: did not receive HSTS header essplusmed.org: could not connect to host estaciona.guru: could not connect to host +estaleiro.org: could not connect to host estebanborges.com: did not receive HSTS header estespr.com: did not receive HSTS header estilosapeca.com: could not connect to host estland.guide: could not connect to host -estoic.net: could not connect to host +estoqueinformatica.com.br: could not connect to host +estudioamazonico.com: could not connect to host et-buchholz.de: could not connect to host et180.com: could not connect to host etangs-magazine.com: could not connect to host @@ -4348,20 +4764,20 @@ ethicall.org.uk: did not receive HSTS header ethil-faer.fr: could not connect to host ethiobaba.com: could not connect to host etidni.help: did not receive HSTS header -etincelle.ml: could not connect to host etk2000.com: did not receive HSTS header etmirror.top: could not connect to host etmirror.xyz: could not connect to host etoto.pl: did not receive HSTS header etproxy.tech: could not connect to host ets2mp.de: did not receive HSTS header +etskinner.com: did not receive HSTS header +etskinner.net: could not connect to host etsysecure.com: could not connect to host -ettebiz.com: did not receive HSTS header +ettebiz.com: max-age too low: 0 etula.ga: could not connect to host etula.me: could not connect to host etys.no: did not receive HSTS header euanbaines.com: did not receive HSTS header -eucl3d.com: could not connect to host euclideanpostulates.xyz: could not connect to host eucollegetours.com: could not connect to host euexia.fr: could not connect to host @@ -4373,35 +4789,38 @@ eung.ga: could not connect to host eupbor.com: could not connect to host euph.eu: could not connect to host eupho.me: could not connect to host -eupresidency2018.com: did not receive HSTS header +eupresidency2018.com: could not connect to host euren.se: could not connect to host eurocamping.se: could not connect to host euroescortguide.com: could not connect to host -europeancupinline.eu: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] euroshop24.net: could not connect to host +euroskano.nl: did not receive HSTS header eurospecautowerks.com: did not receive HSTS header eurostrategy.vn.ua: could not connect to host -eurotime.ua: could not connect to host evanhandgraaf.nl: did not receive HSTS header evankurniawan.com: did not receive HSTS header +evapp.org: could not connect to host evasion-energie.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] evasioncreole.com: could not connect to host evdenevenakliyatankara.pw: could not connect to host evecalm.com: did not receive HSTS header evedanjailbreak.com: could not connect to host -evegalaxy.net: did not receive HSTS header +evegalaxy.net: could not connect to host +evenstar-gaming.com: could not connect to host event64.ru: did not receive HSTS header eventmake.es: could not connect to host +eventplace.me: did not receive HSTS header events12.com: did not receive HSTS header -eventsafrica.net: did not receive HSTS header +eventsafrica.net: could not connect to host everyarti.st: could not connect to host everybooks.com: could not connect to host +everyday.eu.org: could not connect to host everydaytherich.com: max-age too low: 7776000 -everygayporn.com: could not connect to host +everydaywot.com: could not connect to host everygayporn.xyz: could not connect to host everylab.org: could not connect to host everymove.org: could not connect to host -everything.place: did not receive HSTS header +everything.place: could not connect to host everytruckjob.com: did not receive HSTS header eveseat.net: could not connect to host eveshaiwu.com: could not connect to host @@ -4419,37 +4838,40 @@ evowl.com: could not connect to host ewallet-optimizer.com: did not receive HSTS header ewex.org: could not connect to host eworksmedia.com: could not connect to host +exampleessays.com: could not connect to host excelgum.ca: did not receive HSTS header exceptionalbits.com: did not receive HSTS header -exceptionalservers.com: did not receive HSTS header exceptionalservices.us: could not connect to host exchangecoordinator.com: could not connect to host -execution.biz.tr: could not connect to host exembit.com: did not receive HSTS header exfiles.cz: did not receive HSTS header +exgaywatch.com: could not connect to host exgravitus.com: could not connect to host exno.co: could not connect to host exo.do: could not connect to host +exoticads.com: could not connect to host exousiakaidunamis.xyz: could not connect to host expanddigital.media: did not receive HSTS header expatads.com: could not connect to host +expatriate.pl: did not receive HSTS header +expecting.com.br: could not connect to host experticon.com: did not receive HSTS header -expertmile.com: could not connect to host +expertmile.com: did not receive HSTS header explodie.org: could not connect to host explodingcamera.com: did not receive HSTS header exploit-db.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] exploit.cz: did not receive HSTS header -expo-designers.com: did not receive HSTS header -expo-larionov.org: did not receive HSTS header +expo-designers.com: could not connect to host +expokohler.com: could not connect to host expoort.com.br: could not connect to host expoundite.net: could not connect to host expowerhps.com: did not receive HSTS header +expressemotion.net: could not connect to host expressfinance.co.za: did not receive HSTS header -extensibility.biz.tr: could not connect to host exteriorservices.io: could not connect to host extramoney.cash: did not receive HSTS header extrathemeshowcase.net: could not connect to host -extratorrent.cool: did not receive HSTS header +extratorrent.cool: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] extratorrent.fyi: could not connect to host extratorrent.red: could not connect to host extratorrent.world: could not connect to host @@ -4458,15 +4880,18 @@ extratorrents.tech: could not connect to host extreemhost.nl: did not receive HSTS header extremenetworking.net: could not connect to host exy.pw: could not connect to host +eyasc.nl: did not receive HSTS header eyedarts.com: did not receive HSTS header eyeglassuniverse.com: did not receive HSTS header eyenote.gov: did not receive HSTS header eyes-of-universe.eu: did not receive HSTS header eyesoccer-didikh.rhcloud.com: could not connect to host +eyps.net: did not receive HSTS header eytosh.net: could not connect to host ez.fi: could not connect to host ezimoeko.net: could not connect to host ezmod.org: could not connect to host +eznfe.com: could not connect to host ezorgportaal.nl: could not connect to host ezrefurb.co.uk: did not receive HSTS header eztv.ch: did not receive HSTS header @@ -4476,11 +4901,13 @@ f00.ca: did not receive HSTS header f1bigpicture.com: could not connect to host f2f.cash: could not connect to host f42.net: could not connect to host +f5movies.top: could not connect to host f8842.com: could not connect to host f9digital.com: did not receive HSTS header faber.io: could not connect to host faberusa.com: did not receive HSTS header fabhub.io: could not connect to host +fabian-fingerle.de: could not connect to host fabian-kluge.de: could not connect to host fabianfischer.de: did not receive HSTS header fabianmunoz.com: did not receive HSTS header @@ -4489,6 +4916,7 @@ fabled.com: did not receive HSTS header fabriko.fr: did not receive HSTS header fabulouslyyouthfulskin.com: could not connect to host fabulouslyyouthfulskineyeserum.com: could not connect to host +facebattle.com: could not connect to host facebook.ax: could not connect to host facebooktsukaikata.net: did not receive HSTS header facesnf.com: could not connect to host @@ -4506,27 +4934,25 @@ fafatiger.com: could not connect to host fag.wtf: could not connect to host fahmed.de: did not receive HSTS header faidanoi.it: did not receive HSTS header -fail4free.de: did not receive HSTS header failproof.be: max-age too low: 604800 faircom.co.za: did not receive HSTS header fairkey.dk: did not receive HSTS header fairlyoddtreasures.com: did not receive HSTS header faisalshuvo.com: did not receive HSTS header -faithindemocracy.eu: did not receive HSTS header faizan.net: did not receive HSTS header faizan.xyz: did not receive HSTS header -fakeletters.org: did not receive HSTS header +fakeletters.org: could not connect to host faktura.pl: did not receive HSTS header falcibiosystems.org: did not receive HSTS header falconwiz.com: did not receive HSTS header -falkhusemann.de: could not connect to host falkp.no: did not receive HSTS header falkus.net: could not connect to host +falldennismarketing.com: max-age too low: 2592000 fallenangeldrinks.eu: could not connect to host fallenangelspirits.uk: could not connect to host fallingapart.de: could not connect to host faluninfo.ba: did not receive HSTS header -fam-weyer.de: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] +fam-weyer.de: could not connect to host fame-agency.net: could not connect to host famep.gov: could not connect to host famer.me: could not connect to host @@ -4537,26 +4963,31 @@ familie-zimmermann.at: could not connect to host famio.cn: did not receive HSTS header fan.gov: could not connect to host fanflow.com: did not receive HSTS header +fansmade.art: could not connect to host fant.dk: did not receive HSTS header fantasticgardenersmelbourne.com.au: did not receive HSTS header fantasticpestcontrolmelbourne.com.au: did not receive HSTS header fantasyfootballpundit.com: did not receive HSTS header fanyl.cn: could not connect to host faq.lookout.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] +faradome.ws: could not connect to host faraonplay5.com: could not connect to host faraonplay7.com: could not connect to host faraonplay8.com: could not connect to host faraslot8.net: could not connect to host farces.com: could not connect to host faretravel.co.uk: could not connect to host +farhood.org: could not connect to host farkas.bz: did not receive HSTS header farm24.co.uk: could not connect to host farmacia.pt: did not receive HSTS header farmaciaformula.com.br: could not connect to host farmaciamedicom.com.br: could not connect to host -fascia.fit: max-age too low: 2592000 fashion.net: did not receive HSTS header fashioncare.cz: did not receive HSTS header +fashiondays.bg: max-age too low: 0 +fashiondays.hu: max-age too low: 0 +fashiondays.ro: max-age too low: 0 fashionholic.my: did not receive HSTS header fashionoutfits24.com: did not receive HSTS header fasset.jp: could not connect to host @@ -4578,32 +5009,39 @@ fatzebra.com.au: max-age too low: 0 favorit.club: did not receive HSTS header fawkex.me: could not connect to host faxreader.net: could not connect to host +fayntic.com: did not receive HSTS header fayolle.info: did not receive HSTS header -fbook.top: did not receive HSTS header +fbi.pw: did not receive HSTS header +fbook.top: could not connect to host fbox.li: could not connect to host fcapartsdb.com: could not connect to host +fcp.cn: could not connect to host fdj.im: could not connect to host +fdos.me: could not connect to host fdt.name: did not receive HSTS header feard.space: could not connect to host -fed51.com: did not receive HSTS header +fed51.com: could not connect to host fedbizopps.gov: could not connect to host fedemo.top: did not receive HSTS header federalregister.gov: did not receive HSTS header -federalreserveconsumerhelp.gov: could not connect to host fedn.it: could not connect to host fedo.moe: could not connect to host -fedpartnership.gov: could not connect to host feedstringer.com: could not connect to host feedthebot.com: did not receive HSTS header +fefelovalex.ru: could not connect to host fefore.com: did not receive HSTS header fegans.org.uk: did not receive HSTS header feirlane.org: could not connect to host +feisbed.com: could not connect to host +feist.io: could not connect to host feitobrasilcosmeticos.com.br: did not receive HSTS header -felett.es: could not connect to host felger-times.fr: could not connect to host feliwyn.fr: did not receive HSTS header +felixhefner.de: did not receive HSTS header +felixqu.com: did not receive HSTS header felixrr.pro: could not connect to host femaledom.xyz: could not connect to host +femdombbw.com: could not connect to host feminists.co: could not connect to host fengyadi.com: could not connect to host fenixhost.com.br: could not connect to host @@ -4625,10 +5063,13 @@ festival.house: did not receive HSTS header festrip.com: could not connect to host fetch.co.uk: did not receive HSTS header fetclips.se: could not connect to host +fetlife.com: could not connect to host fettbrot.tk: did not receive HSTS header feudaltactics.com: could not connect to host feuerwehr-dachaufsetzer.de: could not connect to host fexmen.com: could not connect to host +ff-bg.xyz: could not connect to host +ffb.gov: could not connect to host ffh.me: could not connect to host ffl123.com: did not receive HSTS header fgequipamentos.com.br: did not receive HSTS header @@ -4650,26 +5091,31 @@ fiftyshadesofluca.ml: could not connect to host fig.co: did not receive HSTS header fig.ms: could not connect to host fightr.co: could not connect to host +figura.cz: did not receive HSTS header figura.im: did not receive HSTS header figuurzagers.nl: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] fiksel.info: could not connect to host fikt.space: could not connect to host -file-cloud.eu: could not connect to host +filebox.moe: could not connect to host filebox.space: did not receive HSTS header filedir.com: did not receive HSTS header fileio.io: could not connect to host fileon.com: could not connect to host filesense.com: could not connect to host +filewall.de: could not connect to host filey.co.uk: did not receive HSTS header filhomes.ph: could not connect to host fillitupchallenge.eu: did not receive HSTS header fillmysuitca.se: did not receive HSTS header +film.photography: did not receive HSTS header +film.photos: did not receive HSTS header +filmatiporno.xxx: could not connect to host filme-online.eu.com: did not receive HSTS header filmesubtitrate2017.online: could not connect to host filo.xyz: did not receive HSTS header filoitoupediou.gr: did not receive HSTS header finalgear.com: could not connect to host -finalvpn.com: could not connect to host +finalvpn.com: did not receive HSTS header financier.io: did not receive HSTS header financieringsportaal.nl: did not receive HSTS header finanzkontor.net: could not connect to host @@ -4680,35 +5126,38 @@ findthere.net: could not connect to host findtutorsnearme.com: did not receive HSTS header findyour.diet: could not connect to host finer04.pw: did not receive HSTS header +finewineonline.com: could not connect to host fingent.com: did not receive HSTS header fingerscrossed.style: could not connect to host finiteheap.com: did not receive HSTS header finn.io: did not receive HSTS header -finpt.com: did not receive HSTS header finstererlebnis.de: could not connect to host finsterlebnis.de: did not receive HSTS header fiodental.com.br: did not receive HSTS header -fiork.com: could not connect to host +fiork.com: did not receive HSTS header fire-wolf.com: could not connect to host fireandelectrical.co.uk: did not receive HSTS header firebaseio-demo.com: could not connect to host firebaseio.com: could not connect to host (error ignored - included regardless) -firebird.io: could not connect to host +firebird.io: did not receive HSTS header firefall.rocks: could not connect to host firehost.com: could not connect to host fireinthedeep.com: could not connect to host firemail.io: could not connect to host firenza.org: did not receive HSTS header fireorbit.de: did not receive HSTS header +firepeak.ru: could not connect to host fireworkcoaching.com: did not receive HSTS header firexarxa.de: could not connect to host -firmenverzeichnis.nu: could not connect to host +firmenverzeichnis.nu: did not receive HSTS header first-time-offender.com: could not connect to host firstchoicepool.com: did not receive HSTS header firstdogonthemoon.com.au: did not receive HSTS header firstforex.co.uk: did not receive HSTS header firstlook.org: did not receive HSTS header +fischers.it: could not connect to host fiscoeconti.it: did not receive HSTS header +fishfinders.info: did not receive HSTS header fiskestang.com: did not receive HSTS header fit4medien.de: did not receive HSTS header fitbylo.com: could not connect to host @@ -4718,6 +5167,7 @@ fitnesswerk.de: could not connect to host fitqbe.com: did not receive HSTS header fitshop.com.br: could not connect to host fitsw.com: did not receive HSTS header +fiuxy.org: could not connect to host five.vn: did not receive HSTS header fivestarsitters.com: did not receive HSTS header fivestepfunnels.com: could not connect to host @@ -4734,8 +5184,7 @@ fixmyglitch.com: could not connect to host fixtectools.co.za: could not connect to host fixthetimeline.com: could not connect to host fixthetimeline.org: could not connect to host -fixvoltage.ru: did not receive HSTS header -fjruiz.es: did not receive HSTS header +fjruiz.es: could not connect to host fkcovering.be: could not connect to host fl0000.com: max-age too low: 129600 fl010.com: max-age too low: 129600 @@ -4747,7 +5196,7 @@ fl0666.com: did not receive HSTS header fl0777.com: did not receive HSTS header fl0888.com: did not receive HSTS header fl0999.com: did not receive HSTS header -flagfic.com: did not receive HSTS header +flagfic.com: could not connect to host flags.ninja: could not connect to host flair.co: max-age too low: 7889238 flairbros.at: could not connect to host @@ -4756,6 +5205,7 @@ flam.io: could not connect to host flamewall.net: could not connect to host flamingcow.tv: could not connect to host flamingkeys.com.au: could not connect to host +flangaapis.com: did not receive HSTS header flareon.net: could not connect to host flaretechnologies.io: could not connect to host flashbaggie.com: could not connect to host @@ -4764,18 +5214,20 @@ flawcheck.com: could not connect to host flc111.com: did not receive HSTS header flc999.com: max-age too low: 129600 flemingtonaudiparts.com: could not connect to host +fleurette.me: could not connect to host fleursdesoleil.fr: did not receive HSTS header flexdrukker.nl: could not connect to host flexinvesting.fi: could not connect to host fliexer.com: could not connect to host flightschoolusa.com: did not receive HSTS header +fling.dating: could not connect to host flipagram.com: did not receive HSTS header -flipbell.com: did not receive HSTS header +flipbell.com: could not connect to host flipkey.com: did not receive HSTS header -flirchi.com: could not connect to host +flirchi.com: did not receive HSTS header flixtor.net: could not connect to host +flkrpxl.com: could not connect to host floless.co.uk: did not receive HSTS header -flomeyer.de: could not connect to host floorball-haunwoehr.de: did not receive HSTS header flopy.club: could not connect to host florafiora.com.br: did not receive HSTS header @@ -4787,6 +5239,7 @@ floridaescapes.co.uk: did not receive HSTS header florinapp.com: could not connect to host florispoort.nl: did not receive HSTS header floro.me: did not receive HSTS header +flosserver.de: could not connect to host floth.at: could not connect to host flouartistique.ch: could not connect to host flow.pe: could not connect to host @@ -4800,8 +5253,9 @@ flugstadplasticsurgery.com: did not receive HSTS header fluidojobs.com: could not connect to host fluitbeurt.nl: could not connect to host flukethoughts.com: did not receive HSTS header -flurrybridge.com: did not receive HSTS header +flurrybridge.com: could not connect to host flushstudios.com: did not receive HSTS header +fluxi.fi: could not connect to host flyaces.com: could not connect to host flybunnyfly.dk: did not receive HSTS header flygpost.com: did not receive HSTS header @@ -4809,12 +5263,12 @@ flyingdoggy.net: could not connect to host flyp.me: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] flyspace.ga: did not receive HSTS header flyss.net: could not connect to host -flyssh.net: could not connect to host fm83.nl: could not connect to host fm992.com: could not connect to host fmovies.life: could not connect to host +fnfpt.co.uk: could not connect to host fniephaus.com: did not receive HSTS header -fnncat.com: did not receive HSTS header +fnncat.com: could not connect to host fnvsecurity.com: could not connect to host fobc-usa.org: did not receive HSTS header focalforest.com: could not connect to host @@ -4824,19 +5278,21 @@ fohome.ca: could not connect to host fokan.ch: did not receive HSTS header foliekonsulenten.dk: did not receive HSTS header folioapp.io: did not receive HSTS header +fondanastasia.ru: did not receive HSTS header fondy.ru: did not receive HSTS header foneo.com: could not connect to host fonetiq.io: could not connect to host -fonseguin.ca: did not receive HSTS header fontawesome.com: did not receive HSTS header foo: could not connect to host food4health.guide: could not connect to host +foodacademy.capetown: could not connect to host foodbuddy.ch: could not connect to host foodiebox.no: did not receive HSTS header foodies.my: did not receive HSTS header foodievenues.com: could not connect to host foodplantengineering.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] foodsafetyworkinggroup.gov: could not connect to host +foodserve.in: did not receive HSTS header footballmapped.com: could not connect to host footlegende.fr: did not receive HSTS header forafifty.co.za: could not connect to host @@ -4845,33 +5301,32 @@ forbid.life: could not connect to host forbiddenhistory.info: could not connect to host forbook.net: did not receive HSTS header forcamp.ga: could not connect to host -force-des-maths.com: could not connect to host +force-des-maths.com: did not receive HSTS header fordbydesign.com: could not connect to host fordshop.by: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] foreignexchangeresource.com: did not receive HSTS header forestfinance.fr: did not receive HSTS header foreveralone.io: could not connect to host foreveryoung.pt: did not receive HSTS header -forewordreviews.com: did not receive HSTS header forex-dan.com: did not receive HSTS header +forexsignals7.com: could not connect to host forgix.com: could not connect to host forlagetmarx.dk: did not receive HSTS header -formadmin.com: could not connect to host -formaliteo.com: could not connect to host +formadmin.com: did not receive HSTS header +formaliteo.com: did not receive HSTS header formazioneopen.it: could not connect to host formersessalaries.com: did not receive HSTS header formula.cf: could not connect to host forplanetsake.com: could not connect to host forplayers.pl: could not connect to host -forschbach-janssen.de: could not connect to host forsyththeatre.com: could not connect to host fortricks.in: did not receive HSTS header fortuna-loessnitz.de: could not connect to host fortuna-s.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] fortworth.ch: did not receive HSTS header -forty-two.nl: did not receive HSTS header forty2.eu: did not receive HSTS header forum.linode.com: did not receive HSTS header +forumjuridico.org: did not receive HSTS header forus.be: could not connect to host foryoucosmeticos.com.br: could not connect to host fossewayflowers.co.uk: could not connect to host @@ -4883,29 +5338,35 @@ fotoallerlei.com: did not receive HSTS header fotocerita.net: could not connect to host fotogiraffe.ru: did not receive HSTS header fotografosexpertos.com: did not receive HSTS header +fotonjan.com: could not connect to host fotopasja.info: could not connect to host +fotostravestisbr.com: could not connect to host fourchin.net: could not connect to host fourwheelpartloanssimple.com: did not receive HSTS header -foxdev.io: could not connect to host +foxdev.io: did not receive HSTS header foxelbox.com: did not receive HSTS header -foxes.no: could not connect to host foxley-farm.co.uk: did not receive HSTS header foxley-seeds.co.uk: did not receive HSTS header foxleyseeds.co.uk: could not connect to host foxmay.co.uk: could not connect to host foxtrot.pw: could not connect to host foxyslut.com: could not connect to host +foyale.io: could not connect to host +fpki.sh: could not connect to host +fptravelling.com: could not connect to host fr0zenbits.io: could not connect to host fr33d0m.link: could not connect to host fragilesolar.cf: could not connect to host fragnic.com: did not receive HSTS header fralef.me: did not receive HSTS header +francesca-and-lucas.com: did not receive HSTS header francevpn.xyz: could not connect to host francois-vidit.com: did not receive HSTS header frangor.info: did not receive HSTS header -frank.fyi: could not connect to host +frankedier.com: did not receive HSTS header +frankl.in: did not receive HSTS header franklinhua.com: could not connect to host -frankwei.xyz: could not connect to host +franksiler.com: could not connect to host franta.biz: did not receive HSTS header franta.email: did not receive HSTS header franzt.de: could not connect to host @@ -4923,7 +5384,6 @@ freakyawesome.ca: could not connect to host freakyawesome.club: could not connect to host freakyawesome.co: could not connect to host freakyawesome.co.uk: could not connect to host -freakyawesome.com: could not connect to host freakyawesome.company: could not connect to host freakyawesome.email: could not connect to host freakyawesome.events: could not connect to host @@ -4982,18 +5442,22 @@ freakyawesometeam.com: could not connect to host freakyawesometheme.com: could not connect to host freakyawesomethemes.com: could not connect to host freakyawesomewp.com: could not connect to host -freddieonfire.tk: could not connect to host freddythechick.uk: did not receive HSTS header fredliang.cn: could not connect to host +fredtec.ru: could not connect to host free8.xyz: could not connect to host freeasinlliure.org: did not receive HSTS header -freeassangenow.org: could not connect to host freeben666.fr: could not connect to host +freeblog.me: could not connect to host freebookmakerbets.com.au: did not receive HSTS header freebus.org: could not connect to host +freecam2cam.site: could not connect to host +freecookies.nl: did not receive HSTS header freedomrealtyoftexas.com: did not receive HSTS header freedomvote.nl: could not connect to host +freeexampapers.com: could not connect to host freeflow.tv: could not connect to host +freehao123.cn: could not connect to host freejidi.com: could not connect to host freekdevries.nl: did not receive HSTS header freelanced.co.za: could not connect to host @@ -5006,9 +5470,10 @@ freesoftwaredriver.com: could not connect to host freesounding.com: did not receive HSTS header freesounding.ru: did not receive HSTS header freesourcestl.org: did not receive HSTS header +freesquare.net: did not receive HSTS header freethought.org.au: could not connect to host freeutopia.org: did not receive HSTS header -freezion.com: could not connect to host +frenzel.dk: could not connect to host freqlabs.com: did not receive HSTS header freshfind.xyz: could not connect to host freshlymind.com: did not receive HSTS header @@ -5021,36 +5486,44 @@ fridolinka.cz: did not receive HSTS header friedhelm-wolf.de: could not connect to host friendica.ch: could not connect to host friendlyfiregameshow.com: could not connect to host +frieslandrail.nl: did not receive HSTS header frimons.com: max-age too low: 7889238 fringeintravel.com: did not receive HSTS header frodriguez.xyz: could not connect to host +froehlich.it: did not receive HSTS header froggstack.de: could not connect to host frolov.net: could not connect to host +from-the-net.com: could not connect to host fromix.de: could not connect to host fromlemaytoz.com: could not connect to host front-end.dog: could not connect to host frontisme.nl: did not receive HSTS header frontline.cloud: did not receive HSTS header frontline6.com: did not receive HSTS header +frontlinemessenger.com: did not receive HSTS header frontmin.com: did not receive HSTS header frost-ci.xyz: could not connect to host -frostbytes.net: did not receive HSTS header +frostbytes.net: could not connect to host +frosthall.com: max-age too low: 2592000 frosty-gaming.xyz: could not connect to host frp-roleplay.de: could not connect to host +frprn.com: could not connect to host +frprn.xxx: could not connect to host frsis2017.com: could not connect to host fruitusers.com: could not connect to host frumious.fyi: could not connect to host frusky.net: could not connect to host fs-gamenet.de: could not connect to host -fsapubs.gov: could not connect to host fsf.moe: did not receive HSTS header fsfi.is: could not connect to host fsinf.at: did not receive HSTS header +fsk.fo: did not receive HSTS header fspphoto.com: could not connect to host fsradio.eu: did not receive HSTS header fsrs.gov: could not connect to host fstatic.io: could not connect to host fstfy.de: could not connect to host +fsvoboda.cz: could not connect to host ftc.gov: did not receive HSTS header ftctele.com: could not connect to host fteproxy.org: did not receive HSTS header @@ -5065,13 +5538,16 @@ fudanshi.org: could not connect to host fuelministry.com: did not receive HSTS header fugle.de: could not connect to host fuitedeau.ch: could not connect to host +fujianshipbuilding.com: could not connect to host fukuko.biz: could not connect to host fukuko.xyz: could not connect to host fukuoka-cityliner.jp: did not receive HSTS header fukushima-web.com: did not receive HSTS header fuli.am: max-age too low: 129600 fulilingyu.info: could not connect to host -fuliydys.com: did not receive HSTS header +fuliydys.com: could not connect to host +fullpackage.co.uk: did not receive HSTS header +fulltxt.ml: could not connect to host fullytrained.co.uk: could not connect to host fumiware.com: could not connect to host fun9.cc: could not connect to host @@ -5079,17 +5555,19 @@ fun99.cc: could not connect to host funarena.com.ua: did not receive HSTS header fundacionfranciscofiasco.org: could not connect to host fundacionhijosdelsol.org: could not connect to host +fundayltd.com: could not connect to host funderburg.me: did not receive HSTS header fungame.eu: did not receive HSTS header +funi4u.com: could not connect to host funideas.org: could not connect to host funkes-ferien.de: did not receive HSTS header -funkner.ru: could not connect to host funkyweddingideas.com.au: could not connect to host funny-joke-pictures.com: did not receive HSTS header funnyang.com: could not connect to host funrun.com: did not receive HSTS header funtastic-event-hire.co.uk: did not receive HSTS header funtastic.ie: could not connect to host +funtimebourne.co.uk: could not connect to host fuorifuocogenova.it: did not receive HSTS header furi.ga: could not connect to host furiffic.com: did not receive HSTS header @@ -5100,9 +5578,12 @@ furtivelook.com: did not receive HSTS header fusa-miyamoto.jp: could not connect to host fusedrops.com: did not receive HSTS header fusionmate.com: could not connect to host +fuskator.com: could not connect to host +fussell.io: could not connect to host futbol11.com: did not receive HSTS header futbolvivo.tv: did not receive HSTS header futos.de: could not connect to host +futurefire.de: could not connect to host futuresonline.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] futurestarsusa.org: did not receive HSTS header futuretechnologi.es: could not connect to host @@ -5111,15 +5592,15 @@ futuristarchitecture.com: did not receive HSTS header fuvpn.com: could not connect to host fuxwerk.de: could not connect to host fuzoku-sodan.com: could not connect to host +fuzoku.jp: could not connect to host fwei.tk: did not receive HSTS header fws.gov: did not receive HSTS header +fwww7.com: did not receive HSTS header fxgame.online: could not connect to host fxpig-ib.com: could not connect to host fxwebstudio.com.au: max-age too low: 0 -fyfywka.com: max-age too low: 86400 fyodorpi.com: did not receive HSTS header fyol.pw: could not connect to host -fyol.xyz: did not receive HSTS header fysiohaenraets.nl: did not receive HSTS header fzn.io: did not receive HSTS header fzslm.me: did not receive HSTS header @@ -5146,7 +5627,10 @@ gaelleetarnaud.com: did not receive HSTS header gafachi.com: could not connect to host gaichanh.com: did not receive HSTS header gainesvillegoneaustin.org: did not receive HSTS header +gaiserik.com: did not receive HSTS header gaite.me: did not receive HSTS header +gajas18.com: could not connect to host +gakkainavi-epsilon.jp: could not connect to host gakkainavi4.com: could not connect to host galardi.org: could not connect to host galena.io: could not connect to host @@ -5155,19 +5639,18 @@ galeriadobimba.com.br: could not connect to host galgoafegao.com.br: could not connect to host galgoingles.com.br: could not connect to host gali.review: did not receive HSTS header -gallerify.eu: did not receive HSTS header +galileomtz.com: did not receive HSTS header gallery44.org: did not receive HSTS header -galletasgabi.com.mx: max-age too low: 86400 galoisvpn.xyz: could not connect to host gam3rs.de: could not connect to host gambitcloud.net: could not connect to host +game-files.net: did not receive HSTS header game-gentle.com: could not connect to host game.yt: could not connect to host gamebits.net: did not receive HSTS header gamecave.de: could not connect to host gamecdn.com: could not connect to host gamechasm.com: could not connect to host -gameclue.jp: did not receive HSTS header gamefund.me: could not connect to host gamehacks.me: could not connect to host gameink.net: did not receive HSTS header @@ -5180,11 +5663,11 @@ gamepader.com: could not connect to host gameparade.de: could not connect to host gameparagon.info: could not connect to host gamepiece.com: did not receive HSTS header -gamereader.de: could not connect to host gamerpoets.com: did not receive HSTS header gamers-life.fr: could not connect to host gamerslair.org: did not receive HSTS header gamerz-point.de: could not connect to host +gamerz-stream.com: did not receive HSTS header gamesdepartment.co.uk: could not connect to host gameserver-sponsor.de: did not receive HSTS header gamesurferapp.com: could not connect to host @@ -5192,14 +5675,17 @@ gameswitchers.uk: could not connect to host gametium.com: could not connect to host gametium.es: could not connect to host gamhealth.net: could not connect to host -gamingmedia.eu: did not receive HSTS header +gamingmedia.eu: could not connect to host gamingreinvented.com: did not receive HSTS header gamoice.com: did not receive HSTS header gampenhof.de: could not connect to host gangnam-club.com: could not connect to host gangnam-karaoke.com: could not connect to host ganhonet.com.br: did not receive HSTS header +ganzgraph.de: did not receive HSTS header +gaon.network: could not connect to host gaphag.ddns.net: could not connect to host +garage-abri-chalet.fr: did not receive HSTS header garage-door.pro: could not connect to host garageon.net: did not receive HSTS header garciamartin.me: could not connect to host @@ -5207,7 +5693,6 @@ garcinia--cambogia.com: could not connect to host garciniacambogiareviewed.co: did not receive HSTS header garden.trade: could not connect to host gardencarezone.com: did not receive HSTS header -garethkirk.com: did not receive HSTS header garfieldairlines.net: did not receive HSTS header garten-bau.ch: did not receive HSTS header garten-diy.de: could not connect to host @@ -5215,42 +5700,49 @@ gasbarkenora.com: could not connect to host gasnews.net: could not connect to host gasser-daniel.ch: did not receive HSTS header gastauftritt.net: did not receive HSTS header +gastritisolucion.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] gatapro.net: could not connect to host +gatemotorsumhlanga.co.za: could not connect to host gatemoves.com: could not connect to host gateworld.fr: did not receive HSTS header +gatilagata.com.br: could not connect to host gatomix.net: could not connect to host gatorsa.es: could not connect to host gaussorgues.me: could not connect to host gautham.pro: could not connect to host gavick.com: did not receive HSTS header +gay-sissies.com: could not connect to host gaycc.cc: could not connect to host gaygeeks.de: could not connect to host +gaysfisting.com: could not connect to host +gaytorrent.ru: could not connect to host +gayxsite.com: could not connect to host gazflynn.com: did not receive HSTS header -gc-mc.de: did not receive HSTS header +gbit.xyz: could not connect to host gc.net: could not connect to host gchoic.com: max-age too low: 7889238 gchp.ie: did not receive HSTS header gdegem.org: did not receive HSTS header gdevpenze.ru: could not connect to host -gdhzcgs.com: could not connect to host gdprhallofshame.com: could not connect to host +gdutnic.com: could not connect to host gdz-otvety.com: could not connect to host gdz.tv: could not connect to host gear-acquisition-syndrome.community: could not connect to host +geaskb.nl: could not connect to host geblitzt.de: did not receive HSTS header gedankenbude.info: could not connect to host -gee.is: could not connect to host geekbaba.com: could not connect to host geekcast.co.uk: did not receive HSTS header +geekchimp.com: could not connect to host geekdt.com: could not connect to host geekmind.org: max-age too low: 172800 -geeks.berlin: did not receive HSTS header +geeks.berlin: could not connect to host geeks.lgbt: could not connect to host -geeks.one: did not receive HSTS header +geekseries.fr: did not receive HSTS header geektimes.com: did not receive HSTS header +geeky.software: could not connect to host geemo.top: could not connect to host -geertdegraaf.nl: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] -gehaowu.com: did not receive HSTS header gehrke.nrw: could not connect to host geigr.de: could not connect to host geiser.io: did not receive HSTS header @@ -5262,16 +5754,18 @@ gemuplay.com: could not connect to host genemesservwparts.com: could not connect to host generalpants.com.au: did not receive HSTS header generationnext.pl: could not connect to host -genesischangelog.com: did not receive HSTS header +genesischangelog.com: could not connect to host geneve.guide: could not connect to host genia-life.de: could not connect to host +genie-seiner-generation.de: could not connect to host genneve.com: did not receive HSTS header genoog.com: could not connect to host genossen.ru: could not connect to host genshiken.org: could not connect to host +gentooblog.de: could not connect to host genuu.com: could not connect to host genuxation.com: could not connect to host -genxbeats.com: could not connect to host +genxbeats.com: did not receive HSTS header genyaa.com: could not connect to host genyhitch.com: did not receive HSTS header geoffanderinmyers.com: did not receive HSTS header @@ -5288,10 +5782,12 @@ gereon.ch: could not connect to host geri.be: could not connect to host germanticz.de: could not connect to host gers-authentique.com: could not connect to host +gerum.dynv6.net: did not receive HSTS header geschenkly.de: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] geschmackspiloten.de: did not receive HSTS header gesiwista.net: did not receive HSTS header gesunde-smoothies.de: did not receive HSTS header +gesundes-im-napf.de: did not receive HSTS header get-asterisk.ru: could not connect to host get-cctv.com: could not connect to host get-it-live.de: could not connect to host @@ -5335,6 +5831,7 @@ getremembrall.com: could not connect to host getronics.care: could not connect to host getsello.com: could not connect to host getserum.xyz: could not connect to host +getsetupfile.com: did not receive HSTS header getshifter.io: did not receive HSTS header getspeaker.com: did not receive HSTS header getspire.com: could not connect to host @@ -5343,35 +5840,39 @@ getwashdaddy.com: could not connect to host getyourphix.tk: could not connect to host gevaulug.fr: could not connect to host gfbouncycastles.co.uk: did not receive HSTS header +gfe.li: did not receive HSTS header gfhgiro.nl: did not receive HSTS header gfm.tech: could not connect to host gfoss.gr: could not connect to host -gfw.moe: did not receive HSTS header +gfournier.ca: could not connect to host +gfw.moe: could not connect to host gfwsb.ml: could not connect to host gglks.com: could not connect to host +ggobbo.com: could not connect to host ggrks-asano.com: could not connect to host ggss.cf: could not connect to host ggss.ml: could not connect to host gh16.com.ar: could not connect to host -ghaglund.se: could not connect to host ghcif.de: could not connect to host gheorghe-sarcov.ga: could not connect to host gheorghesarcov.ga: could not connect to host gheorghesarcov.tk: could not connect to host ghi.gov: could not connect to host ghibli.studio: did not receive HSTS header -ghid-pitesti.ro: did not receive HSTS header ghkim.net: could not connect to host +ghuntley.com: max-age too low: 0 giakki.eu: could not connect to host gianlucapartengo.photography: did not receive HSTS header giant-powerfit.co.uk: did not receive HSTS header gibraltar-firma.com: did not receive HSTS header gidea.nu: could not connect to host -giegler.software: did not receive HSTS header giftgofers.com: max-age too low: 2592000 +giftservices.nl: did not receive HSTS header gifzilla.net: could not connect to host -gigacloud.org: did not receive HSTS header +gigacloud.org: could not connect to host +gigawattz.com: could not connect to host gigiscloud.servebeer.com: could not connect to host +gigolodavid.be: could not connect to host gilcloud.com: could not connect to host gilgaz.com: did not receive HSTS header gillet-cros.fr: could not connect to host @@ -5379,6 +5880,7 @@ gilly.berlin: did not receive HSTS header gilroywestwood.org: did not receive HSTS header gincher.net: did not receive HSTS header gingali.de: did not receive HSTS header +ginie.de: did not receive HSTS header ginijony.com: did not receive HSTS header ginkel.com: did not receive HSTS header gintenreiter-photography.com: did not receive HSTS header @@ -5394,7 +5896,9 @@ gisac.org: did not receive HSTS header gistfy.com: could not connect to host git-stuff.tk: could not connect to host git.co: could not connect to host -github.party: did not receive HSTS header +gitar.io: could not connect to host +github.party: could not connect to host +gittr.ch: did not receive HSTS header givemyanswer.com: could not connect to host giverang.biz: could not connect to host giverang.com: could not connect to host @@ -5404,13 +5908,13 @@ gixtools.uk: could not connect to host gizzo.sk: could not connect to host glabiatoren-kst.de: could not connect to host gladystudio.com: did not receive HSTS header +glahcks.com: could not connect to host glass.google.com: did not receive HSTS header (error ignored - included regardless) glasslikes.com: did not receive HSTS header glbg.eu: did not receive HSTS header gle: could not connect to host glenavy.tk: could not connect to host glentakahashi.com: could not connect to host -glicerina.online: could not connect to host glittersjabloon.nl: did not receive HSTS header glitzmirror.com: could not connect to host glnpo.gov: could not connect to host @@ -5429,41 +5933,40 @@ globalsites.nl: did not receive HSTS header globaltennis.ca: could not connect to host globalvisions-events.ch: could not connect to host globalvisions-events.com: could not connect to host -globuli-info.de: did not receive HSTS header +globuli-info.de: could not connect to host gloomyspark.com: could not connect to host -glossopnorthendafc.co.uk: could not connect to host glotter.com: did not receive HSTS header gloucesterphotographer.com: did not receive HSTS header glubbforum.de: did not receive HSTS header glutenfreiheit.at: did not receive HSTS header glws.org: did not receive HSTS header glyph.ws: could not connect to host -gm-assicurazioni.it: did not receive HSTS header +gm-assicurazioni.it: could not connect to host gmail.com: did not receive HSTS header (error ignored - included regardless) gmanukyan.com: could not connect to host gmat.ovh: could not connect to host gmoes.at: could not connect to host -gn00.com: could not connect to host +gmw-hannover.de: could not connect to host gnaptracker.tk: could not connect to host gnom.me: could not connect to host gnosticjade.net: did not receive HSTS header go.ax: did not receive HSTS header go2sh.de: did not receive HSTS header -go4it.solutions: did not receive HSTS header +go4it.solutions: could not connect to host goabonga.com: could not connect to host goalsetup.com: did not receive HSTS header goaltree.ch: did not receive HSTS header -goapunks.net: could not connect to host +goapunks.net: did not receive HSTS header goarmy.eu: could not connect to host goat.chat: did not receive HSTS header goat.xyz: could not connect to host goben.ch: could not connect to host goblins.net: did not receive HSTS header goblinsatwork.com: could not connect to host +gocardless.com: did not receive HSTS header godrealms.com: could not connect to host goedeke.ml: could not connect to host goerner.me: did not receive HSTS header -goerres2014.de: could not connect to host goge.site: could not connect to host gogenenglish.com: could not connect to host gogetssl.com: did not receive HSTS header @@ -5472,16 +5975,18 @@ gogold-g.com: could not connect to host goguel.org: could not connect to host goiaspropaganda.com.br: could not connect to host gold24.in: could not connect to host +goldclubcasino.com: could not connect to host goldendata.io: could not connect to host goldfelt.com: could not connect to host goldminer.ga: could not connect to host goldpros.com: did not receive HSTS header +goldsky.com.au: did not receive HSTS header goldwater.gov: could not connect to host goldwaterfoundation.gov: could not connect to host goldwaterscholarship.gov: could not connect to host golearn.gov: could not connect to host +golfburn.com: could not connect to host golocal-media.de: could not connect to host -gomiblog.com: did not receive HSTS header gong8.win: could not connect to host gonzalosanchez.mx: did not receive HSTS header goodeats.nyc: did not receive HSTS header @@ -5490,6 +5995,7 @@ goodmengroup.de: did not receive HSTS header goods-memo.net: did not receive HSTS header goodsex4all.com.br: could not connect to host goodtech.com.br: could not connect to host +goodvibesblog.com: could not connect to host goodwin43.ru: could not connect to host goodyearsotn.co.uk: could not connect to host google: could not connect to host (error ignored - included regardless) @@ -5501,17 +6007,17 @@ gootax.pro: did not receive HSTS header goozz.nl: did not receive HSTS header gopay.cz: did not receive HSTS header gopokego.cz: could not connect to host +gorakukai.jp: max-age too low: 0 goranrango.ch: could not connect to host -gorf.chat: could not connect to host -gorf.club: could not connect to host +gordonobrecht.com: did not receive HSTS header gorgiaxx.com: could not connect to host gorilla-gym.site: could not connect to host gorillow.com: could not connect to host gorognyelv.hu: could not connect to host gosharewood.com: did not receive HSTS header goshop.cz: did not receive HSTS header -gospelofmark.ch: could not connect to host -gostream.asia: did not receive HSTS header +goshow.tv: could not connect to host +gostream.asia: could not connect to host gotgenes.com: could not connect to host goto.google.com: did not receive HSTS header (error ignored - included regardless) gotobrno.cz: did not receive HSTS header @@ -5520,37 +6026,41 @@ gotspot.com: could not connect to host gottfridsberg.org: could not connect to host gottfriedfeyen.com: did not receive HSTS header goubi.me: did not receive HSTS header +goujianwen.com: did not receive HSTS header +goukon.ru: could not connect to host gourmettia.com: did not receive HSTS header -gouthro-goteborg.se: could not connect to host +gouthro-goteborg.se: did not receive HSTS header gouv.ovh: did not receive HSTS header gov.ax: could not connect to host goverage.org: could not connect to host govillemo.ca: did not receive HSTS header gozadentro.com: could not connect to host gozel.com.tr: did not receive HSTS header +gpalabs.com: could not connect to host gparent.org: did not receive HSTS header gpga.cf: could not connect to host -gpio.gq: could not connect to host +gplintegratedit.com: could not connect to host gpo.gov: did not receive HSTS header gpstuner.com: did not receive HSTS header graavaapi.elasticbeanstalk.com: could not connect to host -gracebaking.com: max-age too low: 86400 +grabi.ga: could not connect to host gracechurchpc.net: could not connect to host -graceful-project.eu: could not connect to host +graceful-project.eu: did not receive HSTS header gracesofgrief.com: could not connect to host grachtenpandverkopen.nl: could not connect to host grademymac.com: did not receive HSTS header grademypc.com: did not receive HSTS header +gradenotify.com: could not connect to host grads360.org: could not connect to host gradsm-ci.net: could not connect to host grafitec.ru: did not receive HSTS header graftworld.pw: could not connect to host -grana.com: did not receive HSTS header grandchamproofing.com: did not receive HSTS header grande.coffee: could not connect to host grandlinecsk.ru: did not receive HSTS header grandmascookieblog.com: did not receive HSTS header -graniteind.com: did not receive HSTS header +grandmasfridge.org: did not receive HSTS header +grandwailea.com: did not receive HSTS header grantedby.me: max-age too low: 0 granth.io: could not connect to host graph.no: did not receive HSTS header @@ -5560,13 +6070,13 @@ gratis-app.com: did not receive HSTS header gratisonlinesex.com: could not connect to host gravitation.pro: did not receive HSTS header gravito.nl: did not receive HSTS header -gravity-dev.de: could not connect to host gravity-net.de: could not connect to host graycell.net: could not connect to host grazetech.com: did not receive HSTS header grcnode.co.uk: could not connect to host great.nagoya: could not connect to host -greatfire.kr: did not receive HSTS header +greatergoodoffers.com: did not receive HSTS header +greatfire.kr: could not connect to host greatideahub.com: did not receive HSTS header greatnet.de: did not receive HSTS header greatsong.net: did not receive HSTS header @@ -5575,18 +6085,20 @@ green-light.ga: could not connect to host green-light.gq: could not connect to host green-light.ml: could not connect to host greencardtalent.com: could not connect to host +greenenergysolution.uk: did not receive HSTS header greenesting.ch: could not connect to host greenesting.com: could not connect to host greengov.gov: could not connect to host greenhillantiques.co.uk: did not receive HSTS header greenitpark.net: could not connect to host -greenpeace.berlin: could not connect to host greensolid.biz: could not connect to host greenvines.com.tw: did not receive HSTS header greenvpn.ltd: could not connect to host greenvpn.pro: did not receive HSTS header greggsfoundation.org.uk: could not connect to host gregmartyn.com: could not connect to host +gregmilton.com: could not connect to host +gregmilton.org: could not connect to host gregorytlee.me: could not connect to host grekland.guide: could not connect to host gremots.com: could not connect to host @@ -5598,7 +6110,6 @@ greuel.online: could not connect to host greve.xyz: could not connect to host grevesgarten.de: could not connect to host greyline.se: could not connect to host -greysky.me: max-age too low: 300 grian-bam.at: did not receive HSTS header gribani.com: could not connect to host grid2osm.org: could not connect to host @@ -5617,15 +6128,18 @@ groentefruitzeep.nl: could not connect to host groetzner.net: did not receive HSTS header groseb.net: did not receive HSTS header grossberger-ge.org: could not connect to host +grossell.ru: could not connect to host grossmann.gr: could not connect to host grossmisconduct.news: could not connect to host groupe-cassous.com: did not receive HSTS header +grouphomes.com.au: did not receive HSTS header groups.google.com: did not receive HSTS header (error ignored - included regardless) grow-shop.ee: could not connect to host grow-shop.lt: could not connect to host grow-shop.lv: could not connect to host growingmetrics.com: could not connect to host grozip.com: did not receive HSTS header +grozter.se: did not receive HSTS header gruenderwoche-dresden.de: did not receive HSTS header grunex.com: did not receive HSTS header grupopgn.com.br: could not connect to host @@ -5637,6 +6151,7 @@ gs-net.at: could not connect to host gsm-map.com: could not connect to host gsmkungen.com: could not connect to host gsnort.com: did not receive HSTS header +gsoc.se: could not connect to host gtamodshop.org: could not connect to host gtanda.tk: could not connect to host gtech.work: did not receive HSTS header @@ -5645,6 +6160,8 @@ gtraxapp.com: could not connect to host gts-schulsoftware.de: did not receive HSTS header guarajubaimoveis.com.br: did not receive HSTS header guava.studio: did not receive HSTS header +gudangpangan.id: could not connect to host +gudrun.ml: could not connect to host guelphhydropool.com: could not connect to host guendra.dedyn.io: could not connect to host guentherhouse.com: did not receive HSTS header @@ -5654,9 +6171,9 @@ gugaltika-ipb.org: could not connect to host guge.gq: could not connect to host gugga.dk: could not connect to host guguke.net: did not receive HSTS header +guhei.net: could not connect to host guidechecking.com: could not connect to host -guideline.gov: could not connect to host -guidelines.gov: could not connect to host +guides-et-admin.com: did not receive HSTS header guilde-vindicta.fr: could not connect to host guildgearscore.cf: could not connect to host guillaume-leduc.fr: did not receive HSTS header @@ -5680,6 +6197,7 @@ guntbert.net: could not connect to host guoqiang.info: did not receive HSTS header gurochan.ch: could not connect to host gurom.lv: could not connect to host +gurubetng.com: did not receive HSTS header gurusupe.com: could not connect to host gus.moe: could not connect to host guso.gq: could not connect to host @@ -5687,10 +6205,13 @@ guso.ml: could not connect to host guso.site: could not connect to host guso.tech: could not connect to host gussi.is: did not receive HSTS header -guthabenkarten-billiger.de: did not receive HSTS header +guthabenkarten-billiger.de: could not connect to host guts.me: did not receive HSTS header guts.moe: did not receive HSTS header +guyot-tech.com: did not receive HSTS header gvchannel.xyz: could not connect to host +gvi.be: did not receive HSTS header +gvm.io: could not connect to host gvpt.sk: did not receive HSTS header gvt2.com: could not connect to host (error ignored - included regardless) gvt3.com: could not connect to host (error ignored - included regardless) @@ -5715,21 +6236,20 @@ h2check.org: did not receive HSTS header h3x.jp: could not connect to host haarkliniek.com: did not receive HSTS header habbixed.tk: could not connect to host -habbo.life: could not connect to host +habbo.life: did not receive HSTS header habbotalk.nl: could not connect to host habeo.si: could not connect to host hablemosdetecnologia.com.ve: could not connect to host hac30.com: could not connect to host -hack.cz: could not connect to host +hack.club: could not connect to host hack.li: could not connect to host hackbubble.me: could not connect to host +hacker.club: could not connect to host hacker.deals: could not connect to host hacker8.cn: could not connect to host -hackercat.ninja: did not receive HSTS header -hackerchai.com: could not connect to host +hackercat.ninja: max-age too low: 2592000 hackerforever.com: could not connect to host hackerone-ext-adroll.com: could not connect to host -hackerpoints.com: could not connect to host hackerspace-ntnu.no: did not receive HSTS header hackest.org: did not receive HSTS header hackingsafe.com: could not connect to host @@ -5737,7 +6257,7 @@ hackit.im: could not connect to host hackmeplz.com: could not connect to host hackroyale.xyz: could not connect to host hacksnack.io: could not connect to host -hackworx.com: could not connect to host +hackyourfaceoff.com: could not connect to host hadaf.pro: could not connect to host hadzic.co: could not connect to host haeckdesign.com: did not receive HSTS header @@ -5746,7 +6266,9 @@ haehnlein.at: could not connect to host haemmerle.net: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] haf.gr: could not connect to host hafoda.com: did not receive HSTS header +haggeluring.su: could not connect to host hahayidu.org: could not connect to host +hail2u.net: did not receive HSTS header hainoni.com: did not receive HSTS header hairlossstop.net: did not receive HSTS header haitschi.com: could not connect to host @@ -5754,7 +6276,6 @@ haitschi.de: did not receive HSTS header haitschi.net: could not connect to host haitschi.org: could not connect to host hajnzic.at: could not connect to host -hakase.pw: could not connect to host haktec.de: did not receive HSTS header haku.moe: could not connect to host hakugin.me: could not connect to host @@ -5763,12 +6284,12 @@ hakurei.moe: could not connect to host halcyonsbastion.com: could not connect to host half-logic.eu.org: could not connect to host halfwaythere.eu: could not connect to host -hallettxn.com: could not connect to host halo.red: could not connect to host halta.info: could not connect to host halyul.cc: did not receive HSTS header halyul.com: did not receive HSTS header haman.nl: could not connect to host +hamish.ca: did not receive HSTS header hamking.tk: could not connect to host hammamsayad.com: could not connect to host hamon.cc: did not receive HSTS header @@ -5777,8 +6298,10 @@ hancatemc.com: did not receive HSTS header hancc.net: could not connect to host handenafvanhetmedischdossier.nl: could not connect to host handicapindeles.nl: did not receive HSTS header -handinhandfoundation.org.uk: could not connect to host +handinhandfoundation.org.uk: did not receive HSTS header handiworker.com: could not connect to host +handmadegobelin.com: did not receive HSTS header +handmadeshoes.pe: did not receive HSTS header handmadetutorials.ro: could not connect to host handsandall.com: did not receive HSTS header hanfu.la: could not connect to host @@ -5798,6 +6321,7 @@ haobo5555.com: could not connect to host haobo6666.com: could not connect to host haobo7777.com: could not connect to host haomwei.com: could not connect to host +haoqi.men: could not connect to host haoyugao.com: could not connect to host happist.com: did not receive HSTS header happix.nl: did not receive HSTS header @@ -5807,16 +6331,19 @@ happyheartsabode.com: did not receive HSTS header happytiger.eu: could not connect to host hapsfordmill.co.uk: could not connect to host hapvm.com: could not connect to host -haqaza.com.br: could not connect to host +haqaza.com.br: did not receive HSTS header harambe.site: could not connect to host harbourweb.net: did not receive HSTS header -hardergayporn.com: could not connect to host +hardeman.nu: could not connect to host hardline.xyz: could not connect to host +hardtime.ru: could not connect to host hardyboyplant.com: did not receive HSTS header haribosupermix.com: could not connect to host hariome.com: did not receive HSTS header +haritsa.co.id: did not receive HSTS header harlentimberproducts.co.uk: did not receive HSTS header harmonycosmetic.com: max-age too low: 300 +harrisonsdirect.co.uk: did not receive HSTS header harristony.com: could not connect to host harryharrison.co: did not receive HSTS header harrypottereditor.com: could not connect to host @@ -5829,6 +6356,7 @@ harz.cloud: could not connect to host has.vision: could not connect to host hasabig.wang: could not connect to host hasalittle.wang: could not connect to host +haschrebellen.de: could not connect to host hash-list.com: could not connect to host hashiconf.com: did not receive HSTS header hashidays.com: did not receive HSTS header @@ -5842,6 +6370,8 @@ hatoko.net: could not connect to host haufschild.de: could not connect to host haurumcraft.net: could not connect to host hausarzt-stader-str.de: did not receive HSTS header +hausarztpraxis-linn.de: could not connect to host +hauswarteam.com: could not connect to host hav.com: could not connect to host haveeruexaminer.com: could not connect to host haven-staging.cloud: could not connect to host @@ -5850,7 +6380,7 @@ havenmoon.com: could not connect to host havenswift-hosting.co.uk: did not receive HSTS header hawk-la.com: could not connect to host hawthornharpist.com: could not connect to host -haxoff.com: could not connect to host +haxoff.com: did not receive HSTS header haxon.me: could not connect to host haxx.hu: did not receive HSTS header haydenhill.us: could not connect to host @@ -5876,6 +6406,7 @@ hbvip07.com: could not connect to host hbvip08.com: could not connect to host hcfhomelottery.ca: did not receive HSTS header hcie.pl: did not receive HSTS header +hcoe.fi: did not receive HSTS header hcr.io: did not receive HSTS header hcs-company.com: did not receive HSTS header hcs-company.nl: did not receive HSTS header @@ -5887,31 +6418,38 @@ hdritalyphotos.com: did not receive HSTS header hdserver.info: did not receive HSTS header hdsmigrationtool.com: could not connect to host hduin.xyz: could not connect to host +hdwallpapers.net: could not connect to host hdy.nz: could not connect to host head-shop.lt: could not connect to host head-shop.lv: could not connect to host headmates.xyz: could not connect to host +healthcare6.com: did not receive HSTS header healthjoy.com: did not receive HSTS header healthyandnaturalliving.com: could not connect to host healthycod.in: could not connect to host healtious.com: could not connect to host hearingshofar.com: could not connect to host -heart.ge: could not connect to host +heart.ge: did not receive HSTS header heartlandrentals.com: did not receive HSTS header +hearty.cf: did not receive HSTS header hearty.ink: could not connect to host hearty.space: could not connect to host hearty.tech: could not connect to host hearty.tw: did not receive HSTS header +heartyapp.com: could not connect to host heartyme.net: could not connect to host heathmanners.com: could not connect to host heavenlyseals.com: could not connect to host heavenlysmokenc.com: could not connect to host heavystresser.com: could not connect to host hebaus.com: could not connect to host +hectorj.net: could not connect to host +hedgeschool.ie: could not connect to host +hedweb.com: could not connect to host heidilein.info: did not receive HSTS header heimnetze.org: could not connect to host -heinemeier.dk: could not connect to host heisenberg.co: could not connect to host +hejahanif.se: could not connect to host hejsupport.se: could not connect to host hekeki.com: could not connect to host hele.cz: did not receive HSTS header @@ -5923,7 +6461,7 @@ hellenicaward.com: did not receive HSTS header hello-nestor.com: did not receive HSTS header helloanselm.com: did not receive HSTS header hellofilters.com: could not connect to host -hellomouse.cf: did not receive HSTS header +hellomouse.cf: could not connect to host hellomouse.tk: could not connect to host hellotandem.com: could not connect to host hellothought.net: could not connect to host @@ -5931,7 +6469,11 @@ helloworldhost.com: did not receive HSTS header hellscanyonraft.com: did not receive HSTS header helpadmin.net: could not connect to host helpantiaging.com: could not connect to host +helpdebit.com: did not receive HSTS header helpekwendenihospital.com: could not connect to host +helpfacile.com: did not receive HSTS header +helpfixe.com: did not receive HSTS header +helpflux.com: did not receive HSTS header helpfute.com: did not receive HSTS header helpgerer.com: did not receive HSTS header helpium.de: could not connect to host @@ -5944,42 +6486,50 @@ hemlockhillscabinrentals.com: did not receive HSTS header hencagon.com: could not connect to host hendersonrealestatepros.com: did not receive HSTS header hendric.us: did not receive HSTS header +henhenlu.com: could not connect to host +henkbrink.com: could not connect to host henningkerstan.org: did not receive HSTS header henriknoerr.com: could not connect to host -hentai.design: could not connect to host +hentai.design: did not receive HSTS header hentaimaster.net: could not connect to host +hentaiz.net: could not connect to host hepteract.us: could not connect to host heptner24.de: could not connect to host her25.com: did not receive HSTS header herbertmouwen.nl: could not connect to host here.ml: could not connect to host here4funpartysolutions.ie: did not receive HSTS header -herecsrymy.cz: could not connect to host -heribe-maruo.com: could not connect to host -heritagedentistry.ca: could not connect to host +heribe-maruo.com: did not receive HSTS header +heritagedentistry.ca: did not receive HSTS header hermes-servizi.it: could not connect to host heroin.org.uk: could not connect to host -herpaderp.net: could not connect to host +herpaderp.net: did not receive HSTS header herramientasbazarot.com: did not receive HSTS header herrenfahrt.com: did not receive HSTS header +hesa.com: max-age too low: 0 hetmeisjeachterpauw.nl: could not connect to host hetmer.com: did not receive HSTS header hetmer.net: did not receive HSTS header heutger.net: did not receive HSTS header hex2013.com: did not receive HSTS header hexacon.io: could not connect to host -hexadecimal.tech: did not receive HSTS header +hexadecimal.tech: could not connect to host hexe.net: did not receive HSTS header hexhu.com: could not connect to host +hexo.io: did not receive HSTS header hexobind.com: could not connect to host heyguevara.com: did not receive HSTS header heywoodtown.co.uk: did not receive HSTS header hfbg.nl: did not receive HSTS header hfcbank.com.gh: could not connect to host hfi.me: did not receive HSTS header +hflsdev.org: could not connect to host hfu.io: could not connect to host +hg525.com: max-age too low: 86400 hg71839.com: could not connect to host hg881.com: could not connect to host +hgfa.fi: could not connect to host +hh-wolke.dedyn.io: did not receive HSTS header hi808.net: did not receive HSTS header hialatv.com: could not connect to host hibilog.com: could not connect to host @@ -5998,6 +6548,7 @@ highlandparkcog.org: did not receive HSTS header highseer.com: did not receive HSTS header highsurf-miyazaki.com: could not connect to host hightechgadgets.net: could not connect to host +hightimes.com: could not connect to host hightower.eu: could not connect to host highvelocitydesign.com: could not connect to host higp.de: did not receive HSTS header @@ -6007,7 +6558,6 @@ hijoan.com: could not connect to host hik-cloud.com: did not receive HSTS header hikagestudios.com: did not receive HSTS header hikariempire.com: could not connect to host -hikarukujo.com: could not connect to host hikinggearlab.com: did not receive HSTS header hilaolu.com: could not connect to host hilinemerchandising.com: did not receive HSTS header @@ -6021,42 +6571,43 @@ hingle.me: could not connect to host hinkel-sohn.de: did not receive HSTS header hinrich.de: did not receive HSTS header hintergedanken.com: could not connect to host -hintermeier-rae.at: could not connect to host +hintermeier-rae.at: did not receive HSTS header hipercultura.com: did not receive HSTS header hiphop.ren: could not connect to host hiphopconvention.nl: could not connect to host hipnos.net: did not receive HSTS header hipnoseinstitute.org: did not receive HSTS header -hiqhub.co.uk: could not connect to host hiraku.me: did not receive HSTS header +hireprofs.com: could not connect to host hiresuccessstaffing.com: did not receive HSTS header +hirevets.gov: did not receive HSTS header hirokilog.com: could not connect to host hisingenrunt.se: did not receive HSTS header histoire-theatre.com: did not receive HSTS header history.pe: could not connect to host hitchunion.org: could not connect to host hitoy.org: did not receive HSTS header -hitrek.ml: could not connect to host hittipps.com: could not connect to host hjes.com.ve: could not connect to host +hjf-immobilien.de: did not receive HSTS header +hjkhs.cn: did not receive HSTS header hknet.at: did not receive HSTS header hlacosedora.com: max-age too low: 7889238 -hloe0xff.ru: could not connect to host hlpublicidad.com: could not connect to host hlyue.com: did not receive HSTS header hm1ch.com: could not connect to host hm1ch.ovh: could not connect to host -hm773.net: did not receive HSTS header hmksq.ae: max-age too low: 7776000 hmm.nyc: could not connect to host hoast.xyz: could not connect to host hobaugh.social: could not connect to host hobby-gamerz-community.de: did not receive HSTS header -hochhaus.us: could not connect to host +hocassian.cn: did not receive HSTS header hochzeitshelferlein.de: did not receive HSTS header hodamakade.com: could not connect to host hodne.io: could not connect to host hoekwoningverkopen.nl: could not connect to host +hoelty.network: could not connect to host hoerbuecher-und-hoerspiele.de: could not connect to host hoeveiligismijn.nl: did not receive HSTS header hoffens.se: could not connect to host @@ -6065,37 +6616,39 @@ hogar123.es: could not connect to host hoiku-map.tokyo: could not connect to host hoiku-navi.com: did not receive HSTS header hoikuen-now.top: did not receive HSTS header +hokepon.com: did not receive HSTS header hokioisecurity.com: did not receive HSTS header holgerlehner.com: could not connect to host holidayincotswolds.co.uk: could not connect to host holifestival-freyung.de: could not connect to host holisticdrbright.com: max-age too low: 300 hollandguns.com: did not receive HSTS header +hollerau.de: could not connect to host holowaty.me: could not connect to host +holy-hi.com: did not receive HSTS header holymoly.lu: could not connect to host -holytransaction.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] homa.website: could not connect to host homads.com: did not receive HSTS header home-cloud.online: could not connect to host home-coaching.be: did not receive HSTS header home-craft.de: could not connect to host -home-v.ind.in: could not connect to host +home-work-jobs.com: did not receive HSTS header homeandyarddetailing.com: could not connect to host homeclouding.de: could not connect to host +homecoming.city: could not connect to host homedna.com: did not receive HSTS header homeexx.com: did not receive HSTS header -homefacialpro.com: did not receive HSTS header homegreenmark.com: did not receive HSTS header homeownersassociationmanagementla.com: did not receive HSTS header homeremodelingcontractorsca.com: did not receive HSTS header -homesandal.com: could not connect to host +homesandal.com: did not receive HSTS header homeseller.co.uk: could not connect to host homesfordinner.ca: could not connect to host homeyantra.com: did not receive HSTS header homezhi.com.tw: could not connect to host homoglyph.net: could not connect to host +honeybeard.co.uk: did not receive HSTS header honeytracks.com: could not connect to host -hong.io: could not connect to host hongyd.online: could not connect to host hongzhaxiaofendui.com: could not connect to host hongzu.cc: could not connect to host @@ -6109,11 +6662,13 @@ hoodoo.tech: could not connect to host hookandloom.com: did not receive HSTS header hookbin.com: could not connect to host hoopsacademyusa.com: could not connect to host +hooray.beer: could not connect to host hoovism.com: did not receive HSTS header -hoowhen.cn: could not connect to host +hopesb.org: did not receive HSTS header hopewellproperties.co.uk: did not receive HSTS header hopglass.eu: could not connect to host hopglass.net: could not connect to host +hopzone.net: could not connect to host horace.li: did not receive HSTS header horisonttimedia.fi: did not receive HSTS header horizonmoto.fr: did not receive HSTS header @@ -6142,13 +6697,14 @@ hotartup.com: could not connect to host hotchillibox.co.za: could not connect to host hotchoc.io: could not connect to host hotel-huberhof.at: did not receive HSTS header -hotel-rosner.at: did not receive HSTS header hotel-tongruben.de: max-age too low: 0 hotelaustria-wien.at: did not receive HSTS header hotelmadhuwanvihar.com: could not connect to host hotelvictoriaoax-mailing.com: did not receive HSTS header hotelvillahermosa-mailing.com: did not receive HSTS header hotelvue.nl: could not connect to host +hotjuice.com: could not connect to host +hotornot.com: could not connect to host hotpoint-training.com: did not receive HSTS header hottestwebcamgirls.org: could not connect to host houkago-step.com: did not receive HSTS header @@ -6163,18 +6719,22 @@ howtocuremysciatica.com: could not connect to host howtofreelance.com: did not receive HSTS header hozinga.de: could not connect to host hpctecnologias.com: did not receive HSTS header +hpeditor.tk: could not connect to host hpepub.asia: did not receive HSTS header +hpepub.com: did not receive HSTS header hpepub.org: could not connect to host hppub.info: could not connect to host hppub.org: could not connect to host hppub.site: could not connect to host hqhost.net: did not receive HSTS header +hqq.tv: could not connect to host +hquest.pro.br: could not connect to host +hqy.moe: did not receive HSTS header hr-intranet.com: could not connect to host hr-tech.store: could not connect to host hr98.tk: could not connect to host hrackydomino.cz: did not receive HSTS header hrfhomelottery.com: did not receive HSTS header -hrk.io: could not connect to host hrtech.store: could not connect to host hrtraining.com.au: did not receive HSTS header hschen.top: could not connect to host @@ -6192,24 +6752,24 @@ http418.xyz: could not connect to host httphacker.com: could not connect to host https-rulesets.org: could not connect to host https.ps: could not connect to host +https.ren: could not connect to host httpstatuscode418.xyz: could not connect to host httptest.net: could not connect to host +huang-haitao.com: could not connect to host huang.nu: could not connect to host huangguancq.com: could not connect to host huangh.com: could not connect to host -huangzenghao.cn: could not connect to host huangzenghao.com: could not connect to host huarongdao.com: did not receive HSTS header hubert.systems: did not receive HSTS header -hubertmoszka.pl: could not connect to host +hubertmoszka.pl: max-age too low: 0 hudhaifahgoga.co.za: could not connect to host hudingyuan.cn: could not connect to host hugocollignon.fr: could not connect to host -hugofs.com: did not receive HSTS header huiser.nl: could not connect to host hukaloh.com: could not connect to host hukkatavara.com: could not connect to host -humanexperiments.com: did not receive HSTS header +humanexperiments.com: could not connect to host humankode.com: did not receive HSTS header humblefinances.com: could not connect to host humeurs.net: could not connect to host @@ -6218,12 +6778,15 @@ hump.dk: could not connect to host humpi.at: could not connect to host humpteedumptee.in: did not receive HSTS header hunger.im: could not connect to host +hunqz.com: could not connect to host huntshomeinspections.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] huodongweb.com: could not connect to host huongquynh.com: could not connect to host hup.blue: did not receive HSTS header huskybutt.dog: could not connect to host huskyduvercors.com: did not receive HSTS header +hustle.com: did not receive HSTS header +hustle.life: did not receive HSTS header huwjones.me: could not connect to host huzu.com: did not receive HSTS header huzurmetal.net: could not connect to host @@ -6231,12 +6794,14 @@ hwcine.com: did not receive HSTS header hwpkasse.de: max-age too low: 2592000 hyakumachi.com: did not receive HSTS header hyatt.com: did not receive HSTS header +hybridiyhdistys.fi: could not connect to host +hybridklubben.fi: could not connect to host hybula.nl: could not connect to host hydai.co: could not connect to host hydra.ws: could not connect to host hydra.zone: could not connect to host +hydrabit.nl: did not receive HSTS header hydrante.ch: could not connect to host -hydrocloud.net: could not connect to host hydrodipcenter.nl: did not receive HSTS header hydronium.cf: could not connect to host hydronium.ga: could not connect to host @@ -6244,11 +6809,15 @@ hydronium.me: could not connect to host hydronium.ml: could not connect to host hydronium.tk: could not connect to host hydronyx.me: could not connect to host +hydrosight.com: did not receive HSTS header +hyeok.org: did not receive HSTS header hymerscollege.co.uk: max-age too low: 43200 hypa.net.au: did not receive HSTS header hyper-matrix.org: could not connect to host hyper69.com: could not connect to host hyperactive.am: could not connect to host +hyperporn.net: could not connect to host +hyperreal.info: could not connect to host hypnoresults.com.au: did not receive HSTS header hypnos.hu: did not receive HSTS header hypotheques24.ch: could not connect to host @@ -6257,12 +6826,12 @@ hyvive.com: could not connect to host hzh.pub: did not receive HSTS header hztgzz.com: could not connect to host i--b.com: did not receive HSTS header -i-aloks.ru: could not connect to host i-jp.net: could not connect to host -i-partners.sk: did not receive HSTS header +i-partners.sk: could not connect to host i-rickroll-n.pw: could not connect to host i-stats.net: could not connect to host i10z.com: could not connect to host +i28s.com: did not receive HSTS header i496.eu: could not connect to host i4m1k0su.com: could not connect to host i95.me: could not connect to host @@ -6270,10 +6839,11 @@ i9multiequipamentos.com.br: did not receive HSTS header iacono.com.br: did not receive HSTS header iadttaveras.com: could not connect to host iain.tech: did not receive HSTS header +iamle.com: max-age too low: 0 iamokay.nl: did not receive HSTS header iamreubin.co.uk: did not receive HSTS header iamsoareyou.se: could not connect to host -iamveto.com: could not connect to host +iamveto.com: did not receive HSTS header iapws.com: did not receive HSTS header iban.is: could not connect to host ibarf.nl: did not receive HSTS header @@ -6283,17 +6853,16 @@ ibestreview.com: did not receive HSTS header ibizatopcharter.com: did not receive HSTS header ibna.online: could not connect to host ibnuwebhost.com: could not connect to host -ibox.ovh: could not connect to host +ibox.ovh: did not receive HSTS header ibps.blog: did not receive HSTS header +ibpsrecruitment.co.in: could not connect to host ibron.co: could not connect to host ibsafrica.co.za: could not connect to host ibsglobal.co.za: could not connect to host -ibwin.com: max-age too low: 3600 icabanken.se: did not receive HSTS header icaforsakring.se: did not receive HSTS header icasnetwork.com: did not receive HSTS header -iccpublisher.com: could not connect to host -ice.xyz: could not connect to host +ice.xyz: did not receive HSTS header ice.yt: could not connect to host icebat.dyndns.org: could not connect to host icebound.cc: did not receive HSTS header @@ -6312,6 +6881,8 @@ icity.ly: did not receive HSTS header icloud.net: could not connect to host icnsoft.ga: did not receive HSTS header icntorrent.download: could not connect to host +ico500.com: did not receive HSTS header +icondoom.nl: did not receive HSTS header icpc.pp.ua: could not connect to host icpc2016.in.th: could not connect to host icreative.nl: did not receive HSTS header @@ -6320,8 +6891,7 @@ icusignature.com: could not connect to host icys2017.com: did not receive HSTS header id-co.in: could not connect to host id-conf.com: did not receive HSTS header -id.fedoraproject.org: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] -idblab.tk: did not receive HSTS header +idblab.tk: could not connect to host idcrane.com: could not connect to host iddconnect.com: could not connect to host iddconnect.org: could not connect to host @@ -6329,7 +6899,7 @@ ideadozz.hu: could not connect to host ideal-envelopes.co.uk: did not receive HSTS header idealmoto.com: did not receive HSTS header idealmykonos.com: did not receive HSTS header -idealvenir.com: could not connect to host +idealvenir.com: did not receive HSTS header ideapaisajistas.es: did not receive HSTS header ideaplus.me: could not connect to host ideasenfoto.com: max-age too low: 604800 @@ -6341,16 +6911,19 @@ identity-hash.online: could not connect to host identitylabs.uk: could not connect to host identitysandbox.gov: could not connect to host idgsupply.com: did not receive HSTS header +idid.tk: could not connect to host idinby.dk: did not receive HSTS header idiopolis.org: could not connect to host +idiotentruppe.de: could not connect to host idisplay.es: could not connect to host idlekernel.com: could not connect to host idol-bikes.ru: could not connect to host -idontexist.me: could not connect to host +idontexist.me: did not receive HSTS header idsafe.co.za: could not connect to host idsoccer.com: did not receive HSTS header -idtheft.gov: could not connect to host +iec.pe: could not connect to host iemb.cf: could not connect to host +iemb.tk: could not connect to host ierna.com: did not receive HSTS header ies.id.lv: could not connect to host ievgenialehner.com: did not receive HSTS header @@ -6360,21 +6933,22 @@ ifad.org: did not receive HSTS header ifan.ch: could not connect to host ifastuniversity.com: did not receive HSTS header ifcfg.me: could not connect to host +ifconfig.co: did not receive HSTS header ifleurs.com: could not connect to host -ifreetion.cn: did not receive HSTS header ifx.ee: could not connect to host ifxnet.com: could not connect to host ifxor.com: could not connect to host iga-semi.jp: could not connect to host igamingforums.com: could not connect to host -igd.chat: could not connect to host +igd.chat: did not receive HSTS header igforums.com: could not connect to host igi.codes: did not receive HSTS header igiftcards.nl: did not receive HSTS header +ignace72.eu: could not connect to host ignatisd.gr: did not receive HSTS header ignatovich.by: could not connect to host +igshpa.org: max-age too low: 0 igule.net: could not connect to host -ihoey.com: could not connect to host ihongzu.com: could not connect to host ihotel.io: did not receive HSTS header ihrlotto.de: could not connect to host @@ -6384,12 +6958,11 @@ ihsbsd.tk: could not connect to host ihzys.com: could not connect to host iide.co: did not receive HSTS header iideaz.org: could not connect to host -iilin.com: could not connect to host -iiong.com: did not receive HSTS header iispeed.com: did not receive HSTS header ijn-dd.nl: could not connect to host ijoda.com: could not connect to host ik-life.com: did not receive HSTS header +ike.io: did not receive HSTS header ikenmeyer.com: could not connect to host ikenmeyer.eu: could not connect to host ikocik.sk: could not connect to host @@ -6401,17 +6974,19 @@ ilbuongiorno.it: did not receive HSTS header ildomani.it: did not receive HSTS header ileat.com: could not connect to host ilgi.work: could not connect to host -ilhansubasi.com: did not receive HSTS header -ilii.me: did not receive HSTS header +ilii.me: could not connect to host ilikerainbows.co: could not connect to host ilikerainbows.co.uk: could not connect to host ilikfreshweedstores.com: did not receive HSTS header ilmconpm.de: could not connect to host iloilofit.org: did not receive HSTS header ilona.graphics: did not receive HSTS header +iltec-prom.ru: could not connect to host iluvscotland.co.uk: did not receive HSTS header im-design.com.ua: did not receive HSTS header image.tf: could not connect to host +imagecurl.com: could not connect to host +imagecurl.org: could not connect to host imaginarymakings.me: could not connect to host imakepoems.net: could not connect to host imanhearts.com: did not receive HSTS header @@ -6426,11 +7001,10 @@ imfromthefuture.com: did not receive HSTS header img.ovh: could not connect to host imgencrypt.com: could not connect to host imgul.net: could not connect to host -imgup.co: did not receive HSTS header +imguoguo.com: could not connect to host imim.pw: could not connect to host imjiangtao.com: did not receive HSTS header imlinan.cn: could not connect to host -imlinan.com: could not connect to host imlinan.info: could not connect to host imlinan.net: could not connect to host immanuel60.hu: did not receive HSTS header @@ -6441,7 +7015,7 @@ immortals-co.com: did not receive HSTS header immoverkauf24.at: did not receive HSTS header immoverkauf24.de: did not receive HSTS header immunicity.cc: could not connect to host -immunicity.date: did not receive HSTS header +immunicity.date: could not connect to host immunicity.eu: did not receive HSTS header immunicity.host: could not connect to host immunicity.info: could not connect to host @@ -6449,33 +7023,36 @@ immunicity.online: could not connect to host immunicity.press: could not connect to host immunicity.rocks: could not connect to host immunicity.st: did not receive HSTS header -immunicity.today: max-age too low: 0 +immunicity.today: could not connect to host immunicity.top: could not connect to host immunicity.win: could not connect to host immunicity.works: could not connect to host immunicity.world: could not connect to host imoe.ac.cn: did not receive HSTS header imolug.org: did not receive HSTS header +imoner.com: could not connect to host imoner.ga: could not connect to host imoni-blog.net: could not connect to host imoto.me: could not connect to host imperdintechnologies.com: could not connect to host imperialonlinestore.com: did not receive HSTS header imperialwebsolutions.com: did not receive HSTS header -implicitdenial.com: could not connect to host +implicitdenial.com: did not receive HSTS header +imprenta-es.com: did not receive HSTS header improvingwp.com: could not connect to host impulse-clan.de: could not connect to host imrejonk.nl: could not connect to host imu.li: did not receive HSTS header imusic.dk: did not receive HSTS header imy.life: could not connect to host +imyrs.cn: could not connect to host inandeyes.com: did not receive HSTS header inb4.us: could not connect to host inbox.li: did not receive HSTS header inboxen.org: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] incendiary-arts.com: could not connect to host inceptionradionetwork.com: could not connect to host -inche-ali.com: did not receive HSTS header +inche-ali.com: could not connect to host inchomatic.com: did not receive HSTS header increasetestosteronelevels.org: could not connect to host inderagamono.net: could not connect to host @@ -6485,17 +7062,18 @@ indieethos.com: did not receive HSTS header indiemods.com: could not connect to host indien.guide: could not connect to host indilens.com: did not receive HSTS header +indiroyunu.com: did not receive HSTS header indoorskiassen.nl: did not receive HSTS header +indostar303.com: did not receive HSTS header indredouglas.me: could not connect to host industreiler.com: could not connect to host industreiler.com.br: could not connect to host +industriasrenova.com: could not connect to host industrybazar.com: max-age too low: 2592000 ineed.com.mt: could not connect to host -inetpub.cn: could not connect to host inexlog.fr: could not connect to host inexpensivecomputers.net: could not connect to host -infcof.com: could not connect to host -inference.biz.tr: could not connect to host +infcof.com: did not receive HSTS header infilock.com: could not connect to host infinether.net: could not connect to host infinitiofmarinparts.com: could not connect to host @@ -6506,12 +7084,14 @@ infinitusgaming.eu: could not connect to host infinity-freedom.com: could not connect to host infinity-freedom.de: could not connect to host infinity-lifestyle.de: could not connect to host +infinitybas.com: could not connect to host +infinityepos.co.uk: could not connect to host inflate-a-bubbles.co.uk: did not receive HSTS header inflation.ml: could not connect to host -influo.com: did not receive HSTS header influxus.com: could not connect to host info-bay.com: could not connect to host info-sys.tk: could not connect to host +infoamin.com: could not connect to host infoduv.fr: did not receive HSTS header infopagina.es: did not receive HSTS header inforichjapan.com: did not receive HSTS header @@ -6524,13 +7104,15 @@ infosoph.org: could not connect to host infotics.es: did not receive HSTS header infovae-idf.com: did not receive HSTS header infoworm.org: could not connect to host -infranium.info: did not receive HSTS header +infranium.info: could not connect to host infranix.eu: max-age too low: 7360000 +infrarank.com: could not connect to host infruction.com: could not connect to host infura.co.th: could not connect to host ingalabs.hu: could not connect to host +ingalls.run: could not connect to host ingesol.fr: did not receive HSTS header -ingresscode.cn: could not connect to host +ingresscode.cn: did not receive HSTS header inhelix.com: could not connect to host inhive.group: did not receive HSTS header iniiter.com: could not connect to host @@ -6544,6 +7126,7 @@ injust.gq: could not connect to host injust.me: could not connect to host injust.ml: could not connect to host injust.tk: could not connect to host +inkbunny.net: could not connect to host inked-guy.de: could not connect to host inkedguy.de: could not connect to host inkstory.gr: did not receive HSTS header @@ -6551,13 +7134,16 @@ inksupply.com: did not receive HSTS header inku.ovh: did not receive HSTS header inkvisual.tk: could not connect to host inleaked.com: could not connect to host +innerform.com: could not connect to host innit.be: could not connect to host innophate-security.nl: could not connect to host innovamag.ca: did not receive HSTS header innovativebuildingsolutions.co.za: could not connect to host innovativeideaz.org: could not connect to host -inobun.jp: could not connect to host +innoventure.de: did not receive HSTS header +innovum.cz: did not receive HSTS header inondation.ch: could not connect to host +inorder.website: could not connect to host inox.io: did not receive HSTS header inoxio.com: did not receive HSTS header inoxio.de: did not receive HSTS header @@ -6568,6 +7154,7 @@ insane.zone: could not connect to host inschrijfformulier.com: could not connect to host inscript.pl: did not receive HSTS header insideofgaming.de: could not connect to host +insidethefirewall.tk: could not connect to host insite-feedback.com: could not connect to host insouciant.org: could not connect to host inspirationconcepts.nl: did not receive HSTS header @@ -6576,12 +7163,17 @@ inspiroinc.com: could not connect to host inst.mobi: did not receive HSTS header instacart.com: did not receive HSTS header instant-hack.com: did not receive HSTS header +instant-hack.io: could not connect to host instantdev.io: could not connect to host +instantsubs.de: did not receive HSTS header +instaquiz.ru: could not connect to host instasex.ch: could not connect to host +institutmaupertuis.hopto.org: could not connect to host institutoflordelavida.com: could not connect to host institutulcultural.ro: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] instruktor.io: could not connect to host insurance: could not connect to host +insurethebox.tk: could not connect to host int-ext-design.fr: could not connect to host integrationinc.com: did not receive HSTS header integrityingovernmentidaho.com: could not connect to host @@ -6592,33 +7184,36 @@ intelbet.ro: did not receive HSTS header intelldynamics.com: could not connect to host intelliance.eu: could not connect to host interboursegeneva.ch: did not receive HSTS header -interference.io: could not connect to host +interference.io: did not receive HSTS header +interfug.de: did not receive HSTS header intergenx.co.uk: could not connect to host intergenx.com: could not connect to host intergenx.org: could not connect to host intergenx.org.uk: could not connect to host interhosts.co.za: could not connect to host interim-cto.de: could not connect to host +interiorcheapo.com: could not connect to host interiorprofesional.com.ar: max-age too low: 604800 interleucina.org: did not receive HSTS header interlocal.co.uk: could not connect to host interlun.com: could not connect to host intermezzo-emmerich.de: did not receive HSTS header intermezzo-emmerich.nl: did not receive HSTS header +internacao.com: did not receive HSTS header internaldh.com: could not connect to host -internet-aukcion.info: could not connect to host +internaut.co.za: did not receive HSTS header internet-pornografie.de: did not receive HSTS header internetbugbounty.org: did not receive HSTS header internetcasinos.de: could not connect to host internetcensus.org: could not connect to host internetdentalalliance.com: did not receive HSTS header internetradiocharts.de: did not receive HSTS header -internetstaff.com: could not connect to host internshipandwork.com: did not receive HSTS header internshipandwork.ru: did not receive HSTS header interociter-enterprises.com: could not connect to host intersectraven.net: did not receive HSTS header interspot.nl: could not connect to host +interstellarhyperdrive.com: did not receive HSTS header interviewpipeline.co.uk: could not connect to host intervisteperstrada.com: could not connect to host intexplore.org: could not connect to host @@ -6626,12 +7221,9 @@ intim-uslugi-kazan.net: could not connect to host intimateperrierjouet.com: could not connect to host intimici.com.br: could not connect to host intimtoy.com.ua: could not connect to host -intocities.de: did not receive HSTS header intranetsec.fr: could not connect to host introvertedtravel.space: max-age too low: 0 -intrp.net: did not receive HSTS header -intune.life: could not connect to host -intxt.net: could not connect to host +intrp.net: could not connect to host invenio.software: could not connect to host inverselink.com: could not connect to host investcountry.com: could not connect to host @@ -6641,6 +7233,7 @@ investnext.com: max-age too low: 43200 invictusmc.uk: could not connect to host invinsec.cloud: did not receive HSTS header invinsec.com: max-age too low: 86400 +invis.net: could not connect to host invite24.pro: could not connect to host invuelto.com: did not receive HSTS header iodice.org: did not receive HSTS header @@ -6649,12 +7242,11 @@ ioiart.eu: could not connect to host iolife.dk: could not connect to host ionas-law.ro: did not receive HSTS header ionc.ca: could not connect to host -ionote.me: could not connect to host iop.intuit.com: max-age too low: 86400 iora.fr: could not connect to host iosmods.com: did not receive HSTS header -iossifovlab.com: could not connect to host iostips.ru: could not connect to host +iotfen.com: could not connect to host iotsms.io: could not connect to host ip-life.net: did not receive HSTS header ip.or.at: could not connect to host @@ -6663,6 +7255,7 @@ ipbill.org.uk: could not connect to host ipcfg.me: could not connect to host ipfp.pl: did not receive HSTS header iphonechina.net: could not connect to host +iplantom.com: could not connect to host iplife.cn: could not connect to host iplog.info: could not connect to host ipmimagazine.com: did not receive HSTS header @@ -6670,6 +7263,7 @@ ipmotion.ca: could not connect to host ipnetworking.net: could not connect to host ipo-times.com: did not receive HSTS header ipop.gr: did not receive HSTS header +iposm.net: could not connect to host iprice.co.id: did not receive HSTS header iprice.hk: did not receive HSTS header iprice.my: did not receive HSTS header @@ -6677,6 +7271,7 @@ iprice.ph: did not receive HSTS header iprice.sg: did not receive HSTS header iprice.vn: did not receive HSTS header ipricethailand.com: did not receive HSTS header +iprody.com: could not connect to host ipsilon-project.org: did not receive HSTS header iptel.ro: could not connect to host ipuservicedesign.com: could not connect to host @@ -6690,20 +7285,19 @@ ir-saitama.com: could not connect to host iran-poll.org: could not connect to host iranianlawschool.com: could not connect to host iraqidinar.org: did not receive HSTS header -irazimina.ru: did not receive HSTS header +irazimina.ru: could not connect to host irccloud.com: did not receive HSTS header -ircmett.de: could not connect to host -ireef.tv: could not connect to host irelandesign.com: could not connect to host irinkeby.nu: could not connect to host -irische-segenswuensche.info: did not receive HSTS header +irische-segenswuensche.info: could not connect to host irisdina.de: could not connect to host irishmusic.nu: could not connect to host irland.guide: could not connect to host irmag.ru: did not receive HSTS header irmtrudjurke.de: did not receive HSTS header irodorinet.com: max-age too low: 0 -iron-guard.net: could not connect to host +iron-guard.net: did not receive HSTS header +ironhide.de: did not receive HSTS header irstaxforumsonline.com: did not receive HSTS header irugs.ch: did not receive HSTS header irugs.co.uk: did not receive HSTS header @@ -6720,13 +7314,13 @@ isaackabel.tk: could not connect to host ischool.co.jp: did not receive HSTS header isdf.me: could not connect to host isdown.cz: could not connect to host -isef-eg.com: could not connect to host +isef-eg.com: did not receive HSTS header iserv.fr: did not receive HSTS header iseulde.com: did not receive HSTS header -isfriday.com: could not connect to host ishadowsocks.ltd: could not connect to host ishillaryclintoninprisonyet.com: could not connect to host ishome.org: could not connect to host +isidom.fr: did not receive HSTS header isipulsa.web.id: did not receive HSTS header isisfighters.info: could not connect to host isitamor.pm: could not connect to host @@ -6735,36 +7329,39 @@ iskai.net: did not receive HSTS header islandinthenet.com: did not receive HSTS header islandoilsupply.com: max-age too low: 300 islandpumpandtank.com: did not receive HSTS header -islandzero.net: could not connect to host +islandzero.net: did not receive HSTS header +islief.com: could not connect to host isntall.us: did not receive HSTS header isocom.eu: could not connect to host isoface33.fr: did not receive HSTS header isogen5.com: could not connect to host -isognattori.com: could not connect to host isogram.nl: did not receive HSTS header isoroc-nidzica.pl: could not connect to host ispringcloud.ru: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] issala.org: did not receive HSTS header isscouncil.com: could not connect to host isslshop.com: could not connect to host -issue.watch: could not connect to host -istanbul.systems: did not receive HSTS header +istanbul.systems: could not connect to host istanbultravelguide.info: could not connect to host istaspirtslietas.lv: did not receive HSTS header -istgame.com: could not connect to host +istgame.com: did not receive HSTS header +istheapplestoredown.com: did not receive HSTS header isthefieldcontrolsystemdown.com: could not connect to host istherrienstillcoach.com: could not connect to host it-cave.com: could not connect to host it-go.net: did not receive HSTS header +it-kron.de: did not receive HSTS header it-labor.info: did not receive HSTS header it-schwerin.de: could not connect to host itad.top: could not connect to host itchimes.com: did not receive HSTS header +itchy.nl: could not connect to host itechgeek.com: max-age too low: 0 items.lv: did not receive HSTS header itemton.com: could not connect to host itfaq.nl: did not receive HSTS header itfensi.net: max-age too low: 6307200 +itforcc.com: did not receive HSTS header itinsight.hu: did not receive HSTS header itisjustnot.cricket: could not connect to host itmanie.cz: could not connect to host @@ -6772,6 +7369,7 @@ itos.asia: did not receive HSTS header itos.pl: did not receive HSTS header itpol.dk: did not receive HSTS header itpro-mg.de: could not connect to host +itproject.guru: did not receive HSTS header itriskltd.com: did not receive HSTS header its-schindler.de: could not connect to host its-v.de: could not connect to host @@ -6779,11 +7377,12 @@ itsadog.co.uk: did not receive HSTS header itsagadget.com: did not receive HSTS header itsamurai.ru: max-age too low: 2592000 itsatrap.nl: could not connect to host +itsblue.de: could not connect to host itsecurityassurance.pw: could not connect to host itsg-faq.de: could not connect to host +itshka.rv.ua: max-age too low: 604800 itshost.ru: could not connect to host itsmejohn.org: could not connect to host -itspawned.com: max-age too low: 200 itsupport-luzern.ch: could not connect to host itu2015.de: could not connect to host ius.io: did not receive HSTS header @@ -6796,7 +7395,6 @@ ivi.es: max-age too low: 0 ivk.website: could not connect to host ivklombard.ru: did not receive HSTS header ivyshop.com.br: could not connect to host -ivystech.com: could not connect to host iwannarefill.com: could not connect to host iwex.swiss: could not connect to host iwilcox.me.uk: could not connect to host @@ -6817,32 +7415,36 @@ j-lsolutions.com: could not connect to host j-rickroll-a.pw: could not connect to host j0ng.xyz: could not connect to host j15t98j.co.uk: did not receive HSTS header -ja-publications.agency: did not receive HSTS header ja-publications.com: did not receive HSTS header jaan.su: could not connect to host -jaaxypro.com: did not receive HSTS header -jabbas.eu: could not connect to host +jaaxypro.com: could not connect to host jackalworks.com: could not connect to host jackdoan.com: did not receive HSTS header jackfahnestock.com: could not connect to host jackops.com: could not connect to host jackyyf.com: could not connect to host -jacobparry.ca: could not connect to host +jacobparry.ca: max-age too low: 0 jacobsenarquitetura.com: max-age too low: 5184000 +jadopado.com: could not connect to host jaepinformatica.com: did not receive HSTS header jagido.de: did not receive HSTS header jahliveradio.com: could not connect to host jaimechanaga.com: could not connect to host jaion.ml: could not connect to host +jak-na-les.cz: could not connect to host +jakenbake.com: could not connect to host jakewalker.xyz: could not connect to host jakincode.army: could not connect to host jaksel.id: could not connect to host jaksi.io: did not receive HSTS header +jakubtopic.cz: could not connect to host jamanji.com.ng: could not connect to host +jamaware.org: did not receive HSTS header james-parker.com: did not receive HSTS header james.je: could not connect to host jamesandanneke.com: did not receive HSTS header jamesandpame.la: could not connect to host +jamesbradach.com: did not receive HSTS header jamesburton.london: could not connect to host jamesbywater.co.uk: could not connect to host jamesbywater.com: could not connect to host @@ -6850,7 +7452,7 @@ jamesbywater.me: could not connect to host jamesbywater.me.uk: could not connect to host jamesbywater.uk: could not connect to host jamesconroyfinn.com: did not receive HSTS header -jamescostian.com: did not receive HSTS header +jamescostian.com: max-age too low: 0 jamesdoell.com: could not connect to host jamesdoylephoto.com: did not receive HSTS header jamesevans.is: could not connect to host @@ -6858,15 +7460,16 @@ jamesf.xyz: could not connect to host jamesforman.co.nz: did not receive HSTS header jameshale.me: did not receive HSTS header jamesheald.com: could not connect to host +jamesl.ml: could not connect to host jamesmaurer.com: did not receive HSTS header +jamesrains.com: could not connect to host jameswarp.com: could not connect to host -jami.am: did not receive HSTS header +jami.am: max-age too low: 0 jamourtney.com: could not connect to host jamyeprice.com: did not receive HSTS header jan-cermak.cz: did not receive HSTS header jan-daniels.de: did not receive HSTS header jan27.org: did not receive HSTS header -janada.cz: could not connect to host janario.me: could not connect to host jangho.me: could not connect to host jangocloud.tk: could not connect to host @@ -6878,6 +7481,8 @@ janmg.com: could not connect to host janosh.com: did not receive HSTS header janssen.fm: could not connect to host janus-engineering.de: did not receive HSTS header +janvari.com: could not connect to host +janvaribalint.com: could not connect to host janverlaan.nl: did not receive HSTS header jap-nope.de: did not receive HSTS header japan4you.org: could not connect to host @@ -6885,22 +7490,24 @@ japanbaths.com: could not connect to host japaneseemoticons.org: did not receive HSTS header japanesenames.biz: did not receive HSTS header japangids.nl: could not connect to host +japanphilosophy.com: did not receive HSTS header +japansm.com: could not connect to host japanwide.net: could not connect to host japaripark.com: could not connect to host japlex.com: could not connect to host jaqen.ch: could not connect to host jardins-utopie.net: could not connect to host jaredbates.net: did not receive HSTS header -jarivisual.com: did not receive HSTS header jarnail.ca: could not connect to host -jaroslavc.eu: did not receive HSTS header jaroslavtrsek.cz: did not receive HSTS header +jarrodcastaing.com: did not receive HSTS header +jarrodcastaing.com.au: did not receive HSTS header jarsater.com: could not connect to host jartza.org: could not connect to host jasmineconseil.com: did not receive HSTS header jasoncosper.com: did not receive HSTS header jasonradin.com: did not receive HSTS header -jasonrobinson.me: max-age too low: 60 +jasonrobinson.me: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] jasonroe.me: did not receive HSTS header jasonwindholz.com: could not connect to host jastoria.pl: did not receive HSTS header @@ -6911,12 +7518,14 @@ javachip.win: could not connect to host javan.ga: could not connect to host javascriptlab.fr: could not connect to host javelinsms.com: could not connect to host +javfree.me: could not connect to host javiermixdjs.com: did not receive HSTS header javilacat.info: could not connect to host jawn.ca: could not connect to host jawnelodzkie.org.pl: could not connect to host jaxageto.de: did not receive HSTS header jayblock.com: did not receive HSTS header +jayf.de: could not connect to host jayharris.ca: could not connect to host jaylen.com.ar: did not receive HSTS header jayna.design: did not receive HSTS header @@ -6931,6 +7540,7 @@ jbfp.dk: could not connect to host jbj.co.uk: did not receive HSTS header jbn.mx: could not connect to host jbrowndesign.me: did not receive HSTS header +jcaicedo.tk: could not connect to host jccars-occasions.be: could not connect to host jcch.de: could not connect to host jccrew.org: could not connect to host @@ -6939,9 +7549,8 @@ jcolideles.com: could not connect to host jcom-communication-system.biz: could not connect to host jcor.me: could not connect to host jcoscia.com: could not connect to host -jcraft.us: did not receive HSTS header +jcraft.us: could not connect to host jctf.io: could not connect to host -jcyz.cf: could not connect to host jdav-leipzig.de: could not connect to host jdcdirectsales.com.ph: could not connect to host jdfk.net: could not connect to host @@ -6953,7 +7562,6 @@ jebengotai.com: did not receive HSTS header jecho.cn: could not connect to host jeff.is: did not receive HSTS header jeff393.com: could not connect to host -jeffanderson.me: could not connect to host jeffersonregan.org: could not connect to host jeffhuxley.com: could not connect to host jeffreymagee.com: did not receive HSTS header @@ -6964,10 +7572,12 @@ jellow.nl: did not receive HSTS header jemoticons.com: did not receive HSTS header jenjoit.de: could not connect to host jennifercherniack.com: did not receive HSTS header +jennybeaned.com: did not receive HSTS header jens-prangenberg.de: did not receive HSTS header jens.hk: could not connect to host jensenbanden.no: could not connect to host jenssen.org: did not receive HSTS header +jeremyc.ca: could not connect to host jeremye77.com: did not receive HSTS header jeremymade.com: did not receive HSTS header jeremywagner.me: did not receive HSTS header @@ -6975,6 +7585,7 @@ jermann.biz: did not receive HSTS header jeroldirvin.com: did not receive HSTS header jerrypau.ca: could not connect to host jesorsenville.com: did not receive HSTS header +jessevictors.com: could not connect to host jessicah.org: could not connect to host jesuisformidable.nl: could not connect to host jesuslucas.com: did not receive HSTS header @@ -6983,7 +7594,7 @@ jetlagphotography.com: could not connect to host jeton.com: did not receive HSTS header jetsetcharge.com: could not connect to host jetsetpay.com: could not connect to host -jettravel.com.mt: did not receive HSTS header +jettravel.com.mt: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] jettshome.org: could not connect to host jetzt-elektromobil.de: could not connect to host jevisite.ca: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] @@ -6999,10 +7610,10 @@ jhburton.uk: could not connect to host jhcommunitysports.co.uk: could not connect to host jhejderup.me: could not connect to host jhermsmeier.de: could not connect to host +jhollandtranslations.com: could not connect to host jia1hao.com: could not connect to host jiaidu.com: could not connect to host jiangzequn.com: could not connect to host -jiangzm.com: did not receive HSTS header jianjiantv.com: could not connect to host jiaqiang.vip: could not connect to host jichi.me: could not connect to host @@ -7015,17 +7626,16 @@ jimas.eu: did not receive HSTS header jimenacocina.com: did not receive HSTS header jimgao.tk: did not receive HSTS header jimmehcai.com: could not connect to host -jinancy.fr: could not connect to host jingyuesi.com: could not connect to host +jinliming.ml: could not connect to host jinmaguoji.com: could not connect to host -jinshavip.com: could not connect to host +jinshavip.com: did not receive HSTS header jiosongs.com: did not receive HSTS header jira.com: did not receive HSTS header jirav.io: could not connect to host -jiripudil.cz: could not connect to host jisaku-homepage.com: did not receive HSTS header +jitlab.org: could not connect to host jitsi.org: did not receive HSTS header -jixun.moe: did not receive HSTS header jiyue.com: did not receive HSTS header jiyuu-ni.com: could not connect to host jiyuu-ni.net: could not connect to host @@ -7035,28 +7645,29 @@ jkb.pics: could not connect to host jkbuster.com: could not connect to host jkng.eu: could not connect to host jko.works: could not connect to host -jkyuan.tk: did not receive HSTS header jlhmedia.com: did not receive HSTS header jm06.com: did not receive HSTS header jm22.com: could not connect to host jmb.lc: could not connect to host jmdekker.it: could not connect to host -jmvbmx.ch: did not receive HSTS header +jmvbmx.ch: could not connect to host jn1.me: did not receive HSTS header +jncde.de: could not connect to host +jncie.de: could not connect to host +jncip.de: could not connect to host joacimeldre.com: did not receive HSTS header joakimalgroy.com: could not connect to host joaquimgoliveira.pt: could not connect to host -job-offer.de: could not connect to host -job.biz.tr: could not connect to host jobers.ch: did not receive HSTS header jobers.pt: did not receive HSTS header jobflyapp.com: could not connect to host jobmedic.com: could not connect to host jobshq.com: did not receive HSTS header +jobss.co.uk: could not connect to host jobtestprep.de: max-age too low: 0 jobtestprep.dk: max-age too low: 0 jobtestprep.fr: max-age too low: 0 -jobtestprep.it: could not connect to host +jobtestprep.it: did not receive HSTS header jobtestprep.nl: max-age too low: 0 jobtestprep.se: max-age too low: 0 jodel.ninja: could not connect to host @@ -7070,7 +7681,7 @@ joetyson.io: could not connect to host johannaojanen.com: could not connect to host johannes-bugenhagen.de: did not receive HSTS header johannes-sprink.de: could not connect to host -johannesen.tv: could not connect to host +johansf.tech: could not connect to host johnbrownphotography.ch: did not receive HSTS header johncardell.com: did not receive HSTS header johners.me: could not connect to host @@ -7078,7 +7689,7 @@ johngaltgroup.com: did not receive HSTS header johnhgaunt.com: did not receive HSTS header johnrom.com: could not connect to host johnsanchez.io: could not connect to host -johnsonho.net: did not receive HSTS header +johnsiu.com: could not connect to host johntomasowa.com: could not connect to host johnverkerk.com: could not connect to host jointoweb.com: could not connect to host @@ -7098,7 +7709,9 @@ jonsno.ws: could not connect to host joostbovee.nl: did not receive HSTS header jooto.com: did not receive HSTS header jopl.org: did not receive HSTS header +jordankirby.co.uk: could not connect to host jordanp.engineer: could not connect to host +jordanscorporatelaw.com: could not connect to host jordanstrustcompany.cn: could not connect to host jordanstrustcompany.ru: could not connect to host jordikroon.nl: could not connect to host @@ -7108,6 +7721,7 @@ jornadasciberdefensa2016.es: could not connect to host jorovik.com: did not receive HSTS header jorrit.info: max-age too low: 0 josahrens.me: could not connect to host +josc.com.au: could not connect to host joseaveleira.es: did not receive HSTS header josecage.com: could not connect to host josefottosson.se: max-age too low: 2592000 @@ -7119,6 +7733,7 @@ joto.de: did not receive HSTS header jotpics.com: could not connect to host jottit.com: could not connect to host journalof.tech: could not connect to host +joworld.net: could not connect to host joyceclerkx.com: could not connect to host joyjohnston.ca: did not receive HSTS header joyqi.com: did not receive HSTS header @@ -7126,7 +7741,7 @@ jpaglier.com: could not connect to host jpbike.cz: did not receive HSTS header jpcrochetapparel.com: could not connect to host jpeaches.xyz: could not connect to host -jpod.cc: could not connect to host +jpgangbang.com: could not connect to host jproxx.com: did not receive HSTS header jptun.com: could not connect to host jrgold.me: could not connect to host @@ -7138,6 +7753,7 @@ jsbentertainment.nl: could not connect to host jsbevents.nl: could not connect to host jsblights.nl: could not connect to host jsc7776.com: did not receive HSTS header +jschoi.org: did not receive HSTS header jsg-technologies.de: did not receive HSTS header jsjyhzy.cc: could not connect to host json-viewer.com: did not receive HSTS header @@ -7147,11 +7763,14 @@ ju1ro.de: did not receive HSTS header jualautoclave.com: did not receive HSTS header jualssh.com: could not connect to host juandesouza.com: did not receive HSTS header +juanhub.com: did not receive HSTS header juchheim-methode.de: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] +judge2020.com: did not receive HSTS header juiced.gs: did not receive HSTS header juka.pp.ua: could not connect to host juku-info.top: did not receive HSTS header julegoerke.de: did not receive HSTS header +julenlanda.com: could not connect to host juliamweber.de: could not connect to host julian-kipka.de: did not receive HSTS header julian-witusch.de: could not connect to host @@ -7171,52 +7790,52 @@ junaos.com: did not receive HSTS header junaos.xyz: did not receive HSTS header jundimax.com.br: could not connect to host junge-selbsthilfe.info: could not connect to host +jungleculture.co.za: could not connect to host junglegoat.xyz: did not receive HSTS header juniwalk.cz: could not connect to host junjung.me: could not connect to host junqtion.com: could not connect to host -jupp0r.de: did not receive HSTS header -juridiqueo.com: could not connect to host -juristas.com.br: did not receive HSTS header -juristeo.com: could not connect to host +jupp0r.de: could not connect to host +juridiqueo.com: did not receive HSTS header +juristeo.com: did not receive HSTS header jurke.com: did not receive HSTS header jurko.cz: could not connect to host just-pools.co.za: could not connect to host just2trade.com: did not receive HSTS header -justanothercompany.name: could not connect to host justiceforfathers.com: did not receive HSTS header -justiceo.org: could not connect to host -justin-tech.com: could not connect to host +justiceo.org: did not receive HSTS header justinlemay.com: could not connect to host justinrudio.com: did not receive HSTS header justlikethat.hosting: did not receive HSTS header justmy.website: did not receive HSTS header justnaw.co.uk: could not connect to host justonce.net: could not connect to host +justsome.info: did not receive HSTS header justudin.com: did not receive HSTS header justwood.cz: did not receive HSTS header justzz.xyz: could not connect to host jutella.de: did not receive HSTS header juul.xyz: could not connect to host +juventusclublugano.ch: could not connect to host juventusmania1897.com: could not connect to host juwairen.cn: could not connect to host jvn.com: did not receive HSTS header jvoice.net: could not connect to host jwilsson.me: could not connect to host jwolt-lx.com: could not connect to host +jxir.de: could not connect to host jxm.in: could not connect to host -jysperm.me: did not receive HSTS header +jysperm.me: could not connect to host jznet.org: could not connect to host k-dev.de: could not connect to host k-rickroll-g.pw: could not connect to host -k-wallet.com: did not receive HSTS header +k-wallet.com: could not connect to host k1cp.com: could not connect to host k38.cc: max-age too low: 3600 ka-clan.com: could not connect to host kaanduman.com: could not connect to host -kaasbesteld.nl: did not receive HSTS header kaasbijwijn.nl: did not receive HSTS header -kabinapp.com: could not connect to host +kabinapp.com: did not receive HSTS header kabuabc.com: could not connect to host kackscharf.de: could not connect to host kadioglumakina.com.tr: did not receive HSTS header @@ -7226,6 +7845,7 @@ kahopoon.net: could not connect to host kai.cool: did not receive HSTS header kaika-facilitymanagement.de: could not connect to host kaika-hms.de: did not receive HSTS header +kainetsoft.com: could not connect to host kainz.bayern: could not connect to host kainz.be: could not connect to host kaisers.de: did not receive HSTS header @@ -7239,7 +7859,6 @@ kaleidoskop-freiburg.de: did not receive HSTS header kalender.goip.de: could not connect to host kalilinux.tech: could not connect to host kaloix.de: could not connect to host -kamagra-comprare.it: max-age too low: 600 kamalame.co: could not connect to host kambodja.guide: could not connect to host kamcvicit.sk: could not connect to host @@ -7258,10 +7877,12 @@ kanganer.com: could not connect to host kangzaber.com: could not connect to host kaniklani.co.za: did not receive HSTS header kanmitao.com: could not connect to host +kanotijd.nl: could not connect to host kanr.in: could not connect to host kanscooking.org: could not connect to host kantorad.io: could not connect to host -kanuvu.de: could not connect to host +kantv1.com: could not connect to host +kanuvu.de: did not receive HSTS header kanzlei-wirtschaftsrecht.berlin: max-age too low: 600000 kaohub.com: could not connect to host kaomojis.net: did not receive HSTS header @@ -7272,7 +7893,6 @@ kappit.dk: could not connect to host kapucini.si: max-age too low: 0 kaputt.com: could not connect to host kapverde.guide: could not connect to host -karaface.com: could not connect to host karamna.com: could not connect to host karaoketonight.com: could not connect to host karatekit.co.uk: did not receive HSTS header @@ -7280,14 +7900,17 @@ karatorian.org: did not receive HSTS header karjala-ski.ru: could not connect to host karloskontana.tk: could not connect to host karlproctor.co.uk: could not connect to host +karlstabo.se: max-age too low: 86400 karmaflux.com: did not receive HSTS header +karmic.com: max-age too low: 0 +karpanhellas.com: could not connect to host +kars.ooo: could not connect to host karting34.com: did not receive HSTS header karuneshjohri.com: could not connect to host kashdash.ca: could not connect to host kashis.com.au: max-age too low: 0 -kat.al: could not connect to host +kat.al: max-age too low: 0 katalogakci.cz: did not receive HSTS header -kateduggan.net: could not connect to host kati0.com: could not connect to host katiaetdavid.fr: could not connect to host katja-nikolic-design.de: could not connect to host @@ -7300,11 +7923,13 @@ katproxy.top: could not connect to host katrinjanke.de: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] kattenfun.be: did not receive HSTS header kattenfun.nl: did not receive HSTS header +katthewaffle.fr: could not connect to host katzen.me: could not connect to host kaufkraftkiel.de: could not connect to host kauperwood.ovh: could not connect to host kauplusprofesional.com: did not receive HSTS header kausch.at: could not connect to host +kausta.me: could not connect to host kavinvin.me: could not connect to host kawaiii.link: did not receive HSTS header kawaiiku.com: could not connect to host @@ -7312,10 +7937,11 @@ kawaiiku.de: could not connect to host kaydan.io: could not connect to host kayipmurekkep.com: could not connect to host kayon.cf: could not connect to host -kayscs.com: could not connect to host kazanasolutions.de: could not connect to host kazenojiyu.fr: did not receive HSTS header +kbfl.org: could not connect to host kcluster.io: could not connect to host +kcore.org: max-age too low: 0 kd-plus.pp.ua: could not connect to host kdata.it: did not receive HSTS header kdbx.online: could not connect to host @@ -7334,22 +7960,24 @@ keepmanager.org: could not connect to host keeprubyweird.com: did not receive HSTS header kefaloniatoday.com: did not receive HSTS header keihin-chaplin.jp: did not receive HSTS header +kein-fidget-spinner-werden.de: could not connect to host kejibot.com: could not connect to host kekehouse.net: could not connect to host kellyandantony.com: could not connect to host kelm.me: could not connect to host +kelp.agency: did not receive HSTS header ken-electric.com.br: could not connect to host kenc.dk: max-age too low: 2592000 kenchristensen.dk: max-age too low: 2592000 kenderbeton-magyarorszag.hu: did not receive HSTS header kenderbetonmagyarorszag.hu: did not receive HSTS header kenderhaz-magyarorszag.hu: did not receive HSTS header +kenderhazmagyarorszag.hu: did not receive HSTS header kenkoelectric.com: did not receive HSTS header kenman.dk: max-age too low: 2592000 kennynet.co.uk: could not connect to host kensparkesphotography.com: did not receive HSTS header kentacademiestrust.org.uk: did not receive HSTS header -kenyons.info: could not connect to host kepler-seminar.de: did not receive HSTS header kerangalam.com: did not receive HSTS header kerksanders.nl: could not connect to host @@ -7358,26 +7986,30 @@ kermadec.com: did not receive HSTS header kermadec.net: could not connect to host kernelmode.io: did not receive HSTS header kernl.us: did not receive HSTS header +kerus.net: could not connect to host keshausconsulting.com: could not connect to host keskeces.com: did not receive HSTS header kesteren.com: could not connect to host -kevinbowers.me: could not connect to host kevindekoninck.com: could not connect to host -kevinpirnie.com: did not receive HSTS header +kevinfoley.cc: could not connect to host +kevinfoley.org: could not connect to host +kevinmoreland.com: could not connect to host +kevinmorssink.nl: could not connect to host kevinroebert.de: did not receive HSTS header kevlar.pw: did not receive HSTS header +kewego.co.uk: could not connect to host keymaster.lookout.com: did not receive HSTS header keys.jp: could not connect to host keyserver.sexy: could not connect to host kfbrussels.be: could not connect to host kg-rating.com: could not connect to host kgb.us: could not connect to host -kgregorczyk.pl: could not connect to host kgxtech.com: max-age too low: 2592000 khaganat.net: did not receive HSTS header +khaledgarbaya.net: did not receive HSTS header khosla.uk: could not connect to host ki-on.net: did not receive HSTS header -kiaka.co: did not receive HSTS header +kiaka.co: could not connect to host kialo.com: did not receive HSTS header kickass-proxies.org: could not connect to host kickass.al: could not connect to host @@ -7391,17 +8023,16 @@ kiel-media.de: did not receive HSTS header kielderweather.org.uk: did not receive HSTS header kienlen.org: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] kieranweightman.me: could not connect to host +kiesuwcursus.nl: did not receive HSTS header kievradio.com: could not connect to host kikuzuki.org: could not connect to host kiladera.be: did not receive HSTS header kill-paff.com: did not receive HSTS header -kilobyte22.de: did not receive HSTS header kimana.pe: could not connect to host kimberg.co.uk: did not receive HSTS header kimberlybeautysoapcompany.com: did not receive HSTS header kimpost.org: could not connect to host kimscrazeecastles.co.uk: did not receive HSTS header -kin.life: could not connect to host kina.guide: could not connect to host kinderbuecher-kostenlos.de: did not receive HSTS header kinderjugendfreizeitverein.de: could not connect to host @@ -7421,7 +8052,6 @@ kinmunity.com: could not connect to host kinnon.enterprises: could not connect to host kinow.com: did not receive HSTS header kinsmenhomelottery.com: did not receive HSTS header -kintawifi.com: could not connect to host kintoandar.com: max-age too low: 0 kintrip.com: did not receive HSTS header kintzingerfilm.de: did not receive HSTS header @@ -7429,15 +8059,17 @@ kionetworks.com: did not receive HSTS header kipin.fr: did not receive HSTS header kipira.com: could not connect to host kiraboshi.xyz: could not connect to host +kirainmoe.com: did not receive HSTS header kirara.eu: could not connect to host kirill.ws: could not connect to host kirkforsenate.com: could not connect to host kirkpatrickdavis.com: could not connect to host -kirslis.com: could not connect to host +kirrie.pe.kr: did not receive HSTS header kisa.io: could not connect to host kisalt.im: could not connect to host kiss-register.org: could not connect to host kissart.net: could not connect to host +kisskiss.ch: could not connect to host kisstyle.ru: did not receive HSTS header kisun.co.jp: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] kita.id: did not receive HSTS header @@ -7455,21 +8087,21 @@ kitsta.com: could not connect to host kiwiirc.com: max-age too low: 5256000 kiyo.space: could not connect to host kizil.net: could not connect to host -kj1396.net: could not connect to host +kj1396.net: did not receive HSTS header kjaermaxi.me: did not receive HSTS header -kjellvn.net: could not connect to host kjg-bachrain.de: could not connect to host kjoglum.me: could not connect to host -kkull.tv: did not receive HSTS header -kkzxak47.com: could not connect to host +kkull.tv: could not connect to host +klantenadvies.nl: did not receive HSTS header klas.or.id: did not receive HSTS header klatschreime.de: did not receive HSTS header klausimas.lt: did not receive HSTS header klauwd.com: could not connect to host klaxn.org: could not connect to host +klean-ritekc.com: did not receive HSTS header kleberstoff.xyz: could not connect to host kleertjesvoordelig.nl: could not connect to host -kleidertauschpartys.de: did not receive HSTS header +kleidertauschpartys.de: could not connect to host kleinerarchitekturfuehrer.de: could not connect to host kleinholding.com: could not connect to host klempnershop.eu: did not receive HSTS header @@ -7478,15 +8110,15 @@ kletterkater.com: did not receive HSTS header klicktojob.de: could not connect to host klingeletest.de: could not connect to host klingsundet.no: did not receive HSTS header -kloentrup.de: did not receive HSTS header +kliqsd.com: could not connect to host +kloentrup.de: max-age too low: 604800 klunkergarten.org: could not connect to host -klva.cz: could not connect to host -kmdev.me: could not connect to host knapen.io: max-age too low: 604800 knccloud.com: could not connect to host +knetterbak.nl: did not receive HSTS header kngk-azs.ru: could not connect to host knigadel.com: did not receive HSTS header -knightsblog.de: could not connect to host +knightsbridgegroup.org: could not connect to host knightsweep.com: could not connect to host knnet.ch: could not connect to host knowdebt.org: did not receive HSTS header @@ -7494,12 +8126,12 @@ knowledgesnap.com: could not connect to host knowledgesnapsites.com: could not connect to host knownsec.cf: could not connect to host kobieta.guru: could not connect to host +kobolya.hu: did not receive HSTS header koddsson.com: did not receive HSTS header kodexplorer.ml: could not connect to host kodiaklabs.org: could not connect to host kodokushi.fr: could not connect to host koen.io: max-age too low: 86400 -koenleemans.nl: did not receive HSTS header koenrouwhorst.nl: did not receive HSTS header koenvdheuvel.me: could not connect to host koerperimpuls.ch: did not receive HSTS header @@ -7507,10 +8139,10 @@ koez-mangal.ch: could not connect to host koezmangal.ch: could not connect to host koik.io: could not connect to host koirala.net: could not connect to host -kojipkgs.fedoraproject.org: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] kokenmetaanbiedingen.nl: could not connect to host kola-entertainments.de: did not receive HSTS header kolaykaydet.com: could not connect to host +kolbeck.tk: could not connect to host kollawat.me: could not connect to host kolozsvaricsuhe.hu: did not receive HSTS header komikito.com: could not connect to host @@ -7534,6 +8166,7 @@ korni22.org: could not connect to host korsanparti.org: could not connect to host kostuumstore.nl: could not connect to host kostya.net: did not receive HSTS header +kotomei.moe: could not connect to host kotonehoko.net: could not connect to host kotorimusic.ga: could not connect to host kotovstyle.ru: could not connect to host @@ -7541,6 +8174,7 @@ kottur.is: could not connect to host koukni.cz: did not receive HSTS header kourpe.online: could not connect to host kousaku.jp: could not connect to host +kouten-jp.com: could not connect to host kozmik.co: could not connect to host kpdyer.com: did not receive HSTS header kpebetka.net: did not receive HSTS header @@ -7564,7 +8198,7 @@ krestanskydarek.cz: [Exception... "Component returned failure code: 0x80004005 ( kreza.de: could not connect to host kriegskindernothilfe.de: could not connect to host kriegt.es: did not receive HSTS header -krist.club: could not connect to host +krist.club: did not receive HSTS header kristjanrang.eu: did not receive HSTS header kristofferkoch.com: could not connect to host krizek.cc: did not receive HSTS header @@ -7575,10 +8209,9 @@ kroodle.nl: did not receive HSTS header krouzkyliduska.cz: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] kruegerrand-wert.de: did not receive HSTS header krunut.com: did not receive HSTS header -kryha.io: could not connect to host +kryha.io: did not receive HSTS header krypteia.org: could not connect to host kryptomech.com: could not connect to host -ksero.center: could not connect to host ksfh-mail.de: could not connect to host ksham.net: could not connect to host ksk-agentur.de: did not receive HSTS header @@ -7588,8 +8221,11 @@ kswriter.com: could not connect to host kteen.info: could not connect to host ktube.yt: could not connect to host ku.io: did not receive HSTS header +kub.hr: could not connect to host kuba.guide: could not connect to host +kubiwa.net: could not connect to host kubusadvocaten.nl: could not connect to host +kuchenfeelisa.de: did not receive HSTS header kuchenschock.de: did not receive HSTS header kucheryavenkovn.ru: could not connect to host kucom.it: did not receive HSTS header @@ -7598,6 +8234,7 @@ kuehnel.org: max-age too low: 604800 kueulangtahunanak.net: could not connect to host kuko-crews.org: could not connect to host kultmobil.se: did not receive HSTS header +kum.com: could not connect to host kummerlaender.eu: did not receive HSTS header kundenerreichen.com: did not receive HSTS header kundenerreichen.de: did not receive HSTS header @@ -7616,13 +8253,15 @@ kurzonline.com.br: could not connect to host kuwago.io: could not connect to host kvt.berlin: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] kweddingplanning.com: could not connect to host +kwidz.fr: did not receive HSTS header kwikmed.eu: could not connect to host kwipi.com: did not receive HSTS header -kwok.tv: did not receive HSTS header +kwok.tv: could not connect to host kwondratsch.com: could not connect to host kxind.cn: did not receive HSTS header kyanite.co: could not connect to host kyberna.xyz: could not connect to host +kydara.com: did not receive HSTS header kykoonn.net: did not receive HSTS header kylapps.com: could not connect to host kyle.place: could not connect to host @@ -7631,7 +8270,7 @@ kylerwood.com: could not connect to host kylling.io: could not connect to host kymo.org: did not receive HSTS header kyochon.fr: could not connect to host -kyoto-mic.com: could not connect to host +kyonagashima.com: did not receive HSTS header kyouko.nl: could not connect to host kyujin-office.net: could not connect to host kzjnet.com: could not connect to host @@ -7645,7 +8284,7 @@ la-serendipite.fr: did not receive HSTS header labaia.info: could not connect to host labella-umbrella.com: did not receive HSTS header labelleza.com.br: could not connect to host -labfox.de: could not connect to host +labfox.de: did not receive HSTS header labiblioafronebrulepas.com: could not connect to host labina.com.tr: did not receive HSTS header laboiteanem.fr: could not connect to host @@ -7657,17 +8296,17 @@ laboutiquemarocaineduconvoyeur.ma: could not connect to host labrador-retrievers.com.au: did not receive HSTS header labrasaq8.com: did not receive HSTS header labs.directory: could not connect to host -labs.moscow: did not receive HSTS header +labs.moscow: could not connect to host lacarpesaintaubinoise.fr: did not receive HSTS header lacasa.fr: could not connect to host lacasseroy.com: could not connect to host lacaverne.nl: could not connect to host lacentral.com: did not receive HSTS header lacledeslan.ninja: could not connect to host -lacocinadelila.com: did not receive HSTS header lacuevadechauvet.com: did not receive HSTS header +ladadate.com: could not connect to host ladylikeit.com: could not connect to host -ladylucks.co.uk: did not receive HSTS header +ladylucks.co.uk: could not connect to host laemen.com: did not receive HSTS header laemen.nl: could not connect to host laf.in.net: could not connect to host @@ -7682,20 +8321,22 @@ lainchan.org: did not receive HSTS header laisashop.com.br: could not connect to host lajijonencadebarbera.com: could not connect to host lakefrontlittleelm.com: did not receive HSTS header -lakehavasuhouserentals.com: did not receive HSTS header +lakehavasuhouserentals.com: could not connect to host +lakewoodcomputerservices.com: could not connect to host lakhesis.net: could not connect to host lalajj.com: could not connect to host laltroweb.it: did not receive HSTS header lamaland.ru: did not receive HSTS header lambda-complex.org: could not connect to host lambdafive.co.uk: could not connect to host +lamclam.site: could not connect to host lamomebijou.paris: did not receive HSTS header lampl.info: could not connect to host -lamtv.com.mx: did not receive HSTS header -lan.biz.tr: could not connect to host +lamtv.com.mx: could not connect to host +lan2k.org: max-age too low: 86400 lanauzedesigns.com: did not receive HSTS header lanboll.com: could not connect to host -lanbyte.se: could not connect to host +lanbyte.se: did not receive HSTS header lancehoteis.com: did not receive HSTS header lancehoteis.com.br: did not receive HSTS header land-links.org: did not receive HSTS header @@ -7703,9 +8344,7 @@ landbetweenthelakes.us: did not receive HSTS header landell.ml: could not connect to host landgoedverkopen.nl: could not connect to host landhuisverkopen.nl: could not connect to host -landinfo.no: max-age too low: 300 landscape.canonical.com: max-age too low: 2592000 -landscapelightingthousandoaks.com: could not connect to host landscapingmedic.com: did not receive HSTS header langenbach.rocks: could not connect to host langendorf-ernaehrung-training.de: could not connect to host @@ -7714,7 +8353,7 @@ langhun.me: could not connect to host laniakean.com: did not receive HSTS header lanonfire.com: could not connect to host lansinoh.co.uk: did not receive HSTS header -lanzainc.xyz: did not receive HSTS header +lanzainc.xyz: could not connect to host laobox.fr: could not connect to host laohei.org: could not connect to host laospage.com: did not receive HSTS header @@ -7722,12 +8361,15 @@ laplaceduvillage.net: could not connect to host laquack.com: could not connect to host lared.ovh: did not receive HSTS header laredsemanario.com: could not connect to host +larsgujord.no: did not receive HSTS header +larsmerke.de: did not receive HSTS header lasepiataca.com: did not receive HSTS header lasercloud.ml: could not connect to host lashstuff.com: did not receive HSTS header lasnaves.com: did not receive HSTS header -lasst-uns-beten.de: did not receive HSTS header +lasst-uns-beten.de: could not connect to host latable-bowling-vire.fr: did not receive HSTS header +latabledebry.be: could not connect to host latamarissiere.eu: could not connect to host lateliercantaldeco.fr: could not connect to host latelierdekathy.com: could not connect to host @@ -7736,8 +8378,10 @@ latg.com: max-age too low: 300 lathamlabs.com: could not connect to host lathamlabs.net: could not connect to host lathamlabs.org: could not connect to host +lathen-wahn.de: did not receive HSTS header latinred.com: could not connect to host latitude42technology.com: did not receive HSTS header +latour-managedcare.ch: could not connect to host latus.xyz: could not connect to host laufcampus.com: did not receive HSTS header laufseminare-laufreisen.com: did not receive HSTS header @@ -7755,7 +8399,7 @@ lawly.org: could not connect to host laxatus.com: could not connect to host laxiongames.es: did not receive HSTS header layer8.tk: could not connect to host -laymans911.info: could not connect to host +lazapateriahandmade.pe: did not receive HSTS header lazerus.net: could not connect to host lazulu.com: could not connect to host lazytux.de: did not receive HSTS header @@ -7764,13 +8408,12 @@ lbrlh.tk: could not connect to host lbrli.tk: could not connect to host lbrls.tk: could not connect to host lbrt.xyz: could not connect to host -lcbizsolutions.com: did not receive HSTS header -lcgaj.com: could not connect to host lclarkpdx.com: could not connect to host lcti.biz: could not connect to host ldarby.me.uk: could not connect to host leadbook.ru: max-age too low: 604800 leadership9.com: could not connect to host +leadgenie.me: could not connect to host leakedminecraft.net: could not connect to host leakreporter.net: could not connect to host leaks.directory: could not connect to host @@ -7789,6 +8432,8 @@ led-tl-wereld.nl: did not receive HSTS header leddruckalarm.de: did not receive HSTS header ledgerscope.net: could not connect to host ledhouse.sk: did not receive HSTS header +ledlampor365.se: could not connect to host +ledshop.mx: did not receive HSTS header leebiblestudycentre.net: could not connect to host leebiblestudycentre.org: could not connect to host leefindlow.com: could not connect to host @@ -7807,15 +8452,18 @@ legendary.camera: did not receive HSTS header legitaxi.com: did not receive HSTS header legymnase.eu: did not receive HSTS header lehtinen.xyz: could not connect to host -leifdreizler.com: could not connect to host leighneithardt.com: could not connect to host +leilautourdumon.de: did not receive HSTS header leinir.dk: did not receive HSTS header leitner.com.au: did not receive HSTS header +lelehei.com: could not connect to host lellyboi.ml: could not connect to host lelongbank.com: did not receive HSTS header lelubre.info: did not receive HSTS header lemon.co: could not connect to host lemonrockbiketours.com: did not receive HSTS header +lemonthy.ca: could not connect to host +lemonthy.com: could not connect to host lemp.io: did not receive HSTS header lenders.direct: could not connect to host lengyelnyelvoktatas.hu: could not connect to host @@ -7823,7 +8471,7 @@ lengyelul.hu: could not connect to host lenkunz.me: could not connect to host lenn1.de: did not receive HSTS header lennarth.com: could not connect to host -lennartheinrich.de: could not connect to host +lennartheinrich.de: did not receive HSTS header lennier.info: could not connect to host lennyfaces.net: did not receive HSTS header lenovogaming.com: could not connect to host @@ -7832,6 +8480,7 @@ lenzw.de: did not receive HSTS header leob.in: could not connect to host leon-jaekel.com: could not connect to host leonardcamacho.me: could not connect to host +leonhooijer.nl: could not connect to host leonmahler.consulting: did not receive HSTS header leopold.email: could not connect to host leopoldina.net: did not receive HSTS header @@ -7839,11 +8488,13 @@ leopotamgroup.com: could not connect to host leovanna.co.uk: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] lepiquillo.fr: did not receive HSTS header lepont.pl: could not connect to host -lerasenglish.com: could not connect to host +lerasenglish.com: max-age too low: 0 lerlivros.online: could not connect to host -lerner.moscow: did not receive HSTS header +lerner.moscow: could not connect to host les-corsaires.net: could not connect to host les-voitures-electriques.com: max-age too low: 2592000 +lesbiansslaves.com: could not connect to host +lesbofight.com: could not connect to host lescomptoirsdepierrot.com: could not connect to host lesdouceursdeliyana.com: could not connect to host lesecuadors.com: did not receive HSTS header @@ -7853,7 +8504,10 @@ lesliekearney.com: did not receive HSTS header lesperlesdunet.fr: could not connect to host lesquatredauphins.fr: did not receive HSTS header lesquerda.cat: did not receive HSTS header +lessing.consulting: did not receive HSTS header +letempsdunefleur.be: could not connect to host leter.io: did not receive HSTS header +lethbridgecoffee.com: did not receive HSTS header letitfly.me: could not connect to host letraba.com: could not connect to host letras.mus.br: did not receive HSTS header @@ -7880,13 +8534,14 @@ lezdomsm.com: could not connect to host lfaz.org: could not connect to host lfullerdesign.com: could not connect to host lg21.co: could not connect to host +lgbtqventures.com: could not connect to host lgiswa.com.au: did not receive HSTS header lgrs.com.au: did not receive HSTS header lgsg.us: could not connect to host lgts.se: could not connect to host -lhalbert.xyz: could not connect to host lhasaapso.com.br: could not connect to host -lheinrich.com: did not receive HSTS header +lheinrich.com: could not connect to host +lheinrich.de: did not receive HSTS header lheinrich.org: could not connect to host lhsj28.com: could not connect to host lhsj68.com: could not connect to host @@ -7895,6 +8550,8 @@ liaillustr.at: did not receive HSTS header liam-is-a-nig.ga: could not connect to host liam-w.com: could not connect to host liamjack.fr: could not connect to host +liangbp.com: could not connect to host +lianwen.kim: could not connect to host lianye.in: could not connect to host lianyexiuchang.in: could not connect to host liaoshuma.com: could not connect to host @@ -7904,7 +8561,7 @@ libanco.com: could not connect to host libdeer.so: could not connect to host libertas-tech.com: could not connect to host libertins.date: did not receive HSTS header -libertyrp.org: did not receive HSTS header +libertyrp.org: could not connect to host libfte.org: did not receive HSTS header librairie-asie.com: did not receive HSTS header library.linode.com: did not receive HSTS header @@ -7912,25 +8569,28 @@ librechan.net: could not connect to host libricks.fr: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] librisulibri.it: did not receive HSTS header licence-registry.com: could not connect to host +liceo.cn: did not receive HSTS header liceserv.com: could not connect to host lichess4545.com: did not receive HSTS header lichess4545.tv: did not receive HSTS header +lickmypussy.us: could not connect to host lidl-selection.at: did not receive HSTS header liduan.com: could not connect to host -liduan.net: could not connect to host liebach.me: did not receive HSTS header liebestarot.at: did not receive HSTS header lied8.eu: could not connect to host -liehuojun.com: could not connect to host +liehuojun.com: did not receive HSTS header liemen.net: did not receive HSTS header lietaer.eu: did not receive HSTS header life-time.nl: did not receive HSTS header -lifecoachproviders.com: did not receive HSTS header +lifecoach.tw: did not receive HSTS header +lifecoachproviders.com: could not connect to host lifeguard.aecom.com: did not receive HSTS header lifeinitsownway.com: could not connect to host -lifeinsurances.pro: could not connect to host -lifeinsurances24.com: could not connect to host +lifeinsurances.pro: did not receive HSTS header +lifeinsurances24.com: did not receive HSTS header lifemarque.co.uk: did not receive HSTS header +lifenexto.com: could not connect to host lifeng.us: did not receive HSTS header lifeskillsdirect.com: did not receive HSTS header lifestyler.me: could not connect to host @@ -7942,7 +8602,6 @@ lightning-ashe.com: did not receive HSTS header lightnovelsekai.com: could not connect to host lightpaste.com: could not connect to host lighttherapydevice.com: did not receive HSTS header -lighttp.com: could not connect to host lightworx.io: did not receive HSTS header lignemalin.com: could not connect to host lignemax.com: did not receive HSTS header @@ -7951,26 +8610,29 @@ like.lgbt: could not connect to host likenosis.com: could not connect to host lila.pink: did not receive HSTS header lilapmedia.com: could not connect to host +liliang13.com: could not connect to host lilismartinis.com: could not connect to host -lillpopp.eu: did not receive HSTS header +lillpopp.eu: max-age too low: 10 lilpwny.com: could not connect to host lilycms.com: could not connect to host lilygreen.co.za: did not receive HSTS header limalama.eu: max-age too low: 1 limeyeti.com: could not connect to host -limiteddata.co.uk: did not receive HSTS header +limiteddata.co.uk: could not connect to host +limitget.com: could not connect to host limodo-shop.de: did not receive HSTS header limpens.net: did not receive HSTS header limpido.it: could not connect to host +lincsbouncycastlehire.co.uk: did not receive HSTS header lindberg.io: did not receive HSTS header -lindholmen.club: could not connect to host lineauniformes.com.br: could not connect to host linext.cn: could not connect to host lingerie.net.br: did not receive HSTS header lingerielovers.com.br: did not receive HSTS header -lingerieonline.com.br: did not receive HSTS header +lingerieonline.com.br: could not connect to host lingolia.com: did not receive HSTS header lingros-test.tk: could not connect to host +lingting.vip: could not connect to host linguaquote.com: did not receive HSTS header linguatrip.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] linhaoyi.com: could not connect to host @@ -7984,6 +8646,7 @@ linley.de: could not connect to host linmi.cc: did not receive HSTS header linno.me: could not connect to host linorman1997.me: could not connect to host +linostassi.net: could not connect to host linpx.com: could not connect to host linux-admin-california.com: could not connect to host linux-mint.cz: could not connect to host @@ -7997,9 +8660,10 @@ linuxgeek.ro: could not connect to host linuxmint.cz: could not connect to host linuxmonitoring.net: could not connect to host linvx.org: did not receive HSTS header -lipo.lol: could not connect to host +linxmind.eu: could not connect to host liquid.solutions: did not receive HSTS header liquidcomm.net: could not connect to host +liquimoly.market: did not receive HSTS header liquorsanthe.in: could not connect to host lisaco.de: could not connect to host lisbongold.com: did not receive HSTS header @@ -8011,29 +8675,34 @@ listage.ovh: did not receive HSTS header lists.mayfirst.org: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] litcc.com: could not connect to host litcomphonors.com: could not connect to host +literarymachin.es: could not connect to host litespeed.io: could not connect to host litevault.net: did not receive HSTS header little.pw: could not connect to host littledisney.ro: did not receive HSTS header littlefreelibrary.org: did not receive HSTS header littlelife.co.uk: did not receive HSTS header -littleqiu.net: could not connect to host +littleservice.cn: could not connect to host liud.im: could not connect to host liujunyang.com: did not receive HSTS header liukang.tech: could not connect to host -liul.in: could not connect to host liushuyu.tk: could not connect to host liv3ly.com: did not receive HSTS header livechatlady.info: did not receive HSTS header livedemo.io: could not connect to host livej.am: could not connect to host +livejasmin.dk: could not connect to host liverewrite.com: could not connect to host +livesearch-fukuoka.com: did not receive HSTS header +livi.co: could not connect to host liviababynet.com.br: could not connect to host livinghealthywithchocolate.com: did not receive HSTS header livrariahugodesaovitor.com.br: could not connect to host lixiang.one: could not connect to host +lixiaojiang.ga: could not connect to host lixingcong.com: could not connect to host liyang.pro: did not receive HSTS header +lizzythepooch.com: did not receive HSTS header lkiserver.com: could not connect to host llamasweet.tech: could not connect to host lll.st: could not connect to host @@ -8044,6 +8713,7 @@ ln.io: could not connect to host lnbeauty.ru: max-age too low: 0 lnoldan.com: could not connect to host loacg.com: did not receive HSTS header +loadingdeck.com: did not receive HSTS header loadso.me: could not connect to host loafbox.com: could not connect to host loanmatch.sg: could not connect to host @@ -8055,8 +8725,10 @@ lobosdomain.no-ip.info: could not connect to host lobste.rs: did not receive HSTS header locais.org: could not connect to host localchum.com: could not connect to host +localdata.us: did not receive HSTS header localdrive.me: could not connect to host localnetwork.nz: could not connect to host +location-fichier-email.com: could not connect to host locationvoitureautriche.com: could not connect to host locationvoiturefinlande.com: could not connect to host locationvoitureirlande.com: could not connect to host @@ -8069,7 +8741,7 @@ locker3.com: could not connect to host locksmithrandburg24-7.co.za: could not connect to host locksport.org.nz: could not connect to host locktheirphone.com: could not connect to host -lockyourcomputer.pw: did not receive HSTS header +lockyourcomputer.pw: could not connect to host locomotive.ca: did not receive HSTS header locomotive.net.br: could not connect to host locvis.ru: did not receive HSTS header @@ -8080,7 +8752,6 @@ loftboard.eu: could not connect to host log2n.uk: could not connect to host logario.com.br: could not connect to host logcat.info: could not connect to host -logfile.at: did not receive HSTS header logfile.ch: did not receive HSTS header logic8.ml: could not connect to host logicaladvertising.com: could not connect to host @@ -8098,30 +8769,32 @@ lognot.net: could not connect to host logymedia.com: could not connect to host loisircreatif.net: did not receive HSTS header lojadocristaozinho.com.br: did not receive HSTS header +lojadoprazer.com.br: could not connect to host +lojahunamarcenaria.com.br: could not connect to host lojashowdecozinha.com.br: could not connect to host lojasviavento.com.br: could not connect to host lojavalcapelli.com.br: could not connect to host -lolhax.org: could not connect to host loli.bz: did not receive HSTS header loli.vip: could not connect to host lolicon.info: could not connect to host lolicore.ch: could not connect to host lolidunno.com: could not connect to host +lolis.stream: could not connect to host lollaconcept.com.br: could not connect to host lonbali.com: did not receive HSTS header londoncalling.co: did not receive HSTS header londonlanguageexchange.com: could not connect to host +londonseedcentre.co.uk: could not connect to host lonerwolf.com: did not receive HSTS header longboarding-ulm.de: could not connect to host look-at-my.site: could not connect to host lookout.com: did not receive HSTS header looktothestars.org: did not receive HSTS header lookupclose.com: did not receive HSTS header -lookyman.net: could not connect to host looneymooney.com: could not connect to host loongsg.xyz: could not connect to host -loopstart.org: could not connect to host loperetti.ch: could not connect to host +loposchokk.com: could not connect to host loqyu.co: could not connect to host lordgun.com: could not connect to host lordjevington.co.uk: did not receive HSTS header @@ -8132,9 +8805,9 @@ lostarq.com: could not connect to host lostg.com: did not receive HSTS header lostinsecurity.com: could not connect to host lostinweb.eu: could not connect to host +loteks.de: did not receive HSTS header lothai.re: did not receive HSTS header lothuytinhsi.com: could not connect to host -lotl.ru: could not connect to host lotos-ag.ch: did not receive HSTS header lotsencafe.de: did not receive HSTS header lottosonline.com: did not receive HSTS header @@ -8156,6 +8829,7 @@ lovelycorral.com: did not receive HSTS header lovelyfriends.org: did not receive HSTS header lovemen.cc: did not receive HSTS header lovemysafetynet.com: did not receive HSTS header +loveread-ec.appspot.com: did not receive HSTS header loveto.at: could not connect to host lovingpenguin.com: did not receive HSTS header lowhangingfruitgrabber.com: could not connect to host @@ -8164,10 +8838,12 @@ lowtherpavilion.co.uk: did not receive HSTS header loxis.be: did not receive HSTS header loyaleco.it: could not connect to host loyaltech.ch: could not connect to host +lpacademy.com.br: could not connect to host lpak.nl: could not connect to host lpgram.ga: could not connect to host -lpm-uk.com: could not connect to host +lpm-uk.com: did not receive HSTS header lrhsclubs.com: could not connect to host +lrhstsa.com: could not connect to host ls-a.org: did not receive HSTS header ls-reallife.de: did not receive HSTS header ls-rp.es: did not receive HSTS header @@ -8176,52 +8852,54 @@ lsp-sports.de: did not receive HSTS header lstma.com: could not connect to host lsvih.com: did not receive HSTS header lswim.com: did not receive HSTS header -lsys.ac: could not connect to host lszj.com: could not connect to host ltba.org: could not connect to host ltbytes.com: could not connect to host ltechnologygroup.com: did not receive HSTS header ltransferts.com: could not connect to host ltu.social: could not connect to host +luan.ma: did not receive HSTS header lubot.net: could not connect to host lucas-garte.com: did not receive HSTS header +lucasantarella.com: could not connect to host +lucascantor.com: did not receive HSTS header lucascodes.com: could not connect to host lucasgaland.com: could not connect to host +lucassoler.com.ar: could not connect to host lucaterzini.com: could not connect to host luchscheider.de: could not connect to host lucidlogs.com: could not connect to host +luckydog.pw: could not connect to host +luckystarfishing.com: did not receive HSTS header luclu7.pw: could not connect to host -lucysan.net: could not connect to host ludwig.click: did not receive HSTS header -ludwigpro.net: could not connect to host lufthansaexperts.com: max-age too low: 2592000 luis-checa.com: could not connect to host -luisgf.es: could not connect to host luisv.me: could not connect to host luk.photo: could not connect to host lukasunger.cz: could not connect to host lukasunger.net: could not connect to host lukaszdolan.com: did not receive HSTS header -lukasztkacz.com: did not receive HSTS header +lukasztkacz.com: could not connect to host +lukem.eu: could not connect to host lukeng.me: could not connect to host lukonet.com: did not receive HSTS header luludapomerania.com: could not connect to host luma.family: could not connect to host luma.pink: could not connect to host lumd.me: could not connect to host -lumer.tech: could not connect to host lumi.do: did not receive HSTS header luminancy.com: could not connect to host -lunapatch.com: did not receive HSTS header +lunapatch.com: max-age too low: 7889238 lunarift.com: could not connect to host lunarrift.net: could not connect to host -lunchbunch.me: could not connect to host +lunarsoft.net: did not receive HSTS header luneta.nearbuysystems.com: could not connect to host lunight.ml: could not connect to host luno.io: could not connect to host luody.info: could not connect to host luoe.ml: could not connect to host -luolikong.vip: could not connect to host +luolikong.vip: did not receive HSTS header luom.net: could not connect to host luoxiao.im: could not connect to host luoxingyu.ml: could not connect to host @@ -8230,14 +8908,11 @@ lusis.fr: did not receive HSTS header lusis.net: could not connect to host lustrumxi.nl: could not connect to host luther.fi: could not connect to host -luxcraft.eng.br: could not connect to host luxe-it.co.uk: could not connect to host luxinmo.com: did not receive HSTS header -luxonetwork.com: did not receive HSTS header -luxus-russen.de: did not receive HSTS header +luxonetwork.com: could not connect to host +luxus-russen.de: could not connect to host luzeshomologadas.com.br: could not connect to host -lv5.top: could not connect to host -lwl.moe: could not connect to host lycly.top: could not connect to host lydia-und-simon.de: could not connect to host lydiagorstein.com: could not connect to host @@ -8247,15 +8922,15 @@ lyonl.com: did not receive HSTS header lyscnd.com: could not connect to host lysergion.com: could not connect to host lyuba.fr: could not connect to host -lyukaacom.ru: could not connect to host +lz.sb: could not connect to host lzahq.tech: did not receive HSTS header -lzh.one: could not connect to host lzkill.com: did not receive HSTS header lzqii.cn: could not connect to host lzzr.me: did not receive HSTS header m-ali.xyz: did not receive HSTS header m-generator.com: could not connect to host m-rickroll-v.pw: could not connect to host +m-warrior.tk: could not connect to host m.gparent.org: could not connect to host m.nu: did not receive HSTS header m0wef.uk: could not connect to host @@ -8268,9 +8943,10 @@ ma-musique.fr: could not connect to host maarten.nyc: could not connect to host maartenprovo.be: did not receive HSTS header maartenterpstra.xyz: could not connect to host +mabulledu.net: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] mac-torrents.me: did not receive HSTS header -mac.biz.tr: could not connect to host -macandtonic.com: could not connect to host +mac-world.pl: did not receive HSTS header +macandtonic.com: did not receive HSTS header macbolo.com: could not connect to host macchaberrycream.com: could not connect to host macchedil.com: did not receive HSTS header @@ -8278,14 +8954,18 @@ macdj.tk: could not connect to host macedopesca.com.br: did not receive HSTS header macgeneral.de: did not receive HSTS header mach1club.com: did not receive HSTS header +machinelearningjavascript.com: could not connect to host mack.space: could not connect to host -macleodnc.com: could not connect to host +macleodnc.com: did not receive HSTS header macsandcheesedreams.com: could not connect to host +macstore.pe: did not receive HSTS header macustar.eu: did not receive HSTS header +madandpissedoff.com: could not connect to host madcatdesign.de: did not receive HSTS header maddin.ga: could not connect to host madebyfalcon.co.uk: did not receive HSTS header madebymagnitude.com: did not receive HSTS header +madeglobal.com: could not connect to host madeinorder.com: did not receive HSTS header madeintucson.org: could not connect to host mademoiselle-emma.be: could not connect to host @@ -8293,6 +8973,8 @@ mademoiselle-emma.fr: could not connect to host maderwin.com: did not receive HSTS header madesoftware.com.br: could not connect to host madnetwork.org: could not connect to host +madokami.net: could not connect to host +madpeople.net: max-age too low: 2592000 madrants.net: could not connect to host madweb.design: did not receive HSTS header mafamane.com: could not connect to host @@ -8302,14 +8984,14 @@ magebankin.com: did not receive HSTS header magenx.com: did not receive HSTS header magia360.com: did not receive HSTS header magicball.co: could not connect to host +magieblanche.fr: did not receive HSTS header magnacumlaude.co: could not connect to host magneticanvil.com: did not receive HSTS header magyarokegyhelyen.hu: did not receive HSTS header mahamed91.pw: could not connect to host mahansexcavating.com: did not receive HSTS header mahfouzadedimeji.com: did not receive HSTS header -mahraartisan.com: max-age too low: 7889238 -maidofhonorcleaning.net: max-age too low: 200 +mahraartisan.com: could not connect to host maik-mahlow.de: could not connect to host mail-settings.google.com: did not receive HSTS header (error ignored - included regardless) mail.google.com: did not receive HSTS header (error ignored - included regardless) @@ -8326,17 +9008,19 @@ main-unit.com: could not connect to host maintainerheaven.ch: could not connect to host maisalto.ind.br: could not connect to host maitriser-son-stress.com: could not connect to host +majkl.xyz: could not connect to host +majkl578.cz: could not connect to host majncloud.tk: could not connect to host make-pizza.info: could not connect to host makedonien.guide: could not connect to host makeit-so.de: could not connect to host makeitdynamic.com: could not connect to host +makemejob.com: could not connect to host makemyvape.co.uk: max-age too low: 7889238 makerstuff.net: did not receive HSTS header makeshiftco.de: did not receive HSTS header makeuplove.nl: could not connect to host -makeyourank.com: max-age too low: 200 -makino.games: could not connect to host +makeyourlaws.org: could not connect to host malamutedoalasca.com.br: could not connect to host maldiverna.guide: could not connect to host maleexcel.com: did not receive HSTS header @@ -8345,16 +9029,19 @@ malerversand.de: did not receive HSTS header malesbdsm.com: could not connect to host malfait.nl: could not connect to host malgraph.net: could not connect to host -malibubeachrecoverycenter.com: did not receive HSTS header +malibubeachrecoverycenter.com: could not connect to host maljaars-media.nl: could not connect to host +malkaso.com.ua: could not connect to host +mallner.me: could not connect to host malmstroms-co.se: could not connect to host malone.link: could not connect to host maltes.website: could not connect to host malvy.kiev.ua: could not connect to host -malwaretips.com: did not receive HSTS header malwre.io: could not connect to host +maly.io: did not receive HSTS header malya.fr: could not connect to host mamacobaby.com: could not connect to host +mamadoma.com.ua: could not connect to host mamaison.io: could not connect to host mamastore.eu: could not connect to host mamaxi.org: did not receive HSTS header @@ -8363,25 +9050,27 @@ mammothmail.net: could not connect to host mammothmail.org: could not connect to host mammut.space: could not connect to host mamochka.org.ua: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] +mamout.xyz: could not connect to host +manaboutahor.se: could not connect to host manage.zenpayroll.com: did not receive HSTS header manage4all.com: could not connect to host manageall.de: could not connect to host managed-varnish.de: did not receive HSTS header manageforall.com: could not connect to host manageforall.de: could not connect to host +management-ethics.com: did not receive HSTS header managemynetsuite.com: did not receive HSTS header -manalu.cz: did not receive HSTS header +manalu.cz: could not connect to host manantial.mx: could not connect to host manav-it.de: could not connect to host mandala-ausmalbilder.de: did not receive HSTS header mandm.servebeer.com: could not connect to host mandpress.com: did not receive HSTS header -mangazuki.co: did not receive HSTS header +mangazuki.co: could not connect to host maniadeprazer.com.br: could not connect to host manifestbin.com: did not receive HSTS header manipulatedtme.com: could not connect to host manitasicily.com: did not receive HSTS header -manneguiden.no: did not receive HSTS header mannford.com: could not connect to host manningbrothers.com: did not receive HSTS header manns-solutions.com: did not receive HSTS header @@ -8394,9 +9083,10 @@ manshop24.com: could not connect to host mansion-note.com: did not receive HSTS header manududu.com.br: could not connect to host manuelrueger.de: could not connect to host +manufacturing.gov: could not connect to host +manutrol.com.br: did not receive HSTS header maomaofuli.vip: could not connect to host maosi.xin: could not connect to host -mapasmundi.com.br: could not connect to host maple5.com: did not receive HSTS header maplenorth.co: did not receive HSTS header mapresidentielle.fr: did not receive HSTS header @@ -8406,10 +9096,11 @@ marcberman.co: could not connect to host marcbuehlmann.com: did not receive HSTS header marcelmarnitz.com: could not connect to host marcelparra.com: could not connect to host -marcelsiegert.com: could not connect to host +marcelwiedemeier.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] marchagen.nl: did not receive HSTS header marche-nordic-jorat.ch: could not connect to host marchhappy.tech: did not receive HSTS header +marco-kretz.de: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] marco01809.net: could not connect to host marcoececilia.it: did not receive HSTS header marcofinke.de: could not connect to host @@ -8419,9 +9110,12 @@ marcosteixeira.tk: could not connect to host marcschlagenhauf.de: could not connect to host marcus-scheffler.com: did not receive HSTS header marcush.de: could not connect to host +marcusserver.synology.me: did not receive HSTS header mardelcupon.com: could not connect to host mare92.cz: could not connect to host +mareklecian.cz: did not receive HSTS header margaretrosefashions.co.uk: could not connect to host +mariacristinadoces.com.br: did not receive HSTS header mariannematthew.com: could not connect to host marianwehlus.de: did not receive HSTS header marie-curie.fr: could not connect to host @@ -8429,18 +9123,18 @@ marie-elisabeth.dk: did not receive HSTS header marie-en-provence.com: did not receive HSTS header marie.club: could not connect to host marienschule-sundern.de: did not receive HSTS header -marinela.com.mx: max-age too low: 86400 -marinelausa.com: max-age too low: 86400 +marin-dom.ru: could not connect to host mariusschulte.de: did not receive HSTS header mark-a-hydrant.com: did not receive HSTS header mark-armstrong-gaming.com: could not connect to host markayapilandirma.com: could not connect to host markcp.me: could not connect to host market.android.com: did not receive HSTS header (error ignored - included regardless) -marketgot.com: could not connect to host +marketgot.com: did not receive HSTS header marketing-advertising.eu: could not connect to host marketingdesignu.cz: could not connect to host marketingromania.ro: did not receive HSTS header +marklauman.ca: could not connect to host markllego.com: could not connect to host marko-fenster24.de: did not receive HSTS header markorszulak.com: did not receive HSTS header @@ -8450,13 +9144,18 @@ markrobin.de: did not receive HSTS header marksill.com: could not connect to host marktboten.de: did not receive HSTS header markusabraham.com: did not receive HSTS header +markusueberallassetmanagement.de: could not connect to host +markusueberallconsulting.de: could not connect to host markusweimar.de: did not receive HSTS header marlen.cz: did not receive HSTS header marleyresort.com: did not receive HSTS header +marqperso.ch: could not connect to host +marquepersonnelle.ch: could not connect to host marriottvetcareers.com: could not connect to host marshut.net: could not connect to host martialc.be: could not connect to host martiert.com: could not connect to host +martijnvanderzande.nl: did not receive HSTS header martijnvhoof.nl: could not connect to host martin-arend.de: did not receive HSTS header martin-mattel.com: could not connect to host @@ -8465,22 +9164,22 @@ martinestyle.com: could not connect to host martineve.com: did not receive HSTS header martinkup.cz: did not receive HSTS header martinp.no: could not connect to host -martinreed.net: did not receive HSTS header martinrogalla.com: did not receive HSTS header martins.im: could not connect to host -martynhare.co.uk: could not connect to host -martynhare.uk: could not connect to host marumagic.com: did not receive HSTS header -marvinkeller.de: did not receive HSTS header +marvinkeller.de: could not connect to host marxist.party: could not connect to host marykshoup.com: could not connect to host masa-yoga.com: did not receive HSTS header masa.li: could not connect to host +masaze-hanka.cz: could not connect to host +mashandco.it: could not connect to host mashek.net: could not connect to host mashnew.com: could not connect to host masjidtawheed.net: did not receive HSTS header maskinkultur.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] maskt.pw: could not connect to host +massagelimaperu.com: did not receive HSTS header massivum.de: did not receive HSTS header massot.eu: did not receive HSTS header mastd.fr: could not connect to host @@ -8489,6 +9188,7 @@ masteragenasia.com: did not receive HSTS header masterapi.ninja: did not receive HSTS header masterhaus.bg: did not receive HSTS header masteringtheterminal.com: did not receive HSTS header +mastersthesiswriting.com: could not connect to host mastichor.info: could not connect to host mastimtibetano.com: could not connect to host masto.io: could not connect to host @@ -8501,12 +9201,13 @@ mastodon.expert: could not connect to host mastodon.fun: could not connect to host mastodon.my: could not connect to host mastodon.org.uk: did not receive HSTS header -mastodon.pl: could not connect to host +mastodon.pl: did not receive HSTS header +mastodon.top: did not receive HSTS header mastodones.club: could not connect to host masty.nl: could not connect to host masumreza.tk: could not connect to host mat99.dk: could not connect to host -matarrosabierzo.com: did not receive HSTS header +matarrosabierzo.com: could not connect to host matatall.com: did not receive HSTS header maternalsafety.org: did not receive HSTS header mateusmeyer.com.br: could not connect to host @@ -8533,11 +9234,10 @@ matthewprenger.com: could not connect to host matthewtester.com: did not receive HSTS header matthiassteen.be: could not connect to host matthiasweiler.de: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] -mattisam.com: could not connect to host +mattisam.com: did not receive HSTS header mattressinsider.com: max-age too low: 3153600 -mattwb65.com: did not receive HSTS header +mattwb65.com: could not connect to host matty.digital: did not receive HSTS header -matway.net: could not connect to host matze.org: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] maultrom.ml: could not connect to host maupiknik.com: did not receive HSTS header @@ -8546,18 +9246,20 @@ maurus-automation.de: did not receive HSTS header mausi.co: did not receive HSTS header mavisang.cf: could not connect to host mawe.red: could not connect to host +maxhoechtl.at: could not connect to host maxhorvath.com: could not connect to host maxibanki.ovh: could not connect to host +maxicore.co.za: could not connect to host maxima.at: did not receive HSTS header maximelouet.me: did not receive HSTS header maximov.space: did not receive HSTS header maxkeller.io: did not receive HSTS header maxmachine.ind.br: could not connect to host -maxr1998.de: could not connect to host maxserver.com: did not receive HSTS header maya.mg: could not connect to host maybeul.com: could not connect to host maynardnetworks.com: could not connect to host +mayoristassexshop.com: did not receive HSTS header mazurlabs.tk: could not connect to host mazyun.com: did not receive HSTS header mazz-tech.com: could not connect to host @@ -8578,6 +9280,7 @@ mcdanieldevelopmentservices.com: could not connect to host mcdonalds.ru: did not receive HSTS header mcga.media: could not connect to host mcgavocknissanwichitaparts.com: could not connect to host +mchan.us: did not receive HSTS header mchopkins.net: could not connect to host mcideas.tk: could not connect to host mcjackk77.com: could not connect to host @@ -8588,19 +9291,22 @@ mclist.it: could not connect to host mcmillansedationdentistry.com: did not receive HSTS header mcnoobs.pro: could not connect to host mcooperlaw.com: did not receive HSTS header +mcpart.land: could not connect to host +mcqyy.com: could not connect to host mcsa-usa.org: could not connect to host -mcsniper.co: could not connect to host mcsnovatamabayan.com: could not connect to host +mctherealm.net: could not connect to host mcuexchange.com: did not receive HSTS header mcuong.tk: could not connect to host md-student.com: did not receive HSTS header mdfnet.se: did not receive HSTS header -mdkr.nl: did not receive HSTS header mdscomp.net: did not receive HSTS header mdwftw.com: could not connect to host -me-dc.com: could not connect to host +me-dc.com: did not receive HSTS header meadowfenfarm.com: could not connect to host +meadowviewfarms.org: could not connect to host mealz.com: did not receive HSTS header +meanevo.com: could not connect to host measuretwice.com: did not receive HSTS header meat-education.com: could not connect to host meathealth.com: could not connect to host @@ -8610,6 +9316,7 @@ mecenat-cassous.com: did not receive HSTS header mechok.ru: could not connect to host medallia.io: could not connect to host media-access.online: did not receive HSTS header +media-courses.com: could not connect to host mediacru.sh: could not connect to host mediadandy.com: could not connect to host mediafinancelab.org: could not connect to host @@ -8623,9 +9330,10 @@ medirich.co: could not connect to host meditek-dv.ru: could not connect to host mediter-simplement.com: did not receive HSTS header mediterenopmaandag.nl: did not receive HSTS header +mediumraw.org: did not receive HSTS header mediweed.tk: could not connect to host medm-test.com: could not connect to host -medmarkt24.com: did not receive HSTS header +medpot.net: did not receive HSTS header medstreaming.com: did not receive HSTS header medy-me.com: could not connect to host medzinenews.com: did not receive HSTS header @@ -8633,12 +9341,11 @@ meedoenzaanstad.nl: did not receive HSTS header meetfinch.com: could not connect to host meetmibaby.co.uk: could not connect to host meetscompany.jp: did not receive HSTS header -mega-aukcion.ru: could not connect to host megadrol.com: could not connect to host megakiste.de: could not connect to host megam.host: could not connect to host megashur.se: did not receive HSTS header -megauction.tk: could not connect to host +megasystem.cl: did not receive HSTS header meghudson.com: could not connect to host mego.cloud: could not connect to host meifrench.com: could not connect to host @@ -8650,7 +9357,7 @@ meisterritter.de: did not receive HSTS header meizufans.eu: could not connect to host melakaltenegger.at: did not receive HSTS header melangebrasil.com: could not connect to host -melaniebilodeau.com: could not connect to host +melaniebilodeau.com: did not receive HSTS header melcher.it: did not receive HSTS header melenchatsmelenchiens.fr: could not connect to host melf.nl: could not connect to host @@ -8670,6 +9377,7 @@ memdoc.org: could not connect to host memeblast.ninja: could not connect to host memepasmal.org: could not connect to host memetrash.co.uk: could not connect to host +memo-linux.com: could not connect to host memory-plus-180.com: could not connect to host memorygame.io: did not receive HSTS header memorytrace.space: could not connect to host @@ -8681,7 +9389,10 @@ mensmaximus.de: did not receive HSTS header mentax.net: did not receive HSTS header menthix.net: could not connect to host menudrivetest.com: could not connect to host +menuel.me: could not connect to host +menuiserie-berard.com: did not receive HSTS header menzaijia.com: could not connect to host +meo.de: could not connect to host meow.cloud: could not connect to host meozcraft.com: could not connect to host mercamaris.es: did not receive HSTS header @@ -8690,7 +9401,7 @@ merccorp.de: max-age too low: 0 mercedes-benz-usedcars.be: could not connect to host mercury-studio.com: did not receive HSTS header mereckas.com: could not connect to host -meredithkm.info: could not connect to host +meredithkm.info: did not receive HSTS header mergozzo.com: did not receive HSTS header merimatka.fi: could not connect to host meritz.rocks: could not connect to host @@ -8717,6 +9428,7 @@ metricaid.com: did not receive HSTS header metrix-money-ptc.com: could not connect to host metrix.design: could not connect to host metzgerei-birkenhof.de: could not connect to host +meu-smartphone.com: did not receive HSTS header meucosmetico.com.br: could not connect to host meuemail.pro: could not connect to host meupedido.online: could not connect to host @@ -8733,6 +9445,7 @@ mfiles.pl: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_ mfrsgb45.org: did not receive HSTS header mft.global: could not connect to host mfxer.com: could not connect to host +mgcraft.net: could not connect to host mgdigital.fr: did not receive HSTS header mgiay.com: did not receive HSTS header mgoessel.de: did not receive HSTS header @@ -8745,16 +9458,16 @@ mht-travel.com: could not connect to host mhx.pw: could not connect to host mia.ac: could not connect to host mia.to: could not connect to host +miamicityballet.org: did not receive HSTS header mianfei-vpn.com: could not connect to host -micado-software.com: could not connect to host michael-schilling.de: did not receive HSTS header -michaelasawyer.com: could not connect to host michaelcullen.name: could not connect to host michaeldemuth.com: could not connect to host -michaelfitzpatrickruth.com: could not connect to host +michaelfitzpatrickruth.com: did not receive HSTS header michaelklos.nl: could not connect to host michaelmorpurgo.com: did not receive HSTS header michaeln.net: did not receive HSTS header +michaels-homepage-service.de: could not connect to host michaelscrivo.com: did not receive HSTS header michaelsulzer.com: did not receive HSTS header michaelsulzer.eu: did not receive HSTS header @@ -8773,13 +9486,14 @@ micro-dv.ru: could not connect to host micro-rain-systems.com: could not connect to host microblading.pe: could not connect to host microdesic.com: could not connect to host -micromata.de: did not receive HSTS header -microme.ga: did not receive HSTS header +microme.ga: could not connect to host micropple.net: could not connect to host microtalk.org: could not connect to host +midgawash.com: could not connect to host midirs.org: did not receive HSTS header midonet.org: did not receive HSTS header midriversmotorsllc.com: did not receive HSTS header +midterm.us: could not connect to host midwestwomenworkers.org: could not connect to host miegl.cz: could not connect to host miemie.jp: could not connect to host @@ -8793,7 +9507,9 @@ migrantskillsregister.org.uk: could not connect to host migrator.co: could not connect to host miguksaram.com: could not connect to host mijn-email.org: could not connect to host +mijndiad.nl: did not receive HSTS header mijnkredietpaspoort.nl: could not connect to host +mijntransacties.nl: could not connect to host mika.cat: could not connect to host mikadesign.se: did not receive HSTS header mikaela.info: did not receive HSTS header @@ -8801,18 +9517,17 @@ mikaelemilsson.net: did not receive HSTS header mikeburns.com: could not connect to host mikedugan.org: did not receive HSTS header mikeg.de: did not receive HSTS header -mikek.work: could not connect to host +mikek.work: did not receive HSTS header mikeology.org: could not connect to host mikepair.net: could not connect to host mikes.tk: could not connect to host -mikewillia.ms: could not connect to host +mikeybailey.org: could not connect to host mikeybot.com: could not connect to host -mikhirev.ru: could not connect to host mikii.club: could not connect to host mikk.cz: could not connect to host mikro-inwestycje.co.uk: did not receive HSTS header miku.be: could not connect to host -miku.hatsune.my: could not connect to host +miku.hatsune.my: did not receive HSTS header mikusinec.com: could not connect to host milahendri.com: did not receive HSTS header milang.xyz: could not connect to host @@ -8822,18 +9537,16 @@ milesgeek.com: did not receive HSTS header military-portal.cz: did not receive HSTS header militarycarlot.com: did not receive HSTS header militaryconsumer.gov: did not receive HSTS header -milktea.info: could not connect to host -millenniumweb.com: max-age too low: 86400 +millibitcoin.jp: could not connect to host millionairessecrets.com: could not connect to host millstep.de: did not receive HSTS header milonga.tips: could not connect to host mimbeim.com: did not receive HSTS header -mimobile.website: could not connect to host mimoderoupa.pt: could not connect to host min.kiwi: could not connect to host minantavla.se: could not connect to host mind.sh: did not receive HSTS header -mindbodycontinuum.com: did not receive HSTS header +mindcell.no: could not connect to host mindcraft.ga: could not connect to host mine.world: could not connect to host minecraft-forum.cf: could not connect to host @@ -8852,7 +9565,7 @@ minecraftvoter.com: could not connect to host minecrell.net: max-age too low: 172800 mineover.es: could not connect to host minetude.com: could not connect to host -mingming.info: did not receive HSTS header +mingkyaa.com: could not connect to host mingo.nl: max-age too low: 2592000 mingy.ddns.net: could not connect to host mingyueli.com: could not connect to host @@ -8870,12 +9583,14 @@ minnesotadata.com: could not connect to host minor.news: could not connect to host minora.io: could not connect to host minoris.se: did not receive HSTS header +mintea-noua.ro: could not connect to host mipiaci.co.nz: did not receive HSTS header mipiaci.com.au: did not receive HSTS header miragrow.com: could not connect to host mireillewendling.com.br: could not connect to host mirgleich.dnshome.de: could not connect to host mirindadomo.ru: did not receive HSTS header +mirodasilva.be: could not connect to host mironized.com: did not receive HSTS header mirrorsedgearchive.ga: could not connect to host mirrorx.com: did not receive HSTS header @@ -8883,15 +9598,17 @@ miruc.co: did not receive HSTS header mirucon.com: did not receive HSTS header misconfigured.io: could not connect to host miscreant.me: could not connect to host -misericordiasegrate.org: could not connect to host +misericordiasegrate.org: did not receive HSTS header misgluteosperfectos.com: did not receive HSTS header misiondelosangeles-mailing.com: did not receive HSTS header misiru.jp: could not connect to host +misrv.com: did not receive HSTS header missrain.tw: could not connect to host missycosmeticos.com.br: could not connect to host mist.ink: could not connect to host mister.hosting: did not receive HSTS header misterl.net: did not receive HSTS header +misuzu.moe: could not connect to host mitarbeiter-pc.de: did not receive HSTS header mitchellrenouf.ca: could not connect to host mitior.net: could not connect to host @@ -8913,15 +9630,20 @@ mkakh.xyz: could not connect to host mkasu.org: could not connect to host mkfs.be: could not connect to host mkfs.fr: could not connect to host +mkg-palais-hanau.de: did not receive HSTS header +mkg-wiebelskirchen.de: could not connect to host mkp-deutschland.de: did not receive HSTS header mkplay.io: could not connect to host -mktemp.org: could not connect to host mkw.st: could not connect to host +mlcambiental.com.br: did not receive HSTS header mlcdn.co: could not connect to host mlpchan.net: could not connect to host mlpepilepsy.org: could not connect to host mlpvc-rr.ml: did not receive HSTS header mlrslateroofing.com.au: did not receive HSTS header +mlsrv.de: could not connect to host +mmaps.ddns.net: could not connect to host +mmcc.pe: did not receive HSTS header mmgazhomeloans.com: did not receive HSTS header mmilog.hu: could not connect to host mmmm.com: could not connect to host @@ -8933,20 +9655,21 @@ mnetworkingsolutions.co.uk: could not connect to host mnmt.no: did not receive HSTS header mnwt.nl: could not connect to host moar.so: did not receive HSTS header +moas.design: could not connect to host moas.photos: did not receive HSTS header mobaircon.com: did not receive HSTS header -mobifinans.ru: could not connect to host mobile-gesundheit.org: could not connect to host mobile.eti.br: could not connect to host mobilebay.top: could not connect to host mobilecoach.com: did not receive HSTS header mobilekey.co: could not connect to host -mobilemalin.com: could not connect to host +mobilemalin.com: did not receive HSTS header mobileritelushi.com: could not connect to host mobilethreat.net: could not connect to host mobilethreatnetwork.net: could not connect to host mobilpass.no: could not connect to host -mobimalin.com: could not connect to host +mobimalin.com: did not receive HSTS header +mobisium.com: did not receive HSTS header mobiwalk.com: could not connect to host mobix5.com: did not receive HSTS header mobmp4.co: could not connect to host @@ -8958,15 +9681,19 @@ mockmyapp.com: could not connect to host mocloud.eu: could not connect to host mocloud.win: could not connect to host mocsuite.club: could not connect to host +modalrakyat.com: could not connect to host +modalrakyat.id: did not receive HSTS header modaperuimport.com: could not connect to host modded-minecraft-server-list.com: could not connect to host moddedark.com: could not connect to host mode-marine.com: could not connect to host +modecaso.com: could not connect to host model9.io: did not receive HSTS header modelsclub.org.ua: could not connect to host modemagazines.co.uk: could not connect to host moderatortv.de: did not receive HSTS header modernibytovytextil.cz: could not connect to host +moderntld.net: could not connect to host mododo.de: could not connect to host modx.by: max-age too low: 31536 modx.io: could not connect to host @@ -8978,6 +9705,7 @@ moebel-nagel.de: did not receive HSTS header moebel-vergleichen.com: did not receive HSTS header moefi.xyz: could not connect to host moegirl.org: did not receive HSTS header +moehrke.cc: could not connect to host moellers.it: could not connect to host moeloli.pw: did not receive HSTS header moelord.org: could not connect to host @@ -8992,14 +9720,17 @@ mojapraca.sk: did not receive HSTS header mojefilmy.xyz: could not connect to host mojizuri.jp: max-age too low: 86400 mokadev.com: did not receive HSTS header +molokai.org: could not connect to host mols.me: did not receive HSTS header -momfulfilled.com: did not receive HSTS header +momento.co.id: did not receive HSTS header +momfulfilled.com: could not connect to host mommel.com: could not connect to host mommelonline.de: could not connect to host momoka.moe: could not connect to host mon-a-lisa.com: did not receive HSTS header -mon-mobile.com: could not connect to host +mon-mobile.com: did not receive HSTS header mona.lu: could not connect to host +monalisa.wtf: could not connect to host monarca.systems: could not connect to host monasterialis.eu: could not connect to host monautoneuve.fr: did not receive HSTS header @@ -9016,21 +9747,27 @@ monika-sokol.de: did not receive HSTS header monitaure.io: could not connect to host monitman.solutions: could not connect to host monitori.ng: could not connect to host +monkieteel.nl: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] monochrometoys.com: could not connect to host +monodukuri.cafe: did not receive HSTS header +monodzukuri.cafe: did not receive HSTS header +monokoo.com: could not connect to host monoseis-monotica.gr: max-age too low: 300 monotsuku.com: could not connect to host +monozukuri.cafe: did not receive HSTS header montanacures.org: could not connect to host montanana.com: did not receive HSTS header monteurzimmerfrei.de: could not connect to host montonicms.com: could not connect to host -moo.pet: did not receive HSTS header +moo.pet: could not connect to host moobo.xyz: did not receive HSTS header moodifiers.com: could not connect to host moon.lc: could not connect to host -moonagic.io: did not receive HSTS header moonchart.co.uk: did not receive HSTS header moonless.net: could not connect to host moonloupe.com: could not connect to host +moonrhythm.info: did not receive HSTS header +moonrhythm.io: did not receive HSTS header moonysbouncycastles.co.uk: could not connect to host moosemanstudios.com: could not connect to host moov.is: could not connect to host @@ -9049,7 +9786,6 @@ morethanadream.lv: could not connect to host morfitronik.pl: could not connect to host morganestes.com: max-age too low: 0 morganino.eu: could not connect to host -morhys.com: could not connect to host morningcalculation.com: could not connect to host morninglory.com: did not receive HSTS header mornings.com: did not receive HSTS header @@ -9057,7 +9793,7 @@ morotech.com.br: could not connect to host morpheusx.at: could not connect to host morpheusxaut.net: could not connect to host morpork.xyz: could not connect to host -morz.org: could not connect to host +morz.org: max-age too low: 0 mosaique-lachenaie.fr: could not connect to host moskva.guide: did not receive HSTS header moso.io: did not receive HSTS header @@ -9071,21 +9807,26 @@ motocyklovedily.cz: did not receive HSTS header motomorgen.com: could not connect to host motorbiketourhanoi.com: could not connect to host motorcheck.ie: did not receive HSTS header +motornomaslo.bg: did not receive HSTS header motoroilinfo.com: did not receive HSTS header motorsportdiesel.com: did not receive HSTS header +motovio.de: did not receive HSTS header motransportinfo.com: did not receive HSTS header mottvd.com: could not connect to host +moube.fr: could not connect to host moudicat.com: max-age too low: 6307200 moula.com.au: did not receive HSTS header moumaobuchiyu.com: could not connect to host -mountainadventureseminars.com: could not connect to host +mountain-rock.ru: could not connect to host +mountainadventureseminars.com: did not receive HSTS header mountainmusicpromotions.com: did not receive HSTS header movabletype.net: max-age too low: 3600 -move.mil: did not receive HSTS header movepin.com: could not connect to host movie4k.fyi: could not connect to host movie4k.life: could not connect to host -moviedollars.com: did not receive HSTS header +movie4kto.site: could not connect to host +moviedollars.com: could not connect to host +movienang.com: max-age too low: 0 moviesabout.net: could not connect to host moviespur.info: did not receive HSTS header moving-pixtures.de: could not connect to host @@ -9096,17 +9837,21 @@ moy-gorod.od.ua: did not receive HSTS header moyu.host: did not receive HSTS header mozart-game.cz: could not connect to host mozartgame.cz: could not connect to host +mozgb.ru: could not connect to host mozillians.org: did not receive HSTS header mozoa.net: could not connect to host mozzilla.cz: could not connect to host mp3donusturucu.com: did not receive HSTS header mp3donusturucu.net: did not receive HSTS header +mp3gratuiti.com: could not connect to host mp3juices.is: could not connect to host mpi-sa.fr: did not receive HSTS header -mpkossen.com: did not receive HSTS header +mpkossen.com: could not connect to host +mpn.poker: did not receive HSTS header mpserver12.org: could not connect to host mr-coffee.net: could not connect to host mr-hosting.com: could not connect to host +mr-nachhilfe.de: did not receive HSTS header mrafrohead.com: could not connect to host mrawe.com: could not connect to host mrburtbox.com: could not connect to host @@ -9117,24 +9862,24 @@ mrettich.org: did not receive HSTS header mrhc.ru: could not connect to host mrhee.com: did not receive HSTS header mrizzio.com: could not connect to host -mrketolocksmith.com: could not connect to host +mrksk.com: could not connect to host mrleonardo.com: did not receive HSTS header mrliu.me: could not connect to host mrnh.tk: could not connect to host -mrning.com: could not connect to host mrnonz.com: max-age too low: 0 mrparker.pw: did not receive HSTS header mrpopat.in: did not receive HSTS header -mrs-shop.com: did not receive HSTS header -mrsbairds.com: max-age too low: 86400 +mrpropop.com: max-age too low: 0 +mrs-shop.com: could not connect to host +mrtunnel.club: did not receive HSTS header mruganiepodspacja.pl: could not connect to host msc-seereisen.net: could not connect to host msgallery.tk: could not connect to host +msp66.de: could not connect to host mstd.tokyo: did not receive HSTS header mstdn-tech.jp: could not connect to host -mstdn.io: did not receive HSTS header -mstdn.nl: did not receive HSTS header -mstiles92.com: max-age too low: 0 +mstdn.nl: could not connect to host +mstiles92.com: did not receive HSTS header msz-fotografie.de: could not connect to host mszaki.com: did not receive HSTS header mt.me.uk: could not connect to host @@ -9148,18 +9893,25 @@ mtg-esport.de: did not receive HSTS header mtg-tutor.de: could not connect to host mtirc.co: could not connect to host mtn.cc: could not connect to host -mtrip.com: did not receive HSTS header +mtrock.ru: could not connect to host +mu3on.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] +muahahahaha.co.uk: could not connect to host +muchohentai.com: could not connect to host +muffet.pw: could not connect to host muga.space: could not connect to host muj-svet.cz: could not connect to host mujadin.se: did not receive HSTS header mulenvo.com: did not receive HSTS header +mulheres18.com: could not connect to host mullen.net.au: did not receive HSTS header multiterm.org: did not receive HSTS header multivpn.cn.com: could not connect to host multivpn.com.de: could not connect to host multivpn.com.ua: could not connect to host multivpn.fr: could not connect to host +multiworldsoftware.com: did not receive HSTS header mumei.space: did not receive HSTS header +mundoadulto.com.br: did not receive HSTS header mundoalpha.com.br: did not receive HSTS header mundodapoesia.com: did not receive HSTS header munecoscabezones.com: did not receive HSTS header @@ -9180,6 +9932,7 @@ murraycolin.org: could not connect to host murrayrun.com: did not receive HSTS header mursu.directory: could not connect to host murz.tv: could not connect to host +muscleangels.com: could not connect to host museminder2.com: did not receive HSTS header museumstreak.com: did not receive HSTS header musewearflipflops.com: could not connect to host @@ -9189,18 +9942,16 @@ musi.cx: could not connect to host musikkfondene.no: did not receive HSTS header musikzug-bookholzberg.de: did not receive HSTS header muslimbanter.co.za: could not connect to host -musmann.io: did not receive HSTS header mustika.cf: did not receive HSTS header mutamatic.com: could not connect to host mutuelle-obligatoire-pme.fr: did not receive HSTS header -muusika.fun: could not connect to host muzgra.in: did not receive HSTS header +muzi.cz: could not connect to host muzykaprzeszladoplay.pl: could not connect to host mvanmarketing.nl: did not receive HSTS header mvnet.com.br: did not receive HSTS header mvsecurity.nl: could not connect to host mwalz.com: could not connect to host -mx.org.ua: could not connect to host mxawei.cn: could not connect to host mxlife.org: could not connect to host my-demo.co: could not connect to host @@ -9214,6 +9965,8 @@ myairshop.gr: could not connect to host myandroid.tools: could not connect to host myandroidtools.cc: could not connect to host myandroidtools.pro: could not connect to host +myappliancerepairhouston.com: did not receive HSTS header +myartsway.com: did not receive HSTS header mybudget.xyz: could not connect to host mybuilderinlondon.co.uk: did not receive HSTS header mybusiness.cm: did not receive HSTS header @@ -9223,7 +9976,7 @@ myclientsplus.com: did not receive HSTS header mycollab.net: could not connect to host mycontrolmonitor.com: could not connect to host mycoted.com: did not receive HSTS header -myday.eu.com: could not connect to host +myday.eu.com: did not receive HSTS header mydeos.com: could not connect to host mydigipass.com: did not receive HSTS header mydmdi.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] @@ -9243,23 +9996,25 @@ mygov.scot: did not receive HSTS header mygpsite.com: did not receive HSTS header mygreatjob.eu: could not connect to host myhair.asia: did not receive HSTS header -myicare.org: could not connect to host +myhostname.net: did not receive HSTS header +myicare.org: did not receive HSTS header myiocc.org: did not receive HSTS header myip.tech: max-age too low: 2592000 mykolab.com: did not receive HSTS header mykreuzfahrt.de: could not connect to host -mylene-chandelier.me: could not connect to host +mylene-chandelier.me: did not receive HSTS header mylighthost.com: did not receive HSTS header mylocalsearch.co.uk: did not receive HSTS header -mymixtapez.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] -mymp3singer.co: did not receive HSTS header +mylotto.co.nz: could not connect to host +mymp3singer.co: could not connect to host mymp3singer.net: could not connect to host -mymp3singer.site: did not receive HSTS header +mymp3singer.site: could not connect to host mymsr.de: did not receive HSTS header myndcommunication.com: could not connect to host mynetblog.com: did not receive HSTS header +mynetworkingbuddy.com: could not connect to host mynewleaf.co: did not receive HSTS header -mynewselfbariatrics.com: could not connect to host +mynewselfbariatrics.com: did not receive HSTS header myni.io: could not connect to host mynigma.org: did not receive HSTS header myon.info: did not receive HSTS header @@ -9278,7 +10033,6 @@ myptsite.com: could not connect to host myqdu.cn: could not connect to host myqdu.com: could not connect to host myrig.io: could not connect to host -myrig.net: could not connect to host myrsa.in: did not receive HSTS header myruststats.com: could not connect to host mysa.is: could not connect to host @@ -9286,28 +10040,28 @@ mysecretrewards.com: could not connect to host myspa.asia: did not receive HSTS header mystery-science-theater-3000.de: did not receive HSTS header mysteryblog.de: did not receive HSTS header +mystown.org: could not connect to host mystudy.me: could not connect to host mytc.fr: could not connect to host mythlogic.com: did not receive HSTS header mythslegendscollection.com: did not receive HSTS header -mytraiteurs.com: could not connect to host mytravelblog.de: could not connect to host myweb360.de: did not receive HSTS header -myxbox.gr: did not receive HSTS header +myxbox.gr: max-age too low: 0 myzone.com: did not receive HSTS header -mziulu.me: could not connect to host mzlog.win: could not connect to host mzorn.photography: could not connect to host -mzzj.de: could not connect to host +n-kanazawa.jp: max-age too low: 0 n-rickroll-e.pw: could not connect to host n-x.info: did not receive HSTS header n0099.cf: did not receive HSTS header n0rm.ru: could not connect to host n0s.de: did not receive HSTS header -n2servers.com: could not connect to host +n2host.eu: could not connect to host n2x.in: could not connect to host +n3twork.net: could not connect to host n4l.pw: could not connect to host -n64chan.me: did not receive HSTS header +n64chan.me: could not connect to host n8ch.net: could not connect to host na.hn: did not receive HSTS header naano.org: could not connect to host @@ -9317,21 +10071,25 @@ nabytko.cz: could not connect to host nacktetatsachen.at: did not receive HSTS header nadaquenosepas.com: could not connect to host nadia.pt: could not connect to host +nadyaolcer.fr: could not connect to host nagaragem.com.br: did not receive HSTS header +nagelfam.com: could not connect to host nagios.by: did not receive HSTS header nagoya-kyuyo.com: could not connect to host naiaspa.fr: did not receive HSTS header naiharngym.com: did not receive HSTS header -nais.me: could not connect to host +nailedithomebuilders.com: could not connect to host +nais.me: did not receive HSTS header najedlo.sk: could not connect to host +nakada4610.com: could not connect to host nakamastreamingcommunity.com: could not connect to host -nakanishi-paint.com: could not connect to host nakhonidc.com: could not connect to host -nakitbonus2.com: did not receive HSTS header +nakitbonus2.com: could not connect to host nakliyatsirketi.biz: could not connect to host +nako.no: did not receive HSTS header nakuro.de: could not connect to host nalao-company.com: did not receive HSTS header -nalifornia.com: did not receive HSTS header +nalifornia.com: could not connect to host nalinux.cz: did not receive HSTS header nallon.com.br: could not connect to host nalukfitness.com.br: could not connect to host @@ -9341,15 +10099,18 @@ named.ga: could not connect to host nameme.xyz: could not connect to host nametaken-cloud.duckdns.org: could not connect to host namethatbone.com: could not connect to host +namethatporn.com: could not connect to host namikawatetsuji.jp: could not connect to host namorico.me: could not connect to host nan.ci: did not receive HSTS header nan.zone: could not connect to host +nanami.moe: could not connect to host nanderson.me: could not connect to host nanfangstone.com: could not connect to host nani.io: did not receive HSTS header naniki.co.uk: could not connect to host nanogeneinc.com: could not connect to host +nanogi.ga: could not connect to host nanokamo.com: did not receive HSTS header nanosingularity.com: could not connect to host nanrenba.net: could not connect to host @@ -9363,15 +10124,14 @@ narko.space: could not connect to host narodniki.com: did not receive HSTS header narviz.com: did not receive HSTS header nasarawanewsonline.com: could not connect to host -nasmocopati.com: could not connect to host +nasmocopati.com: did not receive HSTS header nasralmabrooka.com: did not receive HSTS header nastysclaw.com: could not connect to host natalia-fadeeva.ru: could not connect to host -natalia.io: could not connect to host +natalia.io: did not receive HSTS header natalieandjoshua.com: could not connect to host natalt.org: did not receive HSTS header natalydanilova.com: max-age too low: 300 -natanaelys.com: could not connect to host nataniel-perissier.fr: could not connect to host nate.sh: could not connect to host natenom.com: max-age too low: 7200 @@ -9380,7 +10140,6 @@ natenom.name: max-age too low: 7200 nathankonopinski.com: could not connect to host nathanmfarrugia.com: did not receive HSTS header nationalmall.gov: could not connect to host -nationwiderealtyinvestors.com: could not connect to host nationwidevehiclecontracts.co.uk: did not receive HSTS header natur-udvar.hu: could not connect to host natural-progesterone.net: could not connect to host @@ -9393,7 +10152,8 @@ nauck.org: did not receive HSTS header naudles.me: could not connect to host nav.jobs: could not connect to host naval.tf: could not connect to host -naviaddress.io: could not connect to host +navdeep.ca: could not connect to host +naviaddress.io: did not receive HSTS header naviteq.eu: could not connect to host navjobs.com: could not connect to host nawroth.info: could not connect to host @@ -9403,7 +10163,9 @@ nba2kqq.com: could not connect to host nbb.io: could not connect to host nbg-ha.de: could not connect to host nbis.gov: could not connect to host +nbl.org.tw: could not connect to host nbrown.us: could not connect to host +nbtparse.org: could not connect to host nc2c.com: could not connect to host nc99.co: could not connect to host ncc60205.info: could not connect to host @@ -9414,13 +10176,14 @@ ncpw.gov: did not receive HSTS header ncrmnt.org: did not receive HSTS header nct.org.uk: did not receive HSTS header nctx.co.uk: did not receive HSTS header +ndmath.club: could not connect to host ndtblog.com: could not connect to host ndtmarket.place: could not connect to host ne1home.dyndns.org: did not receive HSTS header neap.io: could not connect to host near.st: did not receive HSTS header nearbiwa.com: did not receive HSTS header -nearon.nl: did not receive HSTS header +nearon.nl: could not connect to host neavision.de: did not receive HSTS header nebulousenhanced.com: could not connect to host necesitodinero.org: could not connect to host @@ -9439,24 +10202,29 @@ neilgreen.net: did not receive HSTS header nejnamc.org: did not receive HSTS header neko-life.com: did not receive HSTS header neko.li: could not connect to host +neko.ml: could not connect to host nekoku.io: could not connect to host nekox.ml: could not connect to host nellen.it: did not receive HSTS header +nemanja.top: did not receive HSTS header nemno.de: could not connect to host nemovement.org: could not connect to host neoani.me: did not receive HSTS header neocyd.com: could not connect to host neofelhz.space: could not connect to host +neojames.me: could not connect to host neonisi.com: could not connect to host neonnuke.tech: did not receive HSTS header neosolution.ca: did not receive HSTS header +neotist.com: did not receive HSTS header nercp.org.uk: did not receive HSTS header nerd42.de: could not connect to host +nerdbox.cc: did not receive HSTS header nerdjokes.de: could not connect to host nerfroute.com: could not connect to host neris.io: could not connect to host neriumhcp.com: did not receive HSTS header -nerpa-club.ru: did not receive HSTS header +nerpa-club.ru: could not connect to host nesantuoka.lt: could not connect to host nestone.ru: could not connect to host net-navi.cc: did not receive HSTS header @@ -9474,18 +10242,16 @@ netfs.pl: did not receive HSTS header netherwind.eu: did not receive HSTS header netlilo.com: could not connect to host netloanusa.com: could not connect to host -netlocal.ru: could not connect to host netmagik.com: did not receive HSTS header netprofile.com.au: did not receive HSTS header netresourcedesign.com: could not connect to host +netronome.com: did not receive HSTS header netsafeid.biz: did not receive HSTS header netscaler.expert: could not connect to host netsight.org: could not connect to host netsparkercloud.com: did not receive HSTS header netsystems.pro: could not connect to host -nettacompany.com.tr: did not receive HSTS header nettefoundation.com: could not connect to host -networx-online.de: could not connect to host netzbit.de: could not connect to host netzpolitik.org: max-age too low: 2592000 netztest.at: did not receive HSTS header @@ -9497,14 +10263,17 @@ neuralgic.net: could not connect to host neuro-plus-100.com: could not connect to host neuronfactor.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] neutralvehicle.com: did not receive HSTS header +neva.li: could not connect to host nevadafiber.net: could not connect to host never-afk.de: did not receive HSTS header neveta.com: could not connect to host new: could not connect to host newantiagingcreams.com: could not connect to host +newbieboss.com: did not receive HSTS header newbownerton.xyz: could not connect to host newchance.store: could not connect to host newcityinfo.info: could not connect to host +newdeveloper.download: could not connect to host newedivideo.it: could not connect to host newfacialbeautycream.com: could not connect to host newgenerationplus.org: could not connect to host @@ -9513,14 +10282,15 @@ newline.online: did not receive HSTS header newlooknow.com: did not receive HSTS header newmelalife.com: did not receive HSTS header newparadigmventures.net: did not receive HSTS header +newpoke.net: did not receive HSTS header newportpropertygroup.com: could not connect to host news4c.com: did not receive HSTS header newsquantified.com: max-age too low: 0 newstarnootropics.com: could not connect to host -newsyslog.org: could not connect to host newtnote.com: could not connect to host newtonhaus.com: could not connect to host newtonwarp.com: could not connect to host +nexgeneration-solutions.com: could not connect to host nexlab.org: did not receive HSTS header next-taxi.ru: could not connect to host next176.sk: did not receive HSTS header @@ -9528,23 +10298,21 @@ next47.com: did not receive HSTS header nextcloud.li: could not connect to host nextcloud.nerdpol.ovh: could not connect to host nextcloud.org: could not connect to host -nextgen.sk: could not connect to host -nextgenthemes.com: did not receive HSTS header nexth.de: could not connect to host nexth.net: did not receive HSTS header nexth.us: could not connect to host -nexthop.co.jp: did not receive HSTS header +nexthop.co.jp: could not connect to host nexthop.co.th: did not receive HSTS header nextpages.de: could not connect to host nextproject.us: could not connect to host nextshutter.com: did not receive HSTS header -nexus-vienna.at: could not connect to host nexusbyte.de: could not connect to host nexuscorporation.in: could not connect to host +nfhome.be: did not receive HSTS header +nfls.io: did not receive HSTS header nfo.so: could not connect to host ng-firewall.com: did not receive HSTS header ng-security.com: could not connect to host -ngc.gov: could not connect to host ngiemboon.net: could not connect to host ngine.ch: did not receive HSTS header nginxnudes.com: could not connect to host @@ -9553,11 +10321,13 @@ nglr.org: could not connect to host ngocuong.net: could not connect to host ngt-service.ru: could not connect to host ngtoys.com.br: did not receive HSTS header +nhliberty.org: did not receive HSTS header nhsuites.com: did not receive HSTS header nhus.de: max-age too low: 172800 niallator.com: could not connect to host nibiisclaim.com: could not connect to host nicestresser.fr: could not connect to host +nicholasperkins.io: could not connect to host nicky.io: did not receive HSTS header nico.one: could not connect to host nicoborghuis.nl: could not connect to host @@ -9574,19 +10344,22 @@ nien.chat: could not connect to host nien.com.tw: could not connect to host nienfun.com: could not connect to host nieuwsoverijssel.nl: did not receive HSTS header +niffler.software: could not connect to host nifpnet.nl: could not connect to host nifume.com: could not connect to host +niggo.eu: could not connect to host nightsnack.cf: could not connect to host niho.jp: did not receive HSTS header nikcub.com: could not connect to host nikksno.io: could not connect to host +niklas.host: could not connect to host niklaslindblad.se: did not receive HSTS header nikobradshaw.com: could not connect to host nikolaichik.photo: did not receive HSTS header nikolasbradshaw.com: could not connect to host -nikonnps.co.uk: did not receive HSTS header nilianwo.com: could not connect to host niloxy.com: did not receive HSTS header +nimidam.com: could not connect to host ninchisho-online.com: did not receive HSTS header ninebytes.xyz: could not connect to host ning.so: did not receive HSTS header @@ -9594,30 +10367,38 @@ ninhs.org: could not connect to host ninjan.co: did not receive HSTS header ninjaspiders.com: could not connect to host ninofink.com: could not connect to host -ninreiei.jp: could not connect to host niouininon.eu: could not connect to host nippler.org: could not connect to host nippombashi.net: did not receive HSTS header +nippon.fr: could not connect to host nipponcareers.com: did not receive HSTS header nirada.info: could not connect to host +nirjharstudio.com: could not connect to host nirna.io: did not receive HSTS header +nirvanashop.com: could not connect to host nishaswonderland.be: did not receive HSTS header nishaswonderland.nl: did not receive HSTS header nishikino-maki.com: could not connect to host nishisbma.com: could not connect to host +nitaonline.org: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] +niva.synology.me: did not receive HSTS header niveldron.com: could not connect to host nixien.fr: could not connect to host nixmag.net: could not connect to host -nkadvertising.online: could not connect to host +nixne.st: could not connect to host +nkadvertising.online: did not receive HSTS header nkautoservice.nl: did not receive HSTS header nkb.in.th: could not connect to host +nkp-media.de: could not connect to host nlegall.fr: did not receive HSTS header nll.fi: could not connect to host nmadda.com: did not receive HSTS header nmctest.net: could not connect to host +nmgb.ga: could not connect to host +nmgb.ml: could not connect to host nmsnj.com: did not receive HSTS header nmueller.at: could not connect to host -nnote.net: did not receive HSTS header +nnote.net: could not connect to host nnya.cat: could not connect to host no17sifangjie.cc: could not connect to host nocallaghan.com: could not connect to host @@ -9639,6 +10420,7 @@ noesberts-weidmoos.de: did not receive HSTS header noexpect.org: could not connect to host noima.com: did not receive HSTS header noisebridge.social: could not connect to host +nojok.es: could not connect to host nolag.host: could not connect to host nolatepayments.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] nolberg.net: did not receive HSTS header @@ -9648,6 +10430,7 @@ nolte.work: could not connect to host nomorebytes.de: could not connect to host nonemu.ninja: could not connect to host noodlesandwich.com: did not receive HSTS header +noodleyum.com: did not receive HSTS header nootropicsource.com: did not receive HSTS header nope.website: could not connect to host nopex.no: could not connect to host @@ -9660,19 +10443,23 @@ nordic-survival.de: did not receive HSTS header nordiccasinocommunity.com: did not receive HSTS header nordlicht.photography: did not receive HSTS header norge.guide: could not connect to host +normalady.com: could not connect to host normanschwaneberg.de: did not receive HSTS header north.supply: could not connect to host northcutt.com: did not receive HSTS header -northernpage.com: could not connect to host +northernmuscle.ca: could not connect to host northpennvwparts.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] northwoodsfish.com: could not connect to host nosbenevolesontdutalent.com: could not connect to host nosecretshop.com: could not connect to host nossasenhoradaconceicao.com.br: did not receive HSTS header nostraspace.com: could not connect to host +nosx.tk: could not connect to host not-a.link: could not connect to host +nota-web.com: could not connect to host notablog.xyz: did not receive HSTS header notadd.io: could not connect to host +notadd.store: could not connect to host notarankastojkovic.me: could not connect to host notarobot.fr: did not receive HSTS header notboring.co.uk: could not connect to host @@ -9684,9 +10471,11 @@ notevencode.com: could not connect to host nothing.net.nz: max-age too low: 7776000 nothing.org.uk: could not connect to host noticia.do: did not receive HSTS header -notjustbitchy.com: did not receive HSTS header +notificami.com: could not connect to host +notjustbitchy.com: could not connect to host notonprem.com: could not connect to host nottheonion.net: did not receive HSTS header +nottori.com: could not connect to host notypiesni.sk: did not receive HSTS header nou.si: did not receive HSTS header nouma.fr: did not receive HSTS header @@ -9704,47 +10493,47 @@ novelabs.de: could not connect to host novelabs.eu: could not connect to host novelshouse.com: could not connect to host novfishing.ru: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] -novinhabucetuda.com: did not receive HSTS header +novinhabucetuda.com: could not connect to host novinivo.com: did not receive HSTS header novtest.ru: did not receive HSTS header noworrywp.com: could not connect to host nowprotein.com: did not receive HSTS header -noxi.ga: could not connect to host nozoe.jp: could not connect to host npm.li: did not receive HSTS header +npmg.org: max-age too low: 0 npol.de: could not connect to host -npool.org: did not receive HSTS header +npool.org: could not connect to host nq7.pl: could not connect to host +nrc-gateway.gov: could not connect to host nrechn.de: could not connect to host nrizzio.me: could not connect to host nrnjn.xyz: did not receive HSTS header nrvnastudios.com: could not connect to host +nsa.ovh: could not connect to host nsbfalconacademy.org: could not connect to host nsdev.cn: could not connect to host nsellier.fr: did not receive HSTS header nshost.ro: did not receive HSTS header nsmail.cn: could not connect to host nspeaks.com: did not receive HSTS header -nstremsdoerfer.ovh: did not receive HSTS header nstyleintl.ca: did not receive HSTS header nsure.us: could not connect to host nsweb.solutions: could not connect to host ntbs.pro: could not connect to host ntia.gov: could not connect to host ntse.xyz: could not connect to host -nu-pogodi.net: could not connect to host nu3.at: did not receive HSTS header nu3.ch: did not receive HSTS header nu3.co.uk: could not connect to host -nu3.com: did not receive HSTS header nu3.de: did not receive HSTS header -nu3.dk: did not receive HSTS header -nu3.fi: did not receive HSTS header nu3.fr: did not receive HSTS header -nu3.no: did not receive HSTS header -nu3.se: did not receive HSTS header nube.ninja: did not receive HSTS header +nubeslayer.com: could not connect to host +nuclear-crimes.com: could not connect to host +nuclearcrimes.com: did not receive HSTS header +nuclearcrimes1.com: did not receive HSTS header nudel.ninja: could not connect to host +nudestpics.com: could not connect to host nufla.de: could not connect to host nugetdependencies.com: did not receive HSTS header nuiguru.me: could not connect to host @@ -9765,9 +10554,11 @@ nupef.org.br: did not receive HSTS header nurserybook.co: did not receive HSTS header nurture.be: did not receive HSTS header nusatrip-api.com: did not receive HSTS header +nusku.biz: did not receive HSTS header nutricuerpo.com: did not receive HSTS header nutrieduca.com: could not connect to host nutrienti.eu: did not receive HSTS header +nutrifyyourself.com: could not connect to host nutritionculture.com: could not connect to host nutsandboltsmedia.com: did not receive HSTS header nuttyveg.com: did not receive HSTS header @@ -9775,21 +10566,22 @@ nuwaterglobal.com: did not receive HSTS header nvlop.xyz: did not receive HSTS header nwa.xyz: could not connect to host nweb.co.nz: could not connect to host -nwerc.party: could not connect to host -nwk1.com: did not receive HSTS header -nwork.media: could not connect to host +nwork.media: did not receive HSTS header nxt.sh: did not receive HSTS header +nyadora.com: could not connect to host nyanpasu.tv: could not connect to host nyatane.com: could not connect to host nyazeeland.guide: could not connect to host nycroth.com: could not connect to host -nydnxs.com: could not connect to host nyesider.org: could not connect to host +nylonfeetporn.com: could not connect to host nyored.com: did not receive HSTS header nyphox.net: could not connect to host nysepho.pw: could not connect to host nysifclaimcentral.com: did not receive HSTS header nystart.no: did not receive HSTS header +nystudio107.com: did not receive HSTS header +nyuusannkinn.com: did not receive HSTS header nz.search.yahoo.com: max-age too low: 172800 nzbs.io: could not connect to host nzmk.cz: could not connect to host @@ -9800,14 +10592,13 @@ oaksbloom.com: could not connect to host oasis-conference.org.nz: could not connect to host oasis.mobi: could not connect to host oasisim.net: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] -oatmealdome.me: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] obdolbacca.ru: could not connect to host oben.pl: did not receive HSTS header oberam.de: could not connect to host oberhof.co: could not connect to host oberhofjuice.com: could not connect to host oberoi.de: max-age too low: 600000 -objectif-leger.com: could not connect to host +objectif-leger.com: did not receive HSTS header oblikdom.pro: did not receive HSTS header oblikdom.ru: did not receive HSTS header oblondata.io: did not receive HSTS header @@ -9816,6 +10607,7 @@ obscuredfiles.com: could not connect to host observatory.se: could not connect to host obsydian.org: could not connect to host oc-minecraft.com: could not connect to host +ocad.com.au: did not receive HSTS header ocapic.com: could not connect to host occ.gov: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] occasion-impro.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] @@ -9828,7 +10620,7 @@ octo.im: could not connect to host octocat.ninja: could not connect to host octod.tk: could not connect to host octofox.de: did not receive HSTS header -octopus-agents.com: could not connect to host +octothorpe.ninja: could not connect to host oddmouse.com: could not connect to host odin.xxx: could not connect to host odinkapital.no: did not receive HSTS header @@ -9839,11 +10631,11 @@ odysseyconservationtrust.com: did not receive HSTS header oe8.bet: could not connect to host ofcourselanguages.com: could not connect to host ofcss.com: did not receive HSTS header -ofda.gov: max-age too low: 604800 ofer.site: did not receive HSTS header off-the-clock.us: could not connect to host offenedialoge.de: max-age too low: 2592000 offersgame.com: could not connect to host +offerstone.cl: did not receive HSTS header offgames.pro: could not connect to host office-ruru.com: could not connect to host officeclub.com.mx: did not receive HSTS header @@ -9858,19 +10650,23 @@ oganek.ie: could not connect to host oganime.com: did not receive HSTS header oggw.us: could not connect to host ogkw.de: could not connect to host +oglen.ca: could not connect to host ogogoshop.com: could not connect to host ogrodywstudniach.pl: did not receive HSTS header ohayosoro.me: could not connect to host ohm2013.org: did not receive HSTS header -ohma.ga: could not connect to host +ohma.ga: did not receive HSTS header ohnemusik.com: could not connect to host ohohrazi.com: did not receive HSTS header +ohreally.de: could not connect to host ohsocool.org: did not receive HSTS header oiepoie.nl: could not connect to host oinky.ddns.net: could not connect to host oishioffice.com: did not receive HSTS header ojbk.eu: could not connect to host +ojeremy.com: could not connect to host ojls.co: could not connect to host +ojp.gov: could not connect to host okad-center.de: could not connect to host okad.de: could not connect to host okad.eu: could not connect to host @@ -9884,9 +10680,10 @@ okok.rent: could not connect to host okutama.in.th: could not connect to host olafnorge.de: did not receive HSTS header olcso-vps-szerver.hu: could not connect to host -oldandyounglesbians.us: did not receive HSTS header +oldandyounglesbians.us: could not connect to host oldschool-criminal.com: did not receive HSTS header oldtimer-trifft-flugplatz.de: did not receive HSTS header +olgui.net: could not connect to host oliverdunk.com: did not receive HSTS header ollehbizev.co.kr: could not connect to host olswangtrainees.com: could not connect to host @@ -9895,10 +10692,12 @@ omacostudio.com: could not connect to host omarh.net: could not connect to host omgaanmetidealen.com: could not connect to host ominto.com: did not receive HSTS header +omise.co: did not receive HSTS header ommahpost.com: did not receive HSTS header omnigon.network: could not connect to host omnilab.tech: could not connect to host omniti.com: max-age too low: 1 +omorashi.org: could not connect to host omquote.gq: could not connect to host omskit.ru: did not receive HSTS header omyogarishikesh.com: did not receive HSTS header @@ -9911,10 +10710,10 @@ onecycling.world: could not connect to host onefour.co: could not connect to host onehourloan.com: could not connect to host onehourloan.sg: did not receive HSTS header -oneidentity.me: could not connect to host oneiros.cc: could not connect to host -onelawsuit.com: did not receive HSTS header +onelawsuit.com: could not connect to host oneminutefilm.tv: did not receive HSTS header +onemusou.com: could not connect to host onepathnetwork.com: max-age too low: 7776000 onepluscamps.com: did not receive HSTS header onepopstore.com: could not connect to host @@ -9925,21 +10724,24 @@ onetly.com: could not connect to host onetwentyseven001.com: did not receive HSTS header onewebdev.info: could not connect to host oneworldbank.com: did not receive HSTS header -onewpst.com: did not receive HSTS header +onewpst.com: could not connect to host onguardonline.gov: did not receive HSTS header oniichan.us: did not receive HSTS header +onionbot.ga: could not connect to host onioncloud.org: could not connect to host onionsburg.com: could not connect to host online-casino.eu: did not receive HSTS header online-scene.com: did not receive HSTS header online-wetten.de: did not receive HSTS header onlinebiller.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] -onlinebillingform.com: did not receive HSTS header +onlinebillingform.com: could not connect to host +onlinecasinobluebook.com: could not connect to host onlinecompliance.org: did not receive HSTS header onlinedemo.hu: could not connect to host onlinedeposit.us: could not connect to host onlinekasino.de: did not receive HSTS header onlinepollsph.com: could not connect to host +onlineporno.tv: could not connect to host onlineschadestaat.nl: did not receive HSTS header onlinespielothek.com: did not receive HSTS header onlinewetten.de: could not connect to host @@ -9947,8 +10749,10 @@ only-roses.co.uk: did not receive HSTS header only-roses.com: max-age too low: 2592000 onlyshopstation.com: did not receive HSTS header onlyzero.net: could not connect to host -onmuvo.com: did not receive HSTS header +onmuvo.com: could not connect to host onmyoji.biz: could not connect to host +onnee.ch: could not connect to host +ono.es: did not receive HSTS header ononpay.com: did not receive HSTS header onovlena.dn.ua: could not connect to host onpatient.com: did not receive HSTS header @@ -9974,7 +10778,7 @@ ooooush.co.uk: could not connect to host oopsmycase.com: could not connect to host oopsorup.com: could not connect to host oost.io: could not connect to host -opatut.de: could not connect to host +opatut.de: did not receive HSTS header opcaobolsas.com.br: could not connect to host open-future.be: did not receive HSTS header open-mx.de: could not connect to host @@ -9997,33 +10801,39 @@ opensourcehouse.net: could not connect to host openspace.xxx: did not receive HSTS header opensrd.com: could not connect to host openssf.org: did not receive HSTS header -opentexon.com: could not connect to host +opentexon.com: did not receive HSTS header openxmpp.com: could not connect to host +operad.fr: could not connect to host opiates.net: did not receive HSTS header opic.gov: could not connect to host opim.ca: did not receive HSTS header opinion8td.com: did not receive HSTS header opinionicentrifuga.it: could not connect to host opinionipannolini.it: could not connect to host +opioids.com: could not connect to host +oppag.com.br: did not receive HSTS header opperwall.net: could not connect to host opportunitycorps.org: max-age too low: 43200 -oprbox.com: could not connect to host +opposer.me: could not connect to host opsafewinter.net: could not connect to host opsbears.com: did not receive HSTS header -opstacks.com: did not receive HSTS header +opstacks.com: could not connect to host optenhoefel.de: could not connect to host optimal-e.com: did not receive HSTS header optimista.soy: could not connect to host +optimize-jpg.com: could not connect to host optometriepunt.nl: did not receive HSTS header optumrxhealthstore.com: could not connect to host opunch.org: did not receive HSTS header oracaodocredo.com.br: could not connect to host orangekey.tk: could not connect to host +orangetravel.eu: could not connect to host oranic.com: did not receive HSTS header orbiosales.com: could not connect to host orbitcom.de: did not receive HSTS header orbitdefence.co.uk: could not connect to host orbograph-hrcm.com: could not connect to host +orcahq.com: did not receive HSTS header order.one: could not connect to host ordereat.fr: could not connect to host orderlounge.de: did not receive HSTS header @@ -10031,31 +10841,33 @@ oref-idf.com: did not receive HSTS header oref-idf.net: did not receive HSTS header oref-idf.org: did not receive HSTS header oregonmu.org: did not receive HSTS header -oreka.online: could not connect to host orelavtomaster.ru: did not receive HSTS header orfeo-engineering.ch: could not connect to host organic-superfood.net: could not connect to host +organicae.com: did not receive HSTS header +organisationsberatung-jacobi.de: did not receive HSTS header +orhideous.name: did not receive HSTS header oricejoc.com: could not connect to host originalmockups.com: did not receive HSTS header -originalsport.com.br: did not receive HSTS header -originpc.com: could not connect to host +originalsport.com.br: could not connect to host orioncustompcs.com: could not connect to host orionfcu.com: did not receive HSTS header -orionfinancialservices.com: did not receive HSTS header orionrebellion.com: did not receive HSTS header orleika.ml: could not connect to host oroweatorganic.com: could not connect to host orthodoxy.lt: did not receive HSTS header -orum.in: could not connect to host +orui.com.br: could not connect to host osaiyuwu.com: could not connect to host -oscarmashauri.com: could not connect to host +osaka-fukushi.jp: max-age too low: 0 +osaka-jusan.jp: max-age too low: 0 +oscarmashauri.com: did not receive HSTS header oscillation-services.fr: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] -oscloud.com: could not connect to host oscloud.com.ua: could not connect to host oscreen.me: could not connect to host oscreen.org: could not connect to host oscsdp.cz: could not connect to host -osdls.gov: could not connect to host +osdls.gov: did not receive HSTS header +osereso.tn: could not connect to host osha-kimi.com: did not receive HSTS header oshanko.de: could not connect to host oshinagaki.jp: could not connect to host @@ -10075,33 +10887,35 @@ othermedia.cc: [Exception... "Component returned failure code: 0x80004005 (NS_ER otherstuff.nl: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] otichi.com: did not receive HSTS header otinane.eu: could not connect to host +otmns.net: could not connect to host otokonna.com: could not connect to host otrsdemo.hu: did not receive HSTS header ottospora.nl: could not connect to host ourbank.com: max-age too low: 2592000 ourchoice2016.com: could not connect to host -outdooradventures.pro: did not receive HSTS header -outdoorproducts.com: did not receive HSTS header +ourls.win: could not connect to host +outdooradventures.pro: could not connect to host +outdoorproducts.com: max-age too low: 7889238 outreachbuddy.com: could not connect to host outsider.im: could not connect to host outurnate.com: could not connect to host ouvirmusica.com.br: did not receive HSTS header ovenapp.io: did not receive HSTS header over25tips.com: did not receive HSTS header -overclockers.ge: could not connect to host override.io: could not connect to host overrustle.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] oversight.io: could not connect to host -overstockpromote.com: did not receive HSTS header ovuscloud.de: could not connect to host ovwane.com: could not connect to host owennelson.me: max-age too low: 2592000 owensmith.website: could not connect to host owlscrap.ru: could not connect to host owncloud.help: could not connect to host -owngeek.com: did not receive HSTS header +owngeek.com: could not connect to host ownmovies.fr: could not connect to host ownspec.com: could not connect to host +owothisdiz.pw: could not connect to host +oxanababy.com: could not connect to host oxro.co: did not receive HSTS header oxro.io: did not receive HSTS header oxygenabsorbers.com: did not receive HSTS header @@ -10124,25 +10938,25 @@ paavolastudio.com: did not receive HSTS header pablocamino.tk: could not connect to host pablofain.com: did not receive HSTS header pablorey-art.com: did not receive HSTS header +pachaiyappas.org: did not receive HSTS header packair.com: did not receive HSTS header packetapp.ru: could not connect to host packetcrash.net: could not connect to host packlane.com: did not receive HSTS header -packshot-creator.com: did not receive HSTS header pacnetwork.io: could not connect to host pacoda.de: could not connect to host pactf-flag-4boxdpa21ogonzkcrs9p.com: could not connect to host pactocore.org: could not connect to host +padeoe.com: did not receive HSTS header pader-deko.de: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] paestbin.com: could not connect to host page: could not connect to host -pagefulloflies.io: could not connect to host pagerate.io: could not connect to host pages-tocaven.com: could not connect to host pagetoimage.com: could not connect to host paginapolitica.ro: could not connect to host -pahlawanpulsa.com: did not receive HSTS header -pahnid.com: did not receive HSTS header +pagure.org: could not connect to host +pahnid.com: could not connect to host paigeglass.com: did not receive HSTS header paino.cloud: could not connect to host painosso.org: could not connect to host @@ -10150,21 +10964,25 @@ paintingat.com: could not connect to host paio2-rec.com: could not connect to host paio2.com: did not receive HSTS header paisaone.com: could not connect to host +paizinhovirgula.com: did not receive HSTS header pajonzeck.de: could not connect to host paket.io: could not connect to host -paket.ml: could not connect to host +paket.ml: did not receive HSTS header +paketkreditsuzuki.com: could not connect to host paku.me: could not connect to host palariviera.com: could not connect to host palationtrade.com: could not connect to host +palawan.jp: could not connect to host palazzotalamo.it: did not receive HSTS header +paleolowcarb.de: did not receive HSTS header paleosquawk.com: could not connect to host -pallet.io: could not connect to host +pallet.io: did not receive HSTS header palmer.im: could not connect to host pammbook.com: did not receive HSTS header pamplona.tv: could not connect to host pan.tips: could not connect to host panaceallc.net: could not connect to host -panama-gbs.com: could not connect to host +panama-gbs.com: did not receive HSTS header panamaequity.com: did not receive HSTS header panamateakforestry.com: did not receive HSTS header panascais.io: could not connect to host @@ -10176,28 +10994,31 @@ panni.me: could not connect to host panoranordic.net: could not connect to host panos.io: did not receive HSTS header pansu.space: could not connect to host -pants-off.xyz: could not connect to host pantsu.cat: did not receive HSTS header +paolo565.org: did not receive HSTS header papalytics.com: could not connect to host papatest24.de: could not connect to host papeda.net: could not connect to host papelariadante.com.br: could not connect to host papercard.co.uk: did not receive HSTS header papercrunch.io: could not connect to host +paperhaven.com.au: max-age too low: 7889238 +papermasters.com: could not connect to host +papersmart.net: could not connect to host papierniak.net: could not connect to host papygeek.com: could not connect to host -parabhairavayoga.com: max-age too low: 0 +parabhairavayoga.com: did not receive HSTS header paradiesgirls.ch: could not connect to host paradise-engineers.com: could not connect to host paragon.edu: did not receive HSTS header parakranov.ru: did not receive HSTS header paranormalweirdo.com: could not connect to host +parav.xyz: did not receive HSTS header pardnoy.com: could not connect to host parent5446.us: could not connect to host parentmail.co.uk: did not receive HSTS header -parfum-baza.ru: did not receive HSTS header +parfum-baza.ru: could not connect to host paris-cyber.fr: did not receive HSTS header -parisbloom.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] parisdimanche.com: did not receive HSTS header parishome.jp: could not connect to host parisvox.info: did not receive HSTS header @@ -10213,25 +11034,27 @@ parpaing-paillette.net: could not connect to host particonpsplus.it: could not connect to host partiono.com: did not receive HSTS header partirkyoto.jp: did not receive HSTS header -partnercardservices.com: did not receive HSTS header +partnercardservices.com: could not connect to host partnerwerk.de: did not receive HSTS header partyhaus.ovh: could not connect to host partyhireformby.co.uk: did not receive HSTS header +partyschnaps.com: could not connect to host partyspecialists.com: did not receive HSTS header partyvan.eu: could not connect to host partyvan.it: could not connect to host partyvan.moe: could not connect to host partyvan.nl: could not connect to host partyvan.se: could not connect to host -parvaneh.fr: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] pascalchristen.ch: did not receive HSTS header +pasportaservo.org: did not receive HSTS header passpilot.co.uk: did not receive HSTS header passumpsicbank.com: did not receive HSTS header passwd.io: did not receive HSTS header -password.codes: did not receive HSTS header +password.codes: could not connect to host passwordbox.com: did not receive HSTS header passwordrevelator.net: did not receive HSTS header passwordscon.com: could not connect to host +pasta-factory.co.il: could not connect to host pastaf.com: could not connect to host pastdream.xyz: could not connect to host paste.linode.com: could not connect to host @@ -10241,9 +11064,8 @@ paster.li: did not receive HSTS header pasteros.io: could not connect to host pastie.se: could not connect to host pastorcanadense.com.br: could not connect to host -patadanabouca.pw: could not connect to host pataua.kiwi: did not receive HSTS header -patbatesremodeling.com: could not connect to host +patentfamily.de: could not connect to host paternitydnatest.com: could not connect to host patfs.com: did not receive HSTS header pathwaytofaith.com: could not connect to host @@ -10252,25 +11074,30 @@ patriaco.net: did not receive HSTS header patrick.dark.name: could not connect to host patrickbusch.net: could not connect to host patrickneuro.de: could not connect to host +patrickquinn.ca: did not receive HSTS header patt.us: did not receive HSTS header patterson.mp: could not connect to host paul-kerebel.pro: could not connect to host +paul-schmidt.de: max-age too low: 0 paulbunyanmls.com: did not receive HSTS header paulchen.at: did not receive HSTS header -paulerhof.com: did not receive HSTS header paulproell.at: did not receive HSTS header paulrudge.codes: could not connect to host paulshir.com: could not connect to host paulshir.is: could not connect to host +paultibbetts.uk: could not connect to host paulyang.cn: did not receive HSTS header paveljanda.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] pavelkahouseforcisco.com: did not receive HSTS header +pavelstriz.cz: could not connect to host +pawsru.org: could not connect to host paxdei.com.br: could not connect to host paxwinkel.nl: could not connect to host pay.gigahost.dk: did not receive HSTS header pay.ubuntu.com: could not connect to host payclixpayments.com: did not receive HSTS header payfreez.com: could not connect to host +paykings.com: did not receive HSTS header payload.tech: could not connect to host payments-reference.org: could not connect to host payments.google.com: did not receive HSTS header (error ignored - included regardless) @@ -10279,17 +11106,14 @@ paypod.org: could not connect to host payroll.ch: could not connect to host paytwopay.com: could not connect to host pb-design.ch: could not connect to host -pb.ax: did not receive HSTS header pbapp.net: did not receive HSTS header pbbr.com: did not receive HSTS header pbcknd.ml: could not connect to host pbcomp.com.au: did not receive HSTS header pbprint.ru: did not receive HSTS header -pbqs.site: could not connect to host pbscreens.com: could not connect to host pbytes.com: could not connect to host pc-nf.de: did not receive HSTS header -pc-servis-brno.com: did not receive HSTS header pc-tweak.de: did not receive HSTS header pcat.io: could not connect to host pcfun.net: did not receive HSTS header @@ -10299,25 +11123,27 @@ pcvirusclear.com: could not connect to host pdamsidoarjo.co.id: could not connect to host pdevio.com: could not connect to host pdf.yt: could not connect to host +pdomo.me: did not receive HSTS header pe-bank.co.jp: max-age too low: 604800 pe-kyousai.jp: did not receive HSTS header peaceandwool.com: did not receive HSTS header peakapp.nl: could not connect to host pebblesdemo.com: could not connect to host pecot.fr: did not receive HSTS header -peddy.dyndns.org: could not connect to host -pedrosaurus.com: did not receive HSTS header peekops.com: could not connect to host peerherrmann.de: could not connect to host peerless.ae: could not connect to host +peinard.net: did not receive HSTS header peirong.me: could not connect to host peissen.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] pekkapikkarainen.fi: did not receive HSTS header pekkarik.ru: could not connect to host peliculasaudiolatinoonline.com: could not connect to host +peliseries24.com: could not connect to host pemagrid.org: could not connect to host pemberton.at: did not receive HSTS header penablog.com: did not receive HSTS header +penfold.fr: could not connect to host pengisatelier.net: could not connect to host pengui.uk: could not connect to host penguinclientsystem.com: did not receive HSTS header @@ -10325,7 +11151,7 @@ pengumuman.id: did not receive HSTS header pennyapp.io: did not receive HSTS header pennylane.me.uk: did not receive HSTS header pensanisso.com: did not receive HSTS header -penser-electronique.com: could not connect to host +penser-electronique.com: did not receive HSTS header pension-waldesruh.de: did not receive HSTS header pensiunealido.ro: could not connect to host pentagram.me: max-age too low: 2592000 @@ -10341,18 +11167,20 @@ perdel.cn: could not connect to host pereuda.com: could not connect to host perfect-radiant-wrinkles.com: could not connect to host perfectionis.me: could not connect to host -perfectionunite.com: did not receive HSTS header +perfectionunite.com: could not connect to host perfectseourl.com: did not receive HSTS header +performaride.com.au: did not receive HSTS header performaterm.ro: could not connect to host performous.org: did not receive HSTS header perfumista.vn: did not receive HSTS header +periodismoactual.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] periscopeliveweb.com: could not connect to host perlwork.nl: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] pernatie.ru: could not connect to host peromsik.com: did not receive HSTS header perplex.nl: did not receive HSTS header perrone.co: could not connect to host -perroud.pro: could not connect to host +perroud.pro: did not receive HSTS header persjrp.ca: could not connect to host persoform.ch: could not connect to host personalcommunicationsecurity.com: could not connect to host @@ -10364,13 +11192,14 @@ persson.im: could not connect to host perthdevicelab.com: did not receive HSTS header pestalozzishop.com.br: could not connect to host pesto.video: could not connect to host -pesyun.cn: did not receive HSTS header pet-life.top: did not receive HSTS header pet-nsk.ru: could not connect to host +petangen.se: could not connect to host petbooking.it: did not receive HSTS header petchart.net: could not connect to host -peterboers.info: could not connect to host +peterfolta.net: could not connect to host peterkshultz.com: did not receive HSTS header +petermazur.com: did not receive HSTS header peternagy.ie: did not receive HSTS header petersmark.com: did not receive HSTS header pethelpers.org: did not receive HSTS header @@ -10378,16 +11207,19 @@ pethub.com: did not receive HSTS header petit.site: could not connect to host petlife.od.ua: could not connect to host petplum.com: could not connect to host +petrachuk.ru: could not connect to host +petravdbos.nl: could not connect to host petrkrapek.cz: did not receive HSTS header petrolplus.ru: max-age too low: 7776000 petrovsky.pro: could not connect to host petsittersservices.com: could not connect to host -pettsy.com: could not connect to host +pettsy.com: did not receive HSTS header peuf.shop: could not connect to host peuterspeelzaalhoekvanholland.nl: could not connect to host pewboards.com: could not connect to host pexieapp.com: did not receive HSTS header peykezamin.ir: did not receive HSTS header +peyote.org: could not connect to host peytonfarrar.com: could not connect to host pferdeeinstreu-kaufen.com: did not receive HSTS header pfgshop.com.br: could not connect to host @@ -10395,12 +11227,10 @@ pflegedienst-gratia.de: max-age too low: 300 pfolta.net: could not connect to host pgcpbc.com: could not connect to host pgmsource.com: could not connect to host -pgnetwork.net: could not connect to host pgpm.io: could not connect to host pgregg.com: did not receive HSTS header pgtb.be: could not connect to host phalconist.com: could not connect to host -pharmaboard.org: could not connect to host pharmgkb.org: could not connect to host phcmembers.com: did not receive HSTS header phcnetworks.net: did not receive HSTS header @@ -10416,17 +11246,18 @@ philadelphiadancefoundation.org: could not connect to host philipmordue.co.uk: could not connect to host philippa.cool: could not connect to host phillippi.me: could not connect to host +phillipsuk.com: max-age too low: 0 phillmoore.com: did not receive HSTS header phillprice.com: did not receive HSTS header philonas.net: did not receive HSTS header philpropertygroup.com: could not connect to host +phippsreporting.com: did not receive HSTS header phoebe.co.nz: did not receive HSTS header phoenicis.com.ua: did not receive HSTS header phoenix.dj: did not receive HSTS header -phoenixlogan.com: could not connect to host phonenumberinfo.co.uk: could not connect to host phongmay24h.com: could not connect to host -phood.be: did not receive HSTS header +phood.be: could not connect to host photoblogverona.com: could not connect to host photoboothpartyhire.co.uk: did not receive HSTS header photographyforchange.com: could not connect to host @@ -10439,7 +11270,6 @@ phperformances.fr: did not receive HSTS header phpfashion.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] phrasing.me: could not connect to host phuong.faith: could not connect to host -physicaltherapist.com: did not receive HSTS header pi-eng.fr: did not receive HSTS header pianetaottica.eu: could not connect to host pianetaottica.info: could not connect to host @@ -10447,6 +11277,7 @@ pianetaottica.net: could not connect to host pianetaottica.org: could not connect to host pias-button.net: did not receive HSTS header piasto.com.cy: could not connect to host +piatanoua.md: could not connect to host picallo.es: could not connect to host picardiascr.com: could not connect to host pickr.co: could not connect to host @@ -10457,10 +11288,12 @@ picscare.co.uk: did not receive HSTS header picshare.nz: could not connect to host pidatacenters.com: did not receive HSTS header pidomex.com: did not receive HSTS header +piedfeed.com: did not receive HSTS header piekacz.co.uk: could not connect to host pierrejeansuau.fr: could not connect to host pieterjangeeroms.me: could not connect to host piggott.me.uk: did not receive HSTS header +piils.fr: did not receive HSTS header pikmy.com: could not connect to host pilgermaske.org: did not receive HSTS header piligrimname.com: could not connect to host @@ -10471,10 +11304,13 @@ pims.global: did not receive HSTS header pimspage.nl: could not connect to host pin.net.au: did not receive HSTS header pinebaylibrary.org: could not connect to host +pinesandneedles.com: max-age too low: 7889238 pinkfis.ch: did not receive HSTS header pinkhq.com: did not receive HSTS header pinkinked.com: could not connect to host -pinoyonlinetv.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] +pinkyf.com: did not receive HSTS header +pinoylinux.org: did not receive HSTS header +pintoselectrician.co.za: did not receive HSTS header pioche.ovh: did not receive HSTS header pipenny.net: could not connect to host pippen.io: could not connect to host @@ -10488,7 +11324,7 @@ piratedot.com: could not connect to host piratelist.online: could not connect to host piratenlogin.de: could not connect to host piratepay.io: could not connect to host -piratepay.ir: could not connect to host +piratepay.ir: did not receive HSTS header pirateproxy.pe: could not connect to host pirateproxy.sx: did not receive HSTS header pirateproxy.vip: could not connect to host @@ -10501,15 +11337,14 @@ pisidia.de: could not connect to host pitchup.com: did not receive HSTS header pitonarms.com: could not connect to host pitsstop.nu: could not connect to host -pittaya.com: could not connect to host +pittaya.com: did not receive HSTS header pittonpreschool.com: did not receive HSTS header -piwko.co: could not connect to host pix-geeks.com: max-age too low: 2592000 pixdigital.net: did not receive HSTS header pixeame.com: did not receive HSTS header pixel.google.com: did not receive HSTS header (error ignored - included regardless) pixelcode.com.au: could not connect to host -pixelcubed.com: could not connect to host +pixelesque.uk: could not connect to host pixelgliders.de: could not connect to host pixelhero.co.uk: did not receive HSTS header pixi.chat: could not connect to host @@ -10518,9 +11353,11 @@ pixlfox.com: could not connect to host pizzadoc.ch: could not connect to host pj83.duckdns.org: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] pj881988.com: could not connect to host -pjbet.mg: did not receive HSTS header +pjbet.mg: could not connect to host +pjsec.tk: could not connect to host pkautodesign.com: did not receive HSTS header pkschat.com: could not connect to host +pksps.com: could not connect to host plaasprodukte.com: could not connect to host placefade.com: could not connect to host placehold.co: did not receive HSTS header @@ -10529,13 +11366,12 @@ plaettliaktion.ch: did not receive HSTS header plagiarismcheck.org: max-age too low: 604800 plakbak.nl: could not connect to host planbox.info: could not connect to host -planespotterblog.de: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] planete-secu.com: could not connect to host +planetromeo.com: could not connect to host planktonholland.com: did not receive HSTS header planpharmacy.com: could not connect to host plant.ml: could not connect to host -plantastique.com: did not receive HSTS header -plantroon.com: could not connect to host +plantroon.com: did not receive HSTS header plass.hamburg: could not connect to host plasvilledescartaveis.com.br: could not connect to host platform.lookout.com: could not connect to host @@ -10548,10 +11384,12 @@ playflick.com: did not receive HSTS header playmaker.io: did not receive HSTS header playmaza.live: did not receive HSTS header playmfe.com: could not connect to host -playnation.io: could not connect to host +playsoundevents.be: could not connect to host playsource.co: could not connect to host playwhyyza.com: could not connect to host +playyou.be: could not connect to host please-deny.me: did not receive HSTS header +pleaseuseansnisupportedbrowser.ml: could not connect to host pleasure-science.com: could not connect to host pleasure.forsale: could not connect to host plen.io: could not connect to host @@ -10570,12 +11408,12 @@ ploup.net: could not connect to host pluff.nl: did not receive HSTS header plugboard.xyz: could not connect to host pluggedhead.com: did not receive HSTS header +plumbingman.com.au: did not receive HSTS header plus-digital.net: did not receive HSTS header plus-u.com.au: did not receive HSTS header plus.sandbox.google.com: did not receive HSTS header (error ignored - included regardless) plus1s.tk: could not connect to host plussizereviews.com: could not connect to host -plustech.id: did not receive HSTS header plut.org: did not receive HSTS header plymouthsoftplay.co.uk: could not connect to host pm13-media.cz: could not connect to host @@ -10590,13 +11428,14 @@ pnukee.com: did not receive HSTS header po.gl: could not connect to host pocakdrops.com: did not receive HSTS header pocket-lint.com: did not receive HSTS header -pocketinsure.com: could not connect to host +pocketfullofapps.com: did not receive HSTS header pocketmemories.net: could not connect to host pocketsix.com: could not connect to host pocloud.homelinux.net: could not connect to host pocobelli.ch: did not receive HSTS header podcast.style: could not connect to host podiumsdiskussion.org: did not receive HSTS header +pogoswine.com: could not connect to host pogs.us: could not connect to host poiema.com.sg: did not receive HSTS header poinsot.beer: could not connect to host @@ -10610,6 +11449,7 @@ pol-expo.ru: could not connect to host pol.in.th: could not connect to host polandb2b.directory: could not connect to host polarityschule.com: did not receive HSTS header +pole.net.nz: did not receive HSTS header poleartschool.com: could not connect to host polen.guide: could not connect to host policeiwitness.sg: could not connect to host @@ -10621,28 +11461,29 @@ politically-incorrect.xyz: could not connect to host politiewervingshop.nl: did not receive HSTS header politologos.org: could not connect to host pollpodium.nl: could not connect to host -polly.spdns.org: could not connect to host polsport.live: did not receive HSTS header polycoise.com: could not connect to host polycrypt.us: could not connect to host polymorph.rs: could not connect to host polypho.nyc: could not connect to host polysage.org: could not connect to host +polytechecosystem.vc: could not connect to host pomfe.co: could not connect to host pompefunebrilariviera.it: could not connect to host pompompoes.com: did not receive HSTS header pondof.fish: could not connect to host -poneytelecom.org: did not receive HSTS header +poneytelecom.org: could not connect to host ponteencima.com: could not connect to host ponteus.com: could not connect to host pontodogame.com.br: could not connect to host pontokay.com.br: could not connect to host pontualcomp.com: could not connect to host -pony.today: did not receive HSTS header +pony.today: could not connect to host ponythread.com: did not receive HSTS header poolinstallers.co.za: could not connect to host poolsandstuff.com: did not receive HSTS header poon.tech: could not connect to host +popcultureshack.com: could not connect to host popi.se: did not receive HSTS header popkins.cf: could not connect to host popkins.ga: could not connect to host @@ -10651,30 +11492,40 @@ popkins.ml: could not connect to host popkins.tk: could not connect to host popupsoftplay.com: could not connect to host poris.web.id: could not connect to host +porn77.info: could not connect to host +pornbay.org: could not connect to host pornblog.org: could not connect to host +porncandi.com: could not connect to host +porno-gif.ru: could not connect to host +pornohub.su: could not connect to host +pornolab-net.appspot.com: could not connect to host +pornoserver.eu: could not connect to host pornstars.me: did not receive HSTS header porschen.fr: could not connect to host port.social: could not connect to host -portailevangelique.ca: did not receive HSTS header +portale-randkowe.pl: did not receive HSTS header +portalhubnuti.cz: did not receive HSTS header portalisapres.cl: could not connect to host portalm.tk: could not connect to host portalmundo.xyz: could not connect to host portalplatform.net: could not connect to host -portaluniversalista.org: could not connect to host +portaluniversalista.org: did not receive HSTS header portefeuillesignalen.nl: did not receive HSTS header -portofrotterdam.com: could not connect to host +posbank.co.uk: could not connect to host poshpak.com: max-age too low: 86400 -positivenames.net: could not connect to host +positivesobrietyinstitute.com: did not receive HSTS header post4me.at: could not connect to host postback.io: did not receive HSTS header postcardpayment.com: could not connect to host postcodegarant.nl: could not connect to host +postcodewise.co.uk: could not connect to host posters.win: could not connect to host postscheduler.org: could not connect to host posylka.de: did not receive HSTS header potatoheads.net: could not connect to host potbar.com: could not connect to host potbox.com: could not connect to host +potenzmittelblog.info: could not connect to host potlytics.com: could not connect to host potomania.cz: could not connect to host potpourrifestival.de: did not receive HSTS header @@ -10695,7 +11546,6 @@ powerb.ch: did not receive HSTS header powerentertainment.tv: could not connect to host poweroff.win: could not connect to host powerplannerapp.com: could not connect to host -powersergthisisthewebsitefuckyouscott.com: did not receive HSTS header powersergunited.com: could not connect to host powersergunited.org: could not connect to host powershellmagic.com: could not connect to host @@ -10706,7 +11556,7 @@ pozniak.at: did not receive HSTS header pozyczka-bez-zaswiadczen.pl: did not receive HSTS header pozytywnyplan.pl: could not connect to host pozzo-balbi.com: did not receive HSTS header -ppoozl.com: could not connect to host +ppembed.com: did not receive HSTS header pppo.gov: could not connect to host ppr-truby.ru: could not connect to host ppuu.org: did not receive HSTS header @@ -10719,7 +11569,7 @@ praxis-research.info: did not receive HSTS header precedecaritas.com.br: could not connect to host precisionaeroimaging.com: did not receive HSTS header prediksisydney.com: could not connect to host -preexport.com: could not connect to host +preexport.com: did not receive HSTS header preezzie.com: could not connect to host prefis.com: did not receive HSTS header prefontaine.name: could not connect to host @@ -10729,19 +11579,22 @@ preisser.it: did not receive HSTS header preissler.co.uk: could not connect to host prekladysanca.cz: could not connect to host prelist.org: did not receive HSTS header +premaritalsex.info: could not connect to host premioambiente.it: did not receive HSTS header premiumzweirad.de: max-age too low: 7776000 +prepaidgirl.com: could not connect to host prepandgo-euro.com: could not connect to host -preposted.com: did not receive HSTS header -preppertactics.com: did not receive HSTS header +preposted.com: could not connect to host +preppertactics.com: could not connect to host preprodfan.gov: could not connect to host +prescriptionrex.com: did not receive HSTS header presidentials2016.com: could not connect to host press-anime-nenkan.com: did not receive HSTS header press-presse.ca: did not receive HSTS header pressenews.net: did not receive HSTS header pressfreedomfoundation.org: did not receive HSTS header prestigeeventshire.co.uk: could not connect to host -prestonapp.com: did not receive HSTS header +prestonapp.com: could not connect to host prettygrouse.com: did not receive HSTS header prettyphotoart.de: did not receive HSTS header prettytunesapp.com: could not connect to host @@ -10749,13 +11602,15 @@ pretzlaff.info: did not receive HSTS header preworkout.me: could not connect to host prgslab.net: could not connect to host priceholic.com: could not connect to host +priceremoval.net: could not connect to host +pridetechdesign.com: did not receive HSTS header pridoc.se: did not receive HSTS header prifo.se: could not connect to host prijsvergelijken.ml: could not connect to host prilock.com: did not receive HSTS header primecaplending.com: could not connect to host +primordialsnooze.com: could not connect to host primotiles.co.uk: did not receive HSTS header -primotilesandbathrooms.co.uk: did not receive HSTS header prinbanat.ngo: did not receive HSTS header princeofwhales.com: did not receive HSTS header princessbackpack.de: could not connect to host @@ -10765,15 +11620,16 @@ printerest.io: could not connect to host printersonline.be: did not receive HSTS header printery.be: could not connect to host printfn.com: did not receive HSTS header +printler.com: did not receive HSTS header priolkar.com: could not connect to host prism-communication.com: could not connect to host -prismacloud.xyz: did not receive HSTS header pristineevents.co.uk: did not receive HSTS header pritchett.xyz: could not connect to host privacylabs.io: did not receive HSTS header privacymanatee.com: could not connect to host privacynow.eu: did not receive HSTS header privacyrup.net: could not connect to host +privategiant.com: could not connect to host privatstunden.express: could not connect to host privcloud.org: could not connect to host privilegevisa.fr: could not connect to host @@ -10795,16 +11651,19 @@ profloorstl.com: did not receive HSTS header profpay.com: could not connect to host profundr.com: could not connect to host profusion.io: could not connect to host -progblog.net: could not connect to host +progblog.net: max-age too low: 0 progolfjourney.com: could not connect to host program-and.work: could not connect to host +programmaticmagic.com: could not connect to host programmingstudent.com: could not connect to host progress-technologies.com: could not connect to host progressivecfo.co.nz: could not connect to host prohostonline.fi: could not connect to host proitconsulting.com.au: could not connect to host proj.org.cn: could not connect to host +project-rune.tech: could not connect to host project-sparks.eu: did not receive HSTS header +project-splash.com: could not connect to host project-stats.com: could not connect to host projectascension.io: could not connect to host projectasterk.com: could not connect to host @@ -10817,9 +11676,9 @@ projectvault.ovh: did not receive HSTS header projectx.top: did not receive HSTS header projekt-umbriel.de: could not connect to host projektik.cz: did not receive HSTS header +projektzentrisch.de: could not connect to host projetoresecia.com: could not connect to host prokop.ovh: could not connect to host -prolan.pw: did not receive HSTS header promarketer.net: did not receive HSTS header promecon-gmbh.de: did not receive HSTS header promedicalapplications.com: did not receive HSTS header @@ -10839,17 +11698,20 @@ proslimdiets.com: could not connect to host prosocialmachines.com: could not connect to host prosoft.sk: did not receive HSTS header prosperident.com: did not receive HSTS header +prostoporno.net: could not connect to host proteapower.co.za: could not connect to host protecciondelconsumidor.gov: did not receive HSTS header +protech.ge: did not receive HSTS header proteinnuts.cz: could not connect to host proteinnuts.sk: could not connect to host protonmail.ch: did not receive HSTS header protoyou.de: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] -provisionaldriving.com: could not connect to host -provitacare.com: could not connect to host +provisionaldriving.com: did not receive HSTS header +provisionircd.tk: could not connect to host +provitacare.com: did not receive HSTS header proweser.de: did not receive HSTS header prowhisky.de: did not receive HSTS header -proxbox.net: could not connect to host +proxbox.net: did not receive HSTS header proxi.cf: could not connect to host proximato.com: could not connect to host proxybay.al: could not connect to host @@ -10871,7 +11733,7 @@ prxio.site: could not connect to host ps-qa.com: could not connect to host ps-x.ru: could not connect to host pscleaningsolutions.co.uk: could not connect to host -pshostpk.com: did not receive HSTS header +pseudo.coffee: could not connect to host psicologia.co.ve: could not connect to host psicologoforensebarcelona.com: did not receive HSTS header psicosalud.online: could not connect to host @@ -10880,23 +11742,22 @@ psncardplus.com: could not connect to host psncardplus.dk: could not connect to host psncardplus.nl: could not connect to host psncardplus.se: could not connect to host -pstrozniak.com: could not connect to host pstudio.me: max-age too low: 0 psw.academy: could not connect to host psw.consulting: could not connect to host psychiatrie-betreuung.ch: did not receive HSTS header psychoco.net: could not connect to host -psychologie-hofner.at: could not connect to host psynapse.net.au: could not connect to host ptn.moscow: could not connect to host ptonet.com: could not connect to host -ptrbrs.nl: could not connect to host ptrujillo.com: did not receive HSTS header +pub-online.ro: could not connect to host pubkey.is: could not connect to host publications.qld.gov.au: did not receive HSTS header publicidadnovagrass.com.mx: could not connect to host publicspeakingcamps.com: could not connect to host publimepa.it: could not connect to host +publishingshack.com: did not receive HSTS header puchunguis.com: did not receive HSTS header puentes.info: did not receive HSTS header puetter.eu: could not connect to host @@ -10917,6 +11778,7 @@ punkdns.top: could not connect to host puppydns.com: did not receive HSTS header purahealthyliving.com: could not connect to host purbd.com: did not receive HSTS header +pureholisticliving.me: could not connect to host purewebmasters.com: could not connect to host purplehippie.in: did not receive HSTS header purplez.pw: did not receive HSTS header @@ -10952,17 +11814,18 @@ q-rickroll-u.pw: could not connect to host q2.si: did not receive HSTS header q8mp3.me: did not receive HSTS header qadmium.tk: could not connect to host -qaz.cloud: did not receive HSTS header +qamrulhaque.com: could not connect to host qazcloud.com: could not connect to host qbik.de: did not receive HSTS header qbin.io: did not receive HSTS header qbnt.ca: could not connect to host qccqld.org.au: could not connect to host qe2homelottery.com: did not receive HSTS header +qensio.com: did not receive HSTS header qforum.org: could not connect to host qi0.de: did not receive HSTS header qiannews.net: could not connect to host -qikan.net: could not connect to host +qifu.org.cn: could not connect to host qimiao.io: did not receive HSTS header qingxuan.info: could not connect to host qinxi1992.com: could not connect to host @@ -10970,9 +11833,7 @@ qionglu.pw: could not connect to host qipp.com: did not receive HSTS header qirinus.com: did not receive HSTS header qixxit.de: did not receive HSTS header -qkmortgage.com: could not connect to host qldconservation.org: could not connect to host -qledtech.com: did not receive HSTS header qnatek.org: could not connect to host qonqa.de: did not receive HSTS header qoohoot.com: did not receive HSTS header @@ -10981,25 +11842,28 @@ qoqo.us: did not receive HSTS header qorm.co.uk: could not connect to host qqj.net: could not connect to host qqq.gg: could not connect to host +qqvips.com: could not connect to host +qqvrsmart.cn: could not connect to host qrara.net: did not receive HSTS header qredo.com: did not receive HSTS header qrforex.com: did not receive HSTS header qrlending.com: could not connect to host qrlfinancial.com: could not connect to host qswoo.org: did not receive HSTS header +qto.com: could not connect to host qto.org: could not connect to host quail.solutions: could not connect to host quakerlens.com: did not receive HSTS header quality1.com.br: did not receive HSTS header qualityology.com: did not receive HSTS header quanglepro.com: could not connect to host -quangngaimedia.com: did not receive HSTS header -quanjinlong.cn: could not connect to host +quangngaimedia.com: could not connect to host +quanjinlong.cn: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] quantacloud.ch: could not connect to host quantenteranik.eu: could not connect to host quantor.dk: did not receive HSTS header quantum-cloud.xyz: could not connect to host -quantum-ethics.com: did not receive HSTS header +quantum-ethics.com: could not connect to host quantum-lviv.pp.ua: could not connect to host quantumcore.cn: could not connect to host quantumcourse.org: did not receive HSTS header @@ -11011,6 +11875,7 @@ quelmandataire.fr: did not receive HSTS header queroreceitasoberana.com.br: did not receive HSTS header queryplayground.com: could not connect to host questions-admin.com: did not receive HSTS header +questionyu.com: did not receive HSTS header questsandrewards.com: could not connect to host quic.fr: did not receive HSTS header quickandroid.tools: could not connect to host @@ -11024,38 +11889,38 @@ quizmemes.org: could not connect to host quotehex.com: could not connect to host quotemaster.co.za: could not connect to host quranserver.net: could not connect to host +qwallet.ca: did not receive HSTS header +qwaser.fr: could not connect to host qwilink.me: did not receive HSTS header -qybot.cc: did not receive HSTS header +qybot.cc: could not connect to host r-ay.club: did not receive HSTS header -r-ay.cn: could not connect to host r-core.org: could not connect to host r-core.ru: could not connect to host r-cut.fr: could not connect to host r-rickroll-u.pw: could not connect to host +r0t.co: could not connect to host r10n.com: did not receive HSTS header r15.me: did not receive HSTS header r18.moe: did not receive HSTS header -r3bl.me: did not receive HSTS header -ra-schaal.de: did not receive HSTS header raajheshkannaa.com: could not connect to host rabbitvcactus.eu: did not receive HSTS header rabota-x.ru: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] racasdecachorro.org: could not connect to host rackblue.com: could not connect to host racktear.com: did not receive HSTS header -rad-route.de: did not receive HSTS header +rad-route.de: could not connect to host raddavarden.nu: could not connect to host radicaleducation.net: could not connect to host radioheteroglossia.com: did not receive HSTS header -radiosendungen.com: did not receive HSTS header +radiorsvp.com: did not receive HSTS header rafaelcz.de: could not connect to host ragingserenity.com: did not receive HSTS header ragnaroktop.com.br: could not connect to host rahadiana.com: could not connect to host rahamasin.eu: could not connect to host +rai-co.net: did not receive HSTS header raiblockscommunity.net: could not connect to host raidstone.com: could not connect to host -raidstone.net: could not connect to host raidstone.rocks: could not connect to host railgun.com.cn: could not connect to host rainbin.com: could not connect to host @@ -11065,7 +11930,9 @@ raisecorp.com: could not connect to host raitza.de: could not connect to host rajkapoordas.com: could not connect to host ramarka.de: could not connect to host -ramitmittal.com: could not connect to host +ramatola.uk: could not connect to host +ramblingrf.tech: could not connect to host +ramezanloo.com: did not receive HSTS header ramon-c.nl: could not connect to host ramonj.nl: could not connect to host randomcage.com: did not receive HSTS header @@ -11075,22 +11942,20 @@ randomwinpicker.de: could not connect to host randy.pw: could not connect to host ranegroup.hosting: could not connect to host rankthespot.com: could not connect to host -ranktopay.com: did not receive HSTS header rannseier.org: did not receive HSTS header ranos.org: could not connect to host rany.duckdns.org: could not connect to host rany.io: could not connect to host rany.pw: could not connect to host -rapidemobile.com: could not connect to host +rapidemobile.com: did not receive HSTS header rapidflow.io: could not connect to host rapido.nu: could not connect to host rapidresearch.me: could not connect to host rapidthunder.io: could not connect to host -rasing.me: did not receive HSTS header +rasing.me: could not connect to host raspass.me: did not receive HSTS header raspberry.us: could not connect to host raspberryultradrops.com: did not receive HSTS header -raspii.tech: could not connect to host rastreador.com.es: did not receive HSTS header ratajczak.fr: could not connect to host rate-esport.de: could not connect to host @@ -11107,13 +11972,14 @@ raven.lipetsk.ru: could not connect to host ravengergaming.ga: could not connect to host ravengergaming.net: could not connect to host ravenx.me: could not connect to host -ravkr.duckdns.org: max-age too low: 360000 +ravkr.duckdns.org: could not connect to host ravse.dk: could not connect to host raw-diets.com: did not receive HSTS header rawet.se: could not connect to host rawoil.com: could not connect to host rawr.sexy: could not connect to host rawstorieslondon.com: could not connect to host +rayanitco.com: did not receive HSTS header raycarruthersphotography.co.uk: could not connect to host raydan.space: could not connect to host raydobe.me: could not connect to host @@ -11127,8 +11993,8 @@ rbqcloud.com: could not connect to host rbti.me: could not connect to host rbxcatalog.com: could not connect to host rc4.io: could not connect to host +rc7.ch: could not connect to host rcafox.com: could not connect to host -rcmlinx.com: could not connect to host rcoliveira.com: could not connect to host rcpcbd.com: could not connect to host rcvd.io: did not receive HSTS header @@ -11137,7 +12003,7 @@ rdfz.tech: could not connect to host rdh.asia: did not receive HSTS header rdns.im: did not receive HSTS header rdyrda.fr: could not connect to host -re-customer.net: did not receive HSTS header +re-customer.net: could not connect to host re-wilding.com: could not connect to host reachr.com: could not connect to host reactdatepicker.com: did not receive HSTS header @@ -11147,6 +12013,7 @@ readism.io: could not connect to host readityourself.net: did not receive HSTS header readmeeatmedrinkme.com: did not receive HSTS header readr.pw: could not connect to host +readtldr.com: could not connect to host readydok.com: did not receive HSTS header reagir43.fr: did not receive HSTS header reaiaer.com: could not connect to host @@ -11154,13 +12021,15 @@ reakyaweso.me: could not connect to host real-bits.com: could not connect to host real-compare.com: did not receive HSTS header realcli.com: could not connect to host +realfamilyincest.com: could not connect to host realhost.name: could not connect to host really.io: could not connect to host reallyreally.io: did not receive HSTS header realmic.net: could not connect to host realmofespionage.com: could not connect to host realnewhomes.com: could not connect to host -realwoo.com: could not connect to host +realraghavgupta.com: could not connect to host +realwoo.com: did not receive HSTS header reapdrive.net: did not receive HSTS header reaper.rip: could not connect to host reardenporn.com: could not connect to host @@ -11168,10 +12037,11 @@ rebekaesgabor.online: could not connect to host rebootmc.com: could not connect to host receitas-de-bolos.pt: did not receive HSTS header receitasdebacalhau.pt: could not connect to host -recetasdecocinaideal.com: did not receive HSTS header recetasfacilesdehacer.com: did not receive HSTS header rechat.com: did not receive HSTS header rechenwerk.net: could not connect to host +recht-freundlich.de: did not receive HSTS header +rechtenliteratuurleiden.nl: could not connect to host recompiled.org: max-age too low: 7776000 recruitsecuritytraining.co.uk: could not connect to host recruitsecuritytraining.com: could not connect to host @@ -11184,7 +12054,8 @@ reddiseals.com: [Exception... "Component returned failure code: 0x80004005 (NS_E reddit.com: did not receive HSTS header rede.ca: did not receive HSTS header redeemingbeautyminerals.com: max-age too low: 0 -redhorsemountainranch.com: could not connect to host +redgatesoftware.co.uk: could not connect to host +redhorsemountainranch.com: did not receive HSTS header redicabo.de: could not connect to host redirectman.com: could not connect to host redizoo.com: did not receive HSTS header @@ -11193,9 +12064,10 @@ redmbk.com: did not receive HSTS header redneck-gaming.de: did not receive HSTS header redner.cc: did not receive HSTS header rednertv.de: did not receive HSTS header -rednoseday.com: did not receive HSTS header +rednoseday.com: could not connect to host redoakmedia.net: did not receive HSTS header redperegrine.com: did not receive HSTS header +redporno.cz: could not connect to host redports.org: could not connect to host redra.ws: did not receive HSTS header redstarsurf.com: did not receive HSTS header @@ -11208,8 +12080,11 @@ reeson.org: could not connect to host ref1oct.nl: could not connect to host refactor.zone: did not receive HSTS header referenten.org: did not receive HSTS header +refficience.com: could not connect to host refitplanner.com: did not receive HSTS header reflecton.io: could not connect to host +reforesttheplanet.com: could not connect to host +reformatreality.com: could not connect to host refreshingserum.com: could not connect to host reg.ru: did not receive HSTS header regaloaks.com: did not receive HSTS header @@ -11221,6 +12096,7 @@ reggae-cdmx.com: could not connect to host reginagroffy.com: could not connect to host regio-salland.nl: could not connect to host regionale.org: did not receive HSTS header +register.gov.uk: did not receive HSTS header registertovoteflorida.gov: did not receive HSTS header regoul.com: did not receive HSTS header regsec.com: could not connect to host @@ -11231,32 +12107,29 @@ reidascuecas.com.br: could not connect to host reignsphere.net: could not connect to host reikiqueen.uk: could not connect to host reinaertvandecruys.me: could not connect to host +reineberthe.ch: could not connect to host reismil.ch: could not connect to host reisyukaku.org: did not receive HSTS header reithguard-it.de: did not receive HSTS header rejo.in: could not connect to host rejuvemedspa.com: did not receive HSTS header -rekyou.com: could not connect to host relatic.net: could not connect to host relayawards.com: could not connect to host reldoc.com.mx: did not receive HSTS header reliable-mail.de: could not connect to host +religiousforums.com: did not receive HSTS header relisten.nl: did not receive HSTS header relsak.cz: could not connect to host rem.pe: did not receive HSTS header rema.site: did not receive HSTS header -remaimodern.org: did not receive HSTS header remain.london: could not connect to host -remedica.fr: did not receive HSTS header -remedioskaseros.com: did not receive HSTS header +remedica.fr: could not connect to host remedium.de: could not connect to host remedyrehab.com: did not receive HSTS header rememberthis.co.za: could not connect to host -remitatm.com: could not connect to host remodela.com.ve: could not connect to host remodelwithlegacy.com: did not receive HSTS header remonttitekniikka.fi: could not connect to host -remoteham.com: could not connect to host remotestance.com: did not receive HSTS header rencaijia.com: did not receive HSTS header rencontres-erotiques.com: did not receive HSTS header @@ -11264,15 +12137,17 @@ rengarenkblog.com: could not connect to host renideo.fr: could not connect to host renkhosting.com: could not connect to host renlong.org: did not receive HSTS header +rennfire.org: could not connect to host renrenss.com: could not connect to host -rentacarcluj.xyz: did not receive HSTS header +rentacarcluj.xyz: could not connect to host rentbrowser.com: could not connect to host rentbrowsertrain.me: could not connect to host rentcarassist.com: could not connect to host renteater.com: could not connect to host rentex.com: did not receive HSTS header renxinge.cn: did not receive HSTS header -repex.co.il: did not receive HSTS header +reparo.pe: did not receive HSTS header +repex.co.il: could not connect to host replaceits.me: could not connect to host replacemychina.com: could not connect to host repo.ml: did not receive HSTS header @@ -11288,15 +12163,17 @@ reporturi.io: did not receive HSTS header reporturl.com: did not receive HSTS header reporturl.io: did not receive HSTS header reposaarenkuva.fi: could not connect to host -reprolife.co.uk: could not connect to host -reputationweaver.com: could not connect to host +reprolife.co.uk: did not receive HSTS header +reptilauksjonen.no: did not receive HSTS header +repustate.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] reqognize.com: could not connect to host +request-trent.com: did not receive HSTS header res-rheingau.de: did not receive HSTS header res42.com: could not connect to host -resc.la: could not connect to host research.md: could not connect to host reseponline.info: did not receive HSTS header reserve-online.net: did not receive HSTS header +reservoirtp.fr: did not receive HSTS header residentsinsurance.co.uk: did not receive HSTS header resl20.servehttp.com: could not connect to host resoundpro.ca: could not connect to host @@ -11314,11 +12191,12 @@ restoreresearchstudy.com: did not receive HSTS header resultsdate.news: could not connect to host retcor.net: could not connect to host reth.ch: could not connect to host -retronet.nl: did not receive HSTS header +retogroup.com: could not connect to host +retrojar.top: could not connect to host retropage.co: did not receive HSTS header retrowave.eu: could not connect to host rets.org.br: did not receive HSTS header -retube.ga: could not connect to host +retube.ga: did not receive HSTS header returnofwar.com: could not connect to host revapost.ch: could not connect to host revealdata.com: did not receive HSTS header @@ -11329,14 +12207,15 @@ review.info: did not receive HSTS header reviewbestseller.com: did not receive HSTS header reviewjust.com: did not receive HSTS header revistapequenosolhares.com.br: could not connect to host -revlect.com: did not receive HSTS header revolutionhive.com: could not connect to host revtut.net: could not connect to host rewopit.net: could not connect to host rex.st: could not connect to host +rexhockingkelpies.com.au: did not receive HSTS header reykjavik.guide: could not connect to host rezun.cloud: did not receive HSTS header rf.tn: could not connect to host +rgservers.com: did not receive HSTS header rhapsodhy.hu: could not connect to host rhdigital.pro: could not connect to host rhering.de: could not connect to host @@ -11351,26 +12230,27 @@ richardb.me: could not connect to host richeza.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] richiemail.net: could not connect to host richmondsunlight.com: did not receive HSTS header -richsiciliano.com: could not connect to host +richmtdriver.com: could not connect to host +richsiciliano.com: did not receive HSTS header richterphilipp.com: could not connect to host rickmartensen.nl: did not receive HSTS header +ricknox.com: did not receive HSTS header rid-wan.com: could not connect to host +riddims.co: did not receive HSTS header rideaudiscount.com: did not receive HSTS header rideforwade.com: could not connect to host rideforwade.net: could not connect to host rideforwade.org: could not connect to host -rideworks.com: did not receive HSTS header +rideworks.com: could not connect to host ridingoklahoma.com: could not connect to host ridwan.co: could not connect to host rienasemettre.fr: did not receive HSTS header -riesenmagnete.de: did not receive HSTS header +riesenmagnete.de: could not connect to host rievo.net: did not receive HSTS header right-to-love.name: did not receive HSTS header right2.org: could not connect to host righteousendeavour.com: could not connect to host righttoknow.ie: did not receive HSTS header -rigolitch.fr: could not connect to host -rigsalesaustralia.com: did not receive HSTS header rijndael.xyz: could not connect to host rijnmondeg.nl: did not receive HSTS header rika.me: could not connect to host @@ -11378,16 +12258,19 @@ ring0.xyz: did not receive HSTS header ringh.am: could not connect to host rinj.se: could not connect to host rionewyork.com.br: could not connect to host +rioshop.com.br: could not connect to host ripa.io: did not receive HSTS header rippleunion.com: could not connect to host +risi-china.com: could not connect to host risingsun.red: could not connect to host riskmgt.com.au: could not connect to host +rissato.com.br: could not connect to host ristorantefattoamano.eu: could not connect to host rithm.ch: could not connect to host rittis.ru: did not receive HSTS header rivagecare.it: did not receive HSTS header rivercruiseadvisor.com: did not receive HSTS header -rivermendhealthcenters.com: did not receive HSTS header +rivermendhealthcenters.com: could not connect to host riversideauto.net: did not receive HSTS header riverstyxgame.com: could not connect to host rivlo.com: could not connect to host @@ -11396,14 +12279,18 @@ rjnutrition.consulting: did not receive HSTS header rk6.cz: could not connect to host rkc-hygrotherm.de: could not connect to host rkmantpur.org: did not receive HSTS header +rkmedia.no: could not connect to host rmaqequipamentos.com.br: could not connect to host rmdlingerie.com.br: did not receive HSTS header rme.li: did not receive HSTS header +rmk.si: could not connect to host +rmsides.com: did not receive HSTS header roadfeast.com: could not connect to host roan24.pl: did not receive HSTS header +robert-flynn.de: could not connect to host robertabittle.com: could not connect to host -robertglastra.com: could not connect to host roberto-webhosting.nl: did not receive HSTS header +robertocasares.no-ip.biz: could not connect to host robi-net.it: could not connect to host robigalia.org: did not receive HSTS header robinvdmarkt.nl: could not connect to host @@ -11413,7 +12300,8 @@ robtex.com: did not receive HSTS header robtex.net: did not receive HSTS header robtex.org: did not receive HSTS header robust.ga: could not connect to host -rochman.id: could not connect to host +roc.net.au: could not connect to host +rochman.id: did not receive HSTS header rocketnet.ml: could not connect to host rockeyscrivo.com: did not receive HSTS header rocksberg.net: could not connect to host @@ -11429,21 +12317,22 @@ roesemann.email: could not connect to host rofrank.space: could not connect to host rogeiro.net: could not connect to host rogerdat.ovh: could not connect to host +roguefortgame.com: could not connect to host +rohanbassett.com: could not connect to host rohankrishnadev.in: could not connect to host -rohlik.cz: did not receive HSTS header roketix.co.uk: did not receive HSTS header rolandinsh.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] rolandkolodziej.com: max-age too low: 86400 +rolandreed.cn: did not receive HSTS header rolandslate.com: did not receive HSTS header rolemaster.net: could not connect to host -roleplayhome.com: could not connect to host rolroer.co.za: could not connect to host romaimperator.com: did not receive HSTS header romainmuller.xyz: did not receive HSTS header romans-place.me.uk: could not connect to host romanticschemermovie.com: could not connect to host -romanticvillas.com.au: could not connect to host romeoferraris.com: did not receive HSTS header +roms.fun: could not connect to host romulusapp.com: could not connect to host ron2k.za.net: could not connect to host rondoniatec.com.br: did not receive HSTS header @@ -11454,13 +12343,14 @@ ronwo.de: max-age too low: 1 roo.ie: could not connect to host rool.me: did not receive HSTS header roolevoi.ru: could not connect to host -room-checkin24.de: could not connect to host +room-checkin24.de: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] +roosteroriginals.com: could not connect to host rootbsd.at: could not connect to host rootforum.org: did not receive HSTS header -rootrelativity.com: did not receive HSTS header +rootrelativity.com: could not connect to host rootservice.org: did not receive HSTS header rootwpn.com: could not connect to host -rop.io: could not connect to host +rop.io: did not receive HSTS header roquecenter.org: did not receive HSTS header roromendut.online: could not connect to host rorymcdaniel.com: did not receive HSTS header @@ -11470,11 +12360,14 @@ rospa100.com: did not receive HSTS header rossclark.com: did not receive HSTS header rossen.be: did not receive HSTS header rossiworld.com: did not receive HSTS header +rosslug.org.uk: could not connect to host rotex1840.de: did not receive HSTS header rotozen.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] rotter-dam.nl: did not receive HSTS header rotterdamjazz.info: could not connect to host +rotzonline.com: could not connect to host rough.nu: could not connect to host +roundaboutweb.info: did not receive HSTS header roundtheme.com: did not receive HSTS header rous.se: could not connect to host rouvray.org: could not connect to host @@ -11486,6 +12379,7 @@ royalsignaturecruise.com: could not connect to host roychan.org: max-age too low: 0 royzez.com: could not connect to host rozalisbengal.ro: could not connect to host +rozalynne-dawn.ga: could not connect to host rozeapp.nl: could not connect to host rpasafrica.com: could not connect to host rr.in.th: could not connect to host @@ -11494,30 +12388,30 @@ rrom.me: did not receive HSTS header rs-devdemo.host: could not connect to host rsajeey.info: could not connect to host rsampaio.info: did not receive HSTS header -rsblake.net: could not connect to host rsf.io: could not connect to host rsi.im: did not receive HSTS header rskuipers.com: did not receive HSTS header rsmaps.org: could not connect to host -rstraining.co.uk: could not connect to host +rsships.com: could not connect to host +rstraining.co.uk: did not receive HSTS header rstsecuritygroup.co.uk: could not connect to host rtc.fun: could not connect to host -rte.eu: could not connect to host rtho.me: did not receive HSTS header rtvi.com: did not receive HSTS header +ru-music.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] rubbereggs.ca: could not connect to host rubbix.net: could not connect to host rubecodeberg.com: could not connect to host -ruben.am: did not receive HSTS header rubendv.be: did not receive HSTS header +rubens.cloud: did not receive HSTS header rubenschulz.nl: could not connect to host rubi-ka.net: max-age too low: 0 ruborr.se: did not receive HSTS header rubysecurity.org: did not receive HSTS header -rubyshop.nl: did not receive HSTS header +rubyshop.nl: could not connect to host rudeotter.com: did not receive HSTS header rue-de-la-vieille.fr: max-age too low: 0 -rueg.eu: could not connect to host +ruedigervoigt.de: could not connect to host ruflay.ru: could not connect to host rugirlfriend.com: could not connect to host rugs.ca: did not receive HSTS header @@ -11527,27 +12421,29 @@ ruig.jp: could not connect to host ruitershoponline.nl: did not receive HSTS header ruja.dk: did not receive HSTS header rukhaiyar.com: could not connect to host +rullzer.com: did not receive HSTS header +rumlager.de: max-age too low: 600000 rummel-platz.de: could not connect to host rumoterra.com.br: could not connect to host run-forrest.run: could not connect to host runawebinar.nl: could not connect to host runcarina.com: could not connect to host rundumcolumn.xyz: could not connect to host -runementors.com: could not connect to host runhardt.eu: did not receive HSTS header runtl.com: did not receive HSTS header runtondev.com: did not receive HSTS header -ruobiyi.com: could not connect to host ruqu.nl: could not connect to host rusadmin.biz: did not receive HSTS header +rushball.net: could not connect to host rusl.me: could not connect to host -rusmolotok.ru: could not connect to host russmarshall.com: could not connect to host rustbyexample.com: did not receive HSTS header rustfanatic.com: did not receive HSTS header ruurdboomsma.nl: could not connect to host ruxit.com: did not receive HSTS header rvg.zone: could not connect to host +rvoigt.eu: could not connect to host +rvolve.net: could not connect to host rw-solutions.tech: could not connect to host rwanderlust.com: did not receive HSTS header rxprep.com: did not receive HSTS header @@ -11561,24 +12457,22 @@ rylore.com: could not connect to host ryssland.guide: could not connect to host rzegroup.com: did not receive HSTS header s-d-v.ch: could not connect to host -s-ip-media.de: could not connect to host s-on.li: could not connect to host s-rickroll-p.pw: could not connect to host s.how: could not connect to host s0923.com: could not connect to host s0laris.co.uk: could not connect to host -s13d.fr: could not connect to host s1mplescripts.de: could not connect to host +s1ris.org: did not receive HSTS header +s3cases.com: did not receive HSTS header s3n.se: could not connect to host saabwa.org: did not receive HSTS header sabatek.pl: did not receive HSTS header -sabine-forschbach.de: could not connect to host -sabineforschbach.de: could not connect to host -sabtunes.com: did not receive HSTS header +sac-shop.com: did not receive HSTS header saco-ceso.com: could not connect to host sadiejanehair.com: could not connect to host +sadsu.com: did not receive HSTS header safari-afrique.com: did not receive HSTS header -safe.moe: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] safedevice.net: did not receive HSTS header safelist.eu: did not receive HSTS header safemovescheme.co.uk: could not connect to host @@ -11589,7 +12483,7 @@ safersurfing.eu: did not receive HSTS header safesecret.info: did not receive HSTS header safetyrisk.net: did not receive HSTS header safewings-nh.nl: could not connect to host -safing.me: did not receive HSTS header +safing.me: could not connect to host safnah.com: did not receive HSTS header sagarhandicraft.com: could not connect to host sageth.com: could not connect to host @@ -11597,16 +12491,22 @@ sah3.net: could not connect to host sail-nyc.com: did not receive HSTS header saint-astier-triathlon.com: did not receive HSTS header saintjohnlutheran.church: did not receive HSTS header +saintw.com: could not connect to host sairai.bid: could not connect to host sakaserver.com: did not receive HSTS header sakib.ninja: did not receive HSTS header sakurabuff.com: could not connect to host +sakuraplay.com: did not receive HSTS header salaervergleich.com: did not receive HSTS header sale.sh: could not connect to host salearnership.co.za: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] saleslift.pl: did not receive HSTS header +salishseawhalewatching.ca: could not connect to host sallysubs.com: could not connect to host +salmo23.com.br: could not connect to host +salon-claudia.ch: could not connect to host salonestella.it: could not connect to host +salrosadohimalaia.com: did not receive HSTS header salserocafe.com: did not receive HSTS header salserototal.com: could not connect to host saltedskies.com: could not connect to host @@ -11618,10 +12518,8 @@ samanthahumphreysstudio.com: did not receive HSTS header samaritan.tech: could not connect to host samaritansnet.org: did not receive HSTS header sametovymesic.cz: could not connect to host -samkelleher.com: could not connect to host saml2.com: could not connect to host -samlamac.com: did not receive HSTS header -samm.com.au: did not receive HSTS header +samlamac.com: could not connect to host sammyjohnson.com: could not connect to host samp.im: could not connect to host sampcup.com: could not connect to host @@ -11631,49 +12529,56 @@ samsen.club: could not connect to host samsonova.de: could not connect to host samsungxoa.com: could not connect to host samvanderkris.com: did not receive HSTS header -samwu.tw: could not connect to host +samvanderkris.xyz: did not receive HSTS header sanael.net: could not connect to host +sanandreasstories.com: did not receive HSTS header sanasalud.org: could not connect to host sanatfilan.com: did not receive HSTS header sanatrans.com: could not connect to host +sand-islets.de: did not receive HSTS header +sanderknape.com: did not receive HSTS header +sandhaufen.tk: could not connect to host +sandtonplumber24-7.co.za: did not receive HSTS header sandviks.com: did not receive HSTS header sanguoxiu.com: could not connect to host sanhei.ch: did not receive HSTS header -sanik.my: could not connect to host -sanissimo.com.mx: max-age too low: 86400 -sannesfotklinikk.no: did not receive HSTS header +sanik.my: did not receive HSTS header sanradon.by: did not receive HSTS header sansage.com.br: could not connect to host sansdev.com: could not connect to host sansemea.com: did not receive HSTS header -santanderideas.com: could not connect to host santi.eu: did not receive HSTS header +santing.net: could not connect to host santmark.com: could not connect to host santmark.eu: could not connect to host santmark.fi: could not connect to host santmark.info: could not connect to host santmark.net: could not connect to host santmark.org: could not connect to host -santodomingocg.org: did not receive HSTS header +santodomingocg.org: could not connect to host santorinibbs.com: did not receive HSTS header santouri.be: could not connect to host saotn.org: did not receive HSTS header sapereaude.com.pl: did not receive HSTS header +sapporobeer.com: could not connect to host sapuncheta.com: could not connect to host +saq.com: could not connect to host sarah-beckett-harpist.com: did not receive HSTS header +sarahdoyley.com: could not connect to host +sarahlouisesearle.com: could not connect to host sarahsweetlife.com: could not connect to host sarahsweger.com: could not connect to host sarakas.com: could not connect to host -saraleebread.com: max-age too low: 86400 sarangsemutbandung.com: could not connect to host sarindia.com: could not connect to host sarindia.de: could not connect to host sarisonproductions.com: did not receive HSTS header +sarkarikhoj.com: could not connect to host sarkarischeme.in: could not connect to host sarkisozleri.us: could not connect to host sarndipity.com: could not connect to host +saro.me: did not receive HSTS header saruwebshop.co.za: could not connect to host -sash.pw: could not connect to host sat.rent: did not receive HSTS header sat7a-riyadh.com: did not receive HSTS header satanichia.moe: could not connect to host @@ -11683,14 +12588,14 @@ satoshicrypt.com: did not receive HSTS header satragreen.com: did not receive HSTS header satrent.com: did not receive HSTS header satrent.se: did not receive HSTS header -satriyowibowo.my.id: did not receive HSTS header +satriyowibowo.my.id: could not connect to host satsang-uwe.de: did not receive HSTS header satsukii.moe: did not receive HSTS header +sattamatkadpboss.mobi: could not connect to host saturne.tk: could not connect to host saturngames.co.uk: could not connect to host saucyfox.net: did not receive HSTS header saudeeconforto.com.br: did not receive HSTS header -sauenytt.no: could not connect to host saumon.io: did not receive HSTS header saumon.xyz: could not connect to host saunasandstuff.ca: did not receive HSTS header @@ -11701,23 +12606,26 @@ saveaward.gov: could not connect to host savecashindia.com: did not receive HSTS header savekorea.net: max-age too low: 0 savemoneyonenergy.com: did not receive HSTS header +saveora.shop: could not connect to host savethedogfishfoundation.org: could not connect to host saveyour.biz: could not connect to host -savingbytes.com: could not connect to host +savingbytes.com: did not receive HSTS header savinggoliath.com: could not connect to host savvysuit.com: did not receive HSTS header saxol-group.com: could not connect to host +saxotex.de: did not receive HSTS header say-hanabi.com: could not connect to host sayhanabi.com: could not connect to host sazima.ru: did not receive HSTS header -sbirecruitment.co.in: could not connect to host sbm.cloud: could not connect to host sbobetfun.com: did not receive HSTS header sbox-archives.com: could not connect to host sby.de: did not receive HSTS header sc4le.com: could not connect to host +scaffoldhireeastrand.co.za: did not receive HSTS header scaffoldhirefourways.co.za: did not receive HSTS header scaffoldhirerandburg.co.za: did not receive HSTS header +scaffoldhiresandton.co.za: did not receive HSTS header scala.click: did not receive HSTS header scannabi.com: could not connect to host sch44r0n.de: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] @@ -11729,10 +12637,12 @@ schau-rein.co.at: did not receive HSTS header schauer.so: could not connect to host schd.io: did not receive HSTS header schermreparatierotterdam.nl: did not receive HSTS header +schil.li: could not connect to host schlabbi.com: did not receive HSTS header schmidttulskie.de: could not connect to host schmitt.ovh: could not connect to host schmitt.ws: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] +schneider-electric.tg: could not connect to host schnell-abnehmen.tips: did not receive HSTS header schnell-gold.com: did not receive HSTS header scholl.io: could not connect to host @@ -11740,6 +12650,7 @@ schooli.io: could not connect to host schooltrends.co.uk: did not receive HSTS header schoolze.com: did not receive HSTS header schoop.me: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] +schorel.ovh: could not connect to host schraebanowicz.net: did not receive HSTS header schreiber-netzwerk.eu: did not receive HSTS header schreibnacht.de: did not receive HSTS header @@ -11749,7 +12660,9 @@ schrodinger.io: could not connect to host schroepfglas-versand.de: did not receive HSTS header schroettle.com: did not receive HSTS header schulterglatzen-altenwalde.de: could not connect to host +schur-it.de: could not connect to host schwarzkopfforyou.de: did not receive HSTS header +schwarzwaldcon.de: could not connect to host schweiz.guide: could not connect to host schweizerbolzonello.net: could not connect to host schwetz.net: could not connect to host @@ -11758,8 +12671,9 @@ scib.tk: could not connect to host scicasts.com: max-age too low: 7776000 science-anatomie.com: did not receive HSTS header scienceathome.org: did not receive HSTS header -sciencebase.gov: did not receive HSTS header sciencemonster.co.uk: could not connect to host +scientific.boston: could not connect to host +scifi.fyi: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] scintillating.stream: could not connect to host scionasset.com: did not receive HSTS header scivillage.com: did not receive HSTS header @@ -11769,6 +12683,7 @@ scooshonline.co.uk: did not receive HSTS header scopea.fr: max-age too low: 0 score-savers.com: max-age too low: 10540800 scores4schools.com: could not connect to host +scorobudem.ru: could not connect to host scotbirchfield.com: did not receive HSTS header scottainslie.me.uk: could not connect to host scottdial.com: did not receive HSTS header @@ -11785,7 +12700,7 @@ scrambler.in: could not connect to host scrapings.net: could not connect to host screencaster.io: did not receive HSTS header screenresolution.space: could not connect to host -screensaversplanet.com: could not connect to host +screensaversplanet.com: did not receive HSTS header scribbleserver.com: could not connect to host scribe.systems: could not connect to host scrion.com: could not connect to host @@ -11796,6 +12711,7 @@ scriptict.nl: could not connect to host scriptjunkie.us: could not connect to host scrollstory.com: did not receive HSTS header scruffymen.com: could not connect to host +scrumplex.net: did not receive HSTS header sctm.at: could not connect to host sdhmanagementgroup.com: could not connect to host sdia.ru: could not connect to host @@ -11803,13 +12719,16 @@ sdl-corporatesite-staging.azurewebsites.net: did not receive HSTS header sdmoscow.ru: could not connect to host sdrobs.com: did not receive HSTS header sdsl-speedtest.de: could not connect to host +se-theories.org: could not connect to host se7ensins.com: did not receive HSTS header +seadus.ee: could not connect to host seanationals.org: did not receive HSTS header seanchaidh.org: could not connect to host seans.cc: did not receive HSTS header seanstrout.com: did not receive HSTS header seansyardservice.com: did not receive HSTS header searchgov.gov.il: did not receive HSTS header +searchshops.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] searx.pw: could not connect to host seatshare.co.uk: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] sebastian-bair.de: could not connect to host @@ -11819,10 +12738,16 @@ sebastianpedersen.com: did not receive HSTS header sebastiensenechal.com: did not receive HSTS header sebi.cf: could not connect to host sebster.com: did not receive HSTS header +sec44.com: could not connect to host +sec44.net: could not connect to host +sec44.org: could not connect to host secandtech.com: could not connect to host +secanje.nl: did not receive HSTS header seccomp.ru: did not receive HSTS header seceye.cn: could not connect to host +secitem.at: did not receive HSTS header secitem.de: could not connect to host +secitem.eu: did not receive HSTS header secnet.ga: could not connect to host secondary-survivor.com: could not connect to host secondary-survivor.help: could not connect to host @@ -11836,7 +12761,7 @@ secondpay.nl: could not connect to host secondspace.ca: could not connect to host secretnation.net: did not receive HSTS header secretofanah.com: could not connect to host -secretsanta.fr: could not connect to host +secretpanties.com: could not connect to host sectest.ml: could not connect to host sectia22.ro: did not receive HSTS header secur3.us: did not receive HSTS header @@ -11850,10 +12775,8 @@ securedevelop.net: could not connect to host securefuture.nl: did not receive HSTS header secureideas.com: did not receive HSTS header secureindia.co: could not connect to host -securejabber.me: could not connect to host secureradio.net: could not connect to host securesuisse.ch: could not connect to host -securetronic.ch: could not connect to host securita.eu: did not receive HSTS header security-carpet.com: could not connect to host security-thoughts.org: could not connect to host @@ -11862,7 +12785,6 @@ security.xn--q9jyb4c: could not connect to host securityarena.com: could not connect to host securitybsides.pl: did not receive HSTS header securityglance.com: could not connect to host -securityheaders.io: did not receive HSTS header securityinet.biz: did not receive HSTS header securityinet.net: did not receive HSTS header securityinet.org.il: could not connect to host @@ -11879,7 +12801,6 @@ sedrubal.de: could not connect to host sedziapilkarski.pl: did not receive HSTS header seedalpha.com: could not connect to host seedboxers.net: could not connect to host -seednode.co: could not connect to host seefirm.com: could not connect to host seefunk.net: did not receive HSTS header seehimnaked.com: could not connect to host @@ -11889,7 +12810,7 @@ seele.ca: could not connect to host seen.life: could not connect to host sehenderson.com: did not receive HSTS header seida.at: could not connect to host -seiko-dojo.com: could not connect to host +seiko-dojo.com: did not receive HSTS header seiler-bad.de: did not receive HSTS header seizoushokoyuubangou.com: did not receive HSTS header sektor.team: could not connect to host @@ -11899,11 +12820,10 @@ selectary.com: could not connect to host selectcertifiedautos.com: did not receive HSTS header selectruckscalltrackingreports.com: could not connect to host seleondar.ru: did not receive HSTS header -self-injury.net: did not receive HSTS header +self.nu: could not connect to host selfdefenserx.com: did not receive HSTS header selfhosters.com: could not connect to host selfie-france.fr: could not connect to host -selfmade4u.de: did not receive HSTS header selfserverx.com: could not connect to host selitysvideot.fi: did not receive HSTS header selldorado.com: could not connect to host @@ -11913,21 +12833,22 @@ sellservs.co.za: could not connect to host semantheme.fr: did not receive HSTS header semen3325.xyz: could not connect to host semenkovich.com: did not receive HSTS header -semenov.su: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] sementes.gratis: could not connect to host semps-servers.de: could not connect to host sendash.com: did not receive HSTS header sendmeback.de: did not receive HSTS header senedirect.com: could not connect to host senmonsyoku.top: did not receive HSTS header -sens2lavie.com: max-age too low: 0 +sens2lavie.com: did not receive HSTS header senseofnumber.co.uk: did not receive HSTS header senseye.io: did not receive HSTS header sensiblemn.org: could not connect to host sensibus.com: did not receive HSTS header sensoft-int.com: could not connect to host -sentinel.gov: did not receive HSTS header +sensualism.com: could not connect to host +sentic.info: did not receive HSTS header seo-lagniappe.com: did not receive HSTS header +seoarchive.org: could not connect to host seobot.com.au: could not connect to host seohochschule.de: could not connect to host seomarketingdeals.com: did not receive HSTS header @@ -11939,8 +12860,10 @@ seosec.xyz: could not connect to host seotronix.net: did not receive HSTS header seowarp.net: did not receive HSTS header sep23.ru: could not connect to host +sepakbola.win: could not connect to host sephr.com: did not receive HSTS header sepie.gob.es: did not receive HSTS header +seproco.com: could not connect to host seq.tf: did not receive HSTS header serafin.tech: could not connect to host serathius.ovh: could not connect to host @@ -11948,7 +12871,7 @@ serbien.guide: could not connect to host serenitycreams.com: did not receive HSTS header serfdom.io: did not receive HSTS header serized.pw: could not connect to host -serkaneles.com: could not connect to host +serkaneles.com: did not receive HSTS header servecrypt.com: could not connect to host servecrypt.net: could not connect to host servecrypt.ru: could not connect to host @@ -11961,27 +12884,35 @@ servergno.me: did not receive HSTS header serverlauget.no: could not connect to host servermonkey.nl: could not connect to host servfefe.com: could not connect to host +service.gov.uk: could not connect to host servicevie.com: did not receive HSTS header -servious.org: could not connect to host +servpanel.de: could not connect to host servu.de: did not receive HSTS header +servx.ru: did not receive HSTS header +serwusik.pl: did not receive HSTS header seryo.moe: could not connect to host seryo.net: could not connect to host seryovpn.com: could not connect to host -sesha.co.za: did not receive HSTS header -setkit.net: did not receive HSTS header +sesha.co.za: could not connect to host +setkit.net: could not connect to host setuid.de: could not connect to host setuid.io: did not receive HSTS header -setuid0.kr: could not connect to host sevenhearts.online: could not connect to host +sewoo.co.uk: could not connect to host +sex-education.com: could not connect to host +sexgarage.de: could not connect to host +sexocomgravidas.com: could not connect to host +sexoyrelax.com: could not connect to host +sexpay.net: could not connect to host sexshopfacil.com.br: could not connect to host sexshopsgay.com: did not receive HSTS header +sexwork.net: could not connect to host seyahatsagliksigortalari.com: could not connect to host seydaozcan.com: did not receive HSTS header -seyr.it: could not connect to host sfashion.si: did not receive HSTS header +sfaturiit.ro: could not connect to host sfhobbies.com.br: could not connect to host sfsltd.com: did not receive HSTS header -sgcaccounts.co.uk: did not receive HSTS header sgovaard.nl: did not receive HSTS header sgthotshot.com: could not connect to host sh11.pp.ua: did not receive HSTS header @@ -11994,7 +12925,6 @@ shadow-socks.org: did not receive HSTS header shadow-socks.pro: could not connect to host shadowguardian507-irl.tk: did not receive HSTS header shadowguardian507.tk: did not receive HSTS header -shadowict.net: could not connect to host shadowmorph.info: did not receive HSTS header shadowplus.net: could not connect to host shadowrocket.net: could not connect to host @@ -12016,14 +12946,16 @@ shahbeat.com: could not connect to host shaitan.eu: could not connect to host shakebox.de: could not connect to host shamka.ru: could not connect to host +shandonsg.co.uk: could not connect to host shanesage.com: could not connect to host shang-yu.cn: could not connect to host -shankangke.com: did not receive HSTS header shanxiapark.com: could not connect to host +shanyhs.com: did not receive HSTS header shapesedinburgh.co.uk: did not receive HSTS header shardsoft.com: could not connect to host shareimg.xyz: could not connect to host sharejoy.cn: did not receive HSTS header +sharemessage.net: could not connect to host shareoine.com: did not receive HSTS header sharepass.pw: could not connect to host sharepic.xyz: could not connect to host @@ -12043,12 +12975,14 @@ shawnstarrcustomhomes.com: did not receive HSTS header shawnwilson.info: could not connect to host shellj.me: did not receive HSTS header shellsec.pw: did not receive HSTS header +shemissed.me: did not receive HSTS header shentengtu.idv.tw: could not connect to host shep.co.il: did not receive HSTS header sheratan.web.id: could not connect to host -shereallyheals.com: did not receive HSTS header +shereallyheals.com: could not connect to host shermantank.biz: did not receive HSTS header shervik.ga: could not connect to host +shethbox.com: could not connect to host shevronpatriot.ru: did not receive HSTS header sheying.tm: could not connect to host shg-pornographieabhaengigkeit.de: did not receive HSTS header @@ -12056,8 +12990,6 @@ shh.sh: could not connect to host shiatsu-institut.ch: could not connect to host shibainu.com.br: could not connect to host shibe.club: could not connect to host -shieldfe.com: could not connect to host -shieldofachilles.in: could not connect to host shift.ooo: did not receive HSTS header shiftins.com: could not connect to host shiftnrg.org: did not receive HSTS header @@ -12079,7 +13011,7 @@ shiroki-k.net: could not connect to host shirosaki.org: could not connect to host shiseki.top: did not receive HSTS header shishkin.link: did not receive HSTS header -shitfest.info: could not connect to host +shitfest.info: did not receive HSTS header shitposting.life: could not connect to host shk.im: could not connect to host shlemenkov.by: could not connect to host @@ -12088,7 +13020,6 @@ sho-tanaka.jp: did not receive HSTS header shocksrv.com: did not receive HSTS header shooshosha.com: could not connect to host shootpooloklahoma.com: could not connect to host -shopatkei.com: could not connect to host shopdopastor.com.br: could not connect to host shopherbal.co.za: could not connect to host shopods.com: did not receive HSTS header @@ -12101,12 +13032,12 @@ shops.neonisi.com: could not connect to host shortpath.com: could not connect to host shortr.li: could not connect to host shota.party: could not connect to host -shota.vip: could not connect to host shotpixonline.com.br: did not receive HSTS header show-stream.tv: could not connect to host shower.im: did not receive HSTS header showkeeper.tv: did not receive HSTS header showroom.de: did not receive HSTS header +shoxmusic.net: did not receive HSTS header shred.ch: could not connect to host shredoptics.ch: could not connect to host shtorku.com: could not connect to host @@ -12128,39 +13059,39 @@ sichere-kartenakzeptanz.de: could not connect to host siciliadigitale.pro: could not connect to host sictame-tigf.org: did not receive HSTS header siebens.net: could not connect to host +sieh.es: did not receive HSTS header sifls.com: could not connect to host sifreuret.com: could not connect to host signere.com: could not connect to host -signere.no: could not connect to host +signere.no: did not receive HSTS header signoracle.com: could not connect to host signosquecombinam.com.br: could not connect to host sigsegv.run: did not receive HSTS header -sigterm.no: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] +sihaizixun.net: could not connect to host siikarantacamping.fi: did not receive HSTS header sijimi.cn: could not connect to host sijmenschoon.nl: could not connect to host sikatehtaat.fi: could not connect to host siku.pro: could not connect to host -silent.live: could not connect to host silentcircle.com: did not receive HSTS header silentcircle.org: could not connect to host silentexplosion.de: could not connect to host silentlink.io: could not connect to host silentmode.com: max-age too low: 7889238 silicagelpackets.ca: did not receive HSTS header -sillisalaatti.fi: could not connect to host +silke-hunde.de: did not receive HSTS header silqueskineyeserum.com: could not connect to host silver-drachenkrieger.de: did not receive HSTS header silverback.is: did not receive HSTS header silvergoldbull.ba: could not connect to host silvergoldbull.md: could not connect to host -silvergoldbull.ru: could not connect to host silverhome.ninja: could not connect to host silverpvp.com: could not connect to host silverstartup.sk: could not connect to host silviamacallister.com: did not receive HSTS header silvistefi.com: could not connect to host -silvobeat.blog: could not connect to host +sim-sim.appspot.com: did not receive HSTS header +sim4seed.org: could not connect to host simbast.com: could not connect to host simbihaiti.com: max-age too low: 7889238 simbol.id: could not connect to host @@ -12168,7 +13099,7 @@ simbolo.co.uk: could not connect to host simccorp.com: did not receive HSTS header simeon.us: max-age too low: 2592000 simfri.com: could not connect to host -simha.online: could not connect to host +simha.online: did not receive HSTS header simhaf.cf: could not connect to host simnovo.net: did not receive HSTS header simobilklub.si: could not connect to host @@ -12178,6 +13109,7 @@ simon.butcher.name: max-age too low: 2629743 simon.lc: did not receive HSTS header simongong.net: did not receive HSTS header simonsaxon.com: did not receive HSTS header +simonschmitt.ch: could not connect to host simonsmh.cc: did not receive HSTS header simpan.id: could not connect to host simpeo.fr: did not receive HSTS header @@ -12193,6 +13125,7 @@ simplixos.org: could not connect to host simplyenak.com: did not receive HSTS header sims4hub.ga: could not connect to host simtin-net.de: could not connect to host +simumiehet.com: could not connect to host simyo.nl: did not receive HSTS header sin30.net: could not connect to host sincai666.com: could not connect to host @@ -12201,27 +13134,29 @@ sincron.org: could not connect to host sinefili.com: did not receive HSTS header sinful.pw: could not connect to host singee.site: could not connect to host -singerwang.com: did not receive HSTS header +singerwang.com: could not connect to host +singles-berlin.de: could not connect to host singul4rity.com: could not connect to host sinkip.com: could not connect to host sinneserweiterung.de: could not connect to host +sinon.org: did not receive HSTS header sinoscandinavia.se: could not connect to host sinosky.org: did not receive HSTS header -sinsojb.me: could not connect to host +sinsojb.me: did not receive HSTS header sintesysglobal.com: did not receive HSTS header sinusbot.online: did not receive HSTS header sion.moe: did not receive HSTS header -sipc.org: did not receive HSTS header -sipsik.net: could not connect to host +sipsik.net: did not receive HSTS header siqi.wang: could not connect to host +sirburton.com: did not receive HSTS header siriad.com: could not connect to host sirius-lee.net: could not connect to host siro.gq: did not receive HSTS header siroop.ch: max-age too low: 86400 -sisseastumine.ee: did not receive HSTS header +sisgopro.com: could not connect to host sistemasespecializados.com: did not receive HSTS header +sistemlash.com: did not receive HSTS header sistersurprise.de: did not receive HSTS header -sitc.sk: could not connect to host sitecloudify.com: could not connect to host sitecuatui.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] sitehome.eu: could not connect to host @@ -12231,15 +13166,17 @@ sitennisclub.com: did not receive HSTS header siterip.org: could not connect to host sites.google.com: did not receive HSTS header (error ignored - included regardless) sitesforward.com: did not receive HSTS header -sitesource101.com: did not receive HSTS header +sitesko.de: did not receive HSTS header +sitesource101.com: could not connect to host sitesten.com: did not receive HSTS header sittinginoblivion.com: did not receive HSTS header -sixcorners.info: could not connect to host sizingservers.be: did not receive HSTS header sizzle.co.uk: did not receive HSTS header +sja-se-training.com: could not connect to host +sjdaws.com: could not connect to host +sjdtaxi.com: did not receive HSTS header sjhyl11.com: could not connect to host sjsc.fr: did not receive HSTS header -sjsmith.id.au: did not receive HSTS header skandiabanken.no: did not receive HSTS header skaraborgsassistans.com: did not receive HSTS header skarox.com: could not connect to host @@ -12248,9 +13185,9 @@ skarox.eu: could not connect to host skarox.net: could not connect to host skarox.ru: could not connect to host skates.guru: did not receive HSTS header +skday.com: did not receive HSTS header ski-insurance.com.au: did not receive HSTS header skidstresser.com: could not connect to host -skifairview.com: did not receive HSTS header skiinstructor.services: did not receive HSTS header skilldetector.com: could not connect to host skillproxy.com: could not connect to host @@ -12265,6 +13202,7 @@ skoda-clever-lead.de: could not connect to host skoda-im-dialog.de: could not connect to host skoda-nurdiebesten.de: did not receive HSTS header skoda-service-team-cup.de: did not receive HSTS header +skomski.org: did not receive HSTS header skotty.io: did not receive HSTS header skpdev.net: could not connect to host skrivande.co: could not connect to host @@ -12272,14 +13210,17 @@ skullhouse.nyc: did not receive HSTS header sky-aroma.com: could not connect to host skyasker.cn: could not connect to host skyasker.com: did not receive HSTS header -skybound.link: could not connect to host +skybloom.com: could not connect to host skyflix.me: could not connect to host skyline.link: could not connect to host skyline.tw: did not receive HSTS header skylocker.net: could not connect to host +skylocker.nl: could not connect to host skyoy.com: did not receive HSTS header skypeassets.com: could not connect to host +skypoker.com: could not connect to host skyrunners.ch: could not connect to host +skytec.host: did not receive HSTS header skyvault.io: could not connect to host skyveo.ml: did not receive HSTS header skyway.capital: did not receive HSTS header @@ -12294,7 +13235,7 @@ slashand.co: could not connect to host slashbits.no: did not receive HSTS header slashdesign.it: did not receive HSTS header slashem.me: did not receive HSTS header -slattery.co: could not connect to host +slattery.co: did not receive HSTS header slauber.de: did not receive HSTS header sleeklounge.com: did not receive HSTS header sleep10.com: could not connect to host @@ -12309,34 +13250,40 @@ sln.cloud: could not connect to host slope.haus: could not connect to host slovakiana.sk: did not receive HSTS header slovoice.org: could not connect to host +slowfood.es: did not receive HSTS header slowsociety.org: could not connect to host slse.ca: max-age too low: 0 +sluimann.de: could not connect to host sluplift.com: did not receive HSTS header -slycurity.de: did not receive HSTS header +slycurity.de: could not connect to host slytech.ch: could not connect to host smallcdn.rocks: could not connect to host smallchat.nl: could not connect to host smalldata.tech: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] -smallplanet.ch: could not connect to host +smallplanet.ch: did not receive HSTS header smallshopit.com: did not receive HSTS header smart-mirror.de: did not receive HSTS header smart-ov.nl: could not connect to host smartbiz.vn: could not connect to host -smartboleta.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] +smartboleta.com: did not receive HSTS header smartbuyelectric.com: could not connect to host smartcoin.com.br: could not connect to host smarterskies.gov: did not receive HSTS header smarthomedna.com: did not receive HSTS header +smartietop.com: could not connect to host smartit.pro: did not receive HSTS header smartlend.se: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] smartofficesandsmarthomes.com: did not receive HSTS header smartofficeusa.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] smartphone.continental.com: could not connect to host smartrak.co.nz: did not receive HSTS header +smartshoppers.es: did not receive HSTS header +smcbox.com: could not connect to host smdev.fr: could not connect to host smet.us: could not connect to host smexpt.com: did not receive HSTS header smi-a.me: could not connect to host +smiatek.name: could not connect to host smileawei.com: could not connect to host smimea.com: did not receive HSTS header smirkingwhorefromhighgarden.pro: could not connect to host @@ -12348,7 +13295,8 @@ smksultanismail2.com: could not connect to host smkw.com: did not receive HSTS header sml.lc: could not connect to host smmcab.ru: could not connect to host -smol.cat: did not receive HSTS header +smmcab.website: could not connect to host +smokinghunks.com: could not connect to host smove.sg: did not receive HSTS header smplix.com: could not connect to host smries.com: could not connect to host @@ -12365,7 +13313,8 @@ snakehosting.dk: did not receive HSTS header snapappts.com: could not connect to host snapworks.net: did not receive HSTS header snarf.in: could not connect to host -sneaker.date: did not receive HSTS header +sneak.berlin: could not connect to host +sneaker.date: could not connect to host sneed.company: could not connect to host snekchat.moe: could not connect to host snelwerk.be: could not connect to host @@ -12378,13 +13327,19 @@ snod.land: did not receive HSTS header snoozedds.com: max-age too low: 600 snoqualmiefiber.org: could not connect to host snovey.com: could not connect to host +snow-online.de: could not connect to host snowdy.eu: could not connect to host snowdy.link: could not connect to host +snowplane.net: did not receive HSTS header +snowraven.de: did not receive HSTS header so-healthy.co.uk: did not receive HSTS header sobabox.ru: could not connect to host sobinski.pl: did not receive HSTS header soboleva-pr.com.ua: could not connect to host +sobreporcentagem.com: did not receive HSTS header +socal-babes.com: could not connect to host soccergif.com: could not connect to host +soccersavings.com: could not connect to host soci.ml: could not connect to host social-journey.com: could not connect to host socialbillboard.com: could not connect to host @@ -12394,7 +13349,6 @@ socialfacecook.com: could not connect to host socialgrowing.cl: did not receive HSTS header socialhead.io: could not connect to host socialhub.com: did not receive HSTS header -socialnitro.com: could not connect to host socialprize.com: could not connect to host socialspirit.com.br: did not receive HSTS header socialworkout.com: could not connect to host @@ -12407,28 +13361,31 @@ socomponents.co.uk: could not connect to host sodacore.com: could not connect to host soe-server.com: could not connect to host softballsavings.com: did not receive HSTS header -softclean.pt: could not connect to host +softclean.pt: did not receive HSTS header sogeek.me: could not connect to host sogravatas.net.br: could not connect to host sojingle.net: could not connect to host +soju.fi: did not receive HSTS header sokolka.tv: did not receive HSTS header sol-3.de: did not receive HSTS header solarcom.com.br: could not connect to host solartrackerapp.com: could not connect to host soldbygold.net: did not receive HSTS header solentes.com.br: could not connect to host +soleria.eu: did not receive HSTS header solidfuelappliancespares.co.uk: did not receive HSTS header solidimage.com.br: could not connect to host -solidus.systems: could not connect to host +solidtuesday.com: could not connect to host +solidus.systems: did not receive HSTS header solidwebnetworks.co.uk: did not receive HSTS header solinter.com.br: did not receive HSTS header solisrey.es: could not connect to host soljem.com: did not receive HSTS header soll-i.ch: did not receive HSTS header -solos.im: did not receive HSTS header solosmusic.xyz: could not connect to host solsystems.ru: did not receive HSTS header solutive.fi: did not receive HSTS header +solvingproblems.com.au: could not connect to host solymar.co: could not connect to host some.rip: max-age too low: 6307200 somebodycares.org: did not receive HSTS header @@ -12436,8 +13393,10 @@ someshit.xyz: could not connect to host something-else.cf: could not connect to host somethingnew.xyz: could not connect to host somethingsimilar.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] +somewherein.jp: did not receive HSTS header sonafe.info: did not receive HSTS header sonerezh.bzh: did not receive HSTS header +sonialive.com: did not receive HSTS header sonic.network: did not receive HSTS header sonicrainboom.rocks: could not connect to host sonja-daniels.com: could not connect to host @@ -12450,12 +13409,11 @@ soply.com: could not connect to host soporte.cc: could not connect to host sorenam.com: could not connect to host sorensen-online.com: could not connect to host -sorincocorada.ro: could not connect to host sorinmuntean.ro: did not receive HSTS header -sorn.service.gov.uk: did not receive HSTS header sortaweird.net: could not connect to host sortingwizard.com: could not connect to host soruly.moe: did not receive HSTS header +sos.de: did not receive HSTS header sosaka.ml: could not connect to host sosecu.red: could not connect to host sosiolog.com: could not connect to host @@ -12468,11 +13426,16 @@ soulcraft.bz: could not connect to host soulema.com: could not connect to host soulfulglamour.uk: could not connect to host soulsteer.com: could not connect to host +soumikghosh.com: did not receive HSTS header +soundbytemedia.com: did not receive HSTS header soundforsound.co.uk: did not receive HSTS header -souravsaha.com: did not receive HSTS header +soundgasm.net: could not connect to host +soundsecurity.io: could not connect to host +souqtajmeel.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] sourcecode.love: could not connect to host sourcelair.com: did not receive HSTS header sourcitec.com: did not receive HSTS header +sous-surveillance.net: could not connect to host southcoastkitesurf.co.uk: did not receive HSTS header southcoastswords.com: did not receive HSTS header southernjamusa.com: did not receive HSTS header @@ -12488,6 +13451,7 @@ sovereignshare.com: could not connect to host sown.dyndns.org: could not connect to host sowncloud.de: could not connect to host soz6.com: did not receive HSTS header +sp-sephiroth.jp: max-age too low: 0 sp.rw: could not connect to host spacecafe.org: did not receive HSTS header spacedust.xyz: could not connect to host @@ -12500,9 +13464,9 @@ spaggel.nl: did not receive HSTS header spaldingwall.com: could not connect to host spam.lol: could not connect to host spamloco.net: did not receive HSTS header +spanda.io: could not connect to host spangehlassociates.com: did not receive HSTS header spanien.guide: could not connect to host -spar.co.uk: max-age too low: 0 sparelib.com: max-age too low: 3650 spark.team: could not connect to host sparkbase.cn: could not connect to host @@ -12518,31 +13482,29 @@ spcx.eu: could not connect to host spdysync.com: could not connect to host specialedesigns.com: could not connect to host specialistnow.com.au: did not receive HSTS header +spectreattack.com: did not receive HSTS header speculor.net: could not connect to host -spedition-transport-umzug.de: could not connect to host spedplus.com.br: did not receive HSTS header speed-mailer.com: could not connect to host speedcounter.net: could not connect to host speeds.vip: could not connect to host speedway.com.pl: did not receive HSTS header +speedychat.it: could not connect to host speedyprep.com: did not receive HSTS header speidel.com.tr: did not receive HSTS header spencerbaer.com: could not connect to host spendwise.com.au: could not connect to host sperohub.io: could not connect to host sperohub.lt: did not receive HSTS header -spherenix.org: could not connect to host sphinx.network: could not connect to host spicydog.tk: could not connect to host spicywombat.com: could not connect to host -spidermail.tk: could not connect to host -spidernet.tk: could not connect to host spiegels.nl: could not connect to host spielcasinos.com: did not receive HSTS header -spiet.nl: could not connect to host spikeykc.me: did not receive HSTS header spilsbury.io: could not connect to host spineandscoliosis.com: did not receive HSTS header +spinner.dnshome.de: could not connect to host spirit-dev.net: max-age too low: 0 spirit-hunters-germany.de: did not receive HSTS header spiritbionic.ro: could not connect to host @@ -12555,14 +13517,19 @@ split.is: could not connect to host splunk.zone: could not connect to host spokonline.com: could not connect to host spon.cz: did not receive HSTS header +sponsorowani.pl: did not receive HSTS header sponsortobias.com: could not connect to host spontex.org: did not receive HSTS header +spookyinternet.com: could not connect to host sporara.com: did not receive HSTS header +sport247.bet: max-age too low: 2592000 sportchirp-internal.azurewebsites.net: did not receive HSTS header sporthit.ru: could not connect to host sportifik.com: did not receive HSTS header sportingoods.com.br: could not connect to host +sportressofblogitude.com: did not receive HSTS header sportscollection.com.br: could not connect to host +sportsmanadvisor.com: could not connect to host sportwette.eu: did not receive HSTS header spot-events.com: could not connect to host spotifyripper.tk: could not connect to host @@ -12574,18 +13541,18 @@ sprigings.com: did not receive HSTS header springsoffthegrid.com: could not connect to host sprint.ml: did not receive HSTS header sprk.fitness: did not receive HSTS header +sproing.ca: max-age too low: 0 spron.in: could not connect to host sproutconnections.com: could not connect to host -sprueche-zum-valentinstag.de: did not receive HSTS header -sprueche-zur-geburt.info: did not receive HSTS header +sprueche-zum-valentinstag.de: could not connect to host +sprueche-zur-geburt.info: could not connect to host sprueche-zur-hochzeit.de: did not receive HSTS header sprueche-zur-konfirmation.de: did not receive HSTS header sprutech.de: could not connect to host -sputnik1net.org: could not connect to host +spykedigital.com: could not connect to host sqetsa.com: did not receive HSTS header sqshq.de: did not receive HSTS header squaddraft.com: did not receive HSTS header -squadlinx.com: could not connect to host square.gs: could not connect to host squarelab.it: did not receive HSTS header squatldf.org: could not connect to host @@ -12610,9 +13577,9 @@ ssh.nu: could not connect to host sshool.at: could not connect to host ssl.panoramio.com: could not connect to host ssl.rip: could not connect to host +sslpoint.com: did not receive HSTS header sslzilla.de: did not receive HSTS header ssn1.ru: did not receive HSTS header -sso.to: could not connect to host sspanda.com: could not connect to host ssrvpn.tech: could not connect to host sss3s.com: could not connect to host @@ -12625,14 +13592,16 @@ stackhub.cc: could not connect to host stadionmanager.com: could not connect to host stadjerspasonline.nl: could not connect to host stadtbauwerk.at: did not receive HSTS header +stadtbuecherei-bad-wurzach.de: max-age too low: 0 stadtgartenla.com: could not connect to host staffjoy.com: did not receive HSTS header staffjoystaging.com: could not connect to host stagingjobshq.com: did not receive HSTS header -stahl.xyz: could not connect to host +stahl.xyz: did not receive HSTS header stalkerhispano.com: max-age too low: 0 stalkerteam.pl: did not receive HSTS header stalkthe.net: could not connect to host +stall-zur-linde.de: did not receive HSTS header stalschermer.nl: could not connect to host stanandjerre.org: could not connect to host standardssuck.org: did not receive HSTS header @@ -12641,6 +13610,7 @@ standoutbooks.com: max-age too low: 0 standuppaddlesports.com.au: did not receive HSTS header stannahtrapliften.nl: did not receive HSTS header star-stuff.de: did not receive HSTS header +star.do: could not connect to host starandshield.com: did not receive HSTS header starapple.nl: did not receive HSTS header starcafe.me: could not connect to host @@ -12648,15 +13618,17 @@ stardeeps.net: max-age too low: 0 starease.net: could not connect to host starfeeling.net: could not connect to host stargatepartners.com: did not receive HSTS header -starina.ru: could not connect to host starklane.com: max-age too low: 300 starmusic.ga: could not connect to host starplatinum.jp: could not connect to host starquake.nl: could not connect to host +starsam80.net: could not connect to host starsbattle.net: could not connect to host +starteesforsale.co.za: did not receive HSTS header startup.melbourne: could not connect to host startuplevel.com: could not connect to host startuponcloud.com: max-age too low: 2678400 +startuppeople.co.uk: could not connect to host startupum.ru: could not connect to host stash.ai: did not receive HSTS header state-of-body-and-mind.com: could not connect to host @@ -12670,10 +13642,11 @@ static.hosting: could not connect to host static.or.at: did not receive HSTS header staticanime.net: could not connect to host staticisnoise.com: could not connect to host -stationaryjourney.com: could not connect to host +stationaryjourney.com: did not receive HSTS header stationcharlie.com: could not connect to host stationnementdenuit.ca: did not receive HSTS header status-sprueche.de: did not receive HSTS header +status.coffee: could not connect to host statusbot.io: could not connect to host statuschecks.net: could not connect to host stavebnice.net: did not receive HSTS header @@ -12681,11 +13654,9 @@ staxflax.tk: could not connect to host stayokhotelscdc-mailing.com: could not connect to host stcable.net: did not receive HSTS header stcomex.com: did not receive HSTS header -stdrc.cc: did not receive HSTS header +stdev.org: could not connect to host steamhours.com: could not connect to host steampunkrobot.com: did not receive HSTS header -steborio.pw: could not connect to host -stedbg.net: could not connect to host steelbea.ms: could not connect to host steelrhino.co: could not connect to host steem.io: did not receive HSTS header @@ -12699,33 +13670,39 @@ steph3n.me: could not connect to host stephanierxo.com: did not receive HSTS header stephanos.me: could not connect to host stephenandburns.com: did not receive HSTS header +stephenjvoiceovers.com: did not receive HSTS header stephensolis.net: could not connect to host stephensolisrey.es: could not connect to host steplogictalent.com: could not connect to host sterjoski.com: did not receive HSTS header +stesti.cz: could not connect to host stevechekblain.win: could not connect to host stevengoodpaster.com: could not connect to host stevensheffey.me: could not connect to host stevensononthe.net: did not receive HSTS header steventruesdell.com: could not connect to host stewartremodelingadvantage.com: could not connect to host +stewonet.nl: did not receive HSTS header +stge.uk: could not connect to host sticklerjs.org: could not connect to host stickmy.cn: could not connect to host stickswag.cf: could not connect to host +stig.io: did not receive HSTS header stiger.me: could not connect to host stigroom.com: could not connect to host +stijnbelmans.be: max-age too low: 604800 stilettomoda.com.br: could not connect to host stillblackhat.id: could not connect to host stillyarts.com: did not receive HSTS header stinkytrashhound.com: could not connect to host stirlingpoon.net: could not connect to host stirlingpoon.xyz: could not connect to host -stitthappens.com: could not connect to host +stitthappens.com: did not receive HSTS header stjohnmiami.org: did not receive HSTS header stjohnsc.com: could not connect to host stkbn.com: could not connect to host stkeverneparishcouncil.org.uk: did not receive HSTS header -stl.news: did not receive HSTS header +stl.news: max-age too low: 0 stlucasmuseum.org: did not receive HSTS header stmbgr.com: could not connect to host stn.me.uk: did not receive HSTS header @@ -12740,7 +13717,6 @@ stole-my.tv: could not connect to host stomadental.com: did not receive HSTS header stonecutterscommunity.com: could not connect to host stonemanbrasil.com.br: could not connect to host -stonewuu.com: could not connect to host stopakwardhandshakes.org: could not connect to host stopwoodfin.org: could not connect to host storbritannien.guide: could not connect to host @@ -12753,13 +13729,13 @@ storiesofhealth.org: did not receive HSTS header stormhub.org: could not connect to host stormwatcher.org: could not connect to host stormyyd.com: max-age too low: 0 +storytime.hu: could not connect to host stpatricksguild.com: did not receive HSTS header stqry.com: did not receive HSTS header str0.at: did not receive HSTS header strangeplace.net: did not receive HSTS header strangescout.me: did not receive HSTS header strasweb.fr: did not receive HSTS header -strathewerd.de: did not receive HSTS header strbt.de: could not connect to host strchr.com: did not receive HSTS header stream-ing.xyz: could not connect to host @@ -12769,18 +13745,18 @@ streamer.tips: did not receive HSTS header streamingeverywhere.com: could not connect to host streamingmagazin.de: could not connect to host streampanel.net: did not receive HSTS header -streampleasure.xyz: did not receive HSTS header streamthemeeting.com: did not receive HSTS header streamzilla.com: did not receive HSTS header -streetmarket.ru: could not connect to host +street-smart-home.de: could not connect to host strehl.tk: could not connect to host -streklhof.at: did not receive HSTS header +strelitzia02.com: could not connect to host stressfreehousehold.com: could not connect to host strictlysudo.com: could not connect to host strife.tk: could not connect to host strila.me: could not connect to host striptizer.tk: did not receive HSTS header stroeercrm.de: could not connect to host +strommenhome.com: could not connect to host strongest-privacy.com: could not connect to host stuartbaxter.co: could not connect to host stubbings.eu: could not connect to host @@ -12796,10 +13772,12 @@ studio-panic.com: did not receive HSTS header studiocn.cn: did not receive HSTS header studiodoprazer.com.br: could not connect to host studiozelden.com: did not receive HSTS header +studport.rv.ua: max-age too low: 604800 studyabroadstation.com: could not connect to host studybay.com: did not receive HSTS header studydrive.net: did not receive HSTS header studyhub.cf: did not receive HSTS header +studying-neet.com: could not connect to host stugb.de: did not receive HSTS header stumeta2018.de: could not connect to host stupidstatetricks.com: could not connect to host @@ -12809,8 +13787,9 @@ sturge.co.uk: did not receive HSTS header stuudium.life: could not connect to host stylenda.com: could not connect to host stylle.me: could not connect to host -stytt.com: could not connect to host +stytt.com: did not receive HSTS header suareforma.com: could not connect to host +suave.io: did not receive HSTS header subbing.work: could not connect to host subdimension.org: could not connect to host subeesu.com: could not connect to host @@ -12821,14 +13800,17 @@ subsys.no: did not receive HSTS header subtitle.rip: could not connect to host subwayz.de: did not receive HSTS header subzerolosangeles.com: did not receive HSTS header +subzerotech.co.uk: could not connect to host successwithflora.com: could not connect to host succubus.network: could not connect to host succubus.xxx: could not connect to host +suche.org: could not connect to host suchprogrammer.net: did not receive HSTS header sudo.im: could not connect to host sudo.li: did not receive HSTS header sudosu.fr: could not connect to host suempresa.cloud: could not connect to host +suffts.de: did not receive HSTS header sugarcitycon.com: could not connect to host sugarsweetorsour.com: did not receive HSTS header sugartownfarm.com: could not connect to host @@ -12838,23 +13820,24 @@ suitocracy.com: could not connect to host summer.ga: could not connect to host summitbankofkc.com: did not receive HSTS header summitmasters.net: did not receive HSTS header -sumoscout.de: could not connect to host -sun-wellness-online.com.vn: did not receive HSTS header +sumoscout.de: did not receive HSTS header sun.re: could not connect to host suncountrymarine.com: did not receive HSTS header sundaycooks.com: max-age too low: 2592000 suneilpatel.com: could not connect to host +sunfeathers.net: could not connect to host sunfireshop.com.br: could not connect to host -sunjaydhama.com: could not connect to host sunlandsg.vn: did not receive HSTS header sunnyfruit.ru: could not connect to host sunriseafricarelief.com: did not receive HSTS header sunshinepress.org: could not connect to host sunxchina.com: could not connect to host sunyanzi.tk: could not connect to host +sunyataherb.com: could not connect to host suos.io: could not connect to host supcro.com: could not connect to host -super-demarche.com: could not connect to host +super-demarche.com: did not receive HSTS header +super-erotica.ru: could not connect to host super-garciniaslim.com: could not connect to host super-o-blog.com: could not connect to host super-radiant-skin.com: could not connect to host @@ -12862,6 +13845,7 @@ super-ripped-power.com: could not connect to host super-slim-coffee.com: could not connect to host superbabysitting.ch: could not connect to host superbike.tw: could not connect to host +superbshare.com: could not connect to host supercastlessouthsydney.com.au: could not connect to host supercreepsvideo.com: did not receive HSTS header superiorfloridavacation.com: could not connect to host @@ -12870,6 +13854,7 @@ superlandnetwork.de: did not receive HSTS header superlentes.com.br: could not connect to host supernovabrasil.com.br: did not receive HSTS header superpase.com: could not connect to host +supersahnetorten.de: could not connect to host supersalescontest.nl: did not receive HSTS header superschnappchen.de: could not connect to host supersecurefancydomain.com: could not connect to host @@ -12877,22 +13862,24 @@ supertramp-dafonseca.com: did not receive HSTS header superuser.fi: could not connect to host superwally.org: could not connect to host supes.io: did not receive HSTS header +supperclub.es: could not connect to host support4server.de: could not connect to host supportfan.gov: could not connect to host suprlink.net: could not connect to host supweb.ovh: could not connect to host -surasak.org: could not connect to host surasak.xyz: could not connect to host suraya.online: could not connect to host surfeasy.com: did not receive HSTS header surfone-leucate.com: did not receive HSTS header surkatty.org: did not receive HSTS header -survivalistplanet.com: did not receive HSTS header susastudentenjobs.de: could not connect to host susconam.org: could not connect to host suseasky.com: did not receive HSTS header +sushifrick.de: could not connect to host +sushiwereld.be: did not receive HSTS header suspiciousdarknet.xyz: could not connect to host sussexwebdesigns.com: could not connect to host +sussexwebsites.info: could not connect to host sustainability.gov: did not receive HSTS header suts.co.uk: could not connect to host suttonbouncycastles.co.uk: could not connect to host @@ -12905,6 +13892,7 @@ svatba-frantovi.cz: could not connect to host svenluijten.com: did not receive HSTS header svenskacasino.com: did not receive HSTS header svenskaservern.se: could not connect to host +svetdrzaku.cz: did not receive HSTS header svetjakonadlani.cz: did not receive HSTS header sviz.pro: could not connect to host svj-stochovska.cz: could not connect to host @@ -12916,41 +13904,44 @@ swallsoft.co.uk: could not connect to host swallsoft.com: could not connect to host swanseapartyhire.co.uk: could not connect to host swarmation.com: did not receive HSTS header +sway.com: did not receive HSTS header swdatlantico.pt: could not connect to host sweep.cards: did not receive HSTS header sweetlegs.jp: could not connect to host sweetstreats.ca: could not connect to host sweetvanilla.jp: could not connect to host -sweharris.org: could not connect to host swfloshatraining.com: could not connect to host -swift-devedge.de: did not receive HSTS header +swift-devedge.de: could not connect to host swiftconf.com: did not receive HSTS header swiftcrypto.com: could not connect to host +swiftpk.net: could not connect to host swiggy.com: did not receive HSTS header swimming.ca: did not receive HSTS header swissentreprises.ch: could not connect to host swisstranslate.ch: did not receive HSTS header swisstranslate.fr: did not receive HSTS header swisswebhelp.ch: could not connect to host +swissxperts.ch: could not connect to host swite.com: did not receive HSTS header swmd5c.org: could not connect to host swordfighting.net: could not connect to host swu.party: could not connect to host -swuosa.org: could not connect to host sx3.no: could not connect to host sxbk.pw: could not connect to host syam.cc: could not connect to host sydgrabber.tk: could not connect to host -syha.org.uk: did not receive HSTS header sykl.us: could not connect to host +sylvaincombe.net: could not connect to host sylvangarden.org: could not connect to host sylvanorder.com: could not connect to host +symetria.io: max-age too low: 2592000 synackr.com: did not receive HSTS header synapticconsulting.co.uk: could not connect to host syncaddict.net: could not connect to host syncappate.com: could not connect to host syncclinicalstudy.com: could not connect to host syncer.jp: did not receive HSTS header +synchrocube.com: could not connect to host syncmylife.net: could not connect to host syncserve.net: did not receive HSTS header syneic.com: did not receive HSTS header @@ -12970,16 +13961,16 @@ syspen.space: could not connect to host sysrq.tech: could not connect to host syss.de: did not receive HSTS header systea.net: could not connect to host +system-online.cz: did not receive HSTS header systemd.me: could not connect to host +systemweb.no: could not connect to host syy.hk: did not receive HSTS header szaszm.tk: could not connect to host -szczot3k.pl: did not receive HSTS header szerbnyelvkonyv.hu: could not connect to host szlovaknyelv.hu: could not connect to host szlovennyelv.hu: could not connect to host szongott.net: did not receive HSTS header -szunia.com: could not connect to host -szymczak.at: could not connect to host +szymczak.at: did not receive HSTS header t-complex.space: could not connect to host t-ken.xyz: could not connect to host t-point.eu: did not receive HSTS header @@ -12995,8 +13986,10 @@ taberu-fujitsubo.com: did not receive HSTS header tabino.top: did not receive HSTS header tabitatsu.jp: did not receive HSTS header tabla-periodica.com: could not connect to host +tachyonapp.com: could not connect to host tacoma-games.com: did not receive HSTS header tacotown.tk: could not connect to host +tadata.me: could not connect to host tadcastercircuit.org.uk: did not receive HSTS header tadigitalstore.com: could not connect to host tafoma.com: did not receive HSTS header @@ -13006,9 +13999,14 @@ tahakomat.cz: could not connect to host tahf.net: could not connect to host taichi-jade.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] taidu.news: could not connect to host +tailandfur.com: did not receive HSTS header tailify.com: did not receive HSTS header +tailpuff.net: did not receive HSTS header tails.com.ar: could not connect to host taim.io: could not connect to host +takebackyourstate.com: could not connect to host +takebackyourstate.net: could not connect to host +takebackyourstate.org: could not connect to host takebonus.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] takedownthissite.com: could not connect to host takinet.kr: could not connect to host @@ -13018,18 +14016,21 @@ talentuar.com: could not connect to host tales-of-interia.de: could not connect to host talheim-records.ca: could not connect to host talk.google.com: did not receive HSTS header (error ignored - included regardless) +talk.xyz: could not connect to host talkitup.mx: could not connect to host talkitup.online: could not connect to host talklifestyle.nl: could not connect to host tallr.se: could not connect to host tallshoe.com: could not connect to host +talsi.eu: could not connect to host tam7t.com: did not receive HSTS header -tamasszabo.net: could not connect to host +tamaraboutique.com: could not connect to host +tamasszabo.net: did not receive HSTS header tamersunion.org: did not receive HSTS header tamex.xyz: could not connect to host tandarts-haarlem.nl: did not receive HSTS header tandblekningidag.com: could not connect to host -tandk.com.vn: did not receive HSTS header +tangel.me: could not connect to host tangerine.ga: could not connect to host tangibilizing.com: could not connect to host tangiblesecurity.com: did not receive HSTS header @@ -13039,16 +14040,17 @@ tangzhao.net: could not connect to host taniesianie.pl: did not receive HSTS header tankfreunde.de: did not receive HSTS header tante-bugil.net: could not connect to host +tantetilli.de: did not receive HSTS header tantotiempo.de: did not receive HSTS header tanze-jetzt.de: could not connect to host taotuba.net: did not receive HSTS header -taozj.org: could not connect to host +taozj.org: did not receive HSTS header tapestries.tk: could not connect to host tapfinder.ca: could not connect to host tapka.cz: did not receive HSTS header tappublisher.com: did not receive HSTS header +taqsim.jp: max-age too low: 0 taranis.re: could not connect to host -tarantul.org.ua: could not connect to host taravancil.com: did not receive HSTS header tarek.link: could not connect to host targaryen.house: could not connect to host @@ -13059,35 +14061,38 @@ taskstats.com: could not connect to host tasmansecurity.com: could not connect to host tassup.com: could not connect to host tasta.ro: did not receive HSTS header -tasticfilm.com: could not connect to host +tasticfilm.com: did not receive HSTS header tastyyy.co: could not connect to host tasyacherry-anal.com: could not connect to host tatilbus.com: could not connect to host tatilmix.com: could not connect to host -tatort-fanpage.de: did not receive HSTS header +tatort-fanpage.de: could not connect to host tatt.io: could not connect to host tauchkater.de: could not connect to host tavoittaja.fi: did not receive HSTS header tavopica.lt: did not receive HSTS header taxaudit.com: did not receive HSTS header taxbench.com: could not connect to host +taxiindenbosch.nl: could not connect to host taxmadras.com: could not connect to host taxsnaps.co.nz: did not receive HSTS header -taxsquirrel.com: could not connect to host +taxspeaker.com: did not receive HSTS header tazemama.biz: could not connect to host tazj.in: did not receive HSTS header tazz.in: could not connect to host tbarter.com: did not receive HSTS header tbrss.com: did not receive HSTS header +tbtech.cz: did not receive HSTS header +tbys.us: could not connect to host tc-bonito.de: did not receive HSTS header tcao.info: could not connect to host tcby45.xyz: could not connect to host -tchaka.top: could not connect to host tcl.ath.cx: did not receive HSTS header tcp.expert: did not receive HSTS header tcwebvn.com: could not connect to host tdelmas.eu: could not connect to host tdelmas.ovh: could not connect to host +tdpblog.site: could not connect to host tdsb.cf: could not connect to host tdsb.ga: could not connect to host tdsb.gq: could not connect to host @@ -13103,6 +14108,7 @@ tealdrones.com: did not receive HSTS header team-pancake.eu: did not receive HSTS header team-teasers.com: could not connect to host team2fou.cf: did not receive HSTS header +teamassists.com: did not receive HSTS header teambeoplay.co.uk: did not receive HSTS header teamblueridge.org: could not connect to host teamdaylo.xyz: could not connect to host @@ -13111,10 +14117,11 @@ teampoint.cz: could not connect to host teams.microsoft.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] teamsocial.co: did not receive HSTS header teamup.rocks: did not receive HSTS header -teamx-gaming.de: could not connect to host +teamx-gaming.de: did not receive HSTS header teamzeus.cz: could not connect to host teaparty.id: could not connect to host tearoy.faith: could not connect to host +teasenetwork.com: could not connect to host tebieer.com: could not connect to host tech-blog.fr: did not receive HSTS header tech-finder.fr: could not connect to host @@ -13123,7 +14130,7 @@ techandtux.de: could not connect to host techask.it: could not connect to host techassist.io: did not receive HSTS header techcavern.ml: did not receive HSTS header -techelements.co: could not connect to host +techelements.co: did not receive HSTS header techfactslive.com: did not receive HSTS header techhipster.net: could not connect to host techhub.ml: could not connect to host @@ -13134,9 +14141,11 @@ techmasters.andover.edu: could not connect to host techmatehq.com: could not connect to host technicalforensic.com: could not connect to host technicalpenguins.com: did not receive HSTS header +techniclab.net: could not connect to host +techniclab.org: could not connect to host +techniclab.ru: could not connect to host technikrom.org: did not receive HSTS header technogroup.cz: did not receive HSTS header -technologyand.me: could not connect to host technosavvyport.com: did not receive HSTS header technosuport.com: did not receive HSTS header technotonic.com.au: did not receive HSTS header @@ -13158,16 +14167,19 @@ tedxkmitl.com: could not connect to host tee-idf.net: could not connect to host teedb.de: could not connect to host teehaus-shila.de: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] +teenerotic.net: could not connect to host teeplelaw.com: did not receive HSTS header tefl.io: did not receive HSTS header tegelsensanitaironline.nl: did not receive HSTS header tehotuotanto.net: did not receive HSTS header tehplace.club: could not connect to host +tehranperfume.com: did not receive HSTS header tekiro.com: did not receive HSTS header teknogeek.id: could not connect to host teknologi.or.id: max-age too low: 36000 teknotes.co.uk: could not connect to host tekshrek.com: did not receive HSTS header +teksuperior.com: could not connect to host tektoria.de: could not connect to host tel-dithmarschen.de: did not receive HSTS header teleallarme.ch: could not connect to host @@ -13176,14 +14188,15 @@ telecharger-open-office.com: could not connect to host telecharger-winrar.com: could not connect to host telefisk.org: did not receive HSTS header telefonnummer.online: could not connect to host -telefonogratuito.com: did not receive HSTS header telefoonnummerinfo.nl: could not connect to host telekollektiv.org: could not connect to host telescam.com: could not connect to host +teleshop.be: could not connect to host teletechnology.in: did not receive HSTS header teletra.ru: could not connect to host telfordwhitehouse.co.uk: did not receive HSTS header tellingua.com: did not receive HSTS header +telugu4u.net: could not connect to host temasa.net: did not receive HSTS header temehu.com: did not receive HSTS header tempcraft.net: could not connect to host @@ -13207,8 +14220,11 @@ teodio.cl: did not receive HSTS header teoleonie.com: did not receive HSTS header teos.online: could not connect to host teoskanta.fi: could not connect to host +tequilazor.com: could not connect to host teranga.ch: did not receive HSTS header +tercerapuertoaysen.cl: could not connect to host terminalvelocity.co.nz: could not connect to host +termino.eu: did not receive HSTS header terra-x.net: could not connect to host terra.by: did not receive HSTS header terrax.berlin: could not connect to host @@ -13216,6 +14232,7 @@ terrax.info: did not receive HSTS header terrax.net: could not connect to host terrazoo.de: did not receive HSTS header teru.com.br: could not connect to host +test-dns.eu: could not connect to host test02.dk: did not receive HSTS header testadron.com: could not connect to host testandroid.xyz: could not connect to host @@ -13224,7 +14241,6 @@ testbirds.cz: could not connect to host testbirds.sk: could not connect to host testdomain.ovh: could not connect to host testnode.xyz: could not connect to host -testosterone-complex.com: could not connect to host testovaci.ml: could not connect to host tetrafinancial-commercial-business-equipment-financing.com: did not receive HSTS header tetrafinancial-energy-mining-equipment-financing.com: did not receive HSTS header @@ -13233,20 +14249,20 @@ tetrafinancial-manufacturing-industrial-equipment-financing.com: did not receive tetrafinancial-news.com: did not receive HSTS header tetrafinancial-technology-equipment-software-financing.com: did not receive HSTS header tetramax.eu: did not receive HSTS header +tetrarch.co: could not connect to host tetsai.com: could not connect to host teufelsystem.de: could not connect to host teuniz.nl: did not receive HSTS header texte-zur-taufe.de: did not receive HSTS header textoplano.xyz: could not connect to host textracer.dk: could not connect to host -tf2stadium.com: could not connect to host +tf2stadium.com: did not receive HSTS header tfcoms-sp-tracker-client.azurewebsites.net: could not connect to host tffans.com: could not connect to host tfl.lu: did not receive HSTS header tgbyte.com: did not receive HSTS header tgod.co: could not connect to host tgr.re: could not connect to host -tgtv.tn: did not receive HSTS header th-bl.de: did not receive HSTS header th3nd.com: did not receive HSTS header thackert.myfirewall.org: could not connect to host @@ -13270,7 +14286,6 @@ the-finance-blog.com: could not connect to host the-gist.io: could not connect to host the-paddies.de: did not receive HSTS header the-sky-of-valkyries.com: could not connect to host -the-zenti.de: did not receive HSTS header the.ie: max-age too low: 0 the420vape.org: could not connect to host theamateurs.net: did not receive HSTS header @@ -13287,26 +14302,30 @@ thebreakhotel.com: did not receive HSTS header thebrotherswarde.com: could not connect to host thebte.com: could not connect to host thebuffalotavern.com: could not connect to host +thecandidforum.com: could not connect to host thecapitalbank.com: did not receive HSTS header thecharlestonwaldorf.com: did not receive HSTS header +thecitizens.com: did not receive HSTS header theclementinebutchers.com: could not connect to host theclimbingunit.com: did not receive HSTS header +thecloudmigrator.com: did not receive HSTS header thecloudrevolution.net: did not receive HSTS header theclubjersey.com: did not receive HSTS header thecodeninja.net: did not receive HSTS header thecoffeehouse.xyz: could not connect to host thecoffeepod.co.uk: did not receive HSTS header -thecskr.in: could not connect to host +thecskr.in: did not receive HSTS header thecsw.com: did not receive HSTS header +thecustomizewindows.com: did not receive HSTS header thedailyupvote.com: could not connect to host thedarkartsandcrafts.com: could not connect to host thedevilwearswibra.nl: did not receive HSTS header -thedisc.nl: could not connect to host thedominatorsclan.com: did not receive HSTS header thedrinks.co: did not receive HSTS header thedrop.pw: did not receive HSTS header thedrunkencabbage.com: could not connect to host thedystance.com: could not connect to host +theel0ja.info: did not receive HSTS header theelitebuzz.com: could not connect to host theendofzion.com: did not receive HSTS header theepankar.com: could not connect to host @@ -13317,24 +14336,28 @@ theeyeopener.com: did not receive HSTS header thefarbeyond.com: could not connect to host thefootballanalyst.com: did not receive HSTS header thefox.co: could not connect to host +thefox.com.fr: could not connect to host thefreebirds.in: could not connect to host thefrk.xyz: could not connect to host thefrozenfire.com: did not receive HSTS header thefutureharrills.com: could not connect to host +thegcccoin.com: max-age too low: 0 thegemriverside.com.vn: could not connect to host thego2swatking.com: could not connect to host thegoldregister.co.uk: could not connect to host thegraciousgourmet.com: did not receive HSTS header +thegreens.us: could not connect to host thegreenvpn.com: could not connect to host thehiddenbay.cc: could not connect to host thehiddenbay.eu: could not connect to host +thehiddenbay.fi: could not connect to host thehiddenbay.me: could not connect to host thehiddenbay.net: could not connect to host +thehiddenbay.ws: could not connect to host thehighersideclothing.com: did not receive HSTS header thehistory.me: could not connect to host thehonorguard.org: did not receive HSTS header thehoopsarchive.com: could not connect to host -thehotfix.net: could not connect to host theimagesalon.com: max-age too low: 43200 theinvisibletrailer.com: could not connect to host theitsage.com: did not receive HSTS header @@ -13348,14 +14371,15 @@ thelostyankee.com: could not connect to host themadmechanic.net: could not connect to host themanufacturingmarketingagency.com: could not connect to host themarble.co: could not connect to host -themaster.site: did not receive HSTS header themathbehindthe.science: could not connect to host themathematician.uk: could not connect to host +themeaudit.com: could not connect to host themerchandiser.net: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] themesurgeons.net: could not connect to host themicrocapital.com: could not connect to host themoderate.xyz: could not connect to host thenextstep.events: could not connect to host +thenichecast.com: could not connect to host thenorthschool.org.uk: did not receive HSTS header thenrdhrd.nl: could not connect to host theodorejones.info: could not connect to host @@ -13367,7 +14391,6 @@ theoverfly.co: could not connect to host thepaffy.de: could not connect to host thepartywarehouse.co.uk: did not receive HSTS header thepcweb.tk: could not connect to host -thepeninsulaires.com: could not connect to host thepiratebay.al: could not connect to host thepiratebay.poker: could not connect to host thepiratebay.tech: could not connect to host @@ -13377,7 +14400,9 @@ theprivacysolution.com: could not connect to host thequillmagazine.org: could not connect to host therise.ca: max-age too low: 300 thermique.ch: could not connect to host +theroamingnotary.com: did not receive HSTS header therockawaysny.com: did not receive HSTS header +thesassynut.com: did not receive HSTS header thesearchnerds.co.uk: did not receive HSTS header thesecurityteam.net: could not connect to host thesehighsandlows.com: could not connect to host @@ -13389,34 +14414,35 @@ thesplit.is: could not connect to host thestack.xyz: could not connect to host thestagchorleywood.co.uk: did not receive HSTS header thestonegroup.de: could not connect to host +thestoritplace.com: max-age too low: 0 thetapirsmouth.com: could not connect to host -thethirdroad.com: did not receive HSTS header -thetradinghall.com: could not connect to host +thethirdroad.com: could not connect to host thetruthhurvitz.com: could not connect to host theurbanyoga.com: did not receive HSTS header theuucc.org: did not receive HSTS header thevintagenews.com: did not receive HSTS header thevoid.one: could not connect to host thewallset.com: could not connect to host -thewebdexter.com: could not connect to host thewebfellas.com: did not receive HSTS header thewego.com: could not connect to host theweilai.com: could not connect to host thewhiterabbit.space: could not connect to host theworkingeye.nl: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] thewp.pro: could not connect to host -thezero.org: could not connect to host thezonders.com: did not receive HSTS header thgros.fr: could not connect to host +thibautcharles.net: did not receive HSTS header thierfreund.de: did not receive HSTS header thinkcash.nl: could not connect to host thinkcoding.de: could not connect to host thinkcoding.org: could not connect to host thinkdo.jp: could not connect to host +thinklikeanentrepreneur.com: did not receive HSTS header thinkswap.com: did not receive HSTS header thinlyveiledcontempt.com: could not connect to host thirdpartytrade.com: did not receive HSTS header thirty5.net: did not receive HSTS header +thirtyspot.com: could not connect to host thisisacompletetest.ga: could not connect to host thisisforager.com: could not connect to host thismumdoesntknowbest.com: could not connect to host @@ -13426,33 +14452,34 @@ thkb.net: could not connect to host thomas-ferney.fr: did not receive HSTS header thomas-gibertie.fr: did not receive HSTS header thomas-grobelny.de: could not connect to host -thomasbreads.com: max-age too low: 86400 thomascloud.ddns.net: could not connect to host -thomasetsophie.fr: could not connect to host +thomasgriffin.io: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] thomasharvey.me: did not receive HSTS header thomaskliszowski.fr: did not receive HSTS header -thomasmeester.nl: did not receive HSTS header thomasnet.fr: could not connect to host thomasscholz.com: max-age too low: 2592000 thomasschweizer.net: could not connect to host thomasvt.xyz: max-age too low: 2592000 thorbis.com: could not connect to host -thorbiswebsitedesign.com: did not receive HSTS header +thorbiswebsitedesign.com: could not connect to host thorgames.nl: did not receive HSTS header thorncreek.net: did not receive HSTS header thot.space: could not connect to host threatcentral.io: could not connect to host threebrothersbrewing.com: max-age too low: 2592000 threebulls.be: did not receive HSTS header +threit.de: did not receive HSTS header thriveapproach.co.uk: did not receive HSTS header thrivewellnesshub.co.za: did not receive HSTS header throughthelookingglasslens.co.uk: could not connect to host thrx.net: did not receive HSTS header thumbtack.com: did not receive HSTS header thundercampaign.com: could not connect to host +thuybich.com: did not receive HSTS header thyrex.fr: could not connect to host ti-js.com: could not connect to host -ti.blog.br: could not connect to host +ti.blog.br: did not receive HSTS header +tiacollection.com: did not receive HSTS header tianxicaipiao.com: could not connect to host tianxicaipiao.win: could not connect to host tianxicp.com: could not connect to host @@ -13463,12 +14490,14 @@ tibovanheule.site: could not connect to host ticketoplichting.nl: did not receive HSTS header tickopa.co.uk: could not connect to host tickreport.com: did not receive HSTS header -ticktock.today: did not receive HSTS header +ticktock.today: could not connect to host tictactux.de: could not connect to host tidmore.us: could not connect to host tie-online.org: did not receive HSTS header +tiendafetichista.com: could not connect to host tiendschuurstraat.nl: could not connect to host tiensnet.com: could not connect to host +tierarztpraxis-illerwinkel.de: did not receive HSTS header tierrarp.com: could not connect to host tiffanytravels.com: did not receive HSTS header tightlineproductions.com: did not receive HSTS header @@ -13476,7 +14505,6 @@ tigit.co.nz: could not connect to host tikutiku.pl: could not connect to host tildebot.com: could not connect to host tilient.eu: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] -tilikum.io: did not receive HSTS header tilkah.com.au: did not receive HSTS header tillcraft.com: could not connect to host timbeilby.com: could not connect to host @@ -13494,7 +14522,10 @@ timeserver2.de: could not connect to host timeserver3.de: could not connect to host timestamp.io: did not receive HSTS header timestamp.uk: could not connect to host +timhieubenh.net: could not connect to host timhjalpen.se: could not connect to host +timklefisch.de: did not receive HSTS header +timmy.im: could not connect to host timmy.ws: could not connect to host timotrans.de: did not receive HSTS header timotrans.eu: did not receive HSTS header @@ -13510,24 +14541,26 @@ tinchbear.xyz: did not receive HSTS header tindewen.net: could not connect to host tink.network: could not connect to host tipiakers.club: could not connect to host -tipps-fuer-den-haushalt.de: did not receive HSTS header +tipps-fuer-den-haushalt.de: could not connect to host tippspiel.cc: could not connect to host tipsyk.ru: could not connect to host tiredofeating.com: could not connect to host tiremoni.ch: did not receive HSTS header tirex.media: did not receive HSTS header +tism.in: could not connect to host tiste.org: could not connect to host titanlab.de: could not connect to host titanleaf.com: could not connect to host tittarpuls.se: could not connect to host titties.ml: could not connect to host +tjandpals.com: could not connect to host tjc.wiki: could not connect to host tjeckien.guide: could not connect to host tjs.me: could not connect to host tju.me: could not connect to host tkappertjedemetamorfose.nl: could not connect to host tkarstens.de: did not receive HSTS header -tkhw.tk: could not connect to host +tkhw.tk: did not receive HSTS header tkonstantopoulos.tk: could not connect to host tkts.cl: could not connect to host tlach.cz: did not receive HSTS header @@ -13541,6 +14574,7 @@ tlshost.net: could not connect to host tm-solutions.eu: could not connect to host tm.id.au: did not receive HSTS header tmaward.net: could not connect to host +tmconnects.com: did not receive HSTS header tmdc.ddns.net: could not connect to host tmhlive.com: could not connect to host tmin.cf: could not connect to host @@ -13550,13 +14584,12 @@ tmtradingmorocco.ma: could not connect to host tnb-plattform.de: could not connect to host tncnanet.com.br: could not connect to host tno.io: could not connect to host -tob-rulez.de: could not connect to host +to2mbn.org: could not connect to host tobaby.com.br: could not connect to host tobaccore.eu: could not connect to host tobaccore.sk: could not connect to host tobias-bielefeld.de: did not receive HSTS header tobiasbergius.se: could not connect to host -tobiaskorf.de: could not connect to host tobiasmathes.com: could not connect to host tobiasmathes.name: could not connect to host tobiasofficial.at: could not connect to host @@ -13571,10 +14604,12 @@ todosrv.com: could not connect to host tofa-koeln.de: could not connect to host tofu.im: could not connect to host togelonlinecommunity.com: did not receive HSTS header -tojeto.eu: could not connect to host +tohokufd.com: could not connect to host +tojeto.eu: did not receive HSTS header toka.sg: could not connect to host tokage.me: could not connect to host tokenloan.com: could not connect to host +tokfun.com: could not connect to host tokobungaasryflorist.com: did not receive HSTS header tokobungadijambi.com: did not receive HSTS header tokobungadilampung.com: could not connect to host @@ -13586,25 +14621,29 @@ tokotimbangandigitalmurah.web.id: did not receive HSTS header tokototech.com: could not connect to host tokoyo.biz: could not connect to host tollmanz.com: did not receive HSTS header -tollsjekk.no: did not receive HSTS header +tollsjekk.no: could not connect to host tolud.com: could not connect to host tom.run: did not receive HSTS header +tomandshirley.com: could not connect to host tomeara.net: could not connect to host tomevans.io: did not receive HSTS header tomharling.co.uk: could not connect to host tomlankhorst.nl: did not receive HSTS header +tomli.blog: could not connect to host tomli.me: could not connect to host tommounsey.com: did not receive HSTS header tommsy.com: did not receive HSTS header tommy-bordas.fr: did not receive HSTS header tommyads.com: could not connect to host tommyweber.de: did not receive HSTS header +tomochun.net: max-age too low: 0 tomphill.co.uk: could not connect to host +tomy.icu: could not connect to host tonburi.jp: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] tongmu.me: could not connect to host toniharant.de: could not connect to host +tono.us: could not connect to host toomanypillows.com: could not connect to host -top-solar-info.de: could not connect to host top-stage.net: could not connect to host top10mountainbikes.info: could not connect to host topanlage.de: could not connect to host @@ -13621,14 +14660,16 @@ topnovini.com: did not receive HSTS header toppik.com.br: could not connect to host topservercccam.com: did not receive HSTS header topshelfguild.com: could not connect to host +topshoptools.com: could not connect to host toptenthebest.com: did not receive HSTS header toptranslation.com: did not receive HSTS header +topwin.la: could not connect to host topyx.com: did not receive HSTS header tor2web.org: could not connect to host torbay.ga: could not connect to host +torbe.es: could not connect to host torchl.it: could not connect to host toretfaction.net: could not connect to host -torg-room.ru: could not connect to host torlock.download: could not connect to host torproject.org.uk: could not connect to host torproject.ovh: could not connect to host @@ -13639,6 +14680,7 @@ torrentz.website: could not connect to host torrentz2.eu: did not receive HSTS header tortugalife.de: could not connect to host torv.rocks: did not receive HSTS header +toscer.me: did not receive HSTS header tosecure.link: could not connect to host toshnix.com: could not connect to host toshub.com: could not connect to host @@ -13654,35 +14696,38 @@ totot.net: did not receive HSTS header toucedo.de: could not connect to host touch-up-net.com: could not connect to host touchbasemail.com: did not receive HSTS header +touchinformatica.com: did not receive HSTS header touchpointidg.us: could not connect to host touchscreen-handy.de: did not receive HSTS header +touchscreentills.com: could not connect to host touchstonefms.co.uk: did not receive HSTS header touray-enterprise.ch: could not connect to host tournaire.fr: did not receive HSTS header tourpeer.com: did not receive HSTS header toursandtransfers.it: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] tousproducteurs.fr: did not receive HSTS header -towandalibrary.org: did not receive HSTS header towaway.ru: could not connect to host town-farm.surrey.sch.uk: could not connect to host +tox.im: did not receive HSTS header toxicboot.com: could not connect to host toxicip.com: could not connect to host toxme.se: did not receive HSTS header toymania.de: could not connect to host toyotamotala.se: could not connect to host -tpansino.com: did not receive HSTS header tpbcdn.com: could not connect to host -tpblist.xyz: could not connect to host +tpblist.xyz: max-age too low: 0 tpbunblocked.org: could not connect to host tpe-edu.com: could not connect to host tpms4u.at: did not receive HSTS header tppdebate.org: did not receive HSTS header +trabajarenperu.com: did not receive HSTS header tracetracker.com: did not receive HSTS header tracetracker.no: did not receive HSTS header +tracewind.top: could not connect to host track.plus: could not connect to host trackdays4fun.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] tracker-gps.ch: could not connect to host -trackingstream.com: did not receive HSTS header +trackmeet.io: did not receive HSTS header tracktivity.com.au: did not receive HSTS header trade-smart.ru: could not connect to host tradietrove.com.au: did not receive HSTS header @@ -13692,37 +14737,51 @@ tradingcentre.com.au: did not receive HSTS header tradinghope.com: could not connect to host tradingrooms.com: did not receive HSTS header traditional-knowledge.tk: did not receive HSTS header +tradiz.org: could not connect to host traeningsprojekt.dk: did not receive HSTS header trafficquality.org: could not connect to host traffictigers.com: did not receive HSTS header traforet.win: could not connect to host train-track.co.uk: did not receive HSTS header traindb.nl: did not receive HSTS header +trainhorns.us: did not receive HSTS header training4girls.ru: could not connect to host traininglist.org: could not connect to host trainingproviderresults.gov: could not connect to host +trainline.at: could not connect to host +trainline.cn: could not connect to host +trainline.com.br: could not connect to host +trainline.com.pt: could not connect to host +trainline.cz: could not connect to host +trainline.dk: could not connect to host trainline.io: could not connect to host +trainline.nl: could not connect to host +trainline.no: could not connect to host +trainline.pl: could not connect to host +trainline.se: could not connect to host trainut.com: could not connect to host trakfusion.com: could not connect to host -tranhsondau.net: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] tranos.de: did not receive HSTS header transbike.es: did not receive HSTS header transcendmotor.sg: could not connect to host transcriptionwave.com: did not receive HSTS header transdirect.com.au: did not receive HSTS header transformify.org: did not receive HSTS header +transgendernetwerk.nl: did not receive HSTS header transl8.eu: did not receive HSTS header translate.googleapis.com: did not receive HSTS header (error ignored - included regardless) transmithe.net: could not connect to host transportal.sk: did not receive HSTS header transsexualpantyhose.com: could not connect to host -trauertexte.info: did not receive HSTS header +tratamentoparacelulite.biz: did not receive HSTS header +tratamentoparacelulite.net: did not receive HSTS header +trauertexte.info: could not connect to host traumhuetten.de: did not receive HSTS header travality.ru: could not connect to host travel-kuban.ru: did not receive HSTS header -travel1x1.com: could not connect to host +travel1x1.com: did not receive HSTS header travelinsightswriter.com: could not connect to host -travelinsurance.co.nz: did not receive HSTS header +travelling.expert: could not connect to host travotion.com: could not connect to host trazosdearte.com: did not receive HSTS header treasuredinheritanceministry.com: did not receive HSTS header @@ -13733,11 +14792,14 @@ treeremovaljohannesburg.co.za: could not connect to host treino.blog.br: could not connect to host treker.us: could not connect to host trell.co.in: did not receive HSTS header -tremoureux.fr: did not receive HSTS header +tremoureux.fr: could not connect to host trendberry.ru: could not connect to host trendingpulse.com: could not connect to host trendisland.de: did not receive HSTS header trendydips.com: could not connect to host +trentmaydew.com: did not receive HSTS header +tretkowski.de: did not receive HSTS header +trewe.eu: could not connect to host triadwars.com: did not receive HSTS header triageo.com.au: could not connect to host trialmock.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] @@ -13761,18 +14823,22 @@ trixies-wish.nz: could not connect to host trixy.com.br: could not connect to host troi.de: did not receive HSTS header trollme.me: could not connect to host +trollscave.xyz: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] tronflix.com: did not receive HSTS header troo.ly: could not connect to host trouter.io: could not connect to host trouver-son-chemin.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] +truckgpsreviews.com: did not receive HSTS header true.ink: did not receive HSTS header truebred-labradors.com: did not receive HSTS header truejob.com: did not receive HSTS header +trumeet.top: did not receive HSTS header trunkjunk.co: could not connect to host trush.in: could not connect to host trustedinnovators.com: could not connect to host trusteecar.com: did not receive HSTS header trustmeimfancy.com: could not connect to host +try2services.cm: did not receive HSTS header trybind.com: could not connect to host tryfabulousdiet.com: could not connect to host tryfm.net: did not receive HSTS header @@ -13789,6 +14855,7 @@ tsgbit.net: could not connect to host tsgoc.com: did not receive HSTS header tsigaradiko.com: could not connect to host tsrstore.gq: could not connect to host +tsu-ku-ro.com: could not connect to host tsukeawase.com: did not receive HSTS header tsukuba.style: could not connect to host tsumegumi.net: could not connect to host @@ -13811,18 +14878,20 @@ tubex.ga: could not connect to host tucidi.net: could not connect to host tucker.wales: could not connect to host tucnak.eu: could not connect to host +tudorapido.com.br: did not receive HSTS header tueche.com.ar: did not receive HSTS header -tuingereedschappen.net: did not receive HSTS header +tufilo.com: could not connect to host +tugers.com: did not receive HSTS header tuja.hu: could not connect to host +tulenceria.es: could not connect to host tulsameetingroom.com: could not connect to host -tuminauskas.lt: did not receive HSTS header -tunai.id: could not connect to host tunca.it: did not receive HSTS header tunebitfm.de: could not connect to host tungstenroyce.com: did not receive HSTS header tupizm.com: could not connect to host turismo.cl: could not connect to host turkiet.guide: could not connect to host +turkrock.com: did not receive HSTS header turn-sticks.com: could not connect to host turnik-67.ru: could not connect to host turniker.ru: could not connect to host @@ -13832,6 +14901,8 @@ turtles.ga: could not connect to host tusb.ml: did not receive HSTS header tussengelegenwoningverkopen.nl: could not connect to host tuthowto.com: did not receive HSTS header +tutiendaroja.com: did not receive HSTS header +tutiendarosa.com: did not receive HSTS header tutorio.ga: could not connect to host tutu.ro: could not connect to host tuturulianda.com: did not receive HSTS header @@ -13839,8 +14910,9 @@ tuvalie.com: did not receive HSTS header tuxhound.org: could not connect to host tv.search.yahoo.com: could not connect to host tvc.red: could not connect to host +tverdohleb.com: could not connect to host tvoru.com.ua: did not receive HSTS header -tvtubeflix.com: max-age too low: 2592000 +tvtubeflix.com: could not connect to host tvz-materijali.com: could not connect to host tw2-tools.ga: could not connect to host twarog.cc: could not connect to host @@ -13858,23 +14930,25 @@ twee-onder-een-kap-woning-in-zwartewaterland-kopen.nl: could not connect to host tweeondereenkapverkopen.nl: could not connect to host tweeondereenkapwoningverkopen.nl: could not connect to host tweetify.io: could not connect to host +twelve.rocks: could not connect to host twelve.today: could not connect to host -twelverocks.com: did not receive HSTS header +twelverocks.com: could not connect to host twillionmas.com: could not connect to host twinkieman.com: could not connect to host twinkseason.ca: could not connect to host twinkseason.co: could not connect to host twinkseason.co.uk: could not connect to host -twinkseason.com: could not connect to host twinkseason.net: could not connect to host twinkseason.org: could not connect to host twinkseason.xyz: could not connect to host twiri.net: could not connect to host twist.party: could not connect to host +twisted-brains.org: could not connect to host twitter.ax: could not connect to host twogo.com: did not receive HSTS header twolinepassbrewing.com: could not connect to host twolivelife.com: could not connect to host +twoo.com: could not connect to host twotube.ie: could not connect to host twuni.org: could not connect to host tx041cap.org: could not connect to host @@ -13884,32 +14958,36 @@ txcp01.com: could not connect to host txcp02.com: could not connect to host txf.pw: could not connect to host ty2u.com: did not receive HSTS header -tycjt.vip: could not connect to host +tycjt.vip: did not receive HSTS header tykoon.com: could not connect to host tyler.coach: could not connect to host tylercoach.com: could not connect to host -tylerharcourt.ca: could not connect to host +tylerharcourt.ca: max-age too low: 86400 tylerharcourt.com: could not connect to host -tylerharcourt.net: could not connect to host -tylerharcourt.org: could not connect to host +tylerharcourt.org: did not receive HSTS header tylerharcourt.xyz: could not connect to host tylerjharcourt.com: could not connect to host tylian.net: max-age too low: 0 +type1joe.com: could not connect to host +type1joe.net: could not connect to host +type1joe.org: could not connect to host typeofweb.com: did not receive HSTS header +typeonejoe.com: could not connect to host +typeonejoe.net: could not connect to host +typeonejoe.org: could not connect to host typingrevolution.com: did not receive HSTS header -tyreis.com: could not connect to host +tyreis.com: did not receive HSTS header tyrelius.com: could not connect to host tyroproducts.eu: did not receive HSTS header tyskland.guide: could not connect to host tysye.ca: could not connect to host +tyuo-keibi.co.jp: did not receive HSTS header tzappa.net: could not connect to host tzwe.com: could not connect to host u-master.net: did not receive HSTS header -u-tokyo.club: could not connect to host u175.com: could not connect to host uadp.pw: could not connect to host uahs.org.uk: did not receive HSTS header -uatgootax.ru: did not receive HSTS header ubalert.com: could not connect to host uber.com.au: did not receive HSTS header ubercalculator.com: did not receive HSTS header @@ -13918,22 +14996,27 @@ ubicloud.de: could not connect to host ubicv.com: could not connect to host ublox.com: did not receive HSTS header ubtce.com: could not connect to host -ubuntuhot.com: could not connect to host -udruga-point.hr: did not receive HSTS header +ubuntuhot.com: did not receive HSTS header +uc.ac.id: did not receive HSTS header +uclanmasterplan.co.uk: could not connect to host +udbhav.me: could not connect to host ueba1085.jp: could not connect to host uefeng.com: did not receive HSTS header uega.net: did not receive HSTS header +uerdingen.info: did not receive HSTS header uesociedadlimitada.com: could not connect to host ueu.me: could not connect to host uevan.com: could not connect to host ufgaming.com: did not receive HSTS header uflixit.com: did not receive HSTS header +ufo.moe: did not receive HSTS header ufotable.uk: could not connect to host ugcdn.com: could not connect to host ugisgutless.com: could not connect to host ugo.ninja: could not connect to host ugosadventures.com: could not connect to host uhasseltctf.ga: could not connect to host +uhlhosting.ch: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] uhm.io: did not receive HSTS header uhuru-market.com: could not connect to host uitslagensoftware.nl: did not receive HSTS header @@ -13945,33 +15028,34 @@ ukkeyholdingcompany.co.uk: could not connect to host ukrgadget.com: could not connect to host ulabox.cat: did not receive HSTS header ulabox.es: did not receive HSTS header -ulalau.com: could not connect to host +ulalau.com: did not receive HSTS header ullamodaintima.com.br: could not connect to host ulmo.dk: could not connect to host -ulti.gq: could not connect to host +ulti.gq: did not receive HSTS header ultimate-garcinia-plus.com: could not connect to host ultimate-glow-skin.com: could not connect to host ultimate-memoryplus.com: could not connect to host ultimate-neuroplus.com: could not connect to host ultros.io: did not receive HSTS header umaimise.info: did not receive HSTS header +umassfive.coop: did not receive HSTS header umgardi.ca: could not connect to host umidev.com: could not connect to host umie.cc: did not receive HSTS header ump45.moe: did not receive HSTS header -umsapi.com: could not connect to host -unapolegetic.co: did not receive HSTS header unart.info: could not connect to host unbanthe.net: could not connect to host -unblockat.tk: could not connect to host +unblockat.tk: did not receive HSTS header unblocked-networks.org: could not connect to host -unblocked.blue: could not connect to host +unblocked.blue: did not receive HSTS header unblocked.date: could not connect to host unblocked.faith: could not connect to host unblocked.host: could not connect to host unblocked.party: could not connect to host +unblocked.sh: could not connect to host unblocked.st: did not receive HSTS header unblocked.today: could not connect to host +unblocked.vc: could not connect to host unblocked.win: could not connect to host unblocked.works: could not connect to host unblocked.world: could not connect to host @@ -13987,9 +15071,10 @@ unblockthe.site: could not connect to host unblockthe.top: could not connect to host unccdesign.club: could not connect to host unclegen.xyz: could not connect to host +undeadbrains.de: did not receive HSTS header under30stravelinsurance.com.au: did not receive HSTS header +undercovercondoms.com: could not connect to host underkin.com: could not connect to host -underskatten.tk: could not connect to host unefuite.ch: could not connect to host unfiltered.nyc: could not connect to host ungern.guide: could not connect to host @@ -14007,7 +15092,9 @@ uniformehope.com.br: did not receive HSTS header uniformehumboldt.com.br: did not receive HSTS header uniformespousoalegre.com.br: did not receive HSTS header unikitty-on-tour.com: could not connect to host +unikrn.com: could not connect to host unionstationapp.com: could not connect to host +unipig.de: could not connect to host unirenter.ru: did not receive HSTS header unison.com: did not receive HSTS header unisyssecurity.com: could not connect to host @@ -14016,12 +15103,12 @@ unitedcyberdevelopment.com: [Exception... "Component returned failure code: 0x80 unitlabs.net: could not connect to host unitrade-425.co.za: did not receive HSTS header university4industry.com: did not receive HSTS header +universogay.com: could not connect to host univstore.win: could not connect to host univz.com: could not connect to host unixtime.pro: could not connect to host -unknownbreakup.com: did not receive HSTS header unknownphenomena.net: could not connect to host -unmonito.red: could not connect to host +unmanaged.space: could not connect to host unplugg3r.dk: could not connect to host unravel.ie: could not connect to host unschoolrules.com: did not receive HSTS header @@ -14036,35 +15123,35 @@ unyq.me: did not receive HSTS header uonstaffhub.com: could not connect to host uow.ninja: could not connect to host up1.ca: could not connect to host -upaknship.com: did not receive HSTS header -upbad.com: could not connect to host upboard.jp: could not connect to host -upgauged.com: could not connect to host upldr.pw: could not connect to host uploadbro.com: could not connect to host upmchealthsecurity.us: could not connect to host uporoops.com: could not connect to host uprotect.it: could not connect to host upstats.eu: could not connect to host -uptic.net: did not receive HSTS header +uptic.net: could not connect to host upupming.site: did not receive HSTS header ur-lauber.de: did not receive HSTS header urban-garden.lt: could not connect to host urban-garden.lv: could not connect to host urbanmic.com: could not connect to host +urbansparrow.in: could not connect to host +urbanstylestaging.com: did not receive HSTS header urbpic.com: could not connect to host urcentral.org: could not connect to host urlachershop.com.br: did not receive HSTS header +urlakite.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] urlchomp.com: did not receive HSTS header urology.wiki: did not receive HSTS header -urphp.com: could not connect to host -us-immigration.com: could not connect to host +urphp.com: did not receive HSTS header +us-immigration.com: did not receive HSTS header usaab.org: did not receive HSTS header usafuelservice.com: did not receive HSTS header usatomotori.com: did not receive HSTS header usbirthcertificate.com: could not connect to host usbtypeccompliant.com: could not connect to host -uscitizenship.info: could not connect to host +uscitizenship.info: did not receive HSTS header uscntalk.com: could not connect to host uscp8.com: could not connect to host uscurrency.gov: did not receive HSTS header @@ -14076,24 +15163,27 @@ usercare.com: did not receive HSTS header useresponse.com: did not receive HSTS header userify.com: max-age too low: 0 uslab.io: could not connect to host +usparklodging.com: did not receive HSTS header usportsgo.com: could not connect to host usr.nz: did not receive HSTS header +utdscanner.com: did not receive HSTS header utilitronium-shockwave.com: could not connect to host +utilityreport.eu: did not receive HSTS header utleieplassen.no: could not connect to host utopiagalaxy.space: could not connect to host +utopialgb.org.uk: could not connect to host utopian-surgery.com: could not connect to host utopianconcept.com: did not receive HSTS header utopianhomespa.com: did not receive HSTS header utopianrealms.org: did not receive HSTS header utopians.dk: did not receive HSTS header uttnetgroup.fr: could not connect to host -utumno.ch: did not receive HSTS header +utumno.ch: could not connect to host utvbloggen.se: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] uvarov.pw: did not receive HSTS header uwesander.de: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] uwfreelanceopticien.nl: could not connect to host -uwimonacs.org.jm: could not connect to host -uwsoftware.be: max-age too low: 0 +uwsoftware.be: did not receive HSTS header uwstartups.com: could not connect to host uxux.pl: could not connect to host uygindir.ml: could not connect to host @@ -14107,7 +15197,7 @@ v0tti.com: did not receive HSTS header v12.co.uk: did not receive HSTS header v2.pw: did not receive HSTS header v2ex.us: could not connect to host -v4s.ro: could not connect to host +v4s.ro: did not receive HSTS header v4veedu.com: could not connect to host v5wz.com: did not receive HSTS header v5xp.com: did not receive HSTS header @@ -14127,6 +15217,7 @@ vadennissanofhinesvilleparts.com: could not connect to host vadik.me: could not connect to host vadodesign.nl: did not receive HSTS header vaibhavchatarkar.com: could not connect to host +val-sec.com: could not connect to host valaeris.de: did not receive HSTS header valecnatechnika.cz: could not connect to host valenhub.com: could not connect to host @@ -14142,7 +15233,6 @@ valleyridgepta.org: could not connect to host vallis.net: could not connect to host valmagus.com: could not connect to host valopv.be: could not connect to host -valtoaho.com: could not connect to host vamoaeturismo.com.br: could not connect to host vamosfalardesaude.pt: could not connect to host vampirism.eu: could not connect to host @@ -14153,10 +15243,11 @@ vanderkroon.nl: could not connect to host vanderstraeten.dynv6.net: could not connect to host vanessabalibridal.com: could not connect to host vanestack.com: could not connect to host +vanetv.com: could not connect to host +vangeluwedeberlaere.be: did not receive HSTS header vanitas.xyz: did not receive HSTS header vanitynailworkz.com: could not connect to host vanlaanen.com: did not receive HSTS header -vanouwerkerk.net: could not connect to host vansieleghem.com: could not connect to host vapecraftinc.com: did not receive HSTS header vapemania.eu: could not connect to host @@ -14164,22 +15255,24 @@ vapeshopsupply.com: max-age too low: 7889238 varela-electricite.fr: could not connect to host variablyconstant.com: could not connect to host varta.io: could not connect to host -varunagw.com: could not connect to host vasa-webstranka.sk: did not receive HSTS header vasanth.org: could not connect to host -vascomm.co.id: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] +vase-eroticke-povidky.cz: could not connect to host vastkustenrunt.se: did not receive HSTS header +vati.pw: did not receive HSTS header vavai.net: did not receive HSTS header vayaport.com: could not connect to host vbest.net: could not connect to host vbhelp.org: did not receive HSTS header vbulletin-russia.com: could not connect to host vbulletinrussia.com: could not connect to host +vcdn.xyz: could not connect to host vcdove.com: could not connect to host vconcept.ch: could not connect to host vconcept.me: could not connect to host vcr.re: could not connect to host vdhco.be: did not receive HSTS header +vdownloader.com: could not connect to host vdrpro.com: could not connect to host veblen.com: did not receive HSTS header vechkasov.ru: could not connect to host @@ -14190,13 +15283,12 @@ vega.dyndns.info: could not connect to host vegalayer.com: did not receive HSTS header vegalengd.com: did not receive HSTS header veganosonline.com: could not connect to host +vegasdocs.com: did not receive HSTS header veggiefasting.com: could not connect to host veggiesbourg.fr: did not receive HSTS header vegis.ro: did not receive HSTS header -veglog.com: could not connect to host +veglog.com: did not receive HSTS header vehent.org: did not receive HSTS header -vehicleenquiry.service.gov.uk: did not receive HSTS header -vehicletax.service.gov.uk: did not receive HSTS header vehicleuplift.co.uk: did not receive HSTS header vekenz.com: could not connect to host velasense.com: could not connect to host @@ -14206,6 +15298,7 @@ vemokin.net: could not connect to host venicecomputerrepair.com: could not connect to host venicefloridawebsitedesign.com: could not connect to host venicerealdeal.com: could not connect to host +venirextra.com: did not receive HSTS header venirideal.com: did not receive HSTS header venixplays-stream.ml: could not connect to host venmos.com: could not connect to host @@ -14213,7 +15306,6 @@ venninvestorplatform.com: did not receive HSTS header venoom.eu: did not receive HSTS header vensl.org: could not connect to host venturepro.com: did not receive HSTS header -ventzke.com: did not receive HSTS header venzocrm.com: did not receive HSTS header ver-ooginoog.nl: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] veraandsteve.date: could not connect to host @@ -14221,6 +15313,7 @@ verdeandco.co.uk: could not connect to host verifiedinvesting.com: could not connect to host verifikatorindonesia.com: could not connect to host veristor.com: did not receive HSTS header +verliefde-jongens.nl: could not connect to host vermontcareergateway.org: could not connect to host vernonfishandgame.ca: did not receive HSTS header versfin.net: could not connect to host @@ -14238,9 +15331,12 @@ veto.fish: could not connect to host vfree.org: could not connect to host vgatest.nl: could not connect to host vglimg.com: could not connect to host +vgorcum.com: could not connect to host vhost.co.id: could not connect to host +vi.photo: could not connect to host viabemestar.com.br: could not connect to host viadeux.com: did not receive HSTS header +vialibido.com.br: could not connect to host viasinc.com: did not receive HSTS header vibrashop.com.br: did not receive HSTS header vicenage.com: could not connect to host @@ -14257,18 +15353,20 @@ videnskabsklubben.dk: did not receive HSTS header videoload.co: could not connect to host videomuz.com: could not connect to host videorullen.se: could not connect to host +videosxgays.com: could not connect to host videotogel.net: could not connect to host videoueberwachung-set.de: did not receive HSTS header vider.ga: could not connect to host vidid.net: could not connect to host vidiproject.com: did not receive HSTS header viditut.com: could not connect to host +vidkovaomara.si: could not connect to host vidlyoficial.com: could not connect to host vidz.ga: could not connect to host viennan.net: could not connect to host vietnam-lifer.com: could not connect to host vietnamchevrolet.net: did not receive HSTS header -vietnamphotographytours.com: could not connect to host +vietnamphotographytours.com: did not receive HSTS header viewsea.com: max-age too low: 0 vigilo.cf: could not connect to host vigilo.ga: could not connect to host @@ -14280,9 +15378,10 @@ viktorsvantesson.net: did not receive HSTS header viladochurrasco.com.br: could not connect to host vilaydin.com: did not receive HSTS header vilight.com.br: could not connect to host -villa-romantica-zillertal.at: did not receive HSTS header +villa-bellarte.de: could not connect to host villacarmela.com.br: did not receive HSTS header villainsclothing.com.au: could not connect to host +villalaskowa.pl: did not receive HSTS header villasenor.online: could not connect to host villekaaria.eu: could not connect to host vilog.me: could not connect to host @@ -14304,17 +15403,21 @@ vinesauce.info: could not connect to host vinetalk.net: could not connect to host vinicius.sl: could not connect to host viniferawineclub.com: did not receive HSTS header +vinogradovka.com: did not receive HSTS header vio.no: did not receive HSTS header violenceinterrupted.org: did not receive HSTS header violet-letter.delivery: could not connect to host viosey.com: could not connect to host +vioye.com: did not receive HSTS header viperdns.com: could not connect to host +vipesball.net: could not connect to host viphospitality.se: could not connect to host viplentes.com.br: did not receive HSTS header vipmusic.ga: could not connect to host -vipnettikasinoklubi.com: could not connect to host +vipnettikasinoklubi.com: did not receive HSTS header viral8.jp: could not connect to host virginiacrimeanalysisnetwork.org: did not receive HSTS header +virial.de: did not receive HSTS header viris.si: max-age too low: 536000 virtualhealth.com: did not receive HSTS header virtualstrongbox.ca: did not receive HSTS header @@ -14338,6 +15441,7 @@ vitalamin.ch: could not connect to host vitalita.cz: did not receive HSTS header vitalorange.com: did not receive HSTS header vitalthings.de: could not connect to host +vitamaxxi.com.br: could not connect to host vitapingu.de: could not connect to host vitta.me: did not receive HSTS header vitzro.kr: could not connect to host @@ -14346,6 +15450,7 @@ vivanosports.com.br: did not receive HSTS header vivasports.com.br: could not connect to host vivocloud.com: could not connect to host vivoregularizafacil.com.br: did not receive HSTS header +vivoseg.com: did not receive HSTS header vivremoinscher.fr: did not receive HSTS header vizeat.com: did not receive HSTS header vkino.com: could not connect to host @@ -14353,31 +15458,39 @@ vkulagin.ru: could not connect to host vladimiroff.org: did not receive HSTS header vldkn.net: could not connect to host vleij.family: could not connect to host -vlogge.com: could not connect to host +vlogge.com: did not receive HSTS header vlzbazar.ru: could not connect to host +vmhydro.ru: could not connect to host vmrdev.com: could not connect to host vmstan.com: did not receive HSTS header +vmzone.de: could not connect to host +vndb.org: could not connect to host vocab.guru: could not connect to host +vocalsynth.space: could not connect to host voceinveste.com: did not receive HSTS header vogt.tech: could not connect to host voice-of-design.com: could not connect to host voicesuk.co.uk: did not receive HSTS header +void-it.nl: did not receive HSTS header voidark.com: did not receive HSTS header voidi.ca: could not connect to host voidserv.net: could not connect to host -voilo.club: did not receive HSTS header -voilodaisuki.club: did not receive HSTS header +voidshift.com: could not connect to host +voilo.club: could not connect to host +voilodaisuki.club: could not connect to host voipkb.com: did not receive HSTS header -voiro.club: did not receive HSTS header -voirodaisuki.club: did not receive HSTS header +voiro.club: could not connect to host +voirodaisuki.club: could not connect to host volatimer.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] volbyzive.cz: did not receive HSTS header volcain.io: could not connect to host volcrado.com: did not receive HSTS header volkden.com: could not connect to host -voltimax.com: could not connect to host +volkswurst.de: did not receive HSTS header +voltimax.com: did not receive HSTS header voltotc.com: did not receive HSTS header voluptueuse.com: did not receive HSTS header +volvipress.gr: did not receive HSTS header vonavy-cukor.sk: could not connect to host vonavycukor.sk: could not connect to host vonedelmann.de: did not receive HSTS header @@ -14387,13 +15500,16 @@ vooreenveiligthuis.nl: did not receive HSTS header voorjou.com: did not receive HSTS header vorangerie.com: could not connect to host vorderklier.de: could not connect to host +vorm2.com: did not receive HSTS header vortexhobbies.com: did not receive HSTS header vosjesweb.nl: could not connect to host +votercircle.com: did not receive HSTS header voterstartingpoint.uk: could not connect to host votresiteweb.ch: could not connect to host vow.vn: could not connect to host vowsy.club: did not receive HSTS header vox.vg: did not receive HSTS header +vozami.com: could not connect to host vpip.net: could not connect to host vpl.me: did not receive HSTS header vpn-byen.dk: did not receive HSTS header @@ -14416,13 +15532,19 @@ vrijstaandhuis-in-zuid-holland-kopen.nl: could not connect to host vrijstaandhuis-in-zuidplas-kopen.nl: could not connect to host vrijstaandhuis-in-zwartewaterland-kopen.nl: could not connect to host vrijstaandhuisverkopen.nl: could not connect to host +vrlaid.com: could not connect to host vrobert.fr: could not connect to host +vrtak-cz.net: could not connect to host vrzl.pro: could not connect to host +vsamsonov.com: could not connect to host vsc-don-stocksport.de: did not receive HSTS header +vsestiralnie.com: did not receive HSTS header vucdn.com: could not connect to host +vulnerabilities.io: could not connect to host vuosaarenmontessoritalo.fi: did not receive HSTS header vvl.me: did not receive HSTS header vwoforangeparts.com: could not connect to host +vwt-event.nl: could not connect to host vxapps.com: could not connect to host vxml.club: could not connect to host vynedmusic.com: could not connect to host @@ -14435,14 +15557,17 @@ w10club.com: could not connect to host w2gshop.com.br: could not connect to host w4.no: did not receive HSTS header w4a.fr: could not connect to host +w4b.in: could not connect to host w4xzr.top: could not connect to host w4xzr.xyz: could not connect to host w9rld.com: did not receive HSTS header wabifoggynuts.com: could not connect to host wachtwoordencheck.nl: could not connect to host +waelti.xxx: could not connect to host wafni.com: could not connect to host -wahhoi.net: did not receive HSTS header +wai-in.com: could not connect to host wait.moe: could not connect to host +waixingrenfuli.vip: could not connect to host waixingrenfuli7.vip: could not connect to host wakapp.de: could not connect to host wakened.net: did not receive HSTS header @@ -14452,6 +15577,7 @@ wallabag.it: did not receive HSTS header wallabag.org: did not receive HSTS header wallacequinn.co.uk: did not receive HSTS header wallet.google.com: did not receive HSTS header (error ignored - included regardless) +wallpapers.pub: could not connect to host wallsblog.dk: could not connect to host walnutgaming.co.uk: could not connect to host walterlynnmosley.com: did not receive HSTS header @@ -14468,10 +15594,13 @@ wangjiatun.com.tw: could not connect to host wangkezun.com: could not connect to host wangqiliang.xn--fiqs8s: could not connect to host wangql.cn: could not connect to host -wangyubao.cn: could not connect to host +wanquanojbk.com: did not receive HSTS header wantshow.com.br: did not receive HSTS header +wanybug.cn: could not connect to host +wanybug.com: could not connect to host wapjt.cn: could not connect to host -wapking.live: did not receive HSTS header +wapking.co: could not connect to host +wapking.live: could not connect to host wapt.fr: did not receive HSTS header warandpeace.xyz: could not connect to host warcraftjournal.org: could not connect to host @@ -14483,16 +15612,17 @@ warezaddict.com: could not connect to host warhistoryonline.com: did not receive HSTS header warlions.info: could not connect to host warped.com: did not receive HSTS header +warren.sh: could not connect to host warrencreative.com: did not receive HSTS header -warsentech.com: could not connect to host +warsentech.com: did not receive HSTS header warumsuchen.at: did not receive HSTS header wasatchconstables.com: did not receive HSTS header wasatchcrest.com: did not receive HSTS header wasfuereintheater.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] -wassim.is: could not connect to host +wassim.is: did not receive HSTS header watashi.bid: could not connect to host watchium.com: did not receive HSTS header -watchtv-online.pw: could not connect to host +watchtv-online.pw: max-age too low: 0 watchweasel.com: could not connect to host waterforlife.net.au: did not receive HSTS header waterpoint.com.br: could not connect to host @@ -14507,8 +15637,8 @@ waylee.net: did not receive HSTS header wbit.co.il: did not receive HSTS header wbut.ml: could not connect to host wdesk.com: did not receive HSTS header +wdmg.com.ua: max-age too low: 604800 wdt.io: did not receive HSTS header -we-bb.com: could not connect to host we.serveftp.net: could not connect to host wealthformyhealth.com: did not receive HSTS header wear2work.nl: could not connect to host @@ -14516,10 +15646,10 @@ wearedisneyland.com: did not receive HSTS header weareincognito.org: could not connect to host wearewithyou.org: could not connect to host weaverhairextensions.nl: could not connect to host +web-adminy.co.uk: did not receive HSTS header web-demarche.com: could not connect to host web-industry.fr: could not connect to host web-insider.net: did not receive HSTS header -web-mail.info: could not connect to host web-vision.de: did not receive HSTS header web4all.fr: did not receive HSTS header web4pro.fr: could not connect to host @@ -14533,7 +15663,7 @@ webbuzz.com.au: did not receive HSTS header webchat.domains: did not receive HSTS header webcreation.rocks: did not receive HSTS header webdesign-kronberg.de: did not receive HSTS header -webdesignssussex.co.uk: did not receive HSTS header +webdesignssussex.co.uk: could not connect to host webdev-quiz.de: did not receive HSTS header webdev.mobi: could not connect to host webdosh.com: did not receive HSTS header @@ -14548,13 +15678,14 @@ webhelyesarcu.hu: did not receive HSTS header webhosting4.net: did not receive HSTS header webhostingpros.ml: could not connect to host webies.ro: did not receive HSTS header +webless.com: could not connect to host webm.to: could not connect to host webmail.mayfirst.org: did not receive HSTS header webmaniabr.com: did not receive HSTS header webmarketingfestival.it: did not receive HSTS header webmixseo.com: did not receive HSTS header webnetmail4u.com: could not connect to host -webneuch.ch: did not receive HSTS header +webneuch.ch: could not connect to host webneuch.com: did not receive HSTS header webneuch.eu: did not receive HSTS header webneuch.fr: did not receive HSTS header @@ -14565,14 +15696,18 @@ webnosql.com: could not connect to host webperformance.ru: could not connect to host webproshosting.tk: could not connect to host webpublica.pt: could not connect to host +webqueens.com: could not connect to host +webreslist.com: could not connect to host websandbox.uk: could not connect to host +websectools.com: could not connect to host +webseo.de: did not receive HSTS header websitedesign.bg: did not receive HSTS header websitesabq.com: did not receive HSTS header websmartmedia.co.uk: did not receive HSTS header webspotter.nl: could not connect to host webstationservice.fr: could not connect to host webstellung.com: could not connect to host -webstory.xyz: did not receive HSTS header +webstory.xyz: could not connect to host webswitch.io: could not connect to host webtar.info: could not connect to host webtech.com.br: could not connect to host @@ -14582,14 +15717,15 @@ webthings.com.br: did not receive HSTS header webtiles.co.uk: could not connect to host webukhost.com: could not connect to host webuni.hu: did not receive HSTS header -webveloper.com: max-age too low: 0 +webveloper.com: did not receive HSTS header webwork.pw: could not connect to host webypass.xyz: could not connect to host webzanem.com: could not connect to host wecanfindit.co.za: could not connect to host +wedding-m.jp: did not receive HSTS header weddingenvelopes.co.uk: did not receive HSTS header weddingibiza.nl: could not connect to host -wedotrains.club: could not connect to host +wedotrains.club: did not receive HSTS header weebsr.us: could not connect to host weed.ren: could not connect to host weekly.fyi: could not connect to host @@ -14599,20 +15735,25 @@ weicn.org: did not receive HSTS header weightreviews.com: did not receive HSTS header weiji.ga: could not connect to host weiler.xyz: could not connect to host +weinhandel-preissler.de: could not connect to host +weirdserver.com: could not connect to host weiyuz.com: max-age too low: 6585555 weizenke.im: could not connect to host wejumall.com: could not connect to host wekibe.de: could not connect to host welby.cat: did not receive HSTS header -welches-kinderfahrrad.de: did not receive HSTS header +welches-kinderfahrrad.de: could not connect to host welkers.org: could not connect to host wellastore.ru: could not connect to host wellcomp.com.br: did not receive HSTS header +wellmarts.com: did not receive HSTS header wellness.so: could not connect to host wellopp.com: did not receive HSTS header wellproducedwines.com: did not receive HSTS header -wellsolveit.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] +wellsplasticsurgery.com: did not receive HSTS header +wellspringcamps.com: did not receive HSTS header welovejobs.com: did not receive HSTS header +welovemail.com: could not connect to host welpy.com: could not connect to host weltentreff.com: could not connect to host weltmeisterschaft.net: could not connect to host @@ -14620,7 +15761,8 @@ weme.eu: could not connect to host wendalyncheng.com: did not receive HSTS header wendigo.pl: could not connect to host wengebowuguan.com: could not connect to host -wenode.net: could not connect to host +wenode.net: did not receive HSTS header +wensing-und-koenig.de: could not connect to host wentu.ml: could not connect to host wenz.io: did not receive HSTS header wer.sh: could not connect to host @@ -14636,9 +15778,8 @@ wernerschaeffer.de: did not receive HSTS header wesayyesprogram.com: could not connect to host wesleyharris.ca: did not receive HSTS header wespeakgeek.co.za: could not connect to host -west-wind.net: did not receive HSTS header westcoastaggregate.com: could not connect to host -westendzone.com: max-age too low: 0 +westendzone.com: could not connect to host westerhoud.nl: did not receive HSTS header westlinwinds.com: could not connect to host westsussexconnecttosupport.org: could not connect to host @@ -14654,23 +15795,27 @@ wetthost.com: could not connect to host wetttipps.com: could not connect to host wetttipps.de: could not connect to host wevahoo.com: could not connect to host +wevg.org: could not connect to host wevolver.com: did not receive HSTS header wewillgo.com: could not connect to host wewillgo.org: did not receive HSTS header wewlad.me: could not connect to host +wezl.net: did not receive HSTS header wf-training-master.appspot.com: did not receive HSTS header (error ignored - included regardless) wftda.com: did not receive HSTS header wg-tools.de: could not connect to host +wgraphics.ru: could not connect to host whatisl.ovh: could not connect to host whats.io: could not connect to host whatsstalk.me: could not connect to host -whatsyouroffer.co.uk: could not connect to host +whatsyouroffer.co.uk: did not receive HSTS header when-release.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] when-release.ru: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] whereisjason.com: could not connect to host whereismyorigin.cf: could not connect to host -wherephoto.com: could not connect to host +wherephoto.com: did not receive HSTS header wheresben.today: could not connect to host +whexit.nl: could not connect to host whilsttraveling.com: could not connect to host whisker.network: could not connect to host whiskyglazen.nl: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] @@ -14679,13 +15824,15 @@ whitehat.id: did not receive HSTS header whiterabbit.org: did not receive HSTS header whiterabbitcakery.com: could not connect to host whiteroom.agency: did not receive HSTS header -whitestagforge.com: could not connect to host +whiteshadowimperium.com: could not connect to host +whitestagforge.com: did not receive HSTS header whoclicks.net: could not connect to host +whoisamitsingh.com: did not receive HSTS header whoisapi.online: could not connect to host wholebites.com: max-age too low: 7889238 -wholesomeharvestbread.com: max-age too low: 86400 wholikes.us: could not connect to host whoneedstobeprimaried.today: could not connect to host +whonix.org: did not receive HSTS header whoownsmyavailability.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] whoshotya.de: did not receive HSTS header whysuck.com: could not connect to host @@ -14695,13 +15842,14 @@ wibuw.com: could not connect to host widdleguy.com: did not receive HSTS header wideinfo.org: did not receive HSTS header widenews.org: did not receive HSTS header -wienerwichtelchallenge.at: could not connect to host +wienerwichtelchallenge.at: did not receive HSTS header wieninternational.at: did not receive HSTS header wificafehosting.com: did not receive HSTS header wifimapa.cz: could not connect to host wiiaam.com: could not connect to host wiiforum.no: did not receive HSTS header wiire.me: could not connect to host +wiki-play.ru: could not connect to host wikiclash.info: could not connect to host wikipeter.nl: did not receive HSTS header wikisports.eu: could not connect to host @@ -14716,6 +15864,7 @@ wilhelm-nathan.de: could not connect to host willcipriano.com: could not connect to host willeminfo.ch: did not receive HSTS header willemsjort.be: did not receive HSTS header +william.gg: could not connect to host william.si: did not receive HSTS header williamboundsltd.com: could not connect to host williamle.com: did not receive HSTS header @@ -14734,7 +15883,9 @@ winds.cf: could not connect to host windwoodmedia.com: could not connect to host windwoodweb.com: could not connect to host wine-importer.ru: could not connect to host +winebid.com: could not connect to host winecodeavocado.com: could not connect to host +wineworksonline.com: could not connect to host winfield.me.uk: did not receive HSTS header winfieldchen.me: did not receive HSTS header winged.io: did not receive HSTS header @@ -14747,12 +15898,14 @@ winsec.nl: could not connect to host winshiplending.com: could not connect to host winsufi.biz: could not connect to host wintercircle.co: max-age too low: 60 -wipc.net: could not connect to host +wipc.net: did not receive HSTS header wipply.com: could not connect to host wirbatz.org: did not receive HSTS header wirc.gr: could not connect to host +wiredcut.com: did not receive HSTS header wireless-emergency-stop.com: did not receive HSTS header -wirkaufendeinau.to: did not receive HSTS header +wiretrip.io: did not receive HSTS header +wirkaufendeinau.to: could not connect to host wisak.eu: could not connect to host wisdomize.me: could not connect to host wiseloan.com: did not receive HSTS header @@ -14763,7 +15916,7 @@ witae.com: could not connect to host withgoogle.com: did not receive HSTS header (error ignored - included regardless) withmy.beer: could not connect to host withoutacrystalball.com: did not receive HSTS header -withustrading.com: could not connect to host +withustrading.com: did not receive HSTS header withyoutube.com: did not receive HSTS header (error ignored - included regardless) wittcher.com: could not connect to host wittepapaver.nl: did not receive HSTS header @@ -14773,11 +15926,10 @@ witzemaschine.com: max-age too low: 0 wizardmeow.xin: could not connect to host wizardspire.com: did not receive HSTS header wizznab.tk: could not connect to host -wjglerum.nl: could not connect to host wk-cpm.com: could not connect to host -wk.is: could not connect to host wk577.com: could not connect to host wlzhiyin.cn: could not connect to host +wm-talk.net: could not connect to host wmawri.com: did not receive HSTS header wmcuk.net: did not receive HSTS header wmfinanz.com: could not connect to host @@ -14791,15 +15943,16 @@ wod-stavby.cz: could not connect to host wodice.com: could not connect to host wohnungsbau-ludwigsburg.de: did not receive HSTS header woima.fi: max-age too low: 604800 -wokeai.net: did not receive HSTS header +wokeai.net: could not connect to host +woktoss.com: could not connect to host wolfemg.com: could not connect to host wolfenland.net: did not receive HSTS header wolfesden.com: could not connect to host wolfram.io: could not connect to host +wolkenspeicher.org: could not connect to host wollekorb.de: could not connect to host womf.org: did not receive HSTS header womosale.de: could not connect to host -wonder.com.mx: max-age too low: 86400 wonderbooks.club: could not connect to host wonderfall.xyz: could not connect to host wonderhost.info: could not connect to host @@ -14808,6 +15961,7 @@ wondy.com: could not connect to host woodlandschurch.net: max-age too low: 43200 woodmafia.com.au: could not connect to host woodworkertip.com: did not receive HSTS header +woomai.net: did not receive HSTS header woomu.me: could not connect to host woording.com: could not connect to host wootton95.com: could not connect to host @@ -14818,33 +15972,33 @@ wordplay.one: could not connect to host wordpresspro.cl: did not receive HSTS header wordsofamaster.com: could not connect to host work-and-jockel.de: did not receive HSTS header -workemy.com: did not receive HSTS header +workemy.com: could not connect to host workfone.io: could not connect to host workpermit.com.vn: could not connect to host -workray.com: did not receive HSTS header worksofwyoming.org: did not receive HSTS header workwithgo.com: could not connect to host world-education-association.org: could not connect to host +worldchess.london: could not connect to host worldfree4.org: could not connect to host worldlist.org: could not connect to host worldpovertysolutions.org: did not receive HSTS header worldsbeststory.com: did not receive HSTS header worldwhisperer.net: could not connect to host wormholevpn.net: could not connect to host -worshapp.com: could not connect to host +worshapp.com: did not receive HSTS header +wow-foederation.de: could not connect to host wow-travel.eu: could not connect to host wowapi.org: could not connect to host wowinvasion.com: did not receive HSTS header wp-fastsearch.de: could not connect to host -wp-rescue.com.au: did not receive HSTS header +wp-rescue.com.au: could not connect to host wp-stack.pro: could not connect to host wp6.pw: could not connect to host wpblog.com.tw: could not connect to host wpcarer.pro: could not connect to host -wpcdn.bid: did not receive HSTS header wpcheck.io: could not connect to host wpcontrol.se: could not connect to host -wpdesigner.ir: did not receive HSTS header +wpdesigner.ir: could not connect to host wpfortify.com: could not connect to host wpg-inc.com: did not receive HSTS header wphelpwithhomework.tk: could not connect to host @@ -14867,13 +16021,14 @@ wrfu.co.nz: did not receive HSTS header wriedts.de: did not receive HSTS header wrightdoumawedding.com: could not connect to host writeapp.me: did not receive HSTS header +writing-expert.com: could not connect to host wrldevelopment.com: did not receive HSTS header wroffle.com: did not receive HSTS header wrwg.ca: could not connect to host -ws-meca.com: could not connect to host +ws-meca.com: did not receive HSTS header wsb-immo.at: could not connect to host wsdcap.com: could not connect to host -wsor.group: could not connect to host +wsor.group: did not receive HSTS header wss.com.ve: could not connect to host wsscompany.com.ve: could not connect to host wsup.social: could not connect to host @@ -14885,7 +16040,7 @@ wuchipc.com: could not connect to host wufupay.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] wuhengmin.com: could not connect to host wulpi.it: did not receive HSTS header -wumai-p.cn: could not connect to host +wumai.cloud: did not receive HSTS header wumbo.kiwi: could not connect to host wundtherapie-schulung.de: could not connect to host wurzelzwerg.net: could not connect to host @@ -14893,24 +16048,23 @@ wusx.club: could not connect to host wutianxian.com: did not receive HSTS header wvr-law.de: did not receive HSTS header wvw698.com: max-age too low: 2592000 -wwjd.dynu.net: could not connect to host www-001133.com: could not connect to host www-0385.com: could not connect to host -www-1116.com: did not receive HSTS header +www-1116.com: could not connect to host www-1117.com: could not connect to host www-38978.com: could not connect to host www-39988.com: did not receive HSTS header www-507.net: could not connect to host -www-62755.com: could not connect to host +www-62755.com: did not receive HSTS header www-68277.com: could not connect to host www-746.com: could not connect to host www-771122.com: did not receive HSTS header -www-8003.com: did not receive HSTS header +www-8003.com: could not connect to host www-88599.com: did not receive HSTS header www-8887999.com: could not connect to host -www-9995.com: did not receive HSTS header -www-djbet.com: did not receive HSTS header -www-jinshavip.com: did not receive HSTS header +www-9995.com: could not connect to host +www-djbet.com: could not connect to host +www-jinshavip.com: could not connect to host www.amazon.ca: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] www.amazon.co.jp: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] www.amazon.co.uk: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] @@ -14948,38 +16102,42 @@ www.zenpayroll.com: did not receive HSTS header www3.info: could not connect to host wxrlab.com: could not connect to host wxukang.cn: did not receive HSTS header +wxyz.buzz: could not connect to host wy6.org: did not receive HSTS header wybmabiity.com: could not connect to host wygluszanie.eu: could not connect to host wyu.cc: could not connect to host wyzphoto.nl: did not receive HSTS header wyzwaniemilosci.com: could not connect to host +x-iweb.ru: did not receive HSTS header x-pertservice.com: did not receive HSTS header x-power-detox.com: could not connect to host x-ripped-hd.com: could not connect to host +x1be.win: did not receive HSTS header x23.eu: did not receive HSTS header x2c0.net: did not receive HSTS header x2w.io: could not connect to host x3led.com: could not connect to host x509.pub: could not connect to host x509.pw: could not connect to host -x64architecture.com: could not connect to host -xa1.uk: could not connect to host -xanax.pro: could not connect to host +x69.biz: could not connect to host +x69x.net: could not connect to host xanderweaver.com: did not receive HSTS header xandocs.com: could not connect to host xat.re: did not receive HSTS header -xavierbarroso.com: could not connect to host +xavierbarroso.com: did not receive HSTS header xbc.nz: could not connect to host xbind.io: could not connect to host xchangeinfo.com: could not connect to host xchating.com: could not connect to host -xcler8.com: could not connect to host xcompany.one: could not connect to host xcoop.me: did not receive HSTS header +xd.fi: did not receive HSTS header xd.gov: did not receive HSTS header xdd.io: could not connect to host xdty.org: could not connect to host +xecure.zone: could not connect to host +xecureit.com: could not connect to host xehoivn.vn: could not connect to host xellos.ga: could not connect to host xellos.ml: could not connect to host @@ -14987,7 +16145,6 @@ xenesisziarovky.sk: could not connect to host xenosphere.tk: could not connect to host xeonlab.com: could not connect to host xeonlab.de: could not connect to host -xerownia.eu: could not connect to host xett.com: could not connect to host xfive.de: could not connect to host xg3n1us.de: did not receive HSTS header @@ -15001,11 +16158,13 @@ xiaolvmu.com: could not connect to host xiaolvmu.me: could not connect to host xiaomionline24.pl: could not connect to host xiaoxiao.im: could not connect to host -xiaxuejin.cn: did not receive HSTS header +xiaxuejin.cn: could not connect to host +xilegames.com: could not connect to host xiliant.com: did not receive HSTS header ximage.me: could not connect to host ximens.me: could not connect to host xinbiji.cn: could not connect to host +xinex.cz: could not connect to host xing.ml: could not connect to host xinghuokeji.xin: could not connect to host xingiahanvisa.net: did not receive HSTS header @@ -15017,6 +16176,7 @@ xivpn.com: could not connect to host xiyu.it: did not receive HSTS header xiyu.moe: did not receive HSTS header xjoi.net: could not connect to host +xjoin.de: could not connect to host xlaff.com: could not connect to host xlboo.com: did not receive HSTS header xlfblog.com: did not receive HSTS header @@ -15025,6 +16185,7 @@ xmiui.com: could not connect to host xmonk.org: did not receive HSTS header xmr.my: could not connect to host xn----7sbmucgqdbgwwc5e9b.xn--p1ai: could not connect to host +xn--3lqp21gwna.cn: could not connect to host xn--3lqp21gwna.xn--fiqs8s: could not connect to host xn--3lqp21gwna.xn--fiqz9s: could not connect to host xn--3lqt7ir4md4tzwa.cn: did not receive HSTS header @@ -15035,12 +16196,15 @@ xn--4dbjwf8c.ga: could not connect to host xn--4dbjwf8c.gq: could not connect to host xn--4dbjwf8c.ml: could not connect to host xn--4dbjwf8c.tk: could not connect to host +xn--68jub.pw: could not connect to host xn--6cv66l79sp0n0ibo7s9ne.xyz: did not receive HSTS header xn--7rvz7ku3ppnr.jp: could not connect to host xn--7v8h.cf: could not connect to host +xn--80aaagmgvmvmcuoq7r.xn--p1ai: did not receive HSTS header xn--80aaihqncaejjobbu6v.xn--p1ai: did not receive HSTS header xn--80ablh1c.online: could not connect to host xn--80ac0aqlt.xn--p1ai: could not connect to host +xn--80anogxed.xn--p1ai: could not connect to host xn--80aocgsfei.xn--p1ai: could not connect to host xn--88j2fy28hbxmnnf9zlw5buzd.com: did not receive HSTS header xn--8mr166hf6s.xn--fiqs8s: could not connect to host @@ -15073,6 +16237,7 @@ xn--lna-4000-9za.nu: could not connect to host xn--lnakuten-9za.com: did not receive HSTS header xn--ls8hi7a.tk: could not connect to host xn--maraa-rta.org: could not connect to host +xn--mensenges-o1a8c.gq: could not connect to host xn--mhringen-65a.de: did not receive HSTS header xn--milchaufschumer-test-lzb.de: could not connect to host xn--n8jubz39q0g0afpa985c.com: could not connect to host @@ -15084,6 +16249,7 @@ xn--pckqk6xk43lunk.net: could not connect to host xn--qckqc0nxbyc4cdb4527err7c.biz: did not receive HSTS header xn--qckyd1cu698a35zarib.xyz: could not connect to host xn--r77hya.ga: could not connect to host +xn--rlcus7b3d.xn--xkc2dl3a5ee0h: could not connect to host xn--rt-cja.eu: could not connect to host xn--sdkwa9azd389v01ya.com: did not receive HSTS header xn--srenpind-54a.dk: could not connect to host @@ -15110,24 +16276,29 @@ xn--yoamomisuasbcn-ynb.com: could not connect to host xn--zck9a4b352yuua.jp: did not receive HSTS header xng.io: did not receive HSTS header xobox.me: could not connect to host +xoda.pw: could not connect to host xoffy.com: did not receive HSTS header xom.party: could not connect to host xombra.com: could not connect to host xor-a.net: could not connect to host +xotika.tv: could not connect to host +xpenology-fr.net: could not connect to host xperiacodes.com: could not connect to host xpi.fr: could not connect to host +xpj.bet: did not receive HSTS header xpj.sx: could not connect to host xpressprint.com.br: max-age too low: 90 xpwn.cz: could not connect to host +xq55.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] xqin.net: could not connect to host xrp.pw: could not connect to host +xs74.com: did not receive HSTS header +xscancun.com: could not connect to host xscapers.com: did not receive HSTS header -xserownia.com.pl: could not connect to host -xserownia.eu: could not connect to host -xserownia.pl: could not connect to host xsstime.nl: could not connect to host xsyds.cn: did not receive HSTS header xt.om: did not receive HSTS header +xtenz.xyz: could not connect to host xtom.email: could not connect to host xtream-hosting.com: did not receive HSTS header xtream-hosting.de: could not connect to host @@ -15136,12 +16307,14 @@ xtreamhosting.eu: could not connect to host xtrim.ru: did not receive HSTS header xtzone.be: could not connect to host xuexb.com: did not receive HSTS header +xujan.com: could not connect to host xuntaosms.com: could not connect to host xupeng.me: could not connect to host xuyh0120.win: did not receive HSTS header xwalck.se: could not connect to host -xx0r.eu: could not connect to host xxbase.com: did not receive HSTS header +xxx3dbdsm.com: could not connect to host +xxxladyboysporn.com: could not connect to host xy1919.com: could not connect to host xy6161.com: could not connect to host xy6262.com: could not connect to host @@ -15152,10 +16325,12 @@ xy7373.com: could not connect to host xyndrac.net: max-age too low: 2592000 xynex.us: could not connect to host xynta.ch: could not connect to host +xzoneadventure.com: did not receive HSTS header y-o-w.com: did not receive HSTS header y-s.pw: could not connect to host y3451.com: could not connect to host yaay.com.br: could not connect to host +yabrt.cn: could not connect to host yaccin.com: could not connect to host yachts-magazine.com: did not receive HSTS header yagi2.com: did not receive HSTS header @@ -15164,12 +16339,13 @@ yalla.jp: did not receive HSTS header yamamo10.com: could not connect to host yameveo.com: did not receive HSTS header yanwh.xyz: did not receive HSTS header -yaoidreams.com: did not receive HSTS header -yaporn.tv: did not receive HSTS header +yaoidreams.com: could not connect to host +yaporn.tv: could not connect to host yarchives.jp: could not connect to host yard-fu.com: could not connect to host yardbird.us: could not connect to host yarnhookup.com: did not receive HSTS header +yarogneva.ru: could not connect to host yasinaydin.net: did not receive HSTS header yasutomonodokoiko.com: did not receive HSTS header yaucy.win: could not connect to host @@ -15182,8 +16358,9 @@ ydy.jp: could not connect to host yecl.net: did not receive HSTS header yello.website: could not connect to host yellowcar.website: could not connect to host -yemalu.com: did not receive HSTS header +yemalu.com: could not connect to host yemekbaz.az: could not connect to host +yennhi.co: could not connect to host yenniferallulli.com: could not connect to host yenniferallulli.de: could not connect to host yenniferallulli.es: did not receive HSTS header @@ -15192,13 +16369,14 @@ yenniferallulli.nl: could not connect to host yepbitcoin.com: could not connect to host yesdevnull.net: did not receive HSTS header yesfone.com.br: could not connect to host +yeshu.org: did not receive HSTS header yestees.com: did not receive HSTS header -yeswecan.co.bw: did not receive HSTS header yetcore.io: could not connect to host yetishirt.com: could not connect to host yffengshi.ml: could not connect to host ygcdyf.com: did not receive HSTS header yggdar.ga: could not connect to host +yh35.net: max-age too low: 86400 yhori.xyz: could not connect to host yibaoweilong.top: could not connect to host yibin0831.com: could not connect to host @@ -15213,6 +16391,7 @@ yinhe12.net: did not receive HSTS header yippie.nl: could not connect to host yizhu.com: could not connect to host yjsoft.me: could not connect to host +ylilauta.org: could not connect to host ylk.io: could not connect to host ynode.co: did not receive HSTS header ynsn.nl: could not connect to host @@ -15229,62 +16408,75 @@ yoimise.net: did not receive HSTS header yoiyado.info: did not receive HSTS header yokeepo.com: could not connect to host yolo-csgo.com: could not connect to host -yolocelebs.com: did not receive HSTS header +yolocelebs.com: could not connect to host yoloprod.fr: could not connect to host yoloseo.com: could not connect to host yomena.in: could not connect to host yomepre.com: could not connect to host yopers.com: did not receive HSTS header yorkshireterrier.com.br: could not connect to host +yorname.ml: could not connect to host yoru.me: could not connect to host -yoticonnections.com: could not connect to host yotilabs.com: could not connect to host youcaitian.com: did not receive HSTS header youcancraft.de: could not connect to host youcanfuckoff.xyz: could not connect to host +youcanmakeit.at: could not connect to host youcontrol.ru: could not connect to host +youdowell.com: could not connect to host youfencun.com: did not receive HSTS header +youjizz.bz: could not connect to host +youlend.com: did not receive HSTS header youlog.net: could not connect to host youngandunited.nl: did not receive HSTS header +youngdogs.org: could not connect to host younl.net: could not connect to host youon.tokyo: did not receive HSTS header yourbapp.ch: could not connect to host -yourcomputer.expert: did not receive HSTS header yourgame.co.il: did not receive HSTS header youri.me: could not connect to host yourlovesong.com.mx: could not connect to host +yourname.xyz: could not connect to host yoursbookstore.jp: max-age too low: 0 yoursecondphone.co: could not connect to host yourself.today: could not connect to host yourstrongbox.com: could not connect to host +yourtrainingsolutions.com: did not receive HSTS header youruseragent.info: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] yourznc.com: could not connect to host yousite.by: could not connect to host youth2009.org: did not receive HSTS header youtube: could not connect to host youtubeviews.ml: could not connect to host -youyoulemon.com: could not connect to host +youwatchporn.com: could not connect to host ypcs.fi: did not receive HSTS header +yqjf68.com: could not connect to host yryz.net: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] +ysicing.net: could not connect to host +yslbeauty.com: did not receive HSTS header +yspeo.com: max-age too low: 2592000 ytcuber.xyz: could not connect to host ythyth.com: max-age too low: 2592000 ytvwld.de: did not receive HSTS header yu7.jp: did not receive HSTS header +yuanbenlian.com: did not receive HSTS header yudan.com.br: could not connect to host yude.ml: could not connect to host yue2.net: did not receive HSTS header +yuema.net.cn: could not connect to host yufan.me: did not receive HSTS header yugege.cf: could not connect to host yuhen.ru: did not receive HSTS header -yuhuo.org: could not connect to host yui.cat: did not receive HSTS header -yukijinji.moe: could not connect to host +yukijinji.moe: did not receive HSTS header yukiminami.net: could not connect to host yuko.moe: could not connect to host yukonrefugees.com: could not connect to host yum.beer: could not connect to host yum0.cn: could not connect to host +yumli.net: could not connect to host yummyfamilyrecipes.com: could not connect to host +yummylooks.com: did not receive HSTS header yuna.love: could not connect to host yuna.tg: could not connect to host yunpan.blue: could not connect to host @@ -15294,24 +16486,27 @@ yunzhu.org: could not connect to host yuppi.tv: max-age too low: 43200 yurinet.org: could not connect to host yuriykuzmin.com: did not receive HSTS header -yusu.org: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] yutabon.com: could not connect to host -yutang.vn: could not connect to host yuushou.com: could not connect to host yux.fr: could not connect to host yux.io: did not receive HSTS header yuzu.tk: did not receive HSTS header ywei.org: could not connect to host ywyz.tech: could not connect to host -yzcloud.me: could not connect to host z-coder.com: could not connect to host z0rro.net: could not connect to host +z33.ch: did not receive HSTS header +z33.co: could not connect to host z3liff.com: could not connect to host z3liff.net: could not connect to host zacharopoulos.me: could not connect to host zachbolinger.com: could not connect to host +zachgibbens.org: could not connect to host +zachpeters.org: could not connect to host zadieheimlich.com: did not receive HSTS header zaem.tv: could not connect to host +zahnarzt-hofer.de: could not connect to host +zahnarzt-muenich.de: could not connect to host zahnrechner-staging.azurewebsites.net: could not connect to host zahyantechnologies.com: did not receive HSTS header zaidan.de: could not connect to host @@ -15329,7 +16524,8 @@ zaneweb.org: could not connect to host zao.fi: could not connect to host zaoext.com: could not connect to host zaoshanghao-dajia.rhcloud.com: could not connect to host -zap.yt: did not receive HSTS header +zap.yt: could not connect to host +zapatoshechoamano.pe: did not receive HSTS header zargaripour.com: did not receive HSTS header zarooba.com: could not connect to host zavca.com: did not receive HSTS header @@ -15342,6 +16538,7 @@ zdravotnickasluzba.eu: could not connect to host zdrowiepaleo.pl: did not receive HSTS header zdx.ch: max-age too low: 0 zeb.fun: could not connect to host +zebibyte.cn: could not connect to host zebrababy.cn: could not connect to host zebry.nl: did not receive HSTS header zecrypto.com: could not connect to host @@ -15353,42 +16550,47 @@ zehntner.ch: max-age too low: 3600 zeitzer-turngala.de: could not connect to host zelfmoord.ga: could not connect to host zelfstandigemakelaars.net: could not connect to host -zellari.ru: did not receive HSTS header +zellari.ru: could not connect to host zeloz.xyz: could not connect to host +zengdong.ren: did not receive HSTS header zenghx.tk: could not connect to host -zenhaiku.com: did not receive HSTS header +zenhaiku.com: could not connect to host zeno-system.com: did not receive HSTS header zenpayroll.com: did not receive HSTS header -zenti.cloud: did not receive HSTS header zentience.dk: did not receive HSTS header zentience.net: did not receive HSTS header zentience.org: did not receive HSTS header +zentiweb.nl: did not receive HSTS header zentraler-kreditausschuss.de: did not receive HSTS header zentralwolke.de: did not receive HSTS header zenvite.com: could not connect to host zenwears.com: could not connect to host zenycosta.com: could not connect to host zepect.com: did not receive HSTS header -zera.com.au: max-age too low: 0 +zera.com.au: could not connect to host zerekin.net: did not receive HSTS header zero-sum.xyz: could not connect to host zero-x-baadf00d.com: could not connect to host zerocool.io: could not connect to host zeroday.sk: did not receive HSTS header zerofox.gq: could not connect to host +zerolab.org: could not connect to host zeroling.com: could not connect to host zeroml.ml: could not connect to host zerosource.net: could not connect to host zerudi.com: did not receive HSTS header zetadisseny.es: did not receive HSTS header zeto365.pl: did not receive HSTS header +zetrov.pl: did not receive HSTS header zett4.me: max-age too low: 172800 zeug.co: could not connect to host -zewtie.com: did not receive HSTS header +zewtie.com: could not connect to host zeytin.pro: could not connect to host +zfo.gg: could not connect to host zgan.ga: could not connect to host zh1.li: could not connect to host zhang.wtf: could not connect to host +zhangcheng.org: did not receive HSTS header zhangruilin.com: did not receive HSTS header zhangsir.net: could not connect to host zhaochen.xyz: could not connect to host @@ -15398,15 +16600,21 @@ zhengouwu.com: could not connect to host zhenmeish.com: could not connect to host zhh.in: could not connect to host zhihua-lai.com: did not receive HSTS header -zhiin.net: did not receive HSTS header +zhiin.net: could not connect to host zhikin.com: could not connect to host zhimajk.com: could not connect to host +zhome.info: could not connect to host zhoujiashu.com: could not connect to host +zhuji.com: could not connect to host +zhuji.com.cn: could not connect to host +zhuji5.com: could not connect to host zhujicaihong.com: could not connect to host +zhuweiyou.com: did not receive HSTS header zi0r.com: did not receive HSTS header zian.online: could not connect to host zicklam.com: could not connect to host zigcore.com.br: could not connect to host +zii.bz: could not connect to host zikirakhirzaman.com: could not connect to host zinc-x.com: did not receive HSTS header zinenapse.info: could not connect to host @@ -15416,13 +16624,16 @@ zirtue.io: could not connect to host zivagold.com: did not receive HSTS header zivver.com: could not connect to host zivy-ruzenec.cz: could not connect to host +zixo.sk: could not connect to host ziyuanabc.xyz: could not connect to host +ziz.exchange: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] zizoo.com: did not receive HSTS header zju.tv: could not connect to host zjubtv.com: could not connect to host zjutv.com: could not connect to host zkillboard.com: did not receive HSTS header zking.ga: could not connect to host +zlc1994.com: did not receive HSTS header zlcp.com: could not connect to host zmsastro.co.za: could not connect to host zmscable.com: did not receive HSTS header @@ -15435,44 +16646,51 @@ zoe.vc: could not connect to host zohar.link: could not connect to host zohar.shop: could not connect to host zokster.net: could not connect to host -zollihood.ch: did not receive HSTS header zolotoy-standart.com.ua: did not receive HSTS header +zombiesecured.com: could not connect to host zomiac.pp.ua: could not connect to host zonadebolsa.es: did not receive HSTS header +zone403.net: could not connect to host zoneminder.com: did not receive HSTS header zoners.si: did not receive HSTS header -zonesec.org: could not connect to host zonky.io: could not connect to host +zoo.city: could not connect to host zoo24.de: did not receive HSTS header zoofaeth.de: did not receive HSTS header +zoofit.com.au: did not receive HSTS header zoological-gardens.eu: could not connect to host zoomingin.net: max-age too low: 5184000 zoommailing.com: did not receive HSTS header zoorigin.com: did not receive HSTS header +zooxdata.com: could not connect to host zortium.report: could not connect to host zorz.info: could not connect to host -zotero.org: did not receive HSTS header zoznamrealit.sk: did not receive HSTS header +zpy.fun: could not connect to host zq789.com: could not connect to host zqhong.com: could not connect to host zqjs.tk: could not connect to host +zqwqz.com: could not connect to host zrn.in: did not receive HSTS header ztan.tk: could not connect to host ztcaoll222.cn: could not connect to host ztytian.com: could not connect to host +zuan-in.com: could not connect to host zuckerfloh.de: did not receive HSTS header zudomc.me: could not connect to host zuehlcke.de: could not connect to host zukix.com: could not connect to host zulu7.com: did not receive HSTS header -zumazar.ru: could not connect to host zunftmarke.de: did not receive HSTS header zutsu-raku.com: did not receive HSTS header zuviel.space: could not connect to host +zvejonys.lt: did not receive HSTS header zvncloud.com: did not receive HSTS header zvz.im: could not connect to host -zwembadheeten.nl: could not connect to host -zxity.co.uk: did not receive HSTS header +zwembadheeten.nl: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]" nsresult: "0x80004005 (NS_ERROR_FAILURE)" location: "JS frame :: /home/trava90/REPO/UXP/security/manager/tools/getHSTSPreloadList.js :: processStsHeader :: line 131" data: no] +zx1168.com: could not connect to host +zx2268.com: could not connect to host +zxity.co.uk: could not connect to host zxity.ltd: could not connect to host zxity.uk: could not connect to host zyf.pw: could not connect to host @@ -15484,5 +16702,4 @@ zyso.org: could not connect to host zzb510.com: could not connect to host zzb6688.com: could not connect to host zzb8899.com: could not connect to host -zzpd.nl: did not receive HSTS header zzw.ca: could not connect to host diff --git a/security/manager/ssl/nsSTSPreloadList.inc b/security/manager/ssl/nsSTSPreloadList.inc index 85f33eb03..36a933f71 100644 --- a/security/manager/ssl/nsSTSPreloadList.inc +++ b/security/manager/ssl/nsSTSPreloadList.inc @@ -8,7 +8,7 @@ /*****************************************************************************/ #include <stdint.h> -const PRTime gPreloadListExpirationTime = INT64_C(1542710641724000); +const PRTime gPreloadListExpirationTime = INT64_C(1546247908476000); class nsSTSPreload { @@ -18,8 +18,6 @@ class nsSTSPreload }; static const nsSTSPreload kSTSPreloadList[] = { - { "0.me.uk", true }, - { "0005pay.com", true }, { "00100010.net", true }, { "0010100.net", true }, { "00120012.net", true }, @@ -35,7 +33,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "00660066.net", true }, { "00770077.net", true }, { "00778899.com", true }, - { "00880088.net", true }, + { "0086286.com", true }, { "00990099.net", true }, { "00dani.me", true }, { "00f.net", true }, @@ -50,7 +48,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "01electronica.com.ar", true }, { "01seguridad.com.ar", true }, { "01smh.com", true }, - { "0222.mg", true }, { "022367.com", true }, { "022379.com", true }, { "022391.com", true }, @@ -65,6 +62,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "02327.net", true }, { "02375.net", true }, { "023sec.com", true }, + { "02607.com", true }, { "026122.com", true }, { "02638.net", true }, { "028718.com", true }, @@ -121,6 +119,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "083965.com", true }, { "083967.com", true }, { "086628.com", true }, + { "09115.com", true }, { "0916app.com", true }, { "09892.net", true }, { "0au.de", true }, @@ -137,11 +136,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "0wx.org", true }, { "0x.cx", true }, { "0x.sk", true }, + { "0x0.cloud", true }, { "0x0.li", true }, { "0x00ff00ff.com", true }, { "0x17.de", true }, { "0x52.net", true }, - { "0x5f3759df.cf", true }, { "0x7d.com", true }, { "0x7fffffff.net", true }, { "0x90.io", true }, @@ -157,10 +156,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "0yen.org", true }, { "1-2-3bounce.co.uk", true }, { "100-downloads.com", true }, - { "10000v.ru", true }, { "1000minds.com", true }, - { "1000serien.com", false }, - { "1001firms.com", true }, { "1001kerstpakketten.com", false }, { "1001mv.com", true }, { "10086.nl", true }, @@ -194,7 +190,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "10v2.com", true }, { "1100.so", true }, { "110110110.net", true }, - { "1116pay.com", true }, { "112112112.net", true }, { "112app.nl", true }, { "112hz.com", true }, @@ -217,21 +212,18 @@ static const nsSTSPreload kSTSPreloadList[] = { { "123bearing.co.uk", true }, { "123bearing.com", true }, { "123bearing.eu", true }, - { "123comparer.fr", false }, - { "123djdrop.com", true }, { "123midterm.com", true }, + { "123opstalverzekeringen.nl", true }, { "123pay.ir", false }, { "123plons.nl", true }, { "123roulement.be", true }, { "123roulement.com", true }, - { "123termpapers.com", true }, { "123test.com", true }, { "123test.nl", true }, { "123writings.com", true }, { "124133.com", true }, { "124633.com", true }, { "125m125.de", true }, - { "1288fc.com", true }, { "12photos.eu", true }, { "12thmanrising.com", true }, { "12vpn.net", true }, @@ -241,7 +233,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "13318522.com", true }, { "1391kj.com", true }, { "1395kj.com", true }, - { "1396.net", true }, { "13th-dover.uk", true }, { "143533.com", true }, { "143633.com", true }, @@ -269,7 +260,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "149733.com", true }, { "14it.de", true }, { "14x3.de", true }, - { "15-10.com", true }, { "1511774230.rsc.cdn77.org", true }, { "152433.com", true }, { "154233.com", true }, @@ -278,20 +268,19 @@ static const nsSTSPreload kSTSPreloadList[] = { { "156433.com", true }, { "1590284872.rsc.cdn77.org", true }, { "1600esplanade.com", true }, - { "160887.com", true }, { "1644091933.rsc.cdn77.org", true }, { "1661237.com", true }, { "166166.com", true }, { "1689886.com", true }, { "168bo9.com", true }, { "168bo9.net", true }, - { "168esb.com", true }, + { "16book.org", true }, { "1750studios.com", false }, { "17hats.com", true }, { "1811559.com", true }, { "1844329061.rsc.cdn77.org", true }, { "1876996.com", true }, - { "18888msc.com", true }, + { "188da.com", true }, { "188dv.com", true }, { "189dv.com", true }, { "189fc.com", true }, @@ -316,14 +305,15 @@ static const nsSTSPreload kSTSPreloadList[] = { { "1cover.com.au", true }, { "1e9.nl", true }, { "1f123.net", true }, + { "1fach-digital.de", true }, { "1hourproofreading.com", true }, { "1it.click", true }, - { "1item.co.il", true }, { "1js.de", true }, { "1kando.com", false }, { "1km.ro", true }, { "1kmi.co", true }, { "1ll.uk", true }, + { "1lord1faith.com", true }, { "1m.duckdns.org", true }, { "1montre.fr", true }, { "1morebounce.co.uk", true }, @@ -333,7 +323,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "1on1on1.tv", true }, { "1panorama.ru", true }, { "1para.net", true }, + { "1password.ca", true }, { "1password.com", true }, + { "1password.eu", true }, { "1px.tv", true }, { "1r.is", true }, { "1rs.nl", true }, @@ -346,13 +338,12 @@ static const nsSTSPreload kSTSPreloadList[] = { { "1stclassbouncycastles.co.uk", true }, { "1stforfun.co.uk", true }, { "1stpeninsulabouncers.co.uk", true }, - { "1ststop.co.uk", true }, - { "1upinternet.com", true }, { "1volcano.ru", true }, { "1whw.co.uk", true }, { "1wirelog.de", true }, { "1wl.uk", true }, { "2.wtf", true }, + { "200.network", true }, { "200fcw.com", true }, { "2018.wales", true }, { "2048-spiel.de", true }, @@ -371,40 +362,46 @@ static const nsSTSPreload kSTSPreloadList[] = { { "2333blog.com", true }, { "233abc.com", true }, { "233blog.com", true }, - { "233ss.net", true }, + { "233boy.com", true }, { "233vps.com", true }, { "24-7.jp", true }, { "245meadowvistaway.com", true }, { "246060.ru", true }, - { "247a.co.uk", true }, { "247exchange.com", true }, { "247healthshop.com", true }, { "247medplan.com", true }, { "24dian30.com", true }, + { "24hour-locksmithsanantonio.com", true }, + { "24hourlocksmithbaltimore.com", true }, + { "24hourlocksmithdallastx.com", true }, { "24hoursanantoniolocksmiths.com", true }, { "24hourscienceprojects.com", true }, { "24ip.com", true }, { "24ip.de", true }, { "24ip.fr", true }, { "24timeravis.dk", true }, + { "24zpravy.cz", true }, + { "2566335.xyz", true }, { "256pages.com", false }, { "258da.com", true }, { "25reinyan25.net", true }, { "2600edinburgh.org", true }, { "2600hq.com", true }, - { "260887.com", true }, { "263.info", true }, { "27728522.com", true }, { "28-industries.com", true }, { "281180.de", true }, { "2858958.com", true }, + { "286.com", true }, { "288da.com", true }, { "28peaks.com", true }, { "28spots.net", true }, { "2912.nl", true }, { "2948.ca", true }, + { "297computers.com", true }, { "298da.com", true }, { "2991236.com", true }, + { "2au.ru", true }, { "2bas.nl", true }, { "2bcompany.ch", true }, { "2bis10.de", true }, @@ -420,7 +417,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "2cv-fahrer.de", true }, { "2fm.ie", true }, { "2fraud.pro", true }, - { "2gen.com", true }, { "2heartsbookings.co.uk", true }, { "2hypeenterprises.com", true }, { "2kgwf.fi", true }, @@ -456,6 +452,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "314122.com", true }, { "314322.com", true }, { "314522.com", true }, + { "314553.com", true }, { "314622.com", true }, { "314633.com", true }, { "314922.com", true }, @@ -464,7 +461,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "319422.com", true }, { "319k3.com", true }, { "31klabs.com", true }, - { "31tv.ru", true }, { "320281.net", true }, { "321live.nl", true }, { "324022.com", true }, @@ -526,7 +522,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "349233.com", true }, { "349433.com", true }, { "349533.com", true }, - { "34oztonic.eu", true }, { "350422.com", true }, { "354022.com", true }, { "354133.com", true }, @@ -537,7 +532,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "354933.com", true }, { "356433.com", true }, { "360live.fr", true }, + { "360rail.nl", true }, { "360woodworking.com", true }, + { "364553.com", true }, { "365365.com", true }, { "365daysreview.com", true }, { "365healthworld.com", true }, @@ -551,8 +548,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "3778vip.com", true }, { "379700.com", true }, { "380422.com", true }, - { "38888msc.com", true }, - { "38blog.com", true }, + { "388da.com", true }, { "390422.com", true }, { "392422.com", true }, { "393335.ml", true }, @@ -561,11 +557,13 @@ static const nsSTSPreload kSTSPreloadList[] = { { "394122.com", true }, { "394322.com", true }, { "394522.com", true }, + { "394553.com", true }, { "394622.com", true }, { "394922.com", true }, { "396422.com", true }, { "398.info", true }, { "39sihu.com", false }, + { "3aandl.com", true }, { "3ags.de", true }, { "3amtoolbox.se", true }, { "3ank.in", true }, @@ -576,6 +574,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "3circlefunding.ch", true }, { "3countiescastlehire.co.uk", true }, { "3cs.ch", true }, + { "3deeplearner.com", true }, { "3djuegos.com", true }, { "3dmedium.de", true }, { "3dmusiclab.nl", true }, @@ -584,8 +583,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "3drenaline.com", true }, { "3haeuserprojekt.org", true }, { "3haueserprojekt.org", true }, + { "3hl0.net", true }, + { "3ik.us", true }, { "3james.com", true }, { "3logic.ru", true }, + { "3lot.ru", true }, { "3n5b.com", true }, { "3os.ooo", true }, { "3phase.pw", true }, @@ -612,7 +614,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "3typen.tv", true }, { "3v4l.org", true }, { "3weekdietworks.com", true }, - { "3xx.link", true }, { "4-1-where.com", true }, { "4-it.de", true }, { "40-grad.de", true }, @@ -627,42 +628,29 @@ static const nsSTSPreload kSTSPreloadList[] = { { "411film.com", true }, { "411movie.com", true }, { "414553.com", true }, + { "41studio.com", true }, { "41where.com", true }, { "420java.com", true }, - { "4237.com", true }, { "42day.info", true }, - { "42entrepreneurs.fr", true }, { "439050.com", true }, - { "440887.com", true }, { "441jj.com", false }, - { "442887.com", true }, - { "443887.com", true }, { "4444yh.com", true }, - { "444887.com", true }, - { "445887.com", true }, { "448da.com", true }, { "44scc.com", true }, - { "44sec.com", true }, - { "4500.co.il", true }, { "451.ooo", true }, { "4553s.com", true }, { "4553vip.com", true }, - { "4706666.com", true }, - { "4716666.com", true }, - { "4726666.com", true }, { "4736666.com", true }, - { "4756666.com", true }, - { "4786666.com", true }, - { "478933.com", true }, { "47essays.com", true }, { "491mhz.net", true }, { "49889.com", true }, - { "4997777.com", true }, { "49dollaridahoregisteredagent.com", true }, + { "4c-haircare.com", true }, { "4decor.org", true }, { "4everproxy.com", true }, { "4eyes.ch", true }, { "4fit.ro", true }, + { "4flex.info", true }, { "4freepress.com", true }, { "4g-server.eu", false }, { "4garage.com.br", true }, @@ -682,6 +670,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "4x.fi", true }, { "4x4.lk", true }, { "4xlabs.co", true }, + { "50.pe", true }, { "500a500.com", true }, { "500b500.com", true }, { "500c500.com", true }, @@ -715,6 +704,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "504922.com", true }, { "506422.com", true }, { "506pay.com", true }, + { "508088.com", true }, { "50lakeshore.com", true }, { "50ma.xyz", true }, { "50north.de", true }, @@ -734,8 +724,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "524622.com", true }, { "524922.com", true }, { "525.info", true }, - { "52b9.com", true }, - { "52b9.net", true }, + { "52hentai.ml", true }, { "52kb365.com", true }, { "52ncp.net", true }, { "52sykb.com", true }, @@ -756,19 +745,18 @@ static const nsSTSPreload kSTSPreloadList[] = { { "541622.com", true }, { "541722.com", true }, { "541922.com", true }, - { "5432.cc", true }, { "545922.com", true }, { "546802.com", true }, { "54below.com", true }, { "5518k3.com", true }, { "5533445.com", true }, { "5555yh.com", true }, + { "55797.com", true }, { "558da.com", true }, { "55bt.cc", true }, { "55scc.com", true }, { "576422.com", true }, { "579422.com", true }, - { "57he.com", true }, { "57wilkie.net", true }, { "583422.com", true }, { "585422.com", true }, @@ -786,13 +774,13 @@ static const nsSTSPreload kSTSPreloadList[] = { { "5997891.com", true }, { "5apps.com", true }, { "5c1fd0f31022cbc40af9f785847baaf9.space", true }, - { "5chat.it", true }, { "5crowd.com", true }, { "5dm.tv", true }, { "5ece.de", true }, { "5francs.com", true }, { "5gb.space", true }, { "5kraceforals.com", true }, + { "5percentperweek.com", true }, { "5starbouncycastlehire.co.uk", true }, { "5thchichesterscouts.org.uk", true }, { "5w5.la", true }, @@ -863,7 +851,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "64970.com", true }, { "649722.com", true }, { "649822.com", true }, - { "64bitgaming.de", true }, + { "64bitservers.net", true }, { "651422.com", true }, { "652422.com", true }, { "6541166.com", true }, @@ -879,7 +867,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "6547766.com", true }, { "6548855.com", true }, { "6548877.com", true }, + { "656088.com", true }, { "659422.com", true }, + { "66136.com", true }, { "6616fc.com", true }, { "66205.net", true }, { "6633445.com", true }, @@ -888,8 +878,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "6664553.com", true }, { "666668722.com", true }, { "6666yh.com", true }, - { "6677.us", true }, - { "668da.com", true }, + { "666omg.com", true }, { "670422.com", true }, { "671422.com", true }, { "672422.com", true }, @@ -899,7 +888,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "679422.com", true }, { "680422.com", true }, { "686848.com", true }, - { "688da.com", true }, { "690422.com", true }, { "691422.com", true }, { "692422.com", true }, @@ -917,11 +905,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "6pm.com", true }, { "6t-montjoye.org", true }, { "6w6.la", true }, - { "6z3.net", true }, { "700.az", true }, { "704233.com", true }, { "704533.com", true }, - { "7045h.com", true }, { "704633.com", true }, { "712433.com", true }, { "713433.com", true }, @@ -942,25 +928,26 @@ static const nsSTSPreload kSTSPreloadList[] = { { "736433.com", true }, { "738433.com", true }, { "739433.com", true }, - { "73info.com", true }, { "740833.com", true }, { "741833.com", true }, { "742833.com", true }, { "743833.com", true }, { "74th.jp", true }, + { "755k3.com", true }, + { "7570.com", true }, { "762.ch", true }, - { "771122.tv", true }, { "7717a.com", true }, { "772244.net", true }, { "7733445.com", true }, { "7777yh.com", true }, { "777coin.com", true }, { "778da.com", true }, + { "783lab.com", true }, + { "787k3.com", true }, { "7885765.com", true }, { "788da.com", true }, { "7891553.com", true }, { "7891997.com", true }, - { "789zr.com", true }, { "7careconnect.com", true }, { "7delights.com", true }, { "7delights.in", true }, @@ -968,12 +955,12 @@ static const nsSTSPreload kSTSPreloadList[] = { { "7graus.pt", true }, { "7kicks.com", true }, { "7kovrikov.ru", true }, - { "7nw.eu", true }, { "7proxies.com", true }, { "7sons.de", true }, { "7thcircledesigns.com", true }, { "7trade8.com", true }, { "7x24servis.com", true }, + { "80036.com", true }, { "804322.com", true }, { "809422.com", true }, { "80993.net", true }, @@ -988,13 +975,13 @@ static const nsSTSPreload kSTSPreloadList[] = { { "8522top.com", true }, { "8522tw.com", true }, { "8522usa.com", true }, + { "86286286.com", true }, { "86499.com", true }, { "8649955.com", true }, { "8649966.com", true }, { "8649977.com", true }, { "8688fc.com", true }, { "86metro.ru", true }, - { "8722.com", true }, { "8722am.com", true }, { "8722cn.com", true }, { "8722hk.com", true }, @@ -1004,7 +991,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "8818k3.com", true }, { "8833445.com", true }, { "88522am.com", true }, - { "887.ag", true }, { "888888722.com", true }, { "88889822.com", true }, { "8888esb.com", true }, @@ -1020,41 +1006,42 @@ static const nsSTSPreload kSTSPreloadList[] = { { "8917818.net", true }, { "8951889.com", true }, { "8951889.net", true }, - { "8989k3.com", true }, { "8992088.com", true }, { "8992088.net", true }, { "8ack.de", true }, { "8ackprotect.com", true }, { "8da188.com", true }, { "8da2017.com", true }, - { "8da2018.com", true }, + { "8da222.com", true }, { "8da88.com", true }, { "8da999.com", true }, + { "8dabet.com", true }, { "8hrs.net", true }, { "8maerz.at", true }, { "8pecxstudios.com", true }, { "8shequapp.com", true }, + { "8svn.com", true }, { "8t8.eu", true }, { "8tech.com.hk", true }, { "8thportsmouth.org.uk", true }, { "8tuffbeers.com", true }, { "8ung.online", true }, + { "8xx.bet", true }, + { "8xx.io", true }, + { "8xx888.com", true }, + { "8xxbet.net", true }, { "9-11commission.gov", true }, { "903422.com", true }, { "905422.com", true }, { "90r.jp", true }, - { "910kj.com", true }, { "9118.com", true }, { "911commission.gov", true }, { "912422.com", true }, { "913422.com", true }, { "914122.com", true }, { "918116.com", true }, - { "918gd.com", true }, - { "918yy.com", true }, { "919422.com", true }, { "91966.com", true }, - { "919945.com", true }, { "91tianmi.com", false }, { "91travel.info", true }, { "924122.com", true }, @@ -1067,7 +1054,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "934122.com", true }, { "943022.com", true }, { "9449-27a1-22a1-e0d9-4237-dd99-e75e-ac85-2f47-9d34.de", true }, - { "9454.com", true }, { "946022.com", true }, { "946422.com", true }, { "949022.com", true }, @@ -1075,8 +1061,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "949622.com", true }, { "949722.com", true }, { "9500years.com", true }, - { "9617818.com", true }, - { "9617818.net", true }, { "9679693.com", true }, { "9681909.com", true }, { "9696178.com", true }, @@ -1084,7 +1068,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "972422.com", true }, { "9788876.com", true }, { "97bros.com", true }, - { "9822.com", true }, { "9822.info", true }, { "9822am.com", true }, { "9822cn.com", true }, @@ -1092,7 +1075,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "9822ph.com", true }, { "9822tw.com", true }, { "9822usa.com", true }, - { "987987.com", true }, { "98laba.com", true }, { "98laba.net", true }, { "9906753.net", true }, @@ -1101,22 +1083,21 @@ static const nsSTSPreload kSTSPreloadList[] = { { "99599.fi", true }, { "99599.net", true }, { "9994553.com", true }, + { "9998722.com", true }, { "99998522.com", true }, { "99999822.com", true }, { "999998722.com", true }, { "99rst.org", true }, { "9bingo.net", true }, { "9farm.com", true }, - { "9iwan.net", true }, + { "9fvip.net", true }, { "9jajuice.com", true }, { "9pkfz.com", true }, - { "9ss6.com", true }, + { "9riddles.com", true }, { "9tolife.be", true }, { "9uelle.jp", true }, - { "9vies.ca", true }, { "9vx.org", true }, { "9won.kr", true }, - { "9y.at", true }, { "9yw.me", true }, { "a-1basements.com", true }, { "a-1indianawaterproofing.com", true }, @@ -1125,7 +1106,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "a-little-linux-box.at", true }, { "a-msystems.com", true }, { "a-oben.org", true }, - { "a-shafaat.ir", true }, { "a-starbouncycastles.co.uk", true }, { "a0print.nl", true }, { "a1bouncycastlehire.com", true }, @@ -1139,8 +1119,10 @@ static const nsSTSPreload kSTSPreloadList[] = { { "a4sound.com", true }, { "a632079.me", true }, { "a7m2.me", true }, + { "a8q.org", true }, { "aa-tour.ru", true }, { "aa1718.net", true }, + { "aa43d.cn", true }, { "aa6688.net", true }, { "aaapl.com", true }, { "aabanet.com.br", true }, @@ -1160,22 +1142,26 @@ static const nsSTSPreload kSTSPreloadList[] = { { "aaomidi.com", true }, { "aapas.org.ar", true }, { "aardvarksolutions.co.za", true }, + { "aarkue.eu", true }, + { "aaron.cm", true }, { "aaron.xin", true }, + { "aaronburt.co.uk", true }, { "aaronhorler.com", true }, - { "aaronhorler.com.au", true }, { "aaronkimmig.de", true }, { "aaronroyle.com", true }, { "aaronsilber.me", true }, { "aatf.us", true }, { "aati.be", true }, + { "aati.info", true }, { "aavienna.com", true }, + { "ab-bauservice-berlin.de", true }, { "abaapplianceservice.com", true }, + { "abaaustin.com", true }, { "abacus-events.co.uk", true }, { "abacusbouncycastle.co.uk", true }, { "abacustech.co.jp", true }, { "abacustech.net", true }, { "abacustech.org", true }, - { "abandonedmines.gov", true }, { "abbadabbabouncycastles.co.uk", true }, { "abbas.ch", true }, { "abborsjo.fi", true }, @@ -1187,18 +1173,17 @@ static const nsSTSPreload kSTSPreloadList[] = { { "abc.li", true }, { "abcbouncycastlessurrey.co.uk", true }, { "abcbouncyfactory.co.uk", true }, - { "abcdef.be", true }, { "abcheck.se", true }, { "abckam.com", true }, { "abcpartyhire.com", true }, { "abcstudio.com.au", true }, - { "abdullah.pw", true }, + { "abdelsater.net", true }, + { "abdulwahaab.ca", true }, { "abe-elektro.de", true }, { "abe-medical.jp", true }, { "abeestrada.com", false }, { "abeilles-idapi.fr", true }, { "abenteuer-ahnenforschung.de", true }, - { "abeontech.com", true }, { "aberdeenalmeras.com", true }, { "aberdeencastles.co.uk", true }, { "aberdeenjudo.co.uk", true }, @@ -1270,13 +1255,15 @@ static const nsSTSPreload kSTSPreloadList[] = { { "abristolgeek.co.uk", true }, { "abseits.org", true }, { "absolem.cc", true }, + { "absolutedouble.co.uk", true }, { "absolutehaitian.com", true }, { "absolutehosting.co.za", true }, { "absolutelyinflatables.co.uk", true }, { "absoluterush.net", true }, - { "absolutewaterproofingsolutions.com", true }, { "absolutewebdesigns.com", true }, { "abstraction21.com", true }, + { "absturztau.be", true }, + { "absturztaube.ch", true }, { "absynthe-inquisition.fr", true }, { "abthorpe.org", true }, { "abulanov.com", true }, @@ -1297,11 +1284,12 @@ static const nsSTSPreload kSTSPreloadList[] = { { "academytv.com.au", true }, { "acaeum.com", true }, { "acampar.com.br", true }, + { "acaptureservices.com", true }, { "acara-yoga.de", true }, + { "acareer.in", true }, { "acat.io", true }, { "acbrussels-used.be", true }, { "accadoro.it", true }, - { "accbay.com", true }, { "accelaway.com", true }, { "acceleratenetworks.com", true }, { "accelerateyourworld.org", true }, @@ -1334,15 +1322,16 @@ static const nsSTSPreload kSTSPreloadList[] = { { "acecolleges.edu.au", true }, { "aceinflatables.com", true }, { "aceinstituteonline.com", true }, - { "acelpb.com", true }, { "acem.org.au", true }, { "acemobileforce.com", true }, { "acemypaper.com", true }, + { "acen.eu", true }, { "acendealuz.com.br", true }, { "acerentalandsales.com", true }, { "acerislaw.com", true }, { "acessoeducacao.com", true }, { "acevik.de", true }, + { "acfo.org", true }, { "acg18.us", false }, { "acgtalktw.com", true }, { "achalay.org", true }, @@ -1355,15 +1344,18 @@ static const nsSTSPreload kSTSPreloadList[] = { { "achtzehn.eu", true }, { "achtzehnterachter.de", true }, { "achwo.de", true }, + { "acid.ninja", true }, { "acidbin.co", true }, { "aciety.com", true }, { "aciksite.com", true }, + { "ackermann.ch", true }, { "ackis.duckdns.org", false }, { "aclu.org", false }, { "acluva.org", false }, { "acme.beer", true }, { "acmexyz123.info", true }, { "acnpacific.com", true }, + { "acodess.com", true }, { "aconnor.xyz", true }, { "acordes.online", true }, { "acorncastles.co.uk", true }, @@ -1372,6 +1364,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "acoshift.me", true }, { "acourse.io", true }, { "acousti-tech.com", true }, + { "acousticalsolutions.com", true }, { "acoustics.network", true }, { "acoustics.tech", true }, { "acoustique-tardy.com", true }, @@ -1384,6 +1377,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "acrepairhutto.com", true }, { "acrepairroundrocktx.com", true }, { "acrevalue.com", true }, + { "acriticismlab.org", true }, { "acrolife.cz", true }, { "acroso.me", true }, { "across.ml", true }, @@ -1414,14 +1408,12 @@ static const nsSTSPreload kSTSPreloadList[] = { { "activehire.co.uk", true }, { "activeleisure.ie", true }, { "activeworld.net", false }, - { "activistasconstructivos.org", true }, { "activitesaintnicaise.org", true }, { "activityeventhire.co.uk", true }, { "actom.cc", true }, { "actors-cafe.net", true }, { "actorsroom.com", true }, { "actserv.co.ke", true }, - { "actu-film.com", true }, { "acuica.co.uk", false }, { "acul.me", true }, { "acupofsalt.tv", true }, @@ -1430,6 +1422,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "acwi.gov", true }, { "acy.com", true }, { "acyfxasia.com", true }, + { "acyume.com", true }, { "ad-notam.asia", true }, { "ad-notam.ch", true }, { "ad-notam.co.uk", true }, @@ -1457,10 +1450,10 @@ static const nsSTSPreload kSTSPreloadList[] = { { "adamradocz.com", true }, { "adams.dk", true }, { "adamsbouncycastles.co.uk", true }, - { "adamsfoundationrepair.com", true }, { "adamstas.com", true }, { "adamwallington.co.uk", true }, { "adamwilcox.org", true }, + { "adamyuan.xyz", true }, { "adapt-elektronik.com", true }, { "adapt.de", true }, { "adaptablesecurity.org", true }, @@ -1478,13 +1471,16 @@ static const nsSTSPreload kSTSPreloadList[] = { { "addiko.net", true }, { "addisoncrump.info", true }, { "addnine.com", true }, + { "addon.watch", true }, { "addones.net", true }, { "addtoany.com", true }, { "adduono.com", true }, { "adelebeals.com", true }, { "adelightfulglow.com", true }, + { "adeline.mobi", true }, { "adentalsolution.com", true }, { "adept.org.pl", true }, + { "adesa.co.uk", true }, { "adevel.eu", true }, { "adf-safetytools.com", true }, { "adftrasporti.it", true }, @@ -1494,7 +1490,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "adimaja.com", true }, { "adinariversloveschool.com", true }, { "adingenierie.fr", true }, - { "adint.net", true }, { "adiponectinsupplement.info", true }, { "adiponectinsupplement.net", true }, { "adjagu.org", true }, @@ -1505,8 +1500,8 @@ static const nsSTSPreload kSTSPreloadList[] = { { "adlershop.ch", true }, { "adm-sarov.ru", true }, { "adme.co.il", true }, - { "admin-numerique.com", true }, { "admin-serv.net", true }, + { "admin.casa", true }, { "admin.fedoraproject.org", true }, { "admin.google.com", true }, { "admin.stg.fedoraproject.org", true }, @@ -1514,15 +1509,12 @@ static const nsSTSPreload kSTSPreloadList[] = { { "administratorserwera.pl", true }, { "adminlinux.pl", true }, { "admino.cz", true }, - { "adminwerk.com", true }, { "adminwiki.fr", true }, - { "admirable.one", true }, { "admody.com", true }, { "admongo.gov", true }, { "adnanotoyedekparca.com", true }, { "adnot.am", true }, { "adnseguros.es", true }, - { "adoniscabaret.co.uk", true }, { "adonnante.com", true }, { "adoptionlink.co.uk", true }, { "adora-illustrations.fr", true }, @@ -1546,9 +1538,10 @@ static const nsSTSPreload kSTSPreloadList[] = { { "adrien.vin", true }, { "adrienkohlbecker.com", true }, { "adriennesmiles.com", true }, - { "adrinet.tk", true }, { "adrup.com", true }, + { "adsamcik.com", true }, { "adsbouncycastles.co.uk", true }, + { "adsbtc.org", true }, { "adsl2meg.fr", true }, { "adtgroup.com", true }, { "adurra.com", true }, @@ -1560,7 +1553,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "advancedprotectionkey.com", true }, { "advancedprotectionsecuritykey.com", true }, { "advancedweb.hu", true }, - { "advancedwriters.com", true }, { "advanceworx.com", true }, { "advancis.net", true }, { "advancyte.com", true }, @@ -1583,10 +1575,13 @@ static const nsSTSPreload kSTSPreloadList[] = { { "advocate-europe.eu", true }, { "advocaten-avocats.be", true }, { "advocatenalkmaar.org", true }, + { "advocator.ca", true }, { "advocoeurdehaan.nl", true }, { "advokat-romanov.com", true }, { "advtran.com", true }, { "adware.pl", true }, + { "adwokatkosterka.pl", true }, + { "adwokatzdunek.pl", true }, { "adws.io", true }, { "adxperience.com", true }, { "adzuna.at", true }, @@ -1614,6 +1609,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "aegrel.ee", true }, { "aehe.us", true }, { "aei.co.uk", true }, + { "aelurus.com", true }, { "aeon.co", true }, { "aep-digital.com", true }, { "aeradesign.com", true }, @@ -1622,6 +1618,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "aergia.eu", true }, { "aerisnetwork.com", true }, { "aero-pioneer.com", true }, + { "aerobasegroup.com", true }, { "aerobotz.com", true }, { "aerosimexperience.com", true }, { "aertel.ie", true }, @@ -1643,21 +1640,19 @@ static const nsSTSPreload kSTSPreloadList[] = { { "afb24.de", true }, { "afbeelding.im", true }, { "afbeeldinguploaden.nl", true }, - { "afeefzarapackages.com", true }, { "affichagepub3.com", true }, { "affiliatefeatures.com", true }, { "affiliateroyale.com", true }, { "affiliatetest.azurewebsites.net", true }, { "affilie.de", true }, - { "affinity.vc", true }, { "affinitysync.com", true }, { "affissioni.roma.it", true }, { "affittacamere.roma.it", true }, { "affordableazdivorce.com", true }, + { "affordableblindsexpress.com", true }, { "affordablehealthquotesforyou.com", true }, { "affordablekilimanjaro.com", true }, { "affordablemudjacking.com", true }, - { "affordablepapers.com", true }, { "affordableracingparts.com.au", true }, { "affping.com", true }, { "affvps.net", true }, @@ -1666,7 +1661,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "aficionados.com.br", true }, { "afinadoronline.com.br", true }, { "afinaudio.com", true }, - { "aflamtorrent.com", true }, { "aflfreebets.com", true }, { "aflowershop.ca", true }, { "afmt.fr", true }, @@ -1690,17 +1684,19 @@ static const nsSTSPreload kSTSPreloadList[] = { { "afva.net", true }, { "afzco.asia", true }, { "ag-websolutions.de", true }, + { "ag8-game.com", true }, { "agalliasis.ch", true }, { "agamsecurity.ch", true }, { "agatajanik.de", true }, { "agate.pw", true }, { "agechecker.net", true }, - { "ageg.ca", true }, { "agenceklic.com", true }, + { "agencewebstreet.com", true }, { "agenciadeempregosdourados.com.br", true }, { "agenciafiscal.pe", true }, { "agenda-loto.net", false }, { "agenda21senden.de", true }, + { "agendatelefonica.com.br", true }, { "agent-grow.com", true }, { "agent6.com.au", true }, { "agentprocessing.com", true }, @@ -1715,7 +1711,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "agilebits.com", true }, { "agilebits.net", false }, { "agilecraft.com", true }, - { "agileecommerce.com.br", true }, { "agileui.com", true }, { "agiley.se", true }, { "agilizing.us", true }, @@ -1726,11 +1721,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "agiserv.fr", true }, { "agliamici.it", true }, { "agnesk.blog", true }, - { "agonswim.com", false }, { "agoodmind.com", true }, { "agoravox.fr", true }, { "agoravox.it", true }, { "agoravox.tv", true }, + { "agostinhoenascimento.com.br", true }, { "agotnes.com", true }, { "agouraelectrical.com", true }, { "agouraelectrician.com", true }, @@ -1757,9 +1752,12 @@ static const nsSTSPreload kSTSPreloadList[] = { { "agrilinks.org", true }, { "agrios.de", true }, { "agro-forestry.net", true }, - { "agro.rip", true }, + { "agroline.by", true }, + { "agroxxi.ru", true }, { "agroyard.com.ua", true }, { "agsb.ch", true }, + { "agscinemas.com", true }, + { "agscinemasapp.com", true }, { "agung-furniture.com", true }, { "agwa.name", true }, { "ahd.com", false }, @@ -1771,6 +1769,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "ahmad.works", true }, { "ahmadly.com", true }, { "ahmedabadflowermall.com", true }, + { "ahmedcharles.com", true }, { "ahmerjamilkhan.org", true }, { "ahmetozer.org", true }, { "ahosi.com", true }, @@ -1781,9 +1780,10 @@ static const nsSTSPreload kSTSPreloadList[] = { { "ahxxm.com", true }, { "ai-english.jp", true }, { "ai-soft.co.jp", true }, + { "ai.gov", true }, { "aia.de", true }, - { "aibaoyou.com", true }, { "aibenzi.com", true }, + { "aicial.co.uk", true }, { "aidanapple.com", true }, { "aidanmontare.net", true }, { "aide-valais.ch", true }, @@ -1795,6 +1795,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "aifriccampbell.com", true }, { "aigcev.org", true }, { "aigenpul.se", true }, + { "aignermunich.jp", true }, { "aiicy.org", true }, { "aiida.se", true }, { "aijsk.com", true }, @@ -1805,10 +1806,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "aikido-kiel.de", true }, { "aikido-linz.at", true }, { "aikido-wels.at", true }, + { "aimax.com", true }, { "aimeeandalec.com", true }, - { "aimerworld.com", true }, { "aimgroup.co.tz", true }, { "aimotive.com", true }, + { "aintevenmad.ch", true }, { "aiois.com", true }, { "aipbarcelona.com", true }, { "air-craftglass.com", true }, @@ -1820,12 +1822,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "airborne-inflatables.co.uk", true }, { "airclass.com", true }, { "aircomms.com", true }, - { "airconsboksburg.co.za", true }, - { "airconsfourways.co.za", true }, - { "airconsmidrand.co.za", true }, { "airconssandton.co.za", true }, { "airductclean.com", false }, { "airductcleaning-fresno.com", true }, + { "airductcleaninggrandprairie.com", true }, + { "airductcleaningirving.com", true }, { "airdur.eu", true }, { "aireaseleaks.org", true }, { "airetvie.com", true }, @@ -1845,8 +1846,8 @@ static const nsSTSPreload kSTSPreloadList[] = { { "airportlimototoronto.com", true }, { "airpurifierproductsonline.com", true }, { "airrestoration.ch", true }, - { "airsick.guide", true }, { "airsoft.ch", true }, + { "airtimerewards.co.uk", true }, { "airvpn.org", true }, { "airvuz.com", true }, { "airwegobouncycastles.co.uk", true }, @@ -1856,6 +1857,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "aisi316l.net", true }, { "aisr.nl", true }, { "aistockcharts.com", true }, + { "aistrope.com", true }, { "ait.com.ar", true }, { "aiticon.com", true }, { "aitosoftware.com", true }, @@ -1863,7 +1865,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "aivd.lol", true }, { "aivene.com", true }, { "aiwdirect.com", true }, - { "aixvox.com", true }, + { "aixvox.com", false }, { "aixxe.net", true }, { "aizxxs.com", true }, { "aizxxs.net", true }, @@ -1883,6 +1885,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "ajsb85.com", true }, { "ak-varazdin.hr", true }, { "ak-webit.de", true }, + { "aka.ms", true }, { "akachanikuji.com", true }, { "akademeia.moe", true }, { "akalashnikov.ru", true }, @@ -1894,7 +1897,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "akelius.de", false }, { "akfoundationindia.com", true }, { "akhealthconnection.com", true }, - { "akihiro.xyz", false }, { "akihito.com", true }, { "akijo.de", true }, { "akita-boutique.com", true }, @@ -1902,22 +1904,19 @@ static const nsSTSPreload kSTSPreloadList[] = { { "akj.io", true }, { "akkbouncycastles.co.uk", true }, { "akkeylab.com", true }, - { "akoch.net", true }, { "akostecki.de", true }, { "akovana.com", true }, { "akoya.fi", true }, { "akplates.org", true }, { "akpwebdesign.com", true }, { "akr.io", true }, + { "akr.services", true }, { "akracing.se", true }, { "akritikos.info", true }, - { "akronet.cz", true }, - { "akropol.cz", true }, { "akropolis-ravensburg.de", true }, { "aksehir.bel.tr", true }, { "akselinurmio.fi", false }, { "akshi.in", true }, - { "aktan.com.br", true }, { "aktiv-naturheilmittel.at", true }, { "aktiv-naturheilmittel.ch", true }, { "aktiv-naturheilmittel.de", true }, @@ -1926,7 +1925,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "aktuelle-uhrzeit.at", true }, { "akuislam.com", true }, { "akukas.com", true }, - { "akul.co.in", true }, { "akustik.tech", true }, { "akutun.cl", true }, { "akvorrat.at", true }, @@ -1936,11 +1934,14 @@ static const nsSTSPreload kSTSPreloadList[] = { { "aladdin.ie", true }, { "aladdinschools.appspot.com", true }, { "alainbaechlerphotography.ch", true }, + { "alainfrancois.eu", true }, { "alainmargot.ch", true }, { "alainodea.com", true }, { "alainwolf.ch", true }, { "alainwolf.net", true }, { "alair.cn", false }, + { "alamancetv.com", true }, + { "alamgir.works", true }, { "alanberger.me.uk", true }, { "alanhua.ng", true }, { "alaninkenya.org", true }, @@ -1958,8 +1959,8 @@ static const nsSTSPreload kSTSPreloadList[] = { { "albbounce.co.uk", true }, { "albersdruck.de", true }, { "albertathome.org", true }, + { "albertbogdanowicz.pl", true }, { "albertinum-goettingen.de", true }, - { "albertonplumber24-7.co.za", true }, { "albion2.org", true }, { "alboweb.nl", true }, { "albuic.tk", true }, @@ -1969,15 +1970,17 @@ static const nsSTSPreload kSTSPreloadList[] = { { "alcnutrition.com", true }, { "alco-united.com", true }, { "alcoholapi.com", true }, - { "aldes.co.za", true }, + { "aldiabcs.com", true }, { "aldien.com.br", true }, { "aldo-vandini.de", true }, - { "aldorr.net", true }, + { "aldorr.net", false }, { "aldous-huxley.com", true }, { "aldred.cloud", true }, { "alecpap.com", true }, { "alecpapierniak.com", true }, { "alecrust.com", true }, + { "aledg.cl", true }, + { "aleksejjocic.tk", true }, { "aleksib.fi", true }, { "alela.fr", true }, { "alerbon.net", true }, @@ -2000,6 +2003,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "alexandrastylist.com", true }, { "alexandre-blond.fr", true }, { "alexandros.io", true }, + { "alexbaker.org", true }, { "alexberts.ch", true }, { "alexbresnahan.com", true }, { "alexcoman.com", true }, @@ -2011,11 +2015,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "alexhd.de", true }, { "alexio.ml", true }, { "alexisabarca.com", true }, - { "alexischaussy.xyz", true }, - { "alexismeza.com", true }, - { "alexismeza.com.mx", true }, - { "alexismeza.es", true }, - { "alexismeza.nl", true }, { "alexkott.com", true }, { "alexlouden.com", true }, { "alexmerkel.com", true }, @@ -2024,7 +2023,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "alexmroberts.net", true }, { "alexn.org", true }, { "alexpavel.com", true }, - { "alexpotter.net", false }, + { "alexpotter.net", true }, { "alexs.de", true }, { "alexschroeder.ch", true }, { "alexsergeyev.com", true }, @@ -2039,6 +2038,8 @@ static const nsSTSPreload kSTSPreloadList[] = { { "alexwardweb.com", true }, { "alexyang.me", true }, { "alfa-tech.su", true }, + { "alftrain.com", true }, + { "alghanimcatering.com", true }, { "algoentremanos.com", true }, { "algofactory.de", true }, { "algolia.com", true }, @@ -2054,8 +2055,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "alicemaywebdesign.com.au", true }, { "alicestudio.it", true }, { "alicetone.net", true }, - { "alicialab.org", true }, - { "alien.bz", true }, { "alienation.biz", true }, { "alienflight.com", true }, { "alienslab.net", true }, @@ -2063,7 +2062,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "alignrs.com", true }, { "aliim.gdn", true }, { "alijammusic.com", true }, - { "alikulov.me", true }, { "alinasmusicstudio.com", true }, { "alinode.com", true }, { "alisonisrealestate.com", true }, @@ -2077,11 +2075,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "aljaspod.hu", true }, { "aljaspod.net", true }, { "aljweb.com", true }, - { "alkel.info", true }, { "all-connect.net", false }, { "all-markup-news.com", true }, { "all4hardware4u.de", true }, - { "allaboutbelgaum.com", false }, { "allaboutfunuk.com", true }, { "allaboutswing.co.uk", true }, { "allaboutswing.com", true }, @@ -2122,12 +2118,10 @@ static const nsSTSPreload kSTSPreloadList[] = { { "allinone-ranking150.com", true }, { "allis.studio", true }, { "alljamin.com", true }, - { "allladyboys.com", true }, { "allmebel.ru", true }, { "allmend-ru.de", true }, { "allns.fr", true }, { "allo-credit.ch", true }, - { "allo-symo.fr", true }, { "allontanamentovolatili.it", true }, { "allontanamentovolatili.milano.it", true }, { "alloverthehill.com", true }, @@ -2135,9 +2129,8 @@ static const nsSTSPreload kSTSPreloadList[] = { { "allplayer.tk", true }, { "allpointsblog.com", true }, { "allproptonline.com", true }, - { "allroundpvp.net", true }, + { "allsaints.church", true }, { "allsearch.io", true }, - { "allseasons-cleaning.co.uk", true }, { "allshousedesigns.com", true }, { "allstakesupply.com.au", true }, { "allstarautokiaparts.com", true }, @@ -2145,6 +2138,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "allstarquilts.com", true }, { "allsync.com", true }, { "allsync.nl", true }, + { "allteach.co.uk", true }, { "allthecryptonews.com", true }, { "allthethings.co.nz", true }, { "allthings.me", true }, @@ -2159,6 +2153,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "aloesoluciones.com.ar", true }, { "alohapartyevents.co.uk", true }, { "alonetone.com", true }, + { "alorenzi.eu", true }, { "alp.od.ua", true }, { "alpca.org", true }, { "alpe-d-or.dyn-o-saur.com", true }, @@ -2177,9 +2172,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "alphabouncycastles.co.uk", true }, { "alphabrock.cn", true }, { "alphachat.net", true }, + { "alphadote.com", true }, { "alphaetomega3d.fr", true }, { "alphafiduciaryservices.ch", true }, { "alphafitnesslibya.com", true }, + { "alphagateanddoor.com", true }, { "alphainflatablehire.com", true }, { "alphapengu.in", true }, { "alpharotary.com", true }, @@ -2197,7 +2194,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "alpinestarmassage.com", true }, { "alpinetrek.co.uk", true }, { "alpiniste.fr", true }, - { "alqassam.net", true }, { "alquiaga.com", true }, { "alrait.com", true }, { "alroniks.com", true }, @@ -2206,11 +2202,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "alt-three.com", true }, { "alt.org", true }, { "altaplana.be", true }, - { "altbinaries.com", true }, { "altedirect.com", true }, { "alter-news.fr", true }, { "alterbaum.net", true }, - { "altered.network", true }, { "alternador.com.br", true }, { "alternative.bike", true }, { "alternativebit.fr", true }, @@ -2224,7 +2218,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "altmaestrat.es", true }, { "altoa.cz", true }, { "altonblom.com", true }, - { "altoneum.com", true }, { "altopartners.com", true }, { "altopia.com", true }, { "altphotos.com", true }, @@ -2234,7 +2227,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "alttrackr.com", true }, { "altunbas.info", true }, { "alumni-kusa.jp", true }, - { "aluoblog.pw", true }, { "alupferd.de", true }, { "aluroof.eu", true }, { "alvcs.com", true }, @@ -2260,8 +2252,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "am2s.fr", true }, { "am3.se", true }, { "ama.ne.jp", true }, - { "amadilo.de", false }, - { "amadoraslindas.com", true }, { "amadvice.com", true }, { "amaforro.com", true }, { "amagdic.com", true }, @@ -2275,9 +2265,8 @@ static const nsSTSPreload kSTSPreloadList[] = { { "amandasage.ca", true }, { "amani-kinderdorf.de", true }, { "amaresq.com", true }, - { "amartinz.at", true }, - { "amateri.com", true }, { "amateurvoicetalent.com", true }, + { "amati.solutions", true }, { "amato.tk", true }, { "amatsuka.com", true }, { "amauf.de", true }, @@ -2308,9 +2297,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "amees.me", false }, { "amelandadventure.nl", true }, { "amello.de", true }, + { "amend-friseur-schwabing.de", true }, { "america.gov", true }, { "americafamilylawcenter.org", true }, { "american.dating", true }, + { "americandetour.com", true }, { "americanfoundationbr.com", true }, { "americanmediainstitute.com", true }, { "americasbasementcontractor.com", true }, @@ -2323,11 +2314,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "amesgen.de", true }, { "amesvacuumrepair.com", true }, { "amethystdevelopment.co.uk", true }, - { "ameza.co.uk", true }, - { "ameza.com.mx", true }, - { "ameza.io", true }, - { "ameza.me", true }, - { "ameza.net", true }, { "amf.to", true }, { "amg-exterieur.fr", true }, { "amg-microwave.com", true }, @@ -2336,16 +2322,18 @@ static const nsSTSPreload kSTSPreloadList[] = { { "amicalecanyon.ch", true }, { "amiciidogrescue.org.uk", true }, { "amielucha.com", true }, + { "amifoundation.net", true }, { "amikootours.com", true }, - { "amin.ga", true }, - { "amin.one", true }, { "aminafrance.com", true }, { "amineptine.com", true }, + { "aminorth.com", true }, { "amirautos.com", true }, { "amirmahdy.com", true }, { "amisderodin.fr", true }, { "amisharingstuff.com", true }, + { "amitabhsirkiclasses.org.in", true }, { "amitpatra.com", true }, + { "amiu.org", true }, { "ammanagingdirectors.com", true }, { "amministratore.biz", true }, { "amministratore.roma.it", true }, @@ -2376,16 +2364,14 @@ static const nsSTSPreload kSTSPreloadList[] = { { "amzn.rocks", true }, { "anacreon.de", true }, { "anadiyogacentre.com", true }, - { "anadoluefessk.org", true }, { "anaethelion.fr", true }, { "anaiscoachpersonal.es", true }, + { "anaisypirueta.es", true }, { "anajianu.ro", true }, - { "analangelsteen.com", true }, { "analbleachingguide.com", true }, { "analgesia.net", true }, { "analisilaica.it", true }, { "analogist.net", true }, - { "analteengirls.net", true }, { "analyticsinmotion.com", true }, { "analyticum.at", true }, { "analyticum.com", true }, @@ -2400,7 +2386,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "anarchistischegroepnijmegen.nl", false }, { "anassiriphotography.com", false }, { "anastasia-shamara.ru", true }, - { "anastasiafond.com", true }, { "ancestramil.fr", true }, { "anchev.net", true }, { "anchovy.nz", false }, @@ -2422,31 +2407,36 @@ static const nsSTSPreload kSTSPreloadList[] = { { "andiscyber.space", true }, { "anditi.com", true }, { "andoms.fi", true }, + { "andre-ballensiefen.de", true }, { "andre-lategan.com", true }, { "andre-otto.com", true }, { "andrea-kiaora.de", true }, { "andrea-m.me", true }, { "andrea-wirthensohn.at", true }, { "andreaboero.it", true }, + { "andreadraghetti.it", true }, { "andreagourmet.it", true }, { "andreahruby.it", true }, { "andreamcnett.com", true }, - { "andreasbasurto.com", true }, + { "andreas-hecht.com", true }, { "andreaseracleous.com", true }, { "andreasfeusi.ch", true }, + { "andreashecht-blog.de", true }, { "andreaskrasa.com", true }, { "andreaslicht.nl", true }, { "andreasolsson.se", true }, { "andreasr.com", true }, + { "andree.cloud", true }, { "andrefaber.nl", true }, { "andrehansen.de", true }, + { "andrei-nakov.org", true }, { "andrejbenz.com", true }, { "andreoliveira.io", true }, { "andrepicard.de", true }, { "andrespaz.com", true }, { "andreundnina.de", true }, + { "andrew.london", true }, { "andrewbdesign.com", true }, - { "andrewdavidwong.com", true }, { "andrewdaws.io", true }, { "andrewensley.com", true }, { "andrewhowden.com", true }, @@ -2460,6 +2450,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "andrewryno.com", true }, { "andrewsun.com", true }, { "andrewtchin.com", true }, + { "andrewx.net", true }, { "andrezadnik.com", true }, { "andro2id.com", true }, { "andro4all.com", true }, @@ -2492,6 +2483,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "anedot.com", true }, { "anedot.space", true }, { "anedot.xyz", true }, + { "aneebahmed.com", true }, { "anegabawa.com", true }, { "anetaben.nl", true }, { "anextraordinaryday.net", true }, @@ -2499,7 +2491,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "angehardy.com", true }, { "angel-body.com", true }, { "angelesydemonios.es", true }, - { "angelicare.co.uk", true }, { "angelinahair.com", true }, { "angelremigene.com", true }, { "angelsgirl.eu.org", true }, @@ -2514,10 +2505,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "angrapa.ru", true }, { "angristan.fr", true }, { "angristan.xyz", true }, - { "angrut.com", true }, { "angry.im", true }, { "angrysnarl.com", true }, - { "angryteeth.net", true }, + { "angryteeth.net", false }, { "anguiao.com", true }, { "angularjs.org", false }, { "angusmak.com", true }, @@ -2529,10 +2519,12 @@ static const nsSTSPreload kSTSPreloadList[] = { { "animacurse.moe", true }, { "animaemundi.be", true }, { "animal-liberation.com", true }, + { "animal-nature-human.com", true }, { "animal-rights.com", true }, { "animalistic.io", true }, { "animaltesting.fr", true }, { "animan.ca", true }, + { "animatelluris.nl", true }, { "animationsmusicales.ch", true }, { "anime-culture.com", true }, { "anime-rg.com", true }, @@ -2541,17 +2533,17 @@ static const nsSTSPreload kSTSPreloadList[] = { { "anime1.me", true }, { "anime1.moe", true }, { "anime1.pw", true }, - { "anime1.top", true }, { "animeai.com", true }, { "animefluxxx.com", true }, + { "animeinsights.net", true }, { "animesharp.com", true }, { "animetriad.com", true }, { "animojis.es", true }, - { "animorphsfanforum.com", true }, { "anipassion.com", true }, { "anitaalbersen.nl", true }, { "anitube.ch", true }, { "aniwhen.com", true }, + { "anjoola.com", true }, { "ankarakart.com.tr", true }, { "ankaraprofesyonelwebtasarim.com", true }, { "ankarauzmanlarnakliyat.com", true }, @@ -2595,18 +2587,16 @@ static const nsSTSPreload kSTSPreloadList[] = { { "anojan.com", true }, { "anon-next.de", true }, { "anoncom.net", true }, - { "anoneko.com", true }, { "anongoth.pl", true }, - { "anonrea.ch", true }, { "anons.fr", true }, { "anonukradio.org", true }, - { "anonym-surfen.de", true }, { "anonyme-spieler.at", true }, { "anorak.tech", true }, { "another.ch", true }, { "anotherchef.com", true }, { "anotherfatgeek.net", true }, { "anowicki.pl", false }, + { "anoxinon.de", false }, { "ans-delft.nl", true }, { "ans-ge.ch", true }, { "ansas.eu", true }, @@ -2615,6 +2605,8 @@ static const nsSTSPreload kSTSPreloadList[] = { { "ansermet.net", true }, { "ansgar-sonntag.de", true }, { "ansgarsonntag.de", true }, + { "anshar.eu", true }, + { "ansibeast.net", true }, { "ansichtssache.at", true }, { "ansogning-sg.dk", true }, { "anstaskforce.gov", true }, @@ -2625,7 +2617,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "antarees.net", true }, { "antarespc.com", true }, { "antcas.com", true }, - { "antecim.fr", true }, { "antennista.catania.it", true }, { "antennista.milano.it", true }, { "antennista.pavia.it", true }, @@ -2635,17 +2626,17 @@ static const nsSTSPreload kSTSPreloadList[] = { { "anteprima.info", true }, { "anthedesign.fr", true }, { "anthisis.tv", true }, - { "anthony-rouanet.com", true }, { "anthony.codes", true }, { "anthonyaires.com", true }, { "anthonycarbonaro.com", true }, { "anthonygaidot.fr", true }, + { "anthonyvadala.me", true }, { "anthropoid.ca", true }, { "anti-bible.com", true }, { "anti-radar.org", true }, { "antibioticshome.com", true }, { "anticopyright.com", true }, - { "antifraud.net.ru", true }, + { "antiekboerderijgraafland.nl", true }, { "antihype.space", true }, { "antik-trodelmarkt.de", true }, { "antikvariat.ru", true }, @@ -2654,7 +2645,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "antimine.me", true }, { "antipolygraph.org", true }, { "antique-pedalcars.ch", true }, - { "antirayapmalang.com", true }, { "antirepressionbayarea.com", true }, { "antispeciesism.com", true }, { "antispeciesist.com", true }, @@ -2690,9 +2680,10 @@ static const nsSTSPreload kSTSPreloadList[] = { { "anzeiger.ag", true }, { "ao-dev.com", true }, { "ao2.it", true }, + { "aoadatacommunity.us", true }, { "aoaprograms.net", true }, + { "aofusa.net", true }, { "aoku3d.com", true }, - { "aomonk.com", true }, { "aopedeure.nl", true }, { "aopsy.de", true }, { "aosc.io", false }, @@ -2700,6 +2691,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "aotearoa.maori.nz", true }, { "aotearoaleaks.org", true }, { "ap-swiss.ch", true }, + { "apac-tech.com", false }, { "apache-portal.com", true }, { "apachehaus.de", false }, { "apadvantage.com", true }, @@ -2715,7 +2707,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "apdx.com", true }, { "apef.ch", true }, { "apercloud.es", true }, - { "aperim.com", true }, { "apertis.org", true }, { "aperturesciencelabs.de", true }, { "apervita.net", true }, @@ -2744,11 +2735,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "apiled.io", true }, { "apination.com", true }, { "apio.systems", true }, - { "apis.blue", true }, { "apis.google.com", true }, { "apis.moe", true }, { "apisyouwonthate.com", true }, - { "apivia.fr", true }, { "apk.li", true }, { "apk4fun.com", true }, { "aplikaceproandroid.cz", true }, @@ -2758,7 +2747,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "apmpproject.org", true }, { "apn-dz.org", true }, { "apn-einstellungen.de", true }, + { "apo-deutschland.biz", true }, { "apobot.de", true }, + { "apogeephoto.com", true }, { "apoil.org", true }, { "apollyon.work", true }, { "apoly.de", true }, @@ -2767,6 +2758,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "aposke.com", true }, { "aposke.net", true }, { "aposke.org", true }, + { "apostilasaprovacao.com", true }, { "apotheek-nl.org", true }, { "apotheke-ch.org", true }, { "apothes.is", true }, @@ -2801,18 +2793,14 @@ static const nsSTSPreload kSTSPreloadList[] = { { "applesencia.com", true }, { "applewatch.co.nz", true }, { "applian.jp", true }, - { "appliancerepairlosangeles.com", true }, { "applicationmanager.gov", true }, { "apply.eu", true }, - { "apply55gx.com", true }, { "appmeas.co.uk", true }, { "appmobile.io", true }, { "appninjas.com", true }, { "apponic.com", true }, { "apponline.com", true }, { "apprank.in", true }, - { "apprenticeship.gov", true }, - { "apprenticeships.gov", true }, { "approbo.com", true }, { "approvedtreecare.com", true }, { "apps.co", true }, @@ -2829,7 +2817,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "appuals.com", true }, { "appui-de-fenetre.fr", true }, { "appveyor.com", true }, - { "appxcrypto.com", true }, { "appzoojoo.be", true }, { "apratimsaha.com", true }, { "aprefix.com", true }, @@ -2841,9 +2828,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "aprr.org", true }, { "aprsdroid.org", true }, { "aprz.de", true }, + { "apsa.paris", true }, { "apstudynotes.org", true }, { "apu-board.de", true }, { "apv-ollon.ch", true }, + { "aqilacademy.com.au", true }, { "aqsiq.net", true }, { "aqua-fitness-nacht.de", true }, { "aqua-fotowelt.de", true }, @@ -2851,6 +2840,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "aquabio.ch", true }, { "aquadonis.ch", true }, { "aquahomo.com", true }, + { "aquainfo.net", true }, { "aqualife.com.gr", true }, { "aqualifeprojects.com", true }, { "aqualysis.nl", true }, @@ -2859,14 +2849,14 @@ static const nsSTSPreload kSTSPreloadList[] = { { "aquaron.com", true }, { "aquaselect.eu", true }, { "aquatechnologygroup.com", true }, - { "aquaundine.net", true }, { "aquavitaedayspa.com.au", true }, + { "aquelarreweb.com", true }, { "aquila.co.uk", true }, { "aquitainebrasserie.com.au", true }, { "aquitroc.com", true }, { "ar-informatique.ch", true }, { "arab.dating", true }, - { "arabsexi.info", true }, + { "arabicxz.com", true }, { "arachina.com", true }, { "arados.de", true }, { "arai21.net", true }, @@ -2880,6 +2870,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "araseifudousan.com", true }, { "arawaza.biz", true }, { "arawaza.com", false }, + { "arawaza.info", true }, { "araxis.com", true }, { "arbeitskreis-asyl-eningen.de", true }, { "arbeitslosenverwaltung.de", true }, @@ -2898,9 +2889,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "archivesdelavieordinaire.ch", true }, { "archlinux.de", true }, { "archlinux.org", true }, + { "arclandholdings.com.au", true }, { "arcobalabs.ca", true }, { "arcridge.ca", true }, { "arctic.gov", true }, + { "arctica.io", true }, { "arcueil-cachan.fr", false }, { "arcusnova.de", true }, { "arda-audio.pt", true }, @@ -2911,10 +2904,14 @@ static const nsSTSPreload kSTSPreloadList[] = { { "areaclienti.net", true }, { "areafiftylan.nl", true }, { "areatrend.com", true }, + { "arefidgetspinnersgay.com", true }, { "arekatieandchrisgettingmarried.com", true }, { "arekatieandchrisgettingmarried.today", true }, { "arekatieandchrismarriedyet.com", true }, { "arendburgers.nl", true }, + { "arenlor.com", true }, + { "arenlor.info", true }, + { "arenns.com", true }, { "areqgaming.com", true }, { "ares-trading.de", true }, { "arethsu.se", true }, @@ -2924,9 +2921,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "argb.de", true }, { "argekultur.at", true }, { "argot.com", true }, + { "argovpay.com", true }, { "ariaartgallery.com", true }, { "ariadermspa.com", true }, { "arian.io", true }, + { "arias.re", true }, { "ariba.info", true }, { "ariege-pyrenees.net", true }, { "arieswdd.com", true }, @@ -2943,6 +2942,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "aristocratps.com", true }, { "aritec-la.com", true }, { "arivo.com.br", true }, + { "arizer.com", true }, { "arizonaautomobileclub.com", true }, { "arjandejong.eu", true }, { "arjanvaartjes.net", true }, @@ -2957,13 +2957,12 @@ static const nsSTSPreload kSTSPreloadList[] = { { "arlen.tv", true }, { "arlenarmageddon.com", true }, { "arlet.click", true }, - { "arlingtonwine.net", true }, - { "arm-host.com", true }, { "armadaquadrat.com", true }, { "armandsdiscount.com", true }, { "armansfinejewellery.com", true }, { "armansfinejewellery.com.au", true }, { "armarinhovirtual.com.br", true }, + { "armbrust.me", true }, { "armedpoet.com", true }, { "armeni-jewellery.gr", true }, { "armil.it", true }, @@ -2977,6 +2976,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "arnaudb.net", true }, { "arnaudfeld.de", true }, { "arnaudminable.net", true }, + { "arnevankauter.com", true }, { "arniescastles.co.uk", true }, { "arno-klein.de", true }, { "arno-klein.eu", true }, @@ -2994,16 +2994,23 @@ static const nsSTSPreload kSTSPreloadList[] = { { "aromacos.ch", true }, { "aron.host", true }, { "aroonchande.com", true }, + { "aros.pl", true }, + { "arose.io", true }, { "arox.eu", true }, + { "arpamip.org", true }, + { "arpnet.co.jp", true }, { "arqueo-ecuatoriana.ec", true }, { "arquitetura.pt", true }, { "arrakis.se", true }, + { "arrazane.com.br", true }, + { "arresttracker.com", true }, { "arrive.by", true }, { "arrmaforum.com", true }, { "arrow-analytics.nl", true }, { "arrow-api.nl", true }, { "arrowfastener.com", true }, { "arrowheadaddict.com", true }, + { "arrowheadflats.com", true }, { "arrowwebprojects.nl", true }, { "arschkrebs.org", true }, { "arswb.men", true }, @@ -3035,11 +3042,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "arthermitage.org", true }, { "arthur.cn", true }, { "arthurlaw.ca", true }, - { "artificial.army", true }, { "artik.cloud", true }, { "artimpact.ch", true }, { "artioml.net", true }, { "artionet.ch", true }, + { "artisan-cheminees-poeles-design.fr", true }, { "artisans-libres.com", true }, { "artisansoftaste.com", true }, { "artistagenda.com", true }, @@ -3054,7 +3061,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "artmarketingnews.com", true }, { "artmaxi.eu", true }, { "artmoney.com", true }, - { "artnims.com", true }, { "artofmonitoring.com", false }, { "artofwhere.com", true }, { "artratio.net", true }, @@ -3063,7 +3069,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "arts.gov", true }, { "artschmidtoptical.com", true }, { "artspac.es", true }, - { "artstopinc.com", true }, + { "arturkohut.com", true }, { "arturrossa.de", true }, { "arturszalak.com", true }, { "artweby.cz", true }, @@ -3091,15 +3097,18 @@ static const nsSTSPreload kSTSPreloadList[] = { { "asanger.biz", true }, { "asato-jewelry.com", true }, { "asbito.de", true }, + { "ascamso.com", true }, { "ascendprime.com", true }, { "ascension.run", true }, { "ascensori.biz", true }, { "ascgathering.com", true }, + { "ascii.moe", true }, { "asciiwwdc.com", true }, { "asd.gov.au", true }, { "asdyx.de", true }, { "asec01.net", true }, { "aseith.com", true }, + { "aseko.gr", true }, { "asenno.com", true }, { "aserver.co", true }, { "asexualitat.cat", true }, @@ -3108,8 +3117,10 @@ static const nsSTSPreload kSTSPreloadList[] = { { "ashd1.goip.de", true }, { "ashd2.goip.de", true }, { "ashd3.goip.de", true }, + { "ashleyedisonuk.com", true }, { "ashlocklawgroup.com", true }, { "ashmportfolio.com", true }, + { "ashutoshmishra.org", true }, { "asia-gazette.com", true }, { "asia-global-risk.com", true }, { "asia.dating", true }, @@ -3120,11 +3131,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "asianshops.net", true }, { "asianspa.co.uk", true }, { "asiba.com.au", true }, - { "asiesvenezuela.com", true }, { "asile-colis.fr", true }, { "asinetasima.com", true }, { "asisee.photography", true }, - { "ask.pe", true }, { "ask1.org", true }, { "askcaisse.com", true }, { "askizzy.org.au", true }, @@ -3137,7 +3146,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "aslinfinity.com", true }, { "asmbsurvey.com", true }, { "asmdz.com", true }, - { "asmik-armenie.com", true }, + { "asmm.cc", true }, { "asmood.net", true }, { "asoul.tw", true }, { "aspargesgaarden.no", true }, @@ -3183,8 +3192,8 @@ static const nsSTSPreload kSTSPreloadList[] = { { "astral.org.pl", true }, { "astrology42.com", true }, { "astroscopy.ch", true }, - { "astrosnail.pt.eu.org", true }, { "astrovandalistas.cc", true }, + { "astural.org", true }, { "astutikhonda.com", true }, { "asuclassfinder.com", true }, { "asucrews.com", true }, @@ -3199,7 +3208,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "at.search.yahoo.com", false }, { "atac.no", true }, { "atacadocervejeiro.com.br", true }, - { "atacadodesandalias.com.br", true }, { "ataton.ch", true }, { "atc.io", true }, { "atchleyjazz.com", true }, @@ -3218,11 +3226,13 @@ static const nsSTSPreload kSTSPreloadList[] = { { "atelierdefrancais.ch", true }, { "atelierdeloulou.fr", true }, { "atelierdesflammesnoires.fr", true }, + { "atelierfantazie.sk", true }, { "atelierhupsakee.nl", true }, { "ateliernaruby.cz", true }, { "ateliers-veronese-nantes.fr", true }, { "atelierssud.ch", true }, { "atelierssud.swiss", true }, + { "atencionbimbo.com", false }, { "atendimentodelta.com.br", true }, { "atg.soy", true }, { "atgoetschel.ch", true }, @@ -3257,7 +3267,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "atlantischild.hu", true }, { "atlantishq.de", true }, { "atlantiswaterproofing.com", true }, - { "atlas.co", true }, { "atlaschiropractic.org", true }, { "atlascultural.com", true }, { "atlasdev.nl", true }, @@ -3282,7 +3291,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "atpnutrition.com", true }, { "atraining.ru", true }, { "atraverscugy.ch", true }, - { "atrevillot.com", true }, { "atrinik.org", true }, { "atsoftware.de", true }, { "attac.us", true }, @@ -3290,6 +3298,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "attendantdesign.com", true }, { "attendu.cz", true }, { "attention.horse", true }, + { "attilagyorffy.com", true }, { "attilavandervelde.nl", true }, { "attinderdhillon.com", true }, { "attitudes-bureaux.fr", true }, @@ -3299,6 +3308,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "atulhost.com", true }, { "atviras.lt", false }, { "atwonline.org", true }, + { "atyourprice.net", true }, { "atypicom.es", true }, { "atypicom.fr", true }, { "atypicom.it", true }, @@ -3332,11 +3342,10 @@ static const nsSTSPreload kSTSPreloadList[] = { { "audisto.com", true }, { "auditmatrix.com", true }, { "auditos.com", true }, + { "audits.io", true }, { "auditsquare.com", true }, { "auerbach-verlag.de", true }, { "auf-feindgebiet.de", true }, - { "aufprise.de", true }, - { "augaware.org", true }, { "augen-seite.de", true }, { "augiero.it", true }, { "augmentable.de", true }, @@ -3364,19 +3373,24 @@ static const nsSTSPreload kSTSPreloadList[] = { { "auroraassociationofrealtors.com", true }, { "aurosa.cz", true }, { "auroware.com", true }, + { "auroz.tech", true }, + { "auroz.video", true }, { "aus-ryugaku.info", true }, { "ausmwoid.de", true }, + { "ausschreibungen-suedtirol.it", true }, { "aussiefunadvisor.com", true }, { "aussieservicedown.com", true }, { "aussiestoresonline.com", true }, { "austin-pearce.com", true }, { "austin-security-cameras.com", true }, { "austincardiac.com", true }, - { "austinheap.com", true }, + { "austinheap.com", false }, + { "austinlockout.com", true }, + { "austintxacrepairtoday.com", true }, + { "austintxlocksmiths.com", true }, { "austinuniversityhouse.com", true }, { "australian.dating", true }, { "australianarmedforces.org", true }, - { "australianimmigrationadvisors.com.au", true }, { "australien-tipps.info", true }, { "austromorph.space", true }, { "auszeit-lanzarote.com", true }, @@ -3387,9 +3401,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "authinity.com", true }, { "author24.biz", true }, { "authoritysolutions.com", true }, - { "authorsguild.in", true }, { "autimatisering.nl", true }, - { "autism-osaka.org", true }, { "auto-anleitung.de", true }, { "auto-motor-i-sport.pl", true }, { "auto-plus.tn", true }, @@ -3397,6 +3409,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "auto.nl", true }, { "autoauctionsohio.com", true }, { "autoauctionsvirginia.com", true }, + { "autobahnco.com", true }, { "autobedrijfgarant.nl", true }, { "autobelle.it", true }, { "autobourcier.com", true }, @@ -3407,6 +3420,10 @@ static const nsSTSPreload kSTSPreloadList[] = { { "autocrypt.org", true }, { "autod.hu", true }, { "autodalmacija.com", true }, + { "autodidactic.ai", true }, + { "autodidacticstudios.com", true }, + { "autodidacticstudios.net", true }, + { "autodidacticstudios.org", true }, { "autoentrepreneurinfo.com", true }, { "autoepc.ro", true }, { "autoinsurancehavasu.com", true }, @@ -3428,6 +3445,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "autorando.com", true }, { "autoschadeschreuder.nl", true }, { "autoscuola.roma.it", true }, + { "autosecurityfinance.com", true }, { "autoshinka72.ru", true }, { "autoshopsolutions.com", true }, { "autoshun.org", true }, @@ -3440,12 +3458,13 @@ static const nsSTSPreload kSTSPreloadList[] = { { "autoterminus-used.be", true }, { "autoverzekeringafsluiten.com", true }, { "autowerkstatt-puchheim.de", true }, + { "autozane.com", true }, { "autres-talents.fr", true }, { "auux.com", true }, + { "auvernet.org", true }, { "aux-arts-de-la-table.com", true }, { "auxquatrevents.ch", true }, { "av-yummy.com", true }, - { "av01.tv", true }, { "av0ndale.de", true }, { "ava-creative.de", false }, { "ava-software.at", true }, @@ -3453,6 +3472,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "avabouncehire.co.uk", true }, { "avacariu.me", true }, { "availablecastles.com", true }, + { "avalon-island.ru", true }, { "avalon-rpg.com", true }, { "avalon-studios.de", true }, { "avanet.ch", true }, @@ -3481,12 +3501,12 @@ static const nsSTSPreload kSTSPreloadList[] = { { "aviapoisk.kz", true }, { "aviationstrategy.aero", true }, { "avid.blue", true }, + { "avidmode-dev.com", true }, + { "avidmode-staging.com", true }, + { "avidmode.com", true }, { "avietech.com", true }, - { "avitres.com", true }, { "aviv.nyc", true }, { "avlhostel.com", true }, - { "avmemo.com", true }, - { "avmoo.com", true }, { "avnet.ws", true }, { "avocadooo.stream", true }, { "avocatbeziau.com", true }, @@ -3508,7 +3528,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "awaresec.no", true }, { "awaro.net", true }, { "awbouncycastlehire.com", true }, - { "awccanadianpharmacy.com", true }, { "awen.me", true }, { "awesomebouncycastles.co.uk", true }, { "awesomesit.es", true }, @@ -3522,7 +3541,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "awsome-books.co.uk", true }, { "awxg.com", true }, { "ax25.org", true }, - { "axa-middleeast.com", true }, { "axchap.ir", true }, { "axelname.ru", true }, { "axelteichmann.net", true }, @@ -3532,12 +3550,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "axiomer.me", true }, { "axiomer.net", true }, { "axiomer.org", true }, + { "axis-stralis.co.uk", true }, + { "axisfleetmanagement.co.uk", true }, { "axka.com", false }, - { "axolotlfarm.org", true }, { "axonholdingse.eu", true }, { "axrec.de", true }, - { "axtudo.com", true }, - { "axtux.tk", true }, { "ayanomimi.com", true }, { "aycomba.de", true }, { "ayesh.me", true }, @@ -3545,19 +3562,21 @@ static const nsSTSPreload kSTSPreloadList[] = { { "aykutcevik.com", true }, { "aylak.com", true }, { "aylesburycastlehire.co.uk", true }, - { "aymericlagier.com", true }, + { "aymerick.fr", true }, { "ayon.group", true }, { "ayothemes.com", true }, { "ayrohq.com", true }, { "ayrshirebouncycastlehire.co.uk", true }, { "ayumindev.net", true }, { "ayurveda-mantry.com", true }, + { "az-moga.bg", true }, { "az.search.yahoo.com", false }, + { "azabani.com", true }, { "azadliq.info", true }, { "azazy.net", false }, { "azgfd.com", true }, - { "azia.info", true }, { "azimut.fr", true }, + { "azizfirat.com", true }, { "azlk-team.ru", true }, { "azort.com", true }, { "azrazalea.net", true }, @@ -3566,12 +3585,15 @@ static const nsSTSPreload kSTSPreloadList[] = { { "aztrix.me", true }, { "azu-l.com", true }, { "azu-l.jp", true }, - { "azun.pl", true }, - { "azuxul.fr", true }, + { "azuki.cloud", true }, + { "azurecrimson.com", true }, + { "azuriasky.com", true }, + { "azuriasky.net", true }, { "azzag.co.uk", true }, { "azzorti.com", true }, { "azzurrapelletterie.it", true }, { "b-b-law.com", true }, + { "b-boom.nl", true }, { "b-cyclesshop.ch", true }, { "b-f-s.pl", true }, { "b-freerobux.ga", true }, @@ -3595,7 +3617,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "b1rd.tk", true }, { "b2486.com", true }, { "b2486.net", true }, - { "b2and.com", false }, { "b2bmuzikbank.com", true }, { "b303.me", true }, { "b422edu.com", true }, @@ -3609,7 +3630,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "b5289.net", true }, { "b5989.com", true }, { "b5989.net", true }, - { "b61688.com", true }, { "b64.club", true }, { "b72.com", true }, { "b72.net", true }, @@ -3676,7 +3696,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "b9883.net", true }, { "b9884.net", true }, { "b9885.net", true }, - { "b9886.com", true }, { "b9886.net", true }, { "b9887.net", true }, { "b9888.net", true }, @@ -3684,12 +3703,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "b9920.com", true }, { "b9948.com", true }, { "b9948.net", true }, - { "b99520.com", true }, { "b9960.com", true }, - { "b99881.com", true }, - { "b99882.com", true }, - { "b99883.com", true }, - { "b99885.com", true }, { "b99886.com", true }, { "b9best.cc", true }, { "b9best.net", true }, @@ -3705,18 +3719,20 @@ static const nsSTSPreload kSTSPreloadList[] = { { "babarkata.com", true }, { "babeleo.com", true }, { "baby-digne.com", true }, + { "baby-fotografie-muenchen.de", true }, + { "babybauch-shooting-muenchen.de", true }, { "babyboom.pl", true }, { "babycamapp.com", true }, { "babyfotograf-schweiz.ch", true }, { "babymasaze.cz", true }, { "babyphototime.com", true }, { "babypibu.com", true }, + { "babyshoprimini.com", true }, { "bacgrouppublishing.com", true }, { "bachata.info", true }, { "baches-piscines.com", true }, { "baciu.ch", true }, { "backeby.eu", true }, - { "backlogapp.io", true }, { "backmountaingas.com", true }, { "backpacken.org", true }, { "backpacker.dating", true }, @@ -3727,11 +3743,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "backterris.com", true }, { "backtest.org", true }, { "backupcloud.ru", true }, - { "backupsinop.com.br", true }, { "bacon-monitoring.org", true }, { "baconismagic.ca", true }, { "bacontreeconsulting.com", true }, { "bacoux.com", true }, + { "bacsituvansuckhoe.com", true }, { "bacula.jp", true }, { "bad.horse", true }, { "bad.pet", true }, @@ -3740,14 +3756,17 @@ static const nsSTSPreload kSTSPreloadList[] = { { "badblock.fr", true }, { "badboyzclub.de", true }, { "badf00d.de", true }, + { "badgersystems.de", true }, { "badges.fedoraproject.org", true }, { "badges.stg.fedoraproject.org", true }, { "badgesenpatches.nl", true }, - { "badgirlsbible.com", true }, { "badhusky.com", true }, { "badmania.fr", true }, { "badmintonbible.com", true }, { "badoo.com", true }, + { "badoo.de", true }, + { "badoo.eu", true }, + { "badoo.us", true }, { "badpackets.net", true }, { "badrequest.me", true }, { "badseacoffee.com", true }, @@ -3768,8 +3787,12 @@ static const nsSTSPreload kSTSPreloadList[] = { { "bagstage.de", true }, { "bah.im", false }, { "bahnbonus-praemienwelt.de", true }, + { "bahnenimbild.de", true }, + { "bahnenimbild.eu", true }, { "bahnhelden.de", true }, { "bahninrotweissrot.at", true }, + { "bahnmagazine.de", true }, + { "baiduo.com", true }, { "baifubao.com", true }, { "baiker.info", true }, { "bailakomigo.com.br", true }, @@ -3800,63 +3823,62 @@ static const nsSTSPreload kSTSPreloadList[] = { { "balconnr.com", true }, { "balconsverdun.com", true }, { "baldur.cc", true }, - { "balenciaspa.com", true }, { "balia.de", true }, { "balicekzdravi.cz", true }, + { "balidesignshop.com.br", true }, { "balikonos.cz", true }, - { "balilingo.ooo", true }, { "balinese.dating", true }, { "balist.es", true }, { "balivillassanur.com", true }, { "balkonien.org", true }, { "ball.holdings", true }, + { "ball3d.es", true }, { "ballarin.cc", true }, - { "ballbusting-cbt.com", true }, { "ballejaune.com", true }, { "ballinarsl.com.au", true }, + { "ballitolocksmith.com", true }, { "ballmerpeak.org", true }, { "ballonsportclub-erlangen.de", true }, { "ballotapi.com", true }, { "ballothero.com", true }, + { "ballparkbuns.com", false }, { "ballroom.info", true }, { "balslev.io", true }, - { "balticer.de", true }, { "balticnetworks.com", true }, { "bamahammer.com", true }, { "bambooforest.nl", true }, { "bamboorelay.com", true }, { "bambumania.com.br", true }, + { "bamily.rocks", true }, + { "bananavapes.com", true }, { "banburybid.com", true }, { "bancacrs.it", true }, { "bancaolhares.com.br", true }, { "bancobai.ao", true }, { "bancoctt.pt", true }, - { "bandar303.id", true }, - { "bandar303.win", true }, { "bandeira1.com.br", true }, { "bandgap.io", true }, { "bandiga.it", true }, { "bandito.re", true }, { "banes.ch", true }, - { "bangdream.ga", true }, { "bangkok-dark-night.com", true }, { "bangkok.dating", true }, { "bangkokcity.de", true }, - { "bangorfederal.com", true }, + { "bangorfederal.com", false }, { "bangumi.co", true }, + { "banham.co.uk", true }, + { "banham.com", true }, { "bank.simple.com", false }, { "bankbranchlocator.com", true }, { "bankcardoffer.com", true }, { "bankee.us", true }, { "bankerbuch.de", true }, - { "bankersonline.com", true }, { "banketbesteld.nl", true }, { "bankfreeoffers.com", true }, { "bankgradesecurity.com", true }, { "bankin.com", true }, { "bankinter.pt", true }, { "bankio.se", true }, - { "bankitt.network", true }, { "banknet.gov", true }, { "bankofdenton.com", true }, { "banksiaparkcottages.com.au", true }, @@ -3868,14 +3890,12 @@ static const nsSTSPreload kSTSPreloadList[] = { { "banoviny.sk", true }, { "banquevanbreda.be", true }, { "banter.city", true }, - { "banxehoi.com", true }, { "bao-in.com", true }, { "bao-in.net", true }, { "baobeiglass.com", true }, { "baodan666.com", true }, { "baofengtech.com", true }, { "baopublishing.it", true }, - { "baptistboard.com", true }, { "baptistedeleris.fr", true }, { "bar-harcourt.com", true }, { "barabrume.fr", true }, @@ -3885,25 +3905,27 @@ static const nsSTSPreload kSTSPreloadList[] = { { "barbarians.com", false }, { "barbaros.info", true }, { "barbate.fr", true }, + { "barbershop-harmony.org", true }, + { "barbershop-lasvillas.com", true }, { "barbu.family", true }, { "barburas.com", true }, { "barcamp.koeln", true }, + { "barcel.com.mx", true }, { "barclays.net", true }, { "barcodeberlin.com", true }, { "barcoderealty.com", true }, - { "bardiel.de", true }, { "bardiharborow.tk", true }, + { "baresquare.com", true }, { "barf-alarm.de", true }, { "baripedia.org", true }, { "baris-sagdic.com", true }, { "bariseau-mottrie.be", true }, - { "barisi.me", true }, { "bariskaragoz.nl", true }, + { "baristador.com", true }, { "barkerjr.xyz", true }, { "barlotta.net", true }, { "barnabycolby.io", true }, { "barnel.com", true }, - { "barnrats.com", true }, { "barpodsosnami.pl", true }, { "barracuda.com.tr", true }, { "barrera.io", true }, @@ -3917,15 +3939,14 @@ static const nsSTSPreload kSTSPreloadList[] = { { "bart-f.com", true }, { "barta.me", true }, { "bartel.ws", true }, - { "bartelldrugs.com", true }, { "bartelt.name", true }, { "barthonia-showroom.de", true }, { "bartlamboo.nl", true }, + { "bartolomebellido.com", true }, { "bartula.de", true }, { "bartzutow.xyz", true }, { "baruch.me", true }, { "bas.co.jp", true }, - { "bascht.com", true }, { "base-autonome-durable.com", true }, { "baseballrampage.com", true }, { "baseballsavings.com", true }, @@ -3937,15 +3958,16 @@ static const nsSTSPreload kSTSPreloadList[] = { { "basementdoctor.com", true }, { "basementdoctornorthwest.com", true }, { "basementfinishingohio.com", true }, + { "basercap.co.ke", true }, { "bashstreetband.co.uk", true }, { "basicapparel.de", true }, { "basicattentiontoken.org", true }, { "basilicaknights.org", true }, - { "basilm.co", true }, { "basketball-brannenburg.de", true }, { "basketsbymaurice.com", false }, { "basnoslovno.com.ua", false }, { "basnoslovno.ru", true }, + { "basonlinemarketing.nl", true }, { "bass-pro.ru", true }, { "bassblog.net", true }, { "bassment.ph", true }, @@ -3974,7 +3996,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "batonger.com", true }, { "batook.org", true }, { "batschu.de", true }, - { "batten.eu.org", true }, { "batteryservice.ru", false }, { "batterystaple.pw", true }, { "battle-game.com", true }, @@ -3991,6 +4012,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "bauthier-occasions.be", true }, { "bautied.de", true }, { "bauunternehmen-herr.de", true }, + { "bauwens.cloud", true }, { "bayareaenergyevents.com", true }, { "baychimo.com", true }, { "bayden.com", true }, @@ -4000,17 +4022,18 @@ static const nsSTSPreload kSTSPreloadList[] = { { "bayerhazard.de", true }, { "bayerstefan.com", true }, { "bayerstefan.de", true }, - { "bayerstefan.eu", true }, { "bayherbalist.com", true }, { "bayilelakiku.com", true }, { "bayly.eu", true }, { "baymard.com", true }, + { "baytalebaa.com", true }, { "baywatch.io", true }, { "bayz.de", true }, { "bazaarcompass.com", true }, { "bazdell.com", false }, { "bazos.at", true }, { "bazos.cz", true }, + { "bazos.pl", true }, { "bazos.sk", true }, { "bazziergraphik.com", true }, { "bb1718.net", true }, @@ -4019,8 +4042,8 @@ static const nsSTSPreload kSTSPreloadList[] = { { "bbcastles.com", true }, { "bbgeschenke.ch", true }, { "bbimarketing.com", true }, - { "bbj.io", true }, { "bbka.org.uk", true }, + { "bbkaforum.co.uk", true }, { "bbkworldwide.jp", true }, { "bblove.me", true }, { "bblsa.ch", true }, @@ -4028,6 +4051,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "bbnx.net", true }, { "bbswin9.cc", true }, { "bbswin9.com", true }, + { "bbuio.com", false }, { "bbw.dating", true }, { "bbwcs.co.uk", true }, { "bbxin9.com", true }, @@ -4035,6 +4059,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "bc-bd.org", false }, { "bc-diffusion.com", true }, { "bc-personal.ch", true }, + { "bc416.com", true }, + { "bc418.com", true }, + { "bc419.com", true }, { "bcansw.com.au", true }, { "bcbulle.ch", true }, { "bcdonadio.com", true }, @@ -4053,14 +4080,13 @@ static const nsSTSPreload kSTSPreloadList[] = { { "bcmhire.co.uk", true }, { "bcmlu.org", true }, { "bcnet.com.hk", true }, - { "bcodeur.com", true }, { "bcpc-ccgpfcheminots.com", true }, { "bcrook.com", true }, + { "bcs.adv.br", true }, { "bcswampcabins.com", true }, { "bcvps.com", true }, { "bd2positivo.com", true }, { "bda-boulevarddesairs.com", true }, - { "bdata.cl", true }, { "bdd.fi", true }, { "bdikaros-network.net", true }, { "bdpachicago.tech", true }, @@ -4083,7 +4109,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "be958.info", true }, { "be958.net", true }, { "be958.org", true }, - { "be9966.com", true }, + { "beacham.online", true }, { "beachfutbolclub.com", true }, { "beacinsight.com", true }, { "beadare.com", true }, @@ -4095,6 +4121,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "beans-one.com", false }, { "bearcosports.com.br", true }, { "bearded.sexy", true }, + { "beardic.cn", true }, { "bearingworks.com", true }, { "beastowner.li", true }, { "beatfeld.de", true }, @@ -4106,7 +4133,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "beauty24.de", true }, { "beautybear.dk", true }, { "beautyby.tv", true }, - { "beautyconcept.co", false }, { "beautyevent.fr", true }, { "beautykat.ru", true }, { "bebef.de", true }, @@ -4115,6 +4141,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "bebest.gov", false }, { "bebetrotteur.com", true }, { "bebout.domains", true }, + { "bebout.pw", true }, { "beckenhamcastles.co.uk", true }, { "beckerantiques.com", false }, { "beckon.com", true }, @@ -4129,7 +4156,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "bedfordnissanparts.com", true }, { "bedlingtonterrier.com.br", true }, { "bednar.co", true }, - { "bedouille.com", true }, { "bedrocklinux.org", true }, { "bedste10.dk", true }, { "bee-creative.nl", true }, @@ -4153,8 +4179,8 @@ static const nsSTSPreload kSTSPreloadList[] = { { "beekeeping.clothing", true }, { "beekeeping.tools", true }, { "beeksnetwork.nl", true }, - { "beelen.fr", true }, { "beelit.com", true }, + { "beeming.net", true }, { "beercandle.com", true }, { "beergazetteer.com", true }, { "beerians.com", true }, @@ -4163,7 +4189,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "beerjet.ro", true }, { "beerjet.sk", true }, { "beerjetcz.cz", true }, - { "beermedlar.com", true }, + { "beerly.eu", true }, { "beerradar.no", true }, { "beerradar.party", true }, { "beersconf.com", true }, @@ -4234,8 +4260,10 @@ static const nsSTSPreload kSTSPreloadList[] = { { "belvoirbouncycastles.co.uk", true }, { "bely-mishka.by", true }, { "belyvly.com", true }, + { "bemindly.com", true }, { "bemsoft.pl", true }, { "ben-energy.com", false }, + { "ben-jarvis.co.uk", true }, { "ben-stock.de", true }, { "ben.ninja", true }, { "ben2.co.il", true }, @@ -4259,14 +4287,12 @@ static const nsSTSPreload kSTSPreloadList[] = { { "benepiscinas.com.br", true }, { "beneri.se", true }, { "benevita.bio", true }, - { "benevita.life", true }, - { "benevita.live", true }, - { "benevita.organic", true }, { "bengalurugifts.com", true }, { "bengisureklam.com", true }, { "benhaney.com", true }, { "benhartmann.de", true }, { "benhavenarchives.org", true }, + { "benjamin-hering.com", true }, { "benjamin.pe", true }, { "benjaminblack.net", true }, { "benjamindietrich.com", true }, @@ -4309,11 +4335,10 @@ static const nsSTSPreload kSTSPreloadList[] = { { "bequiia.com", true }, { "beranovi.com", true }, { "berasavocate.com", true }, - { "beraten-entwickeln-steuern.de", true }, { "berdaguermontes.eu", false }, + { "beretech.fr", true }, { "bergenhave.nl", true }, { "bergevoet-fa.nl", true }, - { "bergfex.at", true }, { "bergfreunde.de", true }, { "bergfreunde.dk", true }, { "bergfreunde.es", true }, @@ -4324,9 +4349,18 @@ static const nsSTSPreload kSTSPreloadList[] = { { "bergfreunde.no", true }, { "bergfreunde.se", true }, { "berglust-pur.de", true }, - { "bergstoneware.com", true }, + { "bergmann-fotografin-berlin.de", true }, + { "bergmann-fotografin-dortmund.de", true }, + { "bergmann-fotografin-duesseldorf.de", true }, + { "bergmann-fotografin-essen.de", true }, + { "bergmann-fotografin-frankfurt.de", true }, + { "bergmann-fotografin-hamburg.de", true }, + { "bergmann-fotografin-koeln.de", true }, + { "bergmann-fotografin-muenchen.de", true }, + { "bergmann-fotografin-stuttgart.de", true }, { "berichtsheft-vorlage.de", true }, { "berikod.ru", true }, + { "berliancom.com", false }, { "berlin-flirt.de", true }, { "berlin.dating", true }, { "bermeitinger.eu", true }, @@ -4346,9 +4380,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "bernhardluginbuehl.com", true }, { "bernieware.de", true }, { "berodes.be", true }, + { "berr.yt", true }, { "berra.se", true }, { "berruezoabogados.com", true }, { "berrus.com", true }, + { "berry.cat", true }, { "berrypay.com", true }, { "bersierservices.ch", true }, { "bersotavocats.fr", true }, @@ -4387,6 +4423,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "bestbridal.top", true }, { "bestbyte.com.br", true }, { "bestcellular.com", false }, + { "bestdating.today", true }, { "bestemailmarketingsoftware.org", true }, { "bestesb.com", true }, { "bestesb.net", true }, @@ -4395,17 +4432,21 @@ static const nsSTSPreload kSTSPreloadList[] = { { "bestfriendsequality.org", true }, { "bestgiftever.ca", true }, { "bestgifts4you.com", true }, + { "bestiahosting.com", true }, { "bestinductioncooktop.us", true }, + { "bestjumptrampolines.be", true }, { "bestlashesandbrows.com", true }, { "bestlashesandbrows.hu", true }, { "bestmotherfucking.website", true }, { "bestoffert.club", true }, { "bestoliveoils.com", true }, + { "bestparking.xyz", true }, { "bestpartyhire.com", true }, { "bestperfumebrands.com", true }, + { "bestpig.fr", true }, + { "bestschools.io", true }, { "bestseries.tv", true }, { "bestshoesmix.com", true }, - { "bestwarezone.com", true }, { "bestwebsite.gallery", true }, { "bet-99.cc", true }, { "bet-99.com", true }, @@ -4413,11 +4454,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "bet168wy.com", true }, { "bet168wy.net", true }, { "bet909.com", true }, - { "bet990.com", true }, { "bet9bet9.net", true }, { "betacavi.com", true }, { "betacloud.io", true }, { "betalenviainternet.nl", true }, + { "betaprofiles.com", true }, { "betaworx.de", true }, { "betaworx.eu", true }, { "betecnet.de", true }, @@ -4428,7 +4469,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "betpamm.com", true }, { "betrallyarabia.com", true }, { "betseybuckheit.com", true }, - { "betshoot.com", true }, { "betsyshilling.com", true }, { "bett1.de", true }, { "better-bounce.co.uk", true }, @@ -4438,10 +4478,14 @@ static const nsSTSPreload kSTSPreloadList[] = { { "betterconsult.com", true }, { "bettercrypto.org", true }, { "betterhelp.com", true }, + { "betterjapanese.blog", true }, + { "betterjapanese.com", true }, { "betterjapanese.org", true }, + { "betterjapanese.xyz", true }, { "betterna.me", true }, { "betterscience.org", true }, { "bettertechinterviews.com", true }, + { "bettertest.it", true }, { "betterweb.fr", true }, { "betterworldinternational.org", true }, { "bettflaschen.ch", true }, @@ -4465,17 +4509,15 @@ static const nsSTSPreload kSTSPreloadList[] = { { "bevinco2020.com", true }, { "bevinsco.org", true }, { "bevnut.com", true }, - { "bewegungsfluss.com", true }, + { "bewegungsfluss.com", false }, { "bewerbungsfoto-deinfoto.ch", true }, - { "bewertet.de", true }, { "bewonderen.com", true }, { "bexit.nl", true }, { "bexithosting.nl", true }, { "bexleycastles.co.uk", true }, { "beybiz.com", true }, { "beylikduzuvaillant.com", true }, - { "beyond-infinity.org", true }, - { "beyond-rational.com", true }, + { "beyond-infinity.org", false }, { "beyondalderaan.net", true }, { "beyondbounce.co.uk", true }, { "beyondpricing.com", true }, @@ -4502,9 +4544,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "bg-sexologia.com", true }, { "bg16.de", true }, { "bgbhsf.top", true }, - { "bgenlisted.com", true }, { "bgeo.io", true }, - { "bgfashion.net", true }, { "bgfoto.info", true }, { "bghost.xyz", true }, { "bgkoleda.bg", true }, @@ -4513,6 +4553,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "bgr34.cz", true }, { "bgtgames.com", true }, { "bgtoyou.com", true }, + { "bgwfans.com", true }, { "bh-oberland.de", true }, { "bh.sb", true }, { "bharath-g.in", true }, @@ -4523,13 +4564,13 @@ static const nsSTSPreload kSTSPreloadList[] = { { "bhuntr.com", true }, { "bi.search.yahoo.com", false }, { "biaggeo.com", true }, + { "biancolievito.it", true }, { "biano-ai.com", true }, { "biasmath.es", true }, { "biathloncup.ru", true }, { "bible-maroc.com", true }, { "bible.ru", true }, { "bibleonline.ru", true }, - { "bibliafeminina.com.br", true }, { "bibliaon.com", true }, { "biblio.wiki", true }, { "biblioblog.fr", true }, @@ -4540,11 +4581,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "bibuch.com", true }, { "bicecontracting.com", true }, { "bicha.net", true }, - { "bichines.es", true }, { "bicranial.io", true }, { "bicycle-events.com", true }, { "biddl.com", true }, - { "bidorbuy.co.ke", true }, { "bidu.com.br", true }, { "bie.edu", false }, { "biegner-technik.de", true }, @@ -4554,11 +4593,14 @@ static const nsSTSPreload kSTSPreloadList[] = { { "bienici.com", true }, { "bienoubien.org", true }, { "biensenvue.com", true }, + { "bienstar.tv", true }, { "bierbaumer.net", true }, { "biergaizi.info", true }, { "bieser.ch", true }, { "biester.pro", true }, + { "bieumau.net", true }, { "bifrost.cz", true }, + { "biftin.net", true }, { "big-andy.co.uk", true }, { "big-bounce.co.uk", true }, { "big-fluglaerm-hamburg.de", true }, @@ -4570,16 +4612,15 @@ static const nsSTSPreload kSTSPreloadList[] = { { "bigcakes.dk", true }, { "bigclassaction.com", true }, { "bigdinosaur.org", true }, - { "bigfunbouncycastles.com", true }, { "biggreenexchange.com", true }, { "bigio.com.br", true }, { "bigjohn.ru", true }, + { "bignumworks.com", true }, { "bigshort.org", true }, { "bigsisterchannel.com", true }, { "bigskymontanalandforsale.com", true }, { "bihub.io", true }, { "biilo.com", true }, - { "bijoux.com.br", true }, { "bijouxbrasil.com.br", true }, { "bijouxcherie.com", true }, { "bijuteriicualint.ro", true }, @@ -4608,12 +4649,13 @@ static const nsSTSPreload kSTSPreloadList[] = { { "bilibili.red", true }, { "bilimoe.com", true }, { "bilke.org", true }, - { "billaud.eu.org", true }, { "billgoldstein.name", true }, { "billhartzer.com", true }, { "billiger-mietwagen.de", true }, { "billigerfinder.de", true }, { "billigpoker.dk", true }, + { "billin.net", true }, + { "billionaire365.com", true }, { "billionairemailinglist.com", false }, { "billionkiaparts.com", true }, { "billogram.com", true }, @@ -4627,6 +4669,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "biloplysninger.dk", true }, { "bilsho.com", true }, { "biltullen.com", true }, + { "bimbo.com", false }, + { "bimbo.com.ar", false }, + { "bimbobakeriesusa.com", false }, { "bimmerlabs.com", true }, { "bin95.com", true }, { "bina.az", true }, @@ -4637,12 +4682,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "binans.net", true }, { "binans.xyz", true }, { "binarization.com", true }, - { "binarization.net", true }, - { "binarization.org", true }, { "binaryapparatus.com", true }, { "binaryappdev.com", true }, { "binarycreations.scot", true }, { "binarydream.fi", true }, + { "binaryevolved.com", true }, { "binaryrebel.net", true }, { "binarystud.io", true }, { "binbin9.com", true }, @@ -4651,11 +4695,10 @@ static const nsSTSPreload kSTSPreloadList[] = { { "binfind.com", true }, { "bing.com", true }, { "bingobank.org", true }, - { "bingostars.com", true }, { "binhex.net", true }, { "binkanhada.biz", true }, { "binkconsulting.be", true }, - { "binsp.net", true }, + { "binnenmeer.de", true }, { "binti.com", true }, { "bintooshoots.com", true }, { "bio-disinfestazione.it", true }, @@ -4681,11 +4724,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "biohappiness.com", true }, { "bioharmony.ca", true }, { "biointelligence-explosion.com", true }, + { "bioknowme.com", true }, { "bioligo.ch", true }, - { "biomax-mep.com.br", true }, + { "biomasscore.com", true }, { "biometrics.es", true }, { "biomodra.cz", true }, - { "biopreferred.gov", true }, { "biopsychiatry.com", true }, { "bioresonanz-ibiza.com", true }, { "biosafe.ch", true }, @@ -4700,7 +4743,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "birchbarkfurniture.ch", true }, { "birchbarkfurniture.com", true }, { "birchbarkfurniture.fr", true }, - { "birdandbranchnyc.com", true }, { "birdbrowser.com", true }, { "birdfeeder.online", true }, { "birdiehosting.nl", true }, @@ -4709,13 +4751,13 @@ static const nsSTSPreload kSTSPreloadList[] = { { "birgerschwarz.de", true }, { "birgit-rydlewski.de", true }, { "birgitandmerlin.com", true }, - { "birkengarten.ch", true }, { "birkenstab.de", true }, - { "birkhoff.me", false }, + { "birkhoff.me", true }, { "birminghamcastlehire.co.uk", true }, { "birminghamsunset.com", true }, { "birthdaytip.com", true }, { "birthmatters.us", true }, + { "birthright.website", true }, { "birzan.org", true }, { "bisa-sis.net", true }, { "biscoint.io", true }, @@ -4729,11 +4771,13 @@ static const nsSTSPreload kSTSPreloadList[] = { { "bit-cloud.de", true }, { "bit-rapid.com", true }, { "bit-sentinel.com", true }, + { "bit-service-aalter.be", true }, + { "bit.biz.tr", true }, { "bit.voyage", true }, { "bit8.com", true }, - { "bitace.com", true }, { "bitbank.cc", true }, { "bitbeans.de", true }, + { "bitbox.me", true }, { "bitbucket.com", true }, { "bitbucket.io", true }, { "bitbucket.org", true }, @@ -4746,7 +4790,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "bitcoin.asia", true }, { "bitcoin.ch", true }, { "bitcoin.co.nz", true }, - { "bitcoin.com", true }, { "bitcoin.de", true }, { "bitcoin.im", true }, { "bitcoin.info", true }, @@ -4755,7 +4798,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "bitcoinbitcoin.com", true }, { "bitcoinclashic.ninja", true }, { "bitcoincore.org", true }, - { "bitcoinfo.jp", false }, { "bitcoinindia.com", true }, { "bitcoinkarlsruhe.de", true }, { "bitcoinrealestate.com.au", true }, @@ -4763,7 +4805,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "bitcoinwalletscript.tk", true }, { "bitcoinx.gr", true }, { "bitcoinx.ro", true }, - { "bitedge.com", true }, { "bitenose.com", true }, { "bitex.la", true }, { "bitfasching.de", false }, @@ -4776,6 +4817,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "bithap.com", true }, { "bithir.co.uk", true }, { "bititrain.com", true }, + { "bitk.co", true }, + { "bitk.co.uk", true }, + { "bitk.eu", true }, { "bitk.uk", true }, { "bitlish.com", true }, { "bitlo.com", true }, @@ -4783,25 +4827,20 @@ static const nsSTSPreload kSTSPreloadList[] = { { "bitlo.io", true }, { "bitlo.org", true }, { "bitmainwarranty.com", true }, - { "bitmainwarranty.com.ua", true }, - { "bitmainwarranty.ru", true }, { "bitmarket.net", true }, { "bitmarket.pl", true }, { "bitmessage.ch", true }, - { "bitmex.com", true }, { "bitmidi.com", true }, { "bitminter.com", true }, - { "bitmon.net", true }, + { "bitmoe.com", true }, { "bitok.com", true }, - { "bitpoll.de", true }, - { "bitpoll.org", true }, { "bitpumpe.net", true }, { "bitref.com", true }, - { "bitroll.com", true }, { "bitrush.nl", true }, { "bitsafe.com.my", true }, { "bitsburg.ru", true }, { "bitshaker.net", true }, + { "bitskins.co", true }, { "bitskrieg.net", true }, { "bitstorm.nl", true }, { "bitstorm.org", true }, @@ -4810,8 +4849,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "bitten.pw", true }, { "bittersweetcandybowl.com", true }, { "bittylicious.com", true }, - { "bituptick.com", true }, - { "bitvegas.com", true }, { "bitvest.io", true }, { "bitwolk.nl", true }, { "bitxel.com.co", true }, @@ -4827,12 +4864,14 @@ static const nsSTSPreload kSTSPreloadList[] = { { "bizstarter.cz", true }, { "biztera.com", true }, { "biztok.eu", true }, + { "biztouch.work", true }, { "bizzi.tv", true }, { "bjarnerest.de", true }, { "bjl5689.com", true }, { "bjl5689.net", true }, { "bjornhelmersson.se", true }, { "bjornjohansen.no", true }, + { "bjrn.io", true }, { "bjs.gov", true }, { "bjsbouncycastles.com", true }, { "bkentertainments.co.uk", true }, @@ -4866,9 +4905,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "blablacar.ro", true }, { "blablacar.rs", true }, { "blablacar.ru", true }, - { "black-gay-porn.biz", true }, { "black-khat.com", true }, { "black-mail.nl", true }, + { "black-pool.net", true }, { "black-raven.fr", true }, { "black.dating", true }, { "black.host", true }, @@ -4893,12 +4932,10 @@ static const nsSTSPreload kSTSPreloadList[] = { { "blackhat.dk", true }, { "blackhelicopters.net", true }, { "blackhillsinfosec.com", true }, - { "blackilli.de", true }, { "blackislegroup.com", true }, - { "blackkeg.ca", true }, { "blackl.net", true }, + { "blackmonday.gr", true }, { "blacknetwork.eu", true }, - { "blacknova.io", true }, { "blackonion.com", true }, { "blackpapermoon.de", true }, { "blackphoenix.de", true }, @@ -4909,9 +4946,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "blaise.io", true }, { "blakecoin.org", true }, { "blakekhan.com", true }, + { "blameomar.com", true }, { "blancodent.com", true }, { "blankersfamily.com", true }, { "blanket.technology", true }, + { "blantr.com", true }, { "blasorchester-runkel.de", true }, { "blastentertainment.com.au", true }, { "blastersklan.com", true }, @@ -4933,6 +4972,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "blendle.com", true }, { "blendle.nl", true }, { "blendr.com", true }, + { "blenheimears.com", true }, { "blenneros.net", false }, { "blessedearth.com.au", true }, { "blessedguy.com", true }, @@ -4941,9 +4981,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "blichmann.eu", true }, { "blidz.com", true }, { "blieque.co.uk", true }, + { "bliesekow.net", true }, { "blikk.no", true }, { "blikund.swedbank.se", true }, { "blindpigandtheacorn.com", true }, + { "blinds-unlimited.com", true }, { "bling9.com", true }, { "bling999.cc", true }, { "bling999.com", true }, @@ -4970,9 +5012,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "block65.com", true }, { "blockchain.com", true }, { "blockchain.info", true }, - { "blockchainced.com", true }, { "blockchaindaigakko.jp", true }, { "blockchainwhiz.com", true }, + { "blockcheck.network", true }, { "blockedyourcar.com", true }, { "blockedyourcar.net", true }, { "blockedyourcar.org", true }, @@ -4987,9 +5029,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "blog.linode.com", false }, { "blog.lookout.com", false }, { "blogaid.net", true }, + { "blogarts.net", true }, { "blogbooker.com", true }, { "blogconcours.net", true }, { "blogcuaviet.com", true }, + { "blogdelosjuguetes.com", true }, { "blogdeyugioh.com", true }, { "blogexpert.ca", true }, { "bloggermumofthreeboys.com", true }, @@ -5011,8 +5055,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "bltc.org", true }, { "bltc.org.uk", true }, { "bltdirect.com", true }, - { "blubberladen.de", true }, { "bludnykoren.ml", true }, + { "blue-gmbh-erfahrungen.de", true }, + { "blue-gmbh.de", true }, { "blue-leaf81.net", true }, { "blue42.net", true }, { "blueblou.com", true }, @@ -5022,17 +5067,19 @@ static const nsSTSPreload kSTSPreloadList[] = { { "bluecon.ninja", true }, { "bluecrazii.nl", true }, { "blued.moe", true }, + { "bluedata.ltd", true }, { "bluedeck.org", true }, - { "bluefinger.nl", true }, { "blueflare.org", true }, { "bluefrag.com", true }, { "bluefuzz.nl", true }, + { "bluehelixmusic.com", true }, { "blueimp.net", true }, { "blueliquiddesigns.com.au", true }, { "bluemeda.web.id", true }, - { "bluemoonroleplaying.com", true }, + { "bluemosh.com", true }, { "bluemtnrentalmanagement.ca", true }, { "bluenote9.com", true }, + { "blueoakart.com", true }, { "bluepearl.tk", true }, { "blueperil.de", true }, { "bluepoint.one", true }, @@ -5040,9 +5087,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "blueprintloans.co.uk", true }, { "bluerootsmarketing.com", true }, { "blues-and-pictures.com", true }, - { "bluesecure.com.br", true }, { "blueskycoverage.com", true }, { "bluestardiabetes.com", true }, + { "bluetexservice.com", true }, { "bluewavewebdesign.com", true }, { "bluex.im", true }, { "bluex.info", true }, @@ -5051,6 +5098,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "blueyed.eu", true }, { "blui.cf", true }, { "bluiandaj.ml", true }, + { "bluimedia.com", true }, { "blumenfeldart.com", true }, { "blumiges-fischbachtal.de", false }, { "blundell.wedding", true }, @@ -5062,6 +5110,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "blutopia.xyz", true }, { "blyat.science", true }, { "blyth.me.uk", true }, + { "blzrk.com", true }, { "bmhglobal.com.au", true }, { "bmone.net", true }, { "bmriv.com", true }, @@ -5069,7 +5118,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "bmw-motorradclub-seefeld.de", true }, { "bmwcolors.com", true }, { "bn1digital.co.uk", true }, - { "bn4t.me", true }, { "bnb-buddy.nl", true }, { "bnboy.cn", true }, { "bnbsinflatablehire.co.uk", true }, @@ -5098,11 +5146,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "bobancoamigo.com", true }, { "bobazar.com", true }, { "bobcopeland.com", true }, - { "bobep.ru", true }, { "bobkidbob.com", true }, { "bobkoetsier.nl", true }, { "bobnbouncedublin.ie", true }, - { "boboates.com", true }, { "bobobox.net", true }, { "boboolo.com", true }, { "bobstronomie.fr", true }, @@ -5121,6 +5167,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "bodymusclejournal.com", true }, { "bodypainter.pl", true }, { "bodypainting.waw.pl", true }, + { "bodyweb.com.br", true }, { "bodyworkbymichael.com", true }, { "boeddhashop.nl", true }, { "boekenlegger.nl", true }, @@ -5138,12 +5185,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "boisewaldorf.org", true }, { "boke112.com", true }, { "bokka.com", true }, - { "bokutake.com", true }, + { "bokkeriders.com", true }, { "boldmediagroup.com", true }, { "boldt-metallbau.de", true }, { "bolektro.de", true }, { "bolgarnyelv.hu", true }, - { "bolivarfm.com.ve", true }, { "bollywood.uno", true }, { "bologna-disinfestazioni.it", true }, { "bolovegna.it", true }, @@ -5158,7 +5204,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "bonami.ro", true }, { "bonami.sk", true }, { "bonbonmania.com", true }, - { "bondagefetishstore.com", true }, { "bondank.com", true }, { "bondarenko.dn.ua", true }, { "bondingwithbaby.ca", true }, @@ -5170,6 +5215,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "bonibuty.com", true }, { "bonifacius.be", true }, { "bonita.com.br", true }, + { "bonito.pl", true }, { "bonnant-associes.ch", true }, { "bonnant-partners.ch", true }, { "bonnebouffe.fr", true }, @@ -5199,7 +5245,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "bookshopofindia.com", true }, { "booksinthefridge.at", true }, { "booktracker-org.appspot.com", true }, - { "bookwitty.social", true }, { "bool.be", true }, { "boomersurf.com", true }, { "boomshelf.com", true }, @@ -5217,18 +5262,19 @@ static const nsSTSPreload kSTSPreloadList[] = { { "booq.org", true }, { "booquiz.com", true }, { "boosinflatablegames.co.uk", true }, + { "boost.fyi", true }, { "boost.ink", true }, + { "boostgame.win", true }, { "booter.pw", true }, { "bootjp.me", false }, { "bopiweb.com", true }, { "bopp.org", true }, { "borahan.net", true }, - { "borchers-media.de", true }, - { "borchers.ninja", true }, { "bordadoenpedreria.com", true }, { "bordes.me", true }, { "boredhackers.com", true }, { "borg.cloud", true }, + { "borgmestervangen.xyz", true }, { "boringsmith.com", true }, { "boris64.net", true }, { "borisenko.by", true }, @@ -5251,7 +5297,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "bosun.io", true }, { "bosworthdental.co.uk", true }, { "botlab.ch", true }, - { "botmanager.pl", true }, { "bots.cat", true }, { "botserver.de", true }, { "botstack.host", true }, @@ -5265,7 +5310,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "bouckaert-usedcars.be", true }, { "boudah.pl", true }, { "bougeret.fr", true }, - { "bouk.co", true }, { "boukoubengo.com", true }, { "boulzicourt.fr", true }, { "bounce-a-mania.co.uk", true }, @@ -5378,6 +5422,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "bountyfactory.io", true }, { "bourasse.fr", true }, { "bourdon.fr.eu.org", true }, + { "bourgdepabos.com", true }, { "bourhis.info", true }, { "bournefun.co.uk", true }, { "bourqu.in", true }, @@ -5401,11 +5446,12 @@ static const nsSTSPreload kSTSPreloadList[] = { { "bownty.it", true }, { "bownty.nl", true }, { "bowntycdn.net", true }, + { "boxmoe.cn", true }, { "boxpeg.com", true }, { "boxpirates.to", true }, { "boxvergelijker.nl", true }, + { "boyfriendcookbook.com", true }, { "boyhost.cn", true }, - { "boypoint.de", true }, { "boz.nl", false }, { "bozdoz.com", true }, { "bozit.com.au", true }, @@ -5423,6 +5469,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "braams.nl", true }, { "bracho.xyz", true }, { "brackets-salad.com", true }, + { "bracoitaliano.com.br", true }, { "bradbrockmeyer.com", true }, { "bradfordhottubhire.co.uk", true }, { "bradfordmascots.co.uk", true }, @@ -5430,7 +5477,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "bradler.net", true }, { "bradlinder.org", true }, { "bradypatterson.com", true }, - { "braemer-it-consulting.de", true }, { "braeunlich-gmbh.com", true }, { "brage.info", true }, { "brahmins.com", true }, @@ -5457,8 +5503,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "brammingfys.dk", true }, { "bramstaps.nl", true }, { "bramvanaken.be", true }, + { "bramygrozy.pl", true }, { "bran.land", true }, { "branch-bookkeeper.com", true }, + { "branchtrack.com", true }, + { "brandand.co.uk", true }, { "brandbil.dk", true }, { "brandbuilderwebsites.com", true }, { "brandcodeconsulting.com", true }, @@ -5479,10 +5528,12 @@ static const nsSTSPreload kSTSPreloadList[] = { { "brasalcosmetics.com", true }, { "brashear.me", true }, { "brasilbombas.com.br", true }, + { "brasildxn.com.br", true }, { "brasserie-mino.fr", true }, { "brasspipedreams.org", true }, { "bratislava-airport-taxi.com", true }, { "bratteng.me", true }, + { "bratteng.xyz", true }, { "bratvanov.com", true }, { "brau-ingenieur.de", true }, { "braudoktor.de", true }, @@ -5518,6 +5569,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "brecknell.org", true }, { "breda.computer", true }, { "bredvid.no", true }, + { "breest.net", true }, { "breeyn.com", true }, { "brefy.com", true }, { "brege.org", true }, @@ -5561,6 +5613,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "brickvortex.com", true }, { "bricolajeux.ch", true }, { "brid.gy", false }, + { "brideandgroomdirect.ie", true }, { "bridgeglobalmarketing.com", true }, { "bridgement.com", true }, { "bridgevest.com", true }, @@ -5572,17 +5625,17 @@ static const nsSTSPreload kSTSPreloadList[] = { { "briggsleroux.com", true }, { "brighouse-leisure.co.uk", true }, { "brightday.bz", true }, + { "brightlifedirect.com", true }, { "brightonbank.com", true }, { "brightonbouncycastles.net", true }, { "brightonchilli.org.uk", true }, { "brightonzhang.com", true }, { "brigidaarie.com", true }, + { "brigittebutt.tk", true }, { "brilliantbouncyfun.co.uk", true }, { "brilliantdecisionmaking.com", true }, { "brilliantproductions.co.nz", true }, { "brimspark.systems", true }, - { "brinkhu.is", true }, - { "brinquedoseducativos.art.br", true }, { "brio-shop.ch", true }, { "brisbanelogistics.com.au", true }, { "bristebein.com", true }, @@ -5591,14 +5644,18 @@ static const nsSTSPreload kSTSPreloadList[] = { { "britelocate.com", true }, { "britishbeef.com", true }, { "britishbookmakers.co.uk", true }, + { "britishchronicles.com", true }, { "britishgroupsg.com", true }, - { "britishmeat.com", true }, { "britishpearl.com", true }, { "britishsciencefestival.org", true }, { "britishscienceweek.org", true }, + { "britishsnoring.co.uk", true }, { "britneyclause.com", true }, + { "brittanyferriesnewsroom.com", true }, { "britton-photography.com", true }, + { "brmsalescommunity.com", true }, { "brn.by", true }, + { "brnojebozi.cz", true }, { "bro.hk", true }, { "broadleft.org", true }, { "broadsheet.com.au", true }, @@ -5619,7 +5676,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "brookehatton.com", true }, { "brooklynrealestateblog.com", true }, { "brookworth.com", true }, - { "brossman.it", true }, { "brossmanit.com", true }, { "brother-printsmart.nl", true }, { "brouillard.ch", true }, @@ -5628,6 +5684,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "brown-devost.com", true }, { "brownfieldstsc.org", true }, { "brownihc.com", true }, + { "browsemycity.com", true }, { "brring.com", true }, { "bru6.de", true }, { "brucemartin.net", true }, @@ -5639,8 +5696,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "brunn.email", true }, { "brunner.ninja", false }, { "brunohenc.from.hr", true }, - { "brunoramos.com", true }, - { "brunoramos.org", true }, { "brunosouza.org", true }, { "brush.ninja", true }, { "bruun.co", true }, @@ -5702,6 +5757,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "btserv.de", true }, { "btsoft.eu", true }, { "btsow.com", true }, + { "bttc.co.uk", true }, { "btth.live", true }, { "btth.pl", true }, { "btth.tv", true }, @@ -5751,7 +5807,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "bugginslab.co.uk", true }, { "bugs.chromium.org", true }, { "bugsmashed.com", true }, - { "bugtrack.co.uk", true }, { "bugzil.la", true }, { "bugzilla.mozilla.org", true }, { "build.chromium.org", true }, @@ -5768,6 +5823,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "buileo.com", true }, { "builtvisible.com", true }, { "builtwith.com", true }, + { "bukai.men", true }, { "bukkenfan.jp", true }, { "bul3seas.eu", true }, { "bulario.com", true }, @@ -5780,7 +5836,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "bulkwholesalesweets.co.uk", true }, { "bull.id.au", true }, { "bulldog-hosting.de", true }, - { "bulldoghire.co.uk", true }, { "bulledair-savons.ch", true }, { "bullettags.com", true }, { "bullpay.com", true }, @@ -5790,15 +5845,16 @@ static const nsSTSPreload kSTSPreloadList[] = { { "bumarkamoda.com", true }, { "bunbun.be", false }, { "bund-von-theramore.de", true }, - { "bundaberg.com", true }, { "bundespolizei-forum.de", true }, { "bunkyo-life.com", true }, { "bunny-rabbits.com", true }, { "bunnyvishal.com", true }, { "bunzy.ca", true }, { "bupropion.com", true }, + { "bupu.ml", true }, { "buradangonder.com", true }, { "burcevo.info", true }, + { "burfordbedandbreakfast.co.uk", true }, { "burgernet.nl", true }, { "burgers.io", true }, { "burghardt.pl", true }, @@ -5807,6 +5863,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "buricloud.fr", true }, { "burke.services", true }, { "burlapsac.ca", true }, + { "burncorp.org", true }, { "burnerfitness.com", true }, { "burnhamonseabouncycastles.co.uk", true }, { "burningbird.net", true }, @@ -5816,7 +5873,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "buronwater.com", true }, { "burotec-sarl.com", true }, { "burr.is", true }, - { "burroughsid.com", true }, { "bursaries-southafrica.co.za", true }, { "burtplasticsurgery.com", true }, { "burtrum.family", true }, @@ -5824,6 +5880,8 @@ static const nsSTSPreload kSTSPreloadList[] = { { "burtrum.name", true }, { "burtrum.org", true }, { "burzmali.com", true }, + { "busanhs.bid", true }, + { "busanhs.win", true }, { "buserror.cn", true }, { "bushbaby.com", true }, { "bushcraftfriends.com", true }, @@ -5857,19 +5915,17 @@ static const nsSTSPreload kSTSPreloadList[] = { { "buxum-communication.ch", true }, { "buy-thing.com", true }, { "buyaccessible.gov", true }, - { "buybike.shop", true }, { "buycarpet.shop", true }, + { "buycbd.store", true }, { "buycook.shop", true }, { "buydissertations.com", true }, { "buyerdocs.com", true }, - { "buyessay.org", true }, - { "buyessays.net", true }, { "buyessayscheap.com", true }, + { "buyhealth.shop", true }, { "buyinginvestmentproperty.com", true }, { "buyjewel.shop", true }, { "buymindhack.com", true }, { "buypapercheap.net", true }, - { "buyplussize.shop", true }, { "buyprofessional.shop", true }, { "buyritefairview.com", true }, { "buyseo.store", true }, @@ -5902,12 +5958,12 @@ static const nsSTSPreload kSTSPreloadList[] = { { "bx-n.de", true }, { "bxp40.at", true }, { "by.cx", true }, + { "byange.pro", true }, { "byatte.com", true }, { "bydisk.com", false }, { "byeskille.no", true }, { "bygningsregistrering.dk", true }, { "byiu.info", true }, - { "byken.cn", true }, { "bymark.co", true }, { "bymike.co", true }, { "bynder.com", true }, @@ -5918,7 +5974,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "byronkg.us", true }, { "byronprivaterehab.com.au", true }, { "byronr.com", true }, - { "byronwade.com", true }, { "byrtz.de", true }, { "bysb.net", false }, { "byte-time.com", true }, @@ -5929,11 +5984,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "bytejail.com", true }, { "bytema.cz", true }, { "bytema.eu", true }, - { "bytema.re", true }, { "bytema.sk", true }, { "byteowls.com", false }, { "bytepark.de", true }, - { "bytepen.com", true }, { "bytes.co", true }, { "bytes.fyi", true }, { "bytesatwork.de", true }, @@ -5950,6 +6003,8 @@ static const nsSTSPreload kSTSPreloadList[] = { { "bziaks.xyz", true }, { "bzsparks.com", true }, { "bztech.com.br", true }, + { "bztraveler.com", true }, + { "bztraveler.net", true }, { "bzv-fr.eu", true }, { "c-aeroconsult.com", true }, { "c-path.org", true }, @@ -5960,6 +6015,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "c-world.co.uk", true }, { "c.cc", true }, { "c0rn3j.com", true }, + { "c0rporation.com", true }, { "c2design.it", true }, { "c2o-library.net", true }, { "c3hv.cn", true }, @@ -5976,8 +6032,10 @@ static const nsSTSPreload kSTSPreloadList[] = { { "ca5.de", true }, { "caarecord.org", true }, { "caasd.org", true }, + { "cabaladada.org", true }, { "cabarave.com", true }, { "cabforum.org", true }, + { "cabineritten.nl", true }, { "cabinet-bedin.com", true }, { "cablehighspeed.net", true }, { "cablemod.com", true }, @@ -5990,7 +6048,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "caceis.bank", true }, { "cachetagalong.com", true }, { "cachethome.com", true }, - { "cachethq.io", true }, { "cachetur.no", true }, { "cackette.com", true }, { "cad-noerdlingen.de", true }, @@ -6011,12 +6068,12 @@ static const nsSTSPreload kSTSPreloadList[] = { { "cafedupont.co.uk", true }, { "cafedupont.de", true }, { "cafedupont.nl", true }, - { "cafefresco.pe", true }, { "cafeimsueden.de", true }, { "cafelandia.net", true }, { "cafeobscura.nl", true }, + { "cafericoy.com", true }, { "caffeinatedcode.com", true }, - { "caibi.io", true }, + { "cagalogluyayinevi.com", true }, { "cainhosting.com", false }, { "caitcs.com", true }, { "caiwenjian.xyz", true }, @@ -6024,7 +6081,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "caja-pdf.es", true }, { "cajio.ru", true }, { "cajunuk.co.uk", true }, - { "cake-time.co.uk", true }, { "cakestart.net", true }, { "caketoindia.com", true }, { "cakingandbaking.com", true }, @@ -6049,11 +6105,12 @@ static const nsSTSPreload kSTSPreloadList[] = { { "calculator.tf", true }, { "calcworkshop.com", true }, { "caldecotevillagehall.co.uk", true }, + { "caleb.cx", true }, { "caleb.host", true }, - { "calebmorris.com", false }, { "calebthompson.io", true }, { "calendarr.com", true }, { "calendarsnow.com", true }, + { "calendly.com", true }, { "caletka.cz", true }, { "calgoty.com", true }, { "calibreapp.com", true }, @@ -6062,7 +6119,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "calidoinvierno.com", true }, { "calixte-concept.fr", true }, { "call.me", true }, - { "callanbryant.co.uk", true }, { "callawayracing.se", true }, { "callear.org", true }, { "callhub.io", true }, @@ -6072,10 +6128,10 @@ static const nsSTSPreload kSTSPreloadList[] = { { "callumsilcock.me", true }, { "calluna.nl", true }, { "calmtech.com", true }, - { "calomel.org", true }, { "calotte-academy.com", true }, + { "calrotaract.org", true }, { "calvin.my", true }, - { "calypso-tour.net", true }, + { "calvinallen.net", false }, { "calyxengineers.com", true }, { "camaradivisas.com", true }, { "camaras.uno", true }, @@ -6089,12 +6145,17 @@ static const nsSTSPreload kSTSPreloadList[] = { { "cambier.org", true }, { "cambiowatch.ch", true }, { "cambodian.dating", true }, + { "cambridge-security.com", true }, { "cambridgebouncers.co.uk", true }, { "camconn.cc", true }, { "camelservers.com", true }, + { "cameo-membership.uk", true }, { "cameraviva.com.br", true }, { "camerweb.es", true }, { "camilomodzz.net", true }, + { "camjobs.net", true }, + { "camolist.com", true }, + { "camomile.desi", true }, { "camp-pleinsoleil.ch", true }, { "camp.co.uk", true }, { "campaign-ad.com", true }, @@ -6106,6 +6167,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "campbrainybunch.com", true }, { "campcambodia.org", true }, { "campcanada.org", true }, + { "campeoesdofutebol.com.br", true }, { "campeonatoalemao.com.br", true }, { "camperdays.de", true }, { "camperlist.com", true }, @@ -6121,11 +6183,13 @@ static const nsSTSPreload kSTSPreloadList[] = { { "campus-discounts.com", true }, { "campus-finance.com", true }, { "campusdrugprevention.gov", true }, + { "campusportalng.com", true }, { "campuswire.com", true }, + { "campvana.com", true }, { "campwabashi.org", true }, - { "camshowhub.com", true }, - { "camsky.de", true }, + { "camsky.de", false }, { "canada-tourisme.ch", true }, + { "canadabread.com", false }, { "canadalife.de", true }, { "canadasmotorcycle.ca", true }, { "canadian-nurse.com", true }, @@ -6157,11 +6221,13 @@ static const nsSTSPreload kSTSPreloadList[] = { { "canlidoviz.com", true }, { "canmipai.com", true }, { "cannabis-marijuana.com", true }, - { "cannahealth.com", false }, + { "cannacards.ca", true }, + { "cannahealth.com", true }, { "cannarobotics.com", true }, { "cannoli.london", true }, { "cannyfoxx.me", true }, { "canoonic.se", true }, + { "cant.at", true }, { "cantatio.ch", true }, { "canterberry.cc", true }, { "canterburybouncycastlehire.co.uk", true }, @@ -6173,9 +6239,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "cao.gov", true }, { "cao.la", true }, { "caodesantohumberto.com.br", true }, + { "caoshan60.com", true }, { "capacent.is", true }, { "capachitos.cl", true }, - { "capacitacionyautoempleo.com", true }, { "capacityproject.org", true }, { "capekeen.com", true }, { "capellidipremoli.com", true }, @@ -6196,16 +6262,17 @@ static const nsSTSPreload kSTSPreloadList[] = { { "capper.de", true }, { "capriccio.to", true }, { "caprichosdevicky.com", true }, + { "caps.is", true }, { "capsogusto.com", true }, { "capstansecurity.co.uk", true }, { "capstansecurity.com", true }, - { "captainark.net", true }, + { "capstoneinsights.com", true }, + { "captain-dandelion.com", true }, { "captainsinn.com", true }, { "captalize.com", true }, { "capturapp.com", false }, { "capture-app.com", true }, { "captured-symphonies.com", true }, - { "capturethepen.co.uk", true }, { "capuchinox.com", true }, { "caputo.com", true }, { "caputodesign.com", true }, @@ -6222,7 +6289,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "carbon-project.org", true }, { "carbon12.org", true }, { "carbon12.software", true }, + { "carboneselectricosnettosl.info", false }, { "carbonmade.com", false }, + { "carbonmonoxidelawyer.net", true }, { "carbono.uy", true }, { "carbontv.com", true }, { "carck.co.uk", true }, @@ -6237,6 +6306,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "cardelmar.de", true }, { "cardelmar.es", true }, { "cardexchangesolutions.com", true }, + { "cardgames.com", true }, { "cardios.srv.br", true }, { "cardranking.jp", true }, { "cardrecovery.fr", true }, @@ -6259,6 +6329,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "carezone.com", false }, { "cargobay.net", true }, { "cargorestraintsystems.com.au", true }, + { "carhunters.cz", true }, { "caribbean.dating", true }, { "caribbeanarthritisfoundation.org", true }, { "caribbeanexams.com", true }, @@ -6268,15 +6339,22 @@ static const nsSTSPreload kSTSPreloadList[] = { { "carinthia.eu", true }, { "cariocacooking.com", true }, { "carisenda.com", true }, + { "carkeysanantonio.com", true }, { "carlandfaith.com", true }, { "carlife-at.jp", true }, { "carlili.fr", true }, { "carlingfordapartments.com.au", true }, { "carlmjohnson.net", true }, { "carlobiagi.de", true }, + { "carlocksmith--dallas.com", true }, + { "carlocksmithellicottcity.com", true }, { "carlocksmithfallbrook.com", true }, + { "carlocksmithlewisville.com", true }, + { "carlocksmithmesquite.com", true }, { "carlosfelic.io", true }, + { "carloshmm.com", true }, { "carlosjeurissen.com", true }, + { "carlot-j.com", true }, { "carnaticalifornia.com", true }, { "carnet-du-voyageur.com", true }, { "carnildo.com", true }, @@ -6284,11 +6362,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "carol-lambert.com", true }, { "carolcappelletti.com", true }, { "carolcestas.com", true }, - { "caroli.biz", true }, { "caroli.com", true }, { "caroli.info", true }, { "caroli.name", true }, { "caroli.net", true }, + { "carolina.cz", true }, { "carolinaclimatecontrolsc.com", true }, { "carolynjoyce.com.au", true }, { "carpetcleaningtomball.com", true }, @@ -6298,10 +6376,12 @@ static const nsSTSPreload kSTSPreloadList[] = { { "carriedin.com", true }, { "carrierplatform.com", true }, { "carringtonrealtygroup.com", true }, + { "carroceriascarluis.com", true }, { "carrollservicecompany.com", true }, + { "carseatchecks.ca", true }, { "carson-aviation-adventures.com", true }, + { "carsoug.com", true }, { "carspneu.cz", true }, - { "carsten.pw", true }, { "cartadeviajes.cl", true }, { "cartadeviajes.co", true }, { "cartadeviajes.com", true }, @@ -6316,6 +6396,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "cartadeviajes.uk", true }, { "carteirasedistintivos.com.br", true }, { "cartelcircuit.com", true }, + { "carterstad.se", true }, { "cartertonscouts.org.nz", true }, { "cartesentreprises-unicef.fr", true }, { "carthedral.com", true }, @@ -6326,7 +6407,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "cartouche-deal.fr", true }, { "cartouche24.eu", true }, { "cartucce24.it", true }, - { "carun.us", true }, { "carusorealestate.com", true }, { "caryefurd.com", true }, { "casa-due-pur.com", true }, @@ -6367,15 +6447,17 @@ static const nsSTSPreload kSTSPreloadList[] = { { "casino-trio.com", true }, { "casinobonuscodes.online", true }, { "casinocashflow.ru", true }, - { "casinolistings.com", true }, - { "casinoluck.com", true }, + { "casinolegal.pt", true }, { "casinoonlinesicuri.com", true }, { "casio-caisses-enregistreuses.fr", true }, + { "casjay.cloud", true }, { "casjay.com", true }, { "casjay.info", true }, { "caspar.ai", true }, { "casperpanel.com", true }, { "cassimo.com", true }, + { "castbulletassoc.org", false }, + { "casteloinformatica.com.br", true }, { "castible.de", true }, { "castlecapers.com.au", true }, { "castlecms.io", true }, @@ -6389,6 +6471,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "castles4rascalsiow.co.uk", true }, { "castlesrus-kent.com", true }, { "castleswa.com.au", true }, + { "casualdesignsfurniture.com", true }, { "casusgrillcaribbean.com", true }, { "cat-blum.com", true }, { "cat-box.de", true }, @@ -6397,17 +6480,19 @@ static const nsSTSPreload kSTSPreloadList[] = { { "catalog.beer", true }, { "catalogobiblioteca.com", true }, { "catalogoreina.com", true }, + { "catalogosvirtualesonline.com", true }, { "catalystapp.co", true }, { "catbold.space", true }, { "catbull.com", true }, { "catburton.co.uk", true }, + { "catchers.cc", true }, { "catchersgear.com", true }, { "catchfotografie.nl", true }, { "catchhimandkeephim.com", true }, { "catchief.com", true }, - { "catdecor.ru", true }, { "catenacondos.com", true }, - { "catgirl.me", true }, + { "catfooddispensersreviews.com", true }, + { "catgirl.science", true }, { "catharinesomerville.com", true }, { "catharisme.eu", true }, { "catharisme.net", true }, @@ -6419,12 +6504,15 @@ static const nsSTSPreload kSTSPreloadList[] = { { "catl.st", true }, { "catmoose.ca", true }, { "catnet.dk", false }, + { "catprog.org", true }, { "cattivo.nl", false }, { "catuniverse.org", true }, { "catveteran.com", true }, + { "caughtredhanded.co.nz", true }, { "caulfieldeastapartments.com.au", true }, { "caulfieldracecourseapartments.com.au", true }, { "caulong-ao.net", true }, + { "cav.ac", true }, { "cavac.at", true }, { "cave-reynard.ch", true }, { "cavevinsdefrance.fr", true }, @@ -6441,11 +6529,13 @@ static const nsSTSPreload kSTSPreloadList[] = { { "cbdev.de", true }, { "cbdmarket.space", true }, { "cbecrft.net", true }, + { "cbin168.com", true }, { "cbintermountainrealty.com", true }, { "cbr-xml-daily.ru", true }, { "cbsdeheidevlinder.nl", true }, { "cbw.sh", true }, { "cc-brantomois.fr", true }, + { "cc2729.com", true }, { "ccac.gov", true }, { "ccavenue.com", true }, { "cccwien.at", true }, @@ -6455,13 +6545,13 @@ static const nsSTSPreload kSTSPreloadList[] = { { "ccoooss.com", true }, { "ccprwebsite.org", true }, { "ccsource.org", true }, + { "ccss-cces.com", true }, { "ccsys.com", true }, { "cctvview.info", true }, { "ccu.io", true }, { "ccu.plus", true }, { "ccv-deutschland.de", true }, { "ccv.ch", true }, - { "ccv.eu", true }, { "ccv.nl", true }, { "cd-sport.com", true }, { "cd.search.yahoo.com", false }, @@ -6474,6 +6564,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "cdbtech.com", true }, { "cdburnerxp.se", true }, { "cdda.ch", true }, + { "cdeck.net", true }, { "cdepot.eu", true }, { "cdkeykopen.com", true }, { "cdlcenter.com", true }, @@ -6485,6 +6576,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "cdom.de", true }, { "cdsdigital.de", true }, { "cdu-wilgersdorf.de", true }, + { "cduckett.net", true }, { "ce-pimkie.fr", true }, { "cebz.org", true }, { "ceciliacolombara.com", true }, @@ -6495,13 +6587,13 @@ static const nsSTSPreload kSTSPreloadList[] = { { "cedricmartineau.com", true }, { "ceebee.com", true }, { "cejhon.cz", false }, - { "cekaja.com", true }, { "celcomhomefibre.com.my", true }, + { "celebmasta.com", true }, + { "celebrityhealthcritic.com", true }, { "celebrityscope.net", true }, { "celectro-pro.com", true }, { "celiendev.ch", true }, { "celine-patisserie.fr", true }, - { "cellartracker.com", true }, { "celltek-server.de", false }, { "celluliteorangeskin.com", true }, { "celluliteremovaldiet.com", true }, @@ -6519,7 +6611,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "censys.io", true }, { "centaur.de", true }, { "centennialradon.com", true }, - { "centerpereezd.ru", false }, { "centerpoint.ovh", true }, { "centillien.com", false }, { "centio.bg", true }, @@ -6542,6 +6633,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "centrosocialferrel.pt", true }, { "centrumhodinek.cz", true }, { "centruvechisv.ro", true }, + { "centrym.top", true }, { "centum.no", true }, { "centura.de", true }, { "centurialeonina.com", true }, @@ -6562,7 +6654,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "cerebelo.info", true }, { "cerena-silver.ru", true }, { "ceres-corp.org", true }, - { "ceres1.space", true }, { "cerivo.co.uk", true }, { "cermak.photos", true }, { "cernakova.eu", true }, @@ -6580,6 +6671,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "certfa.com", true }, { "certible.com", true }, { "certificatedetails.com", true }, + { "certificatespending.com", true }, { "certificatetools.com", true }, { "certifiednurses.org", true }, { "certmonitor.com.au", true }, @@ -6587,7 +6679,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "certnazionale.it", true }, { "certspotter.com", true }, { "certspotter.org", true }, - { "cervejista.com", true }, { "cesboard.com", true }, { "cesdb.com", true }, { "cesipagano.com", true }, @@ -6600,20 +6691,20 @@ static const nsSTSPreload kSTSPreloadList[] = { { "cetamol.com", true }, { "ceu.edu", false }, { "cevo.com.hr", true }, - { "ceyizlikelisleri.com", true }, { "cf-ide.de", true }, { "cf-tm.net", true }, - { "cf11.de", true }, { "cfa.gov", true }, { "cfan.space", true }, + { "cfda.gov", true }, { "cfdcre5.org", true }, { "cfh.com", true }, { "cfno.org", true }, { "cfo.gov", true }, { "cfpa-formation.fr", true }, - { "cfsh.tk", true }, { "cftc.gov", true }, { "cftcarouge.com", true }, + { "cfttt.com", true }, + { "cfurl.cf", true }, { "cfxdesign.com", true }, { "cg-systems.hu", true }, { "cg.search.yahoo.com", false }, @@ -6635,6 +6726,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "chabert-provence.fr", true }, { "chad.ch", true }, { "chadstoneapartments.com.au", true }, + { "chadtaljaardt.com", true }, { "chaifeng.com", true }, { "chainedunion.info", true }, { "chaip.org", true }, @@ -6650,7 +6742,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "challstrom.com", true }, { "chamathellawala.com", true }, { "chambion.ch", true }, - { "chameleon-ents.co.uk", true }, + { "chamicro.com", true }, { "champdogs.co.uk", true }, { "champdogs.com", true }, { "champicreuse.fr", true }, @@ -6688,14 +6780,16 @@ static const nsSTSPreload kSTSPreloadList[] = { { "chapelfordbouncers.co.uk", true }, { "chapiteauxduleman.fr", true }, { "chaplain.co", true }, - { "charakato.com", true }, { "charbonnel.eu", true }, { "charcoal-se.org", true }, { "charcoalvenice.com", true }, + { "chargedmonkey.com", true }, { "chargify.com", true }, + { "charisma.ai", true }, { "charissadescande.com", true }, { "charitylog.co.uk", true }, { "charl.eu", true }, + { "charlenevondell.com", true }, { "charles-darwin.com", true }, { "charlesbwise.com", true }, { "charlesjay.com", true }, @@ -6714,8 +6808,8 @@ static const nsSTSPreload kSTSPreloadList[] = { { "charlottesvillegolfcommunities.com", true }, { "charlotteswimmingpoolbuilder.com", true }, { "charmander.me", true }, + { "charmanterelefant.at", true }, { "charmingsaul.com", true }, - { "charmyadesara.com", true }, { "charr.xyz", true }, { "chars.ga", true }, { "charta-digitale-vernetzung.de", true }, @@ -6738,7 +6832,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "chatbotclick.com", true }, { "chatbots.systems", true }, { "chatear.social", true }, - { "chateau-belvoir.com", true }, { "chateau-de-lisle.fr", true }, { "chateaudestrainchamps.com", true }, { "chatfacile.org", true }, @@ -6754,14 +6847,12 @@ static const nsSTSPreload kSTSPreloadList[] = { { "chatu.io", true }, { "chatu.me", true }, { "chatucomputers.com", true }, - { "chatxp.com", true }, { "chatxsingle.net", true }, { "chatxtutti.com", true }, { "chatzimanolis.com", true }, { "chatzimanolis.gr", true }, { "chaurocks.com", true }, { "chaussenot.net", true }, - { "chaverde.org", true }, { "chavetaro.com", true }, { "chaz6.com", true }, { "chazalet.fr", true }, @@ -6789,7 +6880,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "cheapgeekts.com", false }, { "cheapgoa.com", true }, { "cheapiesystems.com", true }, - { "cheapssl.com.tr", true }, { "cheapticket.in", true }, { "cheapwritinghelp.com", true }, { "check.torproject.org", false }, @@ -6800,6 +6890,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "checkmypsoriasis.com", true }, { "checkout.google.com", true }, { "checkpoint-tshirt.com", true }, + { "checkrente.nl", true }, { "checkspf.net", true }, { "checktype.com", true }, { "checkui.com", true }, @@ -6817,6 +6908,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "cheetahwerx.com", true }, { "cheez.systems", true }, { "cheezflix.uk", true }, + { "chefwear.com", true }, { "chehalemgroup.com", true }, { "cheladmin.ru", true }, { "chelema.xyz", true }, @@ -6832,6 +6924,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "chenqinghua.com", true }, { "chentianyi.cn", true }, { "chenzhekl.me", true }, + { "chenzhipeng.com.cn", true }, { "cheolguso.com", true }, { "cherevoiture.com", true }, { "cherie-belle.com", true }, @@ -6841,6 +6934,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "cherrywoodtech.com", true }, { "chertseybouncycastles.co.uk", true }, { "chesspoint.ch", true }, + { "chestnut.cf", true }, { "chevy37.com", true }, { "chevymotor-occasions.be", true }, { "chewey.de", true }, @@ -6855,6 +6949,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "chiaramail.com", true }, { "chiaseeds24.com", true }, { "chiboard.co", true }, + { "chibr.eu", true }, { "chic-leather.com", true }, { "chicagolug.org", true }, { "chicagostudentactivists.org", true }, @@ -6863,9 +6958,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "chiemgauflirt.de", true }, { "chif16.at", true }, { "chikan-beacon.net", true }, - { "chikatomo-ryugaku.com", true }, { "chikazawa.info", true }, - { "chikory.com", true }, { "childcare.gov", true }, { "childcounseling.org", true }, { "childcustodylegalaid.org", true }, @@ -6880,9 +6973,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "childvisitationassistance.org", true }, { "childwelfare.gov", true }, { "chilihosting.eu", true }, + { "chilimath.com", true }, { "chilio.net", true }, { "chillebever.nl", true }, - { "chilli943.info", true }, { "chima.net", true }, { "chima.us", true }, { "chimeratool.com", true }, @@ -6893,14 +6986,18 @@ static const nsSTSPreload kSTSPreloadList[] = { { "chinaspaceflight.com", true }, { "chinatrademarkoffice.com", true }, { "chinawhale.com", true }, + { "ching.tv", true }, { "chint.ai", true }, { "chinwag.im", true }, { "chinwag.org", true }, { "chipcore.com", true }, + { "chipglobe.com", true }, { "chippy.ch", false }, + { "chips-scheduler.de", true }, { "chiralsoftware.com", true }, { "chireiden.net", true }, { "chiro-neuchatel.ch", true }, + { "chiropractic.gr", true }, { "chiropracticwpb.com", true }, { "chiropraktik-riemann.de", true }, { "chiropraticien-neuchatel.ch", true }, @@ -6913,10 +7010,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "chitoku.jp", false }, { "chksite.com", true }, { "chl.la", true }, - { "chloeallison.co.uk", true }, - { "chloehorler.com", true }, { "chloescastles.co.uk", true }, { "chlth.com", true }, + { "chmielarz.it", true }, { "chmsoft.com.ua", true }, { "chmsoft.ru", true }, { "chmurakotori.ml", true }, @@ -6927,8 +7023,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "chocolatesandhealth.com", true }, { "chocolatier-tristan.ch", true }, { "chocotough.nl", false }, - { "chodocu.com", true }, - { "choe.fi", true }, { "choisirmonerp.com", true }, { "chokladfantasi.net", true }, { "chollima.pro", true }, @@ -6945,6 +7039,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "chosenplaintext.org", true }, { "chourishi-shigoto.com", true }, { "chowii.com", true }, + { "choyri.com", true }, { "chris-edwards.net", true }, { "chrisaitch.com", true }, { "chrisb.me", true }, @@ -6952,6 +7047,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "chrisbryant.me.uk", true }, { "chrisburnell.com", true }, { "chriscarey.com", true }, + { "chriscowley.me.uk", true }, { "chrisdecairos.ca", true }, { "chrisirwin.ca", true }, { "chrisjean.com", true }, @@ -6982,11 +7078,12 @@ static const nsSTSPreload kSTSPreloadList[] = { { "christianillies.de", true }, { "christianjens.com", true }, { "christianliebel.com", true }, + { "christianlis.org.uk", true }, + { "christianlis.uk", true }, { "christianpeltier.com", true }, { "christianpilgrimage.com.au", true }, { "christians.dating", true }, { "christianscholz.de", true }, - { "christianscholz.eu", true }, { "christiehawkes.com", true }, { "christiesantiques.com", true }, { "christmascard.be", true }, @@ -7002,6 +7099,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "christophertruncer.com", true }, { "christophkreileder.com", true }, { "christophsackl.de", true }, + { "christthekingparish.net", true }, { "chriswald.com", true }, { "chriswarrick.com", true }, { "chriswbarry.com", true }, @@ -7020,18 +7118,17 @@ static const nsSTSPreload kSTSPreloadList[] = { { "chronoshop.cz", true }, { "chrpaul.de", true }, { "chrstn.eu", true }, + { "chrysanthos.net", true }, { "chsterz.de", true }, - { "chua.family", true }, { "chuchote-moi.fr", true }, { "chuck.ovh", true }, { "chun.pro", true }, { "chunche.net", true }, { "chunk.science", true }, { "chupadelfrasco.com", true }, + { "chuppa.com.au", true }, { "churchlinkpro.com", true }, { "churchthemes.com", true }, - { "churchwebcanada.ca", true }, - { "churchwebsupport.com", true }, { "churningtracker.com", true }, { "chxdf.net", true }, { "chyen.cc", true }, @@ -7044,17 +7141,13 @@ static const nsSTSPreload kSTSPreloadList[] = { { "cianmawhinney.me", true }, { "ciansc.com", true }, { "ciat.no", false }, - { "cidadedopoker.com.br", true }, { "cidbot.com", true }, - { "ciderclub.com", true }, { "cidersus.com.ec", true }, { "cie-theatre-montfaucon.ch", true }, { "cielbleu.org", true }, - { "cielly.com", true }, { "cifop-numerique.fr", true }, { "cig-dem.com", true }, { "cigar-cartel.com", true }, - { "cigarterminal.com", false }, { "cilloc.be", true }, { "cima-idf.fr", true }, { "cimballa.com", true }, @@ -7062,12 +7155,13 @@ static const nsSTSPreload kSTSPreloadList[] = { { "cinafilm.com", true }, { "cinay.pw", true }, { "cindey.io", true }, + { "cindydudley.com", true }, { "cine-music.de", true }, { "cine.to", true }, { "cinefilzonen.se", true }, { "cinelite.club", true }, - { "cinema5.ru", false }, { "cinemarxism.com", true }, + { "cinemasetfree.com", true }, { "cinemysticism.com", true }, { "cineplex.my", true }, { "ciner.is", true }, @@ -7094,7 +7188,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "cipri.nl", true }, { "cipri.org", true }, { "cipria.no", true }, - { "cipriano.nl", true }, { "cipy.com", true }, { "cir.is", true }, { "circara.com", true }, @@ -7110,8 +7203,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "cirujanooral.com", true }, { "cirurgicagervasio.com.br", true }, { "cirurgicalucena.com.br", true }, + { "cirurgicasalutar.com.br", true }, { "ciscodude.net", true }, { "cisoaid.com", true }, + { "cisofy.com", true }, + { "cispeo.org", true }, { "ciss.ltd", true }, { "cisum-cycling.com", true }, { "cisy.me", true }, @@ -7125,7 +7221,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "citizensleague.org", true }, { "citizenspact.eu", true }, { "citizing.org", true }, - { "citroner.blog", true }, { "citrusui.me", true }, { "cittadesign.com", false }, { "citton.com.br", true }, @@ -7140,12 +7235,15 @@ static const nsSTSPreload kSTSPreloadList[] = { { "citysportapp.com", true }, { "cityworksonline.com", true }, { "ciubotaru.tk", true }, - { "civicunicorn.com", true }, - { "civicunicorn.us", true }, + { "ciurcasdan.eu", true }, { "civilg20.org", true }, { "civillines.nl", true }, { "cj-espace-vert.fr", true }, { "cj-jackson.com", true }, + { "cjdby.net", true }, + { "cjdpenterprises.com", true }, + { "cjdpenterprises.com.au", true }, + { "cjean.fr", true }, { "cjey.me", true }, { "cjhzp.net", true }, { "cjr.host", true }, @@ -7164,6 +7262,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "ckostecki.de", true }, { "cktennis.com", true }, { "cl.search.yahoo.com", false }, + { "clacetandil.com.ar", true }, { "clad.cf", true }, { "claimconnect.com", true }, { "claimconnect.us", true }, @@ -7202,6 +7301,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "clazzrooms.com", true }, { "cldfile.com", true }, { "cldly.com", true }, + { "cleanapproachnw.com", true }, { "cleanbeautymarket.com.au", true }, { "cleanbrowsing.org", true }, { "cleancode.club", true }, @@ -7230,7 +7330,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "clickclock.cc", true }, { "clickenergy.com.au", true }, { "clickforclever.com", true }, - { "clickomobile.com", true }, { "clickphish.com", true }, { "clicksaveandprint.com", true }, { "clien.net", true }, @@ -7244,7 +7343,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "climatestew.com", true }, { "clindoeilmontagne.com", true }, { "clingout.com", true }, - { "clinicadam.com", true }, + { "clinicadam.com", false }, { "clinicadelogopedia.net", true }, { "clinicalrehabilitation.info", true }, { "clinicaltrials.gov", true }, @@ -7264,11 +7363,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "clochix.net", true }, { "clockcaster.com", true }, { "clockworksms.com", true }, - { "clod-hacking.com", true }, { "clojurescript.ru", true }, { "cloppenburg-autmobil.com", true }, { "cloppenburg-automobil.com", true }, - { "clorik.com", true }, { "clorophilla.net", true }, { "closeli.cn", true }, { "closelinksecurity.co.uk", true }, @@ -7283,7 +7380,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "cloud42.ch", false }, { "cloud9bouncycastlehire.com", true }, { "cloudapps.digital", true }, - { "cloudbolin.es", true }, { "cloudbreaker.de", true }, { "cloudbrothers.info", true }, { "cloudcactuar.com", false }, @@ -7300,21 +7396,20 @@ static const nsSTSPreload kSTSPreloadList[] = { { "cloudia.org", true }, { "cloudily.com", true }, { "cloudimproved.com", true }, - { "cloudimprovedtest.com", true }, + { "cloudkeep.nl", true }, { "cloudkit.pro", false }, + { "cloudlessdreams.com", true }, { "cloudlight.biz", true }, - { "cloudmigrator365.com", true }, { "cloudnote.cc", true }, { "cloudns.net", true }, { "cloudoptimizedsmb.com", true }, { "cloudoptimus.com", true }, - { "cloudpagesforwork.com", true }, - { "cloudpebble.net", true }, { "cloudpengu.in", true }, { "cloudpipes.com", true }, { "cloudsecurityalliance.org", true }, { "cloudservice.io", true }, { "cloudservices.nz", true }, + { "cloudsign.jp", true }, { "cloudsocial.io", true }, { "cloudspace-analytics.com", true }, { "cloudspeedy.net", true }, @@ -7328,35 +7423,38 @@ static const nsSTSPreload kSTSPreloadList[] = { { "clownindeklas.nl", true }, { "cloxy.com", true }, { "clr3.com", true }, + { "clsfoundationrepairandwaterproofing.com", true }, { "clsimage.com", true }, { "clsoft.ch", true }, { "clu-in.org", true }, { "club-adulti.ro", true }, { "club-corsicana.de", true }, + { "club-creole.com", true }, { "club-duomo.com", true }, { "club-is.ru", true }, + { "club-premiere.com", true }, { "club-reduc.com", true }, { "club103.ch", true }, + { "clubcorsavenezuela.com", true }, { "clubdelzapato.com", true }, { "clubedalutashop.com", true }, { "clubefiel.com.br", true }, { "clubempleos.com", true }, { "clubeohara.com", true }, { "clubfamily.de", true }, + { "clubgalaxy.futbol", true }, { "clubiconkenosha.com", true }, - { "clubmate.rocks", true }, { "clubmini.jp", true }, { "clubnoetig-ink2g.de", true }, { "clubon.space", true }, { "clubscannan.ie", true }, { "clueful.ca", true }, - { "cluefulca.com", true }, - { "cluefulca.net", true }, - { "cluefulca.org", true }, + { "cluster.biz.tr", true }, { "clusteranalyse.net", true }, { "clusterfuck.nz", true }, { "clustermaze.net", true }, { "clweb.ch", true }, + { "cm.center", true }, { "cmacacias.ch", true }, { "cmadeangelis.it", true }, { "cmahy.be", true }, @@ -7394,6 +7492,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "cnet-hosting.com", true }, { "cni-certing.it", true }, { "cnre.eu", true }, + { "cnvt.fr", true }, { "co-factor.ro", true }, { "co-founder-stuttgart.de", true }, { "co.search.yahoo.com", false }, @@ -7408,11 +7507,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "coastline.net.au", true }, { "coathangastrangla.com", true }, { "coathangastrangler.com", true }, - { "coathangerstrangla.com", true }, - { "coathangerstrangler.com", true }, - { "coatl-industries.com", true }, { "cobalt.io", true }, { "cobaltgp.com", true }, + { "cobcode.com", true }, { "cobracastles.co.uk", true }, { "cocaine-import.agency", true }, { "cocaine.ninja", true }, @@ -7425,7 +7522,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "coco-line.ch", true }, { "cocoaheads.at", false }, { "cocoamexico.com", true }, - { "cocodemy.com", true }, { "cocodroid.com", true }, { "coconutoil24.com", true }, { "cocoscastles.co.uk", true }, @@ -7454,6 +7550,8 @@ static const nsSTSPreload kSTSPreloadList[] = { { "codeine.co.uk", true }, { "codeit.guru", true }, { "codeit.us", true }, + { "codejots.com", true }, + { "codejunkie.de", false }, { "codemonster.eu", true }, { "codenode.io", true }, { "codeofthenorth.com", true }, @@ -7465,7 +7563,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "codercy.com", true }, { "codereview.appspot.com", false }, { "codereview.chromium.org", false }, - { "coderhangout.com", true }, { "coderme.com", true }, { "codersbistro.com", true }, { "codes.pk", true }, @@ -7483,6 +7580,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "codeventure.de", true }, { "codeversetech.com", true }, { "codewild.de", true }, + { "codexpo.net", true }, { "codeyellow.nl", true }, { "codific.com", true }, { "codific.eu", true }, @@ -7493,11 +7591,13 @@ static const nsSTSPreload kSTSPreloadList[] = { { "coding.net", true }, { "codingforspeed.com", true }, { "codingfromhell.net", true }, + { "codinginfinity.me", true }, { "codingrobots.com", true }, { "codxg.org", true }, { "codyevanscomputer.com", true }, { "codymoniz.com", true }, { "codyqx4.com", true }, + { "coentropic.com", true }, { "coffee-mamenoki.jp", true }, { "coffeeandteabrothers.com", true }, { "coffeetocode.me", true }, @@ -7508,10 +7608,10 @@ static const nsSTSPreload kSTSPreloadList[] = { { "cognitip.com", true }, { "cognitivecomputingconsortium.com", true }, { "cognitohq.com", true }, + { "cogsquad.house", true }, { "coi-verify.com", true }, { "coiffeurschnittstelle.ch", true }, { "coigach-assynt.org", true }, - { "coimmvest.com", true }, { "coin-quest.net", true }, { "coin.dance", true }, { "coinapult.com", true }, @@ -7532,6 +7632,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "coinloan.io", true }, { "coinmewallet.com", true }, { "coinpit.io", true }, + { "coins2001.ru", true }, { "coinx.pro", true }, { "coisasdemulher.org", true }, { "cojam.ru", true }, @@ -7571,9 +7672,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "collabornation.net", true }, { "collaction.hk", true }, { "collada.org", true }, - { "collbox.co", true }, { "collectdocs.com", true }, { "collectfood.com", true }, + { "collectiblebeans.com", true }, { "collectivesupply.com", true }, { "collectorknives.net", true }, { "collectorsystems.com", true }, @@ -7595,9 +7696,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "colorectalcompounding.com", true }, { "colorfuldots.com", true }, { "colorhexa.com", true }, - { "coloringnotebook.com", true }, { "coloristcafe.com", true }, - { "colorlifesupport.com", true }, { "colorsbycarin.com", true }, { "colossal-events.co.uk", true }, { "colourfulcastles.co.uk", true }, @@ -7607,6 +7706,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "colyakootees.com", true }, { "com-in.de", true }, { "comalia.com", true }, + { "comandofilmes.club", true }, { "comarkinstruments.net", true }, { "combatircelulitis.com", true }, { "combattrecellulite.com", true }, @@ -7614,17 +7714,19 @@ static const nsSTSPreload kSTSPreloadList[] = { { "combron.co.uk", true }, { "combron.com", true }, { "combron.nl", true }, - { "comchezmeme.com", true }, { "comcol.nl", true }, - { "comdotgame.com", true }, { "comdurav.com", true }, + { "comeals.com", true }, + { "comeoishii.com", true }, { "comercialtpv.com", true }, { "comerford.net", true }, { "comestoarra.com", true }, { "cometbot.cf", true }, { "cometcache.com", true }, { "cometonovascotia.ca", true }, - { "cometrueunlimited.com", true }, + { "comevius.com", true }, + { "comevius.org", true }, + { "comevius.xyz", true }, { "comff.net", true }, { "comfintouch.com", true }, { "comflores.com.br", true }, @@ -7636,6 +7738,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "comidasperuanas.net", true }, { "comiteaintriathlon.fr", true }, { "comm.cx", true }, + { "commania.co.kr", true }, { "commco.nl", true }, { "commechezvous.ch", true }, { "commerce.gov", true }, @@ -7648,6 +7751,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "commoncore4kids.com", true }, { "communityblog.fedoraproject.org", true }, { "communitycodeofconduct.com", true }, + { "communityflow.info", true }, { "communote.net", true }, { "como-se-escribe.com", true }, { "comocurarlagastritistratamientonatural.com", true }, @@ -7659,18 +7763,17 @@ static const nsSTSPreload kSTSPreloadList[] = { { "comogene.com", true }, { "comohacerelamoraunhombrenet.com", true }, { "comohacerpara.com", true }, - { "comoimportar.net", true }, { "comopuededejardefumar.net", true }, { "comoquitarlacaspa24.com", true }, { "comoquitarlasestriasrapidamente.com", true }, { "comorecuperaratumujerpdf.com", true }, { "comosatisfaceraunhombreenlacamaydejarloloco.com", true }, - { "comosecarabarriga.net", true }, - { "comoseduzir.net", true }, + { "comosefazisto.com.br", true }, { "comp2go.com.au", true }, { "compagnia-buffo.de", true }, { "compagniemartin.com", true }, { "comparatif-moto.fr", true }, + { "compareandrecycle.co.uk", true }, { "compareandrecycle.com", false }, { "compareinsurance.com.au", true }, { "comparesoft.com", true }, @@ -7698,8 +7801,8 @@ static const nsSTSPreload kSTSPreloadList[] = { { "compraneta.com", false }, { "compreautomacao.com.br", true }, { "compree.com", true }, - { "compromised.com", true }, - { "compsmag.com", true }, + { "compros.me", true }, + { "compservice.in.ua", true }, { "compubench.com", true }, { "compucastell.ch", true }, { "compucorner.mx", true }, @@ -7719,6 +7822,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "comunidadmontepinar.es", true }, { "comw.cc", true }, { "conalcorp.com", true }, + { "conatus.ai", true }, { "conaudisa.com", false }, { "concept-web.ch", true }, { "concertengine.com", true }, @@ -7726,6 +7830,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "concertsenboite.fr", true }, { "concertsto.com", true }, { "conciliumnotaire.ca", true }, + { "concretelevelingsystems.com", true }, { "concreterepairatlanta.com", true }, { "concursopublico.com.br", true }, { "concursos.com.br", true }, @@ -7747,6 +7852,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "conejovalleylandscapelighting.com", true }, { "conejovalleylighting.com", true }, { "conejovalleyoutdoorlighting.com", true }, + { "conexiontransporte.com", true }, { "confiancefoundation.org", true }, { "confidential.network", true }, { "config.schokokeks.org", false }, @@ -7754,17 +7860,19 @@ static const nsSTSPreload kSTSPreloadList[] = { { "conflux.tw", true }, { "conformax.com.br", true }, { "conformist.jp", true }, + { "confucio.cl", true }, { "confuddledpenguin.com", true }, { "cong5.net", true }, { "congineer.com", true }, { "congobunkering.com", true }, { "conju.cat", true }, { "conjugacao.com.br", true }, - { "conkret.ch", true }, { "conkret.de", true }, { "conkret.mobi", true }, { "conmedapps.com", true }, + { "conn.cx", true }, { "connect-ed.network", true }, + { "connect-me.com", true }, { "connect.dating", true }, { "connect.facebook.net", true }, { "connecta.store", true }, @@ -7774,17 +7882,21 @@ static const nsSTSPreload kSTSPreloadList[] = { { "connectmy.car", true }, { "connecto-data.com", true }, { "connectum.eu", true }, + { "conner.work", true }, { "connexas.eu", true }, { "connext.de", true }, { "connictro.de", true }, { "conniesacademy.com", true }, + { "connorhatch.com", true }, { "connorsmith.co", true }, { "connyduck.at", true }, + { "conociendosalama.com", true }, { "conocimientosdigitales.com", true }, { "conory.com", true }, { "conpins.nl", true }, { "conrad-kostecki.de", true }, { "conradkostecki.de", true }, + { "conrail.blue", true }, { "consciousbrand.co", true }, { "consciouschoices.net", true }, { "consec-systems.de", true }, @@ -7804,12 +7916,13 @@ static const nsSTSPreload kSTSPreloadList[] = { { "constancechen.me", true }, { "constant-rough.de", true }, { "constares.de", true }, - { "construct-trust.com", true }, { "constructexpres.ro", true }, + { "constructieve.nl", true }, { "construction-student.co.uk", true }, { "constructionjobs.com", true }, { "consul.io", true }, { "consulenza.pro", true }, + { "consultation.biz.tr", true }, { "consultimator.com", true }, { "consultimedia.de", true }, { "consultpetkov.com", true }, @@ -7830,6 +7943,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "conti-profitlink.co.uk", true }, { "continuum.memorial", true }, { "contrabass.net", true }, + { "contractdigital.co.uk", true }, { "contractormountain.com", true }, { "contractwriters.com", true }, { "contraspin.co.nz", true }, @@ -7839,6 +7953,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "controlautocom.com.br", true }, { "controlbooth.com", true }, { "controle.net", true }, + { "controleer-maar-een-ander.nl", true }, { "controltickets.com.br", true }, { "contxt-agentur.de", true }, { "conv2pdf.com", true }, @@ -7875,6 +7990,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "cool110.tk", true }, { "cool110.xyz", true }, { "coolattractions.co.uk", true }, + { "coolbitx.com", true }, { "cooldan.com", true }, { "coole-fete.de", true }, { "coolerssr.space", true }, @@ -7883,6 +7999,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "coolrc.me", true }, { "coolviewthermostat.com", true }, { "coolwallet.io", true }, + { "coonawarrawines.com.au", true }, { "coopens.com", true }, { "coor.fun", true }, { "coore.jp", true }, @@ -7891,8 +8008,8 @@ static const nsSTSPreload kSTSPreloadList[] = { { "copinstant.com", true }, { "copperhead.co", true }, { "copperheados.com", true }, + { "coppermein.co.za", true }, { "copplaw.com", true }, - { "coptic-treasures.com", true }, { "coptkm.cz", true }, { "copycaught.co", true }, { "copycaught.net", true }, @@ -7902,6 +8019,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "copypoison.com", true }, { "copyright-watch.org", true }, { "copytrack.com", true }, + { "coquibus.net", true }, { "corbi.net.au", true }, { "cordep.biz", true }, { "corder.tech", true }, @@ -7909,10 +8027,10 @@ static const nsSTSPreload kSTSPreloadList[] = { { "cordis.io", true }, { "cordis.tk", true }, { "cordlessdog.com", true }, - { "core-concepts.de", true }, + { "core-concepts.de", false }, { "core-networks.de", true }, { "core.mx", true }, - { "core.org.pt", false }, + { "core.org.pt", true }, { "coreapm.org", true }, { "corecodec.com", true }, { "coredump.gr", true }, @@ -7920,11 +8038,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "corelia.net", true }, { "corepartners.com.ua", true }, { "coresolutions.ca", true }, - { "coresos.com", true }, { "coreum.ca", true }, { "coreyjmahler.com", true }, { "corgi.party", true }, { "coribi.com", true }, + { "corinastefan.ro", true }, { "corintech.net", true }, { "corisu.co", true }, { "corkedwinebar.com", true }, @@ -7949,6 +8067,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "corporateclash.net", true }, { "corporatecomputingsolutions.com", true }, { "corporateinfluencers.com", true }, + { "corporativoarval.info", true }, { "corpsepaint.life", true }, { "corpulant.coffee", true }, { "corpulantcoffee.com", true }, @@ -7957,6 +8076,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "corpusslayer.com", true }, { "corrbee.com", true }, { "correctiv.org", true }, + { "corrick.io", true }, { "corrupted.io", true }, { "corsa-b.uk", true }, { "corsectra.com", true }, @@ -7987,6 +8107,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "cospol.ch", true }, { "costa-rica-reisen.ch", true }, { "costa-rica-reisen.de", true }, + { "costablanca.villas", true }, { "costablancavoorjou.com", true }, { "costcofinance.com", true }, { "costinstefan.eu", true }, @@ -8001,6 +8122,8 @@ static const nsSTSPreload kSTSPreloadList[] = { { "counter-team.ch", true }, { "counterglobal.com", true }, { "countermail.com", true }, + { "countermats.net", true }, + { "countersolutions.co.uk", true }, { "countingto.one", true }, { "countryattire.com", true }, { "countrybrewer.com.au", true }, @@ -8015,11 +8138,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "couragefound.org", true }, { "coursables.com", true }, { "coursera.org", true }, - { "courseworkbank.info", true }, { "courtlistener.com", true }, { "couscous.recipes", true }, { "cousincouples.com", true }, { "coussinsky.net", true }, + { "couvreur-hinault.fr", true }, { "covbounce.co.uk", true }, { "covenantoftheriver.org", true }, { "covermytrip.com.au", true }, @@ -8050,9 +8173,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "cprheartcenter.com", true }, { "cprnearme.com", true }, { "cptoon.com", true }, + { "cpu.biz.tr", true }, { "cpvmatch.eu", true }, { "cpy.pt", true }, - { "cqchome.com", true }, { "cqn.ch", true }, { "cr.search.yahoo.com", false }, { "cr0nus.net", true }, @@ -8069,7 +8192,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "craftinginredlipstick.com", true }, { "craftist.de", true }, { "craftsmandruggets.com", true }, - { "craftwmcp.xyz", true }, { "craftyguy.net", true }, { "craftyphotons.net", true }, { "crag.com.tw", true }, @@ -8085,6 +8207,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "crawcial.de", true }, { "crawfordcountytcc.org", true }, { "crawl.report", true }, + { "crawler.ninja", true }, { "crawleybouncycastles.co.uk", true }, { "crawlspaceandbasementsolutions.com", true }, { "crazy-coders.com", true }, @@ -8094,7 +8217,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "crazydomains.co.uk", true }, { "crazydomains.com.au", true }, { "crazydomains.in", true }, - { "crazyfamily11.de", true }, { "crazymeeshu.com", true }, { "crazynoisybizarre.town", true }, { "crazypaul.com", true }, @@ -8105,16 +8227,15 @@ static const nsSTSPreload kSTSPreloadList[] = { { "crea-shops.ch", true }, { "crea.bg", true }, { "creadstudy.com", true }, + { "crealogix-online.com", true }, { "creamcastles.co.uk", true }, { "creared.edu.co", true }, - { "create-ls.jp", true }, { "create-together.nl", true }, { "createme.com.pl", true }, { "createursdefilms.com", true }, { "creatieven.com", true }, { "creation-contemporaine.com", true }, { "creations-edita.com", true }, - { "creative-coder.de", false }, { "creative-wave.fr", true }, { "creativebites.de", true }, { "creativecaptiv.es", true }, @@ -8125,6 +8246,8 @@ static const nsSTSPreload kSTSPreloadList[] = { { "creativedigital.co.nz", true }, { "creativefolks.co.uk", true }, { "creativefreedom.ca", true }, + { "creativeglassgifts.com.au", true }, + { "creativeink.de", true }, { "creativekkids.com", true }, { "creativelaw.eu", true }, { "creativeliquid.com", true }, @@ -8138,7 +8261,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "creators.co", true }, { "creators.direct", true }, { "creatujoya.com", true }, - { "crecips.com", true }, { "credential.eu", true }, { "credex.bg", true }, { "credigo.se", true }, @@ -8156,7 +8278,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "crem.in", false }, { "cremepassion.de", true }, { "crena.ch", true }, - { "creorin.com", true }, { "crepa.ch", true }, { "crepererum.net", true }, { "crescent.gr.jp", true }, @@ -8166,7 +8287,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "cretica.no", true }, { "creusalp.ch", true }, { "crew505.org", true }, - { "crge.eu", true }, { "crgm.net", true }, { "criadorespet.com.br", true }, { "cribcore.com", true }, @@ -8197,11 +8317,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "croceverdevb.it", true }, { "crochetnerd.com", true }, { "croisedanslemetro.com", true }, - { "croisieres.discount", true }, { "croixblanche-haguenau.fr", true }, { "cromefire.myds.me", true }, { "cronberg.ch", true }, { "croncron.io", true }, + { "cronix.cc", true }, { "cronologie.de", true }, { "cronometer.com", true }, { "cropdiagnosis.com", true }, @@ -8225,6 +8345,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "crowdbox.net", true }, { "crowdcloud.be", true }, { "crowdliminal.com", true }, + { "crowdsim3d.com", true }, { "crowdsupply.com", true }, { "crowdwis.com", true }, { "crowncastles.co.uk", true }, @@ -8258,19 +8379,15 @@ static const nsSTSPreload kSTSPreloadList[] = { { "crypto.cat", false }, { "crypto.graphics", true }, { "crypto.is", false }, - { "cryptobells.com", false }, { "cryptobin.co", true }, { "cryptocon.org", true }, - { "cryptoegg.ca", true }, { "cryptofan.org", true }, - { "cryptofrog.co", true }, { "cryptography.ch", true }, { "cryptography.io", true }, { "cryptoguidemap.com", true }, - { "cryptoisnotacrime.org", true }, - { "cryptojourney.com", true }, { "cryptolinc.com", true }, { "cryptology.ch", true }, + { "cryptolosophy.io", true }, { "cryptolosophy.org", true }, { "cryptonom.org", true }, { "cryptonym.com", true }, @@ -8289,6 +8406,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "crystalapp.ca", true }, { "crystalchandelierservices.com", true }, { "crystalgrid.net", true }, + { "crystallizedcouture.com", true }, { "crystone.me", true }, { "cryz.ru", true }, { "cs2016.ch", true }, @@ -8299,22 +8417,21 @@ static const nsSTSPreload kSTSPreloadList[] = { { "csca.me", true }, { "cscdn.net", true }, { "csd-sevnica.si", true }, - { "csfcloud.com", true }, { "csfd.cz", true }, { "csfloors.co.uk", true }, { "csfm.com", true }, { "csgo.su", true }, - { "csgogamers.com", false }, - { "csgohandouts.com", true }, { "csgoswap.com", true }, { "csgotwister.com", true }, { "csharpmarc.net", true }, { "cshopify.com", true }, { "csi.lk", true }, + { "csinterstargeneve.ch", true }, { "cskentertainment.co.uk", true }, { "csmainframe.com", true }, { "csokolade.hu", true }, { "csp.ch", true }, + { "cspeti.hu", true }, { "cspvalidator.org", true }, { "csrichter.com", true }, { "csru.net", true }, @@ -8327,7 +8444,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "csu.st", true }, { "csuw.net", true }, { "csvalpha.nl", true }, - { "cswarzone.com", true }, { "ct.search.yahoo.com", false }, { "ctc-transportation.com", true }, { "ctcue.com", true }, @@ -8344,7 +8460,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "ctomp.io", true }, { "ctpe.net", true }, { "ctrld.me", true }, - { "ctyi.me", true }, { "cu247secure.ie", true }, { "cub-bouncingcastles.co.uk", true }, { "cube-cloud.com", true }, @@ -8352,13 +8467,12 @@ static const nsSTSPreload kSTSPreloadList[] = { { "cubecart-demo.co.uk", true }, { "cubecart-hosting.co.uk", true }, { "cubecraft.net", true }, - { "cubecraftstore.com", true }, - { "cubecraftstore.net", true }, { "cubekrowd.net", true }, { "cubia.de", true }, { "cubia3.com", true }, { "cubia4.com", true }, { "cubile.xyz", true }, + { "cublick.com", true }, { "cubos.io", false }, { "cubostecnologia.com", false }, { "cubostecnologia.com.br", false }, @@ -8380,29 +8494,31 @@ static const nsSTSPreload kSTSPreloadList[] = { { "cultureelbeleggen.nl", true }, { "culturerain.com", true }, { "cultureroll.com", true }, + { "culturesouthwest.org.uk", true }, { "cumplegenial.com", true }, - { "cunha.be", true }, + { "cuntflaps.me", true }, { "cuoc.org.uk", true }, { "cup.al", true }, { "cupcakesandcrinoline.com", true }, { "cupcao.gov", true }, { "cupi.co", true }, - { "cupofarchitects.net", true }, { "cupom.net", true }, { "cuppycakes.fi", true }, { "cur.by", true }, { "curacao-firma.com", true }, { "curamail.co.uk", true }, { "curareldolordeespalda.com", true }, + { "curatedgeek.com", true }, { "curbside.com", true }, { "curia.fi", true }, { "curieux.digital", true }, { "curio-shiki.com", true }, { "curiosity-driven.org", true }, + { "curiouspeddler.com", true }, { "curlybracket.co.uk", true }, { "currency-strength.com", true }, - { "current.com", true }, { "currentlystreaming.com", true }, + { "currentlyusa.com", true }, { "currentobserver.com", true }, { "currynissanmaparts.com", true }, { "cursos.com", true }, @@ -8415,6 +8531,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "curtislinville.net", true }, { "curtissmith.me.uk", true }, { "curtissmith.uk", true }, + { "curva.co", true }, { "curveprotect.com", true }, { "curveprotect.cz", true }, { "curveprotect.net", true }, @@ -8423,17 +8540,14 @@ static const nsSTSPreload kSTSPreloadList[] = { { "curvissa.co.uk", true }, { "custerweb.com", true }, { "custodyxchange.com", true }, + { "custombikes.cl", true }, { "customdissertation.com", true }, { "customerbox.ir", true }, { "customfitbymj.net", true }, { "customfitmarketing.com", true }, { "customgear.com.au", true }, - { "customizeyourshower.com", true }, { "customizeyoursink.com", true }, - { "custompapers.com", true }, - { "customromlist.com", true }, { "customshort.link", true }, - { "customwritings.com", true }, { "customwritingservice.com", true }, { "customwritten.com", true }, { "cutephil.com", true }, @@ -8473,7 +8587,14 @@ static const nsSTSPreload kSTSPreloadList[] = { { "cwgaming.co.uk", true }, { "cwinfo.fi", true }, { "cwmart.in", true }, - { "cwningen.cymru", false }, + { "cwrau.com", true }, + { "cwrau.de", true }, + { "cwrau.info", true }, + { "cwrau.io", true }, + { "cwrau.me", true }, + { "cwrau.name", true }, + { "cwrau.rocks", true }, + { "cwrau.tech", true }, { "cwrcoding.com", true }, { "cy.ax", true }, { "cyber.cafe", true }, @@ -8483,6 +8604,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "cybercocoon.com", true }, { "cybercrew.cc", true }, { "cybercrime-forschung.de", true }, + { "cybercymru.co.uk", true }, { "cyberduck.io", true }, { "cyberdyne-industries.net", true }, { "cyberexplained.info", true }, @@ -8496,15 +8618,17 @@ static const nsSTSPreload kSTSPreloadList[] = { { "cybermeldpunt.nl", true }, { "cyberoptic.de", true }, { "cyberphaze.com", true }, + { "cyberpioneer.net", false }, { "cyberpubonline.com", true }, { "cyberregister.nl", true }, { "cyberregister.org", true }, + { "cybersafesolutions.com", true }, { "cybersantri.com", true }, { "cybersecurity.nz", true }, + { "cybersecurity.run", true }, { "cybersecuritychallenge.be", true }, { "cybersecurityketen.nl", true }, { "cyberseguranca.com.br", true }, - { "cyberserver.org", true }, { "cybersins.com", true }, { "cybersmart.co.uk", true }, { "cybersmartdefence.com", true }, @@ -8516,11 +8640,12 @@ static const nsSTSPreload kSTSPreloadList[] = { { "cybertu.be", true }, { "cyberwars.dk", true }, { "cyberwire.nl", true }, - { "cybit.io", true }, + { "cyberxpert.nl", true }, { "cybozu.cn", true }, { "cybozu.com", true }, { "cybozulive-dev.com", true }, { "cybozulive.com", true }, + { "cybrary.it", true }, { "cyclebeads.com", true }, { "cycleluxembourg.lu", true }, { "cyclisjumper.gallery", true }, @@ -8531,12 +8656,10 @@ static const nsSTSPreload kSTSPreloadList[] = { { "cygnan.com", true }, { "cygnatus.com", true }, { "cygnius.net", true }, - { "cygu.ch", true }, { "cyhour.com", true }, { "cykelbanor.se", true }, { "cylindricity.com", true }, { "cyon.ch", true }, - { "cype.dedyn.io", true }, { "cyph.audio", true }, { "cyph.com", true }, { "cyph.healthcare", true }, @@ -8546,18 +8669,18 @@ static const nsSTSPreload kSTSPreloadList[] = { { "cyph.video", true }, { "cyph.ws", true }, { "cypherpunk.at", true }, - { "cypressinheritancesaga.com", true }, + { "cypherpunk.com", true }, { "cypresslegacy.com", true }, { "cyprus-company-service.com", true }, { "cyrating.com", true }, { "cysec.biz", true }, { "cyson.tech", true }, { "cytech.com.tr", true }, - { "cytegic-update-packages.com", true }, { "cyumus.com", true }, { "cyyzaid.cn", true }, { "czakey.net", true }, { "czbix.com", true }, + { "czbtm.com", true }, { "czc.cz", true }, { "czechamlp.com", true }, { "czechvirus.cz", true }, @@ -8568,7 +8691,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "d-designerin.de", true }, { "d-eisenbahn.com", true }, { "d-loop.de", true }, - { "d-macindustries.com", true }, { "d-msg.com", true }, { "d-parts24.de", true }, { "d-quantum.com", true }, @@ -8582,11 +8704,12 @@ static const nsSTSPreload kSTSPreloadList[] = { { "d0m41n.name", true }, { "d0xq.com", true }, { "d2s.uk", true }, + { "d3lab.net", true }, { "d3njjcbhbojbot.cloudfront.net", true }, { "d3xt3r01.tk", true }, { "d3xx3r.de", true }, { "d42.no", true }, - { "d4wson.com", true }, + { "d4rkdeagle.tk", true }, { "d4x.de", true }, { "d66.nl", true }, { "d8.io", true }, @@ -8594,6 +8717,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "da.hn", true }, { "da42foripad.com", true }, { "daallexx.eu", true }, + { "dabneydriveanimalhospital.com", true }, { "dabuttonfactory.com", true }, { "dachb0den.net", true }, { "dachdecker-ranzenberger.de", true }, @@ -8609,6 +8733,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "dadrian.io", true }, { "daduke.org", true }, { "daemen.org", true }, + { "daemon.xin", true }, { "daemonslayer.net", true }, { "daemwool.ch", true }, { "daevel.fr", true }, @@ -8621,6 +8746,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "dagmar2018.cz", true }, { "dahlberg.cologne", true }, { "dai.top", true }, + { "daigakujuken-plus.com", true }, { "daikoz.com", true }, { "dailybits.be", true }, { "dailyblogged.com", true }, @@ -8630,9 +8756,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "dailyxenang.com", true }, { "daintymeal.com", true }, { "dairyshrine.org", true }, + { "daisakuikeda.org", true }, { "daisidaniels.co.uk", true }, { "daisy-peanut.com", true }, { "daisypeanut.com", true }, + { "daiwai.de", false }, { "daiweihu.com", true }, { "dak.org", true }, { "daknob.net", true }, @@ -8661,6 +8789,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "damngoodpepper.com", false }, { "damongant.de", true }, { "damonline.dk", true }, + { "dampedia.com", true }, { "dan-informacijske-varnosti.si", true }, { "dan.me.uk", true }, { "dan.org.nz", true }, @@ -8672,9 +8801,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "danchen.org", true }, { "dancingcubs.co.uk", true }, { "dancingshiva.at", true }, - { "dandenongroadapartments.com.au", true }, { "daneandthepain.com", true }, - { "dango.in", true }, { "danhalliday.com", true }, { "daniel-baumann.ch", true }, { "daniel-cholewa.de", true }, @@ -8682,13 +8809,14 @@ static const nsSTSPreload kSTSPreloadList[] = { { "daniel-kulbe.de", true }, { "daniel-milnes.uk", true }, { "daniel-ruf.de", true }, + { "daniel-wildhaber.ch", true }, { "danielalvarez.net", true }, { "danielas.boutique", true }, { "danielehniss.de", true }, { "danielepestilli.com", true }, { "danielgorr.de", true }, { "danielheal.net", true }, - { "danielhinterlechner.eu", false }, + { "danielhinterlechner.eu", true }, { "danielhochleitner.de", true }, { "danieljamesscott.org", true }, { "danieljireh.com", true }, @@ -8697,19 +8825,21 @@ static const nsSTSPreload kSTSPreloadList[] = { { "danielmarquard.com", true }, { "danielmartin.de", true }, { "danielmoch.com", true }, + { "danielmorell.com", true }, { "danielmostertman.com", false }, { "danielmostertman.nl", false }, { "danielpeukert.cz", true }, + { "danielran.com", true }, { "danielrozenberg.com", true }, { "danielsblog.org", true }, { "danielschreurs.com", true }, { "danielstach.cz", true }, - { "danielsteiner.net", true }, { "danielstiner.me", true }, - { "danielt.co.uk", true }, + { "danielt.co.uk", false }, { "danielthompson.info", true }, { "danieltollot.de", true }, { "danielvoogsgerd.nl", true }, + { "danielwildhaber.ch", true }, { "danifabi.eu", true }, { "danilapisarev.com", true }, { "danjesensky.com", true }, @@ -8735,6 +8865,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "danpiel.net", true }, { "dansage.co", true }, { "danscomp.com", true }, + { "dansdiscounttools.com", true }, { "danselibre.net", true }, { "danselibre.org", true }, { "danseressen.nl", true }, @@ -8754,6 +8885,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "daphne.informatik.uni-freiburg.de", true }, { "dapim.co.il", true }, { "daplie.com", true }, + { "dappworld.com", true }, { "daracokorilo.com", true }, { "daravk.ch", true }, { "darbi.org", true }, @@ -8771,12 +8903,16 @@ static const nsSTSPreload kSTSPreloadList[] = { { "darisni.me", true }, { "dark-infection.de", true }, { "dark-vision.cz", true }, + { "dark.ninja", true }, { "darkag.ovh", true }, { "darkcores.net", true }, { "darkengine.io", true }, { "darkengine.net", true }, + { "darkerlystormy.com", true }, + { "darkerstormy.com", true }, { "darkeststar.org", true }, { "darkfire.ch", true }, + { "darknessflickers.com", true }, { "darknetlive.com", true }, { "darknight.blog", true }, { "darkroomsaredead.com", true }, @@ -8791,6 +8927,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "darkx.me", true }, { "darom.jp", true }, { "darookee.net", false }, + { "daropia.org", true }, { "darshnam.com", true }, { "dart-tanke.com", true }, { "dart-tanke.de", true }, @@ -8809,7 +8946,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "dashboard.run", true }, { "dashlane.com", true }, { "dashnearby.com", true }, + { "dashwebconsulting.com", true }, { "dasinternetluegt.at", true }, + { "dasteichwerk.at", true }, { "dasug.de", true }, { "data-detox.de", true }, { "data.gov", true }, @@ -8827,11 +8966,10 @@ static const nsSTSPreload kSTSPreloadList[] = { { "datacool.tk", true }, { "datadit.hu", true }, { "datadyne.technology", true }, - { "datafd.com", true }, - { "datafd.net", true }, { "dataformers.at", true }, + { "datagrail.io", true }, { "dataharvest.at", true }, - { "datahoarderschool.club", true }, + { "datahoarder.xyz", true }, { "datakick.org", true }, { "datalife.gr", true }, { "datalysis.ch", true }, @@ -8842,7 +8980,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "datascience.cafe", true }, { "datascience.ch", true }, { "datascomemorativas.com.br", true }, - { "datasharesystem.com", true }, { "dataskydd.net", true }, { "dataspace.pl", true }, { "dataswamp.org", true }, @@ -8856,7 +8993,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "datememe.com", true }, { "datengrab.xyz", true }, { "datenkeks.de", true }, - { "datenlast.de", true }, { "dateno1.com", true }, { "datenreiter.org", true }, { "datenschutz-consult.de", true }, @@ -8869,7 +9005,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "datingticino.ch", true }, { "datmancrm.com", true }, { "datovyaudit.cz", true }, - { "datsound.ru", true }, { "datumou-osusume.com", true }, { "datumou-recipe.com", true }, { "datumstudio.jp", true }, @@ -8883,6 +9018,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "davepage.me.uk", true }, { "davepearce.com", true }, { "davescomputertips.com", true }, + { "davesharpe.com", true }, { "davesinclair.com.au", true }, { "davetempleton.com", true }, { "davevelopment.net", true }, @@ -8901,6 +9037,8 @@ static const nsSTSPreload kSTSPreloadList[] = { { "davidbuckell.com", true }, { "davidcrx.net", true }, { "daviddever.net", true }, + { "davidforward.com", true }, + { "davidforward.net", true }, { "davidfrancoeur.com", true }, { "davidgouveia.net", true }, { "davidgow.net", true }, @@ -8908,10 +9046,10 @@ static const nsSTSPreload kSTSPreloadList[] = { { "davidking.xyz", true }, { "davidlamprea.com", true }, { "davidlane.io", true }, - { "davidlillo.com", true }, { "davidlyness.com", true }, { "davidmcevoy.org.uk", true }, { "davidmessenger.co.uk", true }, + { "davidmn.org", true }, { "davidnadaski.com", true }, { "davidpearce.com", true }, { "davidpearce.org", true }, @@ -8926,19 +9064,18 @@ static const nsSTSPreload kSTSPreloadList[] = { { "davisroi.com", true }, { "davo-usedcars.be", true }, { "davy-server.com", true }, - { "daw.nz", true }, { "dawena.de", true }, + { "dawgs.ga", true }, { "dawnbringer.eu", true }, { "dawnbringer.net", true }, { "dawnofeden.net", true }, - { "dawnsonb.com", true }, { "dawoud.org", true }, { "dawson-floridavilla.co.uk", true }, { "day-peak.com", true }, { "daycontactlens.com", true }, { "daylight-dream.ee", true }, { "daylightpirates.org", true }, - { "dayman.net", true }, + { "dayman.net", false }, { "daymprove.life", true }, { "dayofdays.be", true }, { "daysoftheyear.com", true }, @@ -8978,10 +9115,10 @@ static const nsSTSPreload kSTSPreloadList[] = { { "dchest.org", true }, { "dckd.nl", true }, { "dcl.re", true }, + { "dclaisse.fr", true }, { "dcmt.co", true }, { "dcpower.eu", true }, { "dcrdev.com", true }, - { "dd.art.pl", true }, { "ddays2008.org", true }, { "ddel.de", true }, { "dden.ca", true }, @@ -8993,11 +9130,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "ddproxy.cf", true }, { "ddracepro.net", true }, { "dds.mil", true }, + { "ddy.tw", true }, { "de-gucci.com", true }, { "de-mail.info", true }, { "de-medici.nl", true }, { "de-rwa.de", true }, - { "de-spil.be", true }, { "de.search.yahoo.com", false }, { "deadbeef.ninja", true }, { "deadc0de.re", true }, @@ -9016,12 +9153,12 @@ static const nsSTSPreload kSTSPreloadList[] = { { "dealbanana.it", true }, { "dealbanana.se", true }, { "dealcruiser.nl", true }, + { "dealerselectric.com", true }, { "dealinflatables.co.uk", true }, { "dealpass.no", true }, { "deamuseum.org", true }, { "deanbank.com", true }, { "deanisa.ninja", true }, - { "deanjerkovich.com", true }, { "deanmorgan.org", true }, { "deano-s.co.uk", true }, { "deanosplace.net", true }, @@ -9031,6 +9168,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "dearfcc.org", true }, { "dearktiel.nl", true }, { "dearnevalleybouncycastles.co.uk", true }, + { "deathofspring.com", true }, { "deathy.ro", true }, { "debarrasantony.com", true }, { "debarrasasnieressurseine.com", true }, @@ -9041,7 +9179,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "debbyefurd.com", true }, { "debie-usedcars.be", true }, { "debigare.com", true }, - { "debitpaie.com", true }, { "debron-ot.nl", true }, { "debrusoft.ch", true }, { "debt.com", true }, @@ -9081,13 +9218,13 @@ static const nsSTSPreload kSTSPreloadList[] = { { "deechtebakkers.nl", true }, { "deegeeinflatables.co.uk", true }, { "deelmijnreis.nl", true }, - { "deep.club", true }, { "deep.social", true }, { "deepaero.com", true }, { "deeparamaraj.com", true }, { "deepbluecrafting.co.uk", true }, { "deepcode.io", true }, { "deeperxh.com", true }, + { "deephill.com", true }, { "deeployr.io", true }, { "deepserve.info", true }, { "deepsouthsounds.com", true }, @@ -9097,7 +9234,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "deepzz.com", true }, { "deer.team", true }, { "deezeno.com", true }, - { "def-pos.ru", true }, { "defcon.org", true }, { "defcongroups.org", true }, { "defeestboek.nl", true }, @@ -9175,6 +9311,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "deltafinanceiro.com.br", true }, { "deltaonlineguards.com", true }, { "deltaservers.com.br", true }, + { "deltasigmachi.org", true }, { "deltasmart.ch", true }, { "deltava.org", true }, { "demarle.ch", true }, @@ -9194,6 +9331,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "demonwav.com", true }, { "demonwolfdev.com", true }, { "demotivatorbi.ru", true }, + { "dempsters.ca", false }, { "demuzere.be", true }, { "demuzere.com", true }, { "demuzere.eu", true }, @@ -9203,6 +9341,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "denaehula.com", true }, { "denardbrewing.com", true }, { "denbkh.ru", true }, + { "dengchangdong.com", true }, { "dengode.eu", true }, { "denimio.com", true }, { "denimtoday.com", true }, @@ -9221,6 +9360,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "dent.uy", true }, { "dentallaborgeraeteservice.de", true }, { "dentfix.ro", true }, + { "dentistesdarveauetrioux.com", true }, { "dentistglasgow.com", true }, { "dentrassi.de", true }, { "dentystabirmingham.co.uk", true }, @@ -9236,10 +9376,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "depotsquarekerrville.com", true }, { "depotter-usedcars.be", true }, { "deprecate.de", true }, - { "deprobe.pro", true }, - { "depth-co.jp", true }, { "depthe.gr", true }, { "der-bank-blog.de", true }, + { "der-fliesenzauberer.de", true }, { "der-gardinenmann.de", true }, { "der-lan.de", true }, { "der-rudi.eu", true }, @@ -9252,6 +9391,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "derbybouncycastles.com", true }, { "derdewereldrommelmarkt.nl", true }, { "derechosdigitales.org", true }, + { "dereddingsklos.nl", true }, { "dereferenced.net", true }, { "derehamcastles.co.uk", true }, { "derekheld.com", true }, @@ -9281,6 +9421,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "desertsounds.org", true }, { "desgenst.ch", true }, { "design-fu.com", false }, + { "design-in-bad.eu", true }, { "design-tooning.de", true }, { "designdevs.eu", true }, { "designed-cybersecurity.com", true }, @@ -9300,6 +9441,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "deskvip.com", true }, { "desmaakvanplanten.be", true }, { "desmo.gg", true }, + { "desormiers.com", true }, { "despachomartinyasociados.com", true }, { "despertadoronline.com.es", true }, { "desplats.com.ar", true }, @@ -9309,6 +9451,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "destileria.net.br", true }, { "destinationsofnewyorkstate.com", true }, { "destinattorneyjohngreene.com", true }, + { "destinopiriapolis.com", true }, { "desu.ne.jp", true }, { "desveja.com.br", true }, { "det-te.ch", true }, @@ -9317,17 +9460,17 @@ static const nsSTSPreload kSTSPreloadList[] = { { "detectify.com", false }, { "detekenmuze.nl", true }, { "dethemium.com", true }, + { "detodojuegos.com", true }, { "detoxetmoi.com", true }, + { "detoxic.vn", true }, { "detoxsinutritie.ro", true }, { "detroit-english.de", true }, - { "detroitrocs.org", true }, { "detroitstylepizza.com", true }, { "detroitzoo.org", true }, { "detski.center", true }, { "detskysad.com", true }, { "detuinmuze.nl", true }, { "detype.nl", true }, - { "deuchnord.fr", true }, { "deude.de", true }, { "deukie.nl", true }, { "deurenfabriek.nl", true }, @@ -9339,11 +9482,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "deutscher-rollenspielpreis.de", true }, { "deutscheshoponline.com", true }, { "deutschland-dsl.de", true }, - { "deux.solutions", true }, { "deuxmetrescubes.fr", true }, - { "deuxsol.co", true }, - { "deuxsol.com", true }, - { "deuxsolutions.com", true }, { "dev-brandywineglobal.com", true }, { "dev-pulse-mtn.pantheonsite.io", true }, { "dev-tek.de", true }, @@ -9355,7 +9494,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "devct.cz", false }, { "devcu.com", true }, { "devcu.net", true }, - { "devdom.io", true }, { "devdoodle.net", true }, { "devel.cz", true }, { "develerik.com", true }, @@ -9364,7 +9502,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "developer.mydigipass.com", false }, { "developerdan.com", true }, { "developerfair.com", true }, - { "developermail.io", true }, { "developers.facebook.com", false }, { "developfx.com", true }, { "developmentaid.org", true }, @@ -9382,8 +9519,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "devisnow.fr", true }, { "devjack.de", true }, { "devkid.net", true }, + { "devkit.cc", false }, { "devklog.net", true }, - { "devlamvzw.org", true }, + { "devlamvzw.org", false }, { "devlatron.net", true }, { "devlogr.com", true }, { "devolution.ws", true }, @@ -9391,7 +9529,10 @@ static const nsSTSPreload kSTSPreloadList[] = { { "devopers.com.br", true }, { "devops-survey.com", true }, { "devpgsv.com", true }, + { "devpsy.info", true }, { "devrandom.net", true }, + { "devsjournal.com", true }, + { "devsrvr.ru", true }, { "devstaff.gr", true }, { "devyn.ca", true }, { "devzero.io", true }, @@ -9399,7 +9540,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "dewalch.net", true }, { "dewapress.com", true }, { "dewinter.com", true }, + { "dex.top", true }, { "dexalo.de", true }, + { "dexigner.com", true }, { "deyute.com", true }, { "dezeregio.nl", true }, { "dezet-ev.de", true }, @@ -9410,14 +9553,12 @@ static const nsSTSPreload kSTSPreloadList[] = { { "dfctaiwan.org", true }, { "dfekt.no", true }, { "dfektlan.no", true }, - { "dfl.mn", true }, { "dflcares.com", true }, { "dfmn.berlin", true }, { "dfranke.com", true }, { "dg7.in", true }, - { "dgblaw.com.au", true }, + { "dgblaw.com.au", false }, { "dgbouncycastlehire.com", true }, - { "dgby.org", true }, { "dgeex.eu", true }, { "dggm.ru", true }, { "dgitup.com", true }, @@ -9438,10 +9579,13 @@ static const nsSTSPreload kSTSPreloadList[] = { { "dhuy.net", true }, { "di2pra.com", true }, { "di2pra.fr", true }, + { "diablovalleytech.com", true }, { "diadorafitness.es", true }, { "diadorafitness.it", true }, + { "diagnocentro.cl", true }, { "diagnostix.org", true }, - { "dialoegue.com", true }, + { "dialapicnic.co.za", true }, + { "dialectic-og.com", true }, { "diamante.ro", true }, { "diamantovaburza.cz", true }, { "diamondsleepsolutions.com", true }, @@ -9467,7 +9611,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "dicionariodesimbolos.com.br", true }, { "dicionarioetimologico.com.br", true }, { "dickieslife.com", true }, - { "dickpics.ru", true }, { "dicoding.com", true }, { "dictionaryofnumbers.com", true }, { "dictzone.com", true }, @@ -9484,11 +9627,12 @@ static const nsSTSPreload kSTSPreloadList[] = { { "die-seide.de", true }, { "die-sinlosen.de", true }, { "die-speisekammer-reutlingen.de", true }, - { "diedrich.co", true }, + { "diedrich.co", false }, { "diedrich.me", true }, { "dieecpd.org", true }, { "diegelernten.de", true }, { "diegerbers.de", true }, + { "diegobarrosmaia.com.br", true }, { "diegogelin.com", true }, { "diegorbaquero.com", true }, { "diehl.io", true }, @@ -9500,7 +9644,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "dienstplan.one", true }, { "dierabenmutti.de", true }, { "dierenartsdeconinck.be", true }, - { "dierencompleet.nl", true }, { "dieselanimals.lt", true }, { "dieselgalleri.com", true }, { "diesteppenreiter.de", true }, @@ -9529,12 +9672,12 @@ static const nsSTSPreload kSTSPreloadList[] = { { "digibull.link", true }, { "digicert-support.com", true }, { "digicert.nl", true }, + { "digicy.cloud", true }, { "digideli.ee", true }, { "digidroom.be", true }, { "digilicious.com", true }, { "digimagical.com", true }, { "digimedia.cd", false }, - { "digioccumss.ddns.net", true }, { "digired.ro", true }, { "digital-compounds.com", true }, { "digital-eastside.de", true }, @@ -9542,8 +9685,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "digital.gov", false }, { "digital.govt.nz", true }, { "digital1st.co.uk", true }, - { "digital1world.com", true }, - { "digital2web.com", true }, + { "digital2web.com", false }, { "digitalarchitecture.com", true }, { "digitalbitbox.com", true }, { "digitalcash.cf", true }, @@ -9561,7 +9703,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "digitaldem.it", true }, { "digitalehandtekeningen.nl", true }, { "digitaleoverheid.nl", true }, - { "digitalewelten.de", true }, { "digitalezukunft-hagen.de", true }, { "digitalezukunft.nrw", true }, { "digitalfishfun.com", true }, @@ -9576,6 +9717,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "digitalrights.fund", true }, { "digitalskillswap.com", true }, { "digitalsurge.io", true }, + { "digitaltcertifikat.dk", true }, { "digitaltechnologies.ltd.uk", true }, { "digitkon.com", true }, { "digminecraft.com", true }, @@ -9612,10 +9754,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "din-hkd.jp", true }, { "dineachook.com.au", true }, { "dinepont.fr", true }, + { "dingcc.me", true }, { "dinge.xyz", true }, - { "dingelbob-schuhcreme.gq", true }, { "dingsbums.shop", true }, - { "dinheirolucrar.com", true }, { "dinkommunikasjon.no", true }, { "dinmtb.dk", true }, { "dinocarrozzeria.com", true }, @@ -9634,7 +9775,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "direct-sel.com", true }, { "directebanking.com", true }, { "directelectricalltd.co.uk", true }, - { "directinsure.in", true }, { "directlinkfunding.co.uk", true }, { "directme.ga", true }, { "directnews.be", true }, @@ -9644,14 +9784,13 @@ static const nsSTSPreload kSTSPreloadList[] = { { "direktvermarktung-schmitzberger.at", true }, { "dirips.com", true }, { "dirk-scheele.de", true }, + { "dirkdoering.de", true }, { "dirko.net", true }, - { "dirkwolf.de", true }, { "dirtcraft.ca", true }, { "dirtygeek.ovh", true }, { "disability.gov", true }, { "disabled.dating", true }, { "disanteimpianti.com", true }, - { "disarc.com", true }, { "disavow.tools", true }, { "disc.uz", true }, { "discarica.it", true }, @@ -9668,12 +9807,14 @@ static const nsSTSPreload kSTSPreloadList[] = { { "discordapp.com", true }, { "discordghost.space", true }, { "discordia.me", true }, - { "discotek.club", false }, + { "discotek.club", true }, { "discount24.de", true }, { "discountplush.com", true }, { "discover-shaken.com", true }, { "discoverthreejs.com", true }, + { "discoverucluelet.com", true }, { "discoveryaima.com", true }, + { "discoveryottawa.ca", true }, { "discoveryrom.org", true }, { "discreet-condooms.nl", true }, { "dise-online.de", true }, @@ -9708,7 +9849,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "disinisharing.com", true }, { "diskbit.com", true }, { "diskbit.nl", true }, - { "dismail.de", true }, { "dispatchitsolutions.com", true }, { "dispatchitsolutions.io", true }, { "disposable.link", true }, @@ -9717,7 +9857,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "dissertationhelp.com", true }, { "dissidence.ovh", true }, { "dissident.host", true }, - { "dissieux.com", true }, { "dist.torproject.org", false }, { "disti.com", true }, { "distiduffer.org", true }, @@ -9746,6 +9885,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "divinegames.studio", true }, { "diving.photo", true }, { "divorciosmurcia.com", true }, + { "divvymonkey.com", true }, { "dixi.fi", true }, { "diybook.at", true }, { "diycc.org", true }, @@ -9766,7 +9906,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "djc.me", true }, { "djcursuszwolle.nl", true }, { "djdavid98.hu", true }, + { "djieno.com", true }, { "djipanov.com", true }, + { "djleon.net", true }, { "djlive.pl", true }, { "djlnetworks.co.uk", true }, { "djsbouncycastlehire.com", true }, @@ -9774,6 +9916,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "djt-vom-chausseehaus.de", true }, { "djursland-psykologen.dk", true }, { "djwaynepryke.com", true }, + { "djz4music.com", false }, { "dk-kromeriz.cz", true }, { "dk.com", true }, { "dk.search.yahoo.com", false }, @@ -9790,7 +9933,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "dlitz.net", true }, { "dll4free.com", true }, { "dlld.com", true }, - { "dlouwrink.nl", true }, { "dlrsp.org", true }, { "dlscomputers.com.au", true }, { "dlunch.net", true }, @@ -9807,10 +9949,8 @@ static const nsSTSPreload kSTSPreloadList[] = { { "dmd.lv", true }, { "dmdd.org.uk", true }, { "dmeevalumate.com", true }, - { "dmfd.net", true }, { "dmi.es", true }, { "dmitry.sh", true }, - { "dmmkenya.co.ke", true }, { "dmmultionderhoud.nl", true }, { "dmschilderwerken.nl", true }, { "dmx.xyz", true }, @@ -9834,12 +9974,13 @@ static const nsSTSPreload kSTSPreloadList[] = { { "dns8.online", true }, { "dnscrawler.com", true }, { "dnscrypt.info", true }, - { "dnscrypt.nl", true }, { "dnscurve.io", true }, { "dnshallinta.fi", true }, { "dnsinfo.ml", true }, { "dnsman.se", true }, + { "dnspod.ml", true }, { "dnstwister.report", true }, + { "dnzz123.com", true }, { "do-it.cz", true }, { "do-prod.com", true }, { "do.gd", true }, @@ -9847,9 +9988,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "do13.net", true }, { "do67.de", true }, { "do67.net", true }, + { "dobraprace.cz", true }, { "dobrev.family", true }, { "dobrisan.ro", true }, - { "dobsnet.net", true }, { "doc.python.org", true }, { "doc.to", true }, { "doc8643.com", true }, @@ -9861,7 +10002,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "dochitaceahlau.ro", true }, { "dockerbook.com", false }, { "dockerm.com", true }, - { "dockerturkiye.com", true }, { "dockerup.net", true }, { "doclassworks.com", true }, { "docline.gov", true }, @@ -9876,7 +10016,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "doctafit.com", true }, { "doctor-locks.co.uk", true }, { "doctor.dating", true }, + { "doctorbini.com", true }, { "doctorfox.co.uk", true }, + { "doctorsonmaps.com", true }, { "doctorwho.cz", true }, { "docubox.info", true }, { "docucopies.com", true }, @@ -9899,7 +10041,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "dogmap.jp", true }, { "dogoo.com", true }, { "dogpawstudio.com", true }, - { "dogprograms.net", true }, { "dogrescuegreece.nl", true }, { "dogworld.com.br", true }, { "dohanews.co", true }, @@ -9918,7 +10059,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "dollemore.com", true }, { "dolorism.com", true }, { "dolphin-it.de", true }, - { "dolt.xyz", true }, { "dom-medicina.ru", true }, { "doma.in", true }, { "domadillo.com", true }, @@ -9987,16 +10127,28 @@ static const nsSTSPreload kSTSPreloadList[] = { { "dongxuwang.com", true }, { "donkennedyandsons.com", true }, { "donkeytrekkingkefalonia.com", true }, + { "donlydental.ca", true }, { "donmaldeamores.com", true }, + { "donna-bellini-business-fotografie-muenchen.de", true }, + { "donna-bellini-fotografie-berlin.de", true }, + { "donna-bellini-fotografie-erfurt.de", true }, + { "donna-bellini-fotografie-frankfurt.de", true }, + { "donna-bellini-fotografie-hamburg.de", true }, + { "donna-bellini-fotografie-koeln.de", true }, + { "donna-bellini-fotografie-muenchen.de", true }, + { "donna-bellini-fotografie-nuernberg.de", true }, + { "donna-bellini-fotografie-stuttgart.de", true }, + { "donna-bellini-fotografie-wien.de", true }, + { "donna-bellini-hochzeitsfotograf-frankfurt.de", true }, + { "donna-bellini-hochzeitsfotograf-muenchen.de", true }, { "donnacha.blog", true }, { "donnachie.net", true }, { "donner-reuschel.de", true }, { "donnons.org", false }, - { "donnoval.ru", true }, { "donotlink.it", true }, { "donovand.info", true }, - { "donpaginasweb.com", true }, { "donpomodoro.com.co", true }, + { "donsbach-edv.de", true }, { "dont.re", true }, { "dont.watch", true }, { "dontbubble.me", true }, @@ -10025,23 +10177,31 @@ static const nsSTSPreload kSTSPreloadList[] = { { "dopsi.ch", true }, { "dora.moe", true }, { "dorde.eu", true }, + { "dorfbaeck.at", true }, { "dorfbrunnen.eu", true }, { "dorfzittig.de", true }, { "doriangirod.ch", true }, { "dorianharmans.nl", true }, { "dorianmuthig.com", true }, + { "doridian.com", true }, + { "doridian.de", true }, { "doridian.net", true }, + { "doridian.org", true }, + { "dormirmucho.com", true }, { "dormiu.com", true }, { "dormiu.com.br", true }, + { "dornhecker.me", true }, { "dorquelle.com", true }, { "dorsetentertainments.co.uk", true }, { "dorth.nl", true }, + { "dosdediez.com", true }, { "dosenbierrepublik.com", true }, { "dosenkiwi.at", true }, { "doska.by", true }, { "doska.ru", true }, { "dosomeworks.biz", true }, { "dossplumbing.co.za", true }, + { "dostlar.fr", true }, { "dosvientoselectric.com", true }, { "dosvientoselectrical.com", true }, { "dosvientoselectrician.com", true }, @@ -10052,8 +10212,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "doswap.com", true }, { "dosyauzantisi.com", true }, { "dot.ro", true }, - { "dotacni-parazit.cz", true }, - { "dotb.dn.ua", false }, + { "dot42.no", true }, { "dotbigbang.com", true }, { "dotbox.org", true }, { "dotcircle.co", true }, @@ -10061,6 +10220,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "dotgov.gov", true }, { "dothebangthingsalon.com", true }, { "dothydesign.com", true }, + { "dotjesper.com", true }, + { "dotjesper.dk", true }, + { "dotjesper.net", true }, { "dotjs.party", true }, { "dotkniseandroida.cz", true }, { "dotkod.pl", true }, @@ -10072,8 +10234,8 @@ static const nsSTSPreload kSTSPreloadList[] = { { "dotshule.ug", true }, { "dotsiam.co.th", true }, { "dotsiam.com", true }, + { "dotsiam.in.th", true }, { "douai.me", true }, - { "doubleaste.com", true }, { "doubleavineyards.com", true }, { "doublefun.net", true }, { "doublestat.me", true }, @@ -10091,6 +10253,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "downloadaja.com", true }, { "downloadgamemods.com", true }, { "downloadgram.com", true }, + { "downloads.zdnet.com", true }, { "downloadsoftwaregratisan.com", true }, { "downrightcute.com", true }, { "downtimerobot.com", true }, @@ -10107,6 +10270,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "dpd.com.pl", true }, { "dperson.net", true }, { "dpfsolutionsfl.com", true }, + { "dpg.no", true }, { "dpi-design.de", true }, { "dpisecuretests.com", true }, { "dprb.biz", true }, @@ -10117,7 +10281,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "dr-bodendorf.de", true }, { "dr-jakob-zahnaerzte.de", true }, { "dr-klotz.info", true }, - { "dr-knirr.de", true }, { "dr-krebs.net", true }, { "dr-marlen-nystroem.de", true }, { "dr-moldovan.de", true }, @@ -10129,7 +10292,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "dr-www.de", true }, { "drabadir.com", true }, { "drabben.be", true }, - { "drabbin.com", true }, + { "drabim.org", true }, { "drach.xyz", true }, { "drachenleder.de", true }, { "dracisvet.cz", true }, @@ -10139,6 +10302,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "drafton.com", true }, { "drageeparadise.fr", true }, { "dragfiles.com", true }, + { "draghetti.it", true }, { "draghive.asia", true }, { "draghive.ca", true }, { "draghive.co", true }, @@ -10150,7 +10314,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "dragon-chem.eu", true }, { "dragon-hearts.co.uk", true }, { "dragoncave.me", true }, - { "dragoncityhack.tips", true }, { "dragonfly.co.uk", true }, { "dragonheartsrpg.com", true }, { "dragonkin.net", true }, @@ -10174,6 +10337,8 @@ static const nsSTSPreload kSTSPreloadList[] = { { "draw.uy", true }, { "drawesome.uy", true }, { "drawingcode.net", true }, + { "drawxp.com", true }, + { "drbarnabus.com", true }, { "drbethanybarnes.com", true }, { "drbriones.com", true }, { "drchrislivingston.com", true }, @@ -10200,6 +10365,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "dreid.org", true }, { "dreiweiden.de", true }, { "dress-cons.com", true }, + { "drevanbeale.com", true }, { "drevo-door.cz", true }, { "drew.beer", true }, { "drew.red", true }, @@ -10207,6 +10373,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "drewsilcock.co.uk", true }, { "dreyfussplasticsurgery.com", true }, { "drezzy.it", true }, + { "drfranciscofonseca.com.br", true }, { "drfrey.ch", true }, { "drgn.no", true }, { "drhathazi.hu", true }, @@ -10218,7 +10385,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "drillingsupplystore.com", true }, { "drillion.net", true }, { "drillshackresort.com", true }, + { "drinkcontrolapp.com", true }, { "drinkplanet.eu", true }, + { "dripdoctors.com", true }, { "drive.google.com", false }, { "driven2shine.eu", true }, { "drivenes.net", true }, @@ -10239,6 +10408,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "drjulianneil.com", true }, { "drkhsh.at", false }, { "drkmtrx.xyz", true }, + { "drlandis.com", true }, { "drlangsdon.com", true }, { "drmayakato.com", true }, { "drmcdaniel.com", true }, @@ -10277,19 +10447,24 @@ static const nsSTSPreload kSTSPreloadList[] = { { "drubn.de", false }, { "drugs.com", true }, { "drumbe.at", true }, + { "drummondframing.com", true }, { "drunkscifi.com", true }, { "drupal-expert.it", true }, { "drupal.org", true }, { "drupalspb.org", true }, + { "drusantia.net", true }, { "drusillas.co.uk", true }, { "druwe.net", true }, { "druznek.me", true }, { "drvr.xyz", true }, { "drweissbrot.net", true }, + { "drwxr.org", true }, { "drybjed.net", true }, { "drycleancoalition.org", true }, { "drycreekphoto.com", true }, { "drydrydry.com", true }, + { "dryerventcleaningarlington.com", true }, + { "dryerventcleaningcarrollton.com", true }, { "ds67.de", true }, { "dsancomics.com", true }, { "dsanraffleshangbai.xyz", true }, @@ -10298,19 +10473,18 @@ static const nsSTSPreload kSTSPreloadList[] = { { "dsdalismerkezi.com", true }, { "dsebastien.net", true }, { "dsektionen.se", false }, + { "dsgvo.name", true }, { "dshield.org", true }, { "dsm5.com", true }, { "dsmjs.com", true }, { "dso-imaging.co.uk", true }, + { "dso-izlake.si", true }, { "dsol.hu", true }, - { "dsouzamusic.com", true }, { "dsrw.org", true }, { "dssale.com", true }, { "dstamou.de", true }, { "dsteiner.at", true }, { "dstvinstallrandburg.co.za", true }, - { "dsuinnovation.com", true }, - { "dsyunmall.com", true }, { "dt27.org", true }, { "dtbouncycastles.co.uk", true }, { "dtdsh.com", true }, @@ -10323,8 +10497,8 @@ static const nsSTSPreload kSTSPreloadList[] = { { "dtnx.eu", true }, { "dtnx.net", true }, { "dtnx.org", true }, - { "dtp-mstdn.jp", true }, { "dtuaarsfest.dk", true }, + { "dtx.sk", true }, { "dualascent.com", true }, { "dualias.xyz", false }, { "dub.cz", true }, @@ -10339,26 +10513,29 @@ static const nsSTSPreload kSTSPreloadList[] = { { "ducalendars.com", true }, { "duch.cloud", true }, { "duchyoffeann.com", true }, - { "duckasylum.com", true }, + { "duckasylum.com", false }, { "duckbase.com", true }, { "duckduck.horse", true }, { "duckduckstart.com", true }, { "duckinc.net", true }, { "duct.me", true }, + { "due-diligence-security.com", true }, + { "duerlund-falkenberg.dk", true }, { "duernberg.at", true }, + { "duesee.org", true }, { "duesterhus.eu", true }, { "dufrei.com", true }, { "dugnet.com", false }, { "dugnet.io", false }, { "dugnet.net", false }, { "dugnet.org", false }, - { "dugnet.tech", false }, { "dugunedavet.com", true }, { "duh.se", true }, { "duijf.info", true }, { "duijfathome.nl", true }, { "duitang.com", true }, { "dukan-recepty.ru", true }, + { "dukatek.cz", true }, { "dukegat.de", false }, { "dukesatqueens.com", true }, { "dukun.de", true }, @@ -10377,20 +10554,21 @@ static const nsSTSPreload kSTSPreloadList[] = { { "duncancmt.com", true }, { "duncanfamilytrust.org", true }, { "duncanwinfrey.com", true }, - { "dundalkdonnie.com", true }, + { "dunesadventure.net", true }, { "dungeon-bbs.de", true }, - { "dunklau.fr", true }, { "dunkle-seite.org", true }, { "dunloptrade.com", true }, { "dunmanelectric.com", true }, { "duobus.nl", true }, { "duocircle.com", true }, + { "duoluodeyu.com", true }, { "duonganhtuan.com", true }, { "duoquadragintien.fr", true }, { "dupisces.com.tw", true }, { "dupree.co", true }, { "dupree.pe", true }, { "durand.tf", true }, + { "durbanlocksmiths.co.za", true }, { "durchblick-shop.de", true }, { "durdle.com", true }, { "dureuil.info", true }, @@ -10408,11 +10586,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "dustyspokesbnb.ca", true }, { "dutch.desi", true }, { "dutchdare.nl", true }, - { "dutchessuganda.com", true }, { "dutchforkrunners.com", true }, { "dutchrank.nl", true }, { "dutchwanderers.nl", true }, { "dutchweballiance.nl", true }, + { "dv189.com", true }, { "dvbris.co.uk", true }, { "dvbris.com", true }, { "dvdland.com.au", true }, @@ -10421,9 +10599,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "dvorupotocnych.sk", true }, { "dvwc.org", true }, { "dvx.cloud", true }, + { "dw-loewe.de", true }, { "dwbtoftshit.com", true }, { "dwgf.xyz", true }, { "dwi-sued.de", true }, + { "dwienzek.de", true }, { "dworzak.ch", true }, { "dwscdv3.com", true }, { "dwtm.ch", true }, @@ -10437,19 +10617,26 @@ static const nsSTSPreload kSTSPreloadList[] = { { "dybuster.es", true }, { "dybuster.it", true }, { "dybuster.se", true }, - { "dycoa.com", true }, { "dyeager.org", true }, { "dyktig.as", true }, { "dyktig.no", true }, { "dylanboudro.com", true }, + { "dylancl.cf", true }, { "dylankatz.com", true }, { "dylanknoll.ca", true }, { "dylanspcrepairs.com", true }, { "dylanwise.net", true }, { "dylmye.me", true }, + { "dym.asia", true }, + { "dym.bz", true }, + { "dym2012.com", true }, + { "dym2013.com", true }, + { "dym2014.com", true }, + { "dym2017.com", true }, { "dymersion.com", true }, { "dymfbbs.com", true }, - { "dymowski.de", true }, + { "dymmovie.com", true }, + { "dymowski.de", false }, { "dyn-dnhensel.de", true }, { "dyn-nserve.net", true }, { "dyn.im", true }, @@ -10459,12 +10646,10 @@ static const nsSTSPreload kSTSPreloadList[] = { { "dynamics-365.no", true }, { "dynamics365.no", true }, { "dynamicsnetwork.net", true }, - { "dynamictostatic.com", true }, { "dynamicyou.co.uk", true }, { "dynamo.city", true }, { "dynapptic.com", true }, { "dynastic.co", true }, - { "dyncdn.me", true }, { "dynn.be", true }, { "dynorphin.com", true }, { "dynorphins.com", true }, @@ -10475,7 +10660,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "dyscalculia-blog.com", true }, { "dysthymia.com", true }, { "dyyn.de", true }, - { "dyz.pw", true }, { "dzeina.ch", true }, { "dzet.de", true }, { "dziary.com", true }, @@ -10485,12 +10669,14 @@ static const nsSTSPreload kSTSPreloadList[] = { { "dzndk.org", true }, { "dznn.nl", true }, { "dzomo.org", true }, - { "dzsibi.com", true }, { "dzsula.hu", true }, { "dzyabchenko.com", true }, + { "dzyszla.pl", true }, { "e-apack.com.br", true }, + { "e-baraxolka.ru", true }, { "e-bikesdirect.co.uk", true }, { "e-biografias.net", true }, + { "e-borneoshop.com", true }, { "e-briancon.com", true }, { "e-colle.info", true }, { "e-cottage.com.br", true }, @@ -10501,8 +10687,8 @@ static const nsSTSPreload kSTSPreloadList[] = { { "e-lambre.com", true }, { "e-learningbs.com", true }, { "e-lifetechnology.com", true }, - { "e-migration.ch", true }, { "e-planetelec.fr", false }, + { "e-ptn.com", true }, { "e-speak24.pl", true }, { "e-standardstore.org", true }, { "e-surveillant.nl", true }, @@ -10525,7 +10711,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "e2feed.com", true }, { "e30.ee", true }, { "e4metech.com", true }, - { "e51888.com", true }, { "e52888.com", true }, { "e52888.net", true }, { "e53888.com", true }, @@ -10540,12 +10725,14 @@ static const nsSTSPreload kSTSPreloadList[] = { { "e965.ru", true }, { "e9a.at", true }, { "ea2drocks.com", true }, + { "eacero.com", true }, { "ead-italia.it", true }, { "eagle.net", true }, { "eagleindustriesltd.com", true }, { "eaglemessaging.com", true }, { "eaglesecurity.com", true }, { "eagletechz.com.br", true }, + { "eaglewreck.info", true }, { "eagleyecs.com", true }, { "eaimty.com", true }, { "ealev.de", true }, @@ -10556,15 +10743,15 @@ static const nsSTSPreload kSTSPreloadList[] = { { "earn.com", true }, { "earthsystemprediction.gov", true }, { "earticleblog.com", true }, - { "earvinkayonga.com", true }, + { "earvinkayonga.com", false }, { "easelforart.com", true }, { "easez.net", true }, { "eashwar.com", true }, { "eason-yang.com", true }, { "east-line.su", true }, { "eastarm.net", true }, + { "eastblue.org", true }, { "eastcoastbubbleandbounce.co.uk", true }, - { "eastcoastinflatables.co.uk", true }, { "easterncapebirding.co.za", true }, { "eastlothianbouncycastles.co.uk", true }, { "eastmanbusinessinstitute.com", true }, @@ -10585,16 +10772,16 @@ static const nsSTSPreload kSTSPreloadList[] = { { "easypay.bg", true }, { "easyproperty.com", true }, { "easypv.ch", true }, - { "easyreal.ru", true }, + { "easyqr.codes", true }, { "easyroad.fr", true }, { "easyschools.org", true }, { "easyslide.be", true }, + { "easyssl.com.cn", true }, { "easystore.co", true }, { "easytechguides.com", true }, { "easytechsecurity.com", true }, { "easyweenies.com", true }, { "eat-sleep-code.com", true }, - { "eat4happiness.com", true }, { "eatery.co.il", true }, { "eatmebudapest.hu", true }, { "eaton-works.com", true }, @@ -10626,12 +10813,18 @@ static const nsSTSPreload kSTSPreloadList[] = { { "ebonyriddle.com", true }, { "ebooki.eu.org", true }, { "ebop.ch", true }, + { "eboutic.ch", true }, { "eboyer.com", true }, { "ebrnd.de", true }, { "ec-baran.de", true }, { "ec-current.com", true }, + { "ec.mine.nu", true }, + { "eca.edu.au", true }, { "ecacollege.nsw.edu.au", true }, { "ecardoo.com", true }, + { "ecardoo.de", true }, + { "ecardoo.net", true }, + { "ecardoo.org", true }, { "ecchidreams.com", true }, { "ecclesia-koeln.de", true }, { "ecco-verde.com", false }, @@ -10642,7 +10835,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "echatta.org", true }, { "echidna-rocktools.eu", true }, { "echo-security.co", true }, - { "echo.cc", true }, { "echoactive.com", true }, { "echoanalytics.com", true }, { "echodio.com", true }, @@ -10670,7 +10862,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "ecoccinelles.com", true }, { "ecococon.fr", true }, { "ecocreativity.org", true }, - { "ecodedi.com", true }, { "ecodesigns.nl", true }, { "ecodigital.social", true }, { "ecofabrica.com.br", true }, @@ -10686,12 +10877,12 @@ static const nsSTSPreload kSTSPreloadList[] = { { "ecombustibil.ro", true }, { "ecommercestore.net.br", true }, { "ecompen.co.za", true }, + { "ecomycie.com", true }, { "economias.pt", true }, { "economic-sanctions.com", true }, { "economicinclusion.gov", true }, { "economiefidu.ch", true }, { "economies.ch", true }, - { "economycarrentalscyprus.com", true }, { "econsumer.gov", true }, { "econverter.cloud", true }, { "ecorp.cc", true }, @@ -10699,19 +10890,20 @@ static const nsSTSPreload kSTSPreloadList[] = { { "ecos.srl", true }, { "ecoshare.info", true }, { "ecoskif.ru", true }, - { "ecosoftconsult.com", true }, { "ecosound.ch", true }, { "ecostruxureit.com", true }, { "ecosystem.atlassian.net", true }, { "ecoterramedia.com", true }, { "ecotur.org", true }, { "ecovision.com.br", true }, + { "ecpannualmeeting.com", true }, { "ecrandouble.ch", true }, { "ecupcafe.com", false }, { "ecxforum.com", true }, { "ed.gs", true }, { "ed4becky.net", true }, { "edakoe.ru", true }, + { "edanni.io", true }, { "edd-miles.com", true }, { "eddesign.ch", true }, { "eddmil.es", true }, @@ -10719,21 +10911,19 @@ static const nsSTSPreload kSTSPreloadList[] = { { "eddyn.net", true }, { "edeca.net", true }, { "edehsa.com", true }, - { "edenvalerubbleremovals.co.za", true }, { "edesseglabor.hu", true }, { "edfinancial.com", true }, { "edge-cloud.net", true }, { "edgeservices.co.uk", true }, { "edgetalk.net", true }, { "edgevelder.com", true }, - { "edh.email", true }, { "edhesive.com", true }, { "edholm.pub", true }, { "edibarcode.com", true }, { "edicct.com", true }, { "edinburghsportsandoutdoorlearning.com", true }, { "edincmovie.com", true }, - { "edisonchee.com", true }, + { "ediscomp.sk", true }, { "edisonlee55.com", true }, { "edisonluiz.com", true }, { "edisonnissanparts.com", true }, @@ -10750,6 +10940,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "edoss.co.za", true }, { "edp-collaborative.com", true }, { "edplan.io", true }, + { "edpubs.gov", false }, { "edragneainpuscarie.ro", true }, { "edsby.com", true }, { "edservicing.com", true }, @@ -10760,14 +10951,13 @@ static const nsSTSPreload kSTSPreloadList[] = { { "edu-kingdom.com", true }, { "edu6.cloud", true }, { "eduard-dopler.de", true }, - { "eduardnikolenko.com", true }, - { "eduardnikolenko.ru", true }, { "edubras.com.br", true }, { "educationevolving.org", true }, { "educationfutures.com", true }, { "educationunlimited.com", true }, { "educator-one.com", true }, { "educators.co.nz", true }, + { "eductf.org", true }, { "eduid.se", false }, { "edumundo.nl", true }, { "eduroam.no", true }, @@ -10778,7 +10968,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "edv-bv.de", true }, { "edv-kohls.de", true }, { "edv-lehrgang.de", true }, - { "edvgarbe.de", true }, { "edvmesstec.de", true }, { "edwar.do", true }, { "edwards.me.uk", true }, @@ -10796,17 +10985,19 @@ static const nsSTSPreload kSTSPreloadList[] = { { "eelzak.nl", true }, { "eemcevn.com", true }, { "eengoedenotaris.nl", true }, - { "eeqj.com", true }, + { "eentweevijf.be", true }, { "eer.io", true }, { "eerlijktransport.nl", true }, { "eerstejaarsweekend.nl", true }, { "eery.de", true }, + { "eesti.xyz", true }, { "eewna.org", true }, { "ef-georgia.org", true }, { "ef.gy", true }, { "efa-football.com", true }, { "efaas.nl", true }, { "efag.com", true }, + { "efcross.com", true }, { "efeen.nl", true }, { "eff-bee-eye.de", true }, { "eff.org", true }, @@ -10814,13 +11005,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "effe.ch", true }, { "effective-altruist.com", true }, { "effectivecoffee.com", true }, - { "effectivepapers.com", true }, { "effero.net", true }, { "effex.ru", true }, { "effizienta.ch", true }, { "efflam.net", true }, { "efg-darmstadt.de", false }, - { "efinity.io", true }, { "efmcredentialing.org", true }, { "eft.boutique", true }, { "egablo.black", true }, @@ -10831,7 +11020,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "egb.at", false }, { "egbert.net", true }, { "egeozcan.com", true }, - { "egfl.org.uk", true }, { "egg-ortho.ch", true }, { "eggblast.com", true }, { "eggert.org", false }, @@ -10844,6 +11032,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "egoroof.ru", true }, { "egov4.ch", true }, { "egovernment-podcast.com", true }, + { "egres.xyz", true }, { "egrojsoft.info", true }, { "egrp365.ru", true }, { "egumenita.ro", true }, @@ -10852,6 +11041,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "ehaccp.it", true }, { "ehandel.com", true }, { "ehazi.hu", true }, + { "ehbssl.com", true }, { "eheliche-disziplin.schule", true }, { "ehertz.uk", true }, { "ehipaa.com", true }, @@ -10860,6 +11050,10 @@ static const nsSTSPreload kSTSPreloadList[] = { { "ehmtheblueline.com", true }, { "ehne.de", true }, { "ehomusicgear.com", true }, + { "ehub.cz", true }, + { "ehub.hu", true }, + { "ehub.pl", true }, + { "ehub.sk", true }, { "eichel.eu", true }, { "eichornenterprises.com", true }, { "eickemeyer.nl", true }, @@ -10868,11 +11062,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "eickhofcolumbaria.com", true }, { "eidolons.org", true }, { "eifel.website", true }, - { "eiga-movie.com", true }, { "eigenpul.se", true }, { "eigenpulse.com", true }, { "eighty-aid.com", true }, - { "eightyfour.ca", true }, { "eigpropertyauctions.co.uk", true }, { "eihaikyo.com", true }, { "eilhan.com", true }, @@ -10882,13 +11074,10 @@ static const nsSTSPreload kSTSPreloadList[] = { { "einfachbahn.de", true }, { "einheft.info", true }, { "einheizpreis.de", true }, - { "einmonolog.de", true }, { "einrichtwerk.de", true }, { "einrichtwerk.shop", true }, { "einsatzstellenverwaltung.de", true }, { "einser.com", true }, - { "einsit.com", true }, - { "einsitapis.com", true }, { "einsteinathome.org", true }, { "eintageinzug.de", true }, { "eintragsservice24.de", true }, @@ -10901,6 +11090,10 @@ static const nsSTSPreload kSTSPreloadList[] = { { "eiyoushi-shigoto.com", true }, { "ejdv-anmeldung.de", true }, { "ejeff.org", true }, + { "ejkmedia.nl", true }, + { "ejkmuseum.nl", true }, + { "ejknet.nl", true }, + { "ejkwebdesign.nl", true }, { "ejuicelab.co.uk", true }, { "ek-networks.de", true }, { "ek.network", true }, @@ -10936,8 +11129,8 @@ static const nsSTSPreload kSTSPreloadList[] = { { "elbetech.net", true }, { "elbohlyart.com", true }, { "elcambiador.es", true }, + { "elcontadorsac.com", true }, { "eldapoint.co.uk", true }, - { "elderoost.com", true }, { "eldertons.co.uk", true }, { "eldietista.es", true }, { "eldinhadzic.com", true }, @@ -10945,8 +11138,10 @@ static const nsSTSPreload kSTSPreloadList[] = { { "eldisagjapi.de", true }, { "eldrid.ge", true }, { "eldritchfiction.net", true }, + { "eleaut.com.br", true }, { "electionsbycounty.com", true }, { "electionsdatabase.com", true }, + { "electmikewaters.com", true }, { "electr0sheep.com", true }, { "electragirl.com", true }, { "electric-vault.co.uk", true }, @@ -10965,6 +11160,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "electricalmoorpark.com", true }, { "electricalnewburypark.com", true }, { "electricaloakpark.com", true }, + { "electricalpacificpalisades.com", true }, { "electricalsimivalley.com", true }, { "electricalthousandoaks.com", true }, { "electricalwestlakevillage.com", true }, @@ -10972,8 +11168,8 @@ static const nsSTSPreload kSTSPreloadList[] = { { "electriccamarillo.com", true }, { "electricconejovalley.com", true }, { "electricdosvientos.com", true }, - { "electricfencealberton.co.za", true }, { "electricfencebenoni.co.za", true }, + { "electricfencingballito.co.za", true }, { "electricgatemotorgermiston.co.za", true }, { "electricgatemotorrandburg.co.za", true }, { "electricgatemotorskemptonpark.co.za", true }, @@ -11017,9 +11213,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "eleicoes2014.com.br", true }, { "eleicoes2016.com.br", true }, { "eleicoes2018.com", true }, + { "elekharris.com", true }, { "elektro-adam.de", true }, { "elektro-collee.de", true }, { "elektro-diehm.de", true }, + { "elektro-doerr.com", true }, { "elektro-hammes.net", true }, { "elektro-hofmann-gmbh.de", true }, { "elektro-hornetz.de", true }, @@ -11063,12 +11261,12 @@ static const nsSTSPreload kSTSPreloadList[] = { { "elfe.de", true }, { "elfnon.com", true }, { "elgalponazo.com.ar", true }, + { "elglobo.com.mx", false }, { "elgosblanc.com", false }, { "elguadia.faith", true }, { "elhamadimi.com", true }, { "elhorizontal.com", true }, { "elhossari.com", true }, - { "elia.cloud", true }, { "elian-art.de", true }, { "elibom.com", true }, { "elie.net", true }, @@ -11088,7 +11286,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "elisabethkostecki.de", true }, { "elisabethrene.com", true }, { "elisechristie.com", true }, - { "elite-porno.ru", true }, + { "elistor6100.xyz", true }, { "elite12.de", true }, { "elitebouncingfun.com", true }, { "elitegameservers.net", true }, @@ -11104,13 +11302,13 @@ static const nsSTSPreload kSTSPreloadList[] = { { "ell-net.tokyo", true }, { "ella-kwikmed.com", false }, { "ellak.gr", true }, + { "ellegaard.dk", true }, { "ellemental.me", true }, { "ellencorddry.com", true }, { "ellevit.ch", true }, { "elliesbouncers.co.uk", true }, { "elliff.net", true }, { "elliot.cat", true }, - { "elliquiy.com", true }, { "elliriehl.at", true }, { "ellisamusements.co.uk", true }, { "ellisleisure.co.uk", true }, @@ -11122,11 +11320,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "elodieclerc.ch", true }, { "elohellp.com", false }, { "elonaspitze.de", true }, + { "elonm.ru", true }, { "elosrah.com", true }, { "elosuite.com", true }, { "eloxt.com", true }, { "elpado.de", true }, - { "elpo.net", true }, { "elpoderdelespiritu.org", true }, { "elrinconderovica.com", true }, { "elsagradocoran.org", true }, @@ -11140,18 +11338,18 @@ static const nsSTSPreload kSTSPreloadList[] = { { "elternbeiratswahl.online", true }, { "elternforum-birmensdorf.ch", true }, { "elternverein-utzenstorf.ch", true }, - { "eltrox.me", true }, { "elucron.com", true }, { "eluhome.de", true }, + { "eluvio.com", true }, { "elvidence.com.au", true }, { "elviraszabo.com", true }, { "elvispresley.net", true }, { "elvisripley.com", true }, + { "elvn.tokyo", true }, { "elwave.org", true }, { "elwix.com", true }, { "elxsi.de", true }, { "elyasweb.com", true }, - { "elyisus.info", true }, { "elysiria.fr", true }, { "elysiumware.com", true }, { "em-biotek.cz", true }, @@ -11166,7 +11364,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "emailtools.io", true }, { "emaily.eu", true }, { "emanuel.photography", true }, - { "emanuelduss.ch", true }, { "emanueleanastasio.com", true }, { "emanuelemazzotta.com", true }, { "embassycargo.eu", true }, @@ -11176,8 +11373,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "embroideryexpress.co.uk", true }, { "emby.cloud", true }, { "emcspotlight.com", true }, - { "emedworld.com", true }, { "emeliefalk.se", true }, + { "ememsei.com", true }, + { "emeraldcbdshop.com", true }, { "emeraldcityswagger.com", true }, { "emeraldcoastrideshare.com", true }, { "emeraldonion.org", true }, @@ -11205,9 +11403,8 @@ static const nsSTSPreload kSTSPreloadList[] = { { "emma.ca", true }, { "emmababy420.com", true }, { "emmagraystore.com", true }, - { "emmaliddell.com", true }, { "emobilityforum.org", true }, - { "emoji.bzh", true }, + { "emoji.bzh", false }, { "emolafarm.com", true }, { "emond-usedcars.net", true }, { "empathogen.com", true }, @@ -11235,9 +11432,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "emtradingacademy.com", true }, { "emultiagent.pl", true }, { "emupedia.net", true }, + { "emvoice.net", true }, { "emvoiceapp.com", true }, { "emw3.com", true }, { "emyr.net", true }, + { "emyself.org", true }, { "en-booster.jp", true }, { "en-crypt.me", true }, { "en-maktoob.search.yahoo.com", false }, @@ -11246,12 +11445,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "enaim.de", true }, { "enamae.net", true }, { "enbecom.net", true }, - { "encadrer-mon-enfant.com", true }, { "encfs.win", true }, { "encircleapp.com", true }, { "encnet.de", true }, { "encode.host", true }, - { "encoderx.uk", true }, + { "encore.io", true }, { "encouragemarketing.com", true }, { "encredible.de", false }, { "encredible.org", false }, @@ -11273,7 +11471,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "enduranceday.be", true }, { "endzeit-architekten.com", false }, { "enemiesoflight.de", true }, - { "energethik-tulln.at", true }, { "energie-sante.ch", true }, { "energiekeurplus.nl", true }, { "energisammenslutningen.dk", true }, @@ -11288,13 +11485,10 @@ static const nsSTSPreload kSTSPreloadList[] = { { "energyelephant.com", true }, { "energyled.com.br", true }, { "energystar.gov", true }, - { "enersaveapp.org", true }, - { "enersec.co.uk", true }, { "enet-navigator.de", true }, { "enfantsdelarue.ch", true }, { "enfield-kitchens.co.uk", true }, { "enflow.nl", true }, - { "enfoqueseguro.com", true }, { "enfu.se", true }, { "engarde.net", true }, { "engaugetools.com", true }, @@ -11305,11 +11499,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "engiedev.net", true }, { "engineowning.com", true }, { "enginepit.com", true }, - { "enginx.cn", true }, { "enginx.net", true }, { "englishbulgaria.net", true }, { "englishcast.com.br", true }, - { "englishclub.com", true }, { "englishforums.com", true }, { "englishlol.com", true }, { "englishphonopass.com", true }, @@ -11318,14 +11510,13 @@ static const nsSTSPreload kSTSPreloadList[] = { { "enigma.swiss", true }, { "enijew.com", true }, { "enitso.de", true }, + { "enixgaming.com", true }, { "enjincoin.io", true }, { "enjinwallet.io", true }, { "enjinx.io", true }, + { "enjoy-drive.com", true }, { "enjoyphoneblog.it", true }, - { "enjoystudio.ro", true }, - { "enlatte.com", true }, { "enlazaresbueno.cl", true }, - { "enlightened.si", true }, { "enlightenedhr.com", true }, { "enlightenment.org", true }, { "enlnf.link", true }, @@ -11334,15 +11525,18 @@ static const nsSTSPreload kSTSPreloadList[] = { { "enness.co.uk", true }, { "ennori.jp", true }, { "enomada.net", true }, + { "enord.fr", true }, { "enorekcah.com", true }, { "enot32.ru", true }, { "enotecastore.it", true }, + { "enpasenerji.com.tr", true }, { "enquos.com", true }, { "enriquepiraces.com", true }, { "enrollapp.com", true }, { "ensage.io", true }, { "enscosupply.com", true }, { "ensemble-rubato.de", true }, + { "ensembling.com", true }, { "enskat.de", true }, { "enskatson-sippe.de", true }, { "ensley.tech", true }, @@ -11354,7 +11548,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "entabe.jp", true }, { "entactogen.com", true }, { "entactogens.com", true }, - { "enteente.com", true }, + { "entercenter.ru", true }, { "enterprisechannel.asia", true }, { "enterprisey.enterprises", true }, { "entheogens.com", true }, @@ -11372,16 +11566,14 @@ static const nsSTSPreload kSTSPreloadList[] = { { "envant.co.uk", true }, { "enveloppenopmaat.nl", true }, { "envescent.com", true }, - { "enviam.de", true }, { "enviaya.com.mx", true }, - { "environment.ai", true }, { "environmentkirklees.org", true }, { "enviroprobasements.com", true }, { "envirotech.com.au", true }, { "envoie.moi", true }, + { "envoutement-desenvoutement.com", true }, { "envoyez.moi", true }, { "envoyglobal.com", true }, - { "envoyworld.com", true }, { "envygeeks.io", true }, { "eocservices.co.uk", true }, { "eoitek.com", true }, @@ -11393,7 +11585,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "epassafe.com", true }, { "epave.paris", true }, { "epay.bg", true }, - { "ephe.be", true }, + { "epdeveloperchallenge.com", true }, { "ephesusbreeze.com", true }, { "epi.one", true }, { "epic-vistas.com", true }, @@ -11403,7 +11595,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "epicenter.work", true }, { "epicenter.works", true }, { "epicentre.works", true }, - { "epichouse.net", true }, + { "epichouse.net", false }, { "epicinflatables.co.uk", true }, { "epickitty.co.uk", true }, { "epicpages.com", true }, @@ -11412,6 +11604,8 @@ static const nsSTSPreload kSTSPreloadList[] = { { "epicvistas.com", true }, { "epicvistas.de", true }, { "epicwalnutcreek.com", true }, + { "epidauros.be", true }, + { "epigrafes-led-farmakeia.gr", true }, { "epilis.gr", true }, { "epiphyte.network", true }, { "episkevh-plaketas.gr", true }, @@ -11424,34 +11618,14 @@ static const nsSTSPreload kSTSPreloadList[] = { { "epo32.ru", true }, { "epoch.com", true }, { "epolitiker.com", true }, - { "epos-distributor.co.uk", true }, { "epos.az", true }, - { "eposbirmingham.co.uk", true }, - { "eposbrighton.co.uk", true }, - { "eposbristol.co.uk", true }, - { "eposcardiff.co.uk", true }, - { "eposkent.co.uk", true }, - { "eposleeds.co.uk", true }, - { "eposleicester.co.uk", true }, - { "eposliverpool.co.uk", true }, - { "eposlondon.co.uk", true }, - { "eposmidlands.co.uk", true }, - { "eposnewport.co.uk", true }, - { "eposnottingham.co.uk", true }, - { "eposreading.co.uk", true }, - { "eposreview.co.uk", true }, - { "epossheffield.co.uk", true }, - { "epossurrey.co.uk", true }, - { "epossussex.co.uk", true }, - { "eposswansea.co.uk", true }, - { "epossystems.co.uk", true }, + { "eposig.net", true }, { "epostplus.li", true }, - { "eposwales.co.uk", true }, - { "eposyork.co.uk", true }, { "eppelblei.lu", true }, { "eppelduerferjugend.lu", true }, { "eppelpress.lu", true }, { "epreskripce.cz", true }, + { "epsilon.dk", true }, { "epsorting.cz", true }, { "epublibre.org", true }, { "epulsar.ru", true }, @@ -11459,6 +11633,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "epyonsuniverse.net", true }, { "eq-serve.com", true }, { "equalcloud.com", true }, + { "equeim.ru", true }, { "equidam.com", true }, { "equinecoaching.ca", true }, { "equinetherapy.ca", true }, @@ -11497,19 +11672,19 @@ static const nsSTSPreload kSTSPreloadList[] = { { "ericleuthardt.com", true }, { "erico.jp", true }, { "ericoc.com", true }, + { "erics.site", true }, { "ericwie.se", true }, { "eridanus.uk", true }, { "erigrid.eu", true }, { "eriix.org", true }, { "erikheemskerk.nl", true }, { "erikhubers.nl", true }, + { "erikkruithof.nl", true }, { "erikserver2.tk", true }, { "erikseth.de", true }, - { "erikwagner.de", true }, { "erikwalther.eu", true }, { "erinaceinae.com", true }, { "eriner.me", true }, - { "erinlin.com", true }, { "erinn.io", true }, { "erisrenee.com", true }, { "erixschueler.de", true }, @@ -11517,7 +11692,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "ernest.ly", true }, { "eroma.com.au", true }, { "eron.info", true }, - { "erotpo.cz", false }, + { "eroticforce.com", true }, { "erp-band.ru", true }, { "erp.band", true }, { "erpax.com", true }, @@ -11556,9 +11731,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "es-geenen.de", true }, { "es.search.yahoo.com", false }, { "es888.net", true }, - { "es8888.net", true }, { "es999.net", true }, { "es9999.net", true }, + { "esaborit.ddns.net", true }, { "esagente.com", true }, { "esailinggear.com", true }, { "esalesdata.com", true }, @@ -11569,7 +11744,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "esb-top.net", true }, { "esb116.com", true }, { "esb1314.net", true }, - { "esb1668.com", true }, { "esb168168.com", true }, { "esb168168.info", true }, { "esb168168.net", true }, @@ -11585,7 +11759,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "esb1788.info", true }, { "esb1788.net", true }, { "esb1788.org", true }, - { "esb17888.com", true }, { "esb2013.com", true }, { "esb2013.net", true }, { "esb2099.com", true }, @@ -11601,17 +11774,13 @@ static const nsSTSPreload kSTSPreloadList[] = { { "esb553.com", true }, { "esb555.biz", true }, { "esb555.cc", true }, - { "esb556.com", true }, { "esb5889.com", true }, { "esb5889.net", true }, { "esb6.net", true }, { "esb677.net", true }, { "esb775.net", true }, { "esb777.biz", true }, - { "esb777.cc", true }, - { "esb777.com", true }, { "esb777.me", true }, - { "esb777.net", true }, { "esb777.org", true }, { "esb886.com", true }, { "esb888.net", true }, @@ -11620,13 +11789,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "esb9588.com", true }, { "esb9588.net", true }, { "esb9588.org", true }, - { "esb999.com", true }, - { "esb999.info", true }, { "esb999.org", true }, - { "esba11.cc", true }, { "esba11.com", true }, { "esba11.in", true }, - { "esba11.net", true }, { "esball-in.com", true }, { "esball-in.net", true }, { "esball.bz", true }, @@ -11642,8 +11807,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "esball518.info", true }, { "esball518.net", true }, { "esball518.org", true }, - { "esball888.com", true }, - { "esball888.net", true }, { "esballs.com", true }, { "esbbon.com", true }, { "esbbon.net", true }, @@ -11656,6 +11819,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "esbm4.net", true }, { "esbm5.net", true }, { "esc.chat", true }, + { "escael.org", true }, { "escape2rooms.fr", true }, { "escapeplaza.de", true }, { "escapetalk.nl", true }, @@ -11674,10 +11838,8 @@ static const nsSTSPreload kSTSPreloadList[] = { { "eservices-greece.com", true }, { "esg-abi2001.de", true }, { "esgr.in", true }, - { "eshepperd.com", true }, { "eshobe.com", true }, { "eshop-prices.com", true }, - { "eshtapay.com", true }, { "esibun.net", true }, { "esigmbh.de", true }, { "esipublications.com", true }, @@ -11708,7 +11870,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "esphigmenou.gr", true }, { "espigol.org", true }, { "esports-network.de", true }, - { "esprit-cloture.fr", true }, { "espritrait.com", true }, { "esquirou-trieves.fr", true }, { "esquisse.fr", true }, @@ -11718,13 +11879,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "essaychecker.com", true }, { "essaydirectory.com", true }, { "essayforsale.net", true }, - { "essayforum.com", true }, { "essayhave.com", true }, - { "essaylib.com", true }, { "essaynews.com", true }, { "essaypro.net", true }, - { "essayscam.org", true }, - { "essayshark.com", true }, { "essaytalk.com", true }, { "essaywebsite.com", true }, { "essaywriting.biz", true }, @@ -11734,9 +11891,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "esslm.sk", true }, { "essoduke.org", true }, { "essteebee.ch", true }, + { "establo.pro", true }, { "estafallando.es", true }, { "estafallando.mx", true }, - { "estaleiro.org", true }, { "estan.cn", true }, { "estate360.co.tz", true }, { "estateczech-eu.ru", true }, @@ -11749,10 +11906,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "estetista.net", true }, { "esthesoleil.jp", true }, { "estilopack-loja.com.br", true }, + { "estoic.net", true }, { "estoniantrade.ee", true }, { "estonoentraenelexamen.com", true }, - { "estoqueinformatica.com.br", true }, - { "estudioamazonico.com", true }, { "estudiserradal.com", true }, { "esw00.com", true }, { "esw06.com", true }, @@ -11803,6 +11959,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "ethosinfo.com", true }, { "etienne.cc", true }, { "etikus-hacker.hu", true }, + { "etincelle.ml", true }, { "etiquetaunica.com.br", true }, { "etoile-usedcars.com", true }, { "etre-soi.ch", true }, @@ -11810,8 +11967,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "etrecosmeticderm.com", true }, { "etresmant.es", true }, { "etrker.com", true }, - { "etskinner.com", true }, - { "etskinner.net", true }, { "etudesbibliques.fr", true }, { "etudesbibliques.net", true }, { "etudesbibliques.org", true }, @@ -11825,6 +11980,8 @@ static const nsSTSPreload kSTSPreloadList[] = { { "euaggelion.blog.br", true }, { "euanbarrett.com", true }, { "euchre.us", true }, + { "eucl3d.com", true }, + { "eugenechae.com", true }, { "eugenekay.com", true }, { "eugenetech.org", true }, { "eujuicers.bg", true }, @@ -11851,7 +12008,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "eurekaarchitecture.com", true }, { "euro-servers.de", true }, { "euroalter.com", true }, - { "euroapo.org", true }, { "eurocenterobuda.hu", true }, { "eurocomcompany.cz", true }, { "eurofrank.eu", true }, @@ -11868,8 +12024,10 @@ static const nsSTSPreload kSTSPreloadList[] = { { "europapier.si", true }, { "europapier.sk", true }, { "europapier.ua", true }, + { "europarts-sd.com", true }, { "europastudien.de", true }, { "european-agency.org", true }, + { "europeancupinline.eu", true }, { "europeanpreppers.com", true }, { "europeantimberconnectors.ca", true }, { "europeantransportmanagement.com", true }, @@ -11881,7 +12039,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "euroscot.de", true }, { "euroservice.com.gr", true }, { "euroshop.or.at", true }, - { "euroskano.nl", true }, + { "eurotime.ua", true }, { "eurotramp.com", true }, { "eurotravelstar.eu", true }, { "eurousa.us", true }, @@ -11907,10 +12065,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "evanfiddes.com", true }, { "evangelicalmagazine.com", true }, { "evangelosm.com", true }, + { "evanreev.es", true }, { "evantage.org", true }, { "evantageglobal.com", true }, - { "evapp.org", true }, { "evasovova.cz", true }, + { "evavolfova.cz", true }, { "eve.ac", true }, { "eve0s.com", true }, { "evelienzorgt.nl", true }, @@ -11918,12 +12077,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "evemarketer.com", true }, { "evemodx.com", true }, { "evenementenhoekvanholland.nl", true }, - { "evenstar-gaming.com", true }, { "event4fun.no", true }, { "eventaro.com", true }, { "eventive.org", true }, + { "eventnexus.co.uk", true }, { "eventosenmendoza.com.ar", true }, - { "eventplace.me", false }, { "events-hire.co.uk", true }, { "eventtech.com", false }, { "ever.sale", true }, @@ -11937,12 +12095,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "evertonarentwe.com", true }, { "everwaking.com", false }, { "everybodyhertz.co.uk", true }, - { "everyday.eu.org", true }, { "everydaygary.com", true }, - { "everydaywot.com", true }, { "everydaywp.com", true }, { "everyex.com", true }, { "everyfad.com", true }, + { "everygayporn.com", false }, { "everythingaccess.com", true }, { "everytrycounts.gov", false }, { "everywhere.cloud", true }, @@ -11982,6 +12139,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "evoting.ch", true }, { "evrial.com", true }, { "evrica.me", true }, + { "evromandie.ch", true }, { "evstatus.com", true }, { "evtripping.com", true }, { "ewaipiotr.pl", true }, @@ -12004,9 +12162,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "exagoni.com.my", true }, { "example.sc", true }, { "example.wf", true }, - { "exampleessays.com", true }, { "examsmate.in", true }, { "exaplac.com", true }, + { "exarpy.com", true }, { "exatmiseis.net", false }, { "exceed.global", true }, { "exceedagency.com", true }, @@ -12014,6 +12172,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "exceltechoman.com", true }, { "exceltobarcode.com", true }, { "excentos.com", true }, + { "exceptionalservers.com", true }, { "excessamerica.com", true }, { "excesssecurity.com", true }, { "exchangeworks.co", true }, @@ -12023,6 +12182,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "exdamo.de", false }, { "exe-boss.tech", true }, { "exebouncycastles.co.uk", true }, + { "execution.biz.tr", true }, { "exehack.net", true }, { "exeintel.com", true }, { "exekutori.com", true }, @@ -12031,7 +12191,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "exerforge.net", true }, { "exeria.de", true }, { "exexcarriers.com", true }, - { "exgaywatch.com", true }, { "exgen.io", true }, { "exhaledayspa.com.au", true }, { "exhalespa.com", true }, @@ -12041,17 +12200,15 @@ static const nsSTSPreload kSTSPreloadList[] = { { "exmoe.com", true }, { "exocen.com", true }, { "exon.io", true }, + { "exoplatform.com", true }, { "exoscale.ch", true }, { "exoscale.com", true }, { "exoten-spezialist.de", true }, - { "exoticads.com", true }, { "exousiakaidunamis.pw", true }, { "exp.de", true }, { "expancio.com", true }, { "expandeco.com", true }, { "expatmortgage.uk", true }, - { "expatriate.pl", true }, - { "expecting.com.br", true }, { "experienceoutdoors.org.uk", true }, { "experienceoz.com.au", true }, { "expert-korovin.ru", true }, @@ -12068,11 +12225,12 @@ static const nsSTSPreload kSTSPreloadList[] = { { "exploitit.com.au", true }, { "exploodo.rocks", true }, { "exploravacations.in", true }, + { "exploremonero.com", true }, { "exploringenderby.com", true }, { "expo-america.ru", true }, { "expo-asia.ru", true }, { "expo-europe.ru", true }, - { "expokohler.com", true }, + { "expo-larionov.org", true }, { "exponentialnews.net", true }, { "expoort.co.uk", true }, { "expoort.com", true }, @@ -12084,7 +12242,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "exporta.cz", true }, { "express-shina.ru", true }, { "express-vpn.com", true }, - { "expressemotion.net", true }, { "expresshosting.org", true }, { "expressmarket.ru", true }, { "expresstinte.de", true }, @@ -12097,6 +12254,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "extasic.com", true }, { "extendwings.com", true }, { "extensia.it", true }, + { "extensibility.biz.tr", true }, { "extensiblewebmanifesto.org", true }, { "extensiblewebreportcard.org", true }, { "extensiblewebsummit.org", true }, @@ -12129,7 +12287,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "extremeservicesandrestoration.com", true }, { "exultcosmetics.co.uk", true }, { "exyplis.com", true }, - { "eyasc.nl", true }, { "eydesignguidelines.com", true }, { "eyeandfire.com", true }, { "eyecandy.gr", true }, @@ -12143,7 +12300,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "eyesonly.cc", true }, { "eynio.com", true }, { "eyona.com", true }, - { "eyps.net", true }, { "eyyit.com", false }, { "eyyubyilmaz.com", true }, { "ez3d.eu", true }, @@ -12153,7 +12309,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "ezgamble.com", true }, { "ezgif.com", true }, { "ezhik-din.ru", true }, - { "eznfe.com", true }, { "eztvtorrent.com", true }, { "ezwritingservice.com", true }, { "ezzhole.net", true }, @@ -12173,12 +12328,10 @@ static const nsSTSPreload kSTSPreloadList[] = { { "f2h.io", true }, { "f3nws.com", true }, { "f43.me", true }, - { "f5movies.top", true }, { "f5nu.com", true }, { "f5w.de", true }, { "fa-works.com", true }, { "faber.org.ru", true }, - { "fabian-fingerle.de", true }, { "fabian-koeppen.de", true }, { "fabianackle.ch", true }, { "fabianasantiago.com", true }, @@ -12190,6 +12343,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "fabiobier.com", true }, { "fabjansisters.eu", true }, { "fableforge.nl", true }, + { "fabmart.com", true }, { "fabrica360.com", true }, { "fabriceleroux.com", true }, { "fabriziocavaliere.it", true }, @@ -12203,7 +12357,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "facciadastile.it", true }, { "face-mania.com", true }, { "facealacrise.fr", true }, - { "facebattle.com", true }, { "facebook-atom.appspot.com", true }, { "facebook.com", true }, { "facebydrh.com", true }, @@ -12248,6 +12401,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "fahrwerk.io", true }, { "fai.gov", true }, { "fail.coach", true }, + { "fail4free.de", true }, { "failover.de", true }, { "failover.eu", true }, { "failoverplan.it", true }, @@ -12260,6 +12414,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "fairviewmotel-simcoe.com", true }, { "fairydust.space", true }, { "faithgrowth.com", true }, + { "faithindemocracy.eu", false }, { "faithleaks.org", true }, { "faithmissionaries.com", true }, { "faithwatch.org", true }, @@ -12275,9 +12430,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "falconfrag.com", true }, { "falconvintners.com", true }, { "falcoz.co", true }, - { "faldoria.de", false }, + { "faldoria.de", true }, { "falegname-roma.it", true }, - { "falldennismarketing.com", true }, + { "falkhusemann.de", true }, { "fallenangeldrinks.co.uk", true }, { "fallenangeldrinks.com", true }, { "fallenangelspirits.co.uk", true }, @@ -12295,6 +12450,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "fameng.nl", true }, { "famfi.co", true }, { "familiaperez.net", true }, + { "familie-kruithof.nl", true }, { "familie-kupschke.de", true }, { "familie-leu.ch", true }, { "familie-monka.de", true }, @@ -12316,6 +12472,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "famvangelder.nl", true }, { "famvsomeren.nl", true }, { "fanactu.com", true }, + { "fanatical.com", true }, { "fanboi.ch", true }, { "fancy-bridge.com", true }, { "fancy.org.uk", true }, @@ -12327,7 +12484,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "fanhouwan.com", true }, { "fanjoe.be", true }, { "fansided.com", true }, - { "fansmade.art", true }, { "fantasiapainter.com", true }, { "fantasticcleaners.com.au", true }, { "fantastichandymanmelbourne.com.au", true }, @@ -12338,6 +12494,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "fantasyspectrum.com", true }, { "fantopia.club", true }, { "fanvoice.com", true }, + { "fanyina.com", true }, { "fanyue123.tk", true }, { "fanz.pro", true }, { "fanzlive.com", true }, @@ -12345,14 +12502,12 @@ static const nsSTSPreload kSTSPreloadList[] = { { "faq.ie", true }, { "fara.gov", true }, { "faradji.nu", true }, - { "faradome.ws", true }, { "faraslot8.com", true }, { "farcecrew.de", true }, { "farfallapets.com.br", true }, { "farfetchos.com", true }, { "fargtorget.se", true }, { "farhadexchange.com", true }, - { "farhood.org", true }, { "farid.is", true }, { "farmacia-discreto.com", true }, { "farmacialaboratorio.it", true }, @@ -12369,6 +12524,8 @@ static const nsSTSPreload kSTSPreloadList[] = { { "farsil.eu", true }, { "fart.wtf", true }, { "farwat.ru", true }, + { "faschingmd.com", true }, + { "fascia.fit", true }, { "fashion-stoff.de", true }, { "fashion24.de", true }, { "fashion4ever.pl", true }, @@ -12408,6 +12565,8 @@ static const nsSTSPreload kSTSPreloadList[] = { { "fastvistorias.com.br", true }, { "fastwebsites.com.br", true }, { "faszienrollen-info.de", false }, + { "fateandirony.com", true }, + { "fatecdevday.com.br", true }, { "fatedata.com", true }, { "fathers4equalrights.org", true }, { "fatidique.com", true }, @@ -12422,11 +12581,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "fawong.com", true }, { "faxite.com", true }, { "faxvorlagen-druckvorlagen.de", true }, - { "fayntic.com", true }, { "fb.me", true }, { "fbcdn.net", true }, { "fbcopy.com", true }, - { "fbi.pw", true }, { "fbigame.com", true }, { "fbiic.gov", true }, { "fbijobs.gov", true }, @@ -12441,7 +12598,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "fcitasc.com", true }, { "fckd.net", true }, { "fcosinus.com", true }, - { "fcp.cn", true }, { "fcprovadia.com", true }, { "fcsic.gov", true }, { "fdevs.ch", true }, @@ -12451,11 +12607,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "fdm.ro", true }, { "fdms.gov", true }, { "fdn.one", true }, - { "fdos.me", true }, { "fdp-brig-glis.ch", true }, { "fdsys.gov", false }, { "feac.us", true }, { "feaden.me", true }, + { "fearby.com", true }, { "fearghus.org", true }, { "fearsomegaming.com", true }, { "feastr-dev.de", true }, @@ -12468,6 +12624,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "fedcenter.gov", true }, { "federaljobs.gov", true }, { "federalreserve.gov", true }, + { "federalreserveconsumerhelp.gov", true }, { "federatedbank.com", true }, { "federicomigliavacca.it", true }, { "fedjobs.gov", true }, @@ -12475,6 +12632,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "fedoramagazine.org", true }, { "fedorapeople.org", true }, { "fedoraproject.org", true }, + { "fedpartnership.gov", true }, { "fedramp.gov", false }, { "fedrtc.org", true }, { "fedshirevets.gov", true }, @@ -12498,7 +12656,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "feeriedesign-event.com", true }, { "feetpa.ws", true }, { "feezmodo.com", false }, - { "fefelovalex.ru", true }, { "fegame.eu", true }, { "fegame.mobi", true }, { "fegame.net", true }, @@ -12506,18 +12663,18 @@ static const nsSTSPreload kSTSPreloadList[] = { { "fegli.gov", true }, { "fehngarten.de", true }, { "fehnladen.de", true }, - { "feigling.net", true }, + { "feigling.net", false }, + { "feildel.fr", true }, { "feilen.de", true }, - { "feisbed.com", true }, { "feisim.com", true }, { "feisim.org", true }, - { "feist.io", true }, { "feistyduck.com", true }, { "feizhujianzhi.com", true }, { "fejes.house", true }, { "feld.design", true }, { "feld.saarland", true }, { "feldhousen.com", true }, + { "felett.es", true }, { "felgitscher.xyz", true }, { "felicifia.org", true }, { "felinepc.com", true }, @@ -12526,16 +12683,13 @@ static const nsSTSPreload kSTSPreloadList[] = { { "felixbarta.de", true }, { "felixcrux.com", true }, { "felixgenicio.com", true }, - { "felixhefner.de", true }, { "felixkauer.de", true }, - { "felixqu.com", true }, { "felixsanz.com", true }, { "felixseele.de", true }, { "felsing.net", true }, { "felsmalerei.net", true }, { "femanca.com", true }, { "femastudios.com", true }, - { "femdombbw.com", true }, { "feminina.pt", true }, { "femradio.es", true }, { "femtomind.com", true }, @@ -12574,7 +12728,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "festival-tipps.com", true }, { "festivaljapon.com", true }, { "festivalxdentro.com", true }, - { "fetlife.com", true }, { "fettlaus.de", true }, { "feudalisten.de", true }, { "feuerhuhn.de", true }, @@ -12592,11 +12745,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "fexco.com", true }, { "feyermedia.de", true }, { "ff-bad-hoehenstadt.de", true }, - { "ff-bg.xyz", true }, { "ff-getzersdorf.at", true }, { "ff-obersunzing-niedersunzing.de", true }, { "ff14-mstdn.xyz", true }, - { "ffb.gov", false }, { "ffbans.org", true }, { "ffiec.gov", true }, { "ffis.me", true }, @@ -12652,7 +12803,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "fight215.org", true }, { "figinstitute.org", true }, { "figshare.com", true }, - { "figura.cz", true }, { "figurasdelinguagem.com.br", true }, { "fiilr.com", true }, { "fiissh.tech", true }, @@ -12661,14 +12811,14 @@ static const nsSTSPreload kSTSPreloadList[] = { { "fijnewoensdag.nl", true }, { "fiken.no", true }, { "fil.fi", true }, + { "filamentia.nl", true }, { "filanthropystar.org", true }, + { "file-cloud.eu", true }, { "file-pdf.it", true }, - { "filebox.moe", false }, { "filecopa.com", true }, { "files.from-me.org", true }, { "filestar.io", true }, { "filetransfer.one", true }, - { "filewall.de", true }, { "filezilla-project.org", true }, { "filezilla.cn", true }, { "filhin.es", true }, @@ -12677,16 +12827,15 @@ static const nsSTSPreload kSTSPreloadList[] = { { "filidorwiese.nl", true }, { "filiio.com", true }, { "filingsmadeeasy.com", true }, + { "filiosoft.cloud", true }, { "filip-prochazka.com", true }, { "filippo.io", true }, { "filipsebesta.com", true }, { "filleritemsindia.com", true }, { "fillo.sk", true }, { "film-tutorial.com", true }, - { "film.photography", true }, - { "film.photos", true }, - { "filmatiporno.xxx", true }, { "filme-onlines.com", true }, + { "filmers.net", true }, { "filmesonline.online", true }, { "filmitis.com", true }, { "filmreviewonline.com", true }, @@ -12728,7 +12877,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "finefriends.nl", true }, { "finelovedolls.com", true }, { "finenet.com.tw", true }, - { "finewineonline.com", true }, { "finfev.de", true }, { "finflix.net", true }, { "finform.ch", true }, @@ -12738,6 +12886,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "finkenberger.org", false }, { "finnclass.cz", true }, { "finnwea.com", true }, + { "finpt.com", false }, { "finsprings.org", true }, { "fintandunleavy.com", true }, { "fintechnics.com", false }, @@ -12758,9 +12907,10 @@ static const nsSTSPreload kSTSPreloadList[] = { { "firefighters.dating", true }, { "firefly-iii.org", true }, { "firegoby.jp", true }, + { "firegore.com", true }, { "fireleadership.gov", true }, { "firemudfm.com", true }, - { "firepeak.ru", true }, + { "fireplex.co.uk", true }, { "fireportal.cz", true }, { "fireportal.sk", true }, { "fireshellsecurity.team", true }, @@ -12785,6 +12935,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "firstclasscastles.com", true }, { "firstclassleisure.co.uk", true }, { "firstderm.com", true }, + { "firstdry.com.br", true }, { "firstfinca.de", true }, { "firstinnovation.co.jp", true }, { "firstinnovationltd.com", true }, @@ -12793,7 +12944,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "fischer-its.com", false }, { "fischer-kundendienst.de", true }, { "fischers.cc", true }, - { "fischers.it", true }, { "fischers.srv.br", true }, { "fise.cz", true }, { "fish-hook.ru", true }, @@ -12804,7 +12954,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "fishermansbendcorporation.com.au", true }, { "fishermansbendtownhouses.com.au", true }, { "fishexport.eu", true }, - { "fishfinders.info", true }, { "fishgen.no", true }, { "fishserver.net", true }, { "fishtacos.blog", true }, @@ -12815,7 +12964,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "fit365.jp", true }, { "fitchannel.com", true }, { "fitfitup.com", true }, + { "fitinclass.com", true }, { "fitkram.cz", true }, + { "fitmeat.at", true }, { "fitness-challenge.co.uk", true }, { "fitness.gov", true }, { "fitseven.ru", true }, @@ -12824,7 +12975,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "fiuxy.bz", true }, { "fiuxy.co", true }, { "fiuxy.me", true }, - { "fiuxy.org", true }, { "fiveboosts.xyz", true }, { "fivethirtyeight.com", true }, { "fixatom.com", true }, @@ -12856,7 +13006,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "flamme-von-anor.de", true }, { "flana.com", true }, { "flanga.io", true }, - { "flangaapis.com", true }, { "flapoverspeed.com", true }, { "flashback.org", true }, { "flashbeing.com", true }, @@ -12869,6 +13018,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "flatpackmates.co.uk", true }, { "flauschig.net", true }, { "flaviu.co.uk", true }, + { "flavo.io", true }, { "flavr.be", true }, { "flawlesscowboy.xyz", true }, { "fleamarketgoods.com", true }, @@ -12893,7 +13043,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "fletchto99.com", true }, { "flets-ms.com", true }, { "fleurenplume.fr", true }, - { "fleurette.me", true }, { "fleuryfleury.com", true }, { "flexapplications.se", true }, { "fleximaal.com", true }, @@ -12904,6 +13053,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "flextrack.dk", true }, { "flextribly.xyz", true }, { "fliacuello.com.ar", true }, + { "flickcritter.com", true }, { "flight.school", true }, { "flightdeckfriend.com", true }, { "flightmedx.com", true }, @@ -12918,7 +13068,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "fliio.com", true }, { "flikmsg.co", true }, { "flinch.io", true }, - { "fling.dating", true }, { "flipneus.net", true }, { "fliptable.org", true }, { "flirt-norden.de", true }, @@ -12936,8 +13085,10 @@ static const nsSTSPreload kSTSPreloadList[] = { { "floffi.media", true }, { "floj.tech", true }, { "flokinet.is", true }, + { "flomeyer.de", true }, { "floobits.com", true }, { "flood.io", true }, + { "floorballpoint.cz", true }, { "flooringnightmares.com", true }, { "flooringsourcetx.com", true }, { "floort.net", false }, @@ -12947,6 +13098,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "florentynadawn.co.uk", true }, { "florian-bachelet.fr", true }, { "florian-thie.de", true }, + { "florian2833z.de", true }, { "floriankarmen.com", true }, { "floriankeller.de", true }, { "florianmitrea.uk", true }, @@ -12963,7 +13115,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "flosch.at", false }, { "floseed.fr", true }, { "floskelwolke.de", true }, - { "flosserver.de", true }, { "flow.su", true }, { "flowair24.ru", true }, { "flowcom.de", true }, @@ -12980,6 +13131,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "flugsportvereinigungcelle.de", true }, { "fluhrers.de", true }, { "fluidmeterusa.com", true }, + { "fluids.ac.uk", true }, { "flumble.nl", true }, { "flunschi.goip.de", true }, { "fluoxetine.net", true }, @@ -12990,7 +13142,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "fluxent.de", false }, { "fluxfingers.net", true }, { "fluxforge.com", true }, - { "fluxi.fi", true }, { "fluxoid.com", true }, { "flw365365.com", true }, { "fly-en-drive.nl", true }, @@ -13000,7 +13151,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "flydrivesicilie.nl", true }, { "flyer.tools", true }, { "flygon.pink", true }, - { "flyinglocksmiths.com", false }, + { "flyinglocksmiths.com", true }, { "flyingpackets.net", true }, { "flyingrub.me", true }, { "flyingspaghettimonsterdonationsfund.nl", true }, @@ -13009,6 +13160,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "flyserver.co.il", true }, { "flyshe.co.uk", true }, { "flyspace.ml", true }, + { "flyssh.net", true }, { "flyswoop.com", true }, { "flyt.online", true }, { "flytoadventures.com", true }, @@ -13023,9 +13175,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "fmodoux.biz", true }, { "fmovies.fyi", true }, { "fmussatmd.com", true }, + { "fnanen.net", true }, { "fnb-griffinonline.com", true }, { "fnbnokomis.com", true }, - { "fnfpt.co.uk", true }, { "fnkr.net", true }, { "fnof.ch", true }, { "fnordserver.eu", true }, @@ -13039,6 +13191,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "foej-aktiv.de", true }, { "foej.net", true }, { "fogpublishingph.com", true }, + { "fogway.net", true }, { "foia.gov", true }, { "foiaonline.gov", true }, { "fojing.com", true }, @@ -13055,6 +13208,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "folkfests.org", true }, { "follandviolins.com", true }, { "followback.net", true }, + { "follower98.ir", true }, { "followerrocket.com", true }, { "followersya.com", true }, { "followings-live.com", true }, @@ -13065,13 +13219,13 @@ static const nsSTSPreload kSTSPreloadList[] = { { "folwark.krakow.pl", true }, { "folwarkwiazy.pl", true }, { "fomopop.com", true }, - { "fondanastasia.ru", true }, { "fondationwiggli.ch", true }, { "fondsdiscountbroker.de", true }, { "fondy.eu", true }, { "fondy.ua", true }, { "fonga.ch", true }, { "fonolo.com", true }, + { "fonseguin.ca", true }, { "font-converter.net", true }, { "fonte-trading.com", true }, { "fontein.de", true }, @@ -13079,14 +13233,12 @@ static const nsSTSPreload kSTSPreloadList[] = { { "fonts4free.net", true }, { "foo.fo", true }, { "foo.hamburg", true }, - { "foodacademy.capetown", true }, { "foodattitude.ch", true }, { "foodblogger.club", true }, { "foodcowgirls.com", true }, { "foodev.de", true }, { "foodsafety.gov", true }, { "foodsafetyjobs.gov", true }, - { "foodserve.in", true }, { "foodsouvenirs.it", true }, { "foodtable.at", true }, { "foodwise.marketing", true }, @@ -13119,10 +13271,12 @@ static const nsSTSPreload kSTSPreloadList[] = { { "forestraven.net", true }, { "foreverssl.com", true }, { "foreversummertime.com", true }, + { "forewordreviews.com", true }, + { "forex-plus.com", true }, { "forex.ee", true }, { "forexchef.de", true }, { "forexee.com", true }, - { "forexsignals7.com", true }, + { "forextickler.com", true }, { "forextimes.ru", false }, { "forfunssake.co.uk", true }, { "forge-goerger.eu", true }, @@ -13141,15 +13295,18 @@ static const nsSTSPreload kSTSPreloadList[] = { { "formula-ot.ru", true }, { "formulacionquimica.com", true }, { "fornoreason.net.au", true }, + { "fornwall.net", true }, { "foro.io", false }, { "forodeespanol.com", true }, { "forodieta.com", true }, { "forologikidilosi.com.gr", true }, { "forourselves.com", true }, { "forpc.us", true }, + { "forquilhinhanoticias.com.br", true }, { "forrestheller.com", true }, { "forro.info", true }, { "forsakringsarkivet.se", true }, + { "forschbach-janssen.de", true }, { "forsec.nl", true }, { "forstbetrieb-hennecke.de", true }, { "forstprodukte.de", true }, @@ -13161,6 +13318,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "fortran.io", true }, { "fortress.no", true }, { "fortress.sk", true }, + { "forty-two.nl", true }, { "forty8creates.com", true }, { "fortytwo.cloud", true }, { "forum-bonn.de", true }, @@ -13169,7 +13327,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "forum-kinozal.appspot.com", true }, { "forum.quantifiedself.com", false }, { "forum3.ru", true }, - { "forumjuridico.org", true }, { "forumvoordemocratie.nl", true }, { "forvisualdesign.com", true }, { "forward-fly-fishing.ch", true }, @@ -13195,10 +13352,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "fotoflits.net", true }, { "fotografiadellalucerossa.com", true }, { "fotohome.dk", true }, + { "fotokomorkomania.pl", true }, { "fotoleitner.com", true }, { "fotoleitner.de", true }, - { "fotonjan.com", true }, - { "fotostravestisbr.com", true }, { "fotostudio-leitner.com", true }, { "fotostudio-leitner.de", true }, { "fotostudio-schweiz.ch", true }, @@ -13206,6 +13362,8 @@ static const nsSTSPreload kSTSPreloadList[] = { { "fotowolfy.com", true }, { "fougner.co", true }, { "found.website", true }, + { "foundationspecialisteast.com", true }, + { "foundationspecialistmi.com", true }, { "foundchurch.co.uk", true }, { "foundsounds.me", true }, { "fourashesgolfcentre.co.uk", true }, @@ -13215,24 +13373,25 @@ static const nsSTSPreload kSTSPreloadList[] = { { "foutrelis.com", true }, { "fowlervwparts.com", true }, { "fowlsmurf.net", true }, + { "fox.my", true }, { "foxbnc.co.uk", true }, { "foxdev.co", true }, + { "foxes.no", true }, { "foxhound.com.br", true }, { "foxing.club", true }, + { "foxo.blue", true }, { "foxontheinter.net", true }, { "foxphotography.ch", true }, { "foxquill.com", true }, { "foxterrier.com.br", true }, - { "foyale.io", true }, { "fpc.gov", true }, { "fpersona.com", true }, - { "fpki.sh", true }, - { "fptravelling.com", false }, { "fpvr.org", true }, { "fpy.cz", true }, { "fr.search.yahoo.com", false }, { "fr33tux.org", true }, { "frack.nl", true }, + { "fracreazioni.it", true }, { "fraesentest.de", true }, { "fragmentspuren.de", true }, { "fragstore.net", true }, @@ -13242,7 +13401,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "framedpaws.com", true }, { "framezdakkapellen.nl", true }, { "fran.cr", true }, - { "francesca-and-lucas.com", true }, { "francescopalazzo.com", true }, { "francescoservida.ch", true }, { "francetraceur.fr", true }, @@ -13258,8 +13416,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "francoislepage.com", true }, { "francoz.me", true }, { "frandor.co.uk", true }, + { "frank.fyi", true }, + { "frankbellamy.co.uk", true }, { "franke-chemie.de", true }, - { "frankedier.com", true }, { "franken-lehrmittel.de", true }, { "frankenhost.de", true }, { "frankenlehrmittel.de", true }, @@ -13268,10 +13427,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "frankierprofi.de", true }, { "frankierstar.de", true }, { "frankinteriordesign.co.uk", true }, - { "frankl.in", true }, { "frankmorrow.com", true }, - { "franksiler.com", true }, { "frankslaughterinsurance.com", true }, + { "frankwei.xyz", true }, { "frankyan.com", true }, { "fransallen.com", true }, { "frantic1048.com", true }, @@ -13279,6 +13437,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "franz-vatter.de", true }, { "franz.beer", true }, { "franziska-pascal.de", true }, + { "franzknoll.de", true }, { "frappant.cc", false }, { "fraselab.ru", true }, { "frasesdodia.com", true }, @@ -13298,11 +13457,13 @@ static const nsSTSPreload kSTSPreloadList[] = { { "frdl.ch", true }, { "freaksites.dk", true }, { "freaksports.com.au", true }, + { "freakyawesome.com", true }, { "frebi.org", true }, { "frebib.co.uk", true }, { "frebib.com", true }, { "frebib.me", true }, { "frebib.net", true }, + { "freddieonfire.tk", false }, { "freddyfazbearspizzeria.com", true }, { "freddysfuncastles.co.uk", true }, { "fredericcote.com", true }, @@ -13311,22 +13472,22 @@ static const nsSTSPreload kSTSPreloadList[] = { { "frederikvig.com", true }, { "fredloya.com", true }, { "fredriksslekt.se", true }, - { "fredtec.ru", true }, { "fredvoyage.fr", true }, { "free-your-pc.com", true }, + { "free.ac.cn", true }, { "free.com.tw", true }, + { "freeassangenow.org", true }, { "freeasyshop.com", true }, { "freebarrettbrown.org", true }, { "freebcard.com", true }, { "freebetoffers.co.uk", true }, - { "freeblog.me", true }, { "freebookmakersbetsandbonuses.com.au", true }, { "freeboson.org", true }, - { "freecam2cam.site", true }, { "freecloud.at", true }, - { "freecookies.nl", true }, { "freedev.cz", true }, + { "freedom.nl", true }, { "freedom.press", true }, + { "freedom35.org", true }, { "freedomfinance.se", true }, { "freedomflotilla.org", true }, { "freedomfrontier.tk", true }, @@ -13334,7 +13495,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "freedomonline.bg", true }, { "freedomrahoitus.fi", true }, { "freeenglishhelp.com", true }, - { "freeexampapers.com", true }, { "freeform4u.de", true }, { "freegame-mugen.jp", true }, { "freegutters.com", true }, @@ -13376,6 +13536,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "freevps.us", false }, { "freeweibo.com", true }, { "freeyourmusic.com", true }, + { "freezion.com", true }, { "frei.social", true }, { "freifahrt.de", true }, { "freifamily.ch", true }, @@ -13394,7 +13555,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "freizeitplaza.de", true }, { "frejasdal.dk", true }, { "frenchcreekcog.org", true }, - { "frenzel.dk", true }, { "frequencebanane.ch", true }, { "frequentflyerapp.com", true }, { "fresh-hotel.org", true }, @@ -13426,7 +13586,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "friends24.cz", true }, { "friendship-quotes.co.uk", true }, { "friendshipismagicsquad.com", true }, - { "frieslandrail.nl", true }, { "friet.org", true }, { "frietbesteld.nl", true }, { "friezy.ru", true }, @@ -13443,7 +13602,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "frizo.com", true }, { "frly.de", true }, { "frob.nl", true }, - { "froehlich.it", true }, { "froehliche-hessen.de", true }, { "frogatto.com", true }, { "frogeye.fr", true }, @@ -13451,21 +13609,19 @@ static const nsSTSPreload kSTSPreloadList[] = { { "frogsonamission.de", true }, { "froh.co.jp", true }, { "frolova.org", true }, - { "from-the-net.com", true }, { "fromscratch.rocks", true }, { "fromthesoutherncross.com", true }, { "fronteers.nl", false }, + { "frontierdiscount.com", true }, { "fropky.com", true }, - { "frosthall.com", true }, { "frostprotection.co.uk", true }, { "frostwarning.com", true }, + { "frostysummers.com", true }, { "frothy.coffee", true }, { "froufe.com", true }, { "frozen-geek.net", true }, { "frozen-solid.net", true }, - { "frprn.com", true }, { "frprn.es", true }, - { "frprn.xxx", true }, { "frtn.com", true }, { "frtr.gov", true }, { "frtrains.com", true }, @@ -13485,6 +13641,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "fs-fitness.eu", true }, { "fs-maistadt.de", true }, { "fs257.com", true }, + { "fsapubs.gov", false }, { "fsbn.eu", true }, { "fsbnh.bank", true }, { "fsbpaintrock.com", true }, @@ -13496,12 +13653,10 @@ static const nsSTSPreload kSTSPreloadList[] = { { "fsdress.com", true }, { "fsfxpackages.com", true }, { "fsj4u.ch", true }, - { "fsk.fo", true }, { "fsky.info", true }, { "fsm2016.org", true }, { "fsps.ch", true }, { "fsstyle.com", true }, - { "fsvoboda.cz", true }, { "fsvt.ch", true }, { "ft.com", false }, { "ftang.de", true }, @@ -13534,7 +13689,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "fuglede.dk", true }, { "fuite.ch", true }, { "fuites.ch", true }, - { "fujianshipbuilding.com", true }, { "fujiorganics.com", false }, { "fujiwaraqol.com", true }, { "fukakukeiba.com", true }, @@ -13548,17 +13702,18 @@ static const nsSTSPreload kSTSPreloadList[] = { { "full-stack.ninja", true }, { "fullautomotivo.com.br", true }, { "fullbundle.com", true }, + { "fullereno.com", true }, + { "fullerlife.org.uk", true }, { "fullhost.com", true }, { "fullhub.ru", true }, { "fullmatch.net", true }, - { "fullpackage.co.uk", true }, { "fullstacknotes.com", true }, - { "fulltxt.ml", true }, { "fumblers.ca", true }, { "fumerolles.ch", true }, { "fumo.se", false }, { "fun-bounce.co.uk", true }, { "fun-tasia.co.uk", true }, + { "fun25.tk", true }, { "fun4kidzbouncycastles.co.uk", true }, { "fun4ubouncycastles.co.uk", true }, { "funadvisor.ca", true }, @@ -13569,7 +13724,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "funchestra.at", false }, { "functional.cc", true }, { "functions-online.com", true }, - { "fundayltd.com", true }, { "fundays.nl", true }, { "fundchan.com", true }, { "fundeego.com", true }, @@ -13578,12 +13732,14 @@ static const nsSTSPreload kSTSPreloadList[] = { { "funds.ddns.net", true }, { "funerariahogardecristo.cl", true }, { "funfactorleeds.co.uk", true }, + { "funfair.io", true }, { "funfoodco.co.uk", true }, { "funfunmstdn.tokyo", true }, + { "fungames.com", true }, { "funhouse-inflatables.co.uk", true }, - { "funi4u.com", true }, { "funinbeds.org.uk", true }, { "funken-networks.de", true }, + { "funkner.ru", true }, { "funktionel.co", true }, { "funktionsverket.se", true }, { "funkygamer1.de", true }, @@ -13596,7 +13752,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "funtime-inflatables.co.uk", true }, { "funtime.com.ua", true }, { "funtime.kiev.ua", true }, - { "funtimebourne.co.uk", true }, { "funtimeentertainment.co.uk", true }, { "funtimesbouncycastles.co.uk", true }, { "fur.red", true }, @@ -13615,6 +13770,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "furnfurs.com", true }, { "furnitureconcept.co.uk", true }, { "furry.agency", true }, + { "furry.cat", true }, { "furry.dk", true }, { "furry.zone", false }, { "furrybot.me", true }, @@ -13626,13 +13782,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "fuseos.net", true }, { "fushee.com", true }, { "fusiongaming.de", true }, - { "fuskator.com", true }, { "fussball-xxl.de", true }, - { "fussell.io", true }, { "futagro.com", true }, + { "futcre.com", true }, { "futrou.com", true }, { "future-moves.com", true }, - { "futurefire.de", true }, { "futurefund.com", true }, { "futurefundapp.com", true }, { "futurehack.io", true }, @@ -13643,14 +13797,12 @@ static const nsSTSPreload kSTSPreloadList[] = { { "futurope.com", true }, { "fuwafuwa.moe", true }, { "fuyu.moe", true }, - { "fuzoku.jp", true }, { "fuzzing-project.org", true }, { "fveevaete.com", true }, { "fwdx.net", true }, { "fwest.ovh", true }, { "fwest98.nl", true }, { "fwest98.ovh", true }, - { "fwww7.com", true }, { "fx-rk.com", true }, { "fx24.uk", true }, { "fx5.de", true }, @@ -13673,8 +13825,10 @@ static const nsSTSPreload kSTSPreloadList[] = { { "fxwebsites.com.au", true }, { "fxwebsites.net.au", true }, { "fxwebstudio.net.au", true }, + { "fyfywka.com", true }, { "fyksen.me", true }, { "fyn.nl", true }, + { "fyol.xyz", false }, { "fyretrine.com", true }, { "fysesbjerg.dk", true }, { "fysio123.nl", true }, @@ -13689,10 +13843,12 @@ static const nsSTSPreload kSTSPreloadList[] = { { "g-m-w.eu", true }, { "g-marketing.ro", true }, { "g-o.pl", true }, + { "g-p-design.com", true }, { "g-rom.net", true }, { "g0881.com", true }, { "g1.ie", true }, { "g10e.ch", true }, + { "g1s.cc", true }, { "g2links.com", true }, { "g2pla.net", true }, { "g2soft.net", true }, @@ -13704,12 +13860,15 @@ static const nsSTSPreload kSTSPreloadList[] = { { "g8energysolutions.co.uk", true }, { "gaaz.fr", true }, { "gabe565.com", true }, + { "gabeb1920.com", true }, { "gabecook.com", true }, { "gabemack.com", true }, { "gabinetpsychoterapii.krakow.pl", true }, { "gabriel.to", true }, { "gabrielsimonet.ch", true }, { "gabrielsteens.nl", true }, + { "gachimuchi.ru", true }, + { "gachiyase.com", true }, { "gachter.name", true }, { "gadabit.pl", true }, { "gadgethacks.com", true }, @@ -13726,17 +13885,15 @@ static const nsSTSPreload kSTSPreloadList[] = { { "gagniard.org", true }, { "gagor.pl", true }, { "gagygnole.ch", true }, + { "gaiavanderzeyp.com", true }, { "gaichon.com", true }, { "gailfellowsphotography.com", true }, { "gaines-sodiamex.fr", true }, { "gaio-automobiles.fr", true }, { "gaireg.de", true }, - { "gaiserik.com", true }, { "gaitandmobility.com", true }, { "gaitrehabilitation.com", true }, { "gaitresearch.com", true }, - { "gajas18.com", true }, - { "gakkainavi-epsilon.jp", true }, { "gakkainavi-epsilon.net", true }, { "gakkainavi.jp", true }, { "gakkainavi.net", true }, @@ -13746,14 +13903,18 @@ static const nsSTSPreload kSTSPreloadList[] = { { "gala.kiev.ua", false }, { "galactic-crew.org", true }, { "galak.ch", true }, + { "galanight.cz", true }, + { "galeria42.com", true }, { "galerieautodirect.com", true }, { "galeries.photo", true }, { "galgopersa.com.br", true }, + { "galilahiskye.com", true }, { "galileanhome.org", true }, - { "galileomtz.com", true }, { "galinas-blog.de", true }, { "galinos.gr", true }, { "galle.cz", true }, + { "gallerify.eu", true }, + { "galletasgabi.com.mx", false }, { "galleyfoods.com", true }, { "gallicrooster.com", true }, { "gallifreyapp.co.uk", true }, @@ -13769,11 +13930,12 @@ static const nsSTSPreload kSTSPreloadList[] = { { "gambitnash.com", true }, { "gambitprint.com", true }, { "gamblersgaming.eu", true }, - { "game-files.net", false }, + { "game4less.com", true }, { "game7.de", true }, { "gameblabla.nl", true }, { "gamebrott.com", true }, { "gamecard-shop.nl", true }, + { "gameclue.jp", true }, { "gamecollector.be", true }, { "gameconservation.org.uk", true }, { "gamedevelopers.pl", true }, @@ -13785,9 +13947,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "gamenerd.net", true }, { "gameofpwnz.com", true }, { "gamepad.com.br", true }, + { "gameplaysforkids.com", true }, + { "gamequest.info", true }, { "gamercredo.com", true }, + { "gamereader.de", true }, { "gamerezo.com", true }, - { "gamerz-stream.com", true }, { "gamerzdot.com", true }, { "games4theworld.org", true }, { "gamesaviour.com", true }, @@ -13797,6 +13961,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "gamesplanet.com", true }, { "gamesputnik.ru", true }, { "gamestats.gg", true }, + { "gametube.website", true }, { "gamilab.com", true }, { "gamilab.no", true }, { "gamingexodus.com", true }, @@ -13805,6 +13970,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "gamingwithcromulent.com", true }, { "gamingzoneservers.com", true }, { "gamishou.fr", true }, + { "gamivo.com", true }, { "gamoloco.com", true }, { "gan.wtf", true }, { "ganado.org", true }, @@ -13817,17 +13983,15 @@ static const nsSTSPreload kSTSPreloadList[] = { { "gandgliquors.com", true }, { "ganggalbichler.at", true }, { "gansleit.com", false }, - { "ganzgraph.de", true }, + { "ganyouxuan.com", true }, { "ganztagplus.de", true }, { "gao.rocks", true }, { "gaojianli.tk", true }, - { "gaon.network", true }, { "gaos.org", true }, { "gapdirect.com", true }, { "gapfa.org", true }, { "gaptek.id", false }, { "gar-nich.net", false }, - { "garage-abri-chalet.fr", true }, { "garage-leone.com", true }, { "garage-meynard.com", true }, { "garageenginuity.com", true }, @@ -13837,6 +14001,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "garanteasy.com", true }, { "garbage-juice.com", true }, { "garbomuffin.com", true }, + { "garciagerman.com", true }, { "garda-see.mobi", true }, { "gardedenfantspourtous.fr", true }, { "garden-life.org", true }, @@ -13846,12 +14011,14 @@ static const nsSTSPreload kSTSPreloadList[] = { { "gardinte.com", true }, { "garedtech.com", false }, { "garethbowker.com", true }, + { "garethkirk.com", true }, { "garethkirkreviews.com", true }, { "garethrhugh.es", true }, { "garforthgolfclub.co.uk", true }, { "gargazon.net", true }, { "garron.net", true }, { "garrowmediallc.com", true }, + { "gartenhauszentrum.de", true }, { "gartenplanung-brendes.de", true }, { "garycarmell.com", true }, { "garycwaite.com", true }, @@ -13862,43 +14029,43 @@ static const nsSTSPreload kSTSPreloadList[] = { { "garywhittington.com", true }, { "gashalot.com", true }, { "gastoudererenda.nl", true }, - { "gastritisolucion.com", true }, + { "gastromedicalcenter.com.br", true }, { "gastrotiger.at", true }, { "gastrotiger.de", true }, { "gate2home.com", true }, { "gateaucreation.fr", true }, { "gatewaybridal.com", true }, { "gatewaybronco.com", true }, - { "gatilagata.com.br", true }, { "gauche.com", true }, { "gaudeamus-folklor.cz", true }, { "gaudere.co.jp", true }, + { "gaurl.ga", true }, { "gaussianwaves.com", true }, { "gautham.it", false }, { "gauthier.dk", true }, { "gautvedt.no", true }, { "gavins.stream", true }, { "gavinsblog.com", true }, + { "gawrimanecuta.com", true }, { "gay-jays.com", true }, - { "gay-sissies.com", true }, + { "gaya-sa.org", true }, { "gayforgenji.com", true }, { "gayjays.com", true }, { "gaysexpositions.guide", true }, - { "gaysfisting.com", true }, - { "gaytorrent.ru", true }, { "gayukai.net", true }, - { "gayxsite.com", true }, { "gazachallenge.org", true }, { "gazee.net", true }, { "gazellegames.net", false }, + { "gazete.org", true }, { "gazette.govt.nz", true }, { "gbc-radio.nl", true }, { "gbcsummercamps.com", true }, - { "gbit.xyz", true }, { "gbl.selfip.net", true }, { "gboys.net", true }, + { "gc-mc.de", true }, { "gc.gy", true }, { "gcbit.dk", true }, + { "gccm-events.com", true }, { "gcfadvisors.com", true }, { "gcgeeks.com.au", true }, { "gcguild.net", true }, @@ -13909,9 +14076,10 @@ static const nsSTSPreload kSTSPreloadList[] = { { "gdax.com", true }, { "gdb-tutorial.net", true }, { "gdgrzeszow.pl", true }, + { "gdhzcgs.com", true }, { "gdiary.net", true }, + { "gdngs.de", true }, { "gdpr-pohotovost.cz", true }, - { "gdutnic.com", true }, { "gdv.me", true }, { "gdz-spishy.com", true }, { "ge3k.net", false }, @@ -13921,7 +14089,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "gearfinder.nl", true }, { "gearseo.com.br", true }, { "gearset.com", true }, - { "geaskb.nl", true }, { "geass.xyz", true }, { "geba-online.de", true }, { "gebn.co.uk", true }, @@ -13935,6 +14102,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "gedankenworks.com", true }, { "geder.at", true }, { "gedlingcastlehire.co.uk", true }, + { "gee.is", true }, { "geecrat.com", true }, { "geek-hub.de", true }, { "geek.ch", true }, @@ -13942,29 +14110,31 @@ static const nsSTSPreload kSTSPreloadList[] = { { "geekabit.nl", true }, { "geekandi.com", true }, { "geekariom.com", true }, - { "geekchimp.com", true }, { "geekclubbooks.com", true }, { "geeklair.net", true }, { "geeklan.co.uk", true }, { "geekles.net", true }, { "geeknik.com", true }, { "geekpad.com", true }, - { "geekseries.fr", true }, + { "geeks.one", true }, { "geekshirts.cz", true }, { "geektopia.es", true }, { "geekwhack.org", true }, { "geekwithabudget.com", true }, { "geekwu.org", true }, - { "geeky.software", true }, { "geekystudios.us", true }, { "geekz.sk", true }, { "geekzone.co.nz", true }, { "geekzone.fr", true }, { "geeq.ch", true }, { "geerdsen.net", true }, + { "geertdegraaf.nl", true }, { "geertswei.nl", true }, { "gegeco.ch", true }, { "geh.li", true }, + { "gehaowu.com", true }, + { "gehirn.co.jp", true }, + { "gehirn.jp", true }, { "gehopft.de", true }, { "gehreslaw.com", true }, { "gehrke.in", true }, @@ -13990,7 +14160,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "gemini.com", true }, { "gemquery.com", true }, { "genchev.io", true }, - { "gencmedya.com", true }, + { "gencmedya.com", false }, { "genderidentiteit.nl", true }, { "gendrin.com", true }, { "gendundrupa.ch", true }, @@ -14000,6 +14170,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "geneau.net", true }, { "genehightower.com", true }, { "genehome.com.au", true }, + { "generace-id.org", true }, { "generador-electrico.com", true }, { "general-anaesthesia.com", true }, { "general-anaesthetics.com", true }, @@ -14019,7 +14190,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "geneve-naturisme.ch", true }, { "genevoise-entretien.ch", true }, { "genfaerd.dk", true }, - { "genie-seiner-generation.de", true }, + { "geniush.ovh", true }, { "geniusteacher.in", true }, { "geniuszone.biz", true }, { "genocidediary.org", true }, @@ -14034,10 +14205,10 @@ static const nsSTSPreload kSTSPreloadList[] = { { "gensicke.de", true }, { "genslerapps.com", true }, { "genslerwisp.com", true }, + { "gensokyo.chat", true }, { "gensonline.eu", true }, { "gentianes.ch", true }, { "gentoo-blog.de", true }, - { "gentooblog.de", true }, { "genusshotel-riegersburg.at", true }, { "genuxtsg.com", true }, { "genxnotes.com", true }, @@ -14051,6 +14222,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "geomex.be", true }, { "geoponika.gr", true }, { "geoport.al", true }, + { "georadar-algerie.com", true }, { "george-brighton.co.uk", true }, { "george-orwell.com", true }, { "georgebrighton.co.uk", true }, @@ -14060,6 +14232,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "georgemaschke.net", true }, { "georgescarryout.com", true }, { "georgewbushlibrary.gov", true }, + { "georgiaautoglass.net", true }, { "georgiaglassrepair.com", true }, { "georgiastuartyoga.co.uk", true }, { "georgioskontaxis.com", true }, @@ -14071,26 +14244,30 @@ static const nsSTSPreload kSTSPreloadList[] = { { "geosphereservices.com", true }, { "geotab.com", true }, { "gepe.ch", true }, + { "gepgroup.gr", true }, { "gepps.de", true }, { "geraintwhite.co.uk", true }, { "gerald-zojer.com", true }, { "geraldsonrealty.com", true }, + { "gerardinden.nl", true }, { "gerardozamudio.mx", true }, + { "gerbyte.co.uk", true }, + { "gerbyte.com", true }, + { "gerbyte.uk", true }, { "germandarknes.net", true }, { "germansoldiers.net", true }, { "germanssky.de", true }, { "gernert-server.de", true }, { "gero.io", true }, { "gerritcodereview.com", true }, - { "gerum.dynv6.net", true }, { "gerwinvanderkamp.nl", true }, { "ges-bo.de", true }, { "geschichtscheck.de", true }, { "geschmacksache.online", true }, { "geschwinder.net", true }, + { "gesica.cloud", true }, { "gestorehotel.com", true }, { "gestormensajeria.com", true }, - { "gesundes-im-napf.de", true }, { "gesundheitmassage.com", true }, { "gesundheitswelt24.de", true }, { "get-erp.ru", true }, @@ -14123,6 +14300,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "geti2p.com", true }, { "getidmcc.com", true }, { "getimgs.com", true }, + { "getinphase.com", true }, { "getitpeople.com", true }, { "getmango.com", true }, { "getmdl.io", true }, @@ -14142,7 +14320,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "getsecure.nl", true }, { "getsensibill.com", true }, { "getsetbounce.co.uk", true }, - { "getsetupfile.com", true }, { "getsilknow.com", true }, { "getsmartaboutdrugs.gov", true }, { "getsport.mobi", true }, @@ -14155,16 +14332,17 @@ static const nsSTSPreload kSTSPreloadList[] = { { "getupandbounce.co.uk", true }, { "getvdownloader.com", true }, { "getweloop.io", true }, + { "getwemap.com", true }, { "getwisdom.io", true }, { "getyeflask.com", true }, { "getyou.onl", true }, { "getyourlifestraight.com", true }, { "geyduschek.be", true }, { "gf-franken.de", true }, + { "gf5fcalc.com", true }, { "gfahnen.de", true }, { "gfast.ru", true }, { "gfcleisure.co.uk", true }, - { "gfe.li", true }, { "gfe.link", true }, { "gfelite.de", true }, { "gfestival.fo", true }, @@ -14175,31 +14353,32 @@ static const nsSTSPreload kSTSPreloadList[] = { { "gfnetfun.cf", true }, { "gforce.ninja", true }, { "gfoss.eu", true }, - { "gfournier.ca", true }, { "gfxbench.com", true }, { "ggdcpt.com", true }, { "gginin.today", true }, { "ggl-luzern.ch", true }, { "ggma.co.uk", true }, { "ggmmontascale.it", true }, - { "ggobbo.com", true }, { "ggp2.com", true }, { "ggs-marschallstrasse.de", true }, { "ggs.jp", true }, { "ggservers.com", true }, { "ggx.us", true }, { "gha.st", true }, + { "ghaglund.se", true }, + { "ghid-pitesti.ro", true }, { "ghini.com", true }, { "ghislainphu.fr", true }, { "ghostblog.info", false }, { "ghostcir.com", true }, + { "ghowell.io", true }, { "ghrelinblocker.info", true }, { "ghrelinblocker.org", true }, - { "ghuntley.com", false }, { "giac.org", true }, { "giacomodrago.com", true }, { "giacomodrago.it", true }, { "giacomopelagatti.it", true }, + { "giaithich.net", true }, { "gianproperties.com", true }, { "giant-panda.com", true }, { "giant-tortoise.com", true }, @@ -14214,6 +14393,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "giddyaunt.net", true }, { "giduv.com", true }, { "giebel.it", true }, + { "giegler.software", true }, { "gierds.de", true }, { "giethoorn.com", true }, { "gietvloergarant.nl", false }, @@ -14221,15 +14401,14 @@ static const nsSTSPreload kSTSPreloadList[] = { { "giftedconsortium.com", true }, { "giftking.nl", false }, { "giftmaniabrilhos.com.br", true }, + { "gifts.best", true }, { "gifts365.co.uk", true }, - { "giftservices.nl", true }, { "gig-raiffeisen.de", true }, { "giga.nl", true }, { "gigabitz.pw", true }, { "gigacog.com", true }, { "gigantism.com", true }, { "gigawa.lt", true }, - { "gigawattz.com", true }, { "giggletotz.co.uk", true }, { "gigime.com", true }, { "gigin.eu", true }, @@ -14237,7 +14416,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "gigis-pizzeria.de", true }, { "gigis.cloud", true }, { "giglink.club", true }, - { "gigolodavid.be", true }, { "gigseekr.com", true }, { "gigtroll.eu", true }, { "gijsbertus.com", true }, @@ -14254,13 +14432,15 @@ static const nsSTSPreload kSTSPreloadList[] = { { "gilmoreid.com.au", true }, { "gilnet.be", true }, { "gina-architektur.design", true }, - { "ginie.de", true }, + { "gingersutton.com", true }, { "ginionusedcars.be", true }, { "ginja.co.th", true }, { "ginnegappen.nl", true }, { "ginniemae.gov", true }, + { "gino-gelati.de", true }, { "ginza-luce.net", true }, { "ginzadelunch.jp", true }, + { "ginzaj.com", true }, { "giochi-online.ws", true }, { "giochiecodici.it", true }, { "gioielleriamolena.com", true }, @@ -14278,12 +14458,14 @@ static const nsSTSPreload kSTSPreloadList[] = { { "girsa.org", true }, { "girvas.ru", true }, { "gisgov.be", true }, + { "gisher.news", true }, { "gisher.org", true }, + { "gisher.video", true }, { "gistr.io", true }, { "git.ac.cn", true }, { "git.market", true }, + { "git.sb", true }, { "git.tt", true }, - { "gitar.io", true }, { "gitep.org.uk", true }, { "gites-alizea.com", true }, { "gitesdeshautescourennes.com", true }, @@ -14291,8 +14473,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "gitla.in", true }, { "gitstuff.tk", true }, { "gittigidiyor.com", true }, - { "gittr.ch", true }, - { "giuem.com", true }, + { "giuem.com", false }, { "giunchi.net", true }, { "giuseppemacario.men", true }, { "givastar.com", true }, @@ -14318,10 +14499,10 @@ static const nsSTSPreload kSTSPreloadList[] = { { "gl.search.yahoo.com", false }, { "glaciernursery.com", true }, { "gladwellentertainments.co.uk", true }, - { "glahcks.com", true }, { "glamguru.co.il", true }, { "glamguru.world", true }, { "glamour4you.de", true }, + { "glamourdaze.com", true }, { "glasdon.com", true }, { "glasen-hardt.de", true }, { "glasfaser-im-hanseviertel.de", true }, @@ -14335,14 +14516,17 @@ static const nsSTSPreload kSTSPreloadList[] = { { "gleanview.com", true }, { "gleich-aluminium-shop.de", true }, { "glenberviegolfclub.com", true }, + { "glencambria.com", true }, { "glencarbide.com", true }, { "glendarraghbouncycastles.co.uk", true }, { "glenhuntlyapartments.com.au", true }, { "glenshere.com", true }, { "glevolution.com", true }, + { "glicerina.online", true }, { "glidingshop.cz", true }, { "glidingshop.de", true }, { "glidingshop.eu", true }, + { "glitzerstuecke.de", true }, { "glloq.org", true }, { "glob-coin.com", true }, { "global-adult-webcams.com", true }, @@ -14372,9 +14556,12 @@ static const nsSTSPreload kSTSPreloadList[] = { { "glocalworks.jp", true }, { "glofox.com", true }, { "gloneta.com", false }, + { "glosiko.com", true }, + { "glossopnorthendafc.co.uk", true }, { "glotech.co.uk", true }, { "glotechkitchens.co.uk", true }, { "glotechrepairs.co.uk", true }, + { "glu3cifer.rocks", true }, { "glueck-im-norden.de", true }, { "gluecksgriff-taschen.de", true }, { "glueckskindter.de", true }, @@ -14384,6 +14571,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "glutenfreevr.com", true }, { "glykofridis.nl", true }, { "glyxins.com", true }, + { "gm-net.jp", true }, { "gm.search.yahoo.com", false }, { "gmail.com", false }, { "gmantra.org", true }, @@ -14396,8 +14584,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "gmod.de", true }, { "gmpark.dk", true }, { "gmpartsdb.com", true }, + { "gmslparking.co.uk", true }, { "gmta.nl", true }, - { "gmw-hannover.de", true }, + { "gmtplus.co.za", true }, { "gmw-ingenieurbuero.de", true }, { "gmx.at", true }, { "gmx.ch", true }, @@ -14407,11 +14596,15 @@ static const nsSTSPreload kSTSPreloadList[] = { { "gmx.es", true }, { "gmx.fr", true }, { "gmx.net", true }, + { "gn00.com", true }, { "gnax.jp", false }, + { "gndh.net", true }, { "gnetion.com", true }, { "gnetwork.eu", true }, + { "gnfrazier.me", true }, { "gnhub.org", true }, { "gnilebein.de", true }, + { "gnk.io", true }, { "gnuand.me", true }, { "gnucashtoqif.us", true }, { "gnunet.org", true }, @@ -14422,6 +14615,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "go-embedded.de", true }, { "go-wild.co.uk", true }, { "go-zh.org", true }, + { "go.microsoft.com", true }, { "go.xero.com", false }, { "go2ubl.nl", true }, { "goa8.xyz", true }, @@ -14435,7 +14629,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "gobouncy.co.uk", true }, { "gobouncy.com", true }, { "gobranding.com.vn", true }, - { "gocardless.com", true }, + { "gocher.me", true }, { "gochu.se", true }, { "gocleanerslondon.co.uk", true }, { "god-clan.hu", true }, @@ -14457,6 +14651,8 @@ static const nsSTSPreload kSTSPreloadList[] = { { "goedverzekerd.net", true }, { "goemail.me", true }, { "goerlitz-zgorzelec.org", true }, + { "goerres2014.de", true }, + { "goesta-hallenbau.de", true }, { "goetemp.de", true }, { "goetic.space", true }, { "goettinger-biergarten.de", true }, @@ -14477,9 +14673,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "goingreen.com.au", true }, { "gokhankesici.com", true }, { "gokmenguresci.com", true }, + { "golang.zone", true }, { "gold24.ru", true }, - { "goldclubcasino.com", true }, + { "goldcoastasian.com", true }, { "goldcoasthypnotherapyhypnosis.com.au", true }, + { "goldcoastphotographycourses.com", true }, { "goldcoaststumpbusters.com", true }, { "goldegg-training.com", false }, { "goldenbadger.de", true }, @@ -14487,14 +14685,13 @@ static const nsSTSPreload kSTSPreloadList[] = { { "goldenhillsoftware.com", true }, { "goldenhost.ca", true }, { "goldenplate.com.sg", true }, + { "goldfmromania.ro", true }, { "goldmark.com.au", true }, { "goldpreisfinder.at", true }, { "goldsecurity.com", true }, - { "goldsky.com.au", true }, { "goldstein.tel", true }, { "golf18network.com", true }, { "golf18staging.com", true }, - { "golfburn.com", true }, { "golfhausmallorca.com", true }, { "golfmeile.de", true }, { "golfpark-bostalsee.de", true }, @@ -14504,6 +14701,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "golser.info", true }, { "gomasy.jp", true }, { "gomelchat.com", true }, + { "gomiblog.com", true }, { "gommista.roma.it", true }, { "gondawa.com", true }, { "gongjianwei.com", true }, @@ -14517,7 +14715,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "gooddomainna.me", true }, { "goodenough.nz", false }, { "goodfeels.net", true }, - { "goodvibesblog.com", true }, { "google", true }, { "google-analytics.com", true }, { "googleandroid.cz", true }, @@ -14526,14 +14723,15 @@ static const nsSTSPreload kSTSPreloadList[] = { { "googlesource.com", true }, { "goombi.fr", true }, { "goonersworld.co.uk", true }, + { "goooo.info", true }, { "gootlijsten.nl", true }, { "goozp.com", true }, { "gopher.tk", true }, { "goproallaccess.com", true }, { "goquiq.com", true }, - { "gorakukai.jp", true }, - { "gordonobrecht.com", true }, { "gordonscouts.com.au", true }, + { "gorf.chat", true }, + { "gorf.club", true }, { "gorgias.me", true }, { "gorky.media", true }, { "gorn.ch", true }, @@ -14543,11 +14741,12 @@ static const nsSTSPreload kSTSPreloadList[] = { { "gosforthdentalsurgery.co.uk", true }, { "goshawkdb.io", true }, { "goshin-group.co.jp", true }, - { "goshow.tv", true }, { "gospelfollower.com", true }, + { "gospelofmark.ch", true }, { "gospelvestcination.de", true }, { "gostaffer.com", true }, { "gostest.org", true }, + { "gosu.pro", true }, { "gosuland.org", true }, { "got-tty.de", true }, { "goteborgsklassikern.se", true }, @@ -14567,8 +14766,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "gottcode.org", false }, { "goudenharynck.be", true }, { "gouforit.com", true }, - { "goujianwen.com", true }, - { "goukon.ru", true }, { "gouldcooksey.com", true }, { "goup.co", true }, { "goup.com.tr", true }, @@ -14588,13 +14785,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "gowin9.net", true }, { "gowithflo.de", true }, { "gozenhost.com", true }, - { "gpalabs.com", true }, { "gpcsolutions.fr", true }, { "gpdimaranathasiantar.org", true }, { "gpfclan.de", true }, { "gpgscoins.com", true }, { "gplans.us", true }, - { "gplintegratedit.com", true }, { "gpm.ltd", true }, { "gprs.uk.com", true }, { "gps.com.br", true }, @@ -14608,15 +14803,16 @@ static const nsSTSPreload kSTSPreloadList[] = { { "gra2.com", true }, { "graasp.net", false }, { "grabacabpa.com", true }, - { "grabi.ga", true }, { "grace-wan.com", true }, + { "gracebaking.com", false }, { "gracedays.org", true }, { "gracethrufaith.com", true }, { "gracetini.com", true }, { "graciousmay.com", true }, - { "gradenotify.com", true }, + { "gradecam.com", true }, { "gradienthosting.co.uk", true }, { "gradients.com", true }, + { "gradingcontractornc.com", true }, { "gradualgram.com", true }, { "graeber.com", true }, { "graecum.org", true }, @@ -14630,6 +14826,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "grafoteka.pl", true }, { "graft.community", true }, { "graft.observer", true }, + { "grahamcarruthers.co.za", true }, { "grahamcluley.com", true }, { "grahamofthewheels.com", true }, { "grailians.com", true }, @@ -14639,8 +14836,10 @@ static const nsSTSPreload kSTSPreloadList[] = { { "gram.tips", true }, { "gramati.com.br", true }, { "grammysgrid.com", true }, + { "grana.com", true }, { "granary-demo.appspot.com", false }, { "grancellconsulting.com", true }, + { "grandcafecineac.nl", true }, { "grandcafetwist.nl", true }, { "grandcapital.cn", true }, { "grandcapital.id", true }, @@ -14650,13 +14849,12 @@ static const nsSTSPreload kSTSPreloadList[] = { { "grandefratellonews.com", true }, { "grandeto.com", true }, { "grandjunctionbrewing.com", true }, - { "grandmasfridge.org", true }, { "grandmusiccentral.com.au", true }, { "grandpadusercontent.com", true }, - { "grandwailea.com", true }, { "granfort.es", false }, { "granian.pro", true }, { "granishe.com", true }, + { "graniteind.com", true }, { "grannys-stats.com", true }, { "grannyshouse.de", true }, { "grantcooper.com", true }, @@ -14669,6 +14867,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "graphcommons.com", true }, { "graphene.software", true }, { "graphic-shot.com", true }, + { "graphified.nl", false }, { "graphire.io", true }, { "grapholio.net", true }, { "grasmark.com", true }, @@ -14698,7 +14897,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "grazieitalian.com", true }, { "grc.com", false }, { "greatagain.gov", true }, - { "greatergoodoffers.com", true }, { "greatestwebsiteonearth.com", true }, { "greatfire.org", true }, { "greatislandarts.ca", true }, @@ -14715,21 +14913,25 @@ static const nsSTSPreload kSTSPreloadList[] = { { "green-light.co.nz", true }, { "greenaddress.it", true }, { "greenapproach.ca", true }, + { "greenbaysecuritysolutions.com", true }, { "greencircleplantnursery.com.au", true }, { "greencircleplantnursery.net.au", true }, - { "greenenergysolution.uk", true }, + { "greenconn.ca", true }, { "greener.pl", true }, { "greenglam.biz", true }, { "greengoblindev.com", true }, { "greenhats.de", true }, { "greenliquidsystem.com", true }, + { "greenliv.pl", true }, { "greenlungs.net", true }, { "greenoutdoor.dk", false }, { "greenpanda.de", true }, { "greenpartyofnewmilford.org", true }, { "greenpeace-magazin.de", true }, + { "greenpeace.berlin", true }, { "greenroach.ru", true }, { "greenrushdaily.com", true }, + { "greensborosecuritycameras.com", true }, { "greensdictofslang.com", true }, { "greensquare.tk", true }, { "greenteamtwente.nl", true }, @@ -14738,8 +14940,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "greer.ru", true }, { "greg.red", true }, { "greger.me", true }, - { "gregmilton.com", true }, - { "gregmilton.org", true }, + { "gregmote.com", true }, { "gregoirow.be", true }, { "gregorians.org", true }, { "gregorkofler.com", true }, @@ -14763,6 +14964,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "greybeards.ca", true }, { "greyhash.se", true }, { "greymattertechs.com", true }, + { "greysky.me", true }, { "greyskymedia.com", true }, { "greysolutions.it", true }, { "greywizard.com", true }, @@ -14780,6 +14982,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "griegshipbrokers.com", true }, { "griegshipbrokers.no", true }, { "griesser2.de", true }, + { "grillen-darf-nicht-gesund-sein.de", true }, { "grillteller42.de", true }, { "grimcalc.com", true }, { "grimm-gastrobedarf.de", true }, @@ -14790,6 +14993,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "gritte.ch", true }, { "grizzlys.com", true }, { "grmp.fr", true }, + { "grocerybuild.com", true }, { "grocock.me.uk", true }, { "groenaquasolutions.nl", true }, { "groenewoud.me", true }, @@ -14807,23 +15011,22 @@ static const nsSTSPreload kSTSPreloadList[] = { { "groovygoldfish.org", true }, { "gropp.org", true }, { "gross.business", true }, - { "grossell.ru", true }, { "groszek.pl", true }, { "groth.im", true }, { "groth.xyz", true }, { "grothoff.org", true }, + { "grottenthaler.eu", true }, { "grouchysysadmin.com", true }, { "group4layers.net", true }, { "groupe-neurologique-nord.lu", true }, { "groupebaillargeon.com", true }, { "groupghistelinck-cars.be", true }, - { "grouphomes.com.au", false }, { "groupme.com", true }, { "groups.google.com", true }, { "growingallthings.co.uk", true }, { "growit.events", true }, { "growy.ch", true }, - { "grozter.se", true }, + { "grrmmll.com", true }, { "grsecurity.net", true }, { "gruble.de", true }, { "gruebebraeu.ch", true }, @@ -14834,6 +15037,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "gruenes-wp.de", true }, { "gruenprint.de", true }, { "gruenstreifen-ev.de", true }, + { "grumples.biz", true }, { "grumpy.fr", true }, { "grumpygamers.com", true }, { "grunwaldzki.center", true }, @@ -14849,11 +15053,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "gs93.de", true }, { "gsaj114.net", true }, { "gscloud.xyz", true }, + { "gsdb.net", true }, { "gsi-network.com", true }, { "gsimagebank.co.uk", true }, { "gslink.me", true }, { "gsmsecurity.net", true }, - { "gsoc.se", true }, { "gsrc.io", true }, { "gst.name", true }, { "gst.priv.at", true }, @@ -14870,6 +15074,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "gtmasterclub.it", false }, { "gtmetrix.com", true }, { "gtopala.com", true }, + { "gtopala.net", true }, { "gtour.info", false }, { "gtravers-basketmaker.co.uk", true }, { "gts-dp.de", true }, @@ -14881,12 +15086,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "guardiansoftheearth.org", true }, { "gubagoo.com", true }, { "gubagoo.io", true }, - { "gudangpangan.id", true }, { "gudini.net", true }, - { "gudrun.ml", true }, { "guegan.de", true }, { "guelo.ch", true }, { "guenthereder.at", true }, + { "guerard.info", true }, { "guerrilla.technology", true }, { "guesthouse-namaste.com", true }, { "guevener.de", true }, @@ -14896,7 +15100,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "guffr.it", true }, { "guge.ch", true }, { "gugert.net", true }, - { "guhei.net", true }, { "guhenry3.tk", true }, { "guiacidade.com.br", true }, { "guichet-entreprises.fr", true }, @@ -14906,9 +15109,10 @@ static const nsSTSPreload kSTSPreloadList[] = { { "guide-peche-cantal.com", true }, { "guidebook.co.tz", true }, { "guidedselling.net", true }, + { "guideline.gov", false }, + { "guidelines.gov", false }, { "guideo.ch", true }, { "guidepointsecurity.com", true }, - { "guides-et-admin.com", true }, { "guides-peche64.com", true }, { "guidesetc.com", true }, { "guidetoiceland.is", false }, @@ -14941,7 +15145,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "gurmel.ru", true }, { "gurpusmaximus.com", true }, { "guru-naradi.cz", true }, - { "gurubetng.com", true }, { "gurucomi.com", true }, { "gurueffect.com", true }, { "gurugardener.co.nz", true }, @@ -14955,15 +15158,13 @@ static const nsSTSPreload kSTSPreloadList[] = { { "guus-thijssen.nl", true }, { "guusvandewal.nl", true }, { "guvernalternativa.ro", true }, - { "guyot-tech.com", true }, + { "guyeskens.be", true }, { "gv-neumann.de", true }, { "gvatas.in", true }, { "gveh.de", true }, { "gvi-timing.ch", true }, - { "gvi.be", true }, { "gviedu.com", true }, { "gvitiming.ch", true }, - { "gvm.io", true }, { "gvobgyn.ca", true }, { "gvt2.com", true }, { "gvt3.com", true }, @@ -14977,6 +15178,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "gwrtech.com", true }, { "gwsec.co.uk", true }, { "gxmyqy.net", true }, + { "gyara.moe", true }, { "gyas.nl", true }, { "gycis.me", false }, { "gymagine.ch", true }, @@ -14987,6 +15189,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "gymnasium-hittfeld.de", true }, { "gympap.de", true }, { "gynaecology.co", true }, + { "gynoguide.com", true }, { "gypsyreel.com", true }, { "gyre.ch", true }, { "gyrenens.ch", true }, @@ -15011,7 +15214,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "h2s-design.de", true }, { "h2u.tv", true }, { "h3artbl33d.nl", true }, - { "h3z.jp", false }, + { "h3z.jp", true }, { "h404bi.com", true }, { "ha-kunamatata.de", true }, { "ha3.eu", true }, @@ -15031,9 +15234,10 @@ static const nsSTSPreload kSTSPreloadList[] = { { "haccp.bergamo.it", true }, { "haccp.milano.it", true }, { "haccp.roma.it", true }, + { "hacertest.com", true }, { "hacettepeteknokent.com.tr", true }, - { "hachre.de", true }, - { "hack.club", true }, + { "hachre.de", false }, + { "hack.cz", true }, { "hackademix.net", true }, { "hackanders.com", true }, { "hackattack.com", true }, @@ -15043,12 +15247,13 @@ static const nsSTSPreload kSTSPreloadList[] = { { "hackdown.me", true }, { "hackenkunjeleren.nl", true }, { "hackenturet.dk", true }, - { "hacker.club", true }, + { "hacker.holiday", true }, { "hacker.im", true }, { "hacker.one", true }, { "hacker.parts", true }, { "hacker1.com", true }, { "hacker101.com", true }, + { "hackerchai.com", true }, { "hackerco.com", true }, { "hackereyes.com", true }, { "hackergateway.com", true }, @@ -15059,6 +15264,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "hackerone.at", true }, { "hackerone.com", true }, { "hackerone.net", true }, + { "hackerpoints.com", true }, { "hackerschat.net", true }, { "hackerstxt.org", true }, { "hackettrecipes.com", true }, @@ -15073,7 +15279,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "hackthissite.org", true }, { "hacktic.info", true }, { "hacktivis.me", true }, - { "hackyourfaceoff.com", true }, + { "hackworx.com", false }, { "hackzogtum-coburg.de", true }, { "hadaly.fr", true }, { "hadleighswimmingclub.co.uk", true }, @@ -15085,24 +15291,27 @@ static const nsSTSPreload kSTSPreloadList[] = { { "haferman.net", true }, { "haferman.org", true }, { "hafniatimes.com", true }, - { "haggeluring.su", true }, { "hagueaustralia.com.au", true }, { "haha-raku.com", true }, { "hahay.es", true }, { "haiboxu.com", true }, - { "hail2u.net", true }, + { "haidihai.ro", true }, { "hailer.com", true }, + { "haim.bio", true }, + { "haimablog.ooo", true }, { "hairbeautyartists.it", true }, { "haircrazy.com", true }, - { "hairplaybychenellekay.com", true }, + { "hairplaybychenellekay.com", false }, { "hairraisingphotobooths.co.uk", true }, { "hairtonic-lab.com", true }, { "haixihui.cn", true }, { "haizum.pro", true }, + { "hajekdavid.cz", true }, { "hajekj.net", true }, { "hak5.org", true }, { "hakaru.org", true }, { "hakase.io", true }, + { "hakase.pw", true }, { "hakatabijin-mind.com", true }, { "hake.me", true }, { "hal-9th.space", true }, @@ -15117,6 +15326,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "halkyon.net", true }, { "hallelujahsoftware.com", true }, { "halletienne.fr", true }, + { "hallettxn.com", true }, { "hallhuber.com", true }, { "halliday.work", true }, { "halligladen.de", true }, @@ -15127,6 +15337,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "halongbaybackpackertour.com", true }, { "haloobaloo.com", true }, { "haloria.com", true }, + { "haltegame.com", true }, { "hamacho-kyudo.com", true }, { "hamali.bg", true }, { "hamburgerbesteld.nl", true }, @@ -15134,7 +15345,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "hamcram.io", true }, { "hamiltonlinen.com", true }, { "hamiltonmedical.nl", true }, - { "hamish.ca", true }, { "hammer-corp.com", true }, { "hammer-schnaps.com", true }, { "hammer-sms.com", true }, @@ -15151,8 +15361,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "handlecoin.com", true }, { "handleidingkwijt.com", true }, { "handmade-workshop.de", true }, - { "handmadegobelin.com", true }, - { "handmadeshoes.pe", true }, { "handyglas.com", true }, { "handymanlondonplease.co.uk", true }, { "handynummer.online", true }, @@ -15168,6 +15376,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "hannah.link", true }, { "hannoluteijn.nl", true }, { "hanoibuffet.com", true }, + { "hanpenblog.com", true }, { "hansbijster.nl", true }, { "hansch.ventures", true }, { "hanschventures.com", true }, @@ -15186,7 +15395,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "hanzubon.jp", true }, { "hao-zhang.com", true }, { "haogoodair.ca", true }, - { "haoqi.men", true }, { "haotown.cn", true }, { "haozhang.org", true }, { "haozi.me", true }, @@ -15218,8 +15426,8 @@ static const nsSTSPreload kSTSPreloadList[] = { { "harald-pfeiffer.de", true }, { "harapecorita.com", true }, { "harbor-light.net", true }, - { "hardeman.nu", true }, { "hardenize.com", true }, + { "hardergayporn.com", true }, { "hardertimes.com", true }, { "hardesec.com", true }, { "hardez.de", true }, @@ -15229,12 +15437,12 @@ static const nsSTSPreload kSTSPreloadList[] = { { "hardloopfysio.nl", true }, { "hardrain980.com", true }, { "hardtfrieden.de", true }, - { "hardtime.ru", true }, + { "hardwareschotte.de", true }, { "harekaze.info", true }, { "haribilalic.com", true }, { "harilova.fr", true }, + { "harion.fr", true }, { "harisht.me", false }, - { "haritsa.co.id", true }, { "harjitbhogal.com", true }, { "harlor.de", true }, { "harmfarm.nl", true }, @@ -15246,7 +15454,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "harp.gov", true }, { "harrcostl.com", true }, { "harringtonca.com", true }, - { "harrisonsdirect.co.uk", true }, { "harrisonswebsites.com", true }, { "harrisonvillenaz.org", true }, { "harry-baker.com", true }, @@ -15266,11 +15473,12 @@ static const nsSTSPreload kSTSPreloadList[] = { { "harveyauzorst.com", true }, { "harveymilton.com", true }, { "has-no-email-set.de", false }, - { "haschrebellen.de", true }, + { "has.work", true }, { "hasdf.de", true }, { "hasecuritysolutions.com", true }, { "haselsteiner.me", true }, { "hash-archive.org", true }, + { "hash.army", true }, { "hash.works", true }, { "hashcat.net", true }, { "hashes.org", true }, @@ -15296,12 +15504,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "haus-garten-test.de", true }, { "haus-henne.de", true }, { "haus-zeitlos.de", true }, - { "hausarztpraxis-linn.de", true }, { "haushenne.de", true }, + { "hausjugo.de", true }, { "haustechnik-breu.de", true }, { "hausundhof.com", true }, { "hausverbrauch.de", true }, - { "hauswarteam.com", true }, { "hautaka.com", true }, { "hautarztzentrum.ch", true }, { "hauteslatitudes.com", true }, @@ -15330,6 +15537,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "hayashi-rin.net", true }, { "hayden.one", false }, { "haydenjames.io", true }, + { "haydentomas.com", true }, { "hayfordoleary.com", true }, { "haynes-davis.com", true }, { "hayvid.com", true }, @@ -15344,13 +15552,13 @@ static const nsSTSPreload kSTSPreloadList[] = { { "hbpowell.com", true }, { "hcaz.io", true }, { "hcbj.io", true }, - { "hcoe.fi", true }, { "hd-gaming.com", true }, { "hd-offensive.at", false }, { "hd-only.org", true }, { "hd-outillage.com", true }, { "hda.me", true }, { "hdc.cz", true }, + { "hdcamvids.com", true }, { "hdcenter.cc", true }, { "hdeaves.uk", true }, { "hdf.world", true }, @@ -15361,7 +15569,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "hdrsource.com", true }, { "hdrtranscon.com", true }, { "hds-lan.de", true }, - { "hdwallpapers.net", true }, { "heaaart.com", true }, { "head.org", true }, { "head.ru", true }, @@ -15370,12 +15577,12 @@ static const nsSTSPreload kSTSPreloadList[] = { { "headshopinternational.com", true }, { "headshotharp.de", true }, { "healey.io", true }, + { "health-booster.com", true }, { "health-match.com.au", true }, { "health-plan-news.com", true }, { "health.gov", true }, { "health.graphics", true }, { "healthcare.gov", false }, - { "healthcare6.com", true }, { "healtheals.com", true }, { "healtheffectsofasbestos.com", true }, { "healthery.com", true }, @@ -15383,6 +15590,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "healthfoam.com", true }, { "healthgames.co.uk", true }, { "healthiercompany.com", true }, + { "healthiergenerations.co.uk", true }, { "healthit.gov", true }, { "healthlabs.com", true }, { "healthmatchapp.com", true }, @@ -15394,6 +15602,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "healthybeterlife.click", true }, { "healthyfitfood.com", true }, { "healthypeople.gov", true }, + { "healthyteame.com", true }, { "heap.zone", true }, { "hearmeraw.uk", true }, { "heart.taxi", true }, @@ -15407,7 +15616,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "heartview.com.br", true }, { "heartwoodart.com", true }, { "hearty.blog", true }, - { "hearty.cf", true }, { "hearty.ga", true }, { "hearty.gq", true }, { "hearty.me", true }, @@ -15416,7 +15624,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "hearty.org.tw", true }, { "hearty.taipei", true }, { "hearty.us", true }, - { "heartyapp.com", true }, { "heartycraft.com", true }, { "heatershop.co.uk", true }, { "heatingandairconditioningdallastx.com", true }, @@ -15435,14 +15642,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "heckelektro.de", true }, { "heckerundknopp.de", true }, { "heckticmedia.com", true }, - { "hectorj.net", true }, - { "hedgeschool.ie", true }, { "hedonism.org", true }, { "hedonistic-imperative.com", true }, { "hedonistic.org", true }, { "hedonium.com", true }, { "hedweb.co.uk", true }, - { "hedweb.com", true }, { "hedweb.net", true }, { "hedweb.org", true }, { "heeler.blue", true }, @@ -15470,6 +15674,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "heimonen.eu", true }, { "heimprofis.de", true }, { "heinemann.io", true }, + { "heinemeier.dk", true }, { "heinpost.nl", false }, { "heinzelmann.co", true }, { "heiraten-gardasee.de", true }, @@ -15478,7 +15683,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "heistheguy.com", true }, { "heitland-it.de", true }, { "heiwa-valve.co.jp", true }, - { "hejahanif.se", true }, { "hejianpeng.cn", true }, { "heka.ai", true }, { "helber-it-services.de", true }, @@ -15507,10 +15711,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "helmut-a-binser.de", true }, { "help.simpletax.ca", true }, { "helpconnect.com.au", true }, - { "helpdebit.com", true }, - { "helpfacile.com", true }, - { "helpfixe.com", true }, - { "helpflux.com", true }, { "helpgoabroad.com", true }, { "helpmij.cf", true }, { "helpscoutdocs.com", true }, @@ -15529,9 +15729,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "hendyisaac.com", true }, { "hengelsportdeal.com", true }, { "hengstumone.com", true }, - { "henhenlu.com", true }, { "henkboelman.com", true }, - { "henkbrink.com", true }, { "henker.net", true }, { "henkverlinde.com", false }, { "henley-computer-repairs.co.uk", true }, @@ -15548,10 +15746,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "henrock.net", true }, { "henry.gg", true }, { "henryphan.com", false }, - { "hentaiz.net", true }, + { "hentaiworld.cc", true }, { "hentschke-bau.de", true }, { "hentschke-betonfertigteilwerk.de", true }, { "hentschke-invest.de", true }, + { "henzenhoning.nl", true }, { "heppler.net", true }, { "heptafrogs.de", true }, { "herbal-id.com", true }, @@ -15565,6 +15764,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "herds.eu", true }, { "herdserv.de", true }, { "herebedragons.io", true }, + { "herecsrymy.cz", true }, { "heritagebaptistchurch.com.ph", true }, { "herkam.pl", true }, { "hermanbrouwer.nl", true }, @@ -15595,7 +15795,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "herzbotschaft.de", true }, { "herzfuersoziales.at", true }, { "herzig.cc", true }, - { "hesa.com", true }, { "hesaplama.net", true }, { "hessen-liebe.de", true }, { "hestervanderheijden.nl", true }, @@ -15621,7 +15820,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "hexicurity.com", true }, { "hexid.me", true }, { "hexieshe.com", true }, - { "hexo.io", true }, { "hexony.com", true }, { "hexr.org", true }, { "hexstream.net", true }, @@ -15633,16 +15831,13 @@ static const nsSTSPreload kSTSPreloadList[] = { { "heywood.cloud", true }, { "hf-tekst.nl", true }, { "hf51.nl", true }, - { "hflsdev.org", false }, { "hfox.org", true }, { "hg.gg", true }, { "hg.python.org", true }, - { "hg525.com", true }, { "hgbet.com", true }, - { "hgfa.fi", true }, + { "hgvnet.de", true }, { "hgw168.com", true }, { "hh-medic.com", true }, - { "hh-wolke.dedyn.io", true }, { "hhgdo.de", true }, { "hhhdb.com", true }, { "hhidr.org", true }, @@ -15673,16 +15868,16 @@ static const nsSTSPreload kSTSPreloadList[] = { { "highlatitudestravel.com", true }, { "highlegshop.com", true }, { "highlevelwoodlands.com", true }, - { "highlightsfootball.com", false }, + { "highlightsfootball.com", true }, { "highlnk.com", true }, { "highperformancehvac.com", true }, { "highspeed-arnsberg.de", true }, { "highspeedinternet.my", true }, { "highspeedinternetservices.ca", true }, { "hightechbasementsystems.com", true }, - { "hightimes.com", true }, { "highwaytohoell.de", true }, { "higilopocht.li", true }, + { "hikarukujo.com", true }, { "hike.pics", true }, { "hikingguy.com", true }, { "hilahdih.cz", true }, @@ -15709,6 +15904,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "hintergrundbewegung.de", true }, { "hinterhofbu.de", true }, { "hinterposemuckel.de", true }, + { "hiojbk.com", true }, { "hipi.jp", true }, { "hippies.com.br", true }, { "hippo.ge", true }, @@ -15718,16 +15914,15 @@ static const nsSTSPreload kSTSPreloadList[] = { { "hipstercat.fr", true }, { "hiqfleet.co.uk", true }, { "hiqfranchise.co.uk", true }, + { "hiqhub.co.uk", false }, { "hiqonline.co.uk", true }, { "hirake55.com", true }, { "hiratake.xyz", true }, { "hire-a-coder.de", true }, { "hireabouncycastle.net", true }, { "hirefitness.co.uk", true }, - { "hireprofs.com", true }, { "hiresteve.ca", true }, { "hiretech.com", true }, - { "hirevets.gov", true }, { "hirezzportal.com", true }, { "hiring-process.com", true }, { "hiromuogawa.com", true }, @@ -15746,11 +15941,13 @@ static const nsSTSPreload kSTSPreloadList[] = { { "hiteco.com", true }, { "hititgunesi-tr.com", true }, { "hitmanstat.us", true }, + { "hitn.at", true }, { "hitoapi.cc", true }, { "hitocom.net.br", true }, { "hitokoto-mania.com", true }, { "hitokoto.cn", true }, { "hitomecha.com", true }, + { "hitrek.ml", true }, { "hitter-lauzon.com", true }, { "hitter.family", true }, { "hitterfamily.com", true }, @@ -15767,18 +15964,20 @@ static const nsSTSPreload kSTSPreloadList[] = { { "hizzacked.xxx", true }, { "hj-mosaiques.be", true }, { "hj.rs", true }, + { "hj2999.com", true }, + { "hj3455.com", true }, { "hjartasmarta.se", true }, - { "hjf-immobilien.de", true }, { "hjkbm.cn", true }, - { "hjkhs.cn", true }, { "hjort.land", true }, { "hjortland.org", true }, { "hjphoto.co.uk", true }, { "hjtky.cn", true }, { "hjw-kunstwerk.de", true }, { "hk.search.yahoo.com", false }, + { "hkbsurgery.com", true }, { "hkdobrev.com", true }, { "hks.pw", true }, + { "hktkl.com", true }, { "hkustmbajp.com", true }, { "hl7999.com", true }, { "hl8999.com", true }, @@ -15789,8 +15988,10 @@ static const nsSTSPreload kSTSPreloadList[] = { { "hlfh.space", true }, { "hlidacnajemneho.cz", true }, { "hlinformatics.nl", true }, + { "hloe0xff.ru", true }, { "hlsmandarincentre.com", true }, { "hlucas.de", true }, + { "hm773.net", true }, { "hmcdj.cn", true }, { "hmhotelec.com", false }, { "hmoegirl.com", true }, @@ -15806,8 +16007,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "hoarding.me", true }, { "hobby-drechselei.de", true }, { "hobbyspeed.com", true }, - { "hocassian.cn", true }, + { "hochhaus.us", true }, { "hochoukikikiraku.com", true }, + { "hochyi.com", true }, { "hochzeit-dana-laurens.de", true }, { "hochzeitsfotograf-deinfoto.ch", true }, { "hochzeitsgezwitscher.de", true }, @@ -15820,7 +16022,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "hoe.re", true }, { "hoeft-autolackierung.de", true }, { "hoekvanholland.eu", true }, - { "hoelty.network", true }, { "hoeren.club", true }, { "hoesnelwasik.nl", true }, { "hoevenstein.nl", true }, @@ -15830,13 +16031,14 @@ static const nsSTSPreload kSTSPreloadList[] = { { "hofapp.de", true }, { "hofauer.de", true }, { "hoflerlawfirm.com", true }, + { "hogepad.com", true }, { "hogl.dk", true }, { "hogrebe.de", true }, { "hogwarts.io", true }, + { "hohenleimbach.de", true }, { "hohm.in", true }, { "hoiquanadida.com", true }, { "hoken-wakaru.jp", true }, - { "hokepon.com", true }, { "hokieprivacy.org", true }, { "hokify.at", true }, { "hokify.ch", true }, @@ -15849,7 +16051,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "holistichealer.in", true }, { "holisticon.de", true }, { "hollandsdiep.nl", true }, - { "hollerau.de", true }, { "hollermann.eu", true }, { "hollo.me", true }, { "hollowpoint.xyz", true }, @@ -15864,11 +16065,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "holoxplor.space", true }, { "holstphoto.com", true }, { "holvonix.com", true }, - { "holy-hi.com", true }, { "holydragoon.jp", true }, { "holygrail.games", true }, { "holyhiphopdatabase.com", true }, { "holymolycasinos.com", true }, + { "holytransaction.com", true }, { "holywhite.com", true }, { "holz.nu", true }, { "holzheizer-forum.de", true }, @@ -15879,18 +16080,20 @@ static const nsSTSPreload kSTSPreloadList[] = { { "holzundgarten.de", true }, { "holzvergaser-forum.de", true }, { "homatism.com", true }, - { "home-work-jobs.com", true }, + { "home-v.ind.in", true }, { "homeautomated.com", true }, { "homebasedsalons.com.au", true }, { "homebodyalberta.com", true }, { "homecareassociatespa.com", true }, { "homecarpetcleaning.co.uk", true }, { "homecheck.gr", true }, - { "homecoming.city", true }, + { "homefacialpro.com", false }, { "homegardeningforum.com", true }, { "homegardenresort.nl", true }, { "homehuntertoronto.com", true }, { "homehunting.pt", true }, + { "homeimagician.com.au", true }, + { "homem-viril.com", true }, { "homeodynamics.com", true }, { "homeoesp.org", true }, { "homeofjones.net", true }, @@ -15901,6 +16104,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "homeprivate.de", true }, { "homeseller.com", true }, { "homeserver-kp.de", true }, + { "homesteadandprepper.com", true }, { "homesteadfarm.org", true }, { "homewatt.co.uk", true }, { "homeyou.com", true }, @@ -15914,11 +16118,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "hondenoppasfraneker.nl", true }, { "honey.is", true }, { "honeybadger.io", false }, - { "honeybeard.co.uk", true }, { "honeycome.net", true }, { "honeycreeper.com", true }, { "honeyhaw.com", true }, { "honeypot.net", true }, + { "hong.io", true }, { "hongoi.com", true }, { "honkion.net", true }, { "honovere.de", true }, @@ -15930,19 +16134,18 @@ static const nsSTSPreload kSTSPreloadList[] = { { "hoop.la", true }, { "hoopertechnicalsolutions.com", true }, { "hooplessinseattle.com", true }, - { "hooray.beer", true }, { "hoorr.com", true }, { "hootworld.net", false }, + { "hoowhen.cn", true }, { "hopconseils.ch", true }, { "hopconseils.com", true }, { "hope-line-earth.jp", true }, - { "hopesb.org", true }, + { "hopesanddreams.org.uk", true }, { "hopla.sg", true }, { "hoplongtech.com", true }, { "hoponmedia.de", true }, { "hopps.me", true }, { "hoppyx.com", true }, - { "hopzone.net", true }, { "hor.website", true }, { "horaceli.com", true }, { "horackova.info", true }, @@ -15960,8 +16163,10 @@ static const nsSTSPreload kSTSPreloadList[] = { { "horodance.dk", true }, { "horrell.ca", true }, { "horrendous-servers.com", true }, + { "horrormovies.gr", true }, { "horsehunter.co.uk", true }, { "horstmanshof.eu", true }, + { "horton-brasses.com", true }, { "hory.me", true }, { "horza.org", true }, { "hoshimaq.com.br", true }, @@ -15998,16 +16203,21 @@ static const nsSTSPreload kSTSPreloadList[] = { { "hosyaku.gr.jp", true }, { "hotcandlestick.com", true }, { "hotchillibox.com", true }, + { "hotcoin.io", true }, + { "hotdoc.com.au", true }, { "hotel-kronjuwel.de", true }, { "hotel-le-vaisseau.ch", true }, { "hotel-pension-sonnalp.eu", true }, + { "hotel-rosner.at", true }, { "hotelamgarnmarkt.at", false }, + { "hotelarevalo.com", true }, { "hotelcoliber.pl", true }, { "hotelflow.com.br", true }, { "hotelident.de", true }, { "hotello.io", true }, { "hotelmap.com", true }, { "hotels-insolites.com", true }, + { "hotels3d.com", true }, { "hotels4teams.com", true }, { "hotelsinbuxton.com", true }, { "hotelsinformer.com", true }, @@ -16017,11 +16227,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "hotesb.com", true }, { "hotesb.net", true }, { "hothbricks.com", true }, - { "hotjuice.com", true }, { "hotnewhiphop.com", true }, { "hoto.us", true }, { "hoton.in", true }, - { "hotornot.com", true }, { "hotplate.co.nz", true }, { "hotplug.gr", true }, { "hottaro.com", true }, @@ -16037,25 +16245,30 @@ static const nsSTSPreload kSTSPreloadList[] = { { "housekeeperlondon.co.uk", true }, { "houseofherbs.gr", true }, { "houseofhouston.com", true }, + { "houseofyee.com", true }, { "houser.lu", true }, { "housese.at", true }, { "housetalk.ru", true }, { "houstonapartmentinsiders.com", true }, { "houstonauthorizedrepair.com", true }, { "houstoncreditlaw.com", true }, + { "houstontxlocksmiths.com", true }, { "houtinee.com", true }, { "how2play.pl", true }, { "howa-n.net", true }, { "howardtyson.com", true }, { "howbehealthy.com", true }, { "howbigismybuilding.com", true }, + { "howellaccounts.co.uk", true }, { "howgoodwasmysex.com", true }, + { "howieisawesome.com", true }, { "howlongtobeatsteam.com", true }, { "howmanymilesfrom.com", true }, { "howsecureismypassword.net", true }, { "howsmyssl.com", true }, { "howsmytls.com", true }, { "howsyourhealth.org", true }, + { "howtocommunicate.com.au", true }, { "howtogeek.com", true }, { "howtogeekpro.com", true }, { "howtogosolar.org", true }, @@ -16067,14 +16280,10 @@ static const nsSTSPreload kSTSPreloadList[] = { { "hp42.de", true }, { "hpac-portal.com", true }, { "hpbn.co", true }, - { "hpeditor.tk", true }, - { "hpepub.com", false }, { "hpisavageforum.com", true }, { "hpkp-faq.de", true }, { "hpnow.com.br", true }, { "hps.hu", true }, - { "hqq.tv", true }, - { "hquest.pro.br", true }, { "hqwebhosting.tk", false }, { "hr-tech.shop", true }, { "hr98.xyz", true }, @@ -16088,6 +16297,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "hreflang.info", true }, { "hrjfeedstock.com", true }, { "hrjfeedstock.org", true }, + { "hrk.io", true }, { "hrobert.hu", true }, { "hroling.nl", true }, { "hroschyk.cz", true }, @@ -16099,13 +16309,15 @@ static const nsSTSPreload kSTSPreloadList[] = { { "hs-arbeitsschutz.de", true }, { "hs-group.net", true }, { "hs-umformtechnik.de", true }, + { "hsappstatic.net", true }, { "hscorp.de", true }, + { "hsex.tv", true }, { "hsivonen.com", true }, { "hsivonen.fi", true }, { "hsivonen.iki.fi", true }, { "hsmr.cc", true }, { "hsn.com", true }, - { "hsr.gov", true }, + { "hsr.gov", false }, { "hsts.me", true }, { "hstsfail.appspot.com", true }, { "hstspreload.appspot.com", true }, @@ -16117,6 +16329,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "htaccessbook.com", true }, { "htaps.com", true }, { "hte.ovh", true }, + { "hti.digital", true }, { "html.moe", true }, { "html5.org", true }, { "html5media.info", true }, @@ -16130,7 +16343,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "http2.pro", true }, { "https.dk", true }, { "https.jetzt", true }, - { "https.ren", true }, { "https4all.org", true }, { "httpsecured.net", true }, { "httpsecurityreport.com", true }, @@ -16154,17 +16366,20 @@ static const nsSTSPreload kSTSPreloadList[] = { { "hua-li88.net", true }, { "huagati.com", true }, { "huahinpropertylisting.com", true }, - { "huang-haitao.com", true }, { "huangjingjing.com", true }, { "huangliangbo.com", true }, { "huangting.me", true }, + { "huangzenghao.cn", false }, { "huashan.co.uk", true }, { "huaxueba.com", true }, { "hub.org.ua", true }, { "hub385.com", true }, + { "hubapi.com", true }, + { "huber-informatik.de", true }, { "hubok.net", true }, { "hubrecht.at", true }, { "hubrick.com", true }, + { "hubspot.com", true }, { "huchet.me", true }, { "hudebnibazarmixer.cz", true }, { "hudrydum.cz", true }, @@ -16173,13 +16388,16 @@ static const nsSTSPreload kSTSPreloadList[] = { { "huendeleskopfhuette.de", true }, { "huersch.com", true }, { "huffduffer.com", true }, + { "huffsinsurance.com", true }, { "hughtodd.ink", true }, { "hugi.is", true }, { "hugizrecords.com", true }, { "huglen.info", true }, + { "hugofs.com", true }, { "hugolynx.fr", true }, { "huguesblanchard.paris", true }, { "huguesditciles.com", true }, + { "huh.gdn", true }, { "huh.today", true }, { "hui-in.com", true }, { "hui-in.net", true }, @@ -16232,9 +16450,10 @@ static const nsSTSPreload kSTSPreloadList[] = { { "humblebeeshop.com.au", true }, { "humbledot.com", true }, { "humboldtmfg.com", true }, + { "humeur.de", true }, { "hummy.tv", true }, { "humorcaliente.com", true }, - { "humorce.com", true }, + { "humorce.com", false }, { "humpchies.com", true }, { "humpen.se", true }, { "humppakone.com", true }, @@ -16243,14 +16462,15 @@ static const nsSTSPreload kSTSPreloadList[] = { { "hundesport-psvhalle.de", true }, { "hundeverwaltung.de", true }, { "hundter.com", true }, - { "hunqz.com", true }, { "hunstoncanoeclub.co.uk", true }, { "hunter.io", true }, { "hunterkehoe.com", true }, { "huntexpired.com", true }, { "huntingdonbouncers.co.uk", true }, { "huntingdonlifesciences.com", true }, + { "huntsmansecurity.com", true }, { "huoduan.com", true }, + { "huonit.com.au", true }, { "hup.hu", true }, { "hupp.se", true }, { "hurd.is", true }, @@ -16262,10 +16482,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "husakbau.at", true }, { "hushfile.it", true }, { "husic.net", false }, + { "huskyeye.de", true }, { "huskyinc.us", true }, { "hussam.eu.org", true }, - { "hustle.com", true }, - { "hustle.life", true }, { "hustlehope.com", true }, { "hustunique.com", true }, { "huto.ml", true }, @@ -16289,8 +16508,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "hxp.io", true }, { "hxsf.me", true }, { "hxying.com", true }, - { "hybridiyhdistys.fi", true }, - { "hybridklubben.fi", true }, { "hybridworx.com", true }, { "hybridworx.de", true }, { "hybridworx.eu", true }, @@ -16300,21 +16517,21 @@ static const nsSTSPreload kSTSPreloadList[] = { { "hycken.com", true }, { "hyckenberg.com", true }, { "hyderabadonlinegifts.com", true }, - { "hydrabit.nl", true }, { "hydrasolutions.de", true }, { "hydrazin.pw", true }, { "hydro17.com", true }, { "hydroagro.pl", true }, + { "hydrocloud.net", true }, { "hydrographicsocietybenelux.eu", true }, { "hydroturbine.info", true }, { "hydrozone.fr", true }, { "hyec.jp", true }, - { "hyeok.org", true }, { "hygo.com", true }, { "hyk.me", true }, { "hylemorphica.org", true }, { "hylians.com", true }, { "hynek.me", true }, + { "hyparia.fr", true }, { "hype.ru", true }, { "hypemgmt.com", true }, { "hyper-text.org", true }, @@ -16322,10 +16539,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "hyperautomotive.com.au", true }, { "hyperbolic-mayonnaise-interceptor.ovh", true }, { "hyperion.io", true }, - { "hyperporn.net", true }, { "hyperreal.biz", true }, - { "hyperreal.info", true }, { "hypersomnia.com", true }, + { "hyperstack.org", true }, { "hyperthymia.com", true }, { "hyphen.co.za", true }, { "hyphenpda.co.za", true }, @@ -16335,7 +16551,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "hypothes.is", true }, { "hypothyroidmom.com", true }, { "hyundai.no", true }, + { "hyvanilmankampaamo.fi", true }, { "hyvinvointineuvoja.fi", true }, + { "i-aloks.ru", true }, { "i-geld.de", true }, { "i-hakul.net", true }, { "i-logic.co.jp", false }, @@ -16351,7 +16569,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "i00.eu", true }, { "i1314.gdn", true }, { "i1place.com", true }, - { "i28s.com", true }, { "i2b.ro", true }, { "i5y.co.uk", true }, { "i5y.org", true }, @@ -16363,18 +16580,19 @@ static const nsSTSPreload kSTSPreloadList[] = { { "iactu.info", true }, { "iaeste.no", true }, { "iaeste.or.jp", true }, + { "iaf.gov", true }, { "iahemobile.net", true }, { "iainsimms.co.uk", true }, { "iainsimms.com", true }, { "iainsimms.me", true }, { "ialis.me", true }, + { "iam.lc", true }, { "iam.soy", true }, { "iambozboz.co.uk", true }, { "iamcarrico.com", true }, { "iamhansen.xyz", true }, { "iamjoshellis.com", true }, { "iamlbk.com", true }, - { "iamle.com", true }, { "iamtheib.me", true }, { "iamtonyarthur.com", true }, { "iamusingtheinter.net", true }, @@ -16384,6 +16602,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "iane-ccs.com", true }, { "ianix.com", true }, { "ianjmoriarty.com", true }, + { "ianklug.com", true }, { "iankmusic.com", true }, { "ianmooreis.me", true }, { "ianmoriarty.com.au", true }, @@ -16400,13 +16619,15 @@ static const nsSTSPreload kSTSPreloadList[] = { { "iberiaversicherungen.com", true }, { "ibericaderedes.es", true }, { "ibexcore.com", true }, + { "ibigawamizueco.com", true }, { "ibin.co", true }, { "ibiz.mk", true }, { "ibnw.de", true }, + { "ibodyiq.com", true }, { "ibpegasus.tk", true }, - { "ibpsrecruitment.co.in", true }, { "ibrainmedicine.org", true }, { "ibrom.eu", true }, + { "ibstyle.tk", true }, { "ibwc.gov", true }, { "ic-lighting.com.au", true }, { "ic3.gov", true }, @@ -16414,7 +16635,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "icake.life", true }, { "icanhasht.ml", true }, { "icarlos.net", true }, + { "icasture.top", true }, { "icbemp.gov", true }, + { "iccpublisher.com", true }, { "iceberg.academy", true }, { "icebook.co.uk", true }, { "icecars.net", true }, @@ -16434,10 +16657,8 @@ static const nsSTSPreload kSTSPreloadList[] = { { "icmshoptrend.com", true }, { "icnsoft.me", true }, { "icnsoft.org", true }, - { "ico500.com", true }, { "icodeconnect.com", true }, { "icoh.it", true }, - { "icondoom.nl", true }, { "iconomi.net", true }, { "icowhitepapers.co", true }, { "icq-project.net", true }, @@ -16471,6 +16692,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "idc-business.be", true }, { "idc.yn.cn", true }, { "idconsult.nl", true }, + { "idealimplant.com", true }, { "idealinflatablehire.co.uk", true }, { "idealninajemce.cz", false }, { "idealtruss.com", true }, @@ -16488,11 +16710,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "idered.net", true }, { "idesignstudio.de", true }, { "idexxpublicationportal.com", true }, + { "idfy.io", true }, { "idgard.de", false }, { "idgateway.co.uk", true }, { "idhosts.co.id", true }, - { "idid.tk", true }, - { "idiotentruppe.de", true }, + { "idisposable.co.uk", true }, { "idlethoughtsandramblings.com", true }, { "idmanagement.gov", true }, { "idmobile.co.uk", true }, @@ -16500,29 +16722,31 @@ static const nsSTSPreload kSTSPreloadList[] = { { "idoc24.com", true }, { "idolf.dk", true }, { "idolish7.fun", true }, + { "idolknow.com", true }, { "idolshop.dk", true }, { "idolshop.me", true }, { "idontplaydarts.com", true }, { "idranktoomuch.coffee", true }, + { "idratherbequilting.com", true }, { "idraulico-roma.it", true }, { "idraulico-roma.org", true }, { "idraulico.roma.it", true }, { "idrinktoomuch.coffee", true }, { "idrissi.eu", true }, { "idrycleaningi.com", true }, + { "idtheft.gov", true }, { "idubaj.cz", true }, { "idunno.org", true }, { "idvl.de", true }, { "ie.search.yahoo.com", false }, { "iea-annex61.org", true }, - { "iec.pe", true }, { "ieedes.com", true }, + { "ieeedeis.org", true }, { "ieeesb.nl", true }, { "ieeesbe.nl", true }, { "ieeespmb.org", true }, { "ieji.de", false }, { "iemas.azurewebsites.net", true }, - { "iemb.tk", true }, { "ienakanote.com", false }, { "ies-italia.it", true }, { "ietsdoenofferte.nl", true }, @@ -16531,7 +16755,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "ifamily.top", false }, { "ifangpei.cn", true }, { "ifangpei.com.cn", true }, - { "ifconfig.co", true }, { "ifelse.io", true }, { "ifengge.cn", true }, { "ifengge.me", true }, @@ -16544,12 +16767,14 @@ static const nsSTSPreload kSTSPreloadList[] = { { "ifort.fr", true }, { "ifosep.fr", true }, { "ifoss.me", true }, + { "ifreetion.cn", true }, { "ifsac.org", true }, { "ifsclist.com", true }, { "ifsr.de", true }, { "iftarsaati.org", true }, { "iftrue.de", true }, { "ifttl.com", false }, + { "ifxd.bid", true }, { "ifyou.live", true }, { "ig.com", true }, { "igaryhe.io", true }, @@ -16564,8 +16789,8 @@ static const nsSTSPreload kSTSPreloadList[] = { { "igk.nz", true }, { "igm-be.ch", true }, { "igmus.org", true }, - { "ignace72.eu", true }, { "ignacjanskiednimlodziezy.pl", true }, + { "ignat-mag.com", true }, { "ignat.by", true }, { "ignatovich.me", true }, { "ignet.gov", true }, @@ -16580,14 +16805,21 @@ static const nsSTSPreload kSTSPreloadList[] = { { "iha6.com", true }, { "ihacklabs.com", true }, { "ihatethissh.it", true }, - { "ihc.im", false }, + { "ihc.im", true }, { "ihkk.net", true }, + { "ihls.stream", true }, + { "ihls.world", true }, + { "ihls.xyz", true }, + { "ihoey.com", true }, { "ihollaback.org", true }, { "ihopeit.works", true }, { "ihostup.net", true }, { "ihrhost.com", true }, + { "ihtdenisjaccard.com", true }, { "ii74.com", true }, { "iiit.pl", true }, + { "iilin.com", false }, + { "iiong.com", false }, { "iirii.com", true }, { "iix.se", true }, { "ijm.io", true }, @@ -16597,8 +16829,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "ijunohana.jp", true }, { "ikachalife.com", true }, { "ikarate.ru", true }, - { "ike.io", true }, + { "ikarr.com", true }, { "ikeacareers.co.uk", true }, + { "ikedaquotes.org", true }, { "ikespta.com", true }, { "ikeyless.com", true }, { "ikigaiweb.com", true }, @@ -16610,6 +16843,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "ikkev.de", true }, { "ikkoku.de", true }, { "iklive.org", false }, + { "ikraenglish.com", true }, { "ikulist.me", true }, { "ikvts.de", true }, { "ikwilthepiratebay.org", true }, @@ -16628,6 +16862,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "ilektronika-farmakeia-online.gr", true }, { "ilemonrain.com", false }, { "ilhan.name", true }, + { "ilhansubasi.com", true }, { "iliastsi.net", true }, { "iligang.cn", true }, { "iligang.com", true }, @@ -16654,7 +16889,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "ilmuk.org", false }, { "ilove.fish", true }, { "ilrg.com", true }, - { "iltec-prom.ru", true }, { "iltec.ru", true }, { "iltisim.ch", true }, { "ilweb.es", true }, @@ -16667,8 +16901,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "imadalin.ro", true }, { "image-drive.de", true }, { "imagebin.ca", true }, - { "imagecurl.com", true }, - { "imagecurl.org", true }, { "imagefu.com", true }, { "imageination.co", true }, { "imagenesdedibujosalapizfacilesdehacer.com", true }, @@ -16683,6 +16915,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "imanageproducts.co.uk", true }, { "imanageproducts.uk", true }, { "imanesdeviaje.com", true }, + { "imaple.org", true }, { "imarkethost.co.uk", true }, { "imask.ml", true }, { "imawhale.com", true }, @@ -16702,9 +16935,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "imgaa.com", true }, { "imgbb.com", true }, { "imgg.es", true }, - { "imguoguo.com", true }, + { "imgup.co", true }, { "imguploaden.nl", true }, + { "imhua.com", true }, { "imi-rhapsody.eu", true }, + { "iminshell.com", true }, { "imirhil.fr", true }, { "imitza.com", true }, { "imjad.cn", true }, @@ -16712,6 +16947,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "imjustcreative.com", true }, { "imkerei-freilinger.de", false }, { "imkerverein-moenchswald.de", true }, + { "imlinan.com", true }, { "imlonghao.com", true }, { "immaterium.de", true }, { "immaternity.com", true }, @@ -16732,7 +16968,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "immortal.run", true }, { "imobile3.com", true }, { "imokuri123.com", true }, - { "imoner.com", true }, { "imouto.my", false }, { "imouyang.com", true }, { "impact.health.nz", true }, @@ -16758,12 +16993,12 @@ static const nsSTSPreload kSTSPreloadList[] = { { "imppac.de", true }, { "imprendo.co", true }, { "imprendo.pro", true }, - { "imprenta-es.com", false }, { "impresa-di-pulizie.org", true }, { "impresa-pulizie.it", true }, { "impresadipulizie.roma.it", true }, { "impresaedile.roma.it", true }, { "imprimante-3d-store.fr", true }, + { "improfestival.ee", true }, { "improklinikken.dk", true }, { "improved-madness.de", true }, { "impulsionsa.com", true }, @@ -16774,7 +17009,8 @@ static const nsSTSPreload kSTSPreloadList[] = { { "imrunner.ru", true }, { "ims-sargans.ch", true }, { "imscompany.com", true }, - { "imwnk.cn", false }, + { "imwalking.de", true }, + { "imwnk.cn", true }, { "imydl.com", true }, { "imydl.tech", true }, { "imyunya.com", true }, @@ -16809,6 +17045,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "incowrimo.org", true }, { "incparadise.net", true }, { "incubos.org", true }, + { "incy.io", true }, { "ind.ie", true }, { "indarceky.sk", false }, { "indecipherable.info", true }, @@ -16821,15 +17058,17 @@ static const nsSTSPreload kSTSPreloadList[] = { { "indian-elephant.com", true }, { "indianaantlersupply.com", true }, { "indianaberry.com", true }, + { "indianapolislocksmithinc.com", true }, + { "indiatrademarkwatch.com", true }, { "indiawise.co.uk", true }, { "indiayogastudio.net", true }, { "indicateurs-flash.fr", true }, { "indiegame.space", true }, { "indievelopment.nl", true }, + { "indigitalagency.com", true }, { "indigoinflatables.com", true }, { "indigosakura.com", true }, { "indiraactive.com", true }, - { "indiroyunu.com", true }, { "inditip.com", true }, { "indochina.io", true }, { "indogerman.de", true }, @@ -16837,14 +17076,12 @@ static const nsSTSPreload kSTSPreloadList[] = { { "indogermantrade.de", true }, { "indoorcomfortteam.com", true }, { "indoorplantsexpert.com", true }, - { "indostar303.com", true }, { "indovinabank.com.vn", true }, { "indusap.com", true }, { "indusfastremit-us.com", true }, { "indusfastremit.com", true }, { "indust.me", true }, { "industrialstarter.com", true }, - { "industriasrenova.com", true }, { "indybay.org", true }, { "ineardisplay.com", true }, { "inebula.it", true }, @@ -16853,10 +17090,12 @@ static const nsSTSPreload kSTSPreloadList[] = { { "inesfinc.es", true }, { "inesta.nl", true }, { "inet.se", true }, + { "inetpub.cn", true }, { "inetserver.eu", true }, { "inetsoftware.de", true }, { "inevitavelbrasil.com.br", true }, { "inf-fusion.ca", true }, + { "inference.biz.tr", true }, { "infermiere.roma.it", true }, { "inficom.org", true }, { "infinite.hosting", true }, @@ -16865,25 +17104,26 @@ static const nsSTSPreload kSTSPreloadList[] = { { "infinitiofaugustaparts.com", true }, { "infinitioflynnwoodparts.com", true }, { "infinity.to", true }, - { "infinitybas.com", true }, + { "infinitybc.se", true }, { "infinityengine.org", true }, - { "infinityepos.co.uk", true }, { "infirmiere-canadienne.com", true }, { "infirmieredevie.ch", true }, { "inflatablehire-scotland.co.uk", true }, { "inflatablesny.com", true }, { "inflatadays.co.uk", true }, { "inflatamania.com", true }, + { "inflationstation.net", true }, { "inflexsys.com", true }, { "influencerchampions.com", true }, + { "influo.com", true }, { "infmed.com", true }, { "info-beamer.com", true }, { "info-d-74.com", true }, { "info-screen.me", true }, { "info-screw.com", true }, - { "infoamin.com", true }, { "infobae.com", true }, { "infocity-tech.fr", true }, + { "infocoin.es", true }, { "infocommsociety.com", true }, { "infocon.org", true }, { "infocusvr.net", true }, @@ -16897,6 +17137,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "informatiebeveiliging.nl", true }, { "informatik-handwerk.de", true }, { "informationrx.org", true }, + { "informhealth.com", true }, { "informnapalm.org", true }, { "infosec-handbook.eu", true }, { "infosec.exchange", true }, @@ -16909,8 +17150,10 @@ static const nsSTSPreload kSTSPreloadList[] = { { "infotune.nl", true }, { "infovision-france.com", true }, { "infoweb.ee", true }, + { "infr.red", true }, { "infra.land", true }, { "infra.press", true }, + { "infradio.am", true }, { "infrafire.com", true }, { "infraflip.com", true }, { "infraflux.com", true }, @@ -16920,13 +17163,13 @@ static const nsSTSPreload kSTSPreloadList[] = { { "infranium.net", true }, { "infranium.org", true }, { "infranotes.com", true }, + { "infrapass.com", true }, { "infrapirtis.lt", true }, - { "infrarank.com", true }, { "infrarank.net", true }, + { "infrathink.com", true }, { "ing-buero-junk.de", true }, { "ing89.cc", true }, { "ing89.com", true }, - { "ingalls.run", true }, { "ingatlanjogaszok.hu", true }, { "ingatlanneked.hu", true }, { "ingber.com", true }, @@ -16953,7 +17196,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "inixal.com", true }, { "ink.horse", true }, { "inkable.com.au", true }, - { "inkbunny.net", false }, + { "inkeliz.com", true }, { "inkhor.se", true }, { "inkontriamoci.com", true }, { "inksay.com", true }, @@ -16970,9 +17213,10 @@ static const nsSTSPreload kSTSPreloadList[] = { { "inmoodforsex.com", true }, { "inmusrv.de", true }, { "innerfence.com", true }, - { "innerform.com", true }, + { "innerlightcrystals.co.uk", true }, { "innermostparts.org", true }, { "innersafe.com", true }, + { "innocenceseekers.net", true }, { "innohb.com", true }, { "innolabfribourg.ch", true }, { "innoloop.com", true }, @@ -16984,12 +17228,10 @@ static const nsSTSPreload kSTSPreloadList[] = { { "innovate-indonesia.com", true }, { "innovation-workshop.ro", true }, { "innovation.gov", false }, - { "innoventure.de", true }, - { "innovum.cz", true }, { "innsalzachsingles.de", true }, { "innwan.com", true }, { "inoa8.com", true }, - { "inorder.website", true }, + { "inobun.jp", true }, { "inovat.ma", true }, { "inovatec.com", true }, { "inovatecsystems.com", true }, @@ -17007,12 +17249,12 @@ static const nsSTSPreload kSTSPreloadList[] = { { "insho.fashion", true }, { "inside19.com", true }, { "insideaudit.com", true }, - { "insidethefirewall.tk", true }, { "insightera.co.th", true }, { "insighti.com", true }, { "insighti.eu", true }, { "insighti.org", true }, { "insighti.sk", true }, + { "insignificant.space", true }, { "insinuator.net", true }, { "insistel.com", true }, { "insolent.ch", true }, @@ -17029,12 +17271,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "installatietechniekgresnigt.nl", true }, { "installgentoo.net", true }, { "instamojo.com", true }, - { "instant-hack.io", true }, { "instant-thinking.de", true }, { "instant.io", true }, { "instantkhabar.com", true }, - { "instantsubs.de", true }, - { "instaquiz.ru", true }, { "instava.cz", true }, { "instawi.com", true }, { "instela.com", true }, @@ -17043,13 +17282,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "instinctive.io", true }, { "instinctiveads.com", true }, { "institut-confucius-montpellier.org", true }, - { "institutmaupertuis.hopto.org", true }, { "institutolancaster.com", false }, { "instrumart.ru", false }, { "insult.es", true }, { "insurance321.com", true }, { "insureon.com", true }, - { "insurethebox.tk", true }, { "insurgentsmustdie.com", true }, { "int-ma.in", true }, { "intae.it", true }, @@ -17061,6 +17298,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "integraelchen.de", true }, { "integralblue.com", true }, { "integralkk.com", true }, + { "integratedintegrations.xyz", true }, { "integratedmedicalonline.com", true }, { "integraxor.com.tw", true }, { "integrity.gov", true }, @@ -17095,26 +17333,23 @@ static const nsSTSPreload kSTSPreloadList[] = { { "interfesse.net", true }, { "interfloraservices.co.uk", true }, { "interflores.com.br", true }, - { "interfug.de", true }, { "intergozd.si", true }, { "interiery-waters.cz", true }, { "interimages.fr", true }, - { "interiorcheapo.com", true }, { "interiordesignsconcept.com", true }, { "interiortradingco.com.au", true }, { "interisaudit.com", true }, { "interlingvo.biz", true }, { "intermax.nl", true }, { "intermedinet.nl", true }, - { "internacao.com", true }, { "internalkmc.com", true }, { "internaluse.net", true }, { "international-arbitration-attorney.com", true }, { "international-nash-day.com", true }, { "internationalfashionjobs.com", true }, { "internationaltalento.it", true }, - { "internaut.co.za", true }, { "internect.co.za", true }, + { "internet-aukcion.info", true }, { "internet-software.eu", true }, { "internetaanbieders.eu", true }, { "internetbank.swedbank.se", true }, @@ -17131,11 +17366,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "internetofinsecurethings.com", true }, { "internetovehazardnihry.cz", true }, { "internetpro.me", true }, + { "internetstaff.com", true }, { "internetzentrale.net", true }, { "interracial.dating", true }, { "interseller.io", true }, { "interserved.com", false }, - { "interstellarhyperdrive.com", true }, { "intertime.services", true }, { "interview-suite.com", true }, { "interways.de", true }, @@ -17147,6 +17382,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "intl-webs.com", true }, { "intmissioncenter.org", true }, { "into.technology", true }, + { "intocities.de", false }, { "inton.biz", true }, { "intoparking.com", false }, { "intpforum.com", true }, @@ -17157,7 +17393,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "intraobes.com", true }, { "intrasoft.com.au", true }, { "intraxia.com", true }, + { "intune.life", true }, { "intvonline.com", true }, + { "intxt.net", true }, { "inup.jp", true }, { "inusasha.de", true }, { "inuyasha-petition.tk", true }, @@ -17178,16 +17416,15 @@ static const nsSTSPreload kSTSPreloadList[] = { { "investigatore.it", true }, { "investigazionimoretti.it", true }, { "investir.ch", true }, + { "investor-academy.jp", true }, { "investor.gov", true }, { "investoren-beteiligung.de", true }, { "investorforms.com", true }, { "investorloanshub.com", true }, { "investosure.com", true }, { "investpay.ru", true }, - { "invidio.us", true }, { "invioinc.com", true }, { "inviosolutions.com", true }, - { "invis.net", true }, { "invisible-college.com", true }, { "invisibles.ch", true }, { "invisionita.com", true }, @@ -17203,6 +17440,8 @@ static const nsSTSPreload kSTSPreloadList[] = { { "inwestcorp.se", true }, { "inzdr.com", true }, { "inzelabs.com", true }, + { "inzestfreunde.de", true }, + { "ioactive.com", true }, { "iobint.com", true }, { "iocheck.com", false }, { "iochen.com", true }, @@ -17216,6 +17455,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "iompost.com", true }, { "iomstamps.com", true }, { "ionlabs.kr", true }, + { "ionote.me", true }, { "ionovia.de", true }, { "ionx.co.uk", true }, { "ioover.net", true }, @@ -17223,8 +17463,8 @@ static const nsSTSPreload kSTSPreloadList[] = { { "iosjailbreakiphone.com", true }, { "ioslo.net", true }, { "iosnoops.com", true }, + { "iossifovlab.com", true }, { "iostream.by", true }, - { "iotfen.com", true }, { "iowaschoolofbeauty.com", true }, { "ip-blacklist.net", true }, { "ip-hahn.de", true }, @@ -17232,7 +17472,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "ip.sb", true }, { "ip2country.info", true }, { "ip3office.com", true }, - { "ip6.li", true }, + { "ip6.li", false }, { "ipad.li", true }, { "ipadkaitori.jp", true }, { "ipadportfolioapp.com", true }, @@ -17253,7 +17493,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "iphonote.com", true }, { "ipintel.io", true }, { "iplabs.de", true }, - { "iplantom.com", true }, { "iplayradio.net", false }, { "ipleak.net", true }, { "ipledgeonline.org", false }, @@ -17264,9 +17503,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "ipresent.com", true }, { "iprim.ru", true }, { "iproducemusic.com", true }, - { "iprody.com", true }, { "ipsec.pl", true }, { "ipssl.li", true }, + { "ipstoragesolutions.com", true }, { "ipstream.it", true }, { "ipswitch.com.tw", true }, { "iptvzoom.xyz", true }, @@ -17278,6 +17517,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "ipv6-handbuch.de", true }, { "ipv6.gr", true }, { "ipv6.jetzt", true }, + { "ipv6demo.de", true }, { "ipv6vpn.net", true }, { "ipv6wallofshame.com", true }, { "ipv8.net", true }, @@ -17286,13 +17526,16 @@ static const nsSTSPreload kSTSPreloadList[] = { { "ir1s.com", true }, { "iramellor.com", true }, { "iran-geo.com", true }, + { "irandp.net", true }, { "iranian.lgbt", true }, { "iranianholiday.com", true }, { "iranjeunesse.com", true }, { "irasandi.com", true }, { "irayo.net", true }, { "irc-results.com", true }, + { "ircmett.de", true }, { "iready.ro", true }, + { "ireef.tv", true }, { "iren.ch", true }, { "irenekauer.com", true }, { "irf2.pl", true }, @@ -17315,8 +17558,8 @@ static const nsSTSPreload kSTSPreloadList[] = { { "ironcarnival.com", true }, { "irondaleirregulars.com", true }, { "ironfistdesign.com", true }, - { "ironhide.de", true }, { "ironpeak.be", true }, + { "irrewilse.se", true }, { "irritant.net", true }, { "iruarts.ch", true }, { "iruca.co", true }, @@ -17347,13 +17590,13 @@ static const nsSTSPreload kSTSPreloadList[] = { { "isecrets.se", true }, { "iservicio.mx", true }, { "isfff.com", true }, + { "isfriday.com", true }, { "isgp-studies.com", true }, { "ishamf.com", true }, { "ishangirdhar.com", true }, { "ishet.al", true }, { "ishiharaken.com", true }, { "ishtarfreya.com", true }, - { "isidom.fr", true }, { "isil.fi", true }, { "isimonbrown.co.uk", true }, { "isincheck.com", true }, @@ -17362,6 +17605,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "isitchristmas.com", true }, { "isitcoffeetime.com", true }, { "isitdoneyet.gov", true }, + { "isitpatchtuesday.com", true }, { "isitup.org", true }, { "iskaron.de", true }, { "iskaz.rs", true }, @@ -17374,12 +17618,15 @@ static const nsSTSPreload kSTSPreloadList[] = { { "islazia.fr", true }, { "isletech.net", true }, { "isliada.org", true }, - { "islief.com", true }, + { "islykaithecutest.cf", true }, + { "islykaithecutest.ml", true }, + { "ismailkarsli.com", true }, { "ismat.com", true }, { "ismena.bg", true }, { "ismetroonfiretoday.com", true }, { "ismywebsitepenalized.com", true }, { "isn.cz", true }, + { "isognattori.com", true }, { "isolta.com", true }, { "isolta.de", true }, { "isolta.ee", true }, @@ -17407,12 +17654,12 @@ static const nsSTSPreload kSTSPreloadList[] = { { "issasfrissa.se", true }, { "issforum.org", true }, { "issio.net", true }, + { "issue.watch", true }, { "issues.email", true }, { "issuesofconcern.in", true }, { "ist-intim.de", true }, { "istdieweltschonuntergegangen.de", true }, { "isteinbaby.de", true }, - { "istheapplestoredown.com", true }, { "istheapplestoredown.de", true }, { "isthedoorlocked.com", true }, { "istheinternetdown.com", true }, @@ -17439,10 +17686,10 @@ static const nsSTSPreload kSTSPreloadList[] = { { "it-faul.de", true }, { "it-fernau.com", true }, { "it-jobbank.dk", true }, - { "it-kron.de", true }, { "it-maker.eu", true }, { "it-rotter.de", true }, { "it-schamans.de", true }, + { "it-seems-to.work", true }, { "it-service24.at", true }, { "it-service24.ch", true }, { "it-service24.com", true }, @@ -17460,6 +17707,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "italia-store.com", true }, { "italiachegioca.com", true }, { "italian.dating", true }, + { "italianjourneys.com.au", true }, { "italianshoemanufacturers.com", true }, { "italieflydrive.nl", true }, { "italserrande.it", true }, @@ -17469,7 +17717,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "itblog.pp.ua", true }, { "itbrief.co.nz", true }, { "itbrief.com.au", true }, - { "itchy.nl", true }, { "itchybrainscentral.com", true }, { "itcko.sk", true }, { "itdashboard.gov", true }, @@ -17488,7 +17735,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "itesign.de", true }, { "itfh.eu", true }, { "itfix.cz", true }, - { "itforcc.com", true }, { "itforge.nl", true }, { "itgirls.rs", true }, { "ithakama.com", true }, @@ -17511,11 +17757,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "itogoyomi.com", true }, { "itooky.com", true }, { "itpro.ua", true }, - { "itproject.guru", false }, { "itrack.in.th", true }, { "itraveille.fr", true }, { "itring.pl", false }, { "itruss.com.tw", true }, + { "itruth.tk", true }, { "its-future.com", true }, { "its-gutachten.de", true }, { "its4living.com", true }, @@ -17523,14 +17769,12 @@ static const nsSTSPreload kSTSPreloadList[] = { { "itsanicedoor.co.uk", true }, { "itsasaja.com", true }, { "itsaw.de", true }, - { "itsblue.de", true }, { "itsdcdn.com", true }, { "itsecblog.de", true }, { "itsecguy.com", true }, { "itsense.fr", true }, { "itsevident.com", true }, { "itsgoingdown.org", true }, - { "itshka.rv.ua", true }, { "itskayla.com", true }, { "itsmyparty.ie", true }, { "itsnotquitethehilton.com", true }, @@ -17544,7 +17788,10 @@ static const nsSTSPreload kSTSPreloadList[] = { { "itswincer.com", true }, { "ittop-gabon.com", true }, { "itzap.com.au", true }, + { "iusedtosmoke.com", true }, + { "iuyos.com", true }, { "ivanbenito.com", true }, + { "ivanboi.com", true }, { "ivancacic.com", false }, { "ivanmeade.com", true }, { "ivaoru.org", true }, @@ -17557,6 +17804,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "ivi.mx", true }, { "ivi.net.br", true }, { "ivi.pt", true }, + { "ivig.com.br", true }, { "ivinet.cl", true }, { "ivitalia.it", true }, { "ivo.co.za", true }, @@ -17589,6 +17837,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "ixquick.info", true }, { "ixquick.nl", true }, { "iyassu.com", true }, + { "iyouewo.com", true }, { "iyuanbao.net", true }, { "iz8mbw.net", true }, { "izaakbeekman.com", true }, @@ -17614,6 +17863,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "j8y.de", true }, { "ja-dyck.de", true }, { "ja-gps.com.au", true }, + { "ja-publications.agency", true }, { "ja.md", true }, { "jaakkohannikainen.fi", true }, { "jaalits.com", true }, @@ -17621,6 +17871,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "jaba.hosting", true }, { "jababu.cz", true }, { "jabbari.io", true }, + { "jabbas.eu", true }, { "jabber.at", true }, { "jabberfr.org", true }, { "jabbers.one", true }, @@ -17631,6 +17882,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "jabjab.de", true }, { "jaccblog.com", true }, { "jacekowski.org", true }, + { "jacik.cz", true }, { "jackdawphoto.co.uk", true }, { "jackdelik.de", true }, { "jackf.me", true }, @@ -17640,6 +17892,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "jackson-quon.com", true }, { "jackson.jp", true }, { "jacksonvillestation.com", true }, + { "jacksutton.info", true }, { "jackyliao123.tk", true }, { "jaco.by", true }, { "jacobamunch.com", true }, @@ -17647,10 +17900,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "jacobhaug.com", false }, { "jacobi-server.de", true }, { "jacobian.org", true }, + { "jacobjangles.com", true }, { "jacobphono.com", true }, { "jacuzziprozone.com", true }, + { "jadara.info", true }, { "jadchaar.me", true }, - { "jadopado.com", true }, { "jaegerlacke.de", true }, { "jagbouncycastles.co.uk", true }, { "jagerman.com", true }, @@ -17665,7 +17919,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "jaion.tech", true }, { "jaispirit.com", false }, { "jaitnetworking.com", false }, - { "jak-na-les.cz", true }, { "jakarta.dating", true }, { "jakdelatseo.cz", true }, { "jake.eu.org", true }, @@ -17673,11 +17926,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "jake.nom.za", true }, { "jakebeardsley.com", true }, { "jakecurtis.de", true }, - { "jakenbake.com", true }, { "jakereynolds.co", true }, { "jakerullman.com", true }, { "jakeslab.tech", true }, { "jaketremper.com", true }, + { "jakewestrip.com", true }, { "jakob-server.tk", true }, { "jakobejitblokaci.cz", true }, { "jakobkrigovsky.com", true }, @@ -17687,7 +17940,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "jakub-boucek.cz", true }, { "jakubarbet.eu", true }, { "jakubboucek.cz", true }, - { "jakubtopic.cz", true }, + { "jakubklimek.com", true }, { "jakubvrba.cz", true }, { "jala.co.jp", true }, { "jaleo.cn", true }, @@ -17695,7 +17948,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "jamaat.hk", true }, { "jamacha.org", true }, { "jamalfi.bio", true }, - { "jamaware.org", true }, { "jamberry.com.mx", true }, { "jamberrynails.co.uk", true }, { "james-bell.co.uk", true }, @@ -17704,7 +17956,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "jamesachambers.com", true }, { "jamesaimonetti.com", true }, { "jamesbillingham.com", true }, - { "jamesbradach.com", false }, { "jameschorlton.co.uk", true }, { "jamesdorf.com", true }, { "jamesgreenfield.com", true }, @@ -17712,13 +17963,13 @@ static const nsSTSPreload kSTSPreloadList[] = { { "jameshost.net", true }, { "jameshunt.us", false }, { "jamesj.me", false }, - { "jamesl.ml", true }, { "jamesmarsh.net", true }, { "jamesmilazzo.com", true }, { "jamesmorrison.me", true }, - { "jamesrains.com", true }, + { "jamesmurphy.com.au", true }, { "jamesrobertson.io", true }, { "jamesrobertson.net", true }, + { "jamesross.name", true }, { "jamesrussellward.co.uk", true }, { "jamessmith.me.uk", true }, { "jamhost.org", true }, @@ -17742,6 +17993,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "jan-rieger.de", true }, { "jan-roenspies.de", true }, { "jan-von.de", true }, + { "janada.cz", true }, { "janaundgeorgsagenja.eu", true }, { "janbrodda.de", true }, { "jandev.de", true }, @@ -17761,12 +18013,10 @@ static const nsSTSPreload kSTSPreloadList[] = { { "janokacer.sk", true }, { "janschaumann.de", true }, { "janssenwigman.nl", true }, - { "janvari.com", true }, - { "janvaribalint.com", true }, + { "janterpstra.eu", true }, + { "jantinaboelens.nl", true }, { "jaot.info", true }, { "japaniac.de", false }, - { "japanphilosophy.com", true }, - { "japansm.com", true }, { "japanwatches.xyz", true }, { "jape.today", true }, { "jardin-exotique-rennes.fr", true }, @@ -17775,16 +18025,19 @@ static const nsSTSPreload kSTSPreloadList[] = { { "jaredeberle.org", false }, { "jaredfernandez.com", true }, { "jaredfraser.com", true }, + { "jarivisual.com", true }, { "jarl.ninja", true }, { "jarniashop.se", true }, { "jaroku.com", true }, { "jarondl.net", true }, + { "jaroslavc.eu", true }, { "jarrettgraham.com", true }, { "jarroba.com", true }, { "jas-team.net", true }, { "jasl.works", true }, { "jasmijnwagenaar.nl", true }, { "jasminefields.net", true }, + { "jason.re", true }, { "jasonamorrow.com", true }, { "jasongerber.ch", true }, { "jasonian-photo.com", true }, @@ -17798,10 +18051,8 @@ static const nsSTSPreload kSTSPreloadList[] = { { "jaszbereny-vechta.eu", true }, { "javalestari.com", true }, { "javamilk.com", true }, - { "javfree.me", true }, { "javierburgos.net", true }, { "jaycouture.com", true }, - { "jayf.de", true }, { "jayfreestone.com", true }, { "jaymecd.rocks", true }, { "jayrl.com", true }, @@ -17825,11 +18076,12 @@ static const nsSTSPreload kSTSPreloadList[] = { { "jcadg.com", true }, { "jcai.dk", true }, { "jcaicedo.com", true }, - { "jcaicedo.tk", true }, + { "jcbgolfandcountryclub.com", true }, { "jci.cc", true }, { "jcra.net", true }, { "jctf.team", true }, { "jcwodan.nl", true }, + { "jcyz.cf", true }, { "jd-group.co.uk", true }, { "jd1.de", true }, { "jdassets.com", true }, @@ -17839,6 +18091,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "jdegbau.com", true }, { "jdheysupplies.co.uk", true }, { "jdjohnsonmedia.com", true }, + { "jdjohnsonwaterproofing.com", true }, { "jdm.elk.pl", true }, { "jdncr.com", true }, { "jdoi.pw", true }, @@ -17869,6 +18122,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "jeepeg.com", true }, { "jeepmafia.com", true }, { "jeff.forsale", true }, + { "jeffanderson.me", true }, { "jeffcasavant.com", false }, { "jeffcloninger.net", true }, { "jeffersonregan.co.uk", true }, @@ -17882,6 +18136,8 @@ static const nsSTSPreload kSTSPreloadList[] = { { "jefftickle.com", true }, { "jeffwebb.com", true }, { "jefrydco.id", true }, + { "jej.cz", true }, + { "jej.sk", true }, { "jekhar.com", true }, { "jelena-adeli.com", true }, { "jelewa.de", true }, @@ -17898,6 +18154,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "jellybeanbooks.com.au", true }, { "jelmer.co.uk", true }, { "jelmer.uk", true }, + { "jelmoli-shop.ch", true }, { "jem.gov", true }, { "jemangeducheval.com", true }, { "jembatankarir.com", true }, @@ -17907,7 +18164,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "jenniferengerwingaantrouwen.nl", true }, { "jennifermason.eu", true }, { "jennifersauer.nl", true }, - { "jennybeaned.com", true }, { "jennythebaker.com", true }, { "jenolson.net", true }, { "jenprace.cz", true }, @@ -17918,7 +18174,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "jeremy-chen.org", true }, { "jeremy.hu", true }, { "jeremybentham.com", true }, - { "jeremyc.ca", true }, { "jeremycantu.com", true }, { "jeremycrews.com", true }, { "jeremynally.com", true }, @@ -17928,8 +18183,10 @@ static const nsSTSPreload kSTSPreloadList[] = { { "jericamacmillan.com", true }, { "jeroendeneef.com", true }, { "jeroenensanne.wedding", true }, + { "jeroensangers.com", true }, { "jeroenvanderwal.nl", true }, { "jerret.de", true }, + { "jerryweb.org", true }, { "jerryyu.ca", true }, { "jerseybikehire.co.uk", true }, { "jerseyjumpingbeans.co.uk", true }, @@ -17940,7 +18197,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "jesseerbach.com", true }, { "jessekaufman.com", true }, { "jessesjumpingcastles.co.uk", true }, - { "jessevictors.com", true }, { "jessgranger.com", true }, { "jessicabenedictus.nl", false }, { "jessicahrehor.com", true }, @@ -17957,11 +18213,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "jetsieswerda.nl", true }, { "jettlarue.com", true }, { "jetwhiz.com", true }, - { "jeugdkans.nl", true }, { "jeuxetcodes.fr", true }, { "jeweet.net", true }, { "jewishboyscouts.com", true }, { "jexler.net", true }, + { "jf-fotos.de", true }, { "jfbst.net", true }, { "jfmhero.me", true }, { "jfr.im", true }, @@ -17976,16 +18232,19 @@ static const nsSTSPreload kSTSPreloadList[] = { { "jhe.li", true }, { "jhf.io", true }, { "jhill.de", true }, - { "jhollandtranslations.com", true }, { "jhuang.me", true }, { "jhw-profiles.de", true }, { "jhwestover.com", true }, { "jiacl.com", true }, { "jiahao.codes", true }, + { "jiangzm.com", false }, + { "jianji.de", true }, { "jianshu.com", true }, { "jianyuan.pro", true }, { "jiazhao.ga", true }, + { "jicaivvip.com", true }, { "jichi.io", true }, + { "jichi000.win", true }, { "jimbiproducts.com", true }, { "jimbraaten.com", true }, { "jimbutlerkiaparts.com", true }, @@ -17999,6 +18258,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "jimmyroura.ch", true }, { "jimshaver.net", true }, { "jimslop.nl", true }, + { "jinancy.fr", true }, { "jinanshen.com", true }, { "jinbo123.com", false }, { "jinbowiki.org", true }, @@ -18008,21 +18268,25 @@ static const nsSTSPreload kSTSPreloadList[] = { { "jingjo.com.au", true }, { "jinja.ai", true }, { "jinkuru.net", true }, - { "jinliming.ml", true }, { "jino-jossy.appspot.com", true }, { "jinshuju.net", true }, { "jintaiyang123.org", true }, { "jiogo.com", true }, { "jirav.com", true }, + { "jiripudil.cz", true }, { "jirosworld.com", true }, { "jisai.net.cn", true }, { "jisha.site", true }, { "jiveiaktivno.bg", true }, + { "jixun.moe", true }, { "jiyusu.com", true }, { "jjj.blog", true }, + { "jjjconnection.com", true }, { "jjlvk.nl", true }, + { "jjmarketing.co.uk", true }, { "jjspartyhire.co.uk", true }, { "jjspartytime.co.uk", true }, + { "jjsummerboatparty.co.uk", true }, { "jjvanoorschot.nl", true }, { "jk-entertainment.biz", true }, { "jkchocolate.com", true }, @@ -18031,12 +18295,15 @@ static const nsSTSPreload kSTSPreloadList[] = { { "jkirsche.com", true }, { "jkrippen.com", true }, { "jkuvw.xyz", true }, + { "jkyuan.tk", true }, { "jl-dns.eu", true }, { "jl-dns.nl", true }, { "jl-exchange.nl", true }, { "jl-mail.nl", true }, { "jldp.org", true }, + { "jlink.nl", true }, { "jlkhosting.com", true }, + { "jloh.codes", true }, { "jlot.org", true }, { "jlponsetto.com", true }, { "jlr-luxembourg.com", true }, @@ -18048,6 +18315,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "jmbelloteau.com", true }, { "jmcashngold.com.au", true }, { "jmcataffo.com", true }, + { "jmce.eu", true }, { "jmcleaning.services", true }, { "jmedved.com", true }, { "jmentertainment.co.uk", true }, @@ -18060,15 +18328,14 @@ static const nsSTSPreload kSTSPreloadList[] = { { "jmsolodesigns.com", true }, { "jmssg.jp", true }, { "jmvdigital.com", true }, - { "jncde.de", true }, - { "jncie.de", true }, { "jncie.eu", true }, - { "jncip.de", true }, { "jnjdj.com", true }, { "jnm-art.com", true }, { "joa-ebert.com", true }, { "joaoaugusto.net", true }, { "joaosampaio.com.br", true }, + { "job-offer.de", true }, + { "job.biz.tr", true }, { "jobbkk.com", true }, { "jobbsafari.no", true }, { "jobbsafari.se", true }, @@ -18086,7 +18353,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "jobs4sales.ch", true }, { "jobseekeritalia.it", true }, { "jobsisbrown.com", true }, - { "jobss.co.uk", true }, { "jobsuchmaschine.ch", true }, { "jobwinner.ch", true }, { "jobzninja.com", true }, @@ -18102,6 +18368,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "joedinardo.com", true }, { "joedoyle.us", true }, { "joefixit.co", true }, + { "joefixit.co.uk", true }, { "joehenry.co.uk", true }, { "joejohnson.name", true }, { "joel.coffee", true }, @@ -18117,6 +18384,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "joelnichols.uk", true }, { "joemotherfuckingjohnson.com", true }, { "joepitt.co.uk", false }, + { "joerosca.com", true }, { "joerss.at", true }, { "joeskup.com", true }, { "joespaintingpgh.com", true }, @@ -18138,19 +18406,21 @@ static const nsSTSPreload kSTSPreloadList[] = { { "johannes.io", true }, { "johannes.wtf", true }, { "johannesburg-escorts.co.za", true }, + { "johannesen.tv", true }, { "johanneskonrad.de", true }, { "johannespichler.com", false }, - { "johansf.tech", true }, { "johego.org", true }, { "johnbeil.com", true }, { "johnblackbourn.com", true }, { "johnbpodcast.com", true }, + { "johncook.ltd.uk", true }, { "johndball.com", true }, { "johnfulgenzi.com", true }, { "johngallias.com", true }, - { "johngo.tk", true }, + { "johngo.tk", false }, { "johnguant.com", true }, { "johnkastler.net", true }, + { "johnmcc.net", true }, { "johnmcintosh.pro", true }, { "johnmh.me", true }, { "johnmichel.org", true }, @@ -18162,7 +18432,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "johnroberts.me", true }, { "johnrockefeller.net", true }, { "johnsegovia.com", true }, - { "johnsiu.com", true }, + { "johnsonho.net", true }, { "johnvanhese.nl", true }, { "johnyytb.be", true }, { "joi-dhl.ch", true }, @@ -18173,12 +18443,14 @@ static const nsSTSPreload kSTSPreloadList[] = { { "jokewignand.nl", true }, { "joliettech.com", true }, { "jollausers.de", true }, + { "jolle.io", true }, { "jollygoodspudz.ca", true }, { "jollykidswobbleworld.co.uk", true }, { "jolokia.ch", true }, { "jomo.tv", true }, { "jomofojo.co", true }, { "jomofojo.com", true }, + { "jonahperez.com", true }, { "jonandnoraswedding.com", true }, { "jonarcher.info", true }, { "jonas-thelemann.de", true }, @@ -18223,17 +18495,15 @@ static const nsSTSPreload kSTSPreloadList[] = { { "joostvanderlaan.nl", true }, { "jopsens.de", true }, { "joran.org", true }, + { "jorcus.com", true }, { "jordan-jungk.de", true }, { "jordanhamilton.me", true }, - { "jordankirby.co.uk", true }, { "jordankmportal.com", true }, { "jordans.co.uk", true }, - { "jordanscorporatelaw.com", true }, { "jordanstrustcompany.com", true }, { "jordhy.com", true }, { "jorisdalderup.nl", true }, { "jornalalerta.com.br", true }, - { "josc.com.au", true }, { "joscares.com", true }, { "jose-alexand.re", true }, { "jose-lesson.com", true }, @@ -18242,6 +18512,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "josef-lotz.de", true }, { "josefjanosec.com", true }, { "josegerber.ch", true }, + { "joseitoda.org", true }, { "josemikkola.fi", true }, { "josepbel.com", true }, { "josephbleroy.com", true }, @@ -18256,9 +18527,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "joshlovephotography.co.uk", true }, { "joshpanter.com", true }, { "joshrickert.com", true }, + { "joshruppe.com", true }, { "joshschmelzle.com", true }, { "joshtriplett.org", true }, { "joshua-kuepper.de", true }, + { "joshua.bio", true }, { "joshuadmiller.info", true }, { "joshuajohnson.ca", true }, { "joshuarogers.net", true }, @@ -18268,18 +18541,17 @@ static const nsSTSPreload kSTSPreloadList[] = { { "journeytomastery.net", true }, { "jovani.com", false }, { "jovic.hamburg", true }, - { "joworld.net", true }, { "joyceseamone.com", true }, { "joyful.house", true }, { "joyfulexpressions.gallery", true }, { "joyofcookingandbaking.com", true }, { "jpdeharenne.be", true }, { "jpeg.io", true }, - { "jpgangbang.com", true }, { "jphandjob.com", true }, { "jplesbian.com", true }, { "jpmelos.com", true }, { "jpmelos.com.br", true }, + { "jpod.cc", true }, { "jps-selection.co.uk", true }, { "jps-selection.com", true }, { "jps-selection.eu", true }, @@ -18297,9 +18569,10 @@ static const nsSTSPreload kSTSPreloadList[] = { { "jross.me", true }, { "jrtapsell.co.uk", true }, { "jrxpress.com", true }, - { "jschoi.org", true }, + { "js93029.com", true }, { "jschumacher.info", true }, { "jsd-cog.org", true }, + { "jsdelivr.com", true }, { "jselby.net", true }, { "jsent.co.uk", true }, { "jsevilleja.org", true }, @@ -18319,9 +18592,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "jtp.id", true }, { "jts3servermod.com", true }, { "jtslay.com", true }, + { "ju.io", true }, { "juan23.edu.uy", true }, { "juanfrancisco.tech", true }, - { "juanhub.com", true }, { "juanmaguitar.com", true }, { "juanxt.ddns.net", true }, { "jubileum.online", true }, @@ -18330,10 +18603,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "juchit.at", true }, { "jucktehkeinen.de", true }, { "judc-ge.ch", true }, - { "judge2020.com", true }, { "judge2020.me", true }, { "judoprodeti.cz", true }, - { "judosaintdenis.fr", false }, + { "judosaintdenis.fr", true }, { "juef.space", true }, { "juegosycodigos.es", true }, { "juegosycodigos.mx", true }, @@ -18352,7 +18624,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "juk.life", true }, { "juku-wing.jp", true }, { "jule-spil.dk", true }, - { "julenlanda.com", true }, { "julian-uphoff.de", true }, { "julian-weigle.de", true }, { "juliangonggrijp.com", true }, @@ -18405,7 +18676,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "junethack.net", true }, { "jungaa.fr", true }, { "jungesforumkonstanz.de", true }, - { "jungleculture.co.za", true }, { "jungleducks.ca", true }, { "junglejackscastles.co.uk", true }, { "junglememories.co.uk", true }, @@ -18425,9 +18695,12 @@ static const nsSTSPreload kSTSPreloadList[] = { { "juridoc.com.br", true }, { "jurijbuga.de", true }, { "jurisprudent.by", true }, + { "juristas.com.br", true }, { "jurriaan.ninja", true }, { "just-a-clanpage.de", true }, + { "just-english.online", true }, { "just-vet-and-drive.fr", true }, + { "justanothercompany.name", true }, { "justbelieverecovery.com", true }, { "justbelieverecoverypa.com", true }, { "justbookexcursions.com", true }, @@ -18440,24 +18713,25 @@ static const nsSTSPreload kSTSPreloadList[] = { { "justgalak.org", true }, { "justice.gov", true }, { "justice4assange.com", true }, + { "justin-tech.com", true }, { "justinellingwood.com", true }, { "justinharrison.ca", true }, { "justinho.com", true }, { "justinstandring.com", true }, { "justpaste.it", true }, - { "justsome.info", true }, { "justthinktwice.gov", true }, { "justupdate.me", true }, { "justyy.com", true }, { "juszkiewicz.com.pl", true }, { "jutlander-netbank.dk", true }, { "jutlander.dk", true }, + { "juttaheitland.com", true }, { "juusujanar.eu", true }, { "juvenex.co", true }, - { "juventusclublugano.ch", true }, { "juwelierstoopman.nl", true }, { "juzgalo.com", true }, { "jva-wuerzburg.de", true }, + { "jvandenbroeck.com", true }, { "jvanerp.nl", true }, { "jvbouncycastlehire.co.uk", true }, { "jvega.me", true }, @@ -18473,13 +18747,13 @@ static const nsSTSPreload kSTSPreloadList[] = { { "jwnotifier.org", true }, { "jwschuepfheim.ch", true }, { "jwsoft.nl", true }, - { "jxir.de", true }, { "jydemarked.dk", true }, { "jyggen.com", true }, { "jym.fit", true }, { "jyoti-fairworks.org", true }, { "jzachpearson.com", true }, { "jzbk.org", true }, + { "jzcapital.co", true }, { "k-homes.net", true }, { "k-netz.de", true }, { "k-pan.com", true }, @@ -18489,8 +18763,10 @@ static const nsSTSPreload kSTSPreloadList[] = { { "k-tube.com", true }, { "k258059.net", true }, { "k2mts.org", true }, - { "k33k00.com", true }, - { "k3nny.fr", false }, + { "k33k00.com", false }, + { "k3508.com", true }, + { "k3nny.fr", true }, + { "k4law.com", true }, { "k4r.ru", true }, { "k7azx.com", true }, { "k82.org", true }, @@ -18499,9 +18775,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "kaamoscreations.com", true }, { "kaangenc.me", true }, { "kaany.io", true }, + { "kaasbesteld.nl", true }, { "kaashosting.nl", true }, { "kaatha-kamrater.se", true }, { "kab-s.de", true }, + { "kabaca.design", true }, { "kabarlinux.id", true }, { "kabashop.com.br", true }, { "kabat-fans.cz", false }, @@ -18525,7 +18803,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "kaigojj.com", true }, { "kaikei7.com", true }, { "kaileymslusser.com", true }, - { "kainetsoft.com", true }, { "kairion.de", false }, { "kaisakura.net", true }, { "kaisev.net", true }, @@ -18555,14 +18832,14 @@ static const nsSTSPreload kSTSPreloadList[] = { { "kall.is", true }, { "kallies-net.de", true }, { "kalmar.com", true }, + { "kalolina.com", true }, { "kalsbouncies.com", true }, { "kaltenbrunner.it", true }, { "kalterersee.ch", true }, { "kalwestelectric.com", true }, { "kam-serwis.pl", true }, - { "kamagra-italia.it", true }, { "kamatajisyaku.tokyo.jp", true }, - { "kamikaichimaru.com", true }, + { "kamikaichimaru.com", false }, { "kaminbau-laub.de", true }, { "kamixa.se", true }, { "kamppailusali.fi", true }, @@ -18576,6 +18853,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "kandianshang.com", true }, { "kanecastles.com", true }, { "kanehusky.com", true }, + { "kaneisdi.com", true }, { "kanetix.ca", true }, { "kangaroo-bouncycastle.co.uk", true }, { "kangarooislandholidayaccommodation.com.au", true }, @@ -18593,13 +18871,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "kanna.cf", true }, { "kannchen.de", true }, { "kanobu.ru", true }, - { "kanotijd.nl", true }, { "kansaiyamamoto.jp", true }, { "kantankye.nl", true }, { "kantanmt.com", true }, { "kantorkita.net", true }, { "kantorosobisty.pl", true }, - { "kantv1.com", true }, { "kany.me", false }, { "kanzakiranko.jp", true }, { "kanzashi.com", true }, @@ -18608,6 +18884,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "kanzlei-sixt.de", true }, { "kanzshop.com", true }, { "kap-genial.de", true }, + { "kapgy-moto.com", true }, { "kapiorr.duckdns.org", true }, { "kapseli.net", true }, { "kaptadata.com", true }, @@ -18616,6 +18893,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "karabas.com", true }, { "karabijnhaken.nl", false }, { "karachi.dating", true }, + { "karaface.com", true }, { "karalane.com", true }, { "karamomo.net", true }, { "karanastic.com", true }, @@ -18637,18 +18915,14 @@ static const nsSTSPreload kSTSPreloadList[] = { { "karlis-kavacis.id.lv", true }, { "karlloch.de", true }, { "karlsmithmn.org", true }, - { "karlstabo.se", true }, { "karlzotter.com", true }, { "karmaassurance.ca", true }, { "karmabaker.com", true }, { "karmainsurance.ca", true }, { "karmaplatform.com", true }, { "karmaspa.se", true }, - { "karmic.com", true }, { "karn.nu", true }, { "karneid.info", true }, - { "karpanhellas.com", false }, - { "kars.ooo", true }, { "karsofsystems.com", true }, { "karsten-voigt.de", true }, { "karta-paliwowa.pl", true }, @@ -18662,6 +18936,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "karupp-did.net", true }, { "kasadara.com", true }, { "kasei.im", true }, + { "kashinavi.com", true }, { "kashmirobserver.net", true }, { "kasko.io", true }, { "kasnoffskinclinic.com", true }, @@ -18674,6 +18949,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "katalogbutikker.dk", true }, { "katata-kango.ac.jp", true }, { "katedra.de", true }, + { "kateduggan.net", true }, { "katekligys.com", true }, { "katemihalikova.cz", true }, { "katericke.com", true }, @@ -18684,20 +18960,21 @@ static const nsSTSPreload kSTSPreloadList[] = { { "katiechai.xyz", true }, { "katieskandy.co.uk", true }, { "katieskastles.co.uk", true }, + { "katja-und-ronny.de", true }, { "katka.info", true }, { "katnunn.co.uk", true }, { "kato-yane.com", true }, { "katscastles.co.uk", true }, { "kattelans.eu", true }, - { "katthewaffle.fr", true }, { "katyl.info", false }, { "katyusha.net", false }, { "katzenbrunnen-test.de", true }, + { "katzensklave.me", true }, { "katzspeech.com", true }, { "kau-boys.com", true }, { "kau-boys.de", true }, { "kaufberatung.community", true }, - { "kausta.me", true }, + { "kaverti.com", true }, { "kavik.no", true }, { "kavovary-kava.cz", true }, { "kawaii.io", true }, @@ -18705,13 +18982,17 @@ static const nsSTSPreload kSTSPreloadList[] = { { "kay.la", true }, { "kayakabovegroundswimmingpools.com", true }, { "kayleen.net", true }, + { "kayscs.com", true }, { "kaysis.gov.tr", true }, { "kazakov.lt", true }, { "kazamasion.com", true }, { "kazand.lt", true }, { "kazandaemon.ru", true }, + { "kazek.com.pl", true }, + { "kazekprzewozy.pl", true }, { "kazu.click", true }, { "kazuhirohigashi.com", true }, + { "kazumi.ooo", true }, { "kazumi.ro", true }, { "kazy111.info", true }, { "kb3.net", true }, @@ -18719,7 +19000,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "kbb-ev.de", true }, { "kbbouncycastlehire.co.uk", true }, { "kbcequitas.hu", true }, - { "kbfl.org", true }, { "kbit.dk", true }, { "kbjorklu.com", true }, { "kbleventhire.co.uk", true }, @@ -18731,12 +19011,12 @@ static const nsSTSPreload kSTSPreloadList[] = { { "kcliner.com", true }, { "kcmicapital.com", true }, { "kcolford.com", false }, - { "kcore.org", true }, { "kcptun.com", true }, { "kcshipping.co.uk", true }, { "kcsordparticipation.org", true }, { "kd.net.nz", true }, { "kdex.de", true }, + { "kdfans.com", true }, { "kdw.cloud", true }, { "kdyby.org", true }, { "ke7tlf.us", true }, @@ -18747,8 +19027,10 @@ static const nsSTSPreload kSTSPreloadList[] = { { "keb.net.au", true }, { "kebabbesteld.nl", true }, { "kebabbruce.com", true }, + { "kecht.at", true }, { "kedarastudios.com", true }, { "kedibizworx.com", true }, + { "keditor.biz", true }, { "kedv.es", true }, { "keeleysam.com", true }, { "keelove.net", true }, @@ -18766,7 +19048,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "kehlenbach.net", true }, { "keifel.de", true }, { "kein-design.de", true }, - { "kein-fidget-spinner-werden.de", true }, { "keinanung.nl", true }, { "keinefilterblase.de", true }, { "keisaku.org", true }, @@ -18789,7 +19070,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "kellyskastles.co.uk", true }, { "kellyssportsbarandgrill.com", true }, { "kelmarsafety.com", true }, - { "kelp.agency", true }, { "kelvinfichter.com", true }, { "kemmerer-net.de", true }, { "kempkens.io", true }, @@ -18801,7 +19081,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "kenalsworld.com", true }, { "kenbillionsyuan.tk", true }, { "kenbonny.net", true }, - { "kenderhazmagyarorszag.hu", false }, { "kengilmour.com", true }, { "kenguntokku.jp", true }, { "kenia-vakantie.nl", true }, @@ -18822,6 +19101,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "kenterlis.gr", true }, { "kenvix.com", false }, { "kenx5.eu.org", true }, + { "kenyons.info", true }, { "keops-spine.fr", true }, { "keops-spine.us", true }, { "kepkonyvtar.hu", true }, @@ -18834,9 +19114,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "kernelpanics.nl", true }, { "kerrfrequencycombs.org", true }, { "kersbergen.nl", true }, + { "kersmexico.com", true }, { "kerstkaart.nl", true }, { "kersvers.agency", true }, - { "kerus.net", false }, { "kerzyte.net", true }, { "kescher.site", true }, { "kessawear.com", true }, @@ -18849,21 +19129,18 @@ static const nsSTSPreload kSTSPreloadList[] = { { "ketty-voyance.com", true }, { "keutel.net", true }, { "kevinapease.com", true }, + { "kevinbowers.me", true }, { "kevinbusse.de", true }, { "kevincox.ca", false }, - { "kevinfoley.cc", true }, - { "kevinfoley.org", true }, { "kevinhill.nl", true }, { "kevinhq.com", true }, { "kevinkla.es", true }, { "kevinlocke.name", true }, { "kevinmeijer.nl", true }, - { "kevinmoreland.com", true }, - { "kevinmorssink.nl", true }, + { "kevinpirnie.com", true }, { "kevinrandles.com", true }, { "kevinratcliff.com", true }, { "kevyn.lu", true }, - { "kewego.co.uk", true }, { "keybase.io", true }, { "keybored.co", true }, { "keybored.me", true }, @@ -18872,6 +19149,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "keycontainers.co.za", true }, { "keyerror.com", true }, { "keyholdingservices.co.uk", true }, + { "keyhomechecker.com", true }, { "keyihao.cn", true }, { "keyinfo.io", true }, { "keylaserinstitute.com", true }, @@ -18884,12 +19162,13 @@ static const nsSTSPreload kSTSPreloadList[] = { { "kf7joz.com", true }, { "kffs.ru", true }, { "kfirba.me", true }, + { "kfm.ink", true }, { "kforesund.se", true }, { "kfv-kiel.de", false }, { "kfz-hantschel.de", true }, { "kgm-irm.be", true }, { "kgnk.ru", true }, - { "khaledgarbaya.net", true }, + { "kgregorczyk.pl", true }, { "khanovaskola.cz", true }, { "khas.co.uk", true }, { "khasiatmanfaat.com", true }, @@ -18898,7 +19177,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "khipu.com", true }, { "khlee.net", true }, { "khmath.com", true }, - { "khmb.ru", true }, + { "khmb.ru", false }, { "khoury-dulla.ch", true }, { "khs1994.com", true }, { "khudothiswanpark.vn", true }, @@ -18925,6 +19204,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "kids-ok.com", true }, { "kids2day.in", true }, { "kidsareatrip.com", true }, + { "kidsclub.photos", true }, { "kidsforsavingearth.org", true }, { "kidsinwoods-interfacesouth.org", true }, { "kidsmark.net", true }, @@ -18942,7 +19222,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "kiel-kind.de", true }, { "kieran.ie", true }, { "kieranjones.uk", true }, - { "kiesuwcursus.nl", true }, { "kiesuwkerstkaart.nl", true }, { "kiffmarks.com", true }, { "kigmbh.com", true }, @@ -18956,6 +19235,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "killerit.in", true }, { "killerrobots.com", true }, { "killymoonbouncycastles.com", true }, + { "kilobyte22.de", true }, { "kilogram.nl", true }, { "kilometertje.nl", true }, { "kimamass.com", true }, @@ -18969,6 +19249,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "kimotodental.com", true }, { "kimsufi-jordi.tk", true }, { "kimtran.kim", true }, + { "kin.life", true }, { "kin.pet", true }, { "kinautas.com", true }, { "kinderbasar-luhe.de", true }, @@ -18998,6 +19279,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "kingtecservices.com", true }, { "kini24.ru", true }, { "kinkenonline.com", true }, + { "kinnettmemorial.org", true }, { "kinnikinnick.com", true }, { "kinniyaonlus.com", true }, { "kinocheck.de", true }, @@ -19007,6 +19289,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "kinos.nl", true }, { "kinozal-tv.appspot.com", true }, { "kinsights.com", false }, + { "kintawifi.com", false }, { "kintone.com", true }, { "kintore.tv", true }, { "kiocloud.com", true }, @@ -19015,7 +19298,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "kippenbart.gq", true }, { "kipriakipita.gr", true }, { "kiragameforum.net", true }, - { "kirainmoe.com", true }, { "kiraku.co", true }, { "kirbear.com", true }, { "kirche-dortmund-ost.de", true }, @@ -19028,13 +19310,14 @@ static const nsSTSPreload kSTSPreloadList[] = { { "kirillaristov.com", true }, { "kirillpokrovsky.de", true }, { "kirinas.com", true }, + { "kirito.kr", true }, { "kirkforcongress.com", true }, { "kirkforillinois.com", true }, { "kirkify.com", true }, { "kirkovsky.com", true }, - { "kirrie.pe.kr", true }, { "kirsch-gestaltung.de", true }, { "kirschbaum.me", true }, + { "kirslis.com", true }, { "kirstenbos.ca", true }, { "kirstin-peters.de", true }, { "kirwandigital.com", true }, @@ -19046,7 +19329,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "kissesb.net", true }, { "kissflow.com", true }, { "kissgyms.com", true }, - { "kisskiss.ch", true }, { "kissmycreative.com", true }, { "kisstube.tv", true }, { "kitabnamabayi.com", true }, @@ -19071,6 +19353,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "kittpress.com", true }, { "kittyhacker101.tk", true }, { "kivitelezesbiztositas.hu", true }, + { "kiwi.com", true }, { "kiwi.digital", true }, { "kiwi.global", true }, { "kiwi.wiki", true }, @@ -19087,6 +19370,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "kjarrval.is", true }, { "kjchernov.info", true }, { "kjellner.com", true }, + { "kjellvn.net", true }, { "kjg-ummeln.de", true }, { "kk-neudorf-duissern.de", false }, { "kkaefer.com", true }, @@ -19096,11 +19380,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "kks-karlstadt.de", true }, { "kksg.com", true }, { "kkyy.me", true }, + { "kkzxak47.com", true }, { "kl-diaetist.dk", true }, { "klaim.us", true }, { "klamathrestoration.gov", true }, { "klanggut.at", true }, - { "klantenadvies.nl", true }, { "klares-licht.de", true }, { "klarika.com", true }, { "klarmobil-empfehlen.de", true }, @@ -19112,7 +19396,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "klaxon.me", true }, { "klcreations.co.uk", true }, { "kle.cz", true }, - { "klean-ritekc.com", true }, { "kleaning.by", true }, { "klebeband.eu", true }, { "klebetape.de", true }, @@ -19146,6 +19429,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "kloia.com", true }, { "klosko.net", true }, { "klotz-labs.com", true }, + { "kloudboy.com", true }, { "kls-agency.com.ua", false }, { "klseet.com", true }, { "klssn.com", true }, @@ -19153,8 +19437,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "klugemedia.de", true }, { "klustekeningen.nl", true }, { "klustermedia.com", true }, + { "klva.cz", true }, + { "klzwzhi.com", true }, { "km-net.pl", true }, { "kmashworth.co.uk", true }, + { "kmdev.me", true }, { "kmkz.jp", true }, { "kmsci.com.ph", true }, { "kn007.net", true }, @@ -19168,14 +19455,13 @@ static const nsSTSPreload kSTSPreloadList[] = { { "kneblinghausen.de", true }, { "knegten-agilis.com", true }, { "knep.me", true }, - { "knetterbak.nl", true }, { "kngk-group.ru", true }, { "kngk-transavto.ru", true }, { "kngk.org", true }, { "kniga.market", false }, { "knight-industries.org", true }, + { "knightsblog.de", true }, { "knightsbridge.net", true }, - { "knightsbridgegroup.org", true }, { "knightsbridgewine.com", true }, { "knip.ch", true }, { "knispel-online.de", true }, @@ -19202,7 +19488,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "kobezda.net", true }, { "kobofarm.com", true }, { "koboldcraft.ch", true }, - { "kobolya.hu", true }, { "kocherev.org", true }, { "kochereva.com", true }, { "kochhar.net", true }, @@ -19220,6 +19505,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "koelnmafia.de", true }, { "koenen-bau.de", true }, { "koenigsbrunner-tafel.de", true }, + { "koenleemans.nl", false }, { "koerper-wie-seele.de", false }, { "koerperkult.ch", true }, { "koertner-muth.com", true }, @@ -19247,7 +19533,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "koketteriet.se", true }, { "kokoiroworks.com", true }, { "kokumoto.com", true }, - { "kolbeck.tk", true }, + { "kolania.com", true }, + { "kolania.de", true }, + { "kolania.net", true }, { "kolbeinsson.se", true }, { "kolcsey.eu", true }, { "koldanews.com", true }, @@ -19260,11 +19548,13 @@ static const nsSTSPreload kSTSPreloadList[] = { { "kolmann.at", true }, { "kolmann.eu", true }, { "kolonie-am-stadtpark.de", true }, + { "kolorbon.com", true }, { "kolpingsfamilie-vechta-maria-frieden.de", true }, { "koluke.co", true }, { "koluke.com", true }, { "komandakovalchuk.com", false }, { "komelin.com", true }, + { "komenamanda.de", true }, { "komicloud.com", true }, { "komidoc.com", true }, { "komiksbaza.pl", true }, @@ -19345,14 +19635,13 @@ static const nsSTSPreload kSTSPreloadList[] = { { "kotilinkki.fi", true }, { "kotitesti.fi", true }, { "kotly-marten.com.ua", true }, + { "kotobox.net", true }, { "kotois.com", true }, - { "kotomei.moe", true }, { "kotonoha.cafe", true }, { "kotori.love", true }, { "kouki-food.com", true }, { "koumuwin.com", true }, { "koushinjo.org", true }, - { "kouten-jp.com", true }, { "kov.space", true }, { "koval.io", true }, { "kovaldo.ru", true }, @@ -19405,6 +19694,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "krausoft.hu", true }, { "krautomat.com", true }, { "kraynik.com", true }, + { "krazyboi.com", true }, { "krazykastles.co.uk", true }, { "krazykoolkastles.com", true }, { "krazyphotobooths.co.uk", true }, @@ -19420,12 +19710,14 @@ static const nsSTSPreload kSTSPreloadList[] = { { "kremalicious.com", true }, { "kretschmann.consulting", true }, { "kreuzpfadfinder.de", true }, + { "krey.is", true }, { "krfuli.com", true }, { "kriechel.de", true }, { "krinetzki.de", true }, { "kriptosec.com", true }, { "kris.click", true }, { "krise-chance.ch", true }, + { "krishnenduayur.org", true }, { "krishofer.com", true }, { "krislamoureux.com", true }, { "krismurray.co.uk", true }, @@ -19435,7 +19727,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "kristinbailey.com", true }, { "kristofdv.be", true }, { "krizevci.info", true }, - { "krmeni.cz", true }, + { "krmeni.cz", false }, { "krokedil.se", true }, { "krokodent.de", true }, { "kromamoveis.com.br", true }, @@ -19467,6 +19759,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "ks-watch.de", true }, { "kschv-rdeck.de", true }, { "kselenia.ee", true }, + { "ksero.center", true }, { "ksero.wroclaw.pl", true }, { "kshlm.in", true }, { "kspg.tv", true }, @@ -19483,16 +19776,14 @@ static const nsSTSPreload kSTSPreloadList[] = { { "kualo.com", true }, { "kualo.in", true }, { "kuaza.com", true }, - { "kub.hr", true }, { "kubica.ch", true }, { "kubierecki.pl", true }, { "kubik-rubik.de", false }, - { "kubiwa.net", true }, { "kubkprf.ru", true }, { "kublis.ch", true }, - { "kuchenfeelisa.de", true }, { "kuchentraum.eu", true }, { "kucnibudzet.com", true }, + { "kucukayvaz.com", true }, { "kudo.co.id", true }, { "kueche-co.de", true }, { "kuechenprofi-group.de", false }, @@ -19511,7 +19802,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "kulde.net", true }, { "kulickovy-pojezd.cz", true }, { "kulivps.com", true }, - { "kum.com", true }, { "kuma.es", true }, { "kumachan.biz", true }, { "kumalog.com", true }, @@ -19532,6 +19822,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "kuponydoher.cz", true }, { "kupschke.net", true }, { "kurashino-mall.com", true }, + { "kuro.link", true }, { "kurofuku.me", true }, { "kuroinu.jp", true }, { "kurona.ga", true }, @@ -19557,6 +19848,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "kvadratnimeter.si", true }, { "kvalita-1a.cz", true }, { "kvalitnitesneni.cz", true }, + { "kvantel.no", true }, { "kvcc.com.au", true }, { "kvetinymilt.cz", true }, { "kvhile.com", true }, @@ -19569,7 +19861,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "kwcolville.com", true }, { "kwedo.com", true }, { "kwench.com", true }, - { "kwidz.fr", true }, + { "kwiknews.com", true }, { "kwmr.me", true }, { "kwok.cc", true }, { "kwyxz.org", true }, @@ -19577,7 +19869,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "kxah35.com", true }, { "kxnrl.com", false }, { "kybi.sk", true }, - { "kydara.com", true }, { "kyledrake.net", true }, { "kylegutschow.com", true }, { "kylejohnson.io", true }, @@ -19589,9 +19880,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "kynastonwedding.co.uk", true }, { "kyobostory-events.com", true }, { "kyoko.org", true }, - { "kyonagashima.com", true }, { "kyosaku.org", true }, { "kyoto-k9.com", true }, + { "kyoto-mic.com", true }, { "kyoto-sake.net", true }, { "kyoto-tomikawa.jp", true }, { "kyoto-tomoshibi.jp", true }, @@ -19612,7 +19903,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "l7world.com", true }, { "l9.fr", true }, { "la-baldosa.fr", true }, - { "la-cave-a-nodo.fr", true }, + { "la-cave-a-nodo.fr", false }, { "la-compagnie-des-elfes.fr", true }, { "la-ganiere.com", true }, { "la-kaz-a-velo.fr", true }, @@ -19623,6 +19914,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "laassari.me", false }, { "laatikko.io", true }, { "laatjeniethackmaken.nl", true }, + { "laballoons.com", true }, { "labande-annonce.fr", true }, { "labcoat.jp", true }, { "labms.com.au", true }, @@ -19634,7 +19926,8 @@ static const nsSTSPreload kSTSPreloadList[] = { { "laboutiquedejuliette.com", true }, { "laboxfaitsoncinema.com", true }, { "labradorpuppiesforsalebyregisteredlabradorbreeders.com", false }, - { "labrat.mobi", true }, + { "labrat.mobi", false }, + { "labspack.com", true }, { "labtest.ltd", true }, { "lacantine.xyz", true }, { "lacaserita.org", true }, @@ -19645,7 +19938,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "lachawoj.de", true }, { "lachlan-harris.com", true }, { "lachlan.com", true }, - { "lachlankidson.net", true }, { "lachosetypo.com", true }, { "lacicloud.net", true }, { "lacigf.org", true }, @@ -19656,9 +19948,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "laclefdor.ch", true }, { "lacliniquefinanciere.com", true }, { "lacoast.gov", true }, + { "lacocinadelila.com", true }, { "lacoquette.gr", true }, { "lacyc3.eu", true }, - { "ladadate.com", true }, { "ladbroke.net", true }, { "ladenzeile.at", true }, { "ladenzeile.de", true }, @@ -19683,7 +19975,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "lagerauftrag.info", true }, { "lagit.in", true }, { "laglab.org", false }, - { "lagodny.eu", false }, + { "lagodny.eu", true }, { "lagout.org", true }, { "lagriffeduservice.fr", true }, { "laguiadelvaron.com", true }, @@ -19714,7 +20006,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "lakesherwoodlighting.com", true }, { "lakesherwoodoutdoorlighting.com", true }, { "lakeshowlife.com", true }, - { "lakewoodcomputerservices.com", true }, { "lakonia.com.br", true }, { "lalalab.com", true }, { "lalaya.fr", true }, @@ -19729,7 +20020,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "lambauer.com", true }, { "lambertshealthcare.co.uk", true }, { "lamboo.be", true }, - { "lamclam.site", true }, { "lame1337.xyz", true }, { "lamiaposta.email", false }, { "lamikvah.org", true }, @@ -19741,8 +20031,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "lampenwelt.at", true }, { "lampenwelt.ch", true }, { "lampposthomeschool.com", true }, - { "lan2k.org", true }, + { "lan.biz.tr", true }, { "lana.swedbank.se", true }, + { "lanahallen.com", true }, { "lanbroa.eu", true }, { "lancashirecca.org.uk", true }, { "lancejames.com", true }, @@ -19754,8 +20045,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "landchecker.com.au", true }, { "landflair-magazin.de", true }, { "landhaus-christmann.de", true }, + { "landinfo.no", true }, + { "landlordy.com", true }, { "landofelves.net", true }, { "landrovermerriamparts.com", true }, + { "landscape-photography.org", true }, { "landscapelightingagoura.com", true }, { "landscapelightingagourahills.com", true }, { "landscapelightingcalabasas.com", true }, @@ -19770,7 +20064,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "landscapelightingoakpark.com", true }, { "landscapelightingpacificpalisades.com", true }, { "landscapelightingsimivalley.com", true }, + { "landscapelightingthousandoaks.com", true }, { "landscapelightingwestlakevillage.com", true }, + { "landscapephotography.org.au", true }, { "landyparts.nl", true }, { "lanetix.com", true }, { "lanforalla.se", true }, @@ -19780,6 +20076,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "langguth.io", true }, { "langkahteduh.com", true }, { "langkawitrip.com", true }, + { "langotie.com.br", true }, { "langstreckensaufen.de", true }, { "languageterminal.com", true }, { "langworth.com", true }, @@ -19813,6 +20110,8 @@ static const nsSTSPreload kSTSPreloadList[] = { { "lapolla.com", true }, { "lapotagere.ch", true }, { "lapparente-aise.ch", true }, + { "lappari.com", true }, + { "lara.photography", true }, { "laracode.eu", true }, { "laraeph.com", true }, { "laraigneedusoir.com", true }, @@ -19830,6 +20129,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "larondinedisinfestazione.com", true }, { "larptreff.de", true }, { "larraz.es", true }, + { "larryli.cn", true }, { "larrysalibra.com", true }, { "lars-ewald.com", true }, { "lars-mense.de", true }, @@ -19838,7 +20138,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "larsbauer.xyz", true }, { "larsklene.nl", true }, { "larsklint.com", true }, - { "larsmerke.de", true }, { "laruga.co.uk", true }, { "lasalle.wa.edu.au", true }, { "lasarmas.com", true }, @@ -19867,7 +20166,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "lastweekinaws.com", true }, { "lasuzefc.fr", true }, { "lat.sk", true }, - { "latabledebry.be", true }, { "latabledemontebello.com", true }, { "late.am", true }, { "latecnosfera.com", true }, @@ -19876,7 +20174,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "lateral.dog", true }, { "lateralsecurity.com", true }, { "latestdeals.co.uk", true }, - { "lathen-wahn.de", true }, { "latiendadelbebefeliz.com", true }, { "latiendauno.com", true }, { "latiendawapa.com", true }, @@ -19884,7 +20181,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "latinphone.com", true }, { "latintoy.com", true }, { "latitudesign.com", true }, - { "latour-managedcare.ch", true }, { "latremebunda.com", true }, { "latrine.cz", true }, { "latterdaybride.com", true }, @@ -19944,8 +20240,8 @@ static const nsSTSPreload kSTSPreloadList[] = { { "layfully.me", true }, { "laylo.io", true }, { "laylo.nl", true }, + { "laymans911.info", true }, { "layoutsatzunddruck.de", true }, - { "lazapateriahandmade.pe", true }, { "lazowik.pl", true }, { "lazurit.com", true }, { "lazyboston.com", true }, @@ -19960,12 +20256,16 @@ static const nsSTSPreload kSTSPreloadList[] = { { "lbls.me", true }, { "lbphacker.pw", true }, { "lbs-logics.com", true }, + { "lbsi-nordwest.de", true }, { "lbux.org", true }, - { "lc-cs.com", true }, + { "lc-cs.com", false }, + { "lc-promiss.de", true }, { "lca-pv.de", true }, { "lca.gov", true }, { "lcars-sv.info", true }, + { "lcbizsolutions.com", true }, { "lce-events.com", true }, + { "lcgaj.com", true }, { "lcht.ch", false }, { "lcrmscp.gov", true }, { "lcy.cat", true }, @@ -19994,7 +20294,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "leadbox.cz", true }, { "leaderoftheresistance.com", false }, { "leaderoftheresistance.net", false }, - { "leadgenie.me", true }, { "leadinfo.com", true }, { "leadingsalons.com", true }, { "leadquest.nl", true }, @@ -20014,6 +20313,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "learningman.top", true }, { "learnpianogreece.com", true }, { "learnplayground.com", true }, + { "learntale.com", true }, { "learntube.cz", true }, { "leaseit24.com", true }, { "leaseit24.de", true }, @@ -20042,7 +20342,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "ledecologie.com.br", true }, { "ledeguisement.com", true }, { "lederer-it.com", true }, - { "ledlampor365.se", true }, { "ledscontato.com.br", true }, { "ledzom.ru", false }, { "lee-fuller.co.uk", true }, @@ -20050,8 +20349,8 @@ static const nsSTSPreload kSTSPreloadList[] = { { "leebiblestudycenter.com", true }, { "leebiblestudycentre.co.uk", true }, { "leebiblestudycentre.com", true }, - { "leech360.com", true }, - { "leeclemens.net", true }, + { "leech360.com", false }, + { "leeclemens.net", false }, { "leedev.org", true }, { "leelaylay.com", true }, { "leere.me", true }, @@ -20089,6 +20388,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "legjobblogo.hu", true }, { "legland.fr", true }, { "legoutdesplantes.be", true }, + { "legrandvtc.fr", true }, { "legumefederation.org", true }, { "legumeinfo.org", true }, { "lehighmathcircle.org", true }, @@ -20096,7 +20396,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "leibniz-remscheid.de", false }, { "leideninternationalreview.com", true }, { "leigh.life", true }, - { "leilautourdumon.de", true }, { "leilonorte.com", true }, { "leiming.co", true }, { "leinfelder.in", true }, @@ -20110,7 +20409,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "lejardindesmesanges.fr", true }, { "lel.ovh", true }, { "lelambiental.com.br", true }, - { "lelehei.com", true }, { "lemarcheelagrandeguerra.it", true }, { "lemni.top", true }, { "lemoine.at", true }, @@ -20118,13 +20416,13 @@ static const nsSTSPreload kSTSPreloadList[] = { { "lemondrops.xyz", true }, { "lemonop.com", true }, { "lemonparty.co", true }, - { "lemonthy.ca", true }, - { "lemonthy.com", true }, { "lemouillour.fr", true }, { "lemuslimpost.com", true }, { "lenagroben.de", true }, { "lenaneva.ru", true }, { "lence.net", true }, + { "lendingclub.com", true }, + { "lenget.com", true }, { "lenguajedeprogramacion.com", true }, { "lengzzz.com", true }, { "lenidh.de", true }, @@ -20150,8 +20448,8 @@ static const nsSTSPreload kSTSPreloadList[] = { { "leon.net", true }, { "leonauto.de", true }, { "leonax.net", true }, + { "leonbuitendam.nl", true }, { "leondenard.com", true }, - { "leonhooijer.nl", false }, { "leonklingele.de", true }, { "leowkahman.com", true }, { "lep.gov", true }, @@ -20177,9 +20475,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "lesancheslibres.fr", true }, { "lesarts.com", true }, { "lesberger.ch", true }, - { "lesbiansslaves.com", true }, - { "lesbofight.com", true }, + { "lesconteursavis.org", true }, { "leseditionsbraquage.com", true }, + { "lesfilmsavivre.com", true }, { "lesgoodnews.fr", true }, { "lesharris.com", true }, { "leshervelines.com", true }, @@ -20194,15 +20492,12 @@ static const nsSTSPreload kSTSPreloadList[] = { { "lespret.nl", true }, { "lesscloud.com", true }, { "lessets-graphiques.com", true }, - { "lessing.consulting", true }, { "lessis.moe", true }, { "lesterchan.net", true }, { "lesterrassesdusoleil.ch", true }, { "lesyndicat.info", true }, { "let-go.cc", true }, { "letemps.ch", true }, - { "letempsdunefleur.be", true }, - { "lethbridgecoffee.com", true }, { "lets-bounce.com", true }, { "lets-go-acoustic.de", true }, { "lets-ktai.jp", true }, @@ -20258,14 +20553,13 @@ static const nsSTSPreload kSTSPreloadList[] = { { "lfrconseil.com", true }, { "lgbt.io", true }, { "lgbt.ventures", true }, - { "lgbtqventures.com", true }, { "lgbtventures.com", true }, { "lghfinancialstrategy.ch", true }, { "lgpecasoriginais.com.br", true }, { "lhajn.cz", true }, { "lhakustik.se", true }, + { "lhalbert.xyz", true }, { "lhconsult.tk", false }, - { "lheinrich.de", true }, { "lhost.su", true }, { "li-ke.co.jp", true }, { "li.search.yahoo.com", false }, @@ -20274,8 +20568,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "lian-in.net", true }, { "liang-li88.com", true }, { "liang-li88.net", true }, - { "liangbp.com", true }, - { "lianwen.kim", true }, { "lianye1.cc", true }, { "lianye2.cc", true }, { "lianye3.cc", true }, @@ -20291,6 +20583,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "libgame.com", true }, { "libmpq.org", true }, { "libnull.com", true }, + { "libra.com", true }, { "library-quest.com", true }, { "libraryextension.com", true }, { "libraryfreedomproject.org", false }, @@ -20311,13 +20604,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "libskia.so", true }, { "libsodium.org", true }, { "libstock.si", true }, - { "liceo.cn", true }, { "lichess.org", true }, { "lichtmetzger.de", true }, { "lichtspot.de", true }, { "lichttechnik-tumler.com", true }, { "lichttraeumer.de", true }, - { "lickmypussy.us", true }, { "lickthesalt.com", true }, { "lidavidm.me", true }, { "lidel.org", true }, @@ -20333,6 +20624,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "lidogr.com", true }, { "lidong.me", true }, { "lidow.eu", true }, + { "liduan.net", false }, { "liebel.org", true }, { "lieberwirth.biz", true }, { "lieblingsholz.de", true }, @@ -20341,14 +20633,12 @@ static const nsSTSPreload kSTSPreloadList[] = { { "life-emotions.pt", true }, { "lifebetweenlives.com.au", true }, { "lifecism.com", true }, - { "lifecoach.tw", false }, { "lifegrip.com.au", true }, { "lifeinhex.com", true }, { "lifeinsurancepro.org", true }, { "lifekiss.ru", true }, { "lifematenutrition.com", true }, { "lifemstyle.com", true }, - { "lifenexto.com", true }, { "lifeqa.net", true }, { "lifequotes-uk.co.uk", true }, { "lifesafety.com.br", true }, @@ -20360,6 +20650,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "light-up.xyz", true }, { "light.mail.ru", true }, { "lightbox.co", true }, + { "lightdream.tech", true }, { "lighthouseinstruments.com", true }, { "lighting-centres.co.uk", true }, { "lightingagoura.com", true }, @@ -20384,6 +20675,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "lights.co.uk", true }, { "lightspeed.com", false }, { "lightspeedta.co", true }, + { "lighttp.com", true }, { "lightupcollective.co.uk", true }, { "lignoma.com", true }, { "ligonier.com", true }, @@ -20393,13 +20685,13 @@ static const nsSTSPreload kSTSPreloadList[] = { { "likc.me", true }, { "likeablehub.com", true }, { "likeabox.de", true }, + { "likebee.gr", true }, { "likegeeks.com", true }, { "likehifi.de", true }, { "likemovies.de", true }, { "likenewhearing.com.au", true }, { "likere.com", true }, { "lilaccakeboutique.com", true }, - { "liliang13.com", true }, { "lillepuu.com", true }, { "lily-bearing.com", true }, { "lily-inn.com", true }, @@ -20411,11 +20703,12 @@ static const nsSTSPreload kSTSPreloadList[] = { { "limberg.me", true }, { "limbo.services", true }, { "limeburst.net", true }, + { "limelabs.de", true }, + { "limelabs.io", true }, { "limeres.com", true }, { "limereslaw.com", true }, { "limitededitioncomputers.com", true }, { "limitededitionsolutions.com", true }, - { "limitget.com", true }, { "limitxyz.com", true }, { "limn.me", true }, { "limoairporttoronto.net", true }, @@ -20430,15 +20723,16 @@ static const nsSTSPreload kSTSPreloadList[] = { { "lincolnfinewines.com", true }, { "lincolnsfh.com", true }, { "lincolnwayflorist.com", true }, - { "lincsbouncycastlehire.co.uk", true }, { "lindalap.fi", true }, { "lindemann.space", true }, { "linden.me", true }, { "lindeskar.se", true }, + { "lindholmen.club", true }, { "lindnerhof-taktik.de", true }, { "lindo.ru", true }, { "lindon.pw", true }, { "lindsayanderson.com", true }, + { "lindsaygorski.com", true }, { "lindskogen.se", true }, { "lindy.co", false }, { "line.biz", true }, @@ -20452,7 +20746,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "lingerie.com.br", true }, { "lingeriesilhouette.com", true }, { "lingotaxi.com", true }, - { "lingting.vip", true }, { "linguamilla.com", true }, { "lingvo-svoboda.ru", true }, { "linherest.tk", true }, @@ -20461,6 +20754,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "linkat4.cz", true }, { "linkdr.uk", true }, { "linkedinbackground.com", true }, + { "linkedpipes.com", true }, { "linkenheil.org", true }, { "linklocker.co", true }, { "linkmaker.co.uk", true }, @@ -20474,11 +20768,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "linkycat.com", true }, { "linode.com", false }, { "linost.com", true }, - { "linostassi.net", true }, { "linqhost.nl", true }, { "linss.com", true }, { "lintmx.com", true }, { "linusdrop.tips", true }, + { "linux-audit.com", true }, { "linux-florida.com", true }, { "linux-mint-czech.cz", true }, { "linux-vme.org", true }, @@ -20500,9 +20794,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "linuxlounge.net", true }, { "linuxos.org", true }, { "linuxproperties.com", true }, + { "linuxsecurity.expert", true }, { "linx.li", true }, { "linx.net", true }, - { "linxmind.eu", true }, { "linzgau.de", true }, { "linzyjx.com", true }, { "lionhosting.nl", true }, @@ -20510,6 +20804,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "lionsdeal.com", true }, { "lipartydepot.com", true }, { "lipex.com", true }, + { "lipo.lol", true }, { "lipoabaltimore.org", true }, { "liqd.net", true }, { "liquid.cz", true }, @@ -20517,7 +20812,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "liquidinternet.co", true }, { "liquidradio.pro", true }, { "liquidwarp.net", true }, - { "liquimoly.market", true }, { "lirion.de", true }, { "liris-beautywelt.de", true }, { "lirlandais.ch", true }, @@ -20527,6 +20821,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "lisburnhottubnbounce.co.uk", true }, { "lisieuxarquitetura.com.br", true }, { "liskgdt.net", true }, + { "lisky.ru", true }, { "lislan.org.uk", true }, { "lisowski-development.com", true }, { "listahu.org", true }, @@ -20540,7 +20835,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "litebit.eu", true }, { "litebits.com", true }, { "litemind.com", true }, - { "literarymachin.es", true }, { "litfin.name", true }, { "lithan.com", true }, { "lithesalar.se", true }, @@ -20556,10 +20850,10 @@ static const nsSTSPreload kSTSPreloadList[] = { { "littlepigcreek.com.au", true }, { "littlepincha.fr", true }, { "littleprincessandmascotparties.co.uk", true }, + { "littleqiu.net", true }, { "littleredsbakeshop.com", true }, - { "littlericket.me", true }, + { "littlericket.me", false }, { "littlescallywagsplay.co.uk", true }, - { "littleservice.cn", true }, { "littleskin.cn", true }, { "littleswitch.co.jp", true }, { "littlewatcher.com", true }, @@ -20569,9 +20863,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "liuboznaiko.eu", true }, { "liudon.org", true }, { "liufengyu.cn", true }, + { "liul.in", true }, { "liupeicheng.top", true }, { "liv3d.stream", true }, { "live4k.media", false }, + { "livebandphotos.com", true }, { "livebetterwith.com", true }, { "livebythesun.de", true }, { "livecards.co.uk", true }, @@ -20582,7 +20878,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "livedesign24.de", true }, { "liveflightapp.com", true }, { "liveforspeed.se", true }, - { "livejasmin.dk", true }, { "livekaarten.be", true }, { "livekaarten.nl", true }, { "livekarten.at", true }, @@ -20600,11 +20895,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "livepath.ch", true }, { "liveperformersmeeting.net", true }, { "liveregistratie.nl", true }, - { "livesearch-fukuoka.com", true }, + { "liverider.co.jp", true }, { "livesheep.com", true }, { "livesure.com", true }, + { "livetoride.co.za", true }, { "livetube.tv", true }, - { "livi.co", true }, { "living-space.co.nz", true }, { "living24.de", true }, { "livingforreal.com", true }, @@ -20615,7 +20910,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "livolett.de", true }, { "livrariacoad.com.br", true }, { "livroseuniformes.com.br", true }, - { "lixiaojiang.ga", true }, { "lixtick.com", true }, { "liyin.date", true }, { "liyinjia.com", true }, @@ -20624,7 +20918,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "lizhi.io", true }, { "lizhi123.net", true }, { "lizzaran.io", true }, - { "lizzythepooch.com", true }, { "ljason.cn", true }, { "ljs.io", true }, { "lk-hardware.cz", true }, @@ -20646,7 +20939,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "lntu.org", true }, { "lnx.li", true }, { "load-ev.de", true }, - { "loadingdeck.com", false }, { "loadlow.me", true }, { "loadwallet.com", true }, { "loafhead.me", true }, @@ -20657,6 +20949,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "lob-staging.com", true }, { "lob.com", true }, { "lobivia.de", true }, + { "lobosdomain.hopto.org", true }, { "lobsangstudio.com", true }, { "lobstr.co", true }, { "local360.net", true }, @@ -20665,7 +20958,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "localblitz.com", true }, { "localblock.co.za", true }, { "localbouncycastle.com", true }, - { "localdata.us", true }, { "localdecor.com.br", true }, { "localethereum.com", true }, { "localhorst.duckdns.org", true }, @@ -20673,7 +20965,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "localhost.ee", true }, { "localspot.pl", true }, { "locapos.com", true }, - { "location-fichier-email.com", true }, { "locationvoitureallemagne.com", true }, { "locationvoitureangleterre.com", true }, { "locationvoitureaustralie.com", true }, @@ -20684,17 +20975,32 @@ static const nsSTSPreload kSTSPreloadList[] = { { "locationvoitureportugal.com", true }, { "locatorplus.gov", true }, { "locauxrama.fr", true }, - { "locker.email", true }, + { "locker.email", false }, { "locker.plus", true }, { "lockify.com", true }, { "lockpick.nl", true }, { "lockpicks.se", true }, { "lockr.io", true }, + { "locksmith-durbannorth.co.za", true }, + { "locksmith-sanantonio-tx.com", true }, { "locksmithbalchsprings.com", true }, + { "locksmithballito.com", true }, + { "locksmithbluff.co.za", true }, + { "locksmithedmonds.com", true }, { "locksmithgarland-tx.com", true }, { "locksmithgrapevinetx.com", true }, + { "locksmithhillcrest.co.za", true }, + { "locksmithindurban.co.za", true }, { "locksmithmesquitetx.com", true }, + { "locksmithmissouricity.com", true }, + { "locksmithopen.com", true }, + { "locksmithsanantoniotexas.com", true }, + { "locksmithsbluff.com", true }, + { "locksmithseattleco.com", true }, + { "locksmithservice-houston.com", true }, { "locksmithspring.com", true }, + { "locksmithspringtx.com", true }, + { "locksmithswestville.com", true }, { "locksmiththewoodlands.com", true }, { "locomore.com", true }, { "locomotionds.com", true }, @@ -20714,6 +21020,8 @@ static const nsSTSPreload kSTSPreloadList[] = { { "logement.com", true }, { "logentries.com", false }, { "logexplorer.net", true }, + { "logfile.at", true }, + { "logfro.de", true }, { "logicchen.com", true }, { "logiciel-entreprise-seurann.fr", true }, { "logicio.ch", false }, @@ -20744,17 +21052,18 @@ static const nsSTSPreload kSTSPreloadList[] = { { "logue.be", true }, { "logze.nl", true }, { "lohanaflores.com.br", true }, + { "lohmeier.it", true }, { "loichot.ch", true }, + { "loigiai.net", true }, + { "loihay.net", true }, { "lojadamimo.com.br", true }, { "lojadanidrea.com.br", true }, { "lojadarenda.com.br", true }, { "lojadewhisky.com.br", true }, { "lojadoarcomprimido.com.br", true }, - { "lojadoprazer.com.br", true }, { "lojadosomautomotivo.com.br", true }, { "lojafazendoarte.com.br", true }, { "lojafilipaper.com.br", true }, - { "lojahunamarcenaria.com.br", true }, { "lojamagicalx.com", true }, { "lojamascate.com.br", true }, { "lojamoleco.com.br", true }, @@ -20774,13 +21083,14 @@ static const nsSTSPreload kSTSPreloadList[] = { { "loket.nl", true }, { "lolcorp.pl", true }, { "lolcow.farm", true }, + { "lolhax.org", true }, { "loli.net", true }, { "loli.pet", true }, { "loli.ski", true }, + { "loli.tube", true }, { "loli.world", true }, { "lolibrary.org", true }, { "lolicon.eu", true }, - { "lolis.stream", true }, { "lolkot.ru", true }, { "lolnames.gg", true }, { "lolpatrol.de", true }, @@ -20798,9 +21108,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "londongynaecologist.co", true }, { "londonkan.jp", true }, { "londonkeyholdingcompany.co.uk", true }, - { "londonseedcentre.co.uk", true }, { "lonelytweets.com", true }, { "lonesomecosmonaut.com", true }, + { "long-journey.com", true }, { "longhaircareforum.com", true }, { "longhorn-imports.com", true }, { "longhorn.id.au", true }, @@ -20825,13 +21135,14 @@ static const nsSTSPreload kSTSPreloadList[] = { { "lookatmysco.re", true }, { "lookbetweenthelines.com", true }, { "lookup-dns.net", true }, + { "lookyman.net", true }, { "lookzook.com", true }, { "loom.no", true }, { "loony.info", true }, { "loopower.com", true }, + { "loopstart.org", true }, { "loothole.com", true }, { "loovto.net", true }, - { "loposchokk.com", true }, { "loqu8.com", true }, { "lordofthebrick.com", true }, { "lore.azurewebsites.net", true }, @@ -20847,8 +21158,8 @@ static const nsSTSPreload kSTSPreloadList[] = { { "lostkeys.co.uk", true }, { "lostserver.com", true }, { "lostwithdan.com", true }, - { "loteks.de", true }, { "lothlorien.ca", false }, + { "lotl.ru", true }, { "lotn.mobi", true }, { "lotn.nl", true }, { "lotnonline.com", true }, @@ -20879,7 +21190,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "lovenwishes.com", true }, { "loveph.one", true }, { "lover-bg.com", true }, - { "loveread-ec.appspot.com", true }, { "loverepublic.ru", true }, { "lovesmagical.com", true }, { "lovesupremefestival.com", true }, @@ -20898,19 +21208,21 @@ static const nsSTSPreload kSTSPreloadList[] = { { "lowson.ca", true }, { "loxal.net", true }, { "loxal.org", true }, + { "loyaltyondemand.club", true }, + { "loyaltyondemand.eu", true }, { "lp-support.nl", true }, - { "lpacademy.com.br", true }, { "lpt-nebreziny.eu", true }, { "lra-cloud.de", true }, - { "lrhstsa.com", true }, { "lrssystems.com", true }, { "ls-alarm.de", true }, { "lsal.me", true }, { "lsc-dillingen.de", true }, { "lsc.gov", true }, { "lshiy.com", true }, + { "lsmpx.com", true }, { "lsquo.com", true }, { "lsws.de", true }, + { "lsys.ac", true }, { "lt.search.yahoo.com", false }, { "ltaake.com", true }, { "ltecode.com", true }, @@ -20918,7 +21230,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "ltls.org", true }, { "ltn-tom-morel.fr", true }, { "lu.search.yahoo.com", false }, - { "luan.ma", true }, { "luav.org", true }, { "lubar.me", true }, { "lubbockyounglawyers.org", true }, @@ -20926,15 +21237,13 @@ static const nsSTSPreload kSTSPreloadList[] = { { "lubomirkazakov.com", true }, { "luc-oberson.ch", true }, { "luca.swiss", true }, - { "lucacastelnuovo.nl", true }, + { "lucacastelnuovo.nl", false }, { "lucafrancesca.me", true }, { "lucakrebs.de", true }, - { "lucasantarella.com", true }, - { "lucascantor.com", true }, + { "lucasbergen.ca", true }, { "lucasem.com", true }, { "lucasgymnastics.com", true }, { "lucaslarson.net", true }, - { "lucassoler.com.ar", true }, { "luce.life", true }, { "lucid-light.de", true }, { "lucidframeworks.com", true }, @@ -20942,12 +21251,12 @@ static const nsSTSPreload kSTSPreloadList[] = { { "lucidoccult.com", true }, { "lucielavickova.com", true }, { "luckycastles.co.uk", true }, - { "luckydog.pw", true }, { "luckyfrog.hk", true }, - { "luckystarfishing.com", true }, { "luckyxf.com", true }, { "lucy.science", true }, { "lucyparsonslabs.com", true }, + { "lucysan.net", true }, + { "lucz.co", true }, { "ludek.biz", true }, { "ludikovsky.name", true }, { "ludogue.net", true }, @@ -20956,6 +21265,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "ludwig.im", true }, { "ludwiggrill.de", true }, { "ludwigjohnson.se", true }, + { "ludwigpro.net", true }, { "luedeke-bremen.eu", true }, { "luehne.de", true }, { "luelistan.net", true }, @@ -20972,6 +21282,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "lugui.in", true }, { "lui.pink", true }, { "luiscapelo.info", true }, + { "luisgf.es", true }, { "luismaier.de", true }, { "luisyr.com", true }, { "luizkowalski.net", true }, @@ -20992,14 +21303,17 @@ static const nsSTSPreload kSTSPreloadList[] = { { "lukaszwojcik.net", true }, { "lukatz.de", true }, { "luke.ch", true }, + { "luke6887.me", true }, { "lukeistschuld.de", true }, - { "lukem.eu", true }, { "lukem.net", true }, { "lukeng.net", true }, { "lukesbouncycastlehire.com", true }, { "lukestebbing.com", true }, + { "lukesutton.info", true }, { "lukmanulhakim.id", true }, { "lukull-pizza.de", true }, + { "lumen.sh", true }, + { "lumer.tech", true }, { "lumi.pw", true }, { "lumiere.com", true }, { "luminaires-online.fr", true }, @@ -21011,9 +21325,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "lunar6.ch", true }, { "lunarlog.com", true }, { "lunarshark.com", true }, - { "lunarsoft.net", true }, { "lunartail.nl", true }, { "lunasqu.ee", true }, + { "lunchbunch.me", true }, { "lune-indigo.ch", true }, { "lungta.pro", true }, { "lunidea.ch", true }, @@ -21027,6 +21341,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "luohua.im", true }, { "luongvu.com", true }, { "lupinencyclopedia.com", true }, + { "lupinenorthamerica.com", true }, { "luso-livros.net", true }, { "lusteniny.cz", false }, { "lustige-zitate.com", true }, @@ -21044,7 +21359,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "luuppi.fi", true }, { "luvare.com", true }, { "luvbridal.com.au", true }, + { "luxcraft.eng.br", true }, { "luxescreenprotector.nl", true }, + { "luxofit.de", true }, { "luxsci.com", true }, { "luxurynsight.net", true }, { "luxurytimepieces.net", true }, @@ -21058,10 +21375,12 @@ static const nsSTSPreload kSTSPreloadList[] = { { "luzfaltex.com", true }, { "lv.search.yahoo.com", false }, { "lv0.it", true }, + { "lv5.top", true }, { "lvmoo.com", true }, { "lvrsystems.com", true }, { "lw-addons.net", true }, { "lwhate.com", true }, + { "lwl.moe", true }, { "lwl12.com", true }, { "lxd.cc", true }, { "lxd.pm", true }, @@ -21089,9 +21408,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "lyricfm.ie", true }, { "lys.ch", true }, { "lyst.co.uk", true }, + { "lyukaacom.ru", true }, { "lyuly.com", true }, { "lyx.dk", true }, - { "lz.sb", true }, + { "lzh.one", true }, + { "lzwc.nl", true }, { "m-22.com", true }, { "m-chemical.com.hk", true }, { "m-edmondson.co.uk", true }, @@ -21100,7 +21421,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "m-mail.fr", true }, { "m-orthodontic.com", true }, { "m-ses.fr", true }, - { "m-warrior.tk", true }, { "m.facebook.com", true }, { "m.mail.ru", true }, { "m.me", true }, @@ -21119,9 +21439,8 @@ static const nsSTSPreload kSTSPreloadList[] = { { "maaya.jp", true }, { "maayogashram.com", true }, { "mabankonline.com", true }, - { "mabulledu.net", true }, { "mac-i-tea.ch", true }, - { "mac-world.pl", true }, + { "mac.biz.tr", true }, { "mac1.net", true }, { "macaw.nl", true }, { "macaws.org", true }, @@ -21156,10 +21475,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "macosxfilerecovery.com", true }, { "macoun.de", true }, { "macros.co.jp", true }, - { "macstore.pe", true }, { "mactools.com.co", true }, + { "mad.ninja", true }, { "madae.nl", true }, - { "madandpissedoff.com", true }, { "madars.org", false }, { "madbin.com", true }, { "madbouncycastles.co.uk", true }, @@ -21171,7 +21489,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "made-in-earth.co.jp", true }, { "madebydusk.com", true }, { "madebyshore.com", true }, - { "madeglobal.com", true }, { "madeinchezmoi.net", true }, { "madeinstudio3.com", true }, { "madeitwor.se", true }, @@ -21183,8 +21500,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "madirc.net", true }, { "madmar.ee", true }, { "madoka.nu", true }, - { "madokami.net", true }, - { "madpeople.net", true }, { "madreacqua.org", true }, { "madridartcollection.com", true }, { "madtec.de", true }, @@ -21192,6 +21507,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "mae-berlinistanbul.com", true }, { "maedchenflohmarkt.at", true }, { "maedchenflohmarkt.de", true }, + { "maeln.com", true }, { "maelstrom-fury.eu", true }, { "maelstrom.ninja", true }, { "maeplasticsurgery.com", true }, @@ -21230,7 +21546,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "magicspaceninjapirates.de", true }, { "magictable.com", true }, { "magicvodi.at", true }, + { "magieamour.com", true }, { "magilio.com", true }, + { "magnacarebroker.com", true }, { "magnatronic.com.br", true }, { "magneticattraction.com.au", true }, { "magnetpass.uk", true }, @@ -21240,11 +21558,13 @@ static const nsSTSPreload kSTSPreloadList[] = { { "magnoliadoulas.com", true }, { "magnoliastrong.com", true }, { "magonote-nk.com", true }, + { "magu.kz", true }, { "maguire.email", true }, { "magwin.co.uk", true }, { "mahai.me", true }, { "mahatmayoga.org", true }, { "mahefa.co.uk", true }, + { "mahjong-navi.com", true }, { "mahjong.org", true }, { "mahrer.net", true }, { "maiaimobiliare.ro", true }, @@ -21252,6 +21572,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "maiebanatulfruncea.com", true }, { "maijia800.com", true }, { "maikolfish.it", true }, + { "mail-de.jp", true }, { "mail-rotter.de", true }, { "mail-settings.google.com", true }, { "mail.com", true }, @@ -21271,7 +21592,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "mailmag.net", false }, { "mailpenny.com", true }, { "mailto.space", true }, - { "mailum.org", true }, + { "mailum.org", false }, { "mainechiro.com", true }, { "mainframeserver.space", true }, { "mainlined.org", true }, @@ -21280,6 +21601,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "mainzelmaennchen.net", true }, { "maioresemelhores.com", true }, { "maisgasolina.com", true }, + { "maison-haimard.fr", true }, { "maisondoree.be", true }, { "maisonpaulmier.fr", true }, { "maispa.com", true }, @@ -21296,22 +21618,22 @@ static const nsSTSPreload kSTSPreloadList[] = { { "majkassab.net", true }, { "majkassab.org", true }, { "majkl.me", true }, - { "majkl.xyz", true }, - { "majkl578.cz", true }, { "majkyto.cz", true }, + { "majolka.com", true }, { "makaleci.com", true }, + { "makalu.me", true }, { "make-your-own-song.com", true }, { "makeaboldmove.com", true }, { "makedin.net", true }, { "makem-bounce.co.uk", true }, - { "makemejob.com", true }, { "makenaiyo-fx.com", true }, { "makera.ga", true }, { "makersatwork.com", true }, { "maketheneighborsjealous.com", true }, { "makeurbiz.com", true }, - { "makeyourlaws.org", true }, + { "maki-chan.de", true }, { "makinen.ru", true }, + { "makino.games", true }, { "makkusu.photo", true }, { "makowitz.cz", true }, { "maktoob.search.yahoo.com", false }, @@ -21337,7 +21659,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "malinator.net", false }, { "malinheadview.ie", true }, { "maljaars-fotografie.nl", true }, - { "malkaso.com.ua", true }, { "mall.cz", true }, { "mall.hr", true }, { "mall.hu", true }, @@ -21345,7 +21666,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "mall.sk", true }, { "mallach.net", true }, { "mallhonda.com", true }, - { "mallner.me", true }, { "mallonline.com.br", true }, { "malmoesport.se", true }, { "malnex.de", true }, @@ -21357,14 +21677,13 @@ static const nsSTSPreload kSTSPreloadList[] = { { "malware.watch", true }, { "malwareinvestigator.gov", true }, { "malwarekillers.com", true }, + { "malwaretips.com", false }, { "malwareverse.us", true }, { "maly.cz", true }, - { "maly.io", false }, { "malyshata.com", true }, { "malysvet.net", true }, { "mamaasia.info", true }, { "mamadea.be", true }, - { "mamadoma.com.ua", true }, { "mamafit.club", true }, { "mamamoet.ru", true }, { "mamanecesitaungintonic.com", true }, @@ -21375,16 +21694,13 @@ static const nsSTSPreload kSTSPreloadList[] = { { "mammooc.org", true }, { "mamospienas.lt", true }, { "mamot.fr", false }, - { "mamout.xyz", true }, { "mamuko.nl", true }, - { "man3s.jp", true }, - { "manaboutahor.se", false }, + { "man3s.jp", false }, { "manach.net", true }, { "manage.cm", true }, { "manage4all.de", true }, { "manageathome.co.uk", true }, { "management-companie.ro", true }, - { "management-ethics.com", true }, { "managementboek.nl", true }, { "managementfeedback.com", true }, { "manageprojects.com", false }, @@ -21412,9 +21728,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "maniorpedi.com", true }, { "maniosglass.gr", true }, { "manipil.ch", true }, + { "maniw.com", true }, { "manja-und-martin.de", true }, { "manjaro.ru", true }, { "mankans.com", true }, + { "manneguiden.no", true }, { "mannheimbloggt.tk", true }, { "manns-solutions.co.uk", true }, { "mannschafft.ch", true }, @@ -21425,11 +21743,17 @@ static const nsSTSPreload kSTSPreloadList[] = { { "mansdell.net", true }, { "mansfeld.pl", true }, { "mansiontech.cn", true }, + { "manski.net", true }, { "mantabiofuel.com", true }, { "mantor.org", false }, + { "mantra.pictures", true }, + { "manuall.co.uk", true }, { "manuall.de", true }, + { "manuall.fr", true }, { "manuall.info.tr", true }, + { "manuall.it", true }, { "manuall.ro", true }, + { "manuall.se", true }, { "manualscollection.com", true }, { "manuel-herrmann.de", true }, { "manuel-schefczyk.de", true }, @@ -21438,13 +21762,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "manueldopheide.com", true }, { "manueli.de", true }, { "manuelpinto.in", false }, - { "manufacturing.gov", true }, { "manufacturingusa.com", true }, { "manuscript.com", true }, { "manuscriptlink.com", true }, { "manutd.org.np", true }, { "manuth.life", true }, - { "manutrol.com.br", true }, { "manwithavan.co.uk", true }, { "manyetikboya.com", true }, { "manyiu.com", true }, @@ -21460,11 +21782,14 @@ static const nsSTSPreload kSTSPreloadList[] = { { "maozedong.red", true }, { "map4erfurt.de", true }, { "map4jena.de", true }, + { "mapasmundi.com.br", true }, { "mapblender.com", true }, { "mapeo.io", true }, { "maplanetebeaute.fr", true }, { "mapletime.com", true }, + { "maps.net", true }, { "mapservices.nl", true }, + { "mapstack.org", true }, { "maquettage.com", true }, { "maquillage-permanent-tatoo.com", true }, { "maquinariaspesadas.org", true }, @@ -21477,6 +21802,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "marc-schlagenhauf.de", true }, { "marcaixala.me", true }, { "marcaudefroy.com", true }, + { "marcbeije.com", true }, + { "marcberndtgen.de", true }, + { "marcceleiro.com", true }, { "marceau.ovh", true }, { "marcel-preuss.de", true }, { "marcel-veronetzki.de", true }, @@ -21486,28 +21814,28 @@ static const nsSTSPreload kSTSPreloadList[] = { { "marcelinofranchini.info", true }, { "marcelinofranchini.net", true }, { "marcelinofranchini.org", true }, + { "marcelkooiman.com", true }, { "marcelpreuss.de", true }, + { "marcelsiegert.com", true }, { "marcelwaldvogel.ch", true }, - { "marcelwiedemeier.com", true }, { "marcelwolf.coach", true }, - { "marcgoertz.de", false }, + { "marcgoertz.de", true }, { "marche-contre-monsanto.ch", true }, + { "marchukov.com", true }, + { "marchwj.pl", true }, { "marciaimportados.com.br", true }, { "marcianoandtopazio.com", true }, { "marclay.co.uk", true }, { "marco-goltz.de", true }, { "marco-hegenberg.net", true }, - { "marco-kretz.de", true }, { "marco-polo-reisen.com", true }, { "marcocasoni.com", true }, { "marcohager.de", true }, { "marcoherten.com", true }, { "marcuskoh.com", true }, - { "marcusserver.synology.me", true }, { "marcusstafford.com", true }, { "marechal-company.com", true }, { "marek.su", true }, - { "mareklecian.cz", true }, { "marelijah.org", true }, { "margagriesser.de", true }, { "margan.ch", true }, @@ -21515,7 +21843,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "margo-co.ch", true }, { "margo.ml", true }, { "margotlondon.co.uk", true }, - { "mariacristinadoces.com.br", true }, + { "marguerite-maison.fr", true }, { "mariage-photo.ch", true }, { "marianatherapy.com", true }, { "marianelaisashi.com", true }, @@ -21537,6 +21865,8 @@ static const nsSTSPreload kSTSPreloadList[] = { { "marinbusinesscenter.ch", true }, { "marine.gov", true }, { "marinekaplama.com", true }, + { "marinela.com.mx", false }, + { "marinelausa.com", false }, { "marines-shop.com", true }, { "mario.party", false }, { "marioabela.com", true }, @@ -21550,11 +21880,13 @@ static const nsSTSPreload kSTSPreloadList[] = { { "marjoleindens.be", true }, { "marjoriecarvalho.com.br", true }, { "mark-semmler.de", true }, + { "mark1998.com", true }, { "markaconnor.com", true }, { "markantoffice.com", true }, { "markbiesheuvel.nl", true }, { "markdain.net", true }, { "markdescande.com", true }, + { "markel.com.es", true }, { "markepps.com", true }, { "market.android.com", true }, { "marketespace.fr", false }, @@ -21573,15 +21905,16 @@ static const nsSTSPreload kSTSPreloadList[] = { { "markhaehnel.de", true }, { "markhenrick.site", true }, { "markholden.guru", true }, + { "markhoodphoto.com", true }, { "markido.com", true }, { "markitzeroday.com", true }, { "markkirkforillinois.com", true }, { "markkirkforsenate.com", true }, - { "marklauman.ca", true }, { "markoh.co.uk", true }, { "markom.rs", true }, { "markprof.ru", true }, - { "markri.nl", false }, + { "markri.nl", true }, + { "markridgwell.co.uk", true }, { "markridgwell.com", true }, { "markridgwellcom.appspot.com", true }, { "markscastles.co.uk", true }, @@ -21601,8 +21934,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "markusehrlicher.de", true }, { "markusgran.de", true }, { "markuskeppeler.no-ip.biz", true }, - { "markusueberallassetmanagement.de", true }, - { "markusueberallconsulting.de", true }, { "marl.fr", true }, { "marloncommunications.com", true }, { "marlonlosurdopictures.com", true }, @@ -21617,8 +21948,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "marocmail.ma", true }, { "marotero.com", true }, { "marpa-wohnen.de", true }, - { "marqperso.ch", true }, - { "marquepersonnelle.ch", true }, { "marqueswines.co.uk", true }, { "marrai.de", true }, { "marriage-shrine.jp", true }, @@ -21650,12 +21979,15 @@ static const nsSTSPreload kSTSPreloadList[] = { { "martingansler.de", true }, { "martinkus.eu", true }, { "martinmuc.de", true }, + { "martinreed.net", true }, { "martinvillalba.com", true }, { "martinvillalba.com.ar", true }, { "martinvillalba.info", true }, { "martinvillalba.net", true }, { "martinvillalba.org", true }, { "martonmihaly.hu", true }, + { "martynhare.co.uk", true }, + { "martynhare.uk", true }, { "maru-life.com", true }, { "maruhoi.com", true }, { "marustat.ru", true }, @@ -21670,11 +22002,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "masarik.sh", true }, { "masatotaniguchi.jp", true }, { "masayahost.com", true }, - { "masaze-hanka.cz", true }, { "mascosolutions.com", true }, { "masdillah.com", true }, { "maservant.net", true }, - { "mashandco.it", true }, { "mashandco.tv", true }, { "masiniunelte.store.ro", true }, { "masiul.is", true }, @@ -21691,6 +22021,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "massdrop.com", true }, { "masse.org", true }, { "massflix.com", true }, + { "massfone.com", true }, { "masshiro.blog", true }, { "massive.tk", true }, { "massoni.pl", true }, @@ -21712,13 +22043,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "masterplc.com", true }, { "masters.black", true }, { "mastersquirrel.xyz", true }, - { "mastersthesiswriting.com", true }, { "masterstuff.de", true }, { "mastiffingles.com.br", true }, { "mastodon.at", true }, { "mastodon.host", true }, { "mastodon.rocks", true }, - { "mastodon.top", true }, { "mat.tt", true }, { "matanz.de", true }, { "matatabimix.com", true }, @@ -21727,6 +22056,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "matchatea24.com", true }, { "matchboxdesigngroup.com", true }, { "matchneedle.com", true }, + { "matejgroma.com", true }, { "matel.org", true }, { "materiaischiquinho.com.br", true }, { "material-ui.com", true }, @@ -21734,6 +22064,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "materialism.com", true }, { "materialyinzynierskie.pl", true }, { "maternum.com", true }, + { "mateuszchyla.pl", true }, { "math.hamburg", true }, { "mathalexservice.info", true }, { "mathematik.rocks", true }, @@ -21743,6 +22074,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "mathias.is", true }, { "mathiasbynens.be", true }, { "mathiasgarbe.de", true }, + { "mathiaswagner.org", true }, { "mathieuguimond.com", true }, { "mathieui.net", true }, { "mathis.com.tr", true }, @@ -21757,6 +22089,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "matjaz.it", true }, { "matlss.com", true }, { "matmessages.com", true }, + { "matok.me.uk", true }, { "matomeathena.com", true }, { "matoutepetiteboutique.com", true }, { "matridiana.com", true }, @@ -21766,6 +22099,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "matrixmedia.ro", true }, { "matrixreq.com", true }, { "matsu-semi.com", true }, + { "matsu-walk.com", true }, { "matt-brooks.com", true }, { "matt-royal.gr", true }, { "matt.re", true }, @@ -21783,8 +22117,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "mattfin.ch", true }, { "mattforster.ca", true }, { "matthecat.com", true }, + { "matthewchapman.co.uk", true }, { "matthewfells.com", true }, { "matthewgallagher.co.uk", true }, + { "matthewgrow.com", true }, + { "matthewj.ca", true }, { "matthewkenny.co.uk", true }, { "matthewohare.com", true }, { "matthewsetter.com", true }, @@ -21800,6 +22137,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "matthijssen.info", true }, { "mattia98.org", true }, { "mattiascibien.net", true }, + { "mattlaks.com", true }, { "mattli.us", true }, { "mattmccutchen.net", true }, { "mattmcshane.com", true }, @@ -21807,12 +22145,14 @@ static const nsSTSPreload kSTSPreloadList[] = { { "mattwservices.co.uk", true }, { "matviet.vn", true }, { "matway.com", true }, + { "matway.net", true }, { "matze.co", true }, { "mauerwerkstag.info", true }, { "mauldincookfence.com", true }, { "mauran.me", true }, { "maurice-walker.com", true }, { "mauricedb.nl", true }, + { "maurovacca.com", true }, { "maury-moteurs.com", true }, { "mavenclinic.com", true }, { "mavensecurity.com", true }, @@ -21839,8 +22179,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "maxdev72.freeboxos.fr", true }, { "maxfox.me", true }, { "maxhamon.ovh", true }, - { "maxhoechtl.at", true }, - { "maxicore.co.za", true }, { "maximdeboiserie.be", true }, { "maximdens.be", true }, { "maximeferon.fr", true }, @@ -21855,6 +22193,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "maxmilton.com", true }, { "maxp.info", true }, { "maxpl0it.com", true }, + { "maxr1998.de", true }, { "maxrandolph.com", true }, { "maxtruxa.com", true }, { "maxundlara.at", true }, @@ -21870,7 +22209,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "mayerbrownllz.com", true }, { "mayomarquees.com", true }, { "mayopartyhire.com", true }, - { "mayoristassexshop.com", true }, { "maypolevilla.co.uk", true }, { "mayrhofer.eu.org", true }, { "mazda-mps.de", true }, @@ -21881,13 +22219,15 @@ static const nsSTSPreload kSTSPreloadList[] = { { "mazternet.ru", true }, { "mazzotta.me", true }, { "mb-is.info", true }, + { "mb300sd.com", true }, + { "mb300sd.net", true }, { "mbaasy.com", true }, { "mbaestlein.de", true }, { "mbainflatables.co.uk", true }, { "mbardot.com", true }, { "mbasic.facebook.com", false }, { "mbcars.be", true }, - { "mbda.gov", true }, + { "mbda.gov", false }, { "mbeo.ch", true }, { "mbilker.us", true }, { "mbinf.de", false }, @@ -21905,7 +22245,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "mc4free.cc", true }, { "mcatnnlo.org", true }, { "mccoolesredlioninn.com", true }, + { "mccordsvillelocksmith.com", true }, { "mccrackon.com", true }, + { "mcculloughjchris.com", true }, { "mcdermottautomotive.com", true }, { "mcdona1d.me", true }, { "mcdonalds.be", true }, @@ -21920,7 +22262,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "mcgaccountancy.co.uk", true }, { "mcgarderen.nl", true }, { "mcgovernance.com", true }, - { "mchan.us", true }, + { "mchel.net", true }, { "mchristopher.com", true }, { "mcinterface.de", true }, { "mcivor.me", true }, @@ -21935,22 +22277,24 @@ static const nsSTSPreload kSTSPreloadList[] = { { "mcmillanskiclub.com.au", true }, { "mcneill.io", true }, { "mcnext.net", true }, + { "mcon.se", true }, { "mcpaoffice.com", true }, - { "mcpart.land", true }, { "mcplayman.de", true }, { "mcpro.games", true }, { "mcprocdn.com", true }, - { "mcqyy.com", true }, { "mcrn.jp", true }, { "mcsinflatables.co.uk", true }, + { "mcsniper.co", true }, { "mcsrvstat.us", true }, - { "mctherealm.net", true }, { "mctools.org", true }, + { "mcuuid.net", true }, + { "mcversions.net", true }, { "mcynews.com", true }, { "mcyukon.com", true }, { "md-clinica.com.ua", true }, { "md5file.com", true }, { "md5hashing.net", true }, + { "mdazo.net", true }, { "mdbouncycastlehirelondon.co.uk", true }, { "mdcloudpracticesolutions.com", true }, { "mdcloudps.com", true }, @@ -21959,12 +22303,14 @@ static const nsSTSPreload kSTSPreloadList[] = { { "mdf-bis.com", true }, { "mdg-online.de", true }, { "mdiv.pl", true }, + { "mdkr.nl", true }, { "mdlayher.com", true }, { "mdma.net", true }, { "mdmed.clinic", true }, { "mdoering.de", true }, { "mdosch.de", true }, { "mdpraha.cz", true }, + { "mds-paris.com", true }, { "mdsave.com", true }, { "mdx.no", true }, { "mdxdave.de", true }, @@ -21974,14 +22320,14 @@ static const nsSTSPreload kSTSPreloadList[] = { { "me-groups.com", true }, { "me.net.nz", true }, { "meadowfen.farm", true }, - { "meadowviewfarms.org", true }, { "mealgoo.com", true }, { "meamod.com", false }, - { "meanevo.com", true }, { "meany.xyz", true }, { "meap.xyz", true }, { "measureyourpenis.today", true }, { "meat.org.uk", true }, + { "mebaneattorney.com", true }, + { "mebanesteakhouse.com", true }, { "mecanicoautomotriz.org", true }, { "mechanus.io", true }, { "mechmk1.me", true }, @@ -21999,7 +22345,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "medhy.fr", true }, { "medi-link.co.il", true }, { "medi.com.br", true }, - { "media-courses.com", false }, { "media-credit.eu", true }, { "media-instance.ru", true }, { "media-library.co.uk", true }, @@ -22007,6 +22352,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "media-serwis.com", true }, { "mediaarea.net", true }, { "mediablaster.com", true }, + { "mediabm.jp", true }, { "mediaburst.co.uk", true }, { "mediadex.be", true }, { "mediaexpert.fr", true }, @@ -22045,20 +22391,22 @@ static const nsSTSPreload kSTSPreloadList[] = { { "medinsider.ch", true }, { "medinsider.li", true }, { "medireport.fr", true }, + { "meditel.nl", true }, { "medium.com", true }, - { "mediumraw.org", true }, + { "medja.net", true }, { "medlineplus.gov", true }, + { "medmarkt24.com", true }, { "medo64.com", true }, { "medovea.ru", true }, { "medpeer.jp", true }, { "medpics.com", true }, - { "medpot.net", true }, { "medschat.com", true }, { "medtalents.ch", true }, { "medtankers.management", true }, { "medtehnika.ua", true }, { "medusa.wtf", true }, { "meduza.io", true }, + { "medvedikorenka.cz", true }, { "medvet.com.es", true }, { "medwaybouncycastlehire.co.uk", true }, { "medyotan.ga", true }, @@ -22081,6 +22429,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "meeusen-usedcars.be", true }, { "meeztertom.nl", true }, { "meg-a-bounce.co.uk", true }, + { "mega-aukcion.ru", true }, { "mega-byte.nl", true }, { "mega-feeling.de", true }, { "mega.co.nz", true }, @@ -22103,7 +22452,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "megaplonk.com", true }, { "megarex.jp", true }, { "megasslstore.com", true }, - { "megasystem.cl", true }, + { "megauction.tk", true }, { "megaxchange.com", true }, { "megumico.net", true }, { "megustariasaber.com", true }, @@ -22163,6 +22512,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "melitopol.co.ua", true }, { "melnessgroup.com", true }, { "melnikov.ch", true }, + { "melodicprogressivehouse.com", true }, { "melodiouscode.co.uk", true }, { "melodiouscode.com", true }, { "melodiouscode.net", true }, @@ -22185,7 +22535,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "memfrob.org", true }, { "memind.net", true }, { "memiux.com", true }, - { "memo-linux.com", true }, { "memo.ee", true }, { "memoire-resistance-ariege.fr", true }, { "memorycards.ie", true }, @@ -22219,11 +22568,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "mentz.info", true }, { "menu.fyi", true }, { "menudieta.com", true }, - { "menuel.me", true }, { "menuonlineordering.com", true }, { "menzel-motors.com", true }, { "menzietti.it", true }, - { "meo.de", true }, { "mephedrone.org", true }, { "mer.gd", true }, { "meransuedtirol.com", true }, @@ -22236,6 +22583,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "mercedes-benz.io", true }, { "mercedes-ig.de", true }, { "mercedespartscenter.com", true }, + { "merchant-automotive.com", true }, { "mercier-auto.com", true }, { "mercier-cars.co.uk", true }, { "mercury.photo", true }, @@ -22246,12 +22594,16 @@ static const nsSTSPreload kSTSPreloadList[] = { { "merenita.eu", true }, { "merenita.net", true }, { "merenita.nl", true }, + { "meridianmetals.com", true }, { "meridianstore.com.br", true }, { "merkel.me", true }, { "merlet.eu", true }, - { "merloat.club", true }, + { "merlinsoap.com", true }, + { "merloat.club", false }, { "merojob.com", true }, { "meronberry.jp", true }, + { "merson.org", true }, + { "merson.tv", true }, { "mertak.cz", true }, { "mertarauh.com", true }, { "mertcangokgoz.com", true }, @@ -22289,6 +22641,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "metanic.services", true }, { "metanodo.com", true }, { "metapeen.nl", true }, + { "metaregistrar.com", true }, { "metasquare.com.au", true }, { "metasquare.nyc", true }, { "metaword.com", true }, @@ -22322,9 +22675,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "metropop.ch", true }, { "metsasta.com", true }, { "mettekopp.dk", true }, - { "meu-smartphone.com", true }, { "meu-solutions.com", true }, { "meujeitodigital.com.br", true }, + { "meurisse.org", true }, { "mevo.xyz", true }, { "mevs.cz", true }, { "mexican.dating", true }, @@ -22355,12 +22708,13 @@ static const nsSTSPreload kSTSPreloadList[] = { { "mi-so-ji.com", true }, { "mi80.com", true }, { "miagexport.com", true }, - { "miamicityballet.org", true }, { "miaonagemi.com", true }, { "miaoubox.com", true }, { "miaowo.org", true }, { "miasarafina.de", true }, { "miboulot.com", true }, + { "mibuiin.com", true }, + { "micado-software.com", true }, { "micaiahparker.com", true }, { "micalodeal.ch", true }, { "micasamgmt.com", false }, @@ -22368,11 +22722,13 @@ static const nsSTSPreload kSTSPreloadList[] = { { "michael-schefczyk.de", true }, { "michael-steinhauer.eu", true }, { "michael.band", true }, + { "michaelasawyer.com", true }, { "michaelband.co", true }, { "michaelband.com", true }, { "michaeleichorn.com", true }, { "michaelhrehor.com", true }, { "michaeliscorp.com", true }, + { "michaelismold.com", true }, { "michaelizquierdo.com", true }, { "michaeljdennis.com", true }, { "michaelkuchta.me", true }, @@ -22380,7 +22736,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "michaelpelletterie.it", true }, { "michaelpfrommer.de", true }, { "michaelpfrommer.pub", true }, - { "michaels-homepage-service.de", true }, { "michaelschmidt.ch", true }, { "michaelschubert.com", true }, { "michaelsnoeren.nl", true }, @@ -22414,11 +22769,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "microdots.de", true }, { "microlinks.org", true }, { "microlog.org", true }, + { "micromata.de", true }, { "microsoftaffiliates.azurewebsites.net", true }, { "microvb.com", true }, { "midair.io", true }, { "midasjewellery.com.au", true }, - { "midgawash.com", true }, { "midkam.ca", true }, { "midlandgate.de", true }, { "midlandleisuresales.co.uk", true }, @@ -22426,13 +22781,15 @@ static const nsSTSPreload kSTSPreloadList[] = { { "midlandsphotobooths.co.uk", true }, { "midlgx.com", true }, { "midnight-visions.de", true }, + { "midnightmango.co.uk", true }, + { "midnightmango.de", true }, { "midnightmechanism.com", true }, { "midstatebasement.com", true }, - { "midterm.us", true }, { "midtowndentistry.com", true }, { "midwestbloggers.org", true }, { "midweststructuralrepair.com", true }, { "miegl.com", true }, + { "miembarcacion.com", true }, { "miemus.eu", true }, { "mietwohnungen-vermietung.com", true }, { "mieuxgrandir.ch", true }, @@ -22453,14 +22810,12 @@ static const nsSTSPreload kSTSPreloadList[] = { { "mijcorijneveld.nl", true }, { "mijn-financien.be", true }, { "mijnavg.eu", true }, - { "mijndiad.nl", true }, { "mijnetickets.nl", false }, { "mijnetz.nl", true }, { "mijnkerstkaarten.be", true }, { "mijnreisoverzicht.nl", true }, { "mijnsite.ovh", true }, { "mijnstembureau.nl", true }, - { "mijntransacties.nl", true }, { "mika.moe", true }, { "mikadoe.nl", true }, { "mikakalathil.ca", true }, @@ -22477,18 +22832,20 @@ static const nsSTSPreload kSTSPreloadList[] = { { "mikeguy.co.uk", true }, { "mikehamburg.com", true }, { "mikehilldesign.co.uk", true }, - { "mikerichards.photography", true }, + { "mikerichards.photography", false }, { "miketabor.com", true }, { "miketheuer.com", true }, { "mikevesch.com", true }, { "mikewest.org", true }, + { "mikewillia.ms", true }, { "mikewritesstuff.com", true }, - { "mikeybailey.org", true }, + { "mikhirev.ru", true }, { "mikhlevich.ru", true }, { "miki-boras.de", true }, { "miki.it", true }, { "mikkelscheike.com", true }, { "mikkelvej.dk", true }, + { "mikkonen.bio", true }, { "miklcct.com", true }, { "miknight.com", true }, { "mikonmaa.fi", true }, @@ -22511,20 +22868,30 @@ static const nsSTSPreload kSTSPreloadList[] = { { "milesapart.dating", true }, { "milhoazul.com.br", true }, { "milionshop.sk", true }, + { "milkandcookies.ca", true }, { "milkingit.co.uk", true }, + { "milktea.info", true }, { "millanova.wedding", false }, { "milldyke.com", true }, { "milldyke.nl", true }, { "millefleurs.eu", true }, { "millennium-thisiswhoweare.net", true }, + { "millenniumweb.com", false }, { "millhousenchurch.com", true }, - { "millibitcoin.jp", true }, { "millionairegames.com", true }, + { "millions57.com", true }, + { "millions58.com", true }, + { "millions60.com", true }, + { "millions61.com", true }, + { "millions62.com", true }, + { "millions63.com", true }, { "millistream.com", true }, + { "milsonhypnotherapyservices.com", true }, { "mim.properties", true }, { "mimemo.io", true }, { "mimeo.digital", true }, { "mimithedog.com", true }, + { "mimobile.website", true }, { "mimocad.io", true }, { "mimovrste.com", true }, { "min-sky.no", true }, @@ -22537,8 +22904,8 @@ static const nsSTSPreload kSTSPreloadList[] = { { "mind-box.ch", true }, { "mind-hochschul-netzwerk.de", true }, { "mind-moves.es", true }, + { "mindbodycontinuum.com", true }, { "mindbodytherapymn.com", true }, - { "mindcell.no", true }, { "mindcoding.ro", true }, { "mindercasso.nl", true }, { "mindfactory.de", true }, @@ -22566,10 +22933,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "minerstat.com", true }, { "minerva2015.it", true }, { "minesouls.fr", true }, + { "minetracker.dk", true }, { "minez-nightswatch.com", false }, { "minf3-games.de", true }, { "mingky.net", true }, - { "mingkyaa.com", true }, + { "mingming.info", true }, { "mingram.net", true }, { "mingwah.ch", true }, { "mini2.fi", true }, @@ -22598,7 +22966,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "minpingvin.dk", true }, { "minschuns.ch", true }, { "mintclass.com", true }, - { "mintea-noua.ro", true }, { "mintosherbs.com", true }, { "mintrak2.com", true }, { "minu.link", true }, @@ -22620,8 +22987,8 @@ static const nsSTSPreload kSTSPreloadList[] = { { "mirfire.com", true }, { "mirjamderijk.nl", true }, { "mirkofranz.de", true }, - { "mirodasilva.be", true }, { "mironet.cz", true }, + { "mirrorbot.ga", true }, { "mirrorsedgearchive.de", true }, { "mirshak.com", true }, { "mirtes.cz", true }, @@ -22630,21 +22997,23 @@ static const nsSTSPreload kSTSPreloadList[] = { { "misanci.cz", true }, { "misclick.nl", true }, { "mishkovskyi.net", true }, + { "misinstrumentos.com", true }, { "miskatonic.org", true }, { "misoji-resist.com", true }, { "misol.kr", true }, - { "misrv.com", true }, { "miss-inventory.co.uk", true }, { "miss-platinum.net", true }, { "miss.com.tw", true }, { "missdream.org", true }, { "misseguf.dk", true }, + { "missevent.pl", true }, { "missguidedus.com", true }, { "mission-orange.de", true }, { "missionsgemeinde.de", true }, { "missip.nl", true }, { "missjoias.com.br", true }, - { "misskey.xyz", false }, + { "misskey.jp", true }, + { "misskey.xyz", true }, { "missoy.me", true }, { "misssex.de", true }, { "missualready.com", true }, @@ -22655,7 +23024,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "mistybox.com", true }, { "misupport.dk", true }, { "misura.re", true }, - { "misuzu.moe", true }, { "mit-uns.org", true }, { "mita.me", true }, { "mitabu.net", true }, @@ -22668,6 +23036,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "mitnetz-gas.de", true }, { "mitnetz-strom.de", true }, { "mitrax.com.br", true }, + { "mitre10.com.au", true }, { "mitrecaasd.org", true }, { "mitremai.org", true }, { "mitrostudios.com", true }, @@ -22688,6 +23057,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "mivzakim.net", true }, { "mivzakim.org", true }, { "mivzakim.tv", true }, + { "mivzaklive.co.il", true }, { "miweb.cr", false }, { "mixinglight.com", true }, { "mixnshake.com", true }, @@ -22699,6 +23069,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "miyugirls.com", true }, { "mizipack.com", true }, { "mizque.ch", true }, + { "mizu.coffee", true }, { "mizuho-trade.net", true }, { "mizumax.me", true }, { "mj420.com", true }, @@ -22721,9 +23092,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "mkd.mk", true }, { "mkes.com", true }, { "mkg-chirurgie-bruchsal.de", true }, - { "mkg-palais-hanau.de", true }, { "mkg-scherer.de", true }, - { "mkg-wiebelskirchen.de", true }, { "mkhsoft.eu", true }, { "mkimage.com", true }, { "mkk.de", true }, @@ -22736,16 +23105,15 @@ static const nsSTSPreload kSTSPreloadList[] = { { "mkse.com", true }, { "mkset.ru", true }, { "mktdigital.info", true }, + { "mktemp.org", true }, { "mkuznets.com", true }, { "mlarte.com", true }, - { "mlcambiental.com.br", true }, { "mlcnfriends.com", true }, { "mlemay.com", true }, { "mlm-worldwide.de", true }, { "mlmjam.com", true }, { "mlp.ee", true }, { "mlpvector.club", true }, - { "mlsrv.de", true }, { "mlundberg.se", true }, { "mlvbphotography.com", true }, { "mlytics.com", true }, @@ -22753,10 +23121,8 @@ static const nsSTSPreload kSTSPreloadList[] = { { "mm404.com", true }, { "mma-acareporting.com", true }, { "mmalisz.com", true }, - { "mmaps.ddns.net", true }, { "mmarnitz.de", true }, { "mmbb.org", true }, - { "mmcc.pe", true }, { "mmin.us", false }, { "mmmarco.com", true }, { "mmogah.com", true }, @@ -22773,6 +23139,8 @@ static const nsSTSPreload kSTSPreloadList[] = { { "mnguyen.io", true }, { "mnitro.com", true }, { "mnium.de", true }, + { "mnml.art", true }, + { "mnml.jp", true }, { "mnnknz.de", true }, { "mnsure.org", true }, { "mnt-tech.fr", true }, @@ -22782,10 +23150,10 @@ static const nsSTSPreload kSTSPreloadList[] = { { "mo2021.de", true }, { "mo3.club", true }, { "moa.moe", true }, - { "moas.design", true }, { "mobag.ru", true }, { "mobal.com", true }, { "mobidea.com", true }, + { "mobifinans.ru", true }, { "mobil-bei-uns.de", true }, { "mobila-chisinau.md", true }, { "mobilcom-debitel-empfehlen.de", true }, @@ -22825,15 +23193,12 @@ static const nsSTSPreload kSTSPreloadList[] = { { "modafinil.wiki", true }, { "modafo.com", true }, { "modalogi.com", true }, - { "modalrakyat.com", true }, - { "modalrakyat.id", true }, { "modcasts.video", true }, { "modcentral.pw", true }, { "modding-forum.com", true }, { "modding-welt.com", true }, { "mode-hautnah.de", true }, { "mode-individuell.de", true }, - { "modecaso.com", true }, { "modehaus-marionk.de", true }, { "modelcase.co.jp", false }, { "modelclub-draveil.eu", true }, @@ -22848,19 +23213,20 @@ static const nsSTSPreload kSTSPreloadList[] = { { "moderatorenpool.org", true }, { "modernapprenticeships.org", true }, { "moderncoinmart.com", true }, - { "moderntld.net", true }, { "modifiedmind.com", true }, { "modistry.com", true }, { "modistryusercontent.com", true }, { "modmountain.com", true }, { "modosaude.com.br", true }, { "module.market", true }, + { "modulex-gmbh.de", true }, { "moechel.com", true }, { "moefactory.com", true }, - { "moehrke.cc", true }, { "moeking.me", true }, { "moellers.systems", true }, { "moetrack.com", true }, + { "moeyoo.net", true }, + { "moeyun.net", true }, { "mofohome.dyndns.org", true }, { "moha-swiss.com", true }, { "mohanmekap.com", true }, @@ -22876,6 +23242,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "mojeco2.cz", true }, { "mojefedora.cz", true }, { "mojilitygroup.com", true }, + { "mojizuri.com", true }, { "mojnet.eu", true }, { "mojnet.net", true }, { "mojoco.co.za", true }, @@ -22890,12 +23257,10 @@ static const nsSTSPreload kSTSPreloadList[] = { { "molecularbiosystems.org", true }, { "molinero.xyz", true }, { "mollaretsmeningitis.org", true }, - { "molokai.org", true }, { "molti.hu", true }, { "molun.net", false }, { "molunerfinn.com", true }, { "molwick.com", true }, - { "momento.co.id", true }, { "momentumdash.com", true }, { "momirfarooq.com", true }, { "momjoyas.com", true }, @@ -22912,7 +23277,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "monaco-automaten.de", true }, { "monad.io", true }, { "monakasatmasr.com", true }, - { "monalisa.wtf", true }, { "monalyse.com", true }, { "monarchcleanersnc.com", true }, { "monbudget.org", true }, @@ -22922,7 +23286,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "mondial-movers.nl", true }, { "mondo-it.ch", true }, { "moneni.com", true }, + { "moneoci.com.br", true }, { "moneybird.com", true }, + { "moneybird.nl", true }, { "moneychangersoftware.com", true }, { "moneycredit.eu", true }, { "moneygo.se", true }, @@ -22944,29 +23310,24 @@ static const nsSTSPreload kSTSPreloadList[] = { { "monkeyhill.us", true }, { "monkeytek.ca", true }, { "monkieteel.com", true }, - { "monkieteel.nl", true }, { "monlabs.com", true }, { "monloyer.quebec", true }, { "monnyonle.hu", true }, { "mono.cafe", true }, { "mono0x.net", true }, { "monobank.no", true }, - { "monodukuri.cafe", true }, { "monodukuri.com", true }, - { "monodzukuri.cafe", true }, - { "monokoo.com", true }, { "monolithapps.com", true }, { "monolithindustries.com", true }, { "monolithinteractive.com", true }, { "monothesis.com", true }, + { "monotributo.online", true }, { "monoworks.co.jp", true }, - { "monozukuri.cafe", true }, { "monpc-pro.fr", true }, { "monpermismoto.com", true }, { "monpermisvoiture.com", true }, { "monpetitforfait.com", true }, { "monpetitmobile.com", true }, - { "monsieurbureau.com", true }, { "monsieursavon.ch", true }, { "monstermashentertainments.co.uk", true }, { "montage-kaika.de", true }, @@ -22996,6 +23357,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "moolah.rocks", true }, { "moon.fish", true }, { "moonagic.com", true }, + { "moonagic.io", true }, { "moonbot.io", true }, { "moondrop.org", true }, { "moonkin.eu", true }, @@ -23003,8 +23365,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "moonmelo.com", true }, { "moonraptor.co.uk", true }, { "moonraptor.com", true }, - { "moonrhythm.info", true }, - { "moonrhythm.io", true }, { "moonshyne.org", true }, { "moontaj.com", true }, { "moonvpn.org", true }, @@ -23050,6 +23410,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "morganino.it", true }, { "morgansleisure.co.uk", true }, { "morgner.com", true }, + { "morhys.com", true }, { "moritz-baestlein.de", true }, { "moritztremmel.de", true }, { "moriz.de", true }, @@ -23059,6 +23420,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "morningstar.moe", true }, { "morphy2k.io", true }, { "morrisby.com", true }, + { "morrodafumacanoticias.com.br", true }, { "morteruelo.net", true }, { "mortgagecalculator.biz", true }, { "mortgagecentersmo.com", true }, @@ -23072,6 +23434,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "mosin.org", true }, { "moskeedieren.nl", true }, { "mosos.de", true }, + { "mosquitojoe.com", true }, { "mosscade.com", true }, { "mosshi.be", true }, { "mosstier.com", true }, @@ -23092,11 +23455,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "motifstudio.com.ua", true }, { "motionless.nl", true }, { "motiweb.fr", true }, + { "motocollection.pl", true }, { "motohell.com", true }, { "motojato.com.br", true }, { "motonauticaibiza.com", true }, { "motoreflex.com", true }, - { "motornomaslo.bg", true }, { "motorpointarenacardiff.co.uk", true }, { "motorring.ru", true }, { "motorsplus.com", false }, @@ -23104,19 +23467,17 @@ static const nsSTSPreload kSTSPreloadList[] = { { "motosikletevi.com", true }, { "motostorie.blog", false }, { "motovated.co.nz", true }, - { "motovio.de", true }, { "motowilliams.com", true }, { "motstats.co.uk", true }, { "mottomortgage.com", true }, - { "moube.fr", true }, { "moucloud.cn", true }, { "moulinaparoles.ca", true }, - { "mountain-rock.ru", true }, { "mountainactivitysection.org.uk", true }, { "mountainroseherbs.com", true }, { "mountfarmer.de", true }, { "mousemessages.com", true }, { "moutiezhaller.com", true }, + { "move.mil", true }, { "moveek.com", true }, { "moveisfit.com.br", true }, { "moveltix.net", true }, @@ -23125,13 +23486,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "movie-cross.net", true }, { "movie-infos.net", true }, { "movie1000.com", true }, - { "movie4kto.site", true }, { "movie4kto.stream", true }, { "movieboost.nl", true }, { "moviedeposit.com", true }, { "moviefreeze.com", true }, { "movieguys.org", true }, - { "movienang.com", true }, { "movienized.de", true }, { "moviepilot.com", true }, { "moviesetc.net", true }, @@ -23140,6 +23499,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "movimento-terra.it", true }, { "movinglogistics.nl", false }, { "movingtohttps.com", true }, + { "movingtojapan.life", true }, { "movlib.org", true }, { "moy.cat", true }, { "moyer.pub", true }, @@ -23148,10 +23508,8 @@ static const nsSTSPreload kSTSPreloadList[] = { { "moysovet.info", true }, { "mozartgroup.hu", true }, { "mozektevidi.net", true }, - { "mozgb.ru", true }, { "mozilla.cz", true }, { "mozzez.de", true }, - { "mp3gratuiti.com", true }, { "mpa-pro.fr", true }, { "mpac.ca", false }, { "mpc-hc.org", true }, @@ -23161,26 +23519,27 @@ static const nsSTSPreload kSTSPreloadList[] = { { "mpg-universal.com", true }, { "mpg.ovh", true }, { "mpgaming.pro", true }, + { "mphoto.at", true }, { "mpintaamalabanna.it", true }, { "mpkrachtig.nl", true }, { "mplanetphl.fr", true }, { "mplant.io", true }, { "mplicka.cz", true }, { "mplusm.eu", true }, - { "mpn.poker", true }, { "mpnpokertour.com", true }, { "mpodraza.pl", true }, { "mpreserver.com", true }, { "mprsco.eu", true }, { "mpsgarage.com.au", true }, { "mpsoundcraft.com", true }, + { "mpu-giessen.com", true }, + { "mpu-vorbereitung.com", true }, { "mpy.ovh", true }, { "mqas.net", true }, { "mr-anderson.org", true }, { "mr-designer-oman.com", true }, { "mr-labo.jp", true }, - { "mr-nachhilfe.de", true }, - { "mr-wolf.nl", true }, + { "mr-wolf.nl", false }, { "mr3.io", true }, { "mrazek.biz", true }, { "mrbmafrica.com", true }, @@ -23194,16 +23553,20 @@ static const nsSTSPreload kSTSPreloadList[] = { { "mrdayman.com", true }, { "mremallin.ca", true }, { "mrevolution.eu", true }, + { "mrgiveaways.com", true }, { "mrinalpurohit.in", true }, + { "mrjhnsn.com", true }, { "mrjooz.com", true }, { "mrkapowski.com", true }, + { "mrketolocksmith.com", true }, { "mrknee.gr", true }, { "mrkrabat.de", true }, - { "mrksk.com", true }, { "mrmoregame.de", true }, { "mrnh.de", true }, - { "mrpropop.com", true }, + { "mrning.com", true }, + { "mrprintables.com", true }, { "mrs-labo.jp", true }, + { "mrsbairds.com", false }, { "mrserge.lv", true }, { "mrsk.me", true }, { "mrstat.co.uk", true }, @@ -23227,7 +23590,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "msmails.de", true }, { "msnr.net", true }, { "msopopop.cn", true }, - { "msp66.de", false }, { "mspsocial.net", true }, { "msquadrat.de", true }, { "msroot.de", true }, @@ -23235,6 +23597,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "mstdn.blue", true }, { "mstdn.club", true }, { "mstdn.fr", true }, + { "mstdn.io", true }, { "mstdn.onl", false }, { "msuna.net", true }, { "msv-limpezas.pt", true }, @@ -23255,20 +23618,19 @@ static const nsSTSPreload kSTSPreloadList[] = { { "mthrbrd.net", true }, { "mths.be", false }, { "mticareportal.com", true }, + { "mtiryaki.com", true }, { "mtlconcerts.com", true }, { "mtltransport.com", true }, { "mtnz.co.za", true }, { "mtouch.facebook.com", false }, { "mtr.md", true }, - { "mtrock.ru", true }, + { "mtrip.com", true }, { "mts-energia.eu", true }, { "mts-server.com", true }, { "mtsolar.es", true }, { "mu.search.yahoo.com", false }, { "muabannhanh.com", false }, - { "muahahahaha.co.uk", true }, { "mubiflex.nl", true }, - { "muchohentai.com", true }, { "muckingabout.eu", true }, { "muckrack.com", true }, { "mucmail.de", true }, @@ -23282,15 +23644,14 @@ static const nsSTSPreload kSTSPreloadList[] = { { "muellapp.com", true }, { "muenchberger.com", true }, { "muenzubi.de", true }, - { "muffet.pw", true }, { "mufibot.net", true }, { "muguayuan.com", true }, { "muh.io", true }, + { "muitadica.com", true }, { "muk-kobetsu.com", true }, { "mulaccosmetics.com", true }, { "mulaisehat.com", true }, { "mulej.net", true }, - { "mulheres18.com", true }, { "muling.lu", true }, { "mullens-usedcars.be", true }, { "multi-vpn.biz", true }, @@ -23314,7 +23675,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "multitek.no", true }, { "multitenantlaravel.com", true }, { "multitheftauto.com", true }, - { "multiworldsoftware.com", true }, { "multizone.games", true }, { "multrier.fr", true }, { "mumakil.fi", true }, @@ -23323,11 +23683,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "mumolabs.com", true }, { "munch.me", true }, { "munchcorp.com", true }, - { "mundoadulto.com.br", true }, { "mundoarabe.com.br", true }, { "mundodasmensagens.com", true }, { "mundokinderland.com.br", true }, { "mundolarraz.es", true }, + { "mundomagicotv.com", true }, { "mundschenk.at", true }, { "mundtec.com.br", true }, { "munduch.cz", true }, @@ -23345,9 +23705,10 @@ static const nsSTSPreload kSTSPreloadList[] = { { "murgi.de", true }, { "murmel.it", false }, { "murof.com.br", true }, + { "murray.xyz", true }, { "murzik.space", true }, + { "musaccostore.com", true }, { "muscle-tg.com", true }, - { "muscleangels.com", true }, { "musclecarresearch.com", true }, { "muscolinomusic.com", true }, { "musearchengine.com", true }, @@ -23379,6 +23740,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "musikzentrale.net", true }, { "musketonhaken.nl", false }, { "muslim.singles", true }, + { "musmann.io", true }, { "muspla.com", true }, { "muspla.com.br", true }, { "musselsblog.com", true }, @@ -23398,15 +23760,16 @@ static const nsSTSPreload kSTSPreloadList[] = { { "muthai.in.th", true }, { "mutuals.cool", true }, { "mutuelle.fr", true }, + { "muusika.fun", true }, { "muusikoiden.net", true }, { "muwatenraqamy.org", true }, { "muzeumkomiksu.eu", true }, { "muzhijy.com", true }, - { "muzi.cz", true }, { "muzikantine.nl", true }, { "mv-wohnen.de", true }, { "mvandek.nl", true }, { "mvbits.com", true }, + { "mvisioncorp.com", true }, { "mvno.io", true }, { "mvp-stars.com", true }, { "mw.search.yahoo.com", false }, @@ -23415,15 +23778,19 @@ static const nsSTSPreload kSTSPreloadList[] = { { "mwavuli.co.ke", true }, { "mwba.org", true }, { "mwe.st", true }, + { "mwezi-foundation.org", true }, + { "mwezi.org", true }, { "mwohlfarth.de", true }, { "mwtdev.se", true }, { "mww.moe", true }, + { "mx.org.ua", true }, { "mx.search.yahoo.com", false }, { "mx5international.com", true }, { "mxihan.xyz", true }, { "mxn8.com", true }, { "mxp.tw", true }, { "my-aftershave-store.co.uk", true }, + { "my-best-wishes.com", true }, { "my-cdn.de", true }, { "my-contract.ch", true }, { "my-contract.info", true }, @@ -23454,12 +23821,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "myaggic.com", true }, { "myalliancechurch.com", true }, { "myamend.com", true }, + { "myamihealth.com", true }, { "myamity.info", true }, { "myammo.ru", true }, { "myanimelist.net", true }, { "myapexcard.com", true }, - { "myappliancerepairhouston.com", true }, - { "myartsway.com", true }, { "mybagofcoffee.com", true }, { "mybb.com", true }, { "mybb.de", true }, @@ -23476,6 +23842,8 @@ static const nsSTSPreload kSTSPreloadList[] = { { "mycieokien.info", false }, { "mycinema.pro", true }, { "mycircleworks.com", true }, + { "myclasscam.com", true }, + { "myclasscam.org", true }, { "myclinicalstudybuddy.com", true }, { "mycloud-system.com", true }, { "mycofairtrade.com", true }, @@ -23530,6 +23898,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "mygeotrip.com", true }, { "mygigabitnation.com", true }, { "mygignation.com", true }, + { "mygirlfriendshouse.com", true }, { "mygoldennetwork.com", true }, { "mygreatjobs.de", true }, { "mygreatlakes.org", true }, @@ -23540,9 +23909,10 @@ static const nsSTSPreload kSTSPreloadList[] = { { "myhatsuden.jp", true }, { "myhealthreviews.com", true }, { "myhollywoodnews.com", true }, - { "myhostname.net", true }, + { "myhome-24.pl", true }, { "myimds.com", true }, { "myimmitracker.com", true }, + { "myinvite.nl", true }, { "myipaddr.de", true }, { "myipv4.de", true }, { "myjudo.net", true }, @@ -23554,6 +23924,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "mylawyer.be", true }, { "myleanfactory.de", true }, { "mylifeabundant.com", true }, + { "mylittlechat.ru", true }, { "myliveupdates.com", true }, { "mylookout.com", false }, { "mylstrom.com", true }, @@ -23564,19 +23935,20 @@ static const nsSTSPreload kSTSPreloadList[] = { { "mymed.de", true }, { "mymed.eu", true }, { "mymedz.nl", true }, + { "mymixtapez.com", true }, { "mymommyworld.com", true }, { "mymotor.nl", true }, { "myms.eu", true }, + { "mymun.com", true }, { "mymun.net", true }, { "mymusiclist.alwaysdata.net", true }, { "mymx.lu", true }, { "myna.go.jp", true }, { "mynameistavis.com", true }, - { "mynetworkingbuddy.com", true }, { "mynext.events", true }, { "mynextmove.org", true }, { "mynn.io", true }, - { "mynook.info", true }, + { "mynook.info", false }, { "mynortherngarden.com", true }, { "myonline.hu", true }, { "myoptumhealthcomplexmedical.com", true }, @@ -23599,6 +23971,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "mypcqq.cc", true }, { "myperfecthome.ca", true }, { "myperfumecollection.com", true }, + { "myperks.in", true }, { "myphotoshopbrushes.com", true }, { "mypillcard.com", true }, { "myplaceonline.com", true }, @@ -23644,6 +24017,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "myrepublic.nz", true }, { "myrepublic.ph", true }, { "myrepublic.rocks", true }, + { "myrepublic.run", true }, { "myrepublic.tk", true }, { "myrepublic.tv", true }, { "myrepublic.tw", true }, @@ -23666,6 +24040,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "myriadof.com", true }, { "myrig.com", true }, { "myrig.com.ua", true }, + { "myrig.net", true }, { "myrig.ru", true }, { "myrotvorets.center", true }, { "myrp.co", true }, @@ -23693,13 +24068,13 @@ static const nsSTSPreload kSTSPreloadList[] = { { "myssl.com", true }, { "mystatus24.com", false }, { "mysteriouscode.io", true }, + { "mysterydata.com", true }, { "mysterymind.ch", true }, { "mysterysear.ch", true }, { "mystic-welten.de", true }, { "mystickphysick.com", true }, { "mysticplumes.com", true }, { "mystorymonster.com", true }, - { "mystown.org", true }, { "mystudycart.com", true }, { "mysupboard.de", true }, { "myswissmailaddress.com", true }, @@ -23708,6 +24083,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "mythengay.ch", true }, { "mythicdelirium.com", true }, { "myting.net", true }, + { "mytraiteurs.com", true }, { "mytripcar.co.uk", true }, { "mytripcar.com", true }, { "mytripcar.de", true }, @@ -23735,17 +24111,20 @@ static const nsSTSPreload kSTSPreloadList[] = { { "mywebinar.io", true }, { "mywebpanel.eu", true }, { "mywebpanel.nl", true }, + { "myweddingreceptionideas.com", true }, { "myworkinfo.com", false }, { "myworth.com.au", true }, + { "myxnr.com", true }, { "myyubikey.net", true }, { "myyubikey.org", true }, { "myzina.cz", false }, { "mz-mz.net", true }, { "mzh.io", true }, + { "mziulu.me", false }, { "mznet.de", true }, + { "mzzj.de", true }, { "n-a.date", true }, { "n-design.de", true }, - { "n-kanazawa.jp", true }, { "n-m.lu", true }, { "n-man.info", true }, { "n-pix.com", false }, @@ -23754,18 +24133,21 @@ static const nsSTSPreload kSTSPreloadList[] = { { "n0paste.tk", false }, { "n0psled.nl", true }, { "n26.com", true }, - { "n2host.eu", true }, - { "n3twork.net", true }, + { "n2servers.com", true }, { "n4v.eu", true }, { "n5118.com", true }, { "n6a.net", true }, { "n7.education", true }, + { "n8mgt.com", true }, + { "n8nvi.com", true }, + { "n8solutions.net", true }, { "na-school.nl", true }, { "naam.me", true }, { "nabaleka.com", true }, { "nabankco.com", true }, { "nabidkamajetku.cz", true }, { "nabytek-valmo.cz", true }, + { "nacfit.com", true }, { "nachsendeauftrag.net", true }, { "nachsenden.info", true }, { "nachtmuziek.info", true }, @@ -23775,7 +24157,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "nadejeproninu.cz", true }, { "nadelholzkulturen.de", true }, { "nadine-chaudier.net", true }, - { "nadyaolcer.fr", true }, + { "nadsandgams.com", true }, { "nafod.net", true }, { "naga-semi.com", true }, { "nagashi.ma", false }, @@ -23783,14 +24165,12 @@ static const nsSTSPreload kSTSPreloadList[] = { { "nagb.gov", true }, { "nagb.org", true }, { "nagel-dentaltechnik.de", true }, - { "nagelfam.com", true }, { "naggie.net", true }, { "nah.nz", true }, { "nah.re", true }, { "nahura.com", true }, { "nailattitude.ch", true }, { "nailchiodo.com", true }, - { "nailedithomebuilders.com", true }, { "nailsalon-aztplus.com", true }, { "nairobibusinessreview.com", true }, { "najany.de", true }, @@ -23798,13 +24178,15 @@ static const nsSTSPreload kSTSPreloadList[] = { { "najany.fr", true }, { "najany.nl", true }, { "najany.se", true }, - { "nakada4610.com", true }, + { "nakalabo.jp", true }, { "nakama.tv", true }, { "nakandya.com", true }, + { "nakanishi-paint.com", true }, + { "nakayama.systems", true }, { "nakedalarmclock.me", true }, { "nakedtruthbeauty.com", true }, + { "nakene.com", true }, { "nakliyatsirketi.biz.tr", true }, - { "nako.no", true }, { "nalepky-na-zed.cz", true }, { "nalepte.cz", true }, { "nalexandru.xyz", true }, @@ -23816,7 +24198,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "nameid.org", true }, { "namepros.com", true }, { "namereel.com", true }, - { "namethatporn.com", true }, + { "namethissymbol.com", true }, { "nametiles.co", true }, { "nami.bo", true }, { "nami.exchange", true }, @@ -23828,14 +24210,12 @@ static const nsSTSPreload kSTSPreloadList[] = { { "namu.moe", true }, { "namu.wiki", true }, { "namuwikiusercontent.com", true }, - { "nanami.moe", true }, { "nanarose.ch", true }, { "nanch.com", true }, { "nandex.org", true }, { "nange.co", true }, { "nankiseamansclub.com", true }, { "nanofy.org", true }, - { "nanogi.ga", true }, { "nanotechnologist.com", true }, { "nanotechtorsion.com", true }, { "nanovolt.nl", true }, @@ -23851,6 +24231,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "naphogar.com", true }, { "napisdata.us", true }, { "napolinissanctparts.com", true }, + { "nappynko.com", true }, { "narada.com.ua", true }, { "narakenkoland.net", true }, { "naralogics.com", true }, @@ -23883,6 +24264,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "nastoletni.pl", true }, { "nataldigital.com", true }, { "nataliedawnhanson.com", true }, + { "natanaelys.com", false }, { "natation-nsh.com", false }, { "natatorium.org", true }, { "natchmatch.com", true }, @@ -23906,11 +24288,15 @@ static const nsSTSPreload kSTSPreloadList[] = { { "nationalpriorities.org", true }, { "nationaltaxprep.com", true }, { "nationaltrails.ru", true }, + { "nationwiderealtyinvestors.com", true }, { "natives-team.ch", true }, { "nativs.ch", true }, { "natlec.com", true }, { "natropie.pl", true }, { "natsumihoshino.com", true }, + { "natur.com", true }, + { "natura-sense.com", true }, + { "naturalhealthcures.net", true }, { "naturalkitchen.co.uk", true }, { "naturalspacesdomes.com", true }, { "naturaum.de", true }, @@ -23930,8 +24316,8 @@ static const nsSTSPreload kSTSPreloadList[] = { { "nausicaahotel.it", true }, { "nautiljon.com", true }, { "nautsch.de", true }, - { "navdeep.ca", true }, - { "navenlle.com", false }, + { "navarralanparty.org", true }, + { "navenlle.com", true }, { "navienna.com", true }, { "navient.com", true }, { "navigate-it-services.de", false }, @@ -23940,9 +24326,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "navycs.com", true }, { "nawir.de", true }, { "nayahe.ru", true }, + { "nayami64.xyz", true }, { "nayanaas.com", true }, { "nazevfirmy.cz", true }, { "nazigol.com", true }, + { "nazukebanashi.com", true }, { "nazuna.blue", true }, { "nb.zone", true }, { "nb6.de", true }, @@ -24003,12 +24391,10 @@ static const nsSTSPreload kSTSPreloadList[] = { { "nbgrooves.de", true }, { "nbhorsetraining.com", true }, { "nbib.gov", true }, - { "nbl.org.tw", true }, { "nbp.com.pk", true }, { "nbrain.de", true }, { "nbrii.com", true }, { "nbriresearch.com", true }, - { "nbtparse.org", true }, { "nbur.co.uk", true }, { "nc-beautypro.fr", true }, { "nc-formation.fr", true }, @@ -24025,6 +24411,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "nchangfong.com", true }, { "nchponline.org", true }, { "ncic.gg", true }, + { "ncloud.freeddns.org", true }, { "nclvle.co.uk", true }, { "ncm-malerbetrieb.de", true }, { "ncsc.gov.uk", true }, @@ -24036,7 +24423,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "ndeoffshore.com", true }, { "nder.be", true }, { "ndhlink.com", true }, - { "ndmath.club", true }, { "ndpbrn-research.org", true }, { "nds-helicopter.de", true }, { "ndy.sex", true }, @@ -24058,6 +24444,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "nebuluxcapital.com", true }, { "necessaryandproportionate.net", true }, { "necessaryandproportionate.org", true }, + { "nechiactua.com", true }, { "necormansir.com", true }, { "nectarleaf.com", true }, { "nedcdata.org", true }, @@ -24075,6 +24462,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "neemzy.org", true }, { "neet-investor.biz", true }, { "nefertitis.cz", true }, + { "neffat.si", true }, { "neflabs.com", true }, { "neftis.es", true }, { "neg9.org", false }, @@ -24096,7 +24484,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "nejlevnejsi-parapety.cz", true }, { "neko-nyan-nuko.com", true }, { "neko-nyan.org", true }, - { "neko.ml", true }, { "nekodex.net", true }, { "nekolove.jp", true }, { "nekomimi.pl", true }, @@ -24110,7 +24497,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "nellacms.com", true }, { "nellacms.org", true }, { "nellafw.org", true }, - { "nemanja.top", true }, { "nemcd.com", true }, { "nemecl.eu", true }, { "nemez.net", true }, @@ -24128,7 +24514,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "neodrive.ch", true }, { "neoedresources.org", true }, { "neoeliteconsulting.com", true }, - { "neojames.me", true }, { "neojo.org", true }, { "neokobe.city", true }, { "neolaudia.es", true }, @@ -24138,8 +24523,10 @@ static const nsSTSPreload kSTSPreloadList[] = { { "neonknight.ch", true }, { "neons.org", true }, { "neophilus.net", true }, + { "neos.co.jp", true }, { "neosdesignstudio.co.uk", true }, { "neostralis.com", true }, + { "neowa.tk", true }, { "neowlan.net", true }, { "neoxcrf.com", true }, { "neoz.com.br", true }, @@ -24153,7 +24540,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "nepremicnine.click", true }, { "nepremicnine.net", true }, { "nepustil.net", false }, - { "nerdbox.cc", true }, { "nerdhouse.io", true }, { "nerdmind.de", true }, { "nerdoutstudios.tv", true }, @@ -24206,6 +24592,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "nethunter.top", true }, { "netki.com", true }, { "netlentes.com.br", true }, + { "netlocal.ru", true }, { "netmagicas.com.br", true }, { "netmeister.org", true }, { "netnik.de", true }, @@ -24216,7 +24603,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "netrider.net.au", false }, { "netrogue.ninja", true }, { "netronix.be", true }, - { "netronome.com", true }, + { "netsec.cloud", true }, { "netsigna.de", true }, { "netsite.dk", true }, { "netsoins.org", true }, @@ -24224,6 +24611,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "netsparker.com.tr", true }, { "netspeedia.net", true }, { "netsphere.cz", true }, + { "nettacompany.com.tr", true }, { "nettamente.com", true }, { "nette.org", true }, { "nettegeschenke.de", true }, @@ -24240,15 +24628,22 @@ static const nsSTSPreload kSTSPreloadList[] = { { "netwarc.eu", true }, { "netwarc.nl", true }, { "netweaver.uk", true }, + { "network-midlands.co.uk", true }, + { "network-midlands.uk", true }, { "network-notes.com", true }, { "network23.nl", true }, { "networkersdiary.com", true }, + { "networking-groups.co.uk", true }, { "networking4all.com", true }, - { "networking4all.net", true }, { "networkingnexus.net", true }, { "networkingphoenix.com", true }, + { "networkmidlands.co.uk", true }, + { "networkmidlands.uk", true }, + { "networkmon.net", true }, { "networkposting.com", true }, { "networth.at", true }, + { "networx-online.de", true }, + { "netz-yokohama.co.jp", true }, { "netzfabrik.com", true }, { "netzfrauen.org", true }, { "netzwerkwerk.de", true }, @@ -24268,7 +24663,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "neurozentrum-zentralschweiz.ch", true }, { "neutralox.com", false }, { "neuwal.com", true }, - { "neva.li", true }, { "never.pet", true }, { "nevergreen.io", true }, { "nevermore.fi", true }, @@ -24285,7 +24679,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "new-process.eu", true }, { "new.travel.pl", true }, { "newaccess.ch", true }, - { "newbieboss.com", false }, + { "newbasemedia.us", true }, { "newbietech.cn", false }, { "newborncryptocoin.com", false }, { "newburybouncycastles.co.uk", true }, @@ -24301,8 +24695,8 @@ static const nsSTSPreload kSTSPreloadList[] = { { "newcloudwhodis.com", true }, { "newcreamforface.com", true }, { "newday.host", true }, - { "newdeveloper.download", true }, { "newearth.press", true }, + { "newfangledscoop.com", true }, { "newfiepedia.ca", true }, { "newgrowbook.com", true }, { "newguidance.ch", true }, @@ -24311,13 +24705,14 @@ static const nsSTSPreload kSTSPreloadList[] = { { "newjianzhi.com", true }, { "newkaliningrad.ru", true }, { "newknd.com", true }, + { "newlifeband.de", true }, { "newmarketbouncycastlehire.co.uk", true }, { "newmed.com.br", true }, { "newmediaone.net", true }, { "newmovements.net", true }, { "newodesign.com", true }, { "newpathintegratedtherapy.com", true }, - { "newpoke.net", true }, + { "newposts.ru", true }, { "newreleases.io", true }, { "news47ell.com", true }, { "newsa2.com", true }, @@ -24326,11 +24721,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "newsmotor.info", true }, { "newspsychology.com", true }, { "newstone-tech.com", true }, + { "newsyslog.org", true }, { "newtonproject.org", true }, { "newtrackon.com", true }, { "newvehicle.com", true }, { "nex.sx", true }, - { "nexgeneration-solutions.com", true }, { "nexicafiles.com", true }, { "nexril.net", true }, { "next-web.ad.jp", true }, @@ -24344,9 +24739,12 @@ static const nsSTSPreload kSTSPreloadList[] = { { "nextend.net", true }, { "nextend.org", true }, { "nextevolution.co.uk", true }, + { "nextgen.sk", true }, { "nextgencel.com", true }, + { "nextgenthemes.com", true }, { "nextgreatmess.com", true }, { "nexthop.jp", true }, + { "nextiot.de", true }, { "nextmbta.com", true }, { "nextme.se", true }, { "nextnely.com", true }, @@ -24355,6 +24753,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "nextstep-labs.gr", true }, { "nexttv.co.il", true }, { "nexus-exit.de", true }, + { "nexus-vienna.at", true }, { "nexusconnectinternational.eu", true }, { "nexwebsites.com", true }, { "nexxus-sistemas.net.br", true }, @@ -24364,12 +24763,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "nf4.net", true }, { "nf9q.com", true }, { "nfe-elektro.de", true }, - { "nfhome.be", true }, { "nfir.nl", true }, { "nfl.dedyn.io", true }, { "nfl.duckdns.org", true }, { "nflmocks.com", true }, - { "nfls.io", true }, + { "nflsic.org", true }, { "nfluence.org", true }, { "nframe.io", true }, { "nfrost.me", true }, @@ -24377,6 +24775,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "nfz.moe", true }, { "ng-musique.com", true }, { "ngasembaru.com", true }, + { "ngc.gov", false }, { "nghe.net", true }, { "nginxconfig.com", true }, { "nginxconfig.io", true }, @@ -24388,7 +24787,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "nhchalton.com", true }, { "nhgteam.hu", true }, { "nhimf.org", true }, - { "nhliberty.org", true }, { "nhome.ba", true }, { "nhsolutions.be", true }, { "nhw.ovh", true }, @@ -24411,7 +24809,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "nicesco.re", true }, { "nicestudio.co.il", false }, { "nichijou.com", true }, - { "nicholasperkins.io", true }, { "nicholaspruss.com", true }, { "nicholasquigley.com", true }, { "nicholaswilliams.net", true }, @@ -24422,14 +24819,17 @@ static const nsSTSPreload kSTSPreloadList[] = { { "nickcraver.com", true }, { "nickdekruijk.nl", true }, { "nickguyver.com", true }, + { "nickhitch.co.uk", true }, { "nickloose.de", true }, { "nicklord.com", true }, { "nickmorri.com", true }, { "nickplotnek.co.uk", true }, { "nickrickard.co.uk", true }, + { "nicks-autos.com", true }, { "nickscomputers.nl", true }, { "nickserve.com", true }, { "nickstories.de", true }, + { "nicktheitguy.com", true }, { "niclasreich.de", true }, { "nicn.me", true }, { "nico.st", true }, @@ -24444,6 +24844,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "nicolasiung.me", true }, { "nicolaszambetti.ch", true }, { "nicolaw.uk", true }, + { "nicolemathew.com", true }, { "nicoleoquendo.com", true }, { "niconico.ooo", true }, { "niconode.com", false }, @@ -24475,13 +24876,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "niesstar.com", true }, { "nietzsche.com", true }, { "nieuwslagmaat.nl", true }, - { "niffler.software", true }, { "niftiestsoftware.com", true }, { "nigelwakefield.com", true }, { "nigensha.co.jp", true }, { "niggemeier.cc", true }, { "nigger.racing", true }, - { "niggo.eu", true }, { "night2stay.cn", true }, { "night2stay.com", true }, { "night2stay.de", true }, @@ -24494,6 +24893,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "nightsi.de", true }, { "nightstand.io", true }, { "nightwinds.tk", true }, + { "nigt.cf", true }, { "nihon-no-sake.net", true }, { "nijiero-ch.com", false }, { "nijikata.com", true }, @@ -24506,13 +24906,14 @@ static const nsSTSPreload kSTSPreloadList[] = { { "nikkasystems.com", true }, { "nikkila.me", true }, { "nikklassen.ca", true }, - { "niklas.host", true }, { "niklas.pw", true }, { "niklasanderson.com", true }, { "niklasbabel.com", true }, { "nikolasgrottendieck.com", true }, { "nikomo.fi", false }, { "nikoninframe.co.uk", true }, + { "nikonlibrary.co.uk", true }, + { "nikonnps.co.uk", true }, { "nikonpromotions.co.uk", true }, { "nikonschool.co.uk", true }, { "nikz.in", true }, @@ -24521,7 +24922,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "niles.xyz", true }, { "nilrem.org", true }, { "nimeshjm.com", true }, - { "nimidam.com", true }, { "nina-laaf.de", true }, { "ninaforever.com", true }, { "ninarinaldi.com.br", true }, @@ -24535,9 +24935,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "ninetaillabs.xyz", true }, { "ninfora.com", true }, { "ninja-galerie.de", true }, + { "ninja-skillz.com", true }, { "ninjaworld.co.uk", true }, { "ninjio.com", true }, { "ninov.de", true }, + { "ninreiei.jp", true }, { "nintendoforum.no", true }, { "ninth.cat", true }, { "ninthfloor.org", true }, @@ -24545,29 +24947,26 @@ static const nsSTSPreload kSTSPreloadList[] = { { "nipax.cz", true }, { "nipe-systems.de", true }, { "nippon-oku.com", true }, - { "nippon.fr", true }, { "niqex.com", true }, - { "nirjharstudio.com", true }, { "nirjonmela.com", true }, { "nirjonmela.net", true }, { "nirudo.me", true }, - { "nirvanashop.com", true }, { "nissanofbismarckparts.com", true }, - { "nitaonline.org", true }, { "nitifilter.com", true }, + { "nitix.games", true }, { "nitrix.me", true }, - { "nitrohorse.com", true }, + { "nitrohorse.com", false }, { "nitrokey.com", true }, { "nitropanel.com", true }, { "nitropur.com", true }, { "nitropur.de", true }, { "nitrous-networks.com", true }, + { "nitschinger.at", true }, { "niu.moe", true }, - { "niva.synology.me", true }, { "nivi.ca", true }, { "nix.black", true }, - { "nixne.st", true }, { "nixonlibrary.gov", true }, + { "nixx-gel.cz", true }, { "niyawe.de", true }, { "nja.id.au", true }, { "njast.net", true }, @@ -24576,7 +24975,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "njpjanssen.nl", true }, { "nkapliev.org", true }, { "nkinka.de", true }, - { "nkp-media.de", true }, { "nl-ix.net", true }, { "nl.search.yahoo.com", false }, { "nlap.ca", false }, @@ -24588,8 +24986,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "nlrb.gov", true }, { "nlt.by", false }, { "nmd.so", true }, - { "nmgb.ga", true }, - { "nmgb.ml", true }, { "nmnd.de", true }, { "nmontag.com", true }, { "nn.cz", true }, @@ -24599,6 +24995,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "no-xice.com", true }, { "no.search.yahoo.com", false }, { "noagendahr.org", true }, + { "noahjacobson.com", true }, { "noahmodas.com.br", true }, { "noahsaso.com", true }, { "nobitakun.com", true }, @@ -24648,26 +25045,28 @@ static const nsSTSPreload kSTSPreloadList[] = { { "noisky.cn", true }, { "noisyfox.cn", true }, { "nojestorget.se", true }, - { "nojok.es", true }, { "nokia.la", true }, { "nokono.com", true }, { "nolaviz.org", true }, { "noleggio-bagni-chimici.it", true }, { "noma-film.com", true }, { "nomadproject.io", true }, + { "nomagic.software", true }, { "nomenclator.org", true }, { "nomesbiblicos.com", true }, { "nomial.co.uk", true }, { "nomifensine.com", true }, + { "nomoondev.azurewebsites.net", true }, { "nomsy.net", true }, + { "nonabytes.xyz", true }, { "noname-ev.de", true }, { "nonametheme.com", true }, { "noncombatant.org", true }, { "noob-box.net", true }, { "noobswhatelse.net", true }, { "noobunbox.net", true }, + { "noodlecrave.com", true }, { "noodles.net.nz", true }, - { "noodleyum.com", true }, { "noodplan.co.za", true }, { "noodweer.be", true }, { "noofficewalls.com", true }, @@ -24675,6 +25074,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "noop.ch", true }, { "noordsee.de", true }, { "noorsolidarity.com", true }, + { "noortronic.com", true }, { "nootronerd.com", true }, { "nootropic.com", true }, { "nootropicpedia.com", true }, @@ -24690,19 +25090,21 @@ static const nsSTSPreload kSTSPreloadList[] = { { "nordmoregatebilklubb.com", true }, { "nordnetz-hamburg.de", true }, { "nordseeblicke.de", true }, + { "nordwal.de", true }, { "nordwaldzendo.de", true }, { "noref.tk", true }, { "noreply.mx", true }, + { "noret.com", true }, { "norichanmama.com", true }, { "noriel.ro", true }, { "normaculta.com.br", true }, - { "normalady.com", true }, { "norman-preusser-gmbh.de", true }, { "normanbauer.com", true }, { "normandgascon.com", true }, { "normankranich.de", true }, { "norrkemi.se", true }, { "norrliden.de", true }, + { "norsewars.com", true }, { "norskpensjon.no", true }, { "northatlantalaw.net", true }, { "northbrisbaneapartments.com.au", true }, @@ -24714,7 +25116,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "northern-lakes.com", true }, { "northerngate.net", true }, { "northernhamsterclub.com", true }, - { "northernmuscle.ca", true }, + { "northernpage.com", true }, { "northernselfstorage.co.za", true }, { "northfieldyarn.com", true }, { "northokanaganbookkeeping.com", true }, @@ -24736,13 +25138,10 @@ static const nsSTSPreload kSTSPreloadList[] = { { "nostosh.eu.org", true }, { "nostraforma.com", false }, { "noswap.com", true }, - { "nosx.tk", true }, { "nosyu.pe.kr", true }, - { "nota-web.com", true }, { "nota.moe", true }, { "notabug.org", true }, { "notadd.com", true }, - { "notadd.store", true }, { "notallmine.net", true }, { "notalone.gov", true }, { "notar-glagowski.com", true }, @@ -24754,10 +25153,10 @@ static const nsSTSPreload kSTSPreloadList[] = { { "notepad.nz", true }, { "noteskeeper.ru", true }, { "noticiasdehumor.com", true }, - { "notificami.com", true }, { "notify.moe", true }, { "notinglife.com", true }, { "notjustvacs.com", true }, + { "notmybox.com", true }, { "notnize.net", true }, { "notnl.com", true }, { "notofilia.com", true }, @@ -24765,11 +25164,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "notoriousdev.com", true }, { "notrecourrier.net", true }, { "notsafefor.work", true }, - { "nottori.com", true }, { "nottres.com", true }, { "noudjalink.nl", true }, { "noustique.com", true }, { "nova-dess.ch", true }, + { "nova-kultura.org", true }, { "nova-wd.org.uk", true }, { "nova.live", true }, { "novabench.com", true }, @@ -24802,6 +25201,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "nowlas.org", true }, { "nowloading.co", true }, { "nowremindme.com", true }, + { "noxi.ga", true }, { "noxlogic.nl", true }, { "noyocenter.org", true }, { "np-edv.at", true }, @@ -24812,17 +25212,15 @@ static const nsSTSPreload kSTSPreloadList[] = { { "npw.net", true }, { "nqesh.com", true }, { "nqeshreviewer.com", true }, - { "nrc-gateway.gov", true }, { "nrd.li", true }, { "nrdstd.io", true }, { "nrev.ch", true }, { "nrkn.fr", true }, { "nrsweb.org", true }, - { "nrvn.cc", true }, + { "nrvn.cc", false }, { "ns-frontier.com", true }, { "ns2servers.pw", true }, { "nsa.lol", true }, - { "nsa.ovh", true }, { "nsa.wtf", true }, { "nsapwn.com", true }, { "nsboston.org", true }, @@ -24837,6 +25235,8 @@ static const nsSTSPreload kSTSPreloadList[] = { { "nsp.ua", true }, { "nst-maroc.com", true }, { "nstd.net", true }, + { "nstremsdoerfer.ovh", true }, + { "nstrust.co.uk", true }, { "nsworks.com", true }, { "ntags.org", true }, { "ntcoss.org.au", true }, @@ -24844,29 +25244,31 @@ static const nsSTSPreload kSTSPreloadList[] = { { "nth.sh", true }, { "nti.de", true }, { "ntotten.com", true }, - { "ntppool.org", true }, + { "ntppool.org", false }, { "ntwt.us", true }, { "ntx360grad-fallakte.de", true }, { "ntzwrk.org", true }, + { "nu-pogodi.net", true }, + { "nu3.com", true }, + { "nu3.dk", true }, + { "nu3.fi", true }, + { "nu3.no", true }, + { "nu3.se", true }, { "nu3tion.com", true }, { "nu3tion.cz", true }, { "nuacht.ie", true }, { "nuamooreaindonesia.com", true }, { "nubella.com.au", true }, - { "nubeslayer.com", true }, { "nubu.at", true }, - { "nuclear-crimes.com", true }, { "nuclearcat.com", true }, - { "nuclearcrimes.com", true }, - { "nuclearcrimes1.com", true }, { "nucleuscore.org", true }, - { "nudestpics.com", true }, { "nuel.cl", true }, { "nuevaimagenpublicidad.es", true }, { "nuffield.nl", true }, { "nugdev.co", true }, { "null-life.com", true }, { "nullday.de", true }, + { "nulle-part.org", true }, { "nullonerror.org", true }, { "nullpointer.io", true }, { "nullroute.com", true }, @@ -24883,7 +25285,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "numero1.ch", true }, { "numerologist.com", true }, { "numerossanos.com.ar", true }, - { "numis.tech", true }, + { "numis.tech", false }, { "numismed-seniorcare.de", true }, { "numm.fr", true }, { "numwave.nl", true }, @@ -24900,7 +25302,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "nurses.dating", true }, { "nursingschool.network", true }, { "nuryahan.com.br", true }, - { "nusku.biz", true }, { "nussadoclub.org", true }, { "nutikell.com", true }, { "nutleyeducationalfoundation.org", true }, @@ -24910,7 +25311,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "nutri-spec.me", true }, { "nutricaovegana.com", true }, { "nutriciametabolics-shop.de", true }, - { "nutrifyyourself.com", true }, { "nutripedia.gr", true }, { "nutrishop.com", true }, { "nutrivisa.com.br", true }, @@ -24923,7 +25323,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "nvq.nl", true }, { "nvr.bz", true }, { "nwbc.gov", true }, + { "nwerc.party", true }, { "nwgh.org", false }, + { "nwk1.com", true }, { "nwr-waffenbuch.de", true }, { "nwra.com", true }, { "nwuss.okinawa", true }, @@ -24931,12 +25333,16 @@ static const nsSTSPreload kSTSPreloadList[] = { { "nwwnetwork.net", true }, { "nxinfo.ch", true }, { "nya.as", true }, + { "nyadora.moe", true }, { "nyan.it", true }, { "nyan.stream", true }, { "nyanco.space", true }, + { "nyansparkle.com", true }, { "nyantec.com", true }, { "nybiz.nyc", true }, { "nycoyote.org", true }, + { "nydig.com", true }, + { "nydnxs.com", true }, { "nyffo.com", true }, { "nyhaoyuan.net", true }, { "nyiad.edu", true }, @@ -24944,18 +25350,16 @@ static const nsSTSPreload kSTSPreloadList[] = { { "nyip.edu", true }, { "nylevemusic.com", true }, { "nyloc.de", true }, - { "nylonfeetporn.com", true }, { "nymphetomania.net", true }, { "nynex.net", true }, { "nyoronfansubs.org", true }, { "nyphox.ovh", true }, { "nys-hk.com", false }, - { "nystudio107.com", true }, { "nytrafficticket.com", true }, - { "nyuusannkinn.com", true }, { "nyxi.eu", true }, { "nyyu.tk", true }, { "nzb.cat", false }, + { "nzbr.de", true }, { "nzdmo.govt.nz", true }, { "nzstudy.ac.nz", true }, { "nzws.me", true }, @@ -24978,8 +25382,10 @@ static const nsSTSPreload kSTSPreloadList[] = { { "oakslighting.co.uk", true }, { "oanalista.com.br", true }, { "oasisdabeleza.com.br", true }, + { "oatmealdome.me", true }, { "oauth-dropins.appspot.com", false }, { "obamalibrary.gov", true }, + { "obamawhitehouse.gov", true }, { "oberhofdrinks.com", true }, { "obermeiers.eu", true }, { "obfuscate.xyz", true }, @@ -24991,14 +25397,16 @@ static const nsSTSPreload kSTSPreloadList[] = { { "oblast45.ru", false }, { "oboeta.com", true }, { "obono.at", true }, + { "obs.group", true }, { "obscur.us", true }, + { "obsessharness.com", true }, { "obsidianirc.net", true }, { "obsproject.com", true }, { "obtima.org", true }, { "obud.cz", true }, { "obyvateleceska.cz", true }, { "oc-sa.ch", true }, - { "ocad.com.au", true }, + { "ocarupo.com", true }, { "occenterprises.org", true }, { "occentus.net", true }, { "occmon.net", true }, @@ -25008,6 +25416,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "oceandns.eu", true }, { "oceandns.net", true }, { "oceandns.nl", true }, + { "oceanlord.me", true }, { "oceanvisuals.com", true }, { "ocelot.help", true }, { "ocenovani-inspekce.cz", true }, @@ -25032,12 +25441,12 @@ static const nsSTSPreload kSTSPreloadList[] = { { "octohedralpvp.tk", true }, { "octohost.net", true }, { "octolopagon.games", true }, + { "octopus-agents.com", true }, { "octosniff.net", true }, { "octosys.net", true }, { "octosys.org", true }, { "octosys.ru", true }, { "octothorpe.club", true }, - { "octothorpe.ninja", true }, { "oculus.com", true }, { "oddmuse.org", true }, { "oddnumber.ca", true }, @@ -25063,12 +25472,14 @@ static const nsSTSPreload kSTSPreloadList[] = { { "oemspace.net", true }, { "oemspace.nl", true }, { "oemwolf.com", true }, + { "oenings.eu", true }, { "ofcampuslausanne.ch", true }, + { "ofda.gov", true }, { "offandonagain.org", true }, { "offbyinfinity.com", true }, { "offenekommune.de", true }, { "offenes-deutschland.de", true }, - { "offerstone.cl", true }, + { "offertegiuste.com", true }, { "offfbynight.be", true }, { "offgames.io", true }, { "office-discount.at", true }, @@ -25090,7 +25501,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "oftn.org", true }, { "oge.ch", true }, { "ogis.gov", true }, - { "oglen.ca", true }, { "ogocare.com", true }, { "oguya.ch", true }, { "ogyaa.jp", true }, @@ -25105,10 +25515,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "ohiohealthfortune100.com", true }, { "ohling.org", true }, { "ohne-name.de", true }, - { "ohreally.de", true }, + { "ohnonotme.com", true }, { "ohsohairy.co.uk", true }, { "ohyooo.com", true }, { "oiaio.cn", true }, + { "oilfieldinjury.attorney", true }, { "oilpaintingsonly.com", true }, { "oirealtor.com", true }, { "oisd.nl", true }, @@ -25117,7 +25528,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "ojanaho.com", true }, { "ojdip.net", true }, { "ojomovies.com", true }, - { "ojp.gov", true }, { "okakuro.org", true }, { "okanaganrailtrail.ca", true }, { "okay.cf", true }, @@ -25130,6 +25540,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "okib.ca", true }, { "okin-jp.net", true }, { "okinawa-mag.net", true }, + { "okmx.cloud", true }, { "okmx.de", true }, { "okna-tm.kz", true }, { "okonetwork.org.uk", true }, @@ -25143,23 +25554,27 @@ static const nsSTSPreload kSTSPreloadList[] = { { "olanderflorist.com", true }, { "olasouris.com", true }, { "olback.net", true }, + { "olbat.net", true }, { "olcayanar.com", true }, { "oldbrookinflatables.co.uk", true }, { "oldbrookmarqueehire.co.uk", true }, { "oldchaphome.nl", true }, { "oldenglishsheepdog.com.br", true }, + { "oldita.ru", true }, { "oldking.net", true }, { "oldnews.news", true }, { "oldoakflorist.com", true }, { "oldprop.com", true }, + { "oldroutetwo.com", true }, { "oldtimerreifen-moeller.de", true }, { "olegon.ru", true }, { "olegs.be", true }, { "oleksii.name", true }, { "oleodecopayba.com.br", true }, + { "oles-hundehaus.de", true }, { "olgiati.org", true }, - { "olgui.net", true }, { "olgun.eu", true }, + { "olifant.fr", true }, { "olightstore.com", true }, { "olightstore.ro", true }, { "oliode.tk", true }, @@ -25210,7 +25625,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "omgbouncycastlehire.co.uk", true }, { "omi-news.fr", true }, { "omifind.com", true }, - { "omise.co", true }, { "omitech.co.uk", true }, { "omlmetal.co.jp", true }, { "omniasig.ro", true }, @@ -25223,7 +25637,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "omnisky.dk", true }, { "omnitrack.org", true }, { "omniverse.ru", true }, - { "omorashi.org", true }, + { "omoide-hitokoto.com", true }, { "omori.ch", true }, { "omoteura.com", true }, { "omranic.com", true }, @@ -25253,6 +25667,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "onebigcow.com", true }, { "oneclic.ch", true }, { "oneclickonejob.com", true }, + { "onedegreehealth.com", true }, { "onedot.nl", true }, { "onedottwelve.co.jp", true }, { "onedottwelve.com", true }, @@ -25261,17 +25676,18 @@ static const nsSTSPreload kSTSPreloadList[] = { { "onee3.org", true }, { "onefour.ga", false }, { "oneheartbali.church", true }, + { "oneidentity.me", true }, { "oneiroi.co.uk", true }, { "onemid.net", true }, { "oneminute.io", false }, { "onemoonmedia.de", true }, - { "onemusou.com", true }, { "oneononeonone.de", true }, { "oneononeonone.tv", true }, { "onepointsafeband.ca", true }, { "onepointsafeband.com", true }, { "onepointzero.com", true }, { "oneprediction.com", true }, + { "onesnzeroes.com", true }, { "onesports.cz", true }, { "onestepfootcare.com", true }, { "onestopcastles.co.uk", true }, @@ -25312,9 +25728,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "online24.pt", true }, { "onlinebizdirect.com", false }, { "onlinecasino.vlaanderen", true }, - { "onlinecasinobluebook.com", true }, { "onlinecensorship.org", true }, { "onlinecollegeessay.com", true }, + { "onlinecorners.com", true }, { "onlinefashion.it", true }, { "onlineinfographic.com", true }, { "onlinekmc.com", true }, @@ -25323,7 +25739,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "onlinelighting.com.au", true }, { "onlinemarketingtraining.co.uk", true }, { "onlinepokerspelen.be", true }, - { "onlineporno.tv", true }, + { "onlineporno.xyz", true }, { "onlinerollout.de", true }, { "onlinestoreninjas.com", true }, { "onlineth.com", false }, @@ -25334,9 +25750,8 @@ static const nsSTSPreload kSTSPreloadList[] = { { "onlylebanon.net", true }, { "onmaps.de", true }, { "onmarketbookbuilds.com", true }, - { "onnee.ch", true }, + { "onnaguse.com", true }, { "onnext.cc", true }, - { "ono.es", true }, { "onoranze-funebri.biz", true }, { "onpay.io", true }, { "onpermit.net", true }, @@ -25368,6 +25783,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "oosoo.org", true }, { "ooyo.be", true }, { "op11.co.uk", false }, + { "opadaily.com", true }, { "opalesurfcasting.net", true }, { "oparl.org", true }, { "opcenter.de", true }, @@ -25378,6 +25794,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "open-desk.org", true }, { "open-domotics.info", true }, { "open-freax.fr", true }, + { "open-gaming.net", true }, { "open-infrastructure.net", true }, { "open-letters.de", true }, { "open-mesh.org", true }, @@ -25388,6 +25805,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "openacte.ch", true }, { "openas.org", true }, { "openbankproject.com", true }, + { "openbayes.com", true }, { "openbeecloud.com", true }, { "openblox.org", true }, { "openbsd.id", true }, @@ -25396,6 +25814,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "openclima.com", true }, { "opencluster.at", true }, { "opencrm.co.uk", true }, + { "opendata.cz", true }, { "opendataincubator.eu", true }, { "opendecide.com", true }, { "openfir.st", true }, @@ -25438,28 +25857,29 @@ static const nsSTSPreload kSTSPreloadList[] = { { "openwaveguide.de", true }, { "openwifi.gr", true }, { "openwireless.org", true }, - { "operad.fr", true }, { "operationforever.com", true }, { "opfin.com", true }, + { "ophis-phosphoros.com", true }, { "opiates.ca", true }, { "opin.me", true }, { "opioids.co.uk", true }, - { "opioids.com", true }, { "opioids.gov", true }, { "opium.io", true }, { "oplop.appspot.com", true }, { "opoleo.com", false }, { "oportho.com.br", true }, { "opp.ag", true }, - { "oppag.com.br", true }, { "oppaiti.me", true }, { "oppejoud.ee", true }, { "opportunis.me", true }, - { "opposer.me", true }, + { "opportunity.de", true }, + { "oppwa.com", true }, { "opq.pw", true }, + { "oprbox.com", true }, { "oprechtgezegd.nl", true }, { "oprueba.com", true }, { "opryshok.com", true }, + { "ops-com.com", true }, { "opsmate.com", false }, { "opsnotepad.com", true }, { "opti-net.at", true }, @@ -25467,9 +25887,18 @@ static const nsSTSPreload kSTSPreloadList[] = { { "optiekzien.nl", true }, { "optik-trosdorff.de", true }, { "optimalsetup.com", true }, + { "optimised.cloud", true }, + { "optimised.io", true }, + { "optimisedlabs.co.uk", true }, { "optimisedlabs.com", true }, + { "optimisedlabs.info", true }, + { "optimisedlabs.net", true }, + { "optimisedlabs.uk", true }, { "optimist.bg", true }, - { "optimize-jpg.com", true }, + { "optimizedlabs.co.uk", true }, + { "optimizedlabs.info", true }, + { "optimizedlabs.net", true }, + { "optimizedlabs.uk", true }, { "optimumwebdesigns.com", true }, { "optimus.io", true }, { "optimuscrime.net", true }, @@ -25478,6 +25907,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "optmos.at", true }, { "optometryscotland.org.uk", true }, { "optoutday.de", true }, + { "opure.ru", true }, { "opus-codium.fr", true }, { "oraculum.cz", true }, { "orang-utans.com", true }, @@ -25488,10 +25918,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "orangenbaum.at", true }, { "orangenuts.in", true }, { "oranges.tokyo", true }, - { "orangetravel.eu", true }, { "orangutan-appeal.org.uk", true }, { "orbu.net", true }, - { "orcahq.com", true }, + { "orca.pet", true }, { "orcamoney.com", true }, { "orchideenettoyage.com", true }, { "orchidlive.com", true }, @@ -25502,20 +25931,18 @@ static const nsSTSPreload kSTSPreloadList[] = { { "ordernow.at", true }, { "orderswift.com", true }, { "ordr.mobi", true }, + { "oreka.online", true }, { "oreshinya.xyz", true }, { "oreskylaw.com", true }, { "oreto.de", true }, { "orf-digitalsatkarte.at", false }, { "orf-kartentausch.at", false }, { "organica.co.za", true }, - { "organicae.com", true }, { "organisatieteam.nl", true }, - { "organisationsberatung-jacobi.de", true }, { "organix.ma", true }, { "orgasmium.com", true }, { "orgatech-gmbh.de", true }, { "orgsyn.in", true }, - { "orhideous.name", true }, { "orians.eu", true }, { "oribia.net", true }, { "orientalart.nl", true }, @@ -25525,11 +25952,13 @@ static const nsSTSPreload kSTSPreloadList[] = { { "originalniknihy.cz", true }, { "origincoffee.com", true }, { "origincoffee.nz", true }, + { "originpc.com", false }, { "orikadabra.nl", true }, { "orikum.org", true }, { "orimex-mebel.ru", true }, { "orion-universe.com", true }, { "orioncokolada.cz", true }, + { "orionfinancialservices.com", true }, { "oriongames.eu", true }, { "orkestar-krizevci.hr", true }, { "orkiv.com", true }, @@ -25546,7 +25975,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "orthotictransfers.com", true }, { "ortlepp.eu", true }, { "ortodonciaian.com", true }, - { "orui.com.br", true }, + { "orum.in", true }, { "orwell1984.today", true }, { "oryva.com", true }, { "orz.uno", true }, @@ -25555,8 +25984,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "os-t.de", true }, { "os24.cz", true }, { "osacrypt.studio", true }, - { "osaka-fukushi.jp", true }, - { "osaka-jusan.jp", true }, { "osaka-onakura.com", true }, { "osakeannit.fi", true }, { "osao.org", true }, @@ -25566,8 +25993,8 @@ static const nsSTSPreload kSTSPreloadList[] = { { "osburn.com", true }, { "oscamp.eu", true }, { "oscarvk.ch", true }, + { "oscloud.com", true }, { "osepideasthatwork.org", true }, - { "osereso.tn", true }, { "oses.mobi", true }, { "oshayr.com", true }, { "oshell.me", true }, @@ -25579,8 +26006,12 @@ static const nsSTSPreload kSTSPreloadList[] = { { "oslinux.net", true }, { "osm.is", true }, { "osmanlitorunu.com", true }, + { "osmestres.com", true }, { "osmosis.org", true }, { "osmre.gov", true }, + { "osnova.cz", true }, + { "osobliwydom.pl", true }, + { "ospf.sk", true }, { "ospree.me", true }, { "osquery.io", true }, { "ostan-collections.net", true }, @@ -25599,6 +26030,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "otakubox.de", true }, { "otakurepublic.com", true }, { "otakurumi.de", true }, + { "otakuyun.com", true }, { "otchecker.com", true }, { "otellio.com", true }, { "otellio.de", true }, @@ -25606,7 +26038,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "otherkinforum.com", true }, { "oticasaopaulo.com.br", true }, { "oticasvisao.net.br", true }, - { "otmns.net", true }, { "otorrino.pt", true }, { "otoy.com", true }, { "otoya.space", true }, @@ -25616,6 +26047,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "otsfreestyle.jp", true }, { "otsu.beer", true }, { "ottoproject.io", true }, + { "ottoversand.at", true }, { "otus-magnum.com", true }, { "otvaracie-hodiny.sk", true }, { "otya.me", true }, @@ -25624,12 +26056,15 @@ static const nsSTSPreload kSTSPreloadList[] = { { "ouestsolutions.com", true }, { "ouglor.com", true }, { "ouimoove.com", true }, + { "ouin.land", true }, { "oulunjujutsu.com", true }, { "ouowo.gq", true }, + { "our-box.net", true }, { "ourai.ws", true }, { "ourcloud.at", true }, + { "ourdocuments.gov", true }, { "ourevents.net", true }, - { "ourls.win", true }, + { "ourmaster.org", true }, { "ouruglyfood.com", true }, { "ourwedding.xyz", true }, { "ourworldindata.org", true }, @@ -25658,9 +26093,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "outlookonthedesktop.com", true }, { "outpostinfo.com", true }, { "outsideconnections.com", true }, + { "outsiders.paris", true }, { "ovelhaostra.com", true }, { "overalglas.nl", true }, { "overamsteluitgevers.nl", true }, + { "overclockers.ge", true }, { "overdrive-usedcars.be", true }, { "overkillshop.com", true }, { "overseamusic.de", true }, @@ -25669,6 +26106,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "overstap.deals", true }, { "overstappen.nl", true }, { "overstemmen.nl", true }, + { "overstockpromote.com", true }, { "overthecloud.it", true }, { "overthinkingit.com", true }, { "overtrolls.de", true }, @@ -25688,12 +26126,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "owl-square.com", true }, { "owl-stat.ch", true }, { "owl.net", true }, + { "owlandrabbitgallery.com", true }, { "owlishmedia.com", true }, { "own3d.ch", true }, { "ownc.at", true }, { "ownmay.com", true }, - { "owothisdiz.pw", true }, - { "oxanababy.com", true }, { "oxborrow.ca", true }, { "oxelie.com", true }, { "oxo.cloud", true }, @@ -25716,6 +26153,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "p-t.io", true }, { "p.ki", true }, { "p1984.nl", false }, + { "p1cn.com", true }, { "p1ratrulezzz.me", true }, { "p4chivtac.com", true }, { "p5r.uk", true }, @@ -25750,7 +26188,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "pace.car", true }, { "paceda.nl", true }, { "pacelink.de", true }, - { "pachaiyappas.org", true }, { "pacificpalisadeselectric.com", true }, { "pacificpalisadeselectrical.com", true }, { "pacificpalisadeselectrician.com", true }, @@ -25766,11 +26203,12 @@ static const nsSTSPreload kSTSPreloadList[] = { { "packer.io", true }, { "packetdigital.com", true }, { "packetlinux.com", true }, + { "packshot-creator.com", true }, + { "pact2017.nl", true }, { "pactf.com", true }, { "padam-group.com", true }, { "padberx-marketing-consultants.de", true }, { "paddy.rocks", true }, - { "padeoe.com", true }, { "padianda.com", true }, { "padovani.de", true }, { "padpilot.co", true }, @@ -25785,19 +26223,21 @@ static const nsSTSPreload kSTSPreloadList[] = { { "pagalworld.info", true }, { "pagalworld.la", true }, { "pagalworld.me", true }, + { "pagalworld.org", true }, { "page-builders.com", true }, { "pageantsnews.com", false }, { "pagedesignhub.com", true }, { "pagedesignpro.com", true }, { "pagedesignshop.com", true }, { "pagedesignweb.com", true }, + { "pagefulloflies.io", true }, { "pagewizz.com", true }, { "pagiamtzis.com", true }, { "pagina.com.mx", true }, { "pagure.io", true }, - { "pagure.org", true }, { "pahae.de", true }, { "pahealthbilling.com", true }, + { "pahlawanpulsa.com", true }, { "paichai.space", false }, { "paincareehr.com", true }, { "paindata.dk", true }, @@ -25808,12 +26248,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "paintcolorsbysue.com", true }, { "paintingindurban.co.za", true }, { "paipuman.jp", true }, - { "paizinhovirgula.com", true }, { "pajadam.me", true }, { "pajuvuo.fi", true }, - { "paketkreditsuzuki.com", true }, { "paketo.cz", true }, - { "paketwatch.de", true }, + { "paketo.sk", true }, + { "paketwatch.de", false }, { "pakho.xyz", true }, { "pakistani.dating", true }, { "pakitow.fr", true }, @@ -25824,10 +26263,8 @@ static const nsSTSPreload kSTSPreloadList[] = { { "palatin.at", true }, { "palava.tv", true }, { "palavatv.com", true }, - { "palawan.jp", false }, { "palazzo.link", true }, { "palazzo.work", true }, - { "paleolowcarb.de", true }, { "paleotraining.com", true }, { "palladium46.com", true }, { "pallas.in", true }, @@ -25882,8 +26319,8 @@ static const nsSTSPreload kSTSPreloadList[] = { { "panthur.com.au", false }, { "pantographe.info", true }, { "pantou.org", false }, + { "pants-off.xyz", true }, { "panzer72.ru", true }, - { "paolo565.org", true }, { "pap.la", false }, { "papa-webzeit.de", true }, { "papadopoulos.me", true }, @@ -25895,10 +26332,8 @@ static const nsSTSPreload kSTSPreloadList[] = { { "papelcraft.co.uk", true }, { "paper-driver.biz", true }, { "paper-republic.org", true }, - { "paperhaven.com.au", true }, + { "paper.sc", true }, { "paperhoney.by", true }, - { "papermasters.com", true }, - { "papersmart.net", true }, { "papertracker.net", true }, { "paperturn.com", true }, { "paperwallets.io", true }, @@ -25920,23 +26355,26 @@ static const nsSTSPreload kSTSPreloadList[] = { { "paradiselost.com", true }, { "paradoxdesigns.org", true }, { "paragonie.com", false }, + { "paragonremodeling.com", true }, { "paragreen.net", true }, + { "paranoidcrypto.com", true }, { "paranoidmode.com", true }, { "paranoidpenguin.net", true }, { "paranoxer.hu", true }, { "parasitologyclub.org", true }, { "paratlan.hu", true }, { "paratxt.org", true }, - { "parav.xyz", true }, { "parcelbroker.co.uk", true }, { "parchcraftaustralia.com", true }, { "parckwart.de", true }, { "parcon.it", true }, + { "parentelement.com", true }, { "parentheseardenne.be", true }, { "parentinterview.com", true }, { "parentsintouch.co.uk", true }, { "pariga.co.uk", true }, { "paris-store.com", true }, + { "parisbloom.com", true }, { "parisderriere.fr", true }, { "parisescortgirls.com", true }, { "parisfranceparking.com", true }, @@ -25945,6 +26383,8 @@ static const nsSTSPreload kSTSPreloadList[] = { { "parisfranceparking.nl", true }, { "parisprovincedemenagements.fr", true }, { "parkeren.in", true }, + { "parkfans.net", true }, + { "parkhost.eu", true }, { "parkinginparis.fr", true }, { "parkingpoint.co.uk", true }, { "parkrunstats.servehttp.com", true }, @@ -25959,6 +26399,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "parolu.io", true }, { "parquettista.milano.it", true }, { "parquettista.roma.it", true }, + { "parroquiasanrafaeldegramalote.com", true }, { "parry.org", true }, { "parsemail.org", true }, { "parser.nu", true }, @@ -25991,14 +26432,15 @@ static const nsSTSPreload kSTSPreloadList[] = { { "partyhireliverpool.co.uk", true }, { "partypearl.de", true }, { "partyrocksbounce.co.uk", true }, - { "partyschnaps.com", true }, { "partyspaces.co.uk", true }, { "partytime-uk.co.uk", true }, { "partytimeltd.ie", true }, { "partytownireland.co.uk", true }, { "partytownmarquees.co.uk", true }, { "partyvan.io", true }, + { "partyyy.io", true }, { "partyzone.ie", true }, + { "parvaneh.fr", true }, { "pasadenapooch.org", true }, { "pasadenasandwich.co", true }, { "pasadenasandwichcompany.com", true }, @@ -26017,7 +26459,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "pascualinmuebles.com", true }, { "pasearch.nl", true }, { "pashminacachemire.com", true }, - { "pasportaservo.org", true }, { "pass.org.my", true }, { "passabook.com", true }, { "passcod.name", true }, @@ -26025,8 +26466,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "passfilesafe.com", true }, { "passfoto-deinfoto.ch", true }, { "passieposse.nl", true }, + { "passionandbalance.com", true }, { "passionatefoodie.co.uk", true }, { "passionatehorsemanship.com", true }, + { "passionatelife.com.au", true }, + { "passionebenessere.com", true }, { "passionpictures.eu", true }, { "passions-art.com", true }, { "passphrase.today", true }, @@ -26054,7 +26498,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "passwordsecurity.info", true }, { "passworks.io", true }, { "passy.pw", true }, - { "pasta-factory.co.il", true }, { "pastaenprosecco.nl", true }, { "paste.fedoraproject.org", true }, { "paste.gg", true }, @@ -26069,12 +26512,13 @@ static const nsSTSPreload kSTSPreloadList[] = { { "pastormaremanoabruzes.com.br", true }, { "pastorsuico.com.br", true }, { "pasztor.at", true }, + { "patapwn.com", true }, { "patatbesteld.nl", true }, { "pataterosviajeros.com", true }, + { "patbatesremodeling.com", false }, { "patdorf.com", true }, { "patechmasters.com", true }, { "patentados.com", true }, - { "patentfamily.de", true }, { "paterno-gaming.com", true }, { "pathagoras.com", true }, { "pathwaystoresilience.org", true }, @@ -26104,12 +26548,13 @@ static const nsSTSPreload kSTSPreloadList[] = { { "paudley.com", true }, { "paudley.org", true }, { "paul-bronski.de", true }, - { "paul-schmidt.de", true }, { "paul.reviews", true }, { "pauladamsmith.com", true }, { "paulbakaus.com", true }, { "paulbdelaat.nl", true }, { "paulbramhall.uk", true }, + { "pauldev.co", true }, + { "paulerhof.com", true }, { "paulewen.ca", true }, { "paulinewesterman.nl", true }, { "paulmeier.com", false }, @@ -26123,17 +26568,17 @@ static const nsSTSPreload kSTSPreloadList[] = { { "paulschreiber.com", true }, { "paulscustomauto.com", true }, { "paulswartz.net", true }, - { "paultibbetts.uk", false }, { "paulus-foto.pl", true }, { "paulward.net", true }, { "paulwatabe.com", true }, { "paulwendelboe.com", true }, + { "pauly-stahlhandel.com", true }, + { "pauly-stahlhandel.de", true }, { "pauspam.net", true }, { "pautadiaria.com", true }, { "pavando.com", true }, { "pavelfojt.cz", true }, { "pavelrebrov.com", true }, - { "pavelstriz.cz", true }, { "pavio.org", true }, { "paw.cloud", true }, { "paw.pt", true }, @@ -26142,7 +26587,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "pawelurbanek.com", true }, { "pawsomebox.co.uk", true }, { "pawsr.us", true }, - { "pawsru.org", true }, { "paxerahealth.com", true }, { "pay.gov", true }, { "pay8522.com", true }, @@ -26151,7 +26595,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "payboy.rocks", true }, { "paybro.eu", true }, { "payfazz.com", true }, - { "paykings.com", true }, { "paylike.io", true }, { "payloc.io", true }, { "payme.uz", true }, @@ -26176,16 +26619,18 @@ static const nsSTSPreload kSTSPreloadList[] = { { "payupay.ru", true }, { "payzang.com", true }, { "payzwin.com", true }, + { "pb.ax", false }, { "pback.se", true }, { "pbosquet.com", true }, { "pbourhis.me", true }, + { "pbqs.site", true }, { "pbr.so", true }, { "pbraunschdash.com", true }, { "pbreen.co.uk", true }, { "pbrumby.com", true }, { "pbz.im", true }, { "pc-rescue.me", false }, - { "pc-tablet.com", true }, + { "pc-servis-brno.com", true }, { "pcbricole.fr", true }, { "pccentral.nl", true }, { "pcdocjim.com", true }, @@ -26211,13 +26656,14 @@ static const nsSTSPreload kSTSPreloadList[] = { { "pcsetting.com", true }, { "pctonic.net", true }, { "pctrouble.net", true }, + { "pculiar.com", true }, { "pdf-archive.com", true }, { "pdfconvert.me", true }, { "pdfmint.com", true }, { "pdfpassword.org", true }, { "pdfpasswort.de", true }, { "pdfresizer.com", true }, - { "pdomo.me", true }, + { "pdfsearches.com", true }, { "pdox.net", true }, { "pdragt.com", true }, { "pdthings.net", true }, @@ -26238,12 +26684,14 @@ static const nsSTSPreload kSTSPreloadList[] = { { "pebbles.net.in", true }, { "pecker-johnson.com", true }, { "peda.net", true }, + { "peddy.dyndns.org", true }, { "pedicurean.nl", true }, { "pedicureduiven.nl", true }, { "pedidamanosevilla.com", true }, { "pedikura-vitu.cz", true }, { "pedimoda.com.br", true }, { "pedro.com.es", true }, + { "pedrosaurus.com", true }, { "pedrosluiter.nl", true }, { "pedroventura.com", false }, { "peeekaaabooo.com", true }, @@ -26282,13 +26730,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "pegas-studio.net", true }, { "pehapkari.cz", true }, { "peifi.de", false }, - { "peinard.net", true }, { "peippo.at", true }, { "pekkapleppanen.fi", true }, { "pekoe.se", true }, { "pelanucto.cz", true }, { "pelican.ie", true }, - { "peliseries24.com", true }, { "pelletizermill.com", true }, { "pelletsprice.com", true }, { "pelopogrund.com", true }, @@ -26299,12 +26745,12 @@ static const nsSTSPreload kSTSPreloadList[] = { { "pencillab.cn", true }, { "pendriveapps.com", true }, { "penetrationstest.se", true }, - { "penfold.fr", true }, { "pengi.me", true }, { "penguindrum.moe", true }, { "penguinprotocols.com", true }, { "penispumpen.se", true }, { "pennergold.net", true }, + { "pennington.io", true }, { "pennyparkerpaper.com", true }, { "penrithapartments.com.au", true }, { "pens.com", true }, @@ -26325,10 +26771,12 @@ static const nsSTSPreload kSTSPreloadList[] = { { "penz.media", true }, { "peoplelikemeapp.com", true }, { "peoplesbankal.com", true }, + { "peoplesdecade.org", true }, { "peoplesguardian.org", true }, { "pepemodelismo.com.br", true }, { "peplog.nl", true }, { "pepwaterproofing.com", true }, + { "pequenosfavoritos.com.br", true }, { "pera.gs", true }, { "perala.me", true }, { "peraparker.cz", true }, @@ -26348,10 +26796,8 @@ static const nsSTSPreload kSTSPreloadList[] = { { "perfektesgewicht.de", true }, { "performancehealth.com", true }, { "performancesantafe.org", true }, - { "performaride.com.au", true }, { "perfumeaz.com", true }, { "perfumes.com.br", true }, - { "periodismoactual.com", true }, { "periscope.tv", true }, { "perishablepress.com", true }, { "perm-avia.ru", true }, @@ -26373,6 +26819,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "perroquet-passion.ch", true }, { "persephone.gr", true }, { "personal-genome.com", true }, + { "personal-injury-attorney.co", true }, { "personaltrainer-senti.de", true }, { "personcar.com.br", true }, { "perspectivum.com", true }, @@ -26388,9 +26835,10 @@ static const nsSTSPreload kSTSPreloadList[] = { { "pescco.com.br", true }, { "pestici.de", true }, { "pestkill.info", true }, + { "pesyun.cn", true }, { "pet-hotel-mura.net", true }, { "petabits.de", true }, - { "petangen.se", true }, + { "petalkr.com", true }, { "petcarvers.com", true }, { "petdesign.pet", true }, { "peteboc.com", true }, @@ -26398,16 +26846,15 @@ static const nsSTSPreload kSTSPreloadList[] = { { "petelew.is", true }, { "peter.org.ua", true }, { "peterandjoelle.co.uk", true }, + { "peterboers.info", true }, { "peterborgapps.com", true }, { "peterbruceharvey.com", true }, { "peterdavehello.org", true }, { "peterfiorella.com", true }, - { "peterfolta.net", true }, { "peterhuetz.at", true }, { "peterhuetz.com", true }, { "peterjohnson.io", true }, { "peterlew.is", true }, - { "petermazur.com", true }, { "peters.consulting", true }, { "petersontoscano.com", true }, { "petervanleeuwentweewielers.nl", true }, @@ -26423,9 +26870,8 @@ static const nsSTSPreload kSTSPreloadList[] = { { "petplus.com", true }, { "petpost.co.nz", false }, { "petpower.eu", true }, - { "petrachuk.ru", true }, { "petrasestakova.cz", true }, - { "petravdbos.nl", true }, + { "petresort.pt", true }, { "petroscand.eu", true }, { "petrostathis.com", true }, { "petrpikora.com", true }, @@ -26437,12 +26883,12 @@ static const nsSTSPreload kSTSPreloadList[] = { { "pew.ninja", true }, { "pex.digital", true }, { "peyote.com", true }, - { "peyote.org", true }, { "pf.dk", true }, { "pfa.or.jp", true }, { "pfadfinder-aurich.de", true }, { "pfadfinder-grossauheim.de", true }, { "pfarchimedes-pensioen123.nl", true }, + { "pfarre-kremsmuenster.at", true }, { "pfcafeen.dk", true }, { "pfd-nz.com", false }, { "pferdekauf.de", true }, @@ -26459,7 +26905,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "pfudor.tk", true }, { "pg-forum.de", true }, { "pg-mana.net", true }, + { "pglandscapingpaving.com", true }, { "pgmann.cf", true }, + { "pgnetwork.net", true }, { "pgp.guru", true }, { "pgp.network", true }, { "pgpmail.cc", true }, @@ -26471,6 +26919,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "pharma-display.com", true }, { "pharmaabsoluta.com.br", true }, { "pharmaboard.de", true }, + { "pharmaboard.org", true }, { "pharmacie-fr.org", true }, { "pharmacieplusfm.ch", true }, { "pharmafoto.ch", true }, @@ -26511,7 +26960,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "philippinedroneassociation.org", true }, { "philippkeschl.at", true }, { "phillipgoldfarb.com", true }, - { "phillipsuk.com", true }, { "phillyinjurylawyer.com", true }, { "philna.sh", true }, { "philosoftware.com.br", true }, @@ -26522,13 +26970,14 @@ static const nsSTSPreload kSTSPreloadList[] = { { "philsown.de", true }, { "philsturgeon.uk", true }, { "philux.ch", true }, - { "phippsreporting.com", true }, { "phishing-studie.org", true }, { "phishing.rs", true }, { "phishingusertraining.com", true }, { "phligence.com", true }, { "phocean.net", true }, + { "phoenixlogan.com", true }, { "phone-service-center.de", true }, + { "phonix-company.fr", true }, { "phormance.com", true }, { "phosagro.biz", false }, { "phosagro.com", false }, @@ -26544,6 +26993,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "photodeal.fr", true }, { "photographe-reims.com", true }, { "photographersdaydream.com", true }, + { "photography-workshops.net", true }, { "photolium.net", true }, { "photomodelcasting.com", true }, { "photon.sh", true }, @@ -26564,18 +27014,21 @@ static const nsSTSPreload kSTSPreloadList[] = { { "phpprime.com", true }, { "phpsecure.info", true }, { "phpunit.de", true }, + { "phr34kz.pw", true }, { "phra.gs", true }, { "phrive.space", true }, { "phryanjr.com", false }, { "phryneas.de", true }, { "phuket-idc.com", true }, { "phuket-idc.de", true }, + { "phumin.in.th", true }, { "phunehehe.net", true }, { "phurl.de", true }, { "phurl.io", true }, { "phus.lu", true }, { "physicalism.com", true }, { "physicalist.com", true }, + { "physicaltherapist.com", false }, { "physicpezeshki.com", true }, { "physiotherapie-seiwald.de", true }, { "physiovesenaz.ch", true }, @@ -26587,9 +27040,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "pianetaottica.com", true }, { "pianetaottica.it", true }, { "pianetatatuaggi.it", true }, + { "pianomover.co.uk", true }, { "pianyigou.com", true }, { "piatabrasil.com.br", true }, - { "piatanoua.md", true }, { "piboubes.me", true }, { "pic.gov", true }, { "pic.sr", true }, @@ -26619,8 +27072,8 @@ static const nsSTSPreload kSTSPreloadList[] = { { "picturingjordan.com", true }, { "pidginhost.com", true }, { "pidjipi.com", true }, + { "pie-express.xxx", true }, { "pieces-or.com", true }, - { "piedfeed.com", true }, { "pieinsurance.com", true }, { "piekacz.eu.org", true }, { "piekacz.net", true }, @@ -26644,13 +27097,14 @@ static const nsSTSPreload kSTSPreloadList[] = { { "pietermaene.be", false }, { "pietz.uk", true }, { "pigritia.de", true }, - { "piils.fr", true }, + { "pigs.pictures", true }, { "pijuice.com", true }, { "pik.bzh", true }, { "pikeitservices.com.au", true }, { "pikimusic.moe", true }, { "pilani.ch", true }, { "pilarguineagil.com", true }, + { "pilatescenteraz.com", true }, { "pildat.org", true }, { "pileofgarbage.net", true }, { "piliszek.net", true }, @@ -26671,7 +27125,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "pineapplesapp.com", true }, { "pinemountainnursery.com.au", true }, { "pinemountbaptistchurch.org", true }, - { "pinesandneedles.com", true }, { "pingworks.com", true }, { "pingworks.de", true }, { "pingworks.eu", true }, @@ -26688,13 +27141,12 @@ static const nsSTSPreload kSTSPreloadList[] = { { "pinklecfest.org", true }, { "pinklittlenotebook.com", true }, { "pinkwalk.co.nz", true }, - { "pinkyf.com", true }, { "pinnaclelife.co.nz", true }, { "pinnaclelife.nz", true }, { "pinnacles.com", true }, { "pinner.io", true }, { "pinoydailytvshow.net", true }, - { "pinoylinux.org", true }, + { "pinoyonlinetv.com", true }, { "pinoytech.ph", true }, { "pinpayments.com", true }, { "pinpointengineer.co.uk", true }, @@ -26708,7 +27160,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "pinterest.ie", true }, { "pinterest.info", true }, { "pinterest.jp", true }, - { "pintoselectrician.co.za", true }, + { "pintosplumbing.co.za", true }, { "pioneer-car.eu", true }, { "pioneer-rus.ru", true }, { "pipocao.com", true }, @@ -26720,6 +27172,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "pirateproxy.cam", true }, { "pirateproxy.cat", true }, { "pirateproxy.cc", true }, + { "pirateproxy.gdn", true }, { "pirateproxy.ist", true }, { "pirateproxy.la", true }, { "pirateproxy.one", true }, @@ -26749,12 +27202,14 @@ static const nsSTSPreload kSTSPreloadList[] = { { "pittmantraffic.co.uk", true }, { "pivotaltracker.com", true }, { "pivotanimation.org", true }, + { "piwko.co", true }, { "pix5.de", true }, { "pixabay.com", true }, + { "pixe2019.org", true }, { "pixel.facebook.com", false }, { "pixel.google.com", true }, { "pixelbash.de", true }, - { "pixelesque.uk", true }, + { "pixelcubed.com", true }, { "pixelfou.com", true }, { "pixelminers.net", true }, { "pixelpirat.ch", true }, @@ -26768,6 +27223,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "pixivimg.me", true }, { "pixloc.fr", true }, { "pizala.de", true }, + { "pizza-show.fr", true }, { "pizzabesteld.nl", true }, { "pizzabottle.com", false }, { "pizzacook.ch", true }, @@ -26776,6 +27232,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "pizzagigant.hu", true }, { "pizzahut.ru", true }, { "pizzalongaway.it", true }, + { "pizzamc.eu", true }, { "pizzeria-mehrhoog.de", true }, { "pizzeriaamadeus.hr", true }, { "pizzeriacolore.com", true }, @@ -26786,7 +27243,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "pj00600.com", true }, { "pj00700.com", true }, { "pj00800.com", true }, + { "pj009.com", true }, { "pj00900.com", true }, + { "pj02.com", true }, { "pj539999.com", true }, { "pjentertainments.co.uk", true }, { "pjili.com", true }, @@ -26798,10 +27257,10 @@ static const nsSTSPreload kSTSPreloadList[] = { { "pkbjateng.or.id", true }, { "pkgt.de", false }, { "pkirwan.com", true }, + { "pkisolutions.com", true }, { "pko.ch", true }, { "pkov.cz", true }, { "pkphotobooths.co.uk", true }, - { "pksps.com", true }, { "pl-cours.ch", true }, { "pl.search.yahoo.com", false }, { "placasonline.com.br", true }, @@ -26819,11 +27278,13 @@ static const nsSTSPreload kSTSPreloadList[] = { { "plainmark.com", true }, { "plaintech.net.au", true }, { "plaintray.com", true }, + { "plaisirdumouvement.com", true }, { "plan-immobilier.fr", true }, { "planboardapp.com", true }, { "planecon.nz", true }, { "planeexplanation.com", true }, { "planer.me", true }, + { "planespotterblog.de", true }, { "planet-laas.de", true }, { "planet-work.com", true }, { "planetanim.fr", true }, @@ -26837,8 +27298,8 @@ static const nsSTSPreload kSTSPreloadList[] = { { "planeteroliste.fr", true }, { "planetknauer.net", true }, { "planetofthegames.tv", true }, - { "planetromeo.com", true }, { "planetromeofoundation.org", true }, + { "planetsoftware.com.au", true }, { "planformation.com", true }, { "planify.io", true }, { "planitz.com", true }, @@ -26852,11 +27313,13 @@ static const nsSTSPreload kSTSPreloadList[] = { { "plant-gift.jp", true }, { "plantarum.com.br", true }, { "plantastique.ch", true }, + { "plantastique.com", true }, { "planteforum.no", true }, { "plantes.ch", true }, { "plantezcheznous.com", true }, { "plantrustler.com", true }, { "planujemywesele.pl", true }, + { "planup.fr", true }, { "plaque-funeraire.fr", true }, { "plassmann.ws", true }, { "plasti-pac.ch", true }, @@ -26879,24 +27342,25 @@ static const nsSTSPreload kSTSPreloadList[] = { { "playanka.com", true }, { "playawaycastles.co.uk", true }, { "playdaysparties.co.uk", true }, + { "playerdb.co", true }, { "playerscout.net", true }, { "playform.cloud", true }, { "playhappywheelsunblocked.com", true }, { "playkh.com", true }, { "playkinder.com", true }, + { "playnation.io", true }, { "playocean.net", true }, { "playpirates.com", true }, { "playreal.city", true }, { "playsharp.com", true }, { "playsnake.org", true }, - { "playsoundevents.be", true }, { "playtictactoe.org", true }, { "playtimebouncycastles.co.uk", true }, - { "playyou.be", true }, + { "playupnow.com", true }, { "playzonecastles.co.uk", true }, + { "plazasummerlin.com", true }, { "pld-entertainment.co.uk", true }, { "pldx.org", true }, - { "pleaseuseansnisupportedbrowser.ml", true }, { "plegro.com", true }, { "pleiades.com.tr", true }, { "pleier-it.de", false }, @@ -26912,8 +27376,10 @@ static const nsSTSPreload kSTSPreloadList[] = { { "plissee-experte.de", true }, { "plitu.de", true }, { "plixer.com", true }, + { "plny.eu", true }, { "plob.org", true }, { "plochka.bg", true }, + { "plokko.com", true }, { "plongee-phuket.fr", true }, { "ploofer.com", true }, { "plot.ly", true }, @@ -26933,21 +27399,23 @@ static const nsSTSPreload kSTSPreloadList[] = { { "plumbingbenoni.co.za", true }, { "plumbingcentral.com.au", true }, { "plumbingglenvista.co.za", true }, - { "plumbingman.com.au", true }, { "plumlocosoft.com", true }, { "plumnet.ch", true }, { "plumpie.net", false }, { "plumplat.com", true }, { "plur.com.au", true }, { "plural.cafe", true }, + { "plurr.me", true }, { "plus-5.com", true }, { "plus.google.com", false }, { "plus.sandbox.google.com", true }, - { "pluscbdoil.com", false }, + { "pluscbdoil.com", true }, { "plushev.com", true }, { "pluslink.co.jp", true }, { "plusstreamfeed.appspot.com", true }, + { "plustech.id", true }, { "pluta.net", true }, + { "plutiedev.com", true }, { "pluto.life", true }, { "plutokorea.com", true }, { "plutopia.ch", true }, @@ -26975,7 +27443,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "pmg-purchase.com", true }, { "pmg-purchase.net", true }, { "pmgnet.de", true }, + { "pmheart.site", true }, { "pmklaassen.com", true }, + { "pmnaish.co.uk", true }, { "pmoreau.org", true }, { "pmp-art.com", true }, { "pmponline.de", true }, @@ -27002,7 +27472,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "pochaneko.com", true }, { "pocitacezababku.cz", true }, { "pocketfruity.com", true }, - { "pocketfullofapps.com", true }, + { "pocketinsure.com", true }, { "podemos.info", true }, { "podia.com.gr", false }, { "podroof.com", true }, @@ -27016,7 +27486,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "poezja.com.pl", true }, { "poezjagala.pl", true }, { "poffenhouse.ddns.net", true }, - { "pogoswine.com", true }, + { "pogera.com", true }, { "pogrebisky.net", true }, { "pohlmann.io", true }, { "poinsot.info", true }, @@ -27030,6 +27500,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "poitiers-ttacc-86.eu.org", true }, { "pojer.me", true }, { "pokalsocial.de", true }, + { "pokazy-iluzji.pl", true }, { "pokefarm.com", true }, { "pokeinthe.io", true }, { "pokemondb.net", true }, @@ -27041,7 +27512,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "polanda.com", true }, { "polar.uk.com", true }, { "pole-emotion.ch", true }, - { "pole.net.nz", true }, { "poleacademie.com", true }, { "poles4pilots.com", true }, { "policedriver.com", true }, @@ -27063,6 +27533,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "polishwomen.com", true }, { "polit.im", true }, { "politic.org.ua", true }, + { "politicachubut.com.ar", true }, { "politiezoneriho.be", true }, { "politik-bei-uns.de", true }, { "polizeiwallis.ch", true }, @@ -27073,21 +27544,23 @@ static const nsSTSPreload kSTSPreloadList[] = { { "polletmera.com", true }, { "polleverywhere.com", true }, { "pollingplace.uk", true }, + { "polly.spdns.org", true }, { "poloniainfo.com", true }, { "poloniex.co.za", true }, + { "polska-robota.com.ua", true }, { "polskiemalzenstwo.org", true }, { "poly-fast.com", true }, { "polycraftual.co.uk", true }, { "polyfill.io", true }, - { "polyfluoroltd.com", true }, + { "polyfluoroltd.com", false }, { "polygamer.net", true }, { "polymake.org", true }, { "polymathematician.com", true }, { "polynomapp.com", true }, { "polypane.rocks", true }, { "polypet.com.sg", true }, + { "polyr.xyz", true }, { "polytarian.com", true }, - { "polytechecosystem.vc", true }, { "polytekniskforening.dk", true }, { "pomar.club", false }, { "pomardaserra.com", true }, @@ -27110,6 +27583,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "ponydesignclub.nl", true }, { "ponyfoo.com", true }, { "ponzi.life", true }, + { "poodlefan.net", true }, { "pookl.com", true }, { "poolspondsandwaterscapes.com", true }, { "poolvilla-margarita.net", false }, @@ -27120,7 +27594,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "pop3.jp", true }, { "popcat.ru", true }, { "popcornpalacefundraising.com", true }, - { "popcultureshack.com", true }, { "popeyes.com", true }, { "popinga.it", true }, { "popmagz.com", true }, @@ -27134,18 +27607,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "porg.es", true }, { "pork.org.uk", true }, { "porkel.de", true }, - { "porn77.info", true }, - { "pornbay.org", true }, - { "porncandi.com", true }, - { "pornfacefinder.com", true }, + { "pornfacefinder.com", false }, { "pornhubhd.biz", true }, { "porniwi.com", true }, { "pornloupe.com", true }, - { "porno-gif.ru", true }, - { "pornohub.su", true }, - { "pornolab-net.appspot.com", false }, { "pornomens.be", true }, - { "pornoserver.eu", true }, { "pornspider.to", true }, { "porpcr.com", true }, { "pors-sw.cz", true }, @@ -27156,11 +27622,12 @@ static const nsSTSPreload kSTSPreloadList[] = { { "port80.hamburg", true }, { "portablebuildingsales.co.uk", true }, { "portablespeakersfinder.com", true }, + { "portailevangelique.ca", true }, { "portal.tirol.gv.at", true }, { "portalcarriers.com", true }, { "portalcentric.net", true }, - { "portalhubnuti.cz", false }, { "portalkla.com.br", true }, + { "portalveneza.com.br", true }, { "portalzine.de", true }, { "portamiinpista.it", true }, { "porte.roma.it", true }, @@ -27168,6 +27635,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "porterranchelectrical.com", true }, { "portofacil.com", true }, { "portofala.pt", true }, + { "portofrotterdam.com", false }, { "portosonline.pl", true }, { "portraitsystem.biz", true }, { "portsdebalears.gob.es", true }, @@ -27175,11 +27643,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "portsmoutheic.com", true }, { "portugal-a-programar.pt", true }, { "portugalsko.net", true }, + { "portvincentcaravanpark.com.au", true }, { "porybox.com", true }, { "pos.co.tz", true }, { "posalji.me", true }, { "posaunenchor-senden.de", true }, - { "posbank.co.uk", true }, { "poseidonwaterproofing.com", true }, { "poshcastles.co.uk", true }, { "poshlashes.se", true }, @@ -27187,7 +27655,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "posijson.stream", true }, { "positionus.io", true }, { "positive.com.cy", true }, - { "positivesobrietyinstitute.com", true }, + { "positivenames.net", true }, { "posobota.cz", true }, { "posoiu.net", true }, { "post-darwinian.com", true }, @@ -27199,7 +27667,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "postblue.info", true }, { "postbox.life", true }, { "postcode.nl", true }, - { "postcodewise.co.uk", true }, { "postdarwinian.com", true }, { "postdarwinism.com", true }, { "postdeck.de", true }, @@ -27219,10 +27686,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "potature.rimini.it", true }, { "potature.roma.it", true }, { "potentialproject.com", false }, - { "potenzmittel-levitra.com", true }, - { "potenzmittel-webshop.com", true }, - { "potenzmittelblog.info", true }, - { "potenzpillen-kaufen.biz", true }, { "potenzprobleme-info.net", true }, { "pothe.com", true }, { "pothe.de", true }, @@ -27232,12 +27695,16 @@ static const nsSTSPreload kSTSPreloadList[] = { { "pottersheartministry.org", true }, { "pottshome.co.uk", true }, { "potworowski.de", true }, + { "potzwonen.nl", true }, { "poudlard.fr", true }, + { "poundwholesale.co.uk", true }, { "pour-la-culture-aulnay.fr", true }, { "pourlesenfants.info", true }, { "pouwels-oss.nl", true }, { "povareschka.ru", true }, { "povesham.tk", true }, + { "pow-s.com", true }, + { "pow.jp", true }, { "powelljones.co.uk", true }, { "power-coonies.de", true }, { "power-fit.org", true }, @@ -27252,10 +27719,12 @@ static const nsSTSPreload kSTSPreloadList[] = { { "powermatic7.com", true }, { "powermeter.at", true }, { "powermint.de", true }, + { "powerplaywashers.com", true }, { "powerpointschool.com", true }, { "powerserg.org", true }, { "powersergdatasystems.com", true }, { "powersergholdings.com", true }, + { "powersergthisisthewebsitefuckyouscott.com", true }, { "powersergusercontent.com", true }, { "powertothebuilder.com", true }, { "powerwellness-korecki.de", true }, @@ -27264,13 +27733,15 @@ static const nsSTSPreload kSTSPreloadList[] = { { "pozzitiv.ro", true }, { "pp3345.net", true }, { "ppcrestaurants.com", true }, - { "ppembed.com", true }, { "ppipe.net", true }, + { "pplsoft.nl", true }, { "pplsvc.com", true }, { "ppmathis.ch", true }, { "ppmathis.com", true }, { "ppmoon.com", true }, + { "ppoozl.com", true }, { "ppro.com", true }, + { "ppsvcs2.com", true }, { "pptavmdata.org", true }, { "ppy.la", true }, { "ppy.sh", true }, @@ -27297,6 +27768,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "praxino.de", true }, { "praxis-dingeldey.de", true }, { "praxis-familienglueck.de", true }, + { "praxis-odermath.de", true }, { "prayerrequest.com", true }, { "prazeresdavida.com.br", true }, { "prazynka.pl", true }, @@ -27313,6 +27785,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "pregono.com", true }, { "pregunteleakaren.gov", true }, { "preigu.de", true }, + { "preio.cn", true }, { "preis-alarm.info", true }, { "preis-alarm.org", true }, { "preloaded-hsts.badssl.com", true }, @@ -27326,7 +27799,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "prelved.nl", true }, { "prelved.pl", true }, { "prelved.se", true }, - { "premaritalsex.info", true }, { "prematureacceleration.club", true }, { "premierbouncycastles.co.uk", true }, { "premieresloges.ca", false }, @@ -27339,19 +27811,20 @@ static const nsSTSPreload kSTSPreloadList[] = { { "prenatalgeboortekaartjes.nl", true }, { "prepaid-cards.xyz", true }, { "prepaid-voip.nl", true }, - { "prepaidgirl.com", true }, { "prepaidkredietkaart.be", true }, { "prepare-job-hunting.com", true }, { "presbee.com", true }, { "prescotonline.co.uk", true }, - { "prescriptionrex.com", true }, { "present-m.com", true }, { "presentesdegrife.com.br", true }, { "president.bg", true }, { "prespanok.sk", true }, + { "pressakey.com", true }, + { "pressakey.de", true }, { "presscenter.jp", true }, { "pressertech.com", true }, { "presses.ch", true }, + { "presskr.com", true }, { "pressography.org", true }, { "pressrush.com", true }, { "pressup.it", true }, @@ -27373,18 +27846,16 @@ static const nsSTSPreload kSTSPreloadList[] = { { "pretzelx.com", true }, { "prevenir.ch", true }, { "preview-it-now.com", true }, - { "priceremoval.net", true }, { "pricesniffer.co", true }, { "prideindomination.com", true }, - { "pridetechdesign.com", true }, { "prielwurmjaeger.de", true }, { "primaconsulting.net", true }, { "primalbase.com", true }, { "primalinea.pro", true }, { "primates.com", true }, { "primewho.org", true }, - { "primordialsnooze.com", true }, { "primorus.lt", true }, + { "primotilesandbathrooms.co.uk", false }, { "princeagency.com", true }, { "princesparktouch.com", true }, { "princessefoulard.com", true }, @@ -27403,7 +27874,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "printerleasing.be", true }, { "printexpress.cloud", true }, { "printf.de", true }, - { "printler.com", true }, { "printmet.com", true }, { "printus.de", true }, { "prior-it.be", true }, @@ -27430,6 +27900,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "prioritynissannewportnewsparts.com", true }, { "prismacloud.com", true }, { "prismacloud.green", true }, + { "prismacloud.xyz", true }, { "pristal.eu", true }, { "pristinegreenlandscaping.com", true }, { "priv.im", true }, @@ -27437,6 +27908,8 @@ static const nsSTSPreload kSTSPreloadList[] = { { "privacy-week.at", true }, { "privacy.com", true }, { "privacybadger.org", true }, + { "privacychick.com", true }, + { "privacychick.io", true }, { "privacyforjournalists.org.au", true }, { "privacyinternational.org", true }, { "privacyscore.org", true }, @@ -27449,7 +27922,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "privatebanks.uk", true }, { "privatebin.info", true }, { "privatecapsecurity.org", true }, - { "privategiant.com", true }, { "privateideas.de", true }, { "privateimarketing.com", true }, { "privatepokertour.com", true }, @@ -27458,6 +27930,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "privatewolke.com", true }, { "privatfrei.de", true }, { "privatpatient-krankenhaus.de", true }, + { "privcloud.cc", true }, { "privea.fr", true }, { "privelust.nl", true }, { "priverify.com", true }, @@ -27476,11 +27949,13 @@ static const nsSTSPreload kSTSPreloadList[] = { { "pro-mile.pl", true }, { "pro-netz.de", false }, { "pro-wiert.pl", true }, + { "proadvanced.com", true }, { "proautorepairs.com.au", true }, { "probase.ph", true }, { "probely.com", true }, { "probiv.biz", true }, { "probiv.cc", true }, + { "procarservices.com", true }, { "procens.us", true }, { "procensus.com", true }, { "procert.ch", true }, @@ -27488,6 +27963,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "procharter.com", true }, { "procinorte.net", true }, { "proclib.org", true }, + { "procrastinatingengineer.co.uk", true }, { "procrastinationland.com", true }, { "procreditbank.com.al", true }, { "proctorio.com", true }, @@ -27496,6 +27972,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "prodietix.cz", true }, { "prodigia.com", false }, { "prodinger.com", true }, + { "prodottogiusto.com", true }, { "prodsim.ninja", true }, { "producepromotions.com", true }, { "producertools.io", true }, @@ -27539,35 +28016,38 @@ static const nsSTSPreload kSTSPreloadList[] = { { "progiscad.com", true }, { "programistka.com", true }, { "programlama.tk", true }, - { "programmaticmagic.com", true }, { "programsupport300procent.com", true }, { "progreso.pl", true }, { "progress-linux.org", true }, { "progress.photos", true }, { "progressive.work", true }, { "progressiveplanning.com", true }, + { "progressnet.nl", true }, { "prohrcloud.com", true }, { "proimpact.it", true }, - { "project-rune.tech", true }, - { "project-splash.com", true }, { "project.supply", true }, { "projectarmy.net", false }, { "projectblackbook.us", true }, + { "projectborealisgitlab.site", true }, { "projectcastle.tech", true }, { "projectforge.org", true }, + { "projectlinuseasttn.org", true }, { "projectnom.com", true }, { "projectsecretidentity.com", true }, { "projectsecretidentity.org", true }, { "projectunity.io", true }, { "projektarbeit-projektplanung.de", true }, - { "projektzentrisch.de", true }, { "projest.ch", true }, { "projet-fly.ch", true }, { "prok.pw", true }, + { "prolan.pw", true }, { "prolearningcentre.com", true }, { "prometheanfire.net", true }, { "prometheanfire.org", true }, { "promisesaplus.com", true }, + { "promo-brille.at", true }, + { "promo-brille.ch", true }, + { "promo-brille.de", true }, { "promo-computers.nl", true }, { "promo-matelas.com", true }, { "promods.net", true }, @@ -27575,11 +28055,13 @@ static const nsSTSPreload kSTSPreloadList[] = { { "promolover.com", true }, { "promopony.com", true }, { "promoscuola.net", true }, + { "promoteiq.com", true }, { "promoterms.com.au", true }, { "promotioncentre.co.uk", true }, { "promozione.info", true }, { "pronostic-king.fr", true }, { "pronto-intervento.net", true }, + { "prontointerventoimmediato.it", true }, { "prontossl.com", true }, { "proobec.cz", true }, { "proofwiki.org", true }, @@ -27592,6 +28074,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "properticons.com", true }, { "property-catalogue.eu", true }, { "propertygroup.pl", true }, + { "propertyinside.id", true }, { "propertyone.mk", true }, { "prophiler.de", true }, { "propipesystem.com", true }, @@ -27600,17 +28083,18 @@ static const nsSTSPreload kSTSPreloadList[] = { { "proprietairesmaisons.fr", true }, { "propseller.com", true }, { "proseandleprechauns.com", true }, + { "prosharp.com.au", true }, { "prospanek.cz", true }, { "prosperontheweb.com", true }, { "prospo.co", true }, { "prostohobby.ru", true }, - { "prostoporno.net", true }, { "prostoporno.sexy", true }, { "prostye-recepty.com", true }, { "prosurveillancegear.com", true }, { "prot.ch", true }, { "protectem.de", true }, { "protectoraanimalesalicante.org", true }, + { "protectr.de", true }, { "protege.moi", true }, { "protegetudescanso.com", true }, { "protein-riegel-test.de", true }, @@ -27632,15 +28116,16 @@ static const nsSTSPreload kSTSPreloadList[] = { { "provectus.de", true }, { "proveits.me", false }, { "provence-appartements.com", true }, + { "providencecmc.com", true }, { "providerlijst.com", true }, { "providerlijst.nl", true }, { "provision-isr.nl", true }, - { "provisionircd.tk", true }, { "provitec.com", true }, { "provitec.de", true }, { "provokator.co.il", true }, { "prowebcenter.com", true }, { "prowise.com", true }, + { "prowise.me", true }, { "proximityradio.fr", true }, { "proxybay.bz", true }, { "proxybay.co", true }, @@ -27683,9 +28168,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "psdsuc.com", true }, { "pself.net", true }, { "pseta.ru", true }, - { "pseudo.coffee", true }, { "psg.bg", true }, + { "pshostpk.com", true }, + { "psici.eu", true }, { "psicoexpansao.com.br", true }, + { "psicologajanainapresotto.com.br", true }, { "psicologasandrabernal.es", true }, { "psicologoforensemadrid.com", true }, { "psm.org.ph", true }, @@ -27696,6 +28183,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "pssgcsim.org", true }, { "pst.moe", true }, { "pste.pw", true }, + { "pstrozniak.com", true }, { "psu.je", true }, { "psw-consulting.de", true }, { "psw-group.de", true }, @@ -27710,25 +28198,31 @@ static const nsSTSPreload kSTSPreloadList[] = { { "psycho-lobby.com", true }, { "psycho.space", true }, { "psychoactive.com", true }, + { "psychologie-hofner.at", true }, { "psychotherapie-kp.de", true }, { "psydix.org", true }, { "psylab.cc", true }, { "psylab.re", true }, { "psylab.vip", true }, { "psytrance-pro.com", true }, + { "pt-d.ru", true }, { "pt-server.de", true }, { "ptal.eu", true }, { "ptbi.org.pl", true }, { "ptbx.co", true }, { "pterodactylus.cz", true }, + { "ptfiber.com", true }, + { "ptfiber.ru", true }, + { "ptfiber.spb.ru", true }, { "ptgoldensun.com", true }, { "pthsec.com", true }, { "ptm.ro", false }, { "ptmarquees.ie", true }, + { "ptrbrs.nl", true }, { "ptrl.ws", true }, { "ptron.org", true }, + { "pty.gg", true }, { "puac.de", true }, - { "pub-online.ro", true }, { "pubean.com", true }, { "pubi.me", true }, { "publanda.nl", true }, @@ -27744,12 +28238,13 @@ static const nsSTSPreload kSTSPreloadList[] = { { "publicrea.com", true }, { "publicsuffix.org", true }, { "publiq.space", true }, - { "publishingshack.com", true }, + { "pubmire.com", true }, { "pubreview.com.au", true }, { "pubreviews.com", true }, { "pucchi.net", true }, { "pucssa.org", true }, { "puddis.de", true }, + { "puggan.se", true }, { "pugovka72.ru", true }, { "puhka.me", true }, { "puissancemac.ch", true }, @@ -27773,7 +28268,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "pure-gmbh.com", true }, { "purecabo.com", true }, { "pureessentialoil.biz", true }, - { "pureholisticliving.me", true }, + { "purefkh.xyz", true }, { "pureitsolutionsllp.com", true }, { "purelunch.co.uk", true }, { "purevapeofficial.com", true }, @@ -27783,6 +28278,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "purplebricks.com", true }, { "purplebricks.com.au", true }, { "purplebricksplc.com", true }, + { "purplegrapegames.com", true }, { "purplemet.com", true }, { "purplemoon.ch", true }, { "purplemoon.mobi", true }, @@ -27799,12 +28295,14 @@ static const nsSTSPreload kSTSPreloadList[] = { { "pusatinkubatorbayi.com", true }, { "pushers.com.mx", true }, { "pushrax.com", true }, + { "pusichatka.ddns.net", true }, { "put.moe", true }, { "put.re", true }, { "putatara.net", true }, { "putman-it.nl", true }, { "putney.io", true }, { "putomani.rs", true }, + { "putrock.be", true }, { "puurwonengeldrop.nl", false }, { "puxlit.net", true }, { "puyallupnissanparts.com", true }, @@ -27820,10 +28318,13 @@ static const nsSTSPreload kSTSPreloadList[] = { { "pvpcraft.ca", true }, { "pvpctutorials.de", true }, { "pvtschlag.com", true }, + { "pwaresume.com", true }, { "pwdsafe.com", true }, { "pwe.vision", true }, + { "pwnedpass.tk", true }, { "pwnies.dk", true }, { "pwolk.com", true }, + { "pxl.cl", true }, { "pxx.io", true }, { "py-amf.org", true }, { "py.search.yahoo.com", false }, @@ -27836,12 +28337,15 @@ static const nsSTSPreload kSTSPreloadList[] = { { "pypi.io", true }, { "pypi.org", true }, { "pypi.python.org", true }, + { "pyramidsofchi.com", true }, + { "pyrios.pro", true }, { "pyrotechnologie.de", true }, { "pysays.net", true }, { "pyspace.org", true }, { "python-hyper.org", true }, { "python.org", false }, { "pyzlnar.com", true }, + { "pzpittsburgh.com", true }, { "pzsearch.nl", true }, { "q-inn.com", true }, { "q-inn.nl", true }, @@ -27856,8 +28360,8 @@ static const nsSTSPreload kSTSPreloadList[] = { { "qaconstrucciones.com", true }, { "qadmium.com", true }, { "qambarraza.com", true }, - { "qamrulhaque.com", true }, { "qapital.com", true }, + { "qaz.cloud", true }, { "qbeing.info", true }, { "qbiju.com.br", true }, { "qbus.pl", true }, @@ -27873,7 +28377,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "qcstudentcenter.com", true }, { "qcstyleacademy.com", true }, { "qctravelschool.com", true }, - { "qdon.space", true }, + { "qdon.space", false }, { "qedcon.org", false }, { "qelectrotech.org", true }, { "qetesh.de", true }, @@ -27883,10 +28387,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "qhse-professionals.nl", true }, { "qianalysis.com", true }, { "qianqiao.me", true }, + { "qiaohong.org", true }, { "qicomidadeverdade.com.br", true }, { "qifu.me", true }, - { "qifu.org.cn", true }, { "qiliang.wang", true }, + { "qingcao.org", true }, { "qingpat.com", true }, { "qingpei.me", true }, { "qionouu.cn", true }, @@ -27898,10 +28403,13 @@ static const nsSTSPreload kSTSPreloadList[] = { { "qiwi.be", true }, { "qixi.biz", true }, { "qkka.org", true }, + { "qkmortgage.com", true }, { "qldconservation.org.au", true }, { "qldformulaford.org", true }, + { "qledtech.com", false }, { "qlrace.com", false }, { "qm-marzahnnordwest.de", true }, + { "qnq.moe", true }, { "qochealth.com", true }, { "qoml.net", true }, { "qonto.eu", true }, @@ -27911,9 +28419,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "qq-navi.com", true }, { "qq52o.me", true }, { "qqrss.com", true }, - { "qqvips.com", true }, - { "qqvrsmart.cn", true }, { "qr-city.org", true }, + { "qr.cl", true }, + { "qrbird.com", true }, { "qrcontagion.com", true }, { "qrpth.eu", true }, { "qruiser.com", true }, @@ -27921,7 +28429,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "qtacairsoft.com", true }, { "qtl.me", true }, { "qtn.net", true }, - { "qto.com", true }, { "qto.net", true }, { "qtpass.org", true }, { "qtpower.co.uk", true }, @@ -27939,6 +28446,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "qualityhomesystems.com", true }, { "qualityofcourse.com", true }, { "qualitypropertycare.co.uk", true }, + { "qualpay.biz", true }, { "qualtrics.com", true }, { "quant-labs.de", true }, { "quantaloupe.tech", true }, @@ -27965,23 +28473,28 @@ static const nsSTSPreload kSTSPreloadList[] = { { "qubes-os.org", true }, { "qubyte.codes", true }, { "quchao.com", true }, + { "queene.eu", true }, { "queensrdapartments.com.au", true }, { "queer.party", true }, { "queercinema.ch", true }, { "queercoders.com", false }, + { "queextensiones.com", true }, { "quehacerencusco.com", true }, + { "quelle.at", true }, + { "quelle.ch", true }, + { "quelle.de", true }, { "quelleformation.net", true }, { "quemeloquitan.com", true }, { "queminventou.com.br", true }, { "quemmeliga.com", true }, { "quenotejodan.cl", true }, { "quentinchevre.ch", true }, + { "queo.com.co", true }, { "quera.ir", true }, { "querkommentar.de", true }, { "query-massage.com", true }, { "question.com", true }, { "questionable.host", true }, - { "questionyu.com", true }, { "questsocial.it", true }, { "quevisiongrafica.com", true }, { "quic.stream", true }, @@ -28001,22 +28514,23 @@ static const nsSTSPreload kSTSPreloadList[] = { { "quire.io", true }, { "quisido.com", true }, { "quitarlasmanchasde.com", true }, + { "quitimes.com", true }, { "quizogames.com", true }, + { "quizstore.net", true }, { "qul.link", true }, { "quli.nl", false }, { "qunzi.la", true }, { "quocdesign.ch", true }, + { "quoteidiot.com", true }, { "quotev.com", true }, { "quppa.net", true }, { "quuz.org", true }, { "qvggroup.com", true }, { "qvi.st", true }, { "qvitoo.com", true }, - { "qwallet.ca", true }, { "qwans.nl", true }, { "qwant.com", true }, { "qwant.fr", true }, - { "qwaser.fr", true }, { "qwdqwd.de", true }, { "qwe7002.com", true }, { "qweepi.de", false }, @@ -28028,20 +28542,24 @@ static const nsSTSPreload kSTSPreloadList[] = { { "qx.fi", true }, { "qx.se", true }, { "qxy.ch", true }, + { "r-ay.cn", true }, { "r-rwebdesign.com", true }, { "r-t-b.fr", true }, - { "r0t.co", true }, { "r0uzic.net", true }, { "r1ch.net", true }, { "r2d2pc.com", true }, { "r33.space", true }, + { "r3bl.blog", true }, + { "r3bl.me", true }, { "r3nt3r.com", true }, { "r3s1stanc3.me", true }, { "r40.us", true }, { "r6-team.ru", true }, + { "r7.com.au", true }, { "r7h.at", true }, { "r811.de", true }, { "ra-micro-koeln.de", true }, + { "ra-schaal.de", false }, { "ra.co.ke", true }, { "ra.vc", true }, { "ra4wvpn.com", true }, @@ -28052,6 +28570,8 @@ static const nsSTSPreload kSTSPreloadList[] = { { "rabotaescort.com", true }, { "rabynska.eu", true }, { "raccoltarifiuti.com", true }, + { "racdek.com", true }, + { "racdek.nl", true }, { "racermaster.xyz", true }, { "racesport.nl", false }, { "raceviewcycles.com", true }, @@ -28068,9 +28588,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "raclet.co.uk", true }, { "raconconsulting.co.uk", true }, { "racoo.net", true }, + { "racozo.com", true }, { "racunovodstvo-prina.si", true }, { "radar.sx", true }, { "radaravia.ru", true }, + { "radarnext.com", true }, { "radartatska.se", true }, { "radartek.com", true }, { "radcube.hu", true }, @@ -28091,7 +28613,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "radionicabg.com", true }, { "radiopolarniki.spb.ru", true }, { "radiormi.com", true }, - { "radiorsvp.com", true }, + { "radiosendungen.com", true }, { "radis-adopt.com", true }, { "radiumtree.com", true }, { "radondetectionandcontrol.com", true }, @@ -28104,6 +28626,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "rafaelmagalhaesweb.com", true }, { "rafey.xyz", true }, { "raffaellaosti.com", true }, + { "raft.pub", true }, { "rafting-japan.com", true }, { "ragasto.nl", true }, { "rage-overload.ch", true }, @@ -28111,14 +28634,23 @@ static const nsSTSPreload kSTSPreloadList[] = { { "rage4.com", true }, { "raghavdua.in", true }, { "rahulpnath.com", true }, - { "rai-co.net", true }, { "raidensnakesden.co.uk", true }, { "raidensnakesden.com", true }, { "raidensnakesden.net", true }, + { "raidstone.net", true }, { "raiffeisen-kosovo.com", true }, + { "rail-o-rama.nl", true }, + { "rail24.nl", true }, + { "rail360.nl", true }, + { "railbird.nl", true }, { "railgun.ac", true }, { "railjob.cn", true }, + { "railorama.nl", true }, + { "railpassie.nl", true }, { "railtoo.com", true }, + { "railvideo.co.uk", true }, + { "railvideo.net", true }, + { "railvideo.nl", true }, { "railwaytech.net", true }, { "railyardurgentcare.com", true }, { "raimixmotoparts.com.br", true }, @@ -28155,11 +28687,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "raltha.com", true }, { "ram-it.nl", true }, { "ram.nl", true }, - { "ramatola.uk", true }, { "rambii.de", true }, - { "ramblingrf.tech", true }, { "rambo.codes", true }, - { "ramezanloo.com", false }, + { "ramitmittal.com", true }, { "rammstein-portugal.com", true }, { "ramrecha.com", true }, { "ramsor-gaming.de", true }, @@ -28177,6 +28707,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "rangsmo.se", true }, { "rank-net.de", true }, { "ranking-deli.jp", true }, + { "ranktopay.com", true }, { "ranson.com.au", true }, { "rantanda.com", true }, { "rante.com", true }, @@ -28206,6 +28737,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "rascalscastles.co.uk", true }, { "rascalscastlesdoncaster.co.uk", true }, { "rasebo.ro", true }, + { "raspii.tech", true }, { "rastreie.net", true }, { "rasty.cz", true }, { "ratd.net", true }, @@ -28230,6 +28762,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "raviparekh.co.uk", true }, { "ravis.org", true }, { "rawdutch.nl", true }, + { "rawinfosec.com", true }, { "rawsec.net", true }, { "raxion.cf", true }, { "raxion.tk", true }, @@ -28250,6 +28783,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "razeen.me", true }, { "razeencheng.com", true }, { "raziskovalec-resnice.com", true }, + { "rbcservicehub-uat.azurewebsites.net", true }, { "rbensch.com", true }, { "rbflote.lv", true }, { "rbltracker.com", true }, @@ -28261,12 +28795,13 @@ static const nsSTSPreload kSTSPreloadList[] = { { "rc-offi.net", true }, { "rc-rp.com", true }, { "rc-shop.ch", true }, - { "rc7.ch", true }, { "rca.fr", true }, { "rcd.cz", true }, { "rcdocuments.com", true }, { "rchrdsn.uk", true }, + { "rcifsgapinsurance.co.uk", true }, { "rclsm.net", true }, + { "rcmlinx.com", true }, { "rcmurphy.com", true }, { "rcnitrotalk.com", true }, { "rcorporation.be", true }, @@ -28276,10 +28811,12 @@ static const nsSTSPreload kSTSPreloadList[] = { { "rct.sk", true }, { "rctalk.com", true }, { "rdfproject.it", true }, + { "rdjb2b.com", true }, { "rdl.at", false }, { "rdmrotterdam.nl", true }, { "rdmtaxservice.com", true }, { "rdns.cc", true }, + { "rdplumbingsolutions.com.au", true }, { "rdv-prefecture.com", true }, { "rdwh.tech", true }, { "re-curi.com", true }, @@ -28290,6 +28827,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "react-db.com", true }, { "reactivarte.es", true }, { "reactive-press.com", true }, + { "reactpwa.com", true }, { "read.sc", true }, { "reades.co.uk", true }, { "readheadcopywriting.com", true }, @@ -28298,8 +28836,8 @@ static const nsSTSPreload kSTSPreloadList[] = { { "readingrats.de", true }, { "readonly.de", true }, { "readouble.com", false }, - { "readtldr.com", true }, { "readysell.net", true }, + { "readytobattle.net", true }, { "readytongue.com", true }, { "readytowear.es", true }, { "reaganlibrary.gov", true }, @@ -28308,7 +28846,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "realcapoeira.ru", true }, { "realestateonehowell.com", true }, { "realestateradioshow.com", true }, - { "realfamilyincest.com", true }, { "realfreedom.city", true }, { "realgarant-shop.de", false }, { "realhorsegirls.net", true }, @@ -28322,10 +28859,10 @@ static const nsSTSPreload kSTSPreloadList[] = { { "really-simple-plugins.com", true }, { "really-simple-ssl.com", true }, { "really.ai", true }, + { "reallytrusted.com", true }, { "realme.govt.nz", true }, { "realmofespionage.xyz", true }, { "realoteam.ddns.net", true }, - { "realraghavgupta.com", true }, { "realum.com", true }, { "realum.de", true }, { "realum.eu", true }, @@ -28349,12 +28886,12 @@ static const nsSTSPreload kSTSPreloadList[] = { { "recantoshop.com", true }, { "recantoshop.com.br", true }, { "recapp.ch", true }, + { "recaptcha-demo.appspot.com", true }, { "receiliart.com", true }, { "receptionsbook.com", true }, { "recepty.eu", false }, + { "recetasdecocinaideal.com", true }, { "rechenknaecht.de", true }, - { "recht-freundlich.de", true }, - { "rechtenliteratuurleiden.nl", false }, { "rechtsanwaeltin-vollmer.de", true }, { "rechtsanwalt-koeppen-feucht.de", true }, { "rechtschreibpruefung24.de", true }, @@ -28416,7 +28953,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "redelectrical.co.uk", true }, { "redessantaluzia.com.br", true }, { "redfox-infosec.de", true }, - { "redgatesoftware.co.uk", true }, { "redgoose.ca", true }, { "redhandedsecurity.com.au", true }, { "redheeler.com.br", true }, @@ -28431,15 +28967,16 @@ static const nsSTSPreload kSTSPreloadList[] = { { "redletter.link", true }, { "redlinelap.com", true }, { "redlink.de", true }, + { "redmind.se", true }, { "redmore.me", true }, { "redneragenturen.org", true }, { "rednsx.org", true }, - { "redporno.cz", true }, { "redprice.by", true }, { "redshield.co", true }, { "redshiftlabs.com.au", true }, { "redshoeswalking.net", true }, { "redsicom.com", true }, + { "redsquirrelcampsite.co.uk", true }, { "redstoner.com", true }, { "redteam-pentesting.de", true }, { "redwaterhost.com", true }, @@ -28457,16 +28994,15 @@ static const nsSTSPreload kSTSPreloadList[] = { { "reevu.net", true }, { "reezer.org", true }, { "referdell.com", true }, - { "refficience.com", true }, { "refill-roboter.de", true }, + { "refinansiering.no", true }, { "reflectivity.io", true }, { "reflectores.net", true }, + { "refletindosaude.com.br", true }, { "reflexions.co", true }, { "reflexive-engineering.com", true }, { "reflexive.xyz", true }, { "refood-cascaiscpr.eu", true }, - { "reforesttheplanet.com", true }, - { "reformatreality.com", true }, { "refresh-media.nl", true }, { "refreshliving.us", true }, { "refuelcollective.com", true }, @@ -28493,7 +29029,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "regiovertrieb.de", false }, { "regis.tech", true }, { "regisearch.co.uk", true }, - { "register.gov.uk", true }, { "registerex.me", true }, { "registerforevent.co.uk", true }, { "registerra.nl", true }, @@ -28532,7 +29067,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "reinaertvandecruys.com", true }, { "reinaldudras.ee", true }, { "reinaldudrasfamily.ee", true }, - { "reineberthe.ch", true }, { "reinencaressa.be", true }, { "reinfer.io", true }, { "reinhard.codes", true }, @@ -28546,6 +29080,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "reisenbauer.ee", true }, { "reiseversicherung-werner-hahn.de", true }, { "reishunger.de", true }, + { "reisslittle.com", true }, { "rejahrehim.com", true }, { "rejects.email", true }, { "rejsehuskelisten.dk", true }, @@ -28553,6 +29088,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "rekisuta.com", true }, { "reklamjog.hu", true }, { "rekorsanat.com.tr", true }, + { "rekyou.com", false }, { "relates.link", true }, { "relax.hn", true }, { "relaxdom.net", true }, @@ -28563,22 +29099,30 @@ static const nsSTSPreload kSTSPreloadList[] = { { "releasetimes.io", true }, { "reliancebank.bank", true }, { "reliant3sixty.com", true }, - { "religiousforums.com", true }, { "relocatefeds.gov", false }, { "relojeriajoyeria.com", true }, + { "relojes-online.com", true }, + { "relojesseiko.es", true }, { "relvan.com", true }, { "rem0te.net", true }, + { "remaimodern.org", true }, { "remambo.jp", true }, { "remedi.tokyo", true }, + { "remedionaturales.com", true }, { "remedioparaherpes.com", true }, { "remedios-caserospara.com", true }, { "remedioscaserosparalacistitis.com", true }, + { "remedioskaseros.com", false }, { "remejeanne.com", true }, { "rememberthemilk.com", false }, { "remi-saurel.com", true }, + { "remilner.co.uk", true }, + { "remirampin.com", true }, { "remissan.com", true }, + { "remitatm.com", false }, { "remonti.info", true }, { "remote.so", true }, + { "remoteham.com", true }, { "remoteutilities.com", true }, { "removalcellulite.com", true }, { "removedrepo.com", true }, @@ -28592,6 +29136,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "rene-schwarz.com", true }, { "rene-stolp.de", true }, { "renearends.nl", true }, + { "reneclemens.nl", true }, + { "renedekoeijer.com", true }, + { "renedekoeijer.nl", true }, { "reneleu.ch", true }, { "renem.net", false }, { "renemayrhofer.com", true }, @@ -28604,7 +29151,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "renezuo.com", true }, { "renkenlaw.com", true }, { "renlen.nl", true }, - { "rennfire.org", true }, { "renov8sa.co.za", true }, { "renovum.es", true }, { "renrenche.com", false }, @@ -28613,6 +29159,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "rent-a-c.io", true }, { "rent-a-coder.de", true }, { "rentacaramerica.com", true }, + { "rentalmed.com.br", true }, { "rentasweb.gob.ar", true }, { "renthelper.us", true }, { "rentinsingapore.com.sg", true }, @@ -28623,7 +29170,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "repaik.com", true }, { "repair.by", true }, { "repaper.org", true }, - { "reparo.pe", true }, { "repaxan.com", true }, { "repkord.com", true }, { "replicaswiss.nl", true }, @@ -28637,19 +29183,18 @@ static const nsSTSPreload kSTSPreloadList[] = { { "reprogrammingpredators.com", true }, { "reprozip.org", true }, { "repsomelt.com", true }, - { "reptilauksjonen.no", true }, { "reptrax.com", true }, { "republic.gr", true }, { "republictelecom.net", true }, { "republique.org", true }, { "repugnant-conclusion.com", true }, { "repugnantconclusion.com", true }, - { "repustate.com", true }, + { "reputationweaver.com", true }, { "reqrut.net", true }, - { "request-trent.com", true }, { "requestr.co.uk", true }, { "res-kc.com", true }, { "resama.eu", true }, + { "resc.la", true }, { "rescms-secure.com", true }, { "research-panel.jp", true }, { "research.facebook.com", false }, @@ -28658,7 +29203,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "reseausyndic.ca", true }, { "reservar-un-hotel.com", true }, { "reservetonshift.com", true }, - { "reservoirtp.fr", true }, { "resfriatech.com.br", true }, { "residence-simoncelli.com", true }, { "residentiallocksmithsanantoniotx.com", true }, @@ -28668,6 +29212,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "resolvefa.com", true }, { "resolving.com", true }, { "resoplus.ch", true }, + { "resort-islands.net", true }, { "resortohshima.com", true }, { "resourceconnect.com", true }, { "resourceguruapp.com", true }, @@ -28695,6 +29240,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "restoruns.xyz", true }, { "restrealitaet.de", true }, { "restrito.org", true }, + { "resultsatretail.com", true }, { "resursedigitale.ro", true }, { "retefarmaciecostadamalfi.it", true }, { "retetenoi.net", true }, @@ -28705,7 +29251,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "reto.ch", true }, { "reto.com", true }, { "reto.io", true }, - { "retogroup.com", true }, { "retokromer.ch", true }, { "retractableawningssydney.com.au", true }, { "retro.rocks", true }, @@ -28715,6 +29260,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "retrocdn.net", true }, { "retrofitlab.com", true }, { "retroity.net", true }, + { "retronet.nl", true }, { "retroroundup.com", true }, { "retrotracks.net", true }, { "retrovideospiele.com", true }, @@ -28747,10 +29293,12 @@ static const nsSTSPreload kSTSPreloadList[] = { { "revisit.date", true }, { "revivalinhisword.com", true }, { "revivingtheredeemed.org", true }, + { "revlect.com", true }, { "revolt.tv", true }, { "revthefox.co.uk", true }, { "rewardingexcellence.com", true }, { "rewrite3.com", true }, + { "rewtherealtor.com", true }, { "rex.tc", true }, { "rexdf.net", true }, { "rexskz.info", true }, @@ -28766,7 +29314,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "rgavmf.ru", true }, { "rgbinnovation.com", true }, { "rgcomportement.fr", true }, - { "rgservers.com", true }, { "rhaegal.me", true }, { "rhd-instruments.com", true }, { "rhd-instruments.de", true }, @@ -28790,6 +29337,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "rhymix.org", true }, { "rhynl.io", true }, { "riajenaka.com", true }, + { "riaki.net", true }, { "rial.space", true }, { "ribs.com", true }, { "ricardo.nu", true }, @@ -28798,8 +29346,10 @@ static const nsSTSPreload kSTSPreloadList[] = { { "riccardopiccioni.it", true }, { "riccy.org", true }, { "riceadvice.info", true }, + { "richadams.me", true }, { "richardbloomfield.blog", true }, { "richardcrosby.co.uk", true }, + { "richardharpur.com", true }, { "richardhering.de", true }, { "richardhicks.us", true }, { "richardjgreen.net", true }, @@ -28813,11 +29363,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "richardwarrender.com", true }, { "richie.fi", true }, { "richie.link", true }, - { "richmtdriver.com", true }, { "richonrails.com", true }, { "ricketyspace.net", true }, { "ricki-z.com", true }, - { "ricknox.com", true }, { "rickrongen.nl", true }, { "rickscastles.co.uk", true }, { "rickvanderzwet.nl", true }, @@ -28827,10 +29375,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "rico.ovh", true }, { "ricobaldegger.ch", true }, { "ricochet.im", true }, + { "ricoydesign.com", true }, { "ricozienke.de", true }, - { "riddims.co", true }, { "ride-up.com", true }, { "rideyourdamn.bike", true }, + { "ridgelandchurch.org", true }, { "ridingboutique.de", true }, { "riederle.com", true }, { "riemer.ml", true }, @@ -28848,6 +29397,8 @@ static const nsSTSPreload kSTSPreloadList[] = { { "rightnetworks.com", true }, { "rightstuff.link", true }, { "righttobuy.gov.uk", true }, + { "rigolitch.fr", true }, + { "rigsalesaustralia.com", true }, { "rijk-catering.nl", false }, { "rijsinkunst.nl", true }, { "rik.onl", true }, @@ -28856,14 +29407,16 @@ static const nsSTSPreload kSTSPreloadList[] = { { "rileyevans.co.uk", true }, { "rimax.vn", true }, { "rimcountrymuseum.org", true }, + { "rimediogiusto.com", true }, { "rimeto.io", true }, { "rimo.site", true }, + { "rimorrecherche.nl", true }, { "ring.com", true }, { "ringingliberty.com", true }, { "ringjewellery.co.uk", true }, { "rinvex.com", true }, { "rio-weimar.de", true }, - { "rioshop.com.br", true }, + { "rioxmarketing.com", true }, { "rip-sport.cz", true }, { "ripaton.fr", true }, { "ripmixmake.org", true }, @@ -28877,16 +29430,15 @@ static const nsSTSPreload kSTSPreloadList[] = { { "rise-technologies.com", true }, { "riseup.net", true }, { "rishikeshyoga.in", true }, - { "risi-china.com", true }, { "risiinfo.com", true }, { "riskmitigation.ch", true }, { "risparmiare.info", true }, - { "rissato.com.br", true }, { "ristioja.ee", true }, { "ristoarea.it", true }, { "ristorantefattoamano.it", true }, { "ristoviitanen.fi", true }, { "ristrutturazioneappartamento.roma.it", true }, + { "rit.space", true }, { "rittau.biz", true }, { "rittau.org", true }, { "ritzlux.com.tw", true }, @@ -28901,6 +29453,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "riverviewcourtapts.com", true }, { "riverweb.gr", true }, { "rivierasaints.ch", true }, + { "rivoflor.it", true }, { "rivus.net", true }, { "rivy.org", true }, { "rix.ninja", true }, @@ -28912,7 +29465,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "rj-onderneemt.nl", true }, { "rkfp.cz", true }, { "rkkhok.hu", true }, - { "rkmedia.no", true }, + { "rkmns.edu.in", true }, { "rlalique.com", true }, { "rld.org", true }, { "rlds.ch", true }, @@ -28923,15 +29476,14 @@ static const nsSTSPreload kSTSPreloadList[] = { { "rm-it.de", true }, { "rmb.li", true }, { "rmcbs.de", true }, + { "rmeuropean.com", true }, { "rmf.io", true }, { "rmit.me", true }, - { "rmk.si", true }, { "rmm-i.com", true }, { "rmmanfredi.com", true }, { "rmpsolution.de", true }, { "rmrig.org", true }, { "rms.sexy", true }, - { "rmsides.com", true }, { "rmstudio.tw", true }, { "rmsupply.nl", true }, { "rn29.me", true }, @@ -28951,17 +29503,16 @@ static const nsSTSPreload kSTSPreloadList[] = { { "robandjanine.com", true }, { "robbertt.com", false }, { "robdavidson.network", true }, - { "robert-flynn.de", true }, { "robertattfield.com", true }, { "robertayamashita.com", true }, { "robertayamashita.com.br", true }, { "robertbln.com", true }, { "robertg.me", true }, + { "robertglastra.com", true }, { "roberthurlbut.com", true }, { "robertkrueger.de", true }, { "robertlysik.com", true }, { "robertnemec.com", true }, - { "robertocasares.no-ip.biz", true }, { "robertoentringer.com", true }, { "robertof.ovh", true }, { "robertopazeller.ch", true }, @@ -28980,6 +29531,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "robinlinden.eu", true }, { "robinsonstrategy.com", true }, { "robinsonyu.com", true }, + { "robinwill.de", true }, { "robinwinslow.uk", true }, { "robjager-fotografie.nl", true }, { "robocop.no", true }, @@ -28987,6 +29539,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "robohash.org", true }, { "robokits.co.in", true }, { "robot.car", true }, + { "robot.works", true }, { "robotattack.org", true }, { "roboth.am", true }, { "robotham.org", true }, @@ -29036,7 +29589,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "rody-design.com", true }, { "rodzina-kupiec.eu.org", true }, { "roeckx.be", true }, - { "roeitijd.nl", true }, + { "roeitijd.nl", false }, { "roelbazuin.com", true }, { "roeldevries.me", true }, { "roeleveld.nl", true }, @@ -29059,14 +29612,13 @@ static const nsSTSPreload kSTSPreloadList[] = { { "rogoff.xyz", true }, { "rogue-e.xyz", true }, { "roguefinancial.com", true }, - { "roguefortgame.com", true }, { "roguenation.space", true }, { "roguenetworks.me", true }, { "roguesignal.net", true }, { "roguetechhub.org", true }, - { "rohanbassett.com", true }, { "rohedaten.de", true }, { "rohitagr.com", true }, + { "rohlik.cz", true }, { "rointe.online", true }, { "roiscroll.com", true }, { "roka9.de", true }, @@ -29075,8 +29627,8 @@ static const nsSTSPreload kSTSPreloadList[] = { { "roksolana.be", true }, { "rokudenashi.de", true }, { "roland.io", true }, - { "rolandreed.cn", true }, { "rolandszabo.com", true }, + { "roleplayhome.com", true }, { "roligprylar.se", true }, { "rollatorweb.nl", true }, { "rollercoasteritalia.it", true }, @@ -29097,6 +29649,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "romanticfirstdance.com", true }, { "romanticschemer.com", true }, { "romanticsexshopguatemala.com", true }, + { "romanticvillas.com.au", false }, { "romapa.com", true }, { "romar-bos.nl", true }, { "romarin.es", true }, @@ -29104,7 +29657,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "romatrip.it", true }, { "rome.dating", true }, { "rommelwood.de", true }, - { "roms.fun", true }, { "ronanrbr.com", true }, { "rondommen.nl", true }, { "rondouin.fr", true }, @@ -29114,7 +29666,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "ronniegane.kiwi", true }, { "ronnylindner.de", true }, { "ronomon.com", true }, + { "ronzertnert.xyz", true }, { "roodfruit.studio", true }, + { "roodhealth.co.uk", true }, { "roof.ai", false }, { "roofingomaha.com", true }, { "roofsandbasements.com", true }, @@ -29129,7 +29683,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "rooneytours.nl", true }, { "roopakv.com", true }, { "roosabels.nl", false }, - { "roosteroriginals.com", false }, { "roosterpgplus.nl", true }, { "root-space.eu", true }, { "root.bg", true }, @@ -29141,6 +29694,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "rootedlifemontessori.com", true }, { "rootkea.me", true }, { "rootlair.com", true }, + { "rootonline.de", true }, { "roots-example-project.com", true }, { "roots.io", true }, { "rootsandrain.com", true }, @@ -29174,8 +29728,8 @@ static const nsSTSPreload kSTSPreloadList[] = { { "rosset.me", true }, { "rosset.net", true }, { "rossfrancis.co.uk", true }, - { "rosslug.org.uk", true }, { "rossmacphee.com", true }, + { "rostclub.ro", true }, { "rostov-avia.ru", true }, { "rot47.net", true }, { "rotek.at", true }, @@ -29187,14 +29741,12 @@ static const nsSTSPreload kSTSPreloadList[] = { { "rotol.me", true }, { "rottweil-hilft.de", true }, { "rotunneling.net", true }, - { "rotzonline.com", true }, { "rougechocolat.fr", true }, { "roughcopy.com.au", true }, { "roughgrain.com", true }, { "roulinfo.ch", true }, { "roulons-autrement.com", true }, { "rounda.it", true }, - { "roundaboutweb.info", true }, { "roundcube.mayfirst.org", false }, { "roundrock-locksmith.com", true }, { "roussos.cc", true }, @@ -29212,6 +29764,19 @@ static const nsSTSPreload kSTSPreloadList[] = { { "roxiesbouncycastlehire.co.uk", true }, { "roxtri.cz", true }, { "royal-rangers.de", true }, + { "royal812.com", true }, + { "royal818.com", true }, + { "royal850.com", true }, + { "royal853.com", true }, + { "royal857.com", true }, + { "royal859.com", true }, + { "royal862.com", true }, + { "royal863.com", true }, + { "royal865.com", true }, + { "royal867.com", true }, + { "royal868.com", true }, + { "royal871.com", true }, + { "royal876.com", true }, { "royalacademy.org.uk", true }, { "royalasianescorts.co.uk", true }, { "royalbluewa3.cc", true }, @@ -29224,9 +29789,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "royalty-market.com", true }, { "royceandsteph.com", true }, { "roycewilliams.net", true }, - { "rozalynne-dawn.ga", true }, { "rozhodce.cz", true }, { "rpadovani.com", true }, + { "rpgcampaign.website", true }, { "rpgmaker.es", true }, { "rpherbig.com", true }, { "rphl.net", true }, @@ -29244,18 +29809,20 @@ static const nsSTSPreload kSTSPreloadList[] = { { "rro.rs", true }, { "rrudnik.com", true }, { "rrwolfe.com", true }, + { "rsanahuano.com", true }, { "rsap.ca", true }, { "rsauget.fr", true }, + { "rsblake.net", true }, { "rsgcard.com", true }, { "rsingermd.com", true }, { "rsl.gd", true }, { "rsldb.com", true }, { "rsm-intern.de", true }, { "rsm-liga.de", true }, + { "rsmith.io", true }, { "rsmmail.com", true }, { "rsp-blogs.de", true }, { "rss.sh", false }, - { "rsships.com", true }, { "rssr.se", true }, { "rsttraining.co.uk", true }, { "rsync.eu", false }, @@ -29264,6 +29831,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "rtate.se", true }, { "rtcx.net", true }, { "rtd.uk.com", true }, + { "rte.eu", true }, { "rte2fm.ie", true }, { "rteaertel.ie", true }, { "rtechservices.io", true }, @@ -29278,9 +29846,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "rtrappman.com", true }, { "rtrinflatables.co.uk", true }, { "rtsr.ch", true }, + { "rttvvip.com", true }, { "rtwcourse.com", true }, { "rtzoeller.com", true }, - { "ru-music.com", true }, { "ru-sprachstudio.ch", true }, { "ru.search.yahoo.com", false }, { "ruaneattorneys.com", true }, @@ -29289,9 +29857,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "rubberlegscastles.co.uk", true }, { "rubbermaidoutlet.com", true }, { "rubbleremovalsbenoni.co.za", true }, + { "ruben.am", false }, { "rubenbarbero.com", true }, { "rubenkruisselbrink.nl", true }, - { "rubens.cloud", true }, { "rublacklist.net", true }, { "ruby-auf-schienen.de", true }, { "rubyist.today", true }, @@ -29314,9 +29882,10 @@ static const nsSTSPreload kSTSPreloadList[] = { { "rudolphmarketing.com", true }, { "rudrastyh.com", true }, { "ruediger-voigt.eu", true }, - { "ruedigervoigt.de", true }, { "ruedirrenggli.ch", true }, - { "rueduparticulier.tk", true }, + { "rueduparticulier.tk", false }, + { "rueegger.me", true }, + { "rueg.eu", true }, { "ruerte.net", true }, { "rufabula-com.appspot.com", true }, { "ruffbeatz.com", true }, @@ -29331,11 +29900,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "ruin.one", true }, { "ruiruigeblog.com", true }, { "ruk.ca", true }, - { "rullzer.com", true }, { "rulu.co", true }, { "rulu.tv", true }, { "rulutv.com", true }, - { "rumlager.de", true }, { "rummage4property.co.uk", true }, { "rumplesinflatables.co.uk", true }, { "rumtaste.com", true }, @@ -29344,25 +29911,29 @@ static const nsSTSPreload kSTSPreloadList[] = { { "runagain.ch", true }, { "runebet.com", true }, { "runefake.com", true }, + { "runementors.com", false }, { "runklesecurity.com", true }, { "runnergrapher.com", true }, { "runreport.fr", true }, { "runschrauger.com", true }, { "runvs.io", true }, + { "ruobiyi.com", true }, { "ruobr.ru", true }, { "ruquay.com", true }, + { "ruralink.com.ar", true }, { "ruralsuppliesdirect.co.uk", true }, { "ruri.io", false }, { "rusempire.ru", true }, - { "rushball.net", true }, { "rushiiworks.com", true }, { "rushpoppershop.co.uk", true }, + { "rushter.com", true }, { "rushyo.com", true }, { "rusi-ns.ca", true }, { "ruska-modra.cz", true }, { "ruskamodra.cz", true }, { "ruskod.net", true }, { "rusl.net", true }, + { "rusmolotok.ru", true }, { "russellupevents.co.uk", true }, { "russia.dating", true }, { "russianorthodoxchurch.co.uk", true }, @@ -29378,13 +29949,13 @@ static const nsSTSPreload kSTSPreloadList[] = { { "rutiger.com", true }, { "ruudkoot.nl", true }, { "ruwhof.net", true }, + { "ruya.com", true }, { "ruyatabirleri.com", true }, { "rv-jpshop.com", true }, { "rva-asbestgroep.nl", true }, { "rvender.cz", true }, + { "rvfu98.com", true }, { "rvnoel.net", true }, - { "rvoigt.eu", true }, - { "rvolve.net", true }, { "rvsa2bevestigingen.nl", true }, { "rvsa4bevestigingen.nl", true }, { "rvsbevestigingen.nl", true }, @@ -29400,6 +29971,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "rxgroup.io", true }, { "rxight.com", true }, { "ryan-design.com", true }, + { "ryan-gehring.com", true }, { "ryan-goldstein.com", true }, { "ryanbritton.com", true }, { "ryancarter.co.uk", true }, @@ -29414,12 +29986,14 @@ static const nsSTSPreload kSTSPreloadList[] = { { "ryois.me", true }, { "ryu22e.org", true }, { "ryuu.es", true }, + { "ryzex.de", true }, { "ryzhov.me", true }, { "rzentarzewski.net", true }, { "s-a.xyz", true }, { "s-c.se", true }, { "s-cubed.net", true }, { "s-huset.dk", true }, + { "s-ip-media.de", true }, { "s-mainte.com", true }, { "s-mdb.com", true }, { "s-n-unso.com", true }, @@ -29427,18 +30001,20 @@ static const nsSTSPreload kSTSPreloadList[] = { { "s-s-paint.com", true }, { "s007.co", true }, { "s10y.eu", true }, + { "s13d.fr", true }, { "s16e.no", true }, { "s2member.com", true }, - { "s3cases.com", true }, { "s3cur3.it", true }, { "s3gfault.com", true }, { "s3robertomarini.it", true }, { "s404.de", true }, { "s44.eu", true }, { "s4db.net", true }, + { "s4media.org", true }, { "s4tips.com", true }, { "s4ur0n.com", true }, { "s5118.com", true }, + { "s64.cz", true }, { "s8a.us", true }, { "s95.de", true }, { "sa-blog.net", true }, @@ -29450,9 +30026,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "saba-piserver.info", true }, { "sabahattin-gucukoglu.com", true }, { "sabe.cz", true }, + { "sabine-forschbach.de", true }, + { "sabineforschbach.de", true }, { "sabrinajoias.com.br", true }, { "sabrinajoiasprontaentrega.com.br", true }, - { "sac-shop.com", true }, + { "sabtunes.com", true }, { "sacaentradas.com", true }, { "saccani.net", true }, { "sachk.com", true }, @@ -29469,17 +30047,18 @@ static const nsSTSPreload kSTSPreloadList[] = { { "sadhawkict.org", true }, { "sadmansh.com", true }, { "sadou.kyoto.jp", true }, - { "sadsu.com", true }, { "saenforcement.agency", true }, { "saengsook.com", true }, { "saengsuk.com", true }, { "safar.sk", true }, { "safaritenten.nl", true }, { "safcstore.com", true }, + { "safe.moe", true }, { "safe.space", true }, { "safebaseflorida.com", true }, { "safebasements.com", true }, { "safebasementsnorthdakota.com", true }, + { "safebasementsofindiana.com", true }, { "safebuyerscheme.co.uk", true }, { "safecar.gov", false }, { "safeex.com", true }, @@ -29490,7 +30069,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "safematix.com", true }, { "safeme.ga", true }, { "safeocs.gov", true }, - { "safer-networking.org", true }, + { "safer-networking.org", false }, { "saferpost.com", true }, { "safescan.com", true }, { "safestore.io", true }, @@ -29504,6 +30083,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "sagedocumentmanager.com", true }, { "sagemontchurch.org", true }, { "sagerus.com", true }, + { "saggiocc.com", true }, { "sagracefarms.com", true }, { "sagsmarseille.com", true }, { "sahajbooks.com", true }, @@ -29523,17 +30103,20 @@ static const nsSTSPreload kSTSPreloadList[] = { { "saikouji.tokushima.jp", true }, { "sailingonward.com", true }, { "sailormoonevents.org", true }, + { "sailormoonlibrary.org", true }, { "saimoe.moe", true }, { "saimoe.org", true }, { "sainetworks.net", true }, + { "saint-bernard-gouesch.fr", true }, { "saintaardvarkthecarpeted.com", true }, { "saintanthonyscorner.com", true }, { "sainth.de", true }, + { "saintmichelqud.com", true }, { "saintsrobotics.com", true }, - { "saintw.com", true }, { "saipariwar.com", true }, { "saiputra.com", true }, { "saitrance.com", true }, + { "saitv.org", true }, { "saiyasu-search.com", true }, { "sajamstudija.info", true }, { "sajdowski.de", true }, @@ -29541,39 +30124,42 @@ static const nsSTSPreload kSTSPreloadList[] = { { "sakostacloud.de", true }, { "sakura-paris.org", true }, { "sakuraflores.com.br", true }, - { "sakuraplay.com", true }, { "salamon-it.de", false }, { "salde.net", true }, { "sale4ru.ru", true }, { "saleaks.org", true }, + { "saleduck.at", true }, + { "saleduck.ch", true }, { "saleduck.co.id", true }, { "saleduck.co.th", true }, { "saleduck.com.my", true }, { "saleduck.com.ph", true }, { "saleduck.com.sg", true }, { "saleduck.com.vn", true }, + { "saleduck.dk", true }, + { "saleduck.fi", true }, + { "saleduck.se", true }, + { "salemedia.pro", true }, { "salensmotors-usedcars.be", true }, { "salesflare.com", true }, { "salesmachine.io", true }, { "salexy.kz", true }, - { "salishseawhalewatching.ca", true }, { "salixcode.com", true }, { "salland1.nl", true }, { "salle-quali.fr", true }, { "sallydowns.name", true }, - { "salmo23.com.br", true }, { "salmododia.net", true }, { "salmonella.co.uk", true }, { "salmonrecovery.gov", true }, { "salmonvision.com.tw", true }, { "salmos91.com", true }, { "salmotierra-salvatierra.com", true }, - { "salon-claudia.ch", true }, { "salon-minipli.de", true }, { "salon.io", false }, { "salon1.ee", true }, + { "salonasymetria.com", true }, + { "salonasymetria.pl", true }, { "salonsantebienetre.ch", true }, - { "salrosadohimalaia.com", true }, { "salsa-straubing.de", true }, { "saltbythesea.com", true }, { "saltercane.com", false }, @@ -29583,6 +30169,8 @@ static const nsSTSPreload kSTSPreloadList[] = { { "salud.top", false }, { "saludsexualmasculina.org", true }, { "saludsis.mil.co", true }, + { "salutethefish.com", true }, + { "salutethegrains.com", true }, { "salutethepig.com", true }, { "salvagedfurnitureparlour.com", true }, { "sam-football.fr", true }, @@ -29608,10 +30196,14 @@ static const nsSTSPreload kSTSPreloadList[] = { { "samifar.in", true }, { "samip.fi", true }, { "samizdat.cz", true }, + { "samkelleher.com", true }, { "saml-gateway.org", true }, + { "samm.com.au", true }, { "sammenlignakasser.dk", true }, { "sammyservers.com", true }, + { "sammyservers.net", true }, { "samnya.cn", true }, + { "samrobertson.co.uk", true }, { "samsungmobile.it", true }, { "samsungphonegenerator.xyz", true }, { "samtalen.nl", true }, @@ -29622,30 +30214,28 @@ static const nsSTSPreload kSTSPreloadList[] = { { "samuirehabcenter.com", true }, { "samwilberforce.com", true }, { "samwrigley.co.uk", true }, + { "samwu.tw", true }, { "samyerkes.com", true }, + { "san-mian-ka.ml", true }, { "san.ac.th", true }, { "sana-store.com", true }, { "sana-store.cz", true }, { "sana-store.sk", true }, { "sanalbayrak.com", true }, - { "sanandreasstories.com", true }, { "sanantoniolocksmithinc.com", true }, { "sanasport.cz", true }, { "sanasport.sk", true }, { "sanatorii-sverdlovskoy-oblasti.ru", true }, { "sanatorionosti.com.ar", true }, { "sanchez.adv.br", true }, - { "sand-islets.de", true }, { "sandalj.com", true }, { "sandbagexpress.com", true }, { "sandbox.mydigipass.com", false }, { "sandburner.net", true }, { "sanderdorigo.nl", true }, - { "sanderknape.com", true }, { "sanderkoenders.eu", true }, { "sanderkoenders.nl", true }, { "sandervankasteel.nl", false }, - { "sandhaufen.tk", true }, { "sandiegotown.com", true }, { "sandmanintel.com", true }, { "sandmarc.cz", true }, @@ -29658,7 +30248,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "sandrolittke.de", true }, { "sandtears.com", true }, { "sandtonescorts.com", true }, - { "sandtonplumber24-7.co.za", true }, { "sandtonvipcompanions.com", true }, { "sandyrobsonhypnotherapy.co.uk", true }, { "sanepsychologen.nl", true }, @@ -29667,19 +30256,22 @@ static const nsSTSPreload kSTSPreloadList[] = { { "sangwon.io", true }, { "sanilodge.com", true }, { "sanipousse.com", true }, + { "sanissimo.com.mx", false }, { "sanitairwinkel.be", true }, { "sanitairwinkel.com", true }, { "sanitairwinkel.nl", true }, { "sanitrak.cz", true }, { "sanmuding.com", true }, + { "sannesfotklinikk.no", true }, { "sanpham-balea.org", true }, { "sanskritiyoga.com", true }, { "sansonehowell.com", true }, { "santafemacas.com.br", true }, + { "santamonicapost123.org", true }, + { "santanderideas.com", true }, { "santenatureetcie.com", true }, { "santensautomatics.be", true }, { "santevie.ch", true }, - { "santing.net", true }, { "santojuken.co.jp", true }, { "santoshpandit.com", true }, { "sanvitolocapobus.com", true }, @@ -29699,27 +30291,25 @@ static const nsSTSPreload kSTSPreloadList[] = { { "saposute-s.jp", true }, { "sapphireblue.me", true }, { "sapphirepearl.com.sg", true }, - { "sapporobeer.com", true }, { "sapprendre.ch", true }, { "saprima.de", true }, - { "saq.com", true }, { "sarahbeckettharpist.com", true }, { "sarahlicity.co.uk", true }, { "sarahlicity.me.uk", true }, { "sarahplusdrei.de", true }, { "sarahvictor.co.uk", true }, { "sarahwikeley.co.uk", true }, + { "saraleebread.com", false }, { "sarariman.com", true }, { "sarasturdivant.com", true }, { "sardegnatirocini.it", true }, { "sarink.eu", true }, - { "sarkarikhoj.com", true }, - { "saro.me", true }, { "saronno5stelle.it", true }, { "sarpsb.org", true }, { "sarumtechnologies.com", true }, { "sas-snowboarding.sk", true }, { "sasanika.org", true }, + { "sash.pw", true }, { "sashaokun.com", true }, { "sashascollections.com", true }, { "sasioglu.co.uk", true }, @@ -29737,7 +30327,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "satmd.de", true }, { "satoshinumbers.com", true }, { "sattamatkachart.in", true }, - { "sattamatkadpboss.mobi", true }, { "sattamatkamobi.mobi", true }, { "saturn.pl", true }, { "satyanarayana.xyz", true }, @@ -29745,6 +30334,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "saudeealimentos.com", true }, { "saudeintimadamulher.com.br", true }, { "saudenoclique.com.br", true }, + { "sauenytt.no", true }, { "sauer-systems.net", true }, { "sauerbrey.eu", true }, { "sauerland-schnittgruen.de", true }, @@ -29765,7 +30355,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "savecrypto.org", true }, { "savenet.org", true }, { "saveora.com", true }, - { "saveora.shop", true }, { "savetheinternet.eu", true }, { "saveya.com", true }, { "savic.com", true }, @@ -29799,11 +30388,13 @@ static const nsSTSPreload kSTSPreloadList[] = { { "sbf888.com", true }, { "sbiewald.de", true }, { "sbir.gov", true }, + { "sbirecruitment.co.in", true }, { "sbit.com.br", true }, { "sblum.de", true }, { "sbo-dresden.de", true }, { "sbr.red", true }, { "sbrouwer.org", true }, + { "sbrownbourne.com", true }, { "sbsavings.bank", true }, { "sbsbaits.com", true }, { "sbsnursery.co.uk", true }, @@ -29813,8 +30404,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "sc5.jp", true }, { "scaarus.com", true }, { "scaffalature.roma.it", true }, - { "scaffoldhireeastrand.co.za", true }, - { "scaffoldhiresandton.co.za", true }, { "scalacollege.nl", true }, { "scalaire.com", true }, { "scalaire.fr", true }, @@ -29823,6 +30412,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "scallywagsbouncycastles.co.uk", true }, { "scallywagskids.co.uk", true }, { "scamblockplus.org", true }, + { "scan.co.uk", true }, { "scandicom.fi", true }, { "scandinavia.dating", true }, { "scangeo.net", true }, @@ -29832,6 +30422,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "scatsbouncingcastles.ie", true }, { "scelec.com.au", true }, { "scenastu.pl", true }, + { "scene.mx", true }, { "scenester.tv", true }, { "scenicbyways.info", true }, { "scepticism.com", true }, @@ -29843,6 +30434,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "schatmeester.be", true }, { "schatzibaers.de", true }, { "schawe.me", true }, + { "schbebtv.fr", true }, { "scheduleme.io", true }, { "scheemadigital.com", true }, { "schefczyk.com", true }, @@ -29858,7 +30450,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "scherfke.de", true }, { "scheuchenstuel.at", true }, { "schier.info", true }, - { "schil.li", true }, { "schildbach.de", true }, { "schillers-friedberg.de", true }, { "schimmel-test.info", true }, @@ -29888,7 +30479,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "schnapke.name", true }, { "schneeketten-ratgeber.de", true }, { "schnegg.name", true }, - { "schneider-electric.tg", true }, { "schneids.me", true }, { "schnellno.de", true }, { "schnellsuche.de", true }, @@ -29901,7 +30491,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "schokokeks.org", true }, { "scholarly.com.ph", true }, { "scholarly.ph", true }, - { "scholarnet.cn", true }, + { "scholarnet.cn", false }, { "scholierenvervoerzeeland.nl", true }, { "schollbox.de", false }, { "scholz-kallies.de", true }, @@ -29913,10 +30503,10 @@ static const nsSTSPreload kSTSPreloadList[] = { { "schoolotzyv.ru", true }, { "schoolsonice.nl", true }, { "schopenhauer-institut.de", true }, - { "schorel.ovh", true }, { "schorelweb.nl", true }, { "schorers.org", true }, { "schoring.com", true }, + { "schottenland.de", true }, { "schrauger.com", true }, { "schrauger.info", true }, { "schrauger.net", true }, @@ -29952,8 +30542,8 @@ static const nsSTSPreload kSTSPreloadList[] = { { "schummar.de", true }, { "schunako.ch", true }, { "schuppentier.org", true }, - { "schur-it.de", true }, { "schurkenstaat.net", true }, + { "schutterijschinveld.nl", true }, { "schutz-vor-schmutz.de", true }, { "schutznetze24.de", false }, { "schutzwerk.com", true }, @@ -29966,7 +30556,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "schwarzhenri.ch", true }, { "schwarztrade.cz", true }, { "schwarzwald-flirt.de", true }, - { "schwarzwaldcon.de", true }, { "schwedenhaus.ag", true }, { "schwerkraftlabor.de", true }, { "schwinabart.com", true }, @@ -29978,12 +30567,12 @@ static const nsSTSPreload kSTSPreloadList[] = { { "science-questions.org", true }, { "science-texts.de", true }, { "science360.gov", true }, + { "sciencebase.gov", true }, { "scienceexploits.com", true }, + { "sciencehouse.jp", true }, { "scienceminnesota.com", true }, { "sciencesolutions.eu", true }, { "sciencex.com", true }, - { "scientific.boston", true }, - { "scifi.fyi", true }, { "scijinks.gov", true }, { "scimage.com", true }, { "scintilla.nl", true }, @@ -29993,12 +30582,12 @@ static const nsSTSPreload kSTSPreloadList[] = { { "scitopia.net", true }, { "sckc.stream", false }, { "sclns.co", true }, + { "scontogiusto.com", true }, { "scoolcode.com", true }, { "scoop6.co.uk", true }, { "scootaloo.co.uk", true }, { "scooterservis.com", true }, { "scootfleet.com", true }, - { "scorobudem.ru", true }, { "scorocode.ru", true }, { "scorp13.com", true }, { "scottgruber.me", true }, @@ -30030,7 +30619,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "screenlight.tv", true }, { "screenmachine.com", true }, { "screenparadigm.com", true }, - { "screenplay.jp", true }, { "scripo-bay.com", true }, { "script.google.com", true }, { "scripter.co", true }, @@ -30040,7 +30628,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "scrod.me", true }, { "scroll.in", true }, { "scrumbleship.com", true }, - { "scrumplex.net", true }, { "scrumstack.co.uk", true }, { "scryfall.com", true }, { "scs-simulatoren.de", true }, @@ -30050,6 +30637,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "sctiger.ml", true }, { "sctrainingllc.com", true }, { "scubadiving-phuket.com", true }, + { "scubaland.hu", true }, { "scul.net", true }, { "sculpture.support", true }, { "scuolaguidalame.ch", true }, @@ -30071,13 +30659,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "sdvigpress.org", true }, { "sdvx.net", true }, { "sdxcentral.com", true }, - { "se-theories.org", true }, { "se.com", true }, { "se.search.yahoo.com", false }, { "sea-godzilla.com", false }, { "seac.me", true }, { "seacam-store.com", true }, - { "seadus.ee", true }, { "seafood.co.nz", true }, { "seaholmwines.com", true }, { "sealaw.com", true }, @@ -30088,6 +30674,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "sean-wright.com", true }, { "seanholcroft.co.uk", true }, { "seankilgarriff.com", true }, + { "seanrodda.com", true }, { "seaplayhomes.com", true }, { "search-job-in.com", true }, { "search-one.de", true }, @@ -30105,6 +30692,8 @@ static const nsSTSPreload kSTSPreloadList[] = { { "searchbrothers.nl", true }, { "searchbrothers.ru", true }, { "searchbrothers.uk", true }, + { "searchcandy.nl", true }, + { "searchcandy.uk", true }, { "searchdatalogy.com", true }, { "seareytraining.com", true }, { "searx.ru", true }, @@ -30120,6 +30709,8 @@ static const nsSTSPreload kSTSPreloadList[] = { { "seattlewalkinbathtubs.com", true }, { "seavancouver.com", true }, { "seb-mgl.de", true }, + { "sebald.com", true }, + { "sebald.org", true }, { "sebascelis.com", true }, { "sebastiaandouma.co.uk", true }, { "sebastiaandouma.com", true }, @@ -30133,6 +30724,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "sebastiaperis.com", true }, { "sebasveeke.nl", true }, { "sebi.org", true }, + { "seby.io", true }, { "sec-mails.de", true }, { "sec-research.com", true }, { "sec-wiki.com", true }, @@ -30141,13 +30733,10 @@ static const nsSTSPreload kSTSPreloadList[] = { { "sec.gov", true }, { "sec.red", true }, { "sec3ure.co.uk", true }, - { "sec44.com", true }, - { "sec44.net", true }, - { "sec44.org", true }, { "sec455.com", true }, + { "sec4share.me", true }, { "sec530.com", true }, { "sec555.com", true }, - { "secanje.nl", true }, { "secbone.com", true }, { "secboom.com", true }, { "seccom.ch", true }, @@ -30155,14 +30744,13 @@ static const nsSTSPreload kSTSPreloadList[] = { { "secgui.de", true }, { "sech.me", true }, { "sechat.one", true }, - { "secitem.at", true }, - { "secitem.eu", true }, { "secnews.gr", true }, { "secomo.org", true }, + { "secondchancejobsforfelons.com", true }, { "seconfig.sytes.net", true }, { "secpatrol.de", true }, { "secretar.is", true }, - { "secretpanties.com", true }, + { "secretsanta.fr", true }, { "secretsdujeu.com", true }, { "secretserveronline.com", true }, { "secretum.tech", true }, @@ -30189,11 +30777,13 @@ static const nsSTSPreload kSTSPreloadList[] = { { "secureesolutions.com", true }, { "secureheaders.com", true }, { "secureim.de", true }, + { "securejabber.me", true }, { "securelect-inspection.com", true }, { "secureobscure.com", true }, { "secureonline.co", false }, { "securethe.news", true }, { "securetheorem.com", true }, + { "securetronic.ch", true }, { "securi-tay.co.uk", true }, { "securify.nl", true }, { "securipy.com", true }, @@ -30212,6 +30802,8 @@ static const nsSTSPreload kSTSPreloadList[] = { { "securitycamerasaustin.net", true }, { "securityfest.com", true }, { "securityheaders.com", true }, + { "securityheaders.io", true }, + { "securityheaders.nl", true }, { "securityinet.com", false }, { "securitykey.co", true }, { "securitypluspro.com", true }, @@ -30238,6 +30830,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "see.wtf", true }, { "seeclop.ch", true }, { "seedandleisure.co.uk", true }, + { "seednode.co", true }, { "seedsofangelica.net", true }, { "seekers.ch", true }, { "seeks.ru", true }, @@ -30259,6 +30852,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "seguroviagem.srv.br", false }, { "sehnenweh.org", true }, { "seibert.ninja", true }, + { "seibu-kikaku.co.jp", true }, { "seifried.org", true }, { "seikatu-navi.com", true }, { "seinfeldquote.com", true }, @@ -30276,18 +30870,19 @@ static const nsSTSPreload kSTSPreloadList[] = { { "selectel.com", false }, { "selectel.ru", true }, { "selectorders.com", true }, + { "selectsplat.com", true }, { "selegiline.com", true }, { "selent.me", true }, { "self-evident.org", true }, { "self-signed.com", true }, { "self-xss.info", true }, - { "self.nu", true }, { "selfassess.govt.nz", true }, { "selfdestruct.net", true }, { "selfici.com", true }, { "selfici.cz", true }, { "selfishness.com", true }, { "selfloath.in", true }, + { "selfmade4u.de", true }, { "selfoutlet.com", true }, { "selkiemckatrick.com", true }, { "sellajoch.com", true }, @@ -30299,10 +30894,13 @@ static const nsSTSPreload kSTSPreloadList[] = { { "semacode.com", true }, { "semaf.at", true }, { "semaflex.it", true }, + { "semantica.cz", true }, { "semaphore-studios.com", true }, + { "semenov.su", false }, { "semianalog.com", true }, { "seminariruum.ee", true }, { "semiocast.com", true }, + { "semiread.com", true }, { "semjonov.de", true }, { "semmlers.com", true }, { "semox.de", true }, @@ -30315,6 +30913,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "semyonov.us", true }, { "senarius.de", true }, { "sendai-sisters.com", true }, + { "sendaiouji.com", true }, { "sendbox.cz", true }, { "sendc.at", true }, { "sendcat.com", true }, @@ -30334,10 +30933,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "sensepixel.com", true }, { "senshudo.tv", true }, { "sensoft-int.net", true }, - { "sensualism.com", true }, { "sentandsecure.com", true }, - { "sentic.info", true }, { "sentidosdelatierra.org", true }, + { "sentinel.gov", true }, { "sentinelproject.io", true }, { "sentry.io", true }, { "sentry.nu", true }, @@ -30350,7 +30948,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "seo.london", true }, { "seo.tl", true }, { "seoagentur2go.de", true }, - { "seoarchive.org", true }, { "seobutler.com", true }, { "seocomposer.com", true }, { "seoenmexico.com.mx", true }, @@ -30370,11 +30967,10 @@ static const nsSTSPreload kSTSPreloadList[] = { { "seostepbysteplab.com", true }, { "seoul.dating", true }, { "seouniversity.org", true }, - { "sepakbola.win", true }, { "sepalandseed.com", true }, { "seppelec.com", true }, - { "seproco.com", true }, { "septakkordeon.de", true }, + { "septentrionalist.org", true }, { "septfinance.ch", true }, { "septicrepairspecialists.com", true }, { "septillion.cn", true }, @@ -30384,8 +30980,10 @@ static const nsSTSPreload kSTSPreloadList[] = { { "sera.jp", true }, { "seraph.tokyo", true }, { "serbanpaun.ro", true }, + { "serbianclimbing.com", true }, { "sereema.com", true }, { "serenaden.at", true }, + { "serendeputy.com", true }, { "serf.io", true }, { "sergeemond.ca", true }, { "sergefonville.nl", true }, @@ -30426,6 +31024,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "serveroffline.net", false }, { "serverpedia.de", true }, { "servers4all.co.uk", true }, + { "serversfrom.space", true }, { "serversftw.com", true }, { "serverstuff.info", true }, { "serversuit.com", true }, @@ -30433,17 +31032,15 @@ static const nsSTSPreload kSTSPreloadList[] = { { "servethecity-karlsruhe.de", true }, { "servettorna.com", true }, { "servgate.jp", true }, - { "service.gov.uk", true }, { "servicebeaute.fr", true }, { "serviceboss.de", true }, { "servida.ch", true }, { "serviettenhaus.de", true }, { "servingbaby.com", true }, + { "servious.org", true }, { "servitek.de", true }, { "serviziourgente.it", true }, - { "servpanel.de", true }, { "servx.org", true }, - { "servx.ru", true }, { "serw.org", true }, { "serwis-wroclaw.pl", true }, { "seryox.com", true }, @@ -30454,12 +31051,14 @@ static const nsSTSPreload kSTSPreloadList[] = { { "setenforce.one", true }, { "setfix.de", true }, { "sethcaplan.com", true }, + { "sethjust.com", true }, { "sethvargo.com", true }, { "setphaserstostun.org", true }, { "setsailanddive.com", true }, { "settberg.de", true }, { "setterirlandes.com.br", true }, { "settleapp.co", true }, + { "setuid0.kr", true }, { "setyoursite.nl", true }, { "seva.fashion", true }, { "seven-purple.com", true }, @@ -30468,6 +31067,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "sevenhillsapartments.com.au", true }, { "sevenicealimentos.com.br", true }, { "sevenmatches.com", true }, + { "seventwentynine.com", true }, { "severine-trousselard.com", true }, { "severntrentinsuranceportal.com", true }, { "sevinci.ch", true }, @@ -30475,24 +31075,17 @@ static const nsSTSPreload kSTSPreloadList[] = { { "sevsopr.ru", true }, { "sewafineseam.com", true }, { "sewinginsight.com", true }, - { "sewoo.co.uk", true }, - { "sex-education.com", true }, { "sexaki.com", true }, { "sexdocka.nu", true }, - { "sexgarage.de", true }, { "sexmobil.de", true }, - { "sexocomgravidas.com", true }, - { "sexoyrelax.com", true }, - { "sexpay.net", true }, { "sexplicit.co.uk", true }, { "sexservice.io", true }, { "sexshopnet.com.br", true }, - { "sexwork.net", true }, { "sexy-store.nl", true }, { "seyfarth.de", true }, + { "seyr.it", true }, { "seyr.me", true }, { "sfa.sk", true }, - { "sfaturiit.ro", true }, { "sfcomercio.com.br", true }, { "sfdev.ovh", true }, { "sfg-nordholz.de", true }, @@ -30505,9 +31098,12 @@ static const nsSTSPreload kSTSPreloadList[] = { { "sg-elektro.de", true }, { "sg.search.yahoo.com", false }, { "sgb.co", true }, + { "sgcaccounts.co.uk", true }, + { "sgi.org", true }, { "sglibellen.de", true }, { "sgroup-hitoduma.com", true }, { "sgroup-rec.com", true }, + { "sgs.camera", true }, { "sgsp.nl", true }, { "sgtcodfish.com", true }, { "sgtsnookums.net", true }, @@ -30523,7 +31119,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "shadesofgraylaw.com", true }, { "shadex.net", true }, { "shadigee.org", true }, + { "shadowict.net", true }, { "shadowict.tech", true }, + { "shadowkingdomrecords.com", true }, { "shadowkitsune.net", true }, { "shadowlurker.com.au", true }, { "shadowsing.com", true }, @@ -30555,16 +31153,15 @@ static const nsSTSPreload kSTSPreloadList[] = { { "shan.io", false }, { "shan.si", true }, { "shanahanstrategy.com", true }, - { "shandonsg.co.uk", true }, { "shanekoster.net", true }, { "shanetully.com", true }, { "shanewadleigh.com", true }, + { "shankangke.com", true }, { "shannoneichorn.com", true }, { "shansing.cn", true }, { "shansing.com", true }, { "shansing.net", true }, { "shansing.space", true }, - { "shanyhs.com", true }, { "shaobin.wang", true }, { "sharanyamunsi.net", true }, { "share.works", true }, @@ -30573,7 +31170,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "shareeri.com", true }, { "sharekey.com", false }, { "sharelovenotsecrets.com", true }, - { "sharemessage.net", true }, { "shareoffice.ch", true }, { "sharepointdrive.com", true }, { "sharescope.co.uk", false }, @@ -30615,10 +31211,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "shelleystoybox.com", true }, { "shellfire.de", true }, { "shellgame.io", true }, - { "shelljuggler.com", true }, + { "shelljuggler.com", false }, { "shellshock.eu", true }, { "shellvatore.us", true }, - { "shemissed.me", true }, { "shemsconseils.ma", true }, { "shena.co.uk", true }, { "shenghaiautoparts.com", true }, @@ -30627,7 +31222,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "shenyuqi.com", false }, { "sherbers.de", true }, { "sherrikehoetherapy.com", true }, - { "shethbox.com", true }, { "shft.cl", true }, { "shgt.jp", true }, { "shh-listen.com", true }, @@ -30635,6 +31229,8 @@ static const nsSTSPreload kSTSPreloadList[] = { { "shichibukai.net", true }, { "shico.org", true }, { "shieldcomputer.com", true }, + { "shieldfe.com", true }, + { "shieldofachilles.in", true }, { "shift-record.com", true }, { "shift-to.co.jp", true }, { "shiftdevices.com", true }, @@ -30662,6 +31258,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "shirtsdelivered.com", true }, { "shirtsofholland.com", true }, { "shishamania.de", true }, + { "shishkabobnc.com", true }, { "shishkin.us", true }, { "shishlik.net", true }, { "shitagi-shop.com", true }, @@ -30680,10 +31277,12 @@ static const nsSTSPreload kSTSPreloadList[] = { { "shockercityservices.com", true }, { "shodan.io", true }, { "shoemuse.com", true }, + { "shoeracks.uk", true }, { "shoestringeventing.co.uk", true }, { "shokola.com", true }, { "shome.de", true }, { "shooter.dog", true }, + { "shop-hellsheadbangers.com", true }, { "shop-s.net", true }, { "shop.fr", true }, { "shopadvies.nl", true }, @@ -30699,12 +31298,14 @@ static const nsSTSPreload kSTSPreloadList[] = { { "shopalike.se", true }, { "shopalike.sk", true }, { "shopapi.cz", true }, + { "shopatkei.com", true }, { "shopbakersnook.com", true }, { "shopcoupon.co.za", true }, { "shopcoupons.co.id", true }, { "shopcoupons.my", true }, { "shopcoupons.ph", true }, { "shopcoupons.sg", true }, + { "shophisway.com", true }, { "shopifycloud.com", true }, { "shopkini.com", true }, { "shoplandia.co", true }, @@ -30721,10 +31322,13 @@ static const nsSTSPreload kSTSPreloadList[] = { { "shortdiary.me", true }, { "shorten.ninja", true }, { "shoshin-aikido.de", true }, + { "shoshin.technology", true }, + { "shota.vip", true }, { "shotbow.net", true }, { "shotonwhat.com", true }, { "shouldihookupwithmybarista.com", true }, { "shouttag.com", true }, + { "shovonhasan.com", true }, { "show-saratov.ru", false }, { "showbits.net", true }, { "showdepiscinas.com.br", true }, @@ -30737,7 +31341,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "showroom.uk", true }, { "showroom113.ru", true }, { "showsonar.com", true }, - { "shoxmusic.net", true }, { "shredriteservices.com", true }, { "shreyansh26.me", true }, { "shrike.me", false }, @@ -30749,6 +31352,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "shu-fu.net", true }, { "shuffleradio.nl", true }, { "shugo.net", true }, + { "shukatsu-support.jp", true }, { "shulan.moe", true }, { "shuletime.ml", true }, { "shura.eu.org", true }, @@ -30763,8 +31367,10 @@ static const nsSTSPreload kSTSPreloadList[] = { { "si-benelux.nl", true }, { "si.to", true }, { "si2b.fr", true }, + { "siaggiusta.com", true }, { "siamsnus.com", true }, { "sianbryn.co.uk", true }, + { "sianjhon.com", true }, { "sibfk.org", true }, { "sibiutourguide.com", true }, { "sibrenvasse.nl", true }, @@ -30778,9 +31384,12 @@ static const nsSTSPreload kSTSPreloadList[] = { { "siconnect.us", true }, { "sidelka-tver.ru", true }, { "sidema.be", true }, + { "sidemount-forum.com", true }, + { "sidemount-tauchen.com", true }, { "sidepodcast.com", true }, { "sidepodcastdaily.com", true }, { "sidepodcastextra.com", true }, + { "sideropolisnoticias.com.br", true }, { "sideshowbarker.net", true }, { "sidium.de", true }, { "sidnicio.us", true }, @@ -30788,8 +31397,8 @@ static const nsSTSPreload kSTSPreloadList[] = { { "sidongkim.com", true }, { "sidpod.ru", true }, { "siegemund-frankfurt.de", true }, - { "sieh.es", true }, { "siel.nl", true }, + { "sielsystems.nl", true }, { "sientemendoza.com.ar", true }, { "sieulog.com", true }, { "siewert-kau.de", true }, @@ -30797,6 +31406,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "sig6.org", true }, { "sigabrt.org", true }, { "siggerudklatreklubb.no", true }, + { "sight-sound.com", true }, { "sightcure.jp", true }, { "sighup.nz", true }, { "sigismonda.ch", true }, @@ -30816,6 +31426,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "signix.net", true }, { "signtul.com", false }, { "sigsrv.net", true }, + { "sigterm.no", true }, { "sigterm.sh", true }, { "siirtutkusu.com", true }, { "sikayetvar.com", false }, @@ -30826,13 +31437,17 @@ static const nsSTSPreload kSTSPreloadList[] = { { "silashes.ru", true }, { "silaslova-ekb.ru", true }, { "silent-clean.de", true }, + { "silent.live", false }, { "silentkernel.fr", false }, { "silentundo.org", true }, { "silerfamily.net", true }, + { "silicon-north.com", true }, + { "silicon-vision.com", true }, { "siliconchip.me", true }, - { "silke-hunde.de", true }, { "silkebaekken.no", true }, { "silkebeckmann.de", true }, + { "silkon.net", true }, + { "sillisalaatti.fi", true }, { "sillysnapz.co.uk", true }, { "silo.org.br", true }, { "siloportem.net", true }, @@ -30903,6 +31518,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "silvergoldbull.pt", true }, { "silvergoldbull.qa", true }, { "silvergoldbull.rs", true }, + { "silvergoldbull.ru", true }, { "silvergoldbull.se", true }, { "silvergoldbull.si", true }, { "silvergoldbull.sn", true }, @@ -30919,11 +31535,10 @@ static const nsSTSPreload kSTSPreloadList[] = { { "silverseen.com", true }, { "silverwind.io", true }, { "silvine.xyz", true }, + { "silvobeat.blog", true }, { "silvobeat.com", true }, { "sim-karten.net", true }, { "sim-minaoshi.jp", true }, - { "sim-sim.appspot.com", true }, - { "sim4seed.org", true }, { "simam.de", true }, { "simark.ca", true }, { "simbeton.nl", true }, @@ -30956,11 +31571,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "simonmaddox.com", true }, { "simonpaarlberg.com", true }, { "simonreich.de", true }, - { "simonschmitt.ch", true }, { "simonshine.dk", true }, { "simonspeich.ch", true }, { "simonsreich.de", true }, { "simontaite.com", true }, + { "simonweil.com", true }, { "simonwessel.net", true }, { "simonwoodside.com", true }, { "simpbx.net", true }, @@ -30997,9 +31612,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "simplystudio.com", true }, { "simpte.com", true }, { "simpul.nl", true }, + { "simrail.nl", true }, { "simsnieuws.nl", true }, { "simukti.net", true }, - { "simumiehet.com", true }, { "sin-nombre-alleria.de", true }, { "sin.swiss", true }, { "sinaryuda.web.id", true }, @@ -31014,27 +31629,27 @@ static const nsSTSPreload kSTSPreloadList[] = { { "singel.ch", true }, { "single-in-stuttgart.de", true }, { "singles-aus-hamburg.de", true }, - { "singles-berlin.de", true }, { "singleuse.link", true }, { "singlu10.org", false }, { "sinktank.de", true }, { "sinn.io", true }, { "sinnersprojects.ro", true }, { "sinomod.com", true }, - { "sinon.org", true }, { "sinonimos.com.br", true }, { "sinonimosonline.com", true }, { "sinonimosonline.com.br", true }, { "sinquin.eu", true }, + { "sinronet.com", true }, { "sint-joris.nl", true }, { "sintaxis.org", true }, { "sinterama.biz", true }, { "sinuelovirtual.com.br", true }, { "sioeckes.hu", true }, + { "sipc.org", true }, + { "siratalmustaqim.com", true }, { "siraweb.org", true }, { "sirbouncealotcastles.co.uk", true }, { "sirbouncelot.co.uk", true }, - { "sirburton.com", true }, { "sirchuk.net", true }, { "sircon.no", true }, { "sirena.co.jp", true }, @@ -31044,7 +31659,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "sirtaptap.com", true }, { "sirtuins.com", true }, { "sirvoy.com", true }, - { "sisgopro.com", true }, + { "sisseastumine.ee", true }, { "sistel.es", true }, { "sistem-maklumat.com", true }, { "sistem-maklumat.com.my", true }, @@ -31057,13 +31672,13 @@ static const nsSTSPreload kSTSPreloadList[] = { { "sisver.mx", true }, { "sit-brn.ru", true }, { "sit.ec", true }, + { "sitc.sk", true }, { "sitebuilderreport.com", true }, { "sitedrive.fi", true }, { "sitehoster.org", true }, { "sitenv.org", true }, { "siterencontre.me", true }, { "sites.google.com", true }, - { "sitesko.de", true }, { "sitesuccessful.com", true }, { "sitevandaag.nl", true }, { "sitischu.com", true }, @@ -31071,18 +31686,18 @@ static const nsSTSPreload kSTSPreloadList[] = { { "sivale.mx", true }, { "sivyerge.com", true }, { "siw64.com", true }, + { "sixcorners.info", true }, + { "sixcorners.net", true }, { "sixpackholubice.cz", true }, { "sixtwentyten.com", true }, { "sj-leisure.com", true }, - { "sja-se-training.com", true }, { "sjaakgilsingfashion.nl", true }, { "sjatsh.com", true }, { "sjd.is", true }, - { "sjdaws.com", true }, - { "sjdtaxi.com", true }, { "sjis.me", true }, { "sjleisure.co.uk", true }, { "sjoorm.com", true }, + { "sjsmith.id.au", true }, { "sjv4u.ch", true }, { "sk-net.cz", true }, { "skala.io", true }, @@ -31094,7 +31709,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "skatingchina.com", true }, { "skatn.de", true }, { "skazka.ru", true }, - { "skday.com", true }, { "skedda.com", true }, { "skedr.io", false }, { "skeeley.com", true }, @@ -31109,6 +31723,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "skia.org", false }, { "skid.church", true }, { "skiddle.com", true }, + { "skifairview.com", true }, { "skifttiljutlanderbank.dk", true }, { "skigebied.nl", true }, { "skigebiete-test.de", true }, @@ -31119,6 +31734,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "skillseo.com", true }, { "skimming.net", true }, { "skin-cosmetic.eu", true }, + { "skincare-note.com", true }, { "skincases.co", true }, { "skincontracts.co", true }, { "sking.io", true }, @@ -31133,6 +31749,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "skizzen-zeichnungen.de", true }, { "skks.cz", true }, { "sklepsamsung.pl", true }, + { "sklepwielobranzowymd.com", true }, { "sklotechnik.cz", true }, { "sknclinics.co.uk", true }, { "skogsbruket.fi", true }, @@ -31142,14 +31759,13 @@ static const nsSTSPreload kSTSPreloadList[] = { { "skolem.de", true }, { "skoleniphp.cz", true }, { "skommettiamo.it", true }, - { "skomski.org", true }, { "skontakt.cz", true }, { "skontorp-enterprise.no", true }, { "skortekaas.nl", false }, { "skory.us", true }, { "skou.dk", false }, { "skram.de", true }, - { "skrimix.tk", true }, + { "skrimix.tk", false }, { "skryptersi.pl", true }, { "sksdrivingschool.com.au", true }, { "sktan.com", true }, @@ -31157,36 +31773,37 @@ static const nsSTSPreload kSTSPreloadList[] = { { "skwile-cafe.com", true }, { "skwitko.com", true }, { "sky-live.fr", true }, + { "sky-universe.net", true }, { "skyanchor.com", true }, - { "skybloom.com", true }, - { "skybloom.io", false }, + { "skybloom.io", true }, + { "skybound.link", true }, + { "skycmd.net", true }, { "skyderby.ru", true }, { "skydragoness.com", true }, { "skydrive.live.com", false }, + { "skyem.co.uk", true }, { "skylgenet.nl", true }, { "skylightcreative.com.au", true }, { "skylinertech.com", true }, { "skylineservers.com", true }, - { "skylocker.nl", true }, { "skyloisirs.ch", true }, { "skyminds.net", true }, { "skynet233.ch", true }, - { "skynethk.com", false }, + { "skynethk.com", true }, { "skynetnetwork.eu.org", true }, { "skynetz.tk", true }, { "skype.com", true }, - { "skypoker.com", true }, { "skyquid.co.uk", true }, { "skyris.co", true }, { "skys-entertainment.com", true }, { "skysuite.nl", true }, - { "skytec.host", true }, + { "skyynet.de", true }, { "skyzimba.com.br", true }, { "sl-bildermacher.de", true }, { "sl0.us", true }, { "sl899.com", true }, { "sl998.com", true }, - { "slab.com", true }, + { "slab.com", false }, { "slack-files.com", true }, { "slack.com", true }, { "sladic.si", false }, @@ -31210,11 +31827,13 @@ static const nsSTSPreload kSTSPreloadList[] = { { "sleeping.town", true }, { "sleeplessbeastie.eu", true }, { "sleepmap.de", true }, + { "sleeps.jp", true }, { "sleepstar.co.uk", true }, { "sleepstar.de", true }, { "sleepstar.fr", true }, { "sleestak.net", true }, { "sleio.com", true }, + { "sletat.ru", true }, { "slever.cz", true }, { "slevermann.de", true }, { "slevomat.cz", true }, @@ -31223,6 +31842,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "slidebatch.com", true }, { "slides.zone", true }, { "slik.ai", true }, + { "slim-slender.com", true }, { "slimk1nd.nl", true }, { "slimspots.com", true }, { "slingo-sta.com", true }, @@ -31247,12 +31867,10 @@ static const nsSTSPreload kSTSPreloadList[] = { { "slovenskycestovatel.sk", true }, { "slow.zone", true }, { "slowb.ro", true }, - { "slowfood.es", true }, { "slowgames.xyz", true }, { "slpower.com", true }, { "slrd-isperih.com", true }, { "sluciaconstruccion.com", true }, - { "sluimann.de", true }, { "sluitkampzeist.nl", false }, { "slusham.com", true }, { "slvh.fr", true }, @@ -31266,6 +31884,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "smablo.com", true }, { "smackhappy.com", true }, { "smadav.ml", true }, + { "smakassen.no", true }, { "smallcloudsolutions.co.za", true }, { "smalldogbreeds.net", true }, { "smalle-voet.de", true }, @@ -31315,24 +31934,22 @@ static const nsSTSPreload kSTSPreloadList[] = { { "smartservices.nl", true }, { "smartshiftme.com", true }, { "smartship.co.jp", true }, - { "smartshoppers.es", true }, { "smartsparrow.com", true }, { "smartvideo.io", true }, { "smartviewing.com", true }, + { "smartwank.com", true }, { "smartwelve.com", true }, { "smartwoodczech.cz", true }, { "smartwritingservice.com", true }, - { "smartwurk.nl", true }, + { "smartwurk.nl", false }, { "smash-gg.club", true }, { "smatch.com", true }, { "smb445.com", true }, - { "smcbox.com", true }, { "smdavis.us", true }, { "smdcn.net", true }, { "sme-gmbh.net", true }, { "smeetsengraas.com", true }, { "smeso.it", true }, - { "smiatek.name", true }, { "smileandpay.com", true }, { "smiledirectsales.com", true }, { "smilessoftplay.co.uk", true }, @@ -31349,10 +31966,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "smithchow.com", true }, { "smithfieldbaptist.org", true }, { "smm.im", true }, - { "smmcab.website", true }, { "smmlaba.io", true }, { "smokeandmirrors.agency", true }, - { "smokinghunks.com", true }, + { "smol.cat", true }, { "smoo.st", true }, { "smoothcomp.com", true }, { "smoothgesturesplus.com", true }, @@ -31376,6 +31992,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "smskeywords.co.uk", true }, { "smskmail.com", true }, { "smsprivacy.org", true }, + { "smtpdev.com", true }, { "smuncensored.com", true }, { "smutba.se", true }, { "smutek.net", true }, @@ -31390,13 +32007,13 @@ static const nsSTSPreload kSTSPreloadList[] = { { "snapfinance.com", true }, { "snapserv.ch", true }, { "snapserv.net", true }, + { "snaptier.co", true }, { "snaptools.io", true }, { "snatch.com.ua", true }, { "snazel.co.uk", true }, { "snazzie.nl", true }, { "sncdn.com", true }, { "sndbouncycastles.co.uk", true }, - { "sneak.berlin", true }, { "sneakpod.de", true }, { "sneakynote.com", true }, { "sneakypaw.com", true }, @@ -31413,6 +32030,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "snelxboxlivegold.nl", true }, { "snerith.com", true }, { "snfdata.com", false }, + { "sngallery.co.uk", true }, { "sniderman.eu.org", true }, { "sniderman.pro", true }, { "sniderman.us", true }, @@ -31427,7 +32045,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "snote.io", true }, { "snoupon.com", true }, { "snow-online.com", true }, - { "snow-online.de", true }, { "snow.dog", true }, { "snowalerts.eu", true }, { "snowalerts.nl", true }, @@ -31437,8 +32054,8 @@ static const nsSTSPreload kSTSPreloadList[] = { { "snowhaze.ch", true }, { "snowhaze.com", true }, { "snowpak.com", true }, - { "snowplane.net", true }, - { "snowraven.de", true }, + { "snowpaws.de", true }, + { "snowyluma.com", true }, { "snowyluma.me", true }, { "snrat.com", true }, { "snrub.co", true }, @@ -31451,24 +32068,24 @@ static const nsSTSPreload kSTSPreloadList[] = { { "soapitup.com.au", true }, { "soaringtoglory.com", true }, { "sobaya-gohei.com", true }, + { "sobeau.com", true }, { "sobelift.com", true }, { "sobersys.com", true }, { "sobie.ch", true }, { "sobieray.dyndns.org", true }, { "sobotkama.eu", true }, - { "sobreporcentagem.com", true }, { "soc.net", true }, - { "socal-babes.com", true }, - { "soccersavings.com", true }, { "soccorso-stradale.org", true }, { "sochi-sochno.ru", true }, { "sociability.dk", true }, { "social-events.net", false }, { "social-media-strategies.it", true }, + { "social-media-strategy.org.uk", true }, { "socialhams.net", true }, { "socializam.com", true }, + { "socialmarketingday.nl", true }, { "socialmedia.ro", true }, - { "socialmirror.app", true }, + { "socialnitro.com", true }, { "socialnous.co", true }, { "socialrank.com", true }, { "socialsecurity.gov", false }, @@ -31500,6 +32117,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "softart.club", true }, { "softballrampage.com", true }, { "softcreatr.de", false }, + { "softonic.com", true }, { "softplay4hire.co.uk", true }, { "softplaynation.co.uk", true }, { "softprayog.in", true }, @@ -31510,6 +32128,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "softwarebetrieb.de", true }, { "softwaredesign.foundation", false }, { "softwarevoortherapeuten.nl", true }, + { "softwaylancing.com", true }, { "softwerk-edv.de", true }, { "sogola.com", true }, { "sogravatas.com.br", true }, @@ -31517,7 +32136,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "sohamroy.me", true }, { "soia.ca", true }, { "soinvett.com", true }, - { "soju.fi", true }, + { "sokaissues.info", true }, { "sokche.com", true }, { "sokietech.com", true }, { "sokkenhoek.nl", true }, @@ -31535,6 +32154,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "solarplan-berlin.de", true }, { "solarstrom.net", true }, { "soldecom.com", true }, + { "solden.be", true }, + { "soldesduck.be", true }, + { "soldesduck.ch", true }, { "soldout-app.com", true }, { "sole-erdwaermetauscher.de", true }, { "sole-software.de", true }, @@ -31542,14 +32164,13 @@ static const nsSTSPreload kSTSPreloadList[] = { { "soledadpenades.com", true }, { "solentbasketball.co.uk", true }, { "solentbubblesandbounce.co.uk", true }, - { "soleria.eu", true }, { "solesoftware.de", true }, { "soleus.nu", false }, { "solfegiator.ch", true }, { "soli.cafe", true }, { "solicafe.at", true }, + { "solidarita-kosovo.net", true }, { "solidshield.com", true }, - { "solidtuesday.com", true }, { "solihullcarnival.co.uk", true }, { "solihullinflatables.com", true }, { "solihulllionsclub.org.uk", true }, @@ -31560,6 +32181,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "solomisael.com", true }, { "solomo.pt", true }, { "solonotizie24.it", true }, + { "solos.im", true }, { "solsocog.de", true }, { "soluphant.de", true }, { "solus-project.com", true }, @@ -31568,7 +32190,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "solve-it.se", true }, { "solved.tips", true }, { "solvemethod.com", true }, - { "solvingproblems.com.au", true }, { "solvops.com", true }, { "somaini.li", true }, { "somali-derp.com", true }, @@ -31579,7 +32200,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "somecrazy.com", true }, { "somersetscr.nhs.uk", true }, { "somersetwellbeing.nhs.uk", true }, - { "somewherein.jp", true }, { "sommefeldt.com", true }, { "somosnoticia.com.br", true }, { "sompani.com", true }, @@ -31596,13 +32216,14 @@ static const nsSTSPreload kSTSPreloadList[] = { { "songsmp3.com", true }, { "songsmp3.info", true }, { "songsmp3.io", true }, + { "songsmp3.live", true }, { "songsmp3.me", true }, { "songsmp3.net", true }, { "songsthatsavedyourlife.com", true }, { "songtianyi.com", true }, { "songzhuolun.com", true }, + { "sonia.com.au", true }, { "soniafauville.com", true }, - { "sonialive.com", true }, { "sonic.studio", true }, { "sonicdoe.com", true }, { "sonixonline.com", true }, @@ -31630,13 +32251,13 @@ static const nsSTSPreload kSTSPreloadList[] = { { "sorenstudios.com", true }, { "sorever.online", true }, { "sorex.photo", true }, + { "sorincocorada.ro", true }, { "sorrowfulunfounded.com", true }, { "sortesim.com.br", true }, { "soruly.com", true }, { "sorz.org", true }, { "sos-falegname.it", true }, { "sos-idraulico.it", true }, - { "sos.de", true }, { "sosoftplay.co.uk", true }, { "sospromotions.com.au", true }, { "sostacancun.com", true }, @@ -31657,24 +32278,22 @@ static const nsSTSPreload kSTSPreloadList[] = { { "soulmate.dating", true }, { "soulmating.de", true }, { "soulogic.com", true }, - { "soumikghosh.com", true }, + { "souly.cc", true }, { "soumya92.me", true }, { "soundabout.nl", true }, - { "soundbytemedia.com", true }, { "soundedj.com.br", true }, { "soundeo.com", true }, { "soundeo.net", true }, - { "soundgasm.net", true }, { "soundhunter.xyz", false }, + { "soundonsound.com", true }, + { "soundprotectionllc.com", true }, { "soundscrate.com", true }, - { "soundsecurity.io", true }, - { "souqtajmeel.com", true }, { "sour.is", true }, - { "sourcebox.be", true }, + { "souravsaha.com", true }, + { "sourcebox.be", false }, { "sourcely.net", true }, { "sourceway.de", true }, { "souris.ch", true }, - { "sous-surveillance.net", false }, { "southafrican.dating", true }, { "southambouncycastle.co.uk", true }, { "southamerican.dating", true }, @@ -31697,7 +32316,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "sozai-good.com", true }, { "sozialy.com", true }, { "sozon.ca", true }, - { "sp-sephiroth.jp", true }, + { "sp-sites.com.au", true }, { "sp.com.pl", true }, { "sp8ce.co", true }, { "space-it.de", true }, @@ -31716,7 +32335,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "spakurort.eu", true }, { "spamdrain.com", true }, { "spamwc.de", true }, - { "spanda.io", true }, { "spanjeflydrive.nl", true }, { "spanyolul.hu", true }, { "spar-ni.co.uk", true }, @@ -31728,6 +32346,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "sparklebastard.com", true }, { "sparkresearch.net", true }, { "sparkreviewcenter.com", true }, + { "sparkz.no", true }, { "sparprofi.at", true }, { "sparta-en.org", true }, { "sparta-solutions.de", true }, @@ -31749,8 +32368,8 @@ static const nsSTSPreload kSTSPreloadList[] = { { "speargames.net", true }, { "specialtyalloys.ca", true }, { "speciesism.com", true }, - { "spectreattack.com", true }, { "spectrosoftware.de", true }, + { "spedition-transport-umzug.de", true }, { "speech-balloon.com", true }, { "speechdrop.net", true }, { "speechmate.com", true }, @@ -31762,7 +32381,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "speedsportofhull.co.uk", true }, { "speedtailors.com", true }, { "speedtest-russia.com", true }, - { "speedychat.it", true }, { "speeltoneel.nl", true }, { "speerpunt.info", true }, { "speets.ca", true }, @@ -31778,14 +32396,19 @@ static const nsSTSPreload kSTSPreloadList[] = { { "spesys-services.fr", true }, { "spha.info", true }, { "sphereblur.com", true }, + { "spherenix.org", true }, { "sphido.org", true }, { "spicydog.org", true }, { "spicymatch.com", true }, + { "spidermail.tk", true }, + { "spidernet.tk", true }, { "spideroak.com", true }, { "spiders.org.ua", true }, + { "spiel-teppich.de", true }, { "spielezar.ch", true }, { "spielland.ch", true }, { "spiellawine.de", true }, + { "spiet.nl", true }, { "spiff.eu", true }, { "spiga.ch", true }, { "spillersfamily.net", true }, @@ -31795,7 +32418,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "spindle.com.ph", true }, { "spindrift.com", true }, { "spingenie.com", true }, - { "spinner.dnshome.de", true }, + { "spinor.im", true }, { "spins.fedoraproject.org", true }, { "spinspin.wtf", true }, { "spiralschneiderkaufen.de", true }, @@ -31826,19 +32449,17 @@ static const nsSTSPreload kSTSPreloadList[] = { { "spongepowered.org", true }, { "sponsor.network", true }, { "sponsormatch.eu", true }, - { "sponsorowani.pl", true }, { "spoofhaus.com", true }, { "spookbook.net", true }, { "spookquest.com", true }, - { "spookyinternet.com", true }, { "spoopy.link", true }, + { "spoorcam.nl", true }, { "sporcard.com", true }, { "spornkuller.de", true }, { "sport-in-sundern.de", true }, { "sport-potreby.cz", true }, { "sport-potreby.sk", true }, { "sport-socken.net", true }, - { "sport247.bet", true }, { "sportakrobatik.at", true }, { "sportbetuwe.nl", true }, { "sporter.com", true }, @@ -31847,10 +32468,8 @@ static const nsSTSPreload kSTSPreloadList[] = { { "sportovnidum.cz", true }, { "sportparks.com", true }, { "sportparks.org", true }, - { "sportressofblogitude.com", true }, { "sports.dating", true }, { "sportsjaw.com", true }, - { "sportsmanadvisor.com", false }, { "sportsmansblog.com", true }, { "sportstraineradvisor.com", true }, { "sporttown.it", true }, @@ -31878,19 +32497,21 @@ static const nsSTSPreload kSTSPreloadList[] = { { "sprinklermanohio.com", true }, { "spritmonitor.de", true }, { "spritsail.io", true }, - { "sproing.ca", true }, + { "sproktz.com", true }, { "sprucecreekclubs.com", true }, { "sprucecreekgcc.com", true }, { "sps-lehrgang.de", true }, + { "spslawoffice.com", true }, + { "spsnewengland.org", true }, { "sptk.org", true }, { "spuffin.com", true }, { "spufpowered.com", true }, { "spunkt.fr", true }, { "spur.com.br", true }, + { "sputnik1net.org", true }, { "spydar007.com", true }, { "spydar007.net", true }, { "spydersec.com", true }, - { "spykedigital.com", true }, { "spyprofit.ru", true }, { "spyroszarzonis.com", true }, { "sqkaccountancy.co.uk", true }, @@ -31899,6 +32520,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "sqlfeatures.com", true }, { "sqr-training.com", true }, { "sqroot.eu", true }, + { "squadlinx.com", true }, { "square-gaming.org", true }, { "square-src.de", false }, { "square.com", false }, @@ -31916,6 +32538,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "srbija-nekretnine.org", true }, { "src.fedoraproject.org", true }, { "srchub.org", true }, + { "srigc.com", true }, { "srihash.org", true }, { "srinivasan.io", true }, { "sro.center", true }, @@ -31967,12 +32590,12 @@ static const nsSTSPreload kSTSPreloadList[] = { { "sslmate.com", true }, { "sslok.com", true }, { "sslping.com", true }, - { "sslpoint.com", true }, { "ssls.cz", true }, { "sslsurvey.de", true }, { "ssmato.me", true }, { "ssmca.com", true }, { "ssnet.vip", true }, + { "sso.to", false }, { "ssready.io", true }, { "ssready.org", true }, { "sstaging.com", true }, @@ -31997,28 +32620,29 @@ static const nsSTSPreload kSTSPreloadList[] = { { "stadm.com", true }, { "stadsbygd.info", true }, { "stadt-apotheke-muensingen.de", true }, - { "stadtbuecherei-bad-wurzach.de", true }, { "stadterneuerung-hwb.de", true }, { "stadtpapa.de", true }, { "stadtplan-ilmenau.de", true }, { "staff.direct", true }, + { "staffordlabour.org.uk", true }, { "stage.wepay.com", false }, { "stage4.ch", true }, { "stageirites.com", true }, { "stageirites.fr", true }, { "stageirites.org", true }, - { "stahlfors.com", false }, + { "stahlfors.com", true }, { "stainedglass.net.au", true }, { "stair.ch", true }, { "stairfallgames.com", true }, { "stairlin.com", true }, + { "stakestrategy.com", true }, { "staklim-malang.info", true }, { "stako.jp", true }, { "staktrace.com", true }, { "stalder.work", true }, + { "staljedevledder.nl", true }, { "stalker-shop.com", true }, { "stalkr.net", true }, - { "stall-zur-linde.de", true }, { "stamboommuller.nl", true }, { "stamboomvanderwal.nl", true }, { "stameystreet.com", true }, @@ -32027,10 +32651,12 @@ static const nsSTSPreload kSTSPreloadList[] = { { "stamonicatourandtravel.com", true }, { "stamparmakarije.me", true }, { "stampederadon.com", true }, + { "stampsbar.co.uk", true }, { "standagainstspying.org", true }, { "standard.co.uk", true }, { "standardequipment.com", true }, { "standards.gov", true }, + { "stanron.com", true }, { "stanthonymaryclaret.org", true }, { "star-citizen.wiki", true }, { "star-clean.it", true }, @@ -32045,6 +32671,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "stargarder-jungs.de", true }, { "stargatelrp.co.uk", true }, { "stargazer.de", true }, + { "starina.ru", true }, { "starinvestors.in", true }, { "starka.st", true }, { "starkbim.com", true }, @@ -32055,21 +32682,19 @@ static const nsSTSPreload kSTSPreloadList[] = { { "starmtech.fr", true }, { "starpeak.org", true }, { "starphotoboothsni.co.uk", true }, - { "starsam80.net", true }, { "starskim.cn", true }, - { "starstreak.net", true }, + { "starstreak.net", false }, { "startaninflatablebusiness.com", true }, - { "starteesforsale.co.za", true }, { "startergen.com", true }, { "startlab.sk", true }, { "startle.cloud", true }, { "startpage.com", true }, { "startpage.info", true }, { "startrek.in", true }, + { "startsamenvitaal.nu", true }, { "starttraffic.com", true }, { "starttraffic.uk", true }, { "startupgenius.org", true }, - { "startuppeople.co.uk", true }, { "starwatches.eu", true }, { "starwins.co.uk", true }, { "stassi.ch", true }, @@ -32088,10 +32713,10 @@ static const nsSTSPreload kSTSPreloadList[] = { { "stationatlyndhurst.com", true }, { "stationatwillowgrove.com", true }, { "stationcharlie.co.za", true }, + { "statistik-seminare.de", true }, { "statistikian.com", true }, { "statofus.com", true }, { "stats.g.doubleclick.net", true }, - { "status.coffee", true }, { "statuscode.ch", true }, { "stav.io", true }, { "stavros.ovh", true }, @@ -32101,10 +32726,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "stb-schefczyk.de", true }, { "stb-strzyzewski.de", true }, { "stbennett.org", true }, + { "stcplasticsurgery.com", true }, { "stcu.org", false }, { "std-home-test.com", true }, { "stderr.cc", true }, - { "stdev.org", true }, + { "stdrc.cc", false }, { "steakhaus-zumdorfbrunnen.de", true }, { "steakovercooked.com", true }, { "stealingheather.com", true }, @@ -32118,8 +32744,10 @@ static const nsSTSPreload kSTSPreloadList[] = { { "steamtrades.com", true }, { "steamwhale.com", true }, { "stebet.net", true }, + { "steborio.pw", true }, { "steckel.cc", true }, { "stedb.eu", true }, + { "stedbg.net", true }, { "steef389.eu", true }, { "steel-roses.de", true }, { "steelephys.com.au", true }, @@ -32162,10 +32790,10 @@ static const nsSTSPreload kSTSPreloadList[] = { { "stephane-huc.net", false }, { "stephaniedeady.ie", true }, { "stephanieschreiber.com", true }, + { "stephencreilly.com", true }, { "stephenhaunts.com", true }, { "stephenhorler.com.au", true }, { "stephenj.co.uk", true }, - { "stephenjvoiceovers.com", true }, { "stephenperreira.com", true }, { "stephenschrauger.com", true }, { "stephenschrauger.info", true }, @@ -32191,7 +32819,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "sternen-sitzberg.ch", true }, { "sternenbund.info", true }, { "sternplastic.com", true }, - { "stesti.cz", true }, { "stetspa.it", true }, { "steuer-voss.de", true }, { "steuerberater-essen-steele.com", true }, @@ -32201,6 +32828,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "steuertipps-sonderausgaben.de", true }, { "steve.kiwi", true }, { "steveborba.com", true }, + { "stevecostar.com", true }, { "stevedesmond.ca", true }, { "stevedoggett.com", true }, { "stevegrav.es", true }, @@ -32219,11 +32847,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "stevenz.xyz", true }, { "stevesdrivingschooltyneside.com", true }, { "stewartswines.com", true }, - { "stewonet.nl", true }, { "steyaert.be", false }, - { "stforex.com", true }, + { "stforex.com", false }, { "stfw.info", true }, - { "stge.uk", true }, { "stichtingliab.nl", true }, { "stichtingscholierenvervoerzeeland.nl", true }, { "stichtingsticky.nl", true }, @@ -32238,10 +32864,8 @@ static const nsSTSPreload kSTSPreloadList[] = { { "stiffordacademy.org.uk", true }, { "stift-kremsmuenster.at", true }, { "stiftemaskinen.no", true }, - { "stig.io", false }, { "stigharder.com", true }, { "stigviewer.com", true }, - { "stijnbelmans.be", true }, { "stijncrevits.be", true }, { "stijnodink.nl", true }, { "stikic.me", true }, @@ -32250,6 +32874,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "stilecop.com", true }, { "stillnessproject.com", true }, { "stilmobil.se", true }, + { "stiltmedia.com", true }, { "stimmgabel.lu", true }, { "stin.hr", true }, { "stinaspiegelberg.com", true }, @@ -32260,13 +32885,17 @@ static const nsSTSPreload kSTSPreloadList[] = { { "stirling.co", true }, { "stirlingpoon.com", true }, { "stitchfiddle.com", true }, + { "stitchinprogress.com", true }, { "stivesbouncycastlehire.co.uk", true }, { "stjohnin.com", true }, { "stln.ml", true }, { "stlu.de", true }, { "stlukesbrandon.org", true }, { "stm-net.de", true }, + { "stma.is", true }, + { "stmarthachurch.com", true }, { "stmaryextra.uk", true }, + { "stmkza.net", true }, { "stmlearning.com", true }, { "stmsolutions.pl", true }, { "stneotsbouncycastlehire.co.uk", true }, @@ -32286,10 +32915,12 @@ static const nsSTSPreload kSTSPreloadList[] = { { "stolkschepen.nl", true }, { "stolpi.is", true }, { "stomt.com", true }, + { "stoneagehealth.com.au", true }, { "stonedworms.de", true }, { "stonefusion.org.uk", true }, { "stonehammerhead.org", true }, { "stonemain.eu", true }, + { "stonewuu.com", true }, { "stony.com", true }, { "stonystratford.org", true }, { "stopbreakupnow.org", true }, @@ -32299,6 +32930,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "storageideas.uk", true }, { "stordbatlag.no", true }, { "storedsafe.com", true }, + { "storeit.co.uk", true }, { "storillo.com", true }, { "storm-family.com", true }, { "stormi.io", true }, @@ -32310,7 +32942,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "storysift.news", true }, { "storytea.top", true }, { "storytell.com", true }, - { "storytime.hu", true }, { "stouter.nl", true }, { "stoxford.com", true }, { "straatderzotten.nl", true }, @@ -32326,6 +32957,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "strategiccapital.com", true }, { "strategiclivingblog.com", true }, { "strategie-zone.de", true }, + { "strathewerd.de", true }, { "stratmann-b.de", true }, { "stratuscloud.co.za", true }, { "stratuscloudconsulting.cn", true }, @@ -32340,17 +32972,20 @@ static const nsSTSPreload kSTSPreloadList[] = { { "strauser.com", true }, { "stravers.shoes", true }, { "streamchan.org", true }, + { "streamelements.com", true }, { "streamlineautogroup.com", true }, + { "streampleasure.xyz", true }, { "streams.dyndns.org", true }, - { "street-smart-home.de", true }, + { "street-medics.fr", true }, { "street-tek.com", true }, { "streetdancecenter.com", true }, + { "streetmarket.ru", true }, { "streets.mn", true }, { "streetshirts.co.uk", true }, { "streetspotr.com", true }, { "streetview.wien", true }, { "strefapi.com", true }, - { "strelitzia02.com", true }, + { "streklhof.at", true }, { "strengthroots.com", true }, { "stretchmyan.us", true }, { "stretchpc.com", true }, @@ -32363,6 +32998,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "stringtoolbox.com", true }, { "stringvox.com", true }, { "stripe.com", true }, + { "striped.horse", true }, { "strivephysmed.com", false }, { "strm.hu", true }, { "strming.com", true }, @@ -32372,8 +33008,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "stroeerdigital.de", true }, { "stroginohelp.ru", true }, { "strom.family", true }, + { "stromaci.sk", true }, { "stromberger.org", true }, - { "strommenhome.com", true }, + { "stromzivota.sk", true }, { "strongpassword.club", true }, { "strongrandom.com", false }, { "strongsalpinesucculents.com", true }, @@ -32389,12 +33026,14 @@ static const nsSTSPreload kSTSPreloadList[] = { { "stsolarenerji.com", true }, { "stt.wiki", true }, { "stuartbell.co.uk", true }, + { "stuarteggerton.com", true }, { "stuartmorris.id.au", true }, { "stuartmorris.me", true }, { "stuartmorris.name", true }, { "stuartmorris.tel", true }, { "stuarts.xyz", false }, { "stuco.co", true }, + { "stucorweb.com", true }, { "stucydee.nl", true }, { "studenckiemetody.pl", true }, { "student-eshop.cz", true }, @@ -32414,6 +33053,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "studio-architetto.com", true }, { "studio-fotografico.ru", true }, { "studio-webdigi.com", true }, + { "studiobergaminloja.com.br", true }, { "studiodentisticosanmarco.it", true }, { "studiodewit.nl", true }, { "studiogavioli.com", true }, @@ -32423,6 +33063,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "studiolegalepaternostro.it", true }, { "studiomarcella.com", true }, { "studionowystyl.pl", true }, + { "studiopirrate.com", true }, { "studiopop.com.br", true }, { "studioproapp.com", true }, { "studioriehl.com", true }, @@ -32435,10 +33076,10 @@ static const nsSTSPreload kSTSPreloadList[] = { { "studipro-marketing.fr", true }, { "studium.cz", true }, { "studlan.no", true }, - { "studport.rv.ua", true }, { "studyin.jp", true }, - { "studying-neet.com", true }, + { "studyspy.ac.nz", true }, { "studytactics.com", true }, + { "studytale.com", true }, { "stuermer.me", true }, { "stuetzredli.ch", true }, { "stuff-fibre.co.nz", true }, @@ -32475,7 +33116,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "su1ph3r.io", true }, { "suaudeau.fr", true }, { "suaudeau.org", true }, - { "suave.io", true }, { "sub-net.at", true }, { "sub.media", true }, { "subastasdecarros.net", true }, @@ -32495,10 +33135,8 @@ static const nsSTSPreload kSTSPreloadList[] = { { "suburban-landscape.net", true }, { "suburbaninfinitioftroyparts.com", true }, { "subversive-tech.com", true }, - { "subzerotech.co.uk", true }, { "succ.in", true }, { "succesprojekter.dk", true }, - { "suche.org", true }, { "suchmaschinen-werkstatt.de", true }, { "suckmyan.us", false }, { "sucretown.net", true }, @@ -32515,18 +33153,21 @@ static const nsSTSPreload kSTSPreloadList[] = { { "suevia-ka.de", true }, { "suffa.ac", true }, { "suffix.ru", true }, - { "suffts.de", true }, { "sufix.cz", true }, { "sugarandcloth.com", true }, { "sugarbrother.com", true }, { "sugarfactory.cz", true }, + { "sugarmillmanagement.com", true }, { "sugarshin.net", true }, { "suggea.com", true }, { "suggestim.ch", true }, { "suisui.stream", true }, + { "suited21.com", true }, { "suitesapp.com", true }, { "sujatadev.in", true }, { "sujoydhar.in", true }, + { "suka.moe", true }, + { "suke3.jp", true }, { "suki.moe", true }, { "suko.pe", true }, { "sukrie.net", true }, @@ -32542,36 +33183,39 @@ static const nsSTSPreload kSTSPreloadList[] = { { "sumoatm.com", false }, { "sumthing.com", true }, { "sun-leo.co.jp", true }, + { "sun-wellness-online.com.vn", true }, { "sunboxstore.jp", true }, { "sunbritetv.com", true }, { "sunchasercats.com", true }, { "sundanceusa.com", true }, { "sundayfundayjapan.com", true }, - { "sunfeathers.net", true }, + { "sundayrest.com", true }, + { "sundragon.se", true }, + { "sunfiregold.com", true }, { "sunflyer.cn", false }, { "sunfox.cz", true }, { "sunfulong.blog", true }, { "sunfulong.me", true }, + { "sunjaydhama.com", true }, { "sunjiutuo.com", true }, { "sunlit.cloud", true }, { "sunn.ie", true }, { "sunoikisis.org", true }, + { "sunset.im", true }, { "sunsetwx.com", true }, { "sunshinesf.org", true }, { "sunsmartresorts.com", true }, + { "sunsong.org", true }, { "sunstar.bg", true }, { "sunwolf.studio", true }, - { "sunyataherb.com", true }, { "suool.net", true }, { "supa.sexy", true }, { "supastuds.com", true }, - { "super-erotica.ru", true }, { "superaficionados.com", true }, { "superbart.nl", true }, { "superbdistribute.com", true }, { "superbouncebouncycastles.com", true }, { "superbowlkneel.com", true }, - { "superbshare.com", true }, { "supercalorias.com", true }, { "supercastlesadelaide.com.au", true }, { "supercastlesbrisbane.com.au", true }, @@ -32580,10 +33224,12 @@ static const nsSTSPreload kSTSPreloadList[] = { { "supercastlessydney.com.au", true }, { "supercentenarian.com", true }, { "supercinebattle.fr", true }, + { "superdaddy.club", true }, { "supereight.net", true }, { "superguide.com.au", true }, { "superhappiness.com", true }, { "superhome.com.au", true }, + { "supermae.pt", true }, { "supermarx.nl", true }, { "supermercadosdia.com.ar", true }, { "supermercato24.it", true }, @@ -32591,7 +33237,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "supern0va.net", true }, { "supernaut.info", true }, { "supernt.lt", true }, - { "supersahnetorten.de", true }, { "supersec.es", true }, { "supersole.net", true }, { "supersonnig-festival.de", true }, @@ -32605,7 +33250,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "supertutorial.com.br", true }, { "supervisionassist.com", true }, { "supeuro.com", true }, - { "supperclub.es", false }, { "supplementler.com", true }, { "supplies24.at", true }, { "supplies24.es", true }, @@ -32619,43 +33263,53 @@ static const nsSTSPreload kSTSPreloadList[] = { { "sur-v.com", true }, { "surao.cz", true }, { "surasak.io", true }, + { "surasak.net", true }, + { "surasak.org", true }, { "surdam.casa", false }, { "sure-it.de", true }, + { "surefit-oms.com", true }, { "suretone.co.za", true }, + { "surfnetkids.com", true }, { "surfocal.com", true }, { "surgenet.nl", true }, { "surgeongeneral.gov", true }, { "surgicalassociateswny.com", true }, + { "surgiclinic.gr", true }, { "suroil.com", true }, { "surpreem.com", true }, + { "surreyheathyc.org.uk", true }, + { "suruifu.com", true }, + { "suruifu.tk", true }, { "survature.com", true }, { "surveyhealthcare.com", true }, { "surveyinstrumentsales.com", true }, { "surveymill.co.uk", true }, + { "survivalistplanet.com", true }, { "survivalmonkey.com", true }, { "survivebox.fr", true }, { "susanbpilates.co", true }, { "susanbpilates.com", true }, { "susann-kerk.de", true }, { "susanna-komischke.de", true }, + { "susanvelez.com", true }, { "susc.org.uk", true }, { "sush.us", true }, { "sushi.roma.it", true }, { "sushibesteld.nl", true }, - { "sushifrick.de", true }, { "sushikatze.de", true }, - { "sushiwereld.be", true }, + { "susoccm.org", true }, { "susosudon.com", true }, { "suspension-shop.com", true }, - { "sussexwebsites.info", false }, { "sustainabilityknowledgegroup.com", true }, { "sustainoss.org", true }, { "sustsol.com", true }, { "sutas.market", true }, { "suurhelsinki.cf", true }, { "suuria.de", true }, + { "suv4.net", true }, { "suwalls.com", true }, { "suzi3d.com", true }, + { "suziekovner.com", true }, { "suzukimarinepress.com", true }, { "sv-1966-medenbach.de", true }, { "sv-turm-hohenlimburg.de", true }, @@ -32681,10 +33335,12 @@ static const nsSTSPreload kSTSPreloadList[] = { { "svetandroida.cz", true }, { "svetlilo.com", true }, { "svetzitrka.cz", false }, + { "svht.nl", true }, { "svijet-medija.hr", true }, { "svinformatica.es", true }, { "svm-basketball.de", true }, { "svm-it.eu", true }, + { "svobodnyblog.cz", true }, { "sw-servers.net", true }, { "sw33tp34.com", true }, { "swagsocial.net", true }, @@ -32697,8 +33353,8 @@ static const nsSTSPreload kSTSPreloadList[] = { { "swat4stats.com", true }, { "swattransport.ae", true }, { "sway-cdn.com", true }, - { "sway.com", true }, { "swd.agency", true }, + { "sweak.net", true }, { "swedishhost.com", true }, { "swedishhost.se", true }, { "sweep-me.net", true }, @@ -32709,13 +33365,15 @@ static const nsSTSPreload kSTSPreloadList[] = { { "sweetgood.de", true }, { "sweets-mimatsu.com", true }, { "swehack.org", true }, + { "sweharris.org", true }, { "swerve-media-testbed-03.co.uk", true }, { "swetrust.com", true }, { "swfmax.com", true }, - { "swiftpk.net", true }, + { "swiftpcbassembly.com", true }, { "swiftqueue.com", true }, { "swilly.org", true }, { "swimbee.nl", true }, + { "swimmingpoolaccidentattorney.net", true }, { "swimready.net", true }, { "swimwear365.co.uk", true }, { "swineson.me", true }, @@ -32734,13 +33392,13 @@ static const nsSTSPreload kSTSPreloadList[] = { { "swisslinux.org", true }, { "swisstechassociation.ch", true }, { "swisstechtalks.ch", true }, - { "swissxperts.ch", true }, { "switch-trader.com", true }, { "switch.moe", true }, { "switcheo.exchange", true }, { "switcheo.rocks", true }, { "switzerland-family-office.com", true }, { "swordfeng.xyz", true }, + { "swuosa.org", false }, { "swvaux.com", true }, { "swyn.net", true }, { "sx8.ovh", true }, @@ -32748,6 +33406,8 @@ static const nsSTSPreload kSTSPreloadList[] = { { "sy-anduril.de", true }, { "sy24.ru", true }, { "syajvo.if.ua", true }, + { "syamutodon.xyz", true }, + { "syamuwatching.xyz", true }, { "sycamorememphis.org", true }, { "sychov.pro", true }, { "sydney-sehen.com", true }, @@ -32756,6 +33416,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "sydneylawnandturf.com.au", true }, { "syenar.net", true }, { "syezd.com.au", true }, + { "syha.org.uk", true }, { "syhost.at", true }, { "syhost.ch", true }, { "syhost.de", true }, @@ -32764,7 +33425,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "syleam.in", true }, { "sylfie.net", true }, { "syllogi.xyz", true }, - { "sylvaincombe.net", true }, { "sylvaindurand.fr", true }, { "sylvaindurand.org", true }, { "sylvaloir.fr", true }, @@ -32779,10 +33439,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "symbiose.com", true }, { "symbiosecom.ch", true }, { "symeda.de", true }, - { "symetria.io", true }, { "symfora-meander.nl", true }, { "symlnk.de", true }, { "symphonos.it", true }, + { "sympmarc.com", true }, + { "sympraxisconsulting.com", true }, { "symptome-erklaert.de", true }, { "synabi.com", true }, { "synaptickz.me", true }, @@ -32790,7 +33451,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "sync-it.no", true }, { "synccentre.com", true }, { "syncflare.com", true }, - { "synchrocube.com", true }, { "synchrolarity.com", true }, { "synchronyse.com", true }, { "synchtu.be", true }, @@ -32820,7 +33480,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "sysmike.de", true }, { "systea.fr", true }, { "system-m.de", true }, - { "system-online.cz", true }, { "system.cf", true }, { "system.is", true }, { "system12.pl", true }, @@ -32828,28 +33487,35 @@ static const nsSTSPreload kSTSPreloadList[] = { { "systemadmin.uk", true }, { "systematic-momo.com", true }, { "systematic-momo.dk", true }, + { "systemchile.com", true }, { "systemd.ch", true }, { "systemd.eu.org", true }, { "systemeprod.fr", true }, { "systemintegra.ru", true }, { "systemli.org", true }, + { "systemonthego.com", true }, { "systemreboot.net", true }, { "systemspace.link", true }, - { "systemweb.no", true }, { "systemzeit.info", true }, { "systoolbox.net", true }, { "sysystems.cz", true }, { "syt3.net", true }, { "sytk.me", true }, + { "syukatsu-net.jp", true }, { "syy.im", true }, { "syzygy-tables.info", true }, { "szafkirtv.pl", true }, { "szagun.net", true }, + { "szaloneigly.com", true }, { "szamitogepdepo.com", true }, { "szaydon.me", false }, + { "szclsya.me", true }, + { "szczot3k.pl", true }, { "szechenyi2020.hu", true }, { "szentistvanpt.sk", true }, { "szerelem.love", true }, + { "szetowah.org.hk", true }, + { "szunia.com", true }, { "szybkiebieganie.pl", true }, { "szyndler.ch", true }, { "t-hawk.com", true }, @@ -32875,6 +33541,8 @@ static const nsSTSPreload kSTSPreloadList[] = { { "tabarnak.ga", true }, { "tabernadovinho.com.br", true }, { "tabhui.com", true }, + { "tabi-news.com", true }, + { "tabi-runrun.com", true }, { "tabithawebb.co.uk", true }, { "tabledusud.be", true }, { "tabledusud.nl", true }, @@ -32885,13 +33553,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "taborsky.cz", true }, { "tac-volley.com", true }, { "tachi.uk", true }, - { "tachyonapp.com", true }, { "tacklinglife.com", true }, { "tacklog.com", true }, { "tacomafia.net", false }, { "tacostea.net", true }, { "tacticalsquare.com", true }, - { "tadata.me", true }, { "taddiestales.com", true }, { "tadeo.ca", true }, { "tadluedtke.com", true }, @@ -32899,19 +33565,20 @@ static const nsSTSPreload kSTSPreloadList[] = { { "tadu.de", true }, { "tagabrand.co.uk", true }, { "tagdocumentary.com", true }, + { "tagesmutter-zwitscherlinge.de", true }, { "taggedpdf.com", false }, { "taglioepiega.com", true }, { "taglioepiega.eu", true }, { "taglioepiega.it", true }, { "tagpay.com", true }, + { "tahavu.com", true }, { "tahosa.co", true }, { "tahosalodge.org", true }, { "tai-in.com", true }, { "tai-in.net", true }, - { "tailandfur.com", true }, - { "tailpuff.net", true }, { "tails.boum.org", true }, { "taimane.com", true }, + { "taiphanmem.net", true }, { "taishon.nagoya", true }, { "taitmacleod.com", true }, { "taiwan.dating", true }, @@ -32920,9 +33587,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "taizegroep.nl", true }, { "tajper.pl", true }, { "take1give1.com", false }, - { "takebackyourstate.com", true }, - { "takebackyourstate.net", true }, - { "takebackyourstate.org", true }, { "takeitoffline.co.uk", true }, { "takemoto-ped.com", true }, { "taken.pl", true }, @@ -32941,7 +33605,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "taler.net", true }, { "talideon.com", false }, { "talk.google.com", true }, - { "talk.xyz", true }, { "talkgadget.google.com", true }, { "talking12.com", true }, { "talkingmoose.net", true }, @@ -32957,9 +33620,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "tallyfy.com", true }, { "talon.rip", true }, { "talroo.com", true }, - { "talsi.eu", true }, { "talun.de", true }, - { "tamaraboutique.com", true }, { "tamashimx.net", true }, { "tambre.ee", true }, { "tamchunho.com", true }, @@ -32968,12 +33629,13 @@ static const nsSTSPreload kSTSPreloadList[] = { { "tampabaybusinesslistings.com", true }, { "tamposign.fr", true }, { "tamriel-rebuilt.org", true }, - { "tanak3n.xyz", true }, + { "tanak3n.xyz", false }, { "tancredi.nl", true }, { "tandem-trade.ru", false }, { "tandempartnerships.com", true }, + { "tandilmap.com.ar", true }, + { "tandk.com.vn", true }, { "tandzorg.link", true }, - { "tangel.me", true }, { "tangemann.org", true }, { "tango-cats.de", true }, { "tango-ouest.com", true }, @@ -32987,9 +33649,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "tankski.co.uk", true }, { "tannenhof-moelln.de", true }, { "tannerryan.ca", true }, + { "tannerwj.com", true }, { "tantalos.nl", true }, { "tantei100.net", true }, - { "tantetilli.de", true }, { "tanto259.name", false }, { "tanyanama.com", true }, { "tanz.info", true }, @@ -32998,12 +33660,14 @@ static const nsSTSPreload kSTSPreloadList[] = { { "taoburee.com", true }, { "taoways.com", true }, { "tapakgram.com", true }, + { "taplamvan.net", true }, { "taplemon.at", true }, { "taplemon.com", true }, { "taprix.org", true }, - { "taqsim.jp", true }, + { "tapsnapp.co", true }, { "taquilla.com", true }, { "taqun.club", true }, + { "tarantul.org.ua", true }, { "tarasecurity.co.uk", true }, { "tarasecurity.com", true }, { "tarasevich.by", true }, @@ -33014,6 +33678,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "tariff.cc", true }, { "tarik.io", true }, { "tarmexico.com", true }, + { "tarots-et-oracles.com", true }, { "tarsan.cz", true }, { "tartaneagle.org.uk", true }, { "tartanhamedshop.com.br", true }, @@ -33051,12 +33716,12 @@ static const nsSTSPreload kSTSPreloadList[] = { { "taxi-puck.pl", true }, { "taxi-waregem.be", true }, { "taxicollectif.ch", true }, - { "taxiindenbosch.nl", true }, + { "taxid-k.be", true }, { "taxis-collectifs.ch", true }, { "taxisafmatosinhos.pt", true }, { "taxiscollectifs.ch", true }, { "taxlab.co.nz", true }, - { "taxspeaker.com", true }, + { "taxsquirrel.com", true }, { "taylorpearson.me", false }, { "taylors-castles.co.uk", true }, { "taylorstauss.com", true }, @@ -33064,6 +33729,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "tb-devel.de", true }, { "tb-itf.de", true }, { "tba.bm", true }, + { "tbejos.com", true }, { "tbfocus.com", true }, { "tbitc.ch", true }, { "tbonejs.org", true }, @@ -33071,9 +33737,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "tbrindus.ca", true }, { "tbs-certificates.co.uk", true }, { "tbspace.de", true }, - { "tbtech.cz", true }, { "tbuchloh.de", true }, - { "tbys.us", true }, { "tc-st-leonard.ch", true }, { "tc.nz", true }, { "tcacademy.co.uk", true }, @@ -33083,6 +33747,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "tcf.org", true }, { "tcgforum.pl", true }, { "tcgrepublic.com", true }, + { "tchaka.top", true }, { "tchannels.tv", true }, { "tchebb.me", true }, { "tchebotarev.com", true }, @@ -33093,9 +33758,10 @@ static const nsSTSPreload kSTSPreloadList[] = { { "tcptun.com", true }, { "tcpweb.net", true }, { "tcspartner.net", true }, + { "tcvvip.com", true }, + { "tcwis.com", true }, { "tdchrom.com", true }, { "tdfbfoundation.org", true }, - { "tdpblog.site", true }, { "tdrcartuchos.com.br", true }, { "tdrs.info", true }, { "tdsf.io", true }, @@ -33118,7 +33784,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "team-bbd.com", true }, { "team.house", true }, { "team3482.com", true }, - { "teamassists.com", true }, { "teambeam.at", true }, { "teambeam.ch", true }, { "teambeam.com", true }, @@ -33127,6 +33792,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "teambodyproject.com", true }, { "teamcombat.com", true }, { "teamliquidpro.com", true }, + { "teammateworld.com", true }, { "teammathics.com", true }, { "teamnetsol.com", true }, { "teamninjaapp.com", true }, @@ -33141,7 +33807,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "teamupturn.org", true }, { "teamusec.de", true }, { "tearoomlints.be", true }, - { "teasenetwork.com", true }, { "teaser-trailer.com", true }, { "teatrarium.com", true }, { "teb-akademia.pl", true }, @@ -33158,6 +33823,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "tech-seminar.jp", true }, { "tech-value.eu", true }, { "tech-zealots.com", true }, + { "techableme.com", true }, { "techace.jp", true }, { "techademy.nl", true }, { "techarea.fr", true }, @@ -33183,18 +33849,18 @@ static const nsSTSPreload kSTSPreloadList[] = { { "techmajesty.com", true }, { "techmasters.io", true }, { "techmunchies.net", false }, + { "technic3000.com", true }, { "technicabv.nl", true }, { "technicalbrothers.cf", true }, { "technicallyeasy.net", true }, { "technicalsystemsprocessing.com", true }, - { "techniclab.net", true }, - { "techniclab.org", true }, - { "techniclab.ru", true }, { "technifocal.com", true }, { "technik-boeckmann.de", true }, { "technikblase.fm", true }, + { "technikman.de", true }, { "technoinfogroup.it", true }, { "technologie-innovation.fr", true }, + { "technologyand.me", true }, { "technologysi.com", true }, { "technoparcepsilon.fr", true }, { "technoscoots.com", true }, @@ -33212,6 +33878,8 @@ static const nsSTSPreload kSTSPreloadList[] = { { "techsolvency.com", true }, { "techsys.cz", true }, { "techtalks.no", true }, + { "techtrader.ai", true }, + { "techtrader.io", true }, { "techtuts.info", true }, { "techvalue.gr", true }, { "techview.link", true }, @@ -33220,6 +33888,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "techwithcromulent.com", true }, { "techwords.io", true }, { "teckids.org", true }, + { "tecma.com", true }, { "tecmarkdig.com", true }, { "tecne.ws", true }, { "tecnicoelettrodomestici.roma.it", true }, @@ -33243,7 +33912,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "teemperor.de", true }, { "teemulintula.fi", true }, { "teencounseling.com", true }, - { "teenerotic.net", true }, { "teengirl.pub", true }, { "teensexgo.com", true }, { "teesypeesy.com", true }, @@ -33253,7 +33921,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "tehcrayz.com", true }, { "tehrabbitt.com", false }, { "tehrankey.ir", true }, - { "tehranperfume.com", true }, { "teixobactin.com", true }, { "tejarat98.com", true }, { "teknemodus.com.au", true }, @@ -33263,7 +33930,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "teknoforums.com", true }, { "teknolit.com", true }, { "tekstschrijvers.net", true }, - { "teksuperior.com", true }, { "tektuts.com", true }, { "tekuteku.jp", true }, { "telamon.eu", true }, @@ -33281,6 +33947,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "telefoncek.si", true }, { "telefonkonferenz.ch", true }, { "telefonni-ustredna.cz", true }, + { "telefonogratuito.com", true }, { "telefonseelsorge-paderborn.de", true }, { "telefoon.nl", true }, { "telefoonabonnement.nl", true }, @@ -33292,8 +33959,8 @@ static const nsSTSPreload kSTSPreloadList[] = { { "telepass.me", true }, { "telephonedirectories.us", true }, { "telepons.com", true }, - { "teleshop.be", true }, { "telework.gov", true }, + { "tellcorpassessoria.com.br", true }, { "telling.xyz", true }, { "tellusaboutus.com", true }, { "telly.site", true }, @@ -33302,7 +33969,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "telos-analytics.com", true }, { "teltonica.com", true }, { "teltru.com", true }, - { "telugu4u.net", true }, { "tem.li", true }, { "tematicas.org", true }, { "temizmama.com", true }, @@ -33343,20 +34009,18 @@ static const nsSTSPreload kSTSPreloadList[] = { { "tepitus.de", true }, { "teplofom.ru", true }, { "teplomash24.ru", true }, - { "tequilazor.com", true }, { "terabyte.services", true }, { "terabyteharddrive.net", true }, { "terabyteit.co.uk", true }, { "teracloud.at", true }, { "teranacreative.com", true }, - { "tercerapuertoaysen.cl", true }, { "teriiphotography.com", true }, { "terlindung.com", true }, { "termax.me", true }, - { "termino.eu", true }, { "termitemounds.org", true }, { "termitinitus.org", true }, { "termografiranje.si", true }, + { "termux.com", true }, { "terra.fitness", true }, { "terrab.de", false }, { "terracloud.de", false }, @@ -33369,6 +34033,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "terralimno.eu", true }, { "terraluna.space", true }, { "terranova-nutrition.dk", true }, + { "terrapay.com", true }, { "terrastaffinggroup.com", false }, { "terraweb.net", true }, { "terresmagiques.com", true }, @@ -33385,18 +34050,20 @@ static const nsSTSPreload kSTSPreloadList[] = { { "tessai.ga", true }, { "test-textbooks.com", true }, { "test.de", true }, + { "test.support", true }, { "testadren.com", true }, { "testgeomed.ro", true }, { "testi.info", true }, { "testomato.com", true }, + { "testosterone-complex.com", true }, { "testosteronedetective.com", true }, { "testpornsite.com", true }, { "testsuite.org", true }, { "testuje.net", true }, { "tetedelacourse.ch", true }, { "teto.nu", true }, + { "tetraetc.com", true }, { "tetraktus.org", true }, - { "tetrarch.co", true }, { "tetsugakunomichi.jp", true }, { "tetsumaki.net", true }, { "teufel.dk", true }, @@ -33446,6 +34113,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "tgbyte.de", true }, { "tgexport.eu", true }, { "tgmkanis.com", true }, + { "tgtv.tn", true }, { "tgui.eu", true }, { "tgui.net", true }, { "tgw.com", true }, @@ -33460,11 +34128,12 @@ static const nsSTSPreload kSTSPreloadList[] = { { "thailandpharmacy.net", true }, { "thairehabassociation.com", true }, { "thajskyraj.com", true }, - { "thala.fr", false }, + { "thala.fr", true }, { "thalan.fr", true }, { "thalgott.net", true }, { "thalhammer.it", true }, { "thalia.nu", true }, + { "thaliagetaway.com.au", true }, { "thallinger.me", true }, { "thamesfamilydentistry.com", true }, { "thanabh.at", true }, @@ -33472,8 +34141,10 @@ static const nsSTSPreload kSTSPreloadList[] = { { "thanhthinhbui.com", true }, { "thatdarkplace.com", true }, { "thatquiz.org", true }, + { "thatsme.io", true }, { "thca.ca", true }, { "thcpbees.co.uk", true }, + { "the-bermanns.com", true }, { "the-body-shop.hu", false }, { "the-fermenter.com", true }, { "the-gdn.net", true }, @@ -33482,6 +34153,8 @@ static const nsSTSPreload kSTSPreloadList[] = { { "the-nash-education-program.com", true }, { "the-pcca.org", true }, { "the-webmaster.com", true }, + { "the-woods.org.uk", true }, + { "the-zenti.de", true }, { "the2f.de", true }, { "the3musketeers.biz", true }, { "theactuary.ninja", true }, @@ -33493,16 +34166,19 @@ static const nsSTSPreload kSTSPreloadList[] = { { "thebakers.com.br", true }, { "thebakery2go.de", true }, { "thebannerstore.com", true }, + { "thebarrens.nu", true }, { "thebasebk.org", true }, { "thebcm.co.uk", true }, { "thebest.ch", true }, { "thebestfun.co.uk", true }, + { "thebestpersonin.ml", true }, { "thebestsavingsplan.com", true }, { "thebigbitch.nl", true }, { "thebigdatacompany.com", true }, { "thebigwave.de", true }, { "thebikeinsurer.co.uk", true }, { "thebimhub.com", true }, + { "thebinarys.com", true }, { "thebirthdaysite.co.uk", true }, { "thebit.link", true }, { "theblackknightsings.com", true }, @@ -33515,18 +34191,16 @@ static const nsSTSPreload kSTSPreloadList[] = { { "thebreakroom.org", true }, { "thebrightons.co.uk", true }, { "thebrightons.uk", true }, + { "thebulletin.io", true }, { "thebusinessofgoodfilm.com", true }, { "thecamels.org", true }, { "thecameradivision.com", true }, - { "thecandidforum.com", true }, { "thecarolingconnection.com", true }, { "thecellulitediet.com", true }, { "thecherryship.ch", true }, { "thechunk.net", true }, { "theciderlink.com.au", true }, - { "thecitizens.com", true }, { "thecitywarehouse.clothing", true }, - { "thecloudmigrator.com", true }, { "thecloudshelter.com", true }, { "thecoffeecamp.com", true }, { "thecoffeesuperstore.com", true }, @@ -33534,6 +34208,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "thecompany.pl", true }, { "theconcordbridge.azurewebsites.net", true }, { "thecondobuyers.com", true }, + { "thecookiejar.me", true }, { "thecozycastle.com", true }, { "thecrazytravel.com", true }, { "thecrew-exchange.com", true }, @@ -33543,13 +34218,14 @@ static const nsSTSPreload kSTSPreloadList[] = { { "thecuriousdev.com", true }, { "thecurvyfashionista.com", true }, { "thecustomdroid.com", true }, - { "thecustomizewindows.com", true }, { "thedark1337.com", true }, { "thedebug.life", true }, { "thederminstitute.com", true }, { "thediaryofadam.com", true }, + { "thedisc.nl", true }, { "thediscovine.com", true }, { "thedocumentrefinery.com", true }, + { "thedom.site", true }, { "thedreamtravelgroup.co.uk", true }, { "thedronechart.com", true }, { "thedutchmarketers.com", true }, @@ -33557,23 +34233,24 @@ static const nsSTSPreload kSTSPreloadList[] = { { "theeducationchannel.info", true }, { "theeducationdirectory.org", true }, { "theeighthbit.com", true }, - { "theel0ja.info", true }, { "theel0ja.ovh", true }, { "theemasphere.com", true }, + { "thefairieswantmedead.com", true }, { "thefanimatrix.net", true }, { "thefasterweb.com", true }, { "thefbstalker.com", true }, { "thefengshuioffice.com", true }, { "theferrarista.com", true }, { "theflowerbasketonline.com", true }, + { "theflowershopdeddington.com", true }, { "theflyingbear.net", true }, { "thefnafarchive.org", true }, - { "thefox.com.fr", true }, + { "thefourthmoira.com", true }, { "thefrk.pw", true }, + { "thefuckingtide.com", true }, { "thefunfirm.co.uk", true }, { "thefurnitureco.uk", true }, { "thegarrowcompany.com", true }, - { "thegcccoin.com", true }, { "thegeekdiary.com", true }, { "thegioinano.com", true }, { "thegrape.ro", true }, @@ -33582,7 +34259,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "thegreenfields.se", true }, { "thegreenmanpottery.com", true }, { "thegreenpark.co.uk", true }, - { "thegreens.us", true }, + { "thegrs.com", true }, { "theguitarcompany.nl", true }, { "thegvoffice.net", true }, { "thegym.org", true }, @@ -33590,12 +34267,12 @@ static const nsSTSPreload kSTSPreloadList[] = { { "thehairrepublic.net", true }, { "thehairstandard.com", true }, { "thehaxbys.co.uk", true }, - { "thehiddenbay.fi", true }, { "thehiddenbay.info", true }, - { "thehiddenbay.ws", true }, { "thehivedesign.org", true }, { "thehomeicreate.com", true }, { "thehookup.be", true }, + { "thehoryzon.com", true }, + { "thehotfix.net", true }, { "thehotness.tech", true }, { "thehouseofgod.org.nz", true }, { "thehowtohome.com", true }, @@ -33616,6 +34293,8 @@ static const nsSTSPreload kSTSPreloadList[] = { { "thelaimlife.com", true }, { "thelanscape.com", true }, { "thelastsurprise.com", true }, + { "thelatedcult.com", true }, + { "thelearningenterprise.co.uk", true }, { "thelegionshirley.co.uk", true }, { "thelinuxtree.net", true }, { "thelittlecraft.com", true }, @@ -33625,7 +34304,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "themacoaching.nl", true }, { "themallards.info", true }, { "themarshallproject.org", true }, - { "themeaudit.com", true }, + { "themaster.site", true }, { "themecraft.studio", true }, { "themefoxx.com", true }, { "themetacity.com", true }, @@ -33633,6 +34312,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "themillerslive.com", true }, { "themimitoof.fr", true }, { "themist.cz", true }, + { "themobilestuffs.com", true }, { "themoep.at", true }, { "themoneyconverter.com", true }, { "themonkeytrail.co.uk", true }, @@ -33644,7 +34324,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "thenarcissisticlife.com", true }, { "thenexwork.com", true }, { "thenib.com", true }, - { "thenichecast.com", true }, { "thenocman.com", true }, { "thenovaclinic.com", true }, { "thenowheremen.com", true }, @@ -33669,6 +34348,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "thepaulagcompany.com", true }, { "thepaymentscompany.com", true }, { "thepb.in", true }, + { "thepeninsulaires.com", true }, { "thephonecaseplace.com", true }, { "thephp.cc", true }, { "thepiabo.ovh", true }, @@ -33679,9 +34359,13 @@ static const nsSTSPreload kSTSPreloadList[] = { { "theplaydaysbus.co.uk", true }, { "theplayspot.co.uk", true }, { "theploughharborne.co.uk", true }, + { "thepoplarswines.com.au", true }, { "thepostoffice.ro", true }, { "thepriorybandbsyresham.co.uk", true }, + { "theproductpoet.com", true }, { "thepromisemusic.com", true }, + { "thepurem.com", true }, + { "thepythianseed.com", true }, { "theragran.co.id", true }, { "theralino.de", true }, { "theramo.re", true }, @@ -33691,25 +34375,26 @@ static const nsSTSPreload kSTSPreloadList[] = { { "therapysxm.com", true }, { "therealcost.gov", true }, { "thereaper.net.au", true }, + { "thereisnocloud.fr", true }, + { "therepublicofliverpool.com", true }, { "theresa-mayer.eu", true }, { "therevenge.me", true }, { "therewill.be", true }, { "thermalbad-therme.de", true }, { "thermity.com", true }, { "thermolamina.nl", true }, - { "theroamingnotary.com", true }, { "theroks.com", true }, { "theroyalmarinescharity.org.uk", true }, + { "therugswarehouse.co.uk", true }, { "theruizes.com", true }, { "theruleslawyer.net", true }, { "therumfordcitizen.com", true }, { "thesalonthing.com", false }, - { "thesassynut.com", true }, { "thesaturdaypaper.com.au", true }, { "thesaurus.net", true }, { "theschool.jp", true }, { "thescientists.nl", true }, - { "thesecondsposts.com", true }, + { "thesecondsposts.com", false }, { "theseed.io", true }, { "theseedbox.xyz", true }, { "theseletarmall.com", true }, @@ -33732,10 +34417,10 @@ static const nsSTSPreload kSTSPreloadList[] = { { "thesmokingcuban.com", true }, { "thesocialmediacentral.com", true }, { "thesplashlab.com", true }, + { "thesslstore.com", true }, { "thestationatwillowgrove.com", true }, { "thesteins.org", false }, { "thestoneage.de", true }, - { "thestoritplace.com", true }, { "thestory.ie", true }, { "thestoryshack.com", true }, { "thestral.pro", true }, @@ -33747,10 +34432,13 @@ static const nsSTSPreload kSTSPreloadList[] = { { "theswissbay.ch", true }, { "thetechnical.me", true }, { "thetenscrolls.com", true }, + { "thethreepercent.marketing", true }, { "thetomharling.com", true }, + { "thetradinghall.com", true }, { "thetree.ro", true }, { "thetrendspotter.net", true }, { "thetuxkeeper.de", false }, + { "thetvtraveler.com", true }, { "theunitedstates.io", true }, { "thevacweb.com", true }, { "thevalentineconstitution.com", true }, @@ -33760,6 +34448,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "thewaxhouse.academy", true }, { "thewaxhouse.de", true }, { "thewaxhouse.shop", true }, + { "thewebdexter.com", true }, { "thewebflash.com", true }, { "thewebsitedoctors.co.uk", true }, { "thewebsitemarketingagency.com", true }, @@ -33769,6 +34458,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "thewinstonatlyndhurst.com", true }, { "thewoodkid.com.au", true }, { "thewoolroom.com.au", true }, + { "theworldexchange.com", true }, + { "theworldexchange.net", true }, + { "theworldexchange.org", true }, { "theworldsend.eu", true }, { "thexfactorgames.com", true }, { "thexme.de", true }, @@ -33777,10 +34469,10 @@ static const nsSTSPreload kSTSPreloadList[] = { { "theyear199x.org", true }, { "theyearinpictures.co.uk", true }, { "theyosh.nl", true }, + { "thezero.org", true }, { "thezillersathenshotel.com", true }, { "thiagohersan.com", true }, { "thibaultwalle.com", true }, - { "thibautcharles.net", true }, { "thienteakee.com", true }, { "thiepcuoidep.com", true }, { "thiepxinh.net", true }, @@ -33801,21 +34493,21 @@ static const nsSTSPreload kSTSPreloadList[] = { { "thinkingandcomputing.com", true }, { "thinkingliberty.com", true }, { "thinkingplanet.net", true }, - { "thinklikeanentrepreneur.com", true }, { "thinkmarketing.ca", true }, { "thinkquality.nl", true }, { "thinkrealty.com", true }, { "thinktux.net", true }, { "thirdbearsolutions.com", true }, { "thirdworld.moe", true }, - { "thirtyspot.com", true }, { "thiry-automobiles.net", true }, { "thisbrownman.com", true }, { "thiscloudiscrap.com", false }, { "thiscode.works", true }, { "thisdot.site", true }, { "thisfreelife.gov", true }, + { "thisisgrey.com", true }, { "thisishugo.com", true }, + { "thisisthefinalact.com", true }, { "thisistheserver.com", true }, { "thisiswhywemom.com", true }, { "thismatter.com", true }, @@ -33833,12 +34525,16 @@ static const nsSTSPreload kSTSPreloadList[] = { { "thomas-suchon.fr", true }, { "thomas.love", false }, { "thomasbeckers.be", true }, + { "thomasbreads.com", false }, + { "thomasduerlund.com", true }, { "thomasduerlund.dk", true }, + { "thomasetsophie.fr", true }, { "thomaseyck.com", true }, { "thomasfoster.co", true }, - { "thomasgriffin.io", true }, { "thomashunter.name", false }, { "thomasmcfly.com", true }, + { "thomasmeester.nl", false }, + { "thomasmerritt.de", true }, { "thomassen.sh", false }, { "thomasstevensmusic.com", true }, { "thomastimepieces.com.au", true }, @@ -33852,6 +34548,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "thor.edu", true }, { "thor.re", true }, { "thoroquel.org", true }, + { "thoroughbreddiesel.com", true }, { "thorsten-schaefer.com", true }, { "thorstenschaefer.name", true }, { "thosci.com", true }, @@ -33893,11 +34590,10 @@ static const nsSTSPreload kSTSPreloadList[] = { { "thunderkeys.net", true }, { "thundr.eu", true }, { "thunraz.com", true }, - { "thusoy.com", false }, + { "thusoy.com", true }, { "thuthuatios.com", true }, { "thuviensoft.com", true }, { "thuviensoft.net", true }, - { "thuybich.com", false }, { "thw-bernburg.de", true }, { "thxandbye.de", true }, { "thycotic.ru", true }, @@ -33906,7 +34602,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "thzone.net", true }, { "ti-pla.net", true }, { "ti-planet.org", true }, - { "tiacollection.com", true }, { "tiagonunes.pt", true }, { "tiaki.org", true }, { "tianeptine.com", true }, @@ -33915,14 +34610,18 @@ static const nsSTSPreload kSTSPreloadList[] = { { "tibipg.com", true }, { "tibovanheule.space", true }, { "ticfleet.com", true }, + { "tichieru.pw", true }, { "ticketassist.nl", true }, { "ticketluck.com", true }, { "ticketmates.com.au", true }, + { "ticketmaze.com", true }, { "ticketpro.ca", true }, + { "ticketrunway.com", true }, { "ticketslover.com", true }, { "ticketsmate.com", true }, { "ticketsource.co.uk", true }, { "ticketsource.eu", true }, + { "ticketsource.io", true }, { "ticketsource.us", true }, { "ticketsourcebeta.co.uk", true }, { "ticketsvergleichen.de", true }, @@ -33930,14 +34629,13 @@ static const nsSTSPreload kSTSPreloadList[] = { { "tid.jp", true }, { "tidycustoms.net", true }, { "tielectric.ch", true }, - { "tiendafetichista.com", true }, { "tiendavertigo.com", true }, { "tiens-ib.cz", true }, { "tier-1-entrepreneur.com", true }, { "tierarztpraxis-bogenhausen.de", true }, - { "tierarztpraxis-illerwinkel.de", true }, { "tierarztpraxis-weinert.de", true }, { "tiernanx.com", true }, + { "tierraprohibida.net", true }, { "ties.com", true }, { "tiew.pl", true }, { "tifan.net", true }, @@ -33965,13 +34663,17 @@ static const nsSTSPreload kSTSPreloadList[] = { { "tiliaze.eu", true }, { "tiliaze.info", true }, { "tiliaze.net", true }, + { "tilikum.io", true }, { "till.im", true }, { "tillberg.us", true }, { "tilleysbouncycastles.co.uk", true }, { "tillseasyscore.com", true }, + { "tilosp.de", true }, + { "tilta.com", true }, { "tiltedwindmillcrafts.com", true }, { "timbarlotta.com", true }, { "timberkel.com", true }, + { "timbers.space", true }, { "timbishopartist.com", true }, { "timbrust.de", true }, { "timco.cloud", true }, @@ -33992,22 +34694,23 @@ static const nsSTSPreload kSTSPreloadList[] = { { "timetotrade.com", true }, { "timewasters.nl", true }, { "timfiedler.net", true }, + { "timhieuthuoc.com", true }, { "timing.com.br", true }, { "timjk.de", true }, - { "timklefisch.de", true }, { "timmersgems.com", true }, - { "timmy.im", true }, { "timmyrs.de", true }, { "timnash.co.uk", true }, { "timonengelke.de", true }, { "timoso.de", true }, { "timothybjacobs.com", true }, { "timoxbrow.com", true }, + { "timsayedmd.com", true }, { "timtaubert.de", true }, { "timtelfer.com", true }, { "timtj.ca", true }, { "timvivian.ca", true }, { "timweb.ca", true }, + { "tina.media", true }, { "tinastahlschmidt.de", true }, { "tindallriley.co.uk", true }, { "tinf15b4.de", true }, @@ -34035,6 +34738,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "tioat.net", true }, { "tipaki.gr", true }, { "tipbox.is", true }, + { "tipe.io", false }, { "tiplanet.org", true }, { "tipoftheday.tips", true }, { "tippytoad.com", true }, @@ -34047,10 +34751,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "tirlins.com", true }, { "tiroler-kupferschmiede.com", true }, { "tirs4ne.ch", true }, + { "tis.ph", true }, { "tischlerei-klettke.de", true }, - { "tism.in", true }, { "tissot-mayenfisch.com", true }, { "tit-cdn.de", true }, + { "tit-dev.de", true }, { "tit-dns.de", true }, { "tit-mail.de", true }, { "tit.systems", true }, @@ -34068,7 +34773,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "tiwag.at", true }, { "tixeconsulting.com", true }, { "tjampoer.com", true }, - { "tjandpals.com", true }, { "tjenestetorvet.dk", true }, { "tjkcastles.uk", true }, { "tjl.rocks", true }, @@ -34085,6 +34789,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "tkn.tokyo", true }, { "tkusano.jp", true }, { "tkw01536.de", false }, + { "tl.gg", true }, { "tlca.org", true }, { "tlcnet.info", true }, { "tlehseasyads.com", true }, @@ -34099,13 +34804,13 @@ static const nsSTSPreload kSTSPreloadList[] = { { "tlthings.net", true }, { "tlumaczenie.com", true }, { "tlys.de", true }, + { "tmakiguchi.org", true }, { "tmberg.cf", true }, { "tmberg.ga", true }, { "tmberg.gq", true }, { "tmberg.ml", true }, { "tmberg.tk", true }, { "tmc.com.mt", true }, - { "tmconnects.com", true }, { "tmcpromotions.co.uk", true }, { "tmcreationweb.com", true }, { "tmdb.biz", true }, @@ -34126,10 +34831,12 @@ static const nsSTSPreload kSTSPreloadList[] = { { "tnl.cloud", true }, { "tntmobi.com", true }, { "tny.link", true }, - { "to2mbn.org", true }, + { "toabsentfamily.com", true }, { "toad.ga", true }, { "toast.al", false }, + { "tob-rulez.de", true }, { "tobacco.gov", true }, + { "tobaccolocker.com", true }, { "tobedo.net", true }, { "tober-cpag.de", true }, { "tobi-mayer.de", true }, @@ -34146,9 +34853,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "tobiasconradi.com", true }, { "tobiashorvath.com", true }, { "tobiashorvath.de", true }, + { "tobiaskorf.de", true }, { "tobiaspahlings.de", true }, { "tobiassachs.de", true }, { "tobiassattler.com", true }, + { "tobiaswiese.com", true }, { "tobiemilford.com", true }, { "tobis-rundfluege.de", true }, { "tobis-webservice.de", true }, @@ -34184,16 +34893,15 @@ static const nsSTSPreload kSTSPreloadList[] = { { "tofu.cf", true }, { "togech.jp", true }, { "togetter.com", true }, - { "toheb.de", true }, + { "toheb.de", false }, { "tohokinemakan.tk", true }, - { "tohokufd.com", true }, { "tokaido-kun.jp", true }, { "tokaido.com", true }, { "tokainafb.net", true }, { "tokainakurasi.net", true }, { "tokbijouxs.com.br", true }, + { "tokenmarket.net", true }, { "tokens.net", true }, - { "tokfun.com", true }, { "tokic.hr", true }, { "tokinoha.net", true }, { "tokio.fi", true }, @@ -34219,8 +34927,10 @@ static const nsSTSPreload kSTSPreloadList[] = { { "tom-kunze.de", true }, { "tom-maxwell.com", true }, { "tom.horse", true }, + { "tom.je", true }, { "tomabrafix.de", true }, - { "tomandshirley.com", true }, + { "tomahawk.ca", true }, + { "tomandmara.com", true }, { "tomarns.nl", true }, { "tomasjacik.cz", true }, { "tomaskavalek.cz", true }, @@ -34251,13 +34961,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "tomjonsson.se", true }, { "tomkunze.de", true }, { "tomkwok.com", true }, - { "tomli.blog", true }, { "tomlowenthal.com", true }, { "tomm.yt", true }, { "tommic.eu", true }, { "tomnatt.com", true }, { "tomo.gr", false }, - { "tomochun.net", true }, { "tomosm.net", true }, { "tomoyaf.com", true }, { "tomravinmd.com", true }, @@ -34266,6 +34974,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "toms.ovh", true }, { "tomschlick.com", true }, { "tomsdevsn.me", true }, + { "tomspdblog.com", true }, { "tomssl.com", true }, { "tomticket.com", true }, { "tomudding.com", true }, @@ -34275,7 +34984,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "tomwassenberg.nl", true }, { "tomwiggers.nl", false }, { "tomwilson.io", true }, - { "tomy.icu", true }, { "tomyork.net", true }, { "tonabor.ru", true }, { "tonage.de", true }, @@ -34304,7 +35012,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "tonkinson.com", true }, { "tonkinwilsonvillenissanparts.com", true }, { "tonnycat.com", true }, - { "tono.us", true }, { "tonsit.com", true }, { "tonsit.org", true }, { "tontonnews.net", true }, @@ -34328,14 +35035,17 @@ static const nsSTSPreload kSTSPreloadList[] = { { "toool.nl", true }, { "toool.org", true }, { "tooolroc.org", false }, + { "toot.center", true }, { "toothdoc.ca", true }, { "tooti.biz", true }, { "top-esb.com", true }, { "top-obaly.cz", true }, { "top-opakowania.pl", true }, + { "top-solar-info.de", true }, { "top9.fr", true }, { "topaxi.ch", true }, { "topaxi.codes", true }, + { "topbigdeals.com", true }, { "topbounce.com", true }, { "topbouncycastles.co.uk", true }, { "topbrakes.com", true }, @@ -34351,28 +35061,28 @@ static const nsSTSPreload kSTSPreloadList[] = { { "topicit.net", true }, { "topirishcasinos.com", true }, { "topjobs.ch", true }, + { "toplist.cz", true }, { "toplist.eu", true }, { "topnotepad.com", true }, { "topodin.com", true }, { "toponlinecasinosites.co.uk", true }, { "topprice.ua", true }, + { "topsailtechnologies.com", true }, { "topservercccam.tv", true }, { "topshelfcommercial.com", true }, - { "topshoptools.com", true }, { "topsteaks-daun.de", true }, { "toptec.net.br", true }, { "toptexture.com", true }, { "toptheto.com", true }, { "topvertimai.lt", true }, - { "topwin.la", true }, { "topwindowcleaners.co.uk", true }, { "topworktops.co.uk", true }, { "toracon.org", true }, { "torahanytime.com", true }, - { "torbe.es", true }, { "torchantifa.org", true }, { "toreni.us", true }, { "toretame.jp", true }, + { "torg-room.ru", true }, { "torkware.com", true }, { "tormakristof.eu", true }, { "tormentedradio.com", false }, @@ -34397,7 +35107,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "tortoises-turtles.com", true }, { "tortugan.com.br", true }, { "tosainu.com.br", true }, - { "toscer.me", false }, { "toschool.com.br", true }, { "toshen.com", true }, { "toshkov.com", true }, @@ -34425,7 +35134,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "touch.facebook.com", false }, { "touch.mail.ru", true }, { "touchoflife.in", true }, - { "touchscreentills.com", true }, { "touchtable.nl", true }, { "touchweb.fr", true }, { "touchwoodtrees.com.au", true }, @@ -34456,13 +35164,13 @@ static const nsSTSPreload kSTSPreloadList[] = { { "tovare.com", true }, { "toverland-tickets.nl", true }, { "tovp.org", true }, + { "towandalibrary.org", true }, { "townandcountryus.com", true }, { "townhousedevelopments.com.au", true }, { "townhouseregister.com.au", true }, { "townofbridgewater.ca", true }, { "towsonroofers.com", true }, { "towywebdesigns.uk", true }, - { "tox.im", true }, { "tox21.gov", false }, { "toymagazine.com.br", true }, { "toyota-kinenkan.com", true }, @@ -34471,6 +35179,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "tp-kabushiki.com", true }, { "tp-kyouyufudousan.com", true }, { "tp-law.jp", true }, + { "tpansino.com", true }, { "tpbproxy.co", true }, { "tpci.biz", true }, { "tpidg.us", true }, @@ -34482,7 +35191,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "tr.search.yahoo.com", false }, { "tr0n.net", true }, { "traas.org", true }, - { "trabajarenperu.com", true }, { "trabajarenremoto.com", true }, { "trabbel.org", true }, { "tracalada.cl", true }, @@ -34494,14 +35202,13 @@ static const nsSTSPreload kSTSPreloadList[] = { { "traceroute.link", true }, { "traceroute.network", true }, { "traces.ml", true }, - { "tracewind.top", true }, { "tracfinancialservices.com", true }, { "tracinsurance.com", true }, { "trackchair.com", true }, { "trackdomains.com", true }, { "trackersimulator.org", true }, { "trackeye.dk", true }, - { "trackmeet.io", true }, + { "trackingstream.com", true }, { "trackrecordpro.co.uk", true }, { "tracksa.com.ar", true }, { "trackyourlogs.com", true }, @@ -34521,7 +35228,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "traditions.nl", true }, { "traditionskapperscollege.nl", true }, { "traditionsvivantesenimages.ch", true }, - { "tradiz.org", false }, { "trafarm.ro", true }, { "trafas.nl", true }, { "traffic.az", true }, @@ -34536,28 +35242,25 @@ static const nsSTSPreload kSTSPreloadList[] = { { "trailforks.com", true }, { "trainex.org", true }, { "trainhornforums.com", true }, - { "trainhorns.us", true }, { "trainiac.com.au", true }, { "trainings-handschuhe-test.de", true }, - { "trainline.at", true }, - { "trainline.cn", true }, - { "trainline.com.br", true }, - { "trainline.com.pt", true }, - { "trainline.cz", true }, { "trainline.de", true }, - { "trainline.dk", true }, { "trainline.es", true }, { "trainline.eu", true }, { "trainline.fr", true }, { "trainline.it", true }, - { "trainline.nl", true }, - { "trainline.no", true }, - { "trainline.pl", true }, - { "trainline.se", true }, + { "trainmagazine.be", true }, + { "trainmagazine.de", true }, + { "trainmagazine.nl", true }, + { "trainplaza.be", true }, + { "trainplaza.net", true }, + { "trainplaza.nl", true }, { "trainsgoodplanesbad.com", true }, { "traista.ru", true }, { "traiteurpapillonevents.be", true }, { "trajano.net", true }, + { "trajectfoto.nl", true }, + { "trajectvideo.nl", true }, { "tran.pw", true }, { "trance-heal.com", true }, { "trance-heal.de", true }, @@ -34569,6 +35272,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "trangcongnghe.com", true }, { "trangell.com", true }, { "tranglenull.xyz", true }, + { "tranhsondau.net", false }, { "transacid.de", true }, { "transappealrights.com", true }, { "transcend.org", true }, @@ -34586,7 +35290,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "transformations-magazin.com", true }, { "transgendergedenkdag.nl", true }, { "transgenderinfo.nl", true }, - { "transgendernetwerk.nl", true }, { "transgendernetwerk.org", true }, { "transglobaltravel.com", true }, { "transhumanism.co.uk", true }, @@ -34595,6 +35298,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "transhumanist.net", true }, { "transhumanist.org", true }, { "transhumanist.uk", true }, + { "transitmoe.io", true }, { "transitownplaza.com", true }, { "transitpoint.us", true }, { "translate-polish.com", true }, @@ -34606,18 +35310,18 @@ static const nsSTSPreload kSTSPreloadList[] = { { "transmarttouring.com", true }, { "transmisjeonline.pl", true }, { "transnexus.com", true }, + { "transoil.co.uk", true }, { "transparentcorp.com", true }, { "transport.eu", true }, { "transporta.it", true }, { "transporterlock.com", true }, { "transverify.com", true }, + { "trappednerve.org", true }, { "trashnothing.com", true }, { "trashwagon.club", true }, { "traslocare.roma.it", true }, { "traslochi-trasporti-facchinaggio.it", true }, { "trasloco.milano.it", true }, - { "tratamentoparacelulite.biz", true }, - { "tratamentoparacelulite.net", true }, { "trattamenti.biz", true }, { "trattamento-cotto.it", true }, { "trauer-beileid.de", true }, @@ -34630,8 +35334,8 @@ static const nsSTSPreload kSTSPreloadList[] = { { "travel365.it", true }, { "travelarmenia.org", true }, { "traveling-thailand.info", true }, + { "travelinsurance.co.nz", true }, { "travellers.dating", true }, - { "travelling.expert", true }, { "travellovers.fr", true }, { "travelmyth.ie", true }, { "travelogue.jp", true }, @@ -34657,6 +35361,8 @@ static const nsSTSPreload kSTSPreloadList[] = { { "trefcon.cz", true }, { "trefpuntdemeent.nl", true }, { "treinaweb.com.br", false }, + { "treinmagazine.be", true }, + { "treinmagazine.nl", true }, { "treinonerd.com", true }, { "trek-planet.ru", true }, { "trekfriend.com", true }, @@ -34666,12 +35372,10 @@ static const nsSTSPreload kSTSPreloadList[] = { { "trendkraft.de", true }, { "trendykids.cz", true }, { "trenta.io", true }, - { "trentmaydew.com", true }, { "tresorit.com", true }, { "tresorsecurity.com", true }, { "tretail.net", true }, - { "tretkowski.de", true }, - { "trewe.eu", true }, + { "trevsanders.co.uk", true }, { "trezy.me", true }, { "trezy.net", true }, { "trhastane.com", true }, @@ -34685,6 +35389,8 @@ static const nsSTSPreload kSTSPreloadList[] = { { "trianon.xyz", true }, { "tribac.de", true }, { "tribaldos.com", true }, + { "tribe.rs", true }, + { "tribetrails.com", true }, { "tribly.de", true }, { "tribut.de", true }, { "tributh.cf", true }, @@ -34731,7 +35437,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "trollingeffects.org", true }, { "trollmoa.se", true }, { "trollope-apollo.com", true }, - { "trollscave.xyz", true }, { "trommelwirbel.com", true }, { "tronatic-studio.com", true }, { "trondelan.no", true }, @@ -34744,6 +35449,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "trouweninoverijssel.nl", true }, { "trovaprezzi.it", true }, { "troyfawkes.com", true }, + { "troyhunt.com", true }, { "troyhuntsucks.com", true }, { "troykelly.com", true }, { "trpg.wiki", true }, @@ -34751,10 +35457,10 @@ static const nsSTSPreload kSTSPreloadList[] = { { "trtltravel.com", true }, { "trtruijens.com", true }, { "tru.ltd", true }, + { "trucchibellezza.com", true }, { "trucchibellezza.it", true }, { "truckersmp.com", true }, { "truckerswereld.nl", false }, - { "truckgpsreviews.com", true }, { "truckstop-magazin.de", false }, { "true-itk.de", true }, { "trueblueessentials.com", true }, @@ -34773,7 +35479,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "trulance.com", true }, { "truly-madly-happiness.de", true }, { "trumanlibrary.org", true }, - { "trumeet.top", true }, + { "truncus-encephali.co.uk", true }, { "trunk-show.net", true }, { "truong.fi", true }, { "truqu.com", true }, @@ -34788,7 +35494,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "truvisory.com", true }, { "trw-reseller.com", true }, { "try2admin.pw", true }, - { "try2services.cm", true }, { "trybabyschoice.com", true }, { "trybooking.com", true }, { "tryfabulousskincream.com", true }, @@ -34799,15 +35504,17 @@ static const nsSTSPreload kSTSPreloadList[] = { { "tryndraze.com", true }, { "trynta.com", true }, { "trynta.net", true }, - { "tryretool.com", true }, + { "tryretool.com", false }, { "tryupdates.com", true }, { "trywesayyes.com", true }, { "trzepak.pl", true }, { "ts-publishers.com", true }, { "ts3-dns.com", true }, { "ts3-dns.net", false }, + { "ts3-legenda.tech", true }, { "tsa-sucks.com", true }, { "tsab.moe", true }, + { "tsai.com.de", true }, { "tsatestprep.com", true }, { "tschuermans.be", true }, { "tscqmalawi.info", true }, @@ -34819,7 +35526,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "tsng.co.jp", true }, { "tss.am", true }, { "tstrubberstamp.com", false }, - { "tsu-ku-ro.com", true }, { "tsugi.fr", true }, { "tsukhani.com", true }, { "tsuki.moe", true }, @@ -34836,8 +35542,10 @@ static const nsSTSPreload kSTSPreloadList[] = { { "ttcaarberg.ch", true }, { "ttcf.ca", true }, { "ttchan.org", true }, + { "ttclub.fr", true }, { "ttdsevaonline.com", true }, { "ttll.de", true }, + { "ttrade.ga", true }, { "ttsoft.pl", true }, { "ttspttsp.com", true }, { "ttsweb.org", true }, @@ -34863,16 +35571,17 @@ static const nsSTSPreload kSTSPreloadList[] = { { "tudiennhakhoa.com", true }, { "tudorproject.org", true }, { "tufashionista.com", true }, - { "tufilo.com", true }, - { "tugers.com", true }, + { "tuffclassified.com", true }, + { "tuffsruffs.se", true }, { "tuincentersnaet.be", true }, + { "tuingereedschappen.net", false }, { "tuitle.com", true }, - { "tulenceria.es", true }, { "tumagiri.net", true }, { "tumblenfun.com", true }, { "tumedico.es", true }, { "tumelum.de", true }, { "tumutanzi.com", true }, + { "tunai.id", true }, { "tunaut.com", true }, { "tune-web.de", true }, { "tunefish-entertainment.de", true }, @@ -34886,6 +35595,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "tunnelwatch.com", true }, { "tuntitili.fi", true }, { "tuotteet.org", true }, + { "tuou.xyz", true }, { "tupa-germania.ru", true }, { "tupeuxpastest.ch", true }, { "tuppenceworth.ie", true }, @@ -34893,7 +35603,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "turdnagel.com", true }, { "turigum.com", true }, { "turkish.dating", true }, - { "turkrock.com", true }, + { "turl.pl", true }, { "turnaroundforum.de", true }, { "turncircles.com", true }, { "turnoffthelights.com", true }, @@ -34905,10 +35615,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "turtlepwr.com", true }, { "turunculevye.com", true }, { "tuscanyleather.it", true }, + { "tusi.co", true }, { "tusksol.com", true }, { "tutanota.com", true }, - { "tutiendaroja.com", true }, - { "tutiendarosa.com", true }, { "tuto-craft.com", true }, { "tutoragency.org", true }, { "tutorat-tect.org", true }, @@ -34936,7 +35645,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "tvcal.net", true }, { "tvcmarketing.com", true }, { "tver-msk.ru", true }, - { "tverdohleb.com", true }, { "tverskaya-outlet.ru", true }, { "tvhshop.be", true }, { "tvipper.com", true }, @@ -34956,19 +35664,22 @@ static const nsSTSPreload kSTSPreloadList[] = { { "tweakers.net", true }, { "tweakersbadge.nl", true }, { "tweaktown.com", true }, - { "twelve.rocks", true }, + { "tweetfinity.com", true }, + { "tweetfinityapp.com", true }, { "twem.ddns.net", true }, { "twenty71.com", true }, { "twentymilliseconds.com", true }, { "twilleys.com", true }, { "twincitynissantxparts.com", true }, + { "twinkseason.com", true }, { "twinztech.com", true }, { "twisata.com", true }, { "twistapp.com", true }, { "twistdevelopment.co.uk", true }, - { "twisted-brains.org", true }, { "twistedwave.com", true }, { "twisto.cz", true }, + { "twisto.pl", true }, + { "twistopay.com", true }, { "twit-guide.com", true }, { "twitchplaysleaderboard.info", true }, { "twittelzie.nl", true }, @@ -34982,7 +35693,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "twohuo.com", true }, { "twojfaktum.pl", true }, { "twolanedesign.com", true }, - { "twoo.com", true }, { "twopif.net", true }, { "tworaz.net", true }, { "twun.io", true }, @@ -35000,21 +35710,17 @@ static const nsSTSPreload kSTSPreloadList[] = { { "tyler.rs", true }, { "tylerdavies.net", true }, { "tylerfreedman.com", true }, + { "tylerharcourt.net", true }, { "tyleromeara.com", true }, { "tylerschmidtke.com", true }, { "typcn.com", true }, - { "type1joe.com", true }, - { "type1joe.net", true }, - { "type1joe.org", true }, { "typeblog.net", true }, { "typecodes.com", true }, { "typehub.net", true }, { "typeof.pw", true }, - { "typeonejoe.com", true }, - { "typeonejoe.net", true }, - { "typeonejoe.org", true }, { "typeria.net", true }, { "typewolf.com", true }, + { "typewritten.net", true }, { "typing.com", true }, { "typist.tech", true }, { "typo3.com", true }, @@ -35025,9 +35731,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "tyroremotes.nl", true }, { "tyroremotes.no", true }, { "tysox.de", true }, - { "tyuo-keibi.co.jp", true }, + { "tz56789.com", true }, + { "tzermias.gr", true }, { "tzifas.com", true }, { "u-metals.com", true }, + { "u-tokyo.club", true }, { "u.nu", true }, { "u0010.com", true }, { "u0020.com", true }, @@ -35051,6 +35759,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "uangteman.com", true }, { "uasmi.com", true }, { "uat-activesg.com", true }, + { "uatgootax.ru", false }, { "ub3rk1tten.com", false }, { "ubanquity.com", true }, { "uberbkk.com", true }, @@ -35068,41 +35777,39 @@ static const nsSTSPreload kSTSPreloadList[] = { { "ublaboo.org", true }, { "uborcare.com", true }, { "ubun.net", true }, - { "uc.ac.id", true }, { "ucac.nz", false }, { "ucangiller.com", true }, { "ucch.be", true }, { "ucfirst.nl", true }, { "uchargeapp.com", true }, - { "uclanmasterplan.co.uk", true }, + { "uclf.de", true }, { "uclip.club", true }, { "ucppe.org", true }, { "ucrdatatool.gov", true }, { "uctarna.online", true }, - { "udbhav.me", true }, + { "udancy.com", true }, { "uddi.ng", true }, { "udo-luetkemeier.de", true }, { "udomain.net", true }, { "udp.sh", false }, + { "udruga-point.hr", true }, { "udvoukocek.eu", true }, { "ueberdosis.io", true }, { "ueberwachungspaket.at", true }, { "uedaviolin.com", true }, { "uel-thompson-okanagan.ca", true }, { "ueni.com", true }, - { "uerdingen.info", true }, { "uex.im", true }, { "ufanisi.mx", true }, { "ufindme.at", true }, - { "ufo.moe", true }, { "ufplanets.com", true }, { "uggedal.com", true }, { "ugx-mods.com", true }, { "uhappy30.com", true }, { "uhasseltodin.be", true }, { "uhc.gg", true }, - { "uhlhosting.ch", true }, { "uhrenlux.de", true }, + { "uhssl.com", true }, { "uhurl.net", true }, { "ui8.net", true }, { "uiberlay.cz", true }, @@ -35133,6 +35840,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "ulabox.com", true }, { "uldsh.de", true }, { "ulen.me", true }, + { "ulgc.cz", true }, { "uli-eckhardt.de", true }, { "ullah.se", true }, { "ulmer-schneesport.de", true }, @@ -35149,17 +35857,18 @@ static const nsSTSPreload kSTSPreloadList[] = { { "ultratech.software", true }, { "ultratechlp.com", true }, { "umanityracing.com", true }, - { "umassfive.coop", true }, { "umbricht.li", true }, { "umbriel.fr", true }, { "umenlisam.com", true }, { "umisonoda.com", true }, { "umkmjogja.com", true }, + { "umsapi.com", true }, { "umsolugar.com.br", true }, { "umwandeln-online.de", true }, { "un-framed.co.za", true }, { "un-zero-un.fr", true }, { "un.fo", true }, + { "unapolegetic.co", true }, { "unapp.me", true }, { "unatco.noip.me", true }, { "unausa.com.br", true }, @@ -35178,9 +35887,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "unblocked.pl", true }, { "unblocked.pro", true }, { "unblocked.pub", true }, - { "unblocked.sh", true }, { "unblocked.uno", true }, - { "unblocked.vc", true }, { "unblocked.vet", true }, { "unblocked.vip", true }, { "unblockweb.co", true }, @@ -35190,15 +35897,14 @@ static const nsSTSPreload kSTSPreloadList[] = { { "unccelearn.org", true }, { "uncensoreddns.dk", true }, { "uncensoreddns.org", true }, - { "undeadbrains.de", true }, { "undecidable.de", true }, { "undeductive.media", true }, { "underbridgeleisure.co.uk", true }, { "undercovercondoms.co.uk", true }, - { "undercovercondoms.com", true }, { "underfloorheating-uk.co.uk", true }, { "underlined.fr", true }, { "undernet.uy", false }, + { "underskatten.tk", true }, { "underwearoffer.com", true }, { "undo.co.il", true }, { "undone.me", true }, @@ -35226,6 +35932,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "unicefkepeslapok.hu", true }, { "unicefvoscilnice.si", true }, { "unicolabo.jp", true }, + { "unicorn-systems.net", true }, { "unicorn.melbourne", true }, { "unicorntooling.eu", true }, { "unicredit.ba", true }, @@ -35240,12 +35947,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "uniform-agri.com", true }, { "uniformebateriasheliar.com.br", true }, { "unikoingold.com", true }, - { "unikrn.com", true }, { "unila.edu.br", true }, { "uninet.cf", true }, { "uniojeda.ml", true }, { "unionplat.ru", true }, - { "unipig.de", true }, + { "uniontestprep.com", true }, { "uniprimebr.com.br", false }, { "uniq.site", true }, { "unique-bouncy-castles.co.uk", true }, @@ -35265,12 +35971,12 @@ static const nsSTSPreload kSTSPreloadList[] = { { "unitel2000.de", true }, { "unityconsciousnessbooks.com", true }, { "univercite.ch", true }, - { "univeril.com", true }, + { "univeril.com", false }, { "universal-happiness.com", true }, + { "universal.at", true }, { "universalcarremote.com", true }, { "universalpaymentgateway.com", true }, { "universeinform.com", true }, - { "universogay.com", true }, { "univitale.fr", true }, { "unix.se", true }, { "unixadm.org", true }, @@ -35279,6 +35985,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "unixforum.org", true }, { "unixfox.eu", true }, { "unixtime.date", true }, + { "unknownbreakup.com", true }, { "unkrn.com", true }, { "unlax.com", true }, { "unleash.pw", true }, @@ -35286,8 +35993,8 @@ static const nsSTSPreload kSTSPreloadList[] = { { "unlocken.nl", true }, { "unlocktalent.gov", true }, { "unlogis.ch", true }, - { "unmanaged.space", true }, { "unmarkdocs.co", true }, + { "unmonito.red", true }, { "unn-edu.info", true }, { "uno-pizza.ru", true }, { "uno.fi", true }, @@ -35324,14 +36031,18 @@ static const nsSTSPreload kSTSPreloadList[] = { { "unworthy.ml", true }, { "unx.dk", true }, { "unxicdellum.cat", true }, + { "upaknship.com", true }, { "upandclear.org", true }, { "upay.ru", true }, + { "upbad.com", true }, { "upbeatrobot.com", true }, { "upbeatrobot.eu", true }, { "upd.jp", true }, { "upgamerengine.com", true }, { "upgamerengine.com.br", true }, { "upgamerengine.net", true }, + { "upgauged.com", true }, + { "upholsterydesign.com.au", true }, { "upitnik.rs", true }, { "uplaqui.com.br", true }, { "uplinklabs.net", true }, @@ -35348,6 +36059,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "uprouteyou.com", true }, { "upsettunnel.com", true }, { "upsiteseo.com", true }, + { "uptakedigital.com.au", true }, { "uptimed.com", true }, { "uptimenotguaranteed.com", true }, { "uptodateinteriors.com", true }, @@ -35357,17 +36069,22 @@ static const nsSTSPreload kSTSPreloadList[] = { { "uptrends.com", true }, { "uptrends.de", true }, { "uptrex.co.uk", true }, + { "upturn.org", true }, { "upundit.com", true }, + { "upwardtraining.co.uk", true }, { "upwork.com", true }, + { "upyourfinances.com", true }, { "ur.nl", true }, { "ur2.pw", true }, { "uradisam.rs", true }, + { "uraimo.com", true }, { "urbackups.com", true }, { "urbalex.ch", true }, { "urban-culture.fr", true }, { "urban-karuizawa.co.jp", true }, { "urban.melbourne", true }, { "urbancreators.dk", true }, + { "urbandance.club", true }, { "urbanesecurity.com", true }, { "urbanfi.sh", true }, { "urbanguerillas.de", true }, @@ -35375,8 +36092,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "urbanietz-immobilien.de", true }, { "urbanmelbourne.info", true }, { "urbannewsservice.com", true }, - { "urbansparrow.in", true }, - { "urbanstylestaging.com", true }, { "urbansurvival.com", true }, { "urbanwaters.gov", false }, { "urbanwildlifealliance.org", false }, @@ -35385,6 +36100,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "urcentral.net", true }, { "urcentral.nl", true }, { "ureka.org", true }, + { "urep.us", true }, { "urgences-valais.ch", true }, { "urinedrugtesthq.com", true }, { "uripura.de", true }, @@ -35440,13 +36156,13 @@ static const nsSTSPreload kSTSPreloadList[] = { { "usimmigration.us", true }, { "usipvd.ch", true }, { "usitcolours.bg", true }, + { "uskaria.com", true }, { "usleep.net", true }, { "usmint.gov", true }, { "usninosnikrcni.eu", true }, { "usnti.com", true }, - { "usparklodging.com", true }, { "uspsoig.gov", true }, - { "ussm.gov", true }, + { "ussm.gov", false }, { "ussuka.com", true }, { "ust.space", true }, { "ustensiles-cuisine.boutique", true }, @@ -35454,13 +36170,13 @@ static const nsSTSPreload kSTSPreloadList[] = { { "usualbeings.com", true }, { "usuan.net", true }, { "usuluddin.ga", true }, + { "usweme.info", true }, { "uswitch.com", true }, { "ut-addicted.com", true }, { "utahfireinfo.gov", true }, { "utahlocal.net", true }, { "utazas-nyaralas.info", true }, { "utcast-mate.com", true }, - { "utdscanner.com", true }, { "utdsgda.com", true }, { "uteam.it", true }, { "utepils.de", true }, @@ -35474,12 +36190,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "utilitarismo.com", true }, { "utilitronium.com", true }, { "utilityapi.com", true }, - { "utilityreport.eu", true }, { "utitreatment.com", true }, { "utonia.ch", true }, - { "utopialgb.org.uk", true }, { "utopicestudios.com", true }, { "utox.io", true }, + { "utterberry.io", true }, { "utugnn.ru", true }, { "utw.me", true }, { "utwente.io", true }, @@ -35488,15 +36203,20 @@ static const nsSTSPreload kSTSPreloadList[] = { { "uvenuse.cz", true }, { "uvocorp.com", true }, { "uvolejniku.cz", true }, + { "uw1008.com", true }, { "uw2333.com", true }, { "uwac.co.uk", false }, { "uwekoetter.com", true }, { "uwelilienthal.de", true }, + { "uwimonacs.org.jm", true }, { "uwvloereruit.nl", true }, + { "uxp-it.nl", true }, + { "uxteam.com", true }, { "uxtechnologist.com", true }, { "uy.search.yahoo.com", false }, { "uz.search.yahoo.com", false }, { "uzaymedya.com.tr", true }, + { "uziregister.nl", true }, { "uzsvm.cz", true }, { "v-d-p.net", true }, { "v-spin.cz", true }, @@ -35508,7 +36228,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "v2cn.win", true }, { "v2ex.com", true }, { "va-reitartikel.com", true }, - { "va.gov", true }, + { "va.gov", false }, { "vacationsbyvip.com", true }, { "vaccines.gov", true }, { "vacuumpump.co.id", true }, @@ -35530,14 +36250,15 @@ static const nsSTSPreload kSTSPreloadList[] = { { "vakantiedetective.nl", true }, { "vakantienet.nl", true }, { "vakuutuskanava.fi", true }, - { "val-sec.com", true }, { "valasi.eu", true }, { "valbonne-consulting.com", true }, { "valcano-krd.ru", true }, { "valcano.ru", true }, + { "valcardiesel.com", true }, { "valenciadevops.me", true }, { "valentin-ochs.de", true }, { "valentin-sundermann.de", true }, + { "valentin.ml", true }, { "valentinberclaz.com", true }, { "valentineapparel.com", true }, { "valentineforpresident.com", true }, @@ -35559,6 +36280,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "valleyautofair.com", true }, { "valleyautoloan.com", true }, { "valleycode.net", true }, + { "valleydalecottage.com.au", true }, { "valleyshop.ca", true }, { "vallutaja.eu", true }, { "valokuva-albumi.fi", true }, @@ -35570,6 +36292,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "valsk.is", false }, { "valskis.lt", true }, { "valtlai.fi", true }, + { "valtoaho.com", true }, { "valudo.st", true }, { "valueng.com", true }, { "valueseed.net", true }, @@ -35587,9 +36310,10 @@ static const nsSTSPreload kSTSPreloadList[] = { { "vandermeer.frl", true }, { "vanderrijt.nl", false }, { "vanderziel.org", true }, + { "vandorenscholars.org", true }, + { "vandyhacks.org", true }, { "vaneigenkweek.be", true }, - { "vanetv.com", true }, - { "vangeluwedeberlaere.be", true }, + { "vangoghcoaching.nl", true }, { "vanhaos.com", true }, { "vanhoudt-usedcars.be", true }, { "vanhoutte.be", false }, @@ -35598,7 +36322,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "vannaos.com", true }, { "vannaos.net", true }, { "vanohaker.ru", true }, + { "vanouwerkerk.net", true }, { "vantagepointpreneed.com", true }, + { "vantaio.com", true }, { "vante.me", true }, { "vantien.com", true }, { "vantru.is", true }, @@ -35613,24 +36339,26 @@ static const nsSTSPreload kSTSPreloadList[] = { { "vaphone.co", true }, { "vapor.cloud", false }, { "vapordepot.jp", true }, + { "varalwamp.com", true }, { "varcare.jp", true }, { "varden.info", true }, { "vareillefoundation.fr", true }, { "vareillefoundation.org", true }, { "varghese.de", true }, - { "variable.agency", true }, + { "variable.agency", false }, { "variag-group.ru", true }, { "variag-montazh.ru", true }, { "varicoseveinssolution.com", true }, { "varimedoma.com", true }, { "varshathacker.com", true }, + { "varunagw.com", true }, { "varunpriolkar.com", true }, { "varvy.com", true }, { "varztupasaulis.com", true }, { "varztupasaulis.eu", true }, { "varztupasaulis.lt", true }, { "varztupasaulis.net", true }, - { "vase-eroticke-povidky.cz", true }, + { "vascomm.co.id", true }, { "vasel.de", true }, { "vasel.eu", true }, { "vashel.us", true }, @@ -35643,7 +36371,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "vat-eu.com", true }, { "vat.direct", true }, { "vatelecom.dk", true }, - { "vati.pw", true }, { "vats.im", true }, { "vatsalyagoel.com", true }, { "vatsim-uk.co.uk", true }, @@ -35671,7 +36398,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "vc.gg", true }, { "vcam.org", true }, { "vccmurah.net", true }, - { "vcdn.xyz", true }, { "vcelin-na-doliku.cz", true }, { "vcf.gov", true }, { "vcientertainment.com", false }, @@ -35690,7 +36416,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "vdesc.com", true }, { "vdisk24.de", true }, { "vdmeij.com", true }, - { "vdownloader.com", true }, { "vdzwan.net", true }, { "ve.search.yahoo.com", false }, { "ve3oat.ca", true }, @@ -35703,13 +36428,13 @@ static const nsSTSPreload kSTSPreloadList[] = { { "vectorwish.com", true }, { "vedma-praktik.com", true }, { "veg-leiden.nl", true }, + { "vega-rumia.com.pl", true }, { "vegalitarian.org", true }, { "vegane-proteine.com", true }, { "veganforum.org", true }, { "vegangaymer.blog", true }, { "veganism.co.uk", true }, { "veganism.com", true }, - { "vegasdocs.com", true }, { "vegepa.com", true }, { "vegetariantokyo.net", true }, { "veggie-treff.de", true }, @@ -35721,12 +36446,12 @@ static const nsSTSPreload kSTSPreloadList[] = { { "velen.io", true }, { "venalytics.com", true }, { "venclave.com", true }, + { "vendermicasarapido.com.mx", true }, { "vendigital.com", true }, { "vendorconnect.nyc", true }, { "vendserve.eu", true }, { "venenum.org", true }, { "venev.name", true }, - { "venirextra.com", true }, { "venje.pro", true }, { "ventajasdesventajas.com", true }, { "ventesprivees-fr.com", true }, @@ -35740,6 +36465,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "venturum.de", true }, { "venturum.eu", true }, { "venturum.net", true }, + { "ventzke.com", true }, { "ver.ma", true }, { "vera.bg", true }, { "veramagazine.jp", true }, @@ -35755,8 +36481,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "verfassungsklage.at", true }, { "vergeaccessories.com", true }, { "vergelijksimonly.nl", true }, + { "vergessen.cn", true }, { "verhovs.ky", true }, { "verifalia.com", true }, + { "verifiedjoseph.com", true }, + { "verifiny.com", true }, { "verifyos.com", true }, { "verifyyourip.com", true }, { "veriny.tf", true }, @@ -35767,7 +36496,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "verizonguidelines.com", true }, { "verliebt-in-bw.de", true }, { "verliebt-in-niedersachsen.de", true }, - { "verliefde-jongens.nl", true }, { "vermeerdealers.com", true }, { "vermiliontaxiservice.com", true }, { "vermogeninkaart.nl", true }, @@ -35809,6 +36537,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "veslosada.com", true }, { "vespacascadia.com", true }, { "vestingbar.nl", true }, + { "vetbits.com", true }, { "veterinario.roma.it", true }, { "veterinarioaltea.com", true }, { "vetforum.co", true }, @@ -35825,16 +36554,14 @@ static const nsSTSPreload kSTSPreloadList[] = { { "vgropp.de", true }, { "vh.net", true }, { "vhummel.nl", true }, - { "vi.photo", true }, { "via-shire-krug.ru", true }, { "viacdn.org", true }, { "viafinance.cz", false }, { "viaggio-in-cina.it", true }, - { "viagra-kaufen.biz", true }, { "viagraonlinebestellen.org", true }, + { "viagusto.pl", true }, { "viajandoporelmundo.com.ar", true }, { "viaje-a-china.com", true }, - { "vialibido.com.br", true }, { "vialorran.com", true }, { "viaprinto.de", true }, { "viato.fr", true }, @@ -35845,6 +36572,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "vicicode.com", true }, { "viciousflora.com", true }, { "vicjuwelen-annelore.be", true }, + { "victora.com", true }, { "victorcanera.com", true }, { "victordiaz.me", true }, { "victoreriksson.ch", true }, @@ -35885,13 +36613,12 @@ static const nsSTSPreload kSTSPreloadList[] = { { "videosqr.com", true }, { "videov.tk", true }, { "vidister.de", true }, - { "vidkovaomara.si", true }, { "vieaw.com", true }, { "vieclam24h.vn", false }, { "viekelis.lt", false }, { "viemeister.com", true }, { "viemontante.be", true }, - { "vientos.coop", true }, + { "vientos.coop", false }, { "viepixel.at", true }, { "vierdaagsehotel.nl", true }, { "vierna.ga", true }, @@ -35921,6 +36648,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "vijverbenodigdheden.nl", true }, { "vik.im", true }, { "vikalbino.com.br", true }, + { "vikalpgupta.com", true }, { "vikapaula.com", true }, { "vikashkumar.me", true }, { "viking-style.ru", true }, @@ -35930,12 +36658,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "vilabiamodas.com.br", true }, { "viljatori.fi", true }, { "villa-anna-cilento.de", true }, - { "villa-bellarte.de", true }, { "villa-gockel.de", true }, + { "villa-romantica-zillertal.at", true }, { "villafiore.com.br", true }, { "villageunique.com.br", true }, { "villagockel.de", true }, - { "villalaskowa.pl", true }, { "villamariaamalfi.it", true }, { "villasfinistere.fr", true }, { "villasforsale-bali.com", true }, @@ -35955,12 +36682,13 @@ static const nsSTSPreload kSTSPreloadList[] = { { "vincentpancol.com", true }, { "vincitraining.com", true }, { "vineright.com", true }, + { "vinetech.co.nz", true }, { "vinilosdecorativos.net", true }, { "vinner.com.au", true }, { "vinnie.gq", true }, - { "vinogradovka.com", true }, { "vinolli.de", true }, { "vinovum.net", true }, + { "vinsation.com", true }, { "vinsetchampagne.fr", true }, { "vintagebandfestival.org", true }, { "vintagecaskandbarrel.com", true }, @@ -35977,27 +36705,29 @@ static const nsSTSPreload kSTSPreloadList[] = { { "violin4fun.nl", true }, { "vionicbeach.com", true }, { "vionicshoes.com", true }, - { "vioye.com", true }, + { "vip-9649.com", true }, { "vip4553.com", true }, { "vip8522.com", true }, + { "vip9649.com", true }, { "vipesball.cc", true }, { "vipesball.info", true }, { "vipesball.me", true }, - { "vipesball.net", true }, { "vipi.es", true }, { "viptamin.eu", true }, { "viptamol.com", true }, + { "viqo.pl", true }, { "vir-tec.eu", true }, { "vir2.me", true }, { "viral32111.com", true }, { "viralboombox.xyz", true }, { "viralpop.it", true }, { "viralsouls.in", true }, + { "viralsv.com", true }, { "virgopolymer.com", true }, - { "virial.de", true }, { "viridis-milites.cz", true }, { "virtit.fr", true }, { "virtualcloud.ddns.net", true }, + { "virtualcommodities.org", true }, { "virtuality4d.com", true }, { "virtuallifestyle.nl", true }, { "virtualmt2.pl", true }, @@ -36007,6 +36737,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "virtusaero.com", true }, { "virvum.ch", true }, { "visaexpert.co.za", true }, + { "visalist.io", true }, { "visalogy.com", true }, { "visaop.com", true }, { "visapourailleurs.fr", true }, @@ -36020,6 +36751,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "visioflux-premium.com", true }, { "visionarymedia.nl", true }, { "visiondigitalsog.com", true }, + { "visiondirectionaldrilling.com", true }, { "visionexpress.com", true }, { "visionexpress.ie", true }, { "visionexpresscareers.com", true }, @@ -36052,7 +36784,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "vitalthrills.com", true }, { "vitalware.com", true }, { "vitalyzhukphoto.com", true }, - { "vitamaxxi.com.br", true }, { "vitamineproteine.com", true }, { "vitaminler.com", true }, { "vitastic.nl", true }, @@ -36061,6 +36792,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "vitkutny.cz", true }, { "vitoye.com", true }, { "vitpeyr.com", true }, + { "vitra-showrooms.co.uk", true }, { "vitra-vcare.co.uk", true }, { "vitrado.de", true }, { "vitsoft.by", true }, @@ -36078,7 +36810,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "vivirenelmundo.com", true }, { "vivo.sx", true }, { "vivoitaliankitchen.com", true }, - { "vivoseg.com", true }, { "vixrapedia.org", true }, { "viyf.org", true }, { "viza.io", true }, @@ -36119,21 +36850,18 @@ static const nsSTSPreload kSTSPreloadList[] = { { "vmc.co.id", true }, { "vmem.jp", false }, { "vmgirls.com", true }, - { "vmhydro.ru", false }, { "vmis.nl", true }, { "vmoagents.com", false }, { "vmoe.info", true }, { "vmug.pl", true }, - { "vmzone.de", true }, { "vn.search.yahoo.com", false }, { "vncg.org", true }, { "vnd.cloud", true }, - { "vndb.org", true }, { "vnfs-team.com", true }, + { "vnpem.org", true }, { "vnvisa.center", true }, { "vnvisa.ru", true }, { "vocaloid.my", true }, - { "vocalsynth.space", true }, { "vocalviews.com", true }, { "vocus.aero", true }, { "vocustest.aero", true }, @@ -36144,7 +36872,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "vodpay.org", true }, { "vogler.name", true }, { "voicu.ch", true }, - { "void-it.nl", true }, { "void-zero.com", true }, { "voidcore.org", true }, { "voidpay.com", true }, @@ -36152,7 +36879,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "voidpay.org", true }, { "voidptr.eu", true }, { "voids.org", true }, - { "voidshift.com", true }, { "voidzehn.com", true }, { "voipsun.com", true }, { "vojtechpavelka.cz", true }, @@ -36173,13 +36899,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "volkerwesselstransfer.nl", false }, { "volkerwesselswave.nl", false }, { "volksvorschlagpmar.ch", true }, - { "volkswurst.de", true }, { "vollans.id.au", true }, { "voloevents.com", true }, { "volta.io", true }, { "volto.io", true }, { "volunteeringmatters.org.uk", true }, - { "volvipress.gr", true }, { "vomitb.in", true }, { "von-lien-aluprofile.de", true }, { "von-lien-dachrinnen.de", true }, @@ -36197,7 +36921,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "vorlagen-geburtstagsgruesse.de", true }, { "vorlicek.de", true }, { "vorlif.org", true }, - { "vorm2.com", true }, { "vorodevops.com", true }, { "vos-fleurs.ch", true }, { "vos-fleurs.com", true }, @@ -36209,7 +36932,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "vosser.de", true }, { "vostronet.com", true }, { "voter-info.uk", true }, - { "votercircle.com", true }, { "votesandymurman.com", true }, { "votocek.cz", true }, { "votockova.cz", true }, @@ -36225,7 +36947,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "voyagesaufildespages.be", true }, { "voyageschine.com", true }, { "voyagesdetective.fr", true }, - { "vozami.com", true }, { "vpc-display.com", true }, { "vpn.black", true }, { "vpn.ht", true }, @@ -36240,20 +36961,19 @@ static const nsSTSPreload kSTSPreloadList[] = { { "vreaulafacultate.ro", true }, { "vreeman.com", true }, { "vriesdonkow.be", true }, + { "vrij-links.nl", true }, { "vrijgezellen-feest.com", true }, { "vrijgezellenfeestzwolle.com", true }, - { "vrlaid.com", false }, + { "vrjetpackgame.com", true }, { "vroedvrouwella.be", true }, { "vrsgames.com.mx", true }, { "vrsystem.com.br", true }, - { "vrtak-cz.net", true }, { "vrtouring.org", true }, - { "vsamsonov.com", true }, { "vscale.io", true }, { "vsean.net", true }, { "vserver-preis-vergleich.de", true }, { "vsesrazu-raiffeisen.ru", true }, - { "vsestiralnie.com", true }, + { "vsestoki.com", true }, { "vsl-defi.ch", true }, { "vssnederland.nl", true }, { "vstehn.ru", true }, @@ -36269,28 +36989,30 @@ static const nsSTSPreload kSTSPreloadList[] = { { "vullriede-multimedia.de", true }, { "vulndetect.com", true }, { "vulndetect.org", true }, - { "vulnerabilities.io", true }, { "vulnerability.ch", true }, { "vulners.com", true }, { "vulns.sexy", true }, { "vulnscan.org", true }, { "vulpine.club", true }, { "vumetric.com", true }, + { "vuojolahti.com", true }, { "vuojolahti.fi", true }, { "vuotila.eu", true }, { "vuvanhon.com", true }, { "vux.li", true }, { "vuzi.fr", true }, + { "vv1234.cn", true }, { "vvactivia.nl", true }, { "vvdbronckhorst.nl", true }, { "vvoip.org.uk", true }, { "vvw-8522.com", true }, { "vw-touranclub.cz", true }, { "vwbusje.com", true }, + { "vwfsrentacar.co.uk", true }, { "vwhcare.com", true }, { "vwittich.de", true }, + { "vwo.com", true }, { "vwsoft.de", true }, - { "vwt-event.nl", true }, { "vww-8522.com", true }, { "vx.hn", true }, { "vxst.org", true }, @@ -36311,10 +37033,10 @@ static const nsSTSPreload kSTSPreloadList[] = { { "w-spotlight.appspot.com", true }, { "w-w-auto.de", true }, { "w.wiki", true }, + { "w1221.com", true }, { "w2n.me", true }, { "w3ctag.org", true }, { "w3n.org", true }, - { "w4b.in", true }, { "w4eg.de", true }, { "w4nvu.org", true }, { "w50.co.uk", true }, @@ -36330,7 +37052,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "wadsworth.gallery", true }, { "wadvisor.com", true }, { "waelisch.de", true }, - { "waelti.xxx", true }, { "waf.ninja", true }, { "waf.sexy", true }, { "wafa4hw.com", true }, @@ -36339,11 +37060,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "waffle.at", false }, { "wafuton.com", true }, { "wagyu-bader.de", true }, + { "wahhoi.net", true }, { "wahidhasan.com", true }, { "wahlman.org", true }, { "wahrnehmungswelt.de", true }, { "wahrnehmungswelten.de", true }, - { "wai-in.com", true }, { "wai-in.net", true }, { "waidfrau.de", true }, { "waidu.de", true }, @@ -36352,11 +37073,10 @@ static const nsSTSPreload kSTSPreloadList[] = { { "waigel.org", true }, { "waikatowebdesigners.com", true }, { "wail.net", true }, - { "wains.be", true }, + { "wains.be", false }, { "wait.jp", true }, { "waiterwheels.com", true }, { "waits.io", true }, - { "waixingrenfuli.vip", true }, { "wak.io", true }, { "waka-mono.com", true }, { "waka168.com", true }, @@ -36368,14 +37088,17 @@ static const nsSTSPreload kSTSPreloadList[] = { { "wakatime.com", true }, { "wakiminblog.com", true }, { "wala-floor.de", true }, + { "waldkinder-ilmenau.de", true }, { "waldvogel.family", true }, { "walent.in", true }, { "walentin.co", true }, + { "waligorska.pl", true }, { "walk.onl", true }, { "walkera-fans.de", true }, { "walkhighlandsandislands.com", true }, { "walkingrehabilitation.com", true }, { "walksedona.com", true }, + { "walksfourpaws.co.uk", true }, { "wallabet.fr", true }, { "wallabies.org", true }, { "wallace-group.net", true }, @@ -36386,7 +37109,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "walletnames.com", true }, { "wallinger-online.at", true }, { "wallingford.cc", true }, - { "wallpapers.pub", true }, { "wallpaperup.com", true }, { "walls.de", true }, { "walls.io", true }, @@ -36409,7 +37131,13 @@ static const nsSTSPreload kSTSPreloadList[] = { { "wandercue.com", true }, { "wandervoll.ch", true }, { "wanderzoom.co", true }, + { "wandystan.eu", true }, { "wane.co", true }, + { "wangbangyu.cf", true }, + { "wangbangyu.ga", true }, + { "wangbangyu.gq", true }, + { "wangbangyu.ml", true }, + { "wangbangyu.tk", true }, { "wangjun.me", true }, { "wangqiliang.cn", false }, { "wangqiliang.com", false }, @@ -36417,12 +37145,15 @@ static const nsSTSPreload kSTSPreloadList[] = { { "wangql.net", true }, { "wangqr.tk", true }, { "wangtanzhang.com", true }, + { "wangyubao.cn", true }, { "wangyue.blog", true }, { "wangzuan168.cc", true }, + { "wanlieyan.com", true }, { "wannaridecostarica.com", true }, - { "wanquanojbk.com", false }, - { "wanybug.cn", true }, - { "wanybug.com", true }, + { "wanybug.cf", true }, + { "wanybug.ga", true }, + { "wanybug.gq", true }, + { "wanybug.tk", true }, { "waonui.io", true }, { "wapgu.cc", true }, { "wardow.com", true }, @@ -36440,7 +37171,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "warp-radio.net", true }, { "warp-radio.tv", true }, { "warr.ath.cx", true }, - { "warren.sh", true }, { "warringtonkidsbouncycastles.co.uk", true }, { "warschild.org", true }, { "warsh.moe", true }, @@ -36468,6 +37198,8 @@ static const nsSTSPreload kSTSPreloadList[] = { { "watchpci.com", true }, { "watchstyle.com", true }, { "water-addict.com", true }, + { "waterbrook.com.au", true }, + { "waterdogsmokedfish.com", true }, { "waterdrop.tk", true }, { "waterfedpole.com", true }, { "waterleeftinbeek.nl", true }, @@ -36486,11 +37218,13 @@ static const nsSTSPreload kSTSPreloadList[] = { { "waukeect.com", true }, { "wave-ola.es", true }, { "wave.is", true }, + { "waverlysecuritycameras.com", true }, { "wavesboardshop.com", true }, { "wavesoftime.com", true }, { "waveum.com", true }, { "wawak.pl", true }, { "waxdramatic.com", true }, + { "waycraze.com", true }, { "wayfair.de", true }, { "wayohoo.com", true }, { "wayohoo.net", true }, @@ -36498,6 +37232,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "waze.com", true }, { "wbci.us", false }, { "wbg-vs.de", true }, + { "wblinks.com", true }, { "wbt-solutions.ch", true }, { "wbt-solutions.net", true }, { "wbudd.com", true }, @@ -36505,18 +37240,20 @@ static const nsSTSPreload kSTSPreloadList[] = { { "wbvb.nl", true }, { "wbx.support", true }, { "wby.gd", true }, + { "wby.tw", true }, { "wcbook.ru", false }, { "wcn.life", false }, + { "wcwcg.net", true }, { "wd627.com", true }, { "wd976.com", true }, { "wdbflowersevents.co.uk", true }, { "wdbgroup.co.uk", true }, { "wdic.org", true }, - { "wdmg.com.ua", true }, { "wdodelta.nl", true }, { "wdol.gov", true }, { "wdrl.info", true }, { "wdt.cz", false }, + { "we-bb.com", true }, { "we-run-linux.de", true }, { "we-use-linux.de", true }, { "weacceptbitcoin.gr", true }, @@ -36532,16 +37269,20 @@ static const nsSTSPreload kSTSPreloadList[] = { { "wearepapermill.co", true }, { "wearesouthafricans.com", true }, { "wearvr.com", true }, + { "weaspireusa.com", true }, { "weather-and-climate.com", false }, { "weathermyway.rocks", true }, - { "web-adminy.co.uk", true }, { "web-advisor.co.uk", true }, { "web-art.cz", true }, { "web-design.co.il", true }, { "web-dl.cc", true }, { "web-hotel.gr", true }, { "web-kouza.com", true }, + { "web-mail.info", true }, + { "web-odyssey.com", true }, { "web-redacteuren.nl", true }, + { "web-siena.it", true }, + { "web-smart.com", true }, { "web-wave.jp", true }, { "web.bzh", true }, { "web.cc", false }, @@ -36550,6 +37291,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "web2ldap.de", true }, { "web2screen.tv", true }, { "web404.net", true }, + { "webadiccion.net", true }, + { "webadicta.net", true }, + { "webadicto.net", true }, { "webaeon.org", true }, { "webaholic.co.in", true }, { "webais.ru", true }, @@ -36558,6 +37302,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "webandmore.de", false }, { "webappky.cz", true }, { "webartex.ru", true }, + { "webauthority.co.uk", true }, { "webbiz.co.uk", true }, { "webbson.net", false }, { "webbx.se", true }, @@ -36569,7 +37314,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "webcontentspinning.com", true }, { "webcookies.org", true }, { "webcrm.com", true }, + { "webcurtaincall.com", true }, { "webdeflect.com", true }, + { "webdemaestrias.com", true }, { "webdesign-st.de", true }, { "webdesigneauclaire.com", true }, { "webdesignerinwarwickshire.co.uk", true }, @@ -36580,6 +37327,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "webdevops.io", true }, { "webdevxp.com", true }, { "webdl.org", true }, + { "webdollarvpn.io", true }, { "webduck.nl", false }, { "webeast.eu", true }, { "webeau.com", true }, @@ -36588,6 +37336,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "webev.ru", true }, { "webexample.win", true }, { "webexp.biz", true }, + { "webexpertsdirect.com.au", true }, { "webfilings-eu-mirror.appspot.com", true }, { "webfilings-eu.appspot.com", true }, { "webfilings-mirror-hrd.appspot.com", true }, @@ -36607,7 +37356,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "webkeks.org", true }, { "weblagring.se", true }, { "weblate.org", true }, - { "webless.com", true }, { "webliberty.ru", true }, { "webline.ch", true }, { "weblogic.pl", true }, @@ -36625,6 +37373,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "webministeriet.net", true }, { "webmotelli.fi", true }, { "webnames.ca", true }, + { "webnexty.com", true }, { "webnoob.net", true }, { "webogram.org", false }, { "webpinoytambayan.net", true }, @@ -36636,14 +37385,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "webproxy.pw", true }, { "webpubsub.com", true }, { "webqualitat.com.br", true }, - { "webqueens.com", true }, { "webrebels.org", false }, { "webrentcars.com", true }, { "webreport.fr", true }, - { "webreslist.com", true }, { "webscale.nl", false }, { "websec.nl", true }, - { "websectools.com", true }, { "websecurity.is", true }, { "webseitendesigner.com", false }, { "webseitenserver.com", true }, @@ -36660,6 +37406,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "websitesdallas.com", true }, { "websiteservice.pro", true }, { "webslake.com", true }, + { "websouthdesign.com", true }, { "webspiral.jp", true }, { "webspire.tech", true }, { "webstijlen.nl", true }, @@ -36688,7 +37435,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "wechatify.com", true }, { "wecleanbins.com", true }, { "wecobble.com", true }, - { "wedding-m.jp", true }, { "weddingalbumsdesign.com", true }, { "weddingfantasy.ru", true }, { "weddingsbynoon.co.uk", true }, @@ -36740,10 +37486,8 @@ static const nsSTSPreload kSTSPreloadList[] = { { "wein.cc", true }, { "wein.co.kr", true }, { "weinbergerlawgroup.com", true }, - { "weinhandel-preissler.de", true }, { "weinundsein.com", true }, { "weirdesigns.com", true }, - { "weirdserver.com", true }, { "weisse-liste.de", true }, { "weissman.agency", true }, { "weiterbildung-vdz.de", true }, @@ -36765,13 +37509,10 @@ static const nsSTSPreload kSTSPreloadList[] = { { "wellensteyn.ru", true }, { "weller.pm", true }, { "wellist.com", true }, - { "wellmarts.com", true }, { "wellness-gutschein.de", true }, { "wellnesscheck.net", true }, - { "wellsplasticsurgery.com", true }, - { "wellspringcamps.com", true }, + { "wellsolveit.com", false }, { "welovecatsandkittens.com", true }, - { "welovemail.com", true }, { "welpo.me", true }, { "welsh.com.br", true }, { "welshccf.org.uk", true }, @@ -36792,7 +37533,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "wener.me", false }, { "wenger-shop.ch", true }, { "wenjs.me", true }, - { "wensing-und-koenig.de", true }, { "wepay.com", false }, { "wepay.in.th", true }, { "wepay.vn", true }, @@ -36843,6 +37583,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "wessner.org", true }, { "west-contemporary.com", true }, { "west-trans.com.au", true }, + { "west-wind.net", true }, { "westcanal.net", true }, { "westcarrollton.org", true }, { "westcentenaryscouts.org.au", true }, @@ -36872,14 +37613,13 @@ static const nsSTSPreload kSTSPreloadList[] = { { "westwood.no", true }, { "wetofu.top", true }, { "wevenues.com", true }, - { "wevg.org", true }, { "wewitro.de", true }, { "wewitro.net", true }, { "wexfordbouncycastles.ie", true }, { "wexilapp.com", true }, { "weyland-yutani.org", true }, { "weyland.tech", true }, - { "wezl.net", true }, + { "weynaphotography.com", true }, { "wf-bigsky-master.appspot.com", true }, { "wf-demo-eu.appspot.com", true }, { "wf-demo-hrd.appspot.com", true }, @@ -36897,7 +37637,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "wg3k.us", false }, { "wgom.org", true }, { "wgplatform.co.uk", true }, - { "wgraphics.ru", true }, { "wgsi-friesland.nl", true }, { "wh-guide.de", true }, { "whanau.org", true }, @@ -36924,6 +37663,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "whatsupgold.com.tw", true }, { "whatsupoutdoor.com", true }, { "whatthingsweigh.com", true }, + { "whatusb.com", true }, { "whatwebcando.today", true }, { "whatwg.org", true }, { "whd-guide.de", true }, @@ -36933,10 +37673,10 @@ static const nsSTSPreload kSTSPreloadList[] = { { "wheelwide.co.uk", true }, { "wheelwork.org", true }, { "wheelwright.org", true }, + { "wheezie.be", true }, { "when.fm", false }, { "where2trip.com", true }, { "whereiszakir.com", true }, - { "whexit.nl", true }, { "whey-protein.ch", true }, { "whiletrue.run", true }, { "whimtrip.fr", false }, @@ -36970,10 +37710,10 @@ static const nsSTSPreload kSTSPreloadList[] = { { "whitepharmacy.co.uk", true }, { "whiteready.it", true }, { "whiterose.goip.de", true }, - { "whiteshadowimperium.com", true }, { "whitewebhosting.co.za", true }, { "whitewebhosting.com", true }, { "whitewinterwolf.com", true }, + { "whitkirk.com", true }, { "whitkirkartsguild.com", true }, { "whitkirkchurch.org.uk", true }, { "whittome.com", true }, @@ -36988,12 +37728,13 @@ static const nsSTSPreload kSTSPreloadList[] = { { "whocalled.us", true }, { "whocybered.me", true }, { "whoimg.com", true }, - { "whoisamitsingh.com", true }, + { "whoiscuter.ml", true }, + { "whoiscutest.ml", true }, { "whoisthenightking.com", true }, { "whoiswp.com", true }, { "wholelotofbounce.co.uk", false }, { "wholesalecbd.com", true }, - { "whonix.org", true }, + { "wholesomeharvestbread.com", false }, { "whosyourdaddy.ml", true }, { "whoturgled.com", true }, { "whqtravel.org", false }, @@ -37002,6 +37743,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "whub.io", true }, { "why-brexit.uk", true }, { "whychoosebob.net.au", true }, + { "whynohttps.com", true }, { "whyopencomputing.ch", true }, { "whyopencomputing.com", true }, { "whytls.com", true }, @@ -37042,7 +37784,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "wijnbesteld.nl", true }, { "wijnservices.nl", false }, { "wijzijnwolf.nl", true }, - { "wiki-play.ru", true }, { "wiki.python.org", true }, { "wikibooks.org", true }, { "wikibulz.com", true }, @@ -37072,6 +37813,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "wildnisfamilie.net", true }, { "wildtrip.blog", true }, { "wildwildtravel.com", true }, + { "wildwind.world", true }, { "wildzoopark.co.uk", true }, { "wildzoopark.com", true }, { "wili.li", true }, @@ -37085,7 +37827,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "willfarrell.ca", true }, { "willi-graf-gymnasium.de", true }, { "willi-graf-os.de", true }, - { "william.gg", true }, { "williamboulton.co.uk", true }, { "williamfeely.info", true }, { "williamjohngauthier.net", true }, @@ -37113,6 +37854,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "winbignow.click", true }, { "winbuzzer.com", true }, { "wincasinowin.click", true }, + { "winch-center.de", true }, { "wind.moe", true }, { "winddan.nz", true }, { "windelnkaufen24.de", true }, @@ -37128,10 +37870,8 @@ static const nsSTSPreload kSTSPreloadList[] = { { "windsorspi.com", true }, { "windycitydubfest.com", true }, { "wine-tapa.com", true }, - { "winebid.com", true }, { "wineonthewall.com", true }, { "winepress.org", true }, - { "wineworksonline.com", true }, { "winghill.com", true }, { "wingify.com", true }, { "wingmin.net", true }, @@ -37153,17 +37893,16 @@ static const nsSTSPreload kSTSPreloadList[] = { { "wintermeyer.de", true }, { "winterschoen.nl", true }, { "wintodoor.com", true }, + { "winwitharval.co.uk", true }, { "wipswiss.ch", true }, { "wir-bewegen.sh", true }, { "wircon-int.net", true }, { "wire.com", true }, - { "wiredcut.com", true }, { "wireframesoftware.com", true }, { "wireheading.com", true }, { "wirelesswatch.com.au", true }, { "wireshark.org", true }, { "wiretime.de", true }, - { "wiretrip.io", false }, { "wirhabenspass.de", true }, { "wirkstoffreich.de", true }, { "wirralbouncycastles.co.uk", true }, @@ -37172,6 +37911,8 @@ static const nsSTSPreload kSTSPreloadList[] = { { "wis.no", true }, { "wisak.me", true }, { "wisal.org", true }, + { "wischu.com", true }, + { "wisedog.eu", true }, { "wiseflat.com", true }, { "wispapp.com", false }, { "wisper.net.au", true }, @@ -37199,10 +37940,12 @@ static const nsSTSPreload kSTSPreloadList[] = { { "wizzr.nl", true }, { "wj0666.com", true }, { "wjbolles.com", true }, + { "wjcainc.com", true }, { "wjci.com", true }, { "wje-online.de", true }, { "wjg.ca", true }, { "wjg.dk", true }, + { "wjglerum.nl", true }, { "wjm2038.me", true }, { "wjr.io", true }, { "wjwieland.dvrdns.org", false }, @@ -37218,7 +37961,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "wlwlwx.com", true }, { "wm-access.com", true }, { "wm-access.de", true }, - { "wm-talk.net", true }, { "wmaccess.com", true }, { "wmaccess.de", true }, { "wmfusercontent.org", true }, @@ -37245,7 +37987,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "wohnsitz-ausland.com", true }, { "woi.vision", true }, { "wokinghammotorhomes.com", true }, - { "woktoss.com", true }, { "wolfachtal-alpaka.de", true }, { "wolfarth.info", true }, { "wolfermann.org", true }, @@ -37260,7 +38001,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "wolfsden.cz", true }, { "wolfwings.us", true }, { "wolfy1339.com", false }, - { "wolkenspeicher.org", true }, { "wolkoopjes.nl", true }, { "wollgredel.de", true }, { "wollongongbaptist.hopto.org", true }, @@ -37270,10 +38010,12 @@ static const nsSTSPreload kSTSPreloadList[] = { { "womb.city", true }, { "wombatalla.com.au", true }, { "wombats.net", true }, + { "womcom.nl", true }, { "women-only.net", true }, { "womensalespros.com", true }, { "womenshairlossproject.com", true }, { "wonabo.com", true }, + { "wonder.com.mx", false }, { "wonderbill.com", true }, { "wonderfuleducation.eu", true }, { "wonderfuleducation.nl", true }, @@ -37288,7 +38030,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "woodcoin.org", true }, { "woodev.us", true }, { "woodlandhillselectrical.com", true }, - { "woodlandsmetro.church", true }, + { "woodlandsmetro.church", false }, { "woodlandsvale.uk", true }, { "woodlandwindows.com", true }, { "woodomat.com", true }, @@ -37296,7 +38038,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "woof.gq", true }, { "woofsbakery.com", true }, { "woohooyeah.nl", true }, - { "woomai.net", true }, { "woonboulevardvolendam.nl", true }, { "woontegelwinkel.nl", true }, { "wooplagaming.com", true }, @@ -37310,6 +38051,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "wordcounter.net", true }, { "wordher.com", true }, { "wordlessecho.com", true }, + { "wordpress-test.site", true }, { "wordpress.com", false }, { "wordsmart.it", true }, { "wordspy.com", true }, @@ -37329,13 +38071,14 @@ static const nsSTSPreload kSTSPreloadList[] = { { "workoptions.com", true }, { "workplaces.online", true }, { "workraw.com", true }, + { "workray.com", true }, { "works-ginan.jp", true }, { "workshopszwolle.nl", true }, { "workshopzwolle.com", true }, { "worksitevr.com", true }, { "world-in-my-eyes.com", true }, + { "world-lolo.com", true }, { "worldcareers.dk", true }, - { "worldchess.london", true }, { "worldcigars.com.br", true }, { "worldcrafts.org", true }, { "worldcubeassociation.org", true }, @@ -37362,12 +38105,12 @@ static const nsSTSPreload kSTSPreloadList[] = { { "wot-tudasbazis.hu", true }, { "wotra-register.com", true }, { "woudenberg.nl", true }, + { "woudenbergsedrukkerij.nl", true }, { "woufbox.com", true }, { "woutergeraedts.nl", true }, { "wouterslop.com", true }, { "wouterslop.eu", true }, { "wouterslop.nl", true }, - { "wow-foederation.de", true }, { "wow-screenshots.net", true }, { "wow202y5.com", true }, { "wowaffixes.info", true }, @@ -37389,6 +38132,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "wpac.de", true }, { "wpandup.org", true }, { "wpcanban.com", true }, + { "wpcdn.bid", true }, { "wpcharged.nz", true }, { "wpdirecto.com", true }, { "wpdublin.com", true }, @@ -37420,6 +38164,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "wq.ro", true }, { "wr.su", true }, { "wrara.org", true }, + { "wrathofgeek.com", true }, { "wrc-results.com", true }, { "wrdcfiles.ca", true }, { "wrdx.io", true }, @@ -37439,7 +38184,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "writepride.com", true }, { "writepro.net", true }, { "writereditor.com", true }, - { "writing-expert.com", true }, { "writing-job-online.com", true }, { "writingcities.net", true }, { "writingtoserve.net", true }, @@ -37482,7 +38226,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "wug.news", true }, { "wuifan.com", true }, { "wuji.cz", true }, - { "wumai.cloud", true }, + { "wumai-p.cn", true }, { "wumbo.cf", true }, { "wumbo.co.nz", true }, { "wumbo.ga", true }, @@ -37510,15 +38254,21 @@ static const nsSTSPreload kSTSPreloadList[] = { { "wweforums.net", true }, { "wweichen.com.cn", true }, { "wwgc2011.se", true }, + { "wwjd.dynu.net", true }, { "wwv-8522.com", true }, { "wwv-8722.com", true }, { "www-33445.com", true }, { "www-49889.com", true }, + { "www-66136.com", true }, + { "www-7570.com", true }, + { "www-80036.com", true }, { "www-8522.am", true }, { "www-8522.com", true }, { "www-86499.com", true }, { "www-8722.com", true }, + { "www-9649.com", true }, { "www-9822.com", true }, + { "www-pj009.com", true }, { "www.aclu.org", false }, { "www.airbnb.com", true }, { "www.amazon.cn", true }, @@ -37567,6 +38317,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "www.rememberthemilk.com", true }, { "www.sb", true }, { "www.simple.com", false }, + { "www.techrepublic.com", true }, { "www.theguardian.com", true }, { "www.therapynotes.com", true }, { "www.tinfoilsecurity.com", false }, @@ -37578,19 +38329,24 @@ static const nsSTSPreload kSTSPreloadList[] = { { "www.vino75.com", false }, { "www.wepay.com", false }, { "www.wordpress.com", false }, + { "www.zdnet.com", true }, { "www68277.com", true }, { "wxcafe.net", true }, + { "wxdisco.com", true }, + { "wxforums.com", true }, { "wxh.jp", true }, { "wxster.com", true }, - { "wxyz.buzz", true }, { "wyam.io", true }, { "wybar.uk", true }, + { "wycrow.com", true }, { "wyday.com", true }, { "wygibanki.pl", true }, { "wygodnie.pl", true }, + { "wylog.ph", true }, { "wynterhill.co.uk", true }, { "wyo.cam", true }, { "wypemagazine.se", true }, + { "wyrickstaxidermy.com", true }, { "wyrihaximus.net", true }, { "wyrimaps.net", true }, { "wyssmuller.ch", true }, @@ -37598,7 +38354,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "wzfou.com", true }, { "wzrd.in", true }, { "wzyboy.org", true }, - { "x-iweb.ru", true }, { "x-lan.be", true }, { "x-one.co.jp", true }, { "x.io", true }, @@ -37606,15 +38361,15 @@ static const nsSTSPreload kSTSPreloadList[] = { { "x0r.be", true }, { "x13.com", true }, { "x1616.tk", true }, - { "x1be.win", true }, { "x2d2.de", true }, { "x378.ch", true }, { "x509.io", true }, - { "x69.biz", true }, - { "x69x.net", true }, + { "x64architecture.com", true }, { "x7plus.com", true }, { "xa.search.yahoo.com", false }, + { "xa1.uk", true }, { "xanadu-taxi.cz", true }, + { "xanax.pro", false }, { "xants.de", true }, { "xatr0z.org", false }, { "xavier.is", true }, @@ -37632,19 +38387,19 @@ static const nsSTSPreload kSTSPreloadList[] = { { "xbtce.com", true }, { "xbtmusic.org", false }, { "xcentricmold.com", true }, + { "xcler8.com", true }, { "xclirion-support.de", true }, { "xcorpsolutions.com", true }, { "xcvb.xyz", true }, { "xd.cm", true }, - { "xd.fi", true }, { "xdavidhu.me", true }, { "xdawn.cn", true }, { "xdeftor.com", true }, - { "xecure.zone", true }, - { "xecureit.com", true }, + { "xdos.io", true }, { "xeedbeam.me", true }, { "xega.org", true }, { "xehost.com", true }, + { "xeiropraktiki.gr", true }, { "xelesante.jp", true }, { "xendo.net", true }, { "xenomedia.nl", true }, @@ -37656,6 +38411,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "xentox.com", true }, { "xerblade.com", true }, { "xerhost.de", true }, + { "xerownia.eu", true }, { "xetown.com", true }, { "xf-liam.com", true }, { "xfce.space", true }, @@ -37681,6 +38437,8 @@ static const nsSTSPreload kSTSPreloadList[] = { { "xiaofengsky.com", true }, { "xiaoguo.net", false }, { "xiaolanglang.net", true }, + { "xiaolong.link", true }, + { "xiaomao.tk", true }, { "xiaomi.eu", true }, { "xiaoniaoyou.com", true }, { "xiaoyu.net", true }, @@ -37693,14 +38451,13 @@ static const nsSTSPreload kSTSPreloadList[] = { { "xif.at", true }, { "xight.org", true }, { "xilef.org", true }, - { "xilegames.com", true }, { "xilkoi.net", true }, { "xilou.org", true }, { "ximbo.net", true }, { "xin-in.com", true }, { "xin-in.net", true }, - { "xinex.cz", true }, { "xing-in.net", true }, + { "xinj.com", true }, { "xinnixdeuren-shop.be", true }, { "xinuspeed.com", true }, { "xinuspeedtest.com", true }, @@ -37708,8 +38465,8 @@ static const nsSTSPreload kSTSPreloadList[] = { { "xiongx.cn", true }, { "xj8876.com", true }, { "xjd.vision", true }, + { "xjf6.com", true }, { "xjjeeps.com", true }, - { "xjoin.de", true }, { "xjpvictor.info", true }, { "xkblog.xyz", true }, { "xkcd.pw", true }, @@ -37738,7 +38495,8 @@ static const nsSTSPreload kSTSPreloadList[] = { { "xn--0kq33cz5c8wmwrqqw1d.com", true }, { "xn--24-6kch4bfqee.xn--p1ai", true }, { "xn--24-glcia8dc.xn--p1ai", true }, - { "xn--3lqp21gwna.cn", true }, + { "xn--48jwg508p.net", true }, + { "xn--4kro7fswi.xn--6qq986b3xl", true }, { "xn--4pv80kkz8auzf.jp", true }, { "xn--5dbkjqb0d.com", true }, { "xn--5dbkjqb0d.net", true }, @@ -37747,10 +38505,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "xn--79q87uvkclvgd56ahq5a.net", true }, { "xn--7ca.co", true }, { "xn--7xa.google.com", true }, - { "xn--80aaagmgvmvmcuoq7r.xn--p1ai", true }, { "xn--80adb4aeode.xn--p1ai", true }, + { "xn--80adbevek3air0ee9b8d.com", true }, { "xn--80aejljbfwxn.xn--p1ai", true }, - { "xn--80anogxed.xn--p1ai", true }, { "xn--80azelb.xn--p1ai", true }, { "xn--8dry00a7se89ay98epsgxxq.com", true }, { "xn--90accgba6bldkcbb7a.xn--p1acf", true }, @@ -37779,11 +38536,13 @@ static const nsSTSPreload kSTSPreloadList[] = { { "xn--e1aoahhqgn.xn--p1ai", true }, { "xn--ecki0cd0bu9a4nsjb.com", true }, { "xn--eckle6c0exa0b0modc7054g7h8ajw6f.com", true }, + { "xn--ehq13kgw4e.ml", true }, { "xn--elsignificadodesoar-c4b.com", true }, { "xn--erklderbarenben-slbh.dk", true }, { "xn--f9jh4f4b4993b66s.tokyo", true }, { "xn--familie-pppinghaus-l3b.de", true }, { "xn--feuerlscher-arten-4zb.de", true }, + { "xn--fiqwix98h.jp", true }, { "xn--fischereiverein-mnsterhausen-i7c.de", true }, { "xn--fp8h58f.ws", true }, { "xn--frankierknig-djb.de", true }, @@ -37801,7 +38560,10 @@ static const nsSTSPreload kSTSPreloadList[] = { { "xn--jp8hx8f.ws", true }, { "xn--kckd0bd4a8tp27yee2e.com", true }, { "xn--kda.tk", true }, + { "xn--keditr-0xa.biz", true }, + { "xn--klmek-0sa.com", true }, { "xn--knstler-n2a.tips", false }, + { "xn--krpto-lva.de", true }, { "xn--ktha-kamrater-pfba.se", true }, { "xn--lckwg.net", true }, { "xn--love-un4c7e0d4a.com", true }, @@ -37811,7 +38573,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "xn--martnvillalba-zib.com", true }, { "xn--martnvillalba-zib.net", true }, { "xn--mein-kchenhelfer-ozb.de", true }, - { "xn--mensenges-o1a8c.gq", true }, { "xn--mensengesss-t8a.gq", true }, { "xn--mentaltraining-fr-musiker-uwc.ch", true }, { "xn--mgbbh2a9fub.xn--ngbc5azd", false }, @@ -37827,16 +38588,17 @@ static const nsSTSPreload kSTSPreloadList[] = { { "xn--nf1a578axkh.xn--fiqs8s", true }, { "xn--nrrdetval-v2ab.se", true }, { "xn--o38h.tk", true }, + { "xn--p8j9a0d9c9a.xn--q9jyb4c", true }, { "xn--pbt947am3ab71g.com", true }, { "xn--pe-bka.ee", true }, { "xn--pq1a637b.xn--6qq986b3xl", true }, { "xn--q9jb1h5dvcspke3218b9mn4p0c.com", true }, + { "xn--q9ji3c6d.xn--q9jyb4c", true }, { "xn--qckss0j.tk", true }, { "xn--qfun83b.ga", true }, { "xn--r8jzaf7977b09e.com", true }, { "xn--rdiger-kuhlmann-zvb.de", true }, { "xn--reisebro-herrsching-bbc.de", true }, - { "xn--rlcus7b3d.xn--xkc2dl3a5ee0h", true }, { "xn--roselire-60a.ch", true }, { "xn--roselire-60a.com", true }, { "xn--rt-cja.ie", true }, @@ -37876,19 +38638,16 @@ static const nsSTSPreload kSTSPreloadList[] = { { "xnu.kr", true }, { "xo.tc", true }, { "xo7.ovh", true }, - { "xoda.pw", true }, { "xolphin.nl", true }, { "xombitgames.com", true }, { "xombitmusic.com", true }, { "xone.cz", true }, { "xonn.de", true }, - { "xotika.tv", true }, + { "xoonth.net", true }, { "xp2.de", true }, { "xpbytes.com", true }, { "xpd.se", true }, - { "xpenology-fr.net", true }, { "xperidia.com", true }, - { "xpj.bet", true }, { "xpjcunkuan.com", true }, { "xpletus.nl", true }, { "xplore-dna.net", true }, @@ -37896,23 +38655,26 @@ static const nsSTSPreload kSTSPreloadList[] = { { "xposedornot.com", true }, { "xps2pdf.co.uk", true }, { "xps2pdf.info", true }, - { "xq55.com", true }, { "xqk7.com", true }, { "xr.cx", true }, + { "xrg.cz", true }, { "xrippedhd.com", true }, { "xrockx.de", true }, { "xroot.org", false }, { "xrwracing-france.com", true }, { "xs2a.no", true }, - { "xscancun.com", true }, { "xsec.me", true }, + { "xserownia.com.pl", true }, + { "xserownia.eu", true }, { "xserownia.net", true }, + { "xserownia.pl", true }, { "xsmobile.de", true }, { "xss.ht", true }, { "xss.sk", true }, { "xsz.jp", true }, { "xtarget.ru", true }, { "xtips.us", true }, + { "xtom.africa", true }, { "xtom.chat", true }, { "xtom.com", true }, { "xtom.com.hk", true }, @@ -37929,33 +38691,31 @@ static const nsSTSPreload kSTSPreloadList[] = { { "xuan-li88.com", true }, { "xuan-li88.net", true }, { "xuanmeishe.net", true }, + { "xuanmeishe.top", true }, { "xubo666.com", true }, { "xuc.me", true }, { "xuedianshang.com", true }, - { "xujan.com", true }, { "xuming.studio", true }, { "xunn.io", true }, { "xuntier.ch", true }, { "xviimusic.com", true }, { "xvt-blog.tk", true }, { "xwaretech.info", true }, + { "xx0r.eu", true }, { "xxffo.com", true }, { "xxiz.com", true }, - { "xxx3dbdsm.com", true }, - { "xxxladyboysporn.com", true }, { "xxxlbox.com", true }, - { "xyfun.net", true }, + { "xyenon.bid", true }, + { "xyfun.net", false }, { "xyngular-health.com", true }, { "xywing.com", true }, { "xyyp.mn", true }, { "xyzulu.hosting", true }, { "xza.fr", true }, { "xzclip.cn", true }, - { "xzoneadventure.com", true }, { "xzy.es", true }, { "xzy.one", true }, { "y11n.net", true }, - { "yabrt.cn", true }, { "yabuisha.jp", true }, { "yachigoya.com", true }, { "yacineboumaza.fr", true }, @@ -37998,12 +38758,12 @@ static const nsSTSPreload kSTSPreloadList[] = { { "yao-in.net", true }, { "yapbreak.fr", true }, { "yarcom.ru", false }, - { "yarogneva.ru", true }, { "yarravilletownhouses.com.au", true }, { "yaru.one", true }, { "yassine-ayari.com", true }, { "yatesun.com", true }, { "yatorie.net", true }, + { "yatstudios.com", true }, { "yatsuenpoon.com", true }, { "yaup.tk", true }, { "yawen.me", true }, @@ -38020,11 +38780,14 @@ static const nsSTSPreload kSTSPreloadList[] = { { "ychon.com", true }, { "ychong.com", true }, { "yclan.net", true }, + { "ycnrg.org", true }, { "yd.io", true }, { "yeapdata.com", true }, { "yeesker.com", true }, { "yell.ml", true }, + { "yellowfly.co.uk", true }, { "yellowpages.ee", true }, + { "yellowtree.co.za", true }, { "yelon.hu", true }, { "yelp.at", true }, { "yelp.be", true }, @@ -38060,11 +38823,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "yelp.se", true }, { "yemektarifleri.com", true }, { "yenibilgi.net", true }, - { "yennhi.co", true }, + { "yenpape.com", true }, { "yep-pro.ch", true }, { "yephy.com", true }, - { "yeshu.org", true }, { "yesiammaisey.me", true }, + { "yeswecan.co.bw", true }, { "yeswehack.com", true }, { "yetanalytics.io", true }, { "yetii.net", true }, @@ -38072,13 +38835,14 @@ static const nsSTSPreload kSTSPreloadList[] = { { "yeu.io", true }, { "yex.nz", true }, { "yex.trade", true }, + { "yeyi.site", true }, { "yfengs.moe", true }, { "ygobbs.com", true }, - { "yh35.net", true }, { "yh599.cc", true }, { "yhaupenthal.org", true }, { "yhb.io", true }, { "yhe.me", true }, + { "yhfou.com", true }, { "yhndnzj.com", true }, { "yhong.me", true }, { "yhrd.org", true }, @@ -38087,6 +38851,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "yiffy.tips", false }, { "yiffy.zone", false }, { "yigujin.cn", true }, + { "yiheng.moe", true }, { "yii2.cc", true }, { "yikeyong.com", true }, { "yimgo.fr", true }, @@ -38102,7 +38867,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "yjsw.sh.cn", true }, { "yksityisyydensuoja.fi", true }, { "ylde.de", true }, - { "ylilauta.org", true }, { "ylinternal.com", true }, { "ymarion.de", true }, { "ymblaw.com", true }, @@ -38110,7 +38874,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "ynnovasport.be", true }, { "yobai-grouprec.jp", true }, { "yobai28.com", true }, - { "yobbelwobbel.de", true }, + { "yobbelwobbel.de", false }, { "yobify.com", true }, { "yocchan1513.net", true }, { "yoga-alliance-teacher-training.com", true }, @@ -38121,6 +38885,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "yoga-zentrum-narayani.de", true }, { "yogabhawnamission.com", true }, { "yogacentric.co.uk", true }, + { "yogahealsinc.org", true }, { "yogananda-roma.org", true }, { "yogaschoolrishikesh.com", true }, { "yoibyoin.info", true }, @@ -38129,7 +38894,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "yokohama-legaloffice.jp", true }, { "yolo.jetzt", true }, { "yolobert.de", true }, - { "yoloboatrentals.com", false }, + { "yoloboatrentals.com", true }, { "yolops.net", true }, { "yombo.net", true }, { "yongbin.org", true }, @@ -38141,39 +38906,35 @@ static const nsSTSPreload kSTSPreloadList[] = { { "yorcool.nl", true }, { "yorkshiredalesinflatables.co.uk", true }, { "yorkshireinflatables.co.uk", true }, - { "yorname.ml", true }, { "yosbeda.com", true }, { "yosemo.de", true }, { "yosheenetwork.fr", true }, { "yoshibaworks.com", true }, { "yoshitsugu.net", true }, { "yospos.org", true }, + { "yoticonnections.com", true }, { "yotilab.com", true }, { "yotta-zetta.com", true }, { "yotubaiotona.net", true }, { "you.com.br", true }, { "youareme.ca", true }, { "youc.ir", true }, - { "youcanmakeit.at", true }, { "youcruit.com", true }, - { "youdowell.com", true }, { "youdungoofd.com", true }, { "youftp.tk", true }, { "yougee.ml", true }, + { "yougot.pw", true }, { "youhacked.me", true }, { "youhavewords.com", true }, { "youhua.ru", true }, - { "youjizz.bz", true }, { "youkaryote.com", true }, { "youkaryote.org", true }, { "youked.com", true }, { "youkok2.com", true }, - { "youlend.com", true }, { "youlovehers.com", true }, { "youmonit.me", true }, { "youms.de", true }, { "young-sheldon.com", true }, - { "youngdogs.org", true }, { "youngfree.cn", true }, { "youngpeopleunited.co.uk", true }, { "youngsook.com", true }, @@ -38181,40 +38942,42 @@ static const nsSTSPreload kSTSPreloadList[] = { { "youpark.no", true }, { "your-erotic-stories.com", true }, { "your-out.com", true }, + { "youracnepro.com", true }, { "youran.me", true }, { "yourbonus.click", true }, { "yourciso.com", true }, + { "yourcomputer.expert", true }, { "yourcopywriter.it", true }, { "yourforex.org", true }, { "yourfriendlytech.com", true }, { "yourfuturestrategy.com.au", true }, { "yourgames.tv", true }, { "yourhair.net", true }, - { "yourname.xyz", true }, + { "yourmemorykeeper.co.uk", true }, { "yourneighborhub.com", true }, { "yourskin.nl", true }, { "yourticketbooking.com", true }, { "yousei.ne.jp", true }, { "yout.com", true }, { "youth.gov", true }, + { "youthovation.org", true }, { "youtous.me", true }, { "youtsuu-raku.com", true }, { "youtube.com", true }, { "youtubedownloader.com", true }, { "youtuberis.lt", true }, - { "youwatchporn.com", true }, + { "youyoulemon.com", true }, { "yoxall.me.uk", true }, { "yoyoost.duckdns.org", true }, { "ypart.eu", true }, { "ypid.de", true }, { "ypiresia.fr", false }, { "yplanapp.com", true }, - { "yqjf68.com", true }, { "yr166166.com", true }, + { "yrjanheikki.com", true }, { "ys-shop.biz", true }, - { "ysicing.net", true }, { "ysicorp.com", true }, - { "yslbeauty.com", true }, + { "yspeo.biz", true }, { "ysun.xyz", true }, { "ysx.me.uk", true }, { "ytb.zone", true }, @@ -38225,11 +38988,12 @@ static const nsSTSPreload kSTSPreloadList[] = { { "ytpak.pk", true }, { "ytreza.fr", true }, { "ytuquelees.net", true }, + { "ytx588.com", true }, { "yu.gg", false }, { "yu.vc", true }, { "yuan.ga", true }, { "yuanben.io", true }, - { "yuanbenlian.com", true }, + { "yuanjiazhao.com", true }, { "yuanjiazhao.tk", true }, { "yubi.co", true }, { "yubicloud.io", true }, @@ -38286,10 +39050,12 @@ static const nsSTSPreload kSTSPreloadList[] = { { "yubikeyservices.eu", true }, { "yubiking.com", true }, { "yue.la", true }, - { "yuema.net.cn", true }, + { "yugasun.com", true }, { "yuka.one", true }, { "yukari.cafe", true }, + { "yukari.cloud", true }, { "yuki-nagato.com", true }, + { "yuki-portfolio.com", true }, { "yuki.xyz", true }, { "yukimochi.com", true }, { "yukimochi.io", true }, @@ -38298,8 +39064,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "yukonlip.com", true }, { "yukontec.com", true }, { "yumeconcert.com", true }, - { "yumli.net", true }, - { "yummylooks.com", true }, { "yunity.org", true }, { "yunjishou.pro", true }, { "yunzhu.li", true }, @@ -38310,13 +39074,17 @@ static const nsSTSPreload kSTSPreloadList[] = { { "yurisviridov.com", true }, { "yusa.me", true }, { "yushi.moe", true }, + { "yusu.org", true }, { "yutakato.net", true }, + { "yutang.vn", true }, { "yutangyun.com", true }, + { "yutaron.tokyo", true }, { "yutuo.net", true }, { "yuwei.org", true }, { "yuweiyang.xyz", true }, { "yuxingxin.com", true }, { "yuxuan.org", true }, + { "yuyo.com", true }, { "yuyu.io", true }, { "yuzei.tk", true }, { "yveshield.com", true }, @@ -38331,17 +39099,18 @@ static const nsSTSPreload kSTSPreloadList[] = { { "yya.me", true }, { "yya.men", true }, { "yyc.city", true }, + { "yyrss.com", false }, { "yyyy.xyz", true }, { "yzal.io", true }, + { "yzcloud.me", true }, { "yzer.club", true }, { "yzimroni.net", true }, { "z-konzept-nutrition.ru", true }, { "z-latko.info", true }, + { "z-to-a.com", true }, { "z-vector.com", true }, { "z.ai", true }, { "z1h.de", true }, - { "z33.ch", true }, - { "z33.co", true }, { "z4k.de", true }, { "z99944x.xyz", true }, { "za.search.yahoo.com", false }, @@ -38353,15 +39122,15 @@ static const nsSTSPreload kSTSPreloadList[] = { { "zacadam.com", true }, { "zacarias.com.ar", true }, { "zacavi.com.br", true }, + { "zacchaeus.co.uk", true }, { "zach.codes", true }, { "zacharopoulos.eu", true }, { "zacharopoulos.org", false }, { "zacharydubois.me", true }, { "zacharyschneider.com", true }, + { "zacharyseguin.ca", true }, { "zachaysan.com", true }, { "zachborboa.com", true }, - { "zachgibbens.org", true }, - { "zachpeters.org", true }, { "zachschneider.ca", true }, { "zaclys.com", false }, { "zadroweb.com", true }, @@ -38370,10 +39139,9 @@ static const nsSTSPreload kSTSPreloadList[] = { { "zahe.me", true }, { "zahnaerzte-bohne.de", true }, { "zahnarzt-duempten.de", true }, - { "zahnarzt-hofer.de", true }, { "zahnarzt-kramer.ch", true }, - { "zahnarzt-muenich.de", true }, { "zajazd.biz", true }, + { "zakariya.blog", true }, { "zakcutner.uk", true }, { "zakladam.cz", true }, { "zakmccrac.de", true }, @@ -38382,6 +39150,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "zakspartiesandevents.com", true }, { "zalamea.ph", true }, { "zaloghaz.ro", true }, + { "zalvus.com", true }, { "zamalektoday.com", true }, { "zamocosmeticos.com.br", true }, { "zamow.co", true }, @@ -38390,8 +39159,8 @@ static const nsSTSPreload kSTSPreloadList[] = { { "zanellidesigns.co.uk", true }, { "zanthra.com", true }, { "zanzabar.it", true }, - { "zapatoshechoamano.pe", true }, { "zapier.com", true }, + { "zapmaster14.com", true }, { "zappbuildapps.com", false }, { "zappos.com", true }, { "zaptan.info", false }, @@ -38413,16 +39182,20 @@ static const nsSTSPreload kSTSPreloadList[] = { { "zberger.com", true }, { "zbetcheck.in", true }, { "zbrane-doplnky.cz", true }, + { "zbut.bg", true }, { "zbyga.cz", true }, { "zbyte.it", true }, { "zcarot.com", true }, { "zcarrot.com", true }, { "zcgram.com", true }, { "zcon.nl", true }, + { "zcore.org", true }, { "zcr.ca", true }, { "zdbl.de", true }, { "zdenekspacek.cz", true }, { "zdorovayasimya.com", true }, + { "zdrave-konzultace.cz", true }, + { "zdravekonzultace.cz", true }, { "zdravesteny.cz", true }, { "zdrojak.cz", true }, { "ze3kr.com", true }, @@ -38430,7 +39203,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "zealworks.jp", true }, { "zebbra.ro", true }, { "zebedeescastles.co.uk", true }, - { "zebibyte.cn", true }, { "zebulon.fr", true }, { "zeds-official.com", true }, { "zeebrieshoekvanholland.nl", true }, @@ -38450,33 +39222,37 @@ static const nsSTSPreload kSTSPreloadList[] = { { "zemlova.cz", true }, { "zen-diez.de", true }, { "zen-ume.com", true }, + { "zena.cx", false }, { "zenchain.com", true }, { "zenevents.ro", true }, { "zenfusion.fr", true }, - { "zengdong.ren", true }, { "zenics.co.uk", true }, { "zenithmedia.ca", true }, { "zenk-security.com", true }, { "zenlogic.com", true }, { "zenmate.com.tr", true }, + { "zennzimie.be", true }, + { "zennzimie.com", true }, { "zenofa.co.id", true }, { "zentask.io", true }, - { "zentiweb.nl", true }, + { "zenti.cloud", true }, { "zenvideocloud.com", true }, + { "zeparadox.com", true }, { "zephyrbk.com", true }, { "zephyrbookkeeping.com", true }, + { "zephyretcoraline.com", true }, { "zeplin.io", true }, { "zer0-day.pw", true }, { "zer0.de", false }, { "zerg.uk", true }, { "zerobounce.net", true }, { "zerofy.de", true }, - { "zerolab.org", true }, { "zeronet.io", true }, { "zeropoint.bg", true }, { "zeropush.com", true }, { "zeroseteatacado.com.br", true }, { "zerossl.com", true }, + { "zerotoone.de", true }, { "zertif.info", true }, { "zertitude.com", true }, { "zeryn.net", true }, @@ -38484,21 +39260,18 @@ static const nsSTSPreload kSTSPreloadList[] = { { "zestylemon.co.uk", true }, { "zetamode.com", true }, { "zetorzeszow.pl", false }, - { "zetrov.pl", true }, { "zettaplan.ru", true }, { "zettlmeissl.de", true }, { "zevelev.net", true }, { "zfast.com.br", true }, { "zfg.li", true }, { "zfly.me", true }, - { "zfo.gg", true }, { "zfree.co.nz", true }, { "zg-dyw.net", true }, { "zgrep.org", true }, { "zh.search.yahoo.com", false }, { "zhang-hao.com", true }, { "zhang.nz", true }, - { "zhangcheng.org", true }, { "zhangfangzhou.com", true }, { "zhangge.net", true }, { "zhanghao.me", true }, @@ -38511,21 +39284,19 @@ static const nsSTSPreload kSTSPreloadList[] = { { "zhcexo.com", true }, { "zhen-chen.com", true }, { "zhengjie.com", true }, + { "zhenyan.org", true }, + { "zhi.ci", true }, { "zhiku8.com", true }, { "zhima.io", true }, { "zhitanska.com", true }, { "zhiwei.me", true }, { "zhl123.com", true }, - { "zhome.info", true }, + { "zhongzicili.ws", true }, { "zhoushuo.me", true }, { "zhoutiancai.cn", true }, { "zhovner.com", true }, { "zhthings.com", true }, { "zhuihoude.com", true }, - { "zhuji.com", true }, - { "zhuji.com.cn", true }, - { "zhuji5.com", true }, - { "zhuweiyou.com", true }, { "zi.is", true }, { "ziegler-family.com", true }, { "ziegler-heizung-frankfurt.de", true }, @@ -38537,7 +39308,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "zigottos.fr", true }, { "zigzagmart.com", true }, { "zihao.me", false }, - { "zii.bz", true }, { "zijung.me", true }, { "zikinf.com", true }, { "ziktime.com", true }, @@ -38554,11 +39324,13 @@ static const nsSTSPreload kSTSPreloadList[] = { { "zinniamay.com", true }, { "zinoui.com", true }, { "ziondrive.com.br", true }, + { "zionsvillelocksmiths.com", true }, { "zip.ch", true }, { "zipkey.de", true }, { "ziptie.com", true }, { "zircode.com", true }, { "ziroh.be", true }, + { "zirtek.ie", true }, { "zirtual.com", true }, { "zitrone44.de", true }, { "zitseng.com", true }, @@ -38567,10 +39339,10 @@ static const nsSTSPreload kSTSPreloadList[] = { { "zivmergers.com", true }, { "zivyruzenec.cz", false }, { "zixiao.wang", true }, - { "zixo.sk", true }, - { "ziz.exchange", true }, + { "zjv.me", true }, { "zk.gd", true }, { "zk9.nl", true }, + { "zkontrolujsiauto.cz", true }, { "zkrypt.cc", true }, { "zkzone.net", true }, { "zlatakus.cz", true }, @@ -38578,7 +39350,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "zlaty-tyden.cz", true }, { "zlatytyden.cz", true }, { "zlavomat.sk", true }, - { "zlc1994.com", true }, { "zlima12.com", true }, { "zlypi.com", true }, { "zmala.com", true }, @@ -38594,6 +39365,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "zmartagroup.se", true }, { "znation.nl", true }, { "zny.pw", true }, + { "zoarcampsite.uk", true }, { "zobraz.cz", true }, { "zobworks.com", true }, { "zoccarato.ovh", true }, @@ -38606,23 +39378,21 @@ static const nsSTSPreload kSTSPreloadList[] = { { "zoigl.club", true }, { "zojadravai.com", true }, { "zoki.art", true }, + { "zollihood.ch", true }, { "zolokar.xyz", true }, - { "zombiesecured.com", true }, { "zomerschoen.nl", true }, { "zonadigital.co", true }, { "zone-produkte.de", false }, { "zone39.com", true }, - { "zone403.net", true }, { "zonecb.com", true }, { "zonehomesolutions.com", true }, { "zonemaster.fr", true }, { "zonemaster.net", true }, + { "zonesec.org", true }, { "zonewatcher.com", true }, { "zonglovani.info", true }, { "zonky.cz", true }, { "zonkysetkani.cz", true }, - { "zoo.city", false }, - { "zoofit.com.au", true }, { "zooish.net", true }, { "zook.systems", true }, { "zoola.io", true }, @@ -38637,7 +39407,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "zootime.net", true }, { "zootime.org", true }, { "zoowiki.us", true }, - { "zooxdata.com", true }, { "zopy.com.br", true }, { "zopyx.com", true }, { "zor.com", true }, @@ -38647,10 +39416,11 @@ static const nsSTSPreload kSTSPreloadList[] = { { "zorium.org", true }, { "zorki.nl", true }, { "zorntt.fr", true }, + { "zotero.org", true }, { "zouk.info", true }, { "zouyaoji.top", true }, + { "zozo.com", true }, { "zozzle.co.uk", true }, - { "zqwqz.com", true }, { "zravypapir.cz", true }, { "zrhdwz.cn", true }, { "zrkr.de", true }, @@ -38667,7 +39437,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "zsrbcs.com", true }, { "zten.org", true }, { "ztjuh.tk", true }, - { "zuan-in.com", true }, { "zuan-in.net", true }, { "zubel.it", false }, { "zubora.co", true }, @@ -38682,6 +39451,7 @@ static const nsSTSPreload kSTSPreloadList[] = { { "zula.africa", true }, { "zulu.ro", true }, { "zum-baur.de", true }, + { "zumazar.ru", true }, { "zund-app.com", true }, { "zundapp529.nl", true }, { "zundappachterhoek.nl", true }, @@ -38706,8 +39476,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "zwollemag.nl", true }, { "zwollemagazine.nl", true }, { "zwy.ch", true }, - { "zx1168.com", true }, - { "zx2268.com", true }, { "zx6rninja.de", true }, { "zx7r.de", true }, { "zxavier.com", true }, @@ -38726,5 +39494,6 @@ static const nsSTSPreload kSTSPreloadList[] = { { "zyul.ddns.net", true }, { "zyzardx.com", true }, { "zzekj.net", true }, + { "zzpd.nl", false }, { "zzsec.org", true }, }; diff --git a/security/manager/ssl/tests/unit/test_weak_crypto.js b/security/manager/ssl/tests/unit/test_weak_crypto.js index effedf8e3..3367e9067 100644 --- a/security/manager/ssl/tests/unit/test_weak_crypto.js +++ b/security/manager/ssl/tests/unit/test_weak_crypto.js @@ -77,7 +77,6 @@ function startServer(cert, rc4only) { onStopListening: function() {} }; - tlsServer.setSessionCache(false); tlsServer.setSessionTickets(false); tlsServer.setRequestClientCertificate(Ci.nsITLSServerSocket.REQUEST_NEVER); if (rc4only) { diff --git a/security/nss/TAG-INFO b/security/nss/TAG-INFO index 1d96321b3..a004fa449 100644 --- a/security/nss/TAG-INFO +++ b/security/nss/TAG-INFO @@ -1 +1 @@ -NSS_3_36_4_RTM +NSS_3_38_RTM diff --git a/security/nss/automation/abi-check/expected-report-libnssutil3.so.txt b/security/nss/automation/abi-check/expected-report-libnssutil3.so.txt index e69de29bb..efc7d6d67 100644 --- a/security/nss/automation/abi-check/expected-report-libnssutil3.so.txt +++ b/security/nss/automation/abi-check/expected-report-libnssutil3.so.txt @@ -0,0 +1,4 @@ + +1 Added function: + + 'function SECStatus SECITEM_MakeItem(PLArenaPool*, SECItem*, unsigned char*, unsigned int)' {SECITEM_MakeItem@@NSSUTIL_3.38} diff --git a/security/nss/automation/abi-check/expected-report-libssl3.so.txt b/security/nss/automation/abi-check/expected-report-libssl3.so.txt index ad818d0aa..e69de29bb 100644 --- a/security/nss/automation/abi-check/expected-report-libssl3.so.txt +++ b/security/nss/automation/abi-check/expected-report-libssl3.so.txt @@ -1,28 +0,0 @@ - -1 function with some indirect sub-type change: - - [C]'function SECStatus SSL_GetChannelInfo(PRFileDesc*, SSLChannelInfo*, PRUintn)' at sslinfo.c:12:1 has some indirect sub-type changes: - parameter 2 of type 'SSLChannelInfo*' has sub-type changes: - in pointed to type 'typedef SSLChannelInfo' at sslt.h:318:1: - underlying type 'struct SSLChannelInfoStr' at sslt.h:251:1 changed: - type size hasn't changed - 1 data member change: - type of 'SSLSignatureScheme SSLChannelInfoStr::signatureScheme' changed: - underlying type 'enum __anonymous_enum__' at sslt.h:115:1 changed: - type size hasn't changed - 3 enumerator deletions: - '__anonymous_enum__::ssl_sig_rsa_pss_sha256' value '2052' - '__anonymous_enum__::ssl_sig_rsa_pss_sha384' value '2053' - '__anonymous_enum__::ssl_sig_rsa_pss_sha512' value '2054' - - 6 enumerator insertions: - '__anonymous_enum__::ssl_sig_rsa_pss_rsae_sha256' value '2052' - '__anonymous_enum__::ssl_sig_rsa_pss_rsae_sha384' value '2053' - '__anonymous_enum__::ssl_sig_rsa_pss_rsae_sha512' value '2054' - '__anonymous_enum__::ssl_sig_rsa_pss_pss_sha256' value '2057' - '__anonymous_enum__::ssl_sig_rsa_pss_pss_sha384' value '2058' - '__anonymous_enum__::ssl_sig_rsa_pss_pss_sha512' value '2059' - - - - diff --git a/security/nss/automation/abi-check/previous-nss-release b/security/nss/automation/abi-check/previous-nss-release index c213ca3f8..c52061e7e 100644 --- a/security/nss/automation/abi-check/previous-nss-release +++ b/security/nss/automation/abi-check/previous-nss-release @@ -1 +1 @@ -NSS_3_35_BRANCH +NSS_3_37_BRANCH diff --git a/security/nss/automation/taskcluster/docker-hacl/Dockerfile b/security/nss/automation/taskcluster/docker-hacl/Dockerfile index 63f9a24e2..50f2be239 100644 --- a/security/nss/automation/taskcluster/docker-hacl/Dockerfile +++ b/security/nss/automation/taskcluster/docker-hacl/Dockerfile @@ -5,11 +5,11 @@ MAINTAINER Franziskus Kiefer <franziskuskiefer@gmail.com> # the original F* formula with Daniel Fabian # Pinned versions of HACL* (F* and KreMLin are pinned as submodules) -ENV haclrepo https://github.com/franziskuskiefer/hacl-star.git +ENV haclrepo https://github.com/mitls/hacl-star.git # Define versions of dependencies -ENV opamv 4.04.2 -ENV haclversion 668d6cf274c33bbe2e951e3a84b73f2b6442a51f +ENV opamv 4.05.0 +ENV haclversion 1da331f9ef30e13269e45ae73bbe4a4bca679ae6 # Install required packages and set versions ADD setup.sh /tmp/setup.sh diff --git a/security/nss/automation/taskcluster/docker-hacl/setup-user.sh b/security/nss/automation/taskcluster/docker-hacl/setup-user.sh index b8accaf58..e2c0b857b 100644 --- a/security/nss/automation/taskcluster/docker-hacl/setup-user.sh +++ b/security/nss/automation/taskcluster/docker-hacl/setup-user.sh @@ -16,7 +16,6 @@ git -C hacl-star checkout ${haclversion} # This caches the extracted c code (pins the HACL* version). All we need to do # on CI now is comparing the code in this docker image with the one in NSS. opam config exec -- make -C hacl-star prepare -j$(nproc) -make -C hacl-star verify-nss -j$(nproc) make -C hacl-star -f Makefile.build snapshots/nss -j$(nproc) KOPTS="-funroll-loops 5" make -C hacl-star/code/curve25519 test -j$(nproc) make -C hacl-star/code/salsa-family test -j$(nproc) diff --git a/security/nss/automation/taskcluster/docker-saw/Dockerfile b/security/nss/automation/taskcluster/docker-saw/Dockerfile index a481ba048..d67787010 100644 --- a/security/nss/automation/taskcluster/docker-saw/Dockerfile +++ b/security/nss/automation/taskcluster/docker-saw/Dockerfile @@ -1,4 +1,4 @@ -FROM ubuntu:latest +FROM ubuntu:16.04 MAINTAINER Tim Taubert <ttaubert@mozilla.com> RUN useradd -d /home/worker -s /bin/bash -m worker diff --git a/security/nss/automation/taskcluster/docker/Dockerfile b/security/nss/automation/taskcluster/docker/Dockerfile index 8a2256d12..b3c2516ba 100644 --- a/security/nss/automation/taskcluster/docker/Dockerfile +++ b/security/nss/automation/taskcluster/docker/Dockerfile @@ -12,9 +12,6 @@ RUN chmod +x /home/worker/bin/* ADD setup.sh /tmp/setup.sh RUN bash /tmp/setup.sh -# Change user. -USER worker - # Env variables. ENV HOME /home/worker ENV SHELL /bin/bash diff --git a/security/nss/automation/taskcluster/graph/src/extend.js b/security/nss/automation/taskcluster/graph/src/extend.js index ee9ac9b74..5305325c5 100644 --- a/security/nss/automation/taskcluster/graph/src/extend.js +++ b/security/nss/automation/taskcluster/graph/src/extend.js @@ -995,13 +995,13 @@ async function scheduleTools() { })); queue.scheduleTask(merge(base, { - symbol: "scan-build-5.0", - name: "scan-build-5.0", - image: LINUX_IMAGE, + symbol: "scan-build", + name: "scan-build", + image: FUZZ_IMAGE, env: { USE_64: "1", - CC: "clang-5.0", - CCC: "clang++-5.0", + CC: "clang", + CCC: "clang++", }, artifacts: { public: { @@ -1092,5 +1092,17 @@ async function scheduleTools() { ] })); + queue.scheduleTask(merge(base, { + symbol: "Coverage", + name: "Coverage", + image: FUZZ_IMAGE, + features: ["allowPtrace"], + command: [ + "/bin/bash", + "-c", + "bin/checkout.sh && nss/automation/taskcluster/scripts/gen_coverage_report.sh" + ] + })); + return queue.submit(); } diff --git a/security/nss/automation/taskcluster/graph/src/try_syntax.js b/security/nss/automation/taskcluster/graph/src/try_syntax.js index 1c06dde13..214793bd5 100644 --- a/security/nss/automation/taskcluster/graph/src/try_syntax.js +++ b/security/nss/automation/taskcluster/graph/src/try_syntax.js @@ -51,7 +51,7 @@ function parseOptions(opts) { } // Parse tools. - let allTools = ["clang-format", "scan-build", "hacl", "saw", "abi"]; + let allTools = ["clang-format", "scan-build", "hacl", "saw", "abi", "coverage"]; let tools = intersect(opts.tools.split(/\s*,\s*/), allTools); // If the given value is "all" run all tools. diff --git a/security/nss/automation/taskcluster/scripts/gen_coverage_report.sh b/security/nss/automation/taskcluster/scripts/gen_coverage_report.sh new file mode 100644 index 000000000..3907c72e8 --- /dev/null +++ b/security/nss/automation/taskcluster/scripts/gen_coverage_report.sh @@ -0,0 +1,12 @@ +#!/usr/bin/env bash + +source $(dirname "$0")/tools.sh + +# Clone NSPR. +hg_clone https://hg.mozilla.org/projects/nspr ./nspr default + +out=/home/worker/artifacts +mkdir -p $out + +# Generate coverage report. +cd nss && ./mach coverage --outdir=$out ssl_gtests diff --git a/security/nss/automation/taskcluster/scripts/run_hacl.sh b/security/nss/automation/taskcluster/scripts/run_hacl.sh index 281075eef..6cbda49b4 100644 --- a/security/nss/automation/taskcluster/scripts/run_hacl.sh +++ b/security/nss/automation/taskcluster/scripts/run_hacl.sh @@ -12,8 +12,8 @@ set -e -x -v # The extracted C code from HACL* is already generated and the HACL* tests were # successfully executed. -# Verify Poly1305 (doesn't work in docker image build) -make verify -C ~/hacl-star/code/poly1305 -j$(nproc) +# Verify HACL*. Taskcluster fails when we do this in the image build. +make -C hacl-star verify-nss -j$(nproc) # Add license header to specs spec_files=($(find ~/hacl-star/specs -type f -name '*.fst')) diff --git a/security/nss/automation/taskcluster/scripts/tools.sh b/security/nss/automation/taskcluster/scripts/tools.sh index 46d567e3a..534cb32ce 100644 --- a/security/nss/automation/taskcluster/scripts/tools.sh +++ b/security/nss/automation/taskcluster/scripts/tools.sh @@ -3,11 +3,16 @@ set -v -e -x if [[ $(id -u) -eq 0 ]]; then + # Stupid Docker. It works without sometimes... But not always. + echo "127.0.0.1 localhost.localdomain" >> /etc/hosts + # Drop privileges by re-running this script. # Note: this mangles arguments, better to avoid running scripts as root. exec su worker -c "$0 $*" fi +export PATH="${PATH}:/home/worker/.cargo/bin/:/usr/lib/go-1.6/bin" + # Usage: hg_clone repo dir [revision=@] hg_clone() { repo=$1 diff --git a/security/nss/cmd/bltest/blapitest.c b/security/nss/cmd/bltest/blapitest.c index ca3d6f314..ef8fdd802 100644 --- a/security/nss/cmd/bltest/blapitest.c +++ b/security/nss/cmd/bltest/blapitest.c @@ -3724,7 +3724,7 @@ main(int argc, char **argv) /* test the RSA_PopulatePrivateKey function */ if (bltest.commands[cmd_RSAPopulate].activated) { unsigned int keySize = 1024; - unsigned long exponent = 65537; + unsigned long keyExponent = 65537; int rounds = 1; int ret = -1; @@ -3735,12 +3735,12 @@ main(int argc, char **argv) rounds = PORT_Atoi(bltest.options[opt_Rounds].arg); } if (bltest.options[opt_Exponent].activated) { - exponent = PORT_Atoi(bltest.options[opt_Exponent].arg); + keyExponent = PORT_Atoi(bltest.options[opt_Exponent].arg); } for (i = 0; i < rounds; i++) { printf("Running RSA Populate test round %d\n", i); - ret = doRSAPopulateTest(keySize, exponent); + ret = doRSAPopulateTest(keySize, keyExponent); if (ret != 0) { break; } diff --git a/security/nss/cmd/certutil/certutil.c b/security/nss/cmd/certutil/certutil.c index 20722ae78..dbb93c922 100644 --- a/security/nss/cmd/certutil/certutil.c +++ b/security/nss/cmd/certutil/certutil.c @@ -36,9 +36,11 @@ #include "certdb.h" #include "nss.h" #include "certutil.h" +#include "basicutil.h" +#include "ssl.h" #define MIN_KEY_BITS 512 -/* MAX_KEY_BITS should agree with MAX_RSA_MODULUS in freebl */ +/* MAX_KEY_BITS should agree with RSA_MAX_MODULUS_BITS in freebl */ #define MAX_KEY_BITS 8192 #define DEFAULT_KEY_BITS 2048 @@ -447,7 +449,8 @@ ChangeTrustAttributes(CERTCertDBHandle *handle, PK11SlotInfo *slot, } static SECStatus -DumpChain(CERTCertDBHandle *handle, char *name, PRBool ascii) +DumpChain(CERTCertDBHandle *handle, char *name, PRBool ascii, + PRBool simpleSelfSigned) { CERTCertificate *the_cert; CERTCertificateList *chain; @@ -458,6 +461,14 @@ DumpChain(CERTCertDBHandle *handle, char *name, PRBool ascii) SECU_PrintError(progName, "Could not find: %s\n", name); return SECFailure; } + if (simpleSelfSigned && + SECEqual == SECITEM_CompareItem(&the_cert->derIssuer, + &the_cert->derSubject)) { + printf("\"%s\" [%s]\n\n", the_cert->nickname, the_cert->subjectName); + CERT_DestroyCertificate(the_cert); + return SECSuccess; + } + chain = CERT_CertChainFromCert(the_cert, 0, PR_TRUE); CERT_DestroyCertificate(the_cert); if (!chain) { @@ -782,17 +793,17 @@ ValidateCert(CERTCertDBHandle *handle, char *name, char *date, fprintf(stdout, "%s: certificate is valid\n", progName); GEN_BREAK(SECSuccess) } else { - char *name; + char *nick; CERTVerifyLogNode *node; node = log->head; while (node) { if (node->cert->nickname != NULL) { - name = node->cert->nickname; + nick = node->cert->nickname; } else { - name = node->cert->subjectName; + nick = node->cert->subjectName; } - fprintf(stderr, "%s : %s\n", name, + fprintf(stderr, "%s : %s\n", nick, SECU_Strerror(node->error)); CERT_DestroyCertificate(node->cert); node = node->next; @@ -845,7 +856,7 @@ SECItemToHex(const SECItem *item, char *dst) } static const char *const keyTypeName[] = { - "null", "rsa", "dsa", "fortezza", "dh", "kea", "ec" + "null", "rsa", "dsa", "fortezza", "dh", "kea", "ec", "rsaPss" }; #define MAX_CKA_ID_BIN_LEN 20 @@ -999,7 +1010,7 @@ DeleteKey(char *nickname, secuPWData *pwdata) slot = PK11_GetInternalKeySlot(); if (PK11_NeedLogin(slot)) { - SECStatus rv = PK11_Authenticate(slot, PR_TRUE, pwdata); + rv = PK11_Authenticate(slot, PR_TRUE, pwdata); if (rv != SECSuccess) { SECU_PrintError(progName, "could not authenticate to token %s.", PK11_GetTokenName(slot)); @@ -1066,7 +1077,7 @@ PrintBuildFlags() } static void -PrintSyntax(char *progName) +PrintSyntax() { #define FPS fprintf(stderr, FPS "Type %s -H for more detailed descriptions\n", progName); @@ -1115,7 +1126,9 @@ PrintSyntax(char *progName) FPS "\t%s --build-flags\n", progName); FPS "\t%s -M -n cert-name -t trustargs [-d certdir] [-P dbprefix]\n", progName); - FPS "\t%s -O -n cert-name [-X] [-d certdir] [-a] [-P dbprefix]\n", progName); + FPS "\t%s -O -n cert-name [-X] [-d certdir] [-a] [-P dbprefix]\n" + "\t\t [--simple-self-signed]\n", + progName); FPS "\t%s -R -s subj -o cert-request-file [-d certdir] [-P dbprefix] [-p phone] [-a]\n" "\t\t [-7 emailAddrs] [-k key-type-or-id] [-h token-name] [-f pwfile]\n" "\t\t [-g key-size] [-Z hashAlg]\n", @@ -1542,6 +1555,8 @@ luO(enum usage_level ul, const char *command) " -P dbprefix"); FPS "%-20s force the database to open R/W\n", " -X"); + FPS "%-20s don't search for a chain if issuer name equals subject name\n", + " --simple-self-signed"); FPS "\n"); } @@ -1560,7 +1575,7 @@ luR(enum usage_level ul, const char *command) " -o output-req"); FPS "%-20s Type of key pair to generate (\"dsa\", \"ec\", \"rsa\" (default))\n", " -k key-type-or-id"); - FPS "%-20s or nickname of the cert key to use \n", + FPS "%-20s or nickname of the cert key to use, or key id obtained using -K\n", ""); FPS "%-20s Name of token in which to generate key (default is internal)\n", " -h token-name"); @@ -1838,7 +1853,7 @@ luBuildFlags(enum usage_level ul, const char *command) } static void -LongUsage(char *progName, enum usage_level ul, const char *command) +LongUsage(enum usage_level ul, const char *command) { luA(ul, command); luB(ul, command); @@ -1866,14 +1881,14 @@ LongUsage(char *progName, enum usage_level ul, const char *command) } static void -Usage(char *progName) +Usage() { PR_fprintf(PR_STDERR, "%s - Utility to manipulate NSS certificate databases\n\n" "Usage: %s <command> -d <database-directory> <options>\n\n" "Valid commands:\n", progName, progName); - LongUsage(progName, usage_selected, NULL); + LongUsage(usage_selected, NULL); PR_fprintf(PR_STDERR, "\n" "%s -H <command> : Print available options for the given command\n" "%s -H : Print complete help output of all commands and options\n" @@ -2269,10 +2284,10 @@ flagArray opFlagsArray[] = { NAME_SIZE(verify_recover), CKF_VERIFY_RECOVER }, { NAME_SIZE(wrap), CKF_WRAP }, { NAME_SIZE(unwrap), CKF_UNWRAP }, - { NAME_SIZE(derive), CKF_DERIVE }, + { NAME_SIZE(derive), CKF_DERIVE } }; -int opFlagsCount = sizeof(opFlagsArray) / sizeof(flagArray); +int opFlagsCount = PR_ARRAY_SIZE(opFlagsArray); flagArray attrFlagsArray[] = { @@ -2286,14 +2301,13 @@ flagArray attrFlagsArray[] = { NAME_SIZE(insensitive), PK11_ATTR_INSENSITIVE }, { NAME_SIZE(extractable), PK11_ATTR_EXTRACTABLE }, { NAME_SIZE(unextractable), PK11_ATTR_UNEXTRACTABLE } - }; -int attrFlagsCount = sizeof(attrFlagsArray) / sizeof(flagArray); +int attrFlagsCount = PR_ARRAY_SIZE(attrFlagsArray); #define MAX_STRING 30 CK_ULONG -GetFlags(char *flagsString, flagArray *flagArray, int count) +GetFlags(char *flagsString, flagArray *flags, int count) { CK_ULONG flagsValue = strtol(flagsString, NULL, 0); int i; @@ -2303,10 +2317,10 @@ GetFlags(char *flagsString, flagArray *flagArray, int count) } while (*flagsString) { for (i = 0; i < count; i++) { - if (strncmp(flagsString, flagArray[i].name, flagArray[i].nameSize) == + if (strncmp(flagsString, flags[i].name, flags[i].nameSize) == 0) { - flagsValue |= flagArray[i].value; - flagsString += flagArray[i].nameSize; + flagsValue |= flags[i].value; + flagsString += flags[i].nameSize; if (*flagsString != 0) { flagsString++; } @@ -2499,6 +2513,7 @@ enum certutilOpts { opt_NewNickname, opt_Pss, opt_PssSign, + opt_SimpleSelfSigned, opt_Help }; @@ -2623,6 +2638,8 @@ static const secuCommandFlag options_init[] = "pss" }, { /* opt_PssSign */ 0, PR_FALSE, 0, PR_FALSE, "pss-sign" }, + { /* opt_SimpleSelfSigned */ 0, PR_FALSE, 0, PR_FALSE, + "simple-self-signed" }, }; #define NUM_OPTIONS ((sizeof options_init) / (sizeof options_init[0])) @@ -2691,14 +2708,13 @@ certutil_main(int argc, char **argv, PRBool initialize) rv = SECU_ParseCommandLine(argc, argv, progName, &certutil); if (rv != SECSuccess) - Usage(progName); + Usage(); if (certutil.commands[cmd_PrintSyntax].activated) { - PrintSyntax(progName); + PrintSyntax(); } if (certutil.commands[cmd_PrintHelp].activated) { - int i; char buf[2]; const char *command = NULL; for (i = 0; i < max_cmd; i++) { @@ -2715,7 +2731,7 @@ certutil_main(int argc, char **argv, PRBool initialize) break; } } - LongUsage(progName, (command ? usage_selected : usage_all), command); + LongUsage((command ? usage_selected : usage_all), command); exit(1); } @@ -2823,7 +2839,7 @@ certutil_main(int argc, char **argv, PRBool initialize) if (certutil.options[opt_DBPrefix].arg) { certPrefix = certutil.options[opt_DBPrefix].arg; } else { - Usage(progName); + Usage(); } } @@ -2832,7 +2848,7 @@ certutil_main(int argc, char **argv, PRBool initialize) if (certutil.options[opt_SourcePrefix].arg) { srcCertPrefix = certutil.options[opt_SourcePrefix].arg; } else { - Usage(progName); + Usage(); } } @@ -2916,7 +2932,7 @@ certutil_main(int argc, char **argv, PRBool initialize) return 255; } if (commandsEntered == 0) { - Usage(progName); + Usage(); } if (certutil.commands[cmd_ListCerts].activated || @@ -3124,6 +3140,8 @@ certutil_main(int argc, char **argv, PRBool initialize) } initialized = PR_TRUE; SECU_RegisterDynamicOids(); + /* Ensure the SSL error code table has been registered. Bug 1460284. */ + SSL_OptionSetDefault(-1, 0); } certHandle = CERT_GetDefaultCertDB(); @@ -3350,7 +3368,8 @@ certutil_main(int argc, char **argv, PRBool initialize) } if (certutil.commands[cmd_DumpChain].activated) { rv = DumpChain(certHandle, name, - certutil.options[opt_ASCIIForIO].activated); + certutil.options[opt_ASCIIForIO].activated, + certutil.options[opt_SimpleSelfSigned].activated); goto shutdown; } /* XXX needs work */ @@ -3444,37 +3463,80 @@ certutil_main(int argc, char **argv, PRBool initialize) keycert = CERT_FindCertByNicknameOrEmailAddr(certHandle, keysource); if (!keycert) { keycert = PK11_FindCertFromNickname(keysource, NULL); - if (!keycert) { - SECU_PrintError(progName, - "%s is neither a key-type nor a nickname", keysource); + } + + if (keycert) { + privkey = PK11_FindKeyByDERCert(slot, keycert, &pwdata); + } else { + PLArenaPool *arena = NULL; + SECItem keyidItem = { 0 }; + char *keysourcePtr = keysource; + /* Interpret keysource as CKA_ID */ + if (PK11_NeedLogin(slot)) { + rv = PK11_Authenticate(slot, PR_TRUE, &pwdata); + if (rv != SECSuccess) { + SECU_PrintError(progName, "could not authenticate to token %s.", + PK11_GetTokenName(slot)); + return SECFailure; + } + } + if (0 == PL_strncasecmp("0x", keysource, 2)) { + keysourcePtr = keysource + 2; // skip leading "0x" + } + arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE); + if (!arena) { + SECU_PrintError(progName, "unable to allocate arena"); return SECFailure; } + if (SECU_HexString2SECItem(arena, &keyidItem, keysourcePtr)) { + privkey = PK11_FindKeyByKeyID(slot, &keyidItem, &pwdata); + } + PORT_FreeArena(arena, PR_FALSE); + } + + if (!privkey) { + SECU_PrintError( + progName, + "%s is neither a key-type nor a nickname nor a key-id", keysource); + return SECFailure; } - privkey = PK11_FindKeyByDERCert(slot, keycert, &pwdata); - if (privkey) - pubkey = CERT_ExtractPublicKey(keycert); + + pubkey = SECKEY_ConvertToPublicKey(privkey); if (!pubkey) { SECU_PrintError(progName, "Could not get keys from cert %s", keysource); + if (keycert) { + CERT_DestroyCertificate(keycert); + } rv = SECFailure; - CERT_DestroyCertificate(keycert); goto shutdown; } keytype = privkey->keyType; + /* On CertReq for renewal if no subject has been * specified obtain it from the certificate. */ if (certutil.commands[cmd_CertReq].activated && !subject) { - subject = CERT_AsciiToName(keycert->subjectName); - if (!subject) { - SECU_PrintError(progName, - "Could not get subject from certificate %s", keysource); - CERT_DestroyCertificate(keycert); + if (keycert) { + subject = CERT_AsciiToName(keycert->subjectName); + if (!subject) { + SECU_PrintError( + progName, + "Could not get subject from certificate %s", + keysource); + CERT_DestroyCertificate(keycert); + rv = SECFailure; + goto shutdown; + } + } else { + SECU_PrintError(progName, "Subject name not provided"); rv = SECFailure; goto shutdown; } } - CERT_DestroyCertificate(keycert); + if (keycert) { + CERT_DestroyCertificate(keycert); + } } else { privkey = CERTUTIL_GeneratePrivateKey(keytype, slot, keysize, @@ -3537,6 +3599,14 @@ certutil_main(int argc, char **argv, PRBool initialize) } } + if (certutil.options[opt_SimpleSelfSigned].activated && + !certutil.commands[cmd_DumpChain].activated) { + PR_fprintf(PR_STDERR, + "%s -%c: --simple-self-signed only works with -O.\n", + progName, commandToRun); + return 255; + } + /* If we need a list of extensions convert the flags into list format */ if (certutil.commands[cmd_CertReq].activated || certutil.commands[cmd_CreateAndAddCert].activated || diff --git a/security/nss/cmd/crlutil/crlutil.c b/security/nss/cmd/crlutil/crlutil.c index c008ecc01..c5527fc93 100644 --- a/security/nss/cmd/crlutil/crlutil.c +++ b/security/nss/cmd/crlutil/crlutil.c @@ -770,7 +770,7 @@ loser: } static void -Usage(char *progName) +Usage() { fprintf(stderr, "Usage: %s -L [-n nickname] [-d keydir] [-P dbprefix] [-t crlType]\n" @@ -908,7 +908,7 @@ main(int argc, char **argv) while ((status = PL_GetNextOpt(optstate)) == PL_OPT_OK) { switch (optstate->option) { case '?': - Usage(progName); + Usage(); break; case 'T': @@ -1038,17 +1038,17 @@ main(int argc, char **argv) } if (deleteCRL && !nickName) - Usage(progName); + Usage(); if (importCRL && !inFile) - Usage(progName); + Usage(); if (showFileCRL && !inFile) - Usage(progName); + Usage(); if ((generateCRL && !nickName) || (modifyCRL && !inFile && !nickName)) - Usage(progName); + Usage(); if (!(listCRL || deleteCRL || importCRL || showFileCRL || generateCRL || modifyCRL || test || erase)) - Usage(progName); + Usage(); if (listCRL || showFileCRL) { readonly = PR_TRUE; diff --git a/security/nss/cmd/crmftest/testcrmf.c b/security/nss/cmd/crmftest/testcrmf.c index cbc680b08..1c1359b1b 100644 --- a/security/nss/cmd/crmftest/testcrmf.c +++ b/security/nss/cmd/crmftest/testcrmf.c @@ -577,7 +577,6 @@ Decode(void) printf("WARNING: The DER contained %d messages.\n", numMsgs); } for (i = 0; i < numMsgs; i++) { - SECStatus rv; printf("crmftest: Processing cert request %d\n", i); certReqMsg = CRMF_CertReqMessagesGetCertReqMsgAtIndex(certReqMsgs, i); if (certReqMsg == NULL) { diff --git a/security/nss/cmd/dbtest/dbtest.c b/security/nss/cmd/dbtest/dbtest.c index 9a6a034a6..11713c23f 100644 --- a/security/nss/cmd/dbtest/dbtest.c +++ b/security/nss/cmd/dbtest/dbtest.c @@ -58,7 +58,7 @@ getPassword(PK11SlotInfo *slot, PRBool retry, void *arg) } static void -Usage(const char *progName) +Usage() { printf("Usage: %s [-r] [-f] [-i] [-d dbdir ] \n", progName); @@ -96,7 +96,7 @@ main(int argc, char **argv) switch (optstate->option) { case 'h': default: - Usage(progName); + Usage(); break; case 'r': @@ -122,7 +122,7 @@ main(int argc, char **argv) } PL_DestroyOptState(optstate); if (optstatus == PL_OPT_BAD) - Usage(progName); + Usage(); if (dbDir) { char *tmp = dbDir; @@ -181,7 +181,6 @@ main(int argc, char **argv) ret = SUCCESS; if (doInitTest) { PK11SlotInfo *slot = PK11_GetInternalKeySlot(); - SECStatus rv; int passwordSuccess = 0; int type = CKM_DES3_CBC; SECItem keyid = { 0, NULL, 0 }; diff --git a/security/nss/cmd/httpserv/httpserv.c b/security/nss/cmd/httpserv/httpserv.c index 7cf28c65a..71e2ab88d 100644 --- a/security/nss/cmd/httpserv/httpserv.c +++ b/security/nss/cmd/httpserv/httpserv.c @@ -682,6 +682,7 @@ handle_connection( } if (arena) { PORT_FreeArena(arena, PR_FALSE); + arena = NULL; } if (!request || !request->tbsRequest || !request->tbsRequest->requestList || @@ -753,11 +754,11 @@ handle_connection( { PRTime now = PR_Now(); - PLArenaPool *arena = NULL; CERTOCSPSingleResponse *sr; CERTOCSPSingleResponse **singleResponses; SECItem *ocspResponse; + PORT_Assert(!arena); arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE); if (unknown) { @@ -787,8 +788,8 @@ handle_connection( } else { PR_Write(ssl_sock, outOcspHeader, strlen(outOcspHeader)); PR_Write(ssl_sock, ocspResponse->data, ocspResponse->len); - PORT_FreeArena(arena, PR_FALSE); } + PORT_FreeArena(arena, PR_FALSE); } CERT_DestroyOCSPRequest(request); break; @@ -1357,7 +1358,6 @@ main(int argc, char **argv) caRevoIter = &caRevoInfos->link; do { PRFileDesc *inFile; - int rv = SECFailure; SECItem crlDER; crlDER.data = NULL; @@ -1413,11 +1413,9 @@ main(int argc, char **argv) if (provideOcsp) { if (caRevoInfos) { - PRCList *caRevoIter; - caRevoIter = &caRevoInfos->link; do { - caRevoInfo *revoInfo = (caRevoInfo *)caRevoIter; + revoInfo = (caRevoInfo *)caRevoIter; if (revoInfo->nickname) PORT_Free(revoInfo->nickname); if (revoInfo->crlFilename) diff --git a/security/nss/cmd/lib/secutil.c b/security/nss/cmd/lib/secutil.c index 2b33f8963..6be2df432 100644 --- a/security/nss/cmd/lib/secutil.c +++ b/security/nss/cmd/lib/secutil.c @@ -1528,9 +1528,9 @@ SECU_PrintDumpDerIssuerAndSerial(FILE *out, SECItem *der, char *m, unsigned int i; for (i = 0; i < c->serialNumber.len; ++i) { unsigned char *chardata = (unsigned char *)(c->serialNumber.data); - unsigned char c = *(chardata + i); + unsigned char ch = *(chardata + i); - fprintf(out, "\\x%02x", c); + fprintf(out, "\\x%02x", ch); } fprintf(out, "\" }\n"); } @@ -3137,7 +3137,7 @@ typedef enum { static int secu_PrintSignedDataSigOpt(FILE *out, SECItem *der, const char *m, int level, SECU_PPFunc inner, - SignatureOptionType withSignature) + SignatureOptionType signatureOption) { PLArenaPool *arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE); CERTSignedData *sd; @@ -3164,7 +3164,7 @@ secu_PrintSignedDataSigOpt(FILE *out, SECItem *der, const char *m, } rv = (*inner)(out, &sd->data, "Data", level + 1); - if (withSignature) { + if (signatureOption == withSignature) { SECU_PrintAlgorithmID(out, &sd->signatureAlgorithm, "Signature Algorithm", level + 1); DER_ConvertBitString(&sd->signature); diff --git a/security/nss/cmd/listsuites/listsuites.c b/security/nss/cmd/listsuites/listsuites.c index 8eb2c3553..b49f2d8cf 100644 --- a/security/nss/cmd/listsuites/listsuites.c +++ b/security/nss/cmd/listsuites/listsuites.c @@ -64,9 +64,7 @@ main(int argc, char **argv) /* disable all the SSL3 cipher suites */ for (i = 0; i < SSL_NumImplementedCiphers; i++) { PRUint16 suite = cipherSuites[i]; - SECStatus rv; PRBool enabled; - PRErrorCode err; SSLCipherSuiteInfo info; rv = SSL_CipherPrefGetDefault(suite, &enabled); diff --git a/security/nss/cmd/lowhashtest/lowhashtest.c b/security/nss/cmd/lowhashtest/lowhashtest.c index 29d6ff4fd..fcc06a86e 100644 --- a/security/nss/cmd/lowhashtest/lowhashtest.c +++ b/security/nss/cmd/lowhashtest/lowhashtest.c @@ -390,7 +390,7 @@ testSHA512(NSSLOWInitContext *initCtx) } static void -Usage(char *progName) +Usage() { fprintf(stderr, "Usage: %s [algorithm]\n", progName); @@ -436,7 +436,7 @@ main(int argc, char **argv) rv += testSHA512(initCtx); } else { SECU_PrintError(progName, "Unsupported hash type %s\n", argv[0]); - Usage(progName); + Usage(); } NSSLOW_Shutdown(initCtx); diff --git a/security/nss/cmd/modutil/install-ds.c b/security/nss/cmd/modutil/install-ds.c index 030568762..576839f8f 100644 --- a/security/nss/cmd/modutil/install-ds.c +++ b/security/nss/cmd/modutil/install-ds.c @@ -88,11 +88,11 @@ static const char* errString[] = { static char* PR_Strdup(const char* str); -#define PAD(x) \ - { \ - int i; \ - for (i = 0; i < x; i++) \ - printf(" "); \ +#define PAD(x) \ + { \ + int pad_i; \ + for (pad_i = 0; pad_i < (x); pad_i++) \ + printf(" "); \ } #define PADINC 4 diff --git a/security/nss/cmd/mpitests/mpi-test.c b/security/nss/cmd/mpitests/mpi-test.c index 3a1f5d6c2..b7953b6f6 100644 --- a/security/nss/cmd/mpitests/mpi-test.c +++ b/security/nss/cmd/mpitests/mpi-test.c @@ -375,14 +375,14 @@ void reason(char *fmt, ...); char g_intbuf[4096]; /* buffer for integer comparison */ char a_intbuf[4096]; /* buffer for integer comparison */ int g_verbose = 1; /* print out reasons for failure? */ -int res; - -#define IFOK(x) \ - { \ - if (MP_OKAY > (res = (x))) { \ - reason("test %s failed: error %d\n", #x, res); \ - return 1; \ - } \ + +#define IFOK(x) \ + { \ + int ifok_res = (x); \ + if (MP_OKAY > ifok_res) { \ + reason("test %s failed: error %d\n", #x, ifok_res); \ + return 1; \ + } \ } int diff --git a/security/nss/cmd/ocspclnt/ocspclnt.c b/security/nss/cmd/ocspclnt/ocspclnt.c index afcb7e13f..0927f8ef6 100644 --- a/security/nss/cmd/ocspclnt/ocspclnt.c +++ b/security/nss/cmd/ocspclnt/ocspclnt.c @@ -38,7 +38,7 @@ char *program_name; static void -synopsis(char *program_name) +synopsis(char *progname) { PRFileDesc *pr_stderr; @@ -46,44 +46,44 @@ synopsis(char *program_name) PR_fprintf(pr_stderr, "Usage:"); PR_fprintf(pr_stderr, "\t%s -p [-d <dir>]\n", - program_name); + progname); PR_fprintf(pr_stderr, "\t%s -P [-d <dir>]\n", - program_name); + progname); PR_fprintf(pr_stderr, "\t%s -r <name> [-a] [-L] [-s <name>] [-d <dir>]\n", - program_name); + progname); PR_fprintf(pr_stderr, "\t%s -R <name> [-a] [-l <location>] [-s <name>] [-d <dir>]\n", - program_name); + progname); PR_fprintf(pr_stderr, "\t%s -S <name> [-a] [-l <location> -t <name>]\n", - program_name); + progname); PR_fprintf(pr_stderr, "\t\t [-s <name>] [-w <time>] [-d <dir>]\n"); PR_fprintf(pr_stderr, "\t%s -V <name> [-a] -u <usage> [-l <location> -t <name>]\n", - program_name); + progname); PR_fprintf(pr_stderr, "\t\t [-s <name>] [-w <time>] [-d <dir>]\n"); } static void -short_usage(char *program_name) +short_usage(char *progname) { PR_fprintf(PR_STDERR, "Type %s -H for more detailed descriptions\n", - program_name); - synopsis(program_name); + progname); + synopsis(progname); } static void -long_usage(char *program_name) +long_usage(char *progname) { PRFileDesc *pr_stderr; pr_stderr = PR_STDERR; - synopsis(program_name); + synopsis(progname); PR_fprintf(pr_stderr, "\nCommands (must specify exactly one):\n"); PR_fprintf(pr_stderr, " %-13s Pretty-print a binary request read from stdin\n", diff --git a/security/nss/cmd/ocspresp/ocspresp.c b/security/nss/cmd/ocspresp/ocspresp.c index 632623c97..d18d32e18 100644 --- a/security/nss/cmd/ocspresp/ocspresp.c +++ b/security/nss/cmd/ocspresp/ocspresp.c @@ -194,8 +194,8 @@ main(int argc, char **argv) &obtainedSignerCert, caCert)); #ifdef DEBUG { - SECStatus rv = CERT_GetOCSPStatusForCertID(certHandle, decodedRev, cid, - obtainedSignerCert, now); + rv = CERT_GetOCSPStatusForCertID(certHandle, decodedRev, cid, + obtainedSignerCert, now); PORT_Assert(rv == SECFailure); PORT_Assert(PORT_GetError() == SEC_ERROR_REVOKED_CERTIFICATE); } @@ -211,7 +211,7 @@ main(int argc, char **argv) decodedFail = CERT_DecodeOCSPResponse(encodedFail); #ifdef DEBUG { - SECStatus rv = CERT_GetOCSPResponseStatus(decodedFail); + rv = CERT_GetOCSPResponseStatus(decodedFail); PORT_Assert(rv == SECFailure); PORT_Assert(PORT_GetError() == SEC_ERROR_OCSP_TRY_SERVER_LATER); } diff --git a/security/nss/cmd/pk12util/pk12util.c b/security/nss/cmd/pk12util/pk12util.c index 70454a0d8..5884713e3 100644 --- a/security/nss/cmd/pk12util/pk12util.c +++ b/security/nss/cmd/pk12util/pk12util.c @@ -28,7 +28,7 @@ static PRBool pk12uForceUnicode; PRIntn pk12uErrno = 0; static void -Usage(char *progName) +Usage() { #define FPS PR_fprintf(PR_STDERR, FPS "Usage: %s -i importfile [-d certdir] [-P dbprefix] [-h tokenname]\n", @@ -1020,26 +1020,26 @@ main(int argc, char **argv) rv = SECU_ParseCommandLine(argc, argv, progName, &pk12util); if (rv != SECSuccess) - Usage(progName); + Usage(); pk12_debugging = pk12util.options[opt_Debug].activated; if ((pk12util.options[opt_Import].activated + pk12util.options[opt_Export].activated + pk12util.options[opt_List].activated) != 1) { - Usage(progName); + Usage(); } if (pk12util.options[opt_Export].activated && !pk12util.options[opt_Nickname].activated) { - Usage(progName); + Usage(); } rv = NSS_OptionGet(__NSS_PKCS12_DECODE_FORCE_UNICODE, &forceUnicode); if (rv != SECSuccess) { SECU_PrintError(progName, "Failed to get NSS_PKCS12_DECODE_FORCE_UNICODE option"); - Usage(progName); + Usage(); } pk12uForceUnicode = forceUnicode; @@ -1144,7 +1144,7 @@ main(int argc, char **argv) P12U_ListPKCS12File(import_file, slot, &slotPw, &p12FilePw); } else { - Usage(progName); + Usage(); pk12uErrno = PK12UERR_USAGE; } diff --git a/security/nss/cmd/pk1sign/pk1sign.c b/security/nss/cmd/pk1sign/pk1sign.c index 085aa1659..d5524c149 100644 --- a/security/nss/cmd/pk1sign/pk1sign.c +++ b/security/nss/cmd/pk1sign/pk1sign.c @@ -178,7 +178,7 @@ loser: SECKEY_DestroyPrivateKey(privKey); } if (data) { - PORT_Free(data); + PR_Free(data); } PORT_FreeArena(arena, PR_FALSE); diff --git a/security/nss/cmd/rsaperf/rsaperf.c b/security/nss/cmd/rsaperf/rsaperf.c index 2bb23856e..7762a465b 100644 --- a/security/nss/cmd/rsaperf/rsaperf.c +++ b/security/nss/cmd/rsaperf/rsaperf.c @@ -313,7 +313,7 @@ main(int argc, char **argv) char *slotname = NULL; long keybits = 0; RSAOp fn; - void *rsaKey = NULL; + void *rsaKeyPtr = NULL; PLOptState *optstate; PLOptStatus optstatus; long iters = DEFAULT_ITERS; @@ -464,7 +464,7 @@ main(int argc, char **argv) if (doPub) { /* do public key ops */ fn = (RSAOp)PK11_PublicKeyOp; - rsaKey = (void *)pubHighKey; + rsaKeyPtr = (void *)pubHighKey; kh = PK11_ImportPublicKey(cert->slot, pubHighKey, PR_FALSE); if (CK_INVALID_HANDLE == kh) { @@ -489,7 +489,7 @@ main(int argc, char **argv) fn = (RSAOp)PK11_PrivateKeyOp; keys.privKey = privHighKey; keys.pubKey = pubHighKey; - rsaKey = (void *)&keys; + rsaKeyPtr = (void *)&keys; printf("Using PKCS#11 for RSA decryption with token %s.\n", PK11_GetTokenName(privHighKey->pkcs11Slot)); } @@ -537,13 +537,13 @@ main(int argc, char **argv) if (doPub) { /* do public key operations */ fn = (RSAOp)PK11_PublicKeyOp; - rsaKey = (void *)pubHighKey; + rsaKeyPtr = (void *)pubHighKey; } else { /* do private key operations */ fn = (RSAOp)PK11_PrivateKeyOp; keys.privKey = privHighKey; keys.pubKey = pubHighKey; - rsaKey = (void *)&keys; + rsaKeyPtr = (void *)&keys; } } else @@ -574,7 +574,7 @@ main(int argc, char **argv) pe.data = &pubEx[0]; pe.type = siBuffer; - rsaKey = RSA_NewKey(keybits, &pe); + rsaKeyPtr = RSA_NewKey(keybits, &pe); fprintf(stderr, "Keygen completed.\n"); } else { /* use a hardcoded key */ @@ -589,31 +589,31 @@ main(int argc, char **argv) if (doPub) { /* do public key operations */ fn = (RSAOp)RSA_PublicKeyOp; - if (rsaKey) { + if (rsaKeyPtr) { /* convert the RSAPrivateKey to RSAPublicKey */ pubKeyStr.arena = NULL; - pubKeyStr.modulus = ((RSAPrivateKey *)rsaKey)->modulus; + pubKeyStr.modulus = ((RSAPrivateKey *)rsaKeyPtr)->modulus; pubKeyStr.publicExponent = - ((RSAPrivateKey *)rsaKey)->publicExponent; - rsaKey = &pubKeyStr; + ((RSAPrivateKey *)rsaKeyPtr)->publicExponent; + rsaKeyPtr = &pubKeyStr; } else { /* convert NSSLOWKeyPublicKey to RSAPublicKey */ - rsaKey = (void *)(&pubKey->u.rsa); + rsaKeyPtr = (void *)(&pubKey->u.rsa); } - PORT_Assert(rsaKey); + PORT_Assert(rsaKeyPtr); } else { /* do private key operations */ fn = (RSAOp)RSA_PrivateKeyOp; if (privKey) { /* convert NSSLOWKeyPrivateKey to RSAPrivateKey */ - rsaKey = (void *)(&privKey->u.rsa); + rsaKeyPtr = (void *)(&privKey->u.rsa); } - PORT_Assert(rsaKey); + PORT_Assert(rsaKeyPtr); } } memset(buf, 1, sizeof buf); - rv = fn(rsaKey, buf2, buf); + rv = fn(rsaKeyPtr, buf2, buf); if (rv != SECSuccess) { PRErrorCode errNum; const char *errStr = NULL; @@ -638,7 +638,7 @@ main(int argc, char **argv) runDataArr[i]->fn = fn; runDataArr[i]->buf = buf; runDataArr[i]->doIters = &doIters; - runDataArr[i]->rsaKey = rsaKey; + runDataArr[i]->rsaKey = rsaKeyPtr; runDataArr[i]->seconds = seconds; runDataArr[i]->iters = iters; threadsArr[i] = diff --git a/security/nss/cmd/selfserv/selfserv.c b/security/nss/cmd/selfserv/selfserv.c index fac428e10..c372ec9b8 100644 --- a/security/nss/cmd/selfserv/selfserv.c +++ b/security/nss/cmd/selfserv/selfserv.c @@ -57,7 +57,7 @@ int NumSidCacheEntries = 1024; -static int handle_connection(PRFileDesc *, PRFileDesc *, int); +static int handle_connection(PRFileDesc *, PRFileDesc *); static const char envVarName[] = { SSL_ENV_VAR_NAME }; static const char inheritableSockName[] = { "SELFSERV_LISTEN_SOCKET" }; @@ -509,7 +509,6 @@ typedef struct jobStr { PRCList link; PRFileDesc *tcp_sock; PRFileDesc *model_sock; - int requestCert; } JOB; static PZLock *qLock; /* this lock protects all data immediately below */ @@ -541,7 +540,7 @@ setupJobs(int maxJobs) return SECSuccess; } -typedef int startFn(PRFileDesc *a, PRFileDesc *b, int c); +typedef int startFn(PRFileDesc *a, PRFileDesc *b); typedef enum { rs_idle = 0, rs_running = 1, @@ -550,7 +549,6 @@ typedef enum { rs_idle = 0, typedef struct perThreadStr { PRFileDesc *a; PRFileDesc *b; - int c; int rv; startFn *startFunc; PRThread *prThread; @@ -564,7 +562,7 @@ thread_wrapper(void *arg) { perThread *slot = (perThread *)arg; - slot->rv = (*slot->startFunc)(slot->a, slot->b, slot->c); + slot->rv = (*slot->startFunc)(slot->a, slot->b); /* notify the thread exit handler. */ PZ_Lock(qLock); @@ -575,7 +573,7 @@ thread_wrapper(void *arg) } int -jobLoop(PRFileDesc *a, PRFileDesc *b, int c) +jobLoop(PRFileDesc *a, PRFileDesc *b) { PRCList *myLink = 0; JOB *myJob; @@ -595,8 +593,7 @@ jobLoop(PRFileDesc *a, PRFileDesc *b, int c) /* myJob will be null when stopping is true and jobQ is empty */ if (!myJob) break; - handle_connection(myJob->tcp_sock, myJob->model_sock, - myJob->requestCert); + handle_connection(myJob->tcp_sock, myJob->model_sock); PZ_Lock(qLock); PR_APPEND_LINK(myLink, &freeJobs); PZ_NotifyCondVar(freeListNotEmptyCv); @@ -609,7 +606,6 @@ launch_threads( startFn *startFunc, PRFileDesc *a, PRFileDesc *b, - int c, PRBool local) { int i; @@ -645,7 +641,6 @@ launch_threads( slot->state = rs_running; slot->a = a; slot->b = b; - slot->c = c; slot->startFunc = startFunc; slot->prThread = PR_CreateThread(PR_USER_THREAD, thread_wrapper, slot, PR_PRIORITY_NORMAL, @@ -893,8 +888,7 @@ int /* returns count */ int do_writes( PRFileDesc *ssl_sock, - PRFileDesc *model_sock, - int requestCert) + PRFileDesc *model_sock) { int sent = 0; int count = 0; @@ -925,8 +919,7 @@ do_writes( static int handle_fdx_connection( PRFileDesc *tcp_sock, - PRFileDesc *model_sock, - int requestCert) + PRFileDesc *model_sock) { PRFileDesc *ssl_sock = NULL; SECStatus result; @@ -960,8 +953,7 @@ handle_fdx_connection( lockedVars_AddToCount(&lv, 1); /* Attempt to launch the writer thread. */ - result = launch_thread(do_writes, ssl_sock, (PRFileDesc *)&lv, - requestCert); + result = launch_thread(do_writes, ssl_sock, (PRFileDesc *)&lv); if (result == SECSuccess) do { @@ -1093,7 +1085,7 @@ makeCorruptedOCSPResponse(PLArenaPool *arena) } SECItemArray * -makeSignedOCSPResponse(PLArenaPool *arena, ocspStaplingModeType osm, +makeSignedOCSPResponse(PLArenaPool *arena, CERTCertificate *cert, secuPWData *pwdata) { SECItemArray *result = NULL; @@ -1117,7 +1109,7 @@ makeSignedOCSPResponse(PLArenaPool *arena, ocspStaplingModeType osm, nextUpdate = now + (PRTime)60 * 60 * 24 * PR_USEC_PER_SEC; /* plus 1 day */ - switch (osm) { + switch (ocspStaplingMode) { case osm_good: case osm_badsig: sr = CERT_CreateOCSPSingleResponseGood(arena, cid, now, @@ -1150,7 +1142,7 @@ makeSignedOCSPResponse(PLArenaPool *arena, ocspStaplingModeType osm, singleResponses[1] = NULL; ocspResponse = CERT_CreateEncodedOCSPSuccessResponse(arena, - (osm == osm_badsig) + (ocspStaplingMode == osm_badsig) ? NULL : ca, ocspResponderID_byName, now, singleResponses, @@ -1175,7 +1167,7 @@ makeSignedOCSPResponse(PLArenaPool *arena, ocspStaplingModeType osm, } void -setupCertStatus(PLArenaPool *arena, enum ocspStaplingModeEnum ocspStaplingMode, +setupCertStatus(PLArenaPool *arena, CERTCertificate *cert, int index, secuPWData *pwdata) { if (ocspStaplingMode == osm_random) { @@ -1213,7 +1205,7 @@ setupCertStatus(PLArenaPool *arena, enum ocspStaplingModeEnum ocspStaplingMode, case osm_unknown: case osm_badsig: multiOcspResponses = - makeSignedOCSPResponse(arena, ocspStaplingMode, cert, + makeSignedOCSPResponse(arena, cert, pwdata); break; case osm_corrupted: @@ -1236,10 +1228,7 @@ setupCertStatus(PLArenaPool *arena, enum ocspStaplingModeEnum ocspStaplingMode, } int -handle_connection( - PRFileDesc *tcp_sock, - PRFileDesc *model_sock, - int requestCert) +handle_connection(PRFileDesc *tcp_sock, PRFileDesc *model_sock) { PRFileDesc *ssl_sock = NULL; PRFileDesc *local_file_fd = NULL; @@ -1272,7 +1261,6 @@ handle_connection( VLOG(("selfserv: handle_connection: starting\n")); if (useModelSocket && model_sock) { - SECStatus rv; ssl_sock = SSL_ImportFD(model_sock, tcp_sock); if (!ssl_sock) { errWarn("SSL_ImportFD with model"); @@ -1588,8 +1576,7 @@ sigusr1_handler(int sig) SECStatus do_accepts( PRFileDesc *listen_sock, - PRFileDesc *model_sock, - int requestCert) + PRFileDesc *model_sock) { PRNetAddr addr; PRErrorCode perr; @@ -1659,7 +1646,6 @@ do_accepts( JOB *myJob = (JOB *)myLink; myJob->tcp_sock = tcp_sock; myJob->model_sock = model_sock; - myJob->requestCert = requestCert; } PR_APPEND_LINK(myLink, &jobQ); @@ -1818,7 +1804,6 @@ handshakeCallback(PRFileDesc *fd, void *client_data) void server_main( PRFileDesc *listen_sock, - int requestCert, SECKEYPrivateKey **privKey, CERTCertificate **cert, const char *expectedHostNameVal) @@ -2021,7 +2006,7 @@ server_main( /* end of ssl configuration. */ /* Now, do the accepting, here in the main thread. */ - rv = do_accepts(listen_sock, model_sock, requestCert); + rv = do_accepts(listen_sock, model_sock); terminateWorkerThreads(); @@ -2654,9 +2639,8 @@ main(int argc, char **argv) } } if (cipher > 0) { - SECStatus status; - status = SSL_CipherPrefSetDefault(cipher, SSL_ALLOWED); - if (status != SECSuccess) + rv = SSL_CipherPrefSetDefault(cipher, SSL_ALLOWED); + if (rv != SECSuccess) SECU_PrintError(progName, "SSL_CipherPrefSet()"); } else { fprintf(stderr, @@ -2684,7 +2668,7 @@ main(int argc, char **argv) exit(11); } if (privKey[i]->keyType != ecKey) - setupCertStatus(certStatusArena, ocspStaplingMode, cert[i], i, &pwdata); + setupCertStatus(certStatusArena, cert[i], i, &pwdata); } if (configureWeakDHE > 0) { @@ -2697,7 +2681,7 @@ main(int argc, char **argv) } /* allocate the array of thread slots, and launch the worker threads. */ - rv = launch_threads(&jobLoop, 0, 0, requestCert, useLocalThreads); + rv = launch_threads(&jobLoop, 0, 0, useLocalThreads); if (rv == SECSuccess && logStats) { loggerThread = PR_CreateThread(PR_SYSTEM_THREAD, @@ -2712,7 +2696,7 @@ main(int argc, char **argv) } if (rv == SECSuccess) { - server_main(listen_sock, requestCert, privKey, cert, + server_main(listen_sock, privKey, cert, expectedHostNameVal); } @@ -2731,7 +2715,6 @@ cleanup: } { - int i; for (i = 0; i < certNicknameIndex; i++) { if (cert[i]) { CERT_DestroyCertificate(cert[i]); diff --git a/security/nss/cmd/shlibsign/shlibsign.c b/security/nss/cmd/shlibsign/shlibsign.c index d93fc422d..221d1e67e 100644 --- a/security/nss/cmd/shlibsign/shlibsign.c +++ b/security/nss/cmd/shlibsign/shlibsign.c @@ -148,7 +148,7 @@ writeItem(PRFileDesc *fd, CK_VOID_PTR pValue, return PR_FAILURE; } bytesWritten = PR_Write(fd, pValue, ulValueLen); - if (bytesWritten != ulValueLen) { + if (bytesWritten < 0 || (CK_ULONG)bytesWritten != ulValueLen) { lperror(file); return PR_FAILURE; } diff --git a/security/nss/cmd/signtool/javascript.c b/security/nss/cmd/signtool/javascript.c index ffff2db59..58869aa61 100644 --- a/security/nss/cmd/signtool/javascript.c +++ b/security/nss/cmd/signtool/javascript.c @@ -1300,7 +1300,6 @@ extract_js(char *filename) * Now we have a stream of tags and text. Go through and deal with each. */ for (curitem = head; curitem; curitem = curitem->next) { - TagItem *tagp = NULL; AVPair *pairp = NULL; char *src = NULL, *id = NULL, *codebase = NULL; PRBool hasEventHandler = PR_FALSE; @@ -1669,11 +1668,14 @@ loser: * Returns PR_SUCCESS if the directory is present, PR_FAILURE otherwise. */ static PRStatus -ensureExists(char *base, char *path) +ensureExists(char *basepath, char *path) { char fn[FNSIZE]; PRDir *dir; - sprintf(fn, "%s/%s", base, path); + int c = snprintf(fn, sizeof(fn), "%s/%s", basepath, path); + if (c >= sizeof(fn)) { + return PR_FAILURE; + } /*PR_fprintf(outputFD, "Trying to open directory %s.\n", fn);*/ diff --git a/security/nss/cmd/signtool/sign.c b/security/nss/cmd/signtool/sign.c index 6f8e43946..534530947 100644 --- a/security/nss/cmd/signtool/sign.c +++ b/security/nss/cmd/signtool/sign.c @@ -175,16 +175,16 @@ typedef struct { * */ int -SignAllArc(char *jartree, char *keyName, int javascript, char *metafile, - char *install_script, int optimize, PRBool recurse) +SignAllArc(char *jartree, char *keyName, int javascript, char *metafilename, + char *install_script, int optimize_level, PRBool recurse) { SignArcInfo info; info.keyName = keyName; info.javascript = javascript; - info.metafile = metafile; + info.metafile = metafilename; info.install_script = install_script; - info.optimize = optimize; + info.optimize = optimize_level; return foreach (jartree, "", sign_all_arc_fn, recurse, PR_TRUE /*include dirs*/, (void *)&info); @@ -194,7 +194,7 @@ static int sign_all_arc_fn(char *relpath, char *basedir, char *reldir, char *filename, void *arg) { - char *zipfile = NULL; + char *zipfilename = NULL; char *arc = NULL, *archive = NULL; int retval = 0; SignArcInfo *infop = (SignArcInfo *)arg; @@ -212,8 +212,8 @@ sign_all_arc_fn(char *relpath, char *basedir, char *reldir, char *filename, } archive = PR_smprintf("%s/%s", basedir, relpath); - zipfile = PL_strdup(archive); - arc = PORT_Strrchr(zipfile, '.'); + zipfilename = PL_strdup(archive); + arc = PORT_Strrchr(zipfilename, '.'); if (arc == NULL) { PR_fprintf(errorFD, "%s: Internal failure\n", PROGRAM_NAME); @@ -225,17 +225,17 @@ sign_all_arc_fn(char *relpath, char *basedir, char *reldir, char *filename, PL_strcpy(arc, ".jar"); if (verbosity >= 0) { - PR_fprintf(outputFD, "\nsigning: %s\n", zipfile); + PR_fprintf(outputFD, "\nsigning: %s\n", zipfilename); } - retval = SignArchive(archive, infop->keyName, zipfile, + retval = SignArchive(archive, infop->keyName, zipfilename, infop->javascript, infop->metafile, infop->install_script, infop->optimize, PR_TRUE /* recurse */); } finish: if (archive) PR_Free(archive); - if (zipfile) - PR_Free(zipfile); + if (zipfilename) + PR_Free(zipfilename); return retval; } @@ -707,8 +707,8 @@ SignFile(FILE *outFile, FILE *inFile, CERTCertificate *cert) static int generate_SF_file(char *manifile, char *who) { - FILE *sf; - FILE *mf; + FILE *sfFile; + FILE *mfFile; long r1, r2, r3; char whofile[FNSIZE]; char *buf, *name = NULL; @@ -718,12 +718,12 @@ generate_SF_file(char *manifile, char *who) strcpy(whofile, who); - if ((mf = fopen(manifile, "rb")) == NULL) { + if ((mfFile = fopen(manifile, "rb")) == NULL) { perror(manifile); exit(ERRX); } - if ((sf = fopen(whofile, "wb")) == NULL) { + if ((sfFile = fopen(whofile, "wb")) == NULL) { perror(who); exit(ERRX); } @@ -736,11 +736,11 @@ generate_SF_file(char *manifile, char *who) if (buf == NULL || name == NULL) out_of_memory(); - fprintf(sf, "Signature-Version: 1.0\n"); - fprintf(sf, "Created-By: %s\n", CREATOR); - fprintf(sf, "Comments: %s\n", BREAKAGE); + fprintf(sfFile, "Signature-Version: 1.0\n"); + fprintf(sfFile, "Created-By: %s\n", CREATOR); + fprintf(sfFile, "Comments: %s\n", BREAKAGE); - if (fgets(buf, BUFSIZ, mf) == NULL) { + if (fgets(buf, BUFSIZ, mfFile) == NULL) { PR_fprintf(errorFD, "%s: empty manifest file!\n", PROGRAM_NAME); errorCount++; exit(ERRX); @@ -752,15 +752,15 @@ generate_SF_file(char *manifile, char *who) exit(ERRX); } - fseek(mf, 0L, SEEK_SET); + fseek(mfFile, 0L, SEEK_SET); /* Process blocks of headers, and calculate their hashen */ while (1) { /* Beginning range */ - r1 = ftell(mf); + r1 = ftell(mfFile); - if (fgets(name, BUFSIZ, mf) == NULL) + if (fgets(name, BUFSIZ, mfFile) == NULL) break; line++; @@ -774,46 +774,46 @@ generate_SF_file(char *manifile, char *who) } r2 = r1; - while (fgets(buf, BUFSIZ, mf)) { + while (fgets(buf, BUFSIZ, mfFile)) { if (*buf == 0 || *buf == '\n' || *buf == '\r') break; line++; /* Ending range for hashing */ - r2 = ftell(mf); + r2 = ftell(mfFile); } - r3 = ftell(mf); + r3 = ftell(mfFile); if (r1) { - fprintf(sf, "\n"); - fprintf(sf, "%s", name); + fprintf(sfFile, "\n"); + fprintf(sfFile, "%s", name); } - calculate_MD5_range(mf, r1, r2, &dig); + calculate_MD5_range(mfFile, r1, r2, &dig); if (optimize == 0) { - fprintf(sf, "Digest-Algorithms: MD5 SHA1\n"); + fprintf(sfFile, "Digest-Algorithms: MD5 SHA1\n"); md5 = BTOA_DataToAscii(dig.md5, MD5_LENGTH); - fprintf(sf, "MD5-Digest: %s\n", md5); + fprintf(sfFile, "MD5-Digest: %s\n", md5); PORT_Free(md5); } sha1 = BTOA_DataToAscii(dig.sha1, SHA1_LENGTH); - fprintf(sf, "SHA1-Digest: %s\n", sha1); + fprintf(sfFile, "SHA1-Digest: %s\n", sha1); PORT_Free(sha1); /* restore normalcy after changing offset position */ - fseek(mf, r3, SEEK_SET); + fseek(mfFile, r3, SEEK_SET); } PORT_Free(buf); PORT_Free(name); - fclose(sf); - fclose(mf); + fclose(sfFile); + fclose(mfFile); return 0; } diff --git a/security/nss/cmd/signtool/zip.c b/security/nss/cmd/signtool/zip.c index 35d5f5733..aeb5d6c54 100644 --- a/security/nss/cmd/signtool/zip.c +++ b/security/nss/cmd/signtool/zip.c @@ -129,7 +129,7 @@ handle_zerror(int err, char *msg) * been opened with JzipOpen. */ int -JzipAdd(char *fullname, char *filename, ZIPfile *zipfile, int compression_level) +JzipAdd(char *fullname, char *filename, ZIPfile *zipfile, int lvl) { ZIPentry *entry; PRFileDesc *readfp; @@ -319,7 +319,7 @@ JzipAdd(char *fullname, char *filename, ZIPfile *zipfile, int compression_level) * It causes zlib to leave out its headers and footers, which don't * work in PKZIP files. */ - err = deflateInit2(&zstream, compression_level, Z_DEFLATED, + err = deflateInit2(&zstream, lvl, Z_DEFLATED, -MAX_WBITS, 8 /*default*/, Z_DEFAULT_STRATEGY); if (err != Z_OK) { handle_zerror(err, zstream.msg); diff --git a/security/nss/cmd/smimetools/cmsutil.c b/security/nss/cmd/smimetools/cmsutil.c index fe17f26a4..7106521c1 100644 --- a/security/nss/cmd/smimetools/cmsutil.c +++ b/security/nss/cmd/smimetools/cmsutil.c @@ -68,7 +68,7 @@ DigestFile(PLArenaPool *poolp, SECItem ***digests, SECItem *input, } static void -Usage(char *progName) +Usage(void) { fprintf(stderr, "Usage: %s [-C|-D|-E|-O|-S] [<options>] [-d dbdir] [-u certusage]\n" @@ -280,7 +280,6 @@ decode(FILE *out, SECItem *input, const struct decodeOptionsStr *decodeOptions) ** or might be an invalid message, such as a QA test message ** or a message from an attacker. */ - SECStatus rv; rv = NSS_CMSSignedData_VerifyCertsOnly(sigd, decodeOptions->options->certHandle, decodeOptions->options->certUsage); @@ -1127,7 +1126,7 @@ main(int argc, char **argv) fprintf(stderr, "%s: option -G only supported with option -S.\n", progName); - Usage(progName); + Usage(); exit(1); } signOptions.signingTime = PR_TRUE; @@ -1137,7 +1136,7 @@ main(int argc, char **argv) fprintf(stderr, "%s: option -H only supported with option -S.\n", progName); - Usage(progName); + Usage(); exit(1); } decodeOptions.suppressContent = PR_TRUE; @@ -1167,7 +1166,7 @@ main(int argc, char **argv) fprintf(stderr, "%s: option -N only supported with option -S.\n", progName); - Usage(progName); + Usage(); exit(1); } signOptions.nickname = PORT_Strdup(optstate->value); @@ -1180,7 +1179,7 @@ main(int argc, char **argv) fprintf(stderr, "%s: option -P only supported with option -S.\n", progName); - Usage(progName); + Usage(); exit(1); } signOptions.smimeProfile = PR_TRUE; @@ -1193,7 +1192,7 @@ main(int argc, char **argv) fprintf(stderr, "%s: option -T only supported with option -S.\n", progName); - Usage(progName); + Usage(); exit(1); } signOptions.detached = PR_TRUE; @@ -1203,7 +1202,7 @@ main(int argc, char **argv) fprintf(stderr, "%s: option -Y only supported with option -S.\n", progName); - Usage(progName); + Usage(); exit(1); } signOptions.encryptionKeyPreferenceNick = strdup(optstate->value); @@ -1214,7 +1213,7 @@ main(int argc, char **argv) fprintf(stderr, "%s: option -b only supported with option -D.\n", progName); - Usage(progName); + Usage(); exit(1); } batch = PR_TRUE; @@ -1225,7 +1224,7 @@ main(int argc, char **argv) fprintf(stderr, "%s: option -c only supported with option -D.\n", progName); - Usage(progName); + Usage(); exit(1); } contentFile = PR_Open(optstate->value, PR_RDONLY, 006600); @@ -1261,7 +1260,7 @@ main(int argc, char **argv) fprintf(stderr, "%s: option -h only supported with option -D.\n", progName); - Usage(progName); + Usage(); exit(1); } decodeOptions.headerLevel = atoi(optstate->value); @@ -1288,7 +1287,7 @@ main(int argc, char **argv) fprintf(stderr, "%s: option -k only supported with option -D.\n", progName); - Usage(progName); + Usage(); exit(1); } decodeOptions.keepCerts = PR_TRUE; @@ -1299,7 +1298,7 @@ main(int argc, char **argv) fprintf(stderr, "%s: option -n only supported with option -D.\n", progName); - Usage(progName); + Usage(); exit(1); } decodeOptions.suppressContent = PR_TRUE; @@ -1315,7 +1314,7 @@ main(int argc, char **argv) case 'p': if (!optstate->value) { fprintf(stderr, "%s: option -p must have a value.\n", progName); - Usage(progName); + Usage(); exit(1); } @@ -1325,7 +1324,7 @@ main(int argc, char **argv) case 'f': if (!optstate->value) { fprintf(stderr, "%s: option -f must have a value.\n", progName); - Usage(progName); + Usage(); exit(1); } @@ -1335,7 +1334,7 @@ main(int argc, char **argv) case 'r': if (!optstate->value) { fprintf(stderr, "%s: option -r must have a value.\n", progName); - Usage(progName); + Usage(); exit(1); } envelopeOptions.recipients = ptrarray; @@ -1368,11 +1367,11 @@ main(int argc, char **argv) } } if (status == PL_OPT_BAD) - Usage(progName); + Usage(); PL_DestroyOptState(optstate); if (mode == UNKNOWN) - Usage(progName); + Usage(); if (mode != CERTSONLY && !batch) { rv = SECU_FileToItem(&input, inFile); @@ -1529,7 +1528,7 @@ main(int argc, char **argv) break; default: fprintf(stderr, "One of options -D, -S or -E must be set.\n"); - Usage(progName); + Usage(); exitstatus = 1; } diff --git a/security/nss/cmd/strsclnt/strsclnt.c b/security/nss/cmd/strsclnt/strsclnt.c index 7d259bd0a..bba53efac 100644 --- a/security/nss/cmd/strsclnt/strsclnt.c +++ b/security/nss/cmd/strsclnt/strsclnt.c @@ -137,7 +137,7 @@ SECItem bigBuf; fprintf static void -Usage(const char *progName) +Usage(void) { fprintf(stderr, "Usage: %s [-n nickname] [-p port] [-d dbdir] [-c connections]\n" @@ -260,7 +260,6 @@ void printSecurityInfo(PRFileDesc *fd) { CERTCertificate *cert = NULL; - SSL3Statistics *ssl3stats = SSL_GetStatistics(); SECStatus result; SSLChannelInfo channel; SSLCipherSuiteInfo suite; @@ -1095,7 +1094,6 @@ client_main( while (0 != (ndx = *cipherString)) { const char *startCipher = cipherString++; int cipher = 0; - SECStatus rv; if (ndx == ':') { cipher = hexchar_to_int(*cipherString++); @@ -1353,7 +1351,7 @@ main(int argc, char **argv) enabledVersions, &enabledVersions) != SECSuccess) { fprintf(stderr, "Bad version specified.\n"); - Usage(progName); + Usage(); } break; @@ -1431,27 +1429,27 @@ main(int argc, char **argv) case 0: /* positional parameter */ if (hostName) { - Usage(progName); + Usage(); } hostName = PL_strdup(optstate->value); break; default: case '?': - Usage(progName); + Usage(); break; } } PL_DestroyOptState(optstate); if (!hostName || status == PL_OPT_BAD) - Usage(progName); + Usage(); if (fullhs != NO_FULLHS_PERCENTAGE && (fullhs < 0 || fullhs > 100 || NoReuse)) - Usage(progName); + Usage(); if (port == 0) - Usage(progName); + Usage(); if (fileName) readBigFile(fileName); diff --git a/security/nss/cmd/symkeyutil/symkeyutil.c b/security/nss/cmd/symkeyutil/symkeyutil.c index 444456808..31ab4dda4 100644 --- a/security/nss/cmd/symkeyutil/symkeyutil.c +++ b/security/nss/cmd/symkeyutil/symkeyutil.c @@ -1034,10 +1034,10 @@ main(int argc, char **argv) char *targetName = symKeyUtil.options[opt_TargetToken].arg; PK11SymKey *newKey; PK11SymKey *symKey = FindKey(slot, name, &keyID, &pwdata); - char *keyName = PK11_GetSymKeyNickname(symKey); + char *keyName; if (!symKey) { - char *keyName = keyID.data ? BufToHex(&keyID) : PORT_Strdup(name); + keyName = keyID.data ? BufToHex(&keyID) : PORT_Strdup(name); PR_fprintf(PR_STDERR, "%s: Couldn't find key %s on %s\n", progName, keyName, PK11_GetTokenName(slot)); PORT_Free(keyName); @@ -1061,6 +1061,7 @@ main(int argc, char **argv) PR_fprintf(PR_STDERR, "%s: Couldn't move the key \n", progName); goto shutdown; } + keyName = PK11_GetSymKeyNickname(symKey); if (keyName) { rv = PK11_SetSymKeyNickname(newKey, keyName); if (rv != SECSuccess) { diff --git a/security/nss/cmd/tstclnt/tstclnt.c b/security/nss/cmd/tstclnt/tstclnt.c index 1ad99502b..6f5a43146 100644 --- a/security/nss/cmd/tstclnt/tstclnt.c +++ b/security/nss/cmd/tstclnt/tstclnt.c @@ -51,6 +51,7 @@ #define MAX_WAIT_FOR_SERVER 600 #define WAIT_INTERVAL 100 +#define ZERO_RTT_MAX (2 << 16) #define EXIT_CODE_HANDSHAKE_FAILED 254 @@ -99,6 +100,7 @@ int renegotiationsDone = 0; PRBool initializedServerSessionCache = PR_FALSE; static char *progName; +static const char *requestFile; secuPWData pwdata = { PW_NONE, 0 }; @@ -172,7 +174,7 @@ printSecurityInfo(PRFileDesc *fd) } static void -PrintUsageHeader(const char *progName) +PrintUsageHeader() { fprintf(stderr, "Usage: %s -h host [-a 1st_hs_name ] [-a 2nd_hs_name ] [-p port]\n" @@ -186,7 +188,7 @@ PrintUsageHeader(const char *progName) } static void -PrintParameterUsage(void) +PrintParameterUsage() { fprintf(stderr, "%-20s Send different SNI name. 1st_hs_name - at first\n" "%-20s handshake, 2nd_hs_name - at second handshake.\n" @@ -259,17 +261,17 @@ PrintParameterUsage(void) } static void -Usage(const char *progName) +Usage() { - PrintUsageHeader(progName); + PrintUsageHeader(); PrintParameterUsage(); exit(1); } static void -PrintCipherUsage(const char *progName) +PrintCipherUsage() { - PrintUsageHeader(progName); + PrintUsageHeader(); fprintf(stderr, "%-20s Letter(s) chosen from the following list\n", "-c ciphers"); fprintf(stderr, @@ -303,7 +305,7 @@ milliPause(PRUint32 milli) } void -disableAllSSLCiphers(void) +disableAllSSLCiphers() { const PRUint16 *cipherSuites = SSL_GetImplementedCiphers(); int i = SSL_GetNumImplementedCiphers(); @@ -711,12 +713,18 @@ void thread_main(void *arg) { PRFileDesc *ps = (PRFileDesc *)arg; - PRFileDesc *std_in = PR_GetSpecialFD(PR_StandardInput); + PRFileDesc *std_in; int wc, rc; char buf[256]; + if (requestFile) { + std_in = PR_Open(requestFile, PR_RDONLY, 0); + } else { + std_in = PR_GetSpecialFD(PR_StandardInput); + } + #ifdef WIN32 - { + if (!requestFile) { /* Put stdin into O_BINARY mode ** or else incoming \r\n's will become \n's. */ @@ -737,6 +745,9 @@ thread_main(void *arg) wc = PR_Send(ps, buf, rc, 0, maxInterval); } while (wc == rc); PR_Close(ps); + if (requestFile) { + PR_Close(std_in); + } } #endif @@ -844,7 +855,7 @@ separateReqHeader(const PRFileDesc *outFd, const char *buf, const int nb, } else if (((c) >= 'A') && ((c) <= 'F')) { \ i = (c) - 'A' + 10; \ } else { \ - Usage(progName); \ + Usage(); \ } static SECStatus @@ -915,22 +926,22 @@ char *hs1SniHostName = NULL; char *hs2SniHostName = NULL; PRUint16 portno = 443; int override = 0; -char *requestString = NULL; -PRInt32 requestStringLen = 0; -PRBool requestSent = PR_FALSE; PRBool enableZeroRtt = PR_FALSE; +PRUint8 *zeroRttData; +unsigned int zeroRttLen = 0; PRBool enableAltServerHello = PR_FALSE; PRBool useDTLS = PR_FALSE; PRBool actAsServer = PR_FALSE; PRBool stopAfterHandshake = PR_FALSE; PRBool requestToExit = PR_FALSE; char *versionString = NULL; +PRBool handshakeComplete = PR_FALSE; static int -writeBytesToServer(PRFileDesc *s, const char *buf, int nb) +writeBytesToServer(PRFileDesc *s, const PRUint8 *buf, int nb) { SECStatus rv; - const char *bufp = buf; + const PRUint8 *bufp = buf; PRPollDesc pollDesc; pollDesc.in_flags = PR_POLL_WRITE | PR_POLL_EXCEPT; @@ -944,12 +955,20 @@ writeBytesToServer(PRFileDesc *s, const char *buf, int nb) if (cc < 0) { PRErrorCode err = PR_GetError(); if (err != PR_WOULD_BLOCK_ERROR) { - SECU_PrintError(progName, - "write to SSL socket failed"); + SECU_PrintError(progName, "write to SSL socket failed"); return 254; } cc = 0; } + FPRINTF(stderr, "%s: %d bytes written\n", progName, cc); + if (enableZeroRtt && !handshakeComplete) { + if (zeroRttLen + cc > ZERO_RTT_MAX) { + SECU_PrintError(progName, "too much early data to save"); + return -1; + } + PORT_Memcpy(zeroRttData + zeroRttLen, bufp, cc); + zeroRttLen += cc; + } bufp += cc; nb -= cc; if (nb <= 0) @@ -969,8 +988,7 @@ writeBytesToServer(PRFileDesc *s, const char *buf, int nb) progName); cc = PR_Poll(&pollDesc, 1, PR_INTERVAL_NO_TIMEOUT); if (cc < 0) { - SECU_PrintError(progName, - "PR_Poll failed"); + SECU_PrintError(progName, "PR_Poll failed"); return -1; } FPRINTF(stderr, @@ -993,7 +1011,7 @@ handshakeCallback(PRFileDesc *fd, void *client_data) SSL_ReHandshake(fd, (renegotiationsToDo < 2)); ++renegotiationsDone; } - if (requestString && requestSent) { + if (zeroRttLen) { /* This data was sent in 0-RTT. */ SSLChannelInfo info; SECStatus rv; @@ -1003,29 +1021,30 @@ handshakeCallback(PRFileDesc *fd, void *client_data) return; if (!info.earlyDataAccepted) { - FPRINTF(stderr, "Early data rejected. Re-sending\n"); - writeBytesToServer(fd, requestString, requestStringLen); + FPRINTF(stderr, "Early data rejected. Re-sending %d bytes\n", + zeroRttLen); + writeBytesToServer(fd, zeroRttData, zeroRttLen); + zeroRttLen = 0; } } if (stopAfterHandshake) { requestToExit = PR_TRUE; } + handshakeComplete = PR_TRUE; } -#define REQUEST_WAITING (requestString && !requestSent) - static SECStatus -installServerCertificate(PRFileDesc *s, char *nickname) +installServerCertificate(PRFileDesc *s, char *nick) { CERTCertificate *cert; SECKEYPrivateKey *privKey = NULL; - if (!nickname) { + if (!nick) { PORT_SetError(SEC_ERROR_INVALID_ARGS); return SECFailure; } - cert = PK11_FindCertFromNickname(nickname, &pwdata); + cert = PK11_FindCertFromNickname(nick, &pwdata); if (cert == NULL) { return SECFailure; } @@ -1129,20 +1148,19 @@ connectToServer(PRFileDesc *s, PRPollDesc *pollset) } static int -run(void) +run() { int headerSeparatorPtrnId = 0; int error = 0; SECStatus rv; PRStatus status; PRInt32 filesReady; - int npds; PRFileDesc *s = NULL; PRFileDesc *std_out; - PRPollDesc pollset[2]; + PRPollDesc pollset[2] = { { 0 }, { 0 } }; PRBool wrStarted = PR_FALSE; - requestSent = PR_FALSE; + handshakeComplete = PR_FALSE; /* Create socket */ if (useDTLS) { @@ -1225,19 +1243,18 @@ run(void) cipherString++; } else { if (!isalpha(ndx)) - Usage(progName); + Usage(); ndx = tolower(ndx) - 'a'; if (ndx < PR_ARRAY_SIZE(ssl3CipherSuites)) { cipher = ssl3CipherSuites[ndx]; } } if (cipher > 0) { - SECStatus status; - status = SSL_CipherPrefSet(s, cipher, SSL_ALLOWED); - if (status != SECSuccess) + rv = SSL_CipherPrefSet(s, cipher, SSL_ALLOWED); + if (rv != SECSuccess) SECU_PrintError(progName, "SSL_CipherPrefSet()"); } else { - Usage(progName); + Usage(); } } PORT_Free(cstringSaved); @@ -1394,7 +1411,6 @@ run(void) /* Try to connect to the server */ rv = connectToServer(s, pollset); if (rv != SECSuccess) { - ; error = 1; goto done; } @@ -1406,13 +1422,18 @@ run(void) pollset[SSOCK_FD].in_flags |= (clientSpeaksFirst ? 0 : PR_POLL_READ); else pollset[SSOCK_FD].in_flags |= PR_POLL_READ; - pollset[STDIN_FD].fd = PR_GetSpecialFD(PR_StandardInput); - if (!REQUEST_WAITING) { - pollset[STDIN_FD].in_flags = PR_POLL_READ; - npds = 2; + if (requestFile) { + pollset[STDIN_FD].fd = PR_Open(requestFile, PR_RDONLY, 0); + if (!pollset[STDIN_FD].fd) { + fprintf(stderr, "%s: unable to open input file: %s\n", + progName, requestFile); + error = 1; + goto done; + } } else { - npds = 1; + pollset[STDIN_FD].fd = PR_GetSpecialFD(PR_StandardInput); } + pollset[STDIN_FD].in_flags = PR_POLL_READ; std_out = PR_GetSpecialFD(PR_StandardOutput); #if defined(WIN32) || defined(OS2) @@ -1458,10 +1479,9 @@ run(void) requestToExit = PR_FALSE; FPRINTF(stderr, "%s: ready...\n", progName); while (!requestToExit && - ((pollset[SSOCK_FD].in_flags | pollset[STDIN_FD].in_flags) || - REQUEST_WAITING)) { - char buf[4000]; /* buffer for stdin */ - int nb; /* num bytes read from stdin. */ + (pollset[SSOCK_FD].in_flags || pollset[STDIN_FD].in_flags)) { + PRUint8 buf[4000]; /* buffer for stdin */ + int nb; /* num bytes read from stdin. */ rv = restartHandshakeAfterServerCertIfNeeded(s, &serverCertAuth, override); @@ -1475,7 +1495,8 @@ run(void) pollset[STDIN_FD].out_flags = 0; FPRINTF(stderr, "%s: about to call PR_Poll !\n", progName); - filesReady = PR_Poll(pollset, npds, PR_INTERVAL_NO_TIMEOUT); + filesReady = PR_Poll(pollset, PR_ARRAY_SIZE(pollset), + PR_INTERVAL_NO_TIMEOUT); if (filesReady < 0) { SECU_PrintError(progName, "select failed"); error = 1; @@ -1497,14 +1518,6 @@ run(void) "%s: PR_Poll returned 0x%02x for socket out_flags.\n", progName, pollset[SSOCK_FD].out_flags); } - if (REQUEST_WAITING) { - error = writeBytesToServer(s, requestString, requestStringLen); - if (error) { - goto done; - } - requestSent = PR_TRUE; - pollset[SSOCK_FD].in_flags = PR_POLL_READ; - } if (pollset[STDIN_FD].out_flags & PR_POLL_READ) { /* Read from stdin and write to socket */ nb = PR_Read(pollset[STDIN_FD].fd, buf, sizeof(buf)); @@ -1518,6 +1531,8 @@ run(void) } else if (nb == 0) { /* EOF on stdin, stop polling stdin for read. */ pollset[STDIN_FD].in_flags = 0; + if (actAsServer) + requestToExit = PR_TRUE; } else { error = writeBytesToServer(s, buf, nb); if (error) { @@ -1532,12 +1547,12 @@ run(void) "%s: PR_Poll returned 0x%02x for socket out_flags.\n", progName, pollset[SSOCK_FD].out_flags); } - if ((pollset[SSOCK_FD].out_flags & PR_POLL_READ) || - (pollset[SSOCK_FD].out_flags & PR_POLL_ERR) #ifdef PR_POLL_HUP - || (pollset[SSOCK_FD].out_flags & PR_POLL_HUP) +#define POLL_RECV_FLAGS (PR_POLL_READ | PR_POLL_ERR | PR_POLL_HUP) +#else +#define POLL_RECV_FLAGS (PR_POLL_READ | PR_POLL_ERR) #endif - ) { + if (pollset[SSOCK_FD].out_flags & POLL_RECV_FLAGS) { /* Read from socket and write to stdout */ nb = PR_Recv(pollset[SSOCK_FD].fd, buf, sizeof buf, 0, maxInterval); FPRINTF(stderr, "%s: Read from server %d bytes\n", progName, nb); @@ -1554,7 +1569,7 @@ run(void) if (skipProtoHeader != PR_TRUE || wrStarted == PR_TRUE) { PR_Write(std_out, buf, nb); } else { - separateReqHeader(std_out, buf, nb, &wrStarted, + separateReqHeader(std_out, (char *)buf, nb, &wrStarted, &headerSeparatorPtrnId); } if (verbose) @@ -1568,42 +1583,10 @@ done: if (s) { PR_Close(s); } - - return error; -} - -PRInt32 -ReadFile(const char *filename, char **data) -{ - char *ret = NULL; - char buf[8192]; - unsigned int len = 0; - PRStatus rv; - - PRFileDesc *fd = PR_Open(filename, PR_RDONLY, 0); - if (!fd) - return -1; - - for (;;) { - rv = PR_Read(fd, buf, sizeof(buf)); - if (rv < 0) { - PR_Free(ret); - return rv; - } - - if (!rv) - break; - - ret = PR_Realloc(ret, len + rv); - if (!ret) { - return -1; - } - PORT_Memcpy(ret + len, buf, rv); - len += rv; + if (requestFile && pollset[STDIN_FD].fd) { + PR_Close(pollset[STDIN_FD].fd); } - - *data = ret; - return len; + return error; } int @@ -1653,26 +1636,22 @@ main(int argc, char **argv) switch (optstate->option) { case '?': default: - Usage(progName); + Usage(); break; case '4': allowIPv6 = PR_FALSE; if (!allowIPv4) - Usage(progName); + Usage(); break; case '6': allowIPv4 = PR_FALSE; if (!allowIPv6) - Usage(progName); + Usage(); break; case 'A': - requestStringLen = ReadFile(optstate->value, &requestString); - if (requestStringLen < 0) { - fprintf(stderr, "Couldn't read file %s\n", optstate->value); - exit(1); - } + requestFile = PORT_Strdup(optstate->value); break; case 'C': @@ -1735,7 +1714,7 @@ main(int argc, char **argv) actAsServer = 1; } else { if (strcmp(optstate->value, "client")) { - Usage(progName); + Usage(); } } break; @@ -1768,16 +1747,21 @@ main(int argc, char **argv) if (!strcmp(optstate->value, "alt-server-hello")) { enableAltServerHello = PR_TRUE; } else { - Usage(progName); + Usage(); } break; case 'Y': - PrintCipherUsage(progName); + PrintCipherUsage(); exit(0); break; case 'Z': enableZeroRtt = PR_TRUE; + zeroRttData = PORT_ZAlloc(ZERO_RTT_MAX); + if (!zeroRttData) { + fprintf(stderr, "Unable to allocate buffer for 0-RTT\n"); + exit(1); + } break; case 'a': @@ -1786,7 +1770,7 @@ main(int argc, char **argv) } else if (!hs2SniHostName) { hs2SniHostName = PORT_Strdup(optstate->value); } else { - Usage(progName); + Usage(); } break; @@ -1875,7 +1859,7 @@ main(int argc, char **argv) if (rv != SECSuccess) { PL_DestroyOptState(optstate); fprintf(stderr, "Bad group specified.\n"); - Usage(progName); + Usage(); } break; } @@ -1889,18 +1873,18 @@ main(int argc, char **argv) enabledVersions, &enabledVersions) != SECSuccess) { fprintf(stderr, "Bad version specified.\n"); - Usage(progName); + Usage(); } PORT_Free(versionString); } if (optstatus == PL_OPT_BAD) { - Usage(progName); + Usage(); } if (!host || !portno) { fprintf(stderr, "%s: parameters -h and -p are mandatory\n", progName); - Usage(progName); + Usage(); } if (serverCertAuth.testFreshStatusFromSideChannel && @@ -2060,20 +2044,13 @@ done: PR_Close(s); } - if (hs1SniHostName) { - PORT_Free(hs1SniHostName); - } - if (hs2SniHostName) { - PORT_Free(hs2SniHostName); - } - if (nickname) { - PORT_Free(nickname); - } - if (pwdata.data) { - PORT_Free(pwdata.data); - } + PORT_Free((void *)requestFile); + PORT_Free(hs1SniHostName); + PORT_Free(hs2SniHostName); + PORT_Free(nickname); + PORT_Free(pwdata.data); PORT_Free(host); - PORT_Free(requestString); + PORT_Free(zeroRttData); if (enabledGroups) { PORT_Free(enabledGroups); diff --git a/security/nss/cmd/vfyserv/vfyserv.c b/security/nss/cmd/vfyserv/vfyserv.c index aa648ad8c..4234ecd09 100644 --- a/security/nss/cmd/vfyserv/vfyserv.c +++ b/security/nss/cmd/vfyserv/vfyserv.c @@ -327,9 +327,7 @@ do_connects(void *a, int connection) } void -client_main(unsigned short port, - int connections, - const char *hostName) +client_main(int connections) { int i; SECStatus secStatus; @@ -553,7 +551,7 @@ main(int argc, char **argv) } } - client_main(port, connections, hostName); + client_main(connections); cleanup: if (doOcspCheck) { diff --git a/security/nss/cmd/vfyserv/vfyutil.c b/security/nss/cmd/vfyserv/vfyutil.c index 2f1b53262..d3d8a206e 100644 --- a/security/nss/cmd/vfyserv/vfyutil.c +++ b/security/nss/cmd/vfyserv/vfyutil.c @@ -310,13 +310,13 @@ myHandshakeCallback(PRFileDesc *socket, void *arg) void disableAllSSLCiphers(void) { - const PRUint16 *cipherSuites = SSL_ImplementedCiphers; + const PRUint16 *allSuites = SSL_ImplementedCiphers; int i = SSL_NumImplementedCiphers; SECStatus rv; /* disable all the SSL3 cipher suites */ while (--i >= 0) { - PRUint16 suite = cipherSuites[i]; + PRUint16 suite = allSuites[i]; rv = SSL_CipherPrefSetDefault(suite, PR_FALSE); if (rv != SECSuccess) { fprintf(stderr, diff --git a/security/nss/coreconf/Werror.mk b/security/nss/coreconf/Werror.mk index 69155eb14..a569a497c 100644 --- a/security/nss/coreconf/Werror.mk +++ b/security/nss/coreconf/Werror.mk @@ -48,9 +48,11 @@ ifndef WARNING_CFLAGS else # This tests to see if enabling the warning is possible before # setting an option to disable it. - disable_warning = $(shell $(CC) -x c -E -Werror -W$(1) /dev/null >/dev/null 2>&1 && echo -Wno-$(1)) + set_warning = $(shell $(CC) -x c -E -Werror -W$(1) /dev/null >/dev/null 2>&1 && echo -W$(2)$(1)) + enable_warning = $(call set_warning,$(1),) + disable_warning = $(call set_warning,$(1),no-) - WARNING_CFLAGS = -Wall + WARNING_CFLAGS = -Wall $(call enable_warning,shadow) ifdef CC_IS_CLANG # -Qunused-arguments : clang objects to arguments that it doesn't understand # and fixing this would require rearchitecture diff --git a/security/nss/coreconf/config.mk b/security/nss/coreconf/config.mk index 55d95c30e..b62f6cef4 100644 --- a/security/nss/coreconf/config.mk +++ b/security/nss/coreconf/config.mk @@ -181,6 +181,10 @@ ifndef NSS_FORCE_FIPS DEFINES += -DNSS_NO_INIT_SUPPORT endif +ifdef NSS_SEED_ONLY_DEV_URANDOM +DEFINES += -DSEED_ONLY_DEV_URANDOM +endif + # Avoid building object leak test code for optimized library ifndef BUILD_OPT ifdef PKIX_OBJECT_LEAK_TEST diff --git a/security/nss/coreconf/coreconf.dep b/security/nss/coreconf/coreconf.dep index 5182f7555..590d1bfae 100644 --- a/security/nss/coreconf/coreconf.dep +++ b/security/nss/coreconf/coreconf.dep @@ -10,3 +10,4 @@ */ #error "Do not include this header file." + diff --git a/security/nss/coreconf/nsinstall/pathsub.c b/security/nss/coreconf/nsinstall/pathsub.c index a42a9f30a..c31a946f0 100644 --- a/security/nss/coreconf/nsinstall/pathsub.c +++ b/security/nss/coreconf/nsinstall/pathsub.c @@ -212,7 +212,7 @@ reversepath(char *inpath, char *name, int len, char *outpath) xchdir(".."); } else { cp -= 3; - strncpy(cp, "../", 3); + memcpy(cp, "../", 3); xchdir(buf); } } diff --git a/security/nss/coreconf/werror.py b/security/nss/coreconf/werror.py index c469c4002..0e2d41c63 100644 --- a/security/nss/coreconf/werror.py +++ b/security/nss/coreconf/werror.py @@ -54,7 +54,7 @@ def main(): set_warning(w, 'no-') print('-Qunused-arguments') - # set_warning('shadow') # Bug 1309068 + set_warning('shadow') if __name__ == '__main__': main() diff --git a/security/nss/cpputil/databuffer.cc b/security/nss/cpputil/databuffer.cc index d60ebccb3..1420d76b4 100644 --- a/security/nss/cpputil/databuffer.cc +++ b/security/nss/cpputil/databuffer.cc @@ -18,12 +18,12 @@ namespace nss_test { -void DataBuffer::Assign(const uint8_t* data, size_t len) { - if (data) { - Allocate(len); - memcpy(static_cast<void*>(data_), static_cast<const void*>(data), len); +void DataBuffer::Assign(const uint8_t* d, size_t l) { + if (d) { + Allocate(l); + memcpy(static_cast<void*>(data_), static_cast<const void*>(d), l); } else { - assert(len == 0); + assert(l == 0); data_ = nullptr; len_ = 0; } diff --git a/security/nss/cpputil/databuffer.h b/security/nss/cpputil/databuffer.h index 58e07efe1..5ec035098 100644 --- a/security/nss/cpputil/databuffer.h +++ b/security/nss/cpputil/databuffer.h @@ -17,8 +17,8 @@ namespace nss_test { class DataBuffer { public: DataBuffer() : data_(nullptr), len_(0) {} - DataBuffer(const uint8_t* data, size_t len) : data_(nullptr), len_(0) { - Assign(data, len); + DataBuffer(const uint8_t* d, size_t l) : data_(nullptr), len_(0) { + Assign(d, l); } DataBuffer(const DataBuffer& other) : data_(nullptr), len_(0) { Assign(other); @@ -32,17 +32,17 @@ class DataBuffer { return *this; } - void Allocate(size_t len) { + void Allocate(size_t l) { delete[] data_; - data_ = new uint8_t[len ? len : 1]; // Don't depend on new [0]. - len_ = len; + data_ = new uint8_t[l ? l : 1]; // Don't depend on new [0]. + len_ = l; } - void Truncate(size_t len) { len_ = (std::min)(len_, len); } + void Truncate(size_t l) { len_ = (std::min)(len_, l); } void Assign(const DataBuffer& other) { Assign(other.data(), other.len()); } - void Assign(const uint8_t* data, size_t len); + void Assign(const uint8_t* d, size_t l); // Write will do a new allocation and expand the size of the buffer if needed. // Returns the offset of the end of the write. diff --git a/security/nss/cpputil/scoped_ptrs.h b/security/nss/cpputil/scoped_ptrs.h index 8a0b4f5ab..6ffef4dd3 100644 --- a/security/nss/cpputil/scoped_ptrs.h +++ b/security/nss/cpputil/scoped_ptrs.h @@ -45,6 +45,7 @@ struct ScopedDelete { void operator()(SEC_PKCS12DecoderContext* dcx) { SEC_PKCS12DecoderFinish(dcx); } + void operator()(CERTDistNames* names) { CERT_FreeDistNames(names); } }; template <class T> @@ -78,6 +79,7 @@ SCOPED(PK11Context); SCOPED(PK11GenericObject); SCOPED(SSLResumptionTokenInfo); SCOPED(SEC_PKCS12DecoderContext); +SCOPED(CERTDistNames); #undef SCOPED diff --git a/security/nss/cpputil/tls_parser.cc b/security/nss/cpputil/tls_parser.cc index e4c06aa91..efedd7a65 100644 --- a/security/nss/cpputil/tls_parser.cc +++ b/security/nss/cpputil/tls_parser.cc @@ -46,6 +46,21 @@ bool TlsParser::Read(DataBuffer* val, size_t len) { return true; } +bool TlsParser::ReadFromMark(DataBuffer* val, size_t len, size_t mark) { + auto saved = offset_; + offset_ = mark; + + if (remaining() < len) { + offset_ = saved; + return false; + } + + val->Assign(ptr(), len); + + offset_ = saved; + return true; +} + bool TlsParser::ReadVariable(DataBuffer* val, size_t len_size) { uint32_t len; if (!Read(&len, len_size)) { diff --git a/security/nss/cpputil/tls_parser.h b/security/nss/cpputil/tls_parser.h index 436c11e76..56f562e07 100644 --- a/security/nss/cpputil/tls_parser.h +++ b/security/nss/cpputil/tls_parser.h @@ -123,6 +123,7 @@ class TlsParser { bool Read(uint32_t* val, size_t size); // Reads len bytes into dest buffer, overwriting it. bool Read(DataBuffer* dest, size_t len); + bool ReadFromMark(DataBuffer* val, size_t len, size_t mark); // Reads bytes into dest buffer, overwriting it. The number of bytes is // determined by reading from len_size bytes from the stream first. bool ReadVariable(DataBuffer* dest, size_t len_size); diff --git a/security/nss/fuzz/fuzz.gyp b/security/nss/fuzz/fuzz.gyp index ed1f53d58..69e178319 100644 --- a/security/nss/fuzz/fuzz.gyp +++ b/security/nss/fuzz/fuzz.gyp @@ -44,6 +44,9 @@ # This is a static build of pk11wrap, softoken, and freebl. '<(DEPTH)/lib/pk11wrap/pk11wrap.gyp:pk11wrap_static', ], + 'cflags_cc': [ + '-Wno-error=shadow', + ], 'conditions': [ ['fuzz_oss==0', { 'sources': [ diff --git a/security/nss/fuzz/tls_client_target.cc b/security/nss/fuzz/tls_client_target.cc index e59550984..a5b2a2c5f 100644 --- a/security/nss/fuzz/tls_client_target.cc +++ b/security/nss/fuzz/tls_client_target.cc @@ -87,15 +87,12 @@ static void SetupCallbacks(PRFileDesc* fd, ClientConfig* config) { } extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t len) { - static std::unique_ptr<NSSDatabase> db(new NSSDatabase()); + std::unique_ptr<NSSDatabase> db(new NSSDatabase()); assert(db != nullptr); EnableAllProtocolVersions(); std::unique_ptr<ClientConfig> config(new ClientConfig(data, len)); - // Clear the cache. We never want to resume as we couldn't reproduce that. - SSL_ClearSessionCache(); - // Reset the RNG state. assert(RNG_RandomUpdate(NULL, 0) == SECSuccess); @@ -114,6 +111,9 @@ extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t len) { SetupCallbacks(ssl_fd, config.get()); DoHandshake(ssl_fd, false); + // Release all SIDs. + SSL_ClearSessionCache(); + return 0; } diff --git a/security/nss/gtests/freebl_gtest/blake2b_unittest.cc b/security/nss/gtests/freebl_gtest/blake2b_unittest.cc index e6b0c1157..ac9cca83f 100644 --- a/security/nss/gtests/freebl_gtest/blake2b_unittest.cc +++ b/security/nss/gtests/freebl_gtest/blake2b_unittest.cc @@ -50,7 +50,7 @@ TEST_P(Blake2BKATUnkeyed, Unkeyed) { TEST_P(Blake2BKATKeyed, Keyed) { std::vector<uint8_t> values(BLAKE2B512_LENGTH); SECStatus rv = BLAKE2B_MAC_HashBuf(values.data(), kat_data.data(), - std::get<0>(GetParam()), key.data(), + std::get<0>(GetParam()), kat_key.data(), BLAKE2B_KEY_SIZE); ASSERT_EQ(SECSuccess, rv); EXPECT_EQ(values, std::get<1>(GetParam())); @@ -139,7 +139,7 @@ TEST_F(Blake2BTests, NullTest) { EXPECT_EQ(std::get<1>(TestcasesUnkeyed[0]), digest); digest = std::vector<uint8_t>(BLAKE2B512_LENGTH); - rv = BLAKE2B_MAC_HashBuf(digest.data(), nullptr, 0, key.data(), + rv = BLAKE2B_MAC_HashBuf(digest.data(), nullptr, 0, kat_key.data(), BLAKE2B_KEY_SIZE); ASSERT_EQ(SECSuccess, rv); EXPECT_EQ(std::get<1>(TestcasesKeyed[0]), digest); diff --git a/security/nss/gtests/freebl_gtest/kat/blake2b_kat.h b/security/nss/gtests/freebl_gtest/kat/blake2b_kat.h index 28921cc94..2d73a4ab5 100644 --- a/security/nss/gtests/freebl_gtest/kat/blake2b_kat.h +++ b/security/nss/gtests/freebl_gtest/kat/blake2b_kat.h @@ -7,7 +7,7 @@ #include <vector> #include <stdint.h> -const std::vector<uint8_t> key = { +const std::vector<uint8_t> kat_key = { 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47, diff --git a/security/nss/gtests/nss_bogo_shim/config.cc b/security/nss/gtests/nss_bogo_shim/config.cc index 2e6f7f775..603bb6029 100644 --- a/security/nss/gtests/nss_bogo_shim/config.cc +++ b/security/nss/gtests/nss_bogo_shim/config.cc @@ -9,26 +9,37 @@ #include <queue> #include <string> -bool ConfigEntryBase::ParseInternal(std::queue<const char *> *args, - std::string *out) { - if (args->empty()) return false; - *out = args->front(); - args->pop(); +bool ConfigEntryBase::ParseInternal(std::queue<const char *> &args, + std::vector<int> &out) { + if (args.empty()) return false; + + char *endptr; + out.push_back(strtol(args.front(), &endptr, 10)); + args.pop(); + + return !*endptr; +} + +bool ConfigEntryBase::ParseInternal(std::queue<const char *> &args, + std::string &out) { + if (args.empty()) return false; + out = args.front(); + args.pop(); return true; } -bool ConfigEntryBase::ParseInternal(std::queue<const char *> *args, int *out) { - if (args->empty()) return false; +bool ConfigEntryBase::ParseInternal(std::queue<const char *> &args, int &out) { + if (args.empty()) return false; char *endptr; - *out = strtol(args->front(), &endptr, 10); - args->pop(); + out = strtol(args.front(), &endptr, 10); + args.pop(); return !*endptr; } -bool ConfigEntryBase::ParseInternal(std::queue<const char *> *args, bool *out) { - *out = true; +bool ConfigEntryBase::ParseInternal(std::queue<const char *> &args, bool &out) { + out = true; return true; } @@ -51,7 +62,7 @@ Config::Status Config::ParseArgs(int argc, char **argv) { if (e == entries_.end()) { return kUnknownFlag; } - if (!e->second->Parse(&args)) return kMalformedArgument; + if (!e->second->Parse(args)) return kMalformedArgument; } return kOK; diff --git a/security/nss/gtests/nss_bogo_shim/config.h b/security/nss/gtests/nss_bogo_shim/config.h index 822df65b3..0e7fb5ed5 100644 --- a/security/nss/gtests/nss_bogo_shim/config.h +++ b/security/nss/gtests/nss_bogo_shim/config.h @@ -23,18 +23,19 @@ // Abstract base class for a given config flag. class ConfigEntryBase { public: - ConfigEntryBase(const std::string& name, const std::string& type) - : name_(name), type_(type) {} + ConfigEntryBase(const std::string& nm, const std::string& typ) + : name_(nm), type_(typ) {} virtual ~ConfigEntryBase() {} const std::string& type() const { return type_; } - virtual bool Parse(std::queue<const char*>* args) = 0; + virtual bool Parse(std::queue<const char*>& args) = 0; protected: - bool ParseInternal(std::queue<const char*>* args, std::string* out); - bool ParseInternal(std::queue<const char*>* args, int* out); - bool ParseInternal(std::queue<const char*>* args, bool* out); + bool ParseInternal(std::queue<const char*>& args, std::vector<int>& out); + bool ParseInternal(std::queue<const char*>& args, std::string& out); + bool ParseInternal(std::queue<const char*>& args, int& out); + bool ParseInternal(std::queue<const char*>& args, bool& out); const std::string name_; const std::string type_; @@ -48,8 +49,8 @@ class ConfigEntry : public ConfigEntryBase { : ConfigEntryBase(name, typeid(T).name()), value_(init) {} T get() const { return value_; } - bool Parse(std::queue<const char*>* args) { - return ParseInternal(args, &value_); + bool Parse(std::queue<const char*>& args) { + return ParseInternal(args, value_); } private: diff --git a/security/nss/gtests/nss_bogo_shim/config.json b/security/nss/gtests/nss_bogo_shim/config.json index 03f875466..6dc155bef 100644 --- a/security/nss/gtests/nss_bogo_shim/config.json +++ b/security/nss/gtests/nss_bogo_shim/config.json @@ -1,69 +1,16 @@ { "DisabledTests": { "### These tests break whenever we rev versions, so just leave them here for easy uncommenting":"", - "SendWarningAlerts-Pass":"BoringSSL updated", - "SendBogusAlertType":"BoringSSL updated", - "SendEmptyRecords-Pass":"BoringSSL updated", - "ExtraCompressionMethods-TLS12":"BoringSSL updated", - "SendSNIWarningAlert":"BoringSSL updated", - "NoNullCompression-TLS12":"BoringSSL updated", - "InvalidCompressionMethod":"BoringSSL updated", - "SupportTicketsWithSessionID":"BoringSSL updated", - "NoSharedCipher":"BoringSSL updated", - "ServerHelloBogusCipher":"BoringSSL updated", - "ClientHelloVersionTooHigh":"BoringSSL updated", - "ServerAuth-SignatureType":"BoringSSL updated", - "ECDSACurveMismatch-Verify-TLS12":"BoringSSL updated", - "UnknownExtension-Client":"BoringSSL updated", - "UnofferedExtension-Client":"BoringSSL updated", - "SendClientVersion-RSA":"BoringSSL updated", - "SupportedCurves-ServerHello-TLS12":"BoringSSL updated", - "Basic-Client*Sync":"BoringSSL updated", - "Resume-Client-CipherMismatch":"BoringSSL updated", - "ClientAuth-SignatureType":"BoringSSL updated", - "Agree-Digest-Default":"BoringSSL updated", - "Basic-Server*Sync":"BoringSSL updated", - "ClientAuth-*-Sync":"BoringSSL updated", - "RSA-PSS-Default*":"BoringSSL updated", - "Renegotiate-Server-NoExt*":"BoringSSL updated", - "Downgrade-TLS12*":"BoringSSL updated", - "MaxCBCPadding":"BoringSSL updated", - "UnknownCipher":"BoringSSL updated", - "LargeMessage":"BoringSSL updated", - "NoCommonCurves":"BoringSSL updated", - "UnknownCurve":"BoringSSL updated", - "SessionTicketsDisabled*":"BoringSSL updated", - "BadFinished-*":"BoringSSL updated", - "ServerSkipCertificateVerify":"BoringSSL updated", - "*VersionTolerance":"BoringSSL updated", - "ConflictingVersionNegotiation*":"BoringSSL updated", - "Ed25519DefaultDisable*":"BoringSSL updated", - "*SHA1-Fallback*":"BoringSSL updated", - "ExtendedMasterSecret-NoToNo*":"BoringSSL updated", - "ServerNameExtensionClientMissing*":"BoringSSL updated", - "NoClientCertificate*":"BoringSSL updated", - "ServerCipherFilter*":"BoringSSL updated", - "*FallbackSCSV*":"BoringSSL updated", - "LooseInitialRecordVersion*":"BoringSSL updated", - "ALPNClient*":"BoringSSL updated", - "MinimumVersion*":"BoringSSL updated", - "VersionNegotiation*":"BoringSSL updated", - "*Client-ClientAuth*":"BoringSSL updated", - "*Server-ClientAuth*":"BoringSSL updated", - "NoExtendedMasterSecret*":"BoringSSL updated", - "PointFormat*":"BoringSSL updated", - "*Sync-SplitHandshakeRecords*":"BoringSSL updated", - "*Sync-PackHandshakeFlight*":"BoringSSL updated", - "TicketSessionIDLength*":"BoringSSL updated", - "*LargeRecord*":"BoringSSL updated", - "WrongMessageType-NewSessionTicket":"BoringSSL updated", - "WrongMessageType*Certificate*":"BoringSSL updated", - "WrongMessageType*Client*":"BoringSSL updated", - "WrongMessageType*Server*":"BoringSSL updated", - "WrongMessageType*DTLS":"BoringSSL updated", - "GarbageCertificate*":"BoringSSL updated", - "EmptyExtensions*":"BoringSSL updated", - "*OmitExtensions*":"BoringSSL updated", + "ServerBogusVersion":"Check that SH.legacy_version=TLS12 when the server picks TLS 1.3 (Bug 1443761)", + "DummyPQPadding-Server*":"Boring is testing a dummy PQ padding extension", + "VerifyPreferences-Enforced":"NSS sends alerts in response to errors in protected handshake messages in the clear", + "Draft-Downgrade-Server":"Boring implements a draft downgrade sentinel used for measurements.", + "FilterExtraAlgorithms":"NSS doesn't allow sending unsupported signature algorithms", + "SendBogusAlertType":"Unexpected TLS alerts should abort connections (Bug 1438263)", + "VerifyPreferences-Ed25519":"Add Ed25519 support (Bug 1325335)", + "Ed25519DefaultDisable*":"Add Ed25519 support (Bug 1325335)", + "ServerCipherFilter*":"Add Ed25519 support (Bug 1325335)", + "GarbageCertificate*":"Send bad_certificate alert when certificate parsing fails (Bug 1441565)", "SupportedVersionSelection-TLS12":"Should maybe reject TLS 1.2 in SH.supported_versions (Bug 1438266)", "*TLS13*":"(NSS=19, BoGo=18)", "*HelloRetryRequest*":"(NSS=19, BoGo=18)", @@ -108,7 +55,6 @@ "WrongMessageType-TLS13-ServerCertificateVerify":"nss updated/broken", "WrongMessageType-TLS13-ServerCertificate":"nss updated/broken", "WrongMessageType-TLS13-ServerFinished":"nss updated/broken", - "EncryptedExtensionsWithKeyShare":"nss updated/broken", "EmptyEncryptedExtensions":"nss updated/broken", "TrailingMessageData-*": "Bug 1304575", "DuplicateKeyShares":"Bug 1304578", diff --git a/security/nss/gtests/nss_bogo_shim/nss_bogo_shim.cc b/security/nss/gtests/nss_bogo_shim/nss_bogo_shim.cc index e12714e8d..72dbd5771 100644 --- a/security/nss/gtests/nss_bogo_shim/nss_bogo_shim.cc +++ b/security/nss/gtests/nss_bogo_shim/nss_bogo_shim.cc @@ -5,6 +5,7 @@ * You can obtain one at http://mozilla.org/MPL/2.0/. */ #include "config.h" +#include <algorithm> #include <cstdlib> #include <iostream> #include <memory> @@ -90,9 +91,14 @@ class TestAgent { PRStatus prv; PRNetAddr addr; - prv = PR_StringToNetAddr("127.0.0.1", &addr); + // Try IPv6 first. + prv = PR_StringToNetAddr("::1", &addr); if (prv != PR_SUCCESS) { - return false; + // If that fails, try IPv4. + prv = PR_StringToNetAddr("127.0.0.1", &addr); + if (prv != PR_SUCCESS) { + return false; + } } addr.inet.port = PR_htons(cfg_.get<int>("port")); @@ -256,7 +262,11 @@ class TestAgent { } bool SetupOptions() { - SECStatus rv = SSL_OptionSet(ssl_fd_, SSL_ENABLE_SESSION_TICKETS, PR_TRUE); + SECStatus rv = + SSL_OptionSet(ssl_fd_, SSL_ENABLE_TLS13_COMPAT_MODE, PR_TRUE); + if (rv != SECSuccess) return false; + + rv = SSL_OptionSet(ssl_fd_, SSL_ENABLE_SESSION_TICKETS, PR_TRUE); if (rv != SECSuccess) return false; SSLVersionRange vrange; @@ -287,6 +297,26 @@ class TestAgent { if (rv != SECSuccess) return false; } + // Set supported signature schemes. + auto sign_prefs = cfg_.get<std::vector<int>>("signing-prefs"); + auto verify_prefs = cfg_.get<std::vector<int>>("verify-prefs"); + if (sign_prefs.empty()) { + sign_prefs = verify_prefs; + } else if (!verify_prefs.empty()) { + return false; // Both shouldn't be set. + } + if (!sign_prefs.empty()) { + std::vector<SSLSignatureScheme> sig_schemes; + std::transform( + sign_prefs.begin(), sign_prefs.end(), std::back_inserter(sig_schemes), + [](int scheme) { return static_cast<SSLSignatureScheme>(scheme); }); + + rv = SSL_SignatureSchemePrefSet( + ssl_fd_, sig_schemes.data(), + static_cast<unsigned int>(sig_schemes.size())); + if (rv != SECSuccess) return false; + } + if (cfg_.get<bool>("fallback-scsv")) { rv = SSL_OptionSet(ssl_fd_, SSL_ENABLE_FALLBACK_SCSV, PR_TRUE); if (rv != SECSuccess) return false; @@ -410,7 +440,7 @@ class TestAgent { size_t left = sizeof(block); while (left) { - int32_t rv = PR_Read(ssl_fd_, block, left); + rv = PR_Read(ssl_fd_, block, left); if (rv < 0) { std::cerr << "Failure reading\n"; return SECFailure; @@ -481,6 +511,24 @@ class TestAgent { } } + auto sig_alg = cfg_.get<int>("expect-peer-signature-algorithm"); + if (sig_alg) { + SSLChannelInfo info; + rv = SSL_GetChannelInfo(ssl_fd_, &info, sizeof(info)); + if (rv != SECSuccess) { + PRErrorCode err = PR_GetError(); + std::cerr << "SSL_GetChannelInfo failed with error=" << FormatError(err) + << std::endl; + return SECFailure; + } + + auto expected = static_cast<SSLSignatureScheme>(sig_alg); + if (info.signatureScheme != expected) { + std::cerr << "Unexpected signature scheme" << std::endl; + return SECFailure; + } + } + return SECSuccess; } @@ -513,6 +561,9 @@ std::unique_ptr<const Config> ReadConfig(int argc, char** argv) { cfg->AddEntry<bool>("verify-peer", false); cfg->AddEntry<std::string>("advertise-alpn", ""); cfg->AddEntry<std::string>("expect-alpn", ""); + cfg->AddEntry<std::vector<int>>("signing-prefs", std::vector<int>()); + cfg->AddEntry<std::vector<int>>("verify-prefs", std::vector<int>()); + cfg->AddEntry<int>("expect-peer-signature-algorithm", 0); auto rv = cfg->ParseArgs(argc, argv); switch (rv) { diff --git a/security/nss/gtests/pk11_gtest/pk11_signature_test.h b/security/nss/gtests/pk11_gtest/pk11_signature_test.h index b14104371..8a12171a0 100644 --- a/security/nss/gtests/pk11_gtest/pk11_signature_test.h +++ b/security/nss/gtests/pk11_gtest/pk11_signature_test.h @@ -25,8 +25,8 @@ struct Pkcs11SignatureTestParams { class Pk11SignatureTest : public ::testing::Test { protected: - Pk11SignatureTest(CK_MECHANISM_TYPE mechanism, SECOidTag hash_oid) - : mechanism_(mechanism), hash_oid_(hash_oid) {} + Pk11SignatureTest(CK_MECHANISM_TYPE mech, SECOidTag hash_oid) + : mechanism_(mech), hash_oid_(hash_oid) {} virtual const SECItem* parameters() const { return nullptr; } CK_MECHANISM_TYPE mechanism() const { return mechanism_; } diff --git a/security/nss/gtests/ssl_gtest/libssl_internals.c b/security/nss/gtests/ssl_gtest/libssl_internals.c index 17b4ffe49..e43113de4 100644 --- a/security/nss/gtests/ssl_gtest/libssl_internals.c +++ b/security/nss/gtests/ssl_gtest/libssl_internals.c @@ -237,22 +237,23 @@ SECStatus SSLInt_AdvanceReadSeqNum(PRFileDesc *fd, PRUint64 to) { if (!ss) { return SECFailure; } - if (to >= RECORD_SEQ_MAX) { + if (to > RECORD_SEQ_MAX) { PORT_SetError(SEC_ERROR_INVALID_ARGS); return SECFailure; } ssl_GetSpecWriteLock(ss); spec = ss->ssl3.crSpec; - spec->seqNum = to; + spec->nextSeqNum = to; /* For DTLS, we need to fix the record sequence number. For this, we can just * scrub the entire structure on the assumption that the new sequence number * is far enough past the last received sequence number. */ - if (spec->seqNum <= spec->recvdRecords.right + DTLS_RECVD_RECORDS_WINDOW) { + if (spec->nextSeqNum <= + spec->recvdRecords.right + DTLS_RECVD_RECORDS_WINDOW) { PORT_SetError(SEC_ERROR_INVALID_ARGS); return SECFailure; } - dtls_RecordSetRecvd(&spec->recvdRecords, spec->seqNum); + dtls_RecordSetRecvd(&spec->recvdRecords, spec->nextSeqNum - 1); ssl_ReleaseSpecWriteLock(ss); return SECSuccess; @@ -270,7 +271,7 @@ SECStatus SSLInt_AdvanceWriteSeqNum(PRFileDesc *fd, PRUint64 to) { return SECFailure; } ssl_GetSpecWriteLock(ss); - ss->ssl3.cwSpec->seqNum = to; + ss->ssl3.cwSpec->nextSeqNum = to; ssl_ReleaseSpecWriteLock(ss); return SECSuccess; } @@ -284,7 +285,7 @@ SECStatus SSLInt_AdvanceWriteSeqByAWindow(PRFileDesc *fd, PRInt32 extra) { return SECFailure; } ssl_GetSpecReadLock(ss); - to = ss->ssl3.cwSpec->seqNum + DTLS_RECVD_RECORDS_WINDOW + extra; + to = ss->ssl3.cwSpec->nextSeqNum + DTLS_RECVD_RECORDS_WINDOW + extra; ssl_ReleaseSpecReadLock(ss); return SSLInt_AdvanceWriteSeqNum(fd, to); } diff --git a/security/nss/gtests/ssl_gtest/manifest.mn b/security/nss/gtests/ssl_gtest/manifest.mn index 5d893bab3..8547e56d1 100644 --- a/security/nss/gtests/ssl_gtest/manifest.mn +++ b/security/nss/gtests/ssl_gtest/manifest.mn @@ -36,6 +36,7 @@ CPPSRCS = \ ssl_loopback_unittest.cc \ ssl_misc_unittest.cc \ ssl_record_unittest.cc \ + ssl_recordsize_unittest.cc \ ssl_resumption_unittest.cc \ ssl_renegotiation_unittest.cc \ ssl_skip_unittest.cc \ diff --git a/security/nss/gtests/ssl_gtest/rsa8193.h b/security/nss/gtests/ssl_gtest/rsa8193.h new file mode 100644 index 000000000..626516389 --- /dev/null +++ b/security/nss/gtests/ssl_gtest/rsa8193.h @@ -0,0 +1,209 @@ +/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */ +/* vim: set ts=2 et sw=2 tw=80: */ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this file, + * You can obtain one at http://mozilla.org/MPL/2.0/. */ + +// openssl req -nodes -x509 -newkey rsa:8193 -out cert.pem -days 365 +static const uint8_t rsa8193[] = { + 0x30, 0x82, 0x09, 0x61, 0x30, 0x82, 0x05, 0x48, 0xa0, 0x03, 0x02, 0x01, + 0x02, 0x02, 0x09, 0x00, 0xaf, 0xff, 0x37, 0x91, 0x3e, 0x44, 0xae, 0x57, + 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, + 0x0b, 0x05, 0x00, 0x30, 0x45, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, 0x55, + 0x04, 0x06, 0x13, 0x02, 0x41, 0x55, 0x31, 0x13, 0x30, 0x11, 0x06, 0x03, + 0x55, 0x04, 0x08, 0x0c, 0x0a, 0x53, 0x6f, 0x6d, 0x65, 0x2d, 0x53, 0x74, + 0x61, 0x74, 0x65, 0x31, 0x21, 0x30, 0x1f, 0x06, 0x03, 0x55, 0x04, 0x0a, + 0x0c, 0x18, 0x49, 0x6e, 0x74, 0x65, 0x72, 0x6e, 0x65, 0x74, 0x20, 0x57, + 0x69, 0x64, 0x67, 0x69, 0x74, 0x73, 0x20, 0x50, 0x74, 0x79, 0x20, 0x4c, + 0x74, 0x64, 0x30, 0x1e, 0x17, 0x0d, 0x31, 0x38, 0x30, 0x35, 0x31, 0x37, + 0x30, 0x39, 0x34, 0x32, 0x32, 0x39, 0x5a, 0x17, 0x0d, 0x31, 0x39, 0x30, + 0x35, 0x31, 0x37, 0x30, 0x39, 0x34, 0x32, 0x32, 0x39, 0x5a, 0x30, 0x45, + 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x41, + 0x55, 0x31, 0x13, 0x30, 0x11, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0c, 0x0a, + 0x53, 0x6f, 0x6d, 0x65, 0x2d, 0x53, 0x74, 0x61, 0x74, 0x65, 0x31, 0x21, + 0x30, 0x1f, 0x06, 0x03, 0x55, 0x04, 0x0a, 0x0c, 0x18, 0x49, 0x6e, 0x74, + 0x65, 0x72, 0x6e, 0x65, 0x74, 0x20, 0x57, 0x69, 0x64, 0x67, 0x69, 0x74, + 0x73, 0x20, 0x50, 0x74, 0x79, 0x20, 0x4c, 0x74, 0x64, 0x30, 0x82, 0x04, + 0x22, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, + 0x01, 0x01, 0x05, 0x00, 0x03, 0x82, 0x04, 0x0f, 0x00, 0x30, 0x82, 0x04, + 0x0a, 0x02, 0x82, 0x04, 0x01, 0x01, 0x77, 0xd6, 0xa9, 0x93, 0x4e, 0x15, + 0xb5, 0x67, 0x70, 0x8e, 0xc3, 0x77, 0x4f, 0xc9, 0x8a, 0x06, 0xd9, 0xb9, + 0xa6, 0x41, 0xb8, 0xfa, 0x4a, 0x13, 0x26, 0xdc, 0x2b, 0xc5, 0x82, 0xa0, + 0x74, 0x8c, 0x1e, 0xe9, 0xc0, 0x70, 0x15, 0x56, 0xec, 0x1f, 0x7e, 0x91, + 0x6e, 0x31, 0x42, 0x8b, 0xd5, 0xe2, 0x0e, 0x9c, 0xeb, 0xff, 0xbc, 0xf9, + 0x42, 0xd3, 0xb9, 0x1c, 0x5e, 0x46, 0x80, 0x90, 0x5f, 0xe1, 0x59, 0x22, + 0x13, 0x71, 0xd3, 0xd6, 0x66, 0x7a, 0xe0, 0x56, 0x04, 0x10, 0x59, 0x01, + 0xb3, 0xb6, 0xd2, 0xc7, 0xa7, 0x3b, 0xbc, 0xe6, 0x38, 0x44, 0xd5, 0x71, + 0x66, 0x1d, 0xb2, 0x63, 0x2f, 0xa9, 0x5e, 0x80, 0x92, 0x3c, 0x21, 0x0e, + 0xe1, 0xda, 0xd6, 0x1d, 0xcb, 0xce, 0xac, 0xe1, 0x5f, 0x97, 0x45, 0x8f, + 0xc1, 0x64, 0x16, 0xa6, 0x88, 0x2a, 0x36, 0x4a, 0x76, 0x64, 0x8f, 0x83, + 0x7a, 0x1d, 0xd8, 0x91, 0x90, 0x7b, 0x58, 0xb8, 0x1c, 0x7f, 0x56, 0x57, + 0x35, 0xfb, 0xf3, 0x1a, 0xcb, 0x7c, 0x66, 0x66, 0x04, 0x95, 0xee, 0x3a, + 0x80, 0xf0, 0xd4, 0x12, 0x3a, 0x7e, 0x7e, 0x5e, 0xb8, 0x55, 0x29, 0x23, + 0x06, 0xd3, 0x85, 0x0c, 0x99, 0x91, 0x42, 0xee, 0x5a, 0x30, 0x7f, 0x52, + 0x20, 0xb3, 0xe2, 0xe7, 0x39, 0x69, 0xb6, 0xfc, 0x42, 0x1e, 0x98, 0xd3, + 0x31, 0xa2, 0xfa, 0x81, 0x52, 0x69, 0x6d, 0x23, 0xf8, 0xc4, 0xc3, 0x3c, + 0x9b, 0x48, 0x75, 0xa8, 0xc7, 0xe7, 0x61, 0x81, 0x1f, 0xf7, 0xce, 0x10, + 0xaa, 0x13, 0xcb, 0x6e, 0x19, 0xc0, 0x4f, 0x6f, 0x90, 0xa8, 0x41, 0xea, + 0x49, 0xdf, 0xe4, 0xef, 0x84, 0x54, 0xb5, 0x37, 0xaf, 0x12, 0x75, 0x1a, + 0x11, 0x4b, 0x58, 0x7f, 0x63, 0x22, 0x33, 0xb1, 0xc8, 0x4d, 0xf2, 0x41, + 0x10, 0xbc, 0x37, 0xb5, 0xd5, 0xb2, 0x21, 0x32, 0x35, 0x9d, 0xf3, 0x8d, + 0xab, 0x66, 0x9d, 0x19, 0x12, 0x71, 0x45, 0xb3, 0x82, 0x5a, 0x5c, 0xff, + 0x2d, 0xcf, 0xf4, 0x5b, 0x56, 0xb8, 0x08, 0xb3, 0xd2, 0x43, 0x8c, 0xac, + 0xd2, 0xf8, 0xcc, 0x6d, 0x90, 0x97, 0xff, 0x12, 0x74, 0x97, 0xf8, 0xa4, + 0xe3, 0x95, 0xae, 0x92, 0xdc, 0x7e, 0x9d, 0x2b, 0xb4, 0x94, 0xc3, 0x8d, + 0x80, 0xe7, 0x77, 0x5c, 0x5b, 0xbb, 0x43, 0xdc, 0xa6, 0xe9, 0xbe, 0x20, + 0xcc, 0x9d, 0x8e, 0xa4, 0x2b, 0xf2, 0x72, 0xdc, 0x44, 0x61, 0x0f, 0xad, + 0x1a, 0x5e, 0xa5, 0x48, 0xe4, 0x42, 0xc5, 0xe4, 0xf1, 0x6d, 0x33, 0xdb, + 0xb2, 0x1b, 0x9f, 0xb2, 0xff, 0x18, 0x0e, 0x62, 0x35, 0x99, 0xed, 0x22, + 0x19, 0x4a, 0x5e, 0xb3, 0x3c, 0x07, 0x8f, 0x6e, 0x22, 0x5b, 0x16, 0x4a, + 0x9f, 0xef, 0xf3, 0xe7, 0xd6, 0x48, 0xe1, 0xb4, 0x3b, 0xab, 0x1b, 0x9e, + 0x53, 0xd7, 0x1b, 0xd9, 0x2d, 0x51, 0x8f, 0xe4, 0x1c, 0xab, 0xdd, 0xb9, + 0xe2, 0xee, 0xe4, 0xdd, 0x60, 0x04, 0x86, 0x6b, 0x4e, 0x7a, 0xc8, 0x09, + 0x51, 0xd1, 0x9b, 0x36, 0x9a, 0x36, 0x7f, 0xe8, 0x6b, 0x09, 0x6c, 0xee, + 0xad, 0x3a, 0x2f, 0xa8, 0x63, 0x92, 0x23, 0x2f, 0x7e, 0x00, 0xe2, 0xd1, + 0xbb, 0xd9, 0x5b, 0x5b, 0xfa, 0x4b, 0x83, 0x00, 0x19, 0x28, 0xfb, 0x7e, + 0xfe, 0x58, 0xab, 0xb7, 0x33, 0x45, 0x8f, 0x75, 0x9a, 0x54, 0x3d, 0x77, + 0x06, 0x75, 0x61, 0x4f, 0x5c, 0x93, 0xa0, 0xf9, 0xe8, 0xcf, 0xf6, 0x04, + 0x14, 0xda, 0x1b, 0x2e, 0x79, 0x35, 0xb8, 0xb4, 0xfa, 0x08, 0x27, 0x9a, + 0x03, 0x70, 0x78, 0x97, 0x8f, 0xae, 0x2e, 0xd5, 0x1c, 0xe0, 0x4d, 0x91, + 0x3a, 0xfe, 0x1a, 0x64, 0xd8, 0x49, 0xdf, 0x6c, 0x66, 0xac, 0xc9, 0x57, + 0x06, 0x72, 0xc0, 0xc0, 0x09, 0x71, 0x6a, 0xd0, 0xb0, 0x7d, 0x35, 0x3f, + 0x53, 0x17, 0x49, 0x38, 0x92, 0x22, 0x55, 0xf6, 0x58, 0x56, 0xa2, 0x42, + 0x77, 0x94, 0xb7, 0x28, 0x0a, 0xa0, 0xd2, 0xda, 0x25, 0xc1, 0xcc, 0x52, + 0x51, 0xd6, 0xba, 0x18, 0x0f, 0x0d, 0xe3, 0x7d, 0xd1, 0xda, 0xd9, 0x0c, + 0x5e, 0x3a, 0xca, 0xe9, 0xf1, 0xf5, 0x65, 0xfc, 0xc3, 0x99, 0x72, 0x25, + 0xf2, 0xc0, 0xa1, 0x8c, 0x43, 0x9d, 0xb2, 0xc9, 0xb1, 0x1a, 0x24, 0x34, + 0x57, 0xd8, 0xa7, 0x52, 0xa3, 0x39, 0x6e, 0x0b, 0xec, 0xbd, 0x5e, 0xc9, + 0x1f, 0x74, 0xed, 0xae, 0xe6, 0x4e, 0x49, 0xe8, 0x87, 0x3e, 0x46, 0x0d, + 0x40, 0x30, 0xda, 0x9d, 0xcf, 0xf5, 0x03, 0x1f, 0x38, 0x29, 0x3b, 0x66, + 0xe5, 0xc0, 0x89, 0x4c, 0xfc, 0x09, 0x62, 0x37, 0x01, 0xf9, 0x01, 0xab, + 0x8d, 0x53, 0x9c, 0x36, 0x5d, 0x36, 0x66, 0x8d, 0x87, 0xf4, 0xab, 0x37, + 0xb7, 0xf7, 0xe3, 0xdf, 0xc1, 0x52, 0xc0, 0x1d, 0x09, 0x92, 0x21, 0x47, + 0x49, 0x9a, 0x19, 0x38, 0x05, 0x62, 0xf3, 0x47, 0x80, 0x89, 0x1e, 0x70, + 0xa1, 0x57, 0xb7, 0x72, 0xd0, 0x41, 0x7a, 0x5c, 0x6a, 0x13, 0x8b, 0x6c, + 0xda, 0xdf, 0x6b, 0x01, 0x15, 0x20, 0xfa, 0xc8, 0x67, 0xee, 0xb2, 0x13, + 0xd8, 0x5f, 0x84, 0x30, 0x44, 0x8e, 0xf9, 0x2a, 0xae, 0x17, 0x53, 0x49, + 0xaa, 0x34, 0x31, 0x12, 0x31, 0xec, 0xf3, 0x25, 0x27, 0x53, 0x6b, 0xb5, + 0x63, 0xa6, 0xbc, 0xf1, 0x77, 0xd4, 0xb4, 0x77, 0xd1, 0xee, 0xad, 0x62, + 0x9d, 0x2c, 0x2e, 0x11, 0x0a, 0xd1, 0x87, 0xfe, 0xef, 0x77, 0x0e, 0xd1, + 0x38, 0xfe, 0xcc, 0x88, 0xaa, 0x1c, 0x06, 0x93, 0x25, 0x56, 0xfe, 0x0c, + 0x52, 0xe9, 0x7f, 0x4c, 0x3b, 0x2a, 0xfb, 0x40, 0x62, 0x29, 0x0a, 0x1d, + 0x58, 0x78, 0x8b, 0x09, 0x25, 0xaa, 0xc6, 0x8f, 0x66, 0x8f, 0xd1, 0x93, + 0x5a, 0xd6, 0x68, 0x35, 0x69, 0x13, 0x5d, 0x42, 0x35, 0x95, 0xcb, 0xc4, + 0xec, 0x17, 0x92, 0x96, 0xcb, 0x4a, 0xb9, 0x8f, 0xe5, 0xc4, 0x4a, 0xe7, + 0x54, 0x52, 0x4c, 0x64, 0x06, 0xac, 0x2f, 0x13, 0x32, 0x02, 0x47, 0x13, + 0x5c, 0xa2, 0x66, 0xdc, 0x36, 0x0c, 0x4f, 0xbb, 0x89, 0x58, 0x85, 0x16, + 0xf1, 0xf1, 0xff, 0xd2, 0x86, 0x54, 0x29, 0xb3, 0x7e, 0x2a, 0xbd, 0xf9, + 0x53, 0x8c, 0xa0, 0x60, 0x60, 0xb2, 0x90, 0x7f, 0x3a, 0x11, 0x5f, 0x2a, + 0x50, 0x74, 0x2a, 0xd1, 0x68, 0x78, 0xdb, 0x31, 0x1b, 0x8b, 0xee, 0xee, + 0x18, 0x97, 0xf3, 0x50, 0x84, 0xc1, 0x8f, 0xe1, 0xc6, 0x01, 0xb4, 0x16, + 0x65, 0x25, 0x0c, 0x03, 0xab, 0xed, 0x4f, 0xd6, 0xe6, 0x16, 0x23, 0xcc, + 0x42, 0x93, 0xff, 0xfa, 0x92, 0x63, 0x33, 0x9e, 0x36, 0xb0, 0xdc, 0x9a, + 0xb6, 0xaa, 0xd7, 0x48, 0xfe, 0x27, 0x01, 0xcf, 0x67, 0xc0, 0x75, 0xa0, + 0x86, 0x9a, 0xec, 0xa7, 0x2e, 0xb8, 0x7b, 0x00, 0x7f, 0xd4, 0xe3, 0xb3, + 0xfc, 0x48, 0xab, 0x50, 0x20, 0xd4, 0x0d, 0x58, 0x26, 0xc0, 0x3c, 0x09, + 0x0b, 0x80, 0x9e, 0xaf, 0x14, 0x3c, 0x0c, 0x6e, 0x69, 0xbc, 0x6c, 0x4e, + 0x50, 0x33, 0xb0, 0x07, 0x64, 0x6e, 0x77, 0x96, 0xc2, 0xe6, 0x3b, 0xd7, + 0xfe, 0xdc, 0xa4, 0x2f, 0x18, 0x5b, 0x53, 0xe5, 0xdd, 0xb6, 0xce, 0xeb, + 0x16, 0xb4, 0x25, 0xc6, 0xcb, 0xf2, 0x65, 0x3c, 0x4f, 0x94, 0xa5, 0x11, + 0x18, 0xeb, 0x7b, 0x62, 0x1d, 0xd5, 0x02, 0x35, 0x76, 0xf6, 0xb5, 0x20, + 0x27, 0x21, 0x9b, 0xab, 0xf4, 0xb6, 0x8f, 0x1a, 0x70, 0x1d, 0x12, 0xe3, + 0xb9, 0x8e, 0x29, 0x52, 0x25, 0xf4, 0xba, 0xb4, 0x25, 0x2c, 0x91, 0x11, + 0xf2, 0xae, 0x7b, 0xbe, 0xb6, 0x67, 0xd6, 0x08, 0xf8, 0x6f, 0xe7, 0xb0, + 0x16, 0xc5, 0xf6, 0xd5, 0xfb, 0x07, 0x71, 0x5b, 0x0e, 0xe1, 0x02, 0x03, + 0x01, 0x00, 0x01, 0xa3, 0x53, 0x30, 0x51, 0x30, 0x1d, 0x06, 0x03, 0x55, + 0x1d, 0x0e, 0x04, 0x16, 0x04, 0x14, 0xaa, 0xe7, 0x7f, 0xcf, 0xf8, 0xb4, + 0xe0, 0x8d, 0x39, 0x9a, 0x1d, 0x4f, 0x86, 0xa2, 0xac, 0x56, 0x32, 0xd9, + 0x58, 0xe3, 0x30, 0x1f, 0x06, 0x03, 0x55, 0x1d, 0x23, 0x04, 0x18, 0x30, + 0x16, 0x80, 0x14, 0xaa, 0xe7, 0x7f, 0xcf, 0xf8, 0xb4, 0xe0, 0x8d, 0x39, + 0x9a, 0x1d, 0x4f, 0x86, 0xa2, 0xac, 0x56, 0x32, 0xd9, 0x58, 0xe3, 0x30, + 0x0f, 0x06, 0x03, 0x55, 0x1d, 0x13, 0x01, 0x01, 0xff, 0x04, 0x05, 0x30, + 0x03, 0x01, 0x01, 0xff, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, + 0xf7, 0x0d, 0x01, 0x01, 0x0b, 0x05, 0x00, 0x03, 0x82, 0x04, 0x02, 0x00, + 0x00, 0x0a, 0x0a, 0x81, 0xb5, 0x2e, 0xac, 0x52, 0xab, 0x0f, 0xeb, 0xad, + 0x96, 0xd6, 0xd6, 0x59, 0x8f, 0x55, 0x15, 0x56, 0x70, 0xda, 0xd5, 0x75, + 0x47, 0x12, 0x9a, 0x0e, 0xd1, 0x65, 0x68, 0xe0, 0x51, 0x89, 0x59, 0xcc, + 0xe3, 0x5a, 0x1b, 0x85, 0x14, 0xa3, 0x1d, 0x9b, 0x3f, 0xd1, 0xa4, 0x42, + 0xb0, 0x89, 0x12, 0x93, 0xd3, 0x54, 0x19, 0x04, 0xa2, 0xaf, 0xaa, 0x60, + 0xca, 0x03, 0xc2, 0xae, 0x62, 0x8c, 0xb6, 0x31, 0x03, 0xd6, 0xa5, 0xf3, + 0x5e, 0x8d, 0x5c, 0x69, 0x4c, 0x7d, 0x81, 0x49, 0x20, 0x25, 0x41, 0xa4, + 0x2a, 0x95, 0x87, 0x36, 0xa3, 0x9b, 0x9e, 0x9f, 0xed, 0x85, 0xf3, 0xb1, + 0xf1, 0xe9, 0x1b, 0xbb, 0xe3, 0xbc, 0x3b, 0x11, 0x36, 0xca, 0xb9, 0x5f, + 0xee, 0x64, 0xde, 0x2a, 0x99, 0x27, 0x91, 0xc0, 0x54, 0x9e, 0x7a, 0xd4, + 0x89, 0x8c, 0xa0, 0xe3, 0xfd, 0x44, 0x6f, 0x02, 0x38, 0x3c, 0xee, 0x52, + 0x48, 0x1b, 0xd4, 0x25, 0x2b, 0xcb, 0x8e, 0xa8, 0x1b, 0x09, 0xd6, 0x30, + 0x51, 0x15, 0x6c, 0x5c, 0x03, 0x76, 0xad, 0x64, 0x45, 0x50, 0xa2, 0xe1, + 0x3c, 0x5a, 0x67, 0x87, 0xff, 0x8c, 0xed, 0x9a, 0x8d, 0x04, 0xc1, 0xac, + 0xf9, 0xca, 0xf5, 0x2a, 0x05, 0x9c, 0xdd, 0x78, 0xce, 0x99, 0x78, 0x7b, + 0xcd, 0x43, 0x10, 0x40, 0xf7, 0xb5, 0x27, 0x12, 0xec, 0xe9, 0xb2, 0x3f, + 0xf4, 0x5d, 0xd9, 0xbb, 0xf8, 0xc4, 0xc9, 0xa4, 0x46, 0x20, 0x41, 0x7f, + 0xeb, 0x79, 0xb0, 0x51, 0x8c, 0xf7, 0xc3, 0x2c, 0x16, 0xfe, 0x42, 0x59, + 0x77, 0xfe, 0x53, 0xfe, 0x19, 0x57, 0x58, 0x44, 0x6d, 0x12, 0xe2, 0x95, + 0xd0, 0xd3, 0x5a, 0xb5, 0x2d, 0xe5, 0x7e, 0xb4, 0xb3, 0xa9, 0xcc, 0x7d, + 0x53, 0x77, 0x81, 0x01, 0x0f, 0x0a, 0xf6, 0x86, 0x3c, 0x7d, 0xb5, 0x2c, + 0xbf, 0x62, 0xc3, 0xf5, 0x38, 0x89, 0x13, 0x84, 0x1f, 0x44, 0x2d, 0x87, + 0x5c, 0x23, 0x9e, 0x05, 0x62, 0x56, 0x3d, 0x71, 0x4d, 0xd0, 0xe3, 0x15, + 0xe9, 0x09, 0x9c, 0x1a, 0xc0, 0x9a, 0x19, 0x8b, 0x9c, 0xe9, 0xae, 0xde, + 0x62, 0x05, 0x23, 0xe2, 0xd0, 0x3f, 0xf5, 0xef, 0x04, 0x96, 0x4c, 0x87, + 0x34, 0x2f, 0xd5, 0x90, 0xde, 0xbf, 0x4b, 0x56, 0x12, 0x5f, 0xc6, 0xdc, + 0xa4, 0x1c, 0xc4, 0x53, 0x0c, 0xf9, 0xb4, 0xe4, 0x2c, 0xe7, 0x48, 0xbd, + 0xb1, 0xac, 0xf1, 0xc1, 0x8d, 0x53, 0x47, 0x84, 0xc0, 0x78, 0x0a, 0x5e, + 0xc2, 0x16, 0xff, 0xef, 0x97, 0x5b, 0x33, 0x85, 0x92, 0xcd, 0xd4, 0xbb, + 0x64, 0xee, 0xed, 0x17, 0x18, 0x43, 0x32, 0x99, 0x32, 0x36, 0x25, 0xf4, + 0x21, 0x3c, 0x2f, 0x55, 0xdc, 0x16, 0x06, 0x4d, 0x86, 0xa3, 0xa9, 0x34, + 0x22, 0xd5, 0xc3, 0xc8, 0x64, 0x3c, 0x4e, 0x3a, 0x69, 0xbd, 0xcf, 0xd7, + 0xee, 0x3f, 0x0d, 0x15, 0xeb, 0xfb, 0xbd, 0x91, 0x7f, 0xef, 0x48, 0xec, + 0x86, 0xb2, 0x78, 0xf7, 0x53, 0x90, 0x38, 0xb5, 0x04, 0x9c, 0xb7, 0xd7, + 0x9e, 0xaa, 0x15, 0xf7, 0xcd, 0xc2, 0x17, 0xd5, 0x8f, 0x82, 0x98, 0xa3, + 0xaf, 0x59, 0xf1, 0x71, 0xda, 0x6e, 0xaf, 0x97, 0x6d, 0x77, 0x72, 0xfd, + 0xa8, 0x80, 0x25, 0xce, 0x46, 0x04, 0x6e, 0x40, 0x15, 0x24, 0xc0, 0xf9, + 0xbf, 0x13, 0x16, 0x72, 0xcb, 0xb7, 0x10, 0xc7, 0x0a, 0xd6, 0x66, 0x96, + 0x5b, 0x27, 0x4d, 0x66, 0xc4, 0x2f, 0x21, 0x90, 0x9f, 0x8c, 0x24, 0xa0, + 0x0e, 0xa2, 0x89, 0x92, 0xd2, 0x44, 0x63, 0x06, 0xb2, 0xab, 0x07, 0x26, + 0xde, 0x03, 0x1d, 0xdb, 0x2a, 0x42, 0x5b, 0x4c, 0xf6, 0xfe, 0x53, 0xfa, + 0x80, 0x45, 0x8d, 0x75, 0xf6, 0x0e, 0x1d, 0xcc, 0x4c, 0x3b, 0xb0, 0x80, + 0x6d, 0x4c, 0xed, 0x7c, 0xe0, 0xd2, 0xe7, 0x62, 0x59, 0xb1, 0x5a, 0x5d, + 0x3a, 0xec, 0x86, 0x04, 0xfe, 0x26, 0xd1, 0x18, 0xed, 0x56, 0x7d, 0x67, + 0x56, 0x24, 0x6d, 0x7c, 0x6e, 0x8f, 0xc8, 0xa0, 0xba, 0x42, 0x0a, 0x33, + 0x38, 0x7a, 0x09, 0x03, 0xc2, 0xbf, 0x9b, 0x01, 0xdd, 0x03, 0x5a, 0xba, + 0x76, 0x04, 0xb1, 0xc3, 0x40, 0x23, 0x53, 0xbd, 0x64, 0x4e, 0x0f, 0xe7, + 0xc3, 0x4e, 0x48, 0xea, 0x19, 0x2b, 0x1c, 0xe4, 0x3d, 0x93, 0xd8, 0xf6, + 0xfb, 0xda, 0x3d, 0xeb, 0xed, 0xc2, 0xbd, 0x14, 0x57, 0x40, 0xde, 0xd1, + 0x74, 0x54, 0x1b, 0xa8, 0x39, 0xda, 0x73, 0x56, 0xd4, 0xbe, 0xab, 0xec, + 0xc7, 0x17, 0x4f, 0x91, 0xb6, 0xf6, 0xcb, 0x24, 0xc6, 0x1c, 0x07, 0xc4, + 0xf3, 0xd0, 0x5e, 0x8d, 0xfa, 0x44, 0x98, 0x5c, 0x87, 0x36, 0x75, 0xb6, + 0xa5, 0x31, 0xaa, 0xab, 0x7d, 0x38, 0x66, 0xb3, 0x18, 0x58, 0x65, 0x97, + 0x06, 0xfd, 0x61, 0x81, 0x71, 0xc5, 0x17, 0x8b, 0x19, 0x03, 0xc8, 0x58, + 0xec, 0x05, 0xca, 0x7b, 0x0f, 0xec, 0x9d, 0xb4, 0xbc, 0xa3, 0x20, 0x2e, + 0xf8, 0xe4, 0xb1, 0x82, 0xdc, 0x5a, 0xd2, 0x92, 0x9c, 0x43, 0x5d, 0x16, + 0x5b, 0x90, 0x80, 0xe4, 0xfb, 0x6e, 0x24, 0x6b, 0x8c, 0x1a, 0x35, 0xab, + 0xbd, 0x77, 0x7f, 0xf9, 0x61, 0x80, 0xa5, 0xab, 0xa3, 0x39, 0xc2, 0xc9, + 0x69, 0x3c, 0xfc, 0xb3, 0x9a, 0x05, 0x45, 0x03, 0x88, 0x8f, 0x8e, 0x23, + 0xf2, 0x0c, 0x4c, 0x54, 0xb9, 0x40, 0x3a, 0x31, 0x1a, 0x22, 0x67, 0x43, + 0x4a, 0x3e, 0xa0, 0x8c, 0x2d, 0x4d, 0x4f, 0xfc, 0xb5, 0x9b, 0x1f, 0xe1, + 0xef, 0x02, 0x54, 0xab, 0x8d, 0x75, 0x4d, 0x93, 0xba, 0x76, 0xe1, 0xbc, + 0x42, 0x7f, 0x6c, 0xcb, 0xf5, 0x47, 0xd6, 0x8a, 0xac, 0x5d, 0xe9, 0xbb, + 0x3a, 0x65, 0x2c, 0x81, 0xe5, 0xff, 0x27, 0x7e, 0x60, 0x64, 0x80, 0x42, + 0x8d, 0x36, 0x6b, 0x07, 0x76, 0x6a, 0xf1, 0xdf, 0x96, 0x17, 0x93, 0x21, + 0x5d, 0xe4, 0x6c, 0xce, 0x1c, 0xb9, 0x82, 0x45, 0x05, 0x61, 0xe2, 0x41, + 0x96, 0x03, 0x7d, 0x10, 0x8b, 0x3e, 0xc7, 0xe5, 0xcf, 0x08, 0xeb, 0x81, + 0xd3, 0x82, 0x1b, 0x04, 0x96, 0x93, 0x5a, 0xe2, 0x8c, 0x8e, 0x50, 0x33, + 0xf6, 0xf9, 0xf0, 0xfb, 0xb1, 0xd7, 0xc6, 0x97, 0xaa, 0xef, 0x0b, 0x87, + 0xe1, 0x34, 0x97, 0x78, 0x2e, 0x7c, 0x46, 0x11, 0xd5, 0x3c, 0xec, 0x38, + 0x70, 0x59, 0x14, 0x65, 0x4d, 0x0e, 0xd1, 0xeb, 0x49, 0xb3, 0x99, 0x6f, + 0x87, 0xf1, 0x79, 0x21, 0xd9, 0x5c, 0x37, 0xb2, 0xfe, 0xc4, 0x7a, 0xc1, + 0x67, 0xbd, 0x02, 0xfc, 0x02, 0xab, 0x2f, 0xf5, 0x0f, 0xa7, 0xae, 0x90, + 0xc2, 0xaf, 0xdb, 0xd1, 0x96, 0xb2, 0x92, 0x5a, 0xfb, 0xca, 0x28, 0x74, + 0x17, 0xed, 0xda, 0x2c, 0x9f, 0xb4, 0x2d, 0xf5, 0x71, 0x20, 0x64, 0x2d, + 0x44, 0xe5, 0xa3, 0xa0, 0x94, 0x6f, 0x20, 0xb3, 0x73, 0x96, 0x40, 0x06, + 0x9b, 0x25, 0x47, 0x4b, 0xe0, 0x63, 0x91, 0xd9, 0xda, 0xf3, 0xc3, 0xe5, + 0x3a, 0x3c, 0xb7, 0x5f, 0xab, 0x1e, 0x51, 0x17, 0x4f, 0xec, 0xc1, 0x6d, + 0x82, 0x79, 0x8e, 0xba, 0x7c, 0x47, 0x8e, 0x99, 0x00, 0x17, 0x9e, 0xda, + 0x10, 0x42, 0x70, 0x25, 0x42, 0x84, 0xc8, 0xb1, 0x95, 0x56, 0xb2, 0x08, + 0xa0, 0x4f, 0xdc, 0xcd, 0x9e, 0x31, 0x4b, 0x0c, 0x0b, 0x03, 0x5d, 0x2c, + 0x26, 0xbc, 0xa9, 0x4b, 0x19, 0xdf, 0x90, 0x01, 0x9a, 0xe0, 0x06, 0x05, + 0x13, 0x34, 0x9d, 0x34, 0xb8, 0xef, 0x13, 0x3a, 0x20, 0xf5, 0x74, 0x02, + 0x70, 0x3b, 0x41, 0x60, 0x1f, 0x5e, 0x76, 0x0a, 0xb1, 0x17, 0xd5, 0xcf, + 0x79, 0xef, 0xf7, 0xab, 0xe7, 0xd6, 0x0f, 0xad, 0x85, 0x2c, 0x52, 0x67, + 0xb5, 0xa0, 0x4a, 0xfd, 0xaf};
\ No newline at end of file diff --git a/security/nss/gtests/ssl_gtest/ssl_0rtt_unittest.cc b/security/nss/gtests/ssl_gtest/ssl_0rtt_unittest.cc index 08781af71..28fdc6631 100644 --- a/security/nss/gtests/ssl_gtest/ssl_0rtt_unittest.cc +++ b/security/nss/gtests/ssl_gtest/ssl_0rtt_unittest.cc @@ -345,8 +345,8 @@ TEST_P(TlsConnectTls13, TestTls13ZeroRttNoAlpnClient) { TEST_P(TlsConnectTls13, TestTls13ZeroRttAlpnChangeBoth) { EnableAlpn(); SetupForZeroRtt(); - static const uint8_t alpn[] = {0x01, 0x62}; // "b" - EnableAlpn(alpn, sizeof(alpn)); + static const std::vector<uint8_t> alpn({0x01, 0x62}); // "b" + EnableAlpn(alpn); client_->Set0RttEnabled(true); server_->Set0RttEnabled(true); ExpectResumption(RESUME_TICKET); diff --git a/security/nss/gtests/ssl_gtest/ssl_agent_unittest.cc b/security/nss/gtests/ssl_gtest/ssl_agent_unittest.cc index f0c57e8b1..6be3b61f8 100644 --- a/security/nss/gtests/ssl_gtest/ssl_agent_unittest.cc +++ b/security/nss/gtests/ssl_gtest/ssl_agent_unittest.cc @@ -8,9 +8,6 @@ #include "sslerr.h" #include "sslproto.h" -// This is an internal header, used to get TLS_1_3_DRAFT_VERSION. -#include "ssl3prot.h" - #include <memory> #include "databuffer.h" @@ -21,7 +18,6 @@ namespace nss_test { -static const uint8_t kD13 = TLS_1_3_DRAFT_VERSION; // This is a 1-RTT ClientHello with ECDHE. const static uint8_t kCannedTls13ClientHello[] = { 0x01, 0x00, 0x00, 0xcf, 0x03, 0x03, 0x6c, 0xb3, 0x46, 0x81, 0xc8, 0x1a, @@ -42,16 +38,7 @@ const static uint8_t kCannedTls13ClientHello[] = { 0x1e, 0x04, 0x03, 0x05, 0x03, 0x06, 0x03, 0x02, 0x03, 0x08, 0x04, 0x08, 0x05, 0x08, 0x06, 0x04, 0x01, 0x05, 0x01, 0x06, 0x01, 0x02, 0x01, 0x04, 0x02, 0x05, 0x02, 0x06, 0x02, 0x02, 0x02}; - -const static uint8_t kCannedTls13ServerHello[] = { - 0x03, 0x03, 0x9c, 0xbc, 0x14, 0x9b, 0x0e, 0x2e, 0xfa, 0x0d, 0xf3, - 0xf0, 0x5c, 0x70, 0x7a, 0xe0, 0xd1, 0x9b, 0x3e, 0x5a, 0x44, 0x6b, - 0xdf, 0xe5, 0xc2, 0x28, 0x64, 0xf7, 0x00, 0xc1, 0x9c, 0x08, 0x76, - 0x08, 0x00, 0x13, 0x01, 0x00, 0x00, 0x2e, 0x00, 0x33, 0x00, 0x24, - 0x00, 0x1d, 0x00, 0x20, 0xc2, 0xcf, 0x23, 0x17, 0x64, 0x23, 0x03, - 0xf0, 0xfb, 0x45, 0x98, 0x26, 0xd1, 0x65, 0x24, 0xa1, 0x6c, 0xa9, - 0x80, 0x8f, 0x2c, 0xac, 0x0a, 0xea, 0x53, 0x3a, 0xcb, 0xe3, 0x08, - 0x84, 0xae, 0x19, 0x00, 0x2b, 0x00, 0x02, 0x7f, kD13}; +static const size_t kFirstFragmentSize = 20; static const char *k0RttData = "ABCDEF"; TEST_P(TlsAgentTest, EarlyFinished) { @@ -74,8 +61,9 @@ TEST_P(TlsAgentTestClient13, CannedHello) { DataBuffer buffer; EnsureInit(); DataBuffer server_hello; - MakeHandshakeMessage(kTlsHandshakeServerHello, kCannedTls13ServerHello, - sizeof(kCannedTls13ServerHello), &server_hello); + auto sh = MakeCannedTls13ServerHello(); + MakeHandshakeMessage(kTlsHandshakeServerHello, sh.data(), sh.len(), + &server_hello); MakeRecord(kTlsHandshakeType, SSL_LIBRARY_VERSION_TLS_1_3, server_hello.data(), server_hello.len(), &buffer); ProcessMessage(buffer, TlsAgent::STATE_CONNECTING); @@ -83,8 +71,9 @@ TEST_P(TlsAgentTestClient13, CannedHello) { TEST_P(TlsAgentTestClient13, EncryptedExtensionsInClear) { DataBuffer server_hello; - MakeHandshakeMessage(kTlsHandshakeServerHello, kCannedTls13ServerHello, - sizeof(kCannedTls13ServerHello), &server_hello); + auto sh = MakeCannedTls13ServerHello(); + MakeHandshakeMessage(kTlsHandshakeServerHello, sh.data(), sh.len(), + &server_hello); DataBuffer encrypted_extensions; MakeHandshakeMessage(kTlsHandshakeEncryptedExtensions, nullptr, 0, &encrypted_extensions, 1); @@ -100,19 +89,21 @@ TEST_P(TlsAgentTestClient13, EncryptedExtensionsInClear) { TEST_F(TlsAgentStreamTestClient, EncryptedExtensionsInClearTwoPieces) { DataBuffer server_hello; - MakeHandshakeMessage(kTlsHandshakeServerHello, kCannedTls13ServerHello, - sizeof(kCannedTls13ServerHello), &server_hello); + auto sh = MakeCannedTls13ServerHello(); + MakeHandshakeMessage(kTlsHandshakeServerHello, sh.data(), sh.len(), + &server_hello); DataBuffer encrypted_extensions; MakeHandshakeMessage(kTlsHandshakeEncryptedExtensions, nullptr, 0, &encrypted_extensions, 1); server_hello.Append(encrypted_extensions); DataBuffer buffer; MakeRecord(kTlsHandshakeType, SSL_LIBRARY_VERSION_TLS_1_3, - server_hello.data(), 20, &buffer); + server_hello.data(), kFirstFragmentSize, &buffer); DataBuffer buffer2; MakeRecord(kTlsHandshakeType, SSL_LIBRARY_VERSION_TLS_1_3, - server_hello.data() + 20, server_hello.len() - 20, &buffer2); + server_hello.data() + kFirstFragmentSize, + server_hello.len() - kFirstFragmentSize, &buffer2); EnsureInit(); agent_->SetVersionRange(SSL_LIBRARY_VERSION_TLS_1_3, @@ -124,15 +115,15 @@ TEST_F(TlsAgentStreamTestClient, EncryptedExtensionsInClearTwoPieces) { } TEST_F(TlsAgentDgramTestClient, EncryptedExtensionsInClearTwoPieces) { + auto sh = MakeCannedTls13ServerHello(); DataBuffer server_hello_frag1; - MakeHandshakeMessageFragment( - kTlsHandshakeServerHello, kCannedTls13ServerHello, - sizeof(kCannedTls13ServerHello), &server_hello_frag1, 0, 0, 20); + MakeHandshakeMessageFragment(kTlsHandshakeServerHello, sh.data(), sh.len(), + &server_hello_frag1, 0, 0, kFirstFragmentSize); DataBuffer server_hello_frag2; - MakeHandshakeMessageFragment( - kTlsHandshakeServerHello, kCannedTls13ServerHello + 20, - sizeof(kCannedTls13ServerHello), &server_hello_frag2, 0, 20, - sizeof(kCannedTls13ServerHello) - 20); + MakeHandshakeMessageFragment(kTlsHandshakeServerHello, + sh.data() + kFirstFragmentSize, sh.len(), + &server_hello_frag2, 0, kFirstFragmentSize, + sh.len() - kFirstFragmentSize); DataBuffer encrypted_extensions; MakeHandshakeMessage(kTlsHandshakeEncryptedExtensions, nullptr, 0, &encrypted_extensions, 1); @@ -154,6 +145,35 @@ TEST_F(TlsAgentDgramTestClient, EncryptedExtensionsInClearTwoPieces) { SSL_ERROR_RX_UNEXPECTED_HANDSHAKE); } +TEST_F(TlsAgentDgramTestClient, AckWithBogusLengthField) { + EnsureInit(); + // Length doesn't match + const uint8_t ackBuf[] = {0x00, 0x08, 0x00}; + DataBuffer record; + MakeRecord(variant_, kTlsAckType, SSL_LIBRARY_VERSION_TLS_1_2, ackBuf, + sizeof(ackBuf), &record, 0); + agent_->SetVersionRange(SSL_LIBRARY_VERSION_TLS_1_3, + SSL_LIBRARY_VERSION_TLS_1_3); + ExpectAlert(kTlsAlertDecodeError); + ProcessMessage(record, TlsAgent::STATE_ERROR, + SSL_ERROR_RX_MALFORMED_DTLS_ACK); +} + +TEST_F(TlsAgentDgramTestClient, AckWithNonEvenLength) { + EnsureInit(); + // Length isn't a multiple of 8 + const uint8_t ackBuf[] = {0x00, 0x01, 0x00}; + DataBuffer record; + MakeRecord(variant_, kTlsAckType, SSL_LIBRARY_VERSION_TLS_1_2, ackBuf, + sizeof(ackBuf), &record, 0); + agent_->SetVersionRange(SSL_LIBRARY_VERSION_TLS_1_3, + SSL_LIBRARY_VERSION_TLS_1_3); + // Because we haven't negotiated the version, + // ssl3_DecodeError() sends an older (pre-TLS error). + ExpectAlert(kTlsAlertIllegalParameter); + ProcessMessage(record, TlsAgent::STATE_ERROR, SSL_ERROR_BAD_SERVER); +} + TEST_F(TlsAgentStreamTestClient, Set0RttOptionThenWrite) { EnsureInit(); agent_->SetVersionRange(SSL_LIBRARY_VERSION_TLS_1_1, diff --git a/security/nss/gtests/ssl_gtest/ssl_auth_unittest.cc b/security/nss/gtests/ssl_gtest/ssl_auth_unittest.cc index 7f2b2840d..e2a30e6bc 100644 --- a/security/nss/gtests/ssl_gtest/ssl_auth_unittest.cc +++ b/security/nss/gtests/ssl_gtest/ssl_auth_unittest.cc @@ -155,8 +155,8 @@ TEST_P(TlsConnectTls12, ClientAuthBigRsaCheckSigAlg) { class TlsZeroCertificateRequestSigAlgsFilter : public TlsHandshakeFilter { public: - TlsZeroCertificateRequestSigAlgsFilter(const std::shared_ptr<TlsAgent>& agent) - : TlsHandshakeFilter(agent, {kTlsHandshakeCertificateRequest}) {} + TlsZeroCertificateRequestSigAlgsFilter(const std::shared_ptr<TlsAgent>& a) + : TlsHandshakeFilter(a, {kTlsHandshakeCertificateRequest}) {} virtual PacketFilter::Action FilterHandshake( const TlsHandshakeFilter::HandshakeHeader& header, const DataBuffer& input, DataBuffer* output) { @@ -366,6 +366,50 @@ TEST_P(TlsConnectTls12, SignatureAlgorithmDrop) { server_->CheckErrorCode(SSL_ERROR_BAD_HANDSHAKE_HASH_VALUE); } +// Replaces the signature scheme in a TLS 1.3 CertificateVerify message. +class TlsReplaceSignatureSchemeFilter : public TlsHandshakeFilter { + public: + TlsReplaceSignatureSchemeFilter(const std::shared_ptr<TlsAgent>& a, + SSLSignatureScheme scheme) + : TlsHandshakeFilter(a, {kTlsHandshakeCertificateVerify}), + scheme_(scheme) { + EnableDecryption(); + } + + protected: + virtual PacketFilter::Action FilterHandshake(const HandshakeHeader& header, + const DataBuffer& input, + DataBuffer* output) { + *output = input; + output->Write(0, scheme_, 2); + return CHANGE; + } + + private: + SSLSignatureScheme scheme_; +}; + +TEST_P(TlsConnectTls13, UnsupportedSignatureSchemeAlert) { + EnsureTlsSetup(); + MakeTlsFilter<TlsReplaceSignatureSchemeFilter>(server_, ssl_sig_none); + + ConnectExpectAlert(client_, kTlsAlertIllegalParameter); + server_->CheckErrorCode(SSL_ERROR_ILLEGAL_PARAMETER_ALERT); + client_->CheckErrorCode(SSL_ERROR_RX_MALFORMED_CERT_VERIFY); +} + +TEST_P(TlsConnectTls13, InconsistentSignatureSchemeAlert) { + EnsureTlsSetup(); + + // This won't work because we use an RSA cert by default. + MakeTlsFilter<TlsReplaceSignatureSchemeFilter>( + server_, ssl_sig_ecdsa_secp256r1_sha256); + + ConnectExpectAlert(client_, kTlsAlertIllegalParameter); + server_->CheckErrorCode(SSL_ERROR_ILLEGAL_PARAMETER_ALERT); + client_->CheckErrorCode(SSL_ERROR_INCORRECT_SIGNATURE_ALGORITHM); +} + TEST_P(TlsConnectTls12Plus, RequestClientAuthWithSha384) { server_->SetSignatureSchemes(SignatureSchemeRsaSha384, PR_ARRAY_SIZE(SignatureSchemeRsaSha384)); diff --git a/security/nss/gtests/ssl_gtest/ssl_ciphersuite_unittest.cc b/security/nss/gtests/ssl_gtest/ssl_ciphersuite_unittest.cc index fa2238be7..ec289bdd6 100644 --- a/security/nss/gtests/ssl_gtest/ssl_ciphersuite_unittest.cc +++ b/security/nss/gtests/ssl_gtest/ssl_ciphersuite_unittest.cc @@ -166,8 +166,8 @@ class TlsCipherSuiteTestBase : public TlsConnectTestBase { case ssl_calg_seed: break; } - EXPECT_TRUE(false) << "No limit for " << csinfo_.cipherSuiteName; - return 1ULL < 48; + ADD_FAILURE() << "No limit for " << csinfo_.cipherSuiteName; + return 0; } uint64_t last_safe_write() const { @@ -246,12 +246,13 @@ TEST_P(TlsCipherSuiteTest, ReadLimit) { client_->SendData(10, 10); server_->ReadBytes(); // This should be OK. + server_->ReadBytes(); // Read twice to flush any 1,N-1 record splitting. } else { // In TLS 1.3, reading or writing triggers a KeyUpdate. That would mean // that the sequence numbers would reset and we wouldn't hit the limit. So - // we move the sequence number to one less than the limit directly and don't - // test sending and receiving just before the limit. - uint64_t last = record_limit() - 1; + // move the sequence number to the limit directly and don't test sending and + // receiving just before the limit. + uint64_t last = record_limit(); EXPECT_EQ(SECSuccess, SSLInt_AdvanceReadSeqNum(server_->ssl_fd(), last)); } diff --git a/security/nss/gtests/ssl_gtest/ssl_custext_unittest.cc b/security/nss/gtests/ssl_gtest/ssl_custext_unittest.cc index c2f582a93..5be62e506 100644 --- a/security/nss/gtests/ssl_gtest/ssl_custext_unittest.cc +++ b/security/nss/gtests/ssl_gtest/ssl_custext_unittest.cc @@ -68,6 +68,7 @@ static const uint16_t kManyExtensions[] = { ssl_next_proto_nego_xtn, ssl_renegotiation_info_xtn, ssl_tls13_short_header_xtn, + ssl_record_size_limit_xtn, 1, 0xffff}; // The list here includes all extensions we expect to use (SSL_MAX_EXTENSIONS), diff --git a/security/nss/gtests/ssl_gtest/ssl_dhe_unittest.cc b/security/nss/gtests/ssl_gtest/ssl_dhe_unittest.cc index cdafa7a84..b99461632 100644 --- a/security/nss/gtests/ssl_gtest/ssl_dhe_unittest.cc +++ b/security/nss/gtests/ssl_gtest/ssl_dhe_unittest.cc @@ -103,8 +103,8 @@ TEST_P(TlsConnectGenericPre13, ConnectFfdheServer) { class TlsDheServerKeyExchangeDamager : public TlsHandshakeFilter { public: - TlsDheServerKeyExchangeDamager(const std::shared_ptr<TlsAgent>& agent) - : TlsHandshakeFilter(agent, {kTlsHandshakeServerKeyExchange}) {} + TlsDheServerKeyExchangeDamager(const std::shared_ptr<TlsAgent>& a) + : TlsHandshakeFilter(a, {kTlsHandshakeServerKeyExchange}) {} virtual PacketFilter::Action FilterHandshake( const TlsHandshakeFilter::HandshakeHeader& header, const DataBuffer& input, DataBuffer* output) { @@ -141,9 +141,9 @@ class TlsDheSkeChangeY : public TlsHandshakeFilter { kYZeroPad }; - TlsDheSkeChangeY(const std::shared_ptr<TlsAgent>& agent, - uint8_t handshake_type, ChangeYTo change) - : TlsHandshakeFilter(agent, {handshake_type}), change_Y_(change) {} + TlsDheSkeChangeY(const std::shared_ptr<TlsAgent>& a, uint8_t handshake_type, + ChangeYTo change) + : TlsHandshakeFilter(a, {handshake_type}), change_Y_(change) {} protected: void ChangeY(const DataBuffer& input, DataBuffer* output, size_t offset, @@ -208,9 +208,9 @@ class TlsDheSkeChangeY : public TlsHandshakeFilter { class TlsDheSkeChangeYServer : public TlsDheSkeChangeY { public: - TlsDheSkeChangeYServer(const std::shared_ptr<TlsAgent>& agent, - ChangeYTo change, bool modify) - : TlsDheSkeChangeY(agent, kTlsHandshakeServerKeyExchange, change), + TlsDheSkeChangeYServer(const std::shared_ptr<TlsAgent>& a, ChangeYTo change, + bool modify) + : TlsDheSkeChangeY(a, kTlsHandshakeServerKeyExchange, change), modify_(modify), p_() {} @@ -247,9 +247,9 @@ class TlsDheSkeChangeYServer : public TlsDheSkeChangeY { class TlsDheSkeChangeYClient : public TlsDheSkeChangeY { public: TlsDheSkeChangeYClient( - const std::shared_ptr<TlsAgent>& agent, ChangeYTo change, + const std::shared_ptr<TlsAgent>& a, ChangeYTo change, std::shared_ptr<const TlsDheSkeChangeYServer> server_filter) - : TlsDheSkeChangeY(agent, kTlsHandshakeClientKeyExchange, change), + : TlsDheSkeChangeY(a, kTlsHandshakeClientKeyExchange, change), server_filter_(server_filter) {} protected: @@ -357,8 +357,8 @@ INSTANTIATE_TEST_CASE_P( class TlsDheSkeMakePEven : public TlsHandshakeFilter { public: - TlsDheSkeMakePEven(const std::shared_ptr<TlsAgent>& agent) - : TlsHandshakeFilter(agent, {kTlsHandshakeServerKeyExchange}) {} + TlsDheSkeMakePEven(const std::shared_ptr<TlsAgent>& a) + : TlsHandshakeFilter(a, {kTlsHandshakeServerKeyExchange}) {} virtual PacketFilter::Action FilterHandshake( const TlsHandshakeFilter::HandshakeHeader& header, @@ -390,8 +390,8 @@ TEST_P(TlsConnectGenericPre13, MakeDhePEven) { class TlsDheSkeZeroPadP : public TlsHandshakeFilter { public: - TlsDheSkeZeroPadP(const std::shared_ptr<TlsAgent>& agent) - : TlsHandshakeFilter(agent, {kTlsHandshakeServerKeyExchange}) {} + TlsDheSkeZeroPadP(const std::shared_ptr<TlsAgent>& a) + : TlsHandshakeFilter(a, {kTlsHandshakeServerKeyExchange}) {} virtual PacketFilter::Action FilterHandshake( const TlsHandshakeFilter::HandshakeHeader& header, @@ -475,6 +475,45 @@ TEST_P(TlsConnectTls13, NamedGroupMismatch13) { client_->CheckErrorCode(SSL_ERROR_NO_CYPHER_OVERLAP); } +// Replace the key share in the server key exchange message with one that's +// larger than 8192 bits. +class TooLongDHEServerKEXFilter : public TlsHandshakeFilter { + public: + TooLongDHEServerKEXFilter(const std::shared_ptr<TlsAgent>& server) + : TlsHandshakeFilter(server, {kTlsHandshakeServerKeyExchange}) {} + + protected: + virtual PacketFilter::Action FilterHandshake(const HandshakeHeader& header, + const DataBuffer& input, + DataBuffer* output) { + // Replace the server key exchange message very large DH shares that are + // not supported by NSS. + const uint32_t share_len = 0x401; + const uint8_t zero_share[share_len] = {0x80}; + size_t offset = 0; + // Write dh_p. + offset = output->Write(offset, share_len, 2); + offset = output->Write(offset, zero_share, share_len); + // Write dh_g. + offset = output->Write(offset, share_len, 2); + offset = output->Write(offset, zero_share, share_len); + // Write dh_Y. + offset = output->Write(offset, share_len, 2); + offset = output->Write(offset, zero_share, share_len); + + return CHANGE; + } +}; + +TEST_P(TlsConnectGenericPre13, TooBigDHGroup) { + EnableOnlyDheCiphers(); + MakeTlsFilter<TooLongDHEServerKEXFilter>(server_); + client_->SetOption(SSL_REQUIRE_DH_NAMED_GROUPS, PR_FALSE); + ConnectExpectAlert(client_, kTlsAlertIllegalParameter); + server_->CheckErrorCode(SSL_ERROR_ILLEGAL_PARAMETER_ALERT); + client_->CheckErrorCode(SSL_ERROR_DH_KEY_TOO_LONG); +} + // Even though the client doesn't have DHE groups enabled the server assumes it // does. The client requires named groups and thus does not accept FF3072 as // custom group in contrast to the previous test. @@ -546,9 +585,9 @@ TEST_P(TlsConnectTls13, ResumeFfdhe) { class TlsDheSkeChangeSignature : public TlsHandshakeFilter { public: - TlsDheSkeChangeSignature(const std::shared_ptr<TlsAgent>& agent, - uint16_t version, const uint8_t* data, size_t len) - : TlsHandshakeFilter(agent, {kTlsHandshakeServerKeyExchange}), + TlsDheSkeChangeSignature(const std::shared_ptr<TlsAgent>& a, uint16_t version, + const uint8_t* data, size_t len) + : TlsHandshakeFilter(a, {kTlsHandshakeServerKeyExchange}), version_(version), data_(data), len_(len) {} diff --git a/security/nss/gtests/ssl_gtest/ssl_drop_unittest.cc b/security/nss/gtests/ssl_gtest/ssl_drop_unittest.cc index ee8906deb..e5b52ff06 100644 --- a/security/nss/gtests/ssl_gtest/ssl_drop_unittest.cc +++ b/security/nss/gtests/ssl_gtest/ssl_drop_unittest.cc @@ -66,7 +66,8 @@ TEST_P(TlsConnectDatagramPre13, DropServerSecondFlightThrice) { Connect(); } -class TlsDropDatagram13 : public TlsConnectDatagram13 { +class TlsDropDatagram13 : public TlsConnectDatagram13, + public ::testing::WithParamInterface<bool> { public: TlsDropDatagram13() : client_filters_(), @@ -77,6 +78,9 @@ class TlsDropDatagram13 : public TlsConnectDatagram13 { void SetUp() override { TlsConnectDatagram13::SetUp(); ConfigureSessionCache(RESUME_NONE, RESUME_NONE); + int short_header = GetParam() ? PR_TRUE : PR_FALSE; + client_->SetOption(SSL_ENABLE_DTLS_SHORT_HEADER, short_header); + server_->SetOption(SSL_ENABLE_DTLS_SHORT_HEADER, short_header); SetFilters(); } @@ -138,10 +142,13 @@ class TlsDropDatagram13 : public TlsConnectDatagram13 { void CheckAcks(const DropAckChain& chain, size_t index, std::vector<uint64_t> acks) { const DataBuffer& buf = chain.ack_->record(index).buffer; - size_t offset = 0; + size_t offset = 2; + uint64_t len; - EXPECT_EQ(acks.size() * 8, buf.len()); - if ((acks.size() * 8) != buf.len()) { + EXPECT_EQ(2 + acks.size() * 8, buf.len()); + ASSERT_TRUE(buf.Read(0, 2, &len)); + ASSERT_EQ(static_cast<size_t>(len + 2), buf.len()); + if ((2 + acks.size() * 8) != buf.len()) { while (offset < buf.len()) { uint64_t ack; ASSERT_TRUE(buf.Read(offset, 8, &ack)); @@ -186,7 +193,7 @@ class TlsDropDatagram13 : public TlsConnectDatagram13 { // to the client upon receiving the client Finished. // Dropping complete first and second flights does not produce // ACKs -TEST_F(TlsDropDatagram13, DropClientFirstFlightOnce) { +TEST_P(TlsDropDatagram13, DropClientFirstFlightOnce) { client_filters_.drop_->Reset({0}); StartConnect(); client_->Handshake(); @@ -195,7 +202,7 @@ TEST_F(TlsDropDatagram13, DropClientFirstFlightOnce) { CheckAcks(server_filters_, 0, {0x0002000000000000ULL}); } -TEST_F(TlsDropDatagram13, DropServerFirstFlightOnce) { +TEST_P(TlsDropDatagram13, DropServerFirstFlightOnce) { server_filters_.drop_->Reset(0xff); StartConnect(); client_->Handshake(); @@ -209,7 +216,7 @@ TEST_F(TlsDropDatagram13, DropServerFirstFlightOnce) { // Dropping the server's first record also does not produce // an ACK because the next record is ignored. // TODO(ekr@rtfm.com): We should generate an empty ACK. -TEST_F(TlsDropDatagram13, DropServerFirstRecordOnce) { +TEST_P(TlsDropDatagram13, DropServerFirstRecordOnce) { server_filters_.drop_->Reset({0}); StartConnect(); client_->Handshake(); @@ -221,7 +228,7 @@ TEST_F(TlsDropDatagram13, DropServerFirstRecordOnce) { // Dropping the second packet of the server's flight should // produce an ACK. -TEST_F(TlsDropDatagram13, DropServerSecondRecordOnce) { +TEST_P(TlsDropDatagram13, DropServerSecondRecordOnce) { server_filters_.drop_->Reset({1}); StartConnect(); client_->Handshake(); @@ -235,7 +242,7 @@ TEST_F(TlsDropDatagram13, DropServerSecondRecordOnce) { // Drop the server ACK and verify that the client retransmits // the ClientHello. -TEST_F(TlsDropDatagram13, DropServerAckOnce) { +TEST_P(TlsDropDatagram13, DropServerAckOnce) { StartConnect(); client_->Handshake(); server_->Handshake(); @@ -263,7 +270,7 @@ TEST_F(TlsDropDatagram13, DropServerAckOnce) { } // Drop the client certificate verify. -TEST_F(TlsDropDatagram13, DropClientCertVerify) { +TEST_P(TlsDropDatagram13, DropClientCertVerify) { StartConnect(); client_->SetupClientAuth(); server_->RequestClientAuth(true); @@ -284,7 +291,7 @@ TEST_F(TlsDropDatagram13, DropClientCertVerify) { } // Shrink the MTU down so that certs get split and drop the first piece. -TEST_F(TlsDropDatagram13, DropFirstHalfOfServerCertificate) { +TEST_P(TlsDropDatagram13, DropFirstHalfOfServerCertificate) { server_filters_.drop_->Reset({2}); StartConnect(); ShrinkPostServerHelloMtu(); @@ -311,7 +318,7 @@ TEST_F(TlsDropDatagram13, DropFirstHalfOfServerCertificate) { } // Shrink the MTU down so that certs get split and drop the second piece. -TEST_F(TlsDropDatagram13, DropSecondHalfOfServerCertificate) { +TEST_P(TlsDropDatagram13, DropSecondHalfOfServerCertificate) { server_filters_.drop_->Reset({3}); StartConnect(); ShrinkPostServerHelloMtu(); @@ -524,11 +531,11 @@ class TlsFragmentationAndRecoveryTest : public TlsDropDatagram13 { size_t cert_len_; }; -TEST_F(TlsFragmentationAndRecoveryTest, DropFirstHalf) { RunTest(0); } +TEST_P(TlsFragmentationAndRecoveryTest, DropFirstHalf) { RunTest(0); } -TEST_F(TlsFragmentationAndRecoveryTest, DropSecondHalf) { RunTest(1); } +TEST_P(TlsFragmentationAndRecoveryTest, DropSecondHalf) { RunTest(1); } -TEST_F(TlsDropDatagram13, NoDropsDuringZeroRtt) { +TEST_P(TlsDropDatagram13, NoDropsDuringZeroRtt) { SetupForZeroRtt(); SetFilters(); std::cerr << "Starting second handshake" << std::endl; @@ -546,7 +553,7 @@ TEST_F(TlsDropDatagram13, NoDropsDuringZeroRtt) { 0x0002000000000000ULL}); // Finished } -TEST_F(TlsDropDatagram13, DropEEDuringZeroRtt) { +TEST_P(TlsDropDatagram13, DropEEDuringZeroRtt) { SetupForZeroRtt(); SetFilters(); std::cerr << "Starting second handshake" << std::endl; @@ -591,7 +598,7 @@ class TlsReorderDatagram13 : public TlsDropDatagram13 { // Reorder the server records so that EE comes at the end // of the flight and will still produce an ACK. -TEST_F(TlsDropDatagram13, ReorderServerEE) { +TEST_P(TlsDropDatagram13, ReorderServerEE) { server_filters_.drop_->Reset({1}); StartConnect(); client_->Handshake(); @@ -647,7 +654,7 @@ class TlsSendCipherSpecCapturer { std::vector<std::shared_ptr<TlsCipherSpec>> send_cipher_specs_; }; -TEST_F(TlsDropDatagram13, SendOutOfOrderAppWithHandshakeKey) { +TEST_P(TlsDropDatagram13, SendOutOfOrderAppWithHandshakeKey) { StartConnect(); TlsSendCipherSpecCapturer capturer(client_); client_->Handshake(); @@ -662,9 +669,9 @@ TEST_F(TlsDropDatagram13, SendOutOfOrderAppWithHandshakeKey) { auto spec = capturer.spec(0); ASSERT_NE(nullptr, spec.get()); ASSERT_EQ(2, spec->epoch()); - ASSERT_TRUE(client_->SendEncryptedRecord( - spec, SSL_LIBRARY_VERSION_DTLS_1_2_WIRE, 0x0002000000000002, - kTlsApplicationDataType, DataBuffer(buf, sizeof(buf)))); + ASSERT_TRUE(client_->SendEncryptedRecord(spec, 0x0002000000000002, + kTlsApplicationDataType, + DataBuffer(buf, sizeof(buf)))); // Now have the server consume the bogus message. server_->ExpectSendAlert(illegal_parameter, kTlsAlertFatal); @@ -673,7 +680,7 @@ TEST_F(TlsDropDatagram13, SendOutOfOrderAppWithHandshakeKey) { EXPECT_EQ(SSL_ERROR_RX_UNKNOWN_RECORD_TYPE, PORT_GetError()); } -TEST_F(TlsDropDatagram13, SendOutOfOrderHsNonsenseWithHandshakeKey) { +TEST_P(TlsDropDatagram13, SendOutOfOrderHsNonsenseWithHandshakeKey) { StartConnect(); TlsSendCipherSpecCapturer capturer(client_); client_->Handshake(); @@ -688,9 +695,9 @@ TEST_F(TlsDropDatagram13, SendOutOfOrderHsNonsenseWithHandshakeKey) { auto spec = capturer.spec(0); ASSERT_NE(nullptr, spec.get()); ASSERT_EQ(2, spec->epoch()); - ASSERT_TRUE(client_->SendEncryptedRecord( - spec, SSL_LIBRARY_VERSION_DTLS_1_2_WIRE, 0x0002000000000002, - kTlsHandshakeType, DataBuffer(buf, sizeof(buf)))); + ASSERT_TRUE(client_->SendEncryptedRecord(spec, 0x0002000000000002, + kTlsHandshakeType, + DataBuffer(buf, sizeof(buf)))); server_->Handshake(); EXPECT_EQ(2UL, server_filters_.ack_->count()); // The server acknowledges client Finished twice. @@ -700,7 +707,7 @@ TEST_F(TlsDropDatagram13, SendOutOfOrderHsNonsenseWithHandshakeKey) { // Shrink the MTU down so that certs get split and then swap the first and // second pieces of the server certificate. -TEST_F(TlsReorderDatagram13, ReorderServerCertificate) { +TEST_P(TlsReorderDatagram13, ReorderServerCertificate) { StartConnect(); ShrinkPostServerHelloMtu(); client_->Handshake(); @@ -722,7 +729,7 @@ TEST_F(TlsReorderDatagram13, ReorderServerCertificate) { CheckAcks(server_filters_, 0, {0x0002000000000000ULL}); } -TEST_F(TlsReorderDatagram13, DataAfterEOEDDuringZeroRtt) { +TEST_P(TlsReorderDatagram13, DataAfterEOEDDuringZeroRtt) { SetupForZeroRtt(); SetFilters(); std::cerr << "Starting second handshake" << std::endl; @@ -761,7 +768,7 @@ TEST_F(TlsReorderDatagram13, DataAfterEOEDDuringZeroRtt) { EXPECT_EQ(PR_WOULD_BLOCK_ERROR, PORT_GetError()); } -TEST_F(TlsReorderDatagram13, DataAfterFinDuringZeroRtt) { +TEST_P(TlsReorderDatagram13, DataAfterFinDuringZeroRtt) { SetupForZeroRtt(); SetFilters(); std::cerr << "Starting second handshake" << std::endl; @@ -812,12 +819,17 @@ static void GetCipherAndLimit(uint16_t version, uint16_t* cipher, *cipher = TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256; *limit = (1ULL << 48) - 1; } else { + // This test probably isn't especially useful for TLS 1.3, which has a much + // shorter sequence number encoding. That space can probably be searched in + // a reasonable amount of time. *cipher = TLS_CHACHA20_POLY1305_SHA256; - *limit = (1ULL << 48) - 1; + // Assume that we are starting with an expected sequence number of 0. + *limit = (1ULL << 29) - 1; } } // This simulates a huge number of drops on one side. +// See Bug 12965514 where a large gap was handled very inefficiently. TEST_P(TlsConnectDatagram, MissLotsOfPackets) { uint16_t cipher; uint64_t limit; @@ -834,6 +846,17 @@ TEST_P(TlsConnectDatagram, MissLotsOfPackets) { SendReceive(); } +// Send a sequence number of 0xfffffffd and it should be interpreted as that +// (and not -3 or UINT64_MAX - 2). +TEST_F(TlsConnectDatagram13, UnderflowSequenceNumber) { + Connect(); + // This is only valid if short headers are disabled. + client_->SetOption(SSL_ENABLE_DTLS_SHORT_HEADER, PR_FALSE); + EXPECT_EQ(SECSuccess, + SSLInt_AdvanceWriteSeqNum(client_->ssl_fd(), (1ULL << 30) - 3)); + SendReceive(); +} + class TlsConnectDatagram12Plus : public TlsConnectDatagram { public: TlsConnectDatagram12Plus() : TlsConnectDatagram() {} @@ -861,9 +884,54 @@ TEST_P(TlsConnectDatagram12Plus, MissAWindowAndOne) { SendReceive(); } +// This filter replaces the first record it sees with junk application data. +class TlsReplaceFirstRecordWithJunk : public TlsRecordFilter { + public: + TlsReplaceFirstRecordWithJunk(const std::shared_ptr<TlsAgent>& a) + : TlsRecordFilter(a), replaced_(false) {} + + protected: + PacketFilter::Action FilterRecord(const TlsRecordHeader& header, + const DataBuffer& record, size_t* offset, + DataBuffer* output) override { + if (replaced_) { + return KEEP; + } + replaced_ = true; + TlsRecordHeader out_header(header.variant(), header.version(), + kTlsApplicationDataType, + header.sequence_number()); + + static const uint8_t junk[] = {1, 2, 3, 4}; + *offset = out_header.Write(output, *offset, DataBuffer(junk, sizeof(junk))); + return CHANGE; + } + + private: + bool replaced_; +}; + +// DTLS needs to discard application_data that it receives prior to handshake +// completion, not generate an error. +TEST_P(TlsConnectDatagram, ReplaceFirstServerRecordWithApplicationData) { + MakeTlsFilter<TlsReplaceFirstRecordWithJunk>(server_); + Connect(); +} + +TEST_P(TlsConnectDatagram, ReplaceFirstClientRecordWithApplicationData) { + MakeTlsFilter<TlsReplaceFirstRecordWithJunk>(client_); + Connect(); +} + INSTANTIATE_TEST_CASE_P(Datagram12Plus, TlsConnectDatagram12Plus, TlsConnectTestBase::kTlsV12Plus); INSTANTIATE_TEST_CASE_P(DatagramPre13, TlsConnectDatagramPre13, TlsConnectTestBase::kTlsV11V12); +INSTANTIATE_TEST_CASE_P(DatagramDrop13, TlsDropDatagram13, + ::testing::Values(true, false)); +INSTANTIATE_TEST_CASE_P(DatagramReorder13, TlsReorderDatagram13, + ::testing::Values(true, false)); +INSTANTIATE_TEST_CASE_P(DatagramFragment13, TlsFragmentationAndRecoveryTest, + ::testing::Values(true, false)); } // namespace nss_test diff --git a/security/nss/gtests/ssl_gtest/ssl_ecdh_unittest.cc b/security/nss/gtests/ssl_gtest/ssl_ecdh_unittest.cc index 3c7cd2ecf..12c6e8516 100644 --- a/security/nss/gtests/ssl_gtest/ssl_ecdh_unittest.cc +++ b/security/nss/gtests/ssl_gtest/ssl_ecdh_unittest.cc @@ -192,8 +192,8 @@ TEST_P(TlsConnectGenericPre13, P384PriorityFromModelSocket) { class TlsKeyExchangeGroupCapture : public TlsHandshakeFilter { public: - TlsKeyExchangeGroupCapture(const std::shared_ptr<TlsAgent> &agent) - : TlsHandshakeFilter(agent, {kTlsHandshakeServerKeyExchange}), + TlsKeyExchangeGroupCapture(const std::shared_ptr<TlsAgent> &a) + : TlsHandshakeFilter(a, {kTlsHandshakeServerKeyExchange}), group_(ssl_grp_none) {} SSLNamedGroup group() const { return group_; } @@ -559,6 +559,113 @@ TEST_P(TlsConnectGenericPre13, ConnectECDHEmptyClientPoint) { server_->CheckErrorCode(SSL_ERROR_RX_MALFORMED_CLIENT_KEY_EXCH); } +// Damage ECParams/ECPoint of a SKE. +class ECCServerKEXDamager : public TlsHandshakeFilter { + public: + ECCServerKEXDamager(const std::shared_ptr<TlsAgent> &server, ECType ec_type, + SSLNamedGroup named_curve) + : TlsHandshakeFilter(server, {kTlsHandshakeServerKeyExchange}), + ec_type_(ec_type), + named_curve_(named_curve) {} + + protected: + virtual PacketFilter::Action FilterHandshake(const HandshakeHeader &header, + const DataBuffer &input, + DataBuffer *output) { + size_t offset = 0; + output->Allocate(5); + offset = output->Write(offset, ec_type_, 1); + offset = output->Write(offset, named_curve_, 2); + // Write a point with fmt != EC_POINT_FORM_UNCOMPRESSED. + offset = output->Write(offset, 1U, 1); + (void)output->Write(offset, 0x02, 1); // EC_POINT_FORM_COMPRESSED_Y0 + return CHANGE; + } + + private: + ECType ec_type_; + SSLNamedGroup named_curve_; +}; + +TEST_P(TlsConnectGenericPre13, ConnectUnsupportedCurveType) { + EnsureTlsSetup(); + client_->DisableAllCiphers(); + client_->EnableCiphersByKeyExchange(ssl_kea_ecdh); + + MakeTlsFilter<ECCServerKEXDamager>(server_, ec_type_explicitPrime, + ssl_grp_none); + ConnectExpectAlert(client_, kTlsAlertHandshakeFailure); + client_->CheckErrorCode(SEC_ERROR_UNSUPPORTED_ELLIPTIC_CURVE); +} + +TEST_P(TlsConnectGenericPre13, ConnectUnsupportedCurve) { + EnsureTlsSetup(); + client_->DisableAllCiphers(); + client_->EnableCiphersByKeyExchange(ssl_kea_ecdh); + + MakeTlsFilter<ECCServerKEXDamager>(server_, ec_type_named, + ssl_grp_ffdhe_2048); + ConnectExpectAlert(client_, kTlsAlertHandshakeFailure); + client_->CheckErrorCode(SEC_ERROR_UNSUPPORTED_ELLIPTIC_CURVE); +} + +TEST_P(TlsConnectGenericPre13, ConnectUnsupportedPointFormat) { + EnsureTlsSetup(); + client_->DisableAllCiphers(); + client_->EnableCiphersByKeyExchange(ssl_kea_ecdh); + + MakeTlsFilter<ECCServerKEXDamager>(server_, ec_type_named, + ssl_grp_ec_secp256r1); + ConnectExpectAlert(client_, kTlsAlertHandshakeFailure); + client_->CheckErrorCode(SEC_ERROR_UNSUPPORTED_EC_POINT_FORM); +} + +// Replace SignatureAndHashAlgorithm of a SKE. +class ECCServerKEXSigAlgReplacer : public TlsHandshakeFilter { + public: + ECCServerKEXSigAlgReplacer(const std::shared_ptr<TlsAgent> &server, + SSLSignatureScheme sig_scheme) + : TlsHandshakeFilter(server, {kTlsHandshakeServerKeyExchange}), + sig_scheme_(sig_scheme) {} + + protected: + virtual PacketFilter::Action FilterHandshake(const HandshakeHeader &header, + const DataBuffer &input, + DataBuffer *output) { + *output = input; + + uint32_t point_len; + EXPECT_TRUE(output->Read(3, 1, &point_len)); + output->Write(4 + point_len, sig_scheme_, 2); + + return CHANGE; + } + + private: + SSLSignatureScheme sig_scheme_; +}; + +TEST_P(TlsConnectTls12, ConnectUnsupportedSigAlg) { + EnsureTlsSetup(); + client_->DisableAllCiphers(); + client_->EnableCiphersByKeyExchange(ssl_kea_ecdh); + + MakeTlsFilter<ECCServerKEXSigAlgReplacer>(server_, ssl_sig_none); + ConnectExpectAlert(client_, kTlsAlertIllegalParameter); + client_->CheckErrorCode(SSL_ERROR_UNSUPPORTED_SIGNATURE_ALGORITHM); +} + +TEST_P(TlsConnectTls12, ConnectIncorrectSigAlg) { + EnsureTlsSetup(); + client_->DisableAllCiphers(); + client_->EnableCiphersByKeyExchange(ssl_kea_ecdh); + + MakeTlsFilter<ECCServerKEXSigAlgReplacer>(server_, + ssl_sig_ecdsa_secp256r1_sha256); + ConnectExpectAlert(client_, kTlsAlertIllegalParameter); + client_->CheckErrorCode(SSL_ERROR_INCORRECT_SIGNATURE_ALGORITHM); +} + INSTANTIATE_TEST_CASE_P(KeyExchangeTest, TlsKeyExchangeTest, ::testing::Combine(TlsConnectTestBase::kTlsVariantsAll, TlsConnectTestBase::kTlsV11Plus)); diff --git a/security/nss/gtests/ssl_gtest/ssl_extension_unittest.cc b/security/nss/gtests/ssl_gtest/ssl_extension_unittest.cc index 0453dabdb..6965e9ca7 100644 --- a/security/nss/gtests/ssl_gtest/ssl_extension_unittest.cc +++ b/security/nss/gtests/ssl_gtest/ssl_extension_unittest.cc @@ -19,9 +19,9 @@ namespace nss_test { class TlsExtensionTruncator : public TlsExtensionFilter { public: - TlsExtensionTruncator(const std::shared_ptr<TlsAgent>& agent, - uint16_t extension, size_t length) - : TlsExtensionFilter(agent), extension_(extension), length_(length) {} + TlsExtensionTruncator(const std::shared_ptr<TlsAgent>& a, uint16_t extension, + size_t length) + : TlsExtensionFilter(a), extension_(extension), length_(length) {} virtual PacketFilter::Action FilterExtension(uint16_t extension_type, const DataBuffer& input, DataBuffer* output) { @@ -43,9 +43,9 @@ class TlsExtensionTruncator : public TlsExtensionFilter { class TlsExtensionDamager : public TlsExtensionFilter { public: - TlsExtensionDamager(const std::shared_ptr<TlsAgent>& agent, - uint16_t extension, size_t index) - : TlsExtensionFilter(agent), extension_(extension), index_(index) {} + TlsExtensionDamager(const std::shared_ptr<TlsAgent>& a, uint16_t extension, + size_t index) + : TlsExtensionFilter(a), extension_(extension), index_(index) {} virtual PacketFilter::Action FilterExtension(uint16_t extension_type, const DataBuffer& input, DataBuffer* output) { @@ -65,11 +65,9 @@ class TlsExtensionDamager : public TlsExtensionFilter { class TlsExtensionAppender : public TlsHandshakeFilter { public: - TlsExtensionAppender(const std::shared_ptr<TlsAgent>& agent, + TlsExtensionAppender(const std::shared_ptr<TlsAgent>& a, uint8_t handshake_type, uint16_t ext, DataBuffer& data) - : TlsHandshakeFilter(agent, {handshake_type}), - extension_(ext), - data_(data) {} + : TlsHandshakeFilter(a, {handshake_type}), extension_(ext), data_(data) {} virtual PacketFilter::Action FilterHandshake(const HandshakeHeader& header, const DataBuffer& input, @@ -323,7 +321,15 @@ TEST_P(TlsExtensionTestGeneric, AlpnMissingValue) { TEST_P(TlsExtensionTestGeneric, AlpnZeroLength) { EnableAlpn(); - const uint8_t val[] = {0x01, 0x61, 0x00}; + const uint8_t val[] = {0x00, 0x03, 0x01, 0x61, 0x00}; + DataBuffer extension(val, sizeof(val)); + ClientHelloErrorTest(std::make_shared<TlsExtensionReplacer>( + client_, ssl_app_layer_protocol_xtn, extension)); +} + +TEST_P(TlsExtensionTestGeneric, AlpnLengthOverflow) { + EnableAlpn(); + const uint8_t val[] = {0x00, 0x03, 0x01, 0x61, 0x01}; DataBuffer extension(val, sizeof(val)); ClientHelloErrorTest(std::make_shared<TlsExtensionReplacer>( client_, ssl_app_layer_protocol_xtn, extension)); @@ -628,12 +634,9 @@ typedef std::function<void(TlsPreSharedKeyReplacer*)> class TlsPreSharedKeyReplacer : public TlsExtensionFilter { public: - TlsPreSharedKeyReplacer(const std::shared_ptr<TlsAgent>& agent, + TlsPreSharedKeyReplacer(const std::shared_ptr<TlsAgent>& a, TlsPreSharedKeyReplacerFunc function) - : TlsExtensionFilter(agent), - identities_(), - binders_(), - function_(function) {} + : TlsExtensionFilter(a), identities_(), binders_(), function_(function) {} static size_t CopyAndMaybeReplace(TlsParser* parser, size_t size, const std::unique_ptr<DataBuffer>& replace, diff --git a/security/nss/gtests/ssl_gtest/ssl_fragment_unittest.cc b/security/nss/gtests/ssl_gtest/ssl_fragment_unittest.cc index f4940bf28..92947c2c7 100644 --- a/security/nss/gtests/ssl_gtest/ssl_fragment_unittest.cc +++ b/security/nss/gtests/ssl_gtest/ssl_fragment_unittest.cc @@ -20,14 +20,16 @@ namespace nss_test { // This class cuts every unencrypted handshake record into two parts. class RecordFragmenter : public PacketFilter { public: - RecordFragmenter() : sequence_number_(0), splitting_(true) {} + RecordFragmenter(bool is_dtls13) + : is_dtls13_(is_dtls13), sequence_number_(0), splitting_(true) {} private: class HandshakeSplitter { public: - HandshakeSplitter(const DataBuffer& input, DataBuffer* output, - uint64_t* sequence_number) - : input_(input), + HandshakeSplitter(bool is_dtls13, const DataBuffer& input, + DataBuffer* output, uint64_t* sequence_number) + : is_dtls13_(is_dtls13), + input_(input), output_(output), cursor_(0), sequence_number_(sequence_number) {} @@ -35,9 +37,9 @@ class RecordFragmenter : public PacketFilter { private: void WriteRecord(TlsRecordHeader& record_header, DataBuffer& record_fragment) { - TlsRecordHeader fragment_header(record_header.version(), - record_header.content_type(), - *sequence_number_); + TlsRecordHeader fragment_header( + record_header.variant(), record_header.version(), + record_header.content_type(), *sequence_number_); ++*sequence_number_; if (::g_ssl_gtest_verbose) { std::cerr << "Fragment: " << fragment_header << ' ' << record_fragment @@ -88,7 +90,7 @@ class RecordFragmenter : public PacketFilter { while (parser.remaining()) { TlsRecordHeader header; DataBuffer record; - if (!header.Parse(0, &parser, &record)) { + if (!header.Parse(is_dtls13_, 0, &parser, &record)) { ADD_FAILURE() << "bad record header"; return false; } @@ -118,6 +120,7 @@ class RecordFragmenter : public PacketFilter { } private: + bool is_dtls13_; const DataBuffer& input_; DataBuffer* output_; size_t cursor_; @@ -132,7 +135,7 @@ class RecordFragmenter : public PacketFilter { } output->Allocate(input.len()); - HandshakeSplitter splitter(input, output, &sequence_number_); + HandshakeSplitter splitter(is_dtls13_, input, output, &sequence_number_); if (!splitter.Split()) { // If splitting fails, we obviously reached encrypted packets. // Stop splitting from that point onward. @@ -144,18 +147,21 @@ class RecordFragmenter : public PacketFilter { } private: + bool is_dtls13_; uint64_t sequence_number_; bool splitting_; }; TEST_P(TlsConnectDatagram, FragmentClientPackets) { - client_->SetFilter(std::make_shared<RecordFragmenter>()); + bool is_dtls13 = version_ >= SSL_LIBRARY_VERSION_TLS_1_3; + client_->SetFilter(std::make_shared<RecordFragmenter>(is_dtls13)); Connect(); SendReceive(); } TEST_P(TlsConnectDatagram, FragmentServerPackets) { - server_->SetFilter(std::make_shared<RecordFragmenter>()); + bool is_dtls13 = version_ >= SSL_LIBRARY_VERSION_TLS_1_3; + server_->SetFilter(std::make_shared<RecordFragmenter>(is_dtls13)); Connect(); SendReceive(); } diff --git a/security/nss/gtests/ssl_gtest/ssl_fuzz_unittest.cc b/security/nss/gtests/ssl_gtest/ssl_fuzz_unittest.cc index 99448321c..f0afc9118 100644 --- a/security/nss/gtests/ssl_gtest/ssl_fuzz_unittest.cc +++ b/security/nss/gtests/ssl_gtest/ssl_fuzz_unittest.cc @@ -27,8 +27,8 @@ class TlsFuzzTest : public ::testing::Test {}; // Record the application data stream. class TlsApplicationDataRecorder : public TlsRecordFilter { public: - TlsApplicationDataRecorder(const std::shared_ptr<TlsAgent>& agent) - : TlsRecordFilter(agent), buffer_() {} + TlsApplicationDataRecorder(const std::shared_ptr<TlsAgent>& a) + : TlsRecordFilter(a), buffer_() {} virtual PacketFilter::Action FilterRecord(const TlsRecordHeader& header, const DataBuffer& input, diff --git a/security/nss/gtests/ssl_gtest/ssl_gtest.gyp b/security/nss/gtests/ssl_gtest/ssl_gtest.gyp index e2a8d830a..17677713d 100644 --- a/security/nss/gtests/ssl_gtest/ssl_gtest.gyp +++ b/security/nss/gtests/ssl_gtest/ssl_gtest.gyp @@ -37,6 +37,7 @@ 'ssl_loopback_unittest.cc', 'ssl_misc_unittest.cc', 'ssl_record_unittest.cc', + 'ssl_recordsize_unittest.cc', 'ssl_resumption_unittest.cc', 'ssl_renegotiation_unittest.cc', 'ssl_skip_unittest.cc', diff --git a/security/nss/gtests/ssl_gtest/ssl_hrr_unittest.cc b/security/nss/gtests/ssl_gtest/ssl_hrr_unittest.cc index 05ae87034..77b335e86 100644 --- a/security/nss/gtests/ssl_gtest/ssl_hrr_unittest.cc +++ b/security/nss/gtests/ssl_gtest/ssl_hrr_unittest.cc @@ -69,8 +69,8 @@ TEST_P(TlsConnectTls13, HelloRetryRequestAbortsZeroRtt) { // handshake packets, this will break. class CorrectMessageSeqAfterHrrFilter : public TlsRecordFilter { public: - CorrectMessageSeqAfterHrrFilter(const std::shared_ptr<TlsAgent>& agent) - : TlsRecordFilter(agent) {} + CorrectMessageSeqAfterHrrFilter(const std::shared_ptr<TlsAgent>& a) + : TlsRecordFilter(a) {} protected: PacketFilter::Action FilterRecord(const TlsRecordHeader& header, @@ -81,8 +81,9 @@ class CorrectMessageSeqAfterHrrFilter : public TlsRecordFilter { } DataBuffer buffer(record); - TlsRecordHeader new_header = {header.version(), header.content_type(), - header.sequence_number() + 1}; + TlsRecordHeader new_header(header.variant(), header.version(), + header.content_type(), + header.sequence_number() + 1); // Correct message_seq. buffer.Write(4, 1U, 2); @@ -151,8 +152,8 @@ TEST_P(TlsConnectTls13, SecondClientHelloRejectEarlyDataXtn) { class KeyShareReplayer : public TlsExtensionFilter { public: - KeyShareReplayer(const std::shared_ptr<TlsAgent>& agent) - : TlsExtensionFilter(agent) {} + KeyShareReplayer(const std::shared_ptr<TlsAgent>& a) + : TlsExtensionFilter(a) {} virtual PacketFilter::Action FilterExtension(uint16_t extension_type, const DataBuffer& input, @@ -567,6 +568,28 @@ void TriggerHelloRetryRequest(std::shared_ptr<TlsAgent>& client, client->Handshake(); server->Handshake(); EXPECT_EQ(1U, cb_called); + // Stop the callback from being called in future handshakes. + EXPECT_EQ(SECSuccess, + SSL_HelloRetryRequestCallback(server->ssl_fd(), nullptr, nullptr)); +} + +TEST_P(TlsConnectTls13, VersionNumbersAfterRetry) { + ConfigureSelfEncrypt(); + EnsureTlsSetup(); + auto r = MakeTlsFilter<TlsRecordRecorder>(client_); + TriggerHelloRetryRequest(client_, server_); + Handshake(); + ASSERT_GT(r->count(), 1UL); + auto ch1 = r->record(0); + if (ch1.header.is_dtls()) { + ASSERT_EQ(SSL_LIBRARY_VERSION_TLS_1_1, ch1.header.version()); + } else { + ASSERT_EQ(SSL_LIBRARY_VERSION_TLS_1_0, ch1.header.version()); + } + auto ch2 = r->record(1); + ASSERT_EQ(SSL_LIBRARY_VERSION_TLS_1_2, ch2.header.version()); + + CheckConnected(); } TEST_P(TlsConnectTls13, RetryStateless) { @@ -577,6 +600,7 @@ TEST_P(TlsConnectTls13, RetryStateless) { MakeNewServer(); Handshake(); + CheckConnected(); SendReceive(); } @@ -593,6 +617,68 @@ TEST_P(TlsConnectTls13, RetryStatefulDropCookie) { server_->CheckErrorCode(SSL_ERROR_MISSING_COOKIE_EXTENSION); } +class TruncateHrrCookie : public TlsExtensionFilter { + public: + TruncateHrrCookie(const std::shared_ptr<TlsAgent>& a) + : TlsExtensionFilter(a) {} + virtual PacketFilter::Action FilterExtension(uint16_t extension_type, + const DataBuffer& input, + DataBuffer* output) { + if (extension_type != ssl_tls13_cookie_xtn) { + return KEEP; + } + + // Claim a zero-length cookie. + output->Allocate(2); + output->Write(0, static_cast<uint32_t>(0), 2); + return CHANGE; + } +}; + +TEST_P(TlsConnectTls13, RetryCookieEmpty) { + ConfigureSelfEncrypt(); + EnsureTlsSetup(); + + TriggerHelloRetryRequest(client_, server_); + MakeTlsFilter<TruncateHrrCookie>(client_); + + ExpectAlert(server_, kTlsAlertHandshakeFailure); + Handshake(); + client_->CheckErrorCode(SSL_ERROR_NO_CYPHER_OVERLAP); + server_->CheckErrorCode(SSL_ERROR_RX_MALFORMED_CLIENT_HELLO); +} + +class AddJunkToCookie : public TlsExtensionFilter { + public: + AddJunkToCookie(const std::shared_ptr<TlsAgent>& a) : TlsExtensionFilter(a) {} + virtual PacketFilter::Action FilterExtension(uint16_t extension_type, + const DataBuffer& input, + DataBuffer* output) { + if (extension_type != ssl_tls13_cookie_xtn) { + return KEEP; + } + + *output = input; + // Add junk after the cookie. + static const uint8_t junk[2] = {1, 2}; + output->Append(DataBuffer(junk, sizeof(junk))); + return CHANGE; + } +}; + +TEST_P(TlsConnectTls13, RetryCookieWithExtras) { + ConfigureSelfEncrypt(); + EnsureTlsSetup(); + + TriggerHelloRetryRequest(client_, server_); + MakeTlsFilter<AddJunkToCookie>(client_); + + ExpectAlert(server_, kTlsAlertHandshakeFailure); + Handshake(); + client_->CheckErrorCode(SSL_ERROR_NO_CYPHER_OVERLAP); + server_->CheckErrorCode(SSL_ERROR_RX_MALFORMED_CLIENT_HELLO); +} + // Stream only because DTLS drops bad packets. TEST_F(TlsConnectStreamTls13, RetryStatelessDamageFirstClientHello) { ConfigureSelfEncrypt(); @@ -907,7 +993,10 @@ class HelloRetryRequestAgentTest : public TlsAgentTestClient { hrr_data.Allocate(len + 6); size_t i = 0; - i = hrr_data.Write(i, 0x0303, 2); + i = hrr_data.Write(i, variant_ == ssl_variant_datagram + ? SSL_LIBRARY_VERSION_DTLS_1_2_WIRE + : SSL_LIBRARY_VERSION_TLS_1_2, + 2); i = hrr_data.Write(i, ssl_hello_retry_random, sizeof(ssl_hello_retry_random)); i = hrr_data.Write(i, static_cast<uint32_t>(0), 1); // session_id @@ -973,6 +1062,39 @@ TEST_P(HelloRetryRequestAgentTest, HandleNoopHelloRetryRequest) { SSL_ERROR_RX_MALFORMED_HELLO_RETRY_REQUEST); } +class ReplaceRandom : public TlsHandshakeFilter { + public: + ReplaceRandom(const std::shared_ptr<TlsAgent>& a, const DataBuffer& r) + : TlsHandshakeFilter(a, {kTlsHandshakeServerHello}), random_(r) {} + + PacketFilter::Action FilterHandshake(const HandshakeHeader& header, + const DataBuffer& input, + DataBuffer* output) override { + output->Assign(input); + output->Write(2, random_); + return CHANGE; + } + + private: + DataBuffer random_; +}; + +// Make sure that the TLS 1.3 special value for the ServerHello.random +// is rejected by earlier versions. +TEST_P(TlsConnectStreamPre13, HrrRandomOnTls10) { + static const uint8_t hrr_random[] = { + 0xCF, 0x21, 0xAD, 0x74, 0xE5, 0x9A, 0x61, 0x11, 0xBE, 0x1D, 0x8C, + 0x02, 0x1E, 0x65, 0xB8, 0x91, 0xC2, 0xA2, 0x11, 0x16, 0x7A, 0xBB, + 0x8C, 0x5E, 0x07, 0x9E, 0x09, 0xE2, 0xC8, 0xA8, 0x33, 0x9C}; + + EnsureTlsSetup(); + MakeTlsFilter<ReplaceRandom>(server_, + DataBuffer(hrr_random, sizeof(hrr_random))); + ConnectExpectAlert(client_, kTlsAlertIllegalParameter); + client_->CheckErrorCode(SSL_ERROR_RX_MALFORMED_SERVER_HELLO); + server_->CheckErrorCode(SSL_ERROR_ILLEGAL_PARAMETER_ALERT); +} + INSTANTIATE_TEST_CASE_P(HelloRetryRequestAgentTests, HelloRetryRequestAgentTest, ::testing::Combine(TlsConnectTestBase::kTlsVariantsAll, TlsConnectTestBase::kTlsV13)); diff --git a/security/nss/gtests/ssl_gtest/ssl_loopback_unittest.cc b/security/nss/gtests/ssl_gtest/ssl_loopback_unittest.cc index f1b78f52f..5adbd9dc7 100644 --- a/security/nss/gtests/ssl_gtest/ssl_loopback_unittest.cc +++ b/security/nss/gtests/ssl_gtest/ssl_loopback_unittest.cc @@ -56,8 +56,8 @@ TEST_P(TlsConnectGeneric, CipherSuiteMismatch) { class TlsAlertRecorder : public TlsRecordFilter { public: - TlsAlertRecorder(const std::shared_ptr<TlsAgent>& agent) - : TlsRecordFilter(agent), level_(255), description_(255) {} + TlsAlertRecorder(const std::shared_ptr<TlsAgent>& a) + : TlsRecordFilter(a), level_(255), description_(255) {} PacketFilter::Action FilterRecord(const TlsRecordHeader& header, const DataBuffer& input, @@ -87,9 +87,9 @@ class TlsAlertRecorder : public TlsRecordFilter { class HelloTruncator : public TlsHandshakeFilter { public: - HelloTruncator(const std::shared_ptr<TlsAgent>& agent) + HelloTruncator(const std::shared_ptr<TlsAgent>& a) : TlsHandshakeFilter( - agent, {kTlsHandshakeClientHello, kTlsHandshakeServerHello}) {} + a, {kTlsHandshakeClientHello, kTlsHandshakeServerHello}) {} PacketFilter::Action FilterHandshake(const HandshakeHeader& header, const DataBuffer& input, DataBuffer* output) override { @@ -149,6 +149,27 @@ TEST_P(TlsConnectGeneric, ConnectAlpn) { CheckAlpn("a"); } +TEST_P(TlsConnectGeneric, ConnectAlpnPriorityA) { + // "alpn" "npn" + // alpn is the fallback here. npn has the highest priority and should be + // picked. + const std::vector<uint8_t> alpn = {0x04, 0x61, 0x6c, 0x70, 0x6e, + 0x03, 0x6e, 0x70, 0x6e}; + EnableAlpn(alpn); + Connect(); + CheckAlpn("npn"); +} + +TEST_P(TlsConnectGeneric, ConnectAlpnPriorityB) { + // "alpn" "npn" "http" + // npn has the highest priority and should be picked. + const std::vector<uint8_t> alpn = {0x04, 0x61, 0x6c, 0x70, 0x6e, 0x03, 0x6e, + 0x70, 0x6e, 0x04, 0x68, 0x74, 0x74, 0x70}; + EnableAlpn(alpn); + Connect(); + CheckAlpn("npn"); +} + TEST_P(TlsConnectGeneric, ConnectAlpnClone) { EnsureModelSockets(); client_model_->EnableAlpn(alpn_dummy_val_, sizeof(alpn_dummy_val_)); @@ -157,6 +178,33 @@ TEST_P(TlsConnectGeneric, ConnectAlpnClone) { CheckAlpn("a"); } +TEST_P(TlsConnectGeneric, ConnectAlpnWithCustomCallbackA) { + // "ab" "alpn" + const std::vector<uint8_t> client_alpn = {0x02, 0x61, 0x62, 0x04, + 0x61, 0x6c, 0x70, 0x6e}; + EnableAlpnWithCallback(client_alpn, "alpn"); + Connect(); + CheckAlpn("alpn"); +} + +TEST_P(TlsConnectGeneric, ConnectAlpnWithCustomCallbackB) { + // "ab" "alpn" + const std::vector<uint8_t> client_alpn = {0x02, 0x61, 0x62, 0x04, + 0x61, 0x6c, 0x70, 0x6e}; + EnableAlpnWithCallback(client_alpn, "ab"); + Connect(); + CheckAlpn("ab"); +} + +TEST_P(TlsConnectGeneric, ConnectAlpnWithCustomCallbackC) { + // "cd" "npn" "alpn" + const std::vector<uint8_t> client_alpn = {0x02, 0x63, 0x64, 0x03, 0x6e, 0x70, + 0x6e, 0x04, 0x61, 0x6c, 0x70, 0x6e}; + EnableAlpnWithCallback(client_alpn, "npn"); + Connect(); + CheckAlpn("npn"); +} + TEST_P(TlsConnectDatagram, ConnectSrtp) { EnableSrtp(); Connect(); @@ -171,8 +219,8 @@ TEST_P(TlsConnectGeneric, ConnectSendReceive) { class SaveTlsRecord : public TlsRecordFilter { public: - SaveTlsRecord(const std::shared_ptr<TlsAgent>& agent, size_t index) - : TlsRecordFilter(agent), index_(index), count_(0), contents_() {} + SaveTlsRecord(const std::shared_ptr<TlsAgent>& a, size_t index) + : TlsRecordFilter(a), index_(index), count_(0), contents_() {} const DataBuffer& contents() const { return contents_; } @@ -227,8 +275,8 @@ TEST_F(TlsConnectStreamTls13, DecryptRecordServer) { class DropTlsRecord : public TlsRecordFilter { public: - DropTlsRecord(const std::shared_ptr<TlsAgent>& agent, size_t index) - : TlsRecordFilter(agent), index_(index), count_(0) {} + DropTlsRecord(const std::shared_ptr<TlsAgent>& a, size_t index) + : TlsRecordFilter(a), index_(index), count_(0) {} protected: PacketFilter::Action FilterRecord(const TlsRecordHeader& header, @@ -373,8 +421,8 @@ TEST_P(TlsHolddownTest, TestDtlsHolddownExpiryResumption) { class TlsPreCCSHeaderInjector : public TlsRecordFilter { public: - TlsPreCCSHeaderInjector(const std::shared_ptr<TlsAgent>& agent) - : TlsRecordFilter(agent) {} + TlsPreCCSHeaderInjector(const std::shared_ptr<TlsAgent>& a) + : TlsRecordFilter(a) {} virtual PacketFilter::Action FilterRecord( const TlsRecordHeader& record_header, const DataBuffer& input, size_t* offset, DataBuffer* output) override { @@ -383,7 +431,8 @@ class TlsPreCCSHeaderInjector : public TlsRecordFilter { std::cerr << "Injecting Finished header before CCS\n"; const uint8_t hhdr[] = {kTlsHandshakeFinished, 0x00, 0x00, 0x0c}; DataBuffer hhdr_buf(hhdr, sizeof(hhdr)); - TlsRecordHeader nhdr(record_header.version(), kTlsHandshakeType, 0); + TlsRecordHeader nhdr(record_header.variant(), record_header.version(), + kTlsHandshakeType, 0); *offset = nhdr.Write(output, *offset, hhdr_buf); *offset = record_header.Write(output, *offset, input); return CHANGE; diff --git a/security/nss/gtests/ssl_gtest/ssl_record_unittest.cc b/security/nss/gtests/ssl_gtest/ssl_record_unittest.cc index 3b8727850..53b11c61a 100644 --- a/security/nss/gtests/ssl_gtest/ssl_record_unittest.cc +++ b/security/nss/gtests/ssl_gtest/ssl_record_unittest.cc @@ -103,16 +103,14 @@ TEST_P(TlsPaddingTest, LastByteOfPadWrong) { class RecordReplacer : public TlsRecordFilter { public: - RecordReplacer(const std::shared_ptr<TlsAgent>& agent, size_t size) - : TlsRecordFilter(agent), enabled_(false), size_(size) {} + RecordReplacer(const std::shared_ptr<TlsAgent>& a, size_t size) + : TlsRecordFilter(a), size_(size) { + Disable(); + } PacketFilter::Action FilterRecord(const TlsRecordHeader& header, const DataBuffer& data, DataBuffer* changed) override { - if (!enabled_) { - return KEEP; - } - EXPECT_EQ(kTlsApplicationDataType, header.content_type()); changed->Allocate(size_); @@ -120,17 +118,33 @@ class RecordReplacer : public TlsRecordFilter { changed->data()[i] = i & 0xff; } - enabled_ = false; + Disable(); return CHANGE; } - void Enable() { enabled_ = true; } - private: - bool enabled_; size_t size_; }; +TEST_P(TlsConnectStream, BadRecordMac) { + EnsureTlsSetup(); + Connect(); + client_->SetFilter(std::make_shared<TlsRecordLastByteDamager>(client_)); + ExpectAlert(server_, kTlsAlertBadRecordMac); + client_->SendData(10); + + // Read from the client, get error. + uint8_t buf[10]; + PRInt32 rv = PR_Read(server_->ssl_fd(), buf, sizeof(buf)); + EXPECT_GT(0, rv); + EXPECT_EQ(SSL_ERROR_BAD_MAC_READ, PORT_GetError()); + + // Read the server alert. + rv = PR_Read(client_->ssl_fd(), buf, sizeof(buf)); + EXPECT_GT(0, rv); + EXPECT_EQ(SSL_ERROR_BAD_MAC_ALERT, PORT_GetError()); +} + TEST_F(TlsConnectStreamTls13, LargeRecord) { EnsureTlsSetup(); @@ -168,6 +182,29 @@ TEST_F(TlsConnectStreamTls13, TooLargeRecord) { EXPECT_EQ(SSL_ERROR_RECORD_OVERFLOW_ALERT, PORT_GetError()); } +class ShortHeaderChecker : public PacketFilter { + public: + PacketFilter::Action Filter(const DataBuffer& input, DataBuffer* output) { + // The first octet should be 0b001xxxxx. + EXPECT_EQ(1, input.data()[0] >> 5); + return KEEP; + } +}; + +TEST_F(TlsConnectDatagram13, ShortHeadersClient) { + Connect(); + client_->SetOption(SSL_ENABLE_DTLS_SHORT_HEADER, PR_TRUE); + client_->SetFilter(std::make_shared<ShortHeaderChecker>()); + SendReceive(); +} + +TEST_F(TlsConnectDatagram13, ShortHeadersServer) { + Connect(); + server_->SetOption(SSL_ENABLE_DTLS_SHORT_HEADER, PR_TRUE); + server_->SetFilter(std::make_shared<ShortHeaderChecker>()); + SendReceive(); +} + const static size_t kContentSizesArr[] = { 1, kMacSize - 1, kMacSize, 30, 31, 32, 36, 256, 257, 287, 288}; diff --git a/security/nss/gtests/ssl_gtest/ssl_recordsize_unittest.cc b/security/nss/gtests/ssl_gtest/ssl_recordsize_unittest.cc new file mode 100644 index 000000000..00651aec5 --- /dev/null +++ b/security/nss/gtests/ssl_gtest/ssl_recordsize_unittest.cc @@ -0,0 +1,431 @@ +/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */ +/* vim: set ts=2 et sw=2 tw=80: */ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this file, + * You can obtain one at http://mozilla.org/MPL/2.0/. */ + +#include "secerr.h" +#include "ssl.h" +#include "sslerr.h" +#include "sslproto.h" + +#include "gtest_utils.h" +#include "scoped_ptrs.h" +#include "tls_connect.h" +#include "tls_filter.h" +#include "tls_parser.h" + +namespace nss_test { + +// This class tracks the maximum size of record that was sent, both cleartext +// and plain. It only tracks records that have an outer type of +// application_data. In TLS 1.3, this includes handshake messages. +class TlsRecordMaximum : public TlsRecordFilter { + public: + TlsRecordMaximum(const std::shared_ptr<TlsAgent>& a) + : TlsRecordFilter(a), max_ciphertext_(0), max_plaintext_(0) {} + + size_t max_ciphertext() const { return max_ciphertext_; } + size_t max_plaintext() const { return max_plaintext_; } + + protected: + PacketFilter::Action FilterRecord(const TlsRecordHeader& header, + const DataBuffer& record, size_t* offset, + DataBuffer* output) override { + std::cerr << "max: " << record << std::endl; + // Ignore unprotected packets. + if (header.content_type() != kTlsApplicationDataType) { + return KEEP; + } + + max_ciphertext_ = (std::max)(max_ciphertext_, record.len()); + return TlsRecordFilter::FilterRecord(header, record, offset, output); + } + + PacketFilter::Action FilterRecord(const TlsRecordHeader& header, + const DataBuffer& data, + DataBuffer* changed) override { + max_plaintext_ = (std::max)(max_plaintext_, data.len()); + return KEEP; + } + + private: + size_t max_ciphertext_; + size_t max_plaintext_; +}; + +void CheckRecordSizes(const std::shared_ptr<TlsAgent>& agent, + const std::shared_ptr<TlsRecordMaximum>& record_max, + size_t config) { + uint16_t cipher_suite; + ASSERT_TRUE(agent->cipher_suite(&cipher_suite)); + + size_t expansion; + size_t iv; + switch (cipher_suite) { + case TLS_AES_128_GCM_SHA256: + case TLS_AES_256_GCM_SHA384: + case TLS_CHACHA20_POLY1305_SHA256: + expansion = 16; + iv = 0; + break; + + case TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256: + expansion = 16; + iv = 8; + break; + + case TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA: + // Expansion is 20 for the MAC. Maximum block padding is 16. Maximum + // padding is added when the input plus the MAC is an exact multiple of + // the block size. + expansion = 20 + 16 - ((config + 20) % 16); + iv = 16; + break; + + default: + ADD_FAILURE() << "No expansion set for ciphersuite " + << agent->cipher_suite_name(); + return; + } + + switch (agent->version()) { + case SSL_LIBRARY_VERSION_TLS_1_3: + EXPECT_EQ(0U, iv) << "No IV for TLS 1.3"; + // We only have decryption in TLS 1.3. + EXPECT_EQ(config - 1, record_max->max_plaintext()) + << "bad plaintext length for " << agent->role_str(); + break; + + case SSL_LIBRARY_VERSION_TLS_1_2: + case SSL_LIBRARY_VERSION_TLS_1_1: + expansion += iv; + break; + + case SSL_LIBRARY_VERSION_TLS_1_0: + break; + + default: + ADD_FAILURE() << "Unexpected version " << agent->version(); + return; + } + + EXPECT_EQ(config + expansion, record_max->max_ciphertext()) + << "bad ciphertext length for " << agent->role_str(); +} + +TEST_P(TlsConnectGeneric, RecordSizeMaximum) { + uint16_t max_record_size = + (version_ >= SSL_LIBRARY_VERSION_TLS_1_3) ? 16385 : 16384; + size_t send_size = (version_ >= SSL_LIBRARY_VERSION_TLS_1_3) + ? max_record_size + : max_record_size + 1; + + EnsureTlsSetup(); + auto client_max = MakeTlsFilter<TlsRecordMaximum>(client_); + client_max->EnableDecryption(); + auto server_max = MakeTlsFilter<TlsRecordMaximum>(server_); + server_max->EnableDecryption(); + + Connect(); + client_->SendData(send_size, send_size); + server_->SendData(send_size, send_size); + server_->ReadBytes(send_size); + client_->ReadBytes(send_size); + + CheckRecordSizes(client_, client_max, max_record_size); + CheckRecordSizes(server_, server_max, max_record_size); +} + +TEST_P(TlsConnectGeneric, RecordSizeMinimumClient) { + EnsureTlsSetup(); + auto server_max = MakeTlsFilter<TlsRecordMaximum>(server_); + server_max->EnableDecryption(); + + client_->SetOption(SSL_RECORD_SIZE_LIMIT, 64); + Connect(); + SendReceive(127); // Big enough for one record, allowing for 1+N splitting. + + CheckRecordSizes(server_, server_max, 64); +} + +TEST_P(TlsConnectGeneric, RecordSizeMinimumServer) { + EnsureTlsSetup(); + auto client_max = MakeTlsFilter<TlsRecordMaximum>(client_); + client_max->EnableDecryption(); + + server_->SetOption(SSL_RECORD_SIZE_LIMIT, 64); + Connect(); + SendReceive(127); + + CheckRecordSizes(client_, client_max, 64); +} + +TEST_P(TlsConnectGeneric, RecordSizeAsymmetric) { + EnsureTlsSetup(); + auto client_max = MakeTlsFilter<TlsRecordMaximum>(client_); + client_max->EnableDecryption(); + auto server_max = MakeTlsFilter<TlsRecordMaximum>(server_); + server_max->EnableDecryption(); + + client_->SetOption(SSL_RECORD_SIZE_LIMIT, 64); + server_->SetOption(SSL_RECORD_SIZE_LIMIT, 100); + Connect(); + SendReceive(127); + + CheckRecordSizes(client_, client_max, 100); + CheckRecordSizes(server_, server_max, 64); +} + +// This just modifies the encrypted payload so to include a few extra zeros. +class TlsRecordExpander : public TlsRecordFilter { + public: + TlsRecordExpander(const std::shared_ptr<TlsAgent>& a, size_t expansion) + : TlsRecordFilter(a), expansion_(expansion) {} + + protected: + virtual PacketFilter::Action FilterRecord(const TlsRecordHeader& header, + const DataBuffer& data, + DataBuffer* changed) { + if (header.content_type() != kTlsApplicationDataType) { + return KEEP; + } + changed->Allocate(data.len() + expansion_); + changed->Write(0, data.data(), data.len()); + return CHANGE; + } + + private: + size_t expansion_; +}; + +// Tweak the plaintext of server records so that they exceed the client's limit. +TEST_P(TlsConnectTls13, RecordSizePlaintextExceed) { + EnsureTlsSetup(); + auto server_expand = MakeTlsFilter<TlsRecordExpander>(server_, 1); + server_expand->EnableDecryption(); + + client_->SetOption(SSL_RECORD_SIZE_LIMIT, 64); + Connect(); + + server_->SendData(100); + + client_->ExpectReadWriteError(); + ExpectAlert(client_, kTlsAlertRecordOverflow); + client_->ReadBytes(100); + EXPECT_EQ(SSL_ERROR_RX_RECORD_TOO_LONG, client_->error_code()); + + // Consume the alert at the server. + server_->Handshake(); + server_->CheckErrorCode(SSL_ERROR_RECORD_OVERFLOW_ALERT); +} + +// Tweak the ciphertext of server records so that they greatly exceed the limit. +// This requires a much larger expansion than for plaintext to trigger the +// guard, which runs before decryption (current allowance is 304 octets). +TEST_P(TlsConnectTls13, RecordSizeCiphertextExceed) { + EnsureTlsSetup(); + + client_->SetOption(SSL_RECORD_SIZE_LIMIT, 64); + Connect(); + + auto server_expand = MakeTlsFilter<TlsRecordExpander>(server_, 320); + server_->SendData(100); + + client_->ExpectReadWriteError(); + ExpectAlert(client_, kTlsAlertRecordOverflow); + client_->ReadBytes(100); + EXPECT_EQ(SSL_ERROR_RX_RECORD_TOO_LONG, client_->error_code()); + + // Consume the alert at the server. + server_->Handshake(); + server_->CheckErrorCode(SSL_ERROR_RECORD_OVERFLOW_ALERT); +} + +// This indiscriminately adds padding to application data records. +class TlsRecordPadder : public TlsRecordFilter { + public: + TlsRecordPadder(const std::shared_ptr<TlsAgent>& a, size_t padding) + : TlsRecordFilter(a), padding_(padding) {} + + protected: + PacketFilter::Action FilterRecord(const TlsRecordHeader& header, + const DataBuffer& record, size_t* offset, + DataBuffer* output) override { + if (header.content_type() != kTlsApplicationDataType) { + return KEEP; + } + + uint8_t inner_content_type; + DataBuffer plaintext; + if (!Unprotect(header, record, &inner_content_type, &plaintext)) { + return KEEP; + } + + if (inner_content_type != kTlsApplicationDataType) { + return KEEP; + } + + DataBuffer ciphertext; + bool ok = + Protect(header, inner_content_type, plaintext, &ciphertext, padding_); + EXPECT_TRUE(ok); + if (!ok) { + return KEEP; + } + *offset = header.Write(output, *offset, ciphertext); + return CHANGE; + } + + private: + size_t padding_; +}; + +TEST_P(TlsConnectTls13, RecordSizeExceedPad) { + EnsureTlsSetup(); + auto server_max = std::make_shared<TlsRecordMaximum>(server_); + auto server_expand = std::make_shared<TlsRecordPadder>(server_, 1); + server_->SetFilter(std::make_shared<ChainedPacketFilter>( + ChainedPacketFilterInit({server_max, server_expand}))); + server_expand->EnableDecryption(); + + client_->SetOption(SSL_RECORD_SIZE_LIMIT, 64); + Connect(); + + server_->SendData(100); + + client_->ExpectReadWriteError(); + ExpectAlert(client_, kTlsAlertRecordOverflow); + client_->ReadBytes(100); + EXPECT_EQ(SSL_ERROR_RX_RECORD_TOO_LONG, client_->error_code()); + + // Consume the alert at the server. + server_->Handshake(); + server_->CheckErrorCode(SSL_ERROR_RECORD_OVERFLOW_ALERT); +} + +TEST_P(TlsConnectGeneric, RecordSizeBadValues) { + EnsureTlsSetup(); + EXPECT_EQ(SECFailure, + SSL_OptionSet(client_->ssl_fd(), SSL_RECORD_SIZE_LIMIT, 63)); + EXPECT_EQ(SECFailure, + SSL_OptionSet(client_->ssl_fd(), SSL_RECORD_SIZE_LIMIT, -1)); + EXPECT_EQ(SECFailure, + SSL_OptionSet(server_->ssl_fd(), SSL_RECORD_SIZE_LIMIT, 16386)); + Connect(); +} + +TEST_P(TlsConnectGeneric, RecordSizeGetValues) { + EnsureTlsSetup(); + int v; + EXPECT_EQ(SECSuccess, + SSL_OptionGet(client_->ssl_fd(), SSL_RECORD_SIZE_LIMIT, &v)); + EXPECT_EQ(16385, v); + client_->SetOption(SSL_RECORD_SIZE_LIMIT, 300); + EXPECT_EQ(SECSuccess, + SSL_OptionGet(client_->ssl_fd(), SSL_RECORD_SIZE_LIMIT, &v)); + EXPECT_EQ(300, v); + Connect(); +} + +// The value of the extension is capped by the maximum version of the client. +TEST_P(TlsConnectGeneric, RecordSizeCapExtensionClient) { + EnsureTlsSetup(); + client_->SetOption(SSL_RECORD_SIZE_LIMIT, 16385); + auto capture = + MakeTlsFilter<TlsExtensionCapture>(client_, ssl_record_size_limit_xtn); + capture->EnableDecryption(); + Connect(); + + uint64_t val = 0; + EXPECT_TRUE(capture->extension().Read(0, 2, &val)); + if (version_ < SSL_LIBRARY_VERSION_TLS_1_3) { + EXPECT_EQ(16384U, val) << "Extension should be capped"; + } else { + EXPECT_EQ(16385U, val); + } +} + +// The value of the extension is capped by the maximum version of the server. +TEST_P(TlsConnectGeneric, RecordSizeCapExtensionServer) { + EnsureTlsSetup(); + server_->SetOption(SSL_RECORD_SIZE_LIMIT, 16385); + auto capture = + MakeTlsFilter<TlsExtensionCapture>(server_, ssl_record_size_limit_xtn); + capture->EnableDecryption(); + Connect(); + + uint64_t val = 0; + EXPECT_TRUE(capture->extension().Read(0, 2, &val)); + if (version_ < SSL_LIBRARY_VERSION_TLS_1_3) { + EXPECT_EQ(16384U, val) << "Extension should be capped"; + } else { + EXPECT_EQ(16385U, val); + } +} + +// Damage the client extension and the handshake fails, but the server +// doesn't generate a validation error. +TEST_P(TlsConnectGenericPre13, RecordSizeClientExtensionInvalid) { + EnsureTlsSetup(); + client_->SetOption(SSL_RECORD_SIZE_LIMIT, 1000); + static const uint8_t v[] = {0xf4, 0x1f}; + MakeTlsFilter<TlsExtensionReplacer>(client_, ssl_record_size_limit_xtn, + DataBuffer(v, sizeof(v))); + ConnectExpectAlert(server_, kTlsAlertDecryptError); +} + +// Special handling for TLS 1.3, where the alert isn't read. +TEST_F(TlsConnectStreamTls13, RecordSizeClientExtensionInvalid) { + EnsureTlsSetup(); + client_->SetOption(SSL_RECORD_SIZE_LIMIT, 1000); + static const uint8_t v[] = {0xf4, 0x1f}; + MakeTlsFilter<TlsExtensionReplacer>(client_, ssl_record_size_limit_xtn, + DataBuffer(v, sizeof(v))); + client_->ExpectSendAlert(kTlsAlertBadRecordMac); + server_->ExpectSendAlert(kTlsAlertBadRecordMac); + ConnectExpectFail(); +} + +TEST_P(TlsConnectGeneric, RecordSizeServerExtensionInvalid) { + EnsureTlsSetup(); + server_->SetOption(SSL_RECORD_SIZE_LIMIT, 1000); + static const uint8_t v[] = {0xf4, 0x1f}; + auto replace = MakeTlsFilter<TlsExtensionReplacer>( + server_, ssl_record_size_limit_xtn, DataBuffer(v, sizeof(v))); + replace->EnableDecryption(); + ConnectExpectAlert(client_, kTlsAlertIllegalParameter); +} + +class RecordSizeDefaultsTest : public ::testing::Test { + public: + void SetUp() { + EXPECT_EQ(SECSuccess, + SSL_OptionGetDefault(SSL_RECORD_SIZE_LIMIT, &default_)); + } + void TearDown() { + // Make sure to restore the default value at the end. + EXPECT_EQ(SECSuccess, + SSL_OptionSetDefault(SSL_RECORD_SIZE_LIMIT, default_)); + } + + private: + PRIntn default_ = 0; +}; + +TEST_F(RecordSizeDefaultsTest, RecordSizeBadValues) { + EXPECT_EQ(SECFailure, SSL_OptionSetDefault(SSL_RECORD_SIZE_LIMIT, 63)); + EXPECT_EQ(SECFailure, SSL_OptionSetDefault(SSL_RECORD_SIZE_LIMIT, -1)); + EXPECT_EQ(SECFailure, SSL_OptionSetDefault(SSL_RECORD_SIZE_LIMIT, 16386)); +} + +TEST_F(RecordSizeDefaultsTest, RecordSizeGetValue) { + int v; + EXPECT_EQ(SECSuccess, SSL_OptionGetDefault(SSL_RECORD_SIZE_LIMIT, &v)); + EXPECT_EQ(16385, v); + EXPECT_EQ(SECSuccess, SSL_OptionSetDefault(SSL_RECORD_SIZE_LIMIT, 3000)); + EXPECT_EQ(SECSuccess, SSL_OptionGetDefault(SSL_RECORD_SIZE_LIMIT, &v)); + EXPECT_EQ(3000, v); +} + +} // namespace nss_test diff --git a/security/nss/gtests/ssl_gtest/ssl_resumption_unittest.cc b/security/nss/gtests/ssl_gtest/ssl_resumption_unittest.cc index eb78c0585..2cc98a327 100644 --- a/security/nss/gtests/ssl_gtest/ssl_resumption_unittest.cc +++ b/security/nss/gtests/ssl_gtest/ssl_resumption_unittest.cc @@ -484,10 +484,8 @@ TEST_P(TlsConnectStream, TestResumptionOverrideCipher) { class SelectedVersionReplacer : public TlsHandshakeFilter { public: - SelectedVersionReplacer(const std::shared_ptr<TlsAgent>& agent, - uint16_t version) - : TlsHandshakeFilter(agent, {kTlsHandshakeServerHello}), - version_(version) {} + SelectedVersionReplacer(const std::shared_ptr<TlsAgent>& a, uint16_t version) + : TlsHandshakeFilter(a, {kTlsHandshakeServerHello}), version_(version) {} protected: PacketFilter::Action FilterHandshake(const HandshakeHeader& header, diff --git a/security/nss/gtests/ssl_gtest/ssl_skip_unittest.cc b/security/nss/gtests/ssl_gtest/ssl_skip_unittest.cc index e4a9e5aed..9ef19653b 100644 --- a/security/nss/gtests/ssl_gtest/ssl_skip_unittest.cc +++ b/security/nss/gtests/ssl_gtest/ssl_skip_unittest.cc @@ -22,11 +22,9 @@ namespace nss_test { class TlsHandshakeSkipFilter : public TlsRecordFilter { public: // A TLS record filter that skips handshake messages of the identified type. - TlsHandshakeSkipFilter(const std::shared_ptr<TlsAgent>& agent, + TlsHandshakeSkipFilter(const std::shared_ptr<TlsAgent>& a, uint8_t handshake_type) - : TlsRecordFilter(agent), - handshake_type_(handshake_type), - skipped_(false) {} + : TlsRecordFilter(a), handshake_type_(handshake_type), skipped_(false) {} protected: // Takes a record; if it is a handshake record, it removes the first handshake diff --git a/security/nss/gtests/ssl_gtest/ssl_staticrsa_unittest.cc b/security/nss/gtests/ssl_gtest/ssl_staticrsa_unittest.cc index e5fccc12b..ff4091b9a 100644 --- a/security/nss/gtests/ssl_gtest/ssl_staticrsa_unittest.cc +++ b/security/nss/gtests/ssl_gtest/ssl_staticrsa_unittest.cc @@ -21,6 +21,7 @@ extern "C" { #include "tls_connect.h" #include "tls_filter.h" #include "tls_parser.h" +#include "rsa8193.h" namespace nss_test { @@ -100,4 +101,39 @@ TEST_P(TlsConnectStreamPre13, Connect(); } +// Replace the server certificate with one that uses 8193-bit RSA. +class TooLargeRSACertFilter : public TlsHandshakeFilter { + public: + TooLargeRSACertFilter(const std::shared_ptr<TlsAgent> &server) + : TlsHandshakeFilter(server, {kTlsHandshakeCertificate}) {} + + protected: + virtual PacketFilter::Action FilterHandshake(const HandshakeHeader &header, + const DataBuffer &input, + DataBuffer *output) { + const uint32_t cert_len = sizeof(rsa8193); + const uint32_t outer_len = cert_len + 3; + size_t offset = 0; + offset = output->Write(offset, outer_len, 3); + offset = output->Write(offset, cert_len, 3); + offset = output->Write(offset, rsa8193, cert_len); + + return CHANGE; + } +}; + +TEST_P(TlsConnectGenericPre13, TooLargeRSAKeyInCert) { + EnableOnlyStaticRsaCiphers(); + MakeTlsFilter<TooLargeRSACertFilter>(server_); + ConnectExpectAlert(client_, kTlsAlertIllegalParameter); + client_->CheckErrorCode(SSL_ERROR_CLIENT_KEY_EXCHANGE_FAILURE); + server_->CheckErrorCode(SSL_ERROR_ILLEGAL_PARAMETER_ALERT); +} + +TEST_P(TlsConnectGeneric, ServerAuthBiggestRsa) { + Reset(TlsAgent::kRsa8192); + Connect(); + CheckKeys(); +} + } // namespace nss_test diff --git a/security/nss/gtests/ssl_gtest/ssl_tls13compat_unittest.cc b/security/nss/gtests/ssl_gtest/ssl_tls13compat_unittest.cc index f5ccf096b..42f1065f6 100644 --- a/security/nss/gtests/ssl_gtest/ssl_tls13compat_unittest.cc +++ b/security/nss/gtests/ssl_gtest/ssl_tls13compat_unittest.cc @@ -214,6 +214,98 @@ TEST_F(Tls13CompatTest, EnabledHrrZeroRtt) { CheckForCompatHandshake(); } +class TlsSessionIDEchoFilter : public TlsHandshakeFilter { + public: + TlsSessionIDEchoFilter(const std::shared_ptr<TlsAgent>& a) + : TlsHandshakeFilter( + a, {kTlsHandshakeClientHello, kTlsHandshakeServerHello}) {} + + protected: + virtual PacketFilter::Action FilterHandshake(const HandshakeHeader& header, + const DataBuffer& input, + DataBuffer* output) { + TlsParser parser(input); + + // Skip version + random. + EXPECT_TRUE(parser.Skip(2 + 32)); + + // Capture CH.legacy_session_id. + if (header.handshake_type() == kTlsHandshakeClientHello) { + EXPECT_TRUE(parser.ReadVariable(&sid_, 1)); + return KEEP; + } + + // Check that server sends one too. + uint32_t sid_len = 0; + EXPECT_TRUE(parser.Read(&sid_len, 1)); + EXPECT_EQ(sid_len, sid_.len()); + + // Echo the one we captured. + *output = input; + output->Write(parser.consumed(), sid_.data(), sid_.len()); + + return CHANGE; + } + + private: + DataBuffer sid_; +}; + +TEST_F(TlsConnectTest, EchoTLS13CompatibilitySessionID) { + ConfigureSessionCache(RESUME_SESSIONID, RESUME_SESSIONID); + + client_->SetOption(SSL_ENABLE_TLS13_COMPAT_MODE, PR_TRUE); + + client_->SetVersionRange(SSL_LIBRARY_VERSION_TLS_1_2, + SSL_LIBRARY_VERSION_TLS_1_3); + + server_->SetVersionRange(SSL_LIBRARY_VERSION_TLS_1_2, + SSL_LIBRARY_VERSION_TLS_1_2); + + server_->SetFilter(MakeTlsFilter<TlsSessionIDEchoFilter>(client_)); + ConnectExpectAlert(client_, kTlsAlertIllegalParameter); + + client_->CheckErrorCode(SSL_ERROR_RX_MALFORMED_SERVER_HELLO); + server_->CheckErrorCode(SSL_ERROR_ILLEGAL_PARAMETER_ALERT); +} + +class TlsSessionIDInjectFilter : public TlsHandshakeFilter { + public: + TlsSessionIDInjectFilter(const std::shared_ptr<TlsAgent>& a) + : TlsHandshakeFilter(a, {kTlsHandshakeServerHello}) {} + + protected: + virtual PacketFilter::Action FilterHandshake(const HandshakeHeader& header, + const DataBuffer& input, + DataBuffer* output) { + TlsParser parser(input); + + // Skip version + random. + EXPECT_TRUE(parser.Skip(2 + 32)); + + *output = input; + + // Inject a Session ID. + const uint8_t fake_sid[SSL3_SESSIONID_BYTES] = {0xff}; + output->Write(parser.consumed(), sizeof(fake_sid), 1); + output->Splice(fake_sid, sizeof(fake_sid), parser.consumed() + 1, 0); + + return CHANGE; + } +}; + +TEST_F(TlsConnectTest, TLS13NonCompatModeSessionID) { + ConfigureVersion(SSL_LIBRARY_VERSION_TLS_1_3); + + MakeTlsFilter<TlsSessionIDInjectFilter>(server_); + client_->ExpectSendAlert(kTlsAlertIllegalParameter); + server_->ExpectSendAlert(kTlsAlertBadRecordMac); + ConnectExpectFail(); + + client_->CheckErrorCode(SSL_ERROR_RX_MALFORMED_SERVER_HELLO); + server_->CheckErrorCode(SSL_ERROR_BAD_MAC_READ); +} + static const uint8_t kCannedCcs[] = { kTlsChangeCipherSpecType, SSL_LIBRARY_VERSION_TLS_1_2 >> 8, diff --git a/security/nss/gtests/ssl_gtest/ssl_versionpolicy_unittest.cc b/security/nss/gtests/ssl_gtest/ssl_versionpolicy_unittest.cc index 7f3c4a896..09d7801e9 100644 --- a/security/nss/gtests/ssl_gtest/ssl_versionpolicy_unittest.cc +++ b/security/nss/gtests/ssl_gtest/ssl_versionpolicy_unittest.cc @@ -50,12 +50,12 @@ inline std::ostream& operator<<(std::ostream& stream, class VersionRangeWithLabel { public: - VersionRangeWithLabel(const std::string& label, const SSLVersionRange& vr) - : label_(label), vr_(vr) {} - VersionRangeWithLabel(const std::string& label, uint16_t min, uint16_t max) - : label_(label) { - vr_.min = min; - vr_.max = max; + VersionRangeWithLabel(const std::string& txt, const SSLVersionRange& vr) + : label_(txt), vr_(vr) {} + VersionRangeWithLabel(const std::string& txt, uint16_t start, uint16_t end) + : label_(txt) { + vr_.min = start; + vr_.max = end; } VersionRangeWithLabel(const std::string& label) : label_(label) { vr_.min = vr_.max = SSL_LIBRARY_VERSION_NONE; diff --git a/security/nss/gtests/ssl_gtest/test_io.cc b/security/nss/gtests/ssl_gtest/test_io.cc index 728217851..d76b3526c 100644 --- a/security/nss/gtests/ssl_gtest/test_io.cc +++ b/security/nss/gtests/ssl_gtest/test_io.cc @@ -99,8 +99,8 @@ int32_t DummyPrSocket::Write(PRFileDesc *f, const void *buf, int32_t length) { return -1; } - auto peer = peer_.lock(); - if (!peer) { + auto dst = peer_.lock(); + if (!dst) { PR_SetError(PR_IO_ERROR, 0); return -1; } @@ -116,14 +116,14 @@ int32_t DummyPrSocket::Write(PRFileDesc *f, const void *buf, int32_t length) { case PacketFilter::CHANGE: LOG("Original packet: " << packet); LOG("Filtered packet: " << filtered); - peer->PacketReceived(filtered); + dst->PacketReceived(filtered); break; case PacketFilter::DROP: LOG("Droppped packet: " << packet); break; case PacketFilter::KEEP: LOGV("Packet: " << packet); - peer->PacketReceived(packet); + dst->PacketReceived(packet); break; } // libssl can't handle it if this reports something other than the length diff --git a/security/nss/gtests/ssl_gtest/test_io.h b/security/nss/gtests/ssl_gtest/test_io.h index dbeb6b9d4..8327373ce 100644 --- a/security/nss/gtests/ssl_gtest/test_io.h +++ b/security/nss/gtests/ssl_gtest/test_io.h @@ -59,9 +59,9 @@ class PacketFilter { class DummyPrSocket : public DummyIOLayerMethods { public: - DummyPrSocket(const std::string& name, SSLProtocolVariant variant) + DummyPrSocket(const std::string& name, SSLProtocolVariant var) : name_(name), - variant_(variant), + variant_(var), peer_(), input_(), filter_(nullptr), @@ -73,7 +73,7 @@ class DummyPrSocket : public DummyIOLayerMethods { ScopedPRFileDesc CreateFD(); std::weak_ptr<DummyPrSocket>& peer() { return peer_; } - void SetPeer(const std::shared_ptr<DummyPrSocket>& peer) { peer_ = peer; } + void SetPeer(const std::shared_ptr<DummyPrSocket>& p) { peer_ = p; } void SetPacketFilter(const std::shared_ptr<PacketFilter>& filter) { filter_ = filter; } diff --git a/security/nss/gtests/ssl_gtest/tls_agent.cc b/security/nss/gtests/ssl_gtest/tls_agent.cc index 2f71caedb..9bed1ce1b 100644 --- a/security/nss/gtests/ssl_gtest/tls_agent.cc +++ b/security/nss/gtests/ssl_gtest/tls_agent.cc @@ -33,6 +33,7 @@ const char* TlsAgent::states[] = {"INIT", "CONNECTING", "CONNECTED", "ERROR"}; const std::string TlsAgent::kClient = "client"; // both sign and encrypt const std::string TlsAgent::kRsa2048 = "rsa2048"; // bigger +const std::string TlsAgent::kRsa8192 = "rsa8192"; // biggest allowed const std::string TlsAgent::kServerRsa = "rsa"; // both sign and encrypt const std::string TlsAgent::kServerRsaSign = "rsa_sign"; const std::string TlsAgent::kServerRsaPss = "rsa_pss"; @@ -44,13 +45,22 @@ const std::string TlsAgent::kServerEcdhRsa = "ecdh_rsa"; const std::string TlsAgent::kServerEcdhEcdsa = "ecdh_ecdsa"; const std::string TlsAgent::kServerDsa = "dsa"; -TlsAgent::TlsAgent(const std::string& name, Role role, - SSLProtocolVariant variant) - : name_(name), - variant_(variant), - role_(role), +static const uint8_t kCannedTls13ServerHello[] = { + 0x03, 0x03, 0x9c, 0xbc, 0x14, 0x9b, 0x0e, 0x2e, 0xfa, 0x0d, 0xf3, + 0xf0, 0x5c, 0x70, 0x7a, 0xe0, 0xd1, 0x9b, 0x3e, 0x5a, 0x44, 0x6b, + 0xdf, 0xe5, 0xc2, 0x28, 0x64, 0xf7, 0x00, 0xc1, 0x9c, 0x08, 0x76, + 0x08, 0x00, 0x13, 0x01, 0x00, 0x00, 0x2e, 0x00, 0x33, 0x00, 0x24, + 0x00, 0x1d, 0x00, 0x20, 0xc2, 0xcf, 0x23, 0x17, 0x64, 0x23, 0x03, + 0xf0, 0xfb, 0x45, 0x98, 0x26, 0xd1, 0x65, 0x24, 0xa1, 0x6c, 0xa9, + 0x80, 0x8f, 0x2c, 0xac, 0x0a, 0xea, 0x53, 0x3a, 0xcb, 0xe3, 0x08, + 0x84, 0xae, 0x19, 0x00, 0x2b, 0x00, 0x02, 0x7f, kD13}; + +TlsAgent::TlsAgent(const std::string& nm, Role rl, SSLProtocolVariant var) + : name_(nm), + variant_(var), + role_(rl), server_key_bits_(0), - adapter_(new DummyPrSocket(role_str(), variant)), + adapter_(new DummyPrSocket(role_str(), var)), ssl_fd_(nullptr), state_(STATE_INIT), timer_handle_(nullptr), @@ -103,11 +113,11 @@ TlsAgent::~TlsAgent() { } } -void TlsAgent::SetState(State state) { - if (state_ == state) return; +void TlsAgent::SetState(State s) { + if (state_ == s) return; - LOG("Changing state from " << state_ << " to " << state); - state_ = state; + LOG("Changing state from " << state_ << " to " << s); + state_ = s; } /*static*/ bool TlsAgent::LoadCertificate(const std::string& name, @@ -124,11 +134,11 @@ void TlsAgent::SetState(State state) { return true; } -bool TlsAgent::ConfigServerCert(const std::string& name, bool updateKeyBits, +bool TlsAgent::ConfigServerCert(const std::string& id, bool updateKeyBits, const SSLExtraServerCertData* serverCertData) { ScopedCERTCertificate cert; ScopedSECKEYPrivateKey priv; - if (!TlsAgent::LoadCertificate(name, &cert, &priv)) { + if (!TlsAgent::LoadCertificate(id, &cert, &priv)) { return false; } @@ -175,6 +185,10 @@ bool TlsAgent::EnsureTlsSetup(PRFileDesc* modelSocket) { if (rv != SECSuccess) return false; } + ScopedCERTCertList anchors(CERT_NewCertList()); + rv = SSL_SetTrustAnchors(ssl_fd(), anchors.get()); + if (rv != SECSuccess) return false; + if (role_ == SERVER) { EXPECT_TRUE(ConfigServerCert(name_, true)); @@ -182,10 +196,6 @@ bool TlsAgent::EnsureTlsSetup(PRFileDesc* modelSocket) { EXPECT_EQ(SECSuccess, rv); if (rv != SECSuccess) return false; - ScopedCERTCertList anchors(CERT_NewCertList()); - rv = SSL_SetTrustAnchors(ssl_fd(), anchors.get()); - if (rv != SECSuccess) return false; - rv = SSL_SetMaxEarlyDataSize(ssl_fd(), 1024); EXPECT_EQ(SECSuccess, rv); if (rv != SECSuccess) return false; @@ -246,6 +256,17 @@ void TlsAgent::SetupClientAuth() { reinterpret_cast<void*>(this))); } +void CheckCertReqAgainstDefaultCAs(const CERTDistNames* caNames) { + ScopedCERTDistNames expected(CERT_GetSSLCACerts(nullptr)); + + ASSERT_EQ(expected->nnames, caNames->nnames); + + for (size_t i = 0; i < static_cast<size_t>(expected->nnames); ++i) { + EXPECT_EQ(SECEqual, + SECITEM_CompareItem(&(expected->names[i]), &(caNames->names[i]))); + } +} + SECStatus TlsAgent::GetClientAuthDataHook(void* self, PRFileDesc* fd, CERTDistNames* caNames, CERTCertificate** clientCert, @@ -254,6 +275,9 @@ SECStatus TlsAgent::GetClientAuthDataHook(void* self, PRFileDesc* fd, ScopedCERTCertificate peerCert(SSL_PeerCertificate(agent->ssl_fd())); EXPECT_TRUE(peerCert) << "Client should be able to see the server cert"; + // See bug 1457716 + // CheckCertReqAgainstDefaultCAs(caNames); + ScopedCERTCertificate cert; ScopedSECKEYPrivateKey priv; if (!TlsAgent::LoadCertificate(agent->name(), &cert, &priv)) { @@ -282,8 +306,8 @@ bool TlsAgent::GetPeerChainLength(size_t* count) { return true; } -void TlsAgent::CheckCipherSuite(uint16_t cipher_suite) { - EXPECT_EQ(csinfo_.cipherSuite, cipher_suite); +void TlsAgent::CheckCipherSuite(uint16_t suite) { + EXPECT_EQ(csinfo_.cipherSuite, suite); } void TlsAgent::RequestClientAuth(bool requireAuth) { @@ -442,9 +466,7 @@ void TlsAgent::GetVersionRange(uint16_t* minver, uint16_t* maxver) { *maxver = vrange_.max; } -void TlsAgent::SetExpectedVersion(uint16_t version) { - expected_version_ = version; -} +void TlsAgent::SetExpectedVersion(uint16_t ver) { expected_version_ = ver; } void TlsAgent::SetServerKeyBits(uint16_t bits) { server_key_bits_ = bits; } @@ -491,10 +513,10 @@ void TlsAgent::SetSignatureSchemes(const SSLSignatureScheme* schemes, EXPECT_EQ(i, configuredCount) << "schemes in use were all set"; } -void TlsAgent::CheckKEA(SSLKEAType kea_type, SSLNamedGroup kea_group, +void TlsAgent::CheckKEA(SSLKEAType kea, SSLNamedGroup kea_group, size_t kea_size) const { EXPECT_EQ(STATE_CONNECTED, state_); - EXPECT_EQ(kea_type, info_.keaType); + EXPECT_EQ(kea, info_.keaType); if (kea_size == 0) { switch (kea_group) { case ssl_grp_ec_curve25519: @@ -515,7 +537,7 @@ void TlsAgent::CheckKEA(SSLKEAType kea_type, SSLNamedGroup kea_group, case ssl_grp_ffdhe_custom: break; default: - if (kea_type == ssl_kea_rsa) { + if (kea == ssl_kea_rsa) { kea_size = server_key_bits_; } else { EXPECT_TRUE(false) << "need to update group sizes"; @@ -534,13 +556,13 @@ void TlsAgent::CheckOriginalKEA(SSLNamedGroup kea_group) const { } } -void TlsAgent::CheckAuthType(SSLAuthType auth_type, +void TlsAgent::CheckAuthType(SSLAuthType auth, SSLSignatureScheme sig_scheme) const { EXPECT_EQ(STATE_CONNECTED, state_); - EXPECT_EQ(auth_type, info_.authType); + EXPECT_EQ(auth, info_.authType); EXPECT_EQ(server_key_bits_, info_.authKeyBits); if (expected_version_ < SSL_LIBRARY_VERSION_TLS_1_2) { - switch (auth_type) { + switch (auth) { case ssl_auth_rsa_sign: sig_scheme = ssl_sig_rsa_pkcs1_sha1md5; break; @@ -558,9 +580,8 @@ void TlsAgent::CheckAuthType(SSLAuthType auth_type, } // Check authAlgorithm, which is the old value for authType. This is a second - // switch - // statement because default label is different. - switch (auth_type) { + // switch statement because default label is different. + switch (auth) { case ssl_auth_rsa_sign: EXPECT_EQ(ssl_auth_rsa_decrypt, csinfo_.authAlgorithm) << "authAlgorithm for RSA is always decrypt"; @@ -574,7 +595,7 @@ void TlsAgent::CheckAuthType(SSLAuthType auth_type, << "authAlgorithm for ECDH_ECDSA is ECDSA (i.e., wrong)"; break; default: - EXPECT_EQ(auth_type, csinfo_.authAlgorithm) + EXPECT_EQ(auth, csinfo_.authAlgorithm) << "authAlgorithm is (usually) the same as authType"; break; } @@ -593,22 +614,20 @@ void TlsAgent::ExpectResumption() { expect_resumption_ = true; } void TlsAgent::EnableAlpn(const uint8_t* val, size_t len) { EXPECT_TRUE(EnsureTlsSetup()); - - SetOption(SSL_ENABLE_ALPN, PR_TRUE); EXPECT_EQ(SECSuccess, SSL_SetNextProtoNego(ssl_fd(), val, len)); } void TlsAgent::CheckAlpn(SSLNextProtoState expected_state, const std::string& expected) const { - SSLNextProtoState state; + SSLNextProtoState alpn_state; char chosen[10]; unsigned int chosen_len; - SECStatus rv = SSL_GetNextProto(ssl_fd(), &state, + SECStatus rv = SSL_GetNextProto(ssl_fd(), &alpn_state, reinterpret_cast<unsigned char*>(chosen), &chosen_len, sizeof(chosen)); EXPECT_EQ(SECSuccess, rv); - EXPECT_EQ(expected_state, state); - if (state == SSL_NEXT_PROTO_NO_SUPPORT) { + EXPECT_EQ(expected_state, alpn_state); + if (alpn_state == SSL_NEXT_PROTO_NO_SUPPORT) { EXPECT_EQ("", expected); } else { EXPECT_NE("", expected); @@ -840,10 +859,10 @@ void TlsAgent::CheckSecretsDestroyed() { ASSERT_EQ(PR_TRUE, SSLInt_CheckSecretsDestroyed(ssl_fd())); } -void TlsAgent::SetDowngradeCheckVersion(uint16_t version) { +void TlsAgent::SetDowngradeCheckVersion(uint16_t ver) { ASSERT_TRUE(EnsureTlsSetup()); - SECStatus rv = SSL_SetDowngradeCheckVersion(ssl_fd(), version); + SECStatus rv = SSL_SetDowngradeCheckVersion(ssl_fd(), ver); ASSERT_EQ(SECSuccess, rv); } @@ -920,9 +939,9 @@ static bool ErrorIsNonFatal(PRErrorCode code) { } void TlsAgent::SendData(size_t bytes, size_t blocksize) { - uint8_t block[4096]; + uint8_t block[16385]; // One larger than the maximum record size. - ASSERT_LT(blocksize, sizeof(block)); + ASSERT_LE(blocksize, sizeof(block)); while (bytes) { size_t tosend = std::min(blocksize, bytes); @@ -951,12 +970,13 @@ void TlsAgent::SendBuffer(const DataBuffer& buf) { } bool TlsAgent::SendEncryptedRecord(const std::shared_ptr<TlsCipherSpec>& spec, - uint16_t wireVersion, uint64_t seq, - uint8_t ct, const DataBuffer& buf) { - LOGV("Writing " << buf.len() << " bytes"); - // Ensure we are a TLS 1.3 cipher agent. + uint64_t seq, uint8_t ct, + const DataBuffer& buf) { + LOGV("Encrypting " << buf.len() << " bytes"); + // Ensure that we are doing TLS 1.3. EXPECT_GE(expected_version_, SSL_LIBRARY_VERSION_TLS_1_3); - TlsRecordHeader header(wireVersion, kTlsApplicationDataType, seq); + TlsRecordHeader header(variant_, expected_version_, kTlsApplicationDataType, + seq); DataBuffer padded = buf; padded.Write(padded.len(), ct, 1); DataBuffer ciphertext; @@ -1078,15 +1098,20 @@ void TlsAgentTestBase::ProcessMessage(const DataBuffer& buffer, void TlsAgentTestBase::MakeRecord(SSLProtocolVariant variant, uint8_t type, uint16_t version, const uint8_t* buf, size_t len, DataBuffer* out, - uint64_t seq_num) { + uint64_t sequence_number) { size_t index = 0; index = out->Write(index, type, 1); if (variant == ssl_variant_stream) { index = out->Write(index, version, 2); + } else if (version >= SSL_LIBRARY_VERSION_TLS_1_3 && + type == kTlsApplicationDataType) { + uint32_t epoch = (sequence_number >> 48) & 0x3; + uint32_t seqno = sequence_number & ((1ULL << 30) - 1); + index = out->Write(index, (epoch << 30) | seqno, 4); } else { index = out->Write(index, TlsVersionToDtlsVersion(version), 2); - index = out->Write(index, seq_num >> 32, 4); - index = out->Write(index, seq_num & PR_UINT32_MAX, 4); + index = out->Write(index, sequence_number >> 32, 4); + index = out->Write(index, sequence_number & PR_UINT32_MAX, 4); } index = out->Write(index, len, 2); out->Write(index, buf, len); @@ -1144,4 +1169,12 @@ void TlsAgentTestBase::MakeTrivialHandshakeRecord(uint8_t hs_type, } } +DataBuffer TlsAgentTestBase::MakeCannedTls13ServerHello() { + DataBuffer sh(kCannedTls13ServerHello, sizeof(kCannedTls13ServerHello)); + if (variant_ == ssl_variant_datagram) { + sh.Write(0, SSL_LIBRARY_VERSION_DTLS_1_2_WIRE, 2); + } + return sh; +} + } // namespace nss_test diff --git a/security/nss/gtests/ssl_gtest/tls_agent.h b/security/nss/gtests/ssl_gtest/tls_agent.h index 6cd6d5073..a93d0c6ee 100644 --- a/security/nss/gtests/ssl_gtest/tls_agent.h +++ b/security/nss/gtests/ssl_gtest/tls_agent.h @@ -10,6 +10,9 @@ #include "prio.h" #include "ssl.h" +// This is an internal header, used to get TLS_1_3_DRAFT_VERSION. +#include "ssl3prot.h" + #include <functional> #include <iostream> @@ -57,6 +60,8 @@ typedef std::function<int32_t(TlsAgent* agent, const SECItem* srvNameArr, PRUint32 srvNameArrSize)> SniCallbackFunction; +static const uint8_t kD13 = TLS_1_3_DRAFT_VERSION; + class TlsAgent : public PollTarget { public: enum Role { CLIENT, SERVER }; @@ -64,6 +69,7 @@ class TlsAgent : public PollTarget { static const std::string kClient; // the client key is sign only static const std::string kRsa2048; // bigger sign and encrypt for either + static const std::string kRsa8192; // biggest sign and encrypt for either static const std::string kServerRsa; // both sign and encrypt static const std::string kServerRsaSign; static const std::string kServerRsaPss; @@ -143,8 +149,7 @@ class TlsAgent : public PollTarget { void SendData(size_t bytes, size_t blocksize = 1024); void SendBuffer(const DataBuffer& buf); bool SendEncryptedRecord(const std::shared_ptr<TlsCipherSpec>& spec, - uint16_t wireVersion, uint64_t seq, uint8_t ct, - const DataBuffer& buf); + uint64_t seq, uint8_t ct, const DataBuffer& buf); // Send data directly to the underlying socket, skipping the TLS layer. void SendDirect(const DataBuffer& buf); void SendRecordDirect(const TlsRecord& record); @@ -209,10 +214,10 @@ class TlsAgent : public PollTarget { return info_.protocolVersion; } - bool cipher_suite(uint16_t* cipher_suite) const { + bool cipher_suite(uint16_t* suite) const { if (state_ != STATE_CONNECTED) return false; - *cipher_suite = info_.cipherSuite; + *suite = info_.cipherSuite; return true; } @@ -227,17 +232,17 @@ class TlsAgent : public PollTarget { info_.sessionID + info_.sessionIDLength); } - bool auth_type(SSLAuthType* auth_type) const { + bool auth_type(SSLAuthType* a) const { if (state_ != STATE_CONNECTED) return false; - *auth_type = info_.authType; + *a = info_.authType; return true; } - bool kea_type(SSLKEAType* kea_type) const { + bool kea_type(SSLKEAType* k) const { if (state_ != STATE_CONNECTED) return false; - *kea_type = info_.keaType; + *k = info_.keaType; return true; } @@ -264,6 +269,8 @@ class TlsAgent : public PollTarget { void ExpectReceiveAlert(uint8_t alert, uint8_t level = 0); void ExpectSendAlert(uint8_t alert, uint8_t level = 0); + std::string alpn_value_to_use_ = ""; + private: const static char* states[]; @@ -443,6 +450,7 @@ class TlsAgentTestBase : public ::testing::Test { size_t hs_len, DataBuffer* out, uint64_t seq_num, uint32_t fragment_offset, uint32_t fragment_length) const; + DataBuffer MakeCannedTls13ServerHello(); static void MakeTrivialHandshakeRecord(uint8_t hs_type, size_t hs_len, DataBuffer* out); static inline TlsAgent::Role ToRole(const std::string& str) { diff --git a/security/nss/gtests/ssl_gtest/tls_connect.cc b/security/nss/gtests/ssl_gtest/tls_connect.cc index 8567b392f..68f6d21e9 100644 --- a/security/nss/gtests/ssl_gtest/tls_connect.cc +++ b/security/nss/gtests/ssl_gtest/tls_connect.cc @@ -571,14 +571,57 @@ void TlsConnectTestBase::CheckResumption(SessionResumptionMode expected) { } } +static SECStatus NextProtoCallbackServer(void* arg, PRFileDesc* fd, + const unsigned char* protos, + unsigned int protos_len, + unsigned char* protoOut, + unsigned int* protoOutLen, + unsigned int protoMaxLen) { + EXPECT_EQ(protoMaxLen, 255U); + TlsAgent* agent = reinterpret_cast<TlsAgent*>(arg); + // Check that agent->alpn_value_to_use_ is in protos. + if (protos_len < 1) { + return SECFailure; + } + for (size_t i = 0; i < protos_len;) { + size_t l = protos[i]; + EXPECT_LT(i + l, protos_len); + if (i + l >= protos_len) { + return SECFailure; + } + std::string protos_s(reinterpret_cast<const char*>(protos + i + 1), l); + if (protos_s == agent->alpn_value_to_use_) { + size_t s_len = agent->alpn_value_to_use_.size(); + EXPECT_LE(s_len, 255U); + memcpy(protoOut, &agent->alpn_value_to_use_[0], s_len); + *protoOutLen = s_len; + return SECSuccess; + } + i += l + 1; + } + return SECFailure; +} + void TlsConnectTestBase::EnableAlpn() { client_->EnableAlpn(alpn_dummy_val_, sizeof(alpn_dummy_val_)); server_->EnableAlpn(alpn_dummy_val_, sizeof(alpn_dummy_val_)); } -void TlsConnectTestBase::EnableAlpn(const uint8_t* val, size_t len) { - client_->EnableAlpn(val, len); - server_->EnableAlpn(val, len); +void TlsConnectTestBase::EnableAlpnWithCallback( + const std::vector<uint8_t>& client_vals, std::string server_choice) { + EnsureTlsSetup(); + server_->alpn_value_to_use_ = server_choice; + EXPECT_EQ(SECSuccess, + SSL_SetNextProtoNego(client_->ssl_fd(), client_vals.data(), + client_vals.size())); + SECStatus rv = SSL_SetNextProtoCallback( + server_->ssl_fd(), NextProtoCallbackServer, server_.get()); + EXPECT_EQ(SECSuccess, rv); +} + +void TlsConnectTestBase::EnableAlpn(const std::vector<uint8_t>& vals) { + client_->EnableAlpn(vals.data(), vals.size()); + server_->EnableAlpn(vals.data(), vals.size()); } void TlsConnectTestBase::EnsureModelSockets() { diff --git a/security/nss/gtests/ssl_gtest/tls_connect.h b/security/nss/gtests/ssl_gtest/tls_connect.h index 7dffe7f8a..000494501 100644 --- a/security/nss/gtests/ssl_gtest/tls_connect.h +++ b/security/nss/gtests/ssl_gtest/tls_connect.h @@ -110,7 +110,9 @@ class TlsConnectTestBase : public ::testing::Test { void ConfigureSessionCache(SessionResumptionMode client, SessionResumptionMode server); void EnableAlpn(); - void EnableAlpn(const uint8_t* val, size_t len); + void EnableAlpnWithCallback(const std::vector<uint8_t>& client, + std::string server_choice); + void EnableAlpn(const std::vector<uint8_t>& vals); void EnsureModelSockets(); void CheckAlpn(const std::string& val); void EnableSrtp(); diff --git a/security/nss/gtests/ssl_gtest/tls_filter.cc b/security/nss/gtests/ssl_gtest/tls_filter.cc index d34b13bcb..aa03cba70 100644 --- a/security/nss/gtests/ssl_gtest/tls_filter.cc +++ b/security/nss/gtests/ssl_gtest/tls_filter.cc @@ -30,11 +30,9 @@ void TlsVersioned::WriteStream(std::ostream& stream) const { case SSL_LIBRARY_VERSION_TLS_1_0: stream << "1.0"; break; - case SSL_LIBRARY_VERSION_DTLS_1_0_WIRE: case SSL_LIBRARY_VERSION_TLS_1_1: stream << (is_dtls() ? "1.0" : "1.1"); break; - case SSL_LIBRARY_VERSION_DTLS_1_2_WIRE: case SSL_LIBRARY_VERSION_TLS_1_2: stream << "1.2"; break; @@ -67,8 +65,14 @@ void TlsRecordFilter::CipherSpecChanged(void* arg, PRBool sending, return; } - self->in_sequence_number_ = 0; - self->out_sequence_number_ = 0; + uint64_t seq_no; + if (self->agent()->variant() == ssl_variant_datagram) { + seq_no = static_cast<uint64_t>(SSLInt_CipherSpecToEpoch(newSpec)) << 48; + } else { + seq_no = 0; + } + self->in_sequence_number_ = seq_no; + self->out_sequence_number_ = seq_no; self->dropped_record_ = false; self->cipher_spec_.reset(new TlsCipherSpec()); bool ret = self->cipher_spec_->Init( @@ -77,33 +81,59 @@ void TlsRecordFilter::CipherSpecChanged(void* arg, PRBool sending, EXPECT_EQ(true, ret); } +bool TlsRecordFilter::is_dtls13() const { + if (agent()->variant() != ssl_variant_datagram) { + return false; + } + if (agent()->state() == TlsAgent::STATE_CONNECTED) { + return agent()->version() >= SSL_LIBRARY_VERSION_TLS_1_3; + } + SSLPreliminaryChannelInfo info; + EXPECT_EQ(SECSuccess, SSL_GetPreliminaryChannelInfo(agent()->ssl_fd(), &info, + sizeof(info))); + return (info.protocolVersion >= SSL_LIBRARY_VERSION_TLS_1_3) || + info.canSendEarlyData; +} + PacketFilter::Action TlsRecordFilter::Filter(const DataBuffer& input, DataBuffer* output) { + // Disable during shutdown. + if (!agent()) { + return KEEP; + } + bool changed = false; size_t offset = 0U; - output->Allocate(input.len()); + output->Allocate(input.len()); TlsParser parser(input); while (parser.remaining()) { TlsRecordHeader header; DataBuffer record; - if (!header.Parse(in_sequence_number_, &parser, &record)) { + if (!header.Parse(is_dtls13(), in_sequence_number_, &parser, &record)) { ADD_FAILURE() << "not a valid record"; return KEEP; } - // Track the sequence number, which is necessary for stream mode (the - // sequence number is in the header for datagram). + // Track the sequence number, which is necessary for stream mode when + // decrypting and for TLS 1.3 datagram to recover the sequence number. + // + // We reset the counter when the cipher spec changes, but that notification + // appears before a record is sent. If multiple records are sent with + // different cipher specs, this would fail. This filters out cleartext + // records, so we don't get confused by handshake messages that are sent at + // the same time as encrypted records. Sequence numbers are therefore + // likely to be incorrect for cleartext records. // - // This isn't perfectly robust. If there is a change from an active cipher + // This isn't perfectly robust: if there is a change from an active cipher // spec to another active cipher spec (KeyUpdate for instance) AND writes - // are consolidated across that change AND packets were dropped from the - // older epoch, we will not correctly re-encrypt records in the old epoch to - // update their sequence numbers. - if (cipher_spec_ && header.content_type() == kTlsApplicationDataType) { - ++in_sequence_number_; + // are consolidated across that change, this code could use the wrong + // sequence numbers when re-encrypting records with the old keys. + if (header.content_type() == kTlsApplicationDataType) { + in_sequence_number_ = + (std::max)(in_sequence_number_, header.sequence_number() + 1); } if (FilterRecord(header, record, &offset, output) != KEEP) { @@ -131,11 +161,14 @@ PacketFilter::Action TlsRecordFilter::FilterRecord( DataBuffer plaintext; if (!Unprotect(header, record, &inner_content_type, &plaintext)) { + if (g_ssl_gtest_verbose) { + std::cerr << "unprotect failed: " << header << ":" << record << std::endl; + } return KEEP; } - TlsRecordHeader real_header = {header.version(), inner_content_type, - header.sequence_number()}; + TlsRecordHeader real_header(header.variant(), header.version(), + inner_content_type, header.sequence_number()); PacketFilter::Action action = FilterRecord(real_header, plaintext, &filtered); // In stream mode, even if something doesn't change we need to re-encrypt if @@ -166,8 +199,8 @@ PacketFilter::Action TlsRecordFilter::FilterRecord( } else { seq_num = out_sequence_number_++; } - TlsRecordHeader out_header = {header.version(), header.content_type(), - seq_num}; + TlsRecordHeader out_header(header.variant(), header.version(), + header.content_type(), seq_num); DataBuffer ciphertext; bool rv = Protect(out_header, inner_content_type, filtered, &ciphertext); @@ -179,20 +212,119 @@ PacketFilter::Action TlsRecordFilter::FilterRecord( return CHANGE; } -bool TlsRecordHeader::Parse(uint64_t sequence_number, TlsParser* parser, +size_t TlsRecordHeader::header_length() const { + // If we have a header, return it's length. + if (header_.len()) { + return header_.len(); + } + + // Otherwise make a dummy header and return the length. + DataBuffer buf; + return WriteHeader(&buf, 0, 0); +} + +uint64_t TlsRecordHeader::RecoverSequenceNumber(uint64_t expected, + uint32_t partial, + size_t partial_bits) { + EXPECT_GE(32U, partial_bits); + uint64_t mask = (1 << partial_bits) - 1; + // First we determine the highest possible value. This is half the + // expressible range above the expected value. + uint64_t cap = expected + (1ULL << (partial_bits - 1)); + // Add the partial piece in. e.g., xxxx789a and 1234 becomes xxxx1234. + uint64_t seq_no = (cap & ~mask) | partial; + // If the partial value is higher than the same partial piece from the cap, + // then the real value has to be lower. e.g., xxxx1234 can't become xxxx5678. + if (partial > (cap & mask)) { + seq_no -= 1ULL << partial_bits; + } + return seq_no; +} + +// Determine the full epoch and sequence number from an expected and raw value. +// The expected and output values are packed as they are in DTLS 1.2 and +// earlier: with 16 bits of epoch and 48 bits of sequence number. +uint64_t TlsRecordHeader::ParseSequenceNumber(uint64_t expected, uint32_t raw, + size_t seq_no_bits, + size_t epoch_bits) { + uint64_t epoch_mask = (1ULL << epoch_bits) - 1; + uint64_t epoch = RecoverSequenceNumber( + expected >> 48, (raw >> seq_no_bits) & epoch_mask, epoch_bits); + if (epoch > (expected >> 48)) { + // If the epoch has changed, reset the expected sequence number. + expected = 0; + } else { + // Otherwise, retain just the sequence number part. + expected &= (1ULL << 48) - 1; + } + uint64_t seq_no_mask = (1ULL << seq_no_bits) - 1; + uint64_t seq_no = + RecoverSequenceNumber(expected, raw & seq_no_mask, seq_no_bits); + return (epoch << 48) | seq_no; +} + +bool TlsRecordHeader::Parse(bool is_dtls13, uint64_t seqno, TlsParser* parser, DataBuffer* body) { + auto mark = parser->consumed(); + if (!parser->Read(&content_type_)) { return false; } - uint32_t version; - if (!parser->Read(&version, 2)) { + if (is_dtls13) { + variant_ = ssl_variant_datagram; + version_ = SSL_LIBRARY_VERSION_TLS_1_3; + +#ifndef UNSAFE_FUZZER_MODE + // Deal with the 7 octet header. + if (content_type_ == kTlsApplicationDataType) { + uint32_t tmp; + if (!parser->Read(&tmp, 4)) { + return false; + } + sequence_number_ = ParseSequenceNumber(seqno, tmp, 30, 2); + if (!parser->ReadFromMark(&header_, parser->consumed() + 2 - mark, + mark)) { + return false; + } + return parser->ReadVariable(body, 2); + } + + // The short, 2 octet header. + if ((content_type_ & 0xe0) == 0x20) { + uint32_t tmp; + if (!parser->Read(&tmp, 1)) { + return false; + } + // Need to use the low 5 bits of the first octet too. + tmp |= (content_type_ & 0x1f) << 8; + content_type_ = kTlsApplicationDataType; + sequence_number_ = ParseSequenceNumber(seqno, tmp, 12, 1); + + if (!parser->ReadFromMark(&header_, parser->consumed() - mark, mark)) { + return false; + } + return parser->Read(body, parser->remaining()); + } + + // The full 13 octet header can only be used for a few types. + EXPECT_TRUE(content_type_ == kTlsAlertType || + content_type_ == kTlsHandshakeType || + content_type_ == kTlsAckType); +#endif + } + + uint32_t ver; + if (!parser->Read(&ver, 2)) { return false; } - version_ = version; + if (!is_dtls13) { + variant_ = IsDtls(ver) ? ssl_variant_datagram : ssl_variant_stream; + } + version_ = NormalizeTlsVersion(ver); - // If this is DTLS, overwrite the sequence number. - if (IsDtls(version)) { + if (is_dtls()) { + // If this is DTLS, read the sequence number. uint32_t tmp; if (!parser->Read(&tmp, 4)) { return false; @@ -203,21 +335,40 @@ bool TlsRecordHeader::Parse(uint64_t sequence_number, TlsParser* parser, } sequence_number_ |= static_cast<uint64_t>(tmp); } else { - sequence_number_ = sequence_number; + sequence_number_ = seqno; + } + if (!parser->ReadFromMark(&header_, parser->consumed() + 2 - mark, mark)) { + return false; } return parser->ReadVariable(body, 2); } -size_t TlsRecordHeader::Write(DataBuffer* buffer, size_t offset, - const DataBuffer& body) const { +size_t TlsRecordHeader::WriteHeader(DataBuffer* buffer, size_t offset, + size_t body_len) const { offset = buffer->Write(offset, content_type_, 1); - offset = buffer->Write(offset, version_, 2); - if (is_dtls()) { - // write epoch (2 octet), and seqnum (6 octet) - offset = buffer->Write(offset, sequence_number_ >> 32, 4); - offset = buffer->Write(offset, sequence_number_ & 0xffffffff, 4); + if (is_dtls() && version_ >= SSL_LIBRARY_VERSION_TLS_1_3 && + content_type() == kTlsApplicationDataType) { + // application_data records in TLS 1.3 have a different header format. + // Always use the long header here for simplicity. + uint32_t e = (sequence_number_ >> 48) & 0x3; + uint32_t seqno = sequence_number_ & ((1ULL << 30) - 1); + offset = buffer->Write(offset, (e << 30) | seqno, 4); + } else { + uint16_t v = is_dtls() ? TlsVersionToDtlsVersion(version_) : version_; + offset = buffer->Write(offset, v, 2); + if (is_dtls()) { + // write epoch (2 octet), and seqnum (6 octet) + offset = buffer->Write(offset, sequence_number_ >> 32, 4); + offset = buffer->Write(offset, sequence_number_ & 0xffffffff, 4); + } } - offset = buffer->Write(offset, body.len(), 2); + offset = buffer->Write(offset, body_len, 2); + return offset; +} + +size_t TlsRecordHeader::Write(DataBuffer* buffer, size_t offset, + const DataBuffer& body) const { + offset = WriteHeader(buffer, offset, body.len()); offset = buffer->Write(offset, body); return offset; } @@ -259,7 +410,7 @@ bool TlsRecordFilter::Unprotect(const TlsRecordHeader& header, bool TlsRecordFilter::Protect(const TlsRecordHeader& header, uint8_t inner_content_type, const DataBuffer& plaintext, - DataBuffer* ciphertext) { + DataBuffer* ciphertext, size_t padding) { if (!cipher_spec_ || header.content_type() != kTlsApplicationDataType) { *ciphertext = plaintext; return true; @@ -267,8 +418,10 @@ bool TlsRecordFilter::Protect(const TlsRecordHeader& header, if (g_ssl_gtest_verbose) { std::cerr << "protect: " << header.sequence_number() << std::endl; } - DataBuffer padded = plaintext; - padded.Write(padded.len(), inner_content_type, 1); + DataBuffer padded; + padded.Allocate(plaintext.len() + 1 + padding); + size_t offset = padded.Write(0, plaintext.data(), plaintext.len()); + padded.Write(offset, inner_content_type, 1); return cipher_spec_->Protect(header, padded, ciphertext); } @@ -406,6 +559,7 @@ bool TlsHandshakeFilter::HandshakeHeader::Parse( const DataBuffer& preceding_fragment, DataBuffer* body, bool* complete) { *complete = false; + variant_ = record_header.variant(); version_ = record_header.version(); if (!parser->Read(&handshake_type_)) { return false; // malformed @@ -487,10 +641,10 @@ PacketFilter::Action TlsConversationRecorder::FilterRecord( return KEEP; } -PacketFilter::Action TlsHeaderRecorder::FilterRecord( - const TlsRecordHeader& header, const DataBuffer& input, - DataBuffer* output) { - headers_.push_back(header); +PacketFilter::Action TlsHeaderRecorder::FilterRecord(const TlsRecordHeader& hdr, + const DataBuffer& input, + DataBuffer* output) { + headers_.push_back(hdr); return KEEP; } diff --git a/security/nss/gtests/ssl_gtest/tls_filter.h b/security/nss/gtests/ssl_gtest/tls_filter.h index 1bbe190ab..effda4aa0 100644 --- a/security/nss/gtests/ssl_gtest/tls_filter.h +++ b/security/nss/gtests/ssl_gtest/tls_filter.h @@ -11,7 +11,7 @@ #include <memory> #include <set> #include <vector> - +#include "sslt.h" #include "test_io.h" #include "tls_agent.h" #include "tls_parser.h" @@ -27,43 +27,57 @@ class TlsCipherSpec; class TlsVersioned { public: - TlsVersioned() : version_(0) {} - explicit TlsVersioned(uint16_t version) : version_(version) {} + TlsVersioned() : variant_(ssl_variant_stream), version_(0) {} + TlsVersioned(SSLProtocolVariant var, uint16_t ver) + : variant_(var), version_(ver) {} - bool is_dtls() const { return IsDtls(version_); } + bool is_dtls() const { return variant_ == ssl_variant_datagram; } + SSLProtocolVariant variant() const { return variant_; } uint16_t version() const { return version_; } void WriteStream(std::ostream& stream) const; protected: + SSLProtocolVariant variant_; uint16_t version_; }; class TlsRecordHeader : public TlsVersioned { public: - TlsRecordHeader() : TlsVersioned(), content_type_(0), sequence_number_(0) {} - TlsRecordHeader(uint16_t version, uint8_t content_type, - uint64_t sequence_number) - : TlsVersioned(version), - content_type_(content_type), - sequence_number_(sequence_number) {} + TlsRecordHeader() + : TlsVersioned(), content_type_(0), sequence_number_(0), header_() {} + TlsRecordHeader(SSLProtocolVariant var, uint16_t ver, uint8_t ct, + uint64_t seqno) + : TlsVersioned(var, ver), + content_type_(ct), + sequence_number_(seqno), + header_() {} uint8_t content_type() const { return content_type_; } uint64_t sequence_number() const { return sequence_number_; } uint16_t epoch() const { return static_cast<uint16_t>(sequence_number_ >> 48); } - size_t header_length() const { return is_dtls() ? 13 : 5; } + size_t header_length() const; + const DataBuffer& header() const { return header_; } // Parse the header; return true if successful; body in an outparam if OK. - bool Parse(uint64_t sequence_number, TlsParser* parser, DataBuffer* body); + bool Parse(bool is_dtls13, uint64_t sequence_number, TlsParser* parser, + DataBuffer* body); // Write the header and body to a buffer at the given offset. // Return the offset of the end of the write. size_t Write(DataBuffer* buffer, size_t offset, const DataBuffer& body) const; + size_t WriteHeader(DataBuffer* buffer, size_t offset, size_t body_len) const; private: + static uint64_t RecoverSequenceNumber(uint64_t expected, uint32_t partial, + size_t partial_bits); + static uint64_t ParseSequenceNumber(uint64_t expected, uint32_t raw, + size_t seq_no_bits, size_t epoch_bits); + uint8_t content_type_; uint64_t sequence_number_; + DataBuffer header_; }; struct TlsRecord { @@ -83,8 +97,8 @@ inline std::shared_ptr<T> MakeTlsFilter(const std::shared_ptr<TlsAgent>& agent, // Abstract filter that operates on entire (D)TLS records. class TlsRecordFilter : public PacketFilter { public: - TlsRecordFilter(const std::shared_ptr<TlsAgent>& agent) - : agent_(agent), + TlsRecordFilter(const std::shared_ptr<TlsAgent>& a) + : agent_(a), count_(0), cipher_spec_(), dropped_record_(false), @@ -106,7 +120,8 @@ class TlsRecordFilter : public PacketFilter { bool Unprotect(const TlsRecordHeader& header, const DataBuffer& cipherText, uint8_t* inner_content_type, DataBuffer* plaintext); bool Protect(const TlsRecordHeader& header, uint8_t inner_content_type, - const DataBuffer& plaintext, DataBuffer* ciphertext); + const DataBuffer& plaintext, DataBuffer* ciphertext, + size_t padding = 0); protected: // There are two filter functions which can be overriden. Both are @@ -130,6 +145,8 @@ class TlsRecordFilter : public PacketFilter { return KEEP; } + bool is_dtls13() const; + private: static void CipherSpecChanged(void* arg, PRBool sending, ssl3CipherSpec* newSpec); @@ -183,13 +200,11 @@ inline std::ostream& operator<<(std::ostream& stream, // records and that they don't span records or anything crazy like that. class TlsHandshakeFilter : public TlsRecordFilter { public: - TlsHandshakeFilter(const std::shared_ptr<TlsAgent>& agent) - : TlsRecordFilter(agent), handshake_types_(), preceding_fragment_() {} - TlsHandshakeFilter(const std::shared_ptr<TlsAgent>& agent, + TlsHandshakeFilter(const std::shared_ptr<TlsAgent>& a) + : TlsRecordFilter(a), handshake_types_(), preceding_fragment_() {} + TlsHandshakeFilter(const std::shared_ptr<TlsAgent>& a, const std::set<uint8_t>& types) - : TlsRecordFilter(agent), - handshake_types_(types), - preceding_fragment_() {} + : TlsRecordFilter(a), handshake_types_(types), preceding_fragment_() {} // This filter can be set to be selective based on handshake message type. If // this function isn't used (or the set is empty), then all handshake messages @@ -243,12 +258,12 @@ class TlsHandshakeFilter : public TlsRecordFilter { // Make a copy of the first instance of a handshake message. class TlsHandshakeRecorder : public TlsHandshakeFilter { public: - TlsHandshakeRecorder(const std::shared_ptr<TlsAgent>& agent, + TlsHandshakeRecorder(const std::shared_ptr<TlsAgent>& a, uint8_t handshake_type) - : TlsHandshakeFilter(agent, {handshake_type}), buffer_() {} - TlsHandshakeRecorder(const std::shared_ptr<TlsAgent>& agent, + : TlsHandshakeFilter(a, {handshake_type}), buffer_() {} + TlsHandshakeRecorder(const std::shared_ptr<TlsAgent>& a, const std::set<uint8_t>& handshake_types) - : TlsHandshakeFilter(agent, handshake_types), buffer_() {} + : TlsHandshakeFilter(a, handshake_types), buffer_() {} virtual PacketFilter::Action FilterHandshake(const HandshakeHeader& header, const DataBuffer& input, @@ -265,10 +280,10 @@ class TlsHandshakeRecorder : public TlsHandshakeFilter { // Replace all instances of a handshake message. class TlsInspectorReplaceHandshakeMessage : public TlsHandshakeFilter { public: - TlsInspectorReplaceHandshakeMessage(const std::shared_ptr<TlsAgent>& agent, + TlsInspectorReplaceHandshakeMessage(const std::shared_ptr<TlsAgent>& a, uint8_t handshake_type, const DataBuffer& replacement) - : TlsHandshakeFilter(agent, {handshake_type}), buffer_(replacement) {} + : TlsHandshakeFilter(a, {handshake_type}), buffer_(replacement) {} virtual PacketFilter::Action FilterHandshake(const HandshakeHeader& header, const DataBuffer& input, @@ -281,10 +296,10 @@ class TlsInspectorReplaceHandshakeMessage : public TlsHandshakeFilter { // Make a copy of each record of a given type. class TlsRecordRecorder : public TlsRecordFilter { public: - TlsRecordRecorder(const std::shared_ptr<TlsAgent>& agent, uint8_t ct) - : TlsRecordFilter(agent), filter_(true), ct_(ct), records_() {} - TlsRecordRecorder(const std::shared_ptr<TlsAgent>& agent) - : TlsRecordFilter(agent), + TlsRecordRecorder(const std::shared_ptr<TlsAgent>& a, uint8_t ct) + : TlsRecordFilter(a), filter_(true), ct_(ct), records_() {} + TlsRecordRecorder(const std::shared_ptr<TlsAgent>& a) + : TlsRecordFilter(a), filter_(false), ct_(content_handshake), // dummy (<optional> is C++14) records_() {} @@ -306,9 +321,9 @@ class TlsRecordRecorder : public TlsRecordFilter { // Make a copy of the complete conversation. class TlsConversationRecorder : public TlsRecordFilter { public: - TlsConversationRecorder(const std::shared_ptr<TlsAgent>& agent, + TlsConversationRecorder(const std::shared_ptr<TlsAgent>& a, DataBuffer& buffer) - : TlsRecordFilter(agent), buffer_(buffer) {} + : TlsRecordFilter(a), buffer_(buffer) {} virtual PacketFilter::Action FilterRecord(const TlsRecordHeader& header, const DataBuffer& input, @@ -321,8 +336,7 @@ class TlsConversationRecorder : public TlsRecordFilter { // Make a copy of the records class TlsHeaderRecorder : public TlsRecordFilter { public: - TlsHeaderRecorder(const std::shared_ptr<TlsAgent>& agent) - : TlsRecordFilter(agent) {} + TlsHeaderRecorder(const std::shared_ptr<TlsAgent>& a) : TlsRecordFilter(a) {} virtual PacketFilter::Action FilterRecord(const TlsRecordHeader& header, const DataBuffer& input, DataBuffer* output); @@ -359,15 +373,15 @@ typedef std::function<bool(TlsParser* parser, const TlsVersioned& header)> class TlsExtensionFilter : public TlsHandshakeFilter { public: - TlsExtensionFilter(const std::shared_ptr<TlsAgent>& agent) - : TlsHandshakeFilter(agent, + TlsExtensionFilter(const std::shared_ptr<TlsAgent>& a) + : TlsHandshakeFilter(a, {kTlsHandshakeClientHello, kTlsHandshakeServerHello, kTlsHandshakeHelloRetryRequest, kTlsHandshakeEncryptedExtensions}) {} - TlsExtensionFilter(const std::shared_ptr<TlsAgent>& agent, + TlsExtensionFilter(const std::shared_ptr<TlsAgent>& a, const std::set<uint8_t>& types) - : TlsHandshakeFilter(agent, types) {} + : TlsHandshakeFilter(a, types) {} static bool FindExtensions(TlsParser* parser, const HandshakeHeader& header); @@ -388,9 +402,9 @@ class TlsExtensionFilter : public TlsHandshakeFilter { class TlsExtensionCapture : public TlsExtensionFilter { public: - TlsExtensionCapture(const std::shared_ptr<TlsAgent>& agent, uint16_t ext, + TlsExtensionCapture(const std::shared_ptr<TlsAgent>& a, uint16_t ext, bool last = false) - : TlsExtensionFilter(agent), + : TlsExtensionFilter(a), extension_(ext), captured_(false), last_(last), @@ -413,9 +427,9 @@ class TlsExtensionCapture : public TlsExtensionFilter { class TlsExtensionReplacer : public TlsExtensionFilter { public: - TlsExtensionReplacer(const std::shared_ptr<TlsAgent>& agent, - uint16_t extension, const DataBuffer& data) - : TlsExtensionFilter(agent), extension_(extension), data_(data) {} + TlsExtensionReplacer(const std::shared_ptr<TlsAgent>& a, uint16_t extension, + const DataBuffer& data) + : TlsExtensionFilter(a), extension_(extension), data_(data) {} PacketFilter::Action FilterExtension(uint16_t extension_type, const DataBuffer& input, DataBuffer* output) override; @@ -427,9 +441,8 @@ class TlsExtensionReplacer : public TlsExtensionFilter { class TlsExtensionDropper : public TlsExtensionFilter { public: - TlsExtensionDropper(const std::shared_ptr<TlsAgent>& agent, - uint16_t extension) - : TlsExtensionFilter(agent), extension_(extension) {} + TlsExtensionDropper(const std::shared_ptr<TlsAgent>& a, uint16_t extension) + : TlsExtensionFilter(a), extension_(extension) {} PacketFilter::Action FilterExtension(uint16_t extension_type, const DataBuffer&, DataBuffer*) override; @@ -439,9 +452,9 @@ class TlsExtensionDropper : public TlsExtensionFilter { class TlsExtensionInjector : public TlsHandshakeFilter { public: - TlsExtensionInjector(const std::shared_ptr<TlsAgent>& agent, uint16_t ext, + TlsExtensionInjector(const std::shared_ptr<TlsAgent>& a, uint16_t ext, const DataBuffer& data) - : TlsHandshakeFilter(agent), extension_(ext), data_(data) {} + : TlsHandshakeFilter(a), extension_(ext), data_(data) {} protected: PacketFilter::Action FilterHandshake(const HandshakeHeader& header, @@ -453,7 +466,6 @@ class TlsExtensionInjector : public TlsHandshakeFilter { const DataBuffer data_; }; -class TlsAgent; typedef std::function<void(void)> VoidFunction; class AfterRecordN : public TlsRecordFilter { @@ -495,6 +507,22 @@ class TlsClientHelloVersionChanger : public TlsHandshakeFilter { std::weak_ptr<TlsAgent> server_; }; +// Damage a record. +class TlsRecordLastByteDamager : public TlsRecordFilter { + public: + TlsRecordLastByteDamager(const std::shared_ptr<TlsAgent>& a) + : TlsRecordFilter(a) {} + + protected: + PacketFilter::Action FilterRecord(const TlsRecordHeader& header, + const DataBuffer& data, + DataBuffer* changed) override { + *changed = data; + changed->data()[changed->len() - 1]++; + return CHANGE; + } +}; + // This class selectively drops complete writes. This relies on the fact that // writes in libssl are on record boundaries. class SelectiveDropFilter : public PacketFilter { @@ -515,16 +543,16 @@ class SelectiveDropFilter : public PacketFilter { // datagram, we just drop one. class SelectiveRecordDropFilter : public TlsRecordFilter { public: - SelectiveRecordDropFilter(const std::shared_ptr<TlsAgent>& agent, + SelectiveRecordDropFilter(const std::shared_ptr<TlsAgent>& a, uint32_t pattern, bool enabled = true) - : TlsRecordFilter(agent), pattern_(pattern), counter_(0) { + : TlsRecordFilter(a), pattern_(pattern), counter_(0) { if (!enabled) { Disable(); } } - SelectiveRecordDropFilter(const std::shared_ptr<TlsAgent>& agent, + SelectiveRecordDropFilter(const std::shared_ptr<TlsAgent>& a, std::initializer_list<size_t> records) - : SelectiveRecordDropFilter(agent, ToPattern(records), true) {} + : SelectiveRecordDropFilter(a, ToPattern(records), true) {} void Reset(uint32_t pattern) { counter_ = 0; @@ -551,10 +579,9 @@ class SelectiveRecordDropFilter : public TlsRecordFilter { // Set the version number in the ClientHello. class TlsClientHelloVersionSetter : public TlsHandshakeFilter { public: - TlsClientHelloVersionSetter(const std::shared_ptr<TlsAgent>& agent, + TlsClientHelloVersionSetter(const std::shared_ptr<TlsAgent>& a, uint16_t version) - : TlsHandshakeFilter(agent, {kTlsHandshakeClientHello}), - version_(version) {} + : TlsHandshakeFilter(a, {kTlsHandshakeClientHello}), version_(version) {} virtual PacketFilter::Action FilterHandshake(const HandshakeHeader& header, const DataBuffer& input, @@ -567,8 +594,8 @@ class TlsClientHelloVersionSetter : public TlsHandshakeFilter { // Damages the last byte of a handshake message. class TlsLastByteDamager : public TlsHandshakeFilter { public: - TlsLastByteDamager(const std::shared_ptr<TlsAgent>& agent, uint8_t type) - : TlsHandshakeFilter(agent), type_(type) {} + TlsLastByteDamager(const std::shared_ptr<TlsAgent>& a, uint8_t type) + : TlsHandshakeFilter(a), type_(type) {} PacketFilter::Action FilterHandshake( const TlsHandshakeFilter::HandshakeHeader& header, const DataBuffer& input, DataBuffer* output) override { @@ -588,9 +615,9 @@ class TlsLastByteDamager : public TlsHandshakeFilter { class SelectedCipherSuiteReplacer : public TlsHandshakeFilter { public: - SelectedCipherSuiteReplacer(const std::shared_ptr<TlsAgent>& agent, + SelectedCipherSuiteReplacer(const std::shared_ptr<TlsAgent>& a, uint16_t suite) - : TlsHandshakeFilter(agent, {kTlsHandshakeServerHello}), + : TlsHandshakeFilter(a, {kTlsHandshakeServerHello}), cipher_suite_(suite) {} protected: diff --git a/security/nss/gtests/ssl_gtest/tls_protect.cc b/security/nss/gtests/ssl_gtest/tls_protect.cc index 6c945f66e..c715a36a6 100644 --- a/security/nss/gtests/ssl_gtest/tls_protect.cc +++ b/security/nss/gtests/ssl_gtest/tls_protect.cc @@ -54,17 +54,17 @@ bool AeadCipher::AeadInner(bool decrypt, void *params, size_t param_length, return rv == SECSuccess; } -bool AeadCipherAesGcm::Aead(bool decrypt, uint64_t seq, const uint8_t *in, - size_t inlen, uint8_t *out, size_t *outlen, - size_t maxlen) { +bool AeadCipherAesGcm::Aead(bool decrypt, const uint8_t *hdr, size_t hdr_len, + uint64_t seq, const uint8_t *in, size_t inlen, + uint8_t *out, size_t *outlen, size_t maxlen) { CK_GCM_PARAMS aeadParams; unsigned char nonce[12]; memset(&aeadParams, 0, sizeof(aeadParams)); aeadParams.pIv = nonce; aeadParams.ulIvLen = sizeof(nonce); - aeadParams.pAAD = NULL; - aeadParams.ulAADLen = 0; + aeadParams.pAAD = const_cast<uint8_t *>(hdr); + aeadParams.ulAADLen = hdr_len; aeadParams.ulTagBits = 128; FormatNonce(seq, nonce); @@ -72,7 +72,8 @@ bool AeadCipherAesGcm::Aead(bool decrypt, uint64_t seq, const uint8_t *in, in, inlen, out, outlen, maxlen); } -bool AeadCipherChacha20Poly1305::Aead(bool decrypt, uint64_t seq, +bool AeadCipherChacha20Poly1305::Aead(bool decrypt, const uint8_t *hdr, + size_t hdr_len, uint64_t seq, const uint8_t *in, size_t inlen, uint8_t *out, size_t *outlen, size_t maxlen) { @@ -82,8 +83,8 @@ bool AeadCipherChacha20Poly1305::Aead(bool decrypt, uint64_t seq, memset(&aeadParams, 0, sizeof(aeadParams)); aeadParams.pNonce = nonce; aeadParams.ulNonceLen = sizeof(nonce); - aeadParams.pAAD = NULL; - aeadParams.ulAADLen = 0; + aeadParams.pAAD = const_cast<uint8_t *>(hdr); + aeadParams.ulAADLen = hdr_len; aeadParams.ulTagLen = 16; FormatNonce(seq, nonce); @@ -91,9 +92,9 @@ bool AeadCipherChacha20Poly1305::Aead(bool decrypt, uint64_t seq, in, inlen, out, outlen, maxlen); } -bool TlsCipherSpec::Init(uint16_t epoch, SSLCipherAlgorithm cipher, +bool TlsCipherSpec::Init(uint16_t epoc, SSLCipherAlgorithm cipher, PK11SymKey *key, const uint8_t *iv) { - epoch_ = epoch; + epoch_ = epoc; switch (cipher) { case ssl_calg_aes_gcm: aead_.reset(new AeadCipherAesGcm()); @@ -114,10 +115,12 @@ bool TlsCipherSpec::Unprotect(const TlsRecordHeader &header, // Make space. plaintext->Allocate(ciphertext.len()); + auto header_bytes = header.header(); size_t len; bool ret = - aead_->Aead(true, header.sequence_number(), ciphertext.data(), - ciphertext.len(), plaintext->data(), &len, plaintext->len()); + aead_->Aead(true, header_bytes.data(), header_bytes.len(), + header.sequence_number(), ciphertext.data(), ciphertext.len(), + plaintext->data(), &len, plaintext->len()); if (!ret) return false; plaintext->Truncate(len); @@ -133,9 +136,13 @@ bool TlsCipherSpec::Protect(const TlsRecordHeader &header, ciphertext->Allocate(plaintext.len() + 32); // Room for any plausible auth tag size_t len; + + DataBuffer header_bytes; + (void)header.WriteHeader(&header_bytes, 0, plaintext.len() + 16); bool ret = - aead_->Aead(false, header.sequence_number(), plaintext.data(), - plaintext.len(), ciphertext->data(), &len, ciphertext->len()); + aead_->Aead(false, header_bytes.data(), header_bytes.len(), + header.sequence_number(), plaintext.data(), plaintext.len(), + ciphertext->data(), &len, ciphertext->len()); if (!ret) return false; ciphertext->Truncate(len); diff --git a/security/nss/gtests/ssl_gtest/tls_protect.h b/security/nss/gtests/ssl_gtest/tls_protect.h index 93ffd6322..6f129a4eb 100644 --- a/security/nss/gtests/ssl_gtest/tls_protect.h +++ b/security/nss/gtests/ssl_gtest/tls_protect.h @@ -23,8 +23,9 @@ class AeadCipher { virtual ~AeadCipher(); bool Init(PK11SymKey *key, const uint8_t *iv); - virtual bool Aead(bool decrypt, uint64_t seq, const uint8_t *in, size_t inlen, - uint8_t *out, size_t *outlen, size_t maxlen) = 0; + virtual bool Aead(bool decrypt, const uint8_t *hdr, size_t hdr_len, + uint64_t seq, const uint8_t *in, size_t inlen, uint8_t *out, + size_t *outlen, size_t maxlen) = 0; protected: void FormatNonce(uint64_t seq, uint8_t *nonce); @@ -42,8 +43,9 @@ class AeadCipherChacha20Poly1305 : public AeadCipher { AeadCipherChacha20Poly1305() : AeadCipher(CKM_NSS_CHACHA20_POLY1305) {} protected: - bool Aead(bool decrypt, uint64_t seq, const uint8_t *in, size_t inlen, - uint8_t *out, size_t *outlen, size_t maxlen); + bool Aead(bool decrypt, const uint8_t *hdr, size_t hdr_len, uint64_t seq, + const uint8_t *in, size_t inlen, uint8_t *out, size_t *outlen, + size_t maxlen); }; class AeadCipherAesGcm : public AeadCipher { @@ -51,8 +53,9 @@ class AeadCipherAesGcm : public AeadCipher { AeadCipherAesGcm() : AeadCipher(CKM_AES_GCM) {} protected: - bool Aead(bool decrypt, uint64_t seq, const uint8_t *in, size_t inlen, - uint8_t *out, size_t *outlen, size_t maxlen); + bool Aead(bool decrypt, const uint8_t *hdr, size_t hdr_len, uint64_t seq, + const uint8_t *in, size_t inlen, uint8_t *out, size_t *outlen, + size_t maxlen); }; // Our analog of ssl3CipherSpec diff --git a/security/nss/lib/certdb/crl.c b/security/nss/lib/certdb/crl.c index d1c48dfba..63adcad46 100644 --- a/security/nss/lib/certdb/crl.c +++ b/security/nss/lib/certdb/crl.c @@ -898,13 +898,13 @@ static PLHashAllocOps preAllocOps = { PreAllocTable, PreFreeTable, /* destructor for PreAllocator object */ void -PreAllocator_Destroy(PreAllocator* PreAllocator) +PreAllocator_Destroy(PreAllocator* allocator) { - if (!PreAllocator) { + if (!allocator) { return; } - if (PreAllocator->arena) { - PORT_FreeArena(PreAllocator->arena, PR_TRUE); + if (allocator->arena) { + PORT_FreeArena(allocator->arena, PR_TRUE); } } diff --git a/security/nss/lib/ckfw/Makefile b/security/nss/lib/ckfw/Makefile index 484dbb511..2902bef48 100644 --- a/security/nss/lib/ckfw/Makefile +++ b/security/nss/lib/ckfw/Makefile @@ -33,7 +33,3 @@ ifdef NSS_BUILD_CAPI DIRS += capi endif endif - -#ifeq ($(OS_ARCH), Darwin) -#DIRS += nssmkey -#endif diff --git a/security/nss/lib/ckfw/builtins/certdata.txt b/security/nss/lib/ckfw/builtins/certdata.txt index 5d2baf3a5..d291f28a5 100644 --- a/security/nss/lib/ckfw/builtins/certdata.txt +++ b/security/nss/lib/ckfw/builtins/certdata.txt @@ -7241,163 +7241,6 @@ CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_MUST_VERIFY_TRUST CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE # -# Certificate "TC TrustCenter Class 3 CA II" -# -# Issuer: CN=TC TrustCenter Class 3 CA II,OU=TC TrustCenter Class 3 CA,O=TC TrustCenter GmbH,C=DE -# Serial Number:4a:47:00:01:00:02:e5:a0:5d:d6:3f:00:51:bf -# Subject: CN=TC TrustCenter Class 3 CA II,OU=TC TrustCenter Class 3 CA,O=TC TrustCenter GmbH,C=DE -# Not Valid Before: Thu Jan 12 14:41:57 2006 -# Not Valid After : Wed Dec 31 22:59:59 2025 -# Fingerprint (MD5): 56:5F:AA:80:61:12:17:F6:67:21:E6:2B:6D:61:56:8E -# Fingerprint (SHA1): 80:25:EF:F4:6E:70:C8:D4:72:24:65:84:FE:40:3B:8A:8D:6A:DB:F5 -CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE -CKA_TOKEN CK_BBOOL CK_TRUE -CKA_PRIVATE CK_BBOOL CK_FALSE -CKA_MODIFIABLE CK_BBOOL CK_FALSE -CKA_LABEL UTF8 "TC TrustCenter Class 3 CA II" -CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509 -CKA_SUBJECT MULTILINE_OCTAL -\060\166\061\013\060\011\006\003\125\004\006\023\002\104\105\061 -\034\060\032\006\003\125\004\012\023\023\124\103\040\124\162\165 -\163\164\103\145\156\164\145\162\040\107\155\142\110\061\042\060 -\040\006\003\125\004\013\023\031\124\103\040\124\162\165\163\164 -\103\145\156\164\145\162\040\103\154\141\163\163\040\063\040\103 -\101\061\045\060\043\006\003\125\004\003\023\034\124\103\040\124 -\162\165\163\164\103\145\156\164\145\162\040\103\154\141\163\163 -\040\063\040\103\101\040\111\111 -END -CKA_ID UTF8 "0" -CKA_ISSUER MULTILINE_OCTAL -\060\166\061\013\060\011\006\003\125\004\006\023\002\104\105\061 -\034\060\032\006\003\125\004\012\023\023\124\103\040\124\162\165 -\163\164\103\145\156\164\145\162\040\107\155\142\110\061\042\060 -\040\006\003\125\004\013\023\031\124\103\040\124\162\165\163\164 -\103\145\156\164\145\162\040\103\154\141\163\163\040\063\040\103 -\101\061\045\060\043\006\003\125\004\003\023\034\124\103\040\124 -\162\165\163\164\103\145\156\164\145\162\040\103\154\141\163\163 -\040\063\040\103\101\040\111\111 -END -CKA_SERIAL_NUMBER MULTILINE_OCTAL -\002\016\112\107\000\001\000\002\345\240\135\326\077\000\121\277 -END -CKA_VALUE MULTILINE_OCTAL -\060\202\004\252\060\202\003\222\240\003\002\001\002\002\016\112 -\107\000\001\000\002\345\240\135\326\077\000\121\277\060\015\006 -\011\052\206\110\206\367\015\001\001\005\005\000\060\166\061\013 -\060\011\006\003\125\004\006\023\002\104\105\061\034\060\032\006 -\003\125\004\012\023\023\124\103\040\124\162\165\163\164\103\145 -\156\164\145\162\040\107\155\142\110\061\042\060\040\006\003\125 -\004\013\023\031\124\103\040\124\162\165\163\164\103\145\156\164 -\145\162\040\103\154\141\163\163\040\063\040\103\101\061\045\060 -\043\006\003\125\004\003\023\034\124\103\040\124\162\165\163\164 -\103\145\156\164\145\162\040\103\154\141\163\163\040\063\040\103 -\101\040\111\111\060\036\027\015\060\066\060\061\061\062\061\064 -\064\061\065\067\132\027\015\062\065\061\062\063\061\062\062\065 -\071\065\071\132\060\166\061\013\060\011\006\003\125\004\006\023 -\002\104\105\061\034\060\032\006\003\125\004\012\023\023\124\103 -\040\124\162\165\163\164\103\145\156\164\145\162\040\107\155\142 -\110\061\042\060\040\006\003\125\004\013\023\031\124\103\040\124 -\162\165\163\164\103\145\156\164\145\162\040\103\154\141\163\163 -\040\063\040\103\101\061\045\060\043\006\003\125\004\003\023\034 -\124\103\040\124\162\165\163\164\103\145\156\164\145\162\040\103 -\154\141\163\163\040\063\040\103\101\040\111\111\060\202\001\042 -\060\015\006\011\052\206\110\206\367\015\001\001\001\005\000\003 -\202\001\017\000\060\202\001\012\002\202\001\001\000\264\340\273 -\121\273\071\134\213\004\305\114\171\034\043\206\061\020\143\103 -\125\047\077\306\105\307\244\075\354\011\015\032\036\040\302\126 -\036\336\033\067\007\060\042\057\157\361\006\361\253\255\326\310 -\253\141\243\057\103\304\260\262\055\374\303\226\151\173\176\212 -\344\314\300\071\022\220\102\140\311\314\065\150\356\332\137\220 -\126\137\315\034\115\133\130\111\353\016\001\117\144\372\054\074 -\211\130\330\057\056\342\260\150\351\042\073\165\211\326\104\032 -\145\362\033\227\046\035\050\155\254\350\275\131\035\053\044\366 -\326\204\003\146\210\044\000\170\140\361\370\253\376\002\262\153 -\373\042\373\065\346\026\321\255\366\056\022\344\372\065\152\345 -\031\271\135\333\073\036\032\373\323\377\025\024\010\330\011\152 -\272\105\235\024\171\140\175\257\100\212\007\163\263\223\226\323 -\164\064\215\072\067\051\336\134\354\365\356\056\061\302\040\334 -\276\361\117\177\043\122\331\133\342\144\331\234\252\007\010\265 -\105\275\321\320\061\301\253\124\237\251\322\303\142\140\003\361 -\273\071\112\222\112\075\012\271\235\305\240\376\067\002\003\001 -\000\001\243\202\001\064\060\202\001\060\060\017\006\003\125\035 -\023\001\001\377\004\005\060\003\001\001\377\060\016\006\003\125 -\035\017\001\001\377\004\004\003\002\001\006\060\035\006\003\125 -\035\016\004\026\004\024\324\242\374\237\263\303\330\003\323\127 -\134\007\244\320\044\247\300\362\000\324\060\201\355\006\003\125 -\035\037\004\201\345\060\201\342\060\201\337\240\201\334\240\201 -\331\206\065\150\164\164\160\072\057\057\167\167\167\056\164\162 -\165\163\164\143\145\156\164\145\162\056\144\145\057\143\162\154 -\057\166\062\057\164\143\137\143\154\141\163\163\137\063\137\143 -\141\137\111\111\056\143\162\154\206\201\237\154\144\141\160\072 -\057\057\167\167\167\056\164\162\165\163\164\143\145\156\164\145 -\162\056\144\145\057\103\116\075\124\103\045\062\060\124\162\165 -\163\164\103\145\156\164\145\162\045\062\060\103\154\141\163\163 -\045\062\060\063\045\062\060\103\101\045\062\060\111\111\054\117 -\075\124\103\045\062\060\124\162\165\163\164\103\145\156\164\145 -\162\045\062\060\107\155\142\110\054\117\125\075\162\157\157\164 -\143\145\162\164\163\054\104\103\075\164\162\165\163\164\143\145 -\156\164\145\162\054\104\103\075\144\145\077\143\145\162\164\151 -\146\151\143\141\164\145\122\145\166\157\143\141\164\151\157\156 -\114\151\163\164\077\142\141\163\145\077\060\015\006\011\052\206 -\110\206\367\015\001\001\005\005\000\003\202\001\001\000\066\140 -\344\160\367\006\040\103\331\043\032\102\362\370\243\262\271\115 -\212\264\363\302\232\125\061\174\304\073\147\232\264\337\115\016 -\212\223\112\027\213\033\215\312\211\341\317\072\036\254\035\361 -\234\062\264\216\131\166\242\101\205\045\067\240\023\320\365\174 -\116\325\352\226\342\156\162\301\273\052\376\154\156\370\221\230 -\106\374\311\033\127\133\352\310\032\073\077\260\121\230\074\007 -\332\054\131\001\332\213\104\350\341\164\375\247\150\335\124\272 -\203\106\354\310\106\265\370\257\227\300\073\011\034\217\316\162 -\226\075\063\126\160\274\226\313\330\325\175\040\232\203\237\032 -\334\071\361\305\162\243\021\003\375\073\102\122\051\333\350\001 -\367\233\136\214\326\215\206\116\031\372\274\034\276\305\041\245 -\207\236\170\056\066\333\011\161\243\162\064\370\154\343\006\011 -\362\136\126\245\323\335\230\372\324\346\006\364\360\266\040\143 -\113\352\051\275\252\202\146\036\373\201\252\247\067\255\023\030 -\346\222\303\201\301\063\273\210\036\241\347\342\264\275\061\154 -\016\121\075\157\373\226\126\200\342\066\027\321\334\344 -END -CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE - -# Trust for Certificate "TC TrustCenter Class 3 CA II" -# Issuer: CN=TC TrustCenter Class 3 CA II,OU=TC TrustCenter Class 3 CA,O=TC TrustCenter GmbH,C=DE -# Serial Number:4a:47:00:01:00:02:e5:a0:5d:d6:3f:00:51:bf -# Subject: CN=TC TrustCenter Class 3 CA II,OU=TC TrustCenter Class 3 CA,O=TC TrustCenter GmbH,C=DE -# Not Valid Before: Thu Jan 12 14:41:57 2006 -# Not Valid After : Wed Dec 31 22:59:59 2025 -# Fingerprint (MD5): 56:5F:AA:80:61:12:17:F6:67:21:E6:2B:6D:61:56:8E -# Fingerprint (SHA1): 80:25:EF:F4:6E:70:C8:D4:72:24:65:84:FE:40:3B:8A:8D:6A:DB:F5 -CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST -CKA_TOKEN CK_BBOOL CK_TRUE -CKA_PRIVATE CK_BBOOL CK_FALSE -CKA_MODIFIABLE CK_BBOOL CK_FALSE -CKA_LABEL UTF8 "TC TrustCenter Class 3 CA II" -CKA_CERT_SHA1_HASH MULTILINE_OCTAL -\200\045\357\364\156\160\310\324\162\044\145\204\376\100\073\212 -\215\152\333\365 -END -CKA_CERT_MD5_HASH MULTILINE_OCTAL -\126\137\252\200\141\022\027\366\147\041\346\053\155\141\126\216 -END -CKA_ISSUER MULTILINE_OCTAL -\060\166\061\013\060\011\006\003\125\004\006\023\002\104\105\061 -\034\060\032\006\003\125\004\012\023\023\124\103\040\124\162\165 -\163\164\103\145\156\164\145\162\040\107\155\142\110\061\042\060 -\040\006\003\125\004\013\023\031\124\103\040\124\162\165\163\164 -\103\145\156\164\145\162\040\103\154\141\163\163\040\063\040\103 -\101\061\045\060\043\006\003\125\004\003\023\034\124\103\040\124 -\162\165\163\164\103\145\156\164\145\162\040\103\154\141\163\163 -\040\063\040\103\101\040\111\111 -END -CKA_SERIAL_NUMBER MULTILINE_OCTAL -\002\016\112\107\000\001\000\002\345\240\135\326\077\000\121\277 -END -CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_MUST_VERIFY_TRUST -CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_TRUSTED_DELEGATOR -CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_MUST_VERIFY_TRUST -CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE - -# # Certificate "Deutsche Telekom Root CA 2" # # Issuer: CN=Deutsche Telekom Root CA 2,OU=T-TeleSec Trust Center,O=Deutsche Telekom AG,C=DE @@ -17883,155 +17726,6 @@ CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_MUST_VERIFY_TRUST CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE # -# Certificate "S-TRUST Universal Root CA" -# -# Issuer: CN=S-TRUST Universal Root CA,OU=S-TRUST Certification Services,O=Deutscher Sparkassen Verlag GmbH,C=DE -# Serial Number:60:56:c5:4b:23:40:5b:64:d4:ed:25:da:d9:d6:1e:1e -# Subject: CN=S-TRUST Universal Root CA,OU=S-TRUST Certification Services,O=Deutscher Sparkassen Verlag GmbH,C=DE -# Not Valid Before: Tue Oct 22 00:00:00 2013 -# Not Valid After : Thu Oct 21 23:59:59 2038 -# Fingerprint (SHA-256): D8:0F:EF:91:0A:E3:F1:04:72:3B:04:5C:EC:2D:01:9F:44:1C:E6:21:3A:DF:15:67:91:E7:0C:17:90:11:0A:31 -# Fingerprint (SHA1): 1B:3D:11:14:EA:7A:0F:95:58:54:41:95:BF:6B:25:82:AB:40:CE:9A -CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE -CKA_TOKEN CK_BBOOL CK_TRUE -CKA_PRIVATE CK_BBOOL CK_FALSE -CKA_MODIFIABLE CK_BBOOL CK_FALSE -CKA_LABEL UTF8 "S-TRUST Universal Root CA" -CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509 -CKA_SUBJECT MULTILINE_OCTAL -\060\201\205\061\013\060\011\006\003\125\004\006\023\002\104\105 -\061\051\060\047\006\003\125\004\012\023\040\104\145\165\164\163 -\143\150\145\162\040\123\160\141\162\153\141\163\163\145\156\040 -\126\145\162\154\141\147\040\107\155\142\110\061\047\060\045\006 -\003\125\004\013\023\036\123\055\124\122\125\123\124\040\103\145 -\162\164\151\146\151\143\141\164\151\157\156\040\123\145\162\166 -\151\143\145\163\061\042\060\040\006\003\125\004\003\023\031\123 -\055\124\122\125\123\124\040\125\156\151\166\145\162\163\141\154 -\040\122\157\157\164\040\103\101 -END -CKA_ID UTF8 "0" -CKA_ISSUER MULTILINE_OCTAL -\060\201\205\061\013\060\011\006\003\125\004\006\023\002\104\105 -\061\051\060\047\006\003\125\004\012\023\040\104\145\165\164\163 -\143\150\145\162\040\123\160\141\162\153\141\163\163\145\156\040 -\126\145\162\154\141\147\040\107\155\142\110\061\047\060\045\006 -\003\125\004\013\023\036\123\055\124\122\125\123\124\040\103\145 -\162\164\151\146\151\143\141\164\151\157\156\040\123\145\162\166 -\151\143\145\163\061\042\060\040\006\003\125\004\003\023\031\123 -\055\124\122\125\123\124\040\125\156\151\166\145\162\163\141\154 -\040\122\157\157\164\040\103\101 -END -CKA_SERIAL_NUMBER MULTILINE_OCTAL -\002\020\140\126\305\113\043\100\133\144\324\355\045\332\331\326 -\036\036 -END -CKA_VALUE MULTILINE_OCTAL -\060\202\003\330\060\202\002\300\240\003\002\001\002\002\020\140 -\126\305\113\043\100\133\144\324\355\045\332\331\326\036\036\060 -\015\006\011\052\206\110\206\367\015\001\001\013\005\000\060\201 -\205\061\013\060\011\006\003\125\004\006\023\002\104\105\061\051 -\060\047\006\003\125\004\012\023\040\104\145\165\164\163\143\150 -\145\162\040\123\160\141\162\153\141\163\163\145\156\040\126\145 -\162\154\141\147\040\107\155\142\110\061\047\060\045\006\003\125 -\004\013\023\036\123\055\124\122\125\123\124\040\103\145\162\164 -\151\146\151\143\141\164\151\157\156\040\123\145\162\166\151\143 -\145\163\061\042\060\040\006\003\125\004\003\023\031\123\055\124 -\122\125\123\124\040\125\156\151\166\145\162\163\141\154\040\122 -\157\157\164\040\103\101\060\036\027\015\061\063\061\060\062\062 -\060\060\060\060\060\060\132\027\015\063\070\061\060\062\061\062 -\063\065\071\065\071\132\060\201\205\061\013\060\011\006\003\125 -\004\006\023\002\104\105\061\051\060\047\006\003\125\004\012\023 -\040\104\145\165\164\163\143\150\145\162\040\123\160\141\162\153 -\141\163\163\145\156\040\126\145\162\154\141\147\040\107\155\142 -\110\061\047\060\045\006\003\125\004\013\023\036\123\055\124\122 -\125\123\124\040\103\145\162\164\151\146\151\143\141\164\151\157 -\156\040\123\145\162\166\151\143\145\163\061\042\060\040\006\003 -\125\004\003\023\031\123\055\124\122\125\123\124\040\125\156\151 -\166\145\162\163\141\154\040\122\157\157\164\040\103\101\060\202 -\001\042\060\015\006\011\052\206\110\206\367\015\001\001\001\005 -\000\003\202\001\017\000\060\202\001\012\002\202\001\001\000\250 -\343\013\337\021\067\205\202\232\265\154\146\174\141\077\300\107 -\032\035\106\343\260\125\144\345\270\202\071\050\007\176\027\377 -\364\233\212\360\221\201\352\070\077\041\170\154\110\354\153\057 -\242\323\212\162\262\247\327\331\352\177\264\300\111\153\060\045 -\211\214\353\267\325\100\141\230\342\334\074\040\222\315\145\112 -\162\237\032\216\214\372\045\025\277\363\041\203\050\015\213\257 -\131\021\202\103\134\233\115\045\121\177\130\030\143\140\073\263 -\265\212\213\130\143\067\110\110\220\104\302\100\335\135\367\103 -\151\051\230\134\022\145\136\253\220\222\113\146\337\325\165\022 -\123\124\030\246\336\212\326\273\127\003\071\131\231\030\005\014 -\371\375\025\306\220\144\106\027\202\327\302\112\101\075\375\000 -\276\127\162\030\224\167\033\123\132\211\001\366\063\162\016\223 -\072\334\350\036\375\005\005\326\274\163\340\210\334\253\117\354 -\265\030\206\117\171\204\016\110\052\146\052\335\062\310\170\145 -\310\013\235\130\001\005\161\355\201\365\150\027\156\313\015\264 -\113\330\241\354\256\070\353\034\130\057\241\145\003\064\057\002 -\003\001\000\001\243\102\060\100\060\017\006\003\125\035\023\001 -\001\377\004\005\060\003\001\001\377\060\016\006\003\125\035\017 -\001\001\377\004\004\003\002\001\006\060\035\006\003\125\035\016 -\004\026\004\024\232\175\327\353\353\177\124\230\105\051\264\040 -\253\155\013\226\043\031\244\302\060\015\006\011\052\206\110\206 -\367\015\001\001\013\005\000\003\202\001\001\000\116\226\022\333 -\176\167\136\222\047\236\041\027\030\202\166\330\077\274\245\011 -\004\146\210\211\255\333\125\263\063\152\306\145\304\217\115\363 -\062\066\334\171\004\226\251\167\062\321\227\365\030\153\214\272 -\355\316\021\320\104\307\222\361\264\104\216\355\210\122\110\236 -\325\375\131\370\243\036\121\373\001\122\345\137\345\172\335\252 -\044\117\042\213\335\166\106\366\245\240\017\065\330\312\017\230 -\271\060\135\040\157\302\201\036\275\275\300\376\025\323\070\052 -\011\223\230\047\033\223\173\320\053\064\136\150\245\025\117\321 -\122\303\240\312\240\203\105\035\365\365\267\131\163\135\131\001 -\217\252\302\107\057\024\161\325\051\343\020\265\107\223\045\314 -\043\051\332\267\162\330\221\324\354\033\110\212\042\344\301\052 -\367\072\150\223\237\105\031\156\103\267\314\376\270\221\232\141 -\032\066\151\143\144\222\050\363\157\141\222\205\023\237\311\007 -\054\213\127\334\353\236\171\325\302\336\010\325\124\262\127\116 -\052\062\215\241\342\072\321\020\040\042\071\175\064\105\157\161 -\073\303\035\374\377\262\117\250\342\366\060\036 -END -CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE - -# Trust for "S-TRUST Universal Root CA" -# Issuer: CN=S-TRUST Universal Root CA,OU=S-TRUST Certification Services,O=Deutscher Sparkassen Verlag GmbH,C=DE -# Serial Number:60:56:c5:4b:23:40:5b:64:d4:ed:25:da:d9:d6:1e:1e -# Subject: CN=S-TRUST Universal Root CA,OU=S-TRUST Certification Services,O=Deutscher Sparkassen Verlag GmbH,C=DE -# Not Valid Before: Tue Oct 22 00:00:00 2013 -# Not Valid After : Thu Oct 21 23:59:59 2038 -# Fingerprint (SHA-256): D8:0F:EF:91:0A:E3:F1:04:72:3B:04:5C:EC:2D:01:9F:44:1C:E6:21:3A:DF:15:67:91:E7:0C:17:90:11:0A:31 -# Fingerprint (SHA1): 1B:3D:11:14:EA:7A:0F:95:58:54:41:95:BF:6B:25:82:AB:40:CE:9A -CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST -CKA_TOKEN CK_BBOOL CK_TRUE -CKA_PRIVATE CK_BBOOL CK_FALSE -CKA_MODIFIABLE CK_BBOOL CK_FALSE -CKA_LABEL UTF8 "S-TRUST Universal Root CA" -CKA_CERT_SHA1_HASH MULTILINE_OCTAL -\033\075\021\024\352\172\017\225\130\124\101\225\277\153\045\202 -\253\100\316\232 -END -CKA_CERT_MD5_HASH MULTILINE_OCTAL -\130\366\101\001\256\365\133\121\231\116\134\041\350\117\324\146 -END -CKA_ISSUER MULTILINE_OCTAL -\060\201\205\061\013\060\011\006\003\125\004\006\023\002\104\105 -\061\051\060\047\006\003\125\004\012\023\040\104\145\165\164\163 -\143\150\145\162\040\123\160\141\162\153\141\163\163\145\156\040 -\126\145\162\154\141\147\040\107\155\142\110\061\047\060\045\006 -\003\125\004\013\023\036\123\055\124\122\125\123\124\040\103\145 -\162\164\151\146\151\143\141\164\151\157\156\040\123\145\162\166 -\151\143\145\163\061\042\060\040\006\003\125\004\003\023\031\123 -\055\124\122\125\123\124\040\125\156\151\166\145\162\163\141\154 -\040\122\157\157\164\040\103\101 -END -CKA_SERIAL_NUMBER MULTILINE_OCTAL -\002\020\140\126\305\113\043\100\133\144\324\355\045\332\331\326 -\036\036 -END -CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_MUST_VERIFY_TRUST -CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_TRUSTED_DELEGATOR -CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_MUST_VERIFY_TRUST -CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE - -# # Certificate "Entrust Root Certification Authority - G2" # # Issuer: CN=Entrust Root Certification Authority - G2,OU="(c) 2009 Entrust, Inc. - for authorized use only",OU=See www.entrust.net/legal-terms,O="Entrust, Inc.",C=US @@ -18509,167 +18203,6 @@ CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_MUST_VERIFY_TRUST CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE # -# Certificate "TÃœRKTRUST Elektronik Sertifika Hizmet SaÄŸlayıcısı H5" -# -# Issuer: CN=T..RKTRUST Elektronik Sertifika Hizmet Sa..lay..c..s.. H5,O=T..RKTRUST Bilgi ..leti..im ve Bili..im G..venli..i Hizmetleri A....,L=Ankara,C=TR -# Serial Number:00:8e:17:fe:24:20:81 -# Subject: CN=T..RKTRUST Elektronik Sertifika Hizmet Sa..lay..c..s.. H5,O=T..RKTRUST Bilgi ..leti..im ve Bili..im G..venli..i Hizmetleri A....,L=Ankara,C=TR -# Not Valid Before: Tue Apr 30 08:07:01 2013 -# Not Valid After : Fri Apr 28 08:07:01 2023 -# Fingerprint (SHA-256): 49:35:1B:90:34:44:C1:85:CC:DC:5C:69:3D:24:D8:55:5C:B2:08:D6:A8:14:13:07:69:9F:4A:F0:63:19:9D:78 -# Fingerprint (SHA1): C4:18:F6:4D:46:D1:DF:00:3D:27:30:13:72:43:A9:12:11:C6:75:FB -CKA_CLASS CK_OBJECT_CLASS CKO_CERTIFICATE -CKA_TOKEN CK_BBOOL CK_TRUE -CKA_PRIVATE CK_BBOOL CK_FALSE -CKA_MODIFIABLE CK_BBOOL CK_FALSE -CKA_LABEL UTF8 "TÃœRKTRUST Elektronik Sertifika Hizmet SaÄŸlayıcısı H5" -CKA_CERTIFICATE_TYPE CK_CERTIFICATE_TYPE CKC_X_509 -CKA_SUBJECT MULTILINE_OCTAL -\060\201\261\061\013\060\011\006\003\125\004\006\023\002\124\122 -\061\017\060\015\006\003\125\004\007\014\006\101\156\153\141\162 -\141\061\115\060\113\006\003\125\004\012\014\104\124\303\234\122 -\113\124\122\125\123\124\040\102\151\154\147\151\040\304\260\154 -\145\164\151\305\237\151\155\040\166\145\040\102\151\154\151\305 -\237\151\155\040\107\303\274\166\145\156\154\151\304\237\151\040 -\110\151\172\155\145\164\154\145\162\151\040\101\056\305\236\056 -\061\102\060\100\006\003\125\004\003\014\071\124\303\234\122\113 -\124\122\125\123\124\040\105\154\145\153\164\162\157\156\151\153 -\040\123\145\162\164\151\146\151\153\141\040\110\151\172\155\145 -\164\040\123\141\304\237\154\141\171\304\261\143\304\261\163\304 -\261\040\110\065 -END -CKA_ID UTF8 "0" -CKA_ISSUER MULTILINE_OCTAL -\060\201\261\061\013\060\011\006\003\125\004\006\023\002\124\122 -\061\017\060\015\006\003\125\004\007\014\006\101\156\153\141\162 -\141\061\115\060\113\006\003\125\004\012\014\104\124\303\234\122 -\113\124\122\125\123\124\040\102\151\154\147\151\040\304\260\154 -\145\164\151\305\237\151\155\040\166\145\040\102\151\154\151\305 -\237\151\155\040\107\303\274\166\145\156\154\151\304\237\151\040 -\110\151\172\155\145\164\154\145\162\151\040\101\056\305\236\056 -\061\102\060\100\006\003\125\004\003\014\071\124\303\234\122\113 -\124\122\125\123\124\040\105\154\145\153\164\162\157\156\151\153 -\040\123\145\162\164\151\146\151\153\141\040\110\151\172\155\145 -\164\040\123\141\304\237\154\141\171\304\261\143\304\261\163\304 -\261\040\110\065 -END -CKA_SERIAL_NUMBER MULTILINE_OCTAL -\002\007\000\216\027\376\044\040\201 -END -CKA_VALUE MULTILINE_OCTAL -\060\202\004\047\060\202\003\017\240\003\002\001\002\002\007\000 -\216\027\376\044\040\201\060\015\006\011\052\206\110\206\367\015 -\001\001\013\005\000\060\201\261\061\013\060\011\006\003\125\004 -\006\023\002\124\122\061\017\060\015\006\003\125\004\007\014\006 -\101\156\153\141\162\141\061\115\060\113\006\003\125\004\012\014 -\104\124\303\234\122\113\124\122\125\123\124\040\102\151\154\147 -\151\040\304\260\154\145\164\151\305\237\151\155\040\166\145\040 -\102\151\154\151\305\237\151\155\040\107\303\274\166\145\156\154 -\151\304\237\151\040\110\151\172\155\145\164\154\145\162\151\040 -\101\056\305\236\056\061\102\060\100\006\003\125\004\003\014\071 -\124\303\234\122\113\124\122\125\123\124\040\105\154\145\153\164 -\162\157\156\151\153\040\123\145\162\164\151\146\151\153\141\040 -\110\151\172\155\145\164\040\123\141\304\237\154\141\171\304\261 -\143\304\261\163\304\261\040\110\065\060\036\027\015\061\063\060 -\064\063\060\060\070\060\067\060\061\132\027\015\062\063\060\064 -\062\070\060\070\060\067\060\061\132\060\201\261\061\013\060\011 -\006\003\125\004\006\023\002\124\122\061\017\060\015\006\003\125 -\004\007\014\006\101\156\153\141\162\141\061\115\060\113\006\003 -\125\004\012\014\104\124\303\234\122\113\124\122\125\123\124\040 -\102\151\154\147\151\040\304\260\154\145\164\151\305\237\151\155 -\040\166\145\040\102\151\154\151\305\237\151\155\040\107\303\274 -\166\145\156\154\151\304\237\151\040\110\151\172\155\145\164\154 -\145\162\151\040\101\056\305\236\056\061\102\060\100\006\003\125 -\004\003\014\071\124\303\234\122\113\124\122\125\123\124\040\105 -\154\145\153\164\162\157\156\151\153\040\123\145\162\164\151\146 -\151\153\141\040\110\151\172\155\145\164\040\123\141\304\237\154 -\141\171\304\261\143\304\261\163\304\261\040\110\065\060\202\001 -\042\060\015\006\011\052\206\110\206\367\015\001\001\001\005\000 -\003\202\001\017\000\060\202\001\012\002\202\001\001\000\244\045 -\031\341\145\236\353\110\041\120\112\010\345\021\360\132\272\046 -\377\203\131\316\104\052\057\376\341\316\140\003\374\215\003\245 -\355\377\153\250\272\314\064\006\237\131\065\366\354\054\273\235 -\373\215\122\151\343\234\047\020\123\363\244\002\305\247\371\021 -\032\151\165\156\303\035\213\321\230\215\223\207\247\161\227\015 -\041\307\231\371\122\323\054\143\135\125\274\350\037\001\110\271 -\140\376\102\112\366\310\200\256\315\146\172\236\105\212\150\167 -\342\110\150\237\242\332\361\341\301\020\237\353\074\051\201\247 -\341\062\010\324\240\005\261\214\373\215\226\000\016\076\045\337 -\123\206\042\073\374\364\275\363\011\176\167\354\206\353\017\063 -\345\103\117\364\124\165\155\051\231\056\146\132\103\337\313\134 -\312\310\345\070\361\176\073\065\235\017\364\305\132\241\314\363 -\040\200\044\323\127\354\025\272\165\045\233\350\144\113\263\064 -\204\357\004\270\366\311\154\252\002\076\266\125\342\062\067\137 -\374\146\227\137\315\326\236\307\040\277\115\306\254\077\165\137 -\034\355\062\234\174\151\000\151\221\343\043\030\123\351\002\003 -\001\000\001\243\102\060\100\060\035\006\003\125\035\016\004\026 -\004\024\126\231\007\036\323\254\014\151\144\264\014\120\107\336 -\103\054\276\040\300\373\060\016\006\003\125\035\017\001\001\377 -\004\004\003\002\001\006\060\017\006\003\125\035\023\001\001\377 -\004\005\060\003\001\001\377\060\015\006\011\052\206\110\206\367 -\015\001\001\013\005\000\003\202\001\001\000\236\105\166\173\027 -\110\062\362\070\213\051\275\356\226\112\116\201\030\261\121\107 -\040\315\320\144\261\016\311\331\001\331\011\316\310\231\334\150 -\045\023\324\134\362\243\350\004\376\162\011\307\013\252\035\045 -\125\176\226\232\127\267\272\305\021\172\031\346\247\176\075\205 -\016\365\371\056\051\057\347\371\154\130\026\127\120\045\366\076 -\056\076\252\355\167\161\252\252\231\226\106\012\256\216\354\052 -\121\026\260\136\315\352\147\004\034\130\060\365\140\212\275\246 -\275\115\345\226\264\374\102\211\001\153\366\160\310\120\071\014 -\055\325\146\331\310\322\263\062\267\033\031\155\313\063\371\337 -\245\346\025\204\067\360\302\362\145\226\222\220\167\360\255\364 -\220\351\021\170\327\223\211\300\075\013\272\051\364\350\231\235 -\162\216\355\235\057\356\222\175\241\361\377\135\272\063\140\205 -\142\376\007\002\241\204\126\106\276\226\012\232\023\327\041\114 -\267\174\007\237\116\116\077\221\164\373\047\235\021\314\335\346 -\261\312\161\115\023\027\071\046\305\051\041\053\223\051\152\226 -\372\253\101\341\113\266\065\013\300\233\025 -END -CKA_NSS_MOZILLA_CA_POLICY CK_BBOOL CK_TRUE - -# Trust for "TÃœRKTRUST Elektronik Sertifika Hizmet SaÄŸlayıcısı H5" -# Issuer: CN=T..RKTRUST Elektronik Sertifika Hizmet Sa..lay..c..s.. H5,O=T..RKTRUST Bilgi ..leti..im ve Bili..im G..venli..i Hizmetleri A....,L=Ankara,C=TR -# Serial Number:00:8e:17:fe:24:20:81 -# Subject: CN=T..RKTRUST Elektronik Sertifika Hizmet Sa..lay..c..s.. H5,O=T..RKTRUST Bilgi ..leti..im ve Bili..im G..venli..i Hizmetleri A....,L=Ankara,C=TR -# Not Valid Before: Tue Apr 30 08:07:01 2013 -# Not Valid After : Fri Apr 28 08:07:01 2023 -# Fingerprint (SHA-256): 49:35:1B:90:34:44:C1:85:CC:DC:5C:69:3D:24:D8:55:5C:B2:08:D6:A8:14:13:07:69:9F:4A:F0:63:19:9D:78 -# Fingerprint (SHA1): C4:18:F6:4D:46:D1:DF:00:3D:27:30:13:72:43:A9:12:11:C6:75:FB -CKA_CLASS CK_OBJECT_CLASS CKO_NSS_TRUST -CKA_TOKEN CK_BBOOL CK_TRUE -CKA_PRIVATE CK_BBOOL CK_FALSE -CKA_MODIFIABLE CK_BBOOL CK_FALSE -CKA_LABEL UTF8 "TÃœRKTRUST Elektronik Sertifika Hizmet SaÄŸlayıcısı H5" -CKA_CERT_SHA1_HASH MULTILINE_OCTAL -\304\030\366\115\106\321\337\000\075\047\060\023\162\103\251\022 -\021\306\165\373 -END -CKA_CERT_MD5_HASH MULTILINE_OCTAL -\332\160\216\360\042\337\223\046\366\137\237\323\025\006\122\116 -END -CKA_ISSUER MULTILINE_OCTAL -\060\201\261\061\013\060\011\006\003\125\004\006\023\002\124\122 -\061\017\060\015\006\003\125\004\007\014\006\101\156\153\141\162 -\141\061\115\060\113\006\003\125\004\012\014\104\124\303\234\122 -\113\124\122\125\123\124\040\102\151\154\147\151\040\304\260\154 -\145\164\151\305\237\151\155\040\166\145\040\102\151\154\151\305 -\237\151\155\040\107\303\274\166\145\156\154\151\304\237\151\040 -\110\151\172\155\145\164\154\145\162\151\040\101\056\305\236\056 -\061\102\060\100\006\003\125\004\003\014\071\124\303\234\122\113 -\124\122\125\123\124\040\105\154\145\153\164\162\157\156\151\153 -\040\123\145\162\164\151\146\151\153\141\040\110\151\172\155\145 -\164\040\123\141\304\237\154\141\171\304\261\143\304\261\163\304 -\261\040\110\065 -END -CKA_SERIAL_NUMBER MULTILINE_OCTAL -\002\007\000\216\027\376\044\040\201 -END -CKA_TRUST_SERVER_AUTH CK_TRUST CKT_NSS_TRUSTED_DELEGATOR -CKA_TRUST_EMAIL_PROTECTION CK_TRUST CKT_NSS_MUST_VERIFY_TRUST -CKA_TRUST_CODE_SIGNING CK_TRUST CKT_NSS_MUST_VERIFY_TRUST -CKA_TRUST_STEP_UP_APPROVED CK_BBOOL CK_FALSE - -# # Certificate "Certinomis - Root CA" # # Issuer: CN=Certinomis - Root CA,OU=0002 433998903,O=Certinomis,C=FR diff --git a/security/nss/lib/ckfw/builtins/nssckbi.h b/security/nss/lib/ckfw/builtins/nssckbi.h index 0189369b1..d40c8080e 100644 --- a/security/nss/lib/ckfw/builtins/nssckbi.h +++ b/security/nss/lib/ckfw/builtins/nssckbi.h @@ -32,7 +32,7 @@ * - whenever possible, if older branches require a modification to the * list, these changes should be made on the main line of development (trunk), * and the older branches should update to the most recent list. - * + * * - ODD minor version numbers are reserved to indicate a snapshot that has * deviated from the main line of development, e.g. if it was necessary * to modify the list on a stable branch. @@ -46,8 +46,8 @@ * It's recommend to switch back to 0 after having reached version 98/99. */ #define NSS_BUILTINS_LIBRARY_VERSION_MAJOR 2 -#define NSS_BUILTINS_LIBRARY_VERSION_MINOR 22 -#define NSS_BUILTINS_LIBRARY_VERSION "2.22" +#define NSS_BUILTINS_LIBRARY_VERSION_MINOR 24 +#define NSS_BUILTINS_LIBRARY_VERSION "2.24" /* These version numbers detail the semantic changes to the ckfw engine. */ #define NSS_BUILTINS_HARDWARE_VERSION_MAJOR 1 diff --git a/security/nss/lib/ckfw/nssmkey/Makefile b/security/nss/lib/ckfw/nssmkey/Makefile deleted file mode 100644 index e630e84b0..000000000 --- a/security/nss/lib/ckfw/nssmkey/Makefile +++ /dev/null @@ -1,72 +0,0 @@ -# -# This Source Code Form is subject to the terms of the Mozilla Public -# License, v. 2.0. If a copy of the MPL was not distributed with this -# file, You can obtain one at http://mozilla.org/MPL/2.0/. - -include manifest.mn -include $(CORE_DEPTH)/coreconf/config.mk -include config.mk - -EXTRA_LIBS = \ - $(DIST)/lib/$(LIB_PREFIX)nssckfw.$(LIB_SUFFIX) \ - $(DIST)/lib/$(LIB_PREFIX)secutil.$(LIB_SUFFIX) \ - $(DIST)/lib/$(LIB_PREFIX)nssb.$(LIB_SUFFIX) \ - $(NULL) - -# can't do this in manifest.mn because OS_TARGET isn't defined there. -ifeq (,$(filter-out WIN%,$(OS_TARGET))) - -ifdef NS_USE_GCC -EXTRA_LIBS += \ - -L$(NSPR_LIB_DIR) \ - -lplc4 \ - -lplds4 \ - -lnspr4 \ - $(NULL) -else -EXTRA_SHARED_LIBS += \ - $(NSPR_LIB_DIR)/$(NSPR31_LIB_PREFIX)plc4.lib \ - $(NSPR_LIB_DIR)/$(NSPR31_LIB_PREFIX)plds4.lib \ - $(NSPR_LIB_DIR)/$(NSPR31_LIB_PREFIX)nspr4.lib \ - $(NULL) -endif # NS_USE_GCC -else - -EXTRA_LIBS += \ - -L$(NSPR_LIB_DIR) \ - -lplc4 \ - -lplds4 \ - -lnspr4 \ - -framework Security \ - -framework CoreServices \ - $(NULL) -endif - - -include $(CORE_DEPTH)/coreconf/rules.mk - -# Generate certdata.c. -generate: - perl certdata.perl < certdata.txt - -# This'll need some help from a build person. - - -ifeq ($(OS_TARGET)$(OS_RELEASE), AIX4.1) -DSO_LDOPTS = -bM:SRE -bh:4 -bnoentry -EXTRA_DSO_LDOPTS = -lc -MKSHLIB = xlC $(DSO_LDOPTS) - -$(SHARED_LIBRARY): $(OBJS) - @$(MAKE_OBJDIR) - rm -f $@ - $(MKSHLIB) -o $@ $(OBJS) $(EXTRA_LIBS) $(EXTRA_DSO_LDOPTS) - chmod +x $@ - -endif - -ifeq ($(OS_TARGET)$(OS_RELEASE), AIX4.2) -LD += -G -endif - - diff --git a/security/nss/lib/ckfw/nssmkey/README b/security/nss/lib/ckfw/nssmkey/README deleted file mode 100644 index c060d9c3c..000000000 --- a/security/nss/lib/ckfw/nssmkey/README +++ /dev/null @@ -1,21 +0,0 @@ -This Cryptoki module provides acces to certs and keys stored in -Macintosh key Ring. - -- It does not yet export PKCS #12 keys. To get this to work should be - implemented using exporting the key object in PKCS #8 wrapped format. - PSM work needs to happen before this can be completed. -- It does not import or export CA Root trust from the mac keychain. -- It does not handle S/MIME objects (pkcs #7 in mac keychain terms?). -- The AuthRoots don't show up on the default list. -- Only RSA keys are supported currently. - -There are a number of things that have not been tested that other PKCS #11 -apps may need: -- reading Modulus and Public Exponents from private keys and public keys. -- storing public keys. -- setting attributes other than CKA_ID and CKA_LABEL. - -Other TODOs: -- Check for and plug memory leaks. -- Need to map mac errors into something more intellegible than - CKR_GENERAL_ERROR. diff --git a/security/nss/lib/ckfw/nssmkey/ckmk.h b/security/nss/lib/ckfw/nssmkey/ckmk.h deleted file mode 100644 index 4f3ab82d7..000000000 --- a/security/nss/lib/ckfw/nssmkey/ckmk.h +++ /dev/null @@ -1,182 +0,0 @@ -/* This Source Code Form is subject to the terms of the Mozilla Public - * License, v. 2.0. If a copy of the MPL was not distributed with this - * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ - -#ifndef CKMK_H -#define CKMK_H 1 - -#include <Security/SecKeychainSearch.h> -#include <Security/SecKeychainItem.h> -#include <Security/SecKeychain.h> -#include <Security/cssmtype.h> -#include <Security/cssmapi.h> -#include <Security/SecKey.h> -#include <Security/SecCertificate.h> - -#define NTO - -#include "nssckmdt.h" -#include "nssckfw.h" -/* - * I'm including this for access to the arena functions. - * Looks like we should publish that API. - */ -#ifndef BASE_H -#include "base.h" -#endif /* BASE_H */ -/* - * This is where the Netscape extensions live, at least for now. - */ -#ifndef CKT_H -#include "ckt.h" -#endif /* CKT_H */ - -/* - * statically defined raw objects. Allows us to data description objects - * to this PKCS #11 module. - */ -struct ckmkRawObjectStr { - CK_ULONG n; - const CK_ATTRIBUTE_TYPE *types; - const NSSItem *items; -}; -typedef struct ckmkRawObjectStr ckmkRawObject; - -/* - * Key/Cert Items - */ -struct ckmkItemObjectStr { - SecKeychainItemRef itemRef; - SecItemClass itemClass; - PRBool hasID; - NSSItem modify; - NSSItem private; - NSSItem encrypt; - NSSItem decrypt; - NSSItem derive; - NSSItem sign; - NSSItem signRecover; - NSSItem verify; - NSSItem verifyRecover; - NSSItem wrap; - NSSItem unwrap; - NSSItem label; - NSSItem subject; - NSSItem issuer; - NSSItem serial; - NSSItem derCert; - NSSItem id; - NSSItem modulus; - NSSItem exponent; - NSSItem privateExponent; - NSSItem prime1; - NSSItem prime2; - NSSItem exponent1; - NSSItem exponent2; - NSSItem coefficient; -}; -typedef struct ckmkItemObjectStr ckmkItemObject; - -typedef enum { - ckmkRaw, - ckmkItem, -} ckmkObjectType; - -/* - * all the various types of objects are abstracted away in cobject and - * cfind as ckmkInternalObjects. - */ -struct ckmkInternalObjectStr { - ckmkObjectType type; - union { - ckmkRawObject raw; - ckmkItemObject item; - } u; - CK_OBJECT_CLASS objClass; - NSSItem hashKey; - unsigned char hashKeyData[128]; - NSSCKMDObject mdObject; -}; -typedef struct ckmkInternalObjectStr ckmkInternalObject; - -/* our raw object data array */ -NSS_EXTERN_DATA ckmkInternalObject nss_ckmk_data[]; -NSS_EXTERN_DATA const PRUint32 nss_ckmk_nObjects; - -NSS_EXTERN_DATA const CK_VERSION nss_ckmk_CryptokiVersion; -NSS_EXTERN_DATA const NSSUTF8 *nss_ckmk_ManufacturerID; -NSS_EXTERN_DATA const NSSUTF8 *nss_ckmk_LibraryDescription; -NSS_EXTERN_DATA const CK_VERSION nss_ckmk_LibraryVersion; -NSS_EXTERN_DATA const NSSUTF8 *nss_ckmk_SlotDescription; -NSS_EXTERN_DATA const CK_VERSION nss_ckmk_HardwareVersion; -NSS_EXTERN_DATA const CK_VERSION nss_ckmk_FirmwareVersion; -NSS_EXTERN_DATA const NSSUTF8 *nss_ckmk_TokenLabel; -NSS_EXTERN_DATA const NSSUTF8 *nss_ckmk_TokenModel; -NSS_EXTERN_DATA const NSSUTF8 *nss_ckmk_TokenSerialNumber; - -NSS_EXTERN_DATA const NSSCKMDInstance nss_ckmk_mdInstance; -NSS_EXTERN_DATA const NSSCKMDSlot nss_ckmk_mdSlot; -NSS_EXTERN_DATA const NSSCKMDToken nss_ckmk_mdToken; -NSS_EXTERN_DATA const NSSCKMDMechanism nss_ckmk_mdMechanismRSA; - -NSS_EXTERN NSSCKMDSession * -nss_ckmk_CreateSession( - NSSCKFWSession *fwSession, - CK_RV *pError); - -NSS_EXTERN NSSCKMDFindObjects * -nss_ckmk_FindObjectsInit( - NSSCKFWSession *fwSession, - CK_ATTRIBUTE_PTR pTemplate, - CK_ULONG ulAttributeCount, - CK_RV *pError); - -/* - * Object Utilities - */ -NSS_EXTERN NSSCKMDObject * -nss_ckmk_CreateMDObject( - NSSArena *arena, - ckmkInternalObject *io, - CK_RV *pError); - -NSS_EXTERN NSSCKMDObject * -nss_ckmk_CreateObject( - NSSCKFWSession *fwSession, - CK_ATTRIBUTE_PTR pTemplate, - CK_ULONG ulAttributeCount, - CK_RV *pError); - -NSS_EXTERN const NSSItem * -nss_ckmk_FetchAttribute( - ckmkInternalObject *io, - CK_ATTRIBUTE_TYPE type, - CK_RV *pError); - -NSS_EXTERN void -nss_ckmk_DestroyInternalObject( - ckmkInternalObject *io); - -unsigned char * -nss_ckmk_DERUnwrap( - unsigned char *src, - int size, - int *outSize, - unsigned char **next); - -CK_ULONG -nss_ckmk_GetULongAttribute( - CK_ATTRIBUTE_TYPE type, - CK_ATTRIBUTE *template, - CK_ULONG templateSize, - CK_RV *pError); - -#define NSS_CKMK_ARRAY_SIZE(x) ((sizeof(x)) / (sizeof((x)[0]))) - -#ifdef DEBUG -#define CKMK_MACERR(str, err) cssmPerror(str, err) -#else -#define CKMK_MACERR(str, err) -#endif - -#endif diff --git a/security/nss/lib/ckfw/nssmkey/ckmkver.c b/security/nss/lib/ckfw/nssmkey/ckmkver.c deleted file mode 100644 index 2b99f1e22..000000000 --- a/security/nss/lib/ckfw/nssmkey/ckmkver.c +++ /dev/null @@ -1,17 +0,0 @@ -/* This Source Code Form is subject to the terms of the Mozilla Public - * License, v. 2.0. If a copy of the MPL was not distributed with this - * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -/* Library identity and versioning */ - -#include "nssmkey.h" - -#if defined(DEBUG) -#define _DEBUG_STRING " (debug)" -#else -#define _DEBUG_STRING "" -#endif - -/* - * Version information - */ -const char __nss_ckmk_version[] = "Version: NSS Access to the MAC OS X Key Ring " NSS_CKMK_LIBRARY_VERSION _DEBUG_STRING; diff --git a/security/nss/lib/ckfw/nssmkey/config.mk b/security/nss/lib/ckfw/nssmkey/config.mk deleted file mode 100644 index 709691067..000000000 --- a/security/nss/lib/ckfw/nssmkey/config.mk +++ /dev/null @@ -1,24 +0,0 @@ -# -# This Source Code Form is subject to the terms of the Mozilla Public -# License, v. 2.0. If a copy of the MPL was not distributed with this -# file, You can obtain one at http://mozilla.org/MPL/2.0/. - -ifdef BUILD_IDG -DEFINES += -DNSSDEBUG -endif - -ifdef NS_USE_CKFW_TRACE -DEFINES += -DTRACE -endif - -# -# Override TARGETS variable so that only static libraries -# are specifed as dependencies within rules.mk. -# - -TARGETS = $(LIBRARY) -SHARED_LIBRARY = -IMPORT_LIBRARY = -PROGRAM = - - diff --git a/security/nss/lib/ckfw/nssmkey/manchor.c b/security/nss/lib/ckfw/nssmkey/manchor.c deleted file mode 100644 index 3b8bc2dbb..000000000 --- a/security/nss/lib/ckfw/nssmkey/manchor.c +++ /dev/null @@ -1,17 +0,0 @@ -/* This Source Code Form is subject to the terms of the Mozilla Public - * License, v. 2.0. If a copy of the MPL was not distributed with this - * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ - -/* - * nssmkey/manchor.c - * - * This file "anchors" the actual cryptoki entry points in this module's - * shared library, which is required for dynamic loading. See the - * comments in nssck.api for more information. - */ - -#include "ckmk.h" - -#define MODULE_NAME ckmk -#define INSTANCE_NAME (NSSCKMDInstance *)&nss_ckmk_mdInstance -#include "nssck.api" diff --git a/security/nss/lib/ckfw/nssmkey/manifest.mn b/security/nss/lib/ckfw/nssmkey/manifest.mn deleted file mode 100644 index 036d9bc3f..000000000 --- a/security/nss/lib/ckfw/nssmkey/manifest.mn +++ /dev/null @@ -1,33 +0,0 @@ -# -# This Source Code Form is subject to the terms of the Mozilla Public -# License, v. 2.0. If a copy of the MPL was not distributed with this -# file, You can obtain one at http://mozilla.org/MPL/2.0/. - -CORE_DEPTH = ../../../.. - -MODULE = nss -MAPFILE = $(OBJDIR)/nssmkey.def - -EXPORTS = \ - nssmkey.h \ - $(NULL) - -CSRCS = \ - manchor.c \ - mconstants.c \ - mfind.c \ - minst.c \ - mobject.c \ - mrsa.c \ - msession.c \ - mslot.c \ - mtoken.c \ - ckmkver.c \ - staticobj.c \ - $(NULL) - -REQUIRES = nspr - -LIBRARY_NAME = nssmkey - -#EXTRA_SHARED_LIBS = -L$(DIST)/lib -lnssckfw -lnssb -lplc4 -lplds4 diff --git a/security/nss/lib/ckfw/nssmkey/mconstants.c b/security/nss/lib/ckfw/nssmkey/mconstants.c deleted file mode 100644 index c26298ada..000000000 --- a/security/nss/lib/ckfw/nssmkey/mconstants.c +++ /dev/null @@ -1,61 +0,0 @@ -/* This Source Code Form is subject to the terms of the Mozilla Public - * License, v. 2.0. If a copy of the MPL was not distributed with this - * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ - -/* - * nssmkey/constants.c - * - * Identification and other constants, all collected here in one place. - */ - -#ifndef NSSBASET_H -#include "nssbaset.h" -#endif /* NSSBASET_H */ - -#ifndef NSSCKT_H -#include "nssckt.h" -#endif /* NSSCKT_H */ - -#include "nssmkey.h" - -NSS_IMPLEMENT_DATA const CK_VERSION - nss_ckmk_CryptokiVersion = { - NSS_CKMK_CRYPTOKI_VERSION_MAJOR, - NSS_CKMK_CRYPTOKI_VERSION_MINOR - }; - -NSS_IMPLEMENT_DATA const NSSUTF8 * - nss_ckmk_ManufacturerID = (NSSUTF8 *)"Mozilla Foundation"; - -NSS_IMPLEMENT_DATA const NSSUTF8 * - nss_ckmk_LibraryDescription = (NSSUTF8 *)"NSS Access to Mac OS X Key Ring"; - -NSS_IMPLEMENT_DATA const CK_VERSION - nss_ckmk_LibraryVersion = { - NSS_CKMK_LIBRARY_VERSION_MAJOR, - NSS_CKMK_LIBRARY_VERSION_MINOR - }; - -NSS_IMPLEMENT_DATA const NSSUTF8 * - nss_ckmk_SlotDescription = (NSSUTF8 *)"Mac OS X Key Ring"; - -NSS_IMPLEMENT_DATA const CK_VERSION - nss_ckmk_HardwareVersion = { - NSS_CKMK_HARDWARE_VERSION_MAJOR, - NSS_CKMK_HARDWARE_VERSION_MINOR - }; - -NSS_IMPLEMENT_DATA const CK_VERSION - nss_ckmk_FirmwareVersion = { - NSS_CKMK_FIRMWARE_VERSION_MAJOR, - NSS_CKMK_FIRMWARE_VERSION_MINOR - }; - -NSS_IMPLEMENT_DATA const NSSUTF8 * - nss_ckmk_TokenLabel = (NSSUTF8 *)"Mac OS X Key Ring"; - -NSS_IMPLEMENT_DATA const NSSUTF8 * - nss_ckmk_TokenModel = (NSSUTF8 *)"1"; - -NSS_IMPLEMENT_DATA const NSSUTF8 * - nss_ckmk_TokenSerialNumber = (NSSUTF8 *)"1"; diff --git a/security/nss/lib/ckfw/nssmkey/mfind.c b/security/nss/lib/ckfw/nssmkey/mfind.c deleted file mode 100644 index d193a8de7..000000000 --- a/security/nss/lib/ckfw/nssmkey/mfind.c +++ /dev/null @@ -1,352 +0,0 @@ -/* This Source Code Form is subject to the terms of the Mozilla Public - * License, v. 2.0. If a copy of the MPL was not distributed with this - * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ - -#ifndef CKMK_H -#include "ckmk.h" -#endif /* CKMK_H */ - -/* - * nssmkey/mfind.c - * - * This file implements the NSSCKMDFindObjects object for the - * "nssmkey" cryptoki module. - */ - -struct ckmkFOStr { - NSSArena *arena; - CK_ULONG n; - CK_ULONG i; - ckmkInternalObject **objs; -}; - -static void -ckmk_mdFindObjects_Final( - NSSCKMDFindObjects *mdFindObjects, - NSSCKFWFindObjects *fwFindObjects, - NSSCKMDSession *mdSession, - NSSCKFWSession *fwSession, - NSSCKMDToken *mdToken, - NSSCKFWToken *fwToken, - NSSCKMDInstance *mdInstance, - NSSCKFWInstance *fwInstance) -{ - struct ckmkFOStr *fo = (struct ckmkFOStr *)mdFindObjects->etc; - NSSArena *arena = fo->arena; - PRUint32 i; - - /* walk down an free the unused 'objs' */ - for (i = fo->i; i < fo->n; i++) { - nss_ckmk_DestroyInternalObject(fo->objs[i]); - } - - nss_ZFreeIf(fo->objs); - nss_ZFreeIf(fo); - nss_ZFreeIf(mdFindObjects); - if ((NSSArena *)NULL != arena) { - NSSArena_Destroy(arena); - } - - return; -} - -static NSSCKMDObject * -ckmk_mdFindObjects_Next( - NSSCKMDFindObjects *mdFindObjects, - NSSCKFWFindObjects *fwFindObjects, - NSSCKMDSession *mdSession, - NSSCKFWSession *fwSession, - NSSCKMDToken *mdToken, - NSSCKFWToken *fwToken, - NSSCKMDInstance *mdInstance, - NSSCKFWInstance *fwInstance, - NSSArena *arena, - CK_RV *pError) -{ - struct ckmkFOStr *fo = (struct ckmkFOStr *)mdFindObjects->etc; - ckmkInternalObject *io; - - if (fo->i == fo->n) { - *pError = CKR_OK; - return (NSSCKMDObject *)NULL; - } - - io = fo->objs[fo->i]; - fo->i++; - - return nss_ckmk_CreateMDObject(arena, io, pError); -} - -static CK_BBOOL -ckmk_attrmatch( - CK_ATTRIBUTE_PTR a, - ckmkInternalObject *o) -{ - PRBool prb; - const NSSItem *b; - CK_RV error; - - b = nss_ckmk_FetchAttribute(o, a->type, &error); - if (b == NULL) { - return CK_FALSE; - } - - if (a->ulValueLen != b->size) { - /* match a decoded serial number */ - if ((a->type == CKA_SERIAL_NUMBER) && (a->ulValueLen < b->size)) { - int len; - unsigned char *data; - - data = nss_ckmk_DERUnwrap(b->data, b->size, &len, NULL); - if ((len == a->ulValueLen) && - nsslibc_memequal(a->pValue, data, len, (PRStatus *)NULL)) { - return CK_TRUE; - } - } - return CK_FALSE; - } - - prb = nsslibc_memequal(a->pValue, b->data, b->size, (PRStatus *)NULL); - - if (PR_TRUE == prb) { - return CK_TRUE; - } else { - return CK_FALSE; - } -} - -static CK_BBOOL -ckmk_match( - CK_ATTRIBUTE_PTR pTemplate, - CK_ULONG ulAttributeCount, - ckmkInternalObject *o) -{ - CK_ULONG i; - - for (i = 0; i < ulAttributeCount; i++) { - if (CK_FALSE == ckmk_attrmatch(&pTemplate[i], o)) { - return CK_FALSE; - } - } - - /* Every attribute passed */ - return CK_TRUE; -} - -#define CKMK_ITEM_CHUNK 20 - -#define PUT_OBJECT(obj, err, size, count, list) \ - { \ - if (count >= size) { \ - (list) = (list) ? nss_ZREALLOCARRAY(list, ckmkInternalObject *, \ - ((size) + \ - CKMK_ITEM_CHUNK)) \ - : nss_ZNEWARRAY(NULL, ckmkInternalObject *, \ - ((size) + \ - CKMK_ITEM_CHUNK)); \ - if ((ckmkInternalObject **)NULL == list) { \ - err = CKR_HOST_MEMORY; \ - goto loser; \ - } \ - (size) += CKMK_ITEM_CHUNK; \ - } \ - (list)[count] = (obj); \ - count++; \ - } - -/* find all the certs that represent the appropriate object (cert, priv key, or - * pub key) in the cert store. - */ -static PRUint32 -collect_class( - CK_OBJECT_CLASS objClass, - SecItemClass itemClass, - CK_ATTRIBUTE_PTR pTemplate, - CK_ULONG ulAttributeCount, - ckmkInternalObject ***listp, - PRUint32 *sizep, - PRUint32 count, - CK_RV *pError) -{ - ckmkInternalObject *next = NULL; - SecKeychainSearchRef searchRef = 0; - SecKeychainItemRef itemRef = 0; - OSStatus error; - - /* future, build the attribute list based on the template - * so we can refine the search */ - error = SecKeychainSearchCreateFromAttributes( - NULL, itemClass, NULL, &searchRef); - - while (noErr == SecKeychainSearchCopyNext(searchRef, &itemRef)) { - /* if we don't have an internal object structure, get one */ - if ((ckmkInternalObject *)NULL == next) { - next = nss_ZNEW(NULL, ckmkInternalObject); - if ((ckmkInternalObject *)NULL == next) { - *pError = CKR_HOST_MEMORY; - goto loser; - } - } - /* fill in the relevant object data */ - next->type = ckmkItem; - next->objClass = objClass; - next->u.item.itemRef = itemRef; - next->u.item.itemClass = itemClass; - - /* see if this is one of the objects we are looking for */ - if (CK_TRUE == ckmk_match(pTemplate, ulAttributeCount, next)) { - /* yes, put it on the list */ - PUT_OBJECT(next, *pError, *sizep, count, *listp); - next = NULL; /* this one is on the list, need to allocate a new one now */ - } else { - /* no , release the current item and clear out the structure for reuse */ - CFRelease(itemRef); - /* don't cache the values we just loaded */ - nsslibc_memset(next, 0, sizeof(*next)); - } - } -loser: - if (searchRef) { - CFRelease(searchRef); - } - nss_ZFreeIf(next); - return count; -} - -static PRUint32 -collect_objects( - CK_ATTRIBUTE_PTR pTemplate, - CK_ULONG ulAttributeCount, - ckmkInternalObject ***listp, - CK_RV *pError) -{ - PRUint32 i; - PRUint32 count = 0; - PRUint32 size = 0; - CK_OBJECT_CLASS objClass; - - /* - * first handle the static build in objects (if any) - */ - for (i = 0; i < nss_ckmk_nObjects; i++) { - ckmkInternalObject *o = (ckmkInternalObject *)&nss_ckmk_data[i]; - - if (CK_TRUE == ckmk_match(pTemplate, ulAttributeCount, o)) { - PUT_OBJECT(o, *pError, size, count, *listp); - } - } - - /* - * now handle the various object types - */ - objClass = nss_ckmk_GetULongAttribute(CKA_CLASS, - pTemplate, ulAttributeCount, pError); - if (CKR_OK != *pError) { - objClass = CK_INVALID_HANDLE; - } - *pError = CKR_OK; - switch (objClass) { - case CKO_CERTIFICATE: - count = collect_class(objClass, kSecCertificateItemClass, - pTemplate, ulAttributeCount, listp, - &size, count, pError); - break; - case CKO_PUBLIC_KEY: - count = collect_class(objClass, CSSM_DL_DB_RECORD_PUBLIC_KEY, - pTemplate, ulAttributeCount, listp, - &size, count, pError); - break; - case CKO_PRIVATE_KEY: - count = collect_class(objClass, CSSM_DL_DB_RECORD_PRIVATE_KEY, - pTemplate, ulAttributeCount, listp, - &size, count, pError); - break; - /* all of them */ - case CK_INVALID_HANDLE: - count = collect_class(CKO_CERTIFICATE, kSecCertificateItemClass, - pTemplate, ulAttributeCount, listp, - &size, count, pError); - count = collect_class(CKO_PUBLIC_KEY, CSSM_DL_DB_RECORD_PUBLIC_KEY, - pTemplate, ulAttributeCount, listp, - &size, count, pError); - count = collect_class(CKO_PUBLIC_KEY, CSSM_DL_DB_RECORD_PRIVATE_KEY, - pTemplate, ulAttributeCount, listp, - &size, count, pError); - break; - default: - break; - } - if (CKR_OK != *pError) { - goto loser; - } - - return count; -loser: - nss_ZFreeIf(*listp); - return 0; -} - -NSS_IMPLEMENT NSSCKMDFindObjects * -nss_ckmk_FindObjectsInit( - NSSCKFWSession *fwSession, - CK_ATTRIBUTE_PTR pTemplate, - CK_ULONG ulAttributeCount, - CK_RV *pError) -{ - /* This could be made more efficient. I'm rather rushed. */ - NSSArena *arena; - NSSCKMDFindObjects *rv = (NSSCKMDFindObjects *)NULL; - struct ckmkFOStr *fo = (struct ckmkFOStr *)NULL; - ckmkInternalObject **temp = (ckmkInternalObject **)NULL; - - arena = NSSArena_Create(); - if ((NSSArena *)NULL == arena) { - goto loser; - } - - rv = nss_ZNEW(arena, NSSCKMDFindObjects); - if ((NSSCKMDFindObjects *)NULL == rv) { - *pError = CKR_HOST_MEMORY; - goto loser; - } - - fo = nss_ZNEW(arena, struct ckmkFOStr); - if ((struct ckmkFOStr *)NULL == fo) { - *pError = CKR_HOST_MEMORY; - goto loser; - } - - fo->arena = arena; - /* fo->n and fo->i are already zero */ - - rv->etc = (void *)fo; - rv->Final = ckmk_mdFindObjects_Final; - rv->Next = ckmk_mdFindObjects_Next; - rv->null = (void *)NULL; - - fo->n = collect_objects(pTemplate, ulAttributeCount, &temp, pError); - if (*pError != CKR_OK) { - goto loser; - } - - fo->objs = nss_ZNEWARRAY(arena, ckmkInternalObject *, fo->n); - if ((ckmkInternalObject **)NULL == fo->objs) { - *pError = CKR_HOST_MEMORY; - goto loser; - } - - (void)nsslibc_memcpy(fo->objs, temp, sizeof(ckmkInternalObject *) * fo->n); - nss_ZFreeIf(temp); - temp = (ckmkInternalObject **)NULL; - - return rv; - -loser: - nss_ZFreeIf(temp); - nss_ZFreeIf(fo); - nss_ZFreeIf(rv); - if ((NSSArena *)NULL != arena) { - NSSArena_Destroy(arena); - } - return (NSSCKMDFindObjects *)NULL; -} diff --git a/security/nss/lib/ckfw/nssmkey/minst.c b/security/nss/lib/ckfw/nssmkey/minst.c deleted file mode 100644 index fcb96c652..000000000 --- a/security/nss/lib/ckfw/nssmkey/minst.c +++ /dev/null @@ -1,97 +0,0 @@ -/* This Source Code Form is subject to the terms of the Mozilla Public - * License, v. 2.0. If a copy of the MPL was not distributed with this - * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ - -#include "ckmk.h" - -/* - * nssmkey/minstance.c - * - * This file implements the NSSCKMDInstance object for the - * "nssmkey" cryptoki module. - */ - -/* - * NSSCKMDInstance methods - */ - -static CK_ULONG -ckmk_mdInstance_GetNSlots( - NSSCKMDInstance *mdInstance, - NSSCKFWInstance *fwInstance, - CK_RV *pError) -{ - return (CK_ULONG)1; -} - -static CK_VERSION -ckmk_mdInstance_GetCryptokiVersion( - NSSCKMDInstance *mdInstance, - NSSCKFWInstance *fwInstance) -{ - return nss_ckmk_CryptokiVersion; -} - -static NSSUTF8 * -ckmk_mdInstance_GetManufacturerID( - NSSCKMDInstance *mdInstance, - NSSCKFWInstance *fwInstance, - CK_RV *pError) -{ - return (NSSUTF8 *)nss_ckmk_ManufacturerID; -} - -static NSSUTF8 * -ckmk_mdInstance_GetLibraryDescription( - NSSCKMDInstance *mdInstance, - NSSCKFWInstance *fwInstance, - CK_RV *pError) -{ - return (NSSUTF8 *)nss_ckmk_LibraryDescription; -} - -static CK_VERSION -ckmk_mdInstance_GetLibraryVersion( - NSSCKMDInstance *mdInstance, - NSSCKFWInstance *fwInstance) -{ - return nss_ckmk_LibraryVersion; -} - -static CK_RV -ckmk_mdInstance_GetSlots( - NSSCKMDInstance *mdInstance, - NSSCKFWInstance *fwInstance, - NSSCKMDSlot *slots[]) -{ - slots[0] = (NSSCKMDSlot *)&nss_ckmk_mdSlot; - return CKR_OK; -} - -static CK_BBOOL -ckmk_mdInstance_ModuleHandlesSessionObjects( - NSSCKMDInstance *mdInstance, - NSSCKFWInstance *fwInstance) -{ - /* we don't want to allow any session object creation, at least - * until we can investigate whether or not we can use those objects - */ - return CK_TRUE; -} - -NSS_IMPLEMENT_DATA const NSSCKMDInstance - nss_ckmk_mdInstance = { - (void *)NULL, /* etc */ - NULL, /* Initialize */ - NULL, /* Finalize */ - ckmk_mdInstance_GetNSlots, - ckmk_mdInstance_GetCryptokiVersion, - ckmk_mdInstance_GetManufacturerID, - ckmk_mdInstance_GetLibraryDescription, - ckmk_mdInstance_GetLibraryVersion, - ckmk_mdInstance_ModuleHandlesSessionObjects, - /*NULL, /* HandleSessionObjects */ - ckmk_mdInstance_GetSlots, - NULL, /* WaitForSlotEvent */ - (void *)NULL /* null terminator */ - }; diff --git a/security/nss/lib/ckfw/nssmkey/mobject.c b/security/nss/lib/ckfw/nssmkey/mobject.c deleted file mode 100644 index b19a8fdbd..000000000 --- a/security/nss/lib/ckfw/nssmkey/mobject.c +++ /dev/null @@ -1,1861 +0,0 @@ -/* This Source Code Form is subject to the terms of the Mozilla Public - * License, v. 2.0. If a copy of the MPL was not distributed with this - * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ - -#include "ckmk.h" -#include "nssbase.h" - -#include "secdert.h" /* for DER_INTEGER */ -#include "string.h" - -/* asn1 encoder (to build pkcs#8 blobs) */ -#include <seccomon.h> -#include <secitem.h> -#include <blapit.h> -#include <secoid.h> -#include <secasn1.h> - -/* for importing the keys */ -#include <CoreFoundation/CoreFoundation.h> -#include <security/SecImportExport.h> - -/* - * nssmkey/mobject.c - * - * This file implements the NSSCKMDObject object for the - * "nssmkey" cryptoki module. - */ - -const CK_ATTRIBUTE_TYPE certAttrs[] = { - CKA_CLASS, - CKA_TOKEN, - CKA_PRIVATE, - CKA_MODIFIABLE, - CKA_LABEL, - CKA_CERTIFICATE_TYPE, - CKA_SUBJECT, - CKA_ISSUER, - CKA_SERIAL_NUMBER, - CKA_VALUE -}; -const PRUint32 certAttrsCount = NSS_CKMK_ARRAY_SIZE(certAttrs); - -/* private keys, for now only support RSA */ -const CK_ATTRIBUTE_TYPE privKeyAttrs[] = { - CKA_CLASS, - CKA_TOKEN, - CKA_PRIVATE, - CKA_MODIFIABLE, - CKA_LABEL, - CKA_KEY_TYPE, - CKA_DERIVE, - CKA_LOCAL, - CKA_SUBJECT, - CKA_SENSITIVE, - CKA_DECRYPT, - CKA_SIGN, - CKA_SIGN_RECOVER, - CKA_UNWRAP, - CKA_EXTRACTABLE, - CKA_ALWAYS_SENSITIVE, - CKA_NEVER_EXTRACTABLE, - CKA_MODULUS, - CKA_PUBLIC_EXPONENT, -}; -const PRUint32 privKeyAttrsCount = NSS_CKMK_ARRAY_SIZE(privKeyAttrs); - -/* public keys, for now only support RSA */ -const CK_ATTRIBUTE_TYPE pubKeyAttrs[] = { - CKA_CLASS, - CKA_TOKEN, - CKA_PRIVATE, - CKA_MODIFIABLE, - CKA_LABEL, - CKA_KEY_TYPE, - CKA_DERIVE, - CKA_LOCAL, - CKA_SUBJECT, - CKA_ENCRYPT, - CKA_VERIFY, - CKA_VERIFY_RECOVER, - CKA_WRAP, - CKA_MODULUS, - CKA_PUBLIC_EXPONENT, -}; -const PRUint32 pubKeyAttrsCount = NSS_CKMK_ARRAY_SIZE(pubKeyAttrs); -static const CK_BBOOL ck_true = CK_TRUE; -static const CK_BBOOL ck_false = CK_FALSE; -static const CK_CERTIFICATE_TYPE ckc_x509 = CKC_X_509; -static const CK_KEY_TYPE ckk_rsa = CKK_RSA; -static const CK_OBJECT_CLASS cko_certificate = CKO_CERTIFICATE; -static const CK_OBJECT_CLASS cko_private_key = CKO_PRIVATE_KEY; -static const CK_OBJECT_CLASS cko_public_key = CKO_PUBLIC_KEY; -static const NSSItem ckmk_trueItem = { - (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) -}; -static const NSSItem ckmk_falseItem = { - (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) -}; -static const NSSItem ckmk_x509Item = { - (void *)&ckc_x509, (PRUint32)sizeof(CK_CERTIFICATE_TYPE) -}; -static const NSSItem ckmk_rsaItem = { - (void *)&ckk_rsa, (PRUint32)sizeof(CK_KEY_TYPE) -}; -static const NSSItem ckmk_certClassItem = { - (void *)&cko_certificate, (PRUint32)sizeof(CK_OBJECT_CLASS) -}; -static const NSSItem ckmk_privKeyClassItem = { - (void *)&cko_private_key, (PRUint32)sizeof(CK_OBJECT_CLASS) -}; -static const NSSItem ckmk_pubKeyClassItem = { - (void *)&cko_public_key, (PRUint32)sizeof(CK_OBJECT_CLASS) -}; -static const NSSItem ckmk_emptyItem = { - (void *)&ck_true, 0 -}; - -/* - * these are utilities. The chould be moved to a new utilities file. - */ -#ifdef DEBUG -static void -itemdump(char *str, void *data, int size, CK_RV error) -{ - unsigned char *ptr = (unsigned char *)data; - int i; - fprintf(stderr, str); - for (i = 0; i < size; i++) { - fprintf(stderr, "%02x ", (unsigned int)ptr[i]); - } - fprintf(stderr, " (error = %d)\n", (int)error); -} -#endif - -/* - * unwrap a single DER value - * now that we have util linked in, we should probably use - * the ANS1_Decoder for this work... - */ -unsigned char * -nss_ckmk_DERUnwrap( - unsigned char *src, - int size, - int *outSize, - unsigned char **next) -{ - unsigned char *start = src; - unsigned int len = 0; - - /* initialize error condition return values */ - *outSize = 0; - if (next) { - *next = src; - } - - if (size < 2) { - return start; - } - src++; /* skip the tag -- should check it against an expected value! */ - len = (unsigned)*src++; - if (len & 0x80) { - int count = len & 0x7f; - len = 0; - - if (count + 2 > size) { - return start; - } - while (count-- > 0) { - len = (len << 8) | (unsigned)*src++; - } - } - if (len + (src - start) > (unsigned int)size) { - return start; - } - if (next) { - *next = src + len; - } - *outSize = len; - - return src; -} - -/* - * get an attribute from a template. Value is returned in NSS item. - * data for the item is owned by the template. - */ -CK_RV -nss_ckmk_GetAttribute( - CK_ATTRIBUTE_TYPE type, - CK_ATTRIBUTE *template, - CK_ULONG templateSize, - NSSItem *item) -{ - CK_ULONG i; - - for (i = 0; i < templateSize; i++) { - if (template[i].type == type) { - item->data = template[i].pValue; - item->size = template[i].ulValueLen; - return CKR_OK; - } - } - return CKR_TEMPLATE_INCOMPLETE; -} - -/* - * get an attribute which is type CK_ULONG. - */ -CK_ULONG -nss_ckmk_GetULongAttribute( - CK_ATTRIBUTE_TYPE type, - CK_ATTRIBUTE *template, - CK_ULONG templateSize, - CK_RV *pError) -{ - NSSItem item; - - *pError = nss_ckmk_GetAttribute(type, template, templateSize, &item); - if (CKR_OK != *pError) { - return (CK_ULONG)0; - } - if (item.size != sizeof(CK_ULONG)) { - *pError = CKR_ATTRIBUTE_VALUE_INVALID; - return (CK_ULONG)0; - } - return *(CK_ULONG *)item.data; -} - -/* - * get an attribute which is type CK_BBOOL. - */ -CK_BBOOL -nss_ckmk_GetBoolAttribute( - CK_ATTRIBUTE_TYPE type, - CK_ATTRIBUTE *template, - CK_ULONG templateSize, - CK_BBOOL defaultBool) -{ - NSSItem item; - CK_RV error; - - error = nss_ckmk_GetAttribute(type, template, templateSize, &item); - if (CKR_OK != error) { - return defaultBool; - } - if (item.size != sizeof(CK_BBOOL)) { - return defaultBool; - } - return *(CK_BBOOL *)item.data; -} - -/* - * get an attribute as a NULL terminated string. Caller is responsible to - * free the string. - */ -char * -nss_ckmk_GetStringAttribute( - CK_ATTRIBUTE_TYPE type, - CK_ATTRIBUTE *template, - CK_ULONG templateSize, - CK_RV *pError) -{ - NSSItem item; - char *str; - - /* get the attribute */ - *pError = nss_ckmk_GetAttribute(type, template, templateSize, &item); - if (CKR_OK != *pError) { - return (char *)NULL; - } - /* make sure it is null terminated */ - str = nss_ZNEWARRAY(NULL, char, item.size + 1); - if ((char *)NULL == str) { - *pError = CKR_HOST_MEMORY; - return (char *)NULL; - } - - nsslibc_memcpy(str, item.data, item.size); - str[item.size] = 0; - - return str; -} - -/* - * Apple doesn't seem to have a public interface to the DER encoder, - * wip out a quick one for integers only (anything more complicated, - * we should use one of the 3 in lib/util). -- especially since we - * now link with it. - */ -static CK_RV -ckmk_encodeInt(NSSItem *dest, void *src, int srcLen) -{ - int dataLen = srcLen; - int lenLen = 1; - int encLen; - int isSigned = 0; - int offset = 0; - unsigned char *data = NULL; - int i; - - if (*(unsigned char *)src & 0x80) { - dataLen++; - isSigned = 1; - } - - /* calculate the length of the length specifier */ - /* (NOTE: destroys dataLen value) */ - if (dataLen > 0x7f) { - do { - lenLen++; - dataLen >>= 8; - } while (dataLen); - } - - /* calculate our total length */ - dataLen = isSigned + srcLen; - encLen = 1 + lenLen + dataLen; - data = nss_ZNEWARRAY(NULL, unsigned char, encLen); - if ((unsigned char *)NULL == data) { - return CKR_HOST_MEMORY; - } - data[0] = DER_INTEGER; - if (1 == lenLen) { - data[1] = dataLen; - } else { - data[1] = 0x80 + lenLen; - for (i = 0; i < lenLen; i++) { - data[i + 1] = ((dataLen >> ((lenLen - - i - 1) * - 8)) & - 0xff); - } - } - offset = lenLen + 1; - - if (isSigned) { - data[offset++] = 0; - } - nsslibc_memcpy(&data[offset], src, srcLen); - dest->data = data; - dest->size = encLen; - return CKR_OK; -} - -/* - * Get a Keyring attribute. If content is set to true, then we get the - * content, not the attribute. - */ -static CK_RV -ckmk_GetCommonAttribute( - ckmkInternalObject *io, - SecItemAttr itemAttr, - PRBool content, - NSSItem *item, - char *dbString) -{ - SecKeychainAttributeList *attrList = NULL; - SecKeychainAttributeInfo attrInfo; - PRUint32 len = 0; - PRUint32 dataLen = 0; - PRUint32 attrFormat = 0; - void *dataVal = 0; - void *out = NULL; - CK_RV error = CKR_OK; - OSStatus macErr; - - attrInfo.count = 1; - attrInfo.tag = &itemAttr; - attrInfo.format = &attrFormat; - - macErr = SecKeychainItemCopyAttributesAndData(io->u.item.itemRef, - &attrInfo, NULL, &attrList, &len, &out); - if (noErr != macErr) { - CKMK_MACERR(dbString, macErr); - return CKR_ATTRIBUTE_TYPE_INVALID; - } - dataLen = content ? len : attrList->attr->length; - dataVal = content ? out : attrList->attr->data; - - /* Apple's documentation says this value is DER Encoded, but it clearly isn't - * der encode it before we ship it back off to NSS - */ - if (kSecSerialNumberItemAttr == itemAttr) { - error = ckmk_encodeInt(item, dataVal, dataLen); - goto loser; /* logically 'done' if error == CKR_OK */ - } - item->data = nss_ZNEWARRAY(NULL, char, dataLen); - if (NULL == item->data) { - error = CKR_HOST_MEMORY; - goto loser; - } - nsslibc_memcpy(item->data, dataVal, dataLen); - item->size = dataLen; - -loser: - SecKeychainItemFreeAttributesAndData(attrList, out); - return error; -} - -/* - * change an attribute (does not operate on the content). - */ -static CK_RV -ckmk_updateAttribute( - SecKeychainItemRef itemRef, - SecItemAttr itemAttr, - void *data, - PRUint32 len, - char *dbString) -{ - SecKeychainAttributeList attrList; - SecKeychainAttribute attrAttr; - OSStatus macErr; - CK_RV error = CKR_OK; - - attrList.count = 1; - attrList.attr = &attrAttr; - attrAttr.tag = itemAttr; - attrAttr.data = data; - attrAttr.length = len; - macErr = SecKeychainItemModifyAttributesAndData(itemRef, &attrList, 0, NULL); - if (noErr != macErr) { - CKMK_MACERR(dbString, macErr); - error = CKR_ATTRIBUTE_TYPE_INVALID; - } - return error; -} - -/* - * get an attribute (does not operate on the content) - */ -static CK_RV -ckmk_GetDataAttribute( - ckmkInternalObject *io, - SecItemAttr itemAttr, - NSSItem *item, - char *dbString) -{ - return ckmk_GetCommonAttribute(io, itemAttr, PR_FALSE, item, dbString); -} - -/* - * get an attribute we know is a BOOL. - */ -static CK_RV -ckmk_GetBoolAttribute( - ckmkInternalObject *io, - SecItemAttr itemAttr, - NSSItem *item, - char *dbString) -{ - SecKeychainAttribute attr; - SecKeychainAttributeList attrList; - CK_BBOOL *boolp = NULL; - PRUint32 len = 0; - ; - void *out = NULL; - CK_RV error = CKR_OK; - OSStatus macErr; - - attr.tag = itemAttr; - attr.length = 0; - attr.data = NULL; - attrList.count = 1; - attrList.attr = &attr; - - boolp = nss_ZNEW(NULL, CK_BBOOL); - if ((CK_BBOOL *)NULL == boolp) { - error = CKR_HOST_MEMORY; - goto loser; - } - - macErr = SecKeychainItemCopyContent(io->u.item.itemRef, NULL, - &attrList, &len, &out); - if (noErr != macErr) { - CKMK_MACERR(dbString, macErr); - error = CKR_ATTRIBUTE_TYPE_INVALID; - goto loser; - } - if (sizeof(PRUint32) != attr.length) { - error = CKR_ATTRIBUTE_TYPE_INVALID; - goto loser; - } - *boolp = *(PRUint32 *)attr.data ? 1 : 0; - item->data = boolp; - boolp = NULL; - item->size = sizeof(CK_BBOOL); - -loser: - nss_ZFreeIf(boolp); - SecKeychainItemFreeContent(&attrList, out); - return error; -} - -/* - * macros for fetching attributes into a cache and returning the - * appropriate value. These operate inside switch statements - */ -#define CKMK_HANDLE_ITEM(func, io, type, loc, item, error, str) \ - if (0 == (item)->loc.size) { \ - error = func(io, type, &(item)->loc, str); \ - } \ - return (CKR_OK == (error)) ? &(item)->loc : NULL; - -#define CKMK_HANDLE_OPT_ITEM(func, io, type, loc, item, error, str) \ - if (0 == (item)->loc.size) { \ - (void)func(io, type, &(item)->loc, str); \ - } \ - return &(item)->loc; - -#define CKMK_HANDLE_BOOL_ITEM(io, type, loc, item, error, str) \ - CKMK_HANDLE_ITEM(ckmk_GetBoolAttribute, io, type, loc, item, error, str) -#define CKMK_HANDLE_DATA_ITEM(io, type, loc, item, error, str) \ - CKMK_HANDLE_ITEM(ckmk_GetDataAttribute, io, type, loc, item, error, str) -#define CKMK_HANDLE_OPT_DATA_ITEM(io, type, loc, item, error, str) \ - CKMK_HANDLE_OPT_ITEM(ckmk_GetDataAttribute, io, type, loc, item, error, str) - -/* - * fetch the unique identifier for each object type. - */ -static void -ckmk_FetchHashKey( - ckmkInternalObject *io) -{ - NSSItem *key = &io->hashKey; - - if (io->objClass == CKO_CERTIFICATE) { - ckmk_GetCommonAttribute(io, kSecCertEncodingItemAttr, - PR_TRUE, key, "Fetching HashKey (cert)"); - } else { - ckmk_GetCommonAttribute(io, kSecKeyLabel, - PR_FALSE, key, "Fetching HashKey (key)"); - } -} - -/* - * Apple mucks with the actual subject and issuer, so go fetch - * the real ones ourselves. - */ -static void -ckmk_fetchCert( - ckmkInternalObject *io) -{ - CK_RV error; - unsigned char *cert, *next; - int certSize, thisEntrySize; - - error = ckmk_GetCommonAttribute(io, kSecCertEncodingItemAttr, PR_TRUE, - &io->u.item.derCert, "Fetching Value (cert)"); - if (CKR_OK != error) { - return; - } - /* unwrap the cert bundle */ - cert = nss_ckmk_DERUnwrap((unsigned char *)io->u.item.derCert.data, - io->u.item.derCert.size, - &certSize, NULL); - /* unwrap the cert itself */ - /* cert == certdata */ - cert = nss_ckmk_DERUnwrap(cert, certSize, &certSize, NULL); - - /* skip the optional version */ - if ((cert[0] & 0xa0) == 0xa0) { - nss_ckmk_DERUnwrap(cert, certSize, &thisEntrySize, &next); - certSize -= next - cert; - cert = next; - } - /* skip the serial number */ - nss_ckmk_DERUnwrap(cert, certSize, &thisEntrySize, &next); - certSize -= next - cert; - cert = next; - - /* skip the OID */ - nss_ckmk_DERUnwrap(cert, certSize, &thisEntrySize, &next); - certSize -= next - cert; - cert = next; - - /* save the (wrapped) issuer */ - io->u.item.issuer.data = cert; - nss_ckmk_DERUnwrap(cert, certSize, &thisEntrySize, &next); - io->u.item.issuer.size = next - cert; - certSize -= io->u.item.issuer.size; - cert = next; - - /* skip the OID */ - nss_ckmk_DERUnwrap(cert, certSize, &thisEntrySize, &next); - certSize -= next - cert; - cert = next; - - /* save the (wrapped) subject */ - io->u.item.subject.data = cert; - nss_ckmk_DERUnwrap(cert, certSize, &thisEntrySize, &next); - io->u.item.subject.size = next - cert; - certSize -= io->u.item.subject.size; - cert = next; -} - -static void -ckmk_fetchModulus( - ckmkInternalObject *io) -{ - NSSItem item; - PRInt32 modLen; - CK_RV error; - - /* we can't reliably get the modulus for private keys through CSSM (sigh). - * For NSS this is OK because we really only use this to get the modulus - * length (unless we are trying to get a public key from a private keys, - * something CSSM ALSO does not do!). - */ - error = ckmk_GetDataAttribute(io, kSecKeyKeySizeInBits, &item, - "Key Fetch Modulus"); - if (CKR_OK != error) { - return; - } - - modLen = *(PRInt32 *)item.data; - modLen = modLen / 8; /* convert from bits to bytes */ - - nss_ZFreeIf(item.data); - io->u.item.modulus.data = nss_ZNEWARRAY(NULL, char, modLen); - if (NULL == io->u.item.modulus.data) { - return; - } - *(char *)io->u.item.modulus.data = 0x80; /* fake NSS out or it will - * drop the first byte */ - io->u.item.modulus.size = modLen; - return; -} - -const NSSItem * -ckmk_FetchCertAttribute( - ckmkInternalObject *io, - CK_ATTRIBUTE_TYPE type, - CK_RV *pError) -{ - ckmkItemObject *item = &io->u.item; - *pError = CKR_OK; - switch (type) { - case CKA_CLASS: - return &ckmk_certClassItem; - case CKA_TOKEN: - case CKA_MODIFIABLE: - return &ckmk_trueItem; - case CKA_PRIVATE: - return &ckmk_falseItem; - case CKA_CERTIFICATE_TYPE: - return &ckmk_x509Item; - case CKA_LABEL: - CKMK_HANDLE_OPT_DATA_ITEM(io, kSecLabelItemAttr, label, item, *pError, - "Cert:Label attr") - case CKA_SUBJECT: - /* OK, well apple does provide an subject and issuer attribute, but they - * decided to cannonicalize that value. Probably a good move for them, - * but makes it useless for most users of PKCS #11.. Get the real subject - * from the certificate */ - if (0 == item->derCert.size) { - ckmk_fetchCert(io); - } - return &item->subject; - case CKA_ISSUER: - if (0 == item->derCert.size) { - ckmk_fetchCert(io); - } - return &item->issuer; - case CKA_SERIAL_NUMBER: - CKMK_HANDLE_DATA_ITEM(io, kSecSerialNumberItemAttr, serial, item, *pError, - "Cert:Serial Number attr") - case CKA_VALUE: - if (0 == item->derCert.size) { - ckmk_fetchCert(io); - } - return &item->derCert; - case CKA_ID: - CKMK_HANDLE_OPT_DATA_ITEM(io, kSecPublicKeyHashItemAttr, id, item, *pError, - "Cert:ID attr") - default: - *pError = CKR_ATTRIBUTE_TYPE_INVALID; - break; - } - return NULL; -} - -const NSSItem * -ckmk_FetchPubKeyAttribute( - ckmkInternalObject *io, - CK_ATTRIBUTE_TYPE type, - CK_RV *pError) -{ - ckmkItemObject *item = &io->u.item; - *pError = CKR_OK; - - switch (type) { - case CKA_CLASS: - return &ckmk_pubKeyClassItem; - case CKA_TOKEN: - case CKA_LOCAL: - return &ckmk_trueItem; - case CKA_KEY_TYPE: - return &ckmk_rsaItem; - case CKA_LABEL: - CKMK_HANDLE_OPT_DATA_ITEM(io, kSecKeyPrintName, label, item, *pError, - "PubKey:Label attr") - case CKA_ENCRYPT: - CKMK_HANDLE_BOOL_ITEM(io, kSecKeyEncrypt, encrypt, item, *pError, - "PubKey:Encrypt attr") - case CKA_VERIFY: - CKMK_HANDLE_BOOL_ITEM(io, kSecKeyVerify, verify, item, *pError, - "PubKey:Verify attr") - case CKA_VERIFY_RECOVER: - CKMK_HANDLE_BOOL_ITEM(io, kSecKeyVerifyRecover, verifyRecover, - item, *pError, "PubKey:VerifyRecover attr") - case CKA_PRIVATE: - CKMK_HANDLE_BOOL_ITEM(io, kSecKeyPrivate, private, item, *pError, - "PubKey:Private attr") - case CKA_MODIFIABLE: - CKMK_HANDLE_BOOL_ITEM(io, kSecKeyModifiable, modify, item, *pError, - "PubKey:Modify attr") - case CKA_DERIVE: - CKMK_HANDLE_BOOL_ITEM(io, kSecKeyDerive, derive, item, *pError, - "PubKey:Derive attr") - case CKA_WRAP: - CKMK_HANDLE_BOOL_ITEM(io, kSecKeyWrap, wrap, item, *pError, - "PubKey:Wrap attr") - case CKA_SUBJECT: - CKMK_HANDLE_OPT_DATA_ITEM(io, kSecSubjectItemAttr, subject, item, *pError, - "PubKey:Subect attr") - case CKA_MODULUS: - return &ckmk_emptyItem; - case CKA_PUBLIC_EXPONENT: - return &ckmk_emptyItem; - case CKA_ID: - CKMK_HANDLE_OPT_DATA_ITEM(io, kSecKeyLabel, id, item, *pError, - "PubKey:ID attr") - default: - *pError = CKR_ATTRIBUTE_TYPE_INVALID; - break; - } - return NULL; -} - -const NSSItem * -ckmk_FetchPrivKeyAttribute( - ckmkInternalObject *io, - CK_ATTRIBUTE_TYPE type, - CK_RV *pError) -{ - ckmkItemObject *item = &io->u.item; - *pError = CKR_OK; - - switch (type) { - case CKA_CLASS: - return &ckmk_privKeyClassItem; - case CKA_TOKEN: - case CKA_LOCAL: - return &ckmk_trueItem; - case CKA_SENSITIVE: - case CKA_EXTRACTABLE: /* will probably move in the future */ - case CKA_ALWAYS_SENSITIVE: - case CKA_NEVER_EXTRACTABLE: - return &ckmk_falseItem; - case CKA_KEY_TYPE: - return &ckmk_rsaItem; - case CKA_LABEL: - CKMK_HANDLE_OPT_DATA_ITEM(io, kSecKeyPrintName, label, item, *pError, - "PrivateKey:Label attr") - case CKA_DECRYPT: - CKMK_HANDLE_BOOL_ITEM(io, kSecKeyDecrypt, decrypt, item, *pError, - "PrivateKey:Decrypt attr") - case CKA_SIGN: - CKMK_HANDLE_BOOL_ITEM(io, kSecKeySign, sign, item, *pError, - "PrivateKey:Sign attr") - case CKA_SIGN_RECOVER: - CKMK_HANDLE_BOOL_ITEM(io, kSecKeySignRecover, signRecover, item, *pError, - "PrivateKey:Sign Recover attr") - case CKA_PRIVATE: - CKMK_HANDLE_BOOL_ITEM(io, kSecKeyPrivate, private, item, *pError, - "PrivateKey:Private attr") - case CKA_MODIFIABLE: - CKMK_HANDLE_BOOL_ITEM(io, kSecKeyModifiable, modify, item, *pError, - "PrivateKey:Modify attr") - case CKA_DERIVE: - CKMK_HANDLE_BOOL_ITEM(io, kSecKeyDerive, derive, item, *pError, - "PrivateKey:Derive attr") - case CKA_UNWRAP: - CKMK_HANDLE_BOOL_ITEM(io, kSecKeyUnwrap, unwrap, item, *pError, - "PrivateKey:Unwrap attr") - case CKA_SUBJECT: - CKMK_HANDLE_OPT_DATA_ITEM(io, kSecSubjectItemAttr, subject, item, *pError, - "PrivateKey:Subject attr") - case CKA_MODULUS: - if (0 == item->modulus.size) { - ckmk_fetchModulus(io); - } - return &item->modulus; - case CKA_PUBLIC_EXPONENT: - return &ckmk_emptyItem; -#ifdef notdef - /* the following are sensitive attributes. We could implement them for - * sensitive keys using the key export function, but it's better to - * just support wrap through this token. That will more reliably allow us - * to export any private key that is truly exportable. - */ - case CKA_PRIVATE_EXPONENT: - CKMK_HANDLE_DATA_ITEM(io, kSecPrivateExponentItemAttr, privateExponent, - item, *pError) - case CKA_PRIME_1: - CKMK_HANDLE_DATA_ITEM(io, kSecPrime1ItemAttr, prime1, item, *pError) - case CKA_PRIME_2: - CKMK_HANDLE_DATA_ITEM(io, kSecPrime2ItemAttr, prime2, item, *pError) - case CKA_EXPONENT_1: - CKMK_HANDLE_DATA_ITEM(io, kSecExponent1ItemAttr, exponent1, item, *pError) - case CKA_EXPONENT_2: - CKMK_HANDLE_DATA_ITEM(io, kSecExponent2ItemAttr, exponent2, item, *pError) - case CKA_COEFFICIENT: - CKMK_HANDLE_DATA_ITEM(io, kSecCoefficientItemAttr, coefficient, - item, *pError) -#endif - case CKA_ID: - CKMK_HANDLE_OPT_DATA_ITEM(io, kSecKeyLabel, id, item, *pError, - "PrivateKey:ID attr") - default: - *pError = CKR_ATTRIBUTE_TYPE_INVALID; - return NULL; - } -} - -const NSSItem * -nss_ckmk_FetchAttribute( - ckmkInternalObject *io, - CK_ATTRIBUTE_TYPE type, - CK_RV *pError) -{ - CK_ULONG i; - const NSSItem *value = NULL; - - if (io->type == ckmkRaw) { - for (i = 0; i < io->u.raw.n; i++) { - if (type == io->u.raw.types[i]) { - return &io->u.raw.items[i]; - } - } - *pError = CKR_ATTRIBUTE_TYPE_INVALID; - return NULL; - } - /* deal with the common attributes */ - switch (io->objClass) { - case CKO_CERTIFICATE: - value = ckmk_FetchCertAttribute(io, type, pError); - break; - case CKO_PRIVATE_KEY: - value = ckmk_FetchPrivKeyAttribute(io, type, pError); - break; - case CKO_PUBLIC_KEY: - value = ckmk_FetchPubKeyAttribute(io, type, pError); - break; - default: - *pError = CKR_OBJECT_HANDLE_INVALID; - return NULL; - } - -#ifdef DEBUG - if (CKA_ID == type) { - itemdump("id: ", value->data, value->size, *pError); - } -#endif - return value; -} - -static void -ckmk_removeObjectFromHash( - ckmkInternalObject *io); - -/* - * - * These are the MSObject functions we need to implement - * - * Finalize - unneeded (actually we should clean up the hashtables) - * Destroy - * IsTokenObject - CK_TRUE - * GetAttributeCount - * GetAttributeTypes - * GetAttributeSize - * GetAttribute - * SetAttribute - * GetObjectSize - */ - -static CK_RV -ckmk_mdObject_Destroy( - NSSCKMDObject *mdObject, - NSSCKFWObject *fwObject, - NSSCKMDSession *mdSession, - NSSCKFWSession *fwSession, - NSSCKMDToken *mdToken, - NSSCKFWToken *fwToken, - NSSCKMDInstance *mdInstance, - NSSCKFWInstance *fwInstance) -{ - ckmkInternalObject *io = (ckmkInternalObject *)mdObject->etc; - OSStatus macErr; - - if (ckmkRaw == io->type) { - /* there is not 'object write protected' error, use the next best thing */ - return CKR_TOKEN_WRITE_PROTECTED; - } - - /* This API is done well. The following 4 lines are the complete apple - * specific part of this implementation */ - macErr = SecKeychainItemDelete(io->u.item.itemRef); - if (noErr != macErr) { - CKMK_MACERR("Delete object", macErr); - } - - /* remove it from the hash */ - ckmk_removeObjectFromHash(io); - - /* free the puppy.. */ - nss_ckmk_DestroyInternalObject(io); - - return CKR_OK; -} - -static CK_BBOOL -ckmk_mdObject_IsTokenObject( - NSSCKMDObject *mdObject, - NSSCKFWObject *fwObject, - NSSCKMDSession *mdSession, - NSSCKFWSession *fwSession, - NSSCKMDToken *mdToken, - NSSCKFWToken *fwToken, - NSSCKMDInstance *mdInstance, - NSSCKFWInstance *fwInstance) -{ - return CK_TRUE; -} - -static CK_ULONG -ckmk_mdObject_GetAttributeCount( - NSSCKMDObject *mdObject, - NSSCKFWObject *fwObject, - NSSCKMDSession *mdSession, - NSSCKFWSession *fwSession, - NSSCKMDToken *mdToken, - NSSCKFWToken *fwToken, - NSSCKMDInstance *mdInstance, - NSSCKFWInstance *fwInstance, - CK_RV *pError) -{ - ckmkInternalObject *io = (ckmkInternalObject *)mdObject->etc; - - if (ckmkRaw == io->type) { - return io->u.raw.n; - } - switch (io->objClass) { - case CKO_CERTIFICATE: - return certAttrsCount; - case CKO_PUBLIC_KEY: - return pubKeyAttrsCount; - case CKO_PRIVATE_KEY: - return privKeyAttrsCount; - default: - break; - } - return 0; -} - -static CK_RV -ckmk_mdObject_GetAttributeTypes( - NSSCKMDObject *mdObject, - NSSCKFWObject *fwObject, - NSSCKMDSession *mdSession, - NSSCKFWSession *fwSession, - NSSCKMDToken *mdToken, - NSSCKFWToken *fwToken, - NSSCKMDInstance *mdInstance, - NSSCKFWInstance *fwInstance, - CK_ATTRIBUTE_TYPE_PTR typeArray, - CK_ULONG ulCount) -{ - ckmkInternalObject *io = (ckmkInternalObject *)mdObject->etc; - CK_ULONG i; - CK_RV error = CKR_OK; - const CK_ATTRIBUTE_TYPE *attrs = NULL; - CK_ULONG size = ckmk_mdObject_GetAttributeCount( - mdObject, fwObject, mdSession, fwSession, - mdToken, fwToken, mdInstance, fwInstance, &error); - - if (size != ulCount) { - return CKR_BUFFER_TOO_SMALL; - } - if (io->type == ckmkRaw) { - attrs = io->u.raw.types; - } else - switch (io->objClass) { - case CKO_CERTIFICATE: - attrs = - certAttrs; - break; - case CKO_PUBLIC_KEY: - attrs = - pubKeyAttrs; - break; - case CKO_PRIVATE_KEY: - attrs = - privKeyAttrs; - break; - default: - return CKR_OK; - } - - for (i = 0; i < size; i++) { - typeArray[i] = attrs[i]; - } - - return CKR_OK; -} - -static CK_ULONG -ckmk_mdObject_GetAttributeSize( - NSSCKMDObject *mdObject, - NSSCKFWObject *fwObject, - NSSCKMDSession *mdSession, - NSSCKFWSession *fwSession, - NSSCKMDToken *mdToken, - NSSCKFWToken *fwToken, - NSSCKMDInstance *mdInstance, - NSSCKFWInstance *fwInstance, - CK_ATTRIBUTE_TYPE attribute, - CK_RV *pError) -{ - ckmkInternalObject *io = (ckmkInternalObject *)mdObject->etc; - - const NSSItem *b; - - b = nss_ckmk_FetchAttribute(io, attribute, pError); - - if ((const NSSItem *)NULL == b) { - return 0; - } - return b->size; -} - -static CK_RV -ckmk_mdObject_SetAttribute( - NSSCKMDObject *mdObject, - NSSCKFWObject *fwObject, - NSSCKMDSession *mdSession, - NSSCKFWSession *fwSession, - NSSCKMDToken *mdToken, - NSSCKFWToken *fwToken, - NSSCKMDInstance *mdInstance, - NSSCKFWInstance *fwInstance, - CK_ATTRIBUTE_TYPE attribute, - NSSItem *value) -{ - ckmkInternalObject *io = (ckmkInternalObject *)mdObject->etc; - SecKeychainItemRef itemRef; - - if (io->type == ckmkRaw) { - return CKR_TOKEN_WRITE_PROTECTED; - } - itemRef = io->u.item.itemRef; - - switch (io->objClass) { - case CKO_PRIVATE_KEY: - case CKO_PUBLIC_KEY: - switch (attribute) { - case CKA_ID: - ckmk_updateAttribute(itemRef, kSecKeyLabel, - value->data, value->size, "Set Attr Key ID"); -#ifdef DEBUG - itemdump("key id: ", value->data, value->size, CKR_OK); -#endif - break; - case CKA_LABEL: - ckmk_updateAttribute(itemRef, kSecKeyPrintName, value->data, - value->size, "Set Attr Key Label"); - break; - default: - break; - } - break; - - case CKO_CERTIFICATE: - switch (attribute) { - case CKA_ID: - ckmk_updateAttribute(itemRef, kSecPublicKeyHashItemAttr, - value->data, value->size, "Set Attr Cert ID"); - break; - case CKA_LABEL: - ckmk_updateAttribute(itemRef, kSecLabelItemAttr, value->data, - value->size, "Set Attr Cert Label"); - break; - default: - break; - } - break; - - default: - break; - } - return CKR_OK; -} - -static NSSCKFWItem -ckmk_mdObject_GetAttribute( - NSSCKMDObject *mdObject, - NSSCKFWObject *fwObject, - NSSCKMDSession *mdSession, - NSSCKFWSession *fwSession, - NSSCKMDToken *mdToken, - NSSCKFWToken *fwToken, - NSSCKMDInstance *mdInstance, - NSSCKFWInstance *fwInstance, - CK_ATTRIBUTE_TYPE attribute, - CK_RV *pError) -{ - NSSCKFWItem mdItem; - ckmkInternalObject *io = (ckmkInternalObject *)mdObject->etc; - - mdItem.needsFreeing = PR_FALSE; - mdItem.item = (NSSItem *)nss_ckmk_FetchAttribute(io, attribute, pError); - - return mdItem; -} - -static CK_ULONG -ckmk_mdObject_GetObjectSize( - NSSCKMDObject *mdObject, - NSSCKFWObject *fwObject, - NSSCKMDSession *mdSession, - NSSCKFWSession *fwSession, - NSSCKMDToken *mdToken, - NSSCKFWToken *fwToken, - NSSCKMDInstance *mdInstance, - NSSCKFWInstance *fwInstance, - CK_RV *pError) -{ - CK_ULONG rv = 1; - - /* size is irrelevant to this token */ - return rv; -} - -static const NSSCKMDObject - ckmk_prototype_mdObject = { - (void *)NULL, /* etc */ - NULL, /* Finalize */ - ckmk_mdObject_Destroy, - ckmk_mdObject_IsTokenObject, - ckmk_mdObject_GetAttributeCount, - ckmk_mdObject_GetAttributeTypes, - ckmk_mdObject_GetAttributeSize, - ckmk_mdObject_GetAttribute, - NULL, /* FreeAttribute */ - ckmk_mdObject_SetAttribute, - ckmk_mdObject_GetObjectSize, - (void *)NULL /* null terminator */ - }; - -static nssHash *ckmkInternalObjectHash = NULL; - -NSS_IMPLEMENT NSSCKMDObject * -nss_ckmk_CreateMDObject( - NSSArena *arena, - ckmkInternalObject *io, - CK_RV *pError) -{ - if ((nssHash *)NULL == ckmkInternalObjectHash) { - ckmkInternalObjectHash = nssHash_CreateItem(NULL, 10); - } - if (ckmkItem == io->type) { - /* the hash key, not a cryptographic key */ - NSSItem *key = &io->hashKey; - ckmkInternalObject *old_o = NULL; - - if (key->size == 0) { - ckmk_FetchHashKey(io); - } - old_o = (ckmkInternalObject *) - nssHash_Lookup(ckmkInternalObjectHash, key); - if (!old_o) { - nssHash_Add(ckmkInternalObjectHash, key, io); - } else if (old_o != io) { - nss_ckmk_DestroyInternalObject(io); - io = old_o; - } - } - - if ((void *)NULL == io->mdObject.etc) { - (void)nsslibc_memcpy(&io->mdObject, &ckmk_prototype_mdObject, - sizeof(ckmk_prototype_mdObject)); - io->mdObject.etc = (void *)io; - } - return &io->mdObject; -} - -static void -ckmk_removeObjectFromHash( - ckmkInternalObject *io) -{ - NSSItem *key = &io->hashKey; - - if ((nssHash *)NULL == ckmkInternalObjectHash) { - return; - } - if (key->size == 0) { - ckmk_FetchHashKey(io); - } - nssHash_Remove(ckmkInternalObjectHash, key); - return; -} - -void -nss_ckmk_DestroyInternalObject( - ckmkInternalObject *io) -{ - switch (io->type) { - case ckmkRaw: - return; - case ckmkItem: - nss_ZFreeIf(io->u.item.modify.data); - nss_ZFreeIf(io->u.item.private.data); - nss_ZFreeIf(io->u.item.encrypt.data); - nss_ZFreeIf(io->u.item.decrypt.data); - nss_ZFreeIf(io->u.item.derive.data); - nss_ZFreeIf(io->u.item.sign.data); - nss_ZFreeIf(io->u.item.signRecover.data); - nss_ZFreeIf(io->u.item.verify.data); - nss_ZFreeIf(io->u.item.verifyRecover.data); - nss_ZFreeIf(io->u.item.wrap.data); - nss_ZFreeIf(io->u.item.unwrap.data); - nss_ZFreeIf(io->u.item.label.data); - /*nss_ZFreeIf(io->u.item.subject.data); */ - /*nss_ZFreeIf(io->u.item.issuer.data); */ - nss_ZFreeIf(io->u.item.serial.data); - nss_ZFreeIf(io->u.item.modulus.data); - nss_ZFreeIf(io->u.item.exponent.data); - nss_ZFreeIf(io->u.item.privateExponent.data); - nss_ZFreeIf(io->u.item.prime1.data); - nss_ZFreeIf(io->u.item.prime2.data); - nss_ZFreeIf(io->u.item.exponent1.data); - nss_ZFreeIf(io->u.item.exponent2.data); - nss_ZFreeIf(io->u.item.coefficient.data); - break; - } - nss_ZFreeIf(io); - return; -} - -static ckmkInternalObject * -nss_ckmk_NewInternalObject( - CK_OBJECT_CLASS objClass, - SecKeychainItemRef itemRef, - SecItemClass itemClass, - CK_RV *pError) -{ - ckmkInternalObject *io = nss_ZNEW(NULL, ckmkInternalObject); - - if ((ckmkInternalObject *)NULL == io) { - *pError = CKR_HOST_MEMORY; - return io; - } - io->type = ckmkItem; - io->objClass = objClass; - io->u.item.itemRef = itemRef; - io->u.item.itemClass = itemClass; - return io; -} - -/* - * Apple doesn't alway have a default keyChain set by the OS, use the - * SearchList to try to find one. - */ -static CK_RV -ckmk_GetSafeDefaultKeychain( - SecKeychainRef *keychainRef) -{ - OSStatus macErr; - CFArrayRef searchList = 0; - CK_RV error = CKR_OK; - - macErr = SecKeychainCopyDefault(keychainRef); - if (noErr != macErr) { - int searchCount = 0; - if (errSecNoDefaultKeychain != macErr) { - CKMK_MACERR("Getting default key chain", macErr); - error = CKR_GENERAL_ERROR; - goto loser; - } - /* ok, we don't have a default key chain, find one */ - macErr = SecKeychainCopySearchList(&searchList); - if (noErr != macErr) { - CKMK_MACERR("failed to find a keyring searchList", macErr); - error = CKR_DEVICE_REMOVED; - goto loser; - } - searchCount = CFArrayGetCount(searchList); - if (searchCount < 1) { - error = CKR_DEVICE_REMOVED; - goto loser; - } - *keychainRef = - (SecKeychainRef)CFRetain(CFArrayGetValueAtIndex(searchList, 0)); - if (0 == *keychainRef) { - error = CKR_DEVICE_REMOVED; - goto loser; - } - /* should we set it as default? */ - } -loser: - if (0 != searchList) { - CFRelease(searchList); - } - return error; -} -static ckmkInternalObject * -nss_ckmk_CreateCertificate( - NSSCKFWSession *fwSession, - CK_ATTRIBUTE_PTR pTemplate, - CK_ULONG ulAttributeCount, - CK_RV *pError) -{ - NSSItem value; - ckmkInternalObject *io = NULL; - OSStatus macErr; - SecCertificateRef certRef; - SecKeychainItemRef itemRef; - SecKeychainRef keychainRef; - CSSM_DATA certData; - - *pError = nss_ckmk_GetAttribute(CKA_VALUE, pTemplate, - ulAttributeCount, &value); - if (CKR_OK != *pError) { - goto loser; - } - - certData.Data = value.data; - certData.Length = value.size; - macErr = SecCertificateCreateFromData(&certData, CSSM_CERT_X_509v3, - CSSM_CERT_ENCODING_BER, &certRef); - if (noErr != macErr) { - CKMK_MACERR("Create cert from data Failed", macErr); - *pError = CKR_GENERAL_ERROR; /* need to map macErr */ - goto loser; - } - - *pError = ckmk_GetSafeDefaultKeychain(&keychainRef); - if (CKR_OK != *pError) { - goto loser; - } - - macErr = SecCertificateAddToKeychain(certRef, keychainRef); - itemRef = (SecKeychainItemRef)certRef; - if (errSecDuplicateItem != macErr) { - NSSItem keyID = { NULL, 0 }; - char *nickname = NULL; - CK_RV dummy; - - if (noErr != macErr) { - CKMK_MACERR("Add cert to keychain Failed", macErr); - *pError = CKR_GENERAL_ERROR; /* need to map macErr */ - goto loser; - } - /* these two are optional */ - nickname = nss_ckmk_GetStringAttribute(CKA_LABEL, pTemplate, - ulAttributeCount, &dummy); - /* we've added a new one, update the attributes in the key ring */ - if (nickname) { - ckmk_updateAttribute(itemRef, kSecLabelItemAttr, nickname, - strlen(nickname) + 1, "Modify Cert Label"); - nss_ZFreeIf(nickname); - } - dummy = nss_ckmk_GetAttribute(CKA_ID, pTemplate, - ulAttributeCount, &keyID); - if (CKR_OK == dummy) { - dummy = ckmk_updateAttribute(itemRef, kSecPublicKeyHashItemAttr, - keyID.data, keyID.size, "Modify Cert ID"); - } - } - - io = nss_ckmk_NewInternalObject(CKO_CERTIFICATE, itemRef, - kSecCertificateItemClass, pError); - if ((ckmkInternalObject *)NULL != io) { - itemRef = 0; - } - -loser: - if (0 != itemRef) { - CFRelease(itemRef); - } - if (0 != keychainRef) { - CFRelease(keychainRef); - } - - return io; -} - -/* - * PKCS #8 attributes - */ -struct ckmk_AttributeStr { - SECItem attrType; - SECItem *attrValue; -}; -typedef struct ckmk_AttributeStr ckmk_Attribute; - -/* - ** A PKCS#8 private key info object - */ -struct PrivateKeyInfoStr { - PLArenaPool *arena; - SECItem version; - SECAlgorithmID algorithm; - SECItem privateKey; - ckmk_Attribute **attributes; -}; -typedef struct PrivateKeyInfoStr PrivateKeyInfo; - -const SEC_ASN1Template ckmk_RSAPrivateKeyTemplate[] = { - { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(RSAPrivateKey) }, - { SEC_ASN1_INTEGER, offsetof(RSAPrivateKey, version) }, - { SEC_ASN1_INTEGER, offsetof(RSAPrivateKey, modulus) }, - { SEC_ASN1_INTEGER, offsetof(RSAPrivateKey, publicExponent) }, - { SEC_ASN1_INTEGER, offsetof(RSAPrivateKey, privateExponent) }, - { SEC_ASN1_INTEGER, offsetof(RSAPrivateKey, prime1) }, - { SEC_ASN1_INTEGER, offsetof(RSAPrivateKey, prime2) }, - { SEC_ASN1_INTEGER, offsetof(RSAPrivateKey, exponent1) }, - { SEC_ASN1_INTEGER, offsetof(RSAPrivateKey, exponent2) }, - { SEC_ASN1_INTEGER, offsetof(RSAPrivateKey, coefficient) }, - { 0 } -}; - -const SEC_ASN1Template ckmk_AttributeTemplate[] = { - { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(ckmk_Attribute) }, - { SEC_ASN1_OBJECT_ID, offsetof(ckmk_Attribute, attrType) }, - { SEC_ASN1_SET_OF, offsetof(ckmk_Attribute, attrValue), - SEC_AnyTemplate }, - { 0 } -}; - -const SEC_ASN1Template ckmk_SetOfAttributeTemplate[] = { - { SEC_ASN1_SET_OF, 0, ckmk_AttributeTemplate }, -}; - -SEC_ASN1_MKSUB(SECOID_AlgorithmIDTemplate) - -/* ASN1 Templates for new decoder/encoder */ -const SEC_ASN1Template ckmk_PrivateKeyInfoTemplate[] = { - { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(PrivateKeyInfo) }, - { SEC_ASN1_INTEGER, offsetof(PrivateKeyInfo, version) }, - { SEC_ASN1_INLINE | SEC_ASN1_XTRN, offsetof(PrivateKeyInfo, algorithm), - SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) }, - { SEC_ASN1_OCTET_STRING, offsetof(PrivateKeyInfo, privateKey) }, - { SEC_ASN1_OPTIONAL | SEC_ASN1_CONSTRUCTED | SEC_ASN1_CONTEXT_SPECIFIC | 0, - offsetof(PrivateKeyInfo, attributes), ckmk_SetOfAttributeTemplate }, - { 0 } -}; - -#define CKMK_PRIVATE_KEY_INFO_VERSION 0 -static CK_RV -ckmk_CreateRSAKeyBlob( - RSAPrivateKey *lk, - NSSItem *keyBlob) -{ - PrivateKeyInfo *pki = NULL; - PLArenaPool *arena = NULL; - SECOidTag algorithm = SEC_OID_UNKNOWN; - void *dummy; - SECStatus rv; - SECItem *encodedKey = NULL; - CK_RV error = CKR_OK; - - arena = PORT_NewArena(2048); /* XXX different size? */ - if (!arena) { - error = CKR_HOST_MEMORY; - goto loser; - } - - pki = (PrivateKeyInfo *)PORT_ArenaZAlloc(arena, sizeof(PrivateKeyInfo)); - if (!pki) { - error = CKR_HOST_MEMORY; - goto loser; - } - pki->arena = arena; - - dummy = SEC_ASN1EncodeItem(arena, &pki->privateKey, lk, - ckmk_RSAPrivateKeyTemplate); - algorithm = SEC_OID_PKCS1_RSA_ENCRYPTION; - - if (!dummy) { - error = CKR_DEVICE_ERROR; /* should map NSS SECError */ - goto loser; - } - - rv = SECOID_SetAlgorithmID(arena, &pki->algorithm, algorithm, - (SECItem *)NULL); - if (rv != SECSuccess) { - error = CKR_DEVICE_ERROR; /* should map NSS SECError */ - goto loser; - } - - dummy = SEC_ASN1EncodeInteger(arena, &pki->version, - CKMK_PRIVATE_KEY_INFO_VERSION); - if (!dummy) { - error = CKR_DEVICE_ERROR; /* should map NSS SECError */ - goto loser; - } - - encodedKey = SEC_ASN1EncodeItem(NULL, NULL, pki, - ckmk_PrivateKeyInfoTemplate); - if (!encodedKey) { - error = CKR_DEVICE_ERROR; - goto loser; - } - - keyBlob->data = nss_ZNEWARRAY(NULL, char, encodedKey->len); - if (NULL == keyBlob->data) { - error = CKR_HOST_MEMORY; - goto loser; - } - nsslibc_memcpy(keyBlob->data, encodedKey->data, encodedKey->len); - keyBlob->size = encodedKey->len; - -loser: - if (arena) { - PORT_FreeArena(arena, PR_TRUE); - } - if (encodedKey) { - SECITEM_FreeItem(encodedKey, PR_TRUE); - } - - return error; -} -/* - * There MUST be a better way to do this. For now, find the key based on the - * default name Apple gives it once we import. - */ -#define IMPORTED_NAME "Imported Private Key" -static CK_RV -ckmk_FindImportedKey( - SecKeychainRef keychainRef, - SecItemClass itemClass, - SecKeychainItemRef *outItemRef) -{ - OSStatus macErr; - SecKeychainSearchRef searchRef = 0; - SecKeychainItemRef newItemRef; - - macErr = SecKeychainSearchCreateFromAttributes(keychainRef, itemClass, - NULL, &searchRef); - if (noErr != macErr) { - CKMK_MACERR("Can't search for Key", macErr); - return CKR_GENERAL_ERROR; - } - while (noErr == SecKeychainSearchCopyNext(searchRef, &newItemRef)) { - SecKeychainAttributeList *attrList = NULL; - SecKeychainAttributeInfo attrInfo; - SecItemAttr itemAttr = kSecKeyPrintName; - PRUint32 attrFormat = 0; - OSStatus macErr; - - attrInfo.count = 1; - attrInfo.tag = &itemAttr; - attrInfo.format = &attrFormat; - - macErr = SecKeychainItemCopyAttributesAndData(newItemRef, - &attrInfo, NULL, &attrList, NULL, NULL); - if (noErr == macErr) { - if (nsslibc_memcmp(attrList->attr->data, IMPORTED_NAME, - attrList->attr->length, NULL) == 0) { - *outItemRef = newItemRef; - CFRelease(searchRef); - SecKeychainItemFreeAttributesAndData(attrList, NULL); - return CKR_OK; - } - SecKeychainItemFreeAttributesAndData(attrList, NULL); - } - CFRelease(newItemRef); - } - CFRelease(searchRef); - return CKR_GENERAL_ERROR; /* we can come up with something better! */ -} - -static ckmkInternalObject * -nss_ckmk_CreatePrivateKey( - NSSCKFWSession *fwSession, - CK_ATTRIBUTE_PTR pTemplate, - CK_ULONG ulAttributeCount, - CK_RV *pError) -{ - NSSItem attribute; - RSAPrivateKey lk; - NSSItem keyID; - char *nickname = NULL; - ckmkInternalObject *io = NULL; - CK_KEY_TYPE keyType; - OSStatus macErr; - SecKeychainItemRef itemRef = 0; - NSSItem keyBlob = { NULL, 0 }; - CFDataRef dataRef = 0; - SecExternalFormat inputFormat = kSecFormatBSAFE; - /*SecExternalFormat inputFormat = kSecFormatOpenSSL; */ - SecExternalItemType itemType = kSecItemTypePrivateKey; - SecKeyImportExportParameters keyParams; - SecKeychainRef targetKeychain = 0; - unsigned char zero = 0; - CK_RV error; - - keyParams.version = SEC_KEY_IMPORT_EXPORT_PARAMS_VERSION; - keyParams.flags = 0; - keyParams.passphrase = 0; - keyParams.alertTitle = 0; - keyParams.alertPrompt = 0; - keyParams.accessRef = 0; /* default */ - keyParams.keyUsage = 0; /* will get filled in */ - keyParams.keyAttributes = CSSM_KEYATTR_PERMANENT; /* will get filled in */ - keyType = nss_ckmk_GetULongAttribute(CKA_KEY_TYPE, pTemplate, ulAttributeCount, pError); - if (CKR_OK != *pError) { - return (ckmkInternalObject *)NULL; - } - if (CKK_RSA != keyType) { - *pError = CKR_ATTRIBUTE_VALUE_INVALID; - return (ckmkInternalObject *)NULL; - } - if (nss_ckmk_GetBoolAttribute(CKA_DECRYPT, - pTemplate, ulAttributeCount, CK_TRUE)) { - keyParams.keyUsage |= CSSM_KEYUSE_DECRYPT; - } - if (nss_ckmk_GetBoolAttribute(CKA_UNWRAP, - pTemplate, ulAttributeCount, CK_TRUE)) { - keyParams.keyUsage |= CSSM_KEYUSE_UNWRAP; - } - if (nss_ckmk_GetBoolAttribute(CKA_SIGN, - pTemplate, ulAttributeCount, CK_TRUE)) { - keyParams.keyUsage |= CSSM_KEYUSE_SIGN; - } - if (nss_ckmk_GetBoolAttribute(CKA_DERIVE, - pTemplate, ulAttributeCount, CK_FALSE)) { - keyParams.keyUsage |= CSSM_KEYUSE_DERIVE; - } - if (nss_ckmk_GetBoolAttribute(CKA_SENSITIVE, - pTemplate, ulAttributeCount, CK_TRUE)) { - keyParams.keyAttributes |= CSSM_KEYATTR_SENSITIVE; - } - if (nss_ckmk_GetBoolAttribute(CKA_EXTRACTABLE, - pTemplate, ulAttributeCount, CK_TRUE)) { - keyParams.keyAttributes |= CSSM_KEYATTR_EXTRACTABLE; - } - - lk.version.type = siUnsignedInteger; - lk.version.data = &zero; - lk.version.len = 1; - - *pError = nss_ckmk_GetAttribute(CKA_MODULUS, pTemplate, - ulAttributeCount, &attribute); - if (CKR_OK != *pError) { - return (ckmkInternalObject *)NULL; - } - lk.modulus.type = siUnsignedInteger; - lk.modulus.data = attribute.data; - lk.modulus.len = attribute.size; - - *pError = nss_ckmk_GetAttribute(CKA_PUBLIC_EXPONENT, pTemplate, - ulAttributeCount, &attribute); - if (CKR_OK != *pError) { - return (ckmkInternalObject *)NULL; - } - lk.publicExponent.type = siUnsignedInteger; - lk.publicExponent.data = attribute.data; - lk.publicExponent.len = attribute.size; - - *pError = nss_ckmk_GetAttribute(CKA_PRIVATE_EXPONENT, pTemplate, - ulAttributeCount, &attribute); - if (CKR_OK != *pError) { - return (ckmkInternalObject *)NULL; - } - lk.privateExponent.type = siUnsignedInteger; - lk.privateExponent.data = attribute.data; - lk.privateExponent.len = attribute.size; - - *pError = nss_ckmk_GetAttribute(CKA_PRIME_1, pTemplate, - ulAttributeCount, &attribute); - if (CKR_OK != *pError) { - return (ckmkInternalObject *)NULL; - } - lk.prime1.type = siUnsignedInteger; - lk.prime1.data = attribute.data; - lk.prime1.len = attribute.size; - - *pError = nss_ckmk_GetAttribute(CKA_PRIME_2, pTemplate, - ulAttributeCount, &attribute); - if (CKR_OK != *pError) { - return (ckmkInternalObject *)NULL; - } - lk.prime2.type = siUnsignedInteger; - lk.prime2.data = attribute.data; - lk.prime2.len = attribute.size; - - *pError = nss_ckmk_GetAttribute(CKA_EXPONENT_1, pTemplate, - ulAttributeCount, &attribute); - if (CKR_OK != *pError) { - return (ckmkInternalObject *)NULL; - } - lk.exponent1.type = siUnsignedInteger; - lk.exponent1.data = attribute.data; - lk.exponent1.len = attribute.size; - - *pError = nss_ckmk_GetAttribute(CKA_EXPONENT_2, pTemplate, - ulAttributeCount, &attribute); - if (CKR_OK != *pError) { - return (ckmkInternalObject *)NULL; - } - lk.exponent2.type = siUnsignedInteger; - lk.exponent2.data = attribute.data; - lk.exponent2.len = attribute.size; - - *pError = nss_ckmk_GetAttribute(CKA_COEFFICIENT, pTemplate, - ulAttributeCount, &attribute); - if (CKR_OK != *pError) { - return (ckmkInternalObject *)NULL; - } - lk.coefficient.type = siUnsignedInteger; - lk.coefficient.data = attribute.data; - lk.coefficient.len = attribute.size; - - /* ASN1 Encode the pkcs8 structure... look at softoken to see how this - * is done... */ - error = ckmk_CreateRSAKeyBlob(&lk, &keyBlob); - if (CKR_OK != error) { - goto loser; - } - - dataRef = CFDataCreate(NULL, (UInt8 *)keyBlob.data, keyBlob.size); - if (0 == dataRef) { - *pError = CKR_HOST_MEMORY; - goto loser; - } - - *pError == ckmk_GetSafeDefaultKeychain(&targetKeychain); - if (CKR_OK != *pError) { - goto loser; - } - - /* the itemArray that is returned is useless. the item does not - * is 'not on the key chain' so none of the modify calls work on it. - * It also has a key that isn't the same key as the one in the actual - * key chain. In short it isn't the item we want, and it gives us zero - * information about the item we want, so don't even bother with it... - */ - macErr = SecKeychainItemImport(dataRef, NULL, &inputFormat, &itemType, 0, - &keyParams, targetKeychain, NULL); - if (noErr != macErr) { - CKMK_MACERR("Import Private Key", macErr); - *pError = CKR_GENERAL_ERROR; - goto loser; - } - - *pError = ckmk_FindImportedKey(targetKeychain, - CSSM_DL_DB_RECORD_PRIVATE_KEY, - &itemRef); - if (CKR_OK != *pError) { -#ifdef DEBUG - fprintf(stderr, "couldn't find key in keychain \n"); -#endif - goto loser; - } - - /* set the CKA_ID and the CKA_LABEL */ - error = nss_ckmk_GetAttribute(CKA_ID, pTemplate, - ulAttributeCount, &keyID); - if (CKR_OK == error) { - error = ckmk_updateAttribute(itemRef, kSecKeyLabel, - keyID.data, keyID.size, "Modify Key ID"); -#ifdef DEBUG - itemdump("key id: ", keyID.data, keyID.size, error); -#endif - } - nickname = nss_ckmk_GetStringAttribute(CKA_LABEL, pTemplate, - ulAttributeCount, &error); - if (nickname) { - ckmk_updateAttribute(itemRef, kSecKeyPrintName, nickname, - strlen(nickname) + 1, "Modify Key Label"); - } else { -#define DEFAULT_NICKNAME "NSS Imported Key" - ckmk_updateAttribute(itemRef, kSecKeyPrintName, DEFAULT_NICKNAME, - sizeof(DEFAULT_NICKNAME), "Modify Key Label"); - } - - io = nss_ckmk_NewInternalObject(CKO_PRIVATE_KEY, itemRef, - CSSM_DL_DB_RECORD_PRIVATE_KEY, pError); - if ((ckmkInternalObject *)NULL == io) { - CFRelease(itemRef); - } - - return io; - -loser: - /* free the key blob */ - if (keyBlob.data) { - nss_ZFreeIf(keyBlob.data); - } - if (0 != targetKeychain) { - CFRelease(targetKeychain); - } - if (0 != dataRef) { - CFRelease(dataRef); - } - return io; -} - -NSS_EXTERN NSSCKMDObject * -nss_ckmk_CreateObject( - NSSCKFWSession *fwSession, - CK_ATTRIBUTE_PTR pTemplate, - CK_ULONG ulAttributeCount, - CK_RV *pError) -{ - CK_OBJECT_CLASS objClass; - ckmkInternalObject *io = NULL; - CK_BBOOL isToken; - - /* - * only create token objects - */ - isToken = nss_ckmk_GetBoolAttribute(CKA_TOKEN, pTemplate, - ulAttributeCount, CK_FALSE); - if (!isToken) { - *pError = CKR_ATTRIBUTE_VALUE_INVALID; - return (NSSCKMDObject *)NULL; - } - - /* - * only create keys and certs. - */ - objClass = nss_ckmk_GetULongAttribute(CKA_CLASS, pTemplate, - ulAttributeCount, pError); - if (CKR_OK != *pError) { - return (NSSCKMDObject *)NULL; - } -#ifdef notdef - if (objClass == CKO_PUBLIC_KEY) { - return CKR_OK; /* fake public key creation, happens as a side effect of - * private key creation */ - } -#endif - if (objClass == CKO_CERTIFICATE) { - io = nss_ckmk_CreateCertificate(fwSession, pTemplate, - ulAttributeCount, pError); - } else if (objClass == CKO_PRIVATE_KEY) { - io = nss_ckmk_CreatePrivateKey(fwSession, pTemplate, - ulAttributeCount, pError); - } else { - *pError = CKR_ATTRIBUTE_VALUE_INVALID; - } - - if ((ckmkInternalObject *)NULL == io) { - return (NSSCKMDObject *)NULL; - } - return nss_ckmk_CreateMDObject(NULL, io, pError); -} diff --git a/security/nss/lib/ckfw/nssmkey/mrsa.c b/security/nss/lib/ckfw/nssmkey/mrsa.c deleted file mode 100644 index 00175b47a..000000000 --- a/security/nss/lib/ckfw/nssmkey/mrsa.c +++ /dev/null @@ -1,479 +0,0 @@ -/* This Source Code Form is subject to the terms of the Mozilla Public - * License, v. 2.0. If a copy of the MPL was not distributed with this - * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ - -#include "ckmk.h" - -/* Sigh, For all the talk about 'ease of use', apple has hidden the interfaces - * needed to be able to truly use CSSM. These came from their modification - * to NSS's S/MIME code. The following two functions currently are not - * part of the SecKey.h interface. - */ -OSStatus -SecKeyGetCredentials( - SecKeyRef keyRef, - CSSM_ACL_AUTHORIZATION_TAG authTag, - int type, - const CSSM_ACCESS_CREDENTIALS **creds); - -/* this function could be implemented using 'SecKeychainItemCopyKeychain' and - * 'SecKeychainGetCSPHandle' */ -OSStatus -SecKeyGetCSPHandle( - SecKeyRef keyRef, - CSSM_CSP_HANDLE *cspHandle); - -typedef struct ckmkInternalCryptoOperationRSAPrivStr - ckmkInternalCryptoOperationRSAPriv; -struct ckmkInternalCryptoOperationRSAPrivStr { - NSSCKMDCryptoOperation mdOperation; - NSSCKMDMechanism *mdMechanism; - ckmkInternalObject *iKey; - NSSItem *buffer; - CSSM_CC_HANDLE cssmContext; -}; - -typedef enum { - CKMK_DECRYPT, - CKMK_SIGN -} ckmkRSAOpType; - -/* - * ckmk_mdCryptoOperationRSAPriv_Create - */ -static NSSCKMDCryptoOperation * -ckmk_mdCryptoOperationRSAPriv_Create( - const NSSCKMDCryptoOperation *proto, - NSSCKMDMechanism *mdMechanism, - NSSCKMDObject *mdKey, - ckmkRSAOpType type, - CK_RV *pError) -{ - ckmkInternalObject *iKey = (ckmkInternalObject *)mdKey->etc; - const NSSItem *classItem = nss_ckmk_FetchAttribute(iKey, CKA_CLASS, pError); - const NSSItem *keyType = nss_ckmk_FetchAttribute(iKey, CKA_KEY_TYPE, pError); - ckmkInternalCryptoOperationRSAPriv *iOperation; - SecKeyRef privateKey; - OSStatus macErr; - CSSM_RETURN cssmErr; - const CSSM_KEY *cssmKey; - CSSM_CSP_HANDLE cspHandle; - const CSSM_ACCESS_CREDENTIALS *creds = NULL; - CSSM_CC_HANDLE cssmContext; - CSSM_ACL_AUTHORIZATION_TAG authType; - - /* make sure we have the right objects */ - if (((const NSSItem *)NULL == classItem) || - (sizeof(CK_OBJECT_CLASS) != classItem->size) || - (CKO_PRIVATE_KEY != *(CK_OBJECT_CLASS *)classItem->data) || - ((const NSSItem *)NULL == keyType) || - (sizeof(CK_KEY_TYPE) != keyType->size) || - (CKK_RSA != *(CK_KEY_TYPE *)keyType->data)) { - *pError = CKR_KEY_TYPE_INCONSISTENT; - return (NSSCKMDCryptoOperation *)NULL; - } - - privateKey = (SecKeyRef)iKey->u.item.itemRef; - macErr = SecKeyGetCSSMKey(privateKey, &cssmKey); - if (noErr != macErr) { - CKMK_MACERR("Getting CSSM Key", macErr); - *pError = CKR_KEY_HANDLE_INVALID; - return (NSSCKMDCryptoOperation *)NULL; - } - macErr = SecKeyGetCSPHandle(privateKey, &cspHandle); - if (noErr != macErr) { - CKMK_MACERR("Getting CSP for Key", macErr); - *pError = CKR_KEY_HANDLE_INVALID; - return (NSSCKMDCryptoOperation *)NULL; - } - switch (type) { - case CKMK_DECRYPT: - authType = CSSM_ACL_AUTHORIZATION_DECRYPT; - break; - case CKMK_SIGN: - authType = CSSM_ACL_AUTHORIZATION_SIGN; - break; - default: - *pError = CKR_GENERAL_ERROR; -#ifdef DEBUG - fprintf(stderr, "RSAPriv_Create: bad type = %d\n", type); -#endif - return (NSSCKMDCryptoOperation *)NULL; - } - - macErr = SecKeyGetCredentials(privateKey, authType, 0, &creds); - if (noErr != macErr) { - CKMK_MACERR("Getting Credentials for Key", macErr); - *pError = CKR_KEY_HANDLE_INVALID; - return (NSSCKMDCryptoOperation *)NULL; - } - - switch (type) { - case CKMK_DECRYPT: - cssmErr = CSSM_CSP_CreateAsymmetricContext(cspHandle, CSSM_ALGID_RSA, - creds, cssmKey, CSSM_PADDING_PKCS1, &cssmContext); - break; - case CKMK_SIGN: - cssmErr = CSSM_CSP_CreateSignatureContext(cspHandle, CSSM_ALGID_RSA, - creds, cssmKey, &cssmContext); - break; - default: - *pError = CKR_GENERAL_ERROR; -#ifdef DEBUG - fprintf(stderr, "RSAPriv_Create: bad type = %d\n", type); -#endif - return (NSSCKMDCryptoOperation *)NULL; - } - if (noErr != cssmErr) { - CKMK_MACERR("Getting Context for Key", cssmErr); - *pError = CKR_GENERAL_ERROR; - return (NSSCKMDCryptoOperation *)NULL; - } - - iOperation = nss_ZNEW(NULL, ckmkInternalCryptoOperationRSAPriv); - if ((ckmkInternalCryptoOperationRSAPriv *)NULL == iOperation) { - *pError = CKR_HOST_MEMORY; - return (NSSCKMDCryptoOperation *)NULL; - } - iOperation->mdMechanism = mdMechanism; - iOperation->iKey = iKey; - iOperation->cssmContext = cssmContext; - - nsslibc_memcpy(&iOperation->mdOperation, - proto, sizeof(NSSCKMDCryptoOperation)); - iOperation->mdOperation.etc = iOperation; - - return &iOperation->mdOperation; -} - -static void -ckmk_mdCryptoOperationRSAPriv_Destroy( - NSSCKMDCryptoOperation *mdOperation, - NSSCKFWCryptoOperation *fwOperation, - NSSCKMDInstance *mdInstance, - NSSCKFWInstance *fwInstance) -{ - ckmkInternalCryptoOperationRSAPriv *iOperation = - (ckmkInternalCryptoOperationRSAPriv *)mdOperation->etc; - - if (iOperation->buffer) { - nssItem_Destroy(iOperation->buffer); - } - if (iOperation->cssmContext) { - CSSM_DeleteContext(iOperation->cssmContext); - } - nss_ZFreeIf(iOperation); - return; -} - -static CK_ULONG -ckmk_mdCryptoOperationRSA_GetFinalLength( - NSSCKMDCryptoOperation *mdOperation, - NSSCKFWCryptoOperation *fwOperation, - NSSCKMDSession *mdSession, - NSSCKFWSession *fwSession, - NSSCKMDToken *mdToken, - NSSCKFWToken *fwToken, - NSSCKMDInstance *mdInstance, - NSSCKFWInstance *fwInstance, - CK_RV *pError) -{ - ckmkInternalCryptoOperationRSAPriv *iOperation = - (ckmkInternalCryptoOperationRSAPriv *)mdOperation->etc; - const NSSItem *modulus = - nss_ckmk_FetchAttribute(iOperation->iKey, CKA_MODULUS, pError); - - return modulus->size; -} - -/* - * ckmk_mdCryptoOperationRSADecrypt_GetOperationLength - * we won't know the length until we actually decrypt the - * input block. Since we go to all the work to decrypt the - * the block, we'll save if for when the block is asked for - */ -static CK_ULONG -ckmk_mdCryptoOperationRSADecrypt_GetOperationLength( - NSSCKMDCryptoOperation *mdOperation, - NSSCKFWCryptoOperation *fwOperation, - NSSCKMDSession *mdSession, - NSSCKFWSession *fwSession, - NSSCKMDToken *mdToken, - NSSCKFWToken *fwToken, - NSSCKMDInstance *mdInstance, - NSSCKFWInstance *fwInstance, - const NSSItem *input, - CK_RV *pError) -{ - ckmkInternalCryptoOperationRSAPriv *iOperation = - (ckmkInternalCryptoOperationRSAPriv *)mdOperation->etc; - CSSM_DATA cssmInput; - CSSM_DATA cssmOutput = { 0, NULL }; - PRUint32 bytesDecrypted; - CSSM_DATA remainder = { 0, NULL }; - NSSItem output; - CSSM_RETURN cssmErr; - - if (iOperation->buffer) { - return iOperation->buffer->size; - } - - cssmInput.Data = input->data; - cssmInput.Length = input->size; - - cssmErr = CSSM_DecryptData(iOperation->cssmContext, - &cssmInput, 1, &cssmOutput, 1, - &bytesDecrypted, &remainder); - if (CSSM_OK != cssmErr) { - CKMK_MACERR("Decrypt Failed", cssmErr); - *pError = CKR_DATA_INVALID; - return 0; - } - /* we didn't suppy any buffers, so it should all be in remainder */ - output.data = nss_ZNEWARRAY(NULL, char, bytesDecrypted + remainder.Length); - if (NULL == output.data) { - free(cssmOutput.Data); - free(remainder.Data); - *pError = CKR_HOST_MEMORY; - return 0; - } - output.size = bytesDecrypted + remainder.Length; - - if (0 != bytesDecrypted) { - nsslibc_memcpy(output.data, cssmOutput.Data, bytesDecrypted); - free(cssmOutput.Data); - } - if (0 != remainder.Length) { - nsslibc_memcpy(((char *)output.data) + bytesDecrypted, - remainder.Data, remainder.Length); - free(remainder.Data); - } - - iOperation->buffer = nssItem_Duplicate(&output, NULL, NULL); - nss_ZFreeIf(output.data); - if ((NSSItem *)NULL == iOperation->buffer) { - *pError = CKR_HOST_MEMORY; - return 0; - } - - return iOperation->buffer->size; -} - -/* - * ckmk_mdCryptoOperationRSADecrypt_UpdateFinal - * - * NOTE: ckmk_mdCryptoOperationRSADecrypt_GetOperationLength is presumed to - * have been called previously. - */ -static CK_RV -ckmk_mdCryptoOperationRSADecrypt_UpdateFinal( - NSSCKMDCryptoOperation *mdOperation, - NSSCKFWCryptoOperation *fwOperation, - NSSCKMDSession *mdSession, - NSSCKFWSession *fwSession, - NSSCKMDToken *mdToken, - NSSCKFWToken *fwToken, - NSSCKMDInstance *mdInstance, - NSSCKFWInstance *fwInstance, - const NSSItem *input, - NSSItem *output) -{ - ckmkInternalCryptoOperationRSAPriv *iOperation = - (ckmkInternalCryptoOperationRSAPriv *)mdOperation->etc; - NSSItem *buffer = iOperation->buffer; - - if ((NSSItem *)NULL == buffer) { - return CKR_GENERAL_ERROR; - } - nsslibc_memcpy(output->data, buffer->data, buffer->size); - output->size = buffer->size; - return CKR_OK; -} - -/* - * ckmk_mdCryptoOperationRSASign_UpdateFinal - * - */ -static CK_RV -ckmk_mdCryptoOperationRSASign_UpdateFinal( - NSSCKMDCryptoOperation *mdOperation, - NSSCKFWCryptoOperation *fwOperation, - NSSCKMDSession *mdSession, - NSSCKFWSession *fwSession, - NSSCKMDToken *mdToken, - NSSCKFWToken *fwToken, - NSSCKMDInstance *mdInstance, - NSSCKFWInstance *fwInstance, - const NSSItem *input, - NSSItem *output) -{ - ckmkInternalCryptoOperationRSAPriv *iOperation = - (ckmkInternalCryptoOperationRSAPriv *)mdOperation->etc; - CSSM_DATA cssmInput; - CSSM_DATA cssmOutput = { 0, NULL }; - CSSM_RETURN cssmErr; - - cssmInput.Data = input->data; - cssmInput.Length = input->size; - - cssmErr = CSSM_SignData(iOperation->cssmContext, &cssmInput, 1, - CSSM_ALGID_NONE, &cssmOutput); - if (CSSM_OK != cssmErr) { - CKMK_MACERR("Signed Failed", cssmErr); - return CKR_FUNCTION_FAILED; - } - if (cssmOutput.Length > output->size) { - free(cssmOutput.Data); - return CKR_BUFFER_TOO_SMALL; - } - nsslibc_memcpy(output->data, cssmOutput.Data, cssmOutput.Length); - free(cssmOutput.Data); - output->size = cssmOutput.Length; - - return CKR_OK; -} - -NSS_IMPLEMENT_DATA const NSSCKMDCryptoOperation - ckmk_mdCryptoOperationRSADecrypt_proto = { - NULL, /* etc */ - ckmk_mdCryptoOperationRSAPriv_Destroy, - NULL, /* GetFinalLengh - not needed for one shot Decrypt/Encrypt */ - ckmk_mdCryptoOperationRSADecrypt_GetOperationLength, - NULL, /* Final - not needed for one shot operation */ - NULL, /* Update - not needed for one shot operation */ - NULL, /* DigetUpdate - not needed for one shot operation */ - ckmk_mdCryptoOperationRSADecrypt_UpdateFinal, - NULL, /* UpdateCombo - not needed for one shot operation */ - NULL, /* DigetKey - not needed for one shot operation */ - (void *)NULL /* null terminator */ - }; - -NSS_IMPLEMENT_DATA const NSSCKMDCryptoOperation - ckmk_mdCryptoOperationRSASign_proto = { - NULL, /* etc */ - ckmk_mdCryptoOperationRSAPriv_Destroy, - ckmk_mdCryptoOperationRSA_GetFinalLength, - NULL, /* GetOperationLengh - not needed for one shot Sign/Verify */ - NULL, /* Final - not needed for one shot operation */ - NULL, /* Update - not needed for one shot operation */ - NULL, /* DigetUpdate - not needed for one shot operation */ - ckmk_mdCryptoOperationRSASign_UpdateFinal, - NULL, /* UpdateCombo - not needed for one shot operation */ - NULL, /* DigetKey - not needed for one shot operation */ - (void *)NULL /* null terminator */ - }; - -/********** NSSCKMDMechansim functions ***********************/ -/* - * ckmk_mdMechanismRSA_Destroy - */ -static void -ckmk_mdMechanismRSA_Destroy( - NSSCKMDMechanism *mdMechanism, - NSSCKFWMechanism *fwMechanism, - NSSCKMDInstance *mdInstance, - NSSCKFWInstance *fwInstance) -{ - nss_ZFreeIf(fwMechanism); -} - -/* - * ckmk_mdMechanismRSA_GetMinKeySize - */ -static CK_ULONG -ckmk_mdMechanismRSA_GetMinKeySize( - NSSCKMDMechanism *mdMechanism, - NSSCKFWMechanism *fwMechanism, - NSSCKMDToken *mdToken, - NSSCKFWToken *fwToken, - NSSCKMDInstance *mdInstance, - NSSCKFWInstance *fwInstance, - CK_RV *pError) -{ - return 384; -} - -/* - * ckmk_mdMechanismRSA_GetMaxKeySize - */ -static CK_ULONG -ckmk_mdMechanismRSA_GetMaxKeySize( - NSSCKMDMechanism *mdMechanism, - NSSCKFWMechanism *fwMechanism, - NSSCKMDToken *mdToken, - NSSCKFWToken *fwToken, - NSSCKMDInstance *mdInstance, - NSSCKFWInstance *fwInstance, - CK_RV *pError) -{ - return 16384; -} - -/* - * ckmk_mdMechanismRSA_DecryptInit - */ -static NSSCKMDCryptoOperation * -ckmk_mdMechanismRSA_DecryptInit( - NSSCKMDMechanism *mdMechanism, - NSSCKFWMechanism *fwMechanism, - CK_MECHANISM *pMechanism, - NSSCKMDSession *mdSession, - NSSCKFWSession *fwSession, - NSSCKMDToken *mdToken, - NSSCKFWToken *fwToken, - NSSCKMDInstance *mdInstance, - NSSCKFWInstance *fwInstance, - NSSCKMDObject *mdKey, - NSSCKFWObject *fwKey, - CK_RV *pError) -{ - return ckmk_mdCryptoOperationRSAPriv_Create( - &ckmk_mdCryptoOperationRSADecrypt_proto, - mdMechanism, mdKey, CKMK_DECRYPT, pError); -} - -/* - * ckmk_mdMechanismRSA_SignInit - */ -static NSSCKMDCryptoOperation * -ckmk_mdMechanismRSA_SignInit( - NSSCKMDMechanism *mdMechanism, - NSSCKFWMechanism *fwMechanism, - CK_MECHANISM *pMechanism, - NSSCKMDSession *mdSession, - NSSCKFWSession *fwSession, - NSSCKMDToken *mdToken, - NSSCKFWToken *fwToken, - NSSCKMDInstance *mdInstance, - NSSCKFWInstance *fwInstance, - NSSCKMDObject *mdKey, - NSSCKFWObject *fwKey, - CK_RV *pError) -{ - return ckmk_mdCryptoOperationRSAPriv_Create( - &ckmk_mdCryptoOperationRSASign_proto, - mdMechanism, mdKey, CKMK_SIGN, pError); -} - -NSS_IMPLEMENT_DATA const NSSCKMDMechanism - nss_ckmk_mdMechanismRSA = { - (void *)NULL, /* etc */ - ckmk_mdMechanismRSA_Destroy, - ckmk_mdMechanismRSA_GetMinKeySize, - ckmk_mdMechanismRSA_GetMaxKeySize, - NULL, /* GetInHardware - default false */ - NULL, /* EncryptInit - default errs */ - ckmk_mdMechanismRSA_DecryptInit, - NULL, /* DigestInit - default errs*/ - ckmk_mdMechanismRSA_SignInit, - NULL, /* VerifyInit - default errs */ - ckmk_mdMechanismRSA_SignInit, /* SignRecoverInit */ - NULL, /* VerifyRecoverInit - default errs */ - NULL, /* GenerateKey - default errs */ - NULL, /* GenerateKeyPair - default errs */ - NULL, /* GetWrapKeyLength - default errs */ - NULL, /* WrapKey - default errs */ - NULL, /* UnwrapKey - default errs */ - NULL, /* DeriveKey - default errs */ - (void *)NULL /* null terminator */ - }; diff --git a/security/nss/lib/ckfw/nssmkey/msession.c b/security/nss/lib/ckfw/nssmkey/msession.c deleted file mode 100644 index e6a29244a..000000000 --- a/security/nss/lib/ckfw/nssmkey/msession.c +++ /dev/null @@ -1,87 +0,0 @@ -/* This Source Code Form is subject to the terms of the Mozilla Public - * License, v. 2.0. If a copy of the MPL was not distributed with this - * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ - -#include "ckmk.h" - -/* - * nssmkey/msession.c - * - * This file implements the NSSCKMDSession object for the - * "nssmkey" cryptoki module. - */ - -static NSSCKMDFindObjects * -ckmk_mdSession_FindObjectsInit( - NSSCKMDSession *mdSession, - NSSCKFWSession *fwSession, - NSSCKMDToken *mdToken, - NSSCKFWToken *fwToken, - NSSCKMDInstance *mdInstance, - NSSCKFWInstance *fwInstance, - CK_ATTRIBUTE_PTR pTemplate, - CK_ULONG ulAttributeCount, - CK_RV *pError) -{ - return nss_ckmk_FindObjectsInit(fwSession, pTemplate, ulAttributeCount, pError); -} - -static NSSCKMDObject * -ckmk_mdSession_CreateObject( - NSSCKMDSession *mdSession, - NSSCKFWSession *fwSession, - NSSCKMDToken *mdToken, - NSSCKFWToken *fwToken, - NSSCKMDInstance *mdInstance, - NSSCKFWInstance *fwInstance, - NSSArena *arena, - CK_ATTRIBUTE_PTR pTemplate, - CK_ULONG ulAttributeCount, - CK_RV *pError) -{ - return nss_ckmk_CreateObject(fwSession, pTemplate, ulAttributeCount, pError); -} - -NSS_IMPLEMENT NSSCKMDSession * -nss_ckmk_CreateSession( - NSSCKFWSession *fwSession, - CK_RV *pError) -{ - NSSArena *arena; - NSSCKMDSession *rv; - - arena = NSSCKFWSession_GetArena(fwSession, pError); - if ((NSSArena *)NULL == arena) { - return (NSSCKMDSession *)NULL; - } - - rv = nss_ZNEW(arena, NSSCKMDSession); - if ((NSSCKMDSession *)NULL == rv) { - *pError = CKR_HOST_MEMORY; - return (NSSCKMDSession *)NULL; - } - - /* - * rv was zeroed when allocated, so we only - * need to set the non-zero members. - */ - - rv->etc = (void *)fwSession; - /* rv->Close */ - /* rv->GetDeviceError */ - /* rv->Login */ - /* rv->Logout */ - /* rv->InitPIN */ - /* rv->SetPIN */ - /* rv->GetOperationStateLen */ - /* rv->GetOperationState */ - /* rv->SetOperationState */ - rv->CreateObject = ckmk_mdSession_CreateObject; - /* rv->CopyObject */ - rv->FindObjectsInit = ckmk_mdSession_FindObjectsInit; - /* rv->SeedRandom */ - /* rv->GetRandom */ - /* rv->null */ - - return rv; -} diff --git a/security/nss/lib/ckfw/nssmkey/mslot.c b/security/nss/lib/ckfw/nssmkey/mslot.c deleted file mode 100644 index b2747ff7b..000000000 --- a/security/nss/lib/ckfw/nssmkey/mslot.c +++ /dev/null @@ -1,81 +0,0 @@ -/* This Source Code Form is subject to the terms of the Mozilla Public - * License, v. 2.0. If a copy of the MPL was not distributed with this - * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ - -#include "ckmk.h" - -/* - * nssmkey/mslot.c - * - * This file implements the NSSCKMDSlot object for the - * "nssmkey" cryptoki module. - */ - -static NSSUTF8 * -ckmk_mdSlot_GetSlotDescription( - NSSCKMDSlot *mdSlot, - NSSCKFWSlot *fwSlot, - NSSCKMDInstance *mdInstance, - NSSCKFWInstance *fwInstance, - CK_RV *pError) -{ - return (NSSUTF8 *)nss_ckmk_SlotDescription; -} - -static NSSUTF8 * -ckmk_mdSlot_GetManufacturerID( - NSSCKMDSlot *mdSlot, - NSSCKFWSlot *fwSlot, - NSSCKMDInstance *mdInstance, - NSSCKFWInstance *fwInstance, - CK_RV *pError) -{ - return (NSSUTF8 *)nss_ckmk_ManufacturerID; -} - -static CK_VERSION -ckmk_mdSlot_GetHardwareVersion( - NSSCKMDSlot *mdSlot, - NSSCKFWSlot *fwSlot, - NSSCKMDInstance *mdInstance, - NSSCKFWInstance *fwInstance) -{ - return nss_ckmk_HardwareVersion; -} - -static CK_VERSION -ckmk_mdSlot_GetFirmwareVersion( - NSSCKMDSlot *mdSlot, - NSSCKFWSlot *fwSlot, - NSSCKMDInstance *mdInstance, - NSSCKFWInstance *fwInstance) -{ - return nss_ckmk_FirmwareVersion; -} - -static NSSCKMDToken * -ckmk_mdSlot_GetToken( - NSSCKMDSlot *mdSlot, - NSSCKFWSlot *fwSlot, - NSSCKMDInstance *mdInstance, - NSSCKFWInstance *fwInstance, - CK_RV *pError) -{ - return (NSSCKMDToken *)&nss_ckmk_mdToken; -} - -NSS_IMPLEMENT_DATA const NSSCKMDSlot - nss_ckmk_mdSlot = { - (void *)NULL, /* etc */ - NULL, /* Initialize */ - NULL, /* Destroy */ - ckmk_mdSlot_GetSlotDescription, - ckmk_mdSlot_GetManufacturerID, - NULL, /* GetTokenPresent -- defaults to true */ - NULL, /* GetRemovableDevice -- defaults to false */ - NULL, /* GetHardwareSlot -- defaults to false */ - ckmk_mdSlot_GetHardwareVersion, - ckmk_mdSlot_GetFirmwareVersion, - ckmk_mdSlot_GetToken, - (void *)NULL /* null terminator */ - }; diff --git a/security/nss/lib/ckfw/nssmkey/mtoken.c b/security/nss/lib/ckfw/nssmkey/mtoken.c deleted file mode 100644 index e18d61240..000000000 --- a/security/nss/lib/ckfw/nssmkey/mtoken.c +++ /dev/null @@ -1,184 +0,0 @@ -/* This Source Code Form is subject to the terms of the Mozilla Public - * License, v. 2.0. If a copy of the MPL was not distributed with this - * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ - -#include "ckmk.h" - -/* - * nssmkey/mtoken.c - * - * This file implements the NSSCKMDToken object for the - * "nssmkey" cryptoki module. - */ - -static NSSUTF8 * -ckmk_mdToken_GetLabel( - NSSCKMDToken *mdToken, - NSSCKFWToken *fwToken, - NSSCKMDInstance *mdInstance, - NSSCKFWInstance *fwInstance, - CK_RV *pError) -{ - return (NSSUTF8 *)nss_ckmk_TokenLabel; -} - -static NSSUTF8 * -ckmk_mdToken_GetManufacturerID( - NSSCKMDToken *mdToken, - NSSCKFWToken *fwToken, - NSSCKMDInstance *mdInstance, - NSSCKFWInstance *fwInstance, - CK_RV *pError) -{ - return (NSSUTF8 *)nss_ckmk_ManufacturerID; -} - -static NSSUTF8 * -ckmk_mdToken_GetModel( - NSSCKMDToken *mdToken, - NSSCKFWToken *fwToken, - NSSCKMDInstance *mdInstance, - NSSCKFWInstance *fwInstance, - CK_RV *pError) -{ - return (NSSUTF8 *)nss_ckmk_TokenModel; -} - -static NSSUTF8 * -ckmk_mdToken_GetSerialNumber( - NSSCKMDToken *mdToken, - NSSCKFWToken *fwToken, - NSSCKMDInstance *mdInstance, - NSSCKFWInstance *fwInstance, - CK_RV *pError) -{ - return (NSSUTF8 *)nss_ckmk_TokenSerialNumber; -} - -static CK_BBOOL -ckmk_mdToken_GetIsWriteProtected( - NSSCKMDToken *mdToken, - NSSCKFWToken *fwToken, - NSSCKMDInstance *mdInstance, - NSSCKFWInstance *fwInstance) -{ - return CK_FALSE; -} - -/* fake out Mozilla so we don't try to initialize the token */ -static CK_BBOOL -ckmk_mdToken_GetUserPinInitialized( - NSSCKMDToken *mdToken, - NSSCKFWToken *fwToken, - NSSCKMDInstance *mdInstance, - NSSCKFWInstance *fwInstance) -{ - return CK_TRUE; -} - -static CK_VERSION -ckmk_mdToken_GetHardwareVersion( - NSSCKMDToken *mdToken, - NSSCKFWToken *fwToken, - NSSCKMDInstance *mdInstance, - NSSCKFWInstance *fwInstance) -{ - return nss_ckmk_HardwareVersion; -} - -static CK_VERSION -ckmk_mdToken_GetFirmwareVersion( - NSSCKMDToken *mdToken, - NSSCKFWToken *fwToken, - NSSCKMDInstance *mdInstance, - NSSCKFWInstance *fwInstance) -{ - return nss_ckmk_FirmwareVersion; -} - -static NSSCKMDSession * -ckmk_mdToken_OpenSession( - NSSCKMDToken *mdToken, - NSSCKFWToken *fwToken, - NSSCKMDInstance *mdInstance, - NSSCKFWInstance *fwInstance, - NSSCKFWSession *fwSession, - CK_BBOOL rw, - CK_RV *pError) -{ - return nss_ckmk_CreateSession(fwSession, pError); -} - -static CK_ULONG -ckmk_mdToken_GetMechanismCount( - NSSCKMDToken *mdToken, - NSSCKFWToken *fwToken, - NSSCKMDInstance *mdInstance, - NSSCKFWInstance *fwInstance) -{ - return (CK_ULONG)1; -} - -static CK_RV -ckmk_mdToken_GetMechanismTypes( - NSSCKMDToken *mdToken, - NSSCKFWToken *fwToken, - NSSCKMDInstance *mdInstance, - NSSCKFWInstance *fwInstance, - CK_MECHANISM_TYPE types[]) -{ - types[0] = CKM_RSA_PKCS; - return CKR_OK; -} - -static NSSCKMDMechanism * -ckmk_mdToken_GetMechanism( - NSSCKMDToken *mdToken, - NSSCKFWToken *fwToken, - NSSCKMDInstance *mdInstance, - NSSCKFWInstance *fwInstance, - CK_MECHANISM_TYPE which, - CK_RV *pError) -{ - if (which != CKM_RSA_PKCS) { - *pError = CKR_MECHANISM_INVALID; - return (NSSCKMDMechanism *)NULL; - } - return (NSSCKMDMechanism *)&nss_ckmk_mdMechanismRSA; -} - -NSS_IMPLEMENT_DATA const NSSCKMDToken - nss_ckmk_mdToken = { - (void *)NULL, /* etc */ - NULL, /* Setup */ - NULL, /* Invalidate */ - NULL, /* InitToken -- default errs */ - ckmk_mdToken_GetLabel, - ckmk_mdToken_GetManufacturerID, - ckmk_mdToken_GetModel, - ckmk_mdToken_GetSerialNumber, - NULL, /* GetHasRNG -- default is false */ - ckmk_mdToken_GetIsWriteProtected, - NULL, /* GetLoginRequired -- default is false */ - ckmk_mdToken_GetUserPinInitialized, - NULL, /* GetRestoreKeyNotNeeded -- irrelevant */ - NULL, /* GetHasClockOnToken -- default is false */ - NULL, /* GetHasProtectedAuthenticationPath -- default is false */ - NULL, /* GetSupportsDualCryptoOperations -- default is false */ - NULL, /* GetMaxSessionCount -- default is CK_UNAVAILABLE_INFORMATION */ - NULL, /* GetMaxRwSessionCount -- default is CK_UNAVAILABLE_INFORMATION */ - NULL, /* GetMaxPinLen -- irrelevant */ - NULL, /* GetMinPinLen -- irrelevant */ - NULL, /* GetTotalPublicMemory -- default is CK_UNAVAILABLE_INFORMATION */ - NULL, /* GetFreePublicMemory -- default is CK_UNAVAILABLE_INFORMATION */ - NULL, /* GetTotalPrivateMemory -- default is CK_UNAVAILABLE_INFORMATION */ - NULL, /* GetFreePrivateMemory -- default is CK_UNAVAILABLE_INFORMATION */ - ckmk_mdToken_GetHardwareVersion, - ckmk_mdToken_GetFirmwareVersion, - NULL, /* GetUTCTime -- no clock */ - ckmk_mdToken_OpenSession, - ckmk_mdToken_GetMechanismCount, - ckmk_mdToken_GetMechanismTypes, - ckmk_mdToken_GetMechanism, - (void *)NULL /* null terminator */ - }; diff --git a/security/nss/lib/ckfw/nssmkey/nssmkey.def b/security/nss/lib/ckfw/nssmkey/nssmkey.def deleted file mode 100644 index 45d307ff0..000000000 --- a/security/nss/lib/ckfw/nssmkey/nssmkey.def +++ /dev/null @@ -1,26 +0,0 @@ -;+# -;+# This Source Code Form is subject to the terms of the Mozilla Public -;+# License, v. 2.0. If a copy of the MPL was not distributed with this -;+# file, You can obtain one at http://mozilla.org/MPL/2.0/. -;+# -;+# OK, this file is meant to support SUN, LINUX, AIX and WINDOWS -;+# 1. For all unix platforms, the string ";-" means "remove this line" -;+# 2. For all unix platforms, the string " DATA " will be removed from any -;+# line on which it occurs. -;+# 3. Lines containing ";+" will have ";+" removed on SUN and LINUX. -;+# On AIX, lines containing ";+" will be removed. -;+# 4. For all unix platforms, the string ";;" will thave the ";;" removed. -;+# 5. For all unix platforms, after the above processing has taken place, -;+# all characters after the first ";" on the line will be removed. -;+# And for AIX, the first ";" will also be removed. -;+# This file is passed directly to windows. Since ';' is a comment, all UNIX -;+# directives are hidden behind ";", ";+", and ";-" -;+ -;+NSSMKEY_3.0 { # First release of nssmkey -;+ global: -LIBRARY nssmkey ;- -EXPORTS ;- -C_GetFunctionList; -;+ local: -;+*; -;+}; diff --git a/security/nss/lib/ckfw/nssmkey/nssmkey.h b/security/nss/lib/ckfw/nssmkey/nssmkey.h deleted file mode 100644 index ba58233e6..000000000 --- a/security/nss/lib/ckfw/nssmkey/nssmkey.h +++ /dev/null @@ -1,41 +0,0 @@ -/* This Source Code Form is subject to the terms of the Mozilla Public - * License, v. 2.0. If a copy of the MPL was not distributed with this - * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ - -#ifndef NSSMKEY_H -#define NSSMKEY_H - -/* - * NSS CKMK Version numbers. - * - * These are the version numbers for the nssmkey module packaged with - * this release on NSS. To determine the version numbers of the builtin - * module you are using, use the appropriate PKCS #11 calls. - * - * These version numbers detail changes to the PKCS #11 interface. They map - * to the PKCS #11 spec versions. - */ -#define NSS_CKMK_CRYPTOKI_VERSION_MAJOR 2 -#define NSS_CKMK_CRYPTOKI_VERSION_MINOR 20 - -/* These version numbers detail the changes - * to the list of trusted certificates. - * - * NSS_CKMK_LIBRARY_VERSION_MINOR is a CK_BYTE. It's not clear - * whether we may use its full range (0-255) or only 0-99 because - * of the comment in the CK_VERSION type definition. - */ -#define NSS_CKMK_LIBRARY_VERSION_MAJOR 1 -#define NSS_CKMK_LIBRARY_VERSION_MINOR 1 -#define NSS_CKMK_LIBRARY_VERSION "1.1" - -/* These version numbers detail the semantic changes to the ckfw engine. */ -#define NSS_CKMK_HARDWARE_VERSION_MAJOR 1 -#define NSS_CKMK_HARDWARE_VERSION_MINOR 0 - -/* These version numbers detail the semantic changes to ckbi itself - * (new PKCS #11 objects), etc. */ -#define NSS_CKMK_FIRMWARE_VERSION_MAJOR 1 -#define NSS_CKMK_FIRMWARE_VERSION_MINOR 0 - -#endif /* NSSMKEY_H */ diff --git a/security/nss/lib/ckfw/nssmkey/staticobj.c b/security/nss/lib/ckfw/nssmkey/staticobj.c deleted file mode 100644 index 5f3bb7c72..000000000 --- a/security/nss/lib/ckfw/nssmkey/staticobj.c +++ /dev/null @@ -1,36 +0,0 @@ -/* This Source Code Form is subject to the terms of the Mozilla Public - * License, v. 2.0. If a copy of the MPL was not distributed with this - * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ - -#ifndef CKMK_H -#include "ckmk.h" -#endif /* CKMK_H */ - -static const CK_TRUST ckt_netscape_valid = CKT_NETSCAPE_VALID; -static const CK_OBJECT_CLASS cko_certificate = CKO_CERTIFICATE; -static const CK_TRUST ckt_netscape_trusted_delegator = CKT_NETSCAPE_TRUSTED_DELEGATOR; -static const CK_OBJECT_CLASS cko_netscape_trust = CKO_NETSCAPE_TRUST; -static const CK_BBOOL ck_true = CK_TRUE; -static const CK_OBJECT_CLASS cko_data = CKO_DATA; -static const CK_CERTIFICATE_TYPE ckc_x_509 = CKC_X_509; -static const CK_BBOOL ck_false = CK_FALSE; -static const CK_OBJECT_CLASS cko_netscape_builtin_root_list = CKO_NETSCAPE_BUILTIN_ROOT_LIST; - -/* example of a static object */ -static const CK_ATTRIBUTE_TYPE nss_ckmk_types_1[] = { - CKA_CLASS, CKA_TOKEN, CKA_PRIVATE, CKA_MODIFIABLE, CKA_LABEL -}; - -static const NSSItem nss_ckmk_items_1[] = { - { (void *)&cko_data, (PRUint32)sizeof(CK_OBJECT_CLASS) }, - { (void *)&ck_true, (PRUint32)sizeof(CK_BBOOL) }, - { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) }, - { (void *)&ck_false, (PRUint32)sizeof(CK_BBOOL) }, - { (void *)"Mozilla Mac Key Ring Access", (PRUint32)28 } -}; - -ckmkInternalObject nss_ckmk_data[] = { - { ckmkRaw, { { 5, nss_ckmk_types_1, nss_ckmk_items_1 } }, CKO_DATA, { NULL } }, -}; - -const PRUint32 nss_ckmk_nObjects = 1; diff --git a/security/nss/lib/ckfw/session.c b/security/nss/lib/ckfw/session.c index a3119345c..7efedf403 100644 --- a/security/nss/lib/ckfw/session.c +++ b/security/nss/lib/ckfw/session.c @@ -1419,9 +1419,8 @@ nssCKFWSession_CopyObject( /* use create object */ NSSArena *tmpArena; CK_ATTRIBUTE_PTR newTemplate; - CK_ULONG i, j, n, newLength, k; + CK_ULONG j, n, newLength, k; CK_ATTRIBUTE_TYPE_PTR oldTypes; - NSSCKFWObject *rv; n = nssCKFWObject_GetAttributeCount(fwObject, pError); if ((0 == n) && (CKR_OK != *pError)) { diff --git a/security/nss/lib/dev/devtoken.c b/security/nss/lib/dev/devtoken.c index 0d4c3b5a7..41ffe86da 100644 --- a/security/nss/lib/dev/devtoken.c +++ b/security/nss/lib/dev/devtoken.c @@ -528,7 +528,9 @@ nssToken_ImportCertificate( */ NSS_CK_TEMPLATE_START(cert_tmpl, attr, ctsize); NSS_CK_SET_ATTRIBUTE_ITEM(attr, CKA_ID, id); - NSS_CK_SET_ATTRIBUTE_UTF8(attr, CKA_LABEL, nickname); + if (!rvObject->label && nickname) { + NSS_CK_SET_ATTRIBUTE_UTF8(attr, CKA_LABEL, nickname); + } NSS_CK_TEMPLATE_FINISH(cert_tmpl, attr, ctsize); /* reset the mutable attributes on the token */ nssCKObject_SetAttributes(rvObject->handle, diff --git a/security/nss/lib/freebl/Makefile b/security/nss/lib/freebl/Makefile index a4b1a86ae..bff11c7c8 100644 --- a/security/nss/lib/freebl/Makefile +++ b/security/nss/lib/freebl/Makefile @@ -517,13 +517,13 @@ ifndef NSS_DISABLE_CHACHAPOLY ifdef HAVE_INT128_SUPPORT EXTRA_SRCS += Hacl_Poly1305_64.c else - EXTRA_SRCS += poly1305.c + EXTRA_SRCS += Hacl_Poly1305_32.c endif else ifeq ($(CPU_ARCH),aarch64) EXTRA_SRCS += Hacl_Poly1305_64.c else - EXTRA_SRCS += poly1305.c + EXTRA_SRCS += Hacl_Poly1305_32.c endif endif # x86_64 @@ -535,12 +535,16 @@ ifeq (,$(filter-out i386 x386 x86 x86_64 aarch64,$(CPU_ARCH))) # All intel architectures get the 64 bit version # With custom uint128 if necessary (faster than generic 32 bit version). ECL_SRCS += curve25519_64.c - VERIFIED_SRCS += Hacl_Curve25519.c FStar.c + VERIFIED_SRCS += Hacl_Curve25519.c else # All non intel architectures get the generic 32 bit implementation (slow!) ECL_SRCS += curve25519_32.c endif +ifndef HAVE_INT128_SUPPORT + VERIFIED_SRCS += FStar.c +endif + ####################################################################### # (5) Execute "global" rules. (OPTIONAL) # ####################################################################### diff --git a/security/nss/lib/freebl/blake2b.c b/security/nss/lib/freebl/blake2b.c index 4099c67e0..b4a0442c9 100644 --- a/security/nss/lib/freebl/blake2b.c +++ b/security/nss/lib/freebl/blake2b.c @@ -180,7 +180,7 @@ blake2b_Begin(BLAKE2BContext* ctx, uint8_t outlen, const uint8_t* key, return SECSuccess; failure: - PORT_Memset(&ctx, 0, sizeof(ctx)); + PORT_Memset(ctx, 0, sizeof(*ctx)); PORT_SetError(SEC_ERROR_INVALID_ARGS); return SECFailure; } diff --git a/security/nss/lib/freebl/chacha20poly1305.c b/security/nss/lib/freebl/chacha20poly1305.c index 859d05316..302f0db9e 100644 --- a/security/nss/lib/freebl/chacha20poly1305.c +++ b/security/nss/lib/freebl/chacha20poly1305.c @@ -24,36 +24,60 @@ extern void Hacl_Chacha20_Vec128_chacha20(uint8_t *output, uint8_t *plain, extern void Hacl_Chacha20_chacha20(uint8_t *output, uint8_t *plain, uint32_t len, uint8_t *k, uint8_t *n1, uint32_t ctr); -/* Poly1305Do writes the Poly1305 authenticator of the given additional data - * and ciphertext to |out|. */ #if defined(HAVE_INT128_SUPPORT) && (defined(NSS_X86_OR_X64) || defined(__aarch64__)) /* Use HACL* Poly1305 on 64-bit Intel and ARM */ #include "verified/Hacl_Poly1305_64.h" +#define NSS_POLY1305_64 1 +#define Hacl_Poly1305_update Hacl_Poly1305_64_update +#define Hacl_Poly1305_mk_state Hacl_Poly1305_64_mk_state +#define Hacl_Poly1305_init Hacl_Poly1305_64_init +#define Hacl_Poly1305_finish Hacl_Poly1305_64_finish +typedef Hacl_Impl_Poly1305_64_State_poly1305_state Hacl_Impl_Poly1305_State_poly1305_state; +#else +/* All other platforms get the 32-bit poly1305 HACL* implementation. */ +#include "verified/Hacl_Poly1305_32.h" +#define NSS_POLY1305_32 1 +#define Hacl_Poly1305_update Hacl_Poly1305_32_update +#define Hacl_Poly1305_mk_state Hacl_Poly1305_32_mk_state +#define Hacl_Poly1305_init Hacl_Poly1305_32_init +#define Hacl_Poly1305_finish Hacl_Poly1305_32_finish +typedef Hacl_Impl_Poly1305_32_State_poly1305_state Hacl_Impl_Poly1305_State_poly1305_state; +#endif /* HAVE_INT128_SUPPORT */ static void -Poly1305PadUpdate(Hacl_Impl_Poly1305_64_State_poly1305_state state, +Poly1305PadUpdate(Hacl_Impl_Poly1305_State_poly1305_state state, unsigned char *block, const unsigned char *p, const unsigned int pLen) { unsigned int pRemLen = pLen % 16; - Hacl_Poly1305_64_update(state, (uint8_t *)p, (pLen / 16)); + Hacl_Poly1305_update(state, (uint8_t *)p, (pLen / 16)); if (pRemLen > 0) { memcpy(block, p + (pLen - pRemLen), pRemLen); - Hacl_Poly1305_64_update(state, block, 1); + Hacl_Poly1305_update(state, block, 1); } } +/* Poly1305Do writes the Poly1305 authenticator of the given additional data + * and ciphertext to |out|. */ static void Poly1305Do(unsigned char *out, const unsigned char *ad, unsigned int adLen, const unsigned char *ciphertext, unsigned int ciphertextLen, const unsigned char key[32]) { - uint64_t tmp1[6U] = { 0U }; - Hacl_Impl_Poly1305_64_State_poly1305_state state = - Hacl_Poly1305_64_mk_state(tmp1, tmp1 + 3); +#ifdef NSS_POLY1305_64 + uint64_t stateStack[6U] = { 0U }; + size_t offset = 3; +#elif defined NSS_POLY1305_32 + uint32_t stateStack[10U] = { 0U }; + size_t offset = 5; +#else +#error "This can't happen." +#endif + Hacl_Impl_Poly1305_State_poly1305_state state = + Hacl_Poly1305_mk_state(stateStack, stateStack + offset); unsigned char block[16] = { 0 }; - Hacl_Poly1305_64_init(state, (uint8_t *)key); + Hacl_Poly1305_init(state, (uint8_t *)key); Poly1305PadUpdate(state, block, ad, adLen); memset(block, 0, 16); @@ -68,49 +92,11 @@ Poly1305Do(unsigned char *out, const unsigned char *ad, unsigned int adLen, block[i] = j; } - Hacl_Poly1305_64_update(state, block, 1); - Hacl_Poly1305_64_finish(state, out, (uint8_t *)(key + 16)); + Hacl_Poly1305_update(state, block, 1); + Hacl_Poly1305_finish(state, out, (uint8_t *)(key + 16)); +#undef NSS_POLY1305_64 +#undef NSS_POLY1305_32 } -#else -/* All other platforms get the 32-bit poly1305 reference implementation. */ -#include "poly1305.h" - -static void -Poly1305Do(unsigned char *out, const unsigned char *ad, unsigned int adLen, - const unsigned char *ciphertext, unsigned int ciphertextLen, - const unsigned char key[32]) -{ - poly1305_state state; - unsigned int j; - unsigned char lengthBytes[8]; - static const unsigned char zeros[15]; - unsigned int i; - - Poly1305Init(&state, key); - Poly1305Update(&state, ad, adLen); - if (adLen % 16 > 0) { - Poly1305Update(&state, zeros, 16 - adLen % 16); - } - Poly1305Update(&state, ciphertext, ciphertextLen); - if (ciphertextLen % 16 > 0) { - Poly1305Update(&state, zeros, 16 - ciphertextLen % 16); - } - j = adLen; - for (i = 0; i < sizeof(lengthBytes); i++) { - lengthBytes[i] = j; - j >>= 8; - } - Poly1305Update(&state, lengthBytes, sizeof(lengthBytes)); - j = ciphertextLen; - for (i = 0; i < sizeof(lengthBytes); i++) { - lengthBytes[i] = j; - j >>= 8; - } - Poly1305Update(&state, lengthBytes, sizeof(lengthBytes)); - Poly1305Finish(&state, out); -} - -#endif /* HAVE_INT128_SUPPORT */ #endif /* NSS_DISABLE_CHACHAPOLY */ SECStatus diff --git a/security/nss/lib/freebl/dsa.c b/security/nss/lib/freebl/dsa.c index 9324d306b..aef353967 100644 --- a/security/nss/lib/freebl/dsa.c +++ b/security/nss/lib/freebl/dsa.c @@ -16,14 +16,11 @@ #include "blapi.h" #include "nssilock.h" #include "secitem.h" -#include "blapi.h" +#include "blapit.h" #include "mpi.h" #include "secmpi.h" #include "pqg.h" -/* XXX to be replaced by define in blapit.h */ -#define NSS_FREEBL_DSA_DEFAULT_CHUNKSIZE 2048 - /* * FIPS 186-2 requires result from random output to be reduced mod q when * generating random numbers for DSA. @@ -168,7 +165,7 @@ dsa_NewKeyExtended(const PQGParams *params, const SECItem *seed, return SECFailure; } /* Initialize an arena for the DSA key. */ - arena = PORT_NewArena(NSS_FREEBL_DSA_DEFAULT_CHUNKSIZE); + arena = PORT_NewArena(NSS_FREEBL_DEFAULT_CHUNKSIZE); if (!arena) { PORT_SetError(SEC_ERROR_NO_MEMORY); return SECFailure; @@ -213,8 +210,9 @@ cleanup: mp_clear(&g); mp_clear(&x); mp_clear(&y); - if (key) + if (key) { PORT_FreeArena(key->params.arena, PR_TRUE); + } if (err) { translate_mpi_error(err); return SECFailure; @@ -321,6 +319,7 @@ dsa_SignDigest(DSAPrivateKey *key, SECItem *signature, const SECItem *digest, mp_int x, k; /* private key & pseudo-random integer */ mp_int r, s; /* tuple (r, s) is signature) */ mp_int t; /* holding tmp values */ + mp_int ar; /* holding blinding values */ mp_err err = MP_OKAY; SECStatus rv = SECSuccess; unsigned int dsa_subprime_len, dsa_signature_len, offset; @@ -364,6 +363,7 @@ dsa_SignDigest(DSAPrivateKey *key, SECItem *signature, const SECItem *digest, MP_DIGITS(&r) = 0; MP_DIGITS(&s) = 0; MP_DIGITS(&t) = 0; + MP_DIGITS(&ar) = 0; CHECK_MPI_OK(mp_init(&p)); CHECK_MPI_OK(mp_init(&q)); CHECK_MPI_OK(mp_init(&g)); @@ -372,6 +372,7 @@ dsa_SignDigest(DSAPrivateKey *key, SECItem *signature, const SECItem *digest, CHECK_MPI_OK(mp_init(&r)); CHECK_MPI_OK(mp_init(&s)); CHECK_MPI_OK(mp_init(&t)); + CHECK_MPI_OK(mp_init(&ar)); /* ** Convert stored PQG and private key into MPI integers. */ @@ -397,14 +398,28 @@ dsa_SignDigest(DSAPrivateKey *key, SECItem *signature, const SECItem *digest, rv = SECFailure; goto cleanup; } - SECITEM_TO_MPINT(t2, &t); /* t <-$ Zq */ + SECITEM_TO_MPINT(t2, &t); /* t <-$ Zq */ + SECITEM_FreeItem(&t2, PR_FALSE); + if (DSA_NewRandom(NULL, &key->params.subPrime, &t2) != SECSuccess) { + PORT_SetError(SEC_ERROR_NEED_RANDOM); + rv = SECFailure; + goto cleanup; + } + SECITEM_TO_MPINT(t2, &ar); /* ar <-$ Zq */ + SECITEM_FreeItem(&t2, PR_FALSE); + + /* Using mp_invmod on k directly would leak bits from k. */ + CHECK_MPI_OK(mp_mul(&k, &ar, &k)); /* k = k * ar */ CHECK_MPI_OK(mp_mulmod(&k, &t, &q, &k)); /* k = k * t mod q */ CHECK_MPI_OK(mp_invmod(&k, &q, &k)); /* k = k**-1 mod q */ CHECK_MPI_OK(mp_mulmod(&k, &t, &q, &k)); /* k = k * t mod q */ SECITEM_TO_MPINT(localDigest, &s); /* s = HASH(M) */ - CHECK_MPI_OK(mp_mulmod(&x, &r, &q, &x)); /* x = x * r mod q */ - CHECK_MPI_OK(mp_addmod(&s, &x, &q, &s)); /* s = s + x mod q */ - CHECK_MPI_OK(mp_mulmod(&s, &k, &q, &s)); /* s = s * k mod q */ + /* To avoid leaking secret bits here the addition is blinded. */ + CHECK_MPI_OK(mp_mul(&x, &ar, &x)); /* x = x * ar */ + CHECK_MPI_OK(mp_mulmod(&x, &r, &q, &x)); /* x = x * r mod q */ + CHECK_MPI_OK(mp_mulmod(&s, &ar, &q, &t)); /* t = s * ar mod q */ + CHECK_MPI_OK(mp_add(&t, &x, &s)); /* s = t + x */ + CHECK_MPI_OK(mp_mulmod(&s, &k, &q, &s)); /* s = s * k mod q */ /* ** verify r != 0 and s != 0 ** mentioned as optional in FIPS 186-1. @@ -438,7 +453,7 @@ cleanup: mp_clear(&r); mp_clear(&s); mp_clear(&t); - SECITEM_FreeItem(&t2, PR_FALSE); + mp_clear(&ar); if (err) { translate_mpi_error(err); rv = SECFailure; diff --git a/security/nss/lib/freebl/ec.c b/security/nss/lib/freebl/ec.c index b28815ade..6468a10d6 100644 --- a/security/nss/lib/freebl/ec.c +++ b/security/nss/lib/freebl/ec.c @@ -653,6 +653,7 @@ ECDSA_SignDigestWithSeed(ECPrivateKey *key, SECItem *signature, mp_int r, s; /* tuple (r, s) is the signature */ mp_int t; /* holding tmp values */ mp_int n; + mp_int ar; /* blinding value */ mp_err err = MP_OKAY; ECParams *ecParams = NULL; SECItem kGpoint = { siBuffer, NULL, 0 }; @@ -674,6 +675,7 @@ ECDSA_SignDigestWithSeed(ECPrivateKey *key, SECItem *signature, MP_DIGITS(&s) = 0; MP_DIGITS(&n) = 0; MP_DIGITS(&t) = 0; + MP_DIGITS(&ar) = 0; /* Check args */ if (!key || !signature || !digest || !kb || (kblen < 0)) { @@ -700,6 +702,7 @@ ECDSA_SignDigestWithSeed(ECPrivateKey *key, SECItem *signature, CHECK_MPI_OK(mp_init(&s)); CHECK_MPI_OK(mp_init(&n)); CHECK_MPI_OK(mp_init(&t)); + CHECK_MPI_OK(mp_init(&ar)); SECITEM_TO_MPINT(ecParams->order, &n); SECITEM_TO_MPINT(key->privateValue, &d); @@ -815,12 +818,25 @@ ECDSA_SignDigestWithSeed(ECPrivateKey *key, SECItem *signature, goto cleanup; } CHECK_MPI_OK(mp_read_unsigned_octets(&t, t2, 2 * ecParams->order.len)); /* t <-$ Zn */ - CHECK_MPI_OK(mp_mulmod(&k, &t, &n, &k)); /* k = k * t mod n */ - CHECK_MPI_OK(mp_invmod(&k, &n, &k)); /* k = k**-1 mod n */ - CHECK_MPI_OK(mp_mulmod(&k, &t, &n, &k)); /* k = k * t mod n */ - CHECK_MPI_OK(mp_mulmod(&d, &r, &n, &d)); /* d = d * r mod n */ - CHECK_MPI_OK(mp_addmod(&s, &d, &n, &s)); /* s = s + d mod n */ - CHECK_MPI_OK(mp_mulmod(&s, &k, &n, &s)); /* s = s * k mod n */ + PORT_Memset(t2, 0, 2 * ecParams->order.len); + if (RNG_GenerateGlobalRandomBytes(t2, 2 * ecParams->order.len) != SECSuccess) { + PORT_SetError(SEC_ERROR_NEED_RANDOM); + rv = SECFailure; + goto cleanup; + } + CHECK_MPI_OK(mp_read_unsigned_octets(&ar, t2, 2 * ecParams->order.len)); /* ar <-$ Zn */ + + /* Using mp_invmod on k directly would leak bits from k. */ + CHECK_MPI_OK(mp_mul(&k, &ar, &k)); /* k = k * ar */ + CHECK_MPI_OK(mp_mulmod(&k, &t, &n, &k)); /* k = k * t mod n */ + CHECK_MPI_OK(mp_invmod(&k, &n, &k)); /* k = k**-1 mod n */ + CHECK_MPI_OK(mp_mulmod(&k, &t, &n, &k)); /* k = k * t mod n */ + /* To avoid leaking secret bits here the addition is blinded. */ + CHECK_MPI_OK(mp_mul(&d, &ar, &t)); /* t = d * ar */ + CHECK_MPI_OK(mp_mulmod(&t, &r, &n, &d)); /* d = t * r mod n */ + CHECK_MPI_OK(mp_mulmod(&s, &ar, &n, &t)); /* t = s * ar mod n */ + CHECK_MPI_OK(mp_add(&t, &d, &s)); /* s = t + d */ + CHECK_MPI_OK(mp_mulmod(&s, &k, &n, &s)); /* s = s * k mod n */ #if EC_DEBUG mp_todecimal(&s, mpstr); @@ -858,6 +874,7 @@ cleanup: mp_clear(&s); mp_clear(&n); mp_clear(&t); + mp_clear(&ar); if (t2) { PORT_Free(t2); diff --git a/security/nss/lib/freebl/freebl.gyp b/security/nss/lib/freebl/freebl.gyp index fae56f709..004807483 100644 --- a/security/nss/lib/freebl/freebl.gyp +++ b/security/nss/lib/freebl/freebl.gyp @@ -272,28 +272,15 @@ }, }], [ 'cc_use_gnu_ld==1 and OS=="win" and target_arch=="x64"', { + # mingw x64 'defines': [ 'MP_IS_LITTLE_ENDIAN', - 'NSS_BEVAND_ARCFOUR', - 'MPI_AMD64', - 'MP_ASSEMBLY_MULTIPLY', - 'NSS_USE_COMBA', - 'USE_HW_AES', - 'INTEL_GCM', ], }], - [ 'OS!="win"', { - 'conditions': [ - [ 'target_arch=="x64" or target_arch=="arm64" or target_arch=="aarch64"', { - 'defines': [ - # The Makefile does version-tests on GCC, but we're not doing that here. - 'HAVE_INT128_SUPPORT', - ], - }, { - 'defines': [ - 'KRML_NOUINT128', - ], - }], + [ 'have_int128_support==1', { + 'defines': [ + # The Makefile does version-tests on GCC, but we're not doing that here. + 'HAVE_INT128_SUPPORT', ], }, { 'defines': [ @@ -355,5 +342,18 @@ }, 'variables': { 'module': 'nss', + 'conditions': [ + [ 'OS!="win"', { + 'conditions': [ + [ 'target_arch=="x64" or target_arch=="arm64" or target_arch=="aarch64"', { + 'have_int128_support%': 1, + }, { + 'have_int128_support%': 0, + }], + ], + }, { + 'have_int128_support%': 0, + }], + ], } } diff --git a/security/nss/lib/freebl/freebl_base.gypi b/security/nss/lib/freebl/freebl_base.gypi index ebd1018d8..1372994f4 100644 --- a/security/nss/lib/freebl/freebl_base.gypi +++ b/security/nss/lib/freebl/freebl_base.gypi @@ -59,7 +59,7 @@ 'sha_fast.c', 'shvfy.c', 'sysrand.c', - 'tlsprfalg.c' + 'tlsprfalg.c', ], 'conditions': [ [ 'OS=="linux" or OS=="android"', { @@ -122,6 +122,11 @@ 'intel-gcm-x86-masm.asm', ], }], + [ 'cc_use_gnu_ld==1', { + # mingw + 'sources': [ + ], + }], [ 'cc_is_clang!=1', { # MSVC 'sources': [ @@ -135,7 +140,6 @@ # All intel and 64-bit ARM architectures get the 64 bit version. 'ecl/curve25519_64.c', 'verified/Hacl_Curve25519.c', - 'verified/FStar.c', ], }, { 'sources': [ @@ -167,7 +171,7 @@ }, { # !Windows & !x64 & !arm64 & !aarch64 'sources': [ - 'poly1305.c', + 'verified/Hacl_Poly1305_32.c', ], }], ], @@ -176,7 +180,7 @@ }, { # Windows 'sources': [ - 'poly1305.c', + 'verified/Hacl_Poly1305_32.c', ], }], ], @@ -215,6 +219,9 @@ }], ], }], + [ 'have_int128_support==0', { + 'sources': [ 'verified/FStar.c' ], + }], ], 'ldflags': [ '-Wl,-Bsymbolic' diff --git a/security/nss/lib/freebl/loader.c b/security/nss/lib/freebl/loader.c index fe5e0a668..6d200e6dd 100644 --- a/security/nss/lib/freebl/loader.c +++ b/security/nss/lib/freebl/loader.c @@ -2164,12 +2164,12 @@ BLAKE2B_NewContext(void) } void -BLAKE2B_DestroyContext(BLAKE2BContext *BLAKE2BContext, PRBool freeit) +BLAKE2B_DestroyContext(BLAKE2BContext *ctx, PRBool freeit) { if (!vector && PR_SUCCESS != freebl_RunLoaderOnce()) { return; } - (vector->p_BLAKE2B_DestroyContext)(BLAKE2BContext, freeit); + (vector->p_BLAKE2B_DestroyContext)(ctx, freeit); } SECStatus diff --git a/security/nss/lib/freebl/mpi/mpi.c b/security/nss/lib/freebl/mpi/mpi.c index ae404019d..8c893fb5f 100644 --- a/security/nss/lib/freebl/mpi/mpi.c +++ b/security/nss/lib/freebl/mpi/mpi.c @@ -2657,10 +2657,10 @@ mp_toradix(mp_int *mp, char *str, int radix) /* Reverse the digits and sign indicator */ ix = 0; while (ix < pos) { - char tmp = str[ix]; + char tmpc = str[ix]; str[ix] = str[pos]; - str[pos] = tmp; + str[pos] = tmpc; ++ix; --pos; } @@ -3313,13 +3313,14 @@ s_mp_div_d(mp_int *mp, mp_digit d, mp_digit *r) /* could check for power of 2 here, but mp_div_d does that. */ if (MP_USED(mp) == 1) { mp_digit n = MP_DIGIT(mp, 0); - mp_digit rem; + mp_digit remdig; q = n / d; - rem = n % d; + remdig = n % d; MP_DIGIT(mp, 0) = q; - if (r) - *r = rem; + if (r) { + *r = remdig; + } return MP_OKAY; } diff --git a/security/nss/lib/freebl/poly1305-donna-x64-sse2-incremental-source.c b/security/nss/lib/freebl/poly1305-donna-x64-sse2-incremental-source.c deleted file mode 100644 index 3c803c167..000000000 --- a/security/nss/lib/freebl/poly1305-donna-x64-sse2-incremental-source.c +++ /dev/null @@ -1,881 +0,0 @@ -/* This Source Code Form is subject to the terms of the Mozilla Public - * License, v. 2.0. If a copy of the MPL was not distributed with this - * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ - -/* This implementation of poly1305 is by Andrew Moon - * (https://github.com/floodyberry/poly1305-donna) and released as public - * domain. It implements SIMD vectorization based on the algorithm described in - * http://cr.yp.to/papers.html#neoncrypto. Unrolled to 2 powers, i.e. 64 byte - * block size. */ - -#include <emmintrin.h> -#include <stdint.h> - -#include "poly1305.h" -#include "blapii.h" - -#define ALIGN(x) __attribute__((aligned(x))) -#define INLINE inline -#define U8TO64_LE(m) (*(uint64_t *)(m)) -#define U8TO32_LE(m) (*(uint32_t *)(m)) -#define U64TO8_LE(m, v) (*(uint64_t *)(m)) = v - -typedef __m128i xmmi; -typedef unsigned __int128 uint128_t; - -static const uint32_t ALIGN(16) poly1305_x64_sse2_message_mask[4] = { (1 << 26) - 1, 0, (1 << 26) - 1, 0 }; -static const uint32_t ALIGN(16) poly1305_x64_sse2_5[4] = { 5, 0, 5, 0 }; -static const uint32_t ALIGN(16) poly1305_x64_sse2_1shl128[4] = { (1 << 24), 0, (1 << 24), 0 }; - -static uint128_t INLINE -add128(uint128_t a, uint128_t b) -{ - return a + b; -} - -static uint128_t INLINE -add128_64(uint128_t a, uint64_t b) -{ - return a + b; -} - -static uint128_t INLINE -mul64x64_128(uint64_t a, uint64_t b) -{ - return (uint128_t)a * b; -} - -static uint64_t INLINE -lo128(uint128_t a) -{ - return (uint64_t)a; -} - -static uint64_t INLINE -shr128(uint128_t v, const int shift) -{ - return (uint64_t)(v >> shift); -} - -static uint64_t INLINE -shr128_pair(uint64_t hi, uint64_t lo, const int shift) -{ - return (uint64_t)((((uint128_t)hi << 64) | lo) >> shift); -} - -typedef struct poly1305_power_t { - union { - xmmi v; - uint64_t u[2]; - uint32_t d[4]; - } R20, R21, R22, R23, R24, S21, S22, S23, S24; -} poly1305_power; - -typedef struct poly1305_state_internal_t { - poly1305_power P[2]; /* 288 bytes, top 32 bit halves unused = 144 bytes of free storage */ - union { - xmmi H[5]; /* 80 bytes */ - uint64_t HH[10]; - }; - /* uint64_t r0,r1,r2; [24 bytes] */ - /* uint64_t pad0,pad1; [16 bytes] */ - uint64_t started; /* 8 bytes */ - uint64_t leftover; /* 8 bytes */ - uint8_t buffer[64]; /* 64 bytes */ -} poly1305_state_internal; /* 448 bytes total + 63 bytes for alignment = 511 bytes raw */ - -static poly1305_state_internal INLINE - * - poly1305_aligned_state(poly1305_state *state) -{ - return (poly1305_state_internal *)(((uint64_t)state + 63) & ~63); -} - -/* copy 0-63 bytes */ -static void INLINE NO_SANITIZE_ALIGNMENT -poly1305_block_copy(uint8_t *dst, const uint8_t *src, size_t bytes) -{ - size_t offset = src - dst; - if (bytes & 32) { - _mm_storeu_si128((xmmi *)(dst + 0), _mm_loadu_si128((xmmi *)(dst + offset + 0))); - _mm_storeu_si128((xmmi *)(dst + 16), _mm_loadu_si128((xmmi *)(dst + offset + 16))); - dst += 32; - } - if (bytes & 16) { - _mm_storeu_si128((xmmi *)dst, _mm_loadu_si128((xmmi *)(dst + offset))); - dst += 16; - } - if (bytes & 8) { - *(uint64_t *)dst = *(uint64_t *)(dst + offset); - dst += 8; - } - if (bytes & 4) { - *(uint32_t *)dst = *(uint32_t *)(dst + offset); - dst += 4; - } - if (bytes & 2) { - *(uint16_t *)dst = *(uint16_t *)(dst + offset); - dst += 2; - } - if (bytes & 1) { - *(uint8_t *)dst = *(uint8_t *)(dst + offset); - } -} - -/* zero 0-15 bytes */ -static void INLINE -poly1305_block_zero(uint8_t *dst, size_t bytes) -{ - if (bytes & 8) { - *(uint64_t *)dst = 0; - dst += 8; - } - if (bytes & 4) { - *(uint32_t *)dst = 0; - dst += 4; - } - if (bytes & 2) { - *(uint16_t *)dst = 0; - dst += 2; - } - if (bytes & 1) { - *(uint8_t *)dst = 0; - } -} - -static size_t INLINE -poly1305_min(size_t a, size_t b) -{ - return (a < b) ? a : b; -} - -void -Poly1305Init(poly1305_state *state, const unsigned char key[32]) -{ - poly1305_state_internal *st = poly1305_aligned_state(state); - poly1305_power *p; - uint64_t r0, r1, r2; - uint64_t t0, t1; - - /* clamp key */ - t0 = U8TO64_LE(key + 0); - t1 = U8TO64_LE(key + 8); - r0 = t0 & 0xffc0fffffff; - t0 >>= 44; - t0 |= t1 << 20; - r1 = t0 & 0xfffffc0ffff; - t1 >>= 24; - r2 = t1 & 0x00ffffffc0f; - - /* store r in un-used space of st->P[1] */ - p = &st->P[1]; - p->R20.d[1] = (uint32_t)(r0); - p->R20.d[3] = (uint32_t)(r0 >> 32); - p->R21.d[1] = (uint32_t)(r1); - p->R21.d[3] = (uint32_t)(r1 >> 32); - p->R22.d[1] = (uint32_t)(r2); - p->R22.d[3] = (uint32_t)(r2 >> 32); - - /* store pad */ - p->R23.d[1] = U8TO32_LE(key + 16); - p->R23.d[3] = U8TO32_LE(key + 20); - p->R24.d[1] = U8TO32_LE(key + 24); - p->R24.d[3] = U8TO32_LE(key + 28); - - /* H = 0 */ - st->H[0] = _mm_setzero_si128(); - st->H[1] = _mm_setzero_si128(); - st->H[2] = _mm_setzero_si128(); - st->H[3] = _mm_setzero_si128(); - st->H[4] = _mm_setzero_si128(); - - st->started = 0; - st->leftover = 0; -} - -static void -poly1305_first_block(poly1305_state_internal *st, const uint8_t *m) -{ - const xmmi MMASK = _mm_load_si128((xmmi *)poly1305_x64_sse2_message_mask); - const xmmi FIVE = _mm_load_si128((xmmi *)poly1305_x64_sse2_5); - const xmmi HIBIT = _mm_load_si128((xmmi *)poly1305_x64_sse2_1shl128); - xmmi T5, T6; - poly1305_power *p; - uint128_t d[3]; - uint64_t r0, r1, r2; - uint64_t r20, r21, r22, s22; - uint64_t pad0, pad1; - uint64_t c; - uint64_t i; - - /* pull out stored info */ - p = &st->P[1]; - - r0 = ((uint64_t)p->R20.d[3] << 32) | (uint64_t)p->R20.d[1]; - r1 = ((uint64_t)p->R21.d[3] << 32) | (uint64_t)p->R21.d[1]; - r2 = ((uint64_t)p->R22.d[3] << 32) | (uint64_t)p->R22.d[1]; - pad0 = ((uint64_t)p->R23.d[3] << 32) | (uint64_t)p->R23.d[1]; - pad1 = ((uint64_t)p->R24.d[3] << 32) | (uint64_t)p->R24.d[1]; - - /* compute powers r^2,r^4 */ - r20 = r0; - r21 = r1; - r22 = r2; - for (i = 0; i < 2; i++) { - s22 = r22 * (5 << 2); - - d[0] = add128(mul64x64_128(r20, r20), mul64x64_128(r21 * 2, s22)); - d[1] = add128(mul64x64_128(r22, s22), mul64x64_128(r20 * 2, r21)); - d[2] = add128(mul64x64_128(r21, r21), mul64x64_128(r22 * 2, r20)); - - r20 = lo128(d[0]) & 0xfffffffffff; - c = shr128(d[0], 44); - d[1] = add128_64(d[1], c); - r21 = lo128(d[1]) & 0xfffffffffff; - c = shr128(d[1], 44); - d[2] = add128_64(d[2], c); - r22 = lo128(d[2]) & 0x3ffffffffff; - c = shr128(d[2], 42); - r20 += c * 5; - c = (r20 >> 44); - r20 = r20 & 0xfffffffffff; - r21 += c; - - p->R20.v = _mm_shuffle_epi32(_mm_cvtsi32_si128((uint32_t)(r20)&0x3ffffff), _MM_SHUFFLE(1, 0, 1, 0)); - p->R21.v = _mm_shuffle_epi32(_mm_cvtsi32_si128((uint32_t)((r20 >> 26) | (r21 << 18)) & 0x3ffffff), _MM_SHUFFLE(1, 0, 1, 0)); - p->R22.v = _mm_shuffle_epi32(_mm_cvtsi32_si128((uint32_t)((r21 >> 8)) & 0x3ffffff), _MM_SHUFFLE(1, 0, 1, 0)); - p->R23.v = _mm_shuffle_epi32(_mm_cvtsi32_si128((uint32_t)((r21 >> 34) | (r22 << 10)) & 0x3ffffff), _MM_SHUFFLE(1, 0, 1, 0)); - p->R24.v = _mm_shuffle_epi32(_mm_cvtsi32_si128((uint32_t)((r22 >> 16))), _MM_SHUFFLE(1, 0, 1, 0)); - p->S21.v = _mm_mul_epu32(p->R21.v, FIVE); - p->S22.v = _mm_mul_epu32(p->R22.v, FIVE); - p->S23.v = _mm_mul_epu32(p->R23.v, FIVE); - p->S24.v = _mm_mul_epu32(p->R24.v, FIVE); - p--; - } - - /* put saved info back */ - p = &st->P[1]; - p->R20.d[1] = (uint32_t)(r0); - p->R20.d[3] = (uint32_t)(r0 >> 32); - p->R21.d[1] = (uint32_t)(r1); - p->R21.d[3] = (uint32_t)(r1 >> 32); - p->R22.d[1] = (uint32_t)(r2); - p->R22.d[3] = (uint32_t)(r2 >> 32); - p->R23.d[1] = (uint32_t)(pad0); - p->R23.d[3] = (uint32_t)(pad0 >> 32); - p->R24.d[1] = (uint32_t)(pad1); - p->R24.d[3] = (uint32_t)(pad1 >> 32); - - /* H = [Mx,My] */ - T5 = _mm_unpacklo_epi64(_mm_loadl_epi64((xmmi *)(m + 0)), _mm_loadl_epi64((xmmi *)(m + 16))); - T6 = _mm_unpacklo_epi64(_mm_loadl_epi64((xmmi *)(m + 8)), _mm_loadl_epi64((xmmi *)(m + 24))); - st->H[0] = _mm_and_si128(MMASK, T5); - st->H[1] = _mm_and_si128(MMASK, _mm_srli_epi64(T5, 26)); - T5 = _mm_or_si128(_mm_srli_epi64(T5, 52), _mm_slli_epi64(T6, 12)); - st->H[2] = _mm_and_si128(MMASK, T5); - st->H[3] = _mm_and_si128(MMASK, _mm_srli_epi64(T5, 26)); - st->H[4] = _mm_or_si128(_mm_srli_epi64(T6, 40), HIBIT); -} - -static void -poly1305_blocks(poly1305_state_internal *st, const uint8_t *m, size_t bytes) -{ - const xmmi MMASK = _mm_load_si128((xmmi *)poly1305_x64_sse2_message_mask); - const xmmi FIVE = _mm_load_si128((xmmi *)poly1305_x64_sse2_5); - const xmmi HIBIT = _mm_load_si128((xmmi *)poly1305_x64_sse2_1shl128); - - poly1305_power *p; - xmmi H0, H1, H2, H3, H4; - xmmi T0, T1, T2, T3, T4, T5, T6; - xmmi M0, M1, M2, M3, M4; - xmmi C1, C2; - - H0 = st->H[0]; - H1 = st->H[1]; - H2 = st->H[2]; - H3 = st->H[3]; - H4 = st->H[4]; - - while (bytes >= 64) { - /* H *= [r^4,r^4] */ - p = &st->P[0]; - T0 = _mm_mul_epu32(H0, p->R20.v); - T1 = _mm_mul_epu32(H0, p->R21.v); - T2 = _mm_mul_epu32(H0, p->R22.v); - T3 = _mm_mul_epu32(H0, p->R23.v); - T4 = _mm_mul_epu32(H0, p->R24.v); - T5 = _mm_mul_epu32(H1, p->S24.v); - T6 = _mm_mul_epu32(H1, p->R20.v); - T0 = _mm_add_epi64(T0, T5); - T1 = _mm_add_epi64(T1, T6); - T5 = _mm_mul_epu32(H2, p->S23.v); - T6 = _mm_mul_epu32(H2, p->S24.v); - T0 = _mm_add_epi64(T0, T5); - T1 = _mm_add_epi64(T1, T6); - T5 = _mm_mul_epu32(H3, p->S22.v); - T6 = _mm_mul_epu32(H3, p->S23.v); - T0 = _mm_add_epi64(T0, T5); - T1 = _mm_add_epi64(T1, T6); - T5 = _mm_mul_epu32(H4, p->S21.v); - T6 = _mm_mul_epu32(H4, p->S22.v); - T0 = _mm_add_epi64(T0, T5); - T1 = _mm_add_epi64(T1, T6); - T5 = _mm_mul_epu32(H1, p->R21.v); - T6 = _mm_mul_epu32(H1, p->R22.v); - T2 = _mm_add_epi64(T2, T5); - T3 = _mm_add_epi64(T3, T6); - T5 = _mm_mul_epu32(H2, p->R20.v); - T6 = _mm_mul_epu32(H2, p->R21.v); - T2 = _mm_add_epi64(T2, T5); - T3 = _mm_add_epi64(T3, T6); - T5 = _mm_mul_epu32(H3, p->S24.v); - T6 = _mm_mul_epu32(H3, p->R20.v); - T2 = _mm_add_epi64(T2, T5); - T3 = _mm_add_epi64(T3, T6); - T5 = _mm_mul_epu32(H4, p->S23.v); - T6 = _mm_mul_epu32(H4, p->S24.v); - T2 = _mm_add_epi64(T2, T5); - T3 = _mm_add_epi64(T3, T6); - T5 = _mm_mul_epu32(H1, p->R23.v); - T4 = _mm_add_epi64(T4, T5); - T5 = _mm_mul_epu32(H2, p->R22.v); - T4 = _mm_add_epi64(T4, T5); - T5 = _mm_mul_epu32(H3, p->R21.v); - T4 = _mm_add_epi64(T4, T5); - T5 = _mm_mul_epu32(H4, p->R20.v); - T4 = _mm_add_epi64(T4, T5); - - /* H += [Mx,My]*[r^2,r^2] */ - T5 = _mm_unpacklo_epi64(_mm_loadl_epi64((xmmi *)(m + 0)), _mm_loadl_epi64((xmmi *)(m + 16))); - T6 = _mm_unpacklo_epi64(_mm_loadl_epi64((xmmi *)(m + 8)), _mm_loadl_epi64((xmmi *)(m + 24))); - M0 = _mm_and_si128(MMASK, T5); - M1 = _mm_and_si128(MMASK, _mm_srli_epi64(T5, 26)); - T5 = _mm_or_si128(_mm_srli_epi64(T5, 52), _mm_slli_epi64(T6, 12)); - M2 = _mm_and_si128(MMASK, T5); - M3 = _mm_and_si128(MMASK, _mm_srli_epi64(T5, 26)); - M4 = _mm_or_si128(_mm_srli_epi64(T6, 40), HIBIT); - - p = &st->P[1]; - T5 = _mm_mul_epu32(M0, p->R20.v); - T6 = _mm_mul_epu32(M0, p->R21.v); - T0 = _mm_add_epi64(T0, T5); - T1 = _mm_add_epi64(T1, T6); - T5 = _mm_mul_epu32(M1, p->S24.v); - T6 = _mm_mul_epu32(M1, p->R20.v); - T0 = _mm_add_epi64(T0, T5); - T1 = _mm_add_epi64(T1, T6); - T5 = _mm_mul_epu32(M2, p->S23.v); - T6 = _mm_mul_epu32(M2, p->S24.v); - T0 = _mm_add_epi64(T0, T5); - T1 = _mm_add_epi64(T1, T6); - T5 = _mm_mul_epu32(M3, p->S22.v); - T6 = _mm_mul_epu32(M3, p->S23.v); - T0 = _mm_add_epi64(T0, T5); - T1 = _mm_add_epi64(T1, T6); - T5 = _mm_mul_epu32(M4, p->S21.v); - T6 = _mm_mul_epu32(M4, p->S22.v); - T0 = _mm_add_epi64(T0, T5); - T1 = _mm_add_epi64(T1, T6); - T5 = _mm_mul_epu32(M0, p->R22.v); - T6 = _mm_mul_epu32(M0, p->R23.v); - T2 = _mm_add_epi64(T2, T5); - T3 = _mm_add_epi64(T3, T6); - T5 = _mm_mul_epu32(M1, p->R21.v); - T6 = _mm_mul_epu32(M1, p->R22.v); - T2 = _mm_add_epi64(T2, T5); - T3 = _mm_add_epi64(T3, T6); - T5 = _mm_mul_epu32(M2, p->R20.v); - T6 = _mm_mul_epu32(M2, p->R21.v); - T2 = _mm_add_epi64(T2, T5); - T3 = _mm_add_epi64(T3, T6); - T5 = _mm_mul_epu32(M3, p->S24.v); - T6 = _mm_mul_epu32(M3, p->R20.v); - T2 = _mm_add_epi64(T2, T5); - T3 = _mm_add_epi64(T3, T6); - T5 = _mm_mul_epu32(M4, p->S23.v); - T6 = _mm_mul_epu32(M4, p->S24.v); - T2 = _mm_add_epi64(T2, T5); - T3 = _mm_add_epi64(T3, T6); - T5 = _mm_mul_epu32(M0, p->R24.v); - T4 = _mm_add_epi64(T4, T5); - T5 = _mm_mul_epu32(M1, p->R23.v); - T4 = _mm_add_epi64(T4, T5); - T5 = _mm_mul_epu32(M2, p->R22.v); - T4 = _mm_add_epi64(T4, T5); - T5 = _mm_mul_epu32(M3, p->R21.v); - T4 = _mm_add_epi64(T4, T5); - T5 = _mm_mul_epu32(M4, p->R20.v); - T4 = _mm_add_epi64(T4, T5); - - /* H += [Mx,My] */ - T5 = _mm_unpacklo_epi64(_mm_loadl_epi64((xmmi *)(m + 32)), _mm_loadl_epi64((xmmi *)(m + 48))); - T6 = _mm_unpacklo_epi64(_mm_loadl_epi64((xmmi *)(m + 40)), _mm_loadl_epi64((xmmi *)(m + 56))); - M0 = _mm_and_si128(MMASK, T5); - M1 = _mm_and_si128(MMASK, _mm_srli_epi64(T5, 26)); - T5 = _mm_or_si128(_mm_srli_epi64(T5, 52), _mm_slli_epi64(T6, 12)); - M2 = _mm_and_si128(MMASK, T5); - M3 = _mm_and_si128(MMASK, _mm_srli_epi64(T5, 26)); - M4 = _mm_or_si128(_mm_srli_epi64(T6, 40), HIBIT); - - T0 = _mm_add_epi64(T0, M0); - T1 = _mm_add_epi64(T1, M1); - T2 = _mm_add_epi64(T2, M2); - T3 = _mm_add_epi64(T3, M3); - T4 = _mm_add_epi64(T4, M4); - - /* reduce */ - C1 = _mm_srli_epi64(T0, 26); - C2 = _mm_srli_epi64(T3, 26); - T0 = _mm_and_si128(T0, MMASK); - T3 = _mm_and_si128(T3, MMASK); - T1 = _mm_add_epi64(T1, C1); - T4 = _mm_add_epi64(T4, C2); - C1 = _mm_srli_epi64(T1, 26); - C2 = _mm_srli_epi64(T4, 26); - T1 = _mm_and_si128(T1, MMASK); - T4 = _mm_and_si128(T4, MMASK); - T2 = _mm_add_epi64(T2, C1); - T0 = _mm_add_epi64(T0, _mm_mul_epu32(C2, FIVE)); - C1 = _mm_srli_epi64(T2, 26); - C2 = _mm_srli_epi64(T0, 26); - T2 = _mm_and_si128(T2, MMASK); - T0 = _mm_and_si128(T0, MMASK); - T3 = _mm_add_epi64(T3, C1); - T1 = _mm_add_epi64(T1, C2); - C1 = _mm_srli_epi64(T3, 26); - T3 = _mm_and_si128(T3, MMASK); - T4 = _mm_add_epi64(T4, C1); - - /* H = (H*[r^4,r^4] + [Mx,My]*[r^2,r^2] + [Mx,My]) */ - H0 = T0; - H1 = T1; - H2 = T2; - H3 = T3; - H4 = T4; - - m += 64; - bytes -= 64; - } - - st->H[0] = H0; - st->H[1] = H1; - st->H[2] = H2; - st->H[3] = H3; - st->H[4] = H4; -} - -static size_t -poly1305_combine(poly1305_state_internal *st, const uint8_t *m, size_t bytes) -{ - const xmmi MMASK = _mm_load_si128((xmmi *)poly1305_x64_sse2_message_mask); - const xmmi HIBIT = _mm_load_si128((xmmi *)poly1305_x64_sse2_1shl128); - const xmmi FIVE = _mm_load_si128((xmmi *)poly1305_x64_sse2_5); - - poly1305_power *p; - xmmi H0, H1, H2, H3, H4; - xmmi M0, M1, M2, M3, M4; - xmmi T0, T1, T2, T3, T4, T5, T6; - xmmi C1, C2; - - uint64_t r0, r1, r2; - uint64_t t0, t1, t2, t3, t4; - uint64_t c; - size_t consumed = 0; - - H0 = st->H[0]; - H1 = st->H[1]; - H2 = st->H[2]; - H3 = st->H[3]; - H4 = st->H[4]; - - /* p = [r^2,r^2] */ - p = &st->P[1]; - - if (bytes >= 32) { - /* H *= [r^2,r^2] */ - T0 = _mm_mul_epu32(H0, p->R20.v); - T1 = _mm_mul_epu32(H0, p->R21.v); - T2 = _mm_mul_epu32(H0, p->R22.v); - T3 = _mm_mul_epu32(H0, p->R23.v); - T4 = _mm_mul_epu32(H0, p->R24.v); - T5 = _mm_mul_epu32(H1, p->S24.v); - T6 = _mm_mul_epu32(H1, p->R20.v); - T0 = _mm_add_epi64(T0, T5); - T1 = _mm_add_epi64(T1, T6); - T5 = _mm_mul_epu32(H2, p->S23.v); - T6 = _mm_mul_epu32(H2, p->S24.v); - T0 = _mm_add_epi64(T0, T5); - T1 = _mm_add_epi64(T1, T6); - T5 = _mm_mul_epu32(H3, p->S22.v); - T6 = _mm_mul_epu32(H3, p->S23.v); - T0 = _mm_add_epi64(T0, T5); - T1 = _mm_add_epi64(T1, T6); - T5 = _mm_mul_epu32(H4, p->S21.v); - T6 = _mm_mul_epu32(H4, p->S22.v); - T0 = _mm_add_epi64(T0, T5); - T1 = _mm_add_epi64(T1, T6); - T5 = _mm_mul_epu32(H1, p->R21.v); - T6 = _mm_mul_epu32(H1, p->R22.v); - T2 = _mm_add_epi64(T2, T5); - T3 = _mm_add_epi64(T3, T6); - T5 = _mm_mul_epu32(H2, p->R20.v); - T6 = _mm_mul_epu32(H2, p->R21.v); - T2 = _mm_add_epi64(T2, T5); - T3 = _mm_add_epi64(T3, T6); - T5 = _mm_mul_epu32(H3, p->S24.v); - T6 = _mm_mul_epu32(H3, p->R20.v); - T2 = _mm_add_epi64(T2, T5); - T3 = _mm_add_epi64(T3, T6); - T5 = _mm_mul_epu32(H4, p->S23.v); - T6 = _mm_mul_epu32(H4, p->S24.v); - T2 = _mm_add_epi64(T2, T5); - T3 = _mm_add_epi64(T3, T6); - T5 = _mm_mul_epu32(H1, p->R23.v); - T4 = _mm_add_epi64(T4, T5); - T5 = _mm_mul_epu32(H2, p->R22.v); - T4 = _mm_add_epi64(T4, T5); - T5 = _mm_mul_epu32(H3, p->R21.v); - T4 = _mm_add_epi64(T4, T5); - T5 = _mm_mul_epu32(H4, p->R20.v); - T4 = _mm_add_epi64(T4, T5); - - /* H += [Mx,My] */ - T5 = _mm_unpacklo_epi64(_mm_loadl_epi64((xmmi *)(m + 0)), _mm_loadl_epi64((xmmi *)(m + 16))); - T6 = _mm_unpacklo_epi64(_mm_loadl_epi64((xmmi *)(m + 8)), _mm_loadl_epi64((xmmi *)(m + 24))); - M0 = _mm_and_si128(MMASK, T5); - M1 = _mm_and_si128(MMASK, _mm_srli_epi64(T5, 26)); - T5 = _mm_or_si128(_mm_srli_epi64(T5, 52), _mm_slli_epi64(T6, 12)); - M2 = _mm_and_si128(MMASK, T5); - M3 = _mm_and_si128(MMASK, _mm_srli_epi64(T5, 26)); - M4 = _mm_or_si128(_mm_srli_epi64(T6, 40), HIBIT); - - T0 = _mm_add_epi64(T0, M0); - T1 = _mm_add_epi64(T1, M1); - T2 = _mm_add_epi64(T2, M2); - T3 = _mm_add_epi64(T3, M3); - T4 = _mm_add_epi64(T4, M4); - - /* reduce */ - C1 = _mm_srli_epi64(T0, 26); - C2 = _mm_srli_epi64(T3, 26); - T0 = _mm_and_si128(T0, MMASK); - T3 = _mm_and_si128(T3, MMASK); - T1 = _mm_add_epi64(T1, C1); - T4 = _mm_add_epi64(T4, C2); - C1 = _mm_srli_epi64(T1, 26); - C2 = _mm_srli_epi64(T4, 26); - T1 = _mm_and_si128(T1, MMASK); - T4 = _mm_and_si128(T4, MMASK); - T2 = _mm_add_epi64(T2, C1); - T0 = _mm_add_epi64(T0, _mm_mul_epu32(C2, FIVE)); - C1 = _mm_srli_epi64(T2, 26); - C2 = _mm_srli_epi64(T0, 26); - T2 = _mm_and_si128(T2, MMASK); - T0 = _mm_and_si128(T0, MMASK); - T3 = _mm_add_epi64(T3, C1); - T1 = _mm_add_epi64(T1, C2); - C1 = _mm_srli_epi64(T3, 26); - T3 = _mm_and_si128(T3, MMASK); - T4 = _mm_add_epi64(T4, C1); - - /* H = (H*[r^2,r^2] + [Mx,My]) */ - H0 = T0; - H1 = T1; - H2 = T2; - H3 = T3; - H4 = T4; - - consumed = 32; - } - - /* finalize, H *= [r^2,r] */ - r0 = ((uint64_t)p->R20.d[3] << 32) | (uint64_t)p->R20.d[1]; - r1 = ((uint64_t)p->R21.d[3] << 32) | (uint64_t)p->R21.d[1]; - r2 = ((uint64_t)p->R22.d[3] << 32) | (uint64_t)p->R22.d[1]; - - p->R20.d[2] = (uint32_t)(r0)&0x3ffffff; - p->R21.d[2] = (uint32_t)((r0 >> 26) | (r1 << 18)) & 0x3ffffff; - p->R22.d[2] = (uint32_t)((r1 >> 8)) & 0x3ffffff; - p->R23.d[2] = (uint32_t)((r1 >> 34) | (r2 << 10)) & 0x3ffffff; - p->R24.d[2] = (uint32_t)((r2 >> 16)); - p->S21.d[2] = p->R21.d[2] * 5; - p->S22.d[2] = p->R22.d[2] * 5; - p->S23.d[2] = p->R23.d[2] * 5; - p->S24.d[2] = p->R24.d[2] * 5; - - /* H *= [r^2,r] */ - T0 = _mm_mul_epu32(H0, p->R20.v); - T1 = _mm_mul_epu32(H0, p->R21.v); - T2 = _mm_mul_epu32(H0, p->R22.v); - T3 = _mm_mul_epu32(H0, p->R23.v); - T4 = _mm_mul_epu32(H0, p->R24.v); - T5 = _mm_mul_epu32(H1, p->S24.v); - T6 = _mm_mul_epu32(H1, p->R20.v); - T0 = _mm_add_epi64(T0, T5); - T1 = _mm_add_epi64(T1, T6); - T5 = _mm_mul_epu32(H2, p->S23.v); - T6 = _mm_mul_epu32(H2, p->S24.v); - T0 = _mm_add_epi64(T0, T5); - T1 = _mm_add_epi64(T1, T6); - T5 = _mm_mul_epu32(H3, p->S22.v); - T6 = _mm_mul_epu32(H3, p->S23.v); - T0 = _mm_add_epi64(T0, T5); - T1 = _mm_add_epi64(T1, T6); - T5 = _mm_mul_epu32(H4, p->S21.v); - T6 = _mm_mul_epu32(H4, p->S22.v); - T0 = _mm_add_epi64(T0, T5); - T1 = _mm_add_epi64(T1, T6); - T5 = _mm_mul_epu32(H1, p->R21.v); - T6 = _mm_mul_epu32(H1, p->R22.v); - T2 = _mm_add_epi64(T2, T5); - T3 = _mm_add_epi64(T3, T6); - T5 = _mm_mul_epu32(H2, p->R20.v); - T6 = _mm_mul_epu32(H2, p->R21.v); - T2 = _mm_add_epi64(T2, T5); - T3 = _mm_add_epi64(T3, T6); - T5 = _mm_mul_epu32(H3, p->S24.v); - T6 = _mm_mul_epu32(H3, p->R20.v); - T2 = _mm_add_epi64(T2, T5); - T3 = _mm_add_epi64(T3, T6); - T5 = _mm_mul_epu32(H4, p->S23.v); - T6 = _mm_mul_epu32(H4, p->S24.v); - T2 = _mm_add_epi64(T2, T5); - T3 = _mm_add_epi64(T3, T6); - T5 = _mm_mul_epu32(H1, p->R23.v); - T4 = _mm_add_epi64(T4, T5); - T5 = _mm_mul_epu32(H2, p->R22.v); - T4 = _mm_add_epi64(T4, T5); - T5 = _mm_mul_epu32(H3, p->R21.v); - T4 = _mm_add_epi64(T4, T5); - T5 = _mm_mul_epu32(H4, p->R20.v); - T4 = _mm_add_epi64(T4, T5); - - C1 = _mm_srli_epi64(T0, 26); - C2 = _mm_srli_epi64(T3, 26); - T0 = _mm_and_si128(T0, MMASK); - T3 = _mm_and_si128(T3, MMASK); - T1 = _mm_add_epi64(T1, C1); - T4 = _mm_add_epi64(T4, C2); - C1 = _mm_srli_epi64(T1, 26); - C2 = _mm_srli_epi64(T4, 26); - T1 = _mm_and_si128(T1, MMASK); - T4 = _mm_and_si128(T4, MMASK); - T2 = _mm_add_epi64(T2, C1); - T0 = _mm_add_epi64(T0, _mm_mul_epu32(C2, FIVE)); - C1 = _mm_srli_epi64(T2, 26); - C2 = _mm_srli_epi64(T0, 26); - T2 = _mm_and_si128(T2, MMASK); - T0 = _mm_and_si128(T0, MMASK); - T3 = _mm_add_epi64(T3, C1); - T1 = _mm_add_epi64(T1, C2); - C1 = _mm_srli_epi64(T3, 26); - T3 = _mm_and_si128(T3, MMASK); - T4 = _mm_add_epi64(T4, C1); - - /* H = H[0]+H[1] */ - H0 = _mm_add_epi64(T0, _mm_srli_si128(T0, 8)); - H1 = _mm_add_epi64(T1, _mm_srli_si128(T1, 8)); - H2 = _mm_add_epi64(T2, _mm_srli_si128(T2, 8)); - H3 = _mm_add_epi64(T3, _mm_srli_si128(T3, 8)); - H4 = _mm_add_epi64(T4, _mm_srli_si128(T4, 8)); - - t0 = _mm_cvtsi128_si32(H0); - c = (t0 >> 26); - t0 &= 0x3ffffff; - t1 = _mm_cvtsi128_si32(H1) + c; - c = (t1 >> 26); - t1 &= 0x3ffffff; - t2 = _mm_cvtsi128_si32(H2) + c; - c = (t2 >> 26); - t2 &= 0x3ffffff; - t3 = _mm_cvtsi128_si32(H3) + c; - c = (t3 >> 26); - t3 &= 0x3ffffff; - t4 = _mm_cvtsi128_si32(H4) + c; - c = (t4 >> 26); - t4 &= 0x3ffffff; - t0 = t0 + (c * 5); - c = (t0 >> 26); - t0 &= 0x3ffffff; - t1 = t1 + c; - - st->HH[0] = ((t0) | (t1 << 26)) & 0xfffffffffffull; - st->HH[1] = ((t1 >> 18) | (t2 << 8) | (t3 << 34)) & 0xfffffffffffull; - st->HH[2] = ((t3 >> 10) | (t4 << 16)) & 0x3ffffffffffull; - - return consumed; -} - -void -Poly1305Update(poly1305_state *state, const unsigned char *m, size_t bytes) -{ - poly1305_state_internal *st = poly1305_aligned_state(state); - size_t want; - - /* need at least 32 initial bytes to start the accelerated branch */ - if (!st->started) { - if ((st->leftover == 0) && (bytes > 32)) { - poly1305_first_block(st, m); - m += 32; - bytes -= 32; - } else { - want = poly1305_min(32 - st->leftover, bytes); - poly1305_block_copy(st->buffer + st->leftover, m, want); - bytes -= want; - m += want; - st->leftover += want; - if ((st->leftover < 32) || (bytes == 0)) - return; - poly1305_first_block(st, st->buffer); - st->leftover = 0; - } - st->started = 1; - } - - /* handle leftover */ - if (st->leftover) { - want = poly1305_min(64 - st->leftover, bytes); - poly1305_block_copy(st->buffer + st->leftover, m, want); - bytes -= want; - m += want; - st->leftover += want; - if (st->leftover < 64) - return; - poly1305_blocks(st, st->buffer, 64); - st->leftover = 0; - } - - /* process 64 byte blocks */ - if (bytes >= 64) { - want = (bytes & ~63); - poly1305_blocks(st, m, want); - m += want; - bytes -= want; - } - - if (bytes) { - poly1305_block_copy(st->buffer + st->leftover, m, bytes); - st->leftover += bytes; - } -} - -void -Poly1305Finish(poly1305_state *state, unsigned char mac[16]) -{ - poly1305_state_internal *st = poly1305_aligned_state(state); - size_t leftover = st->leftover; - uint8_t *m = st->buffer; - uint128_t d[3]; - uint64_t h0, h1, h2; - uint64_t t0, t1; - uint64_t g0, g1, g2, c, nc; - uint64_t r0, r1, r2, s1, s2; - poly1305_power *p; - - if (st->started) { - size_t consumed = poly1305_combine(st, m, leftover); - leftover -= consumed; - m += consumed; - } - - /* st->HH will either be 0 or have the combined result */ - h0 = st->HH[0]; - h1 = st->HH[1]; - h2 = st->HH[2]; - - p = &st->P[1]; - r0 = ((uint64_t)p->R20.d[3] << 32) | (uint64_t)p->R20.d[1]; - r1 = ((uint64_t)p->R21.d[3] << 32) | (uint64_t)p->R21.d[1]; - r2 = ((uint64_t)p->R22.d[3] << 32) | (uint64_t)p->R22.d[1]; - s1 = r1 * (5 << 2); - s2 = r2 * (5 << 2); - - if (leftover < 16) - goto poly1305_donna_atmost15bytes; - -poly1305_donna_atleast16bytes: - t0 = U8TO64_LE(m + 0); - t1 = U8TO64_LE(m + 8); - h0 += t0 & 0xfffffffffff; - t0 = shr128_pair(t1, t0, 44); - h1 += t0 & 0xfffffffffff; - h2 += (t1 >> 24) | ((uint64_t)1 << 40); - -poly1305_donna_mul: - d[0] = add128(add128(mul64x64_128(h0, r0), mul64x64_128(h1, s2)), mul64x64_128(h2, s1)); - d[1] = add128(add128(mul64x64_128(h0, r1), mul64x64_128(h1, r0)), mul64x64_128(h2, s2)); - d[2] = add128(add128(mul64x64_128(h0, r2), mul64x64_128(h1, r1)), mul64x64_128(h2, r0)); - h0 = lo128(d[0]) & 0xfffffffffff; - c = shr128(d[0], 44); - d[1] = add128_64(d[1], c); - h1 = lo128(d[1]) & 0xfffffffffff; - c = shr128(d[1], 44); - d[2] = add128_64(d[2], c); - h2 = lo128(d[2]) & 0x3ffffffffff; - c = shr128(d[2], 42); - h0 += c * 5; - - m += 16; - leftover -= 16; - if (leftover >= 16) - goto poly1305_donna_atleast16bytes; - -/* final bytes */ -poly1305_donna_atmost15bytes: - if (!leftover) - goto poly1305_donna_finish; - - m[leftover++] = 1; - poly1305_block_zero(m + leftover, 16 - leftover); - leftover = 16; - - t0 = U8TO64_LE(m + 0); - t1 = U8TO64_LE(m + 8); - h0 += t0 & 0xfffffffffff; - t0 = shr128_pair(t1, t0, 44); - h1 += t0 & 0xfffffffffff; - h2 += (t1 >> 24); - - goto poly1305_donna_mul; - -poly1305_donna_finish: - c = (h0 >> 44); - h0 &= 0xfffffffffff; - h1 += c; - c = (h1 >> 44); - h1 &= 0xfffffffffff; - h2 += c; - c = (h2 >> 42); - h2 &= 0x3ffffffffff; - h0 += c * 5; - - g0 = h0 + 5; - c = (g0 >> 44); - g0 &= 0xfffffffffff; - g1 = h1 + c; - c = (g1 >> 44); - g1 &= 0xfffffffffff; - g2 = h2 + c - ((uint64_t)1 << 42); - - c = (g2 >> 63) - 1; - nc = ~c; - h0 = (h0 & nc) | (g0 & c); - h1 = (h1 & nc) | (g1 & c); - h2 = (h2 & nc) | (g2 & c); - - /* pad */ - t0 = ((uint64_t)p->R23.d[3] << 32) | (uint64_t)p->R23.d[1]; - t1 = ((uint64_t)p->R24.d[3] << 32) | (uint64_t)p->R24.d[1]; - h0 += (t0 & 0xfffffffffff); - c = (h0 >> 44); - h0 &= 0xfffffffffff; - t0 = shr128_pair(t1, t0, 44); - h1 += (t0 & 0xfffffffffff) + c; - c = (h1 >> 44); - h1 &= 0xfffffffffff; - t1 = (t1 >> 24); - h2 += (t1) + c; - - U64TO8_LE(mac + 0, ((h0) | (h1 << 44))); - U64TO8_LE(mac + 8, ((h1 >> 20) | (h2 << 24))); -} diff --git a/security/nss/lib/freebl/poly1305.c b/security/nss/lib/freebl/poly1305.c deleted file mode 100644 index eb3e3cd55..000000000 --- a/security/nss/lib/freebl/poly1305.c +++ /dev/null @@ -1,314 +0,0 @@ -/* This Source Code Form is subject to the terms of the Mozilla Public - * License, v. 2.0. If a copy of the MPL was not distributed with this - * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ - -/* This implementation of poly1305 is by Andrew Moon - * (https://github.com/floodyberry/poly1305-donna) and released as public - * domain. */ - -#include <string.h> - -#include "poly1305.h" - -#if defined(_MSC_VER) && _MSC_VER < 1600 -#include "prtypes.h" -typedef PRUint32 uint32_t; -typedef PRUint64 uint64_t; -#else -#include <stdint.h> -#endif - -#if defined(NSS_X86) || defined(NSS_X64) -/* We can assume little-endian. */ -static uint32_t -U8TO32_LE(const unsigned char *m) -{ - uint32_t r; - memcpy(&r, m, sizeof(r)); - return r; -} - -static void -U32TO8_LE(unsigned char *m, uint32_t v) -{ - memcpy(m, &v, sizeof(v)); -} -#else -static uint32_t -U8TO32_LE(const unsigned char *m) -{ - return (uint32_t)m[0] | - (uint32_t)m[1] << 8 | - (uint32_t)m[2] << 16 | - (uint32_t)m[3] << 24; -} - -static void -U32TO8_LE(unsigned char *m, uint32_t v) -{ - m[0] = v; - m[1] = v >> 8; - m[2] = v >> 16; - m[3] = v >> 24; -} -#endif - -static uint64_t -mul32x32_64(uint32_t a, uint32_t b) -{ - return (uint64_t)a * b; -} - -struct poly1305_state_st { - uint32_t r0, r1, r2, r3, r4; - uint32_t s1, s2, s3, s4; - uint32_t h0, h1, h2, h3, h4; - unsigned char buf[16]; - unsigned int buf_used; - unsigned char key[16]; -}; - -/* update updates |state| given some amount of input data. This function may - * only be called with a |len| that is not a multiple of 16 at the end of the - * data. Otherwise the input must be buffered into 16 byte blocks. */ -static void -update(struct poly1305_state_st *state, const unsigned char *in, - size_t len) -{ - uint32_t t0, t1, t2, t3; - uint64_t t[5]; - uint32_t b; - uint64_t c; - size_t j; - unsigned char mp[16]; - - if (len < 16) - goto poly1305_donna_atmost15bytes; - -poly1305_donna_16bytes: - t0 = U8TO32_LE(in); - t1 = U8TO32_LE(in + 4); - t2 = U8TO32_LE(in + 8); - t3 = U8TO32_LE(in + 12); - - in += 16; - len -= 16; - - state->h0 += t0 & 0x3ffffff; - state->h1 += ((((uint64_t)t1 << 32) | t0) >> 26) & 0x3ffffff; - state->h2 += ((((uint64_t)t2 << 32) | t1) >> 20) & 0x3ffffff; - state->h3 += ((((uint64_t)t3 << 32) | t2) >> 14) & 0x3ffffff; - state->h4 += (t3 >> 8) | (1 << 24); - -poly1305_donna_mul: - t[0] = mul32x32_64(state->h0, state->r0) + - mul32x32_64(state->h1, state->s4) + - mul32x32_64(state->h2, state->s3) + - mul32x32_64(state->h3, state->s2) + - mul32x32_64(state->h4, state->s1); - t[1] = mul32x32_64(state->h0, state->r1) + - mul32x32_64(state->h1, state->r0) + - mul32x32_64(state->h2, state->s4) + - mul32x32_64(state->h3, state->s3) + - mul32x32_64(state->h4, state->s2); - t[2] = mul32x32_64(state->h0, state->r2) + - mul32x32_64(state->h1, state->r1) + - mul32x32_64(state->h2, state->r0) + - mul32x32_64(state->h3, state->s4) + - mul32x32_64(state->h4, state->s3); - t[3] = mul32x32_64(state->h0, state->r3) + - mul32x32_64(state->h1, state->r2) + - mul32x32_64(state->h2, state->r1) + - mul32x32_64(state->h3, state->r0) + - mul32x32_64(state->h4, state->s4); - t[4] = mul32x32_64(state->h0, state->r4) + - mul32x32_64(state->h1, state->r3) + - mul32x32_64(state->h2, state->r2) + - mul32x32_64(state->h3, state->r1) + - mul32x32_64(state->h4, state->r0); - - state->h0 = (uint32_t)t[0] & 0x3ffffff; - c = (t[0] >> 26); - t[1] += c; - state->h1 = (uint32_t)t[1] & 0x3ffffff; - b = (uint32_t)(t[1] >> 26); - t[2] += b; - state->h2 = (uint32_t)t[2] & 0x3ffffff; - b = (uint32_t)(t[2] >> 26); - t[3] += b; - state->h3 = (uint32_t)t[3] & 0x3ffffff; - b = (uint32_t)(t[3] >> 26); - t[4] += b; - state->h4 = (uint32_t)t[4] & 0x3ffffff; - b = (uint32_t)(t[4] >> 26); - state->h0 += b * 5; - - if (len >= 16) - goto poly1305_donna_16bytes; - -/* final bytes */ -poly1305_donna_atmost15bytes: - if (!len) - return; - - for (j = 0; j < len; j++) - mp[j] = in[j]; - mp[j++] = 1; - for (; j < 16; j++) - mp[j] = 0; - len = 0; - - t0 = U8TO32_LE(mp + 0); - t1 = U8TO32_LE(mp + 4); - t2 = U8TO32_LE(mp + 8); - t3 = U8TO32_LE(mp + 12); - - state->h0 += t0 & 0x3ffffff; - state->h1 += ((((uint64_t)t1 << 32) | t0) >> 26) & 0x3ffffff; - state->h2 += ((((uint64_t)t2 << 32) | t1) >> 20) & 0x3ffffff; - state->h3 += ((((uint64_t)t3 << 32) | t2) >> 14) & 0x3ffffff; - state->h4 += (t3 >> 8); - - goto poly1305_donna_mul; -} - -void -Poly1305Init(poly1305_state *statep, const unsigned char key[32]) -{ - struct poly1305_state_st *state = (struct poly1305_state_st *)statep; - uint32_t t0, t1, t2, t3; - - t0 = U8TO32_LE(key + 0); - t1 = U8TO32_LE(key + 4); - t2 = U8TO32_LE(key + 8); - t3 = U8TO32_LE(key + 12); - - /* precompute multipliers */ - state->r0 = t0 & 0x3ffffff; - t0 >>= 26; - t0 |= t1 << 6; - state->r1 = t0 & 0x3ffff03; - t1 >>= 20; - t1 |= t2 << 12; - state->r2 = t1 & 0x3ffc0ff; - t2 >>= 14; - t2 |= t3 << 18; - state->r3 = t2 & 0x3f03fff; - t3 >>= 8; - state->r4 = t3 & 0x00fffff; - - state->s1 = state->r1 * 5; - state->s2 = state->r2 * 5; - state->s3 = state->r3 * 5; - state->s4 = state->r4 * 5; - - /* init state */ - state->h0 = 0; - state->h1 = 0; - state->h2 = 0; - state->h3 = 0; - state->h4 = 0; - - state->buf_used = 0; - memcpy(state->key, key + 16, sizeof(state->key)); -} - -void -Poly1305Update(poly1305_state *statep, const unsigned char *in, - size_t in_len) -{ - unsigned int i; - struct poly1305_state_st *state = (struct poly1305_state_st *)statep; - - if (state->buf_used) { - unsigned int todo = 16 - state->buf_used; - if (todo > in_len) - todo = in_len; - for (i = 0; i < todo; i++) - state->buf[state->buf_used + i] = in[i]; - state->buf_used += todo; - in_len -= todo; - in += todo; - - if (state->buf_used == 16) { - update(state, state->buf, 16); - state->buf_used = 0; - } - } - - if (in_len >= 16) { - size_t todo = in_len & ~0xf; - update(state, in, todo); - in += todo; - in_len &= 0xf; - } - - if (in_len) { - for (i = 0; i < in_len; i++) - state->buf[i] = in[i]; - state->buf_used = in_len; - } -} - -void -Poly1305Finish(poly1305_state *statep, unsigned char mac[16]) -{ - struct poly1305_state_st *state = (struct poly1305_state_st *)statep; - uint64_t f0, f1, f2, f3; - uint32_t g0, g1, g2, g3, g4; - uint32_t b, nb; - - if (state->buf_used) - update(state, state->buf, state->buf_used); - - b = state->h0 >> 26; - state->h0 = state->h0 & 0x3ffffff; - state->h1 += b; - b = state->h1 >> 26; - state->h1 = state->h1 & 0x3ffffff; - state->h2 += b; - b = state->h2 >> 26; - state->h2 = state->h2 & 0x3ffffff; - state->h3 += b; - b = state->h3 >> 26; - state->h3 = state->h3 & 0x3ffffff; - state->h4 += b; - b = state->h4 >> 26; - state->h4 = state->h4 & 0x3ffffff; - state->h0 += b * 5; - - g0 = state->h0 + 5; - b = g0 >> 26; - g0 &= 0x3ffffff; - g1 = state->h1 + b; - b = g1 >> 26; - g1 &= 0x3ffffff; - g2 = state->h2 + b; - b = g2 >> 26; - g2 &= 0x3ffffff; - g3 = state->h3 + b; - b = g3 >> 26; - g3 &= 0x3ffffff; - g4 = state->h4 + b - (1 << 26); - - b = (g4 >> 31) - 1; - nb = ~b; - state->h0 = (state->h0 & nb) | (g0 & b); - state->h1 = (state->h1 & nb) | (g1 & b); - state->h2 = (state->h2 & nb) | (g2 & b); - state->h3 = (state->h3 & nb) | (g3 & b); - state->h4 = (state->h4 & nb) | (g4 & b); - - f0 = ((state->h0) | (state->h1 << 26)) + (uint64_t)U8TO32_LE(&state->key[0]); - f1 = ((state->h1 >> 6) | (state->h2 << 20)) + (uint64_t)U8TO32_LE(&state->key[4]); - f2 = ((state->h2 >> 12) | (state->h3 << 14)) + (uint64_t)U8TO32_LE(&state->key[8]); - f3 = ((state->h3 >> 18) | (state->h4 << 8)) + (uint64_t)U8TO32_LE(&state->key[12]); - - U32TO8_LE(&mac[0], (uint32_t)f0); - f1 += (f0 >> 32); - U32TO8_LE(&mac[4], (uint32_t)f1); - f2 += (f1 >> 32); - U32TO8_LE(&mac[8], (uint32_t)f2); - f3 += (f2 >> 32); - U32TO8_LE(&mac[12], (uint32_t)f3); -} diff --git a/security/nss/lib/freebl/poly1305.h b/security/nss/lib/freebl/poly1305.h deleted file mode 100644 index 125f49b3b..000000000 --- a/security/nss/lib/freebl/poly1305.h +++ /dev/null @@ -1,30 +0,0 @@ -/* - * poly1305.h - header file for Poly1305 implementation. - * - * This Source Code Form is subject to the terms of the Mozilla Public - * License, v. 2.0. If a copy of the MPL was not distributed with this - * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ - -#ifndef FREEBL_POLY1305_H_ -#define FREEBL_POLY1305_H_ - -#include "stddef.h" - -typedef unsigned char poly1305_state[512]; - -/* Poly1305Init sets up |state| so that it can be used to calculate an - * authentication tag with the one-time key |key|. Note that |key| is a - * one-time key and therefore there is no `reset' method because that would - * enable several messages to be authenticated with the same key. */ -extern void Poly1305Init(poly1305_state* state, const unsigned char key[32]); - -/* Poly1305Update processes |in_len| bytes from |in|. It can be called zero or - * more times after poly1305_init. */ -extern void Poly1305Update(poly1305_state* state, const unsigned char* in, - size_t inLen); - -/* Poly1305Finish completes the poly1305 calculation and writes a 16 byte - * authentication tag to |mac|. */ -extern void Poly1305Finish(poly1305_state* state, unsigned char mac[16]); - -#endif /* FREEBL_POLY1305_H_ */ diff --git a/security/nss/lib/freebl/unix_urandom.c b/security/nss/lib/freebl/unix_urandom.c index 25e6ad91c..869a5ed8c 100644 --- a/security/nss/lib/freebl/unix_urandom.c +++ b/security/nss/lib/freebl/unix_urandom.c @@ -4,10 +4,14 @@ #include <fcntl.h> #include <unistd.h> +#include <errno.h> #include "secerr.h" #include "secrng.h" #include "prprf.h" +/* syscall getentropy() is limited to retrieving 256 bytes */ +#define GETENTROPY_MAX_BYTES 256 + void RNG_SystemInfoForRNG(void) { @@ -28,6 +32,35 @@ RNG_SystemRNG(void *dest, size_t maxLen) size_t fileBytes = 0; unsigned char *buffer = dest; +#if defined(__OpenBSD__) || (defined(LINUX) && defined(__GLIBC__) && ((__GLIBC__ > 2) || ((__GLIBC__ == 2) && (__GLIBC_MINOR__ >= 25)))) + int result; + + while (fileBytes < maxLen) { + size_t getBytes = maxLen - fileBytes; + if (getBytes > GETENTROPY_MAX_BYTES) { + getBytes = GETENTROPY_MAX_BYTES; + } + result = getentropy(buffer, getBytes); + if (result == 0) { /* success */ + fileBytes += getBytes; + buffer += getBytes; + } else { + break; + } + } + if (fileBytes == maxLen) { /* success */ + return maxLen; + } + /* If we failed with an error other than ENOSYS, it means the destination + * buffer is not writeable. We don't need to try writing to it again. */ + if (errno != ENOSYS) { + PORT_SetError(SEC_ERROR_NEED_RANDOM); + return 0; + } + /* ENOSYS means the kernel doesn't support getentropy()/getrandom(). + * Reset the number of bytes to get and fall back to /dev/urandom. */ + fileBytes = 0; +#endif fd = open("/dev/urandom", O_RDONLY); if (fd < 0) { PORT_SetError(SEC_ERROR_NEED_RANDOM); diff --git a/security/nss/lib/freebl/verified/Hacl_Poly1305_32.c b/security/nss/lib/freebl/verified/Hacl_Poly1305_32.c new file mode 100644 index 000000000..246a41af3 --- /dev/null +++ b/security/nss/lib/freebl/verified/Hacl_Poly1305_32.c @@ -0,0 +1,578 @@ +/* Copyright 2016-2017 INRIA and Microsoft Corporation + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "Hacl_Poly1305_32.h" + +inline static void +Hacl_Bignum_Modulo_reduce(uint32_t *b) +{ + uint32_t b0 = b[0U]; + b[0U] = (b0 << (uint32_t)2U) + b0; +} + +inline static void +Hacl_Bignum_Modulo_carry_top(uint32_t *b) +{ + uint32_t b4 = b[4U]; + uint32_t b0 = b[0U]; + uint32_t b4_26 = b4 >> (uint32_t)26U; + b[4U] = b4 & (uint32_t)0x3ffffffU; + b[0U] = (b4_26 << (uint32_t)2U) + b4_26 + b0; +} + +inline static void +Hacl_Bignum_Modulo_carry_top_wide(uint64_t *b) +{ + uint64_t b4 = b[4U]; + uint64_t b0 = b[0U]; + uint64_t b4_ = b4 & (uint64_t)(uint32_t)0x3ffffffU; + uint32_t b4_26 = (uint32_t)(b4 >> (uint32_t)26U); + uint64_t b0_ = b0 + (uint64_t)((b4_26 << (uint32_t)2U) + b4_26); + b[4U] = b4_; + b[0U] = b0_; +} + +inline static void +Hacl_Bignum_Fproduct_copy_from_wide_(uint32_t *output, uint64_t *input) +{ + for (uint32_t i = (uint32_t)0U; i < (uint32_t)5U; i = i + (uint32_t)1U) { + uint64_t xi = input[i]; + output[i] = (uint32_t)xi; + } +} + +inline static void +Hacl_Bignum_Fproduct_sum_scalar_multiplication_(uint64_t *output, uint32_t *input, uint32_t s) +{ + for (uint32_t i = (uint32_t)0U; i < (uint32_t)5U; i = i + (uint32_t)1U) { + uint64_t xi = output[i]; + uint32_t yi = input[i]; + uint64_t x_wide = (uint64_t)yi; + uint64_t y_wide = (uint64_t)s; + output[i] = xi + x_wide * y_wide; + } +} + +inline static void +Hacl_Bignum_Fproduct_carry_wide_(uint64_t *tmp) +{ + for (uint32_t i = (uint32_t)0U; i < (uint32_t)4U; i = i + (uint32_t)1U) { + uint32_t ctr = i; + uint64_t tctr = tmp[ctr]; + uint64_t tctrp1 = tmp[ctr + (uint32_t)1U]; + uint32_t r0 = (uint32_t)tctr & (uint32_t)0x3ffffffU; + uint64_t c = tctr >> (uint32_t)26U; + tmp[ctr] = (uint64_t)r0; + tmp[ctr + (uint32_t)1U] = tctrp1 + c; + } +} + +inline static void +Hacl_Bignum_Fproduct_carry_limb_(uint32_t *tmp) +{ + for (uint32_t i = (uint32_t)0U; i < (uint32_t)4U; i = i + (uint32_t)1U) { + uint32_t ctr = i; + uint32_t tctr = tmp[ctr]; + uint32_t tctrp1 = tmp[ctr + (uint32_t)1U]; + uint32_t r0 = tctr & (uint32_t)0x3ffffffU; + uint32_t c = tctr >> (uint32_t)26U; + tmp[ctr] = r0; + tmp[ctr + (uint32_t)1U] = tctrp1 + c; + } +} + +inline static void +Hacl_Bignum_Fmul_shift_reduce(uint32_t *output) +{ + uint32_t tmp = output[4U]; + for (uint32_t i = (uint32_t)0U; i < (uint32_t)4U; i = i + (uint32_t)1U) { + uint32_t ctr = (uint32_t)5U - i - (uint32_t)1U; + uint32_t z = output[ctr - (uint32_t)1U]; + output[ctr] = z; + } + output[0U] = tmp; + Hacl_Bignum_Modulo_reduce(output); +} + +static void +Hacl_Bignum_Fmul_mul_shift_reduce_(uint64_t *output, uint32_t *input, uint32_t *input2) +{ + for (uint32_t i = (uint32_t)0U; i < (uint32_t)4U; i = i + (uint32_t)1U) { + uint32_t input2i = input2[i]; + Hacl_Bignum_Fproduct_sum_scalar_multiplication_(output, input, input2i); + Hacl_Bignum_Fmul_shift_reduce(input); + } + uint32_t i = (uint32_t)4U; + uint32_t input2i = input2[i]; + Hacl_Bignum_Fproduct_sum_scalar_multiplication_(output, input, input2i); +} + +inline static void +Hacl_Bignum_Fmul_fmul(uint32_t *output, uint32_t *input, uint32_t *input2) +{ + uint32_t tmp[5U] = { 0U }; + memcpy(tmp, input, (uint32_t)5U * sizeof input[0U]); + uint64_t t[5U] = { 0U }; + Hacl_Bignum_Fmul_mul_shift_reduce_(t, tmp, input2); + Hacl_Bignum_Fproduct_carry_wide_(t); + Hacl_Bignum_Modulo_carry_top_wide(t); + Hacl_Bignum_Fproduct_copy_from_wide_(output, t); + uint32_t i0 = output[0U]; + uint32_t i1 = output[1U]; + uint32_t i0_ = i0 & (uint32_t)0x3ffffffU; + uint32_t i1_ = i1 + (i0 >> (uint32_t)26U); + output[0U] = i0_; + output[1U] = i1_; +} + +inline static void +Hacl_Bignum_AddAndMultiply_add_and_multiply(uint32_t *acc, uint32_t *block, uint32_t *r) +{ + for (uint32_t i = (uint32_t)0U; i < (uint32_t)5U; i = i + (uint32_t)1U) { + uint32_t xi = acc[i]; + uint32_t yi = block[i]; + acc[i] = xi + yi; + } + Hacl_Bignum_Fmul_fmul(acc, acc, r); +} + +inline static void +Hacl_Impl_Poly1305_32_poly1305_update( + Hacl_Impl_Poly1305_32_State_poly1305_state st, + uint8_t *m) +{ + Hacl_Impl_Poly1305_32_State_poly1305_state scrut0 = st; + uint32_t *h = scrut0.h; + uint32_t *acc = h; + Hacl_Impl_Poly1305_32_State_poly1305_state scrut = st; + uint32_t *r = scrut.r; + uint32_t *r5 = r; + uint32_t tmp[5U] = { 0U }; + uint8_t *s0 = m; + uint8_t *s1 = m + (uint32_t)3U; + uint8_t *s2 = m + (uint32_t)6U; + uint8_t *s3 = m + (uint32_t)9U; + uint8_t *s4 = m + (uint32_t)12U; + uint32_t i0 = load32_le(s0); + uint32_t i1 = load32_le(s1); + uint32_t i2 = load32_le(s2); + uint32_t i3 = load32_le(s3); + uint32_t i4 = load32_le(s4); + uint32_t r0 = i0 & (uint32_t)0x3ffffffU; + uint32_t r1 = i1 >> (uint32_t)2U & (uint32_t)0x3ffffffU; + uint32_t r2 = i2 >> (uint32_t)4U & (uint32_t)0x3ffffffU; + uint32_t r3 = i3 >> (uint32_t)6U & (uint32_t)0x3ffffffU; + uint32_t r4 = i4 >> (uint32_t)8U; + tmp[0U] = r0; + tmp[1U] = r1; + tmp[2U] = r2; + tmp[3U] = r3; + tmp[4U] = r4; + uint32_t b4 = tmp[4U]; + uint32_t b4_ = (uint32_t)0x1000000U | b4; + tmp[4U] = b4_; + Hacl_Bignum_AddAndMultiply_add_and_multiply(acc, tmp, r5); +} + +inline static void +Hacl_Impl_Poly1305_32_poly1305_process_last_block_( + uint8_t *block, + Hacl_Impl_Poly1305_32_State_poly1305_state st, + uint8_t *m, + uint64_t rem_) +{ + uint32_t tmp[5U] = { 0U }; + uint8_t *s0 = block; + uint8_t *s1 = block + (uint32_t)3U; + uint8_t *s2 = block + (uint32_t)6U; + uint8_t *s3 = block + (uint32_t)9U; + uint8_t *s4 = block + (uint32_t)12U; + uint32_t i0 = load32_le(s0); + uint32_t i1 = load32_le(s1); + uint32_t i2 = load32_le(s2); + uint32_t i3 = load32_le(s3); + uint32_t i4 = load32_le(s4); + uint32_t r0 = i0 & (uint32_t)0x3ffffffU; + uint32_t r1 = i1 >> (uint32_t)2U & (uint32_t)0x3ffffffU; + uint32_t r2 = i2 >> (uint32_t)4U & (uint32_t)0x3ffffffU; + uint32_t r3 = i3 >> (uint32_t)6U & (uint32_t)0x3ffffffU; + uint32_t r4 = i4 >> (uint32_t)8U; + tmp[0U] = r0; + tmp[1U] = r1; + tmp[2U] = r2; + tmp[3U] = r3; + tmp[4U] = r4; + Hacl_Impl_Poly1305_32_State_poly1305_state scrut0 = st; + uint32_t *h = scrut0.h; + Hacl_Impl_Poly1305_32_State_poly1305_state scrut = st; + uint32_t *r = scrut.r; + Hacl_Bignum_AddAndMultiply_add_and_multiply(h, tmp, r); +} + +inline static void +Hacl_Impl_Poly1305_32_poly1305_process_last_block( + Hacl_Impl_Poly1305_32_State_poly1305_state st, + uint8_t *m, + uint64_t rem_) +{ + uint8_t zero1 = (uint8_t)0U; + KRML_CHECK_SIZE(zero1, (uint32_t)16U); + uint8_t block[16U]; + for (uint32_t _i = 0U; _i < (uint32_t)16U; ++_i) + block[_i] = zero1; + uint32_t i0 = (uint32_t)rem_; + uint32_t i = (uint32_t)rem_; + memcpy(block, m, i * sizeof m[0U]); + block[i0] = (uint8_t)1U; + Hacl_Impl_Poly1305_32_poly1305_process_last_block_(block, st, m, rem_); +} + +static void +Hacl_Impl_Poly1305_32_poly1305_last_pass(uint32_t *acc) +{ + Hacl_Bignum_Fproduct_carry_limb_(acc); + Hacl_Bignum_Modulo_carry_top(acc); + uint32_t t0 = acc[0U]; + uint32_t t10 = acc[1U]; + uint32_t t20 = acc[2U]; + uint32_t t30 = acc[3U]; + uint32_t t40 = acc[4U]; + uint32_t t1_ = t10 + (t0 >> (uint32_t)26U); + uint32_t mask_261 = (uint32_t)0x3ffffffU; + uint32_t t0_ = t0 & mask_261; + uint32_t t2_ = t20 + (t1_ >> (uint32_t)26U); + uint32_t t1__ = t1_ & mask_261; + uint32_t t3_ = t30 + (t2_ >> (uint32_t)26U); + uint32_t t2__ = t2_ & mask_261; + uint32_t t4_ = t40 + (t3_ >> (uint32_t)26U); + uint32_t t3__ = t3_ & mask_261; + acc[0U] = t0_; + acc[1U] = t1__; + acc[2U] = t2__; + acc[3U] = t3__; + acc[4U] = t4_; + Hacl_Bignum_Modulo_carry_top(acc); + uint32_t t00 = acc[0U]; + uint32_t t1 = acc[1U]; + uint32_t t2 = acc[2U]; + uint32_t t3 = acc[3U]; + uint32_t t4 = acc[4U]; + uint32_t t1_0 = t1 + (t00 >> (uint32_t)26U); + uint32_t t0_0 = t00 & (uint32_t)0x3ffffffU; + uint32_t t2_0 = t2 + (t1_0 >> (uint32_t)26U); + uint32_t t1__0 = t1_0 & (uint32_t)0x3ffffffU; + uint32_t t3_0 = t3 + (t2_0 >> (uint32_t)26U); + uint32_t t2__0 = t2_0 & (uint32_t)0x3ffffffU; + uint32_t t4_0 = t4 + (t3_0 >> (uint32_t)26U); + uint32_t t3__0 = t3_0 & (uint32_t)0x3ffffffU; + acc[0U] = t0_0; + acc[1U] = t1__0; + acc[2U] = t2__0; + acc[3U] = t3__0; + acc[4U] = t4_0; + Hacl_Bignum_Modulo_carry_top(acc); + uint32_t i0 = acc[0U]; + uint32_t i1 = acc[1U]; + uint32_t i0_ = i0 & (uint32_t)0x3ffffffU; + uint32_t i1_ = i1 + (i0 >> (uint32_t)26U); + acc[0U] = i0_; + acc[1U] = i1_; + uint32_t a0 = acc[0U]; + uint32_t a1 = acc[1U]; + uint32_t a2 = acc[2U]; + uint32_t a3 = acc[3U]; + uint32_t a4 = acc[4U]; + uint32_t mask0 = FStar_UInt32_gte_mask(a0, (uint32_t)0x3fffffbU); + uint32_t mask1 = FStar_UInt32_eq_mask(a1, (uint32_t)0x3ffffffU); + uint32_t mask2 = FStar_UInt32_eq_mask(a2, (uint32_t)0x3ffffffU); + uint32_t mask3 = FStar_UInt32_eq_mask(a3, (uint32_t)0x3ffffffU); + uint32_t mask4 = FStar_UInt32_eq_mask(a4, (uint32_t)0x3ffffffU); + uint32_t mask = (((mask0 & mask1) & mask2) & mask3) & mask4; + uint32_t a0_ = a0 - ((uint32_t)0x3fffffbU & mask); + uint32_t a1_ = a1 - ((uint32_t)0x3ffffffU & mask); + uint32_t a2_ = a2 - ((uint32_t)0x3ffffffU & mask); + uint32_t a3_ = a3 - ((uint32_t)0x3ffffffU & mask); + uint32_t a4_ = a4 - ((uint32_t)0x3ffffffU & mask); + acc[0U] = a0_; + acc[1U] = a1_; + acc[2U] = a2_; + acc[3U] = a3_; + acc[4U] = a4_; +} + +static Hacl_Impl_Poly1305_32_State_poly1305_state +Hacl_Impl_Poly1305_32_mk_state(uint32_t *r, uint32_t *h) +{ + return ((Hacl_Impl_Poly1305_32_State_poly1305_state){.r = r, .h = h }); +} + +static void +Hacl_Standalone_Poly1305_32_poly1305_blocks( + Hacl_Impl_Poly1305_32_State_poly1305_state st, + uint8_t *m, + uint64_t len1) +{ + if (!(len1 == (uint64_t)0U)) { + uint8_t *block = m; + uint8_t *tail1 = m + (uint32_t)16U; + Hacl_Impl_Poly1305_32_poly1305_update(st, block); + uint64_t len2 = len1 - (uint64_t)1U; + Hacl_Standalone_Poly1305_32_poly1305_blocks(st, tail1, len2); + } +} + +static void +Hacl_Standalone_Poly1305_32_poly1305_partial( + Hacl_Impl_Poly1305_32_State_poly1305_state st, + uint8_t *input, + uint64_t len1, + uint8_t *kr) +{ + Hacl_Impl_Poly1305_32_State_poly1305_state scrut = st; + uint32_t *r = scrut.r; + uint32_t *x0 = r; + FStar_UInt128_t k1 = load128_le(kr); + FStar_UInt128_t + k_clamped = + FStar_UInt128_logand(k1, + FStar_UInt128_logor(FStar_UInt128_shift_left(FStar_UInt128_uint64_to_uint128((uint64_t)0x0ffffffc0ffffffcU), + (uint32_t)64U), + FStar_UInt128_uint64_to_uint128((uint64_t)0x0ffffffc0fffffffU))); + uint32_t r0 = (uint32_t)FStar_UInt128_uint128_to_uint64(k_clamped) & (uint32_t)0x3ffffffU; + uint32_t + r1 = + (uint32_t)FStar_UInt128_uint128_to_uint64(FStar_UInt128_shift_right(k_clamped, (uint32_t)26U)) & (uint32_t)0x3ffffffU; + uint32_t + r2 = + (uint32_t)FStar_UInt128_uint128_to_uint64(FStar_UInt128_shift_right(k_clamped, (uint32_t)52U)) & (uint32_t)0x3ffffffU; + uint32_t + r3 = + (uint32_t)FStar_UInt128_uint128_to_uint64(FStar_UInt128_shift_right(k_clamped, (uint32_t)78U)) & (uint32_t)0x3ffffffU; + uint32_t + r4 = + (uint32_t)FStar_UInt128_uint128_to_uint64(FStar_UInt128_shift_right(k_clamped, (uint32_t)104U)) & (uint32_t)0x3ffffffU; + x0[0U] = r0; + x0[1U] = r1; + x0[2U] = r2; + x0[3U] = r3; + x0[4U] = r4; + Hacl_Impl_Poly1305_32_State_poly1305_state scrut0 = st; + uint32_t *h = scrut0.h; + uint32_t *x00 = h; + x00[0U] = (uint32_t)0U; + x00[1U] = (uint32_t)0U; + x00[2U] = (uint32_t)0U; + x00[3U] = (uint32_t)0U; + x00[4U] = (uint32_t)0U; + Hacl_Standalone_Poly1305_32_poly1305_blocks(st, input, len1); +} + +static void +Hacl_Standalone_Poly1305_32_poly1305_complete( + Hacl_Impl_Poly1305_32_State_poly1305_state st, + uint8_t *m, + uint64_t len1, + uint8_t *k1) +{ + uint8_t *kr = k1; + uint64_t len16 = len1 >> (uint32_t)4U; + uint64_t rem16 = len1 & (uint64_t)0xfU; + uint8_t *part_input = m; + uint8_t *last_block = m + (uint32_t)((uint64_t)16U * len16); + Hacl_Standalone_Poly1305_32_poly1305_partial(st, part_input, len16, kr); + if (!(rem16 == (uint64_t)0U)) + Hacl_Impl_Poly1305_32_poly1305_process_last_block(st, last_block, rem16); + Hacl_Impl_Poly1305_32_State_poly1305_state scrut = st; + uint32_t *h = scrut.h; + uint32_t *acc = h; + Hacl_Impl_Poly1305_32_poly1305_last_pass(acc); +} + +static void +Hacl_Standalone_Poly1305_32_crypto_onetimeauth_( + uint8_t *output, + uint8_t *input, + uint64_t len1, + uint8_t *k1) +{ + uint32_t buf[10U] = { 0U }; + uint32_t *r = buf; + uint32_t *h = buf + (uint32_t)5U; + Hacl_Impl_Poly1305_32_State_poly1305_state st = Hacl_Impl_Poly1305_32_mk_state(r, h); + uint8_t *key_s = k1 + (uint32_t)16U; + Hacl_Standalone_Poly1305_32_poly1305_complete(st, input, len1, k1); + Hacl_Impl_Poly1305_32_State_poly1305_state scrut = st; + uint32_t *h5 = scrut.h; + uint32_t *acc = h5; + FStar_UInt128_t k_ = load128_le(key_s); + uint32_t h0 = acc[0U]; + uint32_t h1 = acc[1U]; + uint32_t h2 = acc[2U]; + uint32_t h3 = acc[3U]; + uint32_t h4 = acc[4U]; + FStar_UInt128_t + acc_ = + FStar_UInt128_logor(FStar_UInt128_shift_left(FStar_UInt128_uint64_to_uint128((uint64_t)h4), + (uint32_t)104U), + FStar_UInt128_logor(FStar_UInt128_shift_left(FStar_UInt128_uint64_to_uint128((uint64_t)h3), + (uint32_t)78U), + FStar_UInt128_logor(FStar_UInt128_shift_left(FStar_UInt128_uint64_to_uint128((uint64_t)h2), + (uint32_t)52U), + FStar_UInt128_logor(FStar_UInt128_shift_left(FStar_UInt128_uint64_to_uint128((uint64_t)h1), + (uint32_t)26U), + FStar_UInt128_uint64_to_uint128((uint64_t)h0))))); + FStar_UInt128_t mac_ = FStar_UInt128_add_mod(acc_, k_); + store128_le(output, mac_); +} + +static void +Hacl_Standalone_Poly1305_32_crypto_onetimeauth( + uint8_t *output, + uint8_t *input, + uint64_t len1, + uint8_t *k1) +{ + Hacl_Standalone_Poly1305_32_crypto_onetimeauth_(output, input, len1, k1); +} + +void * +Hacl_Poly1305_32_op_String_Access(FStar_Monotonic_HyperStack_mem h, uint8_t *b) +{ + return (void *)(uint8_t)0U; +} + +Hacl_Impl_Poly1305_32_State_poly1305_state +Hacl_Poly1305_32_mk_state(uint32_t *r, uint32_t *acc) +{ + return Hacl_Impl_Poly1305_32_mk_state(r, acc); +} + +void +Hacl_Poly1305_32_init(Hacl_Impl_Poly1305_32_State_poly1305_state st, uint8_t *k1) +{ + Hacl_Impl_Poly1305_32_State_poly1305_state scrut = st; + uint32_t *r = scrut.r; + uint32_t *x0 = r; + FStar_UInt128_t k10 = load128_le(k1); + FStar_UInt128_t + k_clamped = + FStar_UInt128_logand(k10, + FStar_UInt128_logor(FStar_UInt128_shift_left(FStar_UInt128_uint64_to_uint128((uint64_t)0x0ffffffc0ffffffcU), + (uint32_t)64U), + FStar_UInt128_uint64_to_uint128((uint64_t)0x0ffffffc0fffffffU))); + uint32_t r0 = (uint32_t)FStar_UInt128_uint128_to_uint64(k_clamped) & (uint32_t)0x3ffffffU; + uint32_t + r1 = + (uint32_t)FStar_UInt128_uint128_to_uint64(FStar_UInt128_shift_right(k_clamped, (uint32_t)26U)) & (uint32_t)0x3ffffffU; + uint32_t + r2 = + (uint32_t)FStar_UInt128_uint128_to_uint64(FStar_UInt128_shift_right(k_clamped, (uint32_t)52U)) & (uint32_t)0x3ffffffU; + uint32_t + r3 = + (uint32_t)FStar_UInt128_uint128_to_uint64(FStar_UInt128_shift_right(k_clamped, (uint32_t)78U)) & (uint32_t)0x3ffffffU; + uint32_t + r4 = + (uint32_t)FStar_UInt128_uint128_to_uint64(FStar_UInt128_shift_right(k_clamped, (uint32_t)104U)) & (uint32_t)0x3ffffffU; + x0[0U] = r0; + x0[1U] = r1; + x0[2U] = r2; + x0[3U] = r3; + x0[4U] = r4; + Hacl_Impl_Poly1305_32_State_poly1305_state scrut0 = st; + uint32_t *h = scrut0.h; + uint32_t *x00 = h; + x00[0U] = (uint32_t)0U; + x00[1U] = (uint32_t)0U; + x00[2U] = (uint32_t)0U; + x00[3U] = (uint32_t)0U; + x00[4U] = (uint32_t)0U; +} + +void *Hacl_Poly1305_32_empty_log = (void *)(uint8_t)0U; + +void +Hacl_Poly1305_32_update_block(Hacl_Impl_Poly1305_32_State_poly1305_state st, uint8_t *m) +{ + Hacl_Impl_Poly1305_32_poly1305_update(st, m); +} + +void +Hacl_Poly1305_32_update( + Hacl_Impl_Poly1305_32_State_poly1305_state st, + uint8_t *m, + uint32_t len1) +{ + if (!(len1 == (uint32_t)0U)) { + uint8_t *block = m; + uint8_t *m_ = m + (uint32_t)16U; + uint32_t len2 = len1 - (uint32_t)1U; + Hacl_Poly1305_32_update_block(st, block); + Hacl_Poly1305_32_update(st, m_, len2); + } +} + +void +Hacl_Poly1305_32_update_last( + Hacl_Impl_Poly1305_32_State_poly1305_state st, + uint8_t *m, + uint32_t len1) +{ + if (!((uint64_t)len1 == (uint64_t)0U)) + Hacl_Impl_Poly1305_32_poly1305_process_last_block(st, m, (uint64_t)len1); + Hacl_Impl_Poly1305_32_State_poly1305_state scrut = st; + uint32_t *h = scrut.h; + uint32_t *acc = h; + Hacl_Impl_Poly1305_32_poly1305_last_pass(acc); +} + +void +Hacl_Poly1305_32_finish( + Hacl_Impl_Poly1305_32_State_poly1305_state st, + uint8_t *mac, + uint8_t *k1) +{ + Hacl_Impl_Poly1305_32_State_poly1305_state scrut = st; + uint32_t *h = scrut.h; + uint32_t *acc = h; + FStar_UInt128_t k_ = load128_le(k1); + uint32_t h0 = acc[0U]; + uint32_t h1 = acc[1U]; + uint32_t h2 = acc[2U]; + uint32_t h3 = acc[3U]; + uint32_t h4 = acc[4U]; + FStar_UInt128_t + acc_ = + FStar_UInt128_logor(FStar_UInt128_shift_left(FStar_UInt128_uint64_to_uint128((uint64_t)h4), + (uint32_t)104U), + FStar_UInt128_logor(FStar_UInt128_shift_left(FStar_UInt128_uint64_to_uint128((uint64_t)h3), + (uint32_t)78U), + FStar_UInt128_logor(FStar_UInt128_shift_left(FStar_UInt128_uint64_to_uint128((uint64_t)h2), + (uint32_t)52U), + FStar_UInt128_logor(FStar_UInt128_shift_left(FStar_UInt128_uint64_to_uint128((uint64_t)h1), + (uint32_t)26U), + FStar_UInt128_uint64_to_uint128((uint64_t)h0))))); + FStar_UInt128_t mac_ = FStar_UInt128_add_mod(acc_, k_); + store128_le(mac, mac_); +} + +void +Hacl_Poly1305_32_crypto_onetimeauth( + uint8_t *output, + uint8_t *input, + uint64_t len1, + uint8_t *k1) +{ + Hacl_Standalone_Poly1305_32_crypto_onetimeauth(output, input, len1, k1); +} diff --git a/security/nss/lib/freebl/verified/Hacl_Poly1305_32.h b/security/nss/lib/freebl/verified/Hacl_Poly1305_32.h new file mode 100644 index 000000000..4dd070026 --- /dev/null +++ b/security/nss/lib/freebl/verified/Hacl_Poly1305_32.h @@ -0,0 +1,103 @@ +/* Copyright 2016-2017 INRIA and Microsoft Corporation + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "kremlib.h" +#ifndef __Hacl_Poly1305_32_H +#define __Hacl_Poly1305_32_H + +typedef uint32_t Hacl_Bignum_Constants_limb; + +typedef uint64_t Hacl_Bignum_Constants_wide; + +typedef uint64_t Hacl_Bignum_Wide_t; + +typedef uint32_t Hacl_Bignum_Limb_t; + +typedef void *Hacl_Impl_Poly1305_32_State_log_t; + +typedef uint8_t *Hacl_Impl_Poly1305_32_State_uint8_p; + +typedef uint32_t *Hacl_Impl_Poly1305_32_State_bigint; + +typedef void *Hacl_Impl_Poly1305_32_State_seqelem; + +typedef uint32_t *Hacl_Impl_Poly1305_32_State_elemB; + +typedef uint8_t *Hacl_Impl_Poly1305_32_State_wordB; + +typedef uint8_t *Hacl_Impl_Poly1305_32_State_wordB_16; + +typedef struct +{ + uint32_t *r; + uint32_t *h; +} Hacl_Impl_Poly1305_32_State_poly1305_state; + +typedef void *Hacl_Impl_Poly1305_32_log_t; + +typedef uint32_t *Hacl_Impl_Poly1305_32_bigint; + +typedef uint8_t *Hacl_Impl_Poly1305_32_uint8_p; + +typedef uint32_t *Hacl_Impl_Poly1305_32_elemB; + +typedef uint8_t *Hacl_Impl_Poly1305_32_wordB; + +typedef uint8_t *Hacl_Impl_Poly1305_32_wordB_16; + +typedef uint8_t *Hacl_Poly1305_32_uint8_p; + +typedef uint64_t Hacl_Poly1305_32_uint64_t; + +void *Hacl_Poly1305_32_op_String_Access(FStar_Monotonic_HyperStack_mem h, uint8_t *b); + +typedef uint8_t *Hacl_Poly1305_32_key; + +typedef Hacl_Impl_Poly1305_32_State_poly1305_state Hacl_Poly1305_32_state; + +Hacl_Impl_Poly1305_32_State_poly1305_state +Hacl_Poly1305_32_mk_state(uint32_t *r, uint32_t *acc); + +void Hacl_Poly1305_32_init(Hacl_Impl_Poly1305_32_State_poly1305_state st, uint8_t *k1); + +extern void *Hacl_Poly1305_32_empty_log; + +void Hacl_Poly1305_32_update_block(Hacl_Impl_Poly1305_32_State_poly1305_state st, uint8_t *m); + +void +Hacl_Poly1305_32_update( + Hacl_Impl_Poly1305_32_State_poly1305_state st, + uint8_t *m, + uint32_t len1); + +void +Hacl_Poly1305_32_update_last( + Hacl_Impl_Poly1305_32_State_poly1305_state st, + uint8_t *m, + uint32_t len1); + +void +Hacl_Poly1305_32_finish( + Hacl_Impl_Poly1305_32_State_poly1305_state st, + uint8_t *mac, + uint8_t *k1); + +void +Hacl_Poly1305_32_crypto_onetimeauth( + uint8_t *output, + uint8_t *input, + uint64_t len1, + uint8_t *k1); +#endif diff --git a/security/nss/lib/libpkix/pkix_pl_nss/module/pkix_pl_httpdefaultclient.c b/security/nss/lib/libpkix/pkix_pl_nss/module/pkix_pl_httpdefaultclient.c index 9954f0ca6..f73b95f68 100644 --- a/security/nss/lib/libpkix/pkix_pl_nss/module/pkix_pl_httpdefaultclient.c +++ b/security/nss/lib/libpkix/pkix_pl_nss/module/pkix_pl_httpdefaultclient.c @@ -70,7 +70,7 @@ static const PKIX_UInt32 httpprotocolLen = 5; /* strlen(httpprotocol) */ * The address at which the Boolean state machine flag is stored to * indicate whether processing can continue without further input. * Must be non-NULL. - * "plContext" + * "plCtx" * Platform-specific context pointer. * THREAD SAFETY: * Thread Safe (see Thread Safety Definitions in Programmer's Guide) @@ -85,7 +85,7 @@ pkix_pl_HttpDefaultClient_HdrCheckComplete( PKIX_PL_HttpDefaultClient *client, PKIX_UInt32 bytesRead, PKIX_Boolean *pKeepGoing, - void *plContext) + void *plCtx) { PKIX_UInt32 alreadyScanned = 0; PKIX_UInt32 comp = 0; @@ -142,7 +142,7 @@ pkix_pl_HttpDefaultClient_HdrCheckComplete( headerLength = (eoh - client->rcvBuf); /* allocate space to copy header (and for the NULL terminator) */ - PKIX_CHECK(PKIX_PL_Malloc(headerLength + 1, (void **)©, plContext), + PKIX_CHECK(PKIX_PL_Malloc(headerLength + 1, (void **)©, plCtx), PKIX_MALLOCFAILED); /* copy header data before we corrupt it (by storing NULLs) */ @@ -301,7 +301,7 @@ pkix_pl_HttpDefaultClient_HdrCheckComplete( if (contentLength > 0) { /* allocate a buffer of size contentLength for the content */ - PKIX_CHECK(PKIX_PL_Malloc(contentLength, (void **)&body, plContext), + PKIX_CHECK(PKIX_PL_Malloc(contentLength, (void **)&body, plCtx), PKIX_MALLOCFAILED); /* copy any remaining bytes in current buffer into new buffer */ @@ -311,7 +311,7 @@ pkix_pl_HttpDefaultClient_HdrCheckComplete( } } - PKIX_CHECK(PKIX_PL_Free(client->rcvBuf, plContext), + PKIX_CHECK(PKIX_PL_Free(client->rcvBuf, plCtx), PKIX_FREEFAILED); client->rcvBuf = body; @@ -340,7 +340,7 @@ cleanup: * "pClient" * The address at which the created HttpDefaultClient is to be stored. * Must be non-NULL. - * "plContext" + * "plCtx" * Platform-specific context pointer. * THREAD SAFETY: * Thread Safe (see Thread Safety Definitions in Programmer's Guide) @@ -355,7 +355,7 @@ pkix_pl_HttpDefaultClient_Create( const char *host, PRUint16 portnum, PKIX_PL_HttpDefaultClient **pClient, - void *plContext) + void *plCtx) { PKIX_PL_HttpDefaultClient *client = NULL; @@ -367,7 +367,7 @@ pkix_pl_HttpDefaultClient_Create( (PKIX_HTTPDEFAULTCLIENT_TYPE, sizeof (PKIX_PL_HttpDefaultClient), (PKIX_PL_Object **)&client, - plContext), + plCtx), PKIX_COULDNOTCREATEHTTPDEFAULTCLIENTOBJECT); /* Client timeout is overwritten in HttpDefaultClient_RequestCreate @@ -408,10 +408,10 @@ pkix_pl_HttpDefaultClient_Create( client->socket = NULL; /* - * The HttpClient API does not include a plContext argument in its + * The HttpClient API does not include a plCtx argument in its * function calls. Save it here. */ - client->plContext = plContext; + client->plContext = plCtx; *pClient = client; @@ -430,7 +430,7 @@ cleanup: static PKIX_Error * pkix_pl_HttpDefaultClient_Destroy( PKIX_PL_Object *object, - void *plContext) + void *plCtx) { PKIX_PL_HttpDefaultClient *client = NULL; @@ -438,13 +438,13 @@ pkix_pl_HttpDefaultClient_Destroy( PKIX_NULLCHECK_ONE(object); PKIX_CHECK(pkix_CheckType - (object, PKIX_HTTPDEFAULTCLIENT_TYPE, plContext), + (object, PKIX_HTTPDEFAULTCLIENT_TYPE, plCtx), PKIX_OBJECTNOTANHTTPDEFAULTCLIENT); client = (PKIX_PL_HttpDefaultClient *)object; if (client->rcvHeaders) { - PKIX_PL_Free(client->rcvHeaders, plContext); + PKIX_PL_Free(client->rcvHeaders, plCtx); client->rcvHeaders = NULL; } if (client->rcvContentType) { @@ -456,11 +456,11 @@ pkix_pl_HttpDefaultClient_Destroy( client->GETBuf = NULL; } if (client->POSTBuf != NULL) { - PKIX_PL_Free(client->POSTBuf, plContext); + PKIX_PL_Free(client->POSTBuf, plCtx); client->POSTBuf = NULL; } if (client->rcvBuf != NULL) { - PKIX_PL_Free(client->rcvBuf, plContext); + PKIX_PL_Free(client->rcvBuf, plCtx); client->rcvBuf = NULL; } if (client->host) { @@ -493,7 +493,7 @@ cleanup: * thread-safe. */ PKIX_Error * -pkix_pl_HttpDefaultClient_RegisterSelf(void *plContext) +pkix_pl_HttpDefaultClient_RegisterSelf(void *plCtx) { extern pkix_ClassTable_Entry systemClasses[PKIX_NUMTYPES]; pkix_ClassTable_Entry *entry = @@ -529,7 +529,7 @@ pkix_pl_HttpDefaultClient_RegisterSelf(void *plContext) * The address at which the Boolean state machine flag is stored to * indicate whether processing can continue without further input. * Must be non-NULL. - * "plContext" + * "plCtx" * Platform-specific context pointer. * THREAD SAFETY: * Thread Safe (see Thread Safety Definitions in Programmer's Guide) @@ -543,7 +543,7 @@ static PKIX_Error * pkix_pl_HttpDefaultClient_ConnectContinue( PKIX_PL_HttpDefaultClient *client, PKIX_Boolean *pKeepGoing, - void *plContext) + void *plCtx) { PRErrorCode status; PKIX_Boolean keepGoing = PKIX_FALSE; @@ -557,7 +557,7 @@ pkix_pl_HttpDefaultClient_ConnectContinue( callbackList = (PKIX_PL_Socket_Callback *)client->callbackList; PKIX_CHECK(callbackList->connectcontinueCallback - (client->socket, &status, plContext), + (client->socket, &status, plCtx), PKIX_SOCKETCONNECTCONTINUEFAILED); if (status == 0) { @@ -595,7 +595,7 @@ cleanup: * "pBytesTransferred" * The address at which the number of bytes sent is stored. Must be * non-NULL. - * "plContext" + * "plCtx" * Platform-specific context pointer. * THREAD SAFETY: * Thread Safe (see Thread Safety Definitions in Programmer's Guide) @@ -610,7 +610,7 @@ pkix_pl_HttpDefaultClient_Send( PKIX_PL_HttpDefaultClient *client, PKIX_Boolean *pKeepGoing, PKIX_UInt32 *pBytesTransferred, - void *plContext) + void *plCtx) { PKIX_Int32 bytesWritten = 0; PKIX_Int32 lenToWrite = 0; @@ -640,7 +640,7 @@ pkix_pl_HttpDefaultClient_Send( dataToWrite, lenToWrite, &bytesWritten, - plContext), + plCtx), PKIX_SOCKETSENDFAILED); client->rcvBuf = NULL; @@ -690,7 +690,7 @@ cleanup: * "pBytesTransferred" * The address at which the number of bytes sent is stored. Must be * non-NULL. - * "plContext" + * "plCtx" * Platform-specific context pointer. * THREAD SAFETY: * Thread Safe (see Thread Safety Definitions in Programmer's Guide) @@ -705,7 +705,7 @@ pkix_pl_HttpDefaultClient_SendContinue( PKIX_PL_HttpDefaultClient *client, PKIX_Boolean *pKeepGoing, PKIX_UInt32 *pBytesTransferred, - void *plContext) + void *plCtx) { PKIX_Int32 bytesWritten = 0; PKIX_PL_Socket_Callback *callbackList = NULL; @@ -718,7 +718,7 @@ pkix_pl_HttpDefaultClient_SendContinue( callbackList = (PKIX_PL_Socket_Callback *)client->callbackList; PKIX_CHECK(callbackList->pollCallback - (client->socket, &bytesWritten, NULL, plContext), + (client->socket, &bytesWritten, NULL, plCtx), PKIX_SOCKETPOLLFAILED); /* @@ -752,7 +752,7 @@ cleanup: * The address at which the Boolean state machine flag is stored to * indicate whether processing can continue without further input. * Must be non-NULL. - * "plContext" + * "plCtx" * Platform-specific context pointer. * THREAD SAFETY: * Thread Safe (see Thread Safety Definitions in Programmer's Guide) @@ -766,7 +766,7 @@ static PKIX_Error * pkix_pl_HttpDefaultClient_RecvHdr( PKIX_PL_HttpDefaultClient *client, PKIX_Boolean *pKeepGoing, - void *plContext) + void *plCtx) { PKIX_UInt32 bytesToRead = 0; PKIX_Int32 bytesRead = 0; @@ -787,7 +787,7 @@ pkix_pl_HttpDefaultClient_RecvHdr( (client->rcvBuf, client->capacity, (void **)&(client->rcvBuf), - plContext), + plCtx), PKIX_REALLOCFAILED); bytesToRead = client->capacity - client->filledupBytes; @@ -799,7 +799,7 @@ pkix_pl_HttpDefaultClient_RecvHdr( (void *)&(client->rcvBuf[client->filledupBytes]), bytesToRead, &bytesRead, - plContext), + plCtx), PKIX_SOCKETRECVFAILED); if (bytesRead > 0) { @@ -808,7 +808,7 @@ pkix_pl_HttpDefaultClient_RecvHdr( PKIX_CHECK( pkix_pl_HttpDefaultClient_HdrCheckComplete(client, bytesRead, pKeepGoing, - plContext), + plCtx), PKIX_HTTPDEFAULTCLIENTHDRCHECKCOMPLETEFAILED); } else { client->connectStatus = HTTP_RECV_HDR_PENDING; @@ -834,7 +834,7 @@ cleanup: * The address at which the Boolean state machine flag is stored to * indicate whether processing can continue without further input. * Must be non-NULL. - * "plContext" + * "plCtx" * Platform-specific context pointer. * THREAD SAFETY: * Thread Safe (see Thread Safety Definitions in Programmer's Guide) @@ -848,7 +848,7 @@ static PKIX_Error * pkix_pl_HttpDefaultClient_RecvHdrContinue( PKIX_PL_HttpDefaultClient *client, PKIX_Boolean *pKeepGoing, - void *plContext) + void *plCtx) { PKIX_Int32 bytesRead = 0; PKIX_PL_Socket_Callback *callbackList = NULL; @@ -861,14 +861,14 @@ pkix_pl_HttpDefaultClient_RecvHdrContinue( callbackList = (PKIX_PL_Socket_Callback *)client->callbackList; PKIX_CHECK(callbackList->pollCallback - (client->socket, NULL, &bytesRead, plContext), + (client->socket, NULL, &bytesRead, plCtx), PKIX_SOCKETPOLLFAILED); if (bytesRead > 0) { client->filledupBytes += bytesRead; PKIX_CHECK(pkix_pl_HttpDefaultClient_HdrCheckComplete - (client, bytesRead, pKeepGoing, plContext), + (client, bytesRead, pKeepGoing, plCtx), PKIX_HTTPDEFAULTCLIENTHDRCHECKCOMPLETEFAILED); } else { @@ -897,7 +897,7 @@ cleanup: * The address at which the Boolean state machine flag is stored to * indicate whether processing can continue without further input. * Must be non-NULL. - * "plContext" + * "plCtx" * Platform-specific context pointer. * THREAD SAFETY: * Thread Safe (see Thread Safety Definitions in Programmer's Guide) @@ -911,7 +911,7 @@ static PKIX_Error * pkix_pl_HttpDefaultClient_RecvBody( PKIX_PL_HttpDefaultClient *client, PKIX_Boolean *pKeepGoing, - void *plContext) + void *plCtx) { PKIX_Int32 bytesRead = 0; PKIX_Int32 bytesToRead = 0; @@ -952,7 +952,7 @@ pkix_pl_HttpDefaultClient_RecvBody( client->capacity = newLength; PKIX_CHECK( PKIX_PL_Realloc(client->rcvBuf, newLength, - (void**)&client->rcvBuf, plContext), + (void**)&client->rcvBuf, plCtx), PKIX_REALLOCFAILED); freeBuffSize = client->capacity - client->filledupBytes; @@ -964,7 +964,7 @@ pkix_pl_HttpDefaultClient_RecvBody( /* Use poll callback if waiting on non-blocking IO */ if (client->connectStatus == HTTP_RECV_BODY_PENDING) { PKIX_CHECK(callbackList->pollCallback - (client->socket, NULL, &bytesRead, plContext), + (client->socket, NULL, &bytesRead, plCtx), PKIX_SOCKETPOLLFAILED); } else { PKIX_CHECK(callbackList->recvCallback @@ -972,7 +972,7 @@ pkix_pl_HttpDefaultClient_RecvBody( (void *)&(client->rcvBuf[client->filledupBytes]), bytesToRead, &bytesRead, - plContext), + plCtx), PKIX_SOCKETRECVFAILED); } @@ -1026,7 +1026,7 @@ cleanup: * PARAMETERS: * "client" * The address of the HttpDefaultClient object. Must be non-NULL. - * "plContext" + * "plCtx" * Platform-specific context pointer. * THREAD SAFETY: * Thread Safe (see Thread Safety Definitions in Programmer's Guide) @@ -1039,7 +1039,7 @@ cleanup: static PKIX_Error * pkix_pl_HttpDefaultClient_Dispatch( PKIX_PL_HttpDefaultClient *client, - void *plContext) + void *plCtx) { PKIX_UInt32 bytesTransferred = 0; PKIX_Boolean keepGoing = PKIX_TRUE; @@ -1051,33 +1051,33 @@ pkix_pl_HttpDefaultClient_Dispatch( switch (client->connectStatus) { case HTTP_CONNECT_PENDING: PKIX_CHECK(pkix_pl_HttpDefaultClient_ConnectContinue - (client, &keepGoing, plContext), + (client, &keepGoing, plCtx), PKIX_HTTPDEFAULTCLIENTCONNECTCONTINUEFAILED); break; case HTTP_CONNECTED: PKIX_CHECK(pkix_pl_HttpDefaultClient_Send - (client, &keepGoing, &bytesTransferred, plContext), + (client, &keepGoing, &bytesTransferred, plCtx), PKIX_HTTPDEFAULTCLIENTSENDFAILED); break; case HTTP_SEND_PENDING: PKIX_CHECK(pkix_pl_HttpDefaultClient_SendContinue - (client, &keepGoing, &bytesTransferred, plContext), + (client, &keepGoing, &bytesTransferred, plCtx), PKIX_HTTPDEFAULTCLIENTSENDCONTINUEFAILED); break; case HTTP_RECV_HDR: PKIX_CHECK(pkix_pl_HttpDefaultClient_RecvHdr - (client, &keepGoing, plContext), + (client, &keepGoing, plCtx), PKIX_HTTPDEFAULTCLIENTRECVHDRFAILED); break; case HTTP_RECV_HDR_PENDING: PKIX_CHECK(pkix_pl_HttpDefaultClient_RecvHdrContinue - (client, &keepGoing, plContext), + (client, &keepGoing, plCtx), PKIX_HTTPDEFAULTCLIENTRECVHDRCONTINUEFAILED); break; case HTTP_RECV_BODY: case HTTP_RECV_BODY_PENDING: PKIX_CHECK(pkix_pl_HttpDefaultClient_RecvBody - (client, &keepGoing, plContext), + (client, &keepGoing, plCtx), PKIX_HTTPDEFAULTCLIENTRECVBODYFAILED); break; case HTTP_ERROR: @@ -1106,7 +1106,7 @@ pkix_pl_HttpDefaultClient_CreateSession( const char *host, PRUint16 portnum, SEC_HTTP_SERVER_SESSION *pSession, - void *plContext) + void *plCtx) { PKIX_PL_HttpDefaultClient *client = NULL; @@ -1115,7 +1115,7 @@ pkix_pl_HttpDefaultClient_CreateSession( PKIX_NULLCHECK_TWO(host, pSession); PKIX_CHECK(pkix_pl_HttpDefaultClient_Create - (host, portnum, &client, plContext), + (host, portnum, &client, plCtx), PKIX_HTTPDEFAULTCLIENTCREATEFAILED); *pSession = (SEC_HTTP_SERVER_SESSION)client; @@ -1130,7 +1130,7 @@ PKIX_Error * pkix_pl_HttpDefaultClient_KeepAliveSession( SEC_HTTP_SERVER_SESSION session, PRPollDesc **pPollDesc, - void *plContext) + void *plCtx) { PKIX_ENTER (HTTPDEFAULTCLIENT, @@ -1140,7 +1140,7 @@ pkix_pl_HttpDefaultClient_KeepAliveSession( PKIX_CHECK(pkix_CheckType ((PKIX_PL_Object *)session, PKIX_HTTPDEFAULTCLIENT_TYPE, - plContext), + plCtx), PKIX_SESSIONNOTANHTTPDEFAULTCLIENT); /* XXX Not implemented */ @@ -1159,7 +1159,7 @@ pkix_pl_HttpDefaultClient_RequestCreate( const char *http_request_method, const PRIntervalTime timeout, SEC_HTTP_REQUEST_SESSION *pRequest, - void *plContext) + void *plCtx) { PKIX_PL_HttpDefaultClient *client = NULL; PKIX_PL_Socket *socket = NULL; @@ -1174,7 +1174,7 @@ pkix_pl_HttpDefaultClient_RequestCreate( PKIX_CHECK(pkix_CheckType ((PKIX_PL_Object *)session, PKIX_HTTPDEFAULTCLIENT_TYPE, - plContext), + plCtx), PKIX_SESSIONNOTANHTTPDEFAULTCLIENT); client = (PKIX_PL_HttpDefaultClient *)session; @@ -1212,7 +1212,7 @@ pkix_pl_HttpDefaultClient_RequestCreate( 2001, /* client->portnum, */ &status, &socket, - plContext), + plCtx), PKIX_HTTPCERTSTOREFINDSOCKETCONNECTIONFAILED); #else PKIX_CHECK(pkix_HttpCertStore_FindSocketConnection @@ -1221,20 +1221,20 @@ pkix_pl_HttpDefaultClient_RequestCreate( client->portnum, &status, &socket, - plContext), + plCtx), PKIX_HTTPCERTSTOREFINDSOCKETCONNECTIONFAILED); #endif client->socket = socket; PKIX_CHECK(pkix_pl_Socket_GetCallbackList - (socket, &callbackList, plContext), + (socket, &callbackList, plCtx), PKIX_SOCKETGETCALLBACKLISTFAILED); client->callbackList = (void *)callbackList; PKIX_CHECK(pkix_pl_Socket_GetPRFileDesc - (socket, &fileDesc, plContext), + (socket, &fileDesc, plCtx), PKIX_SOCKETGETPRFILEDESCFAILED); client->pollDesc.fd = fileDesc; @@ -1264,7 +1264,7 @@ pkix_pl_HttpDefaultClient_SetPostData( const char *http_data, const PRUint32 http_data_len, const char *http_content_type, - void *plContext) + void *plCtx) { PKIX_PL_HttpDefaultClient *client = NULL; @@ -1276,7 +1276,7 @@ pkix_pl_HttpDefaultClient_SetPostData( PKIX_CHECK(pkix_CheckType ((PKIX_PL_Object *)request, PKIX_HTTPDEFAULTCLIENT_TYPE, - plContext), + plCtx), PKIX_REQUESTNOTANHTTPDEFAULTCLIENT); client = (PKIX_PL_HttpDefaultClient *)request; @@ -1307,7 +1307,7 @@ pkix_pl_HttpDefaultClient_TrySendAndReceive( PRUint32 *http_response_data_len, PRPollDesc **pPollDesc, SECStatus *pSECReturn, - void *plContext) + void *plCtx) { PKIX_PL_HttpDefaultClient *client = NULL; PKIX_UInt32 postLen = 0; @@ -1324,7 +1324,7 @@ pkix_pl_HttpDefaultClient_TrySendAndReceive( PKIX_CHECK(pkix_CheckType ((PKIX_PL_Object *)request, PKIX_HTTPDEFAULTCLIENT_TYPE, - plContext), + plCtx), PKIX_REQUESTNOTANHTTPDEFAULTCLIENT); client = (PKIX_PL_HttpDefaultClient *)request; @@ -1380,7 +1380,7 @@ pkix_pl_HttpDefaultClient_TrySendAndReceive( PKIX_CHECK(PKIX_PL_Malloc (client->POSTLen, (void **)&(client->POSTBuf), - plContext), + plCtx), PKIX_MALLOCFAILED); /* copy header into postBuffer */ @@ -1407,7 +1407,7 @@ pkix_pl_HttpDefaultClient_TrySendAndReceive( } /* continue according to state */ - PKIX_CHECK(pkix_pl_HttpDefaultClient_Dispatch(client, plContext), + PKIX_CHECK(pkix_pl_HttpDefaultClient_Dispatch(client, plCtx), PKIX_HTTPDEFAULTCLIENTDISPATCHFAILED); switch (client->connectStatus) { @@ -1478,7 +1478,7 @@ cleanup: PKIX_Error * pkix_pl_HttpDefaultClient_Cancel( SEC_HTTP_REQUEST_SESSION request, - void *plContext) + void *plCtx) { PKIX_ENTER(HTTPDEFAULTCLIENT, "pkix_pl_HttpDefaultClient_Cancel"); PKIX_NULLCHECK_ONE(request); @@ -1486,7 +1486,7 @@ pkix_pl_HttpDefaultClient_Cancel( PKIX_CHECK(pkix_CheckType ((PKIX_PL_Object *)request, PKIX_HTTPDEFAULTCLIENT_TYPE, - plContext), + plCtx), PKIX_REQUESTNOTANHTTPDEFAULTCLIENT); /* XXX Not implemented */ diff --git a/security/nss/lib/libpkix/pkix_pl_nss/pki/pkix_pl_infoaccess.c b/security/nss/lib/libpkix/pkix_pl_nss/pki/pkix_pl_infoaccess.c index 9fa8e9260..09b54a2be 100644 --- a/security/nss/lib/libpkix/pkix_pl_nss/pki/pkix_pl_infoaccess.c +++ b/security/nss/lib/libpkix/pkix_pl_nss/pki/pkix_pl_infoaccess.c @@ -23,8 +23,8 @@ * PARAMETERS * "method" * The UInt32 value to be stored as the method field of the InfoAccess. - * "generalName" - * The GeneralName to be stored as the generalName field of the InfoAccess. + * "gName" + * The GeneralName to be stored as the gName field of the InfoAccess. * Must be non-NULL. * "pInfoAccess" * Address where the result is stored. Must be non-NULL. @@ -39,7 +39,7 @@ static PKIX_Error * pkix_pl_InfoAccess_Create( PKIX_UInt32 method, - PKIX_PL_GeneralName *generalName, + PKIX_PL_GeneralName *gName, PKIX_PL_InfoAccess **pInfoAccess, void *plContext) { @@ -47,7 +47,7 @@ pkix_pl_InfoAccess_Create( PKIX_PL_InfoAccess *infoAccess = NULL; PKIX_ENTER(INFOACCESS, "pkix_pl_InfoAccess_Create"); - PKIX_NULLCHECK_TWO(generalName, pInfoAccess); + PKIX_NULLCHECK_TWO(gName, pInfoAccess); PKIX_CHECK(PKIX_PL_Object_Alloc (PKIX_INFOACCESS_TYPE, @@ -58,8 +58,8 @@ pkix_pl_InfoAccess_Create( infoAccess->method = method; - PKIX_INCREF(generalName); - infoAccess->location = generalName; + PKIX_INCREF(gName); + infoAccess->location = gName; *pInfoAccess = infoAccess; infoAccess = NULL; @@ -678,7 +678,7 @@ pkix_pl_UnescapeURL( * [binary|<other-type>]]* * * PARAMETERS - * "generalName" + * "gName" * Address of the GeneralName whose LDAPLocation is to be parsed. Must be * non-NULL. * "arena" @@ -700,7 +700,7 @@ pkix_pl_UnescapeURL( */ PKIX_Error * pkix_pl_InfoAccess_ParseLocation( - PKIX_PL_GeneralName *generalName, + PKIX_PL_GeneralName *gName, PLArenaPool *arena, LDAPRequestParams *request, char **pDomainName, @@ -722,9 +722,9 @@ pkix_pl_InfoAccess_ParseLocation( LDAPNameComponent *nameComponent = NULL; PKIX_ENTER(INFOACCESS, "pkix_pl_InfoAccess_ParseLocation"); - PKIX_NULLCHECK_FOUR(generalName, arena, request, pDomainName); + PKIX_NULLCHECK_FOUR(gName, arena, request, pDomainName); - PKIX_TOSTRING(generalName, &locationString, plContext, + PKIX_TOSTRING(gName, &locationString, plContext, PKIX_GENERALNAMETOSTRINGFAILED); PKIX_CHECK(PKIX_PL_String_GetEncoded diff --git a/security/nss/lib/nss/nss.h b/security/nss/lib/nss/nss.h index d62f4957b..efb0827c5 100644 --- a/security/nss/lib/nss/nss.h +++ b/security/nss/lib/nss/nss.h @@ -22,10 +22,10 @@ * The format of the version string should be * "<major version>.<minor version>[.<patch level>[.<build number>]][ <ECC>][ <Beta>]" */ -#define NSS_VERSION "3.36.4" _NSS_CUSTOMIZED +#define NSS_VERSION "3.38" _NSS_CUSTOMIZED #define NSS_VMAJOR 3 -#define NSS_VMINOR 36 -#define NSS_VPATCH 4 +#define NSS_VMINOR 38 +#define NSS_VPATCH 0 #define NSS_VBUILD 0 #define NSS_BETA PR_FALSE diff --git a/security/nss/lib/pk11wrap/pk11akey.c b/security/nss/lib/pk11wrap/pk11akey.c index c45901ec3..346e473a9 100644 --- a/security/nss/lib/pk11wrap/pk11akey.c +++ b/security/nss/lib/pk11wrap/pk11akey.c @@ -804,12 +804,30 @@ PK11_MakePrivKey(PK11SlotInfo *slot, KeyType keyType, /* don't know? look it up */ if (keyType == nullKey) { CK_KEY_TYPE pk11Type = CKK_RSA; + SECItem info; pk11Type = PK11_ReadULongAttribute(slot, privID, CKA_KEY_TYPE); isTemp = (PRBool)!PK11_HasAttributeSet(slot, privID, CKA_TOKEN, PR_FALSE); switch (pk11Type) { case CKK_RSA: keyType = rsaKey; + /* determine RSA key type from the CKA_PUBLIC_KEY_INFO if present */ + rv = PK11_ReadAttribute(slot, privID, CKA_PUBLIC_KEY_INFO, NULL, &info); + if (rv == SECSuccess) { + CERTSubjectPublicKeyInfo *spki; + + spki = SECKEY_DecodeDERSubjectPublicKeyInfo(&info); + if (spki) { + SECOidTag tag; + + tag = SECOID_GetAlgorithmTag(&spki->algorithm); + if (tag == SEC_OID_PKCS1_RSA_PSS_SIGNATURE) + keyType = rsaPssKey; + SECKEY_DestroySubjectPublicKeyInfo(spki); + } + SECITEM_FreeItem(&info, PR_FALSE); + } + break; case CKK_DSA: keyType = dsaKey; diff --git a/security/nss/lib/pk11wrap/pk11pars.c b/security/nss/lib/pk11wrap/pk11pars.c index fc30222b3..c165e1ef2 100644 --- a/security/nss/lib/pk11wrap/pk11pars.c +++ b/security/nss/lib/pk11wrap/pk11pars.c @@ -547,16 +547,16 @@ secmod_applyCryptoPolicy(const char *policyString, for (i = 0; i < PR_ARRAY_SIZE(algOptList); i++) { const oidValDef *algOpt = &algOptList[i]; unsigned name_size = algOpt->name_size; - PRBool newValue = PR_FALSE; + PRBool newOption = PR_FALSE; if ((length >= name_size) && (cipher[name_size] == '/')) { - newValue = PR_TRUE; + newOption = PR_TRUE; } - if ((newValue || algOpt->name_size == length) && + if ((newOption || algOpt->name_size == length) && PORT_Strncasecmp(algOpt->name, cipher, name_size) == 0) { PRUint32 value = algOpt->val; PRUint32 enable, disable; - if (newValue) { + if (newOption) { value = secmod_parsePolicyValue(&cipher[name_size] + 1, length - name_size - 1); } diff --git a/security/nss/lib/pkcs12/p12e.c b/security/nss/lib/pkcs12/p12e.c index 4a21d8955..c42c4d2e2 100644 --- a/security/nss/lib/pkcs12/p12e.c +++ b/security/nss/lib/pkcs12/p12e.c @@ -884,7 +884,9 @@ sec_PKCS12AddAttributeToBag(SEC_PKCS12ExportContext *p12ctxt, unsigned int nItems = 0; SECStatus rv; - if (!safeBag || !p12ctxt) { + PORT_Assert(p12ctxt->arena == safeBag->arena); + if (!safeBag || !p12ctxt || p12ctxt->arena != safeBag->arena) { + PORT_SetError(SEC_ERROR_INVALID_ARGS); return SECFailure; } @@ -1589,6 +1591,7 @@ sec_pkcs12_encoder_start_context(SEC_PKCS12ExportContext *p12exp) params = PK11_CreatePBEParams(salt, &pwd, NSS_PBE_DEFAULT_ITERATION_COUNT); SECITEM_ZfreeItem(salt, PR_TRUE); + salt = NULL; SECITEM_ZfreeItem(&pwd, PR_FALSE); /* get the PBA Mechanism to generate the key */ diff --git a/security/nss/lib/pkcs7/p7decode.c b/security/nss/lib/pkcs7/p7decode.c index 4f17b8e84..ba51955ab 100644 --- a/security/nss/lib/pkcs7/p7decode.c +++ b/security/nss/lib/pkcs7/p7decode.c @@ -1596,7 +1596,6 @@ sec_pkcs7_verify_signature(SEC_PKCS7ContentInfo *cinfo, } else { SECItem *sig; SECItem holder; - SECStatus rv; /* * No authenticated attributes. diff --git a/security/nss/lib/pki/pki3hack.c b/security/nss/lib/pki/pki3hack.c index fb3110a23..fab3a7a02 100644 --- a/security/nss/lib/pki/pki3hack.c +++ b/security/nss/lib/pki/pki3hack.c @@ -1143,8 +1143,8 @@ STAN_ChangeCertTrust(CERTCertificate *cc, CERTCertTrust *trust) (PRBool)(trust->sslFlags & CERTDB_GOVT_APPROVED_CA); if (c->object.cryptoContext != NULL) { /* The cert is in a context, set the trust there */ - NSSCryptoContext *cc = c->object.cryptoContext; - nssrv = nssCryptoContext_ImportTrust(cc, nssTrust); + NSSCryptoContext *cctx = c->object.cryptoContext; + nssrv = nssCryptoContext_ImportTrust(cctx, nssTrust); if (nssrv != PR_SUCCESS) { goto done; } diff --git a/security/nss/lib/smime/cmsrecinfo.c b/security/nss/lib/smime/cmsrecinfo.c index 2efb6b1f2..8cab288d2 100644 --- a/security/nss/lib/smime/cmsrecinfo.c +++ b/security/nss/lib/smime/cmsrecinfo.c @@ -82,7 +82,7 @@ nss_cmsrecipientinfo_create(NSSCMSMessage *cmsg, if (DERinput) { /* decode everything from DER */ SECItem newinput; - SECStatus rv = SECITEM_CopyItem(poolp, &newinput, DERinput); + rv = SECITEM_CopyItem(poolp, &newinput, DERinput); if (SECSuccess != rv) goto loser; rv = SEC_QuickDERDecodeItem(poolp, ri, NSSCMSRecipientInfoTemplate, &newinput); diff --git a/security/nss/lib/softoken/legacydb/pcertdb.c b/security/nss/lib/softoken/legacydb/pcertdb.c index 2e8b650ee..47778190d 100644 --- a/security/nss/lib/softoken/legacydb/pcertdb.c +++ b/security/nss/lib/softoken/legacydb/pcertdb.c @@ -2577,14 +2577,13 @@ ReadDBSubjectEntry(NSSLOWCERTCertDBHandle *handle, SECItem *derSubject) SECItem dbentry; SECStatus rv; + PORT_InitCheapArena(&tmpArena, DER_DEFAULT_CHUNKSIZE); arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE); if (arena == NULL) { PORT_SetError(SEC_ERROR_NO_MEMORY); goto loser; } - PORT_InitCheapArena(&tmpArena, DER_DEFAULT_CHUNKSIZE); - entry = (certDBEntrySubject *)PORT_ArenaAlloc(arena, sizeof(certDBEntrySubject)); if (entry == NULL) { diff --git a/security/nss/lib/softoken/lowkey.c b/security/nss/lib/softoken/lowkey.c index 295d55f40..a28a3a55e 100644 --- a/security/nss/lib/softoken/lowkey.c +++ b/security/nss/lib/softoken/lowkey.c @@ -45,6 +45,23 @@ const SEC_ASN1Template nsslowkey_PrivateKeyInfoTemplate[] = { { 0 } }; +const SEC_ASN1Template nsslowkey_SubjectPublicKeyInfoTemplate[] = { + { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(NSSLOWKEYSubjectPublicKeyInfo) }, + { SEC_ASN1_INLINE | SEC_ASN1_XTRN, + offsetof(NSSLOWKEYSubjectPublicKeyInfo, algorithm), + SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) }, + { SEC_ASN1_BIT_STRING, + offsetof(NSSLOWKEYSubjectPublicKeyInfo, subjectPublicKey) }, + { 0 } +}; + +const SEC_ASN1Template nsslowkey_RSAPublicKeyTemplate[] = { + { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(NSSLOWKEYPublicKey) }, + { SEC_ASN1_INTEGER, offsetof(NSSLOWKEYPublicKey, u.rsa.modulus) }, + { SEC_ASN1_INTEGER, offsetof(NSSLOWKEYPublicKey, u.rsa.publicExponent) }, + { 0 } +}; + const SEC_ASN1Template nsslowkey_PQGParamsTemplate[] = { { SEC_ASN1_SEQUENCE, 0, NULL, sizeof(PQGParams) }, { SEC_ASN1_INTEGER, offsetof(PQGParams, prime) }, @@ -135,6 +152,13 @@ prepare_low_rsa_priv_key_for_asn1(NSSLOWKEYPrivateKey *key) } void +prepare_low_rsa_pub_key_for_asn1(NSSLOWKEYPublicKey *key) +{ + key->u.rsa.modulus.type = siUnsignedInteger; + key->u.rsa.publicExponent.type = siUnsignedInteger; +} + +void prepare_low_pqg_params_for_asn1(PQGParams *params) { params->prime.type = siUnsignedInteger; diff --git a/security/nss/lib/softoken/lowkeyi.h b/security/nss/lib/softoken/lowkeyi.h index f9ba3a75f..e599f01fa 100644 --- a/security/nss/lib/softoken/lowkeyi.h +++ b/security/nss/lib/softoken/lowkeyi.h @@ -27,6 +27,7 @@ extern void prepare_low_dsa_priv_key_export_for_asn1(NSSLOWKEYPrivateKey *key); extern void prepare_low_dh_priv_key_for_asn1(NSSLOWKEYPrivateKey *key); extern void prepare_low_ec_priv_key_for_asn1(NSSLOWKEYPrivateKey *key); extern void prepare_low_ecparams_for_asn1(ECParams *params); +extern void prepare_low_rsa_pub_key_for_asn1(NSSLOWKEYPublicKey *key); /* ** Destroy a private key object. diff --git a/security/nss/lib/softoken/lowkeyti.h b/security/nss/lib/softoken/lowkeyti.h index c048b33e7..7e77592c5 100644 --- a/security/nss/lib/softoken/lowkeyti.h +++ b/security/nss/lib/softoken/lowkeyti.h @@ -25,6 +25,8 @@ extern const SEC_ASN1Template nsslowkey_ECPrivateKeyTemplate[]; extern const SEC_ASN1Template nsslowkey_PrivateKeyInfoTemplate[]; extern const SEC_ASN1Template nsslowkey_EncryptedPrivateKeyInfoTemplate[]; +extern const SEC_ASN1Template nsslowkey_SubjectPublicKeyInfoTemplate[]; +extern const SEC_ASN1Template nsslowkey_RSAPublicKeyTemplate[]; /* * PKCS #8 attributes @@ -48,6 +50,13 @@ struct NSSLOWKEYPrivateKeyInfoStr { typedef struct NSSLOWKEYPrivateKeyInfoStr NSSLOWKEYPrivateKeyInfo; #define NSSLOWKEY_PRIVATE_KEY_INFO_VERSION 0 /* what we *create* */ +struct NSSLOWKEYSubjectPublicKeyInfoStr { + PLArenaPool *arena; + SECAlgorithmID algorithm; + SECItem subjectPublicKey; +}; +typedef struct NSSLOWKEYSubjectPublicKeyInfoStr NSSLOWKEYSubjectPublicKeyInfo; + typedef enum { NSSLOWKEYNullKey = 0, NSSLOWKEYRSAKey = 1, diff --git a/security/nss/lib/softoken/lowpbe.c b/security/nss/lib/softoken/lowpbe.c index 0a47804bf..4a101c68c 100644 --- a/security/nss/lib/softoken/lowpbe.c +++ b/security/nss/lib/softoken/lowpbe.c @@ -1073,15 +1073,15 @@ sec_pkcs5_rc2(SECItem *key, SECItem *iv, SECItem *src, PRBool dummy, } if (encrypt != PR_FALSE) { - void *dummy; + void *v; - dummy = CBC_PadBuffer(NULL, dup_src->data, - dup_src->len, &dup_src->len, 8 /* RC2_BLOCK_SIZE */); - if (dummy == NULL) { + v = CBC_PadBuffer(NULL, dup_src->data, + dup_src->len, &dup_src->len, 8 /* RC2_BLOCK_SIZE */); + if (v == NULL) { SECITEM_FreeItem(dup_src, PR_TRUE); return NULL; } - dup_src->data = (unsigned char *)dummy; + dup_src->data = (unsigned char *)v; } dest = (SECItem *)PORT_ZAlloc(sizeof(SECItem)); diff --git a/security/nss/lib/softoken/pkcs11.c b/security/nss/lib/softoken/pkcs11.c index 77882a274..34f25a9d0 100644 --- a/security/nss/lib/softoken/pkcs11.c +++ b/security/nss/lib/softoken/pkcs11.c @@ -1343,7 +1343,6 @@ sftk_handleSecretKeyObject(SFTKSession *session, SFTKObject *object, if (sftk_isTrue(object, CKA_TOKEN)) { SFTKSlot *slot = session->slot; SFTKDBHandle *keyHandle = sftk_getKeyDB(slot); - CK_RV crv; if (keyHandle == NULL) { return CKR_TOKEN_WRITE_PROTECTED; @@ -3807,12 +3806,12 @@ NSC_SetPIN(CK_SESSION_HANDLE hSession, CK_CHAR_PTR pOldPin, PZ_Unlock(slot->slotLock); /* Reset login flags. */ if (ulNewLen == 0) { - PRBool tokenRemoved = PR_FALSE; PZ_Lock(slot->slotLock); slot->isLoggedIn = PR_FALSE; slot->ssoLoggedIn = PR_FALSE; PZ_Unlock(slot->slotLock); + tokenRemoved = PR_FALSE; rv = sftkdb_CheckPassword(handle, "", &tokenRemoved); if (tokenRemoved) { sftk_CloseAllSessions(slot, PR_FALSE); @@ -4422,6 +4421,44 @@ NSC_GetObjectSize(CK_SESSION_HANDLE hSession, return CKR_OK; } +static CK_RV +nsc_GetTokenAttributeValue(SFTKSession *session, CK_OBJECT_HANDLE hObject, + CK_ATTRIBUTE_PTR pTemplate, CK_ULONG ulCount) +{ + SFTKSlot *slot = sftk_SlotFromSession(session); + SFTKDBHandle *dbHandle = sftk_getDBForTokenObject(slot, hObject); + SFTKDBHandle *keydb = NULL; + CK_RV crv; + + if (dbHandle == NULL) { + return CKR_OBJECT_HANDLE_INVALID; + } + + crv = sftkdb_GetAttributeValue(dbHandle, hObject, pTemplate, ulCount); + + /* make sure we don't export any sensitive information */ + keydb = sftk_getKeyDB(slot); + if (dbHandle == keydb) { + CK_ULONG i; + for (i = 0; i < ulCount; i++) { + if (sftk_isSensitive(pTemplate[i].type, CKO_PRIVATE_KEY)) { + crv = CKR_ATTRIBUTE_SENSITIVE; + if (pTemplate[i].pValue && (pTemplate[i].ulValueLen != -1)) { + PORT_Memset(pTemplate[i].pValue, 0, + pTemplate[i].ulValueLen); + } + pTemplate[i].ulValueLen = -1; + } + } + } + + sftk_freeDB(dbHandle); + if (keydb) { + sftk_freeDB(keydb); + } + return crv; +} + /* NSC_GetAttributeValue obtains the value of one or more object attributes. */ CK_RV NSC_GetAttributeValue(CK_SESSION_HANDLE hSession, @@ -4450,37 +4487,8 @@ NSC_GetAttributeValue(CK_SESSION_HANDLE hSession, /* short circuit everything for token objects */ if (sftk_isToken(hObject)) { - SFTKSlot *slot = sftk_SlotFromSession(session); - SFTKDBHandle *dbHandle = sftk_getDBForTokenObject(slot, hObject); - SFTKDBHandle *keydb = NULL; - - if (dbHandle == NULL) { - sftk_FreeSession(session); - return CKR_OBJECT_HANDLE_INVALID; - } - - crv = sftkdb_GetAttributeValue(dbHandle, hObject, pTemplate, ulCount); - - /* make sure we don't export any sensitive information */ - keydb = sftk_getKeyDB(slot); - if (dbHandle == keydb) { - for (i = 0; i < (int)ulCount; i++) { - if (sftk_isSensitive(pTemplate[i].type, CKO_PRIVATE_KEY)) { - crv = CKR_ATTRIBUTE_SENSITIVE; - if (pTemplate[i].pValue && (pTemplate[i].ulValueLen != -1)) { - PORT_Memset(pTemplate[i].pValue, 0, - pTemplate[i].ulValueLen); - } - pTemplate[i].ulValueLen = -1; - } - } - } - + crv = nsc_GetTokenAttributeValue(session, hObject, pTemplate, ulCount); sftk_FreeSession(session); - sftk_freeDB(dbHandle); - if (keydb) { - sftk_freeDB(keydb); - } return crv; } diff --git a/security/nss/lib/softoken/pkcs11c.c b/security/nss/lib/softoken/pkcs11c.c index d675d7331..385d3c144 100644 --- a/security/nss/lib/softoken/pkcs11c.c +++ b/security/nss/lib/softoken/pkcs11c.c @@ -5324,7 +5324,52 @@ sftk_PackagePrivateKey(SFTKObject *key, CK_RV *crvp) prepare_low_rsa_priv_key_for_asn1(lk); dummy = SEC_ASN1EncodeItem(arena, &pki->privateKey, lk, nsslowkey_RSAPrivateKeyTemplate); - algorithm = SEC_OID_PKCS1_RSA_ENCRYPTION; + + /* determine RSA key type from the CKA_PUBLIC_KEY_INFO if present */ + attribute = sftk_FindAttribute(key, CKA_PUBLIC_KEY_INFO); + if (attribute) { + NSSLOWKEYSubjectPublicKeyInfo *publicKeyInfo; + SECItem spki; + + spki.data = attribute->attrib.pValue; + spki.len = attribute->attrib.ulValueLen; + + publicKeyInfo = PORT_ArenaZAlloc(arena, + sizeof(NSSLOWKEYSubjectPublicKeyInfo)); + if (!publicKeyInfo) { + sftk_FreeAttribute(attribute); + *crvp = CKR_HOST_MEMORY; + rv = SECFailure; + goto loser; + } + rv = SEC_QuickDERDecodeItem(arena, publicKeyInfo, + nsslowkey_SubjectPublicKeyInfoTemplate, + &spki); + if (rv != SECSuccess) { + sftk_FreeAttribute(attribute); + *crvp = CKR_KEY_TYPE_INCONSISTENT; + goto loser; + } + algorithm = SECOID_GetAlgorithmTag(&publicKeyInfo->algorithm); + if (algorithm != SEC_OID_PKCS1_RSA_ENCRYPTION && + algorithm != SEC_OID_PKCS1_RSA_PSS_SIGNATURE) { + sftk_FreeAttribute(attribute); + rv = SECFailure; + *crvp = CKR_KEY_TYPE_INCONSISTENT; + goto loser; + } + param = SECITEM_DupItem(&publicKeyInfo->algorithm.parameters); + if (!param) { + sftk_FreeAttribute(attribute); + rv = SECFailure; + *crvp = CKR_HOST_MEMORY; + goto loser; + } + sftk_FreeAttribute(attribute); + } else { + /* default to PKCS #1 */ + algorithm = SEC_OID_PKCS1_RSA_ENCRYPTION; + } break; case NSSLOWKEYDSAKey: prepare_low_dsa_priv_key_export_for_asn1(lk); @@ -5803,6 +5848,53 @@ sftk_unwrapPrivateKey(SFTKObject *key, SECItem *bpki) break; } + if (crv != CKR_OK) { + goto loser; + } + + /* For RSA-PSS, record the original algorithm parameters so + * they can be encrypted altoghether when wrapping */ + if (SECOID_GetAlgorithmTag(&pki->algorithm) == SEC_OID_PKCS1_RSA_PSS_SIGNATURE) { + NSSLOWKEYSubjectPublicKeyInfo spki; + NSSLOWKEYPublicKey pubk; + SECItem *publicKeyInfo; + + memset(&spki, 0, sizeof(NSSLOWKEYSubjectPublicKeyInfo)); + rv = SECOID_CopyAlgorithmID(arena, &spki.algorithm, &pki->algorithm); + if (rv != SECSuccess) { + crv = CKR_HOST_MEMORY; + goto loser; + } + + prepare_low_rsa_pub_key_for_asn1(&pubk); + + rv = SECITEM_CopyItem(arena, &pubk.u.rsa.modulus, &lpk->u.rsa.modulus); + if (rv != SECSuccess) { + crv = CKR_HOST_MEMORY; + goto loser; + } + rv = SECITEM_CopyItem(arena, &pubk.u.rsa.publicExponent, &lpk->u.rsa.publicExponent); + if (rv != SECSuccess) { + crv = CKR_HOST_MEMORY; + goto loser; + } + + if (SEC_ASN1EncodeItem(arena, &spki.subjectPublicKey, + &pubk, nsslowkey_RSAPublicKeyTemplate) == NULL) { + crv = CKR_HOST_MEMORY; + goto loser; + } + + publicKeyInfo = SEC_ASN1EncodeItem(arena, NULL, + &spki, nsslowkey_SubjectPublicKeyInfoTemplate); + if (!publicKeyInfo) { + crv = CKR_HOST_MEMORY; + goto loser; + } + crv = sftk_AddAttributeType(key, CKA_PUBLIC_KEY_INFO, + sftk_item_expand(publicKeyInfo)); + } + loser: if (lpk) { nsslowkey_DestroyPrivateKey(lpk); @@ -7575,13 +7667,13 @@ NSC_DeriveKey(CK_SESSION_HANDLE hSession, (const CK_NSS_HKDFParams *)pMechanism->pParameter; const SECHashObject *rawHash; unsigned hashLen; - CK_BYTE buf[HASH_LENGTH_MAX]; + CK_BYTE hashbuf[HASH_LENGTH_MAX]; CK_BYTE *prk; /* psuedo-random key */ CK_ULONG prkLen; CK_BYTE *okm; /* output keying material */ rawHash = HASH_GetRawHashObject(hashType); - if (rawHash == NULL || rawHash->length > sizeof buf) { + if (rawHash == NULL || rawHash->length > sizeof(hashbuf)) { crv = CKR_FUNCTION_FAILED; break; } @@ -7615,7 +7707,7 @@ NSC_DeriveKey(CK_SESSION_HANDLE hSession, saltLen = params->ulSaltLen; if (salt == NULL) { saltLen = hashLen; - salt = buf; + salt = hashbuf; memset(salt, 0, saltLen); } hmac = HMAC_Create(rawHash, salt, saltLen, isFIPS); @@ -7626,10 +7718,10 @@ NSC_DeriveKey(CK_SESSION_HANDLE hSession, HMAC_Begin(hmac); HMAC_Update(hmac, (const unsigned char *)att->attrib.pValue, att->attrib.ulValueLen); - HMAC_Finish(hmac, buf, &bufLen, sizeof(buf)); + HMAC_Finish(hmac, hashbuf, &bufLen, sizeof(hashbuf)); HMAC_Destroy(hmac, PR_TRUE); PORT_Assert(bufLen == rawHash->length); - prk = buf; + prk = hashbuf; prkLen = bufLen; } else { /* PRK = base key value */ @@ -7646,24 +7738,24 @@ NSC_DeriveKey(CK_SESSION_HANDLE hSession, * key material = T(1) | ... | T(n) */ HMACContext *hmac; - CK_BYTE i; + CK_BYTE bi; unsigned iterations = PR_ROUNDUP(keySize, hashLen) / hashLen; hmac = HMAC_Create(rawHash, prk, prkLen, isFIPS); if (hmac == NULL) { crv = CKR_HOST_MEMORY; break; } - for (i = 1; i <= iterations; ++i) { + for (bi = 1; bi <= iterations; ++bi) { unsigned len; HMAC_Begin(hmac); - if (i > 1) { - HMAC_Update(hmac, key_block + ((i - 2) * hashLen), hashLen); + if (bi > 1) { + HMAC_Update(hmac, key_block + ((bi - 2) * hashLen), hashLen); } if (params->ulInfoLen != 0) { HMAC_Update(hmac, params->pInfo, params->ulInfoLen); } - HMAC_Update(hmac, &i, 1); - HMAC_Finish(hmac, key_block + ((i - 1) * hashLen), &len, + HMAC_Update(hmac, &bi, 1); + HMAC_Finish(hmac, key_block + ((bi - 1) * hashLen), &len, hashLen); PORT_Assert(len == hashLen); } diff --git a/security/nss/lib/softoken/pkcs11u.c b/security/nss/lib/softoken/pkcs11u.c index 27e411759..7b5fe732f 100644 --- a/security/nss/lib/softoken/pkcs11u.c +++ b/security/nss/lib/softoken/pkcs11u.c @@ -1193,7 +1193,7 @@ sftk_DeleteObject(SFTKSession *session, SFTKObject *object) /* Handle Token case */ if (so && so->session) { - SFTKSession *session = so->session; + session = so->session; PZ_Lock(session->objectLock); sftkqueue_delete(&so->sessionList, 0, session->objects, 0); PZ_Unlock(session->objectLock); @@ -1269,7 +1269,7 @@ static const CK_ULONG ecPubKeyAttrsCount = static const CK_ATTRIBUTE_TYPE commonPrivKeyAttrs[] = { CKA_DECRYPT, CKA_SIGN, CKA_SIGN_RECOVER, CKA_UNWRAP, CKA_SUBJECT, - CKA_SENSITIVE, CKA_EXTRACTABLE, CKA_NETSCAPE_DB + CKA_SENSITIVE, CKA_EXTRACTABLE, CKA_NETSCAPE_DB, CKA_PUBLIC_KEY_INFO }; static const CK_ULONG commonPrivKeyAttrsCount = sizeof(commonPrivKeyAttrs) / sizeof(commonPrivKeyAttrs[0]); diff --git a/security/nss/lib/softoken/sdb.c b/security/nss/lib/softoken/sdb.c index 96717cb26..fb897d68c 100644 --- a/security/nss/lib/softoken/sdb.c +++ b/security/nss/lib/softoken/sdb.c @@ -37,6 +37,10 @@ #elif defined(XP_UNIX) #include <unistd.h> #endif +#if defined(LINUX) && !defined(ANDROID) +#include <linux/magic.h> +#include <sys/vfs.h> +#endif #include "utilpars.h" #ifdef SQLITE_UNSAFE_THREADS @@ -154,7 +158,8 @@ static const CK_ATTRIBUTE_TYPE known_attributes[] = { CKA_TRUST_EMAIL_PROTECTION, CKA_TRUST_IPSEC_END_SYSTEM, CKA_TRUST_IPSEC_TUNNEL, CKA_TRUST_IPSEC_USER, CKA_TRUST_TIME_STAMPING, CKA_TRUST_STEP_UP_APPROVED, CKA_CERT_SHA1_HASH, CKA_CERT_MD5_HASH, - CKA_NETSCAPE_DB, CKA_NETSCAPE_TRUST, CKA_NSS_OVERRIDE_EXTENSIONS + CKA_NETSCAPE_DB, CKA_NETSCAPE_TRUST, CKA_NSS_OVERRIDE_EXTENSIONS, + CKA_PUBLIC_KEY_INFO }; static int known_attributes_size = sizeof(known_attributes) / @@ -643,13 +648,18 @@ static int sdb_openDB(const char *name, sqlite3 **sqlDB, int flags) { int sqlerr; - /* - * in sqlite3 3.5.0, there is a new open call that allows us - * to specify read only. Most new OS's are still on 3.3.x (including - * NSS's internal version and the version shipped with Firefox). - */ + int openFlags; + *sqlDB = NULL; - sqlerr = sqlite3_open(name, sqlDB); + + if (flags & SDB_RDONLY) { + openFlags = SQLITE_OPEN_READONLY; + } else { + openFlags = SQLITE_OPEN_READWRITE | SQLITE_OPEN_CREATE; + } + + /* Requires SQLite 3.5.0 or newer. */ + sqlerr = sqlite3_open_v2(name, sqlDB, openFlags, NULL); if (sqlerr != SQLITE_OK) { return sqlerr; } @@ -1757,6 +1767,8 @@ sdb_init(char *dbname, char *table, sdbDataType type, int *inUpdate, PRIntervalTime now = 0; char *env; PRBool enableCache = PR_FALSE; + PRBool checkFSType = PR_FALSE; + PRBool measureSpeed = PR_FALSE; PRBool create; int flags = inFlags & 0x7; @@ -1917,11 +1929,48 @@ sdb_init(char *dbname, char *table, sdbDataType type, int *inUpdate, env = PR_GetEnvSecure("NSS_SDB_USE_CACHE"); - if (!env || PORT_Strcasecmp(env, "no") == 0) { - enableCache = PR_FALSE; + /* Variables enableCache, checkFSType, measureSpeed are PR_FALSE by default, + * which is the expected behavior for NSS_SDB_USE_CACHE="no". + * We don't need to check for "no" here. */ + if (!env) { + /* By default, with no variable set, we avoid expensive measuring for + * most FS types. We start with inexpensive FS type checking, and + * might perform measuring for some types. */ + checkFSType = PR_TRUE; } else if (PORT_Strcasecmp(env, "yes") == 0) { enableCache = PR_TRUE; - } else { + } else if (PORT_Strcasecmp(env, "no") != 0) { /* not "no" => "auto" */ + measureSpeed = PR_TRUE; + } + + if (checkFSType) { +#if defined(LINUX) && !defined(ANDROID) + struct statfs statfs_s; + if (statfs(dbname, &statfs_s) == 0) { + switch (statfs_s.f_type) { + case SMB_SUPER_MAGIC: + case 0xff534d42: /* CIFS_MAGIC_NUMBER */ + case NFS_SUPER_MAGIC: + /* We assume these are slow. */ + enableCache = PR_TRUE; + break; + case CODA_SUPER_MAGIC: + case 0x65735546: /* FUSE_SUPER_MAGIC */ + case NCP_SUPER_MAGIC: + /* It's uncertain if this FS is fast or slow. + * It seems reasonable to perform slow measuring for users + * with questionable FS speed. */ + measureSpeed = PR_TRUE; + break; + case AFS_SUPER_MAGIC: /* Already implements caching. */ + default: + break; + } + } +#endif + } + + if (measureSpeed) { char *tempDir = NULL; PRUint32 tempOps = 0; /* diff --git a/security/nss/lib/softoken/sftkdb.c b/security/nss/lib/softoken/sftkdb.c index 2ae084068..409c910f4 100644 --- a/security/nss/lib/softoken/sftkdb.c +++ b/security/nss/lib/softoken/sftkdb.c @@ -1591,7 +1591,8 @@ static const CK_ATTRIBUTE_TYPE known_attributes[] = { CKA_TRUST_EMAIL_PROTECTION, CKA_TRUST_IPSEC_END_SYSTEM, CKA_TRUST_IPSEC_TUNNEL, CKA_TRUST_IPSEC_USER, CKA_TRUST_TIME_STAMPING, CKA_TRUST_STEP_UP_APPROVED, CKA_CERT_SHA1_HASH, CKA_CERT_MD5_HASH, - CKA_NETSCAPE_DB, CKA_NETSCAPE_TRUST, CKA_NSS_OVERRIDE_EXTENSIONS + CKA_NETSCAPE_DB, CKA_NETSCAPE_TRUST, CKA_NSS_OVERRIDE_EXTENSIONS, + CKA_PUBLIC_KEY_INFO }; static unsigned int known_attributes_size = sizeof(known_attributes) / diff --git a/security/nss/lib/softoken/sftkpars.c b/security/nss/lib/softoken/sftkpars.c index e972fe854..5e96a1c04 100644 --- a/security/nss/lib/softoken/sftkpars.c +++ b/security/nss/lib/softoken/sftkpars.c @@ -162,7 +162,7 @@ sftk_parseParameters(char *param, sftk_parameters *parsed, PRBool isFIPS) } if (parsed->tokens == NULL) { int count = isFIPS ? 1 : 2; - int index = count - 1; + int i = count - 1; sftk_token_parameters *tokens = NULL; tokens = (sftk_token_parameters *) @@ -172,30 +172,30 @@ sftk_parseParameters(char *param, sftk_parameters *parsed, PRBool isFIPS) } parsed->tokens = tokens; parsed->token_count = count; - tokens[index].slotID = isFIPS ? FIPS_SLOT_ID : PRIVATE_KEY_SLOT_ID; - tokens[index].certPrefix = certPrefix; - tokens[index].keyPrefix = keyPrefix; - tokens[index].minPW = minPW ? atoi(minPW) : 0; - tokens[index].readOnly = parsed->readOnly; - tokens[index].noCertDB = parsed->noCertDB; - tokens[index].noKeyDB = parsed->noCertDB; - tokens[index].forceOpen = parsed->forceOpen; - tokens[index].pwRequired = parsed->pwRequired; - tokens[index].optimizeSpace = parsed->optimizeSpace; + tokens[i].slotID = isFIPS ? FIPS_SLOT_ID : PRIVATE_KEY_SLOT_ID; + tokens[i].certPrefix = certPrefix; + tokens[i].keyPrefix = keyPrefix; + tokens[i].minPW = minPW ? atoi(minPW) : 0; + tokens[i].readOnly = parsed->readOnly; + tokens[i].noCertDB = parsed->noCertDB; + tokens[i].noKeyDB = parsed->noCertDB; + tokens[i].forceOpen = parsed->forceOpen; + tokens[i].pwRequired = parsed->pwRequired; + tokens[i].optimizeSpace = parsed->optimizeSpace; tokens[0].optimizeSpace = parsed->optimizeSpace; certPrefix = NULL; keyPrefix = NULL; if (isFIPS) { - tokens[index].tokdes = ftokdes; - tokens[index].updtokdes = pupdtokdes; - tokens[index].slotdes = fslotdes; + tokens[i].tokdes = ftokdes; + tokens[i].updtokdes = pupdtokdes; + tokens[i].slotdes = fslotdes; fslotdes = NULL; ftokdes = NULL; pupdtokdes = NULL; } else { - tokens[index].tokdes = ptokdes; - tokens[index].updtokdes = pupdtokdes; - tokens[index].slotdes = pslotdes; + tokens[i].tokdes = ptokdes; + tokens[i].updtokdes = pupdtokdes; + tokens[i].slotdes = pslotdes; tokens[0].slotID = NETSCAPE_SLOT_ID; tokens[0].tokdes = tokdes; tokens[0].slotdes = slotdes; diff --git a/security/nss/lib/softoken/sftkpwd.c b/security/nss/lib/softoken/sftkpwd.c index e0d2df9ab..9834d3ba0 100644 --- a/security/nss/lib/softoken/sftkpwd.c +++ b/security/nss/lib/softoken/sftkpwd.c @@ -138,12 +138,14 @@ sftkdb_decodeCipherText(SECItem *cipherText, sftkCipherValue *cipherValue) SFTKDBEncryptedDataInfo edi; SECStatus rv; + PORT_Assert(cipherValue); + cipherValue->arena = NULL; + cipherValue->param = NULL; + arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE); if (arena == NULL) { return SECFailure; } - cipherValue->arena = NULL; - cipherValue->param = NULL; rv = SEC_QuickDERDecodeItem(arena, &edi, sftkdb_EncryptedDataInfoTemplate, cipherText); diff --git a/security/nss/lib/softoken/softkver.h b/security/nss/lib/softoken/softkver.h index f760ba21d..827bf2e22 100644 --- a/security/nss/lib/softoken/softkver.h +++ b/security/nss/lib/softoken/softkver.h @@ -17,10 +17,10 @@ * The format of the version string should be * "<major version>.<minor version>[.<patch level>[.<build number>]][ <ECC>][ <Beta>]" */ -#define SOFTOKEN_VERSION "3.36.4" SOFTOKEN_ECC_STRING +#define SOFTOKEN_VERSION "3.38" SOFTOKEN_ECC_STRING #define SOFTOKEN_VMAJOR 3 -#define SOFTOKEN_VMINOR 36 -#define SOFTOKEN_VPATCH 4 +#define SOFTOKEN_VMINOR 38 +#define SOFTOKEN_VPATCH 0 #define SOFTOKEN_VBUILD 0 #define SOFTOKEN_BETA PR_FALSE diff --git a/security/nss/lib/ssl/SSLerrs.h b/security/nss/lib/ssl/SSLerrs.h index d3f087544..f01d16583 100644 --- a/security/nss/lib/ssl/SSLerrs.h +++ b/security/nss/lib/ssl/SSLerrs.h @@ -374,7 +374,7 @@ ER3(SSL_ERROR_WEAK_SERVER_EPHEMERAL_DH_KEY, (SSL_ERROR_BASE + 115), "SSL received a weak ephemeral Diffie-Hellman key in Server Key Exchange handshake message.") ER3(SSL_ERROR_NEXT_PROTOCOL_DATA_INVALID, (SSL_ERROR_BASE + 116), - "SSL received invalid NPN extension data.") + "SSL received invalid ALPN extension data.") ER3(SSL_ERROR_FEATURE_NOT_SUPPORTED_FOR_SSL2, (SSL_ERROR_BASE + 117), "SSL feature not supported for SSL 2.0 connections.") @@ -543,3 +543,12 @@ ER3(SSL_ERROR_TOO_MANY_KEY_UPDATES, (SSL_ERROR_BASE + 171), ER3(SSL_ERROR_HANDSHAKE_FAILED, (SSL_ERROR_BASE + 172), "SSL handshake has already failed. No more operations possible.") + +ER3(SSL_ERROR_BAD_RESUMPTION_TOKEN_ERROR, (SSL_ERROR_BASE + 173), + "SSL received an invalid resumption token.") + +ER3(SSL_ERROR_RX_MALFORMED_DTLS_ACK, (SSL_ERROR_BASE + 174), + "SSL received a malformed DTLS ACK") + +ER3(SSL_ERROR_DH_KEY_TOO_LONG, (SSL_ERROR_BASE + 175), + "SSL received a DH key share that's too long (>8192 bit).") diff --git a/security/nss/lib/ssl/dtls13con.c b/security/nss/lib/ssl/dtls13con.c index aba0f62ab..de6cb47ca 100644 --- a/security/nss/lib/ssl/dtls13con.c +++ b/security/nss/lib/ssl/dtls13con.c @@ -11,6 +11,43 @@ #include "sslimpl.h" #include "sslproto.h" +SECStatus +dtls13_InsertCipherTextHeader(const sslSocket *ss, ssl3CipherSpec *cwSpec, + sslBuffer *wrBuf, PRBool *needsLength) +{ + PRUint32 seq; + SECStatus rv; + + /* Avoid using short records for the handshake. We pack multiple records + * into the one datagram for the handshake. */ + if (ss->opt.enableDtlsShortHeader && + cwSpec->epoch != TrafficKeyHandshake) { + *needsLength = PR_FALSE; + /* The short header is comprised of two octets in the form + * 0b001essssssssssss where 'e' is the low bit of the epoch and 's' is + * the low 12 bits of the sequence number. */ + seq = 0x2000 | + (((uint64_t)cwSpec->epoch & 1) << 12) | + (cwSpec->nextSeqNum & 0xfff); + return sslBuffer_AppendNumber(wrBuf, seq, 2); + } + + rv = sslBuffer_AppendNumber(wrBuf, content_application_data, 1); + if (rv != SECSuccess) { + return SECFailure; + } + + /* The epoch and sequence number are encoded on 4 octets, with the epoch + * consuming the first two bits. */ + seq = (((uint64_t)cwSpec->epoch & 3) << 30) | (cwSpec->nextSeqNum & 0x3fffffff); + rv = sslBuffer_AppendNumber(wrBuf, seq, 4); + if (rv != SECSuccess) { + return SECFailure; + } + *needsLength = PR_TRUE; + return SECSuccess; +} + /* DTLS 1.3 Record map for ACK processing. * This represents a single fragment, so a record which includes * multiple fragments will have one entry for each fragment on the @@ -82,10 +119,15 @@ dtls13_SendAck(sslSocket *ss) SECStatus rv = SECSuccess; PRCList *cursor; PRInt32 sent; + unsigned int offset; SSL_TRC(10, ("%d: SSL3[%d]: Sending ACK", SSL_GETPID(), ss->fd)); + rv = sslBuffer_Skip(&buf, 2, &offset); + if (rv != SECSuccess) { + goto loser; + } for (cursor = PR_LIST_HEAD(&ss->ssl3.hs.dtlsRcvdHandshake); cursor != &ss->ssl3.hs.dtlsRcvdHandshake; cursor = PR_NEXT_LINK(cursor)) { @@ -99,6 +141,11 @@ dtls13_SendAck(sslSocket *ss) } } + rv = sslBuffer_InsertLength(&buf, offset, 2); + if (rv != SECSuccess) { + goto loser; + } + ssl_GetXmitBufLock(ss); sent = ssl3_SendRecord(ss, NULL, content_ack, buf.buf, buf.len, 0); @@ -364,6 +411,7 @@ dtls13_HandleAck(sslSocket *ss, sslBuffer *databuf) { PRUint8 *b = databuf->buf; PRUint32 l = databuf->len; + unsigned int length; SECStatus rv; /* Ensure we don't loop. */ @@ -372,10 +420,19 @@ dtls13_HandleAck(sslSocket *ss, sslBuffer *databuf) PORT_Assert(IS_DTLS(ss)); if (!tls13_MaybeTls13(ss)) { tls13_FatalError(ss, SSL_ERROR_RX_UNKNOWN_RECORD_TYPE, illegal_parameter); - return SECSuccess; + return SECFailure; } SSL_TRC(10, ("%d: SSL3[%d]: Handling ACK", SSL_GETPID(), ss->fd)); + rv = ssl3_ConsumeHandshakeNumber(ss, &length, 2, &b, &l); + if (rv != SECSuccess) { + return SECFailure; + } + if (length != l) { + tls13_FatalError(ss, SSL_ERROR_RX_MALFORMED_DTLS_ACK, decode_error); + return SECFailure; + } + while (l > 0) { PRUint64 seq; PRCList *cursor; diff --git a/security/nss/lib/ssl/dtls13con.h b/security/nss/lib/ssl/dtls13con.h index bf14d3bd2..ca48ef363 100644 --- a/security/nss/lib/ssl/dtls13con.h +++ b/security/nss/lib/ssl/dtls13con.h @@ -9,6 +9,10 @@ #ifndef __dtls13con_h_ #define __dtls13con_h_ +SECStatus dtls13_InsertCipherTextHeader(const sslSocket *ss, + ssl3CipherSpec *cwSpec, + sslBuffer *wrBuf, + PRBool *needsLength); SECStatus dtls13_RememberFragment(sslSocket *ss, PRCList *list, PRUint32 sequence, PRUint32 offset, PRUint32 length, DTLSEpoch epoch, diff --git a/security/nss/lib/ssl/dtlscon.c b/security/nss/lib/ssl/dtlscon.c index 2f335f924..a82295c66 100644 --- a/security/nss/lib/ssl/dtlscon.c +++ b/security/nss/lib/ssl/dtlscon.c @@ -724,13 +724,16 @@ dtls_FragmentHandshake(sslSocket *ss, DTLSQueuedMessage *msg) PORT_Assert(end <= contentLen); fragmentLen = PR_MIN(end, contentLen) - fragmentOffset; - /* Reduce to the space remaining in the MTU. Allow for any existing - * messages, record expansion, and the handshake header. */ + /* Limit further by the record size limit. Account for the header. */ + fragmentLen = PR_MIN(fragmentLen, + msg->cwSpec->recordSizeLimit - DTLS_HS_HDR_LEN); + + /* Reduce to the space remaining in the MTU. */ fragmentLen = PR_MIN(fragmentLen, ss->ssl3.mtu - /* MTU estimate. */ - ss->pendingBuf.len - /* Less unsent records. */ + ss->pendingBuf.len - /* Less any unsent records. */ DTLS_MAX_EXPANSION - /* Allow for expansion. */ - DTLS_HS_HDR_LEN); /* + handshake header. */ + DTLS_HS_HDR_LEN); /* And the handshake header. */ PORT_Assert(fragmentLen > 0 || fragmentOffset == 0); /* Make totally sure that we will fit in the buffer. This should be @@ -776,7 +779,7 @@ dtls_FragmentHandshake(sslSocket *ss, DTLSQueuedMessage *msg) rv = dtls13_RememberFragment(ss, &ss->ssl3.hs.dtlsSentHandshake, msgSeq, fragmentOffset, fragmentLen, msg->cwSpec->epoch, - msg->cwSpec->seqNum); + msg->cwSpec->nextSeqNum); if (rv != SECSuccess) { return SECFailure; } @@ -1319,6 +1322,107 @@ DTLS_GetHandshakeTimeout(PRFileDesc *socket, PRIntervalTime *timeout) return SECSuccess; } +PRBool +dtls_IsLongHeader(SSL3ProtocolVersion version, PRUint8 firstOctet) +{ +#ifndef UNSAFE_FUZZER_MODE + return version < SSL_LIBRARY_VERSION_TLS_1_3 || + firstOctet == content_handshake || + firstOctet == content_ack || + firstOctet == content_alert; +#else + return PR_TRUE; +#endif +} + +DTLSEpoch +dtls_ReadEpoch(const ssl3CipherSpec *crSpec, const PRUint8 *hdr) +{ + DTLSEpoch epoch; + DTLSEpoch maxEpoch; + DTLSEpoch partial; + + if (dtls_IsLongHeader(crSpec->version, hdr[0])) { + return ((DTLSEpoch)hdr[3] << 8) | hdr[4]; + } + + /* A lot of how we recover the epoch here will depend on how we plan to + * manage KeyUpdate. In the case that we decide to install a new read spec + * as a KeyUpdate is handled, crSpec will always be the highest epoch we can + * possibly receive. That makes this easier to manage. */ + if ((hdr[0] & 0xe0) == 0x20) { + /* Use crSpec->epoch, or crSpec->epoch - 1 if the last bit differs. */ + if (((hdr[0] >> 4) & 1) == (crSpec->epoch & 1)) { + return crSpec->epoch; + } + return crSpec->epoch - 1; + } + + /* dtls_GatherData should ensure that this works. */ + PORT_Assert(hdr[0] == content_application_data); + + /* This uses the same method as is used to recover the sequence number in + * dtls_ReadSequenceNumber, except that the maximum value is set to the + * current epoch. */ + partial = hdr[1] >> 6; + maxEpoch = PR_MAX(crSpec->epoch, 3); + epoch = (maxEpoch & 0xfffc) | partial; + if (partial > (maxEpoch & 0x03)) { + epoch -= 4; + } + return epoch; +} + +static sslSequenceNumber +dtls_ReadSequenceNumber(const ssl3CipherSpec *spec, const PRUint8 *hdr) +{ + sslSequenceNumber cap; + sslSequenceNumber partial; + sslSequenceNumber seqNum; + sslSequenceNumber mask; + + if (dtls_IsLongHeader(spec->version, hdr[0])) { + static const unsigned int seqNumOffset = 5; /* type, version, epoch */ + static const unsigned int seqNumLength = 6; + sslReader r = SSL_READER(hdr + seqNumOffset, seqNumLength); + (void)sslRead_ReadNumber(&r, seqNumLength, &seqNum); + return seqNum; + } + + /* Only the least significant bits of the sequence number is available here. + * This recovers the value based on the next expected sequence number. + * + * This works by determining the maximum possible sequence number, which is + * half the range of possible values above the expected next value (the + * expected next value is in |spec->seqNum|). Then, the last part of the + * sequence number is replaced. If that causes the value to exceed the + * maximum, subtract an entire range. + */ + if ((hdr[0] & 0xe0) == 0x20) { + /* A 12-bit sequence number. */ + cap = spec->nextSeqNum + (1ULL << 11); + partial = (((sslSequenceNumber)hdr[0] & 0xf) << 8) | + (sslSequenceNumber)hdr[1]; + mask = (1ULL << 12) - 1; + } else { + /* A 30-bit sequence number. */ + cap = spec->nextSeqNum + (1ULL << 29); + partial = (((sslSequenceNumber)hdr[1] & 0x3f) << 24) | + ((sslSequenceNumber)hdr[2] << 16) | + ((sslSequenceNumber)hdr[3] << 8) | + (sslSequenceNumber)hdr[4]; + mask = (1ULL << 30) - 1; + } + seqNum = (cap & ~mask) | partial; + /* The second check prevents the value from underflowing if we get a large + * gap at the start of a connection, where this subtraction would cause the + * sequence number to wrap to near UINT64_MAX. */ + if ((partial > (cap & mask)) && (seqNum > mask)) { + seqNum -= mask + 1; + } + return seqNum; +} + /* * DTLS relevance checks: * Note that this code currently ignores all out-of-epoch packets, @@ -1336,7 +1440,7 @@ dtls_IsRelevant(sslSocket *ss, const ssl3CipherSpec *spec, const SSL3Ciphertext *cText, sslSequenceNumber *seqNumOut) { - sslSequenceNumber seqNum = cText->seq_num & RECORD_SEQ_MASK; + sslSequenceNumber seqNum = dtls_ReadSequenceNumber(spec, cText->hdr); if (dtls_RecordGetRecvd(&spec->recvdRecords, seqNum) != 0) { SSL_TRC(10, ("%d: SSL3[%d]: dtls_IsRelevant, rejecting " "potentially replayed packet", diff --git a/security/nss/lib/ssl/dtlscon.h b/security/nss/lib/ssl/dtlscon.h index d094380f8..45fc069b9 100644 --- a/security/nss/lib/ssl/dtlscon.h +++ b/security/nss/lib/ssl/dtlscon.h @@ -41,8 +41,10 @@ extern SSL3ProtocolVersion dtls_TLSVersionToDTLSVersion(SSL3ProtocolVersion tlsv); extern SSL3ProtocolVersion dtls_DTLSVersionToTLSVersion(SSL3ProtocolVersion dtlsv); +DTLSEpoch dtls_ReadEpoch(const ssl3CipherSpec *crSpec, const PRUint8 *hdr); extern PRBool dtls_IsRelevant(sslSocket *ss, const ssl3CipherSpec *spec, const SSL3Ciphertext *cText, sslSequenceNumber *seqNum); void dtls_ReceivedFirstMessageInFlight(sslSocket *ss); +PRBool dtls_IsLongHeader(SSL3ProtocolVersion version, PRUint8 firstOctet); #endif diff --git a/security/nss/lib/ssl/ssl.h b/security/nss/lib/ssl/ssl.h index 25aabbaa2..ecc4f9506 100644 --- a/security/nss/lib/ssl/ssl.h +++ b/security/nss/lib/ssl/ssl.h @@ -158,23 +158,18 @@ SSL_IMPORT PRFileDesc *DTLS_ImportFD(PRFileDesc *model, PRFileDesc *fd); #define SSL_CBC_RANDOM_IV 23 #define SSL_ENABLE_OCSP_STAPLING 24 /* Request OCSP stapling (client) */ -/* SSL_ENABLE_NPN controls whether the NPN extension is enabled for the initial - * handshake when application layer protocol negotiation is used. - * SSL_SetNextProtoCallback or SSL_SetNextProtoNego must be used to control the - * application layer protocol negotiation; otherwise, the NPN extension will - * not be negotiated. SSL_ENABLE_NPN is currently enabled by default but this - * may change in future versions. - */ +/* SSL_ENABLE_NPN is defunct and defaults to false. + * Using this option will not have any effect but won't produce an error. */ #define SSL_ENABLE_NPN 25 /* SSL_ENABLE_ALPN controls whether the ALPN extension is enabled for the * initial handshake when application layer protocol negotiation is used. - * SSL_SetNextProtoNego (not SSL_SetNextProtoCallback) must be used to control - * the application layer protocol negotiation; otherwise, the ALPN extension - * will not be negotiated. ALPN is not negotiated for renegotiation handshakes, - * even though the ALPN specification defines a way to use ALPN during - * renegotiations. SSL_ENABLE_ALPN is currently disabled by default, but this - * may change in future versions. + * SSL_SetNextProtoNego or SSL_SetNextProtoCallback can be used to control + * the application layer protocol negotiation; + * ALPN is not negotiated for renegotiation handshakes, even though the ALPN + * specification defines a way to use ALPN during renegotiations. + * SSL_ENABLE_ALPN is currently enabled by default, but this may change in + * future versions. */ #define SSL_ENABLE_ALPN 26 @@ -248,12 +243,45 @@ SSL_IMPORT PRFileDesc *DTLS_ImportFD(PRFileDesc *model, PRFileDesc *fd); */ #define SSL_ENABLE_0RTT_DATA 33 +/* Sets a limit to the size of encrypted records (see + * draft-ietf-tls-record-limit). This is the value that is advertised to peers, + * not a limit on the size of records that will be created. Setting this value + * reduces the size of records that will be received (not sent). + * + * This limit applies to the plaintext, but the records that appear on the wire + * will be bigger. This doesn't include record headers, IVs, block cipher + * padding, and authentication tags or MACs. + * + * NSS always advertises the record size limit extension. If this option is not + * set, the extension will contain the maximum allowed size for the selected TLS + * version (currently this is 16384 or 2^14 for TLS 1.2 and lower and 16385 for + * TLS 1.3). + * + * By default, NSS creates records that are the maximum size possible, using all + * the data that was written by the application. Writes larger than the maximum + * are split into maximum sized records, and any remainder (unless + * SSL_CBC_RANDOM_IV is enabled and active). If a peer advertises a record size + * limit then that value is used instead. + */ +#define SSL_RECORD_SIZE_LIMIT 34 + /* Enables TLS 1.3 compatibility mode. In this mode, the client includes a fake * session ID in the handshake and sends a ChangeCipherSpec. A server will * always use the setting chosen by the client, so the value of this option has * no effect for a server. This setting is ignored for DTLS. */ #define SSL_ENABLE_TLS13_COMPAT_MODE 35 +/* Enables the sending of DTLS records using the short (two octet) record + * header. Only do this if there are 2^10 or fewer packets in flight at a time; + * using this with a larger number of packets in flight could mean that packets + * are dropped if there is reordering. + * + * This applies to TLS 1.3 only. This is not a parameter that is negotiated + * during the TLS handshake. Unlike other socket options, this option can be + * changed after a handshake is complete. + */ +#define SSL_ENABLE_DTLS_SHORT_HEADER 36 + #ifdef SSL_DEPRECATED_FUNCTION /* Old deprecated function names */ SSL_IMPORT SECStatus SSL_Enable(PRFileDesc *fd, int option, PRIntn on); @@ -272,10 +300,10 @@ SSL_IMPORT SECStatus SSL_OptionSetDefault(PRInt32 option, PRIntn val); SSL_IMPORT SECStatus SSL_OptionGetDefault(PRInt32 option, PRIntn *val); SSL_IMPORT SECStatus SSL_CertDBHandleSet(PRFileDesc *fd, CERTCertDBHandle *dbHandle); -/* SSLNextProtoCallback is called during the handshake for the client, when a - * Next Protocol Negotiation (NPN) extension has been received from the server. - * |protos| and |protosLen| define a buffer which contains the server's - * advertisement. This data is guaranteed to be well formed per the NPN spec. +/* SSLNextProtoCallback is called during the handshake for the server, when an + * Application-Layer Protocol Negotiation (ALPN) extension has been received + * from the client. |protos| and |protosLen| define a buffer which contains the + * client's advertisement. * |protoOut| is a buffer provided by the caller, of length 255 (the maximum * allowed by the protocol). On successful return, the protocol to be announced * to the server will be in |protoOut| and its length in |*protoOutLen|. @@ -291,27 +319,24 @@ typedef SECStatus(PR_CALLBACK *SSLNextProtoCallback)( unsigned int *protoOutLen, unsigned int protoMaxOut); -/* SSL_SetNextProtoCallback sets a callback function to handle Next Protocol - * Negotiation. It causes a client to advertise NPN. */ +/* SSL_SetNextProtoCallback sets a callback function to handle ALPN Negotiation. + * It causes a client to advertise ALPN. */ SSL_IMPORT SECStatus SSL_SetNextProtoCallback(PRFileDesc *fd, SSLNextProtoCallback callback, void *arg); /* SSL_SetNextProtoNego can be used as an alternative to - * SSL_SetNextProtoCallback. It also causes a client to advertise NPN and - * installs a default callback function which selects the first supported - * protocol in server-preference order. If no matching protocol is found it - * selects the first supported protocol. + * SSL_SetNextProtoCallback. * - * Using this function also allows the client to transparently support ALPN. + * Using this function allows client and server to transparently support ALPN. * The same set of protocols will be advertised via ALPN and, if the server * uses ALPN to select a protocol, SSL_GetNextProto will return * SSL_NEXT_PROTO_SELECTED as the state. * - * Since NPN uses the first protocol as the fallback protocol, when sending an - * ALPN extension, the first protocol is moved to the end of the list. This - * indicates that the fallback protocol is the least preferred. The other - * protocols should be in preference order. + * Because the predecessor to ALPN, NPN, used the first protocol as the fallback + * protocol, when sending an ALPN extension, the first protocol is moved to the + * end of the list. This indicates that the fallback protocol is the least + * preferred. The other protocols should be in preference order. * * The supported protocols are specified in |data| in wire-format (8-bit * length-prefixed). For example: "\010http/1.1\006spdy/2". */ diff --git a/security/nss/lib/ssl/ssl3con.c b/security/nss/lib/ssl/ssl3con.c index 2593bbacc..466fc296f 100644 --- a/security/nss/lib/ssl/ssl3con.c +++ b/security/nss/lib/ssl/ssl3con.c @@ -990,27 +990,22 @@ ssl_ClientReadVersion(sslSocket *ss, PRUint8 **b, unsigned int *len, if (rv != SECSuccess) { return SECFailure; /* alert has been sent */ } - -#ifdef TLS_1_3_DRAFT_VERSION - if (temp == SSL_LIBRARY_VERSION_TLS_1_3) { - (void)SSL3_SendAlert(ss, alert_fatal, protocol_version); - PORT_SetError(SSL_ERROR_UNSUPPORTED_VERSION); - return SECFailure; - } - if (temp == tls13_EncodeDraftVersion(SSL_LIBRARY_VERSION_TLS_1_3)) { - v = SSL_LIBRARY_VERSION_TLS_1_3; - } else { - v = (SSL3ProtocolVersion)temp; - } -#else v = (SSL3ProtocolVersion)temp; -#endif if (IS_DTLS(ss)) { - /* If this fails, we get 0 back and the next check to fails. */ v = dtls_DTLSVersionToTLSVersion(v); + /* Check for failure. */ + if (!v || v > SSL_LIBRARY_VERSION_MAX_SUPPORTED) { + SSL3_SendAlert(ss, alert_fatal, illegal_parameter); + return SECFailure; + } } + /* You can't negotiate TLS 1.3 this way. */ + if (v >= SSL_LIBRARY_VERSION_TLS_1_3) { + SSL3_SendAlert(ss, alert_fatal, illegal_parameter); + return SECFailure; + } *version = v; return SECSuccess; } @@ -1415,7 +1410,7 @@ ssl3_SetupPendingCipherSpec(sslSocket *ss, CipherSpecDirection direction, spec->macDef = ssl_GetMacDef(ss, suiteDef); spec->epoch = prev->epoch + 1; - spec->seqNum = 0; + spec->nextSeqNum = 0; if (IS_DTLS(ss) && direction == CipherSpecRead) { dtls_InitRecvdRecords(&spec->recvdRecords); } @@ -1481,6 +1476,13 @@ ssl3_SetupBothPendingCipherSpecs(sslSocket *ss) goto loser; } + if (ssl3_ExtensionNegotiated(ss, ssl_record_size_limit_xtn)) { + ss->ssl3.prSpec->recordSizeLimit = PR_MIN(MAX_FRAGMENT_LENGTH, + ss->opt.recordSizeLimit); + ss->ssl3.pwSpec->recordSizeLimit = PR_MIN(MAX_FRAGMENT_LENGTH, + ss->xtnData.recordSizeLimit); + } + ssl_ReleaseSpecWriteLock(ss); /*******************************/ return SECSuccess; @@ -2004,6 +2006,7 @@ ssl3_MACEncryptRecord(ssl3CipherSpec *cwSpec, unsigned int ivLen = 0; unsigned char pseudoHeaderBuf[13]; sslBuffer pseudoHeader = SSL_BUFFER(pseudoHeaderBuf); + int len; if (cwSpec->cipherDef->type == type_block && cwSpec->version >= SSL_LIBRARY_VERSION_TLS_1_1) { @@ -2013,29 +2016,32 @@ ssl3_MACEncryptRecord(ssl3CipherSpec *cwSpec, * record. */ ivLen = cwSpec->cipherDef->iv_size; - if (ivLen > wrBuf->space) { + if (ivLen > SSL_BUFFER_SPACE(wrBuf)) { PORT_SetError(SEC_ERROR_LIBRARY_FAILURE); return SECFailure; } - rv = PK11_GenerateRandom(wrBuf->buf, ivLen); + rv = PK11_GenerateRandom(SSL_BUFFER_NEXT(wrBuf), ivLen); if (rv != SECSuccess) { ssl_MapLowLevelError(SSL_ERROR_GENERATE_RANDOM_FAILURE); return rv; } rv = cwSpec->cipher(cwSpec->cipherContext, - wrBuf->buf, /* output */ - (int *)&wrBuf->len, /* outlen */ - ivLen, /* max outlen */ - wrBuf->buf, /* input */ - ivLen); /* input len */ - if (rv != SECSuccess || wrBuf->len != ivLen) { + SSL_BUFFER_NEXT(wrBuf), /* output */ + &len, /* outlen */ + ivLen, /* max outlen */ + SSL_BUFFER_NEXT(wrBuf), /* input */ + ivLen); /* input len */ + if (rv != SECSuccess || len != ivLen) { PORT_SetError(SSL_ERROR_ENCRYPTION_FAILURE); return SECFailure; } + + rv = sslBuffer_Skip(wrBuf, len, NULL); + PORT_Assert(rv == SECSuccess); /* Can't fail. */ } rv = ssl3_BuildRecordPseudoHeader( - cwSpec->epoch, cwSpec->seqNum, type, + cwSpec->epoch, cwSpec->nextSeqNum, type, cwSpec->version >= SSL_LIBRARY_VERSION_TLS_1_0, cwSpec->recordVersion, isDTLS, contentLen, &pseudoHeader); PORT_Assert(rv == SECSuccess); @@ -2043,23 +2049,26 @@ ssl3_MACEncryptRecord(ssl3CipherSpec *cwSpec, const int nonceLen = cwSpec->cipherDef->explicit_nonce_size; const int tagLen = cwSpec->cipherDef->tag_size; - if (nonceLen + contentLen + tagLen > wrBuf->space) { + if (nonceLen + contentLen + tagLen > SSL_BUFFER_SPACE(wrBuf)) { PORT_SetError(SEC_ERROR_LIBRARY_FAILURE); return SECFailure; } rv = cwSpec->aead( &cwSpec->keyMaterial, - PR_FALSE, /* do encrypt */ - wrBuf->buf, /* output */ - (int *)&wrBuf->len, /* out len */ - wrBuf->space, /* max out */ - pIn, contentLen, /* input */ + PR_FALSE, /* do encrypt */ + SSL_BUFFER_NEXT(wrBuf), /* output */ + &len, /* out len */ + SSL_BUFFER_SPACE(wrBuf), /* max out */ + pIn, contentLen, /* input */ SSL_BUFFER_BASE(&pseudoHeader), SSL_BUFFER_LEN(&pseudoHeader)); if (rv != SECSuccess) { PORT_SetError(SSL_ERROR_ENCRYPTION_FAILURE); return SECFailure; } + + rv = sslBuffer_Skip(wrBuf, len, NULL); + PORT_Assert(rv == SECSuccess); /* Can't fail. */ } else { int blockSize = cwSpec->cipherDef->block_size; @@ -2069,7 +2078,7 @@ ssl3_MACEncryptRecord(ssl3CipherSpec *cwSpec, rv = ssl3_ComputeRecordMAC(cwSpec, SSL_BUFFER_BASE(&pseudoHeader), SSL_BUFFER_LEN(&pseudoHeader), pIn, contentLen, - wrBuf->buf + ivLen + contentLen, &macLen); + SSL_BUFFER_NEXT(wrBuf) + contentLen, &macLen); if (rv != SECSuccess) { ssl_MapLowLevelError(SSL_ERROR_MAC_COMPUTATION_FAILURE); return SECFailure; @@ -2095,7 +2104,7 @@ ssl3_MACEncryptRecord(ssl3CipherSpec *cwSpec, PORT_Assert((fragLen % blockSize) == 0); /* Pad according to TLS rules (also acceptable to SSL3). */ - pBuf = &wrBuf->buf[ivLen + fragLen - 1]; + pBuf = SSL_BUFFER_NEXT(wrBuf) + fragLen - 1; for (i = padding_length + 1; i > 0; --i) { *pBuf-- = padding_length; } @@ -2112,14 +2121,14 @@ ssl3_MACEncryptRecord(ssl3CipherSpec *cwSpec, p2Len += oddLen; PORT_Assert((blockSize < 2) || (p2Len % blockSize) == 0); - memmove(wrBuf->buf + ivLen + p1Len, pIn + p1Len, oddLen); + memmove(SSL_BUFFER_NEXT(wrBuf) + p1Len, pIn + p1Len, oddLen); } if (p1Len > 0) { int cipherBytesPart1 = -1; rv = cwSpec->cipher(cwSpec->cipherContext, - wrBuf->buf + ivLen, /* output */ - &cipherBytesPart1, /* actual outlen */ - p1Len, /* max outlen */ + SSL_BUFFER_NEXT(wrBuf), /* output */ + &cipherBytesPart1, /* actual outlen */ + p1Len, /* max outlen */ pIn, p1Len); /* input, and inputlen */ PORT_Assert(rv == SECSuccess && cipherBytesPart1 == (int)p1Len); @@ -2127,22 +2136,24 @@ ssl3_MACEncryptRecord(ssl3CipherSpec *cwSpec, PORT_SetError(SSL_ERROR_ENCRYPTION_FAILURE); return SECFailure; } - wrBuf->len += cipherBytesPart1; + rv = sslBuffer_Skip(wrBuf, p1Len, NULL); + PORT_Assert(rv == SECSuccess); } if (p2Len > 0) { int cipherBytesPart2 = -1; rv = cwSpec->cipher(cwSpec->cipherContext, - wrBuf->buf + ivLen + p1Len, + SSL_BUFFER_NEXT(wrBuf), &cipherBytesPart2, /* output and actual outLen */ p2Len, /* max outlen */ - wrBuf->buf + ivLen + p1Len, + SSL_BUFFER_NEXT(wrBuf), p2Len); /* input and inputLen*/ PORT_Assert(rv == SECSuccess && cipherBytesPart2 == (int)p2Len); if (rv != SECSuccess || cipherBytesPart2 != (int)p2Len) { PORT_SetError(SSL_ERROR_ENCRYPTION_FAILURE); return SECFailure; } - wrBuf->len += cipherBytesPart2; + rv = sslBuffer_Skip(wrBuf, p2Len, NULL); + PORT_Assert(rv == SECSuccess); } } @@ -2150,16 +2161,20 @@ ssl3_MACEncryptRecord(ssl3CipherSpec *cwSpec, } /* Note: though this can report failure, it shouldn't. */ -static SECStatus +SECStatus ssl_InsertRecordHeader(const sslSocket *ss, ssl3CipherSpec *cwSpec, - SSL3ContentType contentType, unsigned int len, - sslBuffer *wrBuf) + SSL3ContentType contentType, sslBuffer *wrBuf, + PRBool *needsLength) { SECStatus rv; #ifndef UNSAFE_FUZZER_MODE if (cwSpec->version >= SSL_LIBRARY_VERSION_TLS_1_3 && - cwSpec->cipherDef->calg != ssl_calg_null) { + cwSpec->epoch > TrafficKeyClearText) { + if (IS_DTLS(ss)) { + return dtls13_InsertCipherTextHeader(ss, cwSpec, wrBuf, + needsLength); + } contentType = content_application_data; } #endif @@ -2177,16 +2192,12 @@ ssl_InsertRecordHeader(const sslSocket *ss, ssl3CipherSpec *cwSpec, if (rv != SECSuccess) { return SECFailure; } - rv = sslBuffer_AppendNumber(wrBuf, cwSpec->seqNum, 6); + rv = sslBuffer_AppendNumber(wrBuf, cwSpec->nextSeqNum, 6); if (rv != SECSuccess) { return SECFailure; } } - rv = sslBuffer_AppendNumber(wrBuf, len, 2); - if (rv != SECSuccess) { - return SECFailure; - } - + *needsLength = PR_TRUE; return SECSuccess; } @@ -2194,66 +2205,67 @@ SECStatus ssl_ProtectRecord(sslSocket *ss, ssl3CipherSpec *cwSpec, SSL3ContentType type, const PRUint8 *pIn, PRUint32 contentLen, sslBuffer *wrBuf) { - unsigned int headerLen = IS_DTLS(ss) ? DTLS_RECORD_HEADER_LENGTH - : SSL3_RECORD_HEADER_LENGTH; - sslBuffer protBuf = SSL_BUFFER_FIXED(SSL_BUFFER_BASE(wrBuf) + headerLen, - SSL_BUFFER_SPACE(wrBuf) - headerLen); - PRBool isTLS13; + PRBool needsLength; + unsigned int lenOffset; SECStatus rv; PORT_Assert(cwSpec->direction == CipherSpecWrite); PORT_Assert(SSL_BUFFER_LEN(wrBuf) == 0); PORT_Assert(cwSpec->cipherDef->max_records <= RECORD_SEQ_MAX); - if (cwSpec->seqNum >= cwSpec->cipherDef->max_records) { + + if (cwSpec->nextSeqNum >= cwSpec->cipherDef->max_records) { /* We should have automatically updated before here in TLS 1.3. */ PORT_Assert(cwSpec->version < SSL_LIBRARY_VERSION_TLS_1_3); SSL_TRC(3, ("%d: SSL[-]: write sequence number at limit 0x%0llx", - SSL_GETPID(), cwSpec->seqNum)); + SSL_GETPID(), cwSpec->nextSeqNum)); PORT_SetError(SSL_ERROR_TOO_MANY_RECORDS); return SECFailure; } - isTLS13 = (PRBool)(cwSpec->version >= SSL_LIBRARY_VERSION_TLS_1_3); + rv = ssl_InsertRecordHeader(ss, cwSpec, type, wrBuf, &needsLength); + if (rv != SECSuccess) { + return SECFailure; + } + if (needsLength) { + rv = sslBuffer_Skip(wrBuf, 2, &lenOffset); + if (rv != SECSuccess) { + return SECFailure; + } + } #ifdef UNSAFE_FUZZER_MODE { int len; - rv = Null_Cipher(NULL, SSL_BUFFER_BASE(&protBuf), &len, - SSL_BUFFER_SPACE(&protBuf), pIn, contentLen); + rv = Null_Cipher(NULL, SSL_BUFFER_NEXT(wrBuf), &len, + SSL_BUFFER_SPACE(wrBuf), pIn, contentLen); if (rv != SECSuccess) { return SECFailure; /* error was set */ } - rv = sslBuffer_Skip(&protBuf, len, NULL); + rv = sslBuffer_Skip(wrBuf, len, NULL); PORT_Assert(rv == SECSuccess); /* Can't fail. */ } #else - if (isTLS13) { - rv = tls13_ProtectRecord(ss, cwSpec, type, pIn, contentLen, &protBuf); + if (cwSpec->version >= SSL_LIBRARY_VERSION_TLS_1_3) { + rv = tls13_ProtectRecord(ss, cwSpec, type, pIn, contentLen, wrBuf); } else { rv = ssl3_MACEncryptRecord(cwSpec, ss->sec.isServer, IS_DTLS(ss), type, - pIn, contentLen, &protBuf); + pIn, contentLen, wrBuf); } #endif if (rv != SECSuccess) { return SECFailure; /* error was set */ } - PORT_Assert(protBuf.len <= MAX_FRAGMENT_LENGTH + (isTLS13 ? 256 : 1024)); - - rv = ssl_InsertRecordHeader(ss, cwSpec, type, SSL_BUFFER_LEN(&protBuf), - wrBuf); - if (rv != SECSuccess) { - return SECFailure; - } - - PORT_Assert(SSL_BUFFER_LEN(wrBuf) == headerLen); - rv = sslBuffer_Skip(wrBuf, SSL_BUFFER_LEN(&protBuf), NULL); - if (rv != SECSuccess) { - PORT_Assert(0); /* Can't fail. */ - return SECFailure; + if (needsLength) { + /* Insert the length. */ + rv = sslBuffer_InsertLength(wrBuf, lenOffset, 2); + if (rv != SECSuccess) { + PORT_Assert(0); /* Can't fail. */ + return SECFailure; + } } - ++cwSpec->seqNum; + ++cwSpec->nextSeqNum; return SECSuccess; } @@ -2267,7 +2279,7 @@ ssl_ProtectNextRecord(sslSocket *ss, ssl3CipherSpec *spec, SSL3ContentType type, unsigned int spaceNeeded; SECStatus rv; - contentLen = PR_MIN(nIn, MAX_FRAGMENT_LENGTH); + contentLen = PR_MIN(nIn, spec->recordSizeLimit); spaceNeeded = contentLen + SSL3_BUFFER_FUDGE; if (spec->version >= SSL_LIBRARY_VERSION_TLS_1_1 && spec->cipherDef->type == type_block) { @@ -2291,6 +2303,7 @@ ssl_ProtectNextRecord(sslSocket *ss, ssl3CipherSpec *spec, SSL3ContentType type, *written = contentLen; return SECSuccess; } + /* Process the plain text before sending it. * Returns the number of bytes of plaintext that were successfully sent * plus the number of bytes of plaintext that were copied into the @@ -2368,7 +2381,7 @@ ssl3_SendRecord(sslSocket *ss, rv = ssl_ProtectNextRecord(ss, spec, type, pIn, nIn, &written); ssl_ReleaseSpecReadLock(ss); if (rv != SECSuccess) { - return SECFailure; + goto loser; } PORT_Assert(written > 0); @@ -3034,7 +3047,6 @@ ssl3_SendChangeCipherSpecsInt(sslSocket *ss) return SECFailure; /* error code set by ssl3_SendRecord */ } } else { - SECStatus rv; rv = dtls_QueueMessage(ss, content_change_cipher_spec, &change, 1); if (rv != SECSuccess) { return SECFailure; @@ -5567,13 +5579,20 @@ ssl3_SendRSAClientKeyExchange(sslSocket *ss, SECKEYPublicKey *svrPubKey) } /* Get the wrapped (encrypted) pre-master secret, enc_pms */ - enc_pms.len = SECKEY_PublicKeyStrength(svrPubKey); + unsigned int svrPubKeyBits = SECKEY_PublicKeyStrengthInBits(svrPubKey); + enc_pms.len = (svrPubKeyBits + 7) / 8; + /* Check that the RSA key isn't larger than 8k bit. */ + if (svrPubKeyBits > SSL_MAX_RSA_KEY_BITS) { + (void)SSL3_SendAlert(ss, alert_fatal, illegal_parameter); + ssl_MapLowLevelError(SSL_ERROR_CLIENT_KEY_EXCHANGE_FAILURE); + goto loser; + } enc_pms.data = (unsigned char *)PORT_Alloc(enc_pms.len); if (enc_pms.data == NULL) { goto loser; /* err set by PORT_Alloc */ } - /* wrap pre-master secret in server's public key. */ + /* Wrap pre-master secret in server's public key. */ rv = PK11_PubWrapSymKey(CKM_RSA_PKCS, svrPubKey, pms, &enc_pms); if (rv != SECSuccess) { ssl_MapLowLevelError(SSL_ERROR_CLIENT_KEY_EXCHANGE_FAILURE); @@ -5676,7 +5695,7 @@ ssl3_SendDHClientKeyExchange(sslSocket *ss, SECKEYPublicKey *svrPubKey) }; sslEphemeralKeyPair *keyPair = NULL; SECKEYPublicKey *pubKey; - PRUint8 dhData[1026]; /* Enough for the 8192-bit group. */ + PRUint8 dhData[SSL_MAX_DH_KEY_BITS / 8 + 2]; sslBuffer dhBuf = SSL_BUFFER(dhData); PORT_Assert(ss->opt.noLocks || ssl_HaveSSL3HandshakeLock(ss)); @@ -6208,7 +6227,6 @@ ssl3_HandleServerHello(sslSocket *ss, PRUint8 *b, PRUint32 length) SECItem sidBytes = { siBuffer, NULL, 0 }; PRBool isHelloRetry; SSL3AlertDescription desc = illegal_parameter; - TLSExtension *versionExtension; const PRUint8 *savedMsg = b; const PRUint32 savedLength = length; #ifndef TLS_1_3_DRAFT_VERSION @@ -6299,16 +6317,10 @@ ssl3_HandleServerHello(sslSocket *ss, PRUint8 *b, PRUint32 length) } } - /* Update the version based on the extension, as necessary. */ - versionExtension = ssl3_FindExtension(ss, ssl_tls13_supported_versions_xtn); - if (versionExtension) { - rv = ssl_ClientReadVersion(ss, &versionExtension->data.data, - &versionExtension->data.len, - &ss->version); - if (rv != SECSuccess) { - errCode = PORT_GetError(); - goto loser; /* An alert is sent by ssl_ClientReadVersion */ - } + /* Read supported_versions if present. */ + rv = tls13_ClientReadSupportedVersion(ss); + if (rv != SECSuccess) { + goto loser; } PORT_Assert(!SSL_ALL_VERSIONS_DISABLED(&ss->vrange)); @@ -6332,7 +6344,7 @@ ssl3_HandleServerHello(sslSocket *ss, PRUint8 *b, PRUint32 length) /* The server didn't pick 1.3 although we either received a * HelloRetryRequest, or we prepared to send early app data. */ if (ss->version < SSL_LIBRARY_VERSION_TLS_1_3) { - if (ss->ssl3.hs.helloRetry) { + if (isHelloRetry || ss->ssl3.hs.helloRetry) { /* SSL3_SendAlert() will uncache the SID. */ desc = illegal_parameter; errCode = SSL_ERROR_RX_MALFORMED_SERVER_HELLO; @@ -6393,8 +6405,9 @@ ssl3_HandleServerHello(sslSocket *ss, PRUint8 *b, PRUint32 length) /* Finally, now all the version-related checks have passed. */ ss->ssl3.hs.preliminaryInfo |= ssl_preinfo_version; /* Update the write cipher spec to match the version. But not after - * HelloRetryRequest, because cwSpec might be a 0-RTT cipher spec. */ - if (!ss->firstHsDone && !ss->ssl3.hs.helloRetry) { + * HelloRetryRequest, because cwSpec might be a 0-RTT cipher spec, + * in which case this is a no-op. */ + if (!ss->firstHsDone && !isHelloRetry) { ssl_GetSpecWriteLock(ss); ssl_SetSpecVersions(ss, ss->ssl3.cwSpec); ssl_ReleaseSpecWriteLock(ss); @@ -6729,6 +6742,10 @@ ssl_HandleDHServerKeyExchange(sslSocket *ss, PRUint8 *b, PRUint32 length) errCode = SSL_ERROR_WEAK_SERVER_EPHEMERAL_DH_KEY; goto alert_loser; } + if (dh_p_bits > SSL_MAX_DH_KEY_BITS) { + errCode = SSL_ERROR_DH_KEY_TOO_LONG; + goto alert_loser; + } rv = ssl3_ConsumeHandshakeVariable(ss, &dh_g, 2, &b, &length); if (rv != SECSuccess) { goto loser; /* malformed. */ @@ -6938,8 +6955,10 @@ ssl3_ParseCertificateRequestCAs(sslSocket *ss, PRUint8 **b, PRUint32 *length, goto alert_loser; /* malformed */ remaining -= 2; + if (SECITEM_MakeItem(ca_list->arena, &node->name, *b, len) != SECSuccess) { + goto no_mem; + } node->name.len = len; - node->name.data = *b; *b += len; *length -= len; remaining -= len; @@ -6967,7 +6986,6 @@ ssl3_ParseCertificateRequestCAs(sslSocket *ss, PRUint8 **b, PRUint32 *length, return SECSuccess; no_mem: - PORT_SetError(SEC_ERROR_NO_MEMORY); return SECFailure; alert_loser: @@ -7332,10 +7350,6 @@ ssl3_SendClientSecondRound(sslSocket *ss) * certificate to an attacker that does not have a valid cert for the * domain we are connecting to. * - * XXX: We should do the same for the NPN extension, but for that we - * need an option to give the application the ability to leak the NPN - * information to get better performance. - * * During the initial handshake on a connection, we never send/receive * application data until we have authenticated the server's certificate; * i.e. we have fully authenticated the handshake before using the cipher @@ -7409,14 +7423,6 @@ ssl3_SendClientSecondRound(sslSocket *ss) ss->enoughFirstHsDone = PR_TRUE; if (!ss->firstHsDone) { - /* XXX: If the server's certificate hasn't been authenticated by this - * point, then we may be leaking this NPN message to an attacker. - */ - rv = ssl3_SendNextProto(ss); - if (rv != SECSuccess) { - goto loser; /* err code was set. */ - } - if (ss->opt.enableFalseStart) { if (!ss->ssl3.hs.authCertificatePending) { /* When we fix bug 589047, we will need to know whether we are @@ -8879,12 +8885,10 @@ ssl_ConstructServerHello(sslSocket *ss, PRBool helloRetry, SSL3ProtocolVersion version; sslSessionID *sid = ss->sec.ci.sid; - if (IS_DTLS(ss) && ss->version < SSL_LIBRARY_VERSION_TLS_1_3) { - version = dtls_TLSVersionToDTLSVersion(ss->version); - } else { - version = PR_MIN(ss->version, SSL_LIBRARY_VERSION_TLS_1_2); + version = PR_MIN(ss->version, SSL_LIBRARY_VERSION_TLS_1_2); + if (IS_DTLS(ss)) { + version = dtls_TLSVersionToDTLSVersion(version); } - rv = sslBuffer_AppendNumber(messageBuf, version, 2); if (rv != SECSuccess) { return SECFailure; @@ -11404,6 +11408,10 @@ ssl3_HandleHandshakeMessage(sslSocket *ss, PRUint8 *b, PRUint32 length, /* Increment the expected sequence number */ ss->ssl3.hs.recvMessageSeq++; } + + /* Taint the message so that it's easier to detect UAFs. */ + PORT_Memset(b, 'N', length); + return rv; } @@ -11738,7 +11746,7 @@ ssl_RemoveTLSCBCPadding(sslBuffer *plaintext, unsigned int macSize) } for (i = 0; i < toCheck; i++) { - unsigned int t = paddingLength - i; + t = paddingLength - i; /* If i <= paddingLength then the MSB of t is zero and mask is * 0xff. Otherwise, mask is 0. */ unsigned char mask = DUPLICATE_MSB_TO_ALL(~t); @@ -11878,6 +11886,7 @@ ssl3_UnprotectRecord(sslSocket *ss, unsigned int good; unsigned int ivLen = 0; SSL3ContentType rType; + SSL3ProtocolVersion rVersion; unsigned int minLength; unsigned int originalLen = 0; PRUint8 headerBuf[13]; @@ -11950,7 +11959,9 @@ ssl3_UnprotectRecord(sslSocket *ss, return SECFailure; } - rType = cText->type; + rType = (SSL3ContentType)cText->hdr[0]; + rVersion = ((SSL3ProtocolVersion)cText->hdr[1] << 8) | + (SSL3ProtocolVersion)cText->hdr[2]; if (cipher_def->type == type_aead) { /* XXX For many AEAD ciphers, the plaintext is shorter than the * ciphertext by a fixed byte count, but it is not true in general. @@ -11960,8 +11971,8 @@ ssl3_UnprotectRecord(sslSocket *ss, cText->buf->len - cipher_def->explicit_nonce_size - cipher_def->tag_size; rv = ssl3_BuildRecordPseudoHeader( - spec->epoch, IS_DTLS(ss) ? cText->seq_num : spec->seqNum, - rType, isTLS, cText->version, IS_DTLS(ss), decryptedLen, &header); + spec->epoch, cText->seqNum, + rType, isTLS, rVersion, IS_DTLS(ss), decryptedLen, &header); PORT_Assert(rv == SECSuccess); rv = spec->aead(&spec->keyMaterial, PR_TRUE, /* do decrypt */ @@ -12008,8 +12019,8 @@ ssl3_UnprotectRecord(sslSocket *ss, /* compute the MAC */ rv = ssl3_BuildRecordPseudoHeader( - spec->epoch, IS_DTLS(ss) ? cText->seq_num : spec->seqNum, - rType, isTLS, cText->version, IS_DTLS(ss), + spec->epoch, cText->seqNum, + rType, isTLS, rVersion, IS_DTLS(ss), plaintext->len - spec->macDef->mac_size, &header); PORT_Assert(rv == SECSuccess); if (cipher_def->type == type_block) { @@ -12059,13 +12070,19 @@ ssl3_UnprotectRecord(sslSocket *ss, return SECSuccess; } -static SECStatus +SECStatus ssl3_HandleNonApplicationData(sslSocket *ss, SSL3ContentType rType, DTLSEpoch epoch, sslSequenceNumber seqNum, sslBuffer *databuf) { SECStatus rv; + /* check for Token Presence */ + if (!ssl3_ClientAuthTokenPresent(ss->sec.ci.sid)) { + PORT_SetError(SSL_ERROR_TOKEN_INSERTION_REMOVAL); + return SECFailure; + } + ssl_GetSSL3HandshakeLock(ss); /* All the functions called in this switch MUST set error code if @@ -12111,15 +12128,16 @@ ssl3_HandleNonApplicationData(sslSocket *ss, SSL3ContentType rType, * Returns NULL if no appropriate cipher spec is found. */ static ssl3CipherSpec * -ssl3_GetCipherSpec(sslSocket *ss, sslSequenceNumber seq) +ssl3_GetCipherSpec(sslSocket *ss, SSL3Ciphertext *cText) { ssl3CipherSpec *crSpec = ss->ssl3.crSpec; ssl3CipherSpec *newSpec = NULL; - DTLSEpoch epoch = seq >> 48; + DTLSEpoch epoch; if (!IS_DTLS(ss)) { return crSpec; } + epoch = dtls_ReadEpoch(crSpec, cText->hdr); if (crSpec->epoch == epoch) { return crSpec; } @@ -12136,6 +12154,11 @@ ssl3_GetCipherSpec(sslSocket *ss, sslSequenceNumber seq) return NULL; } +/* MAX_EXPANSION is the amount by which a record might plausibly be expanded + * when protected. It's the worst case estimate, so the sum of block cipher + * padding (up to 256 octets) and HMAC (48 octets for SHA-384). */ +#define MAX_EXPANSION (256 + 48) + /* if cText is non-null, then decipher and check the MAC of the * SSL record from cText->buf (typically gs->inbuf) * into databuf (typically gs->buf), and any previous contents of databuf @@ -12159,16 +12182,16 @@ ssl3_GetCipherSpec(sslSocket *ss, sslSequenceNumber seq) * Application Data records. */ SECStatus -ssl3_HandleRecord(sslSocket *ss, SSL3Ciphertext *cText, sslBuffer *databuf) +ssl3_HandleRecord(sslSocket *ss, SSL3Ciphertext *cText) { SECStatus rv; PRBool isTLS; DTLSEpoch epoch; - sslSequenceNumber seqNum = 0; ssl3CipherSpec *spec = NULL; + PRUint16 recordSizeLimit; PRBool outOfOrderSpec = PR_FALSE; SSL3ContentType rType; - sslBuffer *plaintext; + sslBuffer *plaintext = &ss->gs.buf; SSL3AlertDescription alert = internal_error; PORT_Assert(ss->opt.noLocks || ssl_HaveRecvBufLock(ss)); @@ -12178,27 +12201,23 @@ ssl3_HandleRecord(sslSocket *ss, SSL3Ciphertext *cText, sslBuffer *databuf) return SECFailure; } - /* cText is NULL when we're called from ssl3_RestartHandshakeAfterXXX(). - * This implies that databuf holds a previously deciphered SSL Handshake - * message. - */ - if (cText == NULL) { - SSL_DBG(("%d: SSL3[%d]: HandleRecord, resuming handshake", - SSL_GETPID(), ss->fd)); - /* Note that this doesn't pass the epoch and sequence number of the - * record through, which DTLS 1.3 depends on. DTLS doesn't support - * asynchronous certificate validation, so that should be OK. */ - PORT_Assert(!IS_DTLS(ss)); - return ssl3_HandleNonApplicationData(ss, content_handshake, - 0, 0, databuf); + /* Clear out the buffer in case this exits early. Any data then won't be + * processed twice. */ + plaintext->len = 0; + + /* We're waiting for another ClientHello, which will appear unencrypted. + * Use the content type to tell whether this should be discarded. */ + if (ss->ssl3.hs.zeroRttIgnore == ssl_0rtt_ignore_hrr && + cText->hdr[0] == content_application_data) { + PORT_Assert(ss->ssl3.hs.ws == wait_client_hello); + return SECSuccess; } ssl_GetSpecReadLock(ss); /******************************************/ - spec = ssl3_GetCipherSpec(ss, cText->seq_num); + spec = ssl3_GetCipherSpec(ss, cText); if (!spec) { PORT_Assert(IS_DTLS(ss)); ssl_ReleaseSpecReadLock(ss); /*****************************/ - databuf->len = 0; /* Needed to ensure data not left around */ return SECSuccess; } if (spec != ss->ssl3.crSpec) { @@ -12209,66 +12228,68 @@ ssl3_HandleRecord(sslSocket *ss, SSL3Ciphertext *cText, sslBuffer *databuf) } isTLS = (PRBool)(spec->version > SSL_LIBRARY_VERSION_3_0); if (IS_DTLS(ss)) { - if (!dtls_IsRelevant(ss, spec, cText, &seqNum)) { + if (!dtls_IsRelevant(ss, spec, cText, &cText->seqNum)) { ssl_ReleaseSpecReadLock(ss); /*****************************/ - databuf->len = 0; /* Needed to ensure data not left around */ - return SECSuccess; } } else { - seqNum = spec->seqNum + 1; + cText->seqNum = spec->nextSeqNum; } - if (seqNum >= spec->cipherDef->max_records) { + if (cText->seqNum >= spec->cipherDef->max_records) { ssl_ReleaseSpecReadLock(ss); /*****************************/ SSL_TRC(3, ("%d: SSL[%d]: read sequence number at limit 0x%0llx", - SSL_GETPID(), ss->fd, seqNum)); + SSL_GETPID(), ss->fd, cText->seqNum)); PORT_SetError(SSL_ERROR_TOO_MANY_RECORDS); return SECFailure; } - plaintext = databuf; - plaintext->len = 0; /* filled in by Unprotect call below. */ - - /* We're waiting for another ClientHello, which will appear unencrypted. - * Use the content type to tell whether this is should be discarded. - * - * XXX If we decide to remove the content type from encrypted records, this - * will become much more difficult to manage. */ - if (ss->ssl3.hs.zeroRttIgnore == ssl_0rtt_ignore_hrr && - cText->type == content_application_data) { + recordSizeLimit = spec->recordSizeLimit; + if (cText->buf->len > recordSizeLimit + MAX_EXPANSION) { ssl_ReleaseSpecReadLock(ss); /*****************************/ - PORT_Assert(ss->ssl3.hs.ws == wait_client_hello); - databuf->len = 0; - return SECSuccess; + SSL3_SendAlert(ss, alert_fatal, record_overflow); + PORT_SetError(SSL_ERROR_RX_RECORD_TOO_LONG); + return SECFailure; } - if (plaintext->space < MAX_FRAGMENT_LENGTH) { - rv = sslBuffer_Grow(plaintext, MAX_FRAGMENT_LENGTH + 2048); + if (plaintext->space < recordSizeLimit + MAX_EXPANSION) { + rv = sslBuffer_Grow(plaintext, recordSizeLimit + MAX_EXPANSION); if (rv != SECSuccess) { ssl_ReleaseSpecReadLock(ss); /*************************/ SSL_DBG(("%d: SSL3[%d]: HandleRecord, tried to get %d bytes", - SSL_GETPID(), ss->fd, MAX_FRAGMENT_LENGTH + 2048)); + SSL_GETPID(), ss->fd, recordSizeLimit + MAX_EXPANSION)); /* sslBuffer_Grow has set a memory error code. */ /* Perhaps we should send an alert. (but we have no memory!) */ return SECFailure; } } + /* Most record types aside from protected TLS 1.3 records carry the content + * type in the first octet. TLS 1.3 will override this value later. */ + rType = cText->hdr[0]; + /* Encrypted application data records could arrive before the handshake + * completes in DTLS 1.3. These can look like valid TLS 1.2 application_data + * records in epoch 0, which is never valid. Pretend they didn't decrypt. */ + if (spec->epoch == 0 && rType == content_application_data) { + PORT_SetError(SSL_ERROR_RX_UNEXPECTED_APPLICATION_DATA); + alert = unexpected_message; + rv = SECFailure; + } else { #ifdef UNSAFE_FUZZER_MODE - rv = Null_Cipher(NULL, plaintext->buf, (int *)&plaintext->len, - plaintext->space, cText->buf->buf, cText->buf->len); + rv = Null_Cipher(NULL, plaintext->buf, (int *)&plaintext->len, + plaintext->space, cText->buf->buf, cText->buf->len); #else - /* IMPORTANT: Unprotect functions MUST NOT send alerts - * because we still hold the spec read lock. Instead, if they - * return SECFailure, they set *alert to the alert to be sent. */ - if (spec->version < SSL_LIBRARY_VERSION_TLS_1_3 || - spec->cipherDef->calg == ssl_calg_null) { - /* Unencrypted TLS 1.3 records use the pre-TLS 1.3 format. */ - rv = ssl3_UnprotectRecord(ss, spec, cText, plaintext, &alert); - } else { - rv = tls13_UnprotectRecord(ss, spec, cText, plaintext, &alert); - } + /* IMPORTANT: Unprotect functions MUST NOT send alerts + * because we still hold the spec read lock. Instead, if they + * return SECFailure, they set *alert to the alert to be sent. */ + if (spec->version < SSL_LIBRARY_VERSION_TLS_1_3 || + spec->epoch == 0) { + rv = ssl3_UnprotectRecord(ss, spec, cText, plaintext, &alert); + } else { + rv = tls13_UnprotectRecord(ss, spec, cText, plaintext, &rType, + &alert); + } #endif + } if (rv != SECSuccess) { ssl_ReleaseSpecReadLock(ss); /***************************/ @@ -12276,39 +12297,45 @@ ssl3_HandleRecord(sslSocket *ss, SSL3Ciphertext *cText, sslBuffer *databuf) SSL_DBG(("%d: SSL3[%d]: decryption failed", SSL_GETPID(), ss->fd)); /* Ensure that we don't process this data again. */ - databuf->len = 0; + plaintext->len = 0; - /* Ignore a CCS if the alternative handshake is negotiated. Note that - * this will fail if the server fails to negotiate the alternative - * handshake type in a 0-RTT session that is resumed from a session that - * did negotiate it. We don't care about that corner case right now. */ + /* Ignore a CCS if compatibility mode is negotiated. Note that this + * will fail if the server fails to negotiate compatibility mode in a + * 0-RTT session that is resumed from a session that did negotiate it. + * We don't care about that corner case right now. */ if (ss->version >= SSL_LIBRARY_VERSION_TLS_1_3 && - cText->type == content_change_cipher_spec && + cText->hdr[0] == content_change_cipher_spec && ss->ssl3.hs.ws != idle_handshake && cText->buf->len == 1 && cText->buf->buf[0] == change_cipher_spec_choice) { /* Ignore the CCS. */ return SECSuccess; } + if (IS_DTLS(ss) || (ss->sec.isServer && ss->ssl3.hs.zeroRttIgnore == ssl_0rtt_ignore_trial)) { - /* Silently drop the packet */ + /* Silently drop the packet unless we sent a fatal alert. */ + if (ss->ssl3.fatalAlertSent) { + return SECFailure; + } return SECSuccess; - } else { - int errCode = PORT_GetError(); - SSL3_SendAlert(ss, alert_fatal, alert); - /* Reset the error code in case SSL3_SendAlert called - * PORT_SetError(). */ - PORT_SetError(errCode); - return SECFailure; } + + int errCode = PORT_GetError(); + SSL3_SendAlert(ss, alert_fatal, alert); + /* Reset the error code in case SSL3_SendAlert called + * PORT_SetError(). */ + PORT_SetError(errCode); + return SECFailure; } /* SECSuccess */ - spec->seqNum = PR_MAX(spec->seqNum, seqNum); if (IS_DTLS(ss)) { - dtls_RecordSetRecvd(&spec->recvdRecords, seqNum); + dtls_RecordSetRecvd(&spec->recvdRecords, cText->seqNum); + spec->nextSeqNum = PR_MAX(spec->nextSeqNum, cText->seqNum + 1); + } else { + ++spec->nextSeqNum; } epoch = spec->epoch; @@ -12317,19 +12344,18 @@ ssl3_HandleRecord(sslSocket *ss, SSL3Ciphertext *cText, sslBuffer *databuf) /* * The decrypted data is now in plaintext. */ - rType = cText->type; /* This must go after decryption because TLS 1.3 - * has encrypted content types. */ /* IMPORTANT: We are in DTLS 1.3 mode and we have processed something * from the wrong epoch. Divert to a divert processing function to make * sure we don't accidentally use the data unsafely. */ if (outOfOrderSpec) { PORT_Assert(IS_DTLS(ss) && ss->version >= SSL_LIBRARY_VERSION_TLS_1_3); - return dtls13_HandleOutOfEpochRecord(ss, spec, rType, databuf); + return dtls13_HandleOutOfEpochRecord(ss, spec, rType, plaintext); } /* Check the length of the plaintext. */ - if (isTLS && databuf->len > MAX_FRAGMENT_LENGTH) { + if (isTLS && plaintext->len > recordSizeLimit) { + plaintext->len = 0; SSL3_SendAlert(ss, alert_fatal, record_overflow); PORT_SetError(SSL_ERROR_RX_RECORD_TOO_LONG); return SECFailure; @@ -12344,14 +12370,16 @@ ssl3_HandleRecord(sslSocket *ss, SSL3Ciphertext *cText, sslBuffer *databuf) if (ss->version >= SSL_LIBRARY_VERSION_TLS_1_3 && ss->sec.isServer && ss->ssl3.hs.zeroRttState == ssl_0rtt_accepted) { - return tls13_HandleEarlyApplicationData(ss, databuf); + return tls13_HandleEarlyApplicationData(ss, plaintext); } + plaintext->len = 0; (void)SSL3_SendAlert(ss, alert_fatal, unexpected_message); PORT_SetError(SSL_ERROR_RX_UNEXPECTED_APPLICATION_DATA); return SECFailure; } - return ssl3_HandleNonApplicationData(ss, rType, epoch, seqNum, databuf); + return ssl3_HandleNonApplicationData(ss, rType, epoch, cText->seqNum, + plaintext); } /* diff --git a/security/nss/lib/ssl/ssl3ecc.c b/security/nss/lib/ssl/ssl3ecc.c index 913a14f63..f8b9a9400 100644 --- a/security/nss/lib/ssl/ssl3ecc.c +++ b/security/nss/lib/ssl/ssl3ecc.c @@ -548,12 +548,14 @@ ssl3_HandleECDHServerKeyExchange(sslSocket *ss, PRUint8 *b, PRUint32 length) if (ss->ssl3.prSpec->version == SSL_LIBRARY_VERSION_TLS_1_2) { rv = ssl_ConsumeSignatureScheme(ss, &b, &length, &sigScheme); if (rv != SECSuccess) { - goto loser; /* malformed or unsupported. */ + errCode = PORT_GetError(); + goto alert_loser; /* malformed or unsupported. */ } rv = ssl_CheckSignatureSchemeConsistency(ss, sigScheme, ss->sec.peerCert); if (rv != SECSuccess) { - goto loser; + errCode = PORT_GetError(); + goto alert_loser; } hashAlg = ssl_SignatureSchemeToHashType(sigScheme); } else { diff --git a/security/nss/lib/ssl/ssl3ext.c b/security/nss/lib/ssl/ssl3ext.c index 5a5077998..9b6c719f8 100644 --- a/security/nss/lib/ssl/ssl3ext.c +++ b/security/nss/lib/ssl/ssl3ext.c @@ -39,7 +39,6 @@ static const ssl3ExtensionHandler clientHelloHandlers[] = { { ssl_ec_point_formats_xtn, &ssl3_HandleSupportedPointFormatsXtn }, { ssl_session_ticket_xtn, &ssl3_ServerHandleSessionTicketXtn }, { ssl_renegotiation_info_xtn, &ssl3_HandleRenegotiationInfoXtn }, - { ssl_next_proto_nego_xtn, &ssl3_ServerHandleNextProtoNegoXtn }, { ssl_app_layer_protocol_xtn, &ssl3_ServerHandleAppProtoXtn }, { ssl_use_srtp_xtn, &ssl3_ServerHandleUseSRTPXtn }, { ssl_cert_status_xtn, &ssl3_ServerHandleStatusRequestXtn }, @@ -51,6 +50,7 @@ static const ssl3ExtensionHandler clientHelloHandlers[] = { { ssl_tls13_early_data_xtn, &tls13_ServerHandleEarlyDataXtn }, { ssl_tls13_psk_key_exchange_modes_xtn, &tls13_ServerHandlePskModesXtn }, { ssl_tls13_cookie_xtn, &tls13_ServerHandleCookieXtn }, + { ssl_record_size_limit_xtn, &ssl_HandleRecordSizeLimitXtn }, { 0, NULL } }; @@ -61,7 +61,6 @@ static const ssl3ExtensionHandler serverHelloHandlersTLS[] = { /* TODO: add a handler for ssl_ec_point_formats_xtn */ { ssl_session_ticket_xtn, &ssl3_ClientHandleSessionTicketXtn }, { ssl_renegotiation_info_xtn, &ssl3_HandleRenegotiationInfoXtn }, - { ssl_next_proto_nego_xtn, &ssl3_ClientHandleNextProtoNegoXtn }, { ssl_app_layer_protocol_xtn, &ssl3_ClientHandleAppProtoXtn }, { ssl_use_srtp_xtn, &ssl3_ClientHandleUseSRTPXtn }, { ssl_cert_status_xtn, &ssl3_ClientHandleStatusRequestXtn }, @@ -70,6 +69,7 @@ static const ssl3ExtensionHandler serverHelloHandlersTLS[] = { { ssl_tls13_key_share_xtn, &tls13_ClientHandleKeyShareXtn }, { ssl_tls13_pre_shared_key_xtn, &tls13_ClientHandlePreSharedKeyXtn }, { ssl_tls13_early_data_xtn, &tls13_ClientHandleEarlyDataXtn }, + { ssl_record_size_limit_xtn, &ssl_HandleRecordSizeLimitXtn }, { 0, NULL } }; @@ -122,7 +122,6 @@ static const sslExtensionBuilder clientHelloSendersTLS[] = { ssl_supported_groups_xtn, &ssl_SendSupportedGroupsXtn }, { ssl_ec_point_formats_xtn, &ssl3_SendSupportedPointFormatsXtn }, { ssl_session_ticket_xtn, &ssl3_ClientSendSessionTicketXtn }, - { ssl_next_proto_nego_xtn, &ssl3_ClientSendNextProtoNegoXtn }, { ssl_app_layer_protocol_xtn, &ssl3_ClientSendAppProtoXtn }, { ssl_use_srtp_xtn, &ssl3_ClientSendUseSRTPXtn }, { ssl_cert_status_xtn, &ssl3_ClientSendStatusRequestXtn }, @@ -137,6 +136,7 @@ static const sslExtensionBuilder clientHelloSendersTLS[] = { ssl_signature_algorithms_xtn, &ssl3_SendSigAlgsXtn }, { ssl_tls13_cookie_xtn, &tls13_ClientSendHrrCookieXtn }, { ssl_tls13_psk_key_exchange_modes_xtn, &tls13_ClientSendPskModesXtn }, + { ssl_record_size_limit_xtn, &ssl_SendRecordSizeLimitXtn }, /* The pre_shared_key extension MUST be last. */ { ssl_tls13_pre_shared_key_xtn, &tls13_ClientSendPreSharedKeyXtn }, { 0, NULL } @@ -183,7 +183,6 @@ static const struct { { ssl_tls13_psk_key_exchange_modes_xtn, ssl_ext_native_only }, { ssl_tls13_ticket_early_data_info_xtn, ssl_ext_native_only }, { ssl_tls13_certificate_authorities_xtn, ssl_ext_native }, - { ssl_next_proto_nego_xtn, ssl_ext_none }, { ssl_renegotiation_info_xtn, ssl_ext_native } }; @@ -681,7 +680,11 @@ ssl_CallCustomExtensionSenders(sslSocket *ss, sslBuffer *buf, } } - sslBuffer_Append(buf, tail.buf, tail.len); + rv = sslBuffer_Append(buf, tail.buf, tail.len); + if (rv != SECSuccess) { + goto loser; /* Code already set. */ + } + sslBuffer_Clear(&tail); return SECSuccess; diff --git a/security/nss/lib/ssl/ssl3ext.h b/security/nss/lib/ssl/ssl3ext.h index d0f75a599..6d77c7459 100644 --- a/security/nss/lib/ssl/ssl3ext.h +++ b/security/nss/lib/ssl/ssl3ext.h @@ -98,6 +98,9 @@ struct TLSExtensionDataStr { /* The application token contains a value that was passed to the client via * a session ticket, or the cookie in a HelloRetryRequest. */ SECItem applicationToken; + + /* The record size limit set by the peer. Our value is kept in ss->opt. */ + PRUint16 recordSizeLimit; }; typedef struct TLSExtensionStr { diff --git a/security/nss/lib/ssl/ssl3exthandle.c b/security/nss/lib/ssl/ssl3exthandle.c index e6388945e..d1f286dc3 100644 --- a/security/nss/lib/ssl/ssl3exthandle.c +++ b/security/nss/lib/ssl/ssl3exthandle.c @@ -242,33 +242,11 @@ ssl_AlpnTagAllowed(const sslSocket *ss, const SECItem *tag) return PR_FALSE; } -/* handle an incoming Next Protocol Negotiation extension. */ -SECStatus -ssl3_ServerHandleNextProtoNegoXtn(const sslSocket *ss, TLSExtensionData *xtnData, - SECItem *data) -{ - PORT_Assert(ss->version < SSL_LIBRARY_VERSION_TLS_1_3); - - if (ss->firstHsDone || data->len != 0) { - /* Clients MUST send an empty NPN extension, if any. */ - PORT_SetError(SSL_ERROR_NEXT_PROTOCOL_DATA_INVALID); - return SECFailure; - } - - xtnData->negotiated[xtnData->numNegotiated++] = ssl_next_proto_nego_xtn; - - /* TODO: server side NPN support would require calling - * ssl3_RegisterServerHelloExtensionSender here in order to echo the - * extension back to the client. */ - - return SECSuccess; -} - -/* ssl3_ValidateNextProtoNego checks that the given block of data is valid: none +/* ssl3_ValidateAppProtocol checks that the given block of data is valid: none * of the lengths may be 0 and the sum of the lengths must equal the length of * the block. */ SECStatus -ssl3_ValidateNextProtoNego(const unsigned char *data, unsigned int length) +ssl3_ValidateAppProtocol(const unsigned char *data, unsigned int length) { unsigned int offset = 0; @@ -286,7 +264,7 @@ ssl3_ValidateNextProtoNego(const unsigned char *data, unsigned int length) return SECSuccess; } -/* protocol selection handler for ALPN (server side) and NPN (client side) */ +/* Protocol selection handler for ALPN. */ static SECStatus ssl3_SelectAppProtocol(const sslSocket *ss, TLSExtensionData *xtnData, PRUint16 extension, SECItem *data) @@ -295,7 +273,7 @@ ssl3_SelectAppProtocol(const sslSocket *ss, TLSExtensionData *xtnData, unsigned char resultBuffer[255]; SECItem result = { siBuffer, resultBuffer, 0 }; - rv = ssl3_ValidateNextProtoNego(data->data, data->len); + rv = ssl3_ValidateAppProtocol(data->data, data->len); if (rv != SECSuccess) { ssl3_ExtSendAlert(ss, alert_fatal, decode_error); PORT_SetError(SSL_ERROR_NEXT_PROTOCOL_DATA_INVALID); @@ -303,11 +281,13 @@ ssl3_SelectAppProtocol(const sslSocket *ss, TLSExtensionData *xtnData, } PORT_Assert(ss->nextProtoCallback); - /* For ALPN, the cipher suite isn't selected yet. Note that extensions + /* The cipher suite isn't selected yet. Note that extensions * sometimes affect what cipher suite is selected, e.g., for ECC. */ PORT_Assert((ss->ssl3.hs.preliminaryInfo & ssl_preinfo_all & ~ssl_preinfo_cipher_suite) == (ssl_preinfo_all & ~ssl_preinfo_cipher_suite)); + /* The callback has to make sure that either rv != SECSuccess or that result + * is not set if there is no common protocol. */ rv = ss->nextProtoCallback(ss->nextProtoArg, ss->fd, data->data, data->len, result.data, &result.len, sizeof(resultBuffer)); if (rv != SECSuccess) { @@ -320,21 +300,20 @@ ssl3_SelectAppProtocol(const sslSocket *ss, TLSExtensionData *xtnData, * stack. */ if (result.len > sizeof(resultBuffer)) { PORT_SetError(SEC_ERROR_OUTPUT_LEN); - /* TODO: crash */ + PORT_Assert(PR_FALSE); return SECFailure; } SECITEM_FreeItem(&xtnData->nextProto, PR_FALSE); - if (extension == ssl_app_layer_protocol_xtn && - xtnData->nextProtoState != SSL_NEXT_PROTO_NEGOTIATED) { - /* The callback might say OK, but then it picks a default value - one - * that was not listed. That's OK for NPN, but not ALPN. */ + if (result.len < 1 || !result.data) { + /* Check that we actually got a result. */ ssl3_ExtSendAlert(ss, alert_fatal, no_application_protocol); PORT_SetError(SSL_ERROR_NEXT_PROTOCOL_NO_PROTOCOL); return SECFailure; } + xtnData->nextProtoState = SSL_NEXT_PROTO_NEGOTIATED; xtnData->negotiated[xtnData->numNegotiated++] = extension; return SECITEM_CopyItem(NULL, &xtnData->nextProto, &result); } @@ -356,7 +335,7 @@ ssl3_ServerHandleAppProtoXtn(const sslSocket *ss, TLSExtensionData *xtnData, return SECFailure; } - /* Unlike NPN, ALPN has extra redundant length information so that + /* ALPN has extra redundant length information so that * the extension is the same in both ClientHello and ServerHello. */ rv = ssl3_ExtConsumeHandshakeNumber(ss, &count, 2, &data->data, &data->len); if (rv != SECSuccess || count != data->len) { @@ -389,39 +368,6 @@ ssl3_ServerHandleAppProtoXtn(const sslSocket *ss, TLSExtensionData *xtnData, } SECStatus -ssl3_ClientHandleNextProtoNegoXtn(const sslSocket *ss, TLSExtensionData *xtnData, - SECItem *data) -{ - PORT_Assert(ss->version < SSL_LIBRARY_VERSION_TLS_1_3); - PORT_Assert(!ss->firstHsDone); - - if (ssl3_ExtensionNegotiated(ss, ssl_app_layer_protocol_xtn)) { - /* If the server negotiated ALPN then it has already told us what - * protocol to use, so it doesn't make sense for us to try to negotiate - * a different one by sending the NPN handshake message. However, if - * we've negotiated NPN then we're required to send the NPN handshake - * message. Thus, these two extensions cannot both be negotiated on the - * same connection. */ - ssl3_ExtSendAlert(ss, alert_fatal, illegal_parameter); - PORT_SetError(SSL_ERROR_BAD_SERVER); - return SECFailure; - } - - /* We should only get this call if we sent the extension, so - * ss->nextProtoCallback needs to be non-NULL. However, it is possible - * that an application erroneously cleared the callback between the time - * we sent the ClientHello and now. */ - if (!ss->nextProtoCallback) { - PORT_Assert(0); - ssl3_ExtSendAlert(ss, alert_fatal, internal_error); - PORT_SetError(SSL_ERROR_NEXT_PROTOCOL_NO_CALLBACK); - return SECFailure; - } - - return ssl3_SelectAppProtocol(ss, xtnData, ssl_next_proto_nego_xtn, data); -} - -SECStatus ssl3_ClientHandleAppProtoXtn(const sslSocket *ss, TLSExtensionData *xtnData, SECItem *data) { @@ -475,19 +421,6 @@ ssl3_ClientHandleAppProtoXtn(const sslSocket *ss, TLSExtensionData *xtnData, } SECStatus -ssl3_ClientSendNextProtoNegoXtn(const sslSocket *ss, TLSExtensionData *xtnData, - sslBuffer *buf, PRBool *added) -{ - /* Renegotiations do not send this extension. */ - if (!ss->opt.enableNPN || !ss->nextProtoCallback || ss->firstHsDone) { - return SECSuccess; - } - - *added = PR_TRUE; - return SECSuccess; -} - -SECStatus ssl3_ClientSendAppProtoXtn(const sslSocket *ss, TLSExtensionData *xtnData, sslBuffer *buf, PRBool *added) { @@ -499,35 +432,15 @@ ssl3_ClientSendAppProtoXtn(const sslSocket *ss, TLSExtensionData *xtnData, return SECSuccess; } - /* NPN requires that the client's fallback protocol is first in the - * list. However, ALPN sends protocols in preference order. So move the - * first protocol to the end of the list. */ - if (len > 0) { /* Each protocol string is prefixed with a single byte length. */ - unsigned int i; - rv = sslBuffer_AppendNumber(buf, len, 2); if (rv != SECSuccess) { return SECFailure; } - - i = ss->opt.nextProtoNego.data[0] + 1; - if (i <= len) { - rv = sslBuffer_Append(buf, &ss->opt.nextProtoNego.data[i], len - i); - if (rv != SECSuccess) { - return SECFailure; - } - rv = sslBuffer_Append(buf, ss->opt.nextProtoNego.data, i); - if (rv != SECSuccess) { - return SECFailure; - } - } else { - /* This seems to be invalid data so we'll send as-is. */ - rv = sslBuffer_Append(buf, ss->opt.nextProtoNego.data, len); - if (rv != SECSuccess) { - return SECFailure; - } + rv = sslBuffer_Append(buf, ss->opt.nextProtoNego.data, len); + if (rv != SECSuccess) { + return SECFailure; } } @@ -1955,3 +1868,67 @@ ssl_HandleSupportedGroupsXtn(const sslSocket *ss, TLSExtensionData *xtnData, return SECSuccess; } + +SECStatus +ssl_HandleRecordSizeLimitXtn(const sslSocket *ss, TLSExtensionData *xtnData, + SECItem *data) +{ + SECStatus rv; + PRUint32 limit; + PRUint32 maxLimit = (ss->version >= SSL_LIBRARY_VERSION_TLS_1_3) + ? (MAX_FRAGMENT_LENGTH + 1) + : MAX_FRAGMENT_LENGTH; + + rv = ssl3_ExtConsumeHandshakeNumber(ss, &limit, 2, &data->data, &data->len); + if (rv != SECSuccess) { + return SECFailure; + } + if (data->len != 0 || limit < 64) { + ssl3_ExtSendAlert(ss, alert_fatal, illegal_parameter); + PORT_SetError(SSL_ERROR_RX_MALFORMED_HANDSHAKE); + return SECFailure; + } + + if (ss->sec.isServer) { + rv = ssl3_RegisterExtensionSender(ss, xtnData, ssl_record_size_limit_xtn, + &ssl_SendRecordSizeLimitXtn); + if (rv != SECSuccess) { + return SECFailure; /* error already set. */ + } + } else if (limit > maxLimit) { + /* The client can sensibly check the maximum. */ + ssl3_ExtSendAlert(ss, alert_fatal, illegal_parameter); + PORT_SetError(SSL_ERROR_RX_MALFORMED_HANDSHAKE); + return SECFailure; + } + + /* We can't enforce the maximum on a server. But we do need to ensure + * that we don't apply a limit that is too large. */ + xtnData->recordSizeLimit = PR_MIN(maxLimit, limit); + xtnData->negotiated[xtnData->numNegotiated++] = ssl_record_size_limit_xtn; + return SECSuccess; +} + +SECStatus +ssl_SendRecordSizeLimitXtn(const sslSocket *ss, TLSExtensionData *xtnData, + sslBuffer *buf, PRBool *added) +{ + PRUint32 maxLimit; + if (ss->sec.isServer) { + maxLimit = (ss->version >= SSL_LIBRARY_VERSION_TLS_1_3) + ? (MAX_FRAGMENT_LENGTH + 1) + : MAX_FRAGMENT_LENGTH; + } else { + maxLimit = (ss->vrange.max >= SSL_LIBRARY_VERSION_TLS_1_3) + ? (MAX_FRAGMENT_LENGTH + 1) + : MAX_FRAGMENT_LENGTH; + } + PRUint32 limit = PR_MIN(ss->opt.recordSizeLimit, maxLimit); + SECStatus rv = sslBuffer_AppendNumber(buf, limit, 2); + if (rv != SECSuccess) { + return SECFailure; + } + + *added = PR_TRUE; + return SECSuccess; +} diff --git a/security/nss/lib/ssl/ssl3exthandle.h b/security/nss/lib/ssl/ssl3exthandle.h index b84bd074c..eaf7f0081 100644 --- a/security/nss/lib/ssl/ssl3exthandle.h +++ b/security/nss/lib/ssl/ssl3exthandle.h @@ -119,4 +119,11 @@ SECStatus ssl_SendSupportedGroupsXtn(const sslSocket *ss, SECStatus ssl3_SendSupportedPointFormatsXtn(const sslSocket *ss, TLSExtensionData *xtnData, sslBuffer *buf, PRBool *added); +SECStatus ssl_HandleRecordSizeLimitXtn(const sslSocket *ss, + TLSExtensionData *xtnData, + SECItem *data); +SECStatus ssl_SendRecordSizeLimitXtn(const sslSocket *ss, + TLSExtensionData *xtnData, + sslBuffer *buf, PRBool *added); + #endif diff --git a/security/nss/lib/ssl/ssl3gthr.c b/security/nss/lib/ssl/ssl3gthr.c index 8b323bb05..5ea7cc249 100644 --- a/security/nss/lib/ssl/ssl3gthr.c +++ b/security/nss/lib/ssl/ssl3gthr.c @@ -158,6 +158,7 @@ ssl3_GatherData(sslSocket *ss, sslGather *gs, int flags, ssl2Gather *ssl2gs) * the length of the following encrypted data, and then * read in the rest of the record into gs->inbuf. */ gs->remainder = (gs->hdr[3] << 8) | gs->hdr[4]; + gs->hdrLen = SSL3_RECORD_HEADER_LENGTH; } else { /* Probably an SSLv2 record header. No need to handle any * security escapes (gs->hdr[0] & 0x40) as we wouldn't get @@ -264,8 +265,9 @@ static int dtls_GatherData(sslSocket *ss, sslGather *gs, int flags) { int nb; - int err; - int rv = 1; + PRUint8 contentType; + unsigned int headerLen; + SECStatus rv; SSL_TRC(30, ("dtls_GatherData")); @@ -285,81 +287,97 @@ dtls_GatherData(sslSocket *ss, sslGather *gs, int flags) ** to 13 (the size of the record header). */ if (gs->dtlsPacket.space < MAX_FRAGMENT_LENGTH + 2048 + 13) { - err = sslBuffer_Grow(&gs->dtlsPacket, - MAX_FRAGMENT_LENGTH + 2048 + 13); - if (err) { /* realloc has set error code to no mem. */ - return err; + rv = sslBuffer_Grow(&gs->dtlsPacket, + MAX_FRAGMENT_LENGTH + 2048 + 13); + if (rv != SECSuccess) { + return -1; /* Code already set. */ } } /* recv() needs to read a full datagram at a time */ nb = ssl_DefRecv(ss, gs->dtlsPacket.buf, gs->dtlsPacket.space, flags); - if (nb > 0) { PRINT_BUF(60, (ss, "raw gather data:", gs->dtlsPacket.buf, nb)); } else if (nb == 0) { /* EOF */ SSL_TRC(30, ("%d: SSL3[%d]: EOF", SSL_GETPID(), ss->fd)); - rv = 0; - return rv; + return 0; } else /* if (nb < 0) */ { SSL_DBG(("%d: SSL3[%d]: recv error %d", SSL_GETPID(), ss->fd, PR_GetError())); - rv = SECFailure; - return rv; + return -1; } gs->dtlsPacket.len = nb; } + contentType = gs->dtlsPacket.buf[gs->dtlsPacketOffset]; + if (dtls_IsLongHeader(ss->version, contentType)) { + headerLen = 13; + } else if (contentType == content_application_data) { + headerLen = 7; + } else if ((contentType & 0xe0) == 0x20) { + headerLen = 2; + } else { + SSL_DBG(("%d: SSL3[%d]: invalid first octet (%d) for DTLS", + SSL_GETPID(), ss->fd, contentType)); + PORT_SetError(SSL_ERROR_RX_UNKNOWN_RECORD_TYPE); + gs->dtlsPacketOffset = 0; + gs->dtlsPacket.len = 0; + return -1; + } + /* At this point we should have >=1 complete records lined up in * dtlsPacket. Read off the header. */ - if ((gs->dtlsPacket.len - gs->dtlsPacketOffset) < 13) { + if ((gs->dtlsPacket.len - gs->dtlsPacketOffset) < headerLen) { SSL_DBG(("%d: SSL3[%d]: rest of DTLS packet " "too short to contain header", SSL_GETPID(), ss->fd)); - PR_SetError(PR_WOULD_BLOCK_ERROR, 0); + PORT_SetError(PR_WOULD_BLOCK_ERROR); gs->dtlsPacketOffset = 0; gs->dtlsPacket.len = 0; - rv = SECFailure; - return rv; + return -1; } - memcpy(gs->hdr, gs->dtlsPacket.buf + gs->dtlsPacketOffset, 13); - gs->dtlsPacketOffset += 13; + memcpy(gs->hdr, SSL_BUFFER_BASE(&gs->dtlsPacket) + gs->dtlsPacketOffset, + headerLen); + gs->hdrLen = headerLen; + gs->dtlsPacketOffset += headerLen; /* Have received SSL3 record header in gs->hdr. */ - gs->remainder = (gs->hdr[11] << 8) | gs->hdr[12]; + if (headerLen == 13) { + gs->remainder = (gs->hdr[11] << 8) | gs->hdr[12]; + } else if (headerLen == 7) { + gs->remainder = (gs->hdr[5] << 8) | gs->hdr[6]; + } else { + PORT_Assert(headerLen == 2); + gs->remainder = gs->dtlsPacket.len - gs->dtlsPacketOffset; + } if ((gs->dtlsPacket.len - gs->dtlsPacketOffset) < gs->remainder) { SSL_DBG(("%d: SSL3[%d]: rest of DTLS packet too short " "to contain rest of body", SSL_GETPID(), ss->fd)); - PR_SetError(PR_WOULD_BLOCK_ERROR, 0); + PORT_SetError(PR_WOULD_BLOCK_ERROR); gs->dtlsPacketOffset = 0; gs->dtlsPacket.len = 0; - rv = SECFailure; - return rv; + return -1; } /* OK, we have at least one complete packet, copy into inbuf */ - if (gs->remainder > gs->inbuf.space) { - err = sslBuffer_Grow(&gs->inbuf, gs->remainder); - if (err) { /* realloc has set error code to no mem. */ - return err; - } + gs->inbuf.len = 0; + rv = sslBuffer_Append(&gs->inbuf, + SSL_BUFFER_BASE(&gs->dtlsPacket) + gs->dtlsPacketOffset, + gs->remainder); + if (rv != SECSuccess) { + return -1; /* code already set. */ } - - SSL_TRC(20, ("%d: SSL3[%d]: dtls gathered record type=%d len=%d", - SSL_GETPID(), ss->fd, gs->hdr[0], gs->inbuf.len)); - - memcpy(gs->inbuf.buf, gs->dtlsPacket.buf + gs->dtlsPacketOffset, - gs->remainder); - gs->inbuf.len = gs->remainder; gs->offset = gs->remainder; gs->dtlsPacketOffset += gs->remainder; gs->state = GS_INIT; + SSL_TRC(20, ("%d: SSL3[%d]: dtls gathered record type=%d len=%d", + SSL_GETPID(), ss->fd, contentType, gs->inbuf.len)); return 1; } @@ -442,7 +460,11 @@ ssl3_GatherCompleteHandshake(sslSocket *ss, int flags) * We need to process it now before we overwrite it with the next * handshake record. */ - rv = ssl3_HandleRecord(ss, NULL, &ss->gs.buf); + SSL_DBG(("%d: SSL3[%d]: resuming handshake", + SSL_GETPID(), ss->fd)); + PORT_Assert(!IS_DTLS(ss)); + rv = ssl3_HandleNonApplicationData(ss, content_handshake, + 0, 0, &ss->gs.buf); } else { /* State for SSLv2 client hello support. */ ssl2Gather ssl2gs = { PR_FALSE, 0 }; @@ -495,20 +517,14 @@ ssl3_GatherCompleteHandshake(sslSocket *ss, int flags) * If it's application data, ss->gs.buf will not be empty upon return. * If it's a change cipher spec, alert, or handshake message, * ss->gs.buf.len will be 0 when ssl3_HandleRecord returns SECSuccess. + * + * cText only needs to be valid for this next function call, so + * it can borrow gs.hdr. */ - cText.type = (SSL3ContentType)ss->gs.hdr[0]; - cText.version = (ss->gs.hdr[1] << 8) | ss->gs.hdr[2]; - - if (IS_DTLS(ss)) { - sslSequenceNumber seq_num; - - /* DTLS sequence number */ - PORT_Memcpy(&seq_num, &ss->gs.hdr[3], sizeof(seq_num)); - cText.seq_num = PR_ntohll(seq_num); - } - + cText.hdr = ss->gs.hdr; + cText.hdrLen = ss->gs.hdrLen; cText.buf = &ss->gs.inbuf; - rv = ssl3_HandleRecord(ss, &cText, &ss->gs.buf); + rv = ssl3_HandleRecord(ss, &cText); } } if (rv < 0) { @@ -520,7 +536,6 @@ ssl3_GatherCompleteHandshake(sslSocket *ss, int flags) * completing any renegotiation handshake we may be doing. */ PORT_Assert(ss->firstHsDone); - PORT_Assert(cText.type == content_application_data); break; } diff --git a/security/nss/lib/ssl/ssl3prot.h b/security/nss/lib/ssl/ssl3prot.h index d1f46db97..8e6cf2745 100644 --- a/security/nss/lib/ssl/ssl3prot.h +++ b/security/nss/lib/ssl/ssl3prot.h @@ -16,7 +16,7 @@ typedef PRUint16 SSL3ProtocolVersion; /* The TLS 1.3 draft version. Used to avoid negotiating * between incompatible pre-standard TLS 1.3 drafts. * TODO(ekr@rtfm.com): Remove when TLS 1.3 is published. */ -#define TLS_1_3_DRAFT_VERSION 23 +#define TLS_1_3_DRAFT_VERSION 28 typedef PRUint16 ssl3CipherSuite; /* The cipher suites are defined in sslproto.h */ diff --git a/security/nss/lib/ssl/sslcert.c b/security/nss/lib/ssl/sslcert.c index 6cd02e402..1c3ddb0e7 100644 --- a/security/nss/lib/ssl/sslcert.c +++ b/security/nss/lib/ssl/sslcert.c @@ -256,7 +256,8 @@ ssl_PopulateKeyPair(sslServerCert *sc, sslKeyPair *keyPair) /* Get the size of the cert's public key, and remember it. */ sc->serverKeyBits = SECKEY_PublicKeyStrengthInBits(keyPair->pubKey); - if (sc->serverKeyBits == 0) { + if (sc->serverKeyBits == 0 || + (keyType == rsaKey && sc->serverKeyBits > SSL_MAX_RSA_KEY_BITS)) { PORT_SetError(SEC_ERROR_INVALID_ARGS); return SECFailure; } diff --git a/security/nss/lib/ssl/sslerr.h b/security/nss/lib/ssl/sslerr.h index b94d0cc62..518a2b887 100644 --- a/security/nss/lib/ssl/sslerr.h +++ b/security/nss/lib/ssl/sslerr.h @@ -262,6 +262,8 @@ typedef enum { SSL_ERROR_TOO_MANY_KEY_UPDATES = (SSL_ERROR_BASE + 171), SSL_ERROR_HANDSHAKE_FAILED = (SSL_ERROR_BASE + 172), SSL_ERROR_BAD_RESUMPTION_TOKEN_ERROR = (SSL_ERROR_BASE + 173), + SSL_ERROR_RX_MALFORMED_DTLS_ACK = (SSL_ERROR_BASE + 174), + SSL_ERROR_DH_KEY_TOO_LONG = (SSL_ERROR_BASE + 175), SSL_ERROR_END_OF_LIST /* let the c compiler determine the value of this. */ } SSLErrorCodes; #endif /* NO_SECURITY_ERROR_ENUM */ diff --git a/security/nss/lib/ssl/sslimpl.h b/security/nss/lib/ssl/sslimpl.h index 10d0333d9..a2209e90a 100644 --- a/security/nss/lib/ssl/sslimpl.h +++ b/security/nss/lib/ssl/sslimpl.h @@ -121,6 +121,10 @@ typedef enum { SSLAppOpRead = 0, /* default number of entries in namedGroupPreferences */ #define SSL_NAMED_GROUP_COUNT 31 +/* The maximum DH and RSA bit-length supported. */ +#define SSL_MAX_DH_KEY_BITS 8192 +#define SSL_MAX_RSA_KEY_BITS 8192 + /* Types and names of elliptic curves used in TLS */ typedef enum { ec_type_explicitPrime = 1, /* not supported */ @@ -232,6 +236,7 @@ typedef struct sslOptionsStr { /* If SSL_SetNextProtoNego has been called, then this contains the * list of supported protocols. */ SECItem nextProtoNego; + PRUint16 recordSizeLimit; PRUint32 maxEarlyDataSize; unsigned int useSecurity : 1; @@ -251,7 +256,6 @@ typedef struct sslOptionsStr { unsigned int enableFalseStart : 1; unsigned int cbcRandomIV : 1; unsigned int enableOCSPStapling : 1; - unsigned int enableNPN : 1; unsigned int enableALPN : 1; unsigned int reuseServerECDHEKey : 1; unsigned int enableFallbackSCSV : 1; @@ -261,6 +265,7 @@ typedef struct sslOptionsStr { unsigned int requireDHENamedGroups : 1; unsigned int enable0RttData : 1; unsigned int enableTls13CompatMode : 1; + unsigned int enableDtlsShortHeader : 1; } sslOptions; typedef enum { sslHandshakingUndetermined = 0, @@ -325,9 +330,11 @@ struct sslGatherStr { ** than into buf or inbuf, while in the GS_HEADER state. ** The portion of the SSL record header put here always comes off the wire ** as plaintext, never ciphertext. - ** For SSL3/TLS, the plaintext portion is 5 bytes long. For DTLS it is 13. + ** For SSL3/TLS, the plaintext portion is 5 bytes long. For DTLS it + ** varies based on version and header type. */ unsigned char hdr[13]; + unsigned int hdrLen; /* Buffer for DTLS data read off the wire as a single datagram */ sslBuffer dtlsPacket; @@ -440,7 +447,7 @@ struct sslSessionIDStr { */ SECItem signedCertTimestamps; - /* The NPN/ALPN value negotiated in the original connection. + /* The ALPN value negotiated in the original connection. * Used for TLS 1.3. */ SECItem alpnSelection; @@ -780,9 +787,13 @@ struct ssl3StateStr { #define IS_DTLS(ss) (ss->protocolVariant == ssl_variant_datagram) typedef struct { - SSL3ContentType type; - SSL3ProtocolVersion version; - sslSequenceNumber seq_num; /* DTLS only */ + /* |seqNum| eventually contains the reconstructed sequence number. */ + sslSequenceNumber seqNum; + /* The header of the cipherText. */ + const PRUint8 *hdr; + unsigned int hdrLen; + + /* |buf| is the payload of the ciphertext. */ sslBuffer *buf; } SSL3Ciphertext; @@ -805,7 +816,7 @@ struct ssl3DHParamsStr { }; typedef struct SSLWrappedSymWrappingKeyStr { - PRUint8 wrappedSymmetricWrappingkey[512]; + PRUint8 wrappedSymmetricWrappingkey[SSL_MAX_RSA_KEY_BITS / 8]; CK_MECHANISM_TYPE symWrapMechanism; /* unwrapped symmetric wrapping key uses this mechanism */ CK_MECHANISM_TYPE asymWrapMechanism; @@ -1375,8 +1386,11 @@ SECStatus ssl3_SendClientHello(sslSocket *ss, sslClientHelloType type); /* * input into the SSL3 machinery from the actualy network reading code */ -SECStatus ssl3_HandleRecord( - sslSocket *ss, SSL3Ciphertext *cipher, sslBuffer *out); +SECStatus ssl3_HandleRecord(sslSocket *ss, SSL3Ciphertext *cipher); +SECStatus ssl3_HandleNonApplicationData(sslSocket *ss, SSL3ContentType rType, + DTLSEpoch epoch, + sslSequenceNumber seqNum, + sslBuffer *databuf); SECStatus ssl_RemoveTLSCBCPadding(sslBuffer *plaintext, unsigned int macSize); int ssl3_GatherAppDataRecord(sslSocket *ss, int flags); @@ -1537,8 +1551,8 @@ SECStatus ssl_GetSelfEncryptKeys(sslSocket *ss, unsigned char *keyName, PK11SymKey **encKey, PK11SymKey **macKey); void ssl_ResetSelfEncryptKeys(); -extern SECStatus ssl3_ValidateNextProtoNego(const unsigned char *data, - unsigned int length); +extern SECStatus ssl3_ValidateAppProtocol(const unsigned char *data, + unsigned int length); /* Construct a new NSPR socket for the app to use */ extern PRFileDesc *ssl_NewPRSocket(sslSocket *ss, PRFileDesc *fd); @@ -1636,6 +1650,9 @@ SSLHashType ssl_SignatureSchemeToHashType(SSLSignatureScheme scheme); KeyType ssl_SignatureSchemeToKeyType(SSLSignatureScheme scheme); SECStatus ssl3_SetupCipherSuite(sslSocket *ss, PRBool initHashes); +SECStatus ssl_InsertRecordHeader(const sslSocket *ss, ssl3CipherSpec *cwSpec, + SSL3ContentType contentType, sslBuffer *wrBuf, + PRBool *needsLength); /* Pull in DTLS functions */ #include "dtlscon.h" diff --git a/security/nss/lib/ssl/sslsecur.c b/security/nss/lib/ssl/sslsecur.c index f09ec067c..a1d389214 100644 --- a/security/nss/lib/ssl/sslsecur.c +++ b/security/nss/lib/ssl/sslsecur.c @@ -791,7 +791,7 @@ tls13_CheckKeyUpdate(sslSocket *ss, CipherSpecDirection dir) spec = ss->ssl3.cwSpec; margin = spec->cipherDef->max_records / 4; } - seqNum = spec->seqNum; + seqNum = spec->nextSeqNum; keyUpdate = seqNum > spec->cipherDef->max_records - margin; ssl_ReleaseSpecReadLock(ss); if (!keyUpdate) { @@ -922,21 +922,30 @@ ssl_SecureSend(sslSocket *ss, const unsigned char *buf, int len, int flags) */ if (!ss->firstHsDone) { PRBool allowEarlySend = PR_FALSE; + PRBool firstClientWrite = PR_FALSE; ssl_Get1stHandshakeLock(ss); - if (ss->opt.enableFalseStart || - (ss->opt.enable0RttData && !ss->sec.isServer)) { + /* The client can sometimes send before the handshake is fully + * complete. In TLS 1.2: false start; in TLS 1.3: 0-RTT. */ + if (!ss->sec.isServer && + (ss->opt.enableFalseStart || ss->opt.enable0RttData)) { ssl_GetSSL3HandshakeLock(ss); - /* The client can sometimes send before the handshake is fully - * complete. In TLS 1.2: false start; in TLS 1.3: 0-RTT. */ zeroRtt = ss->ssl3.hs.zeroRttState == ssl_0rtt_sent || ss->ssl3.hs.zeroRttState == ssl_0rtt_accepted; allowEarlySend = ss->ssl3.hs.canFalseStart || zeroRtt; + firstClientWrite = ss->ssl3.hs.ws == idle_handshake; ssl_ReleaseSSL3HandshakeLock(ss); } if (!allowEarlySend && ss->handshake) { rv = ssl_Do1stHandshake(ss); } + if (firstClientWrite) { + /* Wait until after sending ClientHello and double-check 0-RTT. */ + ssl_GetSSL3HandshakeLock(ss); + zeroRtt = ss->ssl3.hs.zeroRttState == ssl_0rtt_sent || + ss->ssl3.hs.zeroRttState == ssl_0rtt_accepted; + ssl_ReleaseSSL3HandshakeLock(ss); + } ssl_Release1stHandshakeLock(ss); } diff --git a/security/nss/lib/ssl/sslsock.c b/security/nss/lib/ssl/sslsock.c index e08d5e232..33595ffae 100644 --- a/security/nss/lib/ssl/sslsock.c +++ b/security/nss/lib/ssl/sslsock.c @@ -55,6 +55,7 @@ static const sslSocketOps ssl_secure_ops = { /* SSL. */ static sslOptions ssl_defaults = { .nextProtoNego = { siBuffer, NULL, 0 }, .maxEarlyDataSize = 1 << 16, + .recordSizeLimit = MAX_FRAGMENT_LENGTH + 1, .useSecurity = PR_TRUE, .useSocks = PR_FALSE, .requestCertificate = PR_FALSE, @@ -72,7 +73,6 @@ static sslOptions ssl_defaults = { .enableFalseStart = PR_FALSE, .cbcRandomIV = PR_TRUE, .enableOCSPStapling = PR_FALSE, - .enableNPN = PR_FALSE, .enableALPN = PR_TRUE, .reuseServerECDHEKey = PR_TRUE, .enableFallbackSCSV = PR_FALSE, @@ -81,7 +81,8 @@ static sslOptions ssl_defaults = { .enableSignedCertTimestamps = PR_FALSE, .requireDHENamedGroups = PR_FALSE, .enable0RttData = PR_FALSE, - .enableTls13CompatMode = PR_FALSE + .enableTls13CompatMode = PR_FALSE, + .enableDtlsShortHeader = PR_FALSE }; /* @@ -803,10 +804,23 @@ SSL_OptionSet(PRFileDesc *fd, PRInt32 which, PRIntn val) ss->opt.enable0RttData = val; break; + case SSL_RECORD_SIZE_LIMIT: + if (val < 64 || val > (MAX_FRAGMENT_LENGTH + 1)) { + PORT_SetError(SEC_ERROR_INVALID_ARGS); + rv = SECFailure; + } else { + ss->opt.recordSizeLimit = val; + } + break; + case SSL_ENABLE_TLS13_COMPAT_MODE: ss->opt.enableTls13CompatMode = val; break; + case SSL_ENABLE_DTLS_SHORT_HEADER: + ss->opt.enableDtlsShortHeader = val; + break; + default: PORT_SetError(SEC_ERROR_INVALID_ARGS); rv = SECFailure; @@ -914,7 +928,7 @@ SSL_OptionGet(PRFileDesc *fd, PRInt32 which, PRIntn *pVal) val = ss->opt.enableOCSPStapling; break; case SSL_ENABLE_NPN: - val = ss->opt.enableNPN; + val = PR_FALSE; break; case SSL_ENABLE_ALPN: val = ss->opt.enableALPN; @@ -940,9 +954,15 @@ SSL_OptionGet(PRFileDesc *fd, PRInt32 which, PRIntn *pVal) case SSL_ENABLE_0RTT_DATA: val = ss->opt.enable0RttData; break; + case SSL_RECORD_SIZE_LIMIT: + val = ss->opt.recordSizeLimit; + break; case SSL_ENABLE_TLS13_COMPAT_MODE: val = ss->opt.enableTls13CompatMode; break; + case SSL_ENABLE_DTLS_SHORT_HEADER: + val = ss->opt.enableDtlsShortHeader; + break; default: PORT_SetError(SEC_ERROR_INVALID_ARGS); rv = SECFailure; @@ -1037,7 +1057,7 @@ SSL_OptionGetDefault(PRInt32 which, PRIntn *pVal) val = ssl_defaults.enableOCSPStapling; break; case SSL_ENABLE_NPN: - val = ssl_defaults.enableNPN; + val = PR_FALSE; break; case SSL_ENABLE_ALPN: val = ssl_defaults.enableALPN; @@ -1060,9 +1080,15 @@ SSL_OptionGetDefault(PRInt32 which, PRIntn *pVal) case SSL_ENABLE_0RTT_DATA: val = ssl_defaults.enable0RttData; break; + case SSL_RECORD_SIZE_LIMIT: + val = ssl_defaults.recordSizeLimit; + break; case SSL_ENABLE_TLS13_COMPAT_MODE: val = ssl_defaults.enableTls13CompatMode; break; + case SSL_ENABLE_DTLS_SHORT_HEADER: + val = ssl_defaults.enableDtlsShortHeader; + break; default: PORT_SetError(SEC_ERROR_INVALID_ARGS); rv = SECFailure; @@ -1242,10 +1268,22 @@ SSL_OptionSetDefault(PRInt32 which, PRIntn val) ssl_defaults.enable0RttData = val; break; + case SSL_RECORD_SIZE_LIMIT: + if (val < 64 || val > (MAX_FRAGMENT_LENGTH + 1)) { + PORT_SetError(SEC_ERROR_INVALID_ARGS); + return SECFailure; + } + ssl_defaults.recordSizeLimit = val; + break; + case SSL_ENABLE_TLS13_COMPAT_MODE: ssl_defaults.enableTls13CompatMode = val; break; + case SSL_ENABLE_DTLS_SHORT_HEADER: + ssl_defaults.enableDtlsShortHeader = val; + break; + default: PORT_SetError(SEC_ERROR_INVALID_ARGS); return SECFailure; @@ -1895,10 +1933,7 @@ DTLS_ImportFD(PRFileDesc *model, PRFileDesc *fd) } /* SSL_SetNextProtoCallback is used to select an application protocol - * for ALPN and NPN. For ALPN, this runs on the server; for NPN it - * runs on the client. */ -/* Note: The ALPN version doesn't allow for the use of a default, setting a - * status of SSL_NEXT_PROTO_NO_OVERLAP is treated as a failure. */ + * for ALPN. */ SECStatus SSL_SetNextProtoCallback(PRFileDesc *fd, SSLNextProtoCallback callback, void *arg) @@ -1919,7 +1954,7 @@ SSL_SetNextProtoCallback(PRFileDesc *fd, SSLNextProtoCallback callback, return SECSuccess; } -/* ssl_NextProtoNegoCallback is set as an ALPN/NPN callback when +/* ssl_NextProtoNegoCallback is set as an ALPN callback when * SSL_SetNextProtoNego is used. */ static SECStatus @@ -1929,7 +1964,6 @@ ssl_NextProtoNegoCallback(void *arg, PRFileDesc *fd, unsigned int protoMaxLen) { unsigned int i, j; - const unsigned char *result; sslSocket *ss = ssl_FindSocket(fd); if (!ss) { @@ -1937,37 +1971,29 @@ ssl_NextProtoNegoCallback(void *arg, PRFileDesc *fd, SSL_GETPID(), fd)); return SECFailure; } + PORT_Assert(protoMaxLen <= 255); + if (protoMaxLen > 255) { + PORT_SetError(SEC_ERROR_OUTPUT_LEN); + return SECFailure; + } - /* For each protocol in server preference, see if we support it. */ - for (i = 0; i < protos_len;) { - for (j = 0; j < ss->opt.nextProtoNego.len;) { + /* For each protocol in client preference, see if we support it. */ + for (j = 0; j < ss->opt.nextProtoNego.len;) { + for (i = 0; i < protos_len;) { if (protos[i] == ss->opt.nextProtoNego.data[j] && PORT_Memcmp(&protos[i + 1], &ss->opt.nextProtoNego.data[j + 1], protos[i]) == 0) { /* We found a match. */ - ss->xtnData.nextProtoState = SSL_NEXT_PROTO_NEGOTIATED; - result = &protos[i]; - goto found; + const unsigned char *result = &protos[i]; + memcpy(protoOut, result + 1, result[0]); + *protoOutLen = result[0]; + return SECSuccess; } - j += 1 + (unsigned int)ss->opt.nextProtoNego.data[j]; + i += 1 + (unsigned int)protos[i]; } - i += 1 + (unsigned int)protos[i]; + j += 1 + (unsigned int)ss->opt.nextProtoNego.data[j]; } - /* The other side supports the extension, and either doesn't have any - * protocols configured, or none of its options match ours. In this case we - * request our favoured protocol. */ - /* This will be treated as a failure for ALPN. */ - ss->xtnData.nextProtoState = SSL_NEXT_PROTO_NO_OVERLAP; - result = ss->opt.nextProtoNego.data; - -found: - if (protoMaxLen < result[0]) { - PORT_SetError(SEC_ERROR_OUTPUT_LEN); - return SECFailure; - } - memcpy(protoOut, result + 1, result[0]); - *protoOutLen = result[0]; return SECSuccess; } @@ -1976,8 +2002,6 @@ SSL_SetNextProtoNego(PRFileDesc *fd, const unsigned char *data, unsigned int length) { sslSocket *ss; - SECStatus rv; - SECItem dataItem = { siBuffer, (unsigned char *)data, length }; ss = ssl_FindSocket(fd); if (!ss) { @@ -1986,17 +2010,22 @@ SSL_SetNextProtoNego(PRFileDesc *fd, const unsigned char *data, return SECFailure; } - if (ssl3_ValidateNextProtoNego(data, length) != SECSuccess) + if (ssl3_ValidateAppProtocol(data, length) != SECSuccess) { return SECFailure; + } + /* NPN required that the client's fallback protocol is first in the + * list. However, ALPN sends protocols in preference order. So move the + * first protocol to the end of the list. */ ssl_GetSSL3HandshakeLock(ss); SECITEM_FreeItem(&ss->opt.nextProtoNego, PR_FALSE); - rv = SECITEM_CopyItem(NULL, &ss->opt.nextProtoNego, &dataItem); + SECITEM_AllocItem(NULL, &ss->opt.nextProtoNego, length); + size_t firstLen = data[0] + 1; + /* firstLen <= length is ensured by ssl3_ValidateAppProtocol. */ + PORT_Memcpy(ss->opt.nextProtoNego.data + (length - firstLen), data, firstLen); + PORT_Memcpy(ss->opt.nextProtoNego.data, data + firstLen, length - firstLen); ssl_ReleaseSSL3HandshakeLock(ss); - if (rv != SECSuccess) - return rv; - return SSL_SetNextProtoCallback(fd, ssl_NextProtoNegoCallback, NULL); } @@ -3034,26 +3063,27 @@ ssl_Poll(PRFileDesc *fd, PRInt16 how_flags, PRInt16 *p_out_flags) } else { /* handshaking as server */ new_flags |= PR_POLL_READ; } - } else + } else if (ss->lastWriteBlocked) { /* First handshake is in progress */ - if (ss->lastWriteBlocked) { if (new_flags & PR_POLL_READ) { /* The caller is waiting for data to be received, ** but the initial handshake is blocked on write, or the ** client's first handshake record has not been written. ** The code should select on write, not read. */ - new_flags ^= PR_POLL_READ; /* don't select on read. */ + new_flags &= ~PR_POLL_READ; /* don't select on read. */ new_flags |= PR_POLL_WRITE; /* do select on write. */ } } else if (new_flags & PR_POLL_WRITE) { /* The caller is trying to write, but the handshake is ** blocked waiting for data to read, and the first ** handshake has been sent. So do NOT to poll on write - ** unless we did false start. + ** unless we did false start or we are doing 0-RTT. */ - if (!ss->ssl3.hs.canFalseStart) { - new_flags ^= PR_POLL_WRITE; /* don't select on write. */ + if (!(ss->ssl3.hs.canFalseStart || + ss->ssl3.hs.zeroRttState == ssl_0rtt_sent || + ss->ssl3.hs.zeroRttState == ssl_0rtt_accepted)) { + new_flags &= ~PR_POLL_WRITE; /* don't select on write. */ } new_flags |= PR_POLL_READ; /* do select on read. */ } @@ -3093,6 +3123,9 @@ ssl_Poll(PRFileDesc *fd, PRInt16 how_flags, PRInt16 *p_out_flags) } } + SSL_TRC(20, ("%d: SSL[%d]: ssl_Poll flags %x -> %x", + SSL_GETPID(), fd, how_flags, new_flags)); + if (new_flags && (fd->lower->methods->poll != NULL)) { PRInt16 lower_out_flags = 0; PRInt16 lower_new_flags; diff --git a/security/nss/lib/ssl/sslspec.c b/security/nss/lib/ssl/sslspec.c index 26c3eb546..7833eeab6 100644 --- a/security/nss/lib/ssl/sslspec.c +++ b/security/nss/lib/ssl/sslspec.c @@ -143,6 +143,7 @@ ssl_CreateCipherSpec(sslSocket *ss, CipherSpecDirection direction) spec->refCt = 1; spec->version = ss->version; spec->direction = direction; + spec->recordSizeLimit = MAX_FRAGMENT_LENGTH; SSL_TRC(10, ("%d: SSL[%d]: new %s spec %d ct=%d", SSL_GETPID(), ss->fd, SPEC_DIR(spec), spec, spec->refCt)); diff --git a/security/nss/lib/ssl/sslspec.h b/security/nss/lib/ssl/sslspec.h index 729ac1006..b25601755 100644 --- a/security/nss/lib/ssl/sslspec.h +++ b/security/nss/lib/ssl/sslspec.h @@ -162,12 +162,18 @@ struct ssl3CipherSpecStr { DTLSEpoch epoch; const char *phase; - sslSequenceNumber seqNum; + + /* The next sequence number to be sent or received. */ + sslSequenceNumber nextSeqNum; DTLSRecvdRecords recvdRecords; /* The number of 0-RTT bytes that can be sent or received in TLS 1.3. This * will be zero for everything but 0-RTT. */ PRUint32 earlyDataRemaining; + /* The maximum plaintext length. This differs from the configured or + * negotiated value for TLS 1.3; it is reduced by one to account for the + * content type octet. */ + PRUint16 recordSizeLimit; }; typedef void (*sslCipherSpecChangedFunc)(void *arg, diff --git a/security/nss/lib/ssl/sslt.h b/security/nss/lib/ssl/sslt.h index e2b80fb43..bb1bec7a3 100644 --- a/security/nss/lib/ssl/sslt.h +++ b/security/nss/lib/ssl/sslt.h @@ -432,6 +432,7 @@ typedef enum { ssl_signed_cert_timestamp_xtn = 18, ssl_padding_xtn = 21, ssl_extended_master_secret_xtn = 23, + ssl_record_size_limit_xtn = 28, ssl_session_ticket_xtn = 35, /* 40 was used in draft versions of TLS 1.3; it is now reserved. */ ssl_tls13_pre_shared_key_xtn = 41, @@ -454,7 +455,7 @@ typedef enum { /* SSL_MAX_EXTENSIONS includes the maximum number of extensions that are * supported for any single message type. That is, a ClientHello; ServerHello * and TLS 1.3 NewSessionTicket and HelloRetryRequest extensions have fewer. */ -#define SSL_MAX_EXTENSIONS 20 +#define SSL_MAX_EXTENSIONS 21 /* Deprecated */ typedef enum { diff --git a/security/nss/lib/ssl/tls13con.c b/security/nss/lib/ssl/tls13con.c index c06acc83a..4d9170fb0 100644 --- a/security/nss/lib/ssl/tls13con.c +++ b/security/nss/lib/ssl/tls13con.c @@ -792,7 +792,7 @@ tls13_HandleKeyUpdate(sslSocket *ss, PRUint8 *b, unsigned int length) /* Only send an update if we have sent with the current spec. This * prevents us from being forced to crank forward pointlessly. */ ssl_GetSpecReadLock(ss); - sendUpdate = ss->ssl3.cwSpec->seqNum > 0; + sendUpdate = ss->ssl3.cwSpec->nextSeqNum > 0; ssl_ReleaseSpecReadLock(ss); } else { sendUpdate = PR_TRUE; @@ -1620,7 +1620,7 @@ tls13_HandleClientHelloPart2(sslSocket *ss, ssl_GetSpecWriteLock(ss); /* Increase the write sequence number. The read sequence number * will be reset after this to early data or handshake. */ - ss->ssl3.cwSpec->seqNum = 1; + ss->ssl3.cwSpec->nextSeqNum = 1; ssl_ReleaseSpecWriteLock(ss); } @@ -2007,7 +2007,7 @@ tls13_SendHelloRetryRequest(sslSocket *ss, /* We depend on this being exactly one record and one message. */ PORT_Assert(!IS_DTLS(ss) || (ss->ssl3.hs.sendMessageSeq == 1 && - ss->ssl3.cwSpec->seqNum == 1)); + ss->ssl3.cwSpec->nextSeqNum == 1)); ssl_ReleaseXmitBufLock(ss); ss->ssl3.hs.helloRetry = PR_TRUE; @@ -2209,6 +2209,8 @@ tls13_HandleHelloRetryRequest(sslSocket *ss, const PRUint8 *savedMsg, } else { PORT_Assert(ss->ssl3.hs.zeroRttState == ssl_0rtt_none); } + /* Set the spec version, because we want to send CH now with 0303 */ + tls13_SetSpecRecordVersion(ss, ss->ssl3.cwSpec); /* Extensions must contain more than just supported_versions. This will * ensure that a HelloRetryRequest isn't a no-op: we must have at least two @@ -2248,6 +2250,7 @@ tls13_HandleHelloRetryRequest(sslSocket *ss, const PRUint8 *savedMsg, goto loser; } } + rv = ssl3_SendClientHello(ss, client_hello_retry); if (rv != SECSuccess) { goto loser; @@ -3251,6 +3254,17 @@ tls13_SetupPendingCipherSpec(sslSocket *ss, ssl3CipherSpec *spec) } tls13_SetSpecRecordVersion(ss, spec); + + /* The record size limit is reduced by one so that the remainder of the + * record handling code can use the same checks for all versions. */ + if (ssl3_ExtensionNegotiated(ss, ssl_record_size_limit_xtn)) { + spec->recordSizeLimit = ((spec->direction == CipherSpecRead) + ? ss->opt.recordSizeLimit + : ss->xtnData.recordSizeLimit) - + 1; + } else { + spec->recordSizeLimit = MAX_FRAGMENT_LENGTH; + } return SECSuccess; } @@ -3316,7 +3330,7 @@ tls13_SetCipherSpec(sslSocket *ss, PRUint16 epoch, return SECFailure; } spec->epoch = epoch; - spec->seqNum = 0; + spec->nextSeqNum = 0; if (IS_DTLS(ss)) { dtls_InitRecvdRecords(&spec->recvdRecords); } @@ -3536,14 +3550,15 @@ tls13_AESGCM(ssl3KeyMaterial *keys, CK_GCM_PARAMS gcmParams; unsigned char nonce[12]; + PORT_Assert(additionalDataLen > 8); memset(&gcmParams, 0, sizeof(gcmParams)); gcmParams.pIv = nonce; gcmParams.ulIvLen = sizeof(nonce); - gcmParams.pAAD = NULL; - gcmParams.ulAADLen = 0; + gcmParams.pAAD = (PRUint8 *)(additionalData + 8); + gcmParams.ulAADLen = additionalDataLen - 8; gcmParams.ulTagBits = 128; /* GCM measures tag length in bits. */ - tls13_WriteNonce(keys, additionalData, additionalDataLen, + tls13_WriteNonce(keys, additionalData, 8, nonce, sizeof(nonce)); return tls13_AEAD(keys, doDecrypt, out, outlen, maxout, in, inlen, CKM_AES_GCM, @@ -3560,14 +3575,15 @@ tls13_ChaCha20Poly1305(ssl3KeyMaterial *keys, PRBool doDecrypt, CK_NSS_AEAD_PARAMS aeadParams; unsigned char nonce[12]; + PORT_Assert(additionalDataLen > 8); memset(&aeadParams, 0, sizeof(aeadParams)); aeadParams.pNonce = nonce; aeadParams.ulNonceLen = sizeof(nonce); - aeadParams.pAAD = NULL; /* No AAD in TLS 1.3. */ - aeadParams.ulAADLen = 0; + aeadParams.pAAD = (PRUint8 *)(additionalData + 8); + aeadParams.ulAADLen = additionalDataLen - 8; aeadParams.ulTagLen = 16; /* The Poly1305 tag is 16 octets. */ - tls13_WriteNonce(keys, additionalData, additionalDataLen, + tls13_WriteNonce(keys, additionalData, 8, nonce, sizeof(nonce)); return tls13_AEAD(keys, doDecrypt, out, outlen, maxout, in, inlen, CKM_NSS_CHACHA20_POLY1305, @@ -3579,7 +3595,7 @@ tls13_HandleEncryptedExtensions(sslSocket *ss, PRUint8 *b, PRUint32 length) { SECStatus rv; PRUint32 innerLength; - SECItem oldNpn = { siBuffer, NULL, 0 }; + SECItem oldAlpn = { siBuffer, NULL, 0 }; PORT_Assert(ss->opt.noLocks || ssl_HaveRecvBufLock(ss)); PORT_Assert(ss->opt.noLocks || ssl_HaveSSL3HandshakeLock(ss)); @@ -3603,11 +3619,11 @@ tls13_HandleEncryptedExtensions(sslSocket *ss, PRUint8 *b, PRUint32 length) return SECFailure; } - /* If we are doing 0-RTT, then we already have an NPN value. Stash + /* If we are doing 0-RTT, then we already have an ALPN value. Stash * it for comparison. */ if (ss->ssl3.hs.zeroRttState == ssl_0rtt_sent && ss->xtnData.nextProtoState == SSL_NEXT_PROTO_EARLY_VALUE) { - oldNpn = ss->xtnData.nextProto; + oldAlpn = ss->xtnData.nextProto; ss->xtnData.nextProto.data = NULL; ss->xtnData.nextProtoState = SSL_NEXT_PROTO_NO_SUPPORT; } @@ -3627,8 +3643,8 @@ tls13_HandleEncryptedExtensions(sslSocket *ss, PRUint8 *b, PRUint32 length) ss->ssl3.hs.zeroRttState = ssl_0rtt_accepted; /* Check that the server negotiated the same ALPN (if any). */ - if (SECITEM_CompareItem(&oldNpn, &ss->xtnData.nextProto)) { - SECITEM_FreeItem(&oldNpn, PR_FALSE); + if (SECITEM_CompareItem(&oldAlpn, &ss->xtnData.nextProto)) { + SECITEM_FreeItem(&oldAlpn, PR_FALSE); FATAL_ERROR(ss, SSL_ERROR_NEXT_PROTOCOL_DATA_INVALID, illegal_parameter); return SECFailure; @@ -3650,7 +3666,7 @@ tls13_HandleEncryptedExtensions(sslSocket *ss, PRUint8 *b, PRUint32 length) ss->ssl3.hs.zeroRttState == ssl_0rtt_ignored)); } - SECITEM_FreeItem(&oldNpn, PR_FALSE); + SECITEM_FreeItem(&oldAlpn, PR_FALSE); if (ss->ssl3.hs.kea_def->authKeyType == ssl_auth_psk) { TLS13_SET_HS_STATE(ss, wait_finished); } else { @@ -3815,13 +3831,14 @@ tls13_HandleCertificateVerify(sslSocket *ss, PRUint8 *b, PRUint32 length) rv = ssl_ConsumeSignatureScheme(ss, &b, &length, &sigScheme); if (rv != SECSuccess) { - PORT_SetError(SSL_ERROR_RX_MALFORMED_CERT_VERIFY); + FATAL_ERROR(ss, SSL_ERROR_RX_MALFORMED_CERT_VERIFY, illegal_parameter); return SECFailure; } rv = ssl_CheckSignatureSchemeConsistency(ss, sigScheme, ss->sec.peerCert); if (rv != SECSuccess) { /* Error set already */ + FATAL_ERROR(ss, PORT_GetError(), illegal_parameter); return SECFailure; } hashAlg = ssl_SignatureSchemeToHashType(sigScheme); @@ -4740,7 +4757,8 @@ static const struct { { ssl_tls13_cookie_xtn, _M2(client_hello, hello_retry_request) }, { ssl_tls13_certificate_authorities_xtn, _M1(certificate_request) }, { ssl_tls13_supported_versions_xtn, _M3(client_hello, server_hello, - hello_retry_request) } + hello_retry_request) }, + { ssl_record_size_limit_xtn, _M2(client_hello, encrypted_extensions) } }; tls13ExtensionStatus @@ -4780,19 +4798,20 @@ tls13_ExtensionStatus(PRUint16 extension, SSLHandshakeType message) #undef _M2 #undef _M3 -/* TLS 1.3 doesn't actually have additional data but the aead function - * signature overloads additional data to carry the record sequence - * number and that's what we put here. The TLS 1.3 AEAD functions - * just use this input as the sequence number and not as additional - * data. */ +/* We cheat a bit on additional data because the AEAD interface + * which doesn't have room for the record number. The AAD we + * format is serialized record number followed by the true AD + * (i.e., the record header) plus the serialized record number. */ static SECStatus -tls13_FormatAdditionalData(sslSocket *ss, PRUint8 *aad, unsigned int length, - DTLSEpoch epoch, sslSequenceNumber seqNum) +tls13_FormatAdditionalData( + sslSocket *ss, + const PRUint8 *header, unsigned int headerLen, + DTLSEpoch epoch, sslSequenceNumber seqNum, + PRUint8 *aad, unsigned int *aadLength, unsigned int maxLength) { SECStatus rv; - sslBuffer buf = SSL_BUFFER_FIXED(aad, length); + sslBuffer buf = SSL_BUFFER_FIXED(aad, maxLength); - PORT_Assert(length == 8); if (IS_DTLS(ss)) { rv = sslBuffer_AppendNumber(&buf, epoch, 2); if (rv != SECSuccess) { @@ -4803,6 +4822,14 @@ tls13_FormatAdditionalData(sslSocket *ss, PRUint8 *aad, unsigned int length, if (rv != SECSuccess) { return SECFailure; } + + rv = sslBuffer_Append(&buf, header, headerLen); + if (rv != SECSuccess) { + return SECFailure; + } + + *aadLength = buf.len; + return SECSuccess; } @@ -4843,43 +4870,68 @@ tls13_ProtectRecord(sslSocket *ss, PORT_Assert(cwSpec->direction == CipherSpecWrite); SSL_TRC(3, ("%d: TLS13[%d]: spec=%d epoch=%d (%s) protect 0x%0llx len=%u", SSL_GETPID(), ss->fd, cwSpec, cwSpec->epoch, cwSpec->phase, - cwSpec->seqNum, contentLen)); + cwSpec->nextSeqNum, contentLen)); - if (contentLen + 1 + tagLen > wrBuf->space) { + if (contentLen + 1 + tagLen > SSL_BUFFER_SPACE(wrBuf)) { PORT_SetError(SEC_ERROR_LIBRARY_FAILURE); return SECFailure; } /* Copy the data into the wrBuf. We're going to encrypt in-place * in the AEAD branch anyway */ - PORT_Memcpy(wrBuf->buf, pIn, contentLen); + PORT_Memcpy(SSL_BUFFER_NEXT(wrBuf), pIn, contentLen); if (cipher_def->calg == ssl_calg_null) { /* Shortcut for plaintext */ - wrBuf->len = contentLen; + rv = sslBuffer_Skip(wrBuf, contentLen, NULL); + PORT_Assert(rv == SECSuccess); } else { - PRUint8 aad[8]; + PRUint8 hdr[13]; + sslBuffer buf = SSL_BUFFER_FIXED(hdr, sizeof(hdr)); + PRBool needsLength; + PRUint8 aad[21]; + unsigned int aadLen; + int len; + PORT_Assert(cipher_def->type == type_aead); /* Add the content type at the end. */ - wrBuf->buf[contentLen] = type; + *(SSL_BUFFER_NEXT(wrBuf) + contentLen) = type; - rv = tls13_FormatAdditionalData(ss, aad, sizeof(aad), cwSpec->epoch, - cwSpec->seqNum); + /* Create the header (ugly that we have to do it twice). */ + rv = ssl_InsertRecordHeader(ss, cwSpec, content_application_data, + &buf, &needsLength); + if (rv != SECSuccess) { + return SECFailure; + } + if (needsLength) { + rv = sslBuffer_AppendNumber(&buf, contentLen + 1 + + cwSpec->cipherDef->tag_size, + 2); + if (rv != SECSuccess) { + return SECFailure; + } + } + rv = tls13_FormatAdditionalData(ss, SSL_BUFFER_BASE(&buf), SSL_BUFFER_LEN(&buf), + cwSpec->epoch, cwSpec->nextSeqNum, + aad, &aadLen, sizeof(aad)); if (rv != SECSuccess) { return SECFailure; } rv = cwSpec->aead(&cwSpec->keyMaterial, - PR_FALSE, /* do encrypt */ - wrBuf->buf, /* output */ - (int *)&wrBuf->len, /* out len */ - wrBuf->space, /* max out */ - wrBuf->buf, contentLen + 1, /* input */ - aad, sizeof(aad)); + PR_FALSE, /* do encrypt */ + SSL_BUFFER_NEXT(wrBuf), /* output */ + &len, /* out len */ + SSL_BUFFER_SPACE(wrBuf), /* max out */ + SSL_BUFFER_NEXT(wrBuf), /* input */ + contentLen + 1, /* input len */ + aad, aadLen); if (rv != SECSuccess) { PORT_SetError(SSL_ERROR_ENCRYPTION_FAILURE); return SECFailure; } + rv = sslBuffer_Skip(wrBuf, len, NULL); + PORT_Assert(rv == SECSuccess); } return SECSuccess; @@ -4897,25 +4949,22 @@ tls13_ProtectRecord(sslSocket *ss, SECStatus tls13_UnprotectRecord(sslSocket *ss, ssl3CipherSpec *spec, - SSL3Ciphertext *cText, sslBuffer *plaintext, + SSL3Ciphertext *cText, + sslBuffer *plaintext, + SSL3ContentType *innerType, SSL3AlertDescription *alert) { const ssl3BulkCipherDef *cipher_def = spec->cipherDef; - sslSequenceNumber seqNum; - PRUint8 aad[8]; + PRUint8 aad[21]; + unsigned int aadLen; SECStatus rv; *alert = bad_record_mac; /* Default alert for most issues. */ PORT_Assert(spec->direction == CipherSpecRead); - if (IS_DTLS(ss)) { - seqNum = cText->seq_num & RECORD_SEQ_MASK; - } else { - seqNum = spec->seqNum; - } SSL_TRC(3, ("%d: TLS13[%d]: spec=%d epoch=%d (%s) unprotect 0x%0llx len=%u", - SSL_GETPID(), ss->fd, spec, spec->epoch, spec->phase, seqNum, - cText->buf->len)); + SSL_GETPID(), ss->fd, spec, spec->epoch, spec->phase, + cText->seqNum, cText->buf->len)); /* We can perform this test in variable time because the record's total * length and the ciphersuite are both public knowledge. */ @@ -4927,28 +4976,38 @@ tls13_UnprotectRecord(sslSocket *ss, return SECFailure; } - /* Verify that the content type is right, even though we overwrite it. */ - if (cText->type != content_application_data) { + /* Verify that the content type is right, even though we overwrite it. + * Also allow the DTLS short header in TLS 1.3. */ + if (!(cText->hdr[0] == content_application_data || + (IS_DTLS(ss) && + ss->version >= SSL_LIBRARY_VERSION_TLS_1_3 && + (cText->hdr[0] & 0xe0) == 0x20))) { SSL_TRC(3, - ("%d: TLS13[%d]: record has invalid exterior content type=%d", - SSL_GETPID(), ss->fd, cText->type)); + ("%d: TLS13[%d]: record has invalid exterior type=%2.2x", + SSL_GETPID(), ss->fd, cText->hdr[0])); /* Do we need a better error here? */ PORT_SetError(SSL_ERROR_BAD_MAC_READ); return SECFailure; } - /* Check the version number in the record. */ - if (cText->version != spec->recordVersion) { - /* Do we need a better error here? */ - SSL_TRC(3, - ("%d: TLS13[%d]: record has bogus version", - SSL_GETPID(), ss->fd)); - return SECFailure; + /* Check the version number in the record. Stream only. */ + if (!IS_DTLS(ss)) { + SSL3ProtocolVersion version = + ((SSL3ProtocolVersion)cText->hdr[1] << 8) | + (SSL3ProtocolVersion)cText->hdr[2]; + if (version != spec->recordVersion) { + /* Do we need a better error here? */ + SSL_TRC(3, ("%d: TLS13[%d]: record has bogus version", + SSL_GETPID(), ss->fd)); + return SECFailure; + } } /* Decrypt */ PORT_Assert(cipher_def->type == type_aead); - rv = tls13_FormatAdditionalData(ss, aad, sizeof(aad), spec->epoch, seqNum); + rv = tls13_FormatAdditionalData(ss, cText->hdr, cText->hdrLen, + spec->epoch, cText->seqNum, + aad, &aadLen, sizeof(aad)); if (rv != SECSuccess) { return SECFailure; } @@ -4959,7 +5018,7 @@ tls13_UnprotectRecord(sslSocket *ss, plaintext->space, /* maxout */ cText->buf->buf, /* in */ cText->buf->len, /* inlen */ - aad, sizeof(aad)); + aad, aadLen); if (rv != SECSuccess) { SSL_TRC(3, ("%d: TLS13[%d]: record has bogus MAC", @@ -4968,6 +5027,16 @@ tls13_UnprotectRecord(sslSocket *ss, return SECFailure; } + /* There is a similar test in ssl3_HandleRecord, but this test is needed to + * account for padding. It's safe to do this here (including the alert), + * because it only confirms that the record exceeded the size limit, which + * is apparent from the size of the ciphertext. */ + if (plaintext->len > spec->recordSizeLimit + 1) { + SSL3_SendAlert(ss, alert_fatal, record_overflow); + PORT_SetError(SSL_ERROR_RX_RECORD_TOO_LONG); + return SECFailure; + } + /* The record is right-padded with 0s, followed by the true * content type, so read from the right until we receive a * nonzero byte. */ @@ -4977,9 +5046,7 @@ tls13_UnprotectRecord(sslSocket *ss, /* Bogus padding. */ if (plaintext->len < 1) { - SSL_TRC(3, - ("%d: TLS13[%d]: empty record", - SSL_GETPID(), ss->fd, cText->type)); + SSL_TRC(3, ("%d: TLS13[%d]: empty record", SSL_GETPID(), ss->fd)); /* It's safe to report this specifically because it happened * after the MAC has been verified. */ PORT_SetError(SSL_ERROR_BAD_BLOCK_PADDING); @@ -4987,12 +5054,12 @@ tls13_UnprotectRecord(sslSocket *ss, } /* Record the type. */ - cText->type = plaintext->buf[plaintext->len - 1]; + *innerType = (SSL3ContentType)plaintext->buf[plaintext->len - 1]; --plaintext->len; /* Check that we haven't received too much 0-RTT data. */ if (spec->epoch == TrafficKeyEarlyApplicationData && - cText->type == content_application_data) { + *innerType == content_application_data) { if (plaintext->len > spec->earlyDataRemaining) { *alert = unexpected_message; PORT_SetError(SSL_ERROR_TOO_MUCH_EARLY_DATA); @@ -5002,9 +5069,8 @@ tls13_UnprotectRecord(sslSocket *ss, } SSL_TRC(10, - ("%d: TLS13[%d]: %s received record of length=%d type=%d", - SSL_GETPID(), ss->fd, SSL_ROLE(ss), - plaintext->len, cText->type)); + ("%d: TLS13[%d]: %s received record of length=%d, type=%d", + SSL_GETPID(), ss->fd, SSL_ROLE(ss), plaintext->len, *innerType)); return SECSuccess; } @@ -5227,6 +5293,58 @@ tls13_EncodeDraftVersion(SSL3ProtocolVersion version) return (PRUint16)version; } +SECStatus +tls13_ClientReadSupportedVersion(sslSocket *ss) +{ + PRUint32 temp; + SSL3ProtocolVersion v; + TLSExtension *versionExtension; + SECItem it; + SECStatus rv; + + /* Update the version based on the extension, as necessary. */ + versionExtension = ssl3_FindExtension(ss, ssl_tls13_supported_versions_xtn); + if (!versionExtension) { + return SECSuccess; + } + + /* Struct copy so we don't damage the extension. */ + it = versionExtension->data; + + rv = ssl3_ConsumeHandshakeNumber(ss, &temp, 2, &it.data, &it.len); + if (rv != SECSuccess) { + return SECFailure; + } + if (it.len) { + FATAL_ERROR(ss, SSL_ERROR_RX_MALFORMED_SERVER_HELLO, illegal_parameter); + return SECFailure; + } + v = (SSL3ProtocolVersion)temp; + + /* You cannot negotiate < TLS 1.3 with supported_versions. */ + if (v < SSL_LIBRARY_VERSION_TLS_1_3) { + FATAL_ERROR(ss, SSL_ERROR_RX_MALFORMED_SERVER_HELLO, illegal_parameter); + return SECFailure; + } + +#ifdef TLS_1_3_DRAFT_VERSION + if (temp == SSL_LIBRARY_VERSION_TLS_1_3) { + FATAL_ERROR(ss, SSL_ERROR_UNSUPPORTED_VERSION, protocol_version); + return SECFailure; + } + if (temp == tls13_EncodeDraftVersion(SSL_LIBRARY_VERSION_TLS_1_3)) { + v = SSL_LIBRARY_VERSION_TLS_1_3; + } else { + v = (SSL3ProtocolVersion)temp; + } +#else + v = (SSL3ProtocolVersion)temp; +#endif + + ss->version = v; + return SECSuccess; +} + /* Pick the highest version we support that is also advertised. */ SECStatus tls13_NegotiateVersion(sslSocket *ss, const TLSExtension *supportedVersions) diff --git a/security/nss/lib/ssl/tls13con.h b/security/nss/lib/ssl/tls13con.h index 1aaffb651..f35b20023 100644 --- a/security/nss/lib/ssl/tls13con.h +++ b/security/nss/lib/ssl/tls13con.h @@ -28,6 +28,7 @@ typedef enum { SECStatus tls13_UnprotectRecord( sslSocket *ss, ssl3CipherSpec *spec, SSL3Ciphertext *cText, sslBuffer *plaintext, + SSL3ContentType *innerType, SSL3AlertDescription *alert); #if defined(WIN32) @@ -101,6 +102,7 @@ PRInt32 tls13_Read0RttData(sslSocket *ss, void *buf, PRInt32 len); SECStatus tls13_HandleEarlyApplicationData(sslSocket *ss, sslBuffer *origBuf); PRBool tls13_ClientAllow0Rtt(const sslSocket *ss, const sslSessionID *sid); PRUint16 tls13_EncodeDraftVersion(SSL3ProtocolVersion version); +SECStatus tls13_ClientReadSupportedVersion(sslSocket *ss); SECStatus tls13_NegotiateVersion(sslSocket *ss, const TLSExtension *supported_versions); diff --git a/security/nss/lib/ssl/tls13exthandle.c b/security/nss/lib/ssl/tls13exthandle.c index 899f23827..1ab8a8e59 100644 --- a/security/nss/lib/ssl/tls13exthandle.c +++ b/security/nss/lib/ssl/tls13exthandle.c @@ -860,12 +860,12 @@ tls13_ServerHandleCookieXtn(const sslSocket *ss, TLSExtensionData *xtnData, } if (xtnData->cookie.len == 0) { - PORT_SetError(SSL_ERROR_RX_MALFORMED_SERVER_HELLO); + PORT_SetError(SSL_ERROR_RX_MALFORMED_CLIENT_HELLO); return SECFailure; } if (data->len) { - PORT_SetError(SSL_ERROR_RX_MALFORMED_SERVER_HELLO); + PORT_SetError(SSL_ERROR_RX_MALFORMED_CLIENT_HELLO); return SECFailure; } diff --git a/security/nss/lib/util/nssutil.def b/security/nss/lib/util/nssutil.def index 936455f6e..26e438ba6 100644 --- a/security/nss/lib/util/nssutil.def +++ b/security/nss/lib/util/nssutil.def @@ -322,4 +322,9 @@ _NSSUTIL_UTF8ToWide;- _NSSUTIL_Access;- ;- local: ;- *; -;-}; +;+NSSUTIL_3.38 { # NSS Utilities 3.38 release +;+ global: +SECITEM_MakeItem; +;+ local: +;+ *; +;+}; diff --git a/security/nss/lib/util/nssutil.h b/security/nss/lib/util/nssutil.h index b65d4a0c9..2749abaa1 100644 --- a/security/nss/lib/util/nssutil.h +++ b/security/nss/lib/util/nssutil.h @@ -19,10 +19,10 @@ * The format of the version string should be * "<major version>.<minor version>[.<patch level>[.<build number>]][ <Beta>]" */ -#define NSSUTIL_VERSION "3.36.4" +#define NSSUTIL_VERSION "3.38" #define NSSUTIL_VMAJOR 3 -#define NSSUTIL_VMINOR 36 -#define NSSUTIL_VPATCH 4 +#define NSSUTIL_VMINOR 38 +#define NSSUTIL_VPATCH 0 #define NSSUTIL_VBUILD 0 #define NSSUTIL_BETA PR_FALSE diff --git a/security/nss/lib/util/pkcs11t.h b/security/nss/lib/util/pkcs11t.h index c945f314e..01ff8a572 100644 --- a/security/nss/lib/util/pkcs11t.h +++ b/security/nss/lib/util/pkcs11t.h @@ -466,6 +466,8 @@ typedef CK_ULONG CK_ATTRIBUTE_TYPE; #define CKA_EXPONENT_1 0x00000126 #define CKA_EXPONENT_2 0x00000127 #define CKA_COEFFICIENT 0x00000128 +/* CKA_PUBLIC_KEY_INFO is new for v2.40 */ +#define CKA_PUBLIC_KEY_INFO 0x00000129 #define CKA_PRIME 0x00000130 #define CKA_SUBPRIME 0x00000131 #define CKA_BASE 0x00000132 diff --git a/security/nss/lib/util/secasn1d.c b/security/nss/lib/util/secasn1d.c index ccd97481d..ed237ed72 100644 --- a/security/nss/lib/util/secasn1d.c +++ b/security/nss/lib/util/secasn1d.c @@ -2987,7 +2987,9 @@ SEC_ASN1DecoderFinish(SEC_ASN1DecoderContext *cx) * XXX anything else that needs to be finished? */ - PORT_FreeArena(cx->our_pool, PR_TRUE); + if (cx) { + PORT_FreeArena(cx->our_pool, PR_TRUE); + } return rv; } diff --git a/security/nss/lib/util/secitem.c b/security/nss/lib/util/secitem.c index 22c5b1f6e..1e505a9af 100644 --- a/security/nss/lib/util/secitem.c +++ b/security/nss/lib/util/secitem.c @@ -76,6 +76,15 @@ loser: } SECStatus +SECITEM_MakeItem(PLArenaPool *arena, SECItem *dest, unsigned char *data, + unsigned int len) +{ + SECItem it = { siBuffer, data, len }; + + return SECITEM_CopyItem(arena, dest, &it); +} + +SECStatus SECITEM_ReallocItem(PLArenaPool *arena, SECItem *item, unsigned int oldlen, unsigned int newlen) { diff --git a/security/nss/lib/util/secitem.h b/security/nss/lib/util/secitem.h index 5b9d0e174..4fb123938 100644 --- a/security/nss/lib/util/secitem.h +++ b/security/nss/lib/util/secitem.h @@ -35,6 +35,14 @@ SEC_BEGIN_PROTOS extern SECItem *SECITEM_AllocItem(PLArenaPool *arena, SECItem *item, unsigned int len); +/* Allocate and make an item with the requested contents. + * + * We seem to have mostly given up on SECItemType, so the result is + * always siBuffer. + */ +extern SECStatus SECITEM_MakeItem(PLArenaPool *arena, SECItem *dest, + unsigned char *data, unsigned int len); + /* ** This is a legacy function containing bugs. It doesn't update item->len, ** and it has other issues as described in bug 298649 and bug 298938. diff --git a/security/nss/nss-tool/enc/enctool.cc b/security/nss/nss-tool/enc/enctool.cc index b3c0d1dbe..e37e4593a 100644 --- a/security/nss/nss-tool/enc/enctool.cc +++ b/security/nss/nss-tool/enc/enctool.cc @@ -271,7 +271,6 @@ bool EncTool::DoCipher(std::string file_name, std::string out_file, if (file_name.empty()) { std::vector<uint8_t> data = ReadInputData(""); std::vector<uint8_t> out(data.size() + 16); - SECStatus rv; if (encrypt) { rv = PK11_Encrypt(symKey.get(), cipher_mech_, params.get(), out.data(), &outLen, data.size() + 16, data.data(), data.size()); diff --git a/security/nss/tests/all.sh b/security/nss/tests/all.sh index 3a02debef..f8a777fb3 100755 --- a/security/nss/tests/all.sh +++ b/security/nss/tests/all.sh @@ -309,7 +309,7 @@ TESTS=${NSS_TESTS:-$tests} ALL_TESTS=${TESTS} -nss_ssl_tests="crl iopr policy" +nss_ssl_tests="crl iopr policy normal_normal" if [ $NO_INIT_SUPPORT -eq 0 ]; then nss_ssl_tests="$nss_ssl_tests fips_normal normal_fips" fi diff --git a/security/nss/tests/bogo/bogo.sh b/security/nss/tests/bogo/bogo.sh index d1a93bf9b..4fccb845b 100755 --- a/security/nss/tests/bogo/bogo.sh +++ b/security/nss/tests/bogo/bogo.sh @@ -25,7 +25,7 @@ bogo_init() BORING=${BORING:=boringssl} if [ ! -d "$BORING" ]; then git clone -q https://boringssl.googlesource.com/boringssl "$BORING" - git -C "$BORING" checkout -q a513e86c1ebb1383930c9e504bdabcc302a85f30 + git -C "$BORING" checkout -q ec55dc15d3a39e5f1a58bfd79148729f38f6acb4 fi SCRIPTNAME="bogo.sh" @@ -39,11 +39,12 @@ bogo_cleanup() . common/cleanup.sh } -cd "$(dirname "$0")" -SOURCE_DIR="$PWD"/../.. +cd ../ +cwd=$(cd $(dirname $0); pwd -P) +SOURCE_DIR="$cwd"/.. bogo_init (cd "$BORING"/ssl/test/runner; - GOPATH="$PWD" go test -pipe -shim-path "${BINDIR}"/nss_bogo_shim \ + GOPATH="$cwd" go test -pipe -shim-path "${BINDIR}"/nss_bogo_shim \ -loose-errors -allow-unimplemented \ -shim-config "${SOURCE_DIR}/gtests/nss_bogo_shim/config.json") \ 2>bogo.errors | tee bogo.log diff --git a/security/nss/tests/cert/cert.sh b/security/nss/tests/cert/cert.sh index d1a9148a9..34006efd1 100755 --- a/security/nss/tests/cert/cert.sh +++ b/security/nss/tests/cert/cert.sh @@ -1060,6 +1060,25 @@ cert_extended_ssl() # -d "${PROFILEDIR}" -i "${CLIENT_CADIR}/clientCA-ecmixed.ca.cert" \ # 2>&1 + # Check that a repeated import with a different nickname doesn't change the + # nickname of the existing cert (bug 1458518). + # We want to search for the results using grep, to avoid subset matches, + # we'll use one of the longer nicknames for testing. + # (Because "grep -w hostname" matches "grep -w hostname-dsamixed") + MYDBPASS="-d ${PROFILEDIR} -f ${R_PWFILE}" + TESTNAME="Ensure there's exactly one match for ${CERTNAME}-dsamixed" + cert_check_nickname_exists "$MYDBPASS" "${CERTNAME}-dsamixed" 0 1 "${TESTNAME}" + + CU_ACTION="Repeated import of $CERTNAME's mixed DSA Cert with different nickname" + certu -A -n "${CERTNAME}-repeated-dsamixed" -t "u,u,u" -d "${PROFILEDIR}" \ + -f "${R_PWFILE}" -i "${CERTNAME}-dsamixed.cert" 2>&1 + + TESTNAME="Ensure there's still exactly one match for ${CERTNAME}-dsamixed" + cert_check_nickname_exists "$MYDBPASS" "${CERTNAME}-dsamixed" 0 1 "${TESTNAME}" + + TESTNAME="Ensure there's zero matches for ${CERTNAME}-repeated-dsamixed" + cert_check_nickname_exists "$MYDBPASS" "${CERTNAME}-repeated-dsamixed" 0 0 "${TESTNAME}" + echo "Importing all the server's own CA chain into the servers DB" for CA in `find ${SERVER_CADIR} -name "?*.ca.cert"` ; do @@ -1532,6 +1551,37 @@ cert_make_with_param() return 0 } +cert_check_nickname_exists() +{ + MYDIRPASS="$1" + MYCERTNAME="$2" + EXPECT="$3" + EXPECTCOUNT="$4" + MYTESTNAME="$5" + + echo certutil ${MYDIRPASS} -L + ${BINDIR}/certutil ${MYDIRPASS} -L + + RET=$? + if [ "${RET}" -ne "${EXPECT}" ]; then + CERTFAILED=1 + html_failed "${MYTESTNAME} - list" + cert_log "ERROR: ${MYTESTNAME} - list" + return 1 + fi + + LISTCOUNT=`${BINDIR}/certutil ${MYDIRPASS} -L | grep -wc ${MYCERTNAME}` + if [ "${LISTCOUNT}" -ne "${EXPECTCOUNT}" ]; then + CERTFAILED=1 + html_failed "${MYTESTNAME} - list and count" + cert_log "ERROR: ${MYTESTNAME} - list and count failed" + return 1 + fi + + html_passed "${MYTESTNAME}" + return 0 +} + cert_list_and_count_dns() { DIRPASS="$1" @@ -2425,6 +2475,31 @@ EOF RETEXPECTED=0 } +cert_test_orphan_key_reuse() +{ + CU_ACTION="Create orphan key in serverdir" + certu -G -f "${R_PWFILE}" -z ${R_NOISE_FILE} -d ${PROFILEDIR} + # Let's get the key ID of the first orphan key. + # The output of certutil -K (list keys) isn't well formatted. + # The initial <key-number> part may or may not contain white space, which + # makes the use of awk to filter the column unreliable. + # To fix that, we remove the initial <number> field using sed, then select the + # column that contains the key ID. + ORPHAN=`${BINDIR}/certutil -d ${PROFILEDIR} -K -f ${R_PWFILE} | \ + sed 's/^<.*>//g' | grep -w orphan | head -1 | awk '{print $2}'` + CU_ACTION="Create cert request for orphan key" + certu -R -f "${R_PWFILE}" -k ${ORPHAN} -s "CN=orphan" -d ${PROFILEDIR} \ + -o ${SERVERDIR}/orphan.req + # Ensure that creating the request really works by listing it, and check + # if listing was successful. + ${BINDIR}/pp -t certificate-request -i ${SERVERDIR}/orphan.req + RET=$? + if [ "$RET" -ne 0 ]; then + html_failed "Listing cert request for orphan key ($RET)" + cert_log "ERROR: Listing cert request for orphan key failed $RET" + fi +} + ############################## cert_cleanup ############################ # local shell function to finish this script (no exit since it might be # sourced) @@ -2444,6 +2519,7 @@ cert_all_CA cert_test_implicit_db_init cert_extended_ssl cert_ssl +cert_test_orphan_key_reuse cert_smime_client IS_FIPS_DISABLED=`certutil --build-flags |grep -cw NSS_FIPS_DISABLED` if [ $IS_FIPS_DISABLED -ne 0 ]; then diff --git a/security/nss/tests/common/init.sh b/security/nss/tests/common/init.sh index 933551e83..6aa22af8d 100644 --- a/security/nss/tests/common/init.sh +++ b/security/nss/tests/common/init.sh @@ -543,8 +543,8 @@ if [ -z "${INIT_SOURCED}" -o "${INIT_SOURCED}" != "TRUE" ]; then D_DISTRUST="Distrust.$version" D_RSAPSS="RSAPSS.$version" - # we need relative pathnames of these files abd directories, since our - # tools can't handle the unix style absolut pathnames on cygnus + # we need relative pathnames of these files and directories, since our + # tools can't handle the unix style absolute pathnames on cygnus R_CADIR=../CA R_SERVERDIR=../server @@ -565,6 +565,7 @@ if [ -z "${INIT_SOURCED}" -o "${INIT_SOURCED}" != "TRUE" ]; then R_NOLOGINDIR=../nologin R_SSLGTESTDIR=../ssl_gtests R_GTESTDIR=../gtests + R_RSAPSSDIR=../rsapss # # profiles are either paths or domains depending on the setting of @@ -581,6 +582,7 @@ if [ -z "${INIT_SOURCED}" -o "${INIT_SOURCED}" != "TRUE" ]; then P_R_EXT_SERVERDIR=${R_EXT_SERVERDIR} P_R_EXT_CLIENTDIR=${R_EXT_CLIENTDIR} P_R_IMPLICIT_INIT_DIR=${R_IMPLICIT_INIT_DIR} + P_R_RSAPSSDIR=${R_RSAPSSDIR} if [ -n "${MULTIACCESS_DBM}" ]; then P_R_CADIR="multiaccess:${D_CA}" P_R_ALICEDIR="multiaccess:${D_ALICE}" @@ -593,6 +595,7 @@ if [ -z "${INIT_SOURCED}" -o "${INIT_SOURCED}" != "TRUE" ]; then P_R_EXT_SERVERDIR="multiaccess:${D_EXT_SERVER}" P_R_EXT_CLIENTDIR="multiaccess:${D_EXT_CLIENT}" P_R_IMPLICIT_INIT_DIR="multiaccess:${D_IMPLICIT_INIT}" + P_R_RSAPSSDIR="multiaccess:${D_RSAPSS}" fi R_PWFILE=../tests.pw diff --git a/security/nss/tests/interop/interop.sh b/security/nss/tests/interop/interop.sh index 97c82e0ca..50c8bb3c1 100644 --- a/security/nss/tests/interop/interop.sh +++ b/security/nss/tests/interop/interop.sh @@ -25,7 +25,7 @@ interop_init() INTEROP=${INTEROP:=tls_interop} if [ ! -d "$INTEROP" ]; then git clone -q https://github.com/ttaubert/tls-interop "$INTEROP" - git -C "$INTEROP" checkout -q 07930b791827c1bdb6f4c19ca0aa63850fd59e22 + git -C "$INTEROP" checkout -q d07b28ac32b390dea1c9bcca5c56716247d23e5e fi INTEROP=$(cd "$INTEROP";pwd -P) diff --git a/security/nss/tests/ssl/ssl.sh b/security/nss/tests/ssl/ssl.sh index de867a4bd..9a63bd997 100755 --- a/security/nss/tests/ssl/ssl.sh +++ b/security/nss/tests/ssl/ssl.sh @@ -283,34 +283,30 @@ ssl_cov() echo "${testname}" | grep "EXPORT" > /dev/null EXP=$? - if [ "$ectype" = "ECC" ] ; then - echo "$SCRIPTNAME: skipping $testname (ECC only)" - else - echo "$SCRIPTNAME: running $testname ----------------------------" - VMAX="ssl3" - if [ "$testmax" = "TLS10" ]; then - VMAX="tls1.0" - fi - if [ "$testmax" = "TLS11" ]; then - VMAX="tls1.1" - fi - if [ "$testmax" = "TLS12" ]; then - VMAX="tls1.2" - fi - - echo "tstclnt -4 -p ${PORT} -h ${HOSTADDR} -c ${param} -V ${VMIN}:${VMAX} ${CLIENT_OPTIONS} \\" - echo " -f -d ${P_R_CLIENTDIR} $verbose -w nss < ${REQUEST_FILE}" - - rm ${TMP}/$HOST.tmp.$$ 2>/dev/null - ${PROFTOOL} ${BINDIR}/tstclnt -4 -p ${PORT} -h ${HOSTADDR} -c ${param} -V ${VMIN}:${VMAX} ${CLIENT_OPTIONS} -f \ - -d ${P_R_CLIENTDIR} $verbose -w nss < ${REQUEST_FILE} \ - >${TMP}/$HOST.tmp.$$ 2>&1 - ret=$? - cat ${TMP}/$HOST.tmp.$$ - rm ${TMP}/$HOST.tmp.$$ 2>/dev/null - html_msg $ret 0 "${testname}" \ - "produced a returncode of $ret, expected is 0" + echo "$SCRIPTNAME: running $testname ----------------------------" + VMAX="ssl3" + if [ "$testmax" = "TLS10" ]; then + VMAX="tls1.0" + fi + if [ "$testmax" = "TLS11" ]; then + VMAX="tls1.1" fi + if [ "$testmax" = "TLS12" ]; then + VMAX="tls1.2" + fi + + echo "tstclnt -4 -p ${PORT} -h ${HOSTADDR} -c ${param} -V ${VMIN}:${VMAX} ${CLIENT_OPTIONS} \\" + echo " -f -d ${P_R_CLIENTDIR} $verbose -w nss < ${REQUEST_FILE}" + + rm ${TMP}/$HOST.tmp.$$ 2>/dev/null + ${PROFTOOL} ${BINDIR}/tstclnt -4 -p ${PORT} -h ${HOSTADDR} -c ${param} -V ${VMIN}:${VMAX} ${CLIENT_OPTIONS} -f \ + -d ${P_R_CLIENTDIR} $verbose -w nss < ${REQUEST_FILE} \ + >${TMP}/$HOST.tmp.$$ 2>&1 + ret=$? + cat ${TMP}/$HOST.tmp.$$ + rm ${TMP}/$HOST.tmp.$$ 2>/dev/null + html_msg $ret 0 "${testname}" \ + "produced a returncode of $ret, expected is 0" done kill_selfserv @@ -335,8 +331,6 @@ ssl_auth() echo "$SCRIPTNAME: skipping $testname (non-FIPS only)" elif [ "$ectype" = "SNI" -a "$NORM_EXT" = "Extended Test" ] ; then echo "$SCRIPTNAME: skipping $testname for $NORM_EXT" - elif [ "$ectype" = "ECC" ] ; then - echo "$SCRIPTNAME: skipping $testname (ECC only)" else cparam=`echo $cparam | sed -e 's;_; ;g' -e "s/TestUser/$USER_NICKNAME/g" ` if [ "$ectype" = "SNI" ]; then @@ -550,8 +544,6 @@ ssl_stress() if [ "$ectype" = "SNI" -a "$NORM_EXT" = "Extended Test" ] ; then echo "$SCRIPTNAME: skipping $testname for $NORM_EXT" - elif [ "$ectype" = "ECC" ] ; then - echo "$SCRIPTNAME: skipping $testname (ECC only)" elif [ "${CLIENT_MODE}" = "fips" -a "${CAUTH}" -ne 0 ] ; then echo "$SCRIPTNAME: skipping $testname (non-FIPS only)" elif [ "${NOLOGIN}" -eq 0 ] && \ @@ -615,9 +607,7 @@ ssl_crl_ssl() ignore_blank_lines ${SSLAUTH} | \ while read ectype value sparam cparam testname do - if [ "$ectype" = "ECC" ] ; then - echo "$SCRIPTNAME: skipping $testname (ECC only)" - elif [ "$ectype" = "SNI" ]; then + if [ "$ectype" = "SNI" ]; then continue else servarg=`echo $sparam | awk '{r=split($0,a,"-r") - 1;print r;}'` @@ -729,43 +719,39 @@ ssl_policy() do VMIN="ssl3" - if [ "$ectype" = "ECC" ] ; then - echo "$SCRIPTNAME: skipping $testname (ECC only)" - else - echo "$SCRIPTNAME: running $testname ----------------------------" - VMAX="ssl3" - if [ "$testmax" = "TLS10" ]; then - VMAX="tls1.0" - fi - if [ "$testmax" = "TLS11" ]; then - VMAX="tls1.1" - fi - if [ "$testmax" = "TLS12" ]; then - VMAX="tls1.2" - fi + echo "$SCRIPTNAME: running $testname ----------------------------" + VMAX="ssl3" + if [ "$testmax" = "TLS10" ]; then + VMAX="tls1.0" + fi + if [ "$testmax" = "TLS11" ]; then + VMAX="tls1.1" + fi + if [ "$testmax" = "TLS12" ]; then + VMAX="tls1.2" + fi - # load the policy - policy=`echo ${policy} | sed -e 's;_; ;g'` - setup_policy "$policy" ${P_R_CLIENTDIR} + # load the policy + policy=`echo ${policy} | sed -e 's;_; ;g'` + setup_policy "$policy" ${P_R_CLIENTDIR} - echo "tstclnt -4 -p ${PORT} -h ${HOSTADDR} -c ${param} -V ${VMIN}:${VMAX} ${CLIENT_OPTIONS} \\" - echo " -f -d ${P_R_CLIENTDIR} $verbose -w nss < ${REQUEST_FILE}" + echo "tstclnt -4 -p ${PORT} -h ${HOSTADDR} -c ${param} -V ${VMIN}:${VMAX} ${CLIENT_OPTIONS} \\" + echo " -f -d ${P_R_CLIENTDIR} $verbose -w nss < ${REQUEST_FILE}" - rm ${TMP}/$HOST.tmp.$$ 2>/dev/null - ${PROFTOOL} ${BINDIR}/tstclnt -4 -p ${PORT} -h ${HOSTADDR} -c ${param} -V ${VMIN}:${VMAX} ${CLIENT_OPTIONS} -f \ - -d ${P_R_CLIENTDIR} $verbose -w nss < ${REQUEST_FILE} \ - >${TMP}/$HOST.tmp.$$ 2>&1 - ret=$? - cat ${TMP}/$HOST.tmp.$$ - rm ${TMP}/$HOST.tmp.$$ 2>/dev/null + rm ${TMP}/$HOST.tmp.$$ 2>/dev/null + ${PROFTOOL} ${BINDIR}/tstclnt -4 -p ${PORT} -h ${HOSTADDR} -c ${param} -V ${VMIN}:${VMAX} ${CLIENT_OPTIONS} -f \ + -d ${P_R_CLIENTDIR} $verbose -w nss < ${REQUEST_FILE} \ + >${TMP}/$HOST.tmp.$$ 2>&1 + ret=$? + cat ${TMP}/$HOST.tmp.$$ + rm ${TMP}/$HOST.tmp.$$ 2>/dev/null - #workaround for bug #402058 - [ $ret -ne 0 ] && ret=1 - [ ${value} -ne 0 ] && value=1 + #workaround for bug #402058 + [ $ret -ne 0 ] && ret=1 + [ ${value} -ne 0 ] && value=1 - html_msg $ret ${value} "${testname}" \ - "produced a returncode of $ret, expected is ${value}" - fi + html_msg $ret ${value} "${testname}" \ + "produced a returncode of $ret, expected is ${value}" done cp ${P_R_CLIENTDIR}/pkcs11.txt.sav ${P_R_CLIENTDIR}/pkcs11.txt @@ -1004,9 +990,7 @@ ssl_crl_cache() while read ectype value sparam cparam testname do [ "$ectype" = "" ] && continue - if [ "$ectype" = "ECC" ] ; then - echo "$SCRIPTNAME: skipping $testname (ECC only)" - elif [ "$ectype" = "SNI" ]; then + if [ "$ectype" = "SNI" ]; then continue else servarg=`echo $sparam | awk '{r=split($0,a,"-r") - 1;print r;}'` diff --git a/security/nss/tests/ssl_gtests/ssl_gtests.sh b/security/nss/tests/ssl_gtests/ssl_gtests.sh index fd678bf59..eef77f16f 100755 --- a/security/nss/tests/ssl_gtests/ssl_gtests.sh +++ b/security/nss/tests/ssl_gtests/ssl_gtests.sh @@ -47,6 +47,7 @@ make_cert() { dsa) type_args='-g 1024' ;; rsa) type_args='-g 1024' ;; rsa2048) type_args='-g 2048';type=rsa ;; + rsa8192) type_args='-g 8192';type=rsa ;; rsapss) type_args='-g 1024 --pss';type=rsa ;; p256) type_args='-q nistp256';type=ec ;; p384) type_args='-q secp384r1';type=ec ;; @@ -83,6 +84,7 @@ ssl_gtest_certs() { make_cert client rsa sign make_cert rsa rsa sign kex make_cert rsa2048 rsa2048 sign kex + make_cert rsa8192 rsa8192 sign kex make_cert rsa_sign rsa sign make_cert rsa_pss rsapss sign make_cert rsa_decrypt rsa kex diff --git a/security/nss/tests/tools/TestRSAPSS.p12 b/security/nss/tests/tools/TestRSAPSS.p12 Binary files differnew file mode 100644 index 000000000..91473891c --- /dev/null +++ b/security/nss/tests/tools/TestRSAPSS.p12 diff --git a/security/nss/tests/tools/tools.sh b/security/nss/tests/tools/tools.sh index 11be23e05..7cf1ef73f 100644 --- a/security/nss/tests/tools/tools.sh +++ b/security/nss/tests/tools/tools.sh @@ -105,6 +105,7 @@ tools_init() mkdir -p ${TOOLSDIR}/data cp ${QADIR}/tools/TestOldCA.p12 ${TOOLSDIR}/data cp ${QADIR}/tools/TestOldAES128CA.p12 ${TOOLSDIR}/data + cp ${QADIR}/tools/TestRSAPSS.p12 ${TOOLSDIR}/data cd ${TOOLSDIR} } @@ -436,6 +437,23 @@ tools_p12_import_old_files() check_tmpfile } +tools_p12_import_rsa_pss_private_key() +{ + echo "$SCRIPTNAME: Importing RSA-PSS private key from PKCS#12 file --------------" + ${BINDIR}/pk12util -i ${TOOLSDIR}/data/TestRSAPSS.p12 -d ${P_R_COPYDIR} -k ${R_PWFILE} -W '' 2>&1 + ret=$? + html_msg $ret 0 "Importing RSA-PSS private key from PKCS#12 file" + check_tmpfile + + # Check if RSA-PSS identifier is included in the key listing + ${BINDIR}/certutil -d ${P_R_COPYDIR} -K -f ${R_PWFILE} | grep '^<[0-9 ]*> *rsaPss' + ret=$? + html_msg $ret 0 "Listing RSA-PSS private key imported from PKCS#12 file" + check_tmpfile + + return $ret +} + ############################## tools_p12 ############################### # local shell function to test basic functionality of pk12util ######################################################################## @@ -448,6 +466,9 @@ tools_p12() tools_p12_export_with_none_ciphers tools_p12_export_with_invalid_ciphers tools_p12_import_old_files + if [ "${TEST_MODE}" = "SHARED_DB" ] ; then + tools_p12_import_rsa_pss_private_key + fi } ############################## tools_sign ############################## |