Merge m-c to inbound. a=merge
authorRyan VanderMeulen <ryanvm@gmail.com>
Thu, 01 Jun 2017 12:12:30 -0400
changeset 361868 d92e242ec5f184c0e0eeafa58ef8a3301456a981
parent 361867 3b2d0ff5f9a365be1e57e1c8b11d11f43ea169d0 (current diff)
parent 361804 62005e6aecdf95c9cffe5fb825d93123ec49c4b3 (diff)
child 361869 64e61e9ab3ff240e0398a83fa775c5335705b450
push id31946
push userryanvm@gmail.com
push dateThu, 01 Jun 2017 20:43:38 +0000
treeherdermozilla-central@b138d2f271fd [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersmerge
milestone55.0a1
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Merge m-c to inbound. a=merge CLOSED TREE
--- a/browser/components/resistfingerprinting/test/browser/head.js
+++ b/browser/components/resistfingerprinting/test/browser/head.js
@@ -10,34 +10,37 @@
 async function calcMaximumAvailSize(aChromeWidth, aChromeHeight) {
   let chromeUIWidth;
   let chromeUIHeight;
   let testPath = "http://example.net/browser/browser/" +
                  "components/resistFingerprinting/test/browser/"
 
   // If the chrome UI dimensions is not given, we will calculate it.
   if (!aChromeWidth || !aChromeHeight) {
+    let win = await BrowserTestUtils.openNewBrowserWindow();
+
     let tab = await BrowserTestUtils.openNewForegroundTab(
-      gBrowser, testPath + "file_dummy.html");
+      win.gBrowser, testPath + "file_dummy.html");
 
     let contentSize = await ContentTask.spawn(tab.linkedBrowser, null, async function() {
       let result = {
         width: content.innerWidth,
         height: content.innerHeight
       };
 
       return result;
     });
 
     // Calculate the maximum available window size which is depending on the
     // available screen space.
-    chromeUIWidth = window.outerWidth - contentSize.width;
-    chromeUIHeight = window.outerHeight - contentSize.height;
+    chromeUIWidth = win.outerWidth - contentSize.width;
+    chromeUIHeight = win.outerHeight - contentSize.height;
 
     await BrowserTestUtils.removeTab(tab);
+    await BrowserTestUtils.closeWindow(win);
   } else {
     chromeUIWidth = aChromeWidth;
     chromeUIHeight = aChromeHeight;
   }
 
   let availWidth = window.screen.availWidth;
   let availHeight = window.screen.availHeight;
 
--- a/browser/components/uitour/test/browser_trackingProtection_tour.js
+++ b/browser/components/uitour/test/browser_trackingProtection_tour.js
@@ -36,24 +36,36 @@ add_UITour_task(async function test_bloc
   await checkToggleTarget("controlCenter-trackingBlock");
   TrackingProtection.enableForCurrentPage();
 });
 
 
 async function checkToggleTarget(targetID) {
   let popup = document.getElementById("UITourTooltip");
 
+  let trackerOpened = new Promise(function(resolve, reject) {
+    Services.obs.addObserver(function onopen(subject) {
+      let asciiSpec = subject.QueryInterface(Ci.nsIHttpChannel).URI.asciiSpec;
+      if (asciiSpec === "https://tracking.example.com/") {
+        Services.obs.removeObserver(onopen, "http-on-opening-request");
+        resolve();
+      }
+    }, "http-on-opening-request");
+  });
+
   await ContentTask.spawn(gBrowser.selectedBrowser, {}, function() {
     let doc = content.document;
     let iframe = doc.createElement("iframe");
     iframe.setAttribute("id", "tracking-element");
     iframe.setAttribute("src", "https://tracking.example.com/");
     doc.body.insertBefore(iframe, doc.body.firstChild);
   });
 
+  await trackerOpened;
+
   let testTargetAvailability = async function(expectedAvailable) {
     let data = await getConfigurationPromise("availableTargets");
     let available = (data.targets.indexOf(targetID) != -1);
     is(available, expectedAvailable, "Target has expected availability.");
   };
   await testTargetAvailability(false);
   await showMenuPromise("controlCenter");
   await testTargetAvailability(true);
--- a/browser/themes/linux/moz.build
+++ b/browser/themes/linux/moz.build
@@ -3,9 +3,11 @@
 # This Source Code Form is subject to the terms of the Mozilla Public
 # License, v. 2.0. If a copy of the MPL was not distributed with this
 # file, You can obtain one at http://mozilla.org/MPL/2.0/.
 
 DIRS += ['communicator']
 
 JAR_MANIFESTS += ['jar.mn']
 
+DEFINES['MENUBAR_CAN_AUTOHIDE'] = 1
+
 include('../tab-svgs.mozbuild')
--- a/browser/themes/osx/browser.css
+++ b/browser/themes/osx/browser.css
@@ -1,33 +1,33 @@
 /* This Source Code Form is subject to the terms of the Mozilla Public
  * License, v. 2.0. If a copy of the MPL was not distributed with this
  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
 
 @import url("chrome://global/skin/");
 
 %include shared.inc
 %define toolbarButtonPressed :hover:active:not([disabled="true"]):not([cui-areatype="menu-panel"])
-%define windowButtonMarginTop 11px
 
 @namespace url("http://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul");
 @namespace html url("http://www.w3.org/1999/xhtml");
 @namespace svg url("http://www.w3.org/2000/svg");
 
 %include ../shared/browser.inc.css
 
 :root {
-  --space-above-tabbar: 9px;
   --tabs-toolbar-color: #333;
 
   --toolbarbutton-vertical-text-padding: calc(var(--toolbarbutton-inner-padding) + 1px);
 
 %ifdef MOZ_PHOTON_THEME
   --toolbarbutton-border-radius: 4px;
 %else
+  --space-above-tabbar: 9px;
+
   --toolbarbutton-border-radius: 3px;
 
   --toolbarbutton-hover-background: hsla(0,0%,100%,.1) linear-gradient(hsla(0,0%,100%,.3), hsla(0,0%,100%,.1)) padding-box;
   --toolbarbutton-active-background: hsla(0,0%,0%,.02) linear-gradient(hsla(0,0%,0%,.12), transparent) border-box;
 
   --backbutton-border-color: rgba(0,0,0,0.2);
   --backbutton-background: linear-gradient(rgba(255,255,255,0.9),
                                            rgba(255,255,255,0.7)) repeat-x;
@@ -129,29 +129,37 @@ toolbar:-moz-lwtheme {
   height: 22px; /* The native titlebar on OS X is 22px tall. */
 }
 
 /**
  * For tabs in titlebar on OS X, we stretch the titlebar down so that the
  * tabstrip can overlap it.
  */
 #main-window[tabsintitlebar] > #titlebar {
+%ifndef MOZ_PHOTON_THEME
   min-height: calc(var(--tab-min-height) + var(--space-above-tabbar) - var(--tab-toolbar-navbar-overlap));
+%else
+  min-height: calc(var(--tab-min-height) - var(--tab-toolbar-navbar-overlap));
+%endif
 }
 
 /**
  * We also vertically center the window buttons.
  */
 #titlebar-buttonbox-container {
   -moz-box-align: start;
 }
 
 #main-window[tabsintitlebar] > #titlebar > #titlebar-content > #titlebar-buttonbox-container,
 #main-window[tabsintitlebar] > #titlebar > #titlebar-content > #titlebar-secondary-buttonbox > #titlebar-fullscreen-button {
-  margin-top: @windowButtonMarginTop@;
+%ifdef MOZ_PHOTON_THEME
+  margin-top: 6px;
+%else
+  margin-top: 11px;
+%endif
 }
 
 #main-window:not([tabsintitlebar]) > #titlebar > #titlebar-content > #titlebar-buttonbox-container,
 #main-window:not([tabsintitlebar]) > #titlebar > #titlebar-content > #titlebar-secondary-buttonbox > #titlebar-fullscreen-button {
   margin-top: 3px;
 }
 
 #main-window[customize-entered] > #titlebar {
@@ -1530,20 +1538,21 @@ toolbarbutton.chevron > .toolbarbutton-m
   -moz-appearance: toolbar;
 }
 
 #TabsToolbar:not(:-moz-lwtheme) {
   color: var(--tabs-toolbar-color);
   text-shadow: @loweredShadow@;
 }
 
+%ifndef MOZ_PHOTON_THEME
 #navigator-toolbox[inFullscreen] > #TabsToolbar {
   padding-top: var(--space-above-tabbar);
 }
-
+%endif
 #tabbrowser-tabs {
   -moz-box-align: stretch;
 }
 
 .tabs-newtab-button > .toolbarbutton-icon {
   padding: 6px 0 4px;
 }
 
@@ -2205,17 +2214,19 @@ html|*.addon-webext-perm-list {
     background-image: url("chrome://browser/skin/privatebrowsing-mask@2x.png");
   }
   #main-window[privatebrowsingmode=temporary]:not([tabsintitlebar]) > #titlebar > #titlebar-content > #titlebar-secondary-buttonbox > .private-browsing-indicator {
     background-image: url("chrome://browser/skin/privatebrowsing-mask-short@2x.png");
   }
 }
 
 #TabsToolbar > .private-browsing-indicator {
+%ifndef MOZ_PHOTON_THEME
   transform: translateY(calc(-1 * var(--space-above-tabbar)));
+%endif
   /* We offset by 38px for mask graphic, plus 4px to account for the
    * margin-left, which sums to 42px.
    */
   margin-right: -42px;
 }
 
 #main-window[privatebrowsingmode=temporary] .titlebar-placeholder[type="fullscreen-button"],
 #main-window[privatebrowsingmode=temporary] > #titlebar > #titlebar-content > #titlebar-secondary-buttonbox > #titlebar-fullscreen-button {
--- a/browser/themes/osx/compacttheme.css
+++ b/browser/themes/osx/compacttheme.css
@@ -23,22 +23,23 @@
   -moz-appearance: none !important;
 }
 
 /* Get rid of 1px bright strip at the top of window */
 #main-window[tabsintitlebar] #titlebar-content {
   background: var(--chrome-background-color);
 }
 
+%ifndef MOZ_PHOTON_THEME
 /* Resize things so that the native titlebar is in line with the tabs */
 #main-window[tabsintitlebar] > #titlebar > #titlebar-content > #titlebar-buttonbox-container,
 #main-window[tabsintitlebar] > #titlebar > #titlebar-content > #titlebar-secondary-buttonbox > #titlebar-fullscreen-button {
   margin-top: 6px;
 }
-
+%endif
 /* Prevent the hover styling from on the identity icon from overlapping the
    urlbar border. */
 #identity-box {
   margin-top: -1px !important;
   margin-bottom: -1px !important;
   padding-top: 3px !important;
   padding-bottom: 3px !important;
 }
--- a/browser/themes/shared/browser.inc.css
+++ b/browser/themes/shared/browser.inc.css
@@ -1,13 +1,26 @@
 /* This Source Code Form is subject to the terms of the Mozilla Public
  * License, v. 2.0. If a copy of the MPL was not distributed with this
  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
 
 %ifdef MOZ_PHOTON_THEME
+%ifdef CAN_DRAW_IN_TITLEBAR
+/* Add space for dragging the window */
+%ifdef MENUBAR_CAN_AUTOHIDE
+:root[tabsintitlebar] #toolbar-menubar[autohide=true] ~ #TabsToolbar {
+  padding-inline-start: 40px;
+}
+%else
+:root[tabsintitlebar] #TabsToolbar {
+  padding-inline-start: 40px;
+}
+%endif
+%endif
+
 /* Go button */
 .urlbar-go-button {
   padding: 0 3px;
   list-style-image: url("chrome://browser/skin/reload-stop-go.png");
 }
 
 .urlbar-go-button {
   -moz-image-region: rect(0, 42px, 14px, 28px);
--- a/browser/themes/shared/compacttheme.inc.css
+++ b/browser/themes/shared/compacttheme.inc.css
@@ -4,17 +4,19 @@
 
 /* compacttheme.css is loaded in browser.xul after browser.css when it is
    preffed on.  The bulk of the styling is here in the shared file, but
    there are overrides for each platform in their compacttheme.css files. */
 
 :root {
   --tab-toolbar-navbar-overlap: 0px;
   --navbar-tab-toolbar-highlight-overlap: 0px;
+%ifndef MOZ_PHOTON_THEME
   --space-above-tabbar: 0px;
+%endif
   --toolbarbutton-text-shadow: none;
   --backbutton-urlbar-overlap: 0px;
   /* 18px icon + 2 * 5px padding + 1 * 1px border */
   --forwardbutton-width: 29px;
 }
 
 :root:-moz-lwtheme-brighttext {
   /* Chrome */
@@ -93,22 +95,23 @@ toolbar:-moz-lwtheme-darktext {
   --toolbarbutton-hover-boxshadow: none;
   --toolbarbutton-hover-bordercolor: rgba(0,0,0,0.1);
   --toolbarbutton-active-background: #d7d7d8 border-box;
   --toolbarbutton-active-boxshadow: none;
   --toolbarbutton-active-bordercolor: rgba(0,0,0,0.15);
   --toolbarbutton-checkedhover-backgroundcolor: #d7d7d8;
 }
 
+%ifndef MOZ_PHOTON_THEME
 /* Give some space to drag the window around while customizing
    (normal space to left and right of tabs doesn't work in this case) */
 #main-window[tabsintitlebar][customizing] {
   --space-above-tabbar: 9px;
 }
-
+%endif
 /* Override @tabCurveHalfWidth@ and @tabCurveWidth@.  XXX: Switch to a CSS variable once the perf is sorted out - bug 1088771 */
 .tab-background-middle {
   border-left-width: 0;
   border-right-width: 0;
   margin: 0;
 }
 
 .tab-background,
--- a/browser/themes/windows/browser-aero.css
+++ b/browser/themes/windows/browser-aero.css
@@ -333,21 +333,22 @@
 
     #main-window[sizemode=normal] #browser-bottombox {
       border: 1px solid @toolbarShadowColor@;
       border-top-style: none;
       background-clip: padding-box;
     }
   }
 
+%ifndef MOZ_PHOTON_THEME
   #main-window[sizemode=normal] #TabsToolbar {
     padding-left: 1px;
     padding-right: 1px;
   }
-
+%endif
   #appcontent:not(:-moz-lwtheme) {
     background-color: -moz-dialog;
   }
 }
 
 @media (-moz-windows-glass) {
   #main-window[sizemode=normal] #nav-bar {
     border-top-left-radius: 2.5px;
--- a/browser/themes/windows/browser.css
+++ b/browser/themes/windows/browser.css
@@ -12,23 +12,23 @@
 %include windowsShared.inc
 %define toolbarShadowColor hsla(209,67%,12%,0.35)
 
 %include ../shared/browser.inc.css
 
 :root {
   --titlebar-text-color: inherit;
 
-  --space-above-tabbar: 15px;
-
   --toolbarbutton-vertical-text-padding: calc(var(--toolbarbutton-inner-padding) - 1px);
 
 %ifdef MOZ_PHOTON_THEME
   --toolbarbutton-border-radius: 2px;
 %else
+  --space-above-tabbar: 15px;
+
   --toolbarbutton-border-radius: 1px;
 
   --toolbarbutton-hover-background: rgba(0,0,0,.1);
   --toolbarbutton-active-background: rgba(0,0,0,.15);
 
   --backbutton-border-color: var(--urlbar-border-color-hover);
   --backbutton-background: rgba(255,255,255,.15);
 
@@ -84,29 +84,30 @@ toolbar[brighttext] {
 }
 
 /* Hides the titlebar-placeholder underneath the window caption buttons when we
    are not autohiding the menubar. */
 #toolbar-menubar:not([autohide="true"]) + #TabsToolbar > .titlebar-placeholder[type="caption-buttons"] {
   display: none;
 }
 
+%ifndef MOZ_PHOTON_THEME
 /* We want a 4px gap between the TabsToolbar and the toolbar-menubar when the
    toolbar-menu is displayed, and a 16px gap when it is not. 1px is taken care
    of by the (light) outer shadow of the tab, the remaining 3/15 are these margins. */
 #toolbar-menubar:not([autohide=true]) ~ #TabsToolbar:not([inFullscreen]),
 #toolbar-menubar[autohide=true]:not([inactive]) ~ #TabsToolbar:not([inFullscreen]) {
   margin-top: 3px;
 }
 
 #main-window[tabsintitlebar][sizemode="normal"]:not([inFullscreen])[chromehidden~="menubar"] #toolbar-menubar ~ #TabsToolbar,
 #main-window[tabsintitlebar][sizemode="normal"]:not([inFullscreen]) #toolbar-menubar[autohide="true"][inactive] ~ #TabsToolbar {
   margin-top: var(--space-above-tabbar);
 }
-
+%endif
 #navigator-toolbox,
 #navigator-toolbox > toolbar {
   -moz-appearance: none;
 }
 
 #navigator-toolbox::after {
   content: "";
   display: -moz-box;
--- a/browser/themes/windows/compacttheme.css
+++ b/browser/themes/windows/compacttheme.css
@@ -67,20 +67,21 @@
 @media (min-resolution: 1.1dppx) {
   #TabsToolbar[brighttext] .tab-close-button:-moz-lwtheme-darktext:not([selected="true"]) {
     list-style-image: url("chrome://global/skin/icons/close@2x.png");
   }
 }
 
 @media (-moz-os-version: windows-win7),
        (-moz-os-version: windows-win8) {
+%ifndef MOZ_PHOTON_THEME
   :root {
     --space-above-tabbar: 15px;
   }
-
+%endif
   /* It'd be nice if there was an element in the scrollbox's inner content
      that collapsed to the current width of the tabs. Since there isn't we
      need to handle overflowing and non-overflowing tabs separately.
 
      In the case of overflowing tabs, set a border-top on the entire container,
      otherwise we need to set it on each element individually */
   #main-window[sizemode=normal] .tabbrowser-tabs[overflow="true"] {
     background-clip: padding-box;
--- a/browser/themes/windows/moz.build
+++ b/browser/themes/windows/moz.build
@@ -4,10 +4,11 @@
 # License, v. 2.0. If a copy of the MPL was not distributed with this
 # file, You can obtain one at http://mozilla.org/MPL/2.0/.
 
 DIRS += ['communicator']
 
 JAR_MANIFESTS += ['jar.mn']
 
 DEFINES['CAN_DRAW_IN_TITLEBAR'] = 1
+DEFINES['MENUBAR_CAN_AUTOHIDE'] = 1
 
 include('../tab-svgs.mozbuild')
--- a/devtools/client/framework/devtools-browser.js
+++ b/devtools/client/framework/devtools-browser.js
@@ -852,16 +852,19 @@ var gDevToolsBrowser = exports.gDevTools
 
     gDevToolsBrowser._pingTelemetry();
     gDevToolsBrowser._telemetry = null;
 
     for (let win of gDevToolsBrowser._trackedBrowserWindows) {
       gDevToolsBrowser._forgetBrowserWindow(win);
     }
 
+    // Remove scripts loaded in content process to support the Browser Content Toolbox.
+    DebuggerServer.removeContentServerScript();
+
     gDevTools.destroy({ shuttingDown });
   },
 };
 
 // Handle all already registered tools,
 gDevTools.getToolDefinitionArray()
          .forEach(def => gDevToolsBrowser._addToolToWindows(def));
 // and the new ones.
new file mode 100644
--- /dev/null
+++ b/devtools/server/content-process-debugger-server.js
@@ -0,0 +1,26 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+/* global addMessageListener, removeMessageListener */
+
+"use strict";
+
+const { utils: Cu } = Components;
+const { Services } = Cu.import("resource://gre/modules/Services.jsm", {});
+
+function onInit(message) {
+  // Only reply if we are in a real content process
+  if (Services.appinfo.processType == Services.appinfo.PROCESS_TYPE_CONTENT) {
+    let {init} = Cu.import("resource://devtools/server/content-server.jsm", {});
+    init(message);
+  }
+}
+
+function onClose() {
+  removeMessageListener("debug:init-content-server", onInit);
+  removeMessageListener("debug:close-content-server", onClose);
+}
+
+addMessageListener("debug:init-content-server", onInit);
+addMessageListener("debug:close-content-server", onClose);
--- a/devtools/server/main.js
+++ b/devtools/server/main.js
@@ -64,16 +64,19 @@ if (isWorker) {
   const VERBOSE_PREF = "devtools.debugger.log.verbose";
 
   flags.wantLogging = Services.prefs.getBoolPref(LOG_PREF);
   flags.wantVerbose =
     Services.prefs.getPrefType(VERBOSE_PREF) !== Services.prefs.PREF_INVALID &&
     Services.prefs.getBoolPref(VERBOSE_PREF);
 }
 
+const CONTENT_PROCESS_DBG_SERVER_SCRIPT =
+  "resource://devtools/server/content-process-debugger-server.js";
+
 function loadSubScript(url) {
   try {
     let loader = Cc["@mozilla.org/moz/jssubscript-loader;1"]
                    .getService(Ci.mozIJSSubScriptLoader);
     loader.loadSubScript(url, this);
   } catch (e) {
     let errorStr = "Error loading: " + url + ":\n" +
                    (e.fileName ? "at " + e.fileName + " : " + e.lineNumber + "\n" : "") +
@@ -144,16 +147,18 @@ function ModuleAPI() {
 }
 
 /** *
  * Public API
  */
 var DebuggerServer = {
   _listeners: [],
   _initialized: false,
+  // Flag to check if the content process debugger server script was already loaded.
+  _contentProcessScriptLoaded: false,
   // Map of global actor names to actor constructors provided by extensions.
   globalActorFactories: {},
   // Map of tab actor names to actor constructors provided by extensions.
   tabActorFactories: {},
 
   LONG_STRING_LENGTH: 10000,
   LONG_STRING_INITIAL_LENGTH: 1000,
   LONG_STRING_READ_LENGTH: 65 * 1024,
@@ -750,17 +755,26 @@ var DebuggerServer = {
 
       dumpn("establishing forwarding for process with prefix " + prefix);
 
       actor = msg.json.actor;
 
       deferred.resolve(actor);
     });
 
-    mm.sendAsyncMessage("DevTools:InitDebuggerServer", {
+    // Load the content process debugger server script only once.
+    if (!this._contentProcessScriptLoaded) {
+      // Load the process script that will receive the debug:init-content-server message
+      Services.ppmm.loadProcessScript(CONTENT_PROCESS_DBG_SERVER_SCRIPT, true);
+      this._contentProcessScriptLoaded = true;
+    }
+
+    // Send a message to the content process debugger server script to forward it the
+    // prefix.
+    mm.sendAsyncMessage("debug:init-content-server", {
       prefix: prefix
     });
 
     function onClose() {
       Services.obs.removeObserver(onMessageManagerClose, "message-manager-close");
       events.off(connection, "closed", onClose);
       if (childTransport) {
         // If we have a child transport, the actor has already
@@ -1364,16 +1378,30 @@ var DebuggerServer = {
         for (let connID of Object.getOwnPropertyNames(this._connections)) {
           this._connections[connID].rootActor.removeActorByName(name);
         }
       }
     }
   },
 
   /**
+   * Called when DevTools are unloaded to remove the contend process server script for the
+   * list of scripts loaded for each new content process. Will also remove message
+   * listeners from already loaded scripts.
+   */
+  removeContentServerScript() {
+    Services.ppmm.removeDelayedProcessScript(CONTENT_PROCESS_DBG_SERVER_SCRIPT);
+    try {
+      Services.ppmm.broadcastAsyncMessage("debug:close-content-server");
+    } catch (e) {
+      // Nothing to do
+    }
+  },
+
+  /**
    * ⚠ TESTING ONLY! ⚠ Searches all active connections for an actor matching an ID.
    * This is helpful for some tests which depend on reaching into the server to check some
    * properties of an actor.
    */
   _searchAllConnectionsForActor(actorID) {
     for (let connID of Object.getOwnPropertyNames(this._connections)) {
       let actor = this._connections[connID].getActor(actorID);
       if (actor) {
--- a/devtools/server/moz.build
+++ b/devtools/server/moz.build
@@ -13,16 +13,17 @@ DIRS += [
 ]
 
 BROWSER_CHROME_MANIFESTS += ['tests/browser/browser.ini']
 MOCHITEST_CHROME_MANIFESTS += ['tests/mochitest/chrome.ini']
 XPCSHELL_TESTS_MANIFESTS += ['tests/unit/xpcshell.ini']
 
 DevToolsModules(
     'child.js',
+    'content-process-debugger-server.js',
     'content-server.jsm',
     'css-logic.js',
     'event-parsers.js',
     'main.js',
     'primitive.js',
     'service-worker-child.js',
     'websocket-server.js',
     'worker.js'
--- a/dom/media/platforms/wrappers/H264Converter.cpp
+++ b/dom/media/platforms/wrappers/H264Converter.cpp
@@ -29,16 +29,21 @@ H264Converter::H264Converter(PlatformDec
   , mDecoder(nullptr)
   , mGMPCrashHelper(aParams.mCrashHelper)
   , mLastError(NS_OK)
   , mType(aParams.mType)
   , mOnWaitingForKeyEvent(aParams.mOnWaitingForKeyEvent)
   , mDecoderOptions(aParams.mOptions)
 {
   CreateDecoder(mOriginalConfig, aParams.mDiagnostics);
+  if (mDecoder) {
+    MOZ_ASSERT(mp4_demuxer::AnnexB::HasSPS(mOriginalConfig.mExtraData));
+    // The video metadata contains out of band SPS/PPS (AVC1) store it.
+    mOriginalExtraData = mOriginalConfig.mExtraData;
+  }
 }
 
 H264Converter::~H264Converter()
 {
 }
 
 RefPtr<MediaDataDecoder::InitPromise>
 H264Converter::Init()
@@ -74,16 +79,25 @@ H264Converter::Decode(MediaRawData* aSam
     // contain a SPS.
     rv = CreateDecoderAndInit(aSample);
     if (rv == NS_ERROR_NOT_INITIALIZED) {
       // We are missing the required SPS to create the decoder.
       // Ignore for the time being, the MediaRawData will be dropped.
       return DecodePromise::CreateAndResolve(DecodedData(), __func__);
     }
   } else {
+    // Initialize the members that we couldn't if the extradata was given during
+    // H264Converter's construction.
+    if (!mNeedAVCC) {
+      mNeedAVCC =
+        Some(mDecoder->NeedsConversion() == ConversionRequired::kNeedAVCC);
+    }
+    if (!mCanRecycleDecoder) {
+      mCanRecycleDecoder = Some(CanRecycleDecoder());
+    }
     rv = CheckForSPSChange(aSample);
   }
 
   if (rv == NS_ERROR_DOM_MEDIA_INITIALIZING_DECODER) {
     // The decoder is pending initialization.
     RefPtr<DecodePromise> p = mDecodePromise.Ensure(__func__);
     return p;
   }
@@ -94,21 +108,16 @@ H264Converter::Decode(MediaRawData* aSam
                   RESULT_DETAIL("Unable to create H264 decoder")),
       __func__);
   }
 
   if (mNeedKeyframe && !aSample->mKeyframe) {
     return DecodePromise::CreateAndResolve(DecodedData(), __func__);
   }
 
-  if (!mNeedAVCC) {
-    mNeedAVCC =
-      Some(mDecoder->NeedsConversion() == ConversionRequired::kNeedAVCC);
-  }
-
   if (!*mNeedAVCC
       && !mp4_demuxer::AnnexB::ConvertSampleToAnnexB(aSample, mNeedKeyframe)) {
     return DecodePromise::CreateAndReject(
       MediaResult(NS_ERROR_OUT_OF_MEMORY,
                   RESULT_DETAIL("ConvertSampleToAnnexB")),
       __func__);
   }
 
@@ -255,16 +264,21 @@ H264Converter::CreateDecoderAndInit(Medi
   return rv;
 }
 
 void
 H264Converter::OnDecoderInitDone(const TrackType aTrackType)
 {
   mInitPromiseRequest.Complete();
   RefPtr<MediaRawData> sample = mPendingSample.forget();
+
+  mNeedAVCC =
+    Some(mDecoder->NeedsConversion() == ConversionRequired::kNeedAVCC);
+  mCanRecycleDecoder = Some(CanRecycleDecoder());
+
   DecodeFirstSample(sample);
 }
 
 void
 H264Converter::OnDecoderInitFailed(const MediaResult& aError)
 {
   mInitPromiseRequest.Complete();
   mDecodePromise.Reject(
@@ -284,19 +298,16 @@ H264Converter::CanRecycleDecoder() const
 void
 H264Converter::DecodeFirstSample(MediaRawData* aSample)
 {
   if (mNeedKeyframe && !aSample->mKeyframe) {
     mDecodePromise.Resolve(DecodedData(), __func__);
     return;
   }
 
-  mNeedAVCC =
-    Some(mDecoder->NeedsConversion() == ConversionRequired::kNeedAVCC);
-
   if (!*mNeedAVCC
       && !mp4_demuxer::AnnexB::ConvertSampleToAnnexB(aSample, mNeedKeyframe)) {
     mDecodePromise.Reject(
       MediaResult(NS_ERROR_OUT_OF_MEMORY,
                   RESULT_DETAIL("ConvertSampleToAnnexB")),
       __func__);
     return;
   }
@@ -317,25 +328,40 @@ H264Converter::DecodeFirstSample(MediaRa
     ->Track(mDecodePromiseRequest);
 }
 
 nsresult
 H264Converter::CheckForSPSChange(MediaRawData* aSample)
 {
   RefPtr<MediaByteBuffer> extra_data =
     mp4_demuxer::AnnexB::ExtractExtraData(aSample);
-  if (!mp4_demuxer::AnnexB::HasSPS(extra_data)
-      || mp4_demuxer::AnnexB::CompareExtraData(extra_data,
-                                               mCurrentConfig.mExtraData)) {
-        return NS_OK;
-      }
+  if (!mp4_demuxer::AnnexB::HasSPS(extra_data)) {
+    MOZ_ASSERT(mCanRecycleDecoder.isSome());
+    if (!*mCanRecycleDecoder) {
+      // If the decoder can't be recycled, the out of band extradata will never
+      // change as the H264Converter will be recreated by the MediaFormatReader
+      // instead. So there's no point in testing for changes.
+      return NS_OK;
+    }
+    // This sample doesn't contain inband SPS/PPS
+    // We now check if the out of band one has changed.
+    if (mp4_demuxer::AnnexB::HasSPS(aSample->mExtraData) &&
+        !mp4_demuxer::AnnexB::CompareExtraData(aSample->mExtraData,
+                                               mOriginalExtraData)) {
+      extra_data = mOriginalExtraData = aSample->mExtraData;
+    }
+  }
+  if (mp4_demuxer::AnnexB::CompareExtraData(extra_data,
+                                            mCurrentConfig.mExtraData)) {
+    return NS_OK;
+  }
 
   RefPtr<MediaRawData> sample = aSample;
-
-  if (CanRecycleDecoder()) {
+  MOZ_ASSERT(mCanRecycleDecoder.isSome());
+  if (*mCanRecycleDecoder) {
     // Do not recreate the decoder, reuse it.
     UpdateConfigFromExtraData(extra_data);
     if (!sample->mTrackInfo) {
       sample->mTrackInfo = new TrackInfoSharedPtr(mCurrentConfig, 0);
     }
     mNeedKeyframe = true;
     return NS_OK;
   }
--- a/dom/media/platforms/wrappers/H264Converter.h
+++ b/dom/media/platforms/wrappers/H264Converter.h
@@ -76,16 +76,18 @@ private:
 
   bool CanRecycleDecoder() const;
 
   void DecodeFirstSample(MediaRawData* aSample);
 
   RefPtr<PlatformDecoderModule> mPDM;
   const VideoInfo mOriginalConfig;
   VideoInfo mCurrentConfig;
+  // Current out of band extra data (as found in metadata's VideoInfo).
+  RefPtr<MediaByteBuffer> mOriginalExtraData;
   RefPtr<layers::KnowsCompositor> mKnowsCompositor;
   RefPtr<layers::ImageContainer> mImageContainer;
   const RefPtr<TaskQueue> mTaskQueue;
   RefPtr<MediaRawData> mPendingSample;
   RefPtr<MediaDataDecoder> mDecoder;
   MozPromiseRequestHolder<InitPromise> mInitPromiseRequest;
   MozPromiseRequestHolder<DecodePromise> mDecodePromiseRequest;
   MozPromiseHolder<DecodePromise> mDecodePromise;
@@ -95,13 +97,14 @@ private:
 
   RefPtr<GMPCrashHelper> mGMPCrashHelper;
   Maybe<bool> mNeedAVCC;
   nsresult mLastError;
   bool mNeedKeyframe = true;
   const TrackInfo::TrackType mType;
   MediaEventProducer<TrackInfo::TrackType>* const mOnWaitingForKeyEvent;
   const CreateDecoderParams::OptionSet mDecoderOptions;
+  Maybe<bool> mCanRecycleDecoder;
 };
 
 } // namespace mozilla
 
 #endif // mozilla_H264Converter_h
--- a/ipc/glue/BackgroundChildImpl.cpp
+++ b/ipc/glue/BackgroundChildImpl.cpp
@@ -28,16 +28,17 @@
 #include "mozilla/dom/GamepadEventChannelChild.h"
 #include "mozilla/dom/GamepadTestChannelChild.h"
 #include "mozilla/dom/MessagePortChild.h"
 #include "mozilla/ipc/IPCStreamAlloc.h"
 #include "mozilla/ipc/PBackgroundTestChild.h"
 #include "mozilla/ipc/PChildToParentStreamChild.h"
 #include "mozilla/ipc/PParentToChildStreamChild.h"
 #include "mozilla/layout/VsyncChild.h"
+#include "mozilla/net/HttpBackgroundChannelChild.h"
 #include "mozilla/net/PUDPSocketChild.h"
 #include "mozilla/dom/network/UDPSocketChild.h"
 #include "mozilla/dom/WebAuthnTransactionChild.h"
 #include "nsID.h"
 #include "nsTraceRefcnt.h"
 
 namespace {
 
@@ -554,16 +555,34 @@ bool
 BackgroundChildImpl::DeallocPWebAuthnTransactionChild(PWebAuthnTransactionChild* aActor)
 {
   MOZ_ASSERT(aActor);
   RefPtr<dom::WebAuthnTransactionChild> child =
     dont_AddRef(static_cast<dom::WebAuthnTransactionChild*>(aActor));
   return true;
 }
 
+net::PHttpBackgroundChannelChild*
+BackgroundChildImpl::AllocPHttpBackgroundChannelChild(const uint64_t& aChannelId)
+{
+  MOZ_CRASH("PHttpBackgroundChannelChild actor should be manually constructed!");
+  return nullptr;
+}
+
+bool
+BackgroundChildImpl::DeallocPHttpBackgroundChannelChild(PHttpBackgroundChannelChild* aActor)
+{
+  // The reference is increased in BackgroundChannelCreateCallback::ActorCreated
+  // of HttpBackgroundChannelChild.cpp. We should decrease it after IPC
+  // destroyed.
+  RefPtr<net::HttpBackgroundChannelChild> child =
+    dont_AddRef(static_cast<net::HttpBackgroundChannelChild*>(aActor));
+  return true;
+}
+
 } // namespace ipc
 } // namespace mozilla
 
 mozilla::ipc::IPCResult
 TestChild::Recv__delete__(const nsCString& aTestArg)
 {
   MOZ_RELEASE_ASSERT(aTestArg == mTestArg,
                      "BackgroundTest message was corrupted!");
--- a/ipc/glue/BackgroundChildImpl.h
+++ b/ipc/glue/BackgroundChildImpl.h
@@ -197,16 +197,22 @@ protected:
   OnChannelReceivedMessage(const Message& aMsg) override;
 #endif
 
   virtual PWebAuthnTransactionChild*
   AllocPWebAuthnTransactionChild() override;
 
   virtual bool
   DeallocPWebAuthnTransactionChild(PWebAuthnTransactionChild* aActor) override;
+
+  virtual PHttpBackgroundChannelChild*
+  AllocPHttpBackgroundChannelChild(const uint64_t& aChannelId) override;
+
+  virtual bool
+  DeallocPHttpBackgroundChannelChild(PHttpBackgroundChannelChild* aActor) override;
 };
 
 class BackgroundChildImpl::ThreadLocal final
 {
   friend class nsAutoPtr<ThreadLocal>;
 
 public:
   nsAutoPtr<mozilla::dom::indexedDB::ThreadLocal> mIndexedDBThreadLocal;
--- a/ipc/glue/BackgroundParentImpl.cpp
+++ b/ipc/glue/BackgroundParentImpl.cpp
@@ -32,16 +32,17 @@
 #include "mozilla/ipc/BackgroundParent.h"
 #include "mozilla/ipc/BackgroundUtils.h"
 #include "mozilla/ipc/IPCStreamAlloc.h"
 #include "mozilla/ipc/PBackgroundSharedTypes.h"
 #include "mozilla/ipc/PBackgroundTestParent.h"
 #include "mozilla/ipc/PChildToParentStreamParent.h"
 #include "mozilla/ipc/PParentToChildStreamParent.h"
 #include "mozilla/layout/VsyncParent.h"
+#include "mozilla/net/HttpBackgroundChannelParent.h"
 #include "mozilla/dom/network/UDPSocketParent.h"
 #include "mozilla/dom/WebAuthnTransactionParent.h"
 #include "mozilla/Preferences.h"
 #include "nsNetUtil.h"
 #include "nsIScriptSecurityManager.h"
 #include "nsProxyRelease.h"
 #include "mozilla/RefPtr.h"
 #include "nsThreadUtils.h"
@@ -867,16 +868,63 @@ BackgroundParentImpl::AllocPWebAuthnTran
 bool
 BackgroundParentImpl::DeallocPWebAuthnTransactionParent(dom::PWebAuthnTransactionParent *aActor)
 {
   MOZ_ASSERT(aActor);
   delete aActor;
   return true;
 }
 
+net::PHttpBackgroundChannelParent*
+BackgroundParentImpl::AllocPHttpBackgroundChannelParent(const uint64_t& aChannelId)
+{
+  AssertIsInMainProcess();
+  AssertIsOnBackgroundThread();
+
+  RefPtr<net::HttpBackgroundChannelParent> actor =
+    new net::HttpBackgroundChannelParent();
+
+  // hold extra refcount for IPDL
+  return actor.forget().take();
+}
+
+mozilla::ipc::IPCResult
+BackgroundParentImpl::RecvPHttpBackgroundChannelConstructor(
+                                      net::PHttpBackgroundChannelParent *aActor,
+                                      const uint64_t& aChannelId)
+{
+  MOZ_ASSERT(aActor);
+  AssertIsInMainProcess();
+  AssertIsOnBackgroundThread();
+
+  net::HttpBackgroundChannelParent* aParent =
+    static_cast<net::HttpBackgroundChannelParent*>(aActor);
+
+  if (NS_WARN_IF(NS_FAILED(aParent->Init(aChannelId)))) {
+    return IPC_FAIL_NO_REASON(this);
+  }
+
+  return IPC_OK();
+}
+
+bool
+BackgroundParentImpl::DeallocPHttpBackgroundChannelParent(
+                                      net::PHttpBackgroundChannelParent *aActor)
+{
+  MOZ_ASSERT(aActor);
+  AssertIsInMainProcess();
+  AssertIsOnBackgroundThread();
+
+  // release extra refcount hold by AllocPHttpBackgroundChannelParent
+  RefPtr<net::HttpBackgroundChannelParent> actor =
+    dont_AddRef(static_cast<net::HttpBackgroundChannelParent*>(aActor));
+
+  return true;
+}
+
 } // namespace ipc
 } // namespace mozilla
 
 void
 TestParent::ActorDestroy(ActorDestroyReason aWhy)
 {
   mozilla::ipc::AssertIsInMainProcess();
   AssertIsOnBackgroundThread();
--- a/ipc/glue/BackgroundParentImpl.h
+++ b/ipc/glue/BackgroundParentImpl.h
@@ -221,14 +221,23 @@ protected:
   virtual bool
   DeallocPGamepadTestChannelParent(PGamepadTestChannelParent* aActor) override;
 
   virtual PWebAuthnTransactionParent*
   AllocPWebAuthnTransactionParent() override;
 
   virtual bool
   DeallocPWebAuthnTransactionParent(PWebAuthnTransactionParent* aActor) override;
+
+  virtual PHttpBackgroundChannelParent*
+  AllocPHttpBackgroundChannelParent(const uint64_t& aChannelId) override;
+
+  virtual mozilla::ipc::IPCResult
+  RecvPHttpBackgroundChannelConstructor(PHttpBackgroundChannelParent *aActor,
+                                        const uint64_t& aChannelId) override;
+  virtual bool
+  DeallocPHttpBackgroundChannelParent(PHttpBackgroundChannelParent *aActor) override;
 };
 
 } // namespace ipc
 } // namespace mozilla
 
 #endif // mozilla_ipc_backgroundparentimpl_h__
--- a/ipc/glue/PBackground.ipdl
+++ b/ipc/glue/PBackground.ipdl
@@ -9,16 +9,17 @@ include protocol PBackgroundTest;
 include protocol PBroadcastChannel;
 include protocol PCache;
 include protocol PCacheStorage;
 include protocol PCacheStreamControl;
 include protocol PFileDescriptorSet;
 include protocol PFileSystemRequest;
 include protocol PGamepadEventChannel;
 include protocol PGamepadTestChannel;
+include protocol PHttpBackgroundChannel;
 include protocol PIPCBlobInputStream;
 include protocol PPendingIPCBlob;
 include protocol PMessagePort;
 include protocol PCameras;
 include protocol PQuota;
 include protocol PChildToParentStream;
 include protocol PParentToChildStream;
 include protocol PServiceWorkerManager;
@@ -56,16 +57,17 @@ sync protocol PBackground
   manages PBroadcastChannel;
   manages PCache;
   manages PCacheStorage;
   manages PCacheStreamControl;
   manages PFileDescriptorSet;
   manages PFileSystemRequest;
   manages PGamepadEventChannel;
   manages PGamepadTestChannel;
+  manages PHttpBackgroundChannel;
   manages PIPCBlobInputStream;
   manages PPendingIPCBlob;
   manages PMessagePort;
   manages PCameras;
   manages PQuota;
   manages PChildToParentStream;
   manages PParentToChildStream;
   manages PServiceWorkerManager;
@@ -110,16 +112,18 @@ parent:
   async PQuota();
 
   async PFileSystemRequest(FileSystemParams params);
 
   async PGamepadEventChannel();
 
   async PGamepadTestChannel();
 
+  async PHttpBackgroundChannel(uint64_t channelId);
+
   async PWebAuthnTransaction();
 
 child:
   async PCache();
   async PCacheStreamControl();
 
   async PParentToChildStream();
 
--- a/layout/style/CSSStyleSheet.cpp
+++ b/layout/style/CSSStyleSheet.cpp
@@ -350,25 +350,28 @@ CSSStyleSheet::CSSStyleSheet(css::SheetP
   mInner->AddSheet(this);
 }
 
 CSSStyleSheet::CSSStyleSheet(const CSSStyleSheet& aCopy,
                              CSSStyleSheet* aParentToUse,
                              dom::CSSImportRule* aOwnerRuleToUse,
                              nsIDocument* aDocumentToUse,
                              nsINode* aOwningNodeToUse)
-  : StyleSheet(aCopy, aOwnerRuleToUse, aDocumentToUse, aOwningNodeToUse),
-    mInRuleProcessorCache(false),
-    mScopeElement(nullptr),
-    mRuleProcessors(nullptr)
+  : StyleSheet(aCopy,
+               aParentToUse,
+               aOwnerRuleToUse,
+               aDocumentToUse,
+               aOwningNodeToUse)
+  , mInRuleProcessorCache(false)
+  , mScopeElement(nullptr)
+  , mRuleProcessors(nullptr)
 {
-  mParent = aParentToUse;
-
   if (mDirty) { // CSSOM's been there, force full copy now
-    NS_ASSERTION(mInner->mComplete, "Why have rules been accessed on an incomplete sheet?");
+    NS_ASSERTION(mInner->mComplete,
+                 "Why have rules been accessed on an incomplete sheet?");
     // FIXME: handle failure?
     //
     // NOTE: It's important to call this from the subclass, since it could
     // access uninitialized members otherwise.
     EnsureUniqueInner();
   }
 }
 
--- a/layout/style/ServoStyleSheet.cpp
+++ b/layout/style/ServoStyleSheet.cpp
@@ -79,22 +79,25 @@ ServoStyleSheet::ServoStyleSheet(css::Sh
   mInner->AddSheet(this);
 }
 
 ServoStyleSheet::ServoStyleSheet(const ServoStyleSheet& aCopy,
                                  ServoStyleSheet* aParentToUse,
                                  dom::CSSImportRule* aOwnerRuleToUse,
                                  nsIDocument* aDocumentToUse,
                                  nsINode* aOwningNodeToUse)
-  : StyleSheet(aCopy, aOwnerRuleToUse, aDocumentToUse, aOwningNodeToUse)
+  : StyleSheet(aCopy,
+               aParentToUse,
+               aOwnerRuleToUse,
+               aDocumentToUse,
+               aOwningNodeToUse)
 {
-  mParent = aParentToUse;
-
   if (mDirty) { // CSSOM's been there, force full copy now
-    NS_ASSERTION(mInner->mComplete, "Why have rules been accessed on an incomplete sheet?");
+    NS_ASSERTION(mInner->mComplete,
+                 "Why have rules been accessed on an incomplete sheet?");
     // FIXME: handle failure?
     //
     // NOTE: It's important to call this from the subclass, since this could
     // access uninitialized members otherwise.
     EnsureUniqueInner();
   }
 }
 
--- a/layout/style/StyleSheet.cpp
+++ b/layout/style/StyleSheet.cpp
@@ -29,29 +29,30 @@ StyleSheet::StyleSheet(StyleBackendType 
   , mDisabled(false)
   , mDocumentAssociationMode(NotOwnedByDocument)
   , mInner(nullptr)
   , mDirty(false)
 {
 }
 
 StyleSheet::StyleSheet(const StyleSheet& aCopy,
+                       StyleSheet* aParentToUse,
                        dom::CSSImportRule* aOwnerRuleToUse,
                        nsIDocument* aDocumentToUse,
                        nsINode* aOwningNodeToUse)
-  : mParent(nullptr)
+  : mParent(aParentToUse)
   , mTitle(aCopy.mTitle)
   , mDocument(aDocumentToUse)
   , mOwningNode(aOwningNodeToUse)
   , mOwnerRule(aOwnerRuleToUse)
   , mParsingMode(aCopy.mParsingMode)
   , mType(aCopy.mType)
   , mDisabled(aCopy.mDisabled)
-    // We only use this constructor during cloning.  It's the cloner's
-    // responsibility to notify us if we end up being owned by a document.
+  // We only use this constructor during cloning.  It's the cloner's
+  // responsibility to notify us if we end up being owned by a document.
   , mDocumentAssociationMode(NotOwnedByDocument)
   , mInner(aCopy.mInner) // Shallow copy, but concrete subclasses will fix up.
   , mDirty(aCopy.mDirty)
 {
   MOZ_ASSERT(mInner, "Should only copy StyleSheets with an mInner.");
   mInner->AddSheet(this);
 
   if (aCopy.mMedia) {
--- a/layout/style/StyleSheet.h
+++ b/layout/style/StyleSheet.h
@@ -48,16 +48,17 @@ class Rule;
  */
 class StyleSheet : public nsIDOMCSSStyleSheet
                  , public nsICSSLoaderObserver
                  , public nsWrapperCache
 {
 protected:
   StyleSheet(StyleBackendType aType, css::SheetParsingMode aParsingMode);
   StyleSheet(const StyleSheet& aCopy,
+             StyleSheet* aParentToUse,
              dom::CSSImportRule* aOwnerRuleToUse,
              nsIDocument* aDocumentToUse,
              nsINode* aOwningNodeToUse);
   virtual ~StyleSheet();
 
 public:
   NS_DECL_CYCLE_COLLECTING_ISUPPORTS
   NS_DECL_CYCLE_COLLECTION_SCRIPT_HOLDER_CLASS_AMBIGUOUS(StyleSheet,
--- a/media/libstagefright/binding/AnnexB.cpp
+++ b/media/libstagefright/binding/AnnexB.cpp
@@ -272,33 +272,41 @@ AnnexB::ConvertSampleToAVCC(mozilla::Med
 }
 
 already_AddRefed<mozilla::MediaByteBuffer>
 AnnexB::ExtractExtraData(const mozilla::MediaRawData* aSample)
 {
   MOZ_ASSERT(IsAVCC(aSample));
 
   RefPtr<mozilla::MediaByteBuffer> extradata = new mozilla::MediaByteBuffer;
-  if (HasSPS(aSample->mExtraData)) {
-    // We already have an explicit extradata, re-use it.
-    extradata = aSample->mExtraData;
-    return extradata.forget();
-  }
 
   // SPS content
   mozilla::Vector<uint8_t> sps;
   ByteWriter spsw(sps);
   int numSps = 0;
   // PPS content
   mozilla::Vector<uint8_t> pps;
   ByteWriter ppsw(pps);
   int numPps = 0;
 
   int nalLenSize = ((*aSample->mExtraData)[4] & 3) + 1;
-  ByteReader reader(aSample->Data(), aSample->Size());
+
+  size_t sampleSize = aSample->Size();
+  if (aSample->mCrypto.mValid) {
+    // The content is encrypted, we can only parse the non-encrypted data.
+    MOZ_ASSERT(aSample->mCrypto.mPlainSizes.Length() > 0);
+    if (aSample->mCrypto.mPlainSizes.Length() == 0 ||
+        aSample->mCrypto.mPlainSizes[0] > sampleSize) {
+      // This is invalid content.
+      return nullptr;
+    }
+    sampleSize = aSample->mCrypto.mPlainSizes[0];
+  }
+
+  ByteReader reader(aSample->Data(), sampleSize);
 
   // Find SPS and PPS NALUs in AVCC data
   while (reader.Remaining() > nalLenSize) {
     uint32_t nalLen;
     switch (nalLenSize) {
       case 1: nalLen = reader.ReadU8();  break;
       case 2: nalLen = reader.ReadU16(); break;
       case 3: nalLen = reader.ReadU24(); break;
@@ -361,57 +369,16 @@ AnnexB::HasSPS(const mozilla::MediaByteB
     return false;
   }
   uint8_t numSps = reader.ReadU8() & 0x1f;
 
   return numSps > 0;
 }
 
 bool
-AnnexB::HasPPS(const mozilla::MediaRawData* aSample)
-{
-  return HasPPS(aSample->mExtraData);
-}
-
-bool
-AnnexB::HasPPS(const mozilla::MediaByteBuffer* aExtraData)
-{
-  if (!aExtraData) {
-    return false;
-  }
-
-  ByteReader reader(aExtraData);
-  const uint8_t* ptr = reader.Read(5);
-  if (!ptr || !reader.CanRead8()) {
-    return false;
-  }
-  uint8_t numSps = reader.ReadU8() & 0x1f;
-  // Skip over the included SPS.
-  for (uint8_t i = 0; i < numSps; i++) {
-    if (reader.Remaining() < 3) {
-      return false;
-    }
-    uint16_t length = reader.ReadU16();
-    if ((reader.PeekU8() & 0x1f) != 7) {
-      // Not an SPS NAL type.
-      return false;
-    }
-    if (!reader.Read(length)) {
-      return false;
-    }
-  }
-  if (!reader.CanRead8()) {
-    return false;
-  }
-  uint8_t numPps = reader.ReadU8();
-
-  return numPps > 0;
-}
-
-bool
 AnnexB::ConvertSampleTo4BytesAVCC(mozilla::MediaRawData* aSample)
 {
   MOZ_ASSERT(IsAVCC(aSample));
 
   int nalLenSize = ((*aSample->mExtraData)[4] & 3) + 1;
 
   if (nalLenSize == 4) {
     return true;
--- a/media/libstagefright/binding/H264.cpp
+++ b/media/libstagefright/binding/H264.cpp
@@ -176,37 +176,16 @@ SPSData::SPSData()
   video_format = 5;
   colour_primaries = 2;
   transfer_characteristics = 2;
   sample_ratio = 1.0;
   memset(scaling_matrix4x4, 16, sizeof(scaling_matrix4x4));
   memset(scaling_matrix8x8, 16, sizeof(scaling_matrix8x8));
 }
 
-PPSData::PPSData()
-{
-  PodZero(this);
-  memset(scaling_matrix4x4, 16, sizeof(scaling_matrix4x4));
-  memset(scaling_matrix8x8, 16, sizeof(scaling_matrix8x8));
-}
-
-const uint8_t H264::ZZ_SCAN[16] = { 0,  1,  4,  8,
-                                    5,  2,  3,  6,
-                                    9, 12, 13, 10,
-                                    7, 11, 14, 15 };
-
-const uint8_t H264::ZZ_SCAN8[64] = {  0,  1,  8, 16,  9,  2,  3, 10,
-                                     17, 24, 32, 25, 18, 11,  4,  5,
-                                     12, 19, 26, 33, 40, 48, 41, 34,
-                                     27, 20, 13,  6,  7, 14, 21, 28,
-                                     35, 42, 49, 56, 57, 50, 43, 36,
-                                     29, 22, 15, 23, 30, 37, 44, 51,
-                                     58, 59, 52, 45, 38, 31, 39, 46,
-                                     53, 60, 61, 54, 47, 55, 62, 63 };
-
 /* static */ already_AddRefed<mozilla::MediaByteBuffer>
 H264::DecodeNALUnit(const mozilla::MediaByteBuffer* aNAL)
 {
   MOZ_ASSERT(aNAL);
 
   if (aNAL->Length() < 4) {
     return nullptr;
   }
@@ -602,79 +581,56 @@ H264::vui_parameters(BitReader& aBr, SPS
   }
   return true;
 }
 
 /* static */ bool
 H264::DecodeSPSFromExtraData(const mozilla::MediaByteBuffer* aExtraData,
                              SPSData& aDest)
 {
-  H264ParametersSet ps;
-  if (!DecodeSPSDataSetFromExtraData(aExtraData, ps.SPSes)) {
-    return false;
-  }
-
-  uint16_t spsId = 0;
-  if (DecodePPSDataSetFromExtraData(aExtraData, ps.SPSes, ps.PPSes)) {
-    // We can't know which PPS is in use without parsing slice header if we
-    // have multiple PPSes, so we always use the first one.
-    spsId = ps.PPSes[0].seq_parameter_set_id;
-  }
-
-  aDest = Move(ps.SPSes[spsId]);
-  return true;
-}
-
-/* static */ bool
-H264::DecodeSPSDataSetFromExtraData(const mozilla::MediaByteBuffer* aExtraData,
-                                    SPSDataSet& aDest)
-{
   if (!AnnexB::HasSPS(aExtraData)) {
     return false;
   }
   ByteReader reader(aExtraData);
 
   if (!reader.Read(5)) {
     return false;
   }
 
   uint8_t numSps = reader.ReadU8() & 0x1f;
   if (!numSps) {
     // No SPS.
     return false;
   }
 
-  for (uint32_t idx = 0; idx < numSps; idx++) {
-    uint16_t length = reader.ReadU16();
+  if (numSps > 1) {
+    NS_WARNING("Multiple SPS, only decoding the first one");
+  }
 
-    if ((reader.PeekU8() & 0x1f) != H264_NAL_SPS) {
-      // Not a SPS NAL type.
-      return false;
-    }
-    const uint8_t* ptr = reader.Read(length);
-    if (!ptr) {
-      return false;
-    }
+  uint16_t length = reader.ReadU16();
 
-    RefPtr<mozilla::MediaByteBuffer> rawNAL = new mozilla::MediaByteBuffer;
-    rawNAL->AppendElements(ptr, length);
-
-    RefPtr<mozilla::MediaByteBuffer> sps = DecodeNALUnit(rawNAL);
+  if ((reader.PeekU8() & 0x1f) != H264_NAL_SPS) {
+    // Not a SPS NAL type.
+    return false;
+  }
+  const uint8_t* ptr = reader.Read(length);
+  if (!ptr) {
+    return false;
+  }
 
-    if (!sps) {
-      return false;
-    }
+  RefPtr<mozilla::MediaByteBuffer> rawNAL = new mozilla::MediaByteBuffer;
+  rawNAL->AppendElements(ptr, length);
+
+  RefPtr<mozilla::MediaByteBuffer> sps = DecodeNALUnit(rawNAL);
 
-    SPSData spsData;
-    if (!DecodeSPS(sps, spsData)) {
-      return false;
-    }
-    aDest.AppendElement(spsData);
+  if (!sps) {
+    return false;
   }
-  return true;
+
+  return DecodeSPS(sps, aDest);
 }
 
 /* static */ bool
 H264::EnsureSPSIsSane(SPSData& aSPS)
 {
   bool valid = true;
   static const float default_aspect = 4.0f / 3.0f;
   if (aSPS.sample_ratio <= 0.0f || aSPS.sample_ratio > 6.0f) {
@@ -689,223 +645,16 @@ H264::EnsureSPSIsSane(SPSData& aSPS)
   }
   if (aSPS.max_num_ref_frames > 16) {
     aSPS.max_num_ref_frames = 16;
     valid = false;
   }
   return valid;
 }
 
-/* static */ bool
-H264::DecodePPSDataSetFromExtraData(const mozilla::MediaByteBuffer* aExtraData,
-                                    const SPSDataSet& aSPSes, PPSDataSet& aDest)
-{
-  if (!AnnexB::HasPPS(aExtraData)) {
-    return false;
-  }
-  ByteReader reader(aExtraData);
-
-  if (!reader.Read(5)) {
-    return false;
-  }
-
-  uint8_t numSps = reader.ReadU8() & 0x1f;
-  if (!numSps) {
-    // No SPS.
-    return false;
-  }
-  NS_ASSERTION(numSps == 1, "More than one SPS in extradata");
-  for (uint8_t i = 0; i < numSps; i++) {
-    uint16_t length = reader.ReadU16();
-
-    if ((reader.PeekU8() & 0x1f) != H264_NAL_SPS) {
-      // Not a SPS NAL type.
-      return false;
-    }
-    const uint8_t* ptr = reader.Read(length);
-    if (!ptr) {
-      return false;
-    }
-  }
-  uint8_t numPps = reader.ReadU8();
-  if (!numPps) {
-    // No PPs.
-    return false;
-  }
-
-  for (uint32_t idx = 0; idx < numPps; idx++) {
-    uint16_t length = reader.ReadU16();
-
-    if ((reader.PeekU8() & 0x1f) != H264_NAL_PPS) {
-      // Not a PPS NAL type.
-      return false;
-    }
-    const uint8_t* ptr = reader.Read(length);
-    if (!ptr) {
-      return false;
-    }
-
-    RefPtr<mozilla::MediaByteBuffer> rawNAL = new mozilla::MediaByteBuffer;
-    rawNAL->AppendElements(ptr, length);
-
-    RefPtr<mozilla::MediaByteBuffer> pps = DecodeNALUnit(rawNAL);
-
-    if (!pps) {
-      return false;
-    }
-
-    PPSData ppsData;
-    if (!DecodePPS(pps, aSPSes, ppsData)) {
-      return false;
-    }
-    if (ppsData.pic_parameter_set_id >= aDest.Length()) {
-      aDest.SetLength(ppsData.pic_parameter_set_id + 1);
-    }
-    aDest[ppsData.pic_parameter_set_id] = Move(ppsData);
-  }
-  return true;
-}
-
-/* static */ bool
-H264::DecodePPS(const mozilla::MediaByteBuffer* aPPS, const SPSDataSet& aSPSes,
-                PPSData& aDest)
-{
-  if (!aPPS) {
-    return false;
-  }
-
-  if (aSPSes.IsEmpty()) {
-    return false;
-  }
-
-  BitReader br(aPPS, GetBitLength(aPPS));
-
-  READUE(pic_parameter_set_id, MAX_PPS_COUNT - 1);
-  READUE(seq_parameter_set_id, MAX_SPS_COUNT - 1);
-
-  if (aDest.seq_parameter_set_id >= aSPSes.Length()) {
-    // Invalid SPS id.
-    return false;
-  }
-  const SPSData& sps = aSPSes[aDest.seq_parameter_set_id];
-
-  memcpy(aDest.scaling_matrix4x4, sps.scaling_matrix4x4,
-         sizeof(aDest.scaling_matrix4x4));
-  memcpy(aDest.scaling_matrix8x8, sps.scaling_matrix8x8,
-         sizeof(aDest.scaling_matrix8x8));
-
-  aDest.entropy_coding_mode_flag = br.ReadBit();
-  aDest.bottom_field_pic_order_in_frame_present_flag = br.ReadBit();
-  READUE(num_slice_groups_minus1, 7);
-  if (aDest.num_slice_groups_minus1 > 0) {
-    READUE(slice_group_map_type, 6);
-    switch (aDest.slice_group_map_type) {
-      case 0:
-        for (uint8_t iGroup = 0; iGroup <= aDest.num_slice_groups_minus1;
-             iGroup++) {
-          aDest.run_length_minus1[iGroup] = br.ReadUE();
-        }
-        break;
-      case 2:
-        for (uint8_t iGroup = 0; iGroup < aDest.num_slice_groups_minus1;
-             iGroup++) {
-          aDest.top_left[iGroup] = br.ReadUE();
-          aDest.bottom_right[iGroup] = br.ReadUE();
-        }
-        break;
-      case 3:
-      case 4:
-      case 5:
-        aDest.slice_group_change_direction_flag = br.ReadBit();
-        aDest.slice_group_change_rate_minus1 = br.ReadUE();
-        break;
-      case 6:
-        aDest.pic_size_in_map_units_minus1 = br.ReadUE();
-        for (uint32_t i = 0; i <= aDest.pic_size_in_map_units_minus1; i++) {
-          /* slice_group_id[ i ] identifies a slice group of the i-th slice group map
-            unit in raster scan order. The length of the slice_group_id[i] syntax
-            element is Ceil(Log2(num_slice_groups_minus1+1)) bits. The value of
-            slice_group_id[i] shall be in the range of 0 to num_slice_groups_minus1,
-            inclusive. */
-          br.ReadBits(std::ceil(std::log2(aDest.num_slice_groups_minus1 + 1)));
-        }
-        break;
-      default:
-        return false;
-    }
-  }
-  READUE(num_ref_idx_l0_default_active_minus1, 31);
-  READUE(num_ref_idx_l1_default_active_minus1, 31);
-  aDest.weighted_pred_flag = br.ReadBit();
-  aDest.weighted_bipred_idc = br.ReadBits(2);
-  READSE(pic_init_qp_minus26, -(26 + 6 * sps.bit_depth_luma_minus8), 25);
-  READSE(pic_init_qs_minus26, -26, 26);
-  READSE(chroma_qp_index_offset, -12, 12);
-  aDest.deblocking_filter_control_present_flag = br.ReadBit();
-  aDest.constrained_intra_pred_flag = br.ReadBit();
-  aDest.redundant_pic_cnt_present_flag = br.ReadBit();
-  if (br.BitsLeft()) {
-    aDest.transform_8x8_mode_flag = br.ReadBit();
-    if (br.ReadBit()) { // pic_scaling_matrix_present_flag
-      if (sps.seq_scaling_matrix_present_flag) {
-        scaling_list(br, aDest.scaling_matrix4x4[0], Default_4x4_Intra);
-        scaling_list(br, aDest.scaling_matrix4x4[1], Default_4x4_Intra,
-                     aDest.scaling_matrix4x4[0]);
-        scaling_list(br, aDest.scaling_matrix4x4[2], Default_4x4_Intra,
-                     aDest.scaling_matrix4x4[1]);
-        scaling_list(br, aDest.scaling_matrix4x4[3], Default_4x4_Inter);
-      } else {
-        scaling_list(br, aDest.scaling_matrix4x4[0], Default_4x4_Intra,
-                     Default_4x4_Intra);
-        scaling_list(br, aDest.scaling_matrix4x4[1], Default_4x4_Intra,
-                     aDest.scaling_matrix4x4[0]);
-        scaling_list(br, aDest.scaling_matrix4x4[2], Default_4x4_Intra,
-                     aDest.scaling_matrix4x4[1]);
-        scaling_list(br, aDest.scaling_matrix4x4[3], Default_4x4_Inter,
-                     Default_4x4_Inter);
-      }
-      scaling_list(br, aDest.scaling_matrix4x4[4], Default_4x4_Inter,
-                   aDest.scaling_matrix4x4[3]);
-      scaling_list(br, aDest.scaling_matrix4x4[5], Default_4x4_Inter,
-                   aDest.scaling_matrix4x4[4]);
-      if (aDest.transform_8x8_mode_flag) {
-        if (sps.seq_scaling_matrix_present_flag) {
-          scaling_list(br, aDest.scaling_matrix8x8[0], Default_8x8_Intra);
-          scaling_list(br, aDest.scaling_matrix8x8[1], Default_8x8_Inter);
-        } else {
-          scaling_list(br, aDest.scaling_matrix8x8[0], Default_8x8_Intra,
-                       Default_8x8_Intra);
-          scaling_list(br, aDest.scaling_matrix8x8[1], Default_8x8_Inter,
-                       Default_8x8_Inter);
-        }
-        if (sps.chroma_format_idc == 3) {
-          scaling_list(br, aDest.scaling_matrix8x8[2], Default_8x8_Intra,
-                       aDest.scaling_matrix8x8[0]);
-          scaling_list(br, aDest.scaling_matrix8x8[3], Default_8x8_Inter,
-                       aDest.scaling_matrix8x8[1]);
-          scaling_list(br, aDest.scaling_matrix8x8[4], Default_8x8_Intra,
-                       aDest.scaling_matrix8x8[2]);
-          scaling_list(br, aDest.scaling_matrix8x8[5], Default_8x8_Inter,
-                       aDest.scaling_matrix8x8[3]);
-        }
-      }
-    }
-    READSE(second_chroma_qp_index_offset, -12, 12);
-  }
-  return true;
-}
-
-/* static */ bool
-H264::DecodeParametersSet(const mozilla::MediaByteBuffer* aExtraData,
-                         H264ParametersSet& aDest)
-{
-  return DecodeSPSDataSetFromExtraData(aExtraData, aDest.SPSes) &&
-         DecodePPSDataSetFromExtraData(aExtraData, aDest.SPSes, aDest.PPSes);
-}
-
 /* static */ uint32_t
 H264::ComputeMaxRefFrames(const mozilla::MediaByteBuffer* aExtraData)
 {
   uint32_t maxRefFrames = 4;
   // Retrieve video dimensions from H264 SPS NAL.
   SPSData spsdata;
   if (DecodeSPSFromExtraData(aExtraData, spsdata)) {
     // max_num_ref_frames determines the size of the sliding window
--- a/media/libstagefright/binding/include/mp4_demuxer/AnnexB.h
+++ b/media/libstagefright/binding/include/mp4_demuxer/AnnexB.h
@@ -24,25 +24,22 @@ public:
   // Convert a sample from Annex B to AVCC.
   // an AVCC extradata must not be set.
   static bool ConvertSampleToAVCC(mozilla::MediaRawData* aSample);
   static bool ConvertSampleTo4BytesAVCC(mozilla::MediaRawData* aSample);
 
   // Parse an AVCC extradata and construct the Annex B sample header.
   static already_AddRefed<mozilla::MediaByteBuffer> ConvertExtraDataToAnnexB(
     const mozilla::MediaByteBuffer* aExtraData);
-  // Extract SPS and PPS NALs from aSample, aSample must be in AVCC format.
-  // If aSample already contains an extradata with an SPS, it will be returned
-  // otherwise the SPS/PPS NALs are searched in-band.
+  // Extract SPS and PPS NALs from aSample by looking into each NALs.
+  // aSample must be in AVCC format.
   static already_AddRefed<mozilla::MediaByteBuffer> ExtractExtraData(
     const mozilla::MediaRawData* aSample);
   static bool HasSPS(const mozilla::MediaRawData* aSample);
   static bool HasSPS(const mozilla::MediaByteBuffer* aExtraData);
-  static bool HasPPS(const mozilla::MediaRawData* aSample);
-  static bool HasPPS(const mozilla::MediaByteBuffer* aExtraData);
   // Returns true if format is AVCC and sample has valid extradata.
   static bool IsAVCC(const mozilla::MediaRawData* aSample);
   // Returns true if format is AnnexB.
   static bool IsAnnexB(const mozilla::MediaRawData* aSample);
   // Return true if both extradata are equal.
   static bool CompareExtraData(const mozilla::MediaByteBuffer* aExtraData1,
                                const mozilla::MediaByteBuffer* aExtraData2);
 
--- a/media/libstagefright/binding/include/mp4_demuxer/H264.h
+++ b/media/libstagefright/binding/include/mp4_demuxer/H264.h
@@ -398,212 +398,16 @@ struct SPSData
 
   bool scaling_matrix_present;
   uint8_t scaling_matrix4x4[6][16];
   uint8_t scaling_matrix8x8[6][64];
 
   SPSData();
 };
 
-struct PPSData
-{
-  /*
-    H264 decoding parameters according to ITU-T H.264 (T-REC-H.264-201402-I/en)
-   http://www.itu.int/rec/T-REC-H.264-201402-I/en
-   7.3.2.2 Picture parameter set RBSP syntax
-  */
-  /* pic_parameter_set_id identifies the picture parameter set that is referred
-      to in the slice header. The value of pic_parameter_set_id shall be in the
-      range of 0 to 255, inclusive. */
-  uint8_t pic_parameter_set_id;
-
-  /* seq_parameter_set_id refers to the active sequence parameter set. The value
-    of seq_parameter_set_id shall be in the range of 0 to 31, inclusive. */
-  uint8_t seq_parameter_set_id;
-
-  /* entropy_coding_mode_flag selects the entropy decoding method to be applied
-    for the syntax elements for which two descriptors appear in the syntax tables
-    as follows:
-    – If entropy_coding_mode_flag is equal to 0, the method specified by the
-      left descriptor in the syntax table is applied (Exp-Golomb coded, see
-      clause 9.1 or CAVLC, see clause 9.2).
-    – Otherwise (entropy_coding_mode_flag is equal to 1), the method specified
-      by the right descriptor in the syntax table is applied (CABAC, see clause
-      9.3) */
-  bool entropy_coding_mode_flag;
-
-  /* bottom_field_pic_order_in_frame_present_flag equal to 1 specifies that the
-    syntax  elements delta_pic_order_cnt_bottom (when pic_order_cnt_type is
-    equal to 0) or delta_pic_order_cnt[ 1 ] (when pic_order_cnt_type is equal to
-    1), which are related to picture order counts for the bottom field of a
-    coded frame, are present in the slice headers for coded frames as specified
-    in clause 7.3.3. bottom_field_pic_order_in_frame_present_flag equal to 0
-    specifies that the syntax elements delta_pic_order_cnt_bottom and
-    delta_pic_order_cnt[ 1 ] are not present in the slice headers.
-    Also known has pic_order_present_flag. */
-  bool bottom_field_pic_order_in_frame_present_flag;
-
-  /* num_slice_groups_minus1 plus 1 specifies the number of slice groups for a
-    picture. When num_slice_groups_minus1 is equal to 0, all slices of the
-    picture belong to the same slice group. The allowed range of
-    num_slice_groups_minus1 is specified in Annex A. */
-  uint8_t num_slice_groups_minus1;
-
-  /* slice_group_map_type specifies how the mapping of slice group map units to
-    slice groups is coded. The value of slice_group_map_type shall be in the
-    range of 0 to 6, inclusive. */
-  uint8_t slice_group_map_type;
-
-  /* run_length_minus1[i] is used to specify the number of consecutive slice
-    group map units to be assigned to the i-th slice group in raster scan order
-    of slice group map units. The value of run_length_minus1[ i ] shall be in
-    the range of 0 to PicSizeInMapUnits − 1, inclusive. */
-  uint32_t run_length_minus1[8];
-
-  /* top_left[i] and bottom_right[i] specify the top-left and bottom-right
-    corners of a rectangle, respectively. top_left[i] and bottom_right[i] are
-    slice group map unit positions in a raster scan of the picture for the slice
-    group map units. For each rectangle i, all of the following constraints
-    shall be obeyed by the values of the syntax elements top_left[i] and
-    bottom_right[i]:
-      – top_left[ i ] shall be less than or equal to bottom_right[i] and
-        bottom_right[i] shall be less than PicSizeInMapUnits.
-      – (top_left[i] % PicWidthInMbs) shall be less than or equal to the value
-        of (bottom_right[i] % PicWidthInMbs). */
-  uint32_t top_left[8];
-  uint32_t bottom_right[8];
-
-  /* slice_group_change_direction_flag is used with slice_group_map_type to
-    specify the refined map type when slice_group_map_type is 3, 4, or 5. */
-  bool slice_group_change_direction_flag;
-
-  /* slice_group_change_rate_minus1 is used to specify the variable
-    SliceGroupChangeRate. SliceGroupChangeRate specifies the multiple in number
-    of slice group map units by which the size of a slice group can change from
-    one picture to the next. The value of slice_group_change_rate_minus1 shall
-    be in the range of 0 to PicSizeInMapUnits − 1, inclusive.
-    The SliceGroupChangeRate variable is specified as follows:
-      SliceGroupChangeRate = slice_group_change_rate_minus1 + 1 */
-  uint32_t slice_group_change_rate_minus1;
-
-  /* pic_size_in_map_units_minus1 is used to specify the number of slice group
-    map units in the picture. pic_size_in_map_units_minus1 shall be equal to
-    PicSizeInMapUnits − 1. */
-  uint32_t pic_size_in_map_units_minus1;
-
-  /* num_ref_idx_l0_default_active_minus1 specifies how
-    num_ref_idx_l0_active_minus1 is inferred for P, SP, and B slices
-    with num_ref_idx_active_override_flag equal to 0. The value of
-    num_ref_idx_l0_default_active_minus1 shall be in the
-    range of 0 to 31, inclusive. */
-  uint8_t num_ref_idx_l0_default_active_minus1;
-
-  /* num_ref_idx_l1_default_active_minus1 specifies how
-    num_ref_idx_l1_active_minus1 is inferred for B slices with
-    num_ref_idx_active_override_flag equal to 0. The value of
-    num_ref_idx_l1_default_active_minus1 shall be in the range
-    of 0 to 31, inclusive. */
-  uint8_t num_ref_idx_l1_default_active_minus1;
-
-  /* weighted_pred_flag equal to 0 specifies that the default weighted
-    prediction shall be applied to P and SP slices.
-    weighted_pred_flag equal to 1 specifies that explicit weighted prediction
-    shall be applied to P and SP slices.weighted_pred_flag 1 */
-  bool weighted_pred_flag;
-
-  /* weighted_bipred_idc equal to 0 specifies that the default weighted
-     prediction shall be applied to B slices.
-     weighted_bipred_idc equal to 1 specifies that explicit weighted prediction
-     shall be applied to B slices. weighted_bipred_idc equal to 2 specifies that
-     implicit weighted prediction shall be applied to B slices. The value of
-     weighted_bipred_idc shall be in the range of 0 to 2, inclusive. */
-  uint8_t weighted_bipred_idc;
-
-  /* pic_init_qp_minus26 specifies the initial value minus 26 of SliceQP Y for
-     each slice. The initial value is modified at the slice layer when a
-     non-zero value of slice_qp_delta is decoded, and is modified further when a
-     non-zero value of mb_qp_delta is decoded at the macroblock layer.
-     The value of pic_init_qp_minus26 shall be in the range of
-     −(26 + QpBdOffset Y ) to +25, inclusive. */
-  int8_t pic_init_qp_minus26;
-
-  /* pic_init_qs_minus26 specifies the initial value minus 26 of SliceQS Y for
-    all macroblocks in SP or SI slices. The initial value is modified at the
-    slice layer when a non-zero value of slice_qs_delta is decoded.
-    The value of pic_init_qs_minus26 shall be in the range of −26 to +25,
-    inclusive. */
-  int8_t pic_init_qs_minus26;
-
-  /* chroma_qp_index_offset specifies the offset that shall be added to QP Y and
-    QS Y for addressing the table of QP C values for the Cb chroma component.
-    The value of chroma_qp_index_offset shall be in the range of −12 to +12,
-    inclusive. */
-  int8_t chroma_qp_index_offset;
-
-  /* deblocking_filter_control_present_flag equal to 1 specifies that a set of
-    syntax elements controlling the characteristics of the deblocking filter is
-    present in the slice header. deblocking_filter_control_present_flag equal to
-    0 specifies that the set of syntax elements controlling the characteristics
-    of the deblocking filter is not present in the slice headers and their
-    inferred values are in effect. */
-  bool deblocking_filter_control_present_flag;
-
-  /* constrained_intra_pred_flag equal to 0 specifies that intra prediction
-    allows usage of residual data and decoded samples of neighbouring
-    macroblocks coded using Inter macroblock prediction modes for the prediction
-    of macroblocks coded using Intra macroblock prediction modes.
-    constrained_intra_pred_flag equal to 1 specifies constrained intra
-    prediction, in which case prediction of macroblocks coded using Intra
-    macroblock prediction modes only uses residual data and decoded samples from
-    I or SI macroblock types. */
-  bool constrained_intra_pred_flag;
-
-  /* redundant_pic_cnt_present_flag equal to 0 specifies that the
-    redundant_pic_cnt syntax element is not present in slice headers, coded
-    slice data partition B NAL units, and coded slice data partition C NAL units
-    that refer (either directly or by association with a corresponding coded
-    slice data partition A NAL unit) to the picture parameter set.
-    redundant_pic_cnt_present_flag equal to 1 specifies that the
-    redundant_pic_cnt syntax element is present in all slice headers, coded
-    slice data partition B NAL units, and coded slice data partition C NAL units
-    that refer (either directly or by association with a corresponding coded
-    slice data partition A NAL unit) to the picture parameter set. */
-  bool redundant_pic_cnt_present_flag;
-
-  /* transform_8x8_mode_flag equal to 1 specifies that the 8x8 transform
-    decoding process may be in use (see clause 8.5).
-    transform_8x8_mode_flag equal to 0 specifies that the 8x8 transform decoding
-    process is not in use. When transform_8x8_mode_flag is not present, it shall
-    be inferred to be 0. */
-  bool transform_8x8_mode_flag;
-
-  /* second_chroma_qp_index_offset specifies the offset that shall be added to
-    QP Y and QS Y for addressing the table of QP C values for the Cr chroma
-    component.
-    The value of second_chroma_qp_index_offset shall be in the range of
-    −12 to +12, inclusive.
-    When second_chroma_qp_index_offset is not present, it shall be inferred to
-    be equal to chroma_qp_index_offset. */
-  int8_t second_chroma_qp_index_offset;
-
-  uint8_t scaling_matrix4x4[6][16];
-  uint8_t scaling_matrix8x8[6][64];
-
-  PPSData();
-};
-
-typedef AutoTArray<SPSData, MAX_SPS_COUNT> SPSDataSet;
-typedef AutoTArray<PPSData, MAX_PPS_COUNT> PPSDataSet;
-
-struct H264ParametersSet
-{
-  SPSDataSet SPSes;
-  PPSDataSet PPSes;
-};
-
 class H264
 {
 public:
   /* Extract RAW BYTE SEQUENCE PAYLOAD from NAL content.
      Returns nullptr if invalid content.
      This is compliant to ITU H.264 7.3.1 Syntax in tabular form NAL unit syntax
    */
   static already_AddRefed<mozilla::MediaByteBuffer> DecodeNALUnit(
@@ -611,56 +415,35 @@ public:
 
   // Ensure that SPS data makes sense, Return true if SPS data was, and false
   // otherwise. If false, then content will be adjusted accordingly.
   static bool EnsureSPSIsSane(SPSData& aSPS);
 
   static bool DecodeSPSFromExtraData(const mozilla::MediaByteBuffer* aExtraData,
                                      SPSData& aDest);
 
-  static bool DecodeParametersSet(const mozilla::MediaByteBuffer* aExtraData,
-                                  H264ParametersSet& aDest);
-
   // If the given aExtraData is valid, return the aExtraData.max_num_ref_frames
   // clamped to be in the range of [4, 16]; otherwise return 4.
   static uint32_t ComputeMaxRefFrames(
     const mozilla::MediaByteBuffer* aExtraData);
 
   enum class FrameType
   {
     I_FRAME,
     OTHER,
     INVALID,
   };
 
   // Returns the frame type. Returns I_FRAME if the sample is an IDR
   // (Instantaneous Decoding Refresh) Picture.
   static FrameType GetFrameType(const mozilla::MediaRawData* aSample);
 
-  // ZigZag index taBles.
-  // Some hardware requires the tables to be in zigzag order.
-  // Use ZZ_SCAN table for the scaling_matrix4x4.
-  // Use ZZ_SCAN8 table for the scaling_matrix8x8.
-  // e.g. dest_scaling_matrix4x4[i,j] = scaling_matrix4x4[ZZ_SCAN(i,j)]
-  static const uint8_t ZZ_SCAN[16];
-  static const uint8_t ZZ_SCAN8[64];
-
 private:
-  static bool DecodeSPSDataSetFromExtraData(const mozilla::MediaByteBuffer* aExtraData,
-                                            SPSDataSet& aDest);
-
-  static bool DecodePPSDataSetFromExtraData(const mozilla::MediaByteBuffer* aExtraData,
-                                            const SPSDataSet& aPS,
-                                            PPSDataSet& aDest);
-
   /* Decode SPS NAL RBSP and fill SPSData structure */
   static bool DecodeSPS(const mozilla::MediaByteBuffer* aSPS, SPSData& aDest);
-  /* Decode PPS NAL RBSP and fill PPSData structure */
-  static bool DecodePPS(const mozilla::MediaByteBuffer* aPPS,
-                        const SPSDataSet& aSPSs, PPSData& aDest);
   static bool vui_parameters(BitReader& aBr, SPSData& aDest);
   // Read HRD parameters, all data is ignored.
   static void hrd_parameters(BitReader& aBr);
 };
 
 } // namespace mp4_demuxer
 
 #endif // MP4_DEMUXER_H264_H_
--- a/mfbt/AlreadyAddRefed.h
+++ b/mfbt/AlreadyAddRefed.h
@@ -62,20 +62,17 @@ struct MOZ_MUST_USE_TYPE MOZ_NON_AUTOABL
    * this behavior through the default constructor.
    *
    * We can revert to simply explicit (T*) and implicit (decltype(nullptr)) when
    * nullptr no longer needs to be emulated to support the ancient b2g compiler.
    * (The () overload could also be removed, if desired, if we changed callers.)
    */
   already_AddRefed() : mRawPtr(nullptr) {}
 
-  // The return and argument types here are arbitrarily selected so no
-  // corresponding member function exists.
-  typedef void (already_AddRefed::* MatchNullptr)(double, float);
-  MOZ_IMPLICIT already_AddRefed(MatchNullptr aRawPtr) : mRawPtr(nullptr) {}
+  MOZ_IMPLICIT already_AddRefed(decltype(nullptr)) : mRawPtr(nullptr) {}
 
   explicit already_AddRefed(T* aRawPtr) : mRawPtr(aRawPtr) {}
 
   // Disallow copy constructor and copy assignment operator: move semantics used instead.
   already_AddRefed(const already_AddRefed<T>& aOther) = delete;
   already_AddRefed<T>& operator=(const already_AddRefed<T>& aOther) = delete;
 
   already_AddRefed(already_AddRefed<T>&& aOther) : mRawPtr(aOther.take()) {}
--- a/netwerk/base/ProxyAutoConfig.cpp
+++ b/netwerk/base/ProxyAutoConfig.cpp
@@ -386,16 +386,17 @@ bool PACResolve(const nsCString &aHostNa
   return GetRunning()->ResolveAddress(aHostName, aNetAddr, aTimeout);
 }
 
 ProxyAutoConfig::ProxyAutoConfig()
   : mJSContext(nullptr)
   , mJSNeedsSetup(false)
   , mShutdown(false)
   , mIncludePath(false)
+  , mExtraHeapSize(0)
 {
   MOZ_COUNT_CTOR(ProxyAutoConfig);
 }
 
 bool
 ProxyAutoConfig::ResolveAddress(const nsCString &aHostName,
                                 NetAddr *aNetAddr,
                                 unsigned int aTimeout)
@@ -546,19 +547,19 @@ static const JSFunctionSpec PACGlobalFun
   JS_FS_END
 };
 
 // JSContextWrapper is a c++ object that manages the context for the JS engine
 // used on the PAC thread. It is initialized and destroyed on the PAC thread.
 class JSContextWrapper
 {
  public:
-  static JSContextWrapper *Create()
+  static JSContextWrapper *Create(uint32_t aExtraHeapSize)
   {
-    JSContext* cx = JS_NewContext(sContextHeapSize);
+    JSContext* cx = JS_NewContext(sContextHeapSize + aExtraHeapSize);
     if (NS_WARN_IF(!cx))
       return nullptr;
 
     JSContextWrapper *entry = new JSContextWrapper(cx);
     if (NS_FAILED(entry->Init())) {
       delete entry;
       return nullptr;
     }
@@ -593,17 +594,17 @@ class JSContextWrapper
   }
 
   bool IsOK()
   {
     return mOK;
   }
 
 private:
-  static const unsigned sContextHeapSize = 4 << 20; // 4 MB
+  static const uint32_t sContextHeapSize = 4 << 20; // 4 MB
 
   JSContext *mContext;
   JS::PersistentRooted<JSObject*> mGlobal;
   bool      mOK;
 
   static const JSClass sGlobalClass;
 
   explicit JSContextWrapper(JSContext* cx)
@@ -671,22 +672,24 @@ void
 ProxyAutoConfig::SetThreadLocalIndex(uint32_t index)
 {
   sRunningIndex = index;
 }
 
 nsresult
 ProxyAutoConfig::Init(const nsCString &aPACURI,
                       const nsCString &aPACScript,
-                      bool aIncludePath)
+                      bool aIncludePath,
+                      uint32_t aExtraHeapSize)
 {
   mPACURI = aPACURI;
   mPACScript = sPacUtils;
   mPACScript.Append(aPACScript);
   mIncludePath = aIncludePath;
+  mExtraHeapSize = aExtraHeapSize;
 
   if (!GetRunning())
     return SetupJS();
 
   mJSNeedsSetup = true;
   return NS_OK;
 }
 
@@ -699,17 +702,17 @@ ProxyAutoConfig::SetupJS()
   delete mJSContext;
   mJSContext = nullptr;
 
   if (mPACScript.IsEmpty())
     return NS_ERROR_FAILURE;
 
   NS_GetCurrentThread()->SetCanInvokeJS(true);
 
-  mJSContext = JSContextWrapper::Create();
+  mJSContext = JSContextWrapper::Create(mExtraHeapSize);
   if (!mJSContext)
     return NS_ERROR_FAILURE;
 
   JSContext* cx = mJSContext->Context();
   JSAutoRequest ar(cx);
   JSAutoCompartment ac(cx, mJSContext->Global());
   AutoPACErrorReporter aper(cx);
 
--- a/netwerk/base/ProxyAutoConfig.h
+++ b/netwerk/base/ProxyAutoConfig.h
@@ -26,17 +26,18 @@ union NetAddr;
 
 class ProxyAutoConfig  {
 public:
   ProxyAutoConfig();
   ~ProxyAutoConfig();
 
   nsresult Init(const nsCString &aPACURI,
                 const nsCString &aPACScript,
-                bool aIncludePath);
+                bool aIncludePath,
+                uint32_t aExtraHeapSize);
   void     SetThreadLocalIndex(uint32_t index);
   void     Shutdown();
   void     GC();
   bool     MyIPAddress(const JS::CallArgs &aArgs);
   bool     ResolveAddress(const nsCString &aHostName,
                           NetAddr *aNetAddr, unsigned int aTimeout);
 
   /**
@@ -89,16 +90,17 @@ private:
                           const JS::CallArgs &aArgs, bool* aResult);
 
   JSContextWrapper *mJSContext;
   bool              mJSNeedsSetup;
   bool              mShutdown;
   nsCString         mPACScript;
   nsCString         mPACURI;
   bool              mIncludePath;
+  uint32_t          mExtraHeapSize;
   nsCString         mRunningHost;
   nsCOMPtr<nsITimer> mTimer;
 };
 
 } // namespace net
 } // namespace mozilla
 
 #endif  // ProxyAutoConfig_h__
--- a/netwerk/base/nsIParentRedirectingChannel.idl
+++ b/netwerk/base/nsIParentRedirectingChannel.idl
@@ -3,16 +3,30 @@
  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
 
 #include "nsIParentChannel.idl"
 
 interface nsITabParent;
 interface nsIChannel;
 interface nsIAsyncVerifyRedirectCallback;
 
+[builtinclass, uuid(01987690-48cf-45de-bae3-e143c2adc2a8)]
+interface nsIAsyncVerifyRedirectReadyCallback : nsISupports
+{
+  /**
+   * Asynchronous callback when redirected channel finishes the preparation for
+   * completing the verification procedure.
+   *
+   * @param result
+   *    SUCCEEDED if preparation for redirection verification succceed.
+   *    If FAILED the redirection must be aborted.
+   */
+  void readyToVerify(in nsresult result);
+};
+
 /**
  * Implemented by chrome side of IPC protocols that support redirect responses.
  */
 
 [scriptable, uuid(3ed1d288-5324-46ee-8a98-33ac37d1080b)]
 interface nsIParentRedirectingChannel : nsIParentChannel
 {
   /**
@@ -29,16 +43,27 @@ interface nsIParentRedirectingChannel : 
    *    nsIChannelEventSink defines it
    */
   void startRedirect(in uint32_t newChannelId,
                      in nsIChannel newChannel,
                      in uint32_t redirectFlags,
                      in nsIAsyncVerifyRedirectCallback callback);
 
   /**
+   * Called to new channel when the original channel got Redirect2Verify
+   * response from child. Callback will be invoked when the new channel
+   * finishes the preparation for Redirect2Verify and can be called immediately.
+   *
+   * @param callback
+   *    redirect ready callback, will be called when redirect verification
+   *    procedure can proceed.
+   */
+  void continueVerification(in nsIAsyncVerifyRedirectReadyCallback callback);
+
+  /**
    * Called after we are done with redirecting process and we know if to
    * redirect or not.  Forward the redirect result to the child process.  From
    * that moment the nsIParentChannel implementation expects it will be
    * forwarded all notifications from the 'real' channel.
    *
    * Primarilly used by HttpChannelParentListener::OnRedirectResult and kept
    * as mActiveChannel and mRedirectChannel in that class.
    */
--- a/netwerk/base/nsPACMan.cpp
+++ b/netwerk/base/nsPACMan.cpp
@@ -45,16 +45,42 @@ HttpRequestSucceeded(nsIStreamLoader *lo
   if (httpChannel) {
     // failsafe
     Unused << httpChannel->GetRequestSucceeded(&result);
   }
 
   return result;
 }
 
+// Read preference setting of extra JavaScript context heap size.
+// PrefService tends to be run on main thread, where ProxyAutoConfig runs on
+// ProxyResolution thread, so it's read here and passed to ProxyAutoConfig.
+static uint32_t
+GetExtraJSContextHeapSize()
+{
+  MOZ_ASSERT(NS_IsMainThread());
+
+  static int32_t extraSize = -1;
+
+  if (extraSize < 0) {
+    nsCOMPtr<nsIPrefBranch> prefs = do_GetService(NS_PREFSERVICE_CONTRACTID);
+    int32_t value;
+
+    if (prefs && NS_SUCCEEDED(prefs->GetIntPref(
+        "network.proxy.autoconfig_extra_jscontext_heap_size", &value))) {
+      LOG(("autoconfig_extra_jscontext_heap_size: %d\n", value));
+
+      extraSize = value;
+    }
+  }
+
+  return extraSize < 0 ? 0 : extraSize;
+}
+
+
 //-----------------------------------------------------------------------------
 
 // The ExecuteCallback runnable is triggered by
 // nsPACManCallback::OnQueryComplete on the Main thread when its completion is
 // discovered on the pac thread
 
 class ExecuteCallback final : public Runnable
 {
@@ -175,46 +201,52 @@ class ExecutePACThreadAction final : pub
 {
 public:
   // by default we just process the queue
   explicit ExecutePACThreadAction(nsPACMan *aPACMan)
     : mPACMan(aPACMan)
     , mCancel(false)
     , mCancelStatus(NS_OK)
     , mSetupPAC(false)
+    , mExtraHeapSize(0)
   { }
 
   void CancelQueue (nsresult status)
   {
     mCancel = true;
     mCancelStatus = status;
   }
 
-  void SetupPAC (const char *text, uint32_t datalen, nsCString &pacURI)
+  void SetupPAC (const char *text,
+                 uint32_t datalen,
+                 nsCString &pacURI,
+                 uint32_t extraHeapSize)
   {
     mSetupPAC = true;
     mSetupPACData.Assign(text, datalen);
     mSetupPACURI = pacURI;
+    mExtraHeapSize = extraHeapSize;
   }
 
   NS_IMETHOD Run() override
   {
     MOZ_ASSERT(!NS_IsMainThread(), "wrong thread");
     if (mCancel) {
       mPACMan->CancelPendingQ(mCancelStatus);
       mCancel = false;
       return NS_OK;
     }
 
     if (mSetupPAC) {
       mSetupPAC = false;
 
       mPACMan->mPAC.Init(mSetupPACURI,
                          mSetupPACData,
-                         mPACMan->mIncludePath);
+                         mPACMan->mIncludePath,
+                         mExtraHeapSize);
 
       RefPtr<PACLoadComplete> runnable = new PACLoadComplete(mPACMan);
       NS_DispatchToMainThread(runnable);
       return NS_OK;
     }
 
     mPACMan->ProcessPendingQ();
     return NS_OK;
@@ -222,16 +254,17 @@ public:
 
 private:
   RefPtr<nsPACMan> mPACMan;
 
   bool      mCancel;
   nsresult  mCancelStatus;
 
   bool                 mSetupPAC;
+  uint32_t             mExtraHeapSize;
   nsCString            mSetupPACData;
   nsCString            mSetupPACURI;
 };
 
 //-----------------------------------------------------------------------------
 
 PendingPACQuery::PendingPACQuery(nsPACMan *pacMan, nsIURI *uri,
                                  nsPACManCallback *callback,
@@ -666,17 +699,17 @@ nsPACMan::OnStreamComplete(nsIStreamLoad
 
     // we have succeeded in loading the pac file using a bunch of interfaces that
     // are main thread only, unfortunately we have to initialize the instance of
     // the PAC evaluator (NS_PROXYAUTOCONFIG_CONTRACTID) on the pac thread, because
     // that is where it will be used.
 
     RefPtr<ExecutePACThreadAction> pending =
       new ExecutePACThreadAction(this);
-    pending->SetupPAC(text, dataLen, pacURI);
+    pending->SetupPAC(text, dataLen, pacURI, GetExtraJSContextHeapSize());
     if (mPACThread)
       mPACThread->Dispatch(pending, nsIEventTarget::DISPATCH_NORMAL);
 
     LOG(("OnStreamComplete: process the PAC contents\n"));
 
     // Even if the PAC file could not be parsed, we did succeed in loading the
     // data for it.
     mLoadFailureCount = 0;
--- a/netwerk/build/nsNetCID.h
+++ b/netwerk/build/nsNetCID.h
@@ -632,16 +632,28 @@
 #define NS_THROTTLEQUEUE_CID                            \
 { /* 4c39159c-cd90-4dd3-97a7-06af5e6d84c4 */            \
     0x4c39159c,                                         \
     0xcd90,                                             \
     0x4dd3,                                             \
     {0x97, 0xa7, 0x06, 0xaf, 0x5e, 0x6d, 0x84, 0xc4}    \
 }
 
+// Background channel registrar used for pairing HttpChannelParent
+// and its background channel
+#define NS_BACKGROUNDCHANNELREGISTRAR_CONTRACTID \
+    "@mozilla.org/network/background-channel-registrar;1"
+#define NS_BACKGROUNDCHANNELREGISTRAR_CID \
+{ /* 6907788a-17cc-4c2a-a7c5-59ad2d9cc079 */          \
+    0x6907788a,                                       \
+    0x17cc,                                           \
+    0x4c2a,                                           \
+    { 0xa7, 0xc5, 0x59, 0xad, 0x2d, 0x9c, 0xc0, 0x79} \
+}
+
 /******************************************************************************
  * netwerk/protocol/ftp/ classes
  */
 
 #define NS_FTPPROTOCOLHANDLER_CID \
 { /* 25029490-F132-11d2-9588-00805F369F95 */         \
     0x25029490,                                      \
     0xf132,                                          \
--- a/netwerk/build/nsNetModule.cpp
+++ b/netwerk/build/nsNetModule.cpp
@@ -262,29 +262,31 @@ NS_GENERIC_FACTORY_CONSTRUCTOR_INIT(nsFt
 #undef LOG_ENABLED
 #include "nsHttpAuthManager.h"
 #include "nsHttpChannelAuthProvider.h"
 #include "nsHttpBasicAuth.h"
 #include "nsHttpDigestAuth.h"
 #include "nsHttpNTLMAuth.h"
 #include "nsHttpActivityDistributor.h"
 #include "ThrottleQueue.h"
+#include "BackgroundChannelRegistrar.h"
 #undef LOG
 #undef LOG_ENABLED
 namespace mozilla {
 namespace net {
 NS_GENERIC_FACTORY_CONSTRUCTOR(nsHttpNTLMAuth)
 NS_GENERIC_FACTORY_CONSTRUCTOR_INIT(nsHttpHandler, Init)
 NS_GENERIC_FACTORY_CONSTRUCTOR_INIT(nsHttpsHandler, Init)
 NS_GENERIC_FACTORY_CONSTRUCTOR_INIT(nsHttpAuthManager, Init)
 NS_GENERIC_FACTORY_CONSTRUCTOR(nsHttpChannelAuthProvider)
 NS_GENERIC_FACTORY_CONSTRUCTOR(nsHttpActivityDistributor)
 NS_GENERIC_FACTORY_CONSTRUCTOR(nsHttpBasicAuth)
 NS_GENERIC_FACTORY_CONSTRUCTOR(nsHttpDigestAuth)
 NS_GENERIC_FACTORY_CONSTRUCTOR(ThrottleQueue)
+NS_GENERIC_FACTORY_CONSTRUCTOR(BackgroundChannelRegistrar)
 } // namespace net
 } // namespace mozilla
 #endif // !NECKO_PROTOCOL_http
 
 #include "mozilla/net/Dashboard.h"
 namespace mozilla {
 namespace net {
   NS_GENERIC_FACTORY_CONSTRUCTOR(Dashboard)
@@ -800,16 +802,17 @@ NS_DEFINE_NAMED_CID(NS_HTTPPROTOCOLHANDL
 NS_DEFINE_NAMED_CID(NS_HTTPSPROTOCOLHANDLER_CID);
 NS_DEFINE_NAMED_CID(NS_HTTPBASICAUTH_CID);
 NS_DEFINE_NAMED_CID(NS_HTTPDIGESTAUTH_CID);
 NS_DEFINE_NAMED_CID(NS_HTTPNTLMAUTH_CID);
 NS_DEFINE_NAMED_CID(NS_HTTPAUTHMANAGER_CID);
 NS_DEFINE_NAMED_CID(NS_HTTPCHANNELAUTHPROVIDER_CID);
 NS_DEFINE_NAMED_CID(NS_HTTPACTIVITYDISTRIBUTOR_CID);
 NS_DEFINE_NAMED_CID(NS_THROTTLEQUEUE_CID);
+NS_DEFINE_NAMED_CID(NS_BACKGROUNDCHANNELREGISTRAR_CID);
 #endif // !NECKO_PROTOCOL_http
 #ifdef NECKO_PROTOCOL_ftp
 NS_DEFINE_NAMED_CID(NS_FTPPROTOCOLHANDLER_CID);
 #endif
 #ifdef NECKO_PROTOCOL_res
 NS_DEFINE_NAMED_CID(NS_RESPROTOCOLHANDLER_CID);
 NS_DEFINE_NAMED_CID(NS_EXTENSIONPROTOCOLHANDLER_CID);
 NS_DEFINE_NAMED_CID(NS_SUBSTITUTINGURL_CID);
@@ -951,16 +954,17 @@ static const mozilla::Module::CIDEntry k
     { &kNS_HTTPSPROTOCOLHANDLER_CID, false, nullptr, mozilla::net::nsHttpsHandlerConstructor },
     { &kNS_HTTPBASICAUTH_CID, false, nullptr, mozilla::net::nsHttpBasicAuthConstructor },
     { &kNS_HTTPDIGESTAUTH_CID, false, nullptr, mozilla::net::nsHttpDigestAuthConstructor },
     { &kNS_HTTPNTLMAUTH_CID, false, nullptr, mozilla::net::nsHttpNTLMAuthConstructor },
     { &kNS_HTTPAUTHMANAGER_CID, false, nullptr, mozilla::net::nsHttpAuthManagerConstructor },
     { &kNS_HTTPCHANNELAUTHPROVIDER_CID, false, nullptr, mozilla::net::nsHttpChannelAuthProviderConstructor },
     { &kNS_HTTPACTIVITYDISTRIBUTOR_CID, false, nullptr, mozilla::net::nsHttpActivityDistributorConstructor },
     { &kNS_THROTTLEQUEUE_CID, false, nullptr, mozilla::net::ThrottleQueueConstructor },
+    { &kNS_BACKGROUNDCHANNELREGISTRAR_CID, false, nullptr, mozilla::net::BackgroundChannelRegistrarConstructor },
 #endif // !NECKO_PROTOCOL_http
 #ifdef NECKO_PROTOCOL_ftp
     { &kNS_FTPPROTOCOLHANDLER_CID, false, nullptr, nsFtpProtocolHandlerConstructor },
 #endif
 #ifdef NECKO_PROTOCOL_res
     { &kNS_RESPROTOCOLHANDLER_CID, false, nullptr, nsResProtocolHandlerConstructor },
     { &kNS_EXTENSIONPROTOCOLHANDLER_CID, false, nullptr, mozilla::ExtensionProtocolHandlerConstructor },
     { &kNS_SUBSTITUTINGURL_CID, false, nullptr, mozilla::SubstitutingURLConstructor },
@@ -1112,16 +1116,17 @@ static const mozilla::Module::ContractID
     { NS_NETWORK_PROTOCOL_CONTRACTID_PREFIX "https", &kNS_HTTPSPROTOCOLHANDLER_CID },
     { NS_HTTP_AUTHENTICATOR_CONTRACTID_PREFIX "basic", &kNS_HTTPBASICAUTH_CID },
     { NS_HTTP_AUTHENTICATOR_CONTRACTID_PREFIX "digest", &kNS_HTTPDIGESTAUTH_CID },
     { NS_HTTP_AUTHENTICATOR_CONTRACTID_PREFIX "ntlm", &kNS_HTTPNTLMAUTH_CID },
     { NS_HTTPAUTHMANAGER_CONTRACTID, &kNS_HTTPAUTHMANAGER_CID },
     { NS_HTTPCHANNELAUTHPROVIDER_CONTRACTID, &kNS_HTTPCHANNELAUTHPROVIDER_CID },
     { NS_HTTPACTIVITYDISTRIBUTOR_CONTRACTID, &kNS_HTTPACTIVITYDISTRIBUTOR_CID },
     { NS_THROTTLEQUEUE_CONTRACTID, &kNS_THROTTLEQUEUE_CID },
+    { NS_BACKGROUNDCHANNELREGISTRAR_CONTRACTID, &kNS_BACKGROUNDCHANNELREGISTRAR_CID },
 #endif // !NECKO_PROTOCOL_http
 #ifdef NECKO_PROTOCOL_ftp
     { NS_NETWORK_PROTOCOL_CONTRACTID_PREFIX "ftp", &kNS_FTPPROTOCOLHANDLER_CID },
 #endif
 #ifdef NECKO_PROTOCOL_res
     { NS_NETWORK_PROTOCOL_CONTRACTID_PREFIX "resource", &kNS_RESPROTOCOLHANDLER_CID },
     { NS_NETWORK_PROTOCOL_CONTRACTID_PREFIX "moz-extension", &kNS_EXTENSIONPROTOCOLHANDLER_CID },
 #endif
new file mode 100644
--- /dev/null
+++ b/netwerk/protocol/http/BackgroundChannelRegistrar.cpp
@@ -0,0 +1,97 @@
+/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
+/* vim: set ts=8 sts=2 et sw=2 tw=80: */
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include "BackgroundChannelRegistrar.h"
+
+#include "HttpBackgroundChannelParent.h"
+#include "HttpChannelParent.h"
+#include "nsIInterfaceRequestor.h"
+#include "nsXULAppAPI.h"
+
+namespace mozilla {
+namespace net {
+
+NS_IMPL_ISUPPORTS(BackgroundChannelRegistrar, nsIBackgroundChannelRegistrar)
+
+BackgroundChannelRegistrar::BackgroundChannelRegistrar()
+{
+  // BackgroundChannelRegistrar is a main-thread-only object.
+  // All the operations should be run on main thread.
+  // It should be used on chrome process only.
+  MOZ_ASSERT(XRE_IsParentProcess());
+  MOZ_ASSERT(NS_IsMainThread());
+}
+
+BackgroundChannelRegistrar::~BackgroundChannelRegistrar()
+{
+  MOZ_ASSERT(NS_IsMainThread());
+}
+
+void
+BackgroundChannelRegistrar::NotifyChannelLinked(
+  HttpChannelParent* aChannelParent,
+  HttpBackgroundChannelParent* aBgParent)
+{
+  MOZ_ASSERT(NS_IsMainThread());
+  MOZ_ASSERT(aChannelParent);
+  MOZ_ASSERT(aBgParent);
+
+  aBgParent->LinkToChannel(aChannelParent);
+  aChannelParent->OnBackgroundParentReady(aBgParent);
+}
+
+// nsIBackgroundChannelRegistrar
+void
+BackgroundChannelRegistrar::DeleteChannel(uint64_t aKey)
+{
+  MOZ_ASSERT(NS_IsMainThread());
+
+  mChannels.Remove(aKey);
+  mBgChannels.Remove(aKey);
+}
+
+void
+BackgroundChannelRegistrar::LinkHttpChannel(
+  uint64_t aKey,
+  HttpChannelParent* aChannel)
+{
+  MOZ_ASSERT(NS_IsMainThread());
+  MOZ_ASSERT(aChannel);
+
+  RefPtr<HttpBackgroundChannelParent> bgParent;
+  bool found = mBgChannels.Remove(aKey, getter_AddRefs(bgParent));
+
+  if (!found) {
+    mChannels.Put(aKey, aChannel);
+    return;
+  }
+
+  MOZ_ASSERT(bgParent);
+  NotifyChannelLinked(aChannel, bgParent);
+}
+
+void
+BackgroundChannelRegistrar::LinkBackgroundChannel(
+  uint64_t aKey,
+  HttpBackgroundChannelParent* aBgChannel)
+{
+  MOZ_ASSERT(NS_IsMainThread());
+  MOZ_ASSERT(aBgChannel);
+
+  RefPtr<HttpChannelParent> parent;
+  bool found = mChannels.Remove(aKey, getter_AddRefs(parent));
+
+  if (!found) {
+    mBgChannels.Put(aKey, aBgChannel);
+    return;
+  }
+
+  MOZ_ASSERT(parent);
+  NotifyChannelLinked(parent, aBgChannel);
+}
+
+} // namespace net
+} // namespace mozilla
new file mode 100644
--- /dev/null
+++ b/netwerk/protocol/http/BackgroundChannelRegistrar.h
@@ -0,0 +1,52 @@
+/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
+/* vim: set ts=8 sts=2 et sw=2 tw=80: */
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifndef mozilla_net_BackgroundChannelRegistrar_h__
+#define mozilla_net_BackgroundChannelRegistrar_h__
+
+#include "nsIBackgroundChannelRegistrar.h"
+#include "nsRefPtrHashtable.h"
+
+namespace mozilla {
+namespace net {
+
+class HttpBackgroundChannelParent;
+class HttpChannelParent;
+
+class BackgroundChannelRegistrar final : public nsIBackgroundChannelRegistrar
+{
+  typedef nsRefPtrHashtable<nsUint64HashKey, HttpChannelParent>
+          ChannelHashtable;
+  typedef nsRefPtrHashtable<nsUint64HashKey, HttpBackgroundChannelParent>
+          BackgroundChannelHashtable;
+public:
+  NS_DECL_ISUPPORTS
+  NS_DECL_NSIBACKGROUNDCHANNELREGISTRAR
+
+  explicit BackgroundChannelRegistrar();
+
+private:
+  virtual ~BackgroundChannelRegistrar();
+
+  // A helper function for BackgroundChannelRegistrar itself to callback
+  // HttpChannelParent and HttpBackgroundChannelParent when both objects are
+  // ready. aChannelParent and aBgParent is the pair of HttpChannelParent and
+  // HttpBackgroundChannelParent that should be linked together.
+  void NotifyChannelLinked(HttpChannelParent* aChannelParent,
+                           HttpBackgroundChannelParent* aBgParent);
+
+  // Store unlinked HttpChannelParent objects.
+  ChannelHashtable mChannels;
+
+  // Store unlinked HttpBackgroundChannelParent objects.
+  BackgroundChannelHashtable mBgChannels;
+
+};
+
+} // namespace net
+} // namespace mozilla
+
+#endif // mozilla_net_BackgroundChannelRegistrar_h__
--- a/netwerk/protocol/http/HSTSPrimerListener.cpp
+++ b/netwerk/protocol/http/HSTSPrimerListener.cpp
@@ -1,13 +1,14 @@
 /* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
 /* vim: set ts=8 sts=2 et sw=2 tw=80: */
 /* This Source Code Form is subject to the terms of the Mozilla Public
  * License, v. 2.0. If a copy of the MPL was not distributed with this
  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+#include "HttpLog.h"
 
 #include "nsHttp.h"
 
 #include "HSTSPrimerListener.h"
 #include "nsIHstsPrimingCallback.h"
 #include "nsIPrincipal.h"
 #include "nsSecurityHeaderParser.h"
 #include "nsISiteSecurityService.h"
--- a/netwerk/protocol/http/HSTSPrimerListener.h
+++ b/netwerk/protocol/http/HSTSPrimerListener.h
@@ -7,16 +7,17 @@
 #ifndef HSTSPrimingListener_h__
 #define HSTSPrimingListener_h__
 
 #include "nsCOMPtr.h"
 #include "nsIChannelEventSink.h"
 #include "nsIInterfaceRequestor.h"
 #include "nsIStreamListener.h"
 #include "nsIThreadRetargetableStreamListener.h"
+#include "nsITimer.h"
 
 #include "mozilla/Attributes.h"
 
 class nsIPrincipal;
 class nsINetworkInterceptController;
 class nsIHstsPrimingCallback;
 
 namespace mozilla {
--- a/netwerk/protocol/http/Http2Session.cpp
+++ b/netwerk/protocol/http/Http2Session.cpp
@@ -992,17 +992,17 @@ bool
 Http2Session::VerifyStream(Http2Stream *aStream, uint32_t aOptionalID = 0)
 {
   // This is annoying, but at least it is O(1)
   MOZ_ASSERT(OnSocketThread(), "not on socket thread");
 
 #ifndef DEBUG
   // Only do the real verification in debug builds
   return true;
-#endif
+#else //DEBUG
 
   if (!aStream)
     return true;
 
   uint32_t test = 0;
 
   do {
     if (aStream->StreamID() == kDeadStreamID)
@@ -1038,16 +1038,17 @@ Http2Session::VerifyStream(Http2Stream *
 
   LOG3(("Http2Session %p VerifyStream Failure %p stream->id=0x%X "
        "optionalID=0x%X trans=%p test=%d\n",
        this, aStream, aStream->StreamID(),
        aOptionalID, aStream->Transaction(), test));
 
   MOZ_ASSERT(false, "VerifyStream");
   return false;
+#endif //DEBUG
 }
 
 void
 Http2Session::CleanupStream(Http2Stream *aStream, nsresult aResult,
                             errorType aResetCode)
 {
   MOZ_ASSERT(OnSocketThread(), "not on socket thread");
   LOG3(("Http2Session::CleanupStream %p %p 0x%X %" PRIX32 "\n",
new file mode 100644
--- /dev/null
+++ b/netwerk/protocol/http/HttpBackgroundChannelChild.cpp
@@ -0,0 +1,443 @@
+/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
+/* vim: set sw=2 ts=8 et tw=80 : */
+
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+// HttpLog.h should generally be included first
+#include "HttpLog.h"
+
+#include "HttpBackgroundChannelChild.h"
+
+#include "HttpChannelChild.h"
+#include "MainThreadUtils.h"
+#include "mozilla/ipc/BackgroundChild.h"
+#include "mozilla/ipc/PBackgroundChild.h"
+#include "mozilla/IntegerPrintfMacros.h"
+#include "mozilla/Unused.h"
+#include "nsIIPCBackgroundChildCreateCallback.h"
+
+using mozilla::ipc::BackgroundChild;
+using mozilla::ipc::IPCResult;
+
+namespace mozilla {
+namespace net {
+
+// Callbacks for PBackgroundChild creation
+class BackgroundChannelCreateCallback final
+  : public nsIIPCBackgroundChildCreateCallback
+{
+public:
+  NS_DECL_ISUPPORTS
+  NS_DECL_NSIIPCBACKGROUNDCHILDCREATECALLBACK
+
+  explicit BackgroundChannelCreateCallback(HttpBackgroundChannelChild* aBgChild)
+    : mBgChild(aBgChild)
+  {
+    MOZ_ASSERT(aBgChild);
+  }
+
+private:
+  virtual ~BackgroundChannelCreateCallback() { }
+
+  RefPtr<HttpBackgroundChannelChild> mBgChild;
+};
+
+NS_IMPL_ISUPPORTS(BackgroundChannelCreateCallback,
+                  nsIIPCBackgroundChildCreateCallback)
+
+void
+BackgroundChannelCreateCallback::ActorCreated(PBackgroundChild* aActor)
+{
+  MOZ_ASSERT(NS_IsMainThread());
+  MOZ_ASSERT(aActor);
+  MOZ_ASSERT(mBgChild);
+
+  if (!mBgChild->mChannelChild) {
+    // HttpChannelChild is closed during PBackground creation,
+    // abort the rest of steps.
+    return;
+  }
+
+  const uint64_t channelId = mBgChild->mChannelChild->ChannelId();
+  if (!aActor->SendPHttpBackgroundChannelConstructor(mBgChild,
+                                                     channelId)) {
+    ActorFailed();
+    return;
+  }
+
+  // hold extra reference for IPDL
+  RefPtr<HttpBackgroundChannelChild> child = mBgChild;
+  Unused << child.forget().take();
+}
+
+void
+BackgroundChannelCreateCallback::ActorFailed()
+{
+  MOZ_ASSERT(NS_IsMainThread());
+  MOZ_ASSERT(mBgChild);
+
+  mBgChild->OnBackgroundChannelCreationFailed();
+}
+
+// HttpBackgroundChannelChild
+HttpBackgroundChannelChild::HttpBackgroundChannelChild()
+{
+}
+
+HttpBackgroundChannelChild::~HttpBackgroundChannelChild()
+{
+}
+
+nsresult
+HttpBackgroundChannelChild::Init(HttpChannelChild* aChannelChild)
+{
+  LOG(("HttpBackgroundChannelChild::Init [this=%p httpChannel=%p channelId=%"
+       PRIu64 "]\n", this, aChannelChild, aChannelChild->ChannelId()));
+  MOZ_ASSERT(NS_IsMainThread());
+  NS_ENSURE_ARG(aChannelChild);
+
+  mChannelChild = aChannelChild;
+
+  if (NS_WARN_IF(!CreateBackgroundChannel())) {
+    mChannelChild = nullptr;
+    return NS_ERROR_FAILURE;
+  }
+
+  return NS_OK;
+}
+
+void
+HttpBackgroundChannelChild::OnChannelClosed()
+{
+  LOG(("HttpBackgroundChannelChild::OnChannelClosed [this=%p]\n", this));
+  MOZ_ASSERT(NS_IsMainThread());
+
+  // HttpChannelChild is not going to handle any incoming message.
+  mChannelChild = nullptr;
+}
+
+void
+HttpBackgroundChannelChild::OnStartRequestReceived()
+{
+  LOG(("HttpBackgroundChannelChild::OnStartRequestReceived [this=%p]\n", this));
+  MOZ_ASSERT(NS_IsMainThread());
+  MOZ_ASSERT(mChannelChild);
+  MOZ_ASSERT(!mStartReceived); // Should only be called once.
+
+  mStartReceived = true;
+
+  nsTArray<nsCOMPtr<nsIRunnable>> runnables;
+  runnables.SwapElements(mQueuedRunnables);
+
+  for (auto event : runnables) {
+    // Note: these runnables call Recv* methods on HttpBackgroundChannelChild
+    // but not the Process* methods on HttpChannelChild.
+    event->Run();
+  }
+
+  // Ensure no new message is enqueued.
+  MOZ_ASSERT(mQueuedRunnables.IsEmpty());
+}
+
+void
+HttpBackgroundChannelChild::OnBackgroundChannelCreationFailed()
+{
+  LOG(("HttpBackgroundChannelChild::OnBackgroundChannelCreationFailed"
+       " [this=%p]\n", this));
+  MOZ_ASSERT(NS_IsMainThread());
+
+  if (mChannelChild) {
+    RefPtr<HttpChannelChild> channelChild = mChannelChild.forget();
+    channelChild->FailedAsyncOpen(NS_ERROR_UNEXPECTED);
+  }
+}
+
+bool
+HttpBackgroundChannelChild::CreateBackgroundChannel()
+{
+  LOG(("HttpBackgroundChannelChild::CreateBackgroundChannel [this=%p]\n", this));
+  MOZ_ASSERT(NS_IsMainThread());
+
+  RefPtr<BackgroundChannelCreateCallback> callback =
+    new BackgroundChannelCreateCallback(this);
+
+  return BackgroundChild::GetOrCreateForCurrentThread(callback);
+}
+
+bool
+HttpBackgroundChannelChild::IsWaitingOnStartRequest()
+{
+  // Need to wait for OnStartRequest if it is sent by
+  // parent process but not received by content process.
+  return (mStartSent && !mStartReceived);
+}
+
+// PHttpBackgroundChannelChild
+IPCResult
+HttpBackgroundChannelChild::RecvOnStartRequestSent()
+{
+  LOG(("HttpBackgroundChannelChild::RecvOnStartRequestSent [this=%p]\n", this));
+  MOZ_ASSERT(NS_IsMainThread());
+  MOZ_ASSERT(!mStartSent); // Should only receive this message once.
+
+  mStartSent = true;
+  return IPC_OK();
+}
+
+IPCResult
+HttpBackgroundChannelChild::RecvOnTransportAndData(
+                                               const nsresult& aChannelStatus,
+                                               const nsresult& aTransportStatus,
+                                               const uint64_t& aOffset,
+                                               const uint32_t& aCount,
+                                               const nsCString& aData)
+{
+  LOG(("HttpBackgroundChannelChild::RecvOnTransportAndData [this=%p]\n", this));
+  MOZ_ASSERT(NS_IsMainThread());
+
+  if (NS_WARN_IF(!mChannelChild)) {
+    return IPC_OK();
+  }
+
+  if (IsWaitingOnStartRequest()) {
+    LOG(("  > pending until OnStartRequest [offset=%" PRIu64 " count=%" PRIu32
+         "]\n", aOffset, aCount));
+
+    mQueuedRunnables.AppendElement(
+      NewRunnableMethod<const nsresult, const nsresult, const uint64_t,
+                        const uint32_t, const nsCString>(
+        this, &HttpBackgroundChannelChild::RecvOnTransportAndData,
+        aChannelStatus, aTransportStatus, aOffset,
+        aCount, aData));
+
+    return IPC_OK();
+  }
+
+  mChannelChild->ProcessOnTransportAndData(aChannelStatus,
+                                           aTransportStatus,
+                                           aOffset,
+                                           aCount,
+                                           aData);
+
+  return IPC_OK();
+}
+
+IPCResult
+HttpBackgroundChannelChild::RecvOnStopRequest(
+                                            const nsresult& aChannelStatus,
+                                            const ResourceTimingStruct& aTiming)
+{
+  LOG(("HttpBackgroundChannelChild::RecvOnStopRequest [this=%p]\n", this));
+  MOZ_ASSERT(NS_IsMainThread());
+
+  if (NS_WARN_IF(!mChannelChild)) {
+    return IPC_OK();
+  }
+
+  if (IsWaitingOnStartRequest()) {
+    LOG(("  > pending until OnStartRequest [status=%" PRIx32 "]\n",
+         static_cast<uint32_t>(aChannelStatus)));
+
+    mQueuedRunnables.AppendElement(
+      NewRunnableMethod<const nsresult, const ResourceTimingStruct>(
+        this, &HttpBackgroundChannelChild::RecvOnStopRequest,
+        aChannelStatus, aTiming));
+
+    return IPC_OK();
+  }
+
+  mChannelChild->ProcessOnStopRequest(aChannelStatus, aTiming);
+
+  return IPC_OK();
+}
+
+IPCResult
+HttpBackgroundChannelChild::RecvOnProgress(const int64_t& aProgress,
+                                           const int64_t& aProgressMax)
+{
+  LOG(("HttpBackgroundChannelChild::RecvOnProgress [this=%p progress=%"
+       PRId64 " max=%" PRId64 "]\n", this, aProgress, aProgressMax));
+  MOZ_ASSERT(NS_IsMainThread());
+
+  if (NS_WARN_IF(!mChannelChild)) {
+    return IPC_OK();
+  }
+
+  if (IsWaitingOnStartRequest()) {
+    LOG(("  > pending until OnStartRequest [progress=%" PRId64 " max=%"
+         PRId64 "]\n", aProgress, aProgressMax));
+
+    mQueuedRunnables.AppendElement(
+      NewRunnableMethod<const int64_t, const int64_t>(
+        this, &HttpBackgroundChannelChild::RecvOnProgress,
+        aProgress, aProgressMax));
+
+    return IPC_OK();
+  }
+
+  mChannelChild->ProcessOnProgress(aProgress, aProgressMax);
+
+  return IPC_OK();
+}
+
+IPCResult
+HttpBackgroundChannelChild::RecvOnStatus(const nsresult& aStatus)
+{
+  LOG(("HttpBackgroundChannelChild::RecvOnStatus [this=%p status=%"
+       PRIx32 "]\n", this, static_cast<uint32_t>(aStatus)));
+  MOZ_ASSERT(NS_IsMainThread());
+
+  if (NS_WARN_IF(!mChannelChild)) {
+    return IPC_OK();
+  }
+
+  if (IsWaitingOnStartRequest()) {
+    LOG(("  > pending until OnStartRequest [status=%" PRIx32 "]\n",
+         static_cast<uint32_t>(aStatus)));
+
+    mQueuedRunnables.AppendElement(
+      NewRunnableMethod<const nsresult>(
+        this, &HttpBackgroundChannelChild::RecvOnStatus, aStatus));
+
+    return IPC_OK();
+  }
+
+  mChannelChild->ProcessOnStatus(aStatus);
+
+  return IPC_OK();
+}
+
+IPCResult
+HttpBackgroundChannelChild::RecvFlushedForDiversion()
+{
+  LOG(("HttpBackgroundChannelChild::RecvFlushedForDiversion [this=%p]\n", this));
+  MOZ_ASSERT(NS_IsMainThread());
+
+  if (NS_WARN_IF(!mChannelChild)) {
+    return IPC_OK();
+  }
+
+  if (IsWaitingOnStartRequest()) {
+    LOG(("  > pending until OnStartRequest\n"));
+
+    mQueuedRunnables.AppendElement(
+      NewRunnableMethod(this, &HttpBackgroundChannelChild::RecvFlushedForDiversion));
+
+    return IPC_OK();
+  }
+
+  mChannelChild->ProcessFlushedForDiversion();
+
+  return IPC_OK();
+}
+
+IPCResult
+HttpBackgroundChannelChild::RecvDivertMessages()
+{
+  LOG(("HttpBackgroundChannelChild::RecvDivertMessages [this=%p]\n", this));
+  MOZ_ASSERT(NS_IsMainThread());
+
+  if (NS_WARN_IF(!mChannelChild)) {
+    return IPC_OK();
+  }
+
+  if (IsWaitingOnStartRequest()) {
+    LOG(("  > pending until OnStartRequest\n"));
+
+    mQueuedRunnables.AppendElement(
+      NewRunnableMethod(this, &HttpBackgroundChannelChild::RecvDivertMessages));
+
+    return IPC_OK();
+  }
+
+  mChannelChild->ProcessDivertMessages();
+
+  return IPC_OK();
+}
+
+IPCResult
+HttpBackgroundChannelChild::RecvNotifyTrackingProtectionDisabled()
+{
+  LOG(("HttpBackgroundChannelChild::RecvNotifyTrackingProtectionDisabled [this=%p]\n", this));
+  MOZ_ASSERT(NS_IsMainThread());
+
+  if (NS_WARN_IF(!mChannelChild)) {
+    return IPC_OK();
+  }
+
+  // NotifyTrackingProtectionDisabled has no order dependency to OnStartRequest.
+  // It this be handled as soon as possible
+  mChannelChild->ProcessNotifyTrackingProtectionDisabled();
+
+  return IPC_OK();
+}
+
+IPCResult
+HttpBackgroundChannelChild::RecvNotifyTrackingResource()
+{
+  LOG(("HttpBackgroundChannelChild::RecvNotifyTrackingResource [this=%p]\n", this));
+  MOZ_ASSERT(NS_IsMainThread());
+
+  if (NS_WARN_IF(!mChannelChild)) {
+    return IPC_OK();
+  }
+
+  // NotifyTrackingResource has no order dependency to OnStartRequest.
+  // It this be handled as soon as possible
+  mChannelChild->ProcessNotifyTrackingResource();
+
+  return IPC_OK();
+}
+
+IPCResult
+HttpBackgroundChannelChild::RecvSetClassifierMatchedInfo(const ClassifierInfo& info)
+{
+  LOG(("HttpBackgroundChannelChild::RecvSetClassifierMatchedInfo [this=%p]\n", this));
+  MOZ_ASSERT(NS_IsMainThread());
+
+  if (NS_WARN_IF(!mChannelChild)) {
+    return IPC_OK();
+  }
+
+  // SetClassifierMatchedInfo has no order dependency to OnStartRequest.
+  // It this be handled as soon as possible
+  mChannelChild->ProcessSetClassifierMatchedInfo(info.list(), info.provider(), info.prefix());
+
+  return IPC_OK();
+}
+
+void
+HttpBackgroundChannelChild::ActorDestroy(ActorDestroyReason aWhy)
+{
+  LOG(("HttpBackgroundChannelChild::ActorDestroy[this=%p]\n", this));
+  MOZ_ASSERT(NS_IsMainThread());
+
+  // Ensure all IPC messages received before ActorDestroy can be
+  // handled correctly. If there is any pending IPC message, destroyed
+  // mChannelChild until those messages are flushed.
+  if (!mQueuedRunnables.IsEmpty()) {
+    LOG(("  > pending until queued messages are flushed\n"));
+    RefPtr<HttpBackgroundChannelChild> self = this;
+    mQueuedRunnables.AppendElement(
+      NS_NewRunnableFunction([self]() {
+        MOZ_ASSERT(NS_IsMainThread());
+        RefPtr<HttpChannelChild> channelChild = self->mChannelChild.forget();
+
+        if (channelChild) {
+          channelChild->OnBackgroundChildDestroyed();
+        }
+      }));
+    return;
+  }
+
+  if (mChannelChild) {
+    RefPtr<HttpChannelChild> channelChild = mChannelChild.forget();
+
+    channelChild->OnBackgroundChildDestroyed();
+  }
+}
+
+} // namespace net
+} // namespace mozilla
new file mode 100644
--- /dev/null
+++ b/netwerk/protocol/http/HttpBackgroundChannelChild.h
@@ -0,0 +1,111 @@
+/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
+/* vim: set sw=2 ts=8 et tw=80 : */
+
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifndef mozilla_net_HttpBackgroundChannelChild_h
+#define mozilla_net_HttpBackgroundChannelChild_h
+
+#include "mozilla/net/PHttpBackgroundChannelChild.h"
+#include "nsIRunnable.h"
+#include "nsTArray.h"
+
+using mozilla::ipc::IPCResult;
+using mozilla::dom::ClassifierInfo;
+
+namespace mozilla {
+namespace net {
+
+class HttpChannelChild;
+
+class HttpBackgroundChannelChild final : public PHttpBackgroundChannelChild
+{
+  friend class BackgroundChannelCreateCallback;
+public:
+  explicit HttpBackgroundChannelChild();
+
+  NS_INLINE_DECL_THREADSAFE_REFCOUNTING(HttpBackgroundChannelChild)
+
+  // Associate this background channel with a HttpChannelChild and
+  // initiate the createion of the PBackground IPC channel.
+  nsresult Init(HttpChannelChild* aChannelChild);
+
+  // Callback while the associated HttpChannelChild is not going to
+  // handle any incoming messages over background channel.
+  void OnChannelClosed();
+
+  // Callback when OnStartRequest is received and handled by HttpChannelChild.
+  // Enqueued messages in background channel will be flushed.
+  void OnStartRequestReceived();
+
+  // Callback while failed to create PBackground IPC channel.
+  void OnBackgroundChannelCreationFailed();
+
+protected:
+  IPCResult RecvOnTransportAndData(const nsresult& aChannelStatus,
+                                   const nsresult& aTransportStatus,
+                                   const uint64_t& aOffset,
+                                   const uint32_t& aCount,
+                                   const nsCString& aData) override;
+
+  IPCResult RecvOnStopRequest(const nsresult& aChannelStatus,
+                              const ResourceTimingStruct& aTiming) override;
+
+  IPCResult RecvOnProgress(const int64_t& aProgress,
+                           const int64_t& aProgressMax) override;
+
+  IPCResult RecvOnStatus(const nsresult& aStatus) override;
+
+  IPCResult RecvFlushedForDiversion() override;
+
+  IPCResult RecvDivertMessages() override;
+
+  IPCResult RecvOnStartRequestSent() override;
+
+  IPCResult RecvNotifyTrackingProtectionDisabled() override;
+
+  IPCResult RecvNotifyTrackingResource() override;
+
+  IPCResult RecvSetClassifierMatchedInfo(const ClassifierInfo& info) override;
+
+  void ActorDestroy(ActorDestroyReason aWhy) override;
+
+private:
+  virtual ~HttpBackgroundChannelChild();
+
+  // Initiate the creation of the PBckground IPC channel.
+  // Return false if failed.
+  bool CreateBackgroundChannel();
+
+  // Check OnStartRequest is sent by parent process over main thread IPC
+  // but not yet received on child process.
+  // return true before RecvOnStartRequestSent is invoked.
+  // return false if RecvOnStartRequestSent is invoked but not
+  // OnStartRequestReceived.
+  // return true after both RecvOnStartRequestSend and OnStartRequestReceived
+  // are invoked.
+  bool IsWaitingOnStartRequest();
+
+  // Associated HttpChannelChild for handling the channel events.
+  // Will be removed while failed to create background channel,
+  // destruction of the background channel, or explicitly dissociation
+  // via OnChannelClosed callback.
+  RefPtr<HttpChannelChild> mChannelChild;
+
+  // True if OnStartRequest is received by HttpChannelChild.
+  bool mStartReceived = false;
+
+  // True if OnStartRequest is sent by HttpChannelParent.
+  bool mStartSent = false;
+
+  // Store pending messages that require to be handled after OnStartRequest.
+  // Should be flushed after OnStartRequest is received and handled.
+  nsTArray<nsCOMPtr<nsIRunnable>> mQueuedRunnables;
+};
+
+} // namespace net
+} // namespace mozilla
+
+#endif // mozilla_net_HttpBackgroundChannelChild_h
new file mode 100644
--- /dev/null
+++ b/netwerk/protocol/http/HttpBackgroundChannelParent.cpp
@@ -0,0 +1,411 @@
+/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
+/* vim: set sw=2 ts=8 et tw=80 : */
+
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+// HttpLog.h should generally be included first
+#include "HttpLog.h"
+
+#include "HttpBackgroundChannelParent.h"
+
+#include "HttpChannelParent.h"
+#include "mozilla/ipc/BackgroundParent.h"
+#include "mozilla/IntegerPrintfMacros.h"
+#include "mozilla/Unused.h"
+#include "nsIBackgroundChannelRegistrar.h"
+#include "nsNetCID.h"
+#include "nsQueryObject.h"
+#include "nsThreadUtils.h"
+
+using mozilla::dom::ContentParent;
+using mozilla::ipc::AssertIsInMainProcess;
+using mozilla::ipc::AssertIsOnBackgroundThread;
+using mozilla::ipc::BackgroundParent;
+using mozilla::ipc::IPCResult;
+using mozilla::ipc::IsOnBackgroundThread;
+
+namespace mozilla {
+namespace net {
+
+/*
+ * Helper class for continuing the AsyncOpen procedure on main thread.
+ */
+class ContinueAsyncOpenRunnable final : public Runnable
+{
+public:
+  ContinueAsyncOpenRunnable(HttpBackgroundChannelParent* aActor,
+                            const uint64_t& aChannelId)
+    : mActor(aActor)
+    , mChannelId(aChannelId)
+  {
+    AssertIsInMainProcess();
+    AssertIsOnBackgroundThread();
+    MOZ_ASSERT(mActor);
+  }
+
+  NS_IMETHOD Run() override
+  {
+    LOG(("HttpBackgroundChannelParent::ContinueAsyncOpen [this=%p channelId=%"
+         PRIu64 "]\n", mActor.get(), mChannelId));
+    AssertIsInMainProcess();
+    MOZ_ASSERT(NS_IsMainThread());
+
+    nsCOMPtr<nsIBackgroundChannelRegistrar> registrar =
+      do_GetService(NS_BACKGROUNDCHANNELREGISTRAR_CONTRACTID);
+    MOZ_ASSERT(registrar);
+
+    registrar->LinkBackgroundChannel(mChannelId, mActor);
+    return NS_OK;
+  }
+
+private:
+  RefPtr<HttpBackgroundChannelParent> mActor;
+  const uint64_t mChannelId;
+};
+
+HttpBackgroundChannelParent::HttpBackgroundChannelParent()
+  : mIPCOpened(true)
+  , mBackgroundThread(NS_GetCurrentThread())
+{
+  AssertIsInMainProcess();
+  AssertIsOnBackgroundThread();
+}
+
+HttpBackgroundChannelParent::~HttpBackgroundChannelParent()
+{
+  MOZ_ASSERT(NS_IsMainThread() || IsOnBackgroundThread());
+  MOZ_ASSERT(!mIPCOpened);
+}
+
+nsresult
+HttpBackgroundChannelParent::Init(const uint64_t& aChannelId)
+{
+  LOG(("HttpBackgroundChannelParent::Init [this=%p channelId=%" PRIu64 "]\n",
+       this, aChannelId));
+  AssertIsInMainProcess();
+  AssertIsOnBackgroundThread();
+
+  RefPtr<ContinueAsyncOpenRunnable> runnable =
+    new ContinueAsyncOpenRunnable(this, aChannelId);
+
+  return NS_DispatchToMainThread(runnable);
+}
+
+void
+HttpBackgroundChannelParent::LinkToChannel(HttpChannelParent* aChannelParent)
+{
+  LOG(("HttpBackgroundChannelParent::LinkToChannel [this=%p channel=%p]\n",
+       this, aChannelParent));
+  AssertIsInMainProcess();
+  MOZ_ASSERT(NS_IsMainThread());
+
+  MOZ_DIAGNOSTIC_ASSERT(mIPCOpened);
+  if (!mIPCOpened) {
+    return;
+  }
+
+  mChannelParent = aChannelParent;
+}
+
+void
+HttpBackgroundChannelParent::OnChannelClosed()
+{
+  LOG(("HttpBackgroundChannelParent::OnChannelClosed [this=%p]\n", this));
+  AssertIsInMainProcess();
+  MOZ_ASSERT(NS_IsMainThread());
+
+  if (!mIPCOpened) {
+    return;
+  }
+
+  nsresult rv;
+
+  RefPtr<HttpBackgroundChannelParent> self = this;
+  rv = mBackgroundThread->Dispatch(NS_NewRunnableFunction([self]() {
+    LOG(("HttpBackgroundChannelParent::DeleteRunnable [this=%p]\n", self.get()));
+    AssertIsOnBackgroundThread();
+
+    if (!self->mIPCOpened.compareExchange(true, false)) {
+      return;
+    }
+
+    Unused << self->Send__delete__(self);
+  }), NS_DISPATCH_NORMAL);
+
+  Unused << NS_WARN_IF(NS_FAILED(rv));
+}
+
+bool
+HttpBackgroundChannelParent::OnStartRequestSent()
+{
+  LOG(("HttpBackgroundChannelParent::OnStartRequestSent [this=%p]\n", this));
+  AssertIsInMainProcess();
+
+  if (NS_WARN_IF(!mIPCOpened)) {
+    return false;
+  }
+
+  if (!IsOnBackgroundThread()) {
+    nsresult rv = mBackgroundThread->Dispatch(
+      NewRunnableMethod(this, &HttpBackgroundChannelParent::OnStartRequestSent),
+      NS_DISPATCH_NORMAL);
+
+    MOZ_DIAGNOSTIC_ASSERT(NS_SUCCEEDED(rv));
+
+    return NS_SUCCEEDED(rv);
+  }
+
+  return SendOnStartRequestSent();
+}
+
+bool
+HttpBackgroundChannelParent::OnTransportAndData(
+                                               const nsresult& aChannelStatus,
+                                               const nsresult& aTransportStatus,
+                                               const uint64_t& aOffset,
+                                               const uint32_t& aCount,
+                                               const nsCString& aData)
+{
+  LOG(("HttpBackgroundChannelParent::OnTransportAndData [this=%p]\n", this));
+  AssertIsInMainProcess();
+
+  if (NS_WARN_IF(!mIPCOpened)) {
+    return false;
+  }
+
+  if (!IsOnBackgroundThread()) {
+    nsresult rv = mBackgroundThread->Dispatch(
+      NewRunnableMethod<const nsresult, const nsresult, const uint64_t,
+                        const uint32_t, const nsCString>
+        (this, &HttpBackgroundChannelParent::OnTransportAndData,
+         aChannelStatus, aTransportStatus, aOffset, aCount, aData),
+      NS_DISPATCH_NORMAL);
+
+    MOZ_DIAGNOSTIC_ASSERT(NS_SUCCEEDED(rv));
+
+    return NS_SUCCEEDED(rv);
+  }
+
+  return SendOnTransportAndData(aChannelStatus, aTransportStatus,
+                                aOffset, aCount, aData);
+}
+
+bool
+HttpBackgroundChannelParent::OnStopRequest(const nsresult& aChannelStatus,
+                                           const ResourceTimingStruct& aTiming)
+{
+  LOG(("HttpBackgroundChannelParent::OnStopRequest [this=%p "
+        "status=%" PRIx32 "]\n", this, static_cast<uint32_t>(aChannelStatus)));
+  AssertIsInMainProcess();
+
+  if (NS_WARN_IF(!mIPCOpened)) {
+    return false;
+  }
+
+  if (!IsOnBackgroundThread()) {
+    nsresult rv = mBackgroundThread->Dispatch(
+      NewRunnableMethod<const nsresult, const ResourceTimingStruct>
+        (this, &HttpBackgroundChannelParent::OnStopRequest,
+         aChannelStatus, aTiming),
+      NS_DISPATCH_NORMAL);
+
+    MOZ_DIAGNOSTIC_ASSERT(NS_SUCCEEDED(rv));
+
+    return NS_SUCCEEDED(rv);
+  }
+
+  return SendOnStopRequest(aChannelStatus, aTiming);
+}
+
+bool
+HttpBackgroundChannelParent::OnProgress(const int64_t& aProgress,
+                                        const int64_t& aProgressMax)
+{
+  LOG(("HttpBackgroundChannelParent::OnProgress [this=%p progress=%" PRId64
+       " max=%" PRId64 "]\n", this, aProgress, aProgressMax));
+  AssertIsInMainProcess();
+
+  if (NS_WARN_IF(!mIPCOpened)) {
+    return false;
+  }
+
+  if (!IsOnBackgroundThread()) {
+    nsresult rv = mBackgroundThread->Dispatch(
+      NewRunnableMethod<const int64_t, const int64_t>
+        (this, &HttpBackgroundChannelParent::OnProgress,
+         aProgress, aProgressMax),
+      NS_DISPATCH_NORMAL);
+
+    MOZ_DIAGNOSTIC_ASSERT(NS_SUCCEEDED(rv));
+
+    return NS_SUCCEEDED(rv);
+  }
+
+  return SendOnProgress(aProgress, aProgressMax);
+}
+
+bool
+HttpBackgroundChannelParent::OnStatus(const nsresult& aStatus)
+{
+  LOG(("HttpBackgroundChannelParent::OnStatus [this=%p stauts=%" PRIx32
+       "]\n", this, static_cast<uint32_t>(aStatus)));
+  AssertIsInMainProcess();
+
+  if (NS_WARN_IF(!mIPCOpened)) {
+    return false;
+  }
+
+  if (!IsOnBackgroundThread()) {
+    nsresult rv = mBackgroundThread->Dispatch(
+      NewRunnableMethod<const nsresult>
+        (this, &HttpBackgroundChannelParent::OnStatus, aStatus),
+      NS_DISPATCH_NORMAL);
+
+    MOZ_DIAGNOSTIC_ASSERT(NS_SUCCEEDED(rv));
+
+    return NS_SUCCEEDED(rv);
+  }
+
+  return SendOnStatus(aStatus);
+}
+
+bool
+HttpBackgroundChannelParent::OnDiversion()
+{
+  LOG(("HttpBackgroundChannelParent::OnDiversion [this=%p]\n", this));
+  AssertIsInMainProcess();
+
+  if (NS_WARN_IF(!mIPCOpened)) {
+    return false;
+  }
+
+  if (!IsOnBackgroundThread()) {
+    nsresult rv = mBackgroundThread->Dispatch(
+      NewRunnableMethod(this, &HttpBackgroundChannelParent::OnDiversion),
+      NS_DISPATCH_NORMAL);
+
+    MOZ_DIAGNOSTIC_ASSERT(NS_SUCCEEDED(rv));
+
+    return NS_SUCCEEDED(rv);
+  }
+
+  if (!SendFlushedForDiversion()) {
+    return false;
+  }
+
+  // The listener chain should now be setup; tell HttpChannelChild to divert
+  // the OnDataAvailables and OnStopRequest to associated HttpChannelParent.
+  if (!SendDivertMessages()) {
+    return false;
+  }
+
+  return true;
+}
+
+bool
+HttpBackgroundChannelParent::OnNotifyTrackingProtectionDisabled()
+{
+  LOG(("HttpBackgroundChannelParent::OnNotifyTrackingProtectionDisabled [this=%p]\n", this));
+  AssertIsInMainProcess();
+
+  if (NS_WARN_IF(!mIPCOpened)) {
+    return false;
+  }
+
+  if (!IsOnBackgroundThread()) {
+    nsresult rv = mBackgroundThread->Dispatch(
+      NewRunnableMethod(this, &HttpBackgroundChannelParent::OnNotifyTrackingProtectionDisabled),
+      NS_DISPATCH_NORMAL);
+
+    MOZ_DIAGNOSTIC_ASSERT(NS_SUCCEEDED(rv));
+
+    return NS_SUCCEEDED(rv);
+  }
+
+  return SendNotifyTrackingProtectionDisabled();
+}
+
+bool
+HttpBackgroundChannelParent::OnNotifyTrackingResource()
+{
+  LOG(("HttpBackgroundChannelParent::OnNotifyTrackingResource [this=%p]\n", this));
+  AssertIsInMainProcess();
+
+  if (NS_WARN_IF(!mIPCOpened)) {
+    return false;
+  }
+
+  if (!IsOnBackgroundThread()) {
+    nsresult rv = mBackgroundThread->Dispatch(
+      NewRunnableMethod(this, &HttpBackgroundChannelParent::OnNotifyTrackingResource),
+      NS_DISPATCH_NORMAL);
+
+    MOZ_DIAGNOSTIC_ASSERT(NS_SUCCEEDED(rv));
+
+    return NS_SUCCEEDED(rv);
+  }
+
+  return SendNotifyTrackingResource();
+}
+
+bool
+HttpBackgroundChannelParent::OnSetClassifierMatchedInfo(
+                                                    const nsACString& aList,
+                                                    const nsACString& aProvider,
+                                                    const nsACString& aPrefix)
+{
+  LOG(("HttpBackgroundChannelParent::OnSetClassifierMatchedInfo [this=%p]\n", this));
+  AssertIsInMainProcess();
+
+  if (NS_WARN_IF(!mIPCOpened)) {
+    return false;
+  }
+
+  if (!IsOnBackgroundThread()) {
+    nsresult rv = mBackgroundThread->Dispatch(
+      NewRunnableMethod<const nsCString, const nsCString, const nsCString>
+        (this, &HttpBackgroundChannelParent::OnSetClassifierMatchedInfo,
+         aList, aProvider, aPrefix),
+      NS_DISPATCH_NORMAL);
+
+    MOZ_DIAGNOSTIC_ASSERT(NS_SUCCEEDED(rv));
+
+    return NS_SUCCEEDED(rv);
+  }
+
+  ClassifierInfo info;
+  info.list() = aList;
+  info.prefix() = aPrefix;
+  info.provider() = aProvider;
+
+  return SendSetClassifierMatchedInfo(info);
+}
+
+void
+HttpBackgroundChannelParent::ActorDestroy(ActorDestroyReason aWhy)
+{
+  LOG(("HttpBackgroundChannelParent::ActorDestroy [this=%p]\n", this));
+  AssertIsInMainProcess();
+  AssertIsOnBackgroundThread();
+
+  mIPCOpened = false;
+
+  RefPtr<HttpBackgroundChannelParent> self = this;
+  DebugOnly<nsresult> rv =
+    NS_DispatchToMainThread(NS_NewRunnableFunction([self]() {
+      MOZ_ASSERT(NS_IsMainThread());
+
+      RefPtr<HttpChannelParent> channelParent =
+        self->mChannelParent.forget();
+
+      if (channelParent) {
+        channelParent->OnBackgroundParentDestroyed();
+      }
+    }));
+  MOZ_ASSERT(NS_SUCCEEDED(rv));
+}
+
+} // namespace net
+} // namespace mozilla
new file mode 100644
--- /dev/null
+++ b/netwerk/protocol/http/HttpBackgroundChannelParent.h
@@ -0,0 +1,95 @@
+/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
+/* vim: set sw=2 ts=8 et tw=80 : */
+
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifndef mozilla_net_HttpBackgroundChannelParent_h
+#define mozilla_net_HttpBackgroundChannelParent_h
+
+#include "mozilla/net/PHttpBackgroundChannelParent.h"
+#include "mozilla/Atomics.h"
+#include "nsID.h"
+#include "nsISupportsImpl.h"
+
+class nsIEventTarget;
+
+namespace mozilla {
+namespace net {
+
+class HttpChannelParent;
+
+class HttpBackgroundChannelParent final : public PHttpBackgroundChannelParent
+{
+public:
+  explicit HttpBackgroundChannelParent();
+
+  NS_INLINE_DECL_THREADSAFE_REFCOUNTING(HttpBackgroundChannelParent)
+
+  // Try to find associated HttpChannelParent with the same
+  // channel Id.
+  nsresult Init(const uint64_t& aChannelId);
+
+  // Callbacks for BackgroundChannelRegistrar to notify
+  // the associated HttpChannelParent is found.
+  void LinkToChannel(HttpChannelParent* aChannelParent);
+
+  // Callbacks for HttpChannelParent to close the background
+  // IPC channel.
+  void OnChannelClosed();
+
+  // To send OnStartRequestSend message over background channel.
+  bool OnStartRequestSent();
+
+  // To send OnTransportAndData message over background channel.
+  bool OnTransportAndData(const nsresult& aChannelStatus,
+                          const nsresult& aTransportStatus,
+                          const uint64_t& aOffset,
+                          const uint32_t& aCount,
+                          const nsCString& aData);
+
+  // To send OnStopRequest message over background channel.
+  bool OnStopRequest(const nsresult& aChannelStatus,
+                     const ResourceTimingStruct& aTiming);
+
+  // To send OnProgress message over background channel.
+  bool OnProgress(const int64_t& aProgress,
+                  const int64_t& aProgressMax);
+
+  // To send OnStatus message over background channel.
+  bool OnStatus(const nsresult& aStatus);
+
+  // To send FlushedForDiversion and DivertMessages messages
+  // over background channel.
+  bool OnDiversion();
+
+  // To send NotifyTrackingProtectionDisabled message over background channel.
+  bool OnNotifyTrackingProtectionDisabled();
+
+  // To send NotifyTrackingResource message over background channel.
+  bool OnNotifyTrackingResource();
+
+  // To send SetClassifierMatchedInfo message over background channel.
+  bool OnSetClassifierMatchedInfo(const nsACString& aList,
+                                  const nsACString& aProvider,
+                                  const nsACString& aPrefix);
+
+protected:
+  void ActorDestroy(ActorDestroyReason aWhy) override;
+
+private:
+  virtual ~HttpBackgroundChannelParent();
+
+  Atomic<bool> mIPCOpened;
+
+  nsCOMPtr<nsIEventTarget> mBackgroundThread;
+
+  // associated HttpChannelParent for generating the channel events
+  RefPtr<HttpChannelParent> mChannelParent;
+};
+
+} // namespace net
+} // namespace mozilla
+
+#endif // mozilla_net_HttpBackgroundChannelParent_h
--- a/netwerk/protocol/http/HttpBaseChannel.cpp
+++ b/netwerk/protocol/http/HttpBaseChannel.cpp
@@ -57,16 +57,17 @@
 #include "mozilla/BinarySearch.h"
 #include "mozilla/DebugOnly.h"
 #include "mozilla/Move.h"
 #include "nsIHttpHeaderVisitor.h"
 #include "nsIMIMEInputStream.h"
 #include "nsIXULRuntime.h"
 #include "nsICacheInfoChannel.h"
 #include "nsIDOMWindowUtils.h"
+#include "nsHttpChannel.h"
 #include "nsRedirectHistoryEntry.h"
 
 #include <algorithm>
 #include "HttpBaseChannel.h"
 
 namespace mozilla {
 namespace net {
 
--- a/netwerk/protocol/http/HttpBaseChannel.h
+++ b/netwerk/protocol/http/HttpBaseChannel.h
@@ -359,16 +359,21 @@ public: /* Necko internal use only... */
     // |EnsureUploadStreamIsCloneableComplete| to main thread.
     virtual void OnCopyComplete(nsresult aStatus);
 
     void SetIsTrackingResource()
     {
       mIsTrackingResource = true;
     }
 
+    const uint64_t& ChannelId() const
+    {
+      return mChannelId;
+    }
+
 protected:
   // Handle notifying listener, removing from loadgroup if request failed.
   void     DoNotifyListener();
   virtual void DoNotifyListenerCleanup() = 0;
 
   // drop reference to listener, its callbacks, and the progress sink
   void ReleaseListeners();
 
--- a/netwerk/protocol/http/HttpChannelChild.cpp
+++ b/netwerk/protocol/http/HttpChannelChild.cpp
@@ -15,21 +15,24 @@
 #include "mozilla/dom/DocGroup.h"
 #include "mozilla/dom/TabChild.h"
 #include "mozilla/dom/TabGroup.h"
 #include "mozilla/ipc/FileDescriptorSetChild.h"
 #include "mozilla/ipc/IPCStreamUtils.h"
 #include "mozilla/net/NeckoChild.h"
 #include "mozilla/net/HttpChannelChild.h"
 
+#include "AltDataOutputStreamChild.h"
+#include "HttpBackgroundChannelChild.h"
 #include "nsCOMPtr.h"
 #include "nsISupportsPrimitives.h"
 #include "nsChannelClassifier.h"
 #include "nsGlobalWindow.h"
 #include "nsStringStream.h"
+#include "nsHttpChannel.h"
 #include "nsHttpHandler.h"
 #include "nsNetUtil.h"
 #include "nsSerializationHelper.h"
 #include "mozilla/Attributes.h"
 #include "mozilla/dom/Performance.h"
 #include "mozilla/ipc/InputStreamUtils.h"
 #include "mozilla/ipc/URIUtils.h"
 #include "mozilla/ipc/BackgroundUtils.h"
@@ -41,46 +44,30 @@
 #include "mozIThirdPartyUtil.h"
 #include "nsContentSecurityManager.h"
 #include "nsIDeprecationWarner.h"
 #include "nsICompressConvStats.h"
 #include "nsIDocument.h"
 #include "nsIDOMDocument.h"
 #include "nsIDOMWindowUtils.h"
 #include "nsIEventTarget.h"
+#include "nsRedirectHistoryEntry.h"
 #include "nsStreamUtils.h"
 #include "nsThreadUtils.h"
 
-#ifdef OS_POSIX
-#include "chrome/common/file_descriptor_set_posix.h"
-#endif
-
 #ifdef MOZ_TASK_TRACER
 #include "GeckoTaskTracer.h"
 #endif
 
 using namespace mozilla::dom;
 using namespace mozilla::ipc;
 
 namespace mozilla {
 namespace net {
 
-namespace {
-
-const uint32_t kMaxFileDescriptorsPerMessage = 250;
-
-#ifdef OS_POSIX
-// Keep this in sync with other platforms.
-static_assert(FileDescriptorSet::MAX_DESCRIPTORS_PER_MESSAGE == 250,
-              "MAX_DESCRIPTORS_PER_MESSAGE mismatch!");
-#endif
-
-} // namespace
-
-
 NS_IMPL_ISUPPORTS(InterceptStreamListener,
                   nsIStreamListener,
                   nsIRequestObserver,
                   nsIProgressEventSink)
 
 NS_IMETHODIMP
 InterceptStreamListener::OnStartRequest(nsIRequest* aRequest, nsISupports* aContext)
 {
@@ -281,16 +268,36 @@ HttpChannelChild::AddIPDLReference()
 void
 HttpChannelChild::ReleaseIPDLReference()
 {
   MOZ_ASSERT(mIPCOpen, "Attempt to release nonexistent IPDL reference");
   mIPCOpen = false;
   Release();
 }
 
+void
+HttpChannelChild::OnBackgroundChildReady(HttpBackgroundChannelChild* aBgChild)
+{
+  LOG(("HttpChannelChild::OnBackgroundChildReady [this=%p, bgChild=%p]\n",
+       this, aBgChild));
+  MOZ_ASSERT(NS_IsMainThread());
+  MOZ_ASSERT(mBgChild);
+
+  MOZ_ASSERT(mBgChild == aBgChild);
+}
+
+void
+HttpChannelChild::OnBackgroundChildDestroyed()
+{
+  LOG(("HttpChannelChild::OnBackgroundChildDestroyed [this=%p]\n", this));
+  MOZ_ASSERT(NS_IsMainThread());
+
+  mBgChild = nullptr;
+}
+
 class AssociateApplicationCacheEvent : public ChannelEvent
 {
   public:
     AssociateApplicationCacheEvent(HttpChannelChild* aChild,
                                    const nsCString &aGroupID,
                                    const nsCString &aClientID)
     : mChild(aChild)
     , groupID(aGroupID)
@@ -434,16 +441,22 @@ HttpChannelChild::RecvOnStartRequest(con
   mEventQ->RunOrEnqueue(new StartRequestEvent(this, channelStatus, responseHead,
                                               useResponseHead, requestHeaders,
                                               isFromCache, cacheEntryAvailable,
                                               cacheExpirationTime,
                                               cachedCharset,
                                               securityInfoSerialization,
                                               selfAddr, peerAddr, cacheKey,
                                               altDataType, altDataLen));
+
+  MOZ_ASSERT(mBgChild);
+  if (mBgChild) {
+    mBgChild->OnStartRequestReceived();
+  }
+
   return IPC_OK();
 }
 
 void
 HttpChannelChild::OnStartRequest(const nsresult& channelStatus,
                                  const nsHttpResponseHead& responseHead,
                                  const bool& useResponseHead,
                                  const nsHttpHeaderArray& requestHeaders,
@@ -655,32 +668,31 @@ class TransportAndDataEvent : public Cha
   HttpChannelChild* mChild;
   nsresult mChannelStatus;
   nsresult mTransportStatus;
   nsCString mData;
   uint64_t mOffset;
   uint32_t mCount;
 };
 
-mozilla::ipc::IPCResult
-HttpChannelChild::RecvOnTransportAndData(const nsresult& channelStatus,
-                                         const nsresult& transportStatus,
-                                         const uint64_t& offset,
-                                         const uint32_t& count,
-                                         const nsCString& data)
+void
+HttpChannelChild::ProcessOnTransportAndData(const nsresult& aChannelStatus,
+                                            const nsresult& aTransportStatus,
+                                            const uint64_t& aOffset,
+                                            const uint32_t& aCount,
+                                            const nsCString& aData)
 {
-  LOG(("HttpChannelChild::RecvOnTransportAndData [this=%p]\n", this));
+  LOG(("HttpChannelChild::ProcessOnTransportAndData [this=%p]\n", this));
+  MOZ_ASSERT(NS_IsMainThread());
   MOZ_RELEASE_ASSERT(!mFlushedForDiversion,
                      "Should not be receiving any more callbacks from parent!");
-
-  mEventQ->RunOrEnqueue(new TransportAndDataEvent(this, channelStatus,
-                                                  transportStatus, data, offset,
-                                                  count),
+  mEventQ->RunOrEnqueue(new TransportAndDataEvent(this, aChannelStatus,
+                                                  aTransportStatus, aData,
+                                                  aOffset, aCount),
                         mDivertingToParent);
-  return IPC_OK();
 }
 
 class MaybeDivertOnDataHttpEvent : public ChannelEvent
 {
  public:
   MaybeDivertOnDataHttpEvent(HttpChannelChild* child,
                              const nsCString& data,
                              const uint64_t& offset,
@@ -898,27 +910,27 @@ class StopRequestEvent : public ChannelE
     return target.forget();
   }
  private:
   HttpChannelChild* mChild;
   nsresult mChannelStatus;
   ResourceTimingStruct mTiming;
 };
 
-mozilla::ipc::IPCResult
-HttpChannelChild::RecvOnStopRequest(const nsresult& channelStatus,
-                                    const ResourceTimingStruct& timing)
+void
+HttpChannelChild::ProcessOnStopRequest(const nsresult& aChannelStatus,
+                                       const ResourceTimingStruct& aTiming)
 {
-  LOG(("HttpChannelChild::RecvOnStopRequest [this=%p]\n", this));
+  LOG(("HttpChannelChild::ProcessOnStopRequest [this=%p]\n", this));
+  MOZ_ASSERT(NS_IsMainThread());
   MOZ_RELEASE_ASSERT(!mFlushedForDiversion,
     "Should not be receiving any more callbacks from parent!");
 
-  mEventQ->RunOrEnqueue(new StopRequestEvent(this, channelStatus, timing),
+  mEventQ->RunOrEnqueue(new StopRequestEvent(this, aChannelStatus, aTiming),
                         mDivertingToParent);
-  return IPC_OK();
 }
 
 class MaybeDivertOnStopHttpEvent : public ChannelEvent
 {
  public:
   MaybeDivertOnStopHttpEvent(HttpChannelChild* child,
                              const nsresult& channelStatus)
   : mChild(child)
@@ -1039,16 +1051,18 @@ HttpChannelChild::OnStopRequest(const ns
     // (although we really shouldn't receive any msgs after OnStop),
     // so make sure this goes out of scope before then.
     AutoEventEnqueuer ensureSerialDispatch(mEventQ);
 
     DoOnStopRequest(this, channelStatus, mListenerContext);
     // DoOnStopRequest() calls ReleaseListeners()
   }
 
+  CleanupBackgroundChannel();
+
   // DocumentChannelCleanup actually nulls out mCacheEntry in the parent, which
   // we might need later to open the Alt-Data output stream, so just return here
   if (!mPreferredCachedAltDataType.IsEmpty()) {
     mKeptAlive = true;
     return;
   }
 
   if (mLoadFlags & LOAD_DOCUMENT_URI) {
@@ -1137,22 +1151,23 @@ class ProgressEvent : public ChannelEven
     nsCOMPtr<nsIEventTarget> target = mChild->GetNeckoTarget();
     return target.forget();
   }
  private:
   HttpChannelChild* mChild;
   int64_t mProgress, mProgressMax;
 };
 
-mozilla::ipc::IPCResult
-HttpChannelChild::RecvOnProgress(const int64_t& progress,
-                                 const int64_t& progressMax)
+void
+HttpChannelChild::ProcessOnProgress(const int64_t& aProgress,
+                                    const int64_t& aProgressMax)
 {
-  mEventQ->RunOrEnqueue(new ProgressEvent(this, progress, progressMax));
-  return IPC_OK();
+  LOG(("HttpChannelChild::ProcessOnProgress [this=%p]\n", this));
+  MOZ_ASSERT(NS_IsMainThread());
+  mEventQ->RunOrEnqueue(new ProgressEvent(this, aProgress, aProgressMax));
 }
 
 void
 HttpChannelChild::OnProgress(const int64_t& progress,
                              const int64_t& progressMax)
 {
   LOG(("HttpChannelChild::OnProgress [this=%p progress=%" PRId64 "/%" PRId64 "]\n",
        this, progress, progressMax));
@@ -1192,21 +1207,22 @@ class StatusEvent : public ChannelEvent
     nsCOMPtr<nsIEventTarget> target = mChild->GetNeckoTarget();
     return target.forget();
   }
  private:
   HttpChannelChild* mChild;
   nsresult mStatus;
 };
 
-mozilla::ipc::IPCResult
-HttpChannelChild::RecvOnStatus(const nsresult& status)
+void
+HttpChannelChild::ProcessOnStatus(const nsresult& aStatus)
 {
-  mEventQ->RunOrEnqueue(new StatusEvent(this, status));
-  return IPC_OK();
+  LOG(("HttpChannelChild::ProcessOnStatus [this=%p]\n", this));
+  MOZ_ASSERT(NS_IsMainThread());
+  mEventQ->RunOrEnqueue(new StatusEvent(this, aStatus));
 }
 
 void
 HttpChannelChild::OnStatus(const nsresult& status)
 {
   LOG(("HttpChannelChild::OnStatus [this=%p status=%" PRIx32 "]\n",
        this, static_cast<uint32_t>(status)));
 
@@ -1261,35 +1277,67 @@ HttpChannelChild::RecvFailedAsyncOpen(co
 
 // We need to have an implementation of this function just so that we can keep
 // all references to mCallOnResume of type HttpChannelChild:  it's not OK in C++
 // to set a member function ptr to a base class function.
 void
 HttpChannelChild::HandleAsyncAbort()
 {
   HttpAsyncAborter<HttpChannelChild>::HandleAsyncAbort();
+
+  // Ignore all the messages from background channel after channel aborted.
+  CleanupBackgroundChannel();
 }
 
 void
 HttpChannelChild::FailedAsyncOpen(const nsresult& status)
 {
   LOG(("HttpChannelChild::FailedAsyncOpen [this=%p status=%" PRIx32 "]\n",
        this, static_cast<uint32_t>(status)));
+  MOZ_ASSERT(NS_IsMainThread());
+
+  // Might be called twice in race condition in theory.
+  // (one by RecvFailedAsyncOpen, another by
+  // HttpBackgroundChannelChild::ActorFailed)
+  if (NS_WARN_IF(NS_FAILED(mStatus))) {
+    return;
+  }
 
   mStatus = status;
 
   // We're already being called from IPDL, therefore already "async"
   HandleAsyncAbort();
 
   if (mIPCOpen) {
     TrySendDeletingChannel();
   }
 }
 
 void
+HttpChannelChild::CleanupBackgroundChannel()
+{
+  LOG(("HttpChannelChild::CleanupBackgroundChannel [this=%p bgChild=%p]\n",
+       this, mBgChild.get()));
+  if (!mBgChild) {
+    return;
+  }
+
+  RefPtr<HttpBackgroundChannelChild> bgChild = mBgChild.forget();
+
+  if (!NS_IsMainThread()) {
+    SystemGroup::Dispatch(
+      "HttpChannelChild::CleanupBackgroundChannel",
+      TaskCategory::Other,
+      NewRunnableMethod(bgChild, &HttpBackgroundChannelChild::OnChannelClosed));
+  } else {
+    bgChild->OnChannelClosed();
+  }
+}
+
+void
 HttpChannelChild::DoNotifyListenerCleanup()
 {
   LOG(("HttpChannelChild::DoNotifyListenerCleanup [this=%p]\n", this));
 
   if (mInterceptListener) {
     mInterceptListener->Cleanup();
     mInterceptListener = nullptr;
   }
@@ -1668,75 +1716,80 @@ class HttpFlushedForDiversionEvent : pub
     MOZ_ASSERT(mChild);
     nsCOMPtr<nsIEventTarget> target = mChild->GetNeckoTarget();
     return target.forget();
   }
  private:
   HttpChannelChild* mChild;
 };
 
-mozilla::ipc::IPCResult
-HttpChannelChild::RecvFlushedForDiversion()
+void
+HttpChannelChild::ProcessFlushedForDiversion()
 {
-  LOG(("HttpChannelChild::RecvFlushedForDiversion [this=%p]\n", this));
+  LOG(("HttpChannelChild::ProcessFlushedForDiversion [this=%p]\n", this));
+  MOZ_ASSERT(NS_IsMainThread());
   MOZ_RELEASE_ASSERT(mDivertingToParent);
 
   mEventQ->RunOrEnqueue(new HttpFlushedForDiversionEvent(this), true);
-
-  return IPC_OK();
 }
 
-mozilla::ipc::IPCResult
-HttpChannelChild::RecvNotifyTrackingProtectionDisabled()
+void
+HttpChannelChild::ProcessNotifyTrackingProtectionDisabled()
 {
+  LOG(("HttpChannelChild::ProcessNotifyTrackingProtectionDisabled [this=%p]\n", this));
+  MOZ_ASSERT(NS_IsMainThread());
+
   nsChannelClassifier::NotifyTrackingProtectionDisabled(this);
-  return IPC_OK();
 }
 
-mozilla::ipc::IPCResult
-HttpChannelChild::RecvNotifyTrackingResource()
+void
+HttpChannelChild::ProcessNotifyTrackingResource()
 {
+  LOG(("HttpChannelChild::ProcessNotifyTrackingResource [this=%p]\n", this));
+  MOZ_ASSERT(NS_IsMainThread());
+
   SetIsTrackingResource();
-  return IPC_OK();
 }
 
 void
 HttpChannelChild::FlushedForDiversion()
 {
   LOG(("HttpChannelChild::FlushedForDiversion [this=%p]\n", this));
   MOZ_RELEASE_ASSERT(mDivertingToParent);
 
   // Once this is set, it should not be unset before HttpChannelChild is taken
   // down. After it is set, no OnStart/OnData/OnStop callbacks should be
   // received from the parent channel, nor dequeued from the ChannelEventQueue.
   mFlushedForDiversion = true;
 
   SendDivertComplete();
 }
 
-mozilla::ipc::IPCResult
-HttpChannelChild::RecvSetClassifierMatchedInfo(const ClassifierInfo& aInfo)
+void
+HttpChannelChild::ProcessSetClassifierMatchedInfo(const nsCString& aList,
+                                                  const nsCString& aProvider,
+                                                  const nsCString& aPrefix)
 {
-  SetMatchedInfo(aInfo.list(), aInfo.provider(), aInfo.prefix());
-  return IPC_OK();
+  LOG(("HttpChannelChild::ProcessSetClassifierMatchedInfo [this=%p]\n", this));
+  MOZ_ASSERT(NS_IsMainThread());
+
+  SetMatchedInfo(aList, aProvider, aPrefix);
 }
 
-
-mozilla::ipc::IPCResult
-HttpChannelChild::RecvDivertMessages()
+void
+HttpChannelChild::ProcessDivertMessages()
 {
-  LOG(("HttpChannelChild::RecvDivertMessages [this=%p]\n", this));
+  LOG(("HttpChannelChild::ProcessDivertMessages [this=%p]\n", this));
+  MOZ_ASSERT(NS_IsMainThread());
   MOZ_RELEASE_ASSERT(mDivertingToParent);
   MOZ_RELEASE_ASSERT(mSuspendCount > 0);
 
   // DivertTo() has been called on parent, so we can now start sending queued
   // IPDL messages back to parent listener.
   MOZ_RELEASE_ASSERT(NS_SUCCEEDED(Resume()));
-
-  return IPC_OK();
 }
 
 // Returns true if has actually completed the redirect and cleaned up the
 // channel, or false the interception logic kicked in and we need to asyncly
 // call FinishInterceptedRedirect and CleanupRedirectingChannel.
 // The argument is an optional OverrideRunnable that we pass to the redirected
 // channel.
 bool
@@ -1844,16 +1897,30 @@ HttpChannelChild::ConnectParent(uint32_t
                          ->GetBrowserOrId(tabChild);
   if (!gNeckoChild->
         SendPHttpChannelConstructor(this, browser,
                                     IPC::SerializedLoadContext(this),
                                     connectArgs)) {
     return NS_ERROR_FAILURE;
   }
 
+  {
+    MOZ_ASSERT(!mBgChild);
+
+    RefPtr<HttpBackgroundChannelChild> bgChild =
+      new HttpBackgroundChannelChild();
+
+    nsresult rv = bgChild->Init(this);
+    if (NS_WARN_IF(NS_FAILED(rv))) {
+      return rv;
+    }
+
+    mBgChild = bgChild.forget();
+  }
+
   return NS_OK;
 }
 
 NS_IMETHODIMP
 HttpChannelChild::CompleteRedirectSetup(nsIStreamListener *listener,
                                         nsISupports *aContext)
 {
   LOG(("HttpChannelChild::FinishRedirectSetup [this=%p]\n", this));
@@ -2472,16 +2539,36 @@ HttpChannelChild::ContinueAsyncOpen()
 
   PBrowserOrId browser = cc->GetBrowserOrId(tabChild);
   if (!gNeckoChild->SendPHttpChannelConstructor(this, browser,
                                                 IPC::SerializedLoadContext(this),
                                                 openArgs)) {
     return NS_ERROR_FAILURE;
   }
 
+  {
+    // Service worker might use the same HttpChannelChild to do async open
+    // twice. Need to disconnect with previous background channel before
+    // creating the new one.
+    if (mBgChild) {
+      RefPtr<HttpBackgroundChannelChild> prevBgChild = mBgChild.forget();
+      prevBgChild->OnChannelClosed();
+    }
+
+    RefPtr<HttpBackgroundChannelChild> bgChild =
+      new HttpBackgroundChannelChild();
+
+    rv = bgChild->Init(this);
+    if (NS_WARN_IF(NS_FAILED(rv))) {
+      return rv;
+    }
+
+    mBgChild = bgChild.forget();
+  }
+
   return NS_OK;
 }
 
 //-----------------------------------------------------------------------------
 // HttpChannelChild::nsIHttpChannel
 //-----------------------------------------------------------------------------
 
 NS_IMETHODIMP
--- a/netwerk/protocol/http/HttpChannelChild.h
+++ b/netwerk/protocol/http/HttpChannelChild.h
@@ -34,16 +34,17 @@
 #include "mozilla/net/DNS.h"
 
 class nsIEventTarget;
 class nsInputStreamPump;
 
 namespace mozilla {
 namespace net {
 
+class HttpBackgroundChannelChild;
 class InterceptedChannelContent;
 class InterceptStreamListener;
 
 class HttpChannelChild final : public PHttpChannelChild
                              , public HttpBaseChannel
                              , public HttpAsyncAborter<HttpChannelChild>
                              , public nsICacheInfoChannel
                              , public nsIProxiedChannel
@@ -105,60 +106,52 @@ public:
   // IPDL holds a reference while the PHttpChannel protocol is live (starting at
   // AsyncOpen, and ending at either OnStopRequest or any IPDL error, either of
   // which call NeckoChild::DeallocPHttpChannelChild()).
   void AddIPDLReference();
   void ReleaseIPDLReference();
 
   MOZ_MUST_USE bool IsSuspended();
 
-  mozilla::ipc::IPCResult RecvNotifyTrackingProtectionDisabled() override;
-  mozilla::ipc::IPCResult RecvNotifyTrackingResource() override;
   void FlushedForDiversion();
-  mozilla::ipc::IPCResult RecvSetClassifierMatchedInfo(const ClassifierInfo& aInfo) override;
 
   void OnCopyComplete(nsresult aStatus) override;
 
+  // Callback while background channel is ready.
+  void OnBackgroundChildReady(HttpBackgroundChannelChild* aBgChild);
+  // Callback while background channel is destroyed.
+  void OnBackgroundChildDestroyed();
+
 protected:
   mozilla::ipc::IPCResult RecvOnStartRequest(const nsresult& channelStatus,
                                              const nsHttpResponseHead& responseHead,
                                              const bool& useResponseHead,
                                              const nsHttpHeaderArray& requestHeaders,
                                              const bool& isFromCache,
                                              const bool& cacheEntryAvailable,
                                              const uint32_t& cacheExpirationTime,
                                              const nsCString& cachedCharset,
                                              const nsCString& securityInfoSerialization,
                                              const NetAddr& selfAddr,
                                              const NetAddr& peerAddr,
                                              const int16_t& redirectCount,
                                              const uint32_t& cacheKey,
                                              const nsCString& altDataType,
                                              const int64_t& altDataLen) override;
-  mozilla::ipc::IPCResult RecvOnTransportAndData(const nsresult& channelStatus,
-                                                 const nsresult& status,
-                                                 const uint64_t& offset,
-                                                 const uint32_t& count,
-                                                 const nsCString& data) override;
-  mozilla::ipc::IPCResult RecvOnStopRequest(const nsresult& statusCode, const ResourceTimingStruct& timing) override;
-  mozilla::ipc::IPCResult RecvOnProgress(const int64_t& progress, const int64_t& progressMax) override;
-  mozilla::ipc::IPCResult RecvOnStatus(const nsresult& status) override;
   mozilla::ipc::IPCResult RecvFailedAsyncOpen(const nsresult& status) override;
   mozilla::ipc::IPCResult RecvRedirect1Begin(const uint32_t& registrarId,
                                              const URIParams& newURI,
                                              const uint32_t& redirectFlags,
                                              const nsHttpResponseHead& responseHead,
                                              const nsCString& securityInfoSerialization,
                                              const uint64_t& channelId,
                                              const NetAddr& oldPeerAddr) override;
   mozilla::ipc::IPCResult RecvRedirect3Complete() override;
   mozilla::ipc::IPCResult RecvAssociateApplicationCache(const nsCString& groupID,
                                                         const nsCString& clientID) override;
-  mozilla::ipc::IPCResult RecvFlushedForDiversion() override;
-  mozilla::ipc::IPCResult RecvDivertMessages() override;
   mozilla::ipc::IPCResult RecvDeleteSelf() override;
   mozilla::ipc::IPCResult RecvFinishInterceptedRedirect() override;
 
   mozilla::ipc::IPCResult RecvReportSecurityMessage(const nsString& messageTag,
                                                     const nsString& messageCategory) override;
 
   mozilla::ipc::IPCResult RecvIssueDeprecationWarning(const uint32_t& warning,
                                                       const bool& asError) override;
@@ -212,16 +205,36 @@ private:
   // Get event target for processing network events.
   already_AddRefed<nsIEventTarget> GetNeckoTarget();
 
   // Get event target for ODA.
   already_AddRefed<nsIEventTarget> GetODATarget();
 
   MOZ_MUST_USE nsresult ContinueAsyncOpen();
 
+  // Callbacks while receiving OnTransportAndData/OnStopRequest/OnProgress/
+  // OnStatus/FlushedForDiversion/DivertMessages on background IPC channel.
+  void ProcessOnTransportAndData(const nsresult& aChannelStatus,
+                                 const nsresult& aStatus,
+                                 const uint64_t& aOffset,
+                                 const uint32_t& aCount,
+                                 const nsCString& aData);
+  void ProcessOnStopRequest(const nsresult& aStatusCode,
+                            const ResourceTimingStruct& aTiming);
+  void ProcessOnProgress(const int64_t& aProgress, const int64_t& aProgressMax);
+  void ProcessOnStatus(const nsresult& aStatus);
+  void ProcessFlushedForDiversion();
+  void ProcessDivertMessages();
+  void ProcessNotifyTrackingProtectionDisabled();
+  void ProcessNotifyTrackingResource();
+  void ProcessSetClassifierMatchedInfo(const nsCString& aList,
+                                       const nsCString& aProvider,
+                                       const nsCString& aPrefix);
+
+
   void DoOnStartRequest(nsIRequest* aRequest, nsISupports* aContext);
   void DoOnStatus(nsIRequest* aRequest, nsresult status);
   void DoOnProgress(nsIRequest* aRequest, int64_t progress, int64_t progressMax);
   void DoOnDataAvailable(nsIRequest* aRequest, nsISupports* aContext, nsIInputStream* aStream,
                          uint64_t offset, uint32_t count);
   void DoPreOnStopRequest(nsresult aStatus);
   void DoOnStopRequest(nsIRequest* aRequest, nsresult aChannelStatus, nsISupports* aContext);
 
@@ -307,16 +320,22 @@ private:
   // Set if the corresponding parent channel should force an interception to occur
   // before the network transaction is initiated.
   bool mShouldParentIntercept;
 
   // Set if the corresponding parent channel should suspend after a response
   // is synthesized.
   bool mSuspendParentAfterSynthesizeResponse;
 
+  RefPtr<HttpBackgroundChannelChild> mBgChild;
+
+  // Remove the association with background channel after OnStopRequest
+  // or AsyncAbort.
+  void CleanupBackgroundChannel();
+
   // Needed to call AsyncOpen in FinishInterceptedRedirect
   nsCOMPtr<nsIStreamListener> mInterceptedRedirectListener;
   nsCOMPtr<nsISupports> mInterceptedRedirectContext;
   // Needed to call CleanupRedirectingChannel in FinishInterceptedRedirect
   RefPtr<HttpChannelChild> mInterceptingChannel;
   // Used to call OverrideWithSynthesizedResponse in FinishInterceptedRedirect
   RefPtr<OverrideRunnable> mOverrideRunnable;
 
@@ -398,16 +417,17 @@ private:
   friend class Redirect1Event;
   friend class Redirect3Event;
   friend class DeleteSelfEvent;
   friend class HttpFlushedForDiversionEvent;
   friend class CancelEvent;
   friend class HttpAsyncAborter<HttpChannelChild>;
   friend class InterceptStreamListener;
   friend class InterceptedChannelContent;
+  friend class HttpBackgroundChannelChild;
 };
 
 // A stream listener interposed between the nsInputStreamPump used for intercepted channels
 // and this channel's original listener. This is only used to ensure the original listener
 // sees the channel as the request object, and to synthesize OnStatus and OnProgress notifications.
 class InterceptStreamListener : public nsIStreamListener
                               , public nsIProgressEventSink
 {
--- a/netwerk/protocol/http/HttpChannelParent.cpp
+++ b/netwerk/protocol/http/HttpChannelParent.cpp
@@ -3,27 +3,33 @@
 /* This Source Code Form is subject to the terms of the Mozilla Public
  * License, v. 2.0. If a copy of the MPL was not distributed with this
  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
 
 // HttpLog.h should generally be included first
 #include "HttpLog.h"
 
 #include "mozilla/ipc/FileDescriptorSetParent.h"
+#include "mozilla/ipc/IPCStreamUtils.h"
 #include "mozilla/net/HttpChannelParent.h"
+#include "mozilla/dom/ContentParent.h"
 #include "mozilla/dom/Element.h"
 #include "mozilla/dom/TabParent.h"
 #include "mozilla/net/NeckoParent.h"
+#include "mozilla/IntegerPrintfMacros.h"
 #include "mozilla/UniquePtr.h"
 #include "mozilla/Unused.h"
+#include "HttpBackgroundChannelParent.h"
 #include "HttpChannelParentListener.h"
 #include "nsHttpHandler.h"
+#include "nsNetCID.h"
 #include "nsNetUtil.h"
 #include "nsISupportsPriority.h"
 #include "nsIAuthPromptProvider.h"
+#include "nsIBackgroundChannelRegistrar.h"
 #include "nsSerializationHelper.h"
 #include "nsISerializable.h"
 #include "nsIAssociatedContentSecurity.h"
 #include "nsIApplicationCacheService.h"
 #include "mozilla/ipc/InputStreamUtils.h"
 #include "mozilla/ipc/URIUtils.h"
 #include "SerializedLoadContext.h"
 #include "nsIAuthInformation.h"
@@ -32,36 +38,37 @@
 #include "mozilla/ipc/BackgroundUtils.h"
 #include "nsICachingChannel.h"
 #include "mozilla/LoadInfo.h"
 #include "nsQueryObject.h"
 #include "mozilla/BasePrincipal.h"
 #include "nsCORSListenerProxy.h"
 #include "nsIIPCSerializableInputStream.h"
 #include "nsIPrompt.h"
+#include "nsIRedirectChannelRegistrar.h"
 #include "nsIWindowWatcher.h"
 #include "nsIDocument.h"
+#include "nsStreamUtils.h"
 #include "nsStringStream.h"
+#include "nsIStorageStream.h"
 #include "nsQueryObject.h"
 #include "nsIURIClassifier.h"
-#include "mozilla/dom/ContentParent.h"
 
 using mozilla::BasePrincipal;
 using namespace mozilla::dom;
 using namespace mozilla::ipc;
 
 namespace mozilla {
 namespace net {
 
 HttpChannelParent::HttpChannelParent(const PBrowserOrId& iframeEmbedding,
                                      nsILoadContext* aLoadContext,
                                      PBOverrideStatus aOverrideStatus)
   : mIPCClosed(false)
   , mIgnoreProgress(false)
-  , mSentRedirect1Begin(false)
   , mSentRedirect1BeginFailed(false)
   , mReceivedRedirect2Verify(false)
   , mPBOverride(aOverrideStatus)
   , mLoadContext(aLoadContext)
   , mStatus(NS_OK)
   , mPendingDiversion(false)
   , mDivertingFromChild(false)
   , mDivertedOnStartRequest(false)
@@ -86,31 +93,34 @@ HttpChannelParent::HttpChannelParent(con
   }
 
   mEventQ = new ChannelEventQueue(static_cast<nsIParentRedirectingChannel*>(this));
 }
 
 HttpChannelParent::~HttpChannelParent()
 {
   LOG(("Destroying HttpChannelParent [this=%p]\n", this));
+  CleanupBackgroundChannel();
 }
 
 void
 HttpChannelParent::ActorDestroy(ActorDestroyReason why)
 {
   // We may still have refcount>0 if nsHttpChannel hasn't called OnStopRequest
   // yet, but child process has crashed.  We must not try to send any more msgs
   // to child, or IPDL will kill chrome process, too.
   mIPCClosed = true;
 
   // If this is an intercepted channel, we need to make sure that any resources are
   // cleaned up to avoid leaks.
   if (mParentListener) {
     mParentListener->ClearInterceptedChannel();
   }
+
+  CleanupBackgroundChannel();
 }
 
 bool
 HttpChannelParent::Init(const HttpChannelCreationArgs& aArgs)
 {
   LOG(("HttpChannelParent::Init [this=%p]\n", this));
   switch (aArgs.type()) {
   case HttpChannelCreationArgs::THttpChannelOpenArgs:
@@ -146,31 +156,127 @@ HttpChannelParent::Init(const HttpChanne
     return ConnectChannel(cArgs.registrarId(), cArgs.shouldIntercept());
   }
   default:
     NS_NOTREACHED("unknown open type");
     return false;
   }
 }
 
+void
+HttpChannelParent::TryInvokeAsyncOpen(nsresult aRv)
+{
+  LOG(("HttpChannelParent::TryInvokeAsyncOpen [this=%p barrier=%u rv=%" PRIx32
+       "]\n", this, mAsyncOpenBarrier, static_cast<uint32_t>(aRv)));
+  MOZ_ASSERT(NS_IsMainThread());
+
+  // TryInvokeAsyncOpen is called more than we expected.
+  // Assert in nightly build but ignore it in release channel.
+  MOZ_DIAGNOSTIC_ASSERT(mAsyncOpenBarrier > 0);
+  if (NS_WARN_IF(!mAsyncOpenBarrier)) {
+    return;
+  }
+
+  if (--mAsyncOpenBarrier > 0 && NS_SUCCEEDED(aRv)) {
+    // Need to wait for more events.
+    return;
+  }
+
+  InvokeAsyncOpen(aRv);
+}
+
+void
+HttpChannelParent::OnBackgroundParentReady(
+                                         HttpBackgroundChannelParent* aBgParent)
+{
+  LOG(("HttpChannelParent::OnBackgroundParentReady [this=%p bgParent=%p]\n",
+       this, aBgParent));
+  MOZ_ASSERT(NS_IsMainThread());
+  MOZ_ASSERT(!mBgParent);
+
+  mBgParent = aBgParent;
+
+  mPromise.ResolveIfExists(true, __func__);
+}
+
+void
+HttpChannelParent::OnBackgroundParentDestroyed()
+{
+  LOG(("HttpChannelParent::OnBackgroundParentDestroyed [this=%p]\n", this));
+  MOZ_ASSERT(NS_IsMainThread());
+
+  if (!mPromise.IsEmpty()) {
+    MOZ_ASSERT(!mBgParent);
+    mPromise.Reject(NS_ERROR_FAILURE, __func__);
+    return;
+  }
+
+  if (!mBgParent) {
+    return;
+  }
+
+  // Background channel is closed unexpectly, abort PHttpChannel operation.
+  mBgParent = nullptr;
+  Delete();
+}
+
+void
+HttpChannelParent::CleanupBackgroundChannel()
+{
+  LOG(("HttpChannelParent::CleanupBackgroundChannel [this=%p bgParent=%p]\n",
+       this, mBgParent.get()));
+  MOZ_ASSERT(NS_IsMainThread());
+
+  if (mBgParent) {
+    RefPtr<HttpBackgroundChannelParent> bgParent = mBgParent.forget();
+    bgParent->OnChannelClosed();
+    return;
+  }
+
+  if (!mPromise.IsEmpty()) {
+    mRequest.DisconnectIfExists();
+    mPromise.Reject(NS_ERROR_FAILURE, __func__);
+
+    if (!mChannel) {
+      return;
+    }
+
+    // This HttpChannelParent might still have a reference from
+    // BackgroundChannelRegistrar.
+    nsCOMPtr<nsIBackgroundChannelRegistrar> registrar =
+      do_GetService(NS_BACKGROUNDCHANNELREGISTRAR_CONTRACTID);
+    MOZ_ASSERT(registrar);
+
+    registrar->DeleteChannel(mChannel->ChannelId());
+
+    // If mAsyncOpenBarrier is greater than zero, it means AsyncOpen procedure
+    // is still on going. we need to abort AsyncOpen with failure to destroy
+    // PHttpChannel actor.
+    if (mAsyncOpenBarrier) {
+      TryInvokeAsyncOpen(NS_ERROR_FAILURE);
+    }
+  }
+}
+
 //-----------------------------------------------------------------------------
 // HttpChannelParent::nsISupports
 //-----------------------------------------------------------------------------
 
 NS_IMPL_ADDREF(HttpChannelParent)
 NS_IMPL_RELEASE(HttpChannelParent)
 NS_INTERFACE_MAP_BEGIN(HttpChannelParent)
   NS_INTERFACE_MAP_ENTRY(nsIInterfaceRequestor)
   NS_INTERFACE_MAP_ENTRY(nsIProgressEventSink)
   NS_INTERFACE_MAP_ENTRY(nsIRequestObserver)
   NS_INTERFACE_MAP_ENTRY(nsIStreamListener)
   NS_INTERFACE_MAP_ENTRY(nsIParentChannel)
   NS_INTERFACE_MAP_ENTRY(nsIAuthPromptProvider)
   NS_INTERFACE_MAP_ENTRY(nsIParentRedirectingChannel)
   NS_INTERFACE_MAP_ENTRY(nsIDeprecationWarner)
+  NS_INTERFACE_MAP_ENTRY(nsIAsyncVerifyRedirectReadyCallback)
   NS_INTERFACE_MAP_ENTRY_AMBIGUOUS(nsISupports, nsIParentRedirectingChannel)
   if (aIID.Equals(NS_GET_IID(HttpChannelParent))) {
     foundInterface = static_cast<nsIInterfaceRequestor*>(this);
   } else
 NS_INTERFACE_MAP_END
 
 //-----------------------------------------------------------------------------
 // HttpChannelParent::nsIInterfaceRequestor
@@ -228,37 +334,57 @@ HttpChannelParent::GetInterface(const ns
   return QueryInterface(aIID, result);
 }
 
 //-----------------------------------------------------------------------------
 // HttpChannelParent::PHttpChannelParent
 //-----------------------------------------------------------------------------
 
 void
+HttpChannelParent::AsyncOpenFailed(nsresult aRv)
+{
+  MOZ_ASSERT(NS_IsMainThread());
+  MOZ_ASSERT(NS_FAILED(aRv));
+
+  // Break the reference cycle among HttpChannelParent,
+  // HttpChannelParentListener, and nsHttpChannel to avoid memory leakage.
+  mChannel = nullptr;
+  mParentListener = nullptr;
+
+  if (!mIPCClosed) {
+    Unused << SendFailedAsyncOpen(aRv);
+  }
+}
+
+void
 HttpChannelParent::InvokeAsyncOpen(nsresult rv)
 {
+  LOG(("HttpChannelParent::InvokeAsyncOpen [this=%p rv=%" PRIx32 "]\n",
+       this, static_cast<uint32_t>(rv)));
+  MOZ_ASSERT(NS_IsMainThread());
+
   if (NS_FAILED(rv)) {
-    Unused << SendFailedAsyncOpen(rv);
+    AsyncOpenFailed(rv);
     return;
   }
 
   nsCOMPtr<nsILoadInfo> loadInfo;
   rv = mChannel->GetLoadInfo(getter_AddRefs(loadInfo));
   if (NS_FAILED(rv)) {
-    Unused << SendFailedAsyncOpen(rv);
+    AsyncOpenFailed(rv);
     return;
   }
   if (loadInfo && loadInfo->GetEnforceSecurity()) {
     rv = mChannel->AsyncOpen2(mParentListener);
   }
   else {
     rv = mChannel->AsyncOpen(mParentListener, nullptr);
   }
   if (NS_FAILED(rv)) {
-    Unused << SendFailedAsyncOpen(rv);
+    AsyncOpenFailed(rv);
   }
 }
 
 namespace {
 class InvokeAsyncOpen : public Runnable
 {
   nsMainThreadPtrHandle<nsIInterfaceRequestor> mChannel;
   nsresult mStatus;
@@ -268,17 +394,17 @@ public:
   : mChannel(aChannel)
   , mStatus(aStatus)
   {
   }
 
   NS_IMETHOD Run()
   {
     RefPtr<HttpChannelParent> channel = do_QueryObject(mChannel.get());
-    channel->InvokeAsyncOpen(mStatus);
+    channel->TryInvokeAsyncOpen(mStatus);
     return NS_OK;
   }
 };
 
 struct UploadStreamClosure {
   nsMainThreadPtrHandle<nsIInterfaceRequestor> mChannel;
 
   explicit UploadStreamClosure(const nsMainThreadPtrHandle<nsIInterfaceRequestor>& aChannel)
@@ -379,82 +505,81 @@ HttpChannelParent::DoAsyncOpen(  const U
 
   nsCOMPtr<nsIChannel> channel;
   rv = NS_NewChannelInternal(getter_AddRefs(channel), uri, loadInfo,
                              nullptr, nullptr, aLoadFlags, ios);
   if (NS_FAILED(rv)) {
     return SendFailedAsyncOpen(rv);
   }
 
-  mChannel = do_QueryObject(channel, &rv);
+  RefPtr<nsHttpChannel> httpChannel = do_QueryObject(channel, &rv);
   if (NS_FAILED(rv)) {
     return SendFailedAsyncOpen(rv);
   }
 
   // Set the channelId allocated in child to the parent instance
-  mChannel->SetChannelId(aChannelId);
-  mChannel->SetTopLevelContentWindowId(aContentWindowId);
-  mChannel->SetTopLevelOuterContentWindowId(aTopLevelOuterContentWindowId);
+  httpChannel->SetChannelId(aChannelId);
+  httpChannel->SetTopLevelContentWindowId(aContentWindowId);
+  httpChannel->SetTopLevelOuterContentWindowId(aTopLevelOuterContentWindowId);
 
-  mChannel->SetWarningReporter(this);
-  mChannel->SetTimingEnabled(true);
+  httpChannel->SetWarningReporter(this);
+  httpChannel->SetTimingEnabled(true);
   if (mPBOverride != kPBOverride_Unset) {
-    mChannel->SetPrivate(mPBOverride == kPBOverride_Private ? true : false);
+    httpChannel->SetPrivate(mPBOverride == kPBOverride_Private ? true : false);
   }
 
   if (doResumeAt)
-    mChannel->ResumeAt(startPos, entityID);
+    httpChannel->ResumeAt(startPos, entityID);
 
   if (originalUri)
-    mChannel->SetOriginalURI(originalUri);
+    httpChannel->SetOriginalURI(originalUri);
   if (docUri)
-    mChannel->SetDocumentURI(docUri);
+    httpChannel->SetDocumentURI(docUri);
   if (referrerUri) {
-    rv = mChannel->SetReferrerWithPolicyInternal(referrerUri, aReferrerPolicy);
+    rv = httpChannel->SetReferrerWithPolicyInternal(referrerUri, aReferrerPolicy);
     MOZ_ASSERT(NS_SUCCEEDED(rv));
   }
   if (apiRedirectToUri)
-    mChannel->RedirectTo(apiRedirectToUri);
+    httpChannel->RedirectTo(apiRedirectToUri);
   if (topWindowUri) {
-    rv = mChannel->SetTopWindowURI(topWindowUri);
+    rv = httpChannel->SetTopWindowURI(topWindowUri);
     MOZ_ASSERT(NS_SUCCEEDED(rv));
   }
   if (aLoadFlags != nsIRequest::LOAD_NORMAL)
-    mChannel->SetLoadFlags(aLoadFlags);
+    httpChannel->SetLoadFlags(aLoadFlags);
 
   for (uint32_t i = 0; i < requestHeaders.Length(); i++) {
     if (requestHeaders[i].mEmpty) {
-      mChannel->SetEmptyRequestHeader(requestHeaders[i].mHeader);
+      httpChannel->SetEmptyRequestHeader(requestHeaders[i].mHeader);
     } else {
-      mChannel->SetRequestHeader(requestHeaders[i].mHeader,
+      httpChannel->SetRequestHeader(requestHeaders[i].mHeader,
                                  requestHeaders[i].mValue,
                                  requestHeaders[i].mMerge);
     }
   }
 
-  mParentListener = new HttpChannelParentListener(this);
+  RefPtr<HttpChannelParentListener> parentListener
+    = new HttpChannelParentListener(this);
 
-  mChannel->SetNotificationCallbacks(mParentListener);
-
-  mChannel->SetRequestMethod(nsDependentCString(requestMethod.get()));
+  httpChannel->SetRequestMethod(nsDependentCString(requestMethod.get()));
 
   if (aCorsPreflightArgs.type() == OptionalCorsPreflightArgs::TCorsPreflightArgs) {
     const CorsPreflightArgs& args = aCorsPreflightArgs.get_CorsPreflightArgs();
-    mChannel->SetCorsPreflightParameters(args.unsafeHeaders());
+    httpChannel->SetCorsPreflightParameters(args.unsafeHeaders());
   }
 
-  bool delayAsyncOpen = false;
   nsCOMPtr<nsIInputStream> stream = DeserializeIPCStream(uploadStream);
   if (stream) {
     // FIXME: The fast path of using the existing stream currently only applies to streams
     //   that have had their entire contents serialized from the child at this point.
     //   Once bug 1294446 and bug 1294450 are fixed it is worth revisiting this heuristic.
     nsCOMPtr<nsIIPCSerializableInputStream> completeStream = do_QueryInterface(stream);
     if (!completeStream) {
-      delayAsyncOpen = true;
+      // Wait for completion of async copying IPC upload stream to a local input stream.
+      ++mAsyncOpenBarrier;
 
       // buffer size matches PChildToParentStream transfer size.
       const uint32_t kBufferSize = 32768;
 
       nsCOMPtr<nsIStorageStream> storageStream;
       nsresult rv = NS_NewStorageStream(kBufferSize, UINT32_MAX,
                                         getter_AddRefs(storageStream));
       if (NS_WARN_IF(NS_FAILED(rv))) {
@@ -489,83 +614,83 @@ HttpChannelParent::DoAsyncOpen(  const U
       // the AsyncOpen process once the full stream has been received.
       rv = NS_AsyncCopy(stream, sink, target, NS_ASYNCCOPY_VIA_READSEGMENTS,
                         kBufferSize, // copy segment size
                         UploadCopyComplete, closure.release());
       if (NS_WARN_IF(NS_FAILED(rv))) {
         return SendFailedAsyncOpen(rv);
       }
 
-      mChannel->InternalSetUploadStream(newUploadStream);
+      httpChannel->InternalSetUploadStream(newUploadStream);
     } else {
-      mChannel->InternalSetUploadStream(stream);
+      httpChannel->InternalSetUploadStream(stream);
     }
-    mChannel->SetUploadStreamHasHeaders(uploadStreamHasHeaders);
+    httpChannel->SetUploadStreamHasHeaders(uploadStreamHasHeaders);
   }
 
   if (aSynthesizedResponseHead.type() == OptionalHttpResponseHead::TnsHttpResponseHead) {
-    mParentListener->SetupInterception(aSynthesizedResponseHead.get_nsHttpResponseHead());
+    parentListener->SetupInterception(aSynthesizedResponseHead.get_nsHttpResponseHead());
     mWillSynthesizeResponse = true;
-    mChannel->SetCouldBeSynthesized();
+    httpChannel->SetCouldBeSynthesized();
 
     if (!aSecurityInfoSerialization.IsEmpty()) {
       nsCOMPtr<nsISupports> secInfo;
       NS_DeserializeObject(aSecurityInfoSerialization, getter_AddRefs(secInfo));
-      rv = mChannel->OverrideSecurityInfo(secInfo);
+      rv = httpChannel->OverrideSecurityInfo(secInfo);
       MOZ_ASSERT(NS_SUCCEEDED(rv));
     }
   } else {
     nsLoadFlags newLoadFlags;
-    mChannel->GetLoadFlags(&newLoadFlags);
+    httpChannel->GetLoadFlags(&newLoadFlags);
     newLoadFlags |= nsIChannel::LOAD_BYPASS_SERVICE_WORKER;
-    mChannel->SetLoadFlags(newLoadFlags);
+    httpChannel->SetLoadFlags(newLoadFlags);
   }
 
   nsCOMPtr<nsISupportsPRUint32> cacheKey =
     do_CreateInstance(NS_SUPPORTS_PRUINT32_CONTRACTID, &rv);
   if (NS_FAILED(rv)) {
     return SendFailedAsyncOpen(rv);
   }
 
   rv = cacheKey->SetData(aCacheKey);
   if (NS_FAILED(rv)) {
     return SendFailedAsyncOpen(rv);
   }
 
-  mChannel->SetCacheKey(cacheKey);
-  mChannel->PreferAlternativeDataType(aPreferredAlternativeType);
+  httpChannel->SetCacheKey(cacheKey);
+  httpChannel->PreferAlternativeDataType(aPreferredAlternativeType);
 
-  mChannel->SetAllowStaleCacheContent(aAllowStaleCacheContent);
+  httpChannel->SetAllowStaleCacheContent(aAllowStaleCacheContent);
 
-  mChannel->SetContentType(aContentTypeHint);
+  httpChannel->SetContentType(aContentTypeHint);
 
   if (priority != nsISupportsPriority::PRIORITY_NORMAL) {
-    mChannel->SetPriority(priority);
+    httpChannel->SetPriority(priority);
   }
   if (classOfService) {
-    mChannel->SetClassFlags(classOfService);
+    httpChannel->SetClassFlags(classOfService);
   }
-  mChannel->SetRedirectionLimit(redirectionLimit);
-  mChannel->SetAllowSTS(allowSTS);
-  mChannel->SetThirdPartyFlags(thirdPartyFlags);
-  mChannel->SetAllowSpdy(allowSpdy);
-  mChannel->SetAllowAltSvc(allowAltSvc);
-  mChannel->SetBeConservative(beConservative);
-  mChannel->SetInitialRwin(aInitialRwin);
-  mChannel->SetBlockAuthPrompt(aBlockAuthPrompt);
+  httpChannel->SetRedirectionLimit(redirectionLimit);
+  httpChannel->SetAllowSTS(allowSTS);
+  httpChannel->SetThirdPartyFlags(thirdPartyFlags);
+  httpChannel->SetAllowSpdy(allowSpdy);
+  httpChannel->SetAllowAltSvc(allowAltSvc);
+  httpChannel->SetBeConservative(beConservative);
+  httpChannel->SetInitialRwin(aInitialRwin);
+  httpChannel->SetBlockAuthPrompt(aBlockAuthPrompt);
 
-  mChannel->SetLaunchServiceWorkerStart(aLaunchServiceWorkerStart);
-  mChannel->SetLaunchServiceWorkerEnd(aLaunchServiceWorkerEnd);
-  mChannel->SetDispatchFetchEventStart(aDispatchFetchEventStart);
-  mChannel->SetDispatchFetchEventEnd(aDispatchFetchEventEnd);
-  mChannel->SetHandleFetchEventStart(aHandleFetchEventStart);
-  mChannel->SetHandleFetchEventEnd(aHandleFetchEventEnd);
+  httpChannel->SetLaunchServiceWorkerStart(aLaunchServiceWorkerStart);
+  httpChannel->SetLaunchServiceWorkerEnd(aLaunchServiceWorkerEnd);
+  httpChannel->SetDispatchFetchEventStart(aDispatchFetchEventStart);
+  httpChannel->SetDispatchFetchEventEnd(aDispatchFetchEventEnd);
+  httpChannel->SetHandleFetchEventStart(aHandleFetchEventStart);
+  httpChannel->SetHandleFetchEventEnd(aHandleFetchEventEnd);
 
   nsCOMPtr<nsIApplicationCacheChannel> appCacheChan =
-    do_QueryObject(mChannel);
+    do_QueryObject(httpChannel);
   nsCOMPtr<nsIApplicationCacheService> appCacheService =
     do_GetService(NS_APPLICATIONCACHESERVICE_CONTRACTID);
 
   bool setChooseApplicationCache = chooseApplicationCache;
   if (appCacheChan && appCacheService) {
     // We might potentially want to drop this flag (that is TRUE by default)
     // after we successfully associate the channel with an application cache
     // reported by the channel child.  Dropping it here may be too early.
@@ -577,39 +702,83 @@ HttpChannelParent::DoAsyncOpen(  const U
       if (NS_SUCCEEDED(rv)) {
         appCacheChan->SetApplicationCache(appCache);
         setChooseApplicationCache = false;
       }
     }
 
     if (setChooseApplicationCache) {
       OriginAttributes attrs;
-      NS_GetOriginAttributes(mChannel, attrs);
+      NS_GetOriginAttributes(httpChannel, attrs);
 
       nsCOMPtr<nsIPrincipal> principal =
         BasePrincipal::CreateCodebasePrincipal(uri, attrs);
 
       bool chooseAppCache = false;
       // This works because we've already called SetNotificationCallbacks and
       // done mPBOverride logic by this point.
       chooseAppCache = NS_ShouldCheckAppCache(principal);
 
       appCacheChan->SetChooseApplicationCache(chooseAppCache);
     }
   }
 
-  mChannel->SetRequestContextID(aRequestContextID);
+  httpChannel->SetRequestContextID(aRequestContextID);
+
+  // Store the strong reference of channel and parent listener object until
+  // all the initialization procedure is complete without failure, to remove
+  // cycle reference in fail case and to avoid memory leakage.
+  mChannel = httpChannel.forget();
+  mParentListener = parentListener.forget();
+  mChannel->SetNotificationCallbacks(mParentListener);
+
 
   mSuspendAfterSynthesizeResponse = aSuspendAfterSynthesizeResponse;
 
-  if (!delayAsyncOpen) {
-    InvokeAsyncOpen(NS_OK);
+  MOZ_ASSERT(!mBgParent);
+  MOZ_ASSERT(mPromise.IsEmpty());
+  // Wait for HttpBackgrounChannel to continue the async open procedure.
+  ++mAsyncOpenBarrier;
+  RefPtr<GenericPromise> promise = WaitForBgParent();
+  RefPtr<HttpChannelParent> self = this;
+  promise->Then(AbstractThread::MainThread(), __func__,
+                [self]() {
+                  self->mRequest.Complete();
+                  self->TryInvokeAsyncOpen(NS_OK);
+                },
+                [self](nsresult aStatus) {
+                  self->mRequest.Complete();
+                  self->TryInvokeAsyncOpen(aStatus);
+                })
+         ->Track(mRequest);
+
+  return true;
+}
+
+already_AddRefed<GenericPromise>
+HttpChannelParent::WaitForBgParent()
+{
+  LOG(("HttpChannelParent::WaitForBgParent [this=%p]\n", this));
+  MOZ_ASSERT(!mBgParent);
+  MOZ_ASSERT(mChannel);
+
+
+  nsCOMPtr<nsIBackgroundChannelRegistrar> registrar =
+    do_GetService(NS_BACKGROUNDCHANNELREGISTRAR_CONTRACTID);
+  MOZ_ASSERT(registrar);
+  registrar->LinkHttpChannel(mChannel->ChannelId(), this);
+
+  if (mBgParent) {
+    already_AddRefed<GenericPromise> promise = mPromise.Ensure(__func__);
+    // resolve promise immediatedly if bg channel is ready.
+    mPromise.Resolve(true, __func__);
+    return promise;
   }
 
-  return true;
+  return mPromise.Ensure(__func__);;
 }
 
 bool
 HttpChannelParent::ConnectChannel(const uint32_t& registrarId, const bool& shouldIntercept)
 {
   nsresult rv;
 
   LOG(("HttpChannelParent::ConnectChannel: Looking for a registered channel "
@@ -642,16 +811,30 @@ HttpChannelParent::ConnectChannel(const 
   if (mPBOverride != kPBOverride_Unset) {
     // redirected-to channel may not support PB
     nsCOMPtr<nsIPrivateBrowsingChannel> pbChannel = do_QueryObject(mChannel);
     if (pbChannel) {
       pbChannel->SetPrivate(mPBOverride == kPBOverride_Private ? true : false);
     }
   }
 
+  MOZ_ASSERT(!mBgParent);
+  MOZ_ASSERT(mPromise.IsEmpty());
+  // Waiting for background channel
+  RefPtr<GenericPromise> promise = WaitForBgParent();
+  RefPtr<HttpChannelParent> self = this;
+  promise->Then(AbstractThread::MainThread(), __func__,
+                [self]() {
+                  self->mRequest.Complete();
+                },
+                [self](const nsresult& aResult) {
+                  NS_ERROR("failed to establish the background channel");
+                  self->mRequest.Complete();
+                })
+         ->Track(mRequest);
   return true;
 }
 
 mozilla::ipc::IPCResult
 HttpChannelParent::RecvSetPriority(const int16_t& priority)
 {
   LOG(("HttpChannelParent::RecvSetPriority [this=%p, priority=%d]\n",
        this, priority));
@@ -798,50 +981,123 @@ HttpChannelParent::RecvRedirect2Verify(c
       nsCOMPtr<nsIApplicationCacheChannel> appCacheChannel =
         do_QueryInterface(newHttpChannel);
       if (appCacheChannel) {
         appCacheChannel->SetChooseApplicationCache(aChooseAppcache);
       }
     }
   }
 
+  // Continue the verification procedure if child has veto the redirection.
+  if (NS_FAILED(result)) {
+    ContinueRedirect2Verify(result);
+    return IPC_OK();
+  }
+
+  // Wait for background channel ready on target channel
+  nsCOMPtr<nsIRedirectChannelRegistrar> redirectReg =
+    do_GetService(NS_REDIRECTCHANNELREGISTRAR_CONTRACTID);
+  MOZ_ASSERT(redirectReg);
+
+  nsCOMPtr<nsIParentChannel> redirectParentChannel;
+  rv = redirectReg->GetParentChannel(mRedirectRegistrarId,
+                                     getter_AddRefs(redirectParentChannel));
+  MOZ_ASSERT(redirectParentChannel);
+  if (!redirectParentChannel) {
+    ContinueRedirect2Verify(rv);
+    return IPC_OK();
+  }
+
+  nsCOMPtr<nsIParentRedirectingChannel> redirectedParent =
+    do_QueryInterface(redirectParentChannel);
+  if (!redirectedParent) {
+    // Continue verification procedure if redirecting to non-Http protocol
+    ContinueRedirect2Verify(result);
+    return IPC_OK();
+  }
+
+  // Ask redirected channel if verification can proceed.
+  // ContinueRedirect2Verify will be invoked when redirected channel is ready.
+  redirectedParent->ContinueVerification(this);
+
+  return IPC_OK();
+}
+
+// from nsIParentRedirectingChannel
+NS_IMETHODIMP
+HttpChannelParent::ContinueVerification(nsIAsyncVerifyRedirectReadyCallback* aCallback)
+{
+  LOG(("HttpChannelParent::ContinueVerification [this=%p callback=%p]\n",
+       this, aCallback));
+
+  MOZ_ASSERT(NS_IsMainThread());
+  MOZ_ASSERT(aCallback);
+
+  // Continue the verification procedure if background channel is ready.
+  if (mBgParent) {
+    aCallback->ReadyToVerify(NS_OK);
+    return NS_OK;
+  }
+
+  // ConnectChannel must be received before Redirect2Verify.
+  MOZ_ASSERT(!mPromise.IsEmpty());
+
+  // Otherwise, wait for the background channel.
+  RefPtr<GenericPromise> promise = WaitForBgParent();
+  nsCOMPtr<nsIAsyncVerifyRedirectReadyCallback> callback = aCallback;
+  promise->Then(AbstractThread::MainThread(), __func__,
+                [callback]() {
+                  callback->ReadyToVerify(NS_OK);
+                },
+                [callback](const nsresult& aResult) {
+                  NS_ERROR("failed to establish the background channel");
+                  callback->ReadyToVerify(aResult);
+                });
+  return NS_OK;
+}
+
+void
+HttpChannelParent::ContinueRedirect2Verify(const nsresult& aResult)
+{
+  LOG(("HttpChannelParent::ContinueRedirect2Verify [this=%p result=%" PRIx32 "]\n",
+       this, static_cast<uint32_t>(aResult)));
+
   if (!mRedirectCallback) {
     // This should according the logic never happen, log the situation.
     if (mReceivedRedirect2Verify)
       LOG(("RecvRedirect2Verify[%p]: Duplicate fire", this));
     if (mSentRedirect1BeginFailed)
       LOG(("RecvRedirect2Verify[%p]: Send to child failed", this));
-    if (mSentRedirect1Begin && NS_FAILED(result))
+    if ((mRedirectRegistrarId > 0) && NS_FAILED(aResult))
       LOG(("RecvRedirect2Verify[%p]: Redirect failed", this));
-    if (mSentRedirect1Begin && NS_SUCCEEDED(result))
+    if ((mRedirectRegistrarId > 0) && NS_SUCCEEDED(aResult))
       LOG(("RecvRedirect2Verify[%p]: Redirect succeeded", this));
     if (!mRedirectChannel)
       LOG(("RecvRedirect2Verify[%p]: Missing redirect channel", this));
 
     NS_ERROR("Unexpcted call to HttpChannelParent::RecvRedirect2Verify, "
              "mRedirectCallback null");
   }
 
   mReceivedRedirect2Verify = true;
 
   if (mRedirectCallback) {
-    LOG(("HttpChannelParent::RecvRedirect2Verify call OnRedirectVerifyCallback"
+    LOG(("HttpChannelParent::ContinueRedirect2Verify call OnRedirectVerifyCallback"
          " [this=%p result=%" PRIx32 ", mRedirectCallback=%p]\n",
-         this, static_cast<uint32_t>(result), mRedirectCallback.get()));
-    mRedirectCallback->OnRedirectVerifyCallback(result);
+         this, static_cast<uint32_t>(aResult), mRedirectCallback.get()));
+    mRedirectCallback->OnRedirectVerifyCallback(aResult);
     mRedirectCallback = nullptr;
   }
-
-  return IPC_OK();
 }
 
 mozilla::ipc::IPCResult
 HttpChannelParent::RecvDocumentChannelCleanup()
 {
   // From now on only using mAssociatedContentSecurity.  Free everything else.
+  CleanupBackgroundChannel(); // Background channel can be closed.
   mChannel = nullptr;          // Reclaim some memory sooner.
   mCacheEntry = nullptr;  // Else we'll block other channels reading same URI
   return IPC_OK();
 }
 
 mozilla::ipc::IPCResult
 HttpChannelParent::RecvMarkOfflineCacheEntryAsForeign()
 {
@@ -1123,16 +1379,17 @@ HttpChannelParent::RecvRemoveCorsPreflig
 // HttpChannelParent::nsIRequestObserver
 //-----------------------------------------------------------------------------
 
 NS_IMETHODIMP
 HttpChannelParent::OnStartRequest(nsIRequest *aRequest, nsISupports *aContext)
 {
   LOG(("HttpChannelParent::OnStartRequest [this=%p, aRequest=%p]\n",
        this, aRequest));
+  MOZ_ASSERT(NS_IsMainThread());
 
   MOZ_RELEASE_ASSERT(!mDivertingFromChild,
     "Cannot call OnStartRequest if diverting is set!");
 
   RefPtr<nsHttpChannel> chan = do_QueryObject(aRequest);
   if (!chan) {
     LOG(("  aRequest is not nsHttpChannel"));
     NS_ERROR("Expecting only nsHttpChannel as aRequest in HttpChannelParent::OnStartRequest");
@@ -1231,26 +1488,38 @@ HttpChannelParent::OnStartRequest(nsIReq
                           redirectCount,
                           cacheKeyValue,
                           altDataType,
                           altDataLen))
   {
     rv = NS_ERROR_UNEXPECTED;
   }
   requestHead->Exit();
+
+  // OnStartRequest is sent to content process successfully.
+  // Notify PHttpBackgroundChannelChild that all following IPC mesasges
+  // should be run after OnStartRequest is handled.
+  if (NS_SUCCEEDED(rv)) {
+    MOZ_ASSERT(mBgParent);
+    if (!mBgParent->OnStartRequestSent()) {
+      rv = NS_ERROR_UNEXPECTED;
+    }
+  }
+
   return rv;
 }
 
 NS_IMETHODIMP
 HttpChannelParent::OnStopRequest(nsIRequest *aRequest,
                                  nsISupports *aContext,
                                  nsresult aStatusCode)
 {
   LOG(("HttpChannelParent::OnStopRequest: [this=%p aRequest=%p status=%" PRIx32 "]\n",
        this, aRequest, static_cast<uint32_t>(aStatusCode)));
+  MOZ_ASSERT(NS_IsMainThread());
 
   MOZ_RELEASE_ASSERT(!mDivertingFromChild,
     "Cannot call OnStopRequest if diverting is set!");
   ResourceTimingStruct timing;
   mChannel->GetDomainLookupStart(&timing.domainLookupStart);
   mChannel->GetDomainLookupEnd(&timing.domainLookupEnd);
   mChannel->GetConnectStart(&timing.connectStart);
   mChannel->GetConnectEnd(&timing.connectEnd);
@@ -1264,34 +1533,42 @@ HttpChannelParent::OnStopRequest(nsIRequ
   mChannel->GetEncodedBodySize(&timing.encodedBodySize);
   // decodedBodySize can be computed in the child process so it doesn't need
   // to be passed down.
   mChannel->GetProtocolVersion(timing.protocolVersion);
 
   mChannel->GetCacheReadStart(&timing.cacheReadStart);
   mChannel->GetCacheReadEnd(&timing.cacheReadEnd);
 
-  if (mIPCClosed || !SendOnStopRequest(aStatusCode, timing))
+  // Either IPC channel is closed or background channel
+  // is ready to send OnStopRequest.
+  MOZ_ASSERT(mIPCClosed || mBgParent);
+
+  if (mIPCClosed ||
+      !mBgParent || !mBgParent->OnStopRequest(aStatusCode, timing)) {
     return NS_ERROR_UNEXPECTED;
+  }
+
   return NS_OK;
 }
 
 //-----------------------------------------------------------------------------
 // HttpChannelParent::nsIStreamListener
 //-----------------------------------------------------------------------------
 
 NS_IMETHODIMP
 HttpChannelParent::OnDataAvailable(nsIRequest *aRequest,
                                    nsISupports *aContext,
                                    nsIInputStream *aInputStream,
                                    uint64_t aOffset,
                                    uint32_t aCount)
 {
-  LOG(("HttpChannelParent::OnDataAvailable [this=%p aRequest=%p]\n",
-       this, aRequest));
+  LOG(("HttpChannelParent::OnDataAvailable [this=%p aRequest=%p offset=%" PRIu64
+       " count=%" PRIu32 "]\n", this, aRequest, aOffset, aCount));
+  MOZ_ASSERT(NS_IsMainThread());
 
   MOZ_RELEASE_ASSERT(!mDivertingFromChild,
     "Cannot call OnDataAvailable if diverting is set!");
 
   nsresult channelStatus = NS_OK;
   mChannel->GetStatus(&channelStatus);
 
   nsresult transportStatus =
@@ -1308,18 +1585,23 @@ HttpChannelParent::OnDataAvailable(nsIRe
   }
 
   while (aCount) {
     nsresult rv = NS_ReadInputStreamToString(aInputStream, data, toRead);
     if (NS_FAILED(rv)) {
       return rv;
     }
 
-    if (mIPCClosed || !SendOnTransportAndData(channelStatus, transportStatus,
-                                              aOffset, toRead, data)) {
+    // Either IPC channel is closed or background channel
+    // is ready to send OnTransportAndData.
+    MOZ_ASSERT(mIPCClosed || mBgParent);
+
+    if (mIPCClosed || !mBgParent ||
+        !mBgParent->OnTransportAndData(channelStatus, transportStatus,
+                                       aOffset, toRead, data)) {
       return NS_ERROR_UNEXPECTED;
     }
 
     aOffset += toRead;
     aCount -= toRead;
     toRead = std::min<uint32_t>(aCount, kCopyChunkSize);
   }
 
@@ -1331,50 +1613,67 @@ HttpChannelParent::OnDataAvailable(nsIRe
 //-----------------------------------------------------------------------------
 
 NS_IMETHODIMP
 HttpChannelParent::OnProgress(nsIRequest *aRequest,
                               nsISupports *aContext,
                               int64_t aProgress,
                               int64_t aProgressMax)
 {
+  LOG(("HttpChannelParent::OnStatus [this=%p progress=%" PRId64 "max=%" PRId64
+       "]\n", this, aProgress, aProgressMax));
+  MOZ_ASSERT(NS_IsMainThread());
+
   // If it indicates this precedes OnDataAvailable, child can derive the value in ODA.
   if (mIgnoreProgress) {
     mIgnoreProgress = false;
     return NS_OK;
   }
 
+  // Either IPC channel is closed or background channel
+  // is ready to send OnProgress.
+  MOZ_ASSERT(mIPCClosed || mBgParent);
+
   // Send OnProgress events to the child for data upload progress notifications
   // (i.e. status == NS_NET_STATUS_SENDING_TO) or if the channel has
   // LOAD_BACKGROUND set.
-  if (mIPCClosed || !SendOnProgress(aProgress, aProgressMax)) {
+  if (mIPCClosed || !mBgParent
+      || !mBgParent->OnProgress(aProgress, aProgressMax)) {
     return NS_ERROR_UNEXPECTED;
   }
 
   return NS_OK;
 }
 
 NS_IMETHODIMP
 HttpChannelParent::OnStatus(nsIRequest *aRequest,
                             nsISupports *aContext,
                             nsresult aStatus,
                             const char16_t *aStatusArg)
 {
+  LOG(("HttpChannelParent::OnStatus [this=%p status=%" PRIx32 "]\n",
+       this, static_cast<uint32_t>(aStatus)));
+  MOZ_ASSERT(NS_IsMainThread());
+
   // If this precedes OnDataAvailable, transportStatus will be derived in ODA.
   if (aStatus == NS_NET_STATUS_RECEIVING_FROM ||
       aStatus == NS_NET_STATUS_READING) {
     // The transport status and progress generated by ODA will be coalesced
     // into one IPC message. Therefore, we can ignore the next OnProgress event
     // since it is generated by ODA as well.
     mIgnoreProgress = true;
     return NS_OK;
   }
 
+  // Either IPC channel is closed or background channel
+  // is ready to send OnStatus.
+  MOZ_ASSERT(mIPCClosed || mBgParent);
+
   // Otherwise, send to child now
-  if (mIPCClosed || !SendOnStatus(aStatus)) {
+  if (mIPCClosed || !mBgParent || !mBgParent->OnStatus(aStatus)) {
     return NS_ERROR_UNEXPECTED;
   }
 
   return NS_OK;
 }
 
 //-----------------------------------------------------------------------------
 // HttpChannelParent::nsIParentChannel
@@ -1391,42 +1690,45 @@ HttpChannelParent::SetParentListener(Htt
                                "mParentListener is null.");
   mParentListener = aListener;
   return NS_OK;
 }
 
 NS_IMETHODIMP
 HttpChannelParent::NotifyTrackingProtectionDisabled()
 {
-  if (!mIPCClosed)
-    Unused << SendNotifyTrackingProtectionDisabled();
+  LOG(("HttpChannelParent::NotifyTrackingProtectionDisabled [this=%p]\n", this));
+  if (!mIPCClosed) {
+    MOZ_ASSERT(mBgParent);
+    Unused << mBgParent->OnNotifyTrackingProtectionDisabled();
+  }
   return NS_OK;
 }
 
 NS_IMETHODIMP
 HttpChannelParent::SetClassifierMatchedInfo(const nsACString& aList,
                                             const nsACString& aProvider,
                                             const nsACString& aPrefix)
 {
+  LOG(("HttpChannelParent::SetClassifierMatchedInfo [this=%p]\n", this));
   if (!mIPCClosed) {
-    ClassifierInfo info;
-    info.list() = aList;
-    info.prefix() = aPrefix;
-    info.provider() = aProvider;
-
-    Unused << SendSetClassifierMatchedInfo(info);
+    MOZ_ASSERT(mBgParent);
+    Unused << mBgParent->OnSetClassifierMatchedInfo(aList, aProvider, aPrefix);
   }
   return NS_OK;
 }
 
 NS_IMETHODIMP
 HttpChannelParent::NotifyTrackingResource()
 {
-  if (!mIPCClosed)
-    Unused << SendNotifyTrackingResource();
+  LOG(("HttpChannelParent::NotifyTrackingResource [this=%p]\n", this));
+  if (!mIPCClosed) {
+    MOZ_ASSERT(mBgParent);
+    Unused << mBgParent->OnNotifyTrackingResource();
+  }
   return NS_OK;
 }
 
 NS_IMETHODIMP
 HttpChannelParent::Delete()
 {
   if (!mIPCClosed)
     Unused << DoSendDeleteSelf();
@@ -1482,17 +1784,19 @@ HttpChannelParent::StartRedirect(uint32_
   }
   if (!result) {
     // Bug 621446 investigation
     mSentRedirect1BeginFailed = true;
     return NS_BINDING_ABORTED;
   }
 
   // Bug 621446 investigation
-  mSentRedirect1Begin = true;
+  // Store registrar Id of the new channel to find the redirect
+  // HttpChannelParent later in verification phase.
+  mRedirectRegistrarId = registrarId;
 
   // Result is handled in RecvRedirect2Verify above
 
   mRedirectChannel = newChannel;
   mRedirectCallback = callback;
   return NS_OK;
 }
 
@@ -1699,24 +2003,21 @@ HttpChannelParent::StartDiversion()
     mDivertListener = converterListener.forget();
   }
 
   // Now mParentListener can be diverted to mDivertListener.
   DebugOnly<nsresult> rvdbg = mParentListener->DivertTo(mDivertListener);
   MOZ_ASSERT(NS_SUCCEEDED(rvdbg));
   mDivertListener = nullptr;
 
-  if (NS_WARN_IF(mIPCClosed || !SendFlushedForDiversion())) {
-    FailDiversion(NS_ERROR_UNEXPECTED);
-    return;
-  }
+  // Either IPC channel is closed or background channel
+  // is ready to send FlushedForDiversion and DivertMessages.
+  MOZ_ASSERT(mIPCClosed || mBgParent);
 
-  // The listener chain should now be setup; tell HttpChannelChild to divert
-  // the OnDataAvailables and OnStopRequest to this HttpChannelParent.
-  if (NS_WARN_IF(mIPCClosed || !SendDivertMessages())) {
+  if (NS_WARN_IF(mIPCClosed || !mBgParent || !mBgParent->OnDiversion())) {
     FailDiversion(NS_ERROR_UNEXPECTED);
     return;
   }
 }
 
 class HTTPFailDiversionEvent : public Runnable
 {
 public:
@@ -1784,22 +2085,26 @@ HttpChannelParent::NotifyDiversionFailed
     mParentListener->OnStartRequest(mChannel, nullptr);
     mChannel->ForcePending(false);
   }
   // If the channel is pending, it will call OnStopRequest itself; otherwise, do
   // it here.
   if (!isPending) {
     mParentListener->OnStopRequest(mChannel, nullptr, aErrorCode);
   }
-  mParentListener = nullptr;
-  mChannel = nullptr;
 
   if (!mIPCClosed) {
     Unused << DoSendDeleteSelf();
   }
+
+  // DoSendDeleteSelf will need channel Id to remove the strong reference in
+  // BackgroundChannelRegistrar if channel pairing is aborted.
+  // Thus we need to keep mChannel until DoSendDeleteSelf is done.
+  mParentListener = nullptr;
+  mChannel = nullptr;
 }
 
 nsresult
 HttpChannelParent::OpenAlternativeOutputStream(const nsACString & type, nsIOutputStream * *_retval)
 {
   // We need to make sure the child does not call SendDocumentChannelCleanup()
   // before opening the altOutputStream, because that clears mCacheEntry.
   if (!mCacheEntry) {
@@ -1832,16 +2137,19 @@ HttpChannelParent::UpdateAndSerializeSec
   }
 }
 
 bool
 HttpChannelParent::DoSendDeleteSelf()
 {
   bool rv = SendDeleteSelf();
   mIPCClosed = true;
+
+  CleanupBackgroundChannel();
+
   return rv;
 }
 
 mozilla::ipc::IPCResult
 HttpChannelParent::RecvDeletingChannel()
 {
   // We need to ensure that the parent channel will not be sending any more IPC
   // messages after this, as the child is going away. DoSendDeleteSelf will
@@ -1882,16 +2190,32 @@ HttpChannelParent::ReportSecurityMessage
 
 NS_IMETHODIMP
 HttpChannelParent::IssueWarning(uint32_t aWarning, bool aAsError)
 {
   Unused << SendIssueDeprecationWarning(aWarning, aAsError);
   return NS_OK;
 }
 
+//-----------------------------------------------------------------------------
+// nsIAsyncVerifyRedirectReadyCallback
+//-----------------------------------------------------------------------------
+
+NS_IMETHODIMP
+HttpChannelParent::ReadyToVerify(nsresult aResult)
+{
+  LOG(("HttpChannelParent::RecvRedirect2Verify [this=%p result=%" PRIx32 "]\n",
+       this, static_cast<uint32_t>(aResult)));
+  MOZ_ASSERT(NS_IsMainThread());
+
+  ContinueRedirect2Verify(aResult);
+
+  return NS_OK;
+}
+
 void
 HttpChannelParent::DoSendSetPriority(int16_t aValue)
 {
   if (!mIPCClosed) {
     Unused << SendSetPriority(aValue);
   }
 }
 
--- a/netwerk/protocol/http/HttpChannelParent.h
+++ b/netwerk/protocol/http/HttpChannelParent.h
@@ -8,16 +8,17 @@
 #ifndef mozilla_net_HttpChannelParent_h
 #define mozilla_net_HttpChannelParent_h
 
 #include "ADivertableParentChannel.h"
 #include "nsHttp.h"
 #include "mozilla/net/PHttpChannelParent.h"
 #include "mozilla/net/NeckoCommon.h"
 #include "mozilla/net/NeckoParent.h"
+#include "mozilla/MozPromise.h"
 #include "nsIObserver.h"
 #include "nsIParentRedirectingChannel.h"
 #include "nsIProgressEventSink.h"
 #include "nsHttpChannel.h"
 #include "nsIAuthPromptProvider.h"
 #include "mozilla/dom/ipc/IdType.h"
 #include "nsIDeprecationWarner.h"
 
@@ -32,44 +33,47 @@ namespace mozilla {
 
 namespace dom{
 class TabParent;
 class PBrowserOrId;
 } // namespace dom
 
 namespace net {
 
+class HttpBackgroundChannelParent;
 class HttpChannelParentListener;
 class ChannelEventQueue;
 
 // Note: nsIInterfaceRequestor must be the first base so that do_QueryObject()
 // works correctly on this object, as it's needed to compute a void* pointing to
 // the beginning of this object.
 
 class HttpChannelParent final : public nsIInterfaceRequestor
                               , public PHttpChannelParent
                               , public nsIParentRedirectingChannel
                               , public nsIProgressEventSink
                               , public ADivertableParentChannel
                               , public nsIAuthPromptProvider
                               , public nsIDeprecationWarner
                               , public HttpChannelSecurityWarningReporter
+                              , public nsIAsyncVerifyRedirectReadyCallback
 {
   virtual ~HttpChannelParent();
 
 public:
   NS_DECL_ISUPPORTS
   NS_DECL_NSIREQUESTOBSERVER
   NS_DECL_NSISTREAMLISTENER
   NS_DECL_NSIPARENTCHANNEL
   NS_DECL_NSIPARENTREDIRECTINGCHANNEL
   NS_DECL_NSIPROGRESSEVENTSINK
   NS_DECL_NSIINTERFACEREQUESTOR
   NS_DECL_NSIAUTHPROMPTPROVIDER
   NS_DECL_NSIDEPRECATIONWARNER
+  NS_DECL_NSIASYNCVERIFYREDIRECTREADYCALLBACK
 
   NS_DECLARE_STATIC_IID_ACCESSOR(HTTP_CHANNEL_PARENT_IID)
 
   HttpChannelParent(const dom::PBrowserOrId& iframeEmbedding,
                     nsILoadContext* aLoadContext,
                     PBOverrideStatus aStatus);
 
   MOZ_MUST_USE bool Init(const HttpChannelCreationArgs& aOpenArgs);
@@ -94,20 +98,32 @@ public:
     if (mChannel) {
       mChannel->SetApplyConversion(aApplyConversion);
     }
   }
 
   MOZ_MUST_USE nsresult OpenAlternativeOutputStream(const nsACString & type,
                                                     nsIOutputStream * *_retval);
 
+  // Callbacks for each asynchronous tasks required in AsyncOpen
+  // procedure, will call InvokeAsyncOpen when all the expected
+  // tasks is finished successfully or when any failure happened.
+  // @see mAsyncOpenBarrier.
+  void TryInvokeAsyncOpen(nsresult aRv);
+
   void InvokeAsyncOpen(nsresult rv);
 
   // Calls SendSetPriority if mIPCClosed is false.
   void DoSendSetPriority(int16_t aValue);
+
+  // Callback while background channel is ready.
+  void OnBackgroundParentReady(HttpBackgroundChannelParent* aBgParent);
+  // Callback while background channel is destroyed.
+  void OnBackgroundParentDestroyed();
+
 protected:
   // used to connect redirected-to channel in parent with just created
   // ChildChannel.  Used during redirects.
   MOZ_MUST_USE bool ConnectChannel(const uint32_t& channelId,
                                    const bool& shouldIntercept);
 
   MOZ_MUST_USE bool
   DoAsyncOpen(const URIParams&           uri,
@@ -212,16 +228,36 @@ private:
   void DivertOnDataAvailable(const nsCString& data,
                              const uint64_t& offset,
                              const uint32_t& count);
   void DivertOnStopRequest(const nsresult& statusCode);
   void DivertComplete();
   void MaybeFlushPendingDiversion();
   void ResponseSynthesized();
 
+  // final step for Redirect2Verify procedure, will be invoked while both
+  // redirecting and redirected channel are ready or any error happened.
+  // OnRedirectVerifyCallback will be invoked for finishing the async
+  // redirect verification procedure.
+  void ContinueRedirect2Verify(const nsresult& aResult);
+
+  void AsyncOpenFailed(nsresult aRv);
+
+  // Request to pair with a HttpBackgroundChannelParent with the same channel
+  // id, a promise will be returned so the caller can append callbacks on it.
+  // If called multiple times before mBgParent is available, the same promise
+  // will be returned and the callbacks will be invoked in order.
+  already_AddRefed<GenericPromise> WaitForBgParent();
+
+  // Remove the association with background channel after main-thread IPC
+  // is about to be destroyed or no further event is going to be sent, i.e.,
+  // DocumentChannelCleanup.
+  void CleanupBackgroundChannel();
+
+  friend class HttpBackgroundChannelParent;
   friend class DivertDataAvailableEvent;
   friend class DivertStopRequestEvent;
   friend class DivertCompleteEvent;
 
   RefPtr<nsHttpChannel>       mChannel;
   nsCOMPtr<nsICacheEntry>       mCacheEntry;
   nsCOMPtr<nsIAssociatedContentSecurity>  mAssociatedContentSecurity;
   bool mIPCClosed;                // PHttpChannel actor has been Closed()
@@ -231,17 +267,16 @@ private:
 
   nsAutoPtr<class nsHttpChannel::OfflineCacheEntryAsForeignMarker> mOfflineForeignMarker;
 
   // OnStatus is always called before OnProgress.
   // Set true in OnStatus if next OnProgress can be ignored
   // since the information can be recontructed from ODA.
   bool mIgnoreProgress              : 1;
 
-  bool mSentRedirect1Begin          : 1;
   bool mSentRedirect1BeginFailed    : 1;
   bool mReceivedRedirect2Verify     : 1;
 
   PBOverrideStatus mPBOverride;
 
   nsCOMPtr<nsILoadContext> mLoadContext;
   RefPtr<nsHttpHandler>  mHttpHandler;
 
@@ -267,16 +302,30 @@ private:
   // Set if this channel should be suspended after synthesizing a response.
   bool mSuspendAfterSynthesizeResponse;
   // Set if this channel will synthesize its response.
   bool mWillSynthesizeResponse;
 
   dom::TabId mNestedFrameId;
 
   RefPtr<ChannelEventQueue> mEventQ;
+
+  RefPtr<HttpBackgroundChannelParent> mBgParent;
+
+  // Number of events to wait before actually invoking AsyncOpen on the main
+  // channel. For each asynchronous step required before InvokeAsyncOpen, should
+  // increase 1 to mAsyncOpenBarrier and invoke TryInvokeAsyncOpen after
+  // finished. This attribute is main thread only.
+  uint8_t mAsyncOpenBarrier = 0;
+
+  // Corresponding redirect channel registrar Id. 0 means redirection is not started.
+  uint32_t mRedirectRegistrarId = 0;
+
+  MozPromiseHolder<GenericPromise> mPromise;
+  MozPromiseRequestHolder<GenericPromise> mRequest;
 };
 
 NS_DEFINE_STATIC_IID_ACCESSOR(HttpChannelParent,
                               HTTP_CHANNEL_PARENT_IID)
 
 } // namespace net
 } // namespace mozilla
 
--- a/netwerk/protocol/http/HttpChannelParentListener.cpp
+++ b/netwerk/protocol/http/HttpChannelParentListener.cpp
@@ -11,16 +11,17 @@
 #include "mozilla/net/HttpChannelParent.h"
 #include "mozilla/Unused.h"
 #include "nsIAuthPrompt.h"
 #include "nsIAuthPrompt2.h"
 #include "nsIHttpEventSink.h"
 #include "nsIHttpHeaderVisitor.h"
 #include "nsIRedirectChannelRegistrar.h"
 #include "nsIPromptFactory.h"
+#include "nsIWindowWatcher.h"
 #include "nsQueryObject.h"
 
 using mozilla::Unused;
 
 namespace mozilla {
 namespace net {
 
 HttpChannelParentListener::HttpChannelParentListener(HttpChannelParent* aInitialChannel)
new file mode 100644
--- /dev/null
+++ b/netwerk/protocol/http/PHttpBackgroundChannel.ipdl
@@ -0,0 +1,68 @@
+/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
+/* vim: set sw=2 ts=8 et tw=80 ft=cpp : */
+
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+include protocol PBackground;
+include NeckoChannelParams;
+include PURLClassifierInfo;
+
+include "mozilla/net/NeckoMessageUtils.h";
+
+using struct mozilla::net::ResourceTimingStruct from "mozilla/net/TimingStruct.h";
+
+namespace mozilla {
+namespace net {
+
+//-------------------------------------------------------------------
+async protocol PHttpBackgroundChannel
+{
+  manager PBackground;
+
+child:
+  // OnStartRequest is sent over main thread IPC. The following
+  // OnTransportAndData/OnStopRequest/OnProgress/OnStatus/FlushForDiversion/
+  // DivertMessages needs to wait in content process until OnStartRequest
+  // is processed. For synchronizing the event sequence.
+  async OnStartRequestSent();
+
+  // Combines a single OnDataAvailable and its associated OnProgress &
+  // OnStatus calls into one IPDL message
+  async OnTransportAndData(nsresult  channelStatus,
+                           nsresult  transportStatus,
+                           uint64_t  offset,
+                           uint32_t  count,
+                           nsCString data);
+
+  async OnStopRequest(nsresult channelStatus, ResourceTimingStruct timing);
+
+  async OnProgress(int64_t progress, int64_t progressMax);
+
+  async OnStatus(nsresult status);
+
+  // Parent has been suspended for diversion; no more events to be enqueued.
+  async FlushedForDiversion();
+
+  // Child should resume processing the ChannelEventQueue, i.e. diverting any
+  // OnDataAvailable and OnStopRequest messages in the queue back to the parent.
+  async DivertMessages();
+
+  // Tell the child that tracking protection was disabled for this load.
+  async NotifyTrackingProtectionDisabled();
+
+  // Tell the child that the resource being loaded is on the tracking
+  // protection list.
+  async NotifyTrackingResource();
+
+  // Tell the child information of matched URL againts SafeBrowsing list
+  async SetClassifierMatchedInfo(ClassifierInfo info);
+
+  async __delete__();
+
+};
+
+
+} // namespace net
+} // namespace mozilla
--- a/netwerk/protocol/http/PHttpChannel.ipdl
+++ b/netwerk/protocol/http/PHttpChannel.ipdl
@@ -5,17 +5,16 @@
  * License, v. 2.0. If a copy of the MPL was not distributed with this
  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
 
 include protocol PNecko;
 include InputStreamParams;
 include URIParams;
 include PBackgroundSharedTypes;
 include NeckoChannelParams;
-include PURLClassifierInfo;
 
 include "mozilla/net/NeckoMessageUtils.h";
 
 using class nsHttpHeaderArray from "nsHttpHeaderArray.h";
 using mozilla::net::NetAddr from "mozilla/net/DNS.h";
 using struct mozilla::net::ResourceTimingStruct from "mozilla/net/TimingStruct.h";
 
 namespace mozilla {
@@ -104,30 +103,16 @@ child:
                        nsCString           securityInfoSerialization,
                        NetAddr             selfAddr,
                        NetAddr             peerAddr,
                        int16_t             redirectCount,
                        uint32_t            cacheKey,
                        nsCString           altDataType,
                        int64_t             altDataLength);
 
-  // Combines a single OnDataAvailable and its associated OnProgress &
-  // OnStatus calls into one IPDL message
-  async OnTransportAndData(nsresult  channelStatus,
-                           nsresult  transportStatus,
-                           uint64_t  offset,
-                           uint32_t  count,
-                           nsCString data);
-
-  async OnStopRequest(nsresult channelStatus, ResourceTimingStruct timing);
-
-  async OnProgress(int64_t progress, int64_t progressMax);
-
-  async OnStatus(nsresult status);
-
   // Used to cancel child channel if we hit errors during creating and
   // AsyncOpen of nsHttpChannel on the parent.
   async FailedAsyncOpen(nsresult status);
 
   // Called to initiate content channel redirect, starts talking to sinks
   // on the content process and reports result via Redirect2Verify above
   async Redirect1Begin(uint32_t           registrarId,
                        URIParams          newUri,
@@ -139,44 +124,27 @@ child:
 
   // Called if redirect successful so that child can complete setup.
   async Redirect3Complete();
 
   // Associate the child with an application ids
   async AssociateApplicationCache(nsCString groupID,
                                   nsCString clientID);
 
-  // Tell the child that tracking protection was disabled for this load.
-  async NotifyTrackingProtectionDisabled();
-
-  // Tell the child that the resource being loaded is on the tracking
-  // protection list.
-  async NotifyTrackingResource();
-
-  // Parent has been suspended for diversion; no more events to be enqueued.
-  async FlushedForDiversion();
-
-  // Child should resume processing the ChannelEventQueue, i.e. diverting any
-  // OnDataAvailable and OnStopRequest messages in the queue back to the parent.
-  async DivertMessages();
-
   // Report a security message to the console associated with this
   // channel.
   async ReportSecurityMessage(nsString messageTag, nsString messageCategory);
 
   // Tell child to delete channel (all IPDL deletes must be done from child to
   // avoid races: see bug 591708).
   async DeleteSelf();
 
   // Tell the child to issue a deprecation warning.
   async IssueDeprecationWarning(uint32_t warning, bool asError);
 
-  // Tell the child information of matched URL againts SafeBrowsing list
-  async SetClassifierMatchedInfo(ClassifierInfo info);
-
 both:
   // After receiving this message, the parent also calls
   // SendFinishInterceptedRedirect, and makes sure not to send any more messages
   // after that. When receiving this message, the child will call
   // Send__delete__() and complete the steps required to finish the redirect.
   async FinishInterceptedRedirect();
 
   async SetPriority(int16_t priority);
--- a/netwerk/protocol/http/moz.build
+++ b/netwerk/protocol/http/moz.build
@@ -3,16 +3,17 @@
 # This Source Code Form is subject to the terms of the Mozilla Public
 # License, v. 2.0. If a copy of the MPL was not distributed with this
 # file, You can obtain one at http://mozilla.org/MPL/2.0/.
 
 with Files('**'):
     BUG_COMPONENT = ('Core', 'Networking: HTTP')
 
 XPIDL_SOURCES += [
+    'nsIBackgroundChannelRegistrar.idl',
     'nsIHstsPrimingCallback.idl',
     'nsIHttpActivityObserver.idl',
     'nsIHttpAuthenticableChannel.idl',
     'nsIHttpAuthenticator.idl',
     'nsIHttpAuthManager.idl',
     'nsIHttpChannel.idl',
     'nsIHttpChannelAuthProvider.idl',
     'nsIHttpChannelChild.idl',
@@ -34,16 +35,18 @@ EXPORTS += [
     'nsHttpRequestHead.h',
     'nsHttpResponseHead.h',
 ]
 
 EXPORTS.mozilla.net += [
     'AltDataOutputStreamChild.h',
     'AltDataOutputStreamParent.h',
     'HttpAuthUtils.h',
+    'HttpBackgroundChannelChild.h',
+    'HttpBackgroundChannelParent.h',
     'HttpBaseChannel.h',
     'HttpChannelChild.h',
     'HttpChannelParent.h',
     'HttpInfo.h',
     'NullHttpChannel.h',
     'PHttpChannelParams.h',
     'PSpdyPush.h',
     'TimingStruct.h',
@@ -53,24 +56,27 @@ SOURCES += [
     'nsHttpChannelAuthProvider.cpp', # redefines GetAuthType
 ]
 
 UNIFIED_SOURCES += [
     'AltDataOutputStreamChild.cpp',
     'AltDataOutputStreamParent.cpp',
     'AlternateServices.cpp',
     'ASpdySession.cpp',
+    'BackgroundChannelRegistrar.cpp',
     'CacheControlParser.cpp',
     'ConnectionDiagnostics.cpp',
     'HSTSPrimerListener.cpp',
     'Http2Compression.cpp',
     'Http2Push.cpp',
     'Http2Session.cpp',
     'Http2Stream.cpp',
     'HttpAuthUtils.cpp',
+    'HttpBackgroundChannelChild.cpp',
+    'HttpBackgroundChannelParent.cpp',
     'HttpBaseChannel.cpp',
     'HttpChannelChild.cpp',
     'HttpChannelParent.cpp',
     'HttpChannelParentListener.cpp',
     'HttpInfo.cpp',
     'InterceptedChannel.cpp',
     'nsCORSListenerProxy.cpp',
     'nsHttp.cpp',
@@ -96,16 +102,17 @@ UNIFIED_SOURCES += [
 
 # These files cannot be built in unified mode because of OS X headers.
 SOURCES += [
     'nsHttpHandler.cpp',
 ]
 
 IPDL_SOURCES += [
     'PAltDataOutputStream.ipdl',
+    'PHttpBackgroundChannel.ipdl',
     'PHttpChannel.ipdl',
 ]
 
 EXTRA_JS_MODULES += [
     'UserAgentOverrides.jsm',
     'UserAgentUpdates.jsm',
 ]
 
--- a/netwerk/protocol/http/nsHttpChannel.cpp
+++ b/netwerk/protocol/http/nsHttpChannel.cpp
@@ -59,16 +59,17 @@
 #include "mozilla/Preferences.h"
 #include "nsISSLSocketControl.h"
 #include "sslt.h"
 #include "nsContentUtils.h"
 #include "nsContentSecurityManager.h"
 #include "nsIClassOfService.h"
 #include "nsIPermissionManager.h"
 #include "nsIPrincipal.h"
+#include "nsIScriptError.h"
 #include "nsIScriptSecurityManager.h"
 #include "nsISSLStatus.h"
 #include "nsISSLStatusProvider.h"
 #include "nsITransportSecurityInfo.h"
 #include "nsIWebProgressListener.h"
 #include "LoadContextInfo.h"
 #include "netCore.h"
 #include "nsHttpTransaction.h"
--- a/netwerk/protocol/http/nsHttpChunkedDecoder.cpp
+++ b/netwerk/protocol/http/nsHttpChunkedDecoder.cpp
@@ -1,20 +1,23 @@
 /* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- */
 /* This Source Code Form is subject to the terms of the Mozilla Public
  * License, v. 2.0. If a copy of the MPL was not distributed with this
  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
 
 // HttpLog.h should generally be included first
 #include "HttpLog.h"
+
 #include <errno.h>
 #include "nsHttpChunkedDecoder.h"
 #include <algorithm>
 #include "plstr.h"
 
+#include "mozilla/Unused.h"
+
 namespace mozilla {
 namespace net {
 
 //-----------------------------------------------------------------------------
 // nsHttpChunkedDecoder <public>
 //-----------------------------------------------------------------------------
 
 nsresult
--- a/netwerk/protocol/http/nsHttpConnectionMgr.cpp
+++ b/netwerk/protocol/http/nsHttpConnectionMgr.cpp
@@ -28,16 +28,17 @@
 #include "NullHttpTransaction.h"
 #include "nsIDNSRecord.h"
 #include "nsITransport.h"
 #include "nsInterfaceRequestorAgg.h"
 #include "nsIRequestContext.h"
 #include "nsISocketTransportService.h"
 #include <algorithm>
 #include "mozilla/ChaosMode.h"
+#include "mozilla/SizePrintfMacros.h"
 #include "mozilla/Unused.h"
 #include "nsIURI.h"
 
 #include "mozilla/Move.h"
 #include "mozilla/Telemetry.h"
 
 namespace mozilla {
 namespace net {
new file mode 100644
--- /dev/null
+++ b/netwerk/protocol/http/nsIBackgroundChannelRegistrar.idl
@@ -0,0 +1,63 @@
+/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
+/* vim: set ts=8 sts=2 et sw=2 tw=80: */
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include "nsISupports.idl"
+
+%{ C++
+namespace mozilla {
+namespace net {
+class HttpBackgroundChannelParent;
+class HttpChannelParent;
+}
+}
+%}
+
+[ptr] native HttpChannelParent(mozilla::net::HttpChannelParent);
+[ptr] native HttpBackgroundChannelParent(mozilla::net::HttpBackgroundChannelParent);
+
+/*
+ * Registrar for pairing HttpChannelParent and HttpBackgroundChannelParent via
+ * channel Id. HttpChannelParent::OnBackgroundParentReady and
+ * HttpBackgroundChannelParent::LinkToChannel will be invoked to notify the
+ * existence of associated channel object.
+ */
+[builtinclass, uuid(8acaa9b1-f0c4-4ade-baeb-39b0d4b96e5b)]
+interface nsIBackgroundChannelRegistrar : nsISupports
+{
+  /*
+   * Link the provided channel parent actor with the given channel Id.
+   * callbacks will be invoked immediately when the HttpBackgroundChannelParent
+   * associated with the same channel Id is found. Store the HttpChannelParent
+   * until a matched linkBackgroundChannel is invoked.
+   *
+   * @param aKey the channel Id
+   * @param aChannel the channel parent actor to be paired
+   */
+  [noscript,notxpcom,nostdcall] void linkHttpChannel(in uint64_t aKey,
+                                                     in HttpChannelParent aChannel);
+
+  /*
+   * Link the provided background channel with the given channel Id.
+   * callbacks will be invoked immediately when the HttpChannelParent associated
+   * with the same channel Id is found. Store the HttpBackgroundChannelParent
+   * until a matched linkHttpChannel is invoked.
+   *
+   * @param aKey the channel Id
+   * @param aBgChannel the background channel to be paired
+   */
+  [noscript,notxpcom,nostdcall] void linkBackgroundChannel(in uint64_t aKey,
+                                                           in HttpBackgroundChannelParent aBgChannel);
+
+  /*
+   * Delete previous stored HttpChannelParent or HttpBackgroundChannelParent
+   * if no need to wait for the paired channel object, e.g. background channel
+   * is destroyed before pairing is completed.
+   *
+   * @param aKey the channel Id
+   */
+  [noscript,notxpcom,nostdcall] void deleteChannel(in uint64_t aKey);
+
+};
--- a/security/manager/ssl/StaticHPKPins.h
+++ b/security/manager/ssl/StaticHPKPins.h
@@ -1156,9 +1156,9 @@ static const TransportSecurityPreload kP
   { "za.search.yahoo.com", false, true, false, -1, &kPinset_yahoo },
   { "zh.search.yahoo.com", false, true, false, -1, &kPinset_yahoo },
 };
 
 // Pinning Preload List Length = 480;
 
 static const int32_t kUnknownId = -1;
 
-static const PRTime kPreloadPKPinsExpirationTime = INT64_C(1504624357975000);
+static const PRTime kPreloadPKPinsExpirationTime = INT64_C(1504797564903000);
--- a/security/manager/ssl/nsSTSPreloadList.errors
+++ b/security/manager/ssl/nsSTSPreloadList.errors
@@ -48,51 +48,52 @@ 2brokegirls.org: could not connect to ho
 2intermediate.co.uk: did not receive HSTS header
 2or3.tk: could not connect to host
 2ss.jp: did not receive HSTS header
 300651.ru: did not receive HSTS header
 300m.com: did not receive HSTS header
 300mbmovies4u.cc: did not receive HSTS header
 301.website: could not connect to host
 302.nyc: could not connect to host
-314chan.org: could not connect to host
 33drugstore.com: did not receive HSTS header
 360ds.co.in: did not receive HSTS header
 360gradus.com: did not receive HSTS header
 365.or.jp: could not connect to host
 368mibn.com: could not connect to host
 38sihu.com: could not connect to host
 39sihu.com: could not connect to host
 3chit.cf: could not connect to host
 3click-loan.com: could not connect to host
 3delivered.com: could not connect to host
 3dproteinimaging.com: did not receive HSTS header
 3sreporting.com: did not receive HSTS header
 3yearloans.com: max-age too low: 0
 404.sh: max-age too low: 0
 404404.info: could not connect to host
+404forest.com: could not connect to host
 420dongstorm.com: could not connect to host
 42ms.org: could not connect to host
+441jj.com: did not receive HSTS header
 4455software.com: did not receive HSTS header
 4679.space: could not connect to host
 4azino777.ru: did not receive HSTS header
 4cclothing.com: could not connect to host
 4elements.com: did not receive HSTS header
 4eyes.ch: did not receive HSTS header
 4miners.net: could not connect to host
 4sqsu.eu: could not connect to host
 4w-performers.link: could not connect to host
 50millionablaze.org: could not connect to host
 540.co: did not receive HSTS header
 56ct.com: could not connect to host
 60ych.net: did not receive HSTS header
 6120.eu: did not receive HSTS header
 69square.com: could not connect to host
+724go.com: could not connect to host
 7kovrikov.ru: did not receive HSTS header
-7trade8.com: could not connect to host
 808.lv: could not connect to host
 83i.net: could not connect to host
 911911.pw: could not connect to host
 922.be: could not connect to host
 960news.ca: could not connect to host
 9651678.ru: could not connect to host
 99511.fi: did not receive HSTS header
 9point6.com: could not connect to host
@@ -105,17 +106,19 @@ aaeblog.net: did not receive HSTS header
 aaeblog.org: did not receive HSTS header
 aaoo.net: could not connect to host
 aapp.space: could not connect to host
 aaron-gustafson.com: did not receive HSTS header
 aaronkimmig.de: could not connect to host
 aati.info: did not receive HSTS header
 abareplace.com: did not receive HSTS header
 abearofsoap.com: could not connect to host
-abecodes.net: could not connect to host
+abecodes.net: did not receive HSTS header
+aberdeenalmeras.com: could not connect to host
+aberdeenjudo.co.uk: could not connect to host
 abilitylist.org: did not receive HSTS header
 abioniere.de: could not connect to host
 ablogagency.net: could not connect to host
 abnarnro.com: could not connect to host
 about.ge: did not receive HSTS header
 aboutmyip.info: did not receive HSTS header
 aboutyou-deals.de: did not receive HSTS header
 abt.de: did not receive HSTS header
@@ -130,17 +133,16 @@ accessacademies.org: max-age too low: 0
 accountradar.com: could not connect to host
 accounts-p.com: could not connect to host
 accuenergy.com: max-age too low: 0
 acelpb.com: did not receive HSTS header
 acevik.de: could not connect to host
 acg18.us: did not receive HSTS header
 acgmoon.org: did not receive HSTS header
 acisonline.net: did not receive HSTS header
-acoffeeshops.com: could not connect to host
 acorns.com: did not receive HSTS header
 acr.im: could not connect to host
 acslimited.co.uk: did not receive HSTS header
 activateplay.com: did not receive HSTS header
 activeweb.top: could not connect to host
 activiti.alfresco.com: did not receive HSTS header
 actu-medias.com: did not receive HSTS header
 acuve.jp: could not connect to host
@@ -173,33 +175,36 @@ adver.top: could not connect to host
 adviespuntklokkenluiders.nl: could not connect to host
 aemoria.com: could not connect to host
 aerialmediapro.net: could not connect to host
 aes256.ru: could not connect to host
 aether.pw: could not connect to host
 aeyoun.com: did not receive HSTS header
 af-fotografie.net: did not receive HSTS header
 affilie.de: did not receive HSTS header
+affinitysync.com: could not connect to host
 affordableracingparts.com.au: did not receive HSTS header
 aficotroceni.ro: did not receive HSTS header
 afiru.net: could not connect to host
 afp548.tk: could not connect to host
+afyou.co.kr: could not connect to host
 agalaxyfarfaraway.co.uk: could not connect to host
 agate.pw: did not receive HSTS header
 agatheetraphael.fr: could not connect to host
 agbremen.de: did not receive HSTS header
 agentseeker.ca: did not receive HSTS header
 agevio.com: could not connect to host
 agrimap.com: did not receive HSTS header
 agrios.de: did not receive HSTS header
 agro-id.gov.ua: did not receive HSTS header
 ahabingo.com: did not receive HSTS header
 ahoynetwork.com: did not receive HSTS header
 ahri.ovh: could not connect to host
 aidanwoods.com: did not receive HSTS header
+aids.gov: could not connect to host
 airbnb.com: did not receive HSTS header
 aircomms.com: did not receive HSTS header
 airlea.com: could not connect to host
 airproto.com: could not connect to host
 aishnair.com: could not connect to host
 aiticon.de: did not receive HSTS header
 aiw-thkoeln.online: could not connect to host
 ajmahal.com: could not connect to host
@@ -236,21 +241,23 @@ all-subtitles.com: could not connect to 
 all.tf: could not connect to host
 alldaymonitoring.com: could not connect to host
 allinnote.com: could not connect to host
 allmbw.com: could not connect to host
 allods-zone.ru: could not connect to host
 alloffice.com.ua: did not receive HSTS header
 alloinformatique.net: could not connect to host
 allstarswithus.com: could not connect to host
+alltheducks.com: max-age too low: 0
 alpha.irccloud.com: could not connect to host
 alphabit-secure.com: could not connect to host
 alphabuild.io: could not connect to host
 alphalabs.xyz: could not connect to host
 alt33c3.org: could not connect to host
+altamarea.se: could not connect to host
 altfire.ca: could not connect to host
 altmv.com: max-age too low: 7776000
 alza.at: did not receive HSTS header
 alza.co.uk: did not receive HSTS header
 alza.cz: did not receive HSTS header
 alza.de: did not receive HSTS header
 alza.hu: did not receive HSTS header
 alza.sk: did not receive HSTS header
@@ -308,17 +315,16 @@ aniplus.cf: could not connect to host
 aniplus.gq: could not connect to host
 aniplus.ml: could not connect to host
 anitklib.ml: could not connect to host
 ankakaak.com: could not connect to host
 ankaraprofesyonelnakliyat.com: did not receive HSTS header
 ankaraprofesyonelnakliyat.com.tr: did not receive HSTS header
 annabellaw.com: did not receive HSTS header
 anomaly.ws: did not receive HSTS header
-anongoth.pl: could not connect to host
 anonymo.co.uk: could not connect to host
 anonymo.uk: could not connect to host
 anonymousstatecollegelulzsec.com: could not connect to host
 anook.com: max-age too low: 0
 another.ch: could not connect to host
 anstoncs.com.au: max-age too low: 86400
 ant.land: could not connect to host
 anthenor.co.uk: could not connect to host
@@ -366,34 +372,38 @@ aran.me.uk: could not connect to host
 arboineuropa.nl: did not receive HSTS header
 arboleda-hurtado.com: could not connect to host
 arbu.eu: max-age too low: 2419200
 arcbit.io: could not connect to host
 arguggi.co.uk: could not connect to host
 ariacreations.net: did not receive HSTS header
 aristilabs.com: did not receive HSTS header
 arlen.se: could not connect to host
+armor.com: did not receive HSTS header
 armory.consulting: could not connect to host
 armory.supplies: could not connect to host
 armsday.com: could not connect to host
 armytricka.cz: did not receive HSTS header
 arocloud.de: did not receive HSTS header
+arod.tk: did not receive HSTS header
 arpa.ph: did not receive HSTS header
 arpr.co: did not receive HSTS header
 arrayify.com: could not connect to host
 arrow-cloud.nl: could not connect to host
 arrowfunction.com: could not connect to host
 ars-design.net: could not connect to host
 ars.toscana.it: max-age too low: 0
 artiming.com: could not connect to host
 artistnetwork.nl: did not receive HSTS header
 arturkohut.com: could not connect to host
 arvamus.eu: could not connect to host
 arzaroth.com: did not receive HSTS header
 as.se: could not connect to host
+as200753.com: could not connect to host
+as200753.net: could not connect to host
 as9178.net: could not connect to host
 asasuou.pw: could not connect to host
 asc16.com: could not connect to host
 ascamso.com: could not connect to host
 asdpress.cn: could not connect to host
 ashlane-cottages.com: could not connect to host
 asianodor.com: could not connect to host
 ask.pe: could not connect to host
@@ -420,25 +430,25 @@ atavio.ch: could not connect to host
 atavio.de: did not receive HSTS header
 atbeckett.com: did not receive HSTS header
 atelierdesflammesnoires.fr: could not connect to host
 athenelive.com: could not connect to host
 athul.xyz: did not receive HSTS header
 atlex.nl: did not receive HSTS header
 atomic.menu: could not connect to host
 atomik.pro: could not connect to host
-atomism.com: could not connect to host
 atop.io: could not connect to host
 attic118.com: could not connect to host
 attimidesigns.com: did not receive HSTS header
 au.search.yahoo.com: max-age too low: 172800
 aubiosales.com: could not connect to host
 aucubin.moe: could not connect to host
 audiovisualdevices.com.au: did not receive HSTS header
 aujapan.ru: could not connect to host
+aur.rocks: could not connect to host
 aurainfosec.com: did not receive HSTS header
 aurainfosec.com.au: could not connect to host
 auraredeye.com: did not receive HSTS header
 auraredshield.com: did not receive HSTS header
 auroratownshipfd.org: could not connect to host
 ausnah.me: could not connect to host
 ausoptic.com.au: max-age too low: 2592000
 aussiecable.org: did not receive HSTS header
@@ -457,17 +467,16 @@ autumnwindsagility.com: could not connec
 auverbox.ovh: could not connect to host
 aux-arts-de-la-table.com: did not receive HSTS header
 auxiliumincrementum.co.uk: could not connect to host
 av.de: did not receive HSTS header
 avantmfg.com: did not receive HSTS header
 avec-ou-sans-ordonnance.fr: could not connect to host
 avepol.cz: did not receive HSTS header
 avepol.eu: did not receive HSTS header
-avi9526.pp.ua: could not connect to host
 aviacao.pt: did not receive HSTS header
 avinet.com: max-age too low: 0
 avqueen.cn: did not receive HSTS header
 avus-automobile.com: did not receive HSTS header
 awanderlustadventure.com: did not receive HSTS header
 awei.pub: could not connect to host
 awg-mode.de: did not receive HSTS header
 awxg.com: could not connect to host
@@ -489,16 +498,17 @@ babycs.house: could not connect to host
 babyhouse.xyz: could not connect to host
 babymasaze.cz: did not receive HSTS header
 babysaying.me: could not connect to host
 bacchanallia.com: could not connect to host
 back-bone.nl: did not receive HSTS header
 backschues.net: did not receive HSTS header
 badcronjob.com: could not connect to host
 badenhard.eu: could not connect to host
+badhusky.com: could not connect to host
 badkamergigant.com: could not connect to host
 badlink.org: could not connect to host
 baff.lu: did not receive HSTS header
 baiduaccount.com: could not connect to host
 bakingstone.com: could not connect to host
 bakkerdesignandbuild.com: did not receive HSTS header
 balcan-underground.net: could not connect to host
 baldwinkoo.com: could not connect to host
@@ -535,16 +545,17 @@ bcchack.com: could not connect to host
 bccx.com: could not connect to host
 bcheng.cf: did not receive HSTS header
 bckp.de: could not connect to host
 bcm.com.au: max-age too low: 0
 bcnx.de: max-age too low: 0
 bcsytv.com: could not connect to host
 bcvps.com: did not receive HSTS header
 bcweightlifting.ca: could not connect to host
+bddemir.com: max-age too low: 0
 bde-epitech.fr: could not connect to host
 be.search.yahoo.com: did not receive HSTS header
 beach-inspector.com: did not receive HSTS header
 beachi.es: could not connect to host
 beaglewatch.com: could not connect to host
 beamitapp.com: could not connect to host
 beardydave.com: did not receive HSTS header
 beastowner.com: did not receive HSTS header
@@ -563,37 +574,35 @@ belairsewvac.com: could not connect to h
 belics.com: did not receive HSTS header
 belltower.io: could not connect to host
 bemyvictim.com: max-age too low: 2678400
 beneffy.com: did not receive HSTS header
 benjakesjohnson.com: could not connect to host
 benk.press: could not connect to host
 benny003.de: did not receive HSTS header
 benohead.com: did not receive HSTS header
-benwattie.com: did not receive HSTS header
 benzkosmetik.de: did not receive HSTS header
 beourvictim.com: max-age too low: 2678400
 berasavocate.com: could not connect to host
 berger.work: could not connect to host
 berlatih.com: could not connect to host
 berlinleaks.com: could not connect to host
 berrymark.be: max-age too low: 0
 besixdouze.world: could not connect to host
-besnik.de: could not connect to host
 besola.de: did not receive HSTS header
 bestbeards.ca: could not connect to host
 bestcellular.com: did not receive HSTS header
 besthost.cz: did not receive HSTS header
 bestlashesandbrows.com: did not receive HSTS header
 betcafearena.ro: could not connect to host
 bethditto.com: did not receive HSTS header
 betnet.fr: could not connect to host
 betplanning.it: did not receive HSTS header
 bets.de: did not receive HSTS header
-bettween.com: did not receive HSTS header
+bettween.com: could not connect to host
 betz.ro: did not receive HSTS header
 bevapehappy.com: did not receive HSTS header
 beyond-edge.com: could not connect to host
 beyuna.co.uk: did not receive HSTS header
 beyuna.eu: did not receive HSTS header
 beyuna.nl: did not receive HSTS header
 bezorg.ninja: could not connect to host
 bf.am: max-age too low: 0
@@ -699,32 +708,32 @@ bonitabrazilian.co.nz: did not receive H
 bonobo.cz: could not connect to host
 bonop.com: did not receive HSTS header
 bonta.one: could not connect to host
 bookcelerator.com: did not receive HSTS header
 booked.holiday: could not connect to host
 bookofraonlinecasinos.com: did not receive HSTS header
 bookourdjs.com: max-age too low: 0
 boomerang.com: did not receive HSTS header
-boomshelf.com: could not connect to host
-boomshelf.org: could not connect to host
 boosterlearnpro.com: did not receive HSTS header
 bootjp.me: did not receive HSTS header
 borderlinegroup.com: max-age too low: 0
 boringsecurity.net: could not connect to host
 boris.one: did not receive HSTS header
+borscheid-wenig.com: did not receive HSTS header
 botox.bz: did not receive HSTS header
 bouncecoffee.com: did not receive HSTS header
 bouwbedrijfpurmerend.nl: did not receive HSTS header
 bowling.com: did not receive HSTS header
 bowlroll.net: max-age too low: 0
 boxcryptor.com: did not receive HSTS header
 boxintense.com: did not receive HSTS header
 bqtoolbox.com: could not connect to host
 br3in.nl: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]"  nsresult: "0x80004005 (NS_ERROR_FAILURE)"  location: "JS frame :: /builds/slave/m-cen-l64-periodicupdate-00000/getHSTSPreloadList.js :: processStsHeader :: line 118"  data: no]
+bragasoft.com.br: did not receive HSTS header
 brage.info: did not receive HSTS header
 braineet.com: did not receive HSTS header
 brainfork.ml: could not connect to host
 braintreegateway.com: did not receive HSTS header
 braintreepayments.com: did not receive HSTS header
 brainvation.de: did not receive HSTS header
 bran.cc: could not connect to host
 branchtrack.com: did not receive HSTS header
@@ -787,17 +796,16 @@ busold.ws: could not connect to host
 bustimes.org: could not connect to host
 butchersworkshop.com: did not receive HSTS header
 buttercoin.com: could not connect to host
 butterfieldstraining.com: did not receive HSTS header
 buybaby.eu: did not receive HSTS header
 buyfox.de: did not receive HSTS header
 bw81.xyz: could not connect to host
 bwear4all.de: did not receive HSTS header
-bwilkinson.co.uk: could not connect to host
 by4cqb.cn: could not connect to host
 bydisk.com: could not connect to host
 bypassed.press: could not connect to host
 bypassed.today: did not receive HSTS header
 bypassed.works: did not receive HSTS header
 bypassed.world: did not receive HSTS header
 bypro.xyz: could not connect to host
 bysymphony.com: max-age too low: 0
@@ -865,31 +873,31 @@ carlolly.co.uk: could not connect to hos
 carlosalves.info: could not connect to host
 carpliyz.com: could not connect to host
 carroarmato0.be: could not connect to host
 carsforbackpackers.com: could not connect to host
 carwashvapeur.be: did not receive HSTS header
 casc.cz: did not receive HSTS header
 casedi.org: max-age too low: 0
 casefall.com: could not connect to host
-cash-pos.com: could not connect to host
 cashlink.io: did not receive HSTS header
 cashmojo.com: could not connect to host
 cashmyphone.ch: could not connect to host
 casino-cashflow.ru: did not receive HSTS header
 casinostest.com: did not receive HSTS header
 casioshop.eu: did not receive HSTS header
 casovi.cf: could not connect to host
 catarsisvr.com: could not connect to host
 catinmay.com: did not receive HSTS header
 catnapstudios.com: could not connect to host
 cavaleria.ro: did not receive HSTS header
 caveclan.org: did not receive HSTS header
 cavedevs.de: could not connect to host
 cavedroid.xyz: could not connect to host
+cbengineeringinc.com: could not connect to host
 cbhq.net: could not connect to host
 ccblog.de: did not receive HSTS header
 cctech.ph: did not receive HSTS header
 cd.search.yahoo.com: did not receive HSTS header
 cd0.us: could not connect to host
 cdnb.co: could not connect to host
 cdndepo.com: could not connect to host
 cdreporting.co.uk: did not receive HSTS header
@@ -904,16 +912,17 @@ centralvacsunlimited.net: could not conn
 centrepoint-community.com: could not connect to host
 ceritamalam.net: could not connect to host
 cerize.love: could not connect to host
 cert.se: max-age too low: 2628001
 certmgr.org: could not connect to host
 cesal.net: could not connect to host
 cesidianroot.eu: could not connect to host
 cevrimici.com: could not connect to host
+cfan.space: could not connect to host
 cfcproperties.com: did not receive HSTS header
 cfetengineering.com: could not connect to host
 cfoitplaybook.com: could not connect to host
 cg.search.yahoo.com: did not receive HSTS header
 cganx.org: could not connect to host
 chainmonitor.com: could not connect to host
 championsofregnum.com: did not receive HSTS header
 champserver.net: did not receive HSTS header
@@ -962,17 +971,16 @@ chris-web.info: could not connect to hos
 chrisandsarahinasia.com: did not receive HSTS header
 chrisfaber.com: could not connect to host
 chriskyrouac.com: could not connect to host
 chrisopperwall.com: did not receive HSTS header
 christiaandruif.nl: could not connect to host
 christianbargon.de: did not receive HSTS header
 christianbro.gq: could not connect to host
 christianhoffmann.info: could not connect to host
-christianscholz.de: did not receive HSTS header
 christophercolumbusfoundation.gov: did not receive HSTS header
 christophheich.me: could not connect to host
 chrisupjohn.com: could not connect to host
 chrome-devtools-frontend.appspot.com: did not receive HSTS header (error ignored - included regardless)
 chrome.google.com: did not receive HSTS header (error ignored - included regardless)
 chua.cf: could not connect to host
 chulado.com: did not receive HSTS header
 cidr.ml: could not connect to host
@@ -1000,42 +1008,45 @@ cleaningsquad.ca: max-age too low: 0
 clearc.tk: could not connect to host
 clemovementlaw.com: could not connect to host
 clerkendweller.uk: could not connect to host
 clickandgo.com: did not receive HSTS header
 clickandshoot.nl: did not receive HSTS header
 clickgram.biz: could not connect to host
 clicn.bio: could not connect to host
 clicnbio.com: did not receive HSTS header
-clientboss.com: could not connect to host
 clientsecure.me: could not connect to host
 clint.id.au: max-age too low: 0
 clintonbloodworth.com: could not connect to host
 clintonbloodworth.io: could not connect to host
 clintwilson.technology: max-age too low: 2592000
 clip.ovh: could not connect to host
+closelinksecurity.com: could not connect to host
 cloud-project.com: did not receive HSTS header
 cloud.wtf: could not connect to host
 cloudapi.vc: could not connect to host
+cloudbleed.info: could not connect to host
 cloudcert.org: did not receive HSTS header
 cloudcy.net: could not connect to host
 clouddesktop.co.nz: could not connect to host
 cloudey.net: did not receive HSTS header
 cloudflare.com: did not receive HSTS header
 cloudimag.es: could not connect to host
 cloudlink.club: could not connect to host
 cloudns.com.au: could not connect to host
 cloudspotterapp.com: did not receive HSTS header
 cloudstoragemaus.com: could not connect to host
 cloudstorm.me: could not connect to host
+cloudstrike.co: could not connect to host
 cloudwalk.io: did not receive HSTS header
 cloverleaf.net: max-age too low: 0
 cloxy.com: did not receive HSTS header
 clubmix.co.kr: could not connect to host
 cluster.id: could not connect to host
+clusterfuck.nz: could not connect to host
 clustermaze.net: could not connect to host
 clvrwebdesign.com: did not receive HSTS header
 clywedogmaths.co.uk: could not connect to host
 cmc-versand.de: did not receive HSTS header
 cmci.dk: did not receive HSTS header
 cmsbattle.com: could not connect to host
 cmscafe.ru: did not receive HSTS header
 cmso-cal.com: could not connect to host
@@ -1089,16 +1100,17 @@ compareinsurance.com.au: did not receive
 comparejewelleryprices.co.uk: could not connect to host
 comparetravelinsurance.com.au: did not receive HSTS header
 compiledworks.com: could not connect to host
 completeid.com: max-age too low: 86400
 completionist.audio: could not connect to host
 complymd.com: did not receive HSTS header
 compraneta.com: could not connect to host
 compucorner.com.mx: could not connect to host
+compucorner.mx: could not connect to host
 computeremergency.com.au: did not receive HSTS header
 computersystems.guru: did not receive HSTS header
 concord-group.co.jp: did not receive HSTS header
 confirm365.com: could not connect to host
 conformal.com: could not connect to host
 connect.ua: did not receive HSTS header
 connected-verhuurservice.nl: did not receive HSTS header
 connectfss.com: could not connect to host
@@ -1143,17 +1155,16 @@ courageousparentsnetwork.org: did not re
 couragewhispers.ca: did not receive HSTS header
 coursdeprogrammation.com: could not connect to host
 coursella.com: did not receive HSTS header
 covenantbank.net: could not connect to host
 coverduck.ru: could not connect to host
 cpuvinf.eu.org: could not connect to host
 cr.search.yahoo.com: did not receive HSTS header
 cracking.org: did not receive HSTS header
-crackslut.eu: could not connect to host
 craftbeerbarn.co.uk: could not connect to host
 craftedge.xyz: could not connect to host
 craftmain.eu: could not connect to host
 craftmine.cz: did not receive HSTS header
 cranems.com.ua: did not receive HSTS header
 crate.io: did not receive HSTS header
 cravelyrics.com: could not connect to host
 crazifyngers.com: could not connect to host
@@ -1193,16 +1204,17 @@ crysadm.com: max-age too low: 1
 crystalclassics.co.uk: did not receive HSTS header
 csapak.com: could not connect to host
 csawctf.poly.edu: could not connect to host
 cselzer.com: could not connect to host
 csfs.org.uk: could not connect to host
 csgf.ru: did not receive HSTS header
 csgodicegame.com: did not receive HSTS header
 csgokings.eu: could not connect to host
+csgoshifter.com: could not connect to host
 csohack.tk: could not connect to host
 cspbuilder.info: could not connect to host
 csru.net: did not receive HSTS header
 csvape.com: did not receive HSTS header
 ct-status.org: could not connect to host
 ct.search.yahoo.com: did not receive HSTS header
 cthulhuden.com: could not connect to host
 cubeserver.eu: could not connect to host
@@ -1216,28 +1228,29 @@ cuntflaps.me: could not connect to host
 cuongquach.com: did not receive HSTS header
 curlyroots.com: did not receive HSTS header
 curroapp.com: could not connect to host
 curveweb.co.uk: did not receive HSTS header
 custe.rs: could not connect to host
 cuteys.de: max-age too low: 86400
 cutorrent.com: could not connect to host
 cuvva.insure: did not receive HSTS header
+cuvva.io: did not receive HSTS header
 cyanogenmod.xxx: could not connect to host
-cyber-computer.club: did not receive HSTS header
 cyberdos.de: did not receive HSTS header
 cyberpunk.ca: could not connect to host
 cybershambles.com: could not connect to host
 cybersmart.co.uk: did not receive HSTS header
 cyberxpert.nl: could not connect to host
 cycleluxembourg.lu: did not receive HSTS header
 cydia-search.io: could not connect to host
 cynoshair.com: could not connect to host
 cyphertite.com: could not connect to host
 cytadel.fr: did not receive HSTS header
+czlx.co: could not connect to host
 dad256.tk: could not connect to host
 dadtheimpaler.com: could not connect to host
 dah5.com: did not receive HSTS header
 dailybits.be: did not receive HSTS header
 dailystormerpodcasts.com: could not connect to host
 daimadi.com: could not connect to host
 dakrib.net: could not connect to host
 daku.gdn: could not connect to host
@@ -1257,17 +1270,16 @@ danijobs.com: could not connect to host
 danishenanigans.com: could not connect to host
 danrl.de: could not connect to host
 danwillenberg.com: did not receive HSTS header
 daolerp.xyz: could not connect to host
 dargasia.is: could not connect to host
 dario.im: could not connect to host
 dark-x.cf: could not connect to host
 darkengine.io: could not connect to host
-darkfriday.ddns.net: could not connect to host
 darkhole.cn: could not connect to host
 darkkeepers.dk: did not receive HSTS header
 darknebula.space: could not connect to host
 darkpony.ru: could not connect to host
 darksideof.it: could not connect to host
 darkstance.org: could not connect to host
 darrenellis.xyz: could not connect to host
 daryl.moe: could not connect to host
@@ -1353,17 +1365,16 @@ detest.org: could not connect to host
 deux.solutions: could not connect to host
 deuxsol.co: could not connect to host
 deuxsol.com: could not connect to host
 deuxsolutions.com: could not connect to host
 deuxvia.com: could not connect to host
 devafterdark.com: could not connect to host
 devcu.com: could not connect to host
 devcu.net: could not connect to host
-devdoodle.net: could not connect to host
 devincrow.me: could not connect to host
 devkit.cc: could not connect to host
 devmsg.com: did not receive HSTS header
 devnsec.com: could not connect to host
 devnull.team: could not connect to host
 devopps.me: did not receive HSTS header
 devtub.com: did not receive HSTS header
 devuan.org: did not receive HSTS header
@@ -1371,23 +1382,22 @@ dfviana.com.br: did not receive HSTS hea
 dhome.at: did not receive HSTS header
 dhpcs.com: did not receive HSTS header
 dhpiggott.net: did not receive HSTS header
 diablotine.rocks: could not connect to host
 diarbag.us: max-age too low: 0
 dicando.com: max-age too low: 2592000
 dicionariofinanceiro.com: did not receive HSTS header
 diedrich.co: could not connect to host
+dienstplan.one: could not connect to host
 dierenkruiden.nl: could not connect to host
 dietrich-spielwaren.de: max-age too low: 86400
 diewebstube.de: could not connect to host
 diezel.com: could not connect to host
 diferenca.com: did not receive HSTS header
-diff2html.xyz: could not connect to host
-digidroom.be: did not receive HSTS header
 digioccumss.ddns.net: could not connect to host
 digitalbank.kz: could not connect to host
 digitaldaddy.net: could not connect to host
 digitalero.rip: did not receive HSTS header
 digitalriver.tk: could not connect to host
 digitalskillswap.com: could not connect to host
 dim.lighting: could not connect to host
 dinamoelektrik.com: could not connect to host
@@ -1406,17 +1416,16 @@ dissimulo.me: could not connect to host
 distractionco.de: did not receive HSTS header
 ditrutoancau.vn: could not connect to host
 dittvertshus.no: could not connect to host
 diva-ey.com: could not connect to host
 dixiediner.com: did not receive HSTS header
 dizihocasi.com: could not connect to host
 dizorg.net: could not connect to host
 dj4et.de: could not connect to host
-djieno.com: could not connect to host
 djxmmx.net: max-age too low: 0
 djz4music.com: did not receive HSTS header
 dkniss.de: could not connect to host
 dl.google.com: did not receive HSTS header (error ignored - included regardless)
 dlc.viasinc.com: could not connect to host
 dlemper.de: did not receive HSTS header
 dlscomputers.com.au: did not receive HSTS header
 dmcibulldog.com: did not receive HSTS header
@@ -1472,41 +1481,44 @@ dougferris.id.au: could not connect to h
 dovecotadmin.org: could not connect to host
 dovetailnow.com: could not connect to host
 download.jitsi.org: did not receive HSTS header
 downsouthweddings.com.au: did not receive HSTS header
 doyoucheck.com: did not receive HSTS header
 dpratt.de: did not receive HSTS header
 dragonisles.net: could not connect to host
 dragons-of-highlands.cz: could not connect to host
+dragonsmoke.cloud: could not connect to host
 dragonteam.ninja: did not receive HSTS header
 dragontrainingmobilezoo.com.au: max-age too low: 0
 drakeanddragon.com: did not receive HSTS header
 drakefortreasurer.sexy: could not connect to host
 draw.uy: could not connect to host
 drdevil.ru: could not connect to host
 dreadbyte.com: could not connect to host
 dreamcatcherblog.de: could not connect to host
 dreamlighteyeserum.com: could not connect to host
 dreamsforabetterworld.com.au: did not receive HSTS header
 dredgepress.com: could not connect to host
 dreid.org: did not receive HSTS header
 drewgle.net: could not connect to host
 drhopeson.com: could not connect to host
 drishti.guru: could not connect to host
 droidboss.com: did not receive HSTS header
+droncentrum.pl: could not connect to host
 droomhuis-in-zuid-holland-kopen.nl: did not receive HSTS header
 dropcam.com: did not receive HSTS header
 drtroyhendrickson.com: could not connect to host
 drumbandesperanto.nl: could not connect to host
 ds-christiansen.de: could not connect to host
 dshiv.io: could not connect to host
 dtub.co: did not receive HSTS header
 dubrovskiy.net: could not connect to host
 dubrovskiy.pro: could not connect to host
+duerls.de: could not connect to host
 duesee.org: could not connect to host
 dullsir.com: did not receive HSTS header
 dungi.org: could not connect to host
 dutchrank.com: did not receive HSTS header
 duuu.ch: could not connect to host
 dycontrol.de: could not connect to host
 dyktig.as: did not receive HSTS header
 dylanscott.com.au: did not receive HSTS header
@@ -1522,27 +1534,29 @@ e-isfa.eu: did not receive HSTS header
 e-sa.com: did not receive HSTS header
 e3amn2l.com: could not connect to host
 earga.sm: could not connect to host
 earlybirdsnacks.com: could not connect to host
 earthrise16.com: could not connect to host
 easez.net: did not receive HSTS header
 eason-yang.com: could not connect to host
 easychiller.org: could not connect to host
+easyocm.hu: did not receive HSTS header
 easyplane.it: did not receive HSTS header
 eatlowcarb.de: did not receive HSTS header
 eauclairecommerce.com: could not connect to host
 ebankcbt.com: could not connect to host
 ebecs.com: did not receive HSTS header
 ebiografia.com: did not receive HSTS header
 ebiografias.com.br: did not receive HSTS header
 ebp2p.com: did not receive HSTS header
 ebpglobal.com: did not receive HSTS header
 ebraph.com: could not connect to host
 ebrowz.com: could not connect to host
+ec-hasslau.de: could not connect to host
 ecake.in: could not connect to host
 ecdn.cz: could not connect to host
 ecfs.link: could not connect to host
 ecg.fr: could not connect to host
 echipstore.com: did not receive HSTS header
 ecole-en-danger.fr: could not connect to host
 ecole-maternelle-saint-joseph.be: could not connect to host
 ecomlane.com: could not connect to host
@@ -1575,18 +1589,21 @@ eicfood.com: could not connect to host
 ekbanden.nl: could not connect to host
 eksik.com: could not connect to host
 elaintehtaat.fi: did not receive HSTS header
 elan-organics.com: did not receive HSTS header
 elanguest.pl: could not connect to host
 elanguest.ro: did not receive HSTS header
 elanguest.ru: could not connect to host
 elbetech.net: could not connect to host
+electricant.com: did not receive HSTS header
+electricant.nl: did not receive HSTS header
 electricianforum.co.uk: did not receive HSTS header
 electromc.com: could not connect to host
+elektronring.com: could not connect to host
 elemenx.com: did not receive HSTS header
 elemprendedor.com.ve: could not connect to host
 elenag.ga: could not connect to host
 elenoon.ir: did not receive HSTS header
 elgacien.de: could not connect to host
 elimdengelen.com: did not receive HSTS header
 eliott.be: could not connect to host
 elite-porno.ru: did not receive HSTS header
@@ -1624,16 +1641,17 @@ endlesstone.com: did not receive HSTS he
 enefan.jp: could not connect to host
 engelwerbung.com: did not receive HSTS header
 enginsight.com: did not receive HSTS header
 englishyamal.ru: did not receive HSTS header
 enigmacpt.com: did not receive HSTS header
 enigmail.net: did not receive HSTS header
 enjoy-nepal.de: max-age too low: 0
 enjoymayfield.com: max-age too low: 0
+enlightenment.org: did not receive HSTS header
 enskat.de: could not connect to host
 enskatson-sippe.de: could not connect to host
 enteente.club: could not connect to host
 enteente.space: could not connect to host
 enteente.xyz: could not connect to host
 enterdev.co: did not receive HSTS header
 enterprise-threat-monitor.com: max-age too low: 0
 enterprisecarclub.co.uk: did not receive HSTS header
@@ -1646,17 +1664,16 @@ envygeeks.io: did not receive HSTS heade
 eol34.com: did not receive HSTS header
 epanurse.com: could not connect to host
 ephry.com: could not connect to host
 epicpages.com: could not connect to host
 epoxate.com: could not connect to host
 epublibre.org: could not connect to host
 eq8.net.au: could not connect to host
 equilibre-yoga-jennifer-will.com: could not connect to host
-erad.fr: could not connect to host
 erawanarifnugroho.com: did not receive HSTS header
 eressea.xyz: could not connect to host
 ericbond.net: could not connect to host
 erichalv.com: could not connect to host
 eridanus.uk: did not receive HSTS header
 ernaehrungsberatung-zurich.ch: could not connect to host
 ernesto.at: could not connect to host
 eromixx.com: did not receive HSTS header
@@ -1748,17 +1765,17 @@ faber.io: could not connect to host
 fabhub.io: could not connect to host
 fabianasantiago.com: could not connect to host
 fabianfischer.de: did not receive HSTS header
 factorable.net: did not receive HSTS header
 factorygw.com: did not receive HSTS header
 fadilus.com: did not receive HSTS header
 faesser.com: did not receive HSTS header
 fail4free.de: did not receive HSTS header
-failforward.org: did not receive HSTS header
+failforward.org: max-age too low: 0
 fairkey.dk: did not receive HSTS header
 fairlyoddtreasures.com: did not receive HSTS header
 faizan.net: could not connect to host
 faizan.xyz: could not connect to host
 fakeletters.org: did not receive HSTS header
 faktura.pl: did not receive HSTS header
 falconfrag.com: could not connect to host
 falkp.no: did not receive HSTS header
@@ -1772,16 +1789,17 @@ farhadexchange.com: did not receive HSTS
 fashioncare.cz: did not receive HSTS header
 fasset.jp: could not connect to host
 fastdigitizing.com: max-age too low: 300
 fastograph.com: could not connect to host
 fastopen.ml: could not connect to host
 fatgeekflix.net: could not connect to host
 fatherhood.gov: did not receive HSTS header
 fatlossguide.xyz: could not connect to host
+fatox.de: did not receive HSTS header
 fatwin.pw: could not connect to host
 fayolle.info: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]"  nsresult: "0x80004005 (NS_ERROR_FAILURE)"  location: "JS frame :: /builds/slave/m-cen-l64-periodicupdate-00000/getHSTSPreloadList.js :: processStsHeader :: line 118"  data: no]
 fbox.li: could not connect to host
 fdj.im: could not connect to host
 feac.us: could not connect to host
 feaden.me: could not connect to host
 feard.space: could not connect to host
 feastr.de: did not receive HSTS header
@@ -1819,16 +1837,17 @@ finfev.de: could not connect to host
 finiteheap.com: did not receive HSTS header
 finpt.com: could not connect to host
 firebaseio-demo.com: could not connect to host
 firebaseio.com: could not connect to host (error ignored - included regardless)
 firebird.io: could not connect to host
 firefall.rocks: could not connect to host
 firemail.io: could not connect to host
 fireorbit.de: did not receive HSTS header
+firesofheaven.org: did not receive HSTS header
 firmenverzeichnis.nu: could not connect to host
 firstdogonthemoon.com.au: did not receive HSTS header
 firstforex.co.uk: did not receive HSTS header
 firstlook.org: did not receive HSTS header
 fish2.me: did not receive HSTS header
 fishlinemedia.com: max-age too low: 0
 fit4medien.de: did not receive HSTS header
 fitbylo.com: did not receive HSTS header
@@ -1842,16 +1861,17 @@ fixingdns.com: did not receive HSTS head
 fixtectools.co.za: could not connect to host
 fj.search.yahoo.com: did not receive HSTS header
 fjruiz.es: did not receive HSTS header
 fkcovering.be: could not connect to host
 flags.ninja: could not connect to host
 flamewall.net: could not connect to host
 flareon.net: could not connect to host
 flawcheck.com: did not receive HSTS header
+fletchto99.com: could not connect to host
 fleurette.me: could not connect to host
 fliexer.com: could not connect to host
 flirchi.com: did not receive HSTS header
 floless.co.uk: did not receive HSTS header
 florafiora.com.br: did not receive HSTS header
 florent-tatard.fr: could not connect to host
 florian-lillpopp.de: max-age too low: 10
 florianlillpopp.de: max-age too low: 10
@@ -1867,20 +1887,22 @@ flowlo.me: could not connect to host
 fluidojobs.com: did not receive HSTS header
 flukethoughts.com: could not connect to host
 flurrybridge.com: did not receive HSTS header
 flushstudios.com: did not receive HSTS header
 flyaces.com: did not receive HSTS header
 fm83.nl: could not connect to host
 fndout.com: did not receive HSTS header
 fnvsecurity.com: could not connect to host
+focusmark.jp: could not connect to host
 fojtova.cz: did not receive HSTS header
 fojtovi.cz: did not receive HSTS header
 fonetiq.io: could not connect to host
 food4health.guide: could not connect to host
+foodbuddy.ch: could not connect to host
 foodievenues.com: could not connect to host
 foodsafetyworkinggroup.gov: could not connect to host
 footballmapped.com: could not connect to host
 forafifty.co.za: could not connect to host
 foraje-profesionale.ro: did not receive HSTS header
 forbook.net: could not connect to host
 fordbydesign.com: could not connect to host
 foreignexchangeresource.com: did not receive HSTS header
@@ -1904,38 +1926,41 @@ fr33d0m.link: could not connect to host
 fralef.me: did not receive HSTS header
 francevpn.xyz: could not connect to host
 frangor.info: did not receive HSTS header
 frankwei.xyz: did not receive HSTS header
 franta.biz: did not receive HSTS header
 franta.email: did not receive HSTS header
 franzt.de: could not connect to host
 franzt.ovh: could not connect to host
+frasesdeamizade.pt: could not connect to host
 frasys.io: could not connect to host
 frasys.net: could not connect to host
 fraurichter.net: could not connect to host
 fredvoyage.fr: did not receive HSTS header
 freeflow.tv: could not connect to host
 freelanced.co.za: could not connect to host
 freematthale.net: did not receive HSTS header
 freenetproject.org: did not receive HSTS header
 freesoftwaredriver.com: did not receive HSTS header
 freethought.org.au: could not connect to host
 freeutopia.org: did not receive HSTS header
 frenzel.dk: could not connect to host
 freqlabs.com: did not receive HSTS header
 freshfind.xyz: could not connect to host
+freshlymind.com: did not receive HSTS header
 frforms.com: did not receive HSTS header
 friendica.ch: could not connect to host
 friendlyfiregameshow.com: could not connect to host
 froggstack.de: could not connect to host
 frontisme.nl: could not connect to host
 frontmin.com: did not receive HSTS header
 frost-ci.xyz: could not connect to host
 fruitusers.com: could not connect to host
+frusky.de: did not receive HSTS header
 frusky.net: did not receive HSTS header
 fspphoto.com: could not connect to host
 fstfy.de: could not connect to host
 ftctele.com: did not receive HSTS header
 fuchsy.com: could not connect to host
 fuckgfw233.org: could not connect to host
 fukushima-web.com: did not receive HSTS header
 fulilingyu.info: could not connect to host
@@ -2008,23 +2033,25 @@ gampenhof.de: did not receive HSTS heade
 gaptek.id: did not receive HSTS header
 garageon.net: did not receive HSTS header
 garciamartin.me: could not connect to host
 garden.trade: max-age too low: 0
 gatapro.net: could not connect to host
 gatorsa.es: did not receive HSTS header
 gdegem.org: did not receive HSTS header
 gdpventure.com: max-age too low: 0
+gdz.tv: did not receive HSTS header
 gedankenbude.info: could not connect to host
 geekcast.co.uk: did not receive HSTS header
 geeky.software: could not connect to host
 geemo.top: could not connect to host
 geeq.ch: could not connect to host
 geli-graphics.com: did not receive HSTS header
 genetargetsolutions.com.au: did not receive HSTS header
+genossen.ru: could not connect to host
 genuu.com: could not connect to host
 genuxation.com: could not connect to host
 genyaa.com: could not connect to host
 genyhitch.com: did not receive HSTS header
 geofox.org: did not receive HSTS header
 georgesonarthurs.com.au: did not receive HSTS header
 gerencianet.com.br: did not receive HSTS header
 gersting.net: could not connect to host
@@ -2048,23 +2075,21 @@ getgeek.no: did not receive HSTS header
 getgeek.nu: did not receive HSTS header
 getgeek.se: did not receive HSTS header
 getinternet.de: max-age too low: 0
 getkai.co.nz: did not receive HSTS header
 getlantern.org: did not receive HSTS header
 getlifti.com: could not connect to host
 getlittleapps.com: did not receive HSTS header
 getlolaccount.com: could not connect to host
-getmango.com: did not receive HSTS header
 getmassage.com.ng: could not connect to host
 getpake.com: could not connect to host
 getremembrall.com: could not connect to host
 getsello.com: could not connect to host
 getspire.com: could not connect to host
-getts.ro: did not receive HSTS header
 getwashdaddy.com: could not connect to host
 gfelot.xyz: did not receive HSTS header
 gfm.tech: could not connect to host
 gfwsb.ml: could not connect to host
 ggss.ml: could not connect to host
 gheorghesarcov.ga: could not connect to host
 gheorghesarcov.tk: could not connect to host
 giantmicrobes.de: max-age too low: 86400
@@ -2091,17 +2116,16 @@ glentakahashi.com: max-age too low: 0
 glitzmirror.com: could not connect to host
 global-adult-webcams.com: did not receive HSTS header
 globalado.com: could not connect to host
 globalbridge-japan.com: did not receive HSTS header
 globalexpert.co.nz: could not connect to host
 globalittech.com: could not connect to host
 globalmusic.ga: could not connect to host
 globalsites.nl: did not receive HSTS header
-gloomyvancouver.com: could not connect to host
 gm-assicurazioni.it: could not connect to host
 gm.search.yahoo.com: did not receive HSTS header
 gmail.com: did not receive HSTS header (error ignored - included regardless)
 gmoes.at: max-age too low: 600000
 gnetion.com: could not connect to host
 go.ax: did not receive HSTS header
 go2sh.de: did not receive HSTS header
 goabonga.com: could not connect to host
@@ -2118,17 +2142,16 @@ gogenenglish.com: could not connect to h
 gogetssl.com: did not receive HSTS header
 goggs.eu: did not receive HSTS header
 gogold-g.com: could not connect to host
 gokhankesici.com: did not receive HSTS header
 gold24.in: did not receive HSTS header
 goldegg-training.com: did not receive HSTS header
 goldendata.io: could not connect to host
 goldminer.ga: could not connect to host
-goldpros.com: did not receive HSTS header
 golocal-media.de: could not connect to host
 gonzalosanchez.mx: did not receive HSTS header
 goodenough.nz: did not receive HSTS header
 goodtech.com.br: could not connect to host
 goodwin43.ru: could not connect to host
 google: could not connect to host (error ignored - included regardless)
 googlemail.com: did not receive HSTS header (error ignored - included regardless)
 googleplex.com: did not receive HSTS header (error ignored - included regardless)
@@ -2145,43 +2168,42 @@ goto.google.com: did not receive HSTS he
 gotocloud.ru: could not connect to host
 gotspot.com: could not connect to host
 gottcode.org: did not receive HSTS header
 gov.ax: could not connect to host
 goverage.org: could not connect to host
 govillemo.ca: did not receive HSTS header
 gozel.com.tr: did not receive HSTS header
 gparent.org: did not receive HSTS header
-gpfclan.de: could not connect to host
 gpsfix.cz: did not receive HSTS header
 gpstuner.com: did not receive HSTS header
 grabi.ga: could not connect to host
 gracesofgrief.com: could not connect to host
 gradienthosting.co.uk: did not receive HSTS header
 grana.com: did not receive HSTS header
 grandmascookieblog.com: did not receive HSTS header
 grantedby.me: max-age too low: 0
 graph.no: did not receive HSTS header
 graphsearchengine.com: could not connect to host
 gratisonlinesex.com: could not connect to host
 gravito.nl: did not receive HSTS header
 gravity-net.de: could not connect to host
 graycell.net: could not connect to host
-graysonsmith.co.uk: did not receive HSTS header
 grazetech.com: did not receive HSTS header
 grcnode.co.uk: could not connect to host
 greatnet.de: did not receive HSTS header
 greatsong.net: did not receive HSTS header
 greenhillantiques.co.uk: did not receive HSTS header
 greenvines.com.tw: did not receive HSTS header
 greg.red: could not connect to host
 gregorytlee.me: could not connect to host
 gremots.com: could not connect to host
 greplin.com: could not connect to host
 gresb.com: did not receive HSTS header
+greybit.net: could not connect to host
 greyline.se: could not connect to host
 gribani.com: could not connect to host
 grid2osm.org: could not connect to host
 grigalanzsoftware.com: could not connect to host
 gripopgriep.net: could not connect to host
 groenemeijer.frl: max-age too low: 2628000
 groetzner.net: did not receive HSTS header
 grossell.ru: could not connect to host
@@ -2211,17 +2233,16 @@ guge.gq: could not connect to host
 gugga.dk: did not receive HSTS header
 guguke.net: did not receive HSTS header
 guilde-vindicta.fr: did not receive HSTS header
 gulenet.com: could not connect to host
 gunnarhafdal.com: did not receive HSTS header
 gunnaro.com: could not connect to host
 guntbert.net: could not connect to host
 guoqiang.info: could not connect to host
-gurochan.ch: could not connect to host
 gurom.lv: could not connect to host
 gurusupe.com: could not connect to host
 guso.gq: could not connect to host
 guso.ml: could not connect to host
 guso.site: could not connect to host
 guso.tech: could not connect to host
 gussi.is: did not receive HSTS header
 gvt2.com: could not connect to host (error ignored - included regardless)
@@ -2234,29 +2255,30 @@ gyboche.com: could not connect to host
 gyboche.science: could not connect to host
 gycis.me: could not connect to host
 gylauto.fr: could not connect to host
 gypthecat.com: max-age too low: 604800
 gyz.io: could not connect to host
 h-og.com: could not connect to host
 h2check.org: could not connect to host
 haarkliniek.com: did not receive HSTS header
-habanaavenue.com: did not receive HSTS header
+habanaavenue.com: max-age too low: 0
 habbo.life: could not connect to host
 habbotalk.nl: could not connect to host
 hablemosdetecnologia.com.ve: could not connect to host
 hac30.com: could not connect to host
 hack.li: could not connect to host
 hackbubble.me: did not receive HSTS header
 hackercat.ninja: did not receive HSTS header
 hackerforever.com: did not receive HSTS header
 hackerone-ext-adroll.com: could not connect to host
-hackerspace-ntnu.no: could not connect to host
+hackerspace-ntnu.no: did not receive HSTS header
 hackest.org: did not receive HSTS header
 hackit.im: could not connect to host
+hadouk.in: could not connect to host
 hadzic.co: could not connect to host
 haeckdesign.com: did not receive HSTS header
 haeckl.eu: did not receive HSTS header
 haf.gr: could not connect to host
 hahayidu.org: could not connect to host
 haitschi.com: could not connect to host
 haitschi.de: did not receive HSTS header
 haitschi.net: could not connect to host
@@ -2275,18 +2297,16 @@ hansen.hn: could not connect to host
 hao2taiwan.com: max-age too low: 0
 haoyugao.com: could not connect to host
 haozi.me: could not connect to host
 happix.nl: did not receive HSTS header
 happyfabric.me: did not receive HSTS header
 happygastro.com: could not connect to host
 harabuhouse.com: did not receive HSTS header
 harbor-light.net: could not connect to host
-harbourweb.net: could not connect to host
-hardfalcon.net: could not connect to host
 hardline.xyz: could not connect to host
 haribosupermix.com: could not connect to host
 harisht.me: could not connect to host
 harmonycosmetic.com: max-age too low: 300
 harristony.com: could not connect to host
 hartmancpa.com: did not receive HSTS header
 harvester.fr: could not connect to host
 harvestrenewal.org: did not receive HSTS header
@@ -2308,40 +2328,40 @@ haxoff.com: could not connect to host
 haxx.hu: could not connect to host
 haydenhill.us: could not connect to host
 hazcod.com: could not connect to host
 hazyrom.net: could not connect to host
 hcie.pl: could not connect to host
 hcs-company.com: did not receive HSTS header
 hcs-company.nl: did not receive HSTS header
 hd-offensive.at: could not connect to host
-hdcenter.cc: could not connect to host
+hdhoang.space: could not connect to host
 hdrboundless.com: could not connect to host
 hdsmigrationtool.com: could not connect to host
 hduin.xyz: could not connect to host
 hdwallpapers.net: did not receive HSTS header
 healtious.com: did not receive HSTS header
 heart.ge: did not receive HSTS header
 heartlandrentals.com: did not receive HSTS header
+hearty.space: could not connect to host
 heartyme.net: could not connect to host
 heathmanners.com: could not connect to host
 hebaus.com: could not connect to host
 heidilein.info: did not receive HSTS header
 heijblok.com: could not connect to host
 heimnetze.org: could not connect to host
 helgakristoffer.com: could not connect to host
 helgakristoffer.wedding: could not connect to host
 helingqi.com: could not connect to host
 helloworldhost.com: did not receive HSTS header
 helpadmin.net: could not connect to host
 helpium.de: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]"  nsresult: "0x80004005 (NS_ERROR_FAILURE)"  location: "JS frame :: /builds/slave/m-cen-l64-periodicupdate-00000/getHSTSPreloadList.js :: processStsHeader :: line 118"  data: no]
 helpmebuild.com: did not receive HSTS header
 hemdal.se: could not connect to host
 hencagon.com: could not connect to host
-henryphan.com: could not connect to host
 hepteract.us: could not connect to host
 heritagedentistry.ca: did not receive HSTS header
 herrenfahrt.com: did not receive HSTS header
 herzbotschaft.de: did not receive HSTS header
 heutger.net: did not receive HSTS header
 heywoodtown.co.uk: could not connect to host
 hfi.me: could not connect to host
 hibilog.com: could not connect to host
@@ -2387,16 +2407,17 @@ horseboners.xxx: did not receive HSTS he
 hortifarm.ro: did not receive HSTS header
 horvathtom.com: could not connect to host
 hosteasy.nl: did not receive HSTS header
 hostedtalkgadget.google.com: did not receive HSTS header (error ignored - included regardless)
 hostelite.com: did not receive HSTS header
 hostgarou.com: did not receive HSTS header
 hostinaus.com.au: did not receive HSTS header
 hostisan.com: could not connect to host
+hotartup.com: could not connect to host
 hotchillibox.co.za: could not connect to host
 hotchillibox.com: max-age too low: 0
 hotchoc.io: did not receive HSTS header
 hotelvue.nl: could not connect to host
 houkago-step.com: did not receive HSTS header
 housemaadiah.org: did not receive HSTS header
 housingstudents.org.uk: could not connect to host
 howrandom.org: could not connect to host
@@ -2416,16 +2437,17 @@ hugocollignon.fr: could not connect to h
 hugosleep.com.au: did not receive HSTS header
 humankode.com: did not receive HSTS header
 humblefinances.com: could not connect to host
 humeurs.net: could not connect to host
 humpi.at: could not connect to host
 humpteedumptee.in: did not receive HSTS header
 hup.blue: could not connect to host
 hurricanelabs.com: did not receive HSTS header
+husky.xyz: could not connect to host
 huskybutt.dog: could not connect to host
 hxying.com: could not connect to host
 hycken.com: did not receive HSTS header
 hydra.ws: could not connect to host
 hydronium.cf: could not connect to host
 hydronium.ga: could not connect to host
 hydronium.me: could not connect to host
 hydronium.ml: could not connect to host
@@ -2461,29 +2483,29 @@ idacmedia.com: max-age too low: 5184000
 ideal-envelopes.co.uk: did not receive HSTS header
 idealmykonos.com: did not receive HSTS header
 ideasmeetingpoint.com: could not connect to host
 ideation-inc.co.jp: could not connect to host
 idecode.net: could not connect to host
 idedr.com: could not connect to host
 identitylabs.uk: could not connect to host
 idgsupply.com: could not connect to host
-idinby.dk: did not receive HSTS header
 idlekernel.com: could not connect to host
 idontexist.me: did not receive HSTS header
 ie.search.yahoo.com: did not receive HSTS header
+iec.pe: could not connect to host
 ierna.com: did not receive HSTS header
 ies-italia.it: did not receive HSTS header
 ies.id.lv: could not connect to host
 ifad.org: did not receive HSTS header
 ifastuniversity.com: did not receive HSTS header
 ifleurs.com: could not connect to host
 ifx.ee: could not connect to host
 ignatisd.gr: did not receive HSTS header
-igule.net: did not receive HSTS header
+igule.net: could not connect to host
 ihrlotto.de: could not connect to host
 ihrnationalrat.ch: could not connect to host
 ihsbsd.me: could not connect to host
 ihsbsd.tk: could not connect to host
 ihuanmeng.com: did not receive HSTS header
 iispeed.com: did not receive HSTS header
 ikujii.com: max-age too low: 0
 ikwilguidobellen.nl: did not receive HSTS header
@@ -2500,16 +2522,17 @@ imim.pw: could not connect to host
 imirhil.fr: did not receive HSTS header
 immoprotect.ca: did not receive HSTS header
 immortals-co.com: did not receive HSTS header
 immoverkauf24.at: did not receive HSTS header
 immoverkauf24.de: did not receive HSTS header
 immunicity.date: could not connect to host
 immunicity.eu: did not receive HSTS header
 immunicity.info: could not connect to host
+immunicity.online: could not connect to host
 immunicity.press: could not connect to host
 immunicity.today: did not receive HSTS header
 immunicity.top: could not connect to host
 immunicity.works: did not receive HSTS header
 immunicity.world: did not receive HSTS header
 imolug.org: did not receive HSTS header
 imoni-blog.net: did not receive HSTS header
 imoto.me: could not connect to host
@@ -2519,17 +2542,18 @@ imrejonk.nl: could not connect to host
 imu.li: did not receive HSTS header
 imusic.dk: did not receive HSTS header
 inb4.us: could not connect to host
 inbox.li: did not receive HSTS header
 incendiary-arts.com: could not connect to host
 inche-ali.com: could not connect to host
 inchomatic.com: did not receive HSTS header
 indoorskiassen.nl: did not receive HSTS header
-infcof.com: max-age too low: 0
+indredouglas.me: could not connect to host
+infcof.com: did not receive HSTS header
 infilock.com: could not connect to host
 infinitude.xyz: could not connect to host
 infinitudecloud.com: could not connect to host
 infinitusgaming.eu: could not connect to host
 infinity-freedom.com: could not connect to host
 infinity-freedom.de: did not receive HSTS header
 infinity-lifestyle.de: did not receive HSTS header
 inflation.ml: could not connect to host
@@ -2565,16 +2589,17 @@ intelevo.com: max-age too low: 0
 interference.io: could not connect to host
 interhosts.co.za: could not connect to host
 interim-cto.de: could not connect to host
 interleucina.org: did not receive HSTS header
 interlun.com: could not connect to host
 internect.co.za: did not receive HSTS header
 internetcasinos.de: could not connect to host
 internetcensus.org: could not connect to host
+internetcom.jp: did not receive HSTS header
 interserved.com: did not receive HSTS header
 intervisteperstrada.com: could not connect to host
 intex.es: max-age too low: 0
 intim-uslugi-kazan.net: could not connect to host
 intimtoy.com.ua: could not connect to host
 intranetsec.fr: could not connect to host
 intrp.net: did not receive HSTS header
 inventionsteps.com.au: did not receive HSTS header
@@ -2625,17 +2650,16 @@ isitamor.pm: could not connect to host
 iskaz.rs: did not receive HSTS header
 isogen5.com: could not connect to host
 isogram.nl: could not connect to host
 israkurort.com: did not receive HSTS header
 istanbultravelguide.info: could not connect to host
 istaspirtslietas.lv: did not receive HSTS header
 it-go.net: did not receive HSTS header
 itechgeek.com: max-age too low: 0
-iteli.eu: could not connect to host
 ithakama.com: did not receive HSTS header
 ithakama.cz: did not receive HSTS header
 itos.asia: did not receive HSTS header
 itos.pl: did not receive HSTS header
 itpros.ru: did not receive HSTS header
 itriskltd.com: could not connect to host
 itsadog.co.uk: did not receive HSTS header
 itsagadget.com: did not receive HSTS header
@@ -2698,17 +2722,16 @@ jav-collective.com: could not connect to
 javelinsms.com: could not connect to host
 jayblock.com: did not receive HSTS header
 jayharris.ca: max-age too low: 86400
 jaylen.com.ar: did not receive HSTS header
 jayschulman.com: did not receive HSTS header
 jayscoaching.com: did not receive HSTS header
 jayshao.com: did not receive HSTS header
 jazzysumi.com: could not connect to host
-jbbd.fr: could not connect to host
 jbn.mx: could not connect to host
 jcch.de: could not connect to host
 jcor.me: did not receive HSTS header
 jcoscia.com: could not connect to host
 jctf.io: could not connect to host
 jdav-leipzig.de: could not connect to host
 jdcdirectsales.com.ph: did not receive HSTS header
 jebengotai.com: did not receive HSTS header
@@ -2717,30 +2740,28 @@ jellybeanbooks.com.au: did not receive H
 jenjoit.de: could not connect to host
 jensenbanden.no: could not connect to host
 jeremye77.com: did not receive HSTS header
 jesorsenville.com: did not receive HSTS header
 jessicabenedictus.nl: could not connect to host
 jesuisformidable.nl: could not connect to host
 jet-code.com: could not connect to host
 jetaprices.com: could not connect to host
-jetbbs.com: did not receive HSTS header
 jetmirshatri.com: did not receive HSTS header
 jetsetcharge.com: could not connect to host
 jetsetpay.com: could not connect to host
 jettshome.org: could not connect to host
 jeugdkans.nl: did not receive HSTS header
 jfmel.com: did not receive HSTS header
 jfx.space: did not receive HSTS header
 jh-media.eu: could not connect to host
 jhburton.uk: could not connect to host
 jhejderup.me: could not connect to host
 jia1hao.com: could not connect to host
 jiaidu.com: could not connect to host
-jialinwu.com: could not connect to host
 jiangzm.com: could not connect to host
 jichi.io: did not receive HSTS header
 jikken.de: could not connect to host
 jimas.eu: did not receive HSTS header
 jimgao.tk: did not receive HSTS header
 jimmycai.org: could not connect to host
 jingyuesi.com: could not connect to host
 jirav.io: could not connect to host
@@ -2770,69 +2791,72 @@ jordanhamilton.me: could not connect to 
 joretapo.fr: did not receive HSTS header
 jorrit.info: could not connect to host
 josahrens.me: could not connect to host
 josericaurte.com: could not connect to host
 joshi.su: could not connect to host
 joshstroup.me: could not connect to host
 jotpics.com: could not connect to host
 jottit.com: could not connect to host
-jovic.hamburg: could not connect to host
+jpaglier.com: could not connect to host
 jpbike.cz: could not connect to host
 jrc9.ca: did not receive HSTS header
 jrgold.me: could not connect to host
 jrmd.io: could not connect to host
 jrvar.com: did not receive HSTS header
 jsanders.us: did not receive HSTS header
 jsg-technologies.de: did not receive HSTS header
+jslay.net: could not connect to host
 jualautoclave.com: did not receive HSTS header
 jualssh.com: could not connect to host
 julian-kipka.de: could not connect to host
 julido.de: did not receive HSTS header
 jumbox.xyz: could not connect to host
 junaos.xyz: did not receive HSTS header
 junge-selbsthilfe.info: could not connect to host
 junjung.me: max-age too low: 0
 junqtion.com: could not connect to host
 jupp0r.de: did not receive HSTS header
 justanothercompany.name: could not connect to host
 justinlemay.com: did not receive HSTS header
 justlikethat.hosting: did not receive HSTS header
 justnaw.co.uk: could not connect to host
 justudin.com: did not receive HSTS header
-jutella.de: did not receive HSTS header
+jutella.de: could not connect to host
 juwairen.cn: did not receive HSTS header
 juxstempel.de: max-age too low: 86400
 jvoice.net: could not connect to host
 jwilsson.me: could not connect to host
 jxm.in: could not connect to host
 jznet.org: max-age too low: 86400
 k-dev.de: could not connect to host
-k258059.net: could not connect to host
 ka-clan.com: could not connect to host
 kabinapp.com: could not connect to host
 kabuabc.com: did not receive HSTS header
 kabus.org: could not connect to host
 kadioglumakina.com.tr: did not receive HSTS header
 kaela.design: could not connect to host
 kahopoon.net: could not connect to host
 kaisers.de: did not receive HSTS header
 kaiyuewu.com: could not connect to host
 kalami.nl: could not connect to host
 kalevlamps.co.uk: could not connect to host
 kamalame.co: did not receive HSTS header
 kamikano.com: could not connect to host
 kanar.nl: could not connect to host
+kanehusky.com: could not connect to host
 kaneo-gmbh.de: did not receive HSTS header
+kaniklani.co.za: could not connect to host
 kaohub.com: could not connect to host
 kaplatz.is: could not connect to host
 kapucini.si: max-age too low: 0
 kaputt.com: could not connect to host
 karaoketonight.com: could not connect to host
 karlis-kavacis.id.lv: did not receive HSTS header
+karmaflux.com: did not receive HSTS header
 karpanhellas.com: did not receive HSTS header
 kasilag.me: did not receive HSTS header
 katiaetdavid.fr: could not connect to host
 katproxy.online: could not connect to host
 katproxy.site: could not connect to host
 katproxy.tech: could not connect to host
 katproxy.top: could not connect to host
 kaufkraftkiel.de: could not connect to host
@@ -2846,17 +2870,16 @@ kd-plus.pp.ua: could not connect to host
 kdata.it: did not receive HSTS header
 kdm-online.de: did not receive HSTS header
 kearney.io: could not connect to host
 keeley.gq: could not connect to host
 keeley.ml: could not connect to host
 keeleysam.me: could not connect to host
 keepassa.co: could not connect to host
 keepclean.me: could not connect to host
-kellyandantony.com: did not receive HSTS header
 kennethlim.me: could not connect to host
 kerangalam.com: could not connect to host
 kerksanders.nl: did not receive HSTS header
 kermadec.net: could not connect to host
 kernl.us: did not receive HSTS header
 kevinbowers.me: did not receive HSTS header
 keymaster.lookout.com: did not receive HSTS header
 kfbrussels.be: could not connect to host
@@ -2868,23 +2891,23 @@ kickass.al: could not connect to host
 kid-dachau.de: did not receive HSTS header
 kiel-media.de: did not receive HSTS header
 killerit.in: could not connect to host
 kimberg.co.uk: could not connect to host
 kimpost.org: could not connect to host
 kinderly.co.uk: did not receive HSTS header
 kinderwagen-test24.de: could not connect to host
 kindof.ninja: could not connect to host
-kingclass.cn: could not connect to host
 kingmanhall.org: could not connect to host
 kinkdr.com: could not connect to host
 kinnon.enterprises: could not connect to host
 kintrip.com: did not receive HSTS header
 kionetworks.com: did not receive HSTS header
 kipin.fr: did not receive HSTS header
+kiraboshi.xyz: could not connect to host
 kirara.eu: could not connect to host
 kirkforcongress.com: could not connect to host
 kirkforsenate.com: could not connect to host
 kirkovsky.com: could not connect to host
 kirkpatrickdavis.com: could not connect to host
 kisa.io: could not connect to host
 kisalt.im: did not receive HSTS header
 kiss-register.org: did not receive HSTS header
@@ -2940,17 +2963,16 @@ kostuumstore.nl: could not connect to ho
 kotois.com: could not connect to host
 kotonehoko.net: could not connect to host
 kotovstyle.ru: could not connect to host
 koukni.cz: could not connect to host
 kourpe.online: could not connect to host
 kprog.net: could not connect to host
 kr.search.yahoo.com: did not receive HSTS header
 kraftfleisch.de: did not receive HSTS header
-kralik.io: could not connect to host
 kralik.xyz: could not connect to host
 krasovsky.me: could not connect to host
 krayx.com: did not receive HSTS header
 kreavis.com: did not receive HSTS header
 kreb.io: could not connect to host
 kredite.sale: could not connect to host
 krestanskydarek.cz: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]"  nsresult: "0x80004005 (NS_ERROR_FAILURE)"  location: "JS frame :: /builds/slave/m-cen-l64-periodicupdate-00000/getHSTSPreloadList.js :: processStsHeader :: line 118"  data: no]
 kriegt.es: did not receive HSTS header
@@ -3002,16 +3024,17 @@ labs.directory: could not connect to hos
 labs.moscow: did not receive HSTS header
 lacaverne.nl: could not connect to host
 lachlankidson.net: did not receive HSTS header
 lacledeslan.ninja: could not connect to host
 lacocinadelila.com: did not receive HSTS header
 laf.in.net: could not connect to host
 lagalerievirtuelle.fr: did not receive HSTS header
 lagoza.name: could not connect to host
+lalaya.fr: could not connect to host
 lamaland.ru: did not receive HSTS header
 lambda-complex.org: could not connect to host
 lambdafive.co.uk: could not connect to host
 lampl.info: could not connect to host
 lana.swedbank.se: did not receive HSTS header
 lancehoteis.com.br: could not connect to host
 landscape.canonical.com: max-age too low: 2592000
 landscapingmedic.com: did not receive HSTS header
@@ -3069,16 +3092,17 @@ lerner.moscow: did not receive HSTS head
 les-corsaires.net: could not connect to host
 les-voitures-electriques.com: did not receive HSTS header
 lesliekearney.com: did not receive HSTS header
 lesperlesdunet.fr: could not connect to host
 lesquerda.cat: did not receive HSTS header
 letras.mus.br: did not receive HSTS header
 letsmultiplayerplay.com: did not receive HSTS header
 letustravel.tk: could not connect to host
+level-10.net: did not receive HSTS header
 levelum.com: did not receive HSTS header
 levert.ch: could not connect to host
 levindesalpes.fr: did not receive HSTS header
 lfullerdesign.com: did not receive HSTS header
 lg21.co: could not connect to host
 lgiswa.com.au: did not receive HSTS header
 lgrs.com.au: did not receive HSTS header
 lgts.se: could not connect to host
@@ -3110,17 +3134,17 @@ lifeguard.aecom.com: did not receive HST
 lifeinitsownway.com: could not connect to host
 lifeskillsdirect.com: did not receive HSTS header
 lifestylehunter.co.uk: did not receive HSTS header
 lifetimemoneymachine.com: did not receive HSTS header
 lightarmory.com: could not connect to host
 lightpaste.com: could not connect to host
 lightworx.io: did not receive HSTS header
 lila.pink: did not receive HSTS header
-lillepuu.com: could not connect to host
+lillepuu.com: did not receive HSTS header
 lillpopp.eu: max-age too low: 10
 lilpwny.com: could not connect to host
 lim-light.com: did not receive HSTS header
 limalama.eu: max-age too low: 1
 limeyeti.com: could not connect to host
 limiteddata.co.uk: could not connect to host
 limpido.it: could not connect to host
 lincolnwayflorist.com: could not connect to host
@@ -3146,30 +3170,30 @@ lisaco.de: could not connect to host
 listafirmelor.com: could not connect to host
 listage.ovh: did not receive HSTS header
 litespeed.io: could not connect to host
 little.pw: did not receive HSTS header
 livedemo.io: could not connect to host
 livej.am: could not connect to host
 livi.co: did not receive HSTS header
 lixiang.one: could not connect to host
-lkummer.cz: could not connect to host
 lmerza.com: could not connect to host
 loacg.com: did not receive HSTS header
-loadingdeck.com: did not receive HSTS header
+loadingdeck.com: max-age too low: 0
 loadso.me: could not connect to host
 loafbox.com: could not connect to host
 loansonline.today: could not connect to host
 localchum.com: could not connect to host
 localdrive.me: did not receive HSTS header
 locktheirphone.com: could not connect to host
 locomotive.ca: did not receive HSTS header
 loftboard.eu: could not connect to host
 logario.com.br: could not connect to host
 logcat.info: could not connect to host
+logfile.ch: could not connect to host
 logicaladvertising.com: could not connect to host
 login.corp.google.com: max-age too low: 7776000 (error ignored - included regardless)
 login.persona.org: could not connect to host
 loginseite.com: could not connect to host
 lognot.net: could not connect to host
 loli.bz: could not connect to host
 lolicore.ch: could not connect to host
 lolidunno.com: could not connect to host
@@ -3248,24 +3272,23 @@ lzkill.com: did not receive HSTS header
 m-ali.xyz: could not connect to host
 m.gparent.org: could not connect to host
 m.nu: did not receive HSTS header
 m0wef.uk: could not connect to host
 m2tc.fr: could not connect to host
 m3-gmbh.de: did not receive HSTS header
 m82labs.com: did not receive HSTS header
 maarten.nyc: could not connect to host
-mabulledu.net: did not receive HSTS header
 mac-torrents.me: did not receive HSTS header
 macbolo.com: could not connect to host
 macchaberrycream.com: could not connect to host
 macchedil.com: did not receive HSTS header
 macdj.tk: could not connect to host
 macgeneral.de: did not receive HSTS header
-machbach.net: did not receive HSTS header
+machbach.net: could not connect to host
 maco.org.uk: could not connect to host
 macsandcheesedreams.com: could not connect to host
 madars.org: did not receive HSTS header
 maddin.ga: could not connect to host
 madebymagnitude.com: did not receive HSTS header
 maderwin.com: did not receive HSTS header
 mae-berlinistanbul.com: could not connect to host
 mafamane.com: could not connect to host
@@ -3320,17 +3343,16 @@ mariposah.ch: could not connect to host
 markaconnor.com: could not connect to host
 markayapilandirma.com: could not connect to host
 markcp.me: could not connect to host
 market.android.com: did not receive HSTS header (error ignored - included regardless)
 marketespace.fr: did not receive HSTS header
 markrego.com: could not connect to host
 marksill.com: could not connect to host
 marktboten.de: did not receive HSTS header
-marktissink.nl: did not receive HSTS header
 markus-dev.com: did not receive HSTS header
 markusweimar.de: did not receive HSTS header
 marleyresort.com: did not receive HSTS header
 marriottvetcareers.com: could not connect to host
 marshut.net: could not connect to host
 martiert.com: could not connect to host
 martijnvhoof.nl: could not connect to host
 martinec.co.uk: could not connect to host
@@ -3341,51 +3363,51 @@ mashnew.com: did not receive HSTS header
 masjidtawheed.net: did not receive HSTS header
 masterapi.ninja: did not receive HSTS header
 masteringtheterminal.com: did not receive HSTS header
 mastimtibetano.com: could not connect to host
 masty.nl: did not receive HSTS header
 matatall.com: did not receive HSTS header
 matchneedle.com: could not connect to host
 maternalsafety.org: did not receive HSTS header
-matillat.ovh: could not connect to host
 matrict.com: could not connect to host
 matrip.de: could not connect to host
 matrix.ac: could not connect to host
 matrixcheats.net: could not connect to host
 matsuz.com: could not connect to host
 mattandreko.com: did not receive HSTS header
-mattberryman.com: did not receive HSTS header
+mattberryman.com: max-age too low: 0
 matterconcern.com: could not connect to host
 mattfin.ch: could not connect to host
 matthewprenger.com: could not connect to host
 matthiassteen.be: max-age too low: 0
+mattia98.org: could not connect to host
 mattressinsider.com: max-age too low: 3153600
-mattsvensson.com: did not receive HSTS header
+mattsvensson.com: max-age too low: 0
 matty.digital: max-age too low: 3600
 maultrom.ml: could not connect to host
 maupiknik.com: did not receive HSTS header
 maur.cz: did not receive HSTS header
 mavisang.cf: could not connect to host
 mawe.red: could not connect to host
 maxr1998.de: did not receive HSTS header
 maya.mg: could not connect to host
 mazz-tech.com: could not connect to host
 mc-team.org: could not connect to host
 mc81.com: could not connect to host
 mca2017.org: did not receive HSTS header
 mcard.vn: did not receive HSTS header
-mcatnnlo.org: could not connect to host
 mcc.re: could not connect to host
 mcdonalds.ru: did not receive HSTS header
 mcga.media: could not connect to host
 mclab.su: could not connect to host
 mdfnet.se: did not receive HSTS header
 mdscomp.net: did not receive HSTS header
-meamod.com: did not receive HSTS header
+meadowfen.farm: could not connect to host
+meamod.com: max-age too low: 0
 mecenat-cassous.com: did not receive HSTS header
 mechmk1.me: did not receive HSTS header
 medallia.io: could not connect to host
 mediacru.sh: did not receive HSTS header
 mediafinancelab.org: could not connect to host
 mediamag.am: max-age too low: 0
 mediastorm.us: could not connect to host
 mediawikicn.org: could not connect to host
@@ -3404,17 +3426,17 @@ megaxchange.com: did not receive HSTS he
 meghudson.com: could not connect to host
 meifrench.com: could not connect to host
 meillard-auto-ecole.ch: could not connect to host
 mein-gesundheitsmanager.com: max-age too low: 0
 meincloudspeicher.de: could not connect to host
 meinebo.it: could not connect to host
 melangebrasil.com: could not connect to host
 melted.pw: could not connect to host
-melvinlammerts.nl: could not connect to host
+melvinlammerts.nl: did not receive HSTS header
 members.mayfirst.org: did not receive HSTS header
 memeblast.ninja: could not connect to host
 memory-plus-180.com: could not connect to host
 mensmaximus.de: did not receive HSTS header
 menthix.net: could not connect to host
 menudrivetest.com: could not connect to host
 meozcraft.com: could not connect to host
 mereckas.com: could not connect to host
@@ -3440,16 +3462,17 @@ mhdsyarif.com: did not receive HSTS head
 mhealthdemocamp.com: could not connect to host
 mhertel.com: did not receive HSTS header
 mhict.nl: could not connect to host
 mht-travel.com: could not connect to host
 mhx.pw: could not connect to host
 mia.to: could not connect to host
 michaeldemuth.com: could not connect to host
 michaelfitzpatrickruth.com: did not receive HSTS header
+michaelmorpurgo.com: did not receive HSTS header
 michaelwaite.org: could not connect to host
 michal-kral.cz: could not connect to host
 michalborka.cz: could not connect to host
 michelchouinard.ca: could not connect to host
 michelledonelan.co.uk: did not receive HSTS header
 miconware.de: did not receive HSTS header
 micro-dv.ru: could not connect to host
 micro-rain-systems.com: did not receive HSTS header
@@ -3484,94 +3507,97 @@ mimoderoupa.pt: could not connect to hos
 mindcraft.ga: could not connect to host
 mindoktor.se: did not receive HSTS header
 minecraftserverz.com: could not connect to host
 minecraftvoter.com: could not connect to host
 mineover.es: could not connect to host
 minh.at: could not connect to host
 mini-piraten.de: did not receive HSTS header
 minikneet.nl: did not receive HSTS header
+minimoo.se: could not connect to host
 minnesotadata.com: could not connect to host
 minora.io: could not connect to host
 minoris.se: did not receive HSTS header
 miragrow.com: could not connect to host
 mirindadomo.ru: did not receive HSTS header
 mironized.com: did not receive HSTS header
 mirrorx.com: did not receive HSTS header
 missrain.tw: could not connect to host
 mist.ink: could not connect to host
 mister.hosting: could not connect to host
 misterl.net: did not receive HSTS header
 mit-uns.org: could not connect to host
 mittenhacks.com: could not connect to host
 mivcon.net: could not connect to host
 mizd.at: could not connect to host
 mizi.name: could not connect to host
-mjacobson.net: could not connect to host
 mkasu.org: did not receive HSTS header
 mkw.st: could not connect to host
 mlcdn.co: could not connect to host
 mlp.ee: could not connect to host
 mlpepilepsy.org: could not connect to host
 mmgazhomeloans.com: did not receive HSTS header
+mnec.io: could not connect to host
 mnemotiv.com: could not connect to host
 mnetworkingsolutions.co.uk: could not connect to host
 mnmt.no: did not receive HSTS header
 mnwt.nl: could not connect to host
 mobifinans.ru: did not receive HSTS header
 mobilebay.top: could not connect to host
 mobilekey.co: could not connect to host
 mobilemedics.com: did not receive HSTS header
 mobilethreat.net: could not connect to host
 mobilethreatnetwork.net: could not connect to host
 mobilpass.no: could not connect to host
 mobiwalk.com: could not connect to host
 mobix5.com: did not receive HSTS header
 mocloud.eu: could not connect to host
+mocsuite.club: could not connect to host
 mocurio.com: could not connect to host
 moddedark.com: could not connect to host
 model9.io: did not receive HSTS header
 modemagazines.co.uk: could not connect to host
 modernibytovytextil.cz: could not connect to host
 modydev.club: could not connect to host
 moebel-nagel.de: did not receive HSTS header
 moellers.it: could not connect to host
-moellers.systems: could not connect to host
 moelord.org: could not connect to host
 moen.io: did not receive HSTS header
 moeyi.xyz: could not connect to host
 mogry.net: could not connect to host
 moho.kr: could not connect to host
 moitur.com: did not receive HSTS header
 mokhtarmial.com: max-age too low: 2592000
 mols.me: could not connect to host
 momoka.moe: could not connect to host
 mona.lu: did not receive HSTS header
 monarca.systems: could not connect to host
 monasterialis.eu: could not connect to host
 mondar.io: could not connect to host
 mondopoint.com: did not receive HSTS header
 mondwandler.de: could not connect to host
 moneromerchant.com: could not connect to host
+moneychangersoftware.com: did not receive HSTS header
 moneycrownmedia.com: could not connect to host
 moneytoday.com: max-age too low: 0
 monika-sokol.de: did not receive HSTS header
 monitman.com: did not receive HSTS header
 monnyonle.hu: could not connect to host
 monsieurbureau.com: did not receive HSTS header
 monstrus.de: max-age too low: 86400
 montanacures.org: could not connect to host
 montenero.pl: could not connect to host
 montonicms.com: could not connect to host
 moon.lc: could not connect to host
 moonloupe.com: could not connect to host
 moov.is: could not connect to host
 moparisthebest.biz: could not connect to host
 moparisthebest.info: could not connect to host
 moparscape.org: did not receive HSTS header
+mopsuite.club: could not connect to host
 mor.cloud: could not connect to host
 mor.gl: could not connect to host
 morethanadream.lv: could not connect to host
 morningcalculation.com: could not connect to host
 morninglory.com: max-age too low: 2592000
 mornings.com: did not receive HSTS header
 morpork.xyz: could not connect to host
 mortgagecentersmo.com: did not receive HSTS header
@@ -3594,16 +3620,17 @@ mrawe.com: could not connect to host
 mrdani.net: could not connect to host
 mrettich.org: did not receive HSTS header
 mrning.com: did not receive HSTS header
 mrnonz.com: max-age too low: 0
 mrpopat.in: did not receive HSTS header
 mrs-shop.com: did not receive HSTS header
 mrsk.me: could not connect to host
 msc-seereisen.net: could not connect to host
+mshemailmarketer.com.au: did not receive HSTS header
 msno.no: did not receive HSTS header
 mszaki.com: did not receive HSTS header
 mt.me.uk: could not connect to host
 mt.search.yahoo.com: did not receive HSTS header
 mtcgf.com: did not receive HSTS header
 mtg-esport.de: did not receive HSTS header
 mts-energia.eu: did not receive HSTS header
 mu.search.yahoo.com: did not receive HSTS header
@@ -3663,17 +3690,16 @@ mythslegendscollection.com: did not rece
 myweb360.de: did not receive HSTS header
 myzone.com: did not receive HSTS header
 n0psled.nl: could not connect to host
 n2x.in: could not connect to host
 n4l.pw: could not connect to host
 nabru.co.uk: did not receive HSTS header
 nabytko.cz: did not receive HSTS header
 nadia.pt: could not connect to host
-nagios.by: could not connect to host
 nagoya-kyuyo.com: could not connect to host
 naiharngym.com: did not receive HSTS header
 najedlo.sk: did not receive HSTS header
 nakamastreamingcommunity.com: could not connect to host
 nakliyatsirketi.biz: did not receive HSTS header
 nakuro.de: could not connect to host
 nalifornia.com: did not receive HSTS header
 nallon.com.br: could not connect to host
@@ -3690,21 +3716,21 @@ nanogi.ga: could not connect to host
 nansay.cn: could not connect to host
 nanto.eu: could not connect to host
 narada.com.ua: could not connect to host
 nashira.cz: did not receive HSTS header
 natalia-fadeeva.ru: could not connect to host
 natalia.io: could not connect to host
 natalieandjoshua.com: could not connect to host
 natalt.org: did not receive HSTS header
+nathanmfarrugia.com: did not receive HSTS header
 nationwidevehiclecontracts.co.uk: did not receive HSTS header
 natural-progesterone.net: could not connect to host
 naturecoaster.com: did not receive HSTS header
 naturesystems.cz: max-age too low: 0
-naturline.com: did not receive HSTS header
 natuurbehangnederland.nl: could not connect to host
 nauck.org: could not connect to host
 nav.jobs: could not connect to host
 naval.tf: could not connect to host
 navenlle.com: did not receive HSTS header
 navjobs.com: did not receive HSTS header
 nbb.io: could not connect to host
 nbg-ha.de: could not connect to host
@@ -3783,27 +3809,30 @@ nicoborghuis.nl: could not connect to ho
 nicolasbettag.me: did not receive HSTS header
 niconiconi.xyz: could not connect to host
 niconode.com: could not connect to host
 niduxcomercial.com: could not connect to host
 nien.chat: could not connect to host
 nightwinds.tk: could not connect to host
 niho.jp: did not receive HSTS header
 nikcub.com: did not receive HSTS header
+nikklassen.ca: could not connect to host
+nikksno.io: did not receive HSTS header
 niklaslindblad.se: did not receive HSTS header
+nikobradshaw.com: did not receive HSTS header
 nikomo.fi: did not receive HSTS header
 ninchisho-online.com: did not receive HSTS header
 ninhs.org: could not connect to host
 nippler.org: did not receive HSTS header
 nippombashi.net: did not receive HSTS header
 nipponcareers.com: did not receive HSTS header
 nitrix.me: could not connect to host
 niva.synology.me: could not connect to host
 nixien.fr: could not connect to host
-nixmag.net: could not connect to host
+nixmag.net: max-age too low: 2592000
 nll.fi: could not connect to host
 nmctest.net: could not connect to host
 nnya.cat: could not connect to host
 no-ip.cz: did not receive HSTS header
 no17sifangjie.cc: could not connect to host
 nocallaghan.com: could not connect to host
 noclegi-online.pl: did not receive HSTS header
 noctinus.tk: could not connect to host
@@ -3818,22 +3847,22 @@ nolte.work: could not connect to host
 nomorebytes.de: could not connect to host
 nope.website: could not connect to host
 nopex.no: could not connect to host
 nopol.de: could not connect to host
 norandom.com: could not connect to host
 norb.at: could not connect to host
 nosecretshop.com: did not receive HSTS header
 notadd.com: did not receive HSTS header
-nothing.net.nz: max-age too low: 7776000
-notify.moe: could not connect to host
+notenoughtime.de: could not connect to host
+nothing.net.nz: could not connect to host
 notinprod.com: did not receive HSTS header
 nottheonion.net: did not receive HSTS header
 nouvelle-vague-saint-cast.fr: did not receive HSTS header
-novaco.in: max-age too low: 3600
+novaco.in: could not connect to host
 novacoast.com: did not receive HSTS header
 novatrucking.de: could not connect to host
 nowak.ninja: did not receive HSTS header
 noworrywp.com: could not connect to host
 nozoe.jp: could not connect to host
 np.search.yahoo.com: did not receive HSTS header
 npol.de: could not connect to host
 nqesh.com: could not connect to host
@@ -3852,31 +3881,33 @@ nu3.fi: did not receive HSTS header
 nu3.fr: did not receive HSTS header
 nu3.no: did not receive HSTS header
 nu3.se: did not receive HSTS header
 nufla.de: could not connect to host
 null-sec.ru: could not connect to host
 null.cat: could not connect to host
 null.tips: could not connect to host
 nullpoint.at: did not receive HSTS header
+numberzero.org: could not connect to host
 numericacu.com: did not receive HSTS header
 numero-di-telefono.it: could not connect to host
 numista.com: did not receive HSTS header
 nurserybook.co: did not receive HSTS header
 nusatrip-api.com: did not receive HSTS header
 nutritionculture.com: could not connect to host
 nutsandboltsmedia.com: did not receive HSTS header
 nuttyveg.com: could not connect to host
 nwa.xyz: could not connect to host
 nweb.co.nz: could not connect to host
 nwerc.party: could not connect to host
 nwgh.org: could not connect to host
 nwork.media: could not connect to host
 nyantec.com: did not receive HSTS header
 nycroth.com: did not receive HSTS header
+nymphetomania.net: did not receive HSTS header
 nys-hk.com: could not connect to host
 nysepho.pw: could not connect to host
 nysifclaimcentral.com: did not receive HSTS header
 nystart.no: did not receive HSTS header
 nz.search.yahoo.com: max-age too low: 172800
 nzb.cat: did not receive HSTS header
 nzbs.io: could not connect to host
 nzquakes.maori.nz: did not receive HSTS header
@@ -3963,16 +3994,17 @@ openas.org: could not connect to host
 opendesk.cc: did not receive HSTS header
 openmind-shop.de: did not receive HSTS header
 openmtbmap.org: did not receive HSTS header
 openpriv.pw: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]"  nsresult: "0x80004005 (NS_ERROR_FAILURE)"  location: "JS frame :: /builds/slave/m-cen-l64-periodicupdate-00000/getHSTSPreloadList.js :: processStsHeader :: line 118"  data: no]
 openprovider.nl: did not receive HSTS header
 openquery.com.au: did not receive HSTS header
 openshift.redhat.com: did not receive HSTS header
 opensourcehouse.net: could not connect to host
+openspace.xxx: did not receive HSTS header
 opensrd.com: could not connect to host
 openxmpp.com: could not connect to host
 opim.ca: did not receive HSTS header
 opoleo.com: could not connect to host
 opperwall.net: did not receive HSTS header
 opsafewinter.net: could not connect to host
 opsbears.com: did not receive HSTS header
 optenhoefel.de: could not connect to host
@@ -4015,16 +4047,17 @@ outetc.com: could not connect to host
 outreachbuddy.com: could not connect to host
 outsider.im: could not connect to host
 outurnate.com: could not connect to host
 ouvirmusica.com.br: did not receive HSTS header
 ovenapp.io: did not receive HSTS header
 overclockers.ge: could not connect to host
 override.io: did not receive HSTS header
 oversight.io: could not connect to host
+ovuscloud.de: could not connect to host
 ovvy.net: did not receive HSTS header
 owncloud.help: could not connect to host
 ownmovies.fr: could not connect to host
 oxygenabsorbers.com: did not receive HSTS header
 oxynux.fr: could not connect to host
 oyste.in: could not connect to host
 p.linode.com: could not connect to host
 p3in.com: did not receive HSTS header
@@ -4043,22 +4076,22 @@ paisaone.com: did not receive HSTS heade
 paku.me: could not connect to host
 palmer.im: could not connect to host
 pamplona.tv: could not connect to host
 pamsoft.pl: max-age too low: 0
 panaceallc.net: could not connect to host
 panama-gbs.com: did not receive HSTS header
 panamaequity.com: did not receive HSTS header
 panamateakforestry.com: did not receive HSTS header
-paneu.de: could not connect to host
 panni.me: could not connect to host
 panoranordic.net: could not connect to host
 pansu.space: could not connect to host
 pants-off.xyz: could not connect to host
 pantsu.cat: did not receive HSTS header
+panzer72.ru: did not receive HSTS header
 papalytics.com: could not connect to host
 papeda.net: could not connect to host
 papercard.co.uk: did not receive HSTS header
 paperhaven.com.au: did not receive HSTS header
 papierniak.net: could not connect to host
 papygeek.com: could not connect to host
 parabhairavayoga.com: did not receive HSTS header
 paradiselost.com: max-age too low: 0
@@ -4082,35 +4115,37 @@ passumpsicbank.com: did not receive HSTS
 passwordbox.com: did not receive HSTS header
 passwordrevelator.net: did not receive HSTS header
 pastaf.com: could not connect to host
 pastdream.xyz: could not connect to host
 paste.linode.com: could not connect to host
 pastebin.linode.com: could not connect to host
 pastenib.com: could not connect to host
 paster.li: did not receive HSTS header
-pastie.se: could not connect to host
 pataua.kiwi: did not receive HSTS header
 paternitydnatest.com: could not connect to host
 patientinsight.net: could not connect to host
 patt.us: did not receive HSTS header
 patterson.mp: could not connect to host
 paul-kerebel.pro: could not connect to host
+paulbunyanmls.com: could not connect to host
 paulchen.at: could not connect to host
 paulproell.at: could not connect to host
 paulyang.cn: did not receive HSTS header
 pavelfojt.cz: did not receive HSTS header
 paxwinkel.nl: did not receive HSTS header
 pay.gigahost.dk: did not receive HSTS header
 payfreez.com: could not connect to host
 payments-reference.org: could not connect to host
 payments.google.com: did not receive HSTS header (error ignored - included regardless)
 payroll.ch: could not connect to host
 pbapp.net: did not receive HSTS header
+pbbr.com: did not receive HSTS header
 pbprint.ru: max-age too low: 0
+pbytes.com: could not connect to host
 pc-nf.de: did not receive HSTS header
 pcfun.net: could not connect to host
 pchax.net: could not connect to host
 pchospital.cc: did not receive HSTS header
 pdamsidoarjo.co.id: could not connect to host
 pdevio.com: could not connect to host
 pdf.yt: could not connect to host
 peakapp.nl: could not connect to host
@@ -4132,18 +4167,16 @@ perfectionis.me: could not connect to ho
 performous.org: could not connect to host
 perfumista.vn: did not receive HSTS header
 perlwork.nl: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]"  nsresult: "0x80004005 (NS_ERROR_FAILURE)"  location: "JS frame :: /builds/slave/m-cen-l64-periodicupdate-00000/getHSTSPreloadList.js :: processStsHeader :: line 118"  data: no]
 perplex.nl: did not receive HSTS header
 perroud.pro: could not connect to host
 personaldatabasen.no: could not connect to host
 personalinjurylist.com: did not receive HSTS header
 personalizedtouch.co: could not connect to host
-persson.im: could not connect to host
-persson.me: could not connect to host
 perthdevicelab.com: did not receive HSTS header
 pesmyclub.com: did not receive HSTS header
 pet-nsk.ru: could not connect to host
 petchart.net: could not connect to host
 pethub.com: did not receive HSTS header
 petit.site: could not connect to host
 petplum.com: did not receive HSTS header
 petravdbos.nl: did not receive HSTS header
@@ -4184,17 +4217,17 @@ piratebit.tech: could not connect to hos
 piratedb.com: could not connect to host
 piratedot.com: could not connect to host
 piratelist.online: could not connect to host
 piratenlogin.de: could not connect to host
 pirateproxy.pe: could not connect to host
 pirateproxy.sx: could not connect to host
 pirateproxy.vip: could not connect to host
 pirati.cz: did not receive HSTS header
-pirlitu.com: could not connect to host
+pirlitu.com: did not receive HSTS header
 pisexy.me: did not receive HSTS header
 pisidia.de: could not connect to host
 pitonarms.com: could not connect to host
 pittonpreschool.com: did not receive HSTS header
 pixdigital.net: did not receive HSTS header
 pixel.google.com: did not receive HSTS header (error ignored - included regardless)
 pixelcode.com.au: could not connect to host
 pixelhero.co.uk: did not receive HSTS header
@@ -4207,17 +4240,16 @@ placollection.org: could not connect to 
 plaettliaktion.ch: did not receive HSTS header
 planpharmacy.com: could not connect to host
 plass.hamburg: could not connect to host
 platform.lookout.com: could not connect to host
 platomania.eu: did not receive HSTS header
 play.google.com: did not receive HSTS header (error ignored - included regardless)
 playflick.com: did not receive HSTS header
 playmaker.io: could not connect to host
-playmyplay.com: did not receive HSTS header
 playnation.io: could not connect to host
 playsharp.com: could not connect to host
 pleier-it.de: did not receive HSTS header
 pleier.it: did not receive HSTS header
 plfgr.eu.org: could not connect to host
 plhdb.org: did not receive HSTS header
 plirt.ru: did not receive HSTS header
 plixer.com: did not receive HSTS header
@@ -4254,20 +4286,18 @@ pompefunebrilariviera.it: could not conn
 pompompoes.com: could not connect to host
 pontualcomp.com: could not connect to host
 pony.today: could not connect to host
 poolsandstuff.com: did not receive HSTS header
 poon.tech: could not connect to host
 porno-gif.ru: did not receive HSTS header
 pornstars.me: did not receive HSTS header
 portalplatform.net: could not connect to host
-portalzine.de: did not receive HSTS header
 poshpak.com: max-age too low: 86400
 postcodewise.co.uk: did not receive HSTS header
-posterspy.com: did not receive HSTS header
 postscheduler.org: could not connect to host
 posylka.de: did not receive HSTS header
 potatoheads.net: could not connect to host
 potbar.com: could not connect to host
 potlytics.com: could not connect to host
 potsky.com: did not receive HSTS header
 poussinooz.fr: could not connect to host
 povitria.net: could not connect to host
@@ -4286,17 +4316,17 @@ preezzie.com: could not connect to host
 prefontaine.name: could not connect to host
 prego-shop.de: did not receive HSTS header
 preissler.co.uk: could not connect to host
 prelist.org: did not receive HSTS header
 presidentials2016.com: could not connect to host
 press-anime-nenkan.com: did not receive HSTS header
 pressfreedomfoundation.org: did not receive HSTS header
 pretzlaff.info: did not receive HSTS header
-preworkout.me: did not receive HSTS header
+preworkout.me: could not connect to host
 prezola.com: did not receive HSTS header
 prgslab.net: could not connect to host
 pridoc.se: did not receive HSTS header
 printerest.io: could not connect to host
 printexpress.cloud: did not receive HSTS header
 printfn.com: could not connect to host
 priolkar.com: did not receive HSTS header
 privacylabs.io: did not receive HSTS header
@@ -4310,26 +4340,28 @@ profivps.com: could not connect to host
 profundr.com: could not connect to host
 profusion.io: could not connect to host
 progblog.net: could not connect to host
 progress-technologies.com: could not connect to host
 prohostonline.fi: could not connect to host
 proitconsulting.com.au: could not connect to host
 project-sparks.eu: did not receive HSTS header
 projectmercury.space: could not connect to host
+prok.pw: could not connect to host
 promecon-gmbh.de: did not receive HSTS header
 prontocleaners.co.uk: could not connect to host
 prontolight.com: did not receive HSTS header
 prontomovers.co.uk: could not connect to host
 propactrading.com: could not connect to host
 property-catalogue.eu: did not receive HSTS header
+proposalonline.com: did not receive HSTS header
 prosocialmachines.com: could not connect to host
 prosoft.sk: did not receive HSTS header
 prosperident.com: did not receive HSTS header
-protoyou.de: could not connect to host
+protoyou.de: did not receive HSTS header
 prowhisky.de: did not receive HSTS header
 proximato.com: could not connect to host
 proxybay.al: could not connect to host
 proxybay.club: could not connect to host
 proxybay.info: did not receive HSTS header
 proxybay.top: did not receive HSTS header
 proxyowl.pw: could not connect to host
 proxyportal.org: did not receive HSTS header
@@ -4366,17 +4398,17 @@ q2.si: did not receive HSTS header
 qbik.de: did not receive HSTS header
 qccqld.org.au: could not connect to host
 qingpat.com: could not connect to host
 qingxuan.info: max-age too low: 864000
 qinxi1992.com: could not connect to host
 qionglu.pw: could not connect to host
 qirinus.com: could not connect to host
 qldconservation.org: could not connect to host
-qonqa.de: could not connect to host
+qonqa.de: did not receive HSTS header
 qop.io: could not connect to host
 qorm.co.uk: did not receive HSTS header
 qqq.gg: could not connect to host
 qrara.net: did not receive HSTS header
 qrlending.com: did not receive HSTS header
 quail.solutions: could not connect to host
 quality1.com.br: did not receive HSTS header
 quanglepro.com: did not receive HSTS header
@@ -4393,16 +4425,17 @@ quli.nl: did not receive HSTS header
 quotehex.com: could not connect to host
 quranserver.net: could not connect to host
 qvi.st: did not receive HSTS header
 qwaser.fr: could not connect to host
 qwilink.me: did not receive HSTS header
 r10n.com: did not receive HSTS header
 r15.me: could not connect to host
 r3bl.me: did not receive HSTS header
+r40.us: could not connect to host
 ra-schaal.de: could not connect to host
 raajheshkannaa.com: could not connect to host
 radicaleducation.net: could not connect to host
 radio-utopie.de: did not receive HSTS header
 radtke.bayern: could not connect to host
 rafaelcz.de: could not connect to host
 raidstone.com: could not connect to host
 raidstone.net: could not connect to host
@@ -4450,16 +4483,17 @@ rc4.io: could not connect to host
 rcafox.com: could not connect to host
 rcorporation.be: did not receive HSTS header
 rcpcbd.com: did not receive HSTS header
 rdns.im: did not receive HSTS header
 re-customer.net: did not receive HSTS header
 reachr.com: could not connect to host
 reader.ga: could not connect to host
 readr.pw: could not connect to host
+real-it.nl: did not receive HSTS header
 realmic.net: could not connect to host
 realmofespionage.com: could not connect to host
 reaper.rip: could not connect to host
 reardenporn.com: could not connect to host
 rebekaesgabor.online: could not connect to host
 recommended.reviews: could not connect to host
 redable.hosting: could not connect to host
 redar.xyz: could not connect to host
@@ -4477,25 +4511,27 @@ reg.ru: did not receive HSTS header
 regaloaks.com: did not receive HSTS header
 regalpalms.com: did not receive HSTS header
 regenbogenwald.de: did not receive HSTS header
 regenerescence.com: did not receive HSTS header
 reggae-cdmx.com: did not receive HSTS header
 rehabthailand.nl: could not connect to host
 rei.ki: could not connect to host
 reic.me: could not connect to host
+reikiqueen.uk: could not connect to host
 reinaldudras.ee: did not receive HSTS header
 reisyukaku.org: did not receive HSTS header
 reithguard-it.de: did not receive HSTS header
 rejo.in: could not connect to host
 rejuvemedspa.com: did not receive HSTS header
 relaxhavefun.com: did not receive HSTS header
 relayawards.com: could not connect to host
 reliable-mail.de: did not receive HSTS header
 relisten.nl: did not receive HSTS header
+relvan.com: did not receive HSTS header
 rem.pe: could not connect to host
 remedioskaseros.com: did not receive HSTS header
 remitatm.com: did not receive HSTS header
 remodela.com.ve: could not connect to host
 remonttitekniikka.fi: could not connect to host
 rene-schwarz.com: could not connect to host
 renideo.fr: could not connect to host
 renlong.org: did not receive HSTS header
@@ -4537,16 +4573,17 @@ rideworks.com: did not receive HSTS head
 ridwan.co: did not receive HSTS header
 riesenmikrobe.de: max-age too low: 86400
 riesenmikroben.at: max-age too low: 86400
 riesenmikroben.de: max-age too low: 86400
 riesenviren.de: max-age too low: 86400
 riesenweber.id.au: did not receive HSTS header
 right2.org: could not connect to host
 righttoknow.ie: did not receive HSTS header
+rigolitch.fr: did not receive HSTS header
 rijndael.xyz: could not connect to host
 rika.me: could not connect to host
 ring0.xyz: did not receive HSTS header
 ringh.am: could not connect to host
 rippleunion.com: could not connect to host
 riskmgt.com.au: could not connect to host
 rivlo.com: could not connect to host
 rix.ninja: could not connect to host
@@ -4578,16 +4615,17 @@ roguelikecenter.fr: did not receive HSTS
 rolandreed.cn: did not receive HSTS header
 rolemaster.net: could not connect to host
 rolroer.co.za: could not connect to host
 romab.com: did not receive HSTS header
 romans-place.me.uk: could not connect to host
 romeoferraris.com: did not receive HSTS header
 romulusapp.com: could not connect to host
 ron2k.za.net: could not connect to host
+rondoniatec.com.br: did not receive HSTS header
 ronvandordt.info: could not connect to host
 ronwo.de: max-age too low: 1
 rootforum.org: did not receive HSTS header
 rootservice.org: did not receive HSTS header
 rootwpn.com: could not connect to host
 rop.io: could not connect to host
 rossen.be: did not receive HSTS header
 rosslug.org.uk: could not connect to host
@@ -4599,25 +4637,27 @@ rout0r.org: did not receive HSTS header
 rouvray.org: could not connect to host
 royal-forest.org: max-age too low: 0
 royalhop.co: could not connect to host
 royalpub.net: did not receive HSTS header
 rprimas.duckdns.org: could not connect to host
 rpy.xyz: could not connect to host
 rr.in.th: could not connect to host
 rrke.cc: did not receive HSTS header
+rro.rs: could not connect to host
 rsajeey.info: could not connect to host
 rsampaio.info: could not connect to host
 rsf.io: could not connect to host
 rsmaps.org: could not connect to host
-rtfpessoa.xyz: could not connect to host
+rtho.me: could not connect to host
 rubbereggs.ca: could not connect to host
 rubberfurs.org: did not receive HSTS header
 rubecodeberg.com: could not connect to host
 rubenschulz.nl: did not receive HSTS header
+rubi-ka.net: could not connect to host
 ruborr.se: did not receive HSTS header
 rubysecurity.org: did not receive HSTS header
 rubyshop.nl: max-age too low: 604800
 rudeotter.com: did not receive HSTS header
 rugirlfriend.com: could not connect to host
 ruht.ro: could not connect to host
 ruiming.me: did not receive HSTS header
 runawebinar.nl: could not connect to host
@@ -4627,45 +4667,42 @@ ruqu.nl: could not connect to host
 rusadmin.biz: did not receive HSTS header
 rushpoppershop.co.uk: did not receive HSTS header
 ruska-modra.cz: did not receive HSTS header
 ruskamodra.cz: did not receive HSTS header
 rusl.me: could not connect to host
 russmarshall.com: could not connect to host
 ruxit.com: did not receive HSTS header
 rw.search.yahoo.com: did not receive HSTS header
-rww.name: could not connect to host
 rx-contact.com: did not receive HSTS header
 rxprep.com: did not receive HSTS header
 rxv.cc: could not connect to host
 ryanteck.uk: did not receive HSTS header
 rylin.net: did not receive HSTS header
 rzegroup.com: did not receive HSTS header
 s.how: did not receive HSTS header
 safelist.eu: did not receive HSTS header
 safematix.com: could not connect to host
 safemovescheme.co.uk: did not receive HSTS header
 saferedirect.link: could not connect to host
-safetyrisk.net: did not receive HSTS header
 safewings-nh.nl: did not receive HSTS header
 sageth.com: max-age too low: 0
 sah3.net: could not connect to host
 sail-nyc.com: did not receive HSTS header
 sakaki.anime.my: max-age too low: 5184000
 sakaserver.com: did not receive HSTS header
 sakurabuff.com: did not receive HSTS header
 salmonvision.com.tw: did not receive HSTS header
 salserocafe.com: did not receive HSTS header
 salserototal.com: could not connect to host
 saltedskies.com: could not connect to host
 salud.top: did not receive HSTS header
 salzamt.tk: could not connect to host
 sametovymesic.cz: could not connect to host
 saml2.com: could not connect to host
-sammyjohnson.com: could not connect to host
 sampcup.com: could not connect to host
 sampoznay.ru: did not receive HSTS header
 samraskauskas.com: could not connect to host
 samsen.club: did not receive HSTS header
 sanasalud.org: could not connect to host
 sandviks.com: did not receive HSTS header
 sanguoxiu.com: could not connect to host
 sansdev.com: could not connect to host
@@ -4693,23 +4730,19 @@ sawamura-rental.com: did not receive HST
 sazima.ru: did not receive HSTS header
 sbox-archives.com: could not connect to host
 sby.de: did not receive HSTS header
 sc4le.com: could not connect to host
 scannabi.com: could not connect to host
 schadegarant.net: could not connect to host
 schauer.so: could not connect to host
 scherzstempel.de: max-age too low: 86400
+schippers-it.nl: did not receive HSTS header
 schnell-gold.com: could not connect to host
 schooltrends.co.uk: did not receive HSTS header
-schrauger.com: did not receive HSTS header
-schrauger.info: did not receive HSTS header
-schrauger.net: did not receive HSTS header
-schrauger.org: did not receive HSTS header
-schrauger.run: did not receive HSTS header
 schreiber-netzwerk.eu: did not receive HSTS header
 schrodinger.io: could not connect to host
 schulterglatzen-altenwalde.de: could not connect to host
 schultzflorists.com: could not connect to host
 schwarzkopfforyou.de: did not receive HSTS header
 schweizerbolzonello.net: could not connect to host
 scicasts.com: max-age too low: 7776000
 scienceathome.org: did not receive HSTS header
@@ -4734,17 +4767,16 @@ scrion.com: could not connect to host
 script.google.com: did not receive HSTS header (error ignored - included regardless)
 scriptenforcer.net: could not connect to host
 scriptict.nl: could not connect to host
 sdmoscow.ru: could not connect to host
 sdrobs.com: did not receive HSTS header
 sdsl-speedtest.de: could not connect to host
 search-one.de: did not receive HSTS header
 sebastian-lutsch.de: could not connect to host
-sebastianblade.com: could not connect to host
 sebster.com: did not receive HSTS header
 secandtech.com: could not connect to host
 seccom.ch: did not receive HSTS header
 secondary-survivor.com: could not connect to host
 secondary-survivor.help: could not connect to host
 secondary-survivor.net: could not connect to host
 secondarysurvivor.help: could not connect to host
 secondarysurvivorportal.com: could not connect to host
@@ -4769,16 +4801,17 @@ seedboxers.net: could not connect to hos
 seefunk.net: did not receive HSTS header
 seele.ca: could not connect to host
 segulink.com: could not connect to host
 sehenderson.com: did not receive HSTS header
 seiko-dojo.com: could not connect to host
 selecadm.name: could not connect to host
 selectruckscalltrackingreports.com: could not connect to host
 selfcarecentral.com: did not receive HSTS header
+selfdefenserx.com: did not receive HSTS header
 selfie-france.fr: could not connect to host
 selldorado.com: could not connect to host
 sello.com: did not receive HSTS header
 sellocdn.com: could not connect to host
 sellservs.co.za: could not connect to host
 semaf.at: max-age too low: 86400
 semen3325.xyz: could not connect to host
 semenkovich.com: did not receive HSTS header
@@ -4791,26 +4824,27 @@ sensiblemn.org: could not connect to hos
 sensibus.com: did not receive HSTS header
 seo.consulting: did not receive HSTS header
 seomobo.com: could not connect to host
 seosanantonioinc.com: did not receive HSTS header
 seowarp.net: did not receive HSTS header
 sep23.ru: did not receive HSTS header
 seq.tf: did not receive HSTS header
 serathius.ovh: could not connect to host
-serbanpaun.ro: could not connect to host
 serenitycreams.com: did not receive HSTS header
 serfdom.io: did not receive HSTS header
 serized.pw: could not connect to host
 servercode.ca: did not receive HSTS header
 serverdensity.io: did not receive HSTS header
 servergno.me: did not receive HSTS header
 servermonkey.nl: could not connect to host
 seryo.moe: could not connect to host
 seryo.net: could not connect to host
+sesha.co.za: could not connect to host
+sethcaplan.com: could not connect to host
 setphaserstostun.org: could not connect to host
 setuid.de: could not connect to host
 setuid.io: did not receive HSTS header
 sevsey.ru: could not connect to host
 seyahatsagliksigortalari.com: could not connect to host
 sfsltd.com: did not receive HSTS header
 shadoom.com: did not receive HSTS header
 shadowlurker.com.au: did not receive HSTS header
@@ -4820,27 +4854,28 @@ shanekoster.net: did not receive HSTS he
 shanesage.com: could not connect to host
 shang-yu.cn: did not receive HSTS header
 shapesedinburgh.co.uk: did not receive HSTS header
 shareimg.xyz: could not connect to host
 sharepass.pw: could not connect to host
 sharevari.com: did not receive HSTS header
 shauncrowley.co.uk: could not connect to host
 shaunwheelhou.se: could not connect to host
+shav.it: could not connect to host
 shellj.me: max-age too low: 86400
 shellsec.pw: did not receive HSTS header
 shereallyheals.com: could not connect to host
 shibe.club: could not connect to host
 shiftins.com: did not receive HSTS header
 shiftplanning.com: did not receive HSTS header
 shiinko.com: could not connect to host
 shindorei.fr: did not receive HSTS header
 shinebijoux.com.br: could not connect to host
 shinju.moe: could not connect to host
-shiona.xyz: did not receive HSTS header
+shiona.xyz: could not connect to host
 shirosaki.org: could not connect to host
 shm-forum.org.uk: could not connect to host
 shocksrv.com: did not receive HSTS header
 shooshosha.com: could not connect to host
 shopontarget.com: did not receive HSTS header
 shoprose.ru: could not connect to host
 shops.neonisi.com: could not connect to host
 showkeeper.tv: did not receive HSTS header
@@ -4851,21 +4886,22 @@ shv25.se: could not connect to host
 shwongacc.com: could not connect to host
 shypp.it: could not connect to host
 shyrydan.es: could not connect to host
 si.to: could not connect to host
 siammedia.co: could not connect to host
 siamsnus.com: did not receive HSTS header
 sichere-kartenakzeptanz.de: did not receive HSTS header
 siciliadigitale.pro: could not connect to host
-siddhant.me: did not receive HSTS header
+siddhant.me: max-age too low: 0
 siebens.net: could not connect to host
 sifls.com: could not connect to host
 sig6.org: could not connect to host
 sijimi.cn: did not receive HSTS header
+sikayetvar.com: did not receive HSTS header
 silaslova-ekb.ru: could not connect to host
 silentcircle.com: did not receive HSTS header
 silentcircle.org: could not connect to host
 silentexplosion.de: could not connect to host
 silentlink.io: could not connect to host
 silicagelpackets.ca: did not receive HSTS header
 silkebaekken.no: did not receive HSTS header
 silver-drachenkrieger.de: did not receive HSTS header
@@ -4921,17 +4957,16 @@ slightfuture.click: could not connect to
 slightfuture.com: did not receive HSTS header
 slix.io: could not connect to host
 sloancom.com: did not receive HSTS header
 slope.haus: could not connect to host
 slovakiana.sk: did not receive HSTS header
 sluitkampzeist.nl: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]"  nsresult: "0x80004005 (NS_ERROR_FAILURE)"  location: "JS frame :: /builds/slave/m-cen-l64-periodicupdate-00000/getHSTSPreloadList.js :: processStsHeader :: line 118"  data: no]
 slycurity.de: did not receive HSTS header
 smallcdn.rocks: could not connect to host
-smallpath.me: could not connect to host
 smart-mirror.de: did not receive HSTS header
 smart-ov.nl: could not connect to host
 smartcoin.com.br: could not connect to host
 smarthomedna.com: did not receive HSTS header
 smartofficesandsmarthomes.com: did not receive HSTS header
 smartrak.co.nz: did not receive HSTS header
 smatch.com: did not receive HSTS header
 smdev.fr: could not connect to host
@@ -4946,17 +4981,16 @@ smusg.com: did not receive HSTS header
 snailing.org: could not connect to host
 snakehosting.dk: did not receive HSTS header
 snapappts.com: could not connect to host
 snapworks.net: did not receive HSTS header
 snel4u.nl: could not connect to host
 snelwerk.be: could not connect to host
 sng.my: could not connect to host
 sniderman.eu.org: could not connect to host
-snille.com: could not connect to host
 snip.host: could not connect to host
 snoozedds.com: max-age too low: 600
 snoqualmiefiber.org: did not receive HSTS header
 sobabox.ru: could not connect to host
 sobinski.pl: did not receive HSTS header
 sobotkama.eu: did not receive HSTS header
 soccergif.com: could not connect to host
 soci.ml: did not receive HSTS header
@@ -4967,26 +5001,27 @@ socialspirit.com.br: did not receive HST
 sockeye.cc: could not connect to host
 socomponents.co.uk: did not receive HSTS header
 sodacore.com: could not connect to host
 software.rocks: could not connect to host
 sogeek.me: did not receive HSTS header
 sokolka.tv: did not receive HSTS header
 sol-3.de: did not receive HSTS header
 solidfuelappliancespares.co.uk: did not receive HSTS header
+solidus.systems: could not connect to host
 soll-i.ch: did not receive HSTS header
 solsystems.ru: could not connect to host
+somali-derp.com: could not connect to host
 someshit.xyz: could not connect to host
 somethingnew.xyz: could not connect to host
 songzhuolun.com: could not connect to host
 sonic.network: did not receive HSTS header
 sonicrainboom.rocks: did not receive HSTS header
 soobi.org: did not receive HSTS header
 soondy.com: did not receive HSTS header
-sorincocorada.ro: could not connect to host
 sosaka.ml: could not connect to host
 sotor.de: did not receive HSTS header
 soucorneteiro.com.br: could not connect to host
 soulema.com: could not connect to host
 soulfulglamour.uk: could not connect to host
 sourcelair.com: did not receive HSTS header
 southgale.condos: could not connect to host
 southside-crew.club: could not connect to host
@@ -5018,18 +5053,17 @@ spherenix.org: could not connect to host
 spiegels.nl: could not connect to host
 spielcasinos.com: did not receive HSTS header
 spiet.nl: could not connect to host
 spikeykc.me: did not receive HSTS header
 spillmaker.no: did not receive HSTS header
 spilsbury.io: could not connect to host
 spirit-dev.net: max-age too low: 0
 spititout.it: could not connect to host
-spittersberger.recipes: did not receive HSTS header
-spodelime.com: did not receive HSTS header
+spittersberger.recipes: could not connect to host
 sponsortobias.com: could not connect to host
 sportchirp-internal.azurewebsites.net: did not receive HSTS header
 sporthit.ru: did not receive HSTS header
 sportwette.eu: did not receive HSTS header
 spot-events.com: could not connect to host
 spotifyripper.tk: could not connect to host
 spotlightsrule.ddns.net: could not connect to host
 spr.id.au: did not receive HSTS header
@@ -5077,25 +5111,21 @@ staticanime.net: could not connect to ho
 stationaryjourney.com: did not receive HSTS header
 stationcharlie.co.za: did not receive HSTS header
 stationnementdenuit.ca: did not receive HSTS header
 status-sprueche.de: did not receive HSTS header
 statuschecks.net: could not connect to host
 stayokhotelscdc-mailing.com: could not connect to host
 stcomex.com: did not receive HSTS header
 stdrc.cc: did not receive HSTS header
+steelbea.ms: could not connect to host
 stefanweiser.de: did not receive HSTS header
-stefany.eu: could not connect to host
 stepbystep3d.com: did not receive HSTS header
 stephanierxo.com: did not receive HSTS header
 stephenandburns.com: did not receive HSTS header
-stephenschrauger.com: did not receive HSTS header
-stephenschrauger.info: did not receive HSTS header
-stephenschrauger.net: did not receive HSTS header
-stephenschrauger.org: did not receive HSTS header
 stevensononthe.net: did not receive HSTS header
 stewartremodelingadvantage.com: did not receive HSTS header
 sticklerjs.org: could not connect to host
 stig.io: did not receive HSTS header
 stigroom.com: could not connect to host
 stillblackhat.id: could not connect to host
 stinkytrashhound.com: could not connect to host
 stirlingpoon.com: did not receive HSTS header
@@ -5114,21 +5144,23 @@ storecove.com: did not receive HSTS head
 storeden.com: did not receive HSTS header
 storefrontify.com: did not receive HSTS header
 stormhub.org: could not connect to host
 stqry.com: did not receive HSTS header
 str0.at: did not receive HSTS header
 strasweb.fr: did not receive HSTS header
 strbt.de: could not connect to host
 strchr.com: did not receive HSTS header
+stream.pub: did not receive HSTS header
 streamingeverywhere.com: could not connect to host
 streamingmagazin.de: could not connect to host
 streampanel.net: did not receive HSTS header
 streams.dyndns.org: could not connect to host
 strictlysudo.com: could not connect to host
+strife.tk: could not connect to host
 strivephysmed.com: did not receive HSTS header
 stroeercrm.de: could not connect to host
 strongest-privacy.com: could not connect to host
 stuartbaxter.co: could not connect to host
 student-scientist.org: did not receive HSTS header
 student.andover.edu: did not receive HSTS header
 studentresearcher.org: did not receive HSTS header
 studentskydenik.cz: could not connect to host
@@ -5145,24 +5177,25 @@ sturbock.me: did not receive HSTS header
 stylenda.com: could not connect to host
 subbing.work: could not connect to host
 subdimension.org: did not receive HSTS header
 subeesu.com: could not connect to host
 subhacker.net: did not receive HSTS header
 subrosa.io: could not connect to host
 subsys.no: did not receive HSTS header
 subtitle.rip: could not connect to host
+suche.org: could not connect to host
 sudo.li: did not receive HSTS header
 suian.or.jp: max-age too low: 86400
 suite73.org: could not connect to host
+suki.moe: could not connect to host
 suksit.com: could not connect to host
 sumoatm.com: did not receive HSTS header
 sumoscout.de: did not receive HSTS header
 suncountrymarine.com: did not receive HSTS header
-sunflyer.cn: did not receive HSTS header
 sunfulong.me: could not connect to host
 sunnyfruit.ru: did not receive HSTS header
 sunshinepress.org: could not connect to host
 sunyanzi.tk: could not connect to host
 suos.io: could not connect to host
 supcro.com: could not connect to host
 super-erotica.ru: did not receive HSTS header
 super-garciniaslim.com: could not connect to host
@@ -5174,17 +5207,16 @@ superbike.tw: could not connect to host
 supereight.net: did not receive HSTS header
 superiorfloridavacation.com: did not receive HSTS header
 supersalescontest.nl: did not receive HSTS header
 superschnappchen.de: could not connect to host
 supersecurefancydomain.com: could not connect to host
 supertramp-dafonseca.com: did not receive HSTS header
 superuser.fi: could not connect to host
 superwally.org: could not connect to host
-supinbot.ovh: could not connect to host
 suprlink.net: could not connect to host
 supweb.ovh: did not receive HSTS header
 surfeasy.com: did not receive HSTS header
 surfone-leucate.com: did not receive HSTS header
 sushifrick.de: could not connect to host
 suzukikenichi.com: did not receive HSTS header
 sv.search.yahoo.com: did not receive HSTS header
 svarovani.tk: could not connect to host
@@ -5209,16 +5241,17 @@ syncclinicalstudy.com: could not connect
 syncer.jp: did not receive HSTS header
 syneic.com: did not receive HSTS header
 syno.gq: could not connect to host
 syntheticmotoroil.org: did not receive HSTS header
 syriatalk.biz: could not connect to host
 syriatalk.org: could not connect to host
 syrocon.ch: could not connect to host
 sys.tf: could not connect to host
+sysgeek.cn: could not connect to host
 syso.name: could not connect to host
 syspen.space: did not receive HSTS header
 systemd.me: could not connect to host
 szaszm.tk: max-age too low: 0
 t-complex.space: could not connect to host
 t-ken.xyz: could not connect to host
 t-shirts4less.nl: did not receive HSTS header
 t-tz.com: could not connect to host
@@ -5276,31 +5309,33 @@ teachforcanada.ca: did not receive HSTS 
 team-teasers.com: could not connect to host
 teamblueridge.org: could not connect to host
 teamsocial.co: did not receive HSTS header
 teamzeus.cz: could not connect to host
 tech-finder.fr: could not connect to host
 tech55i.com: could not connect to host
 techandtux.de: could not connect to host
 techassist.io: did not receive HSTS header
+techcentric.com: could not connect to host
 techelements.co: could not connect to host
 techhipster.net: could not connect to host
 techhub.ml: could not connect to host
 techllage.com: could not connect to host
 techloaner.com: could not connect to host
 techmatehq.com: could not connect to host
 technogroup.cz: did not receive HSTS header
 technosavvyport.com: did not receive HSTS header
 techpointed.com: could not connect to host
 techreview.link: could not connect to host
 techtoy.store: did not receive HSTS header
 techtraveller.com.au: did not receive HSTS header
 tecnimotos.com: did not receive HSTS header
 tecnogaming.com: did not receive HSTS header
 tegelsensanitaironline.nl: did not receive HSTS header
+tekiro.com: did not receive HSTS header
 teknotes.co.uk: could not connect to host
 tekshrek.com: did not receive HSTS header
 tel-dithmarschen.de: did not receive HSTS header
 telefonnummer.online: could not connect to host
 telefoonnummerinfo.nl: could not connect to host
 telescam.com: could not connect to host
 tellingua.com: did not receive HSTS header
 temehu.com: did not receive HSTS header
@@ -5308,23 +5343,23 @@ tempcraft.net: could not connect to host
 tempus-aquilae.de: could not connect to host
 tendertool.nl: could not connect to host
 tengroup.com: did not receive HSTS header
 tenni.xyz: could not connect to host
 tensei-slime.com: did not receive HSTS header
 tensionup.com: could not connect to host
 tenthousandcoffees.com: did not receive HSTS header
 teos.online: could not connect to host
+tequilazor.com: could not connect to host
 teriiphotography.com: could not connect to host
 terra.by: did not receive HSTS header
 terrax.berlin: could not connect to host
 terrax.info: could not connect to host
 terry.pub: did not receive HSTS header
 testandroid.xyz: could not connect to host
-testbawks.com: could not connect to host
 testnode.xyz: could not connect to host
 teulon.eu: could not connect to host
 texte-zur-taufe.de: did not receive HSTS header
 textoplano.xyz: could not connect to host
 textracer.dk: could not connect to host
 tezcam.tk: could not connect to host
 tf2stadium.com: did not receive HSTS header
 tfcoms-sp-tracker-client.azurewebsites.net: could not connect to host
@@ -5346,16 +5381,17 @@ thebrotherswarde.com: could not connect 
 thecapitalbank.com: did not receive HSTS header
 thecharlestonwaldorf.com: did not receive HSTS header
 theclementinebutchers.com: could not connect to host
 theclubjersey.com: did not receive HSTS header
 thecoffeehouse.xyz: could not connect to host
 theelitebuzz.com: did not receive HSTS header
 theendofzion.com: did not receive HSTS header
 theescapistswiki.com: could not connect to host
+theeyeopener.com: did not receive HSTS header
 thefarbeyond.com: could not connect to host
 theflowerbasketonline.com: could not connect to host
 thefootballanalyst.com: did not receive HSTS header
 thefox.com.fr: max-age too low: 0
 thefrozenfire.com: did not receive HSTS header
 thefutureharrills.com: could not connect to host
 thegcccoin.com: did not receive HSTS header
 thego2swatking.com: could not connect to host
@@ -5386,33 +5422,31 @@ thestack.xyz: could not connect to host
 thestagchorleywood.co.uk: did not receive HSTS header
 theurbanyoga.com: did not receive HSTS header
 thevintagenews.com: max-age too low: 0
 thewebfellas.com: did not receive HSTS header
 theworkingeye.nl: could not connect to host
 thewp.pro: could not connect to host
 thezonders.com: did not receive HSTS header
 thierfreund.de: could not connect to host
-thingies.site: could not connect to host
 thinkcoding.de: could not connect to host
 thinkcoding.org: could not connect to host
 thinlyveiledcontempt.com: could not connect to host
 thirdpartytrade.com: did not receive HSTS header
 thirty5.net: did not receive HSTS header
 thisisacompletetest.ga: could not connect to host
 thisisforager.com: could not connect to host
 thiswebhost.com: did not receive HSTS header
 thomaskliszowski.fr: did not receive HSTS header
 thomasschweizer.net: could not connect to host
 thorncreek.net: did not receive HSTS header
 thriveapproach.co.uk: did not receive HSTS header
 thumbtack.com: did not receive HSTS header
 thusoy.com: did not receive HSTS header
 ti.blog.br: could not connect to host
-tibbitshall.ca: did not receive HSTS header
 tickettoaster.de: max-age too low: 0
 tickopa.co.uk: could not connect to host
 tickreport.com: did not receive HSTS header
 ticktock.today: did not receive HSTS header
 tictactux.de: could not connect to host
 tidmore.us: could not connect to host
 tiendschuurstraat.nl: could not connect to host
 tiensnet.com: did not receive HSTS header
@@ -5437,16 +5471,17 @@ timotrans.de: did not receive HSTS heade
 timotrans.eu: did not receive HSTS header
 timowi.de: could not connect to host
 timowi.net: could not connect to host
 timvivian.ca: could not connect to host
 timwittenberg.com: could not connect to host
 tinyhousefinance.com.au: did not receive HSTS header
 tipsyk.ru: could not connect to host
 tirex.media: did not receive HSTS header
+tism.in: could not connect to host
 titanleaf.com: could not connect to host
 titouan.co: did not receive HSTS header
 tittarpuls.se: could not connect to host
 titties.ml: could not connect to host
 tjc.wiki: could not connect to host
 tkappertjedemetamorfose.nl: could not connect to host
 tlcdn.net: could not connect to host
 tlo.hosting: could not connect to host
@@ -5466,31 +5501,33 @@ tobiasmathes.name: could not connect to 
 tobiasofficial.at: could not connect to host
 todamateria.com.br: did not receive HSTS header
 todesschaf.org: could not connect to host
 todo.is: did not receive HSTS header
 todobazar.es: could not connect to host
 togelonlinecommunity.com: did not receive HSTS header
 tokenloan.com: could not connect to host
 tokoone.com: did not receive HSTS header
+tokotamz.net: max-age too low: 0
 tollmanz.com: did not receive HSTS header
 tolud.com: could not connect to host
 tomeara.net: could not connect to host
 tomharris.tech: could not connect to host
 tomlankhorst.nl: did not receive HSTS header
 tomli.me: could not connect to host
 tommsy.com: did not receive HSTS header
 tommyads.com: could not connect to host
 tonyfantjr.com: could not connect to host
 toomanypillows.com: could not connect to host
 top-stage.net: could not connect to host
 topdeskdev.net: could not connect to host
 topmarine.se: could not connect to host
 topnewstoday.org: could not connect to host
 topshelfguild.com: could not connect to host
+topspeedgolf.com: did not receive HSTS header
 torahanytime.com: did not receive HSTS header
 toretfaction.net: could not connect to host
 torlock.download: could not connect to host
 torrentdownloads.bid: could not connect to host
 torrentz.website: could not connect to host
 torsten-schmitz.net: could not connect to host
 tortugalife.de: could not connect to host
 torv.rocks: did not receive HSTS header
@@ -5518,20 +5555,20 @@ traindb.nl: did not receive HSTS header
 training4girls.ru: did not receive HSTS header
 trainut.com: did not receive HSTS header
 transformify.org: did not receive HSTS header
 translate.googleapis.com: did not receive HSTS header (error ignored - included regardless)
 transportal.sk: did not receive HSTS header
 travality.ru: did not receive HSTS header
 travel-kuban.ru: did not receive HSTS header
 travelinsurance.co.nz: did not receive HSTS header
-travisforte.io: could not connect to host
 treasuredinheritanceministry.com: did not receive HSTS header
 treatprostatewithhifu.com: could not connect to host
 treeby.net: could not connect to host
+trell.co.in: did not receive HSTS header
 tremoureux.fr: did not receive HSTS header
 trendberry.ru: could not connect to host
 trinityaffirmations.com: max-age too low: 0
 trinitycore.org: max-age too low: 2592000
 tripdelta.com: did not receive HSTS header
 tripinsider.club: did not receive HSTS header
 trixies-wish.nz: could not connect to host
 troi.de: did not receive HSTS header
@@ -5579,16 +5616,18 @@ twinkseason.org: could not connect to ho
 twinkseason.xyz: could not connect to host
 twist.party: could not connect to host
 twogo.com: did not receive HSTS header
 twolinepassbrewing.com: could not connect to host
 tx041cap.org: did not receive HSTS header
 txclimbers.com: could not connect to host
 txf.pw: could not connect to host
 ty2u.com: did not receive HSTS header
+tyler.rs: could not connect to host
+tyleromeara.com: could not connect to host
 tylian.net: max-age too low: 0
 tyrelius.com: did not receive HSTS header
 tyroproducts.eu: did not receive HSTS header
 tzappa.net: could not connect to host
 u-blox.com: max-age too low: 0
 ua.search.yahoo.com: did not receive HSTS header
 uadp.pw: could not connect to host
 uber.com.au: did not receive HSTS header
@@ -5661,31 +5700,31 @@ uow.ninja: could not connect to host
 up1.ca: could not connect to host
 upaknship.com: did not receive HSTS header
 upboard.jp: could not connect to host
 upldr.pw: could not connect to host
 uprotect.it: could not connect to host
 upstats.eu: could not connect to host
 ur-lauber.de: did not receive HSTS header
 urandom.eu.org: did not receive HSTS header
-urbanstylestaging.com: did not receive HSTS header
 urbpic.com: could not connect to host
 urown.net: could not connect to host
 urphp.com: could not connect to host
 us-immigration.com: did not receive HSTS header
+usaab.org: did not receive HSTS header
 usbtypeccompliant.com: could not connect to host
 uscitizenship.info: did not receive HSTS header
 uscntalk.com: could not connect to host
 uscurrency.gov: did not receive HSTS header
 used-in.jp: could not connect to host
 usercare.com: did not receive HSTS header
 userify.com: did not receive HSTS header
 uslab.io: could not connect to host
 ustr.gov: max-age too low: 86400
-utilitarianism.net: did not receive HSTS header
+utilitarianism.net: max-age too low: 0
 utleieplassen.no: could not connect to host
 utopiagalaxy.space: could not connect to host
 utopianhomespa.com: did not receive HSTS header
 utopianrealms.org: did not receive HSTS header
 utumno.ch: did not receive HSTS header
 utvbloggen.se: max-age too low: 604800
 uvarov.pw: did not receive HSTS header
 uy.search.yahoo.com: did not receive HSTS header
@@ -5704,16 +5743,17 @@ valleyridgepta.org: could not connect to
 vallis.net: did not receive HSTS header
 valmagus.com: could not connect to host
 valopv.be: could not connect to host
 vampirism.eu: could not connect to host
 vanacht.co.za: did not receive HSTS header
 vanderkley.it: could not connect to host
 vanestack.com: could not connect to host
 vanetv.com: could not connect to host
+vanhove.biz: could not connect to host
 vanitas.xyz: could not connect to host
 vanitynailworkz.com: could not connect to host
 vansieleghem.com: could not connect to host
 vasanth.org: did not receive HSTS header
 vbulletin-russia.com: could not connect to host
 vbulletinrussia.com: could not connect to host
 vcdove.com: did not receive HSTS header
 vcr.re: could not connect to host
@@ -5739,17 +5779,16 @@ vfree.org: could not connect to host
 vglimg.com: could not connect to host
 vhost.co.id: could not connect to host
 viadeux.com: could not connect to host
 vicianovi.cz: could not connect to host
 videnskabsklubben.dk: did not receive HSTS header
 videomuz.com: did not receive HSTS header
 videotogel.net: did not receive HSTS header
 vidid.net: did not receive HSTS header
-vidister.de: could not connect to host
 vidz.ga: could not connect to host
 vieaw.com: did not receive HSTS header
 vietnamphotographytours.com: did not receive HSTS header
 vigilo.cf: could not connect to host
 vigilo.ga: could not connect to host
 vijos.org: did not receive HSTS header
 viktor-machnik.de: could not connect to host
 viktorsvantesson.net: did not receive HSTS header
@@ -5776,16 +5815,17 @@ viva-french.com: did not receive HSTS he
 vivocloud.com: could not connect to host
 vizeat.com: did not receive HSTS header
 vizional.com: max-age too low: 0
 vjeff.com: could not connect to host
 vlastimilburian.cz: did not receive HSTS header
 vlora.city: could not connect to host
 vm0.eu: did not receive HSTS header
 vmrdev.com: could not connect to host
+vmug.pl: could not connect to host
 voceinveste.com: did not receive HSTS header
 voicesuk.co.uk: did not receive HSTS header
 volcrado.com: did not receive HSTS header
 voliere-info.nl: did not receive HSTS header
 volkden.com: could not connect to host
 vonavy-cukor.sk: could not connect to host
 vonavycukor.sk: could not connect to host
 voodoo-laden.de: max-age too low: 86400
@@ -5818,16 +5858,17 @@ wallet.google.com: did not receive HSTS 
 wallpapers.pub: could not connect to host
 wallsblog.dk: could not connect to host
 walnutgaming.co.uk: could not connect to host
 wan.pp.ua: could not connect to host
 wanban.io: could not connect to host
 wangjun.me: did not receive HSTS header
 wangqiliang.xn--fiqs8s: could not connect to host
 wangzuan168.cc: could not connect to host
+wanybug.cn: could not connect to host
 wapjt.cn: could not connect to host
 wapt.fr: could not connect to host
 warandpeace.xyz: could not connect to host
 warehost.de: did not receive HSTS header
 warezaddict.com: did not receive HSTS header
 warhaggis.com: could not connect to host
 warhistoryonline.com: max-age too low: 0
 warped.com: did not receive HSTS header
@@ -5925,27 +5966,26 @@ wikiclash.info: could not connect to hos
 wikisports.eu: could not connect to host
 wilf1rst.com: could not connect to host
 willcipriano.com: could not connect to host
 william.si: did not receive HSTS header
 williamsapiens.com: could not connect to host
 willosagiede.com: did not receive HSTS header
 winaes.com: did not receive HSTS header
 winclient.cn: could not connect to host
-windowsphoneblog.it: could not connect to host
+windowsphoneblog.it: did not receive HSTS header
 winecodeavocado.com: could not connect to host
 winged.io: could not connect to host
 wingumd.net: could not connect to host
 winpack.cf: could not connect to host
 winpack.eu.org: could not connect to host
 winsec.nl: could not connect to host
 winshiplending.com: did not receive HSTS header
 wipply.com: did not receive HSTS header
 wirc.gr: could not connect to host
-wireshark.org: did not receive HSTS header
 wiretrip.io: did not receive HSTS header
 wiseloan.com: did not receive HSTS header
 wishcert.com: could not connect to host
 withgoogle.com: did not receive HSTS header (error ignored - included regardless)
 withmy.beer: could not connect to host
 withustrading.com: could not connect to host
 withyoutube.com: did not receive HSTS header (error ignored - included regardless)
 wittcher.com: could not connect to host
@@ -5954,45 +5994,44 @@ witzemaschine.com: max-age too low: 0
 wiz.biz: could not connect to host
 wlzhiyin.cn: could not connect to host
 wmcuk.net: could not connect to host
 wmfinanz.com: could not connect to host
 wnmm.nl: could not connect to host
 wobblylang.org: could not connect to host
 wod-stavby.cz: could not connect to host
 wodice.com: could not connect to host
+wodka-division.de: could not connect to host
 wohnungsbau-ludwigsburg.de: did not receive HSTS header
 woima.fi: max-age too low: 604800
 wolfesden.com: could not connect to host
 womosale.de: could not connect to host
 wonderfall.xyz: could not connect to host
 wonderhost.info: could not connect to host
 woodmafia.com.au: max-age too low: 0
 woording.com: could not connect to host
 wootton95.com: could not connect to host
 word-grabber.com: did not receive HSTS header
 woresite.jp: did not receive HSTS header
 work-and-jockel.de: did not receive HSTS header
 workfone.io: did not receive HSTS header
 workpermit.com.vn: did not receive HSTS header
 workwithgo.com: could not connect to host
 worldsbeststory.com: did not receive HSTS header
-worldwhisperer.net: could not connect to host
 worshapp.com: did not receive HSTS header
 wowapi.org: could not connect to host
 wpblog.com.tw: did not receive HSTS header
 wpcarer.pro: did not receive HSTS header
 wpdublin.com: could not connect to host
 wpfortify.com: did not receive HSTS header
 wphostingspot.com: did not receive HSTS header
 wpmetadatastandardsproject.org: did not receive HSTS header
 writeapp.me: did not receive HSTS header
 wrldevelopment.com: did not receive HSTS header
 wsscompany.com.ve: could not connect to host
-wtf.ninja: could not connect to host
 wufu.org: did not receive HSTS header
 wuhengmin.com: could not connect to host
 wukongmusic.us: did not receive HSTS header
 wurzelzwerg.net: could not connect to host
 wusx.club: could not connect to host
 www.braintreepayments.com: did not receive HSTS header
 www.cueup.com: could not connect to host
 www.cyveillance.com: did not receive HSTS header
@@ -6009,40 +6048,41 @@ www.logentries.com: did not receive HSTS
 www.moneybookers.com: did not receive HSTS header
 www.neonisi.com: could not connect to host
 www.paycheckrecords.com: did not receive HSTS header
 www.rme.li: did not receive HSTS header
 www.sandbox.mydigipass.com: could not connect to host
 www.surfeasy.com: did not receive HSTS header
 www.zenpayroll.com: did not receive HSTS header
 www3.info: did not receive HSTS header
+wxrlab.com: did not receive HSTS header
 wxukang.cn: could not connect to host
 wybmabiity.com: max-age too low: 0
 x-power-detox.com: could not connect to host
 x-ripped-hd.com: did not receive HSTS header
 x2w.io: could not connect to host
 x3led.com: could not connect to host
 x509.pub: could not connect to host
 x509.pw: could not connect to host
 x64architecture.com: could not connect to host
 xa.search.yahoo.com: did not receive HSTS header
 xandocs.com: could not connect to host
 xatr0z.org: could not connect to host
 xavierbarroso.com: could not connect to host
-xboxdownloadthat.com: could not connect to host
 xbt.co: could not connect to host
 xcoop.me: could not connect to host
 xehoivn.vn: did not receive HSTS header
 xellos.ga: could not connect to host
 xellos.ml: could not connect to host
 xendo.net: did not receive HSTS header
 xenesisziarovky.sk: could not connect to host
 xett.com: did not receive HSTS header
 xf-liam.com: did not receive HSTS header
 xfive.de: did not receive HSTS header
+xfix.pw: could not connect to host
 xiaody.me: could not connect to host
 xiaolvmu.com: could not connect to host
 xiaolvmu.me: could not connect to host
 xiaoxiao.im: could not connect to host
 ximens.me: could not connect to host
 xinbiji.cn: did not receive HSTS header
 xisa.it: could not connect to host
 xiyu.moe: could not connect to host
@@ -6069,17 +6109,16 @@ xn--jobbrse-d1a.de: did not receive HSTS
 xn--lgb3a8bcpn.cf: could not connect to host
 xn--lgb3a8bcpn.ga: could not connect to host
 xn--lgb3a8bcpn.gq: could not connect to host
 xn--lgb3a8bcpn.ml: could not connect to host
 xn--ls8hi7a.tk: could not connect to host
 xn--lsaupp-iua.se: did not receive HSTS header
 xn--mgbbh2a9fub.xn--ngbc5azd: could not connect to host
 xn--neb-tma3u8u.xyz: could not connect to host
-xn--o3cea3afbwl1da3wf0i.com: did not receive HSTS header
 xn--seelenwchter-mcb.eu: could not connect to host
 xn--werner-schffer-fib.de: could not connect to host
 xn--xdtx3pfzbiw3ar8e7yedqrhui.com: could not connect to host
 xn--yoamomisuasbcn-ynb.com: could not connect to host
 xobox.me: could not connect to host
 xoffy.com: did not receive HSTS header
 xom.party: could not connect to host
 xor-a.net: could not connect to host
@@ -6155,59 +6194,58 @@ yutabon.com: could not connect to host
 yuushou.com: max-age too low: 0
 yux.io: did not receive HSTS header
 yuxingxin.com: could not connect to host
 ywei.org: could not connect to host
 yzal.io: did not receive HSTS header
 z3liff.com: could not connect to host
 z3liff.net: could not connect to host
 za.search.yahoo.com: did not receive HSTS header
-zaclys.com: could not connect to host
 zadieheimlich.com: did not receive HSTS header
+zahe.me: could not connect to host
 zahyantechnologies.com: could not connect to host
 zakoncontrol.com: could not connect to host
-zamis.net: did not receive HSTS header
 zamorano.edu: could not connect to host
 zamos.ru: max-age too low: 0
 zanthra.com: could not connect to host
 zao.fi: could not connect to host
 zap.yt: could not connect to host
 zarooba.com: could not connect to host
-zary.me: did not receive HSTS header
 zbigniewgalucki.eu: did not receive HSTS header
 zcon.nl: could not connect to host
 zdravotnickasluzba.eu: could not connect to host
 zebrababy.cn: did not receive HSTS header
 zeedroom.be: did not receive HSTS header
 zefiris.org: did not receive HSTS header
 zefu.ca: could not connect to host
 zehntner.ch: could not connect to host
 zelfstandigemakelaars.net: could not connect to host
+zellari.ru: could not connect to host
 zenghx.tk: could not connect to host
 zenpayroll.com: did not receive HSTS header
 zentraler-kreditausschuss.de: did not receive HSTS header
 zentralwolke.de: did not receive HSTS header
 zera.com.au: could not connect to host
 zeroday.sk: did not receive HSTS header
 zerolab.org: could not connect to host
 zerudi.com: did not receive HSTS header
 zett4.me: could not connect to host
 zeytin.pro: could not connect to host
 zh.search.yahoo.com: did not receive HSTS header
 zhangzifan.com: did not receive HSTS header
 zhaojin97.cn: did not receive HSTS header
 zhendingresources.com: max-age too low: 0
 zhengzexin.com: did not receive HSTS header
 zhihua-lai.com: did not receive HSTS header
-zicklam.com: did not receive HSTS header
+zicklam.com: could not connect to host
 zigcore.com.br: could not connect to host
 zihao.me: did not receive HSTS header
 zinc-x.com: did not receive HSTS header
 zinenapse.info: could not connect to host
-zirtue.io: could not connect to host
+zirtue.io: did not receive HSTS header
 zittingskalender.be: could not connect to host
 zizoo.com: did not receive HSTS header
 zjubtv.com: could not connect to host
 zjutv.com: could not connect to host
 zk.gd: did not receive HSTS header
 zkillboard.com: did not receive HSTS header
 zking.ga: could not connect to host
 zmsastro.co.za: could not connect to host
@@ -6220,17 +6258,17 @@ zoo24.de: did not receive HSTS header
 zoomingin.net: max-age too low: 5184000
 zoommailing.com: did not receive HSTS header
 zorasvobodova.cz: did not receive HSTS header
 zortium.report: could not connect to host
 zoznamrealit.sk: did not receive HSTS header
 zqhong.com: could not connect to host
 ztan.tk: could not connect to host
 ztcaoll222.cn: did not receive HSTS header
-zubel.it: could not connect to host
+zubel.it: did not receive HSTS header
 zudomc.me: could not connect to host
 zulu7.com: could not connect to host
 zuviel.space: could not connect to host
 zvncloud.com: did not receive HSTS header
 zwollemagazine.nl: did not receive HSTS header
 zwy.me: could not connect to host
 zyf.pw: could not connect to host
-zymbit.com: could not connect to host
+zymbit.com: did not receive HSTS header
--- a/security/manager/ssl/nsSTSPreloadList.inc
+++ b/security/manager/ssl/nsSTSPreloadList.inc
@@ -3,17 +3,17 @@
  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
 
 /*****************************************************************************/
 /* This is an automatically generated file. If you're not                    */
 /* nsSiteSecurityService.cpp, you shouldn't be #including it.     */
 /*****************************************************************************/
 
 #include <stdint.h>
-const PRTime gPreloadListExpirationTime = INT64_C(1507043544779000);
+const PRTime gPreloadListExpirationTime = INT64_C(1507216752180000);
 
 static const char kSTSHostTable[] = {
   /* "0.me.uk", true */ '0', '.', 'm', 'e', '.', 'u', 'k', '\0',
   /* "007-preisvergleich.de", true */ '0', '0', '7', '-', 'p', 'r', 'e', 'i', 's', 'v', 'e', 'r', 'g', 'l', 'e', 'i', 'c', 'h', '.', 'd', 'e', '\0',
   /* "00f.net", true */ '0', '0', 'f', '.', 'n', 'e', 't', '\0',
   /* "00wbf.com", true */ '0', '0', 'w', 'b', 'f', '.', 'c', 'o', 'm', '\0',
   /* "0100dev.com", true */ '0', '1', '0', '0', 'd', 'e', 'v', '.', 'c', 'o', 'm', '\0',
   /* "0100dev.nl", true */ '0', '1', '0', '0', 'd', 'e', 'v', '.', 'n', 'l', '\0',
@@ -193,16 +193,17 @@ static const char kSTSHostTable[] = {
   /* "2krueger.de", true */ '2', 'k', 'r', 'u', 'e', 'g', 'e', 'r', '.', 'd', 'e', '\0',
   /* "2mb.solutions", true */ '2', 'm', 'b', '.', 's', 'o', 'l', 'u', 't', 'i', 'o', 'n', 's', '\0',
   /* "2nains.ch", true */ '2', 'n', 'a', 'i', 'n', 's', '.', 'c', 'h', '\0',
   /* "2nerds1bit.com", true */ '2', 'n', 'e', 'r', 'd', 's', '1', 'b', 'i', 't', '.', 'c', 'o', 'm', '\0',
   /* "2pay.fr", true */ '2', 'p', 'a', 'y', '.', 'f', 'r', '\0',
   /* "2programmers.net", true */ '2', 'p', 'r', 'o', 'g', 'r', 'a', 'm', 'm', 'e', 'r', 's', '.', 'n', 'e', 't', '\0',
   /* "2smart4food.com", true */ '2', 's', 'm', 'a', 'r', 't', '4', 'f', 'o', 'o', 'd', '.', 'c', 'o', 'm', '\0',
   /* "2ulcceria.nl", true */ '2', 'u', 'l', 'c', 'c', 'e', 'r', 'i', 'a', '.', 'n', 'l', '\0',
+  /* "314chan.org", true */ '3', '1', '4', 'c', 'h', 'a', 'n', '.', 'o', 'r', 'g', '\0',
   /* "31klabs.com", true */ '3', '1', 'k', 'l', 'a', 'b', 's', '.', 'c', 'o', 'm', '\0',
   /* "31tv.ru", true */ '3', '1', 't', 'v', '.', 'r', 'u', '\0',
   /* "321live.nl", true */ '3', '2', '1', 'l', 'i', 'v', 'e', '.', 'n', 'l', '\0',
   /* "32h.de", true */ '3', '2', 'h', '.', 'd', 'e', '\0',
   /* "32ph.com", true */ '3', '2', 'p', 'h', '.', 'c', 'o', 'm', '\0',
   /* "33-km.ru", true */ '3', '3', '-', 'k', 'm', '.', 'r', 'u', '\0',
   /* "341.com", true */ '3', '4', '1', '.', 'c', 'o', 'm', '\0',
   /* "341.mg", true */ '3', '4', '1', '.', 'm', 'g', '\0',
@@ -243,26 +244,24 @@ static const char kSTSHostTable[] = {
   /* "3s-hosting.de", true */ '3', 's', '-', 'h', 'o', 's', 't', 'i', 'n', 'g', '.', 'd', 'e', '\0',
   /* "3timegear.com", true */ '3', 't', 'i', 'm', 'e', 'g', 'e', 'a', 'r', '.', 'c', 'o', 'm', '\0',
   /* "3trees.tk", true */ '3', 't', 'r', 'e', 'e', 's', '.', 't', 'k', '\0',
   /* "3v4l.org", true */ '3', 'v', '4', 'l', '.', 'o', 'r', 'g', '\0',
   /* "3weekdietworks.com", true */ '3', 'w', 'e', 'e', 'k', 'd', 'i', 'e', 't', 'w', 'o', 'r', 'k', 's', '.', 'c', 'o', 'm', '\0',
   /* "4-1-where.com", true */ '4', '-', '1', '-', 'w', 'h', 'e', 'r', 'e', '.', 'c', 'o', 'm', '\0',
   /* "4-it.de", true */ '4', '-', 'i', 't', '.', 'd', 'e', '\0',
   /* "403.ch", true */ '4', '0', '3', '.', 'c', 'h', '\0',
-  /* "404forest.com", true */ '4', '0', '4', 'f', 'o', 'r', 'e', 's', 't', '.', 'c', 'o', 'm', '\0',
   /* "404notfound.com.br", true */ '4', '0', '4', 'n', 'o', 't', 'f', 'o', 'u', 'n', 'd', '.', 'c', 'o', 'm', '.', 'b', 'r', '\0',
   /* "4096bit.de", true */ '4', '0', '9', '6', 'b', 'i', 't', '.', 'd', 'e', '\0',
   /* "41-where.com", true */ '4', '1', '-', 'w', 'h', 'e', 'r', 'e', '.', 'c', 'o', 'm', '\0',
   /* "41844.de", true */ '4', '1', '8', '4', '4', '.', 'd', 'e', '\0',
   /* "41where.com", true */ '4', '1', 'w', 'h', 'e', 'r', 'e', '.', 'c', 'o', 'm', '\0',
   /* "42day.info", true */ '4', '2', 'd', 'a', 'y', '.', 'i', 'n', 'f', 'o', '\0',
   /* "42entrepreneurs.fr", true */ '4', '2', 'e', 'n', 't', 'r', 'e', 'p', 'r', 'e', 'n', 'e', 'u', 'r', 's', '.', 'f', 'r', '\0',
   /* "439191.com", true */ '4', '3', '9', '1', '9', '1', '.', 'c', 'o', 'm', '\0',
-  /* "441jj.com", true */ '4', '4', '1', 'j', 'j', '.', 'c', 'o', 'm', '\0',
   /* "4500.co.il", true */ '4', '5', '0', '0', '.', 'c', 'o', '.', 'i', 'l', '\0',
   /* "491mhz.net", true */ '4', '9', '1', 'm', 'h', 'z', '.', 'n', 'e', 't', '\0',
   /* "49889.com", true */ '4', '9', '8', '8', '9', '.', 'c', 'o', 'm', '\0',
   /* "4d2.xyz", true */ '4', 'd', '2', '.', 'x', 'y', 'z', '\0',
   /* "4dbygg.se", true */ '4', 'd', 'b', 'y', 'g', 'g', '.', 's', 'e', '\0',
   /* "4decor.org", true */ '4', 'd', 'e', 'c', 'o', 'r', '.', 'o', 'r', 'g', '\0',
   /* "4freepress.com", true */ '4', 'f', 'r', 'e', 'e', 'p', 'r', 'e', 's', 's', '.', 'c', 'o', 'm', '\0',
   /* "4g-server.eu", false */ '4', 'g', '-', 's', 'e', 'r', 'v', 'e', 'r', '.', 'e', 'u', '\0',
@@ -297,28 +296,28 @@ static const char kSTSHostTable[] = {
   /* "6548877.com", true */ '6', '5', '4', '8', '8', '7', '7', '.', 'c', 'o', 'm', '\0',
   /* "660011.com", true */ '6', '6', '0', '0', '1', '1', '.', 'c', 'o', 'm', '\0',
   /* "6660111.ru", true */ '6', '6', '6', '0', '1', '1', '1', '.', 'r', 'u', '\0',
   /* "692b8c32.de", true */ '6', '9', '2', 'b', '8', 'c', '3', '2', '.', 'd', 'e', '\0',
   /* "6969.us", true */ '6', '9', '6', '9', '.', 'u', 's', '\0',
   /* "6t-montjoye.org", true */ '6', 't', '-', 'm', 'o', 'n', 't', 'j', 'o', 'y', 'e', '.', 'o', 'r', 'g', '\0',
   /* "700.az", true */ '7', '0', '0', '.', 'a', 'z', '\0',
   /* "7183.org", true */ '7', '1', '8', '3', '.', 'o', 'r', 'g', '\0',
-  /* "724go.com", true */ '7', '2', '4', 'g', 'o', '.', 'c', 'o', 'm', '\0',
   /* "7261696e626f77.net", true */ '7', '2', '6', '1', '6', '9', '6', 'e', '6', '2', '6', 'f', '7', '7', '.', 'n', 'e', 't', '\0',
   /* "746.com", true */ '7', '4', '6', '.', 'c', 'o', 'm', '\0',
   /* "762.ch", true */ '7', '6', '2', '.', 'c', 'h', '\0',
   /* "771122.com", true */ '7', '7', '1', '1', '2', '2', '.', 'c', 'o', 'm', '\0',
   /* "771122.tv", true */ '7', '7', '1', '1', '2', '2', '.', 't', 'v', '\0',
   /* "777coin.com", true */ '7', '7', '7', 'c', 'o', 'i', 'n', '.', 'c', 'o', 'm', '\0',
   /* "7careconnect.com", true */ '7', 'c', 'a', 'r', 'e', 'c', 'o', 'n', 'n', 'e', 'c', 't', '.', 'c', 'o', 'm', '\0',
   /* "7nw.eu", true */ '7', 'n', 'w', '.', 'e', 'u', '\0',
   /* "7sons.de", true */ '7', 's', 'o', 'n', 's', '.', 'd', 'e', '\0',
   /* "7thcircledesigns.com", true */ '7', 't', 'h', 'c', 'i', 'r', 'c', 'l', 'e', 'd', 'e', 's', 'i', 'g', 'n', 's', '.', 'c', 'o', 'm', '\0',
   /* "7thheavenrestaurant.com", true */ '7', 't', 'h', 'h', 'e', 'a', 'v', 'e', 'n', 'r', 'e', 's', 't', 'a', 'u', 'r', 'a', 'n', 't', '.', 'c', 'o', 'm', '\0',
+  /* "7trade8.com", true */ '7', 't', 'r', 'a', 'd', 'e', '8', '.', 'c', 'o', 'm', '\0',
   /* "7x24servis.com", true */ '7', 'x', '2', '4', 's', 'e', 'r', 'v', 'i', 's', '.', 'c', 'o', 'm', '\0',
   /* "8560.be", true */ '8', '5', '6', '0', '.', 'b', 'e', '\0',
   /* "86metro.ru", true */ '8', '6', 'm', 'e', 't', 'r', 'o', '.', 'r', 'u', '\0',
   /* "88.to", true */ '8', '8', '.', 't', 'o', '\0',
   /* "881133.com", true */ '8', '8', '1', '1', '3', '3', '.', 'c', 'o', 'm', '\0',
   /* "88599.com", true */ '8', '8', '5', '9', '9', '.', 'c', 'o', 'm', '\0',
   /* "887700.com", true */ '8', '8', '7', '7', '0', '0', '.', 'c', 'o', 'm', '\0',
   /* "887766.com", true */ '8', '8', '7', '7', '6', '6', '.', 'c', 'o', 'm', '\0',
@@ -383,18 +382,16 @@ static const char kSTSHostTable[] = {
   /* "abc.li", true */ 'a', 'b', 'c', '.', 'l', 'i', '\0',
   /* "abcheck.se", true */ 'a', 'b', 'c', 'h', 'e', 'c', 'k', '.', 's', 'e', '\0',
   /* "abdullah.pw", true */ 'a', 'b', 'd', 'u', 'l', 'l', 'a', 'h', '.', 'p', 'w', '\0',
   /* "abe-elektro.de", true */ 'a', 'b', 'e', '-', 'e', 'l', 'e', 'k', 't', 'r', 'o', '.', 'd', 'e', '\0',
   /* "abe.cloud", false */ 'a', 'b', 'e', '.', 'c', 'l', 'o', 'u', 'd', '\0',
   /* "abeestrada.com", false */ 'a', 'b', 'e', 'e', 's', 't', 'r', 'a', 'd', 'a', '.', 'c', 'o', 'm', '\0',
   /* "abenteuer-ahnenforschung.de", true */ 'a', 'b', 'e', 'n', 't', 'e', 'u', 'e', 'r', '-', 'a', 'h', 'n', 'e', 'n', 'f', 'o', 'r', 's', 'c', 'h', 'u', 'n', 'g', '.', 'd', 'e', '\0',
   /* "abeontech.com", true */ 'a', 'b', 'e', 'o', 'n', 't', 'e', 'c', 'h', '.', 'c', 'o', 'm', '\0',
-  /* "aberdeenalmeras.com", true */ 'a', 'b', 'e', 'r', 'd', 'e', 'e', 'n', 'a', 'l', 'm', 'e', 'r', 'a', 's', '.', 'c', 'o', 'm', '\0',
-  /* "aberdeenjudo.co.uk", true */ 'a', 'b', 'e', 'r', 'd', 'e', 'e', 'n', 'j', 'u', 'd', 'o', '.', 'c', 'o', '.', 'u', 'k', '\0',
   /* "abeus.com", true */ 'a', 'b', 'e', 'u', 's', '.', 'c', 'o', 'm', '\0',
   /* "abhisharma.me", true */ 'a', 'b', 'h', 'i', 's', 'h', 'a', 'r', 'm', 'a', '.', 'm', 'e', '\0',
   /* "abi-fvs.de", true */ 'a', 'b', 'i', '-', 'f', 'v', 's', '.', 'd', 'e', '\0',
   /* "abiapp.net", true */ 'a', 'b', 'i', 'a', 'p', 'p', '.', 'n', 'e', 't', '\0',
   /* "abigisp.com", true */ 'a', 'b', 'i', 'g', 'i', 's', 'p', '.', 'c', 'o', 'm', '\0',
   /* "abilitynet.org.uk", true */ 'a', 'b', 'i', 'l', 'i', 't', 'y', 'n', 'e', 't', '.', 'o', 'r', 'g', '.', 'u', 'k', '\0',
   /* "abilma.com", true */ 'a', 'b', 'i', 'l', 'm', 'a', '.', 'c', 'o', 'm', '\0',
   /* "abilymp06.net", true */ 'a', 'b', 'i', 'l', 'y', 'm', 'p', '0', '6', '.', 'n', 'e', 't', '\0',
@@ -470,33 +467,34 @@ static const char kSTSHostTable[] = {
   /* "accounts.firefox.com", true */ 'a', 'c', 'c', 'o', 'u', 'n', 't', 's', '.', 'f', 'i', 'r', 'e', 'f', 'o', 'x', '.', 'c', 'o', 'm', '\0',
   /* "accounts.google.com", true */ 'a', 'c', 'c', 'o', 'u', 'n', 't', 's', '.', 'g', 'o', 'o', 'g', 'l', 'e', '.', 'c', 'o', 'm', '\0',
   /* "accudraftpaintbooths.com", true */ 'a', 'c', 'c', 'u', 'd', 'r', 'a', 'f', 't', 'p', 'a', 'i', 'n', 't', 'b', 'o', 'o', 't', 'h', 's', '.', 'c', 'o', 'm', '\0',
   /* "accwing.com", true */ 'a', 'c', 'c', 'w', 'i', 'n', 'g', '.', 'c', 'o', 'm', '\0',
   /* "acecerts.co.uk", true */ 'a', 'c', 'e', 'c', 'e', 'r', 't', 's', '.', 'c', 'o', '.', 'u', 'k', '\0',
   /* "acemobileforce.com", true */ 'a', 'c', 'e', 'm', 'o', 'b', 'i', 'l', 'e', 'f', 'o', 'r', 'c', 'e', '.', 'c', 'o', 'm', '\0',
   /* "acerislaw.com", false */ 'a', 'c', 'e', 'r', 'i', 's', 'l', 'a', 'w', '.', 'c', 'o', 'm', '\0',
   /* "acessoeducacao.com", true */ 'a', 'c', 'e', 's', 's', 'o', 'e', 'd', 'u', 'c', 'a', 'c', 'a', 'o', '.', 'c', 'o', 'm', '\0',
-  /* "acg.sb", false */ 'a', 'c', 'g', '.', 's', 'b', '\0',
+  /* "acg.sb", true */ 'a', 'c', 'g', '.', 's', 'b', '\0',
   /* "acgaudio.com", true */ 'a', 'c', 'g', 'a', 'u', 'd', 'i', 'o', '.', 'c', 'o', 'm', '\0',
   /* "acheconcursos.com.br", true */ 'a', 'c', 'h', 'e', 'c', 'o', 'n', 'c', 'u', 'r', 's', 'o', 's', '.', 'c', 'o', 'm', '.', 'b', 'r', '\0',
   /* "achenar.net", true */ 'a', 'c', 'h', 'e', 'n', 'a', 'r', '.', 'n', 'e', 't', '\0',
   /* "acheritage.co.uk", true */ 'a', 'c', 'h', 'e', 'r', 'i', 't', 'a', 'g', 'e', '.', 'c', 'o', '.', 'u', 'k', '\0',
   /* "achow101.com", true */ 'a', 'c', 'h', 'o', 'w', '1', '0', '1', '.', 'c', 'o', 'm', '\0',
   /* "achromatisch.de", true */ 'a', 'c', 'h', 'r', 'o', 'm', 'a', 't', 'i', 's', 'c', 'h', '.', 'd', 'e', '\0',
   /* "achterhoekseveiligheidsbeurs.nl", true */ 'a', 'c', 'h', 't', 'e', 'r', 'h', 'o', 'e', 'k', 's', 'e', 'v', 'e', 'i', 'l', 'i', 'g', 'h', 'e', 'i', 'd', 's', 'b', 'e', 'u', 'r', 's', '.', 'n', 'l', '\0',
   /* "achterstieg.dedyn.io", true */ 'a', 'c', 'h', 't', 'e', 'r', 's', 't', 'i', 'e', 'g', '.', 'd', 'e', 'd', 'y', 'n', '.', 'i', 'o', '\0',
   /* "achtzehn.eu", true */ 'a', 'c', 'h', 't', 'z', 'e', 'h', 'n', '.', 'e', 'u', '\0',
   /* "acidbin.co", true */ 'a', 'c', 'i', 'd', 'b', 'i', 'n', '.', 'c', 'o', '\0',
   /* "aciksite.com", true */ 'a', 'c', 'i', 'k', 's', 'i', 't', 'e', '.', 'c', 'o', 'm', '\0',
   /* "aclu.org", false */ 'a', 'c', 'l', 'u', '.', 'o', 'r', 'g', '\0',
   /* "acme.beer", true */ 'a', 'c', 'm', 'e', '.', 'b', 'e', 'e', 'r', '\0',
   /* "acmexyz123.info", true */ 'a', 'c', 'm', 'e', 'x', 'y', 'z', '1', '2', '3', '.', 'i', 'n', 'f', 'o', '\0',
   /* "acmle.com", false */ 'a', 'c', 'm', 'l', 'e', '.', 'c', 'o', 'm', '\0',
   /* "acnpacific.com", true */ 'a', 'c', 'n', 'p', 'a', 'c', 'i', 'f', 'i', 'c', '.', 'c', 'o', 'm', '\0',
+  /* "acoffeeshops.com", true */ 'a', 'c', 'o', 'f', 'f', 'e', 'e', 's', 'h', 'o', 'p', 's', '.', 'c', 'o', 'm', '\0',
   /* "acourse.io", true */ 'a', 'c', 'o', 'u', 'r', 's', 'e', '.', 'i', 'o', '\0',
   /* "acrepairdrippingsprings.com", true */ 'a', 'c', 'r', 'e', 'p', 'a', 'i', 'r', 'd', 'r', 'i', 'p', 'p', 'i', 'n', 'g', 's', 'p', 'r', 'i', 'n', 'g', 's', '.', 'c', 'o', 'm', '\0',
   /* "acritelli.com", false */ 'a', 'c', 'r', 'i', 't', 'e', 'l', 'l', 'i', '.', 'c', 'o', 'm', '\0',
   /* "acrossgw.com", true */ 'a', 'c', 'r', 'o', 's', 's', 'g', 'w', '.', 'c', 'o', 'm', '\0',
   /* "acrylicwifi.com", true */ 'a', 'c', 'r', 'y', 'l', 'i', 'c', 'w', 'i', 'f', 'i', '.', 'c', 'o', 'm', '\0',
   /* "acs-chantal.com", true */ 'a', 'c', 's', '-', 'c', 'h', 'a', 'n', 't', 'a', 'l', '.', 'c', 'o', 'm', '\0',
   /* "acsemb.org", true */ 'a', 'c', 's', 'e', 'm', 'b', '.', 'o', 'r', 'g', '\0',
   /* "acsports.ca", true */ 'a', 'c', 's', 'p', 'o', 'r', 't', 's', '.', 'c', 'a', '\0',
@@ -648,17 +646,16 @@ static const char kSTSHostTable[] = {
   /* "aextron.com", true */ 'a', 'e', 'x', 't', 'r', 'o', 'n', '.', 'c', 'o', 'm', '\0',
   /* "aextron.de", true */ 'a', 'e', 'x', 't', 'r', 'o', 'n', '.', 'd', 'e', '\0',
   /* "aextron.org", true */ 'a', 'e', 'x', 't', 'r', 'o', 'n', '.', 'o', 'r', 'g', '\0',
   /* "afb24.de", true */ 'a', 'f', 'b', '2', '4', '.', 'd', 'e', '\0',
   /* "afdkompakt.de", true */ 'a', 'f', 'd', 'k', 'o', 'm', 'p', 'a', 'k', 't', '.', 'd', 'e', '\0',
   /* "affiliateroyale.com", true */ 'a', 'f', 'f', 'i', 'l', 'i', 'a', 't', 'e', 'r', 'o', 'y', 'a', 'l', 'e', '.', 'c', 'o', 'm', '\0',
   /* "affiliatetest.azurewebsites.net", true */ 'a', 'f', 'f', 'i', 'l', 'i', 'a', 't', 'e', 't', 'e', 's', 't', '.', 'a', 'z', 'u', 'r', 'e', 'w', 'e', 'b', 's', 'i', 't', 'e', 's', '.', 'n', 'e', 't', '\0',
   /* "affinity.vc", true */ 'a', 'f', 'f', 'i', 'n', 'i', 't', 'y', '.', 'v', 'c', '\0',
-  /* "affinitysync.com", true */ 'a', 'f', 'f', 'i', 'n', 'i', 't', 'y', 's', 'y', 'n', 'c', '.', 'c', 'o', 'm', '\0',
   /* "affordableazdivorce.com", true */ 'a', 'f', 'f', 'o', 'r', 'd', 'a', 'b', 'l', 'e', 'a', 'z', 'd', 'i', 'v', 'o', 'r', 'c', 'e', '.', 'c', 'o', 'm', '\0',
   /* "affordablemudjacking.com", true */ 'a', 'f', 'f', 'o', 'r', 'd', 'a', 'b', 'l', 'e', 'm', 'u', 'd', 'j', 'a', 'c', 'k', 'i', 'n', 'g', '.', 'c', 'o', 'm', '\0',
   /* "afghan.dating", true */ 'a', 'f', 'g', 'h', 'a', 'n', '.', 'd', 'a', 't', 'i', 'n', 'g', '\0',
   /* "aficionados.com.br", true */ 'a', 'f', 'i', 'c', 'i', 'o', 'n', 'a', 'd', 'o', 's', '.', 'c', 'o', 'm', '.', 'b', 'r', '\0',
   /* "afinadoronline.com.br", true */ 'a', 'f', 'i', 'n', 'a', 'd', 'o', 'r', 'o', 'n', 'l', 'i', 'n', 'e', '.', 'c', 'o', 'm', '.', 'b', 'r', '\0',
   /* "aflattr.com", true */ 'a', 'f', 'l', 'a', 't', 't', 'r', '.', 'c', 'o', 'm', '\0',
   /* "afmchandler.com", true */ 'a', 'f', 'm', 'c', 'h', 'a', 'n', 'd', 'l', 'e', 'r', '.', 'c', 'o', 'm', '\0',
   /* "afp548.com", true */ 'a', 'f', 'p', '5', '4', '8', '.', 'c', 'o', 'm', '\0',
@@ -666,17 +663,16 @@ static const char kSTSHostTable[] = {
   /* "africa.dating", true */ 'a', 'f', 'r', 'i', 'c', 'a', '.', 'd', 'a', 't', 'i', 'n', 'g', '\0',
   /* "africatravel.de", true */ 'a', 'f', 'r', 'i', 'c', 'a', 't', 'r', 'a', 'v', 'e', 'l', '.', 'd', 'e', '\0',
   /* "afrodigital.uk", true */ 'a', 'f', 'r', 'o', 'd', 'i', 'g', 'i', 't', 'a', 'l', '.', 'u', 'k', '\0',
   /* "after.im", true */ 'a', 'f', 't', 'e', 'r', '.', 'i', 'm', '\0',
   /* "afterstack.net", true */ 'a', 'f', 't', 'e', 'r', 's', 't', 'a', 'c', 'k', '.', 'n', 'e', 't', '\0',
   /* "afuh.de", true */ 'a', 'f', 'u', 'h', '.', 'd', 'e', '\0',
   /* "afva.net", true */ 'a', 'f', 'v', 'a', '.', 'n', 'e', 't', '\0',
   /* "afvallendoeje.nu", true */ 'a', 'f', 'v', 'a', 'l', 'l', 'e', 'n', 'd', 'o', 'e', 'j', 'e', '.', 'n', 'u', '\0',
-  /* "afyou.co.kr", false */ 'a', 'f', 'y', 'o', 'u', '.', 'c', 'o', '.', 'k', 'r', '\0',
   /* "ag-websolutions.de", true */ 'a', 'g', '-', 'w', 'e', 'b', 's', 'o', 'l', 'u', 't', 'i', 'o', 'n', 's', '.', 'd', 'e', '\0',
   /* "agdalieso.com.ba", true */ 'a', 'g', 'd', 'a', 'l', 'i', 'e', 's', 'o', '.', 'c', 'o', 'm', '.', 'b', 'a', '\0',
   /* "ageg.ca", true */ 'a', 'g', 'e', 'g', '.', 'c', 'a', '\0',
   /* "agenciadeempregosdourados.com.br", true */ 'a', 'g', 'e', 'n', 'c', 'i', 'a', 'd', 'e', 'e', 'm', 'p', 'r', 'e', 'g', 'o', 's', 'd', 'o', 'u', 'r', 'a', 'd', 'o', 's', '.', 'c', 'o', 'm', '.', 'b', 'r', '\0',
   /* "agenda-loto.net", false */ 'a', 'g', 'e', 'n', 'd', 'a', '-', 'l', 'o', 't', 'o', '.', 'n', 'e', 't', '\0',
   /* "agenda21senden.de", true */ 'a', 'g', 'e', 'n', 'd', 'a', '2', '1', 's', 'e', 'n', 'd', 'e', 'n', '.', 'd', 'e', '\0',
   /* "agent6.com.au", true */ 'a', 'g', 'e', 'n', 't', '6', '.', 'c', 'o', 'm', '.', 'a', 'u', '\0',
   /* "agfmedia.com", true */ 'a', 'g', 'f', 'm', 'e', 'd', 'i', 'a', '.', 'c', 'o', 'm', '\0',
@@ -720,17 +716,16 @@ static const char kSTSHostTable[] = {
   /* "aibenzi.com", true */ 'a', 'i', 'b', 'e', 'n', 'z', 'i', '.', 'c', 'o', 'm', '\0',
   /* "aicial.co.uk", true */ 'a', 'i', 'c', 'i', 'a', 'l', '.', 'c', 'o', '.', 'u', 'k', '\0',
   /* "aicial.com", true */ 'a', 'i', 'c', 'i', 'a', 'l', '.', 'c', 'o', 'm', '\0',
   /* "aicial.com.au", true */ 'a', 'i', 'c', 'i', 'a', 'l', '.', 'c', 'o', 'm', '.', 'a', 'u', '\0',
   /* "aidanmontare.net", true */ 'a', 'i', 'd', 'a', 'n', 'm', 'o', 'n', 't', 'a', 'r', 'e', '.', 'n', 'e', 't', '\0',
   /* "aiden.link", true */ 'a', 'i', 'd', 'e', 'n', '.', 'l', 'i', 'n', 'k', '\0',
   /* "aidhan.net", true */ 'a', 'i', 'd', 'h', 'a', 'n', '.', 'n', 'e', 't', '\0',
   /* "aidikofflaw.com", true */ 'a', 'i', 'd', 'i', 'k', 'o', 'f', 'f', 'l', 'a', 'w', '.', 'c', 'o', 'm', '\0',
-  /* "aids.gov", true */ 'a', 'i', 'd', 's', '.', 'g', 'o', 'v', '\0',
   /* "aie.de", true */ 'a', 'i', 'e', '.', 'd', 'e', '\0',
   /* "aiesecarad.ro", true */ 'a', 'i', 'e', 's', 'e', 'c', 'a', 'r', 'a', 'd', '.', 'r', 'o', '\0',
   /* "aify.eu", true */ 'a', 'i', 'f', 'y', '.', 'e', 'u', '\0',
   /* "aigcev.org", true */ 'a', 'i', 'g', 'c', 'e', 'v', '.', 'o', 'r', 'g', '\0',
   /* "aikenorganics.com", true */ 'a', 'i', 'k', 'e', 'n', 'o', 'r', 'g', 'a', 'n', 'i', 'c', 's', '.', 'c', 'o', 'm', '\0',
   /* "aikido-club-limburg.de", true */ 'a', 'i', 'k', 'i', 'd', 'o', '-', 'c', 'l', 'u', 'b', '-', 'l', 'i', 'm', 'b', 'u', 'r', 'g', '.', 'd', 'e', '\0',
   /* "aikido-linz.at", true */ 'a', 'i', 'k', 'i', 'd', 'o', '-', 'l', 'i', 'n', 'z', '.', 'a', 't', '\0',
   /* "aikido-wels.at", true */ 'a', 'i', 'k', 'i', 'd', 'o', '-', 'w', 'e', 'l', 's', '.', 'a', 't', '\0',
@@ -914,17 +909,16 @@ static const char kSTSHostTable[] = {
   /* "allinonecyprus.com", true */ 'a', 'l', 'l', 'i', 'n', 'o', 'n', 'e', 'c', 'y', 'p', 'r', 'u', 's', '.', 'c', 'o', 'm', '\0',
   /* "allladyboys.com", true */ 'a', 'l', 'l', 'l', 'a', 'd', 'y', 'b', 'o', 'y', 's', '.', 'c', 'o', 'm', '\0',
   /* "allmebel.ru", true */ 'a', 'l', 'l', 'm', 'e', 'b', 'e', 'l', '.', 'r', 'u', '\0',
   /* "allmystery.de", true */ 'a', 'l', 'l', 'm', 'y', 's', 't', 'e', 'r', 'y', '.', 'd', 'e', '\0',
   /* "allns.fr", true */ 'a', 'l', 'l', 'n', 's', '.', 'f', 'r', '\0',
   /* "allo-symo.fr", true */ 'a', 'l', 'l', 'o', '-', 's', 'y', 'm', 'o', '.', 'f', 'r', '\0',
   /* "allrealty.co.za", true */ 'a', 'l', 'l', 'r', 'e', 'a', 'l', 't', 'y', '.', 'c', 'o', '.', 'z', 'a', '\0',
   /* "allshousedesigns.com", true */ 'a', 'l', 'l', 's', 'h', 'o', 'u', 's', 'e', 'd', 'e', 's', 'i', 'g', 'n', 's', '.', 'c', 'o', 'm', '\0',
-  /* "alltheducks.com", true */ 'a', 'l', 'l', 't', 'h', 'e', 'd', 'u', 'c', 'k', 's', '.', 'c', 'o', 'm', '\0',
   /* "allthethings.co.nz", true */ 'a', 'l', 'l', 't', 'h', 'e', 't', 'h', 'i', 'n', 'g', 's', '.', 'c', 'o', '.', 'n', 'z', '\0',
   /* "allthings.me", true */ 'a', 'l', 'l', 't', 'h', 'i', 'n', 'g', 's', '.', 'm', 'e', '\0',
   /* "allthingsblogging.com", true */ 'a', 'l', 'l', 't', 'h', 'i', 'n', 'g', 's', 'b', 'l', 'o', 'g', 'g', 'i', 'n', 'g', '.', 'c', 'o', 'm', '\0',
   /* "allthingssquared.com", true */ 'a', 'l', 'l', 't', 'h', 'i', 'n', 'g', 's', 's', 'q', 'u', 'a', 'r', 'e', 'd', '.', 'c', 'o', 'm', '\0',
   /* "allthingswild.co.uk", true */ 'a', 'l', 'l', 't', 'h', 'i', 'n', 'g', 's', 'w', 'i', 'l', 'd', '.', 'c', 'o', '.', 'u', 'k', '\0',
   /* "alltubedownload.net", true */ 'a', 'l', 'l', 't', 'u', 'b', 'e', 'd', 'o', 'w', 'n', 'l', 'o', 'a', 'd', '.', 'n', 'e', 't', '\0',
   /* "alluvion.studio", true */ 'a', 'l', 'l', 'u', 'v', 'i', 'o', 'n', '.', 's', 't', 'u', 'd', 'i', 'o', '\0',
   /* "almstrom.org", true */ 'a', 'l', 'm', 's', 't', 'r', 'o', 'm', '.', 'o', 'r', 'g', '\0',
@@ -951,17 +945,16 @@ static const char kSTSHostTable[] = {
   /* "als-hardware.co.za", true */ 'a', 'l', 's', '-', 'h', 'a', 'r', 'd', 'w', 'a', 'r', 'e', '.', 'c', 'o', '.', 'z', 'a', '\0',
   /* "alspolska.pl", true */ 'a', 'l', 's', 'p', 'o', 'l', 's', 'k', 'a', '.', 'p', 'l', '\0',
   /* "alstroemeria.org", true */ 'a', 'l', 's', 't', 'r', 'o', 'e', 'm', 'e', 'r', 'i', 'a', '.', 'o', 'r', 'g', '\0',
   /* "alt-three.com", true */ 'a', 'l', 't', '-', 't', 'h', 'r', 'e', 'e', '.', 'c', 'o', 'm', '\0',
   /* "alt.org", true */ 'a', 'l', 't', '.', 'o', 'r', 'g', '\0',
   /* "altahrim.net", true */ 'a', 'l', 't', 'a', 'h', 'r', 'i', 'm', '.', 'n', 'e', 't', '\0',
   /* "altaide.com", true */ 'a', 'l', 't', 'a', 'i', 'd', 'e', '.', 'c', 'o', 'm', '\0',
   /* "altailife.ru", true */ 'a', 'l', 't', 'a', 'i', 'l', 'i', 'f', 'e', '.', 'r', 'u', '\0',
-  /* "altamarea.se", true */ 'a', 'l', 't', 'a', 'm', 'a', 'r', 'e', 'a', '.', 's', 'e', '\0',
   /* "altbinaries.com", true */ 'a', 'l', 't', 'b', 'i', 'n', 'a', 'r', 'i', 'e', 's', '.', 'c', 'o', 'm', '\0',
   /* "altedirect.com", true */ 'a', 'l', 't', 'e', 'd', 'i', 'r', 'e', 'c', 't', '.', 'c', 'o', 'm', '\0',
   /* "alteqnia.com", true */ 'a', 'l', 't', 'e', 'q', 'n', 'i', 'a', '.', 'c', 'o', 'm', '\0',
   /* "alterbaum.net", true */ 'a', 'l', 't', 'e', 'r', 'b', 'a', 'u', 'm', '.', 'n', 'e', 't', '\0',
   /* "altercpa.ru", true */ 'a', 'l', 't', 'e', 'r', 'c', 'p', 'a', '.', 'r', 'u', '\0',
   /* "alternative.bike", true */ 'a', 'l', 't', 'e', 'r', 'n', 'a', 't', 'i', 'v', 'e', '.', 'b', 'i', 'k', 'e', '\0',
   /* "alternativedev.ca", true */ 'a', 'l', 't', 'e', 'r', 'n', 'a', 't', 'i', 'v', 'e', 'd', 'e', 'v', '.', 'c', 'a', '\0',
   /* "alternativet.party", true */ 'a', 'l', 't', 'e', 'r', 'n', 'a', 't', 'i', 'v', 'e', 't', '.', 'p', 'a', 'r', 't', 'y', '\0',
@@ -1180,16 +1173,17 @@ static const char kSTSHostTable[] = {
   /* "annuaire-jcb.com", true */ 'a', 'n', 'n', 'u', 'a', 'i', 'r', 'e', '-', 'j', 'c', 'b', '.', 'c', 'o', 'm', '\0',
   /* "annuaire-photographe.fr", false */ 'a', 'n', 'n', 'u', 'a', 'i', 'r', 'e', '-', 'p', 'h', 'o', 't', 'o', 'g', 'r', 'a', 'p', 'h', 'e', '.', 'f', 'r', '\0',
   /* "anohana.org", true */ 'a', 'n', 'o', 'h', 'a', 'n', 'a', '.', 'o', 'r', 'g', '\0',
   /* "anojan.com", true */ 'a', 'n', 'o', 'j', 'a', 'n', '.', 'c', 'o', 'm', '\0',
   /* "anon-next.de", true */ 'a', 'n', 'o', 'n', '-', 'n', 'e', 'x', 't', '.', 'd', 'e', '\0',
   /* "anonboards.com", true */ 'a', 'n', 'o', 'n', 'b', 'o', 'a', 'r', 'd', 's', '.', 'c', 'o', 'm', '\0',
   /* "anoncom.net", true */ 'a', 'n', 'o', 'n', 'c', 'o', 'm', '.', 'n', 'e', 't', '\0',
   /* "anoneko.com", true */ 'a', 'n', 'o', 'n', 'e', 'k', 'o', '.', 'c', 'o', 'm', '\0',
+  /* "anongoth.pl", true */ 'a', 'n', 'o', 'n', 'g', 'o', 't', 'h', '.', 'p', 'l', '\0',
   /* "anonukradio.org", true */ 'a', 'n', 'o', 'n', 'u', 'k', 'r', 'a', 'd', 'i', 'o', '.', 'o', 'r', 'g', '\0',
   /* "anonym-surfen.de", true */ 'a', 'n', 'o', 'n', 'y', 'm', '-', 's', 'u', 'r', 'f', 'e', 'n', '.', 'd', 'e', '\0',
   /* "anonyme-spieler.at", true */ 'a', 'n', 'o', 'n', 'y', 'm', 'e', '-', 's', 'p', 'i', 'e', 'l', 'e', 'r', '.', 'a', 't', '\0',
   /* "anotherchef.com", true */ 'a', 'n', 'o', 't', 'h', 'e', 'r', 'c', 'h', 'e', 'f', '.', 'c', 'o', 'm', '\0',
   /* "anotherfatgeek.net", true */ 'a', 'n', 'o', 't', 'h', 'e', 'r', 'f', 'a', 't', 'g', 'e', 'e', 'k', '.', 'n', 'e', 't', '\0',
   /* "anothermanfilm.co.uk", true */ 'a', 'n', 'o', 't', 'h', 'e', 'r', 'm', 'a', 'n', 'f', 'i', 'l', 'm', '.', 'c', 'o', '.', 'u', 'k', '\0',
   /* "anothermilan.net", true */ 'a', 'n', 'o', 't', 'h', 'e', 'r', 'm', 'i', 'l', 'a', 'n', '.', 'n', 'e', 't', '\0',
   /* "ans-delft.nl", true */ 'a', 'n', 's', '-', 'd', 'e', 'l', 'f', 't', '.', 'n', 'l', '\0',
@@ -1408,28 +1402,26 @@ static const char kSTSHostTable[] = {
   /* "arlatools.com", true */ 'a', 'r', 'l', 'a', 't', 'o', 'o', 'l', 's', '.', 'c', 'o', 'm', '\0',
   /* "arlen.io", true */ 'a', 'r', 'l', 'e', 'n', '.', 'i', 'o', '\0',
   /* "arlet.click", true */ 'a', 'r', 'l', 'e', 't', '.', 'c', 'l', 'i', 'c', 'k', '\0',
   /* "armadaquadrat.com", true */ 'a', 'r', 'm', 'a', 'd', 'a', 'q', 'u', 'a', 'd', 'r', 'a', 't', '.', 'c', 'o', 'm', '\0',
   /* "armandsdiscount.com", true */ 'a', 'r', 'm', 'a', 'n', 'd', 's', 'd', 'i', 's', 'c', 'o', 'u', 'n', 't', '.', 'c', 'o', 'm', '\0',
   /* "armingrodon.de", false */ 'a', 'r', 'm', 'i', 'n', 'g', 'r', 'o', 'd', 'o', 'n', '.', 'd', 'e', '\0',
   /* "arminpech.de", true */ 'a', 'r', 'm', 'i', 'n', 'p', 'e', 'c', 'h', '.', 'd', 'e', '\0',
   /* "armleads.com", true */ 'a', 'r', 'm', 'l', 'e', 'a', 'd', 's', '.', 'c', 'o', 'm', '\0',
-  /* "armor.com", true */ 'a', 'r', 'm', 'o', 'r', '.', 'c', 'o', 'm', '\0',
   /* "armored.ninja", true */ 'a', 'r', 'm', 'o', 'r', 'e', 'd', '.', 'n', 'i', 'n', 'j', 'a', '\0',
   /* "armstrongsengineering.com", true */ 'a', 'r', 'm', 's', 't', 'r', 'o', 'n', 'g', 's', 'e', 'n', 'g', 'i', 'n', 'e', 'e', 'r', 'i', 'n', 'g', '.', 'c', 'o', 'm', '\0',
   /* "army24.cz", true */ 'a', 'r', 'm', 'y', '2', '4', '.', 'c', 'z', '\0',
   /* "armyprodej.cz", true */ 'a', 'r', 'm', 'y', 'p', 'r', 'o', 'd', 'e', 'j', '.', 'c', 'z', '\0',
   /* "arnaudb.net", true */ 'a', 'r', 'n', 'a', 'u', 'd', 'b', '.', 'n', 'e', 't', '\0',
   /* "arnaudfeld.de", true */ 'a', 'r', 'n', 'a', 'u', 'd', 'f', 'e', 'l', 'd', '.', 'd', 'e', '\0',
   /* "arne-petersen.net", true */ 'a', 'r', 'n', 'e', '-', 'p', 'e', 't', 'e', 'r', 's', 'e', 'n', '.', 'n', 'e', 't', '\0',
   /* "arnesolutions.com", true */ 'a', 'r', 'n', 'e', 's', 'o', 'l', 'u', 't', 'i', 'o', 'n', 's', '.', 'c', 'o', 'm', '\0',
   /* "arnetdigital.eu", false */ 'a', 'r', 'n', 'e', 't', 'd', 'i', 'g', 'i', 't', 'a', 'l', '.', 'e', 'u', '\0',
   /* "arnor.org", true */ 'a', 'r', 'n', 'o', 'r', '.', 'o', 'r', 'g', '\0',
-  /* "arod.tk", true */ 'a', 'r', 'o', 'd', '.', 't', 'k', '\0',
   /* "arokha.com", true */ 'a', 'r', 'o', 'k', 'h', 'a', '.', 'c', 'o', 'm', '\0',
   /* "aromaclub.nl", true */ 'a', 'r', 'o', 'm', 'a', 'c', 'l', 'u', 'b', '.', 'n', 'l', '\0',
   /* "aroonchande.com", true */ 'a', 'r', 'o', 'o', 'n', 'c', 'h', 'a', 'n', 'd', 'e', '.', 'c', 'o', 'm', '\0',
   /* "aroundme.org", true */ 'a', 'r', 'o', 'u', 'n', 'd', 'm', 'e', '.', 'o', 'r', 'g', '\0',
   /* "arqueo-ecuatoriana.ec", true */ 'a', 'r', 'q', 'u', 'e', 'o', '-', 'e', 'c', 'u', 'a', 't', 'o', 'r', 'i', 'a', 'n', 'a', '.', 'e', 'c', '\0',
   /* "arquitetura.pt", true */ 'a', 'r', 'q', 'u', 'i', 't', 'e', 't', 'u', 'r', 'a', '.', 'p', 't', '\0',
   /* "arrakis.se", true */ 'a', 'r', 'r', 'a', 'k', 'i', 's', '.', 's', 'e', '\0',
   /* "arrive.by", true */ 'a', 'r', 'r', 'i', 'v', 'e', '.', 'b', 'y', '\0',
@@ -1483,18 +1475,16 @@ static const char kSTSHostTable[] = {
   /* "arveron.ch", true */ 'a', 'r', 'v', 'e', 'r', 'o', 'n', '.', 'c', 'h', '\0',
   /* "arvid.io", true */ 'a', 'r', 'v', 'i', 'd', '.', 'i', 'o', '\0',
   /* "arvindhariharan.com", true */ 'a', 'r', 'v', 'i', 'n', 'd', 'h', 'a', 'r', 'i', 'h', 'a', 'r', 'a', 'n', '.', 'c', 'o', 'm', '\0',
   /* "arvindhariharan.me", true */ 'a', 'r', 'v', 'i', 'n', 'd', 'h', 'a', 'r', 'i', 'h', 'a', 'r', 'a', 'n', '.', 'm', 'e', '\0',
   /* "arw.me", true */ 'a', 'r', 'w', '.', 'm', 'e', '\0',
   /* "aryan-nation.com", true */ 'a', 'r', 'y', 'a', 'n', '-', 'n', 'a', 't', 'i', 'o', 'n', '.', 'c', 'o', 'm', '\0',
   /* "aryasenna.net", true */ 'a', 'r', 'y', 'a', 's', 'e', 'n', 'n', 'a', '.', 'n', 'e', 't', '\0',
   /* "arzid.com", true */ 'a', 'r', 'z', 'i', 'd', '.', 'c', 'o', 'm', '\0',
-  /* "as200753.com", true */ 'a', 's', '2', '0', '0', '7', '5', '3', '.', 'c', 'o', 'm', '\0',
-  /* "as200753.net", true */ 'a', 's', '2', '0', '0', '7', '5', '3', '.', 'n', 'e', 't', '\0',
   /* "as44222.net", true */ 'a', 's', '4', '4', '2', '2', '2', '.', 'n', 'e', 't', '\0',
   /* "asadatec.de", true */ 'a', 's', 'a', 'd', 'a', 't', 'e', 'c', '.', 'd', 'e', '\0',
   /* "asadzulfahri.com", true */ 'a', 's', 'a', 'd', 'z', 'u', 'l', 'f', 'a', 'h', 'r', 'i', '.', 'c', 'o', 'm', '\0',
   /* "asafilm.co", true */ 'a', 's', 'a', 'f', 'i', 'l', 'm', '.', 'c', 'o', '\0',
   /* "asafomba.com", true */ 'a', 's', 'a', 'f', 'o', 'm', 'b', 'a', '.', 'c', 'o', 'm', '\0',
   /* "asahikoji.net", true */ 'a', 's', 'a', 'h', 'i', 'k', 'o', 'j', 'i', '.', 'n', 'e', 't', '\0',
   /* "asana.studio", true */ 'a', 's', 'a', 'n', 'a', '.', 's', 't', 'u', 'd', 'i', 'o', '\0',
   /* "asandu.eu", true */ 'a', 's', 'a', 'n', 'd', 'u', '.', 'e', 'u', '\0',
@@ -1597,16 +1587,17 @@ static const char kSTSHostTable[] = {
   /* "atlseccon.com", true */ 'a', 't', 'l', 's', 'e', 'c', 'c', 'o', 'n', '.', 'c', 'o', 'm', '\0',
   /* "atnis.com", true */ 'a', 't', 'n', 'i', 's', '.', 'c', 'o', 'm', '\0',
   /* "ato4sound.com", true */ 'a', 't', 'o', '4', 's', 'o', 'u', 'n', 'd', '.', 'c', 'o', 'm', '\0',
   /* "atolm.net", true */ 'a', 't', 'o', 'l', 'm', '.', 'n', 'e', 't', '\0',
   /* "atom-china.org", true */ 'a', 't', 'o', 'm', '-', 'c', 'h', 'i', 'n', 'a', '.', 'o', 'r', 'g', '\0',
   /* "atom.solutions", true */ 'a', 't', 'o', 'm', '.', 's', 'o', 'l', 'u', 't', 'i', 'o', 'n', 's', '\0',
   /* "atom86.net", true */ 'a', 't', 'o', 'm', '8', '6', '.', 'n', 'e', 't', '\0',
   /* "atombase.org", true */ 'a', 't', 'o', 'm', 'b', 'a', 's', 'e', '.', 'o', 'r', 'g', '\0',
+  /* "atomism.com", true */ 'a', 't', 'o', 'm', 'i', 's', 'm', '.', 'c', 'o', 'm', '\0',
   /* "atraining.ru", true */ 'a', 't', 'r', 'a', 'i', 'n', 'i', 'n', 'g', '.', 'r', 'u', '\0',
   /* "atrinik.org", true */ 'a', 't', 'r', 'i', 'n', 'i', 'k', '.', 'o', 'r', 'g', '\0',
   /* "atte.fi", true */ 'a', 't', 't', 'e', '.', 'f', 'i', '\0',
   /* "attilagyorffy.com", true */ 'a', 't', 't', 'i', 'l', 'a', 'g', 'y', 'o', 'r', 'f', 'f', 'y', '.', 'c', 'o', 'm', '\0',
   /* "attilavandervelde.nl", true */ 'a', 't', 't', 'i', 'l', 'a', 'v', 'a', 'n', 'd', 'e', 'r', 'v', 'e', 'l', 'd', 'e', '.', 'n', 'l', '\0',
   /* "attitudes-bureaux.fr", true */ 'a', 't', 't', 'i', 't', 'u', 'd', 'e', 's', '-', 'b', 'u', 'r', 'e', 'a', 'u', 'x', '.', 'f', 'r', '\0',
   /* "attogproductions.com", true */ 'a', 't', 't', 'o', 'g', 'p', 'r', 'o', 'd', 'u', 'c', 't', 'i', 'o', 'n', 's', '.', 'c', 'o', 'm', '\0',
   /* "attogtech.com", true */ 'a', 't', 't', 'o', 'g', 't', 'e', 'c', 'h', '.', 'c', 'o', 'm', '\0',
@@ -1643,17 +1634,16 @@ static const char kSTSHostTable[] = {
   /* "augmentable.de", true */ 'a', 'u', 'g', 'm', 'e', 'n', 't', 'a', 'b', 'l', 'e', '.', 'd', 'e', '\0',
   /* "augustian-life.cz", true */ 'a', 'u', 'g', 'u', 's', 't', 'i', 'a', 'n', '-', 'l', 'i', 'f', 'e', '.', 'c', 'z', '\0',
   /* "augustiner-kantorei-erfurt.de", true */ 'a', 'u', 'g', 'u', 's', 't', 'i', 'n', 'e', 'r', '-', 'k', 'a', 'n', 't', 'o', 'r', 'e', 'i', '-', 'e', 'r', 'f', 'u', 'r', 't', '.', 'd', 'e', '\0',
   /* "augustiner-kantorei.de", true */ 'a', 'u', 'g', 'u', 's', 't', 'i', 'n', 'e', 'r', '-', 'k', 'a', 'n', 't', 'o', 'r', 'e', 'i', '.', 'd', 'e', '\0',
   /* "aukaraoke.su", true */ 'a', 'u', 'k', 'a', 'r', 'a', 'o', 'k', 'e', '.', 's', 'u', '\0',
   /* "aulo.in", false */ 'a', 'u', 'l', 'o', '.', 'i', 'n', '\0',
   /* "aunali1.com", true */ 'a', 'u', 'n', 'a', 'l', 'i', '1', '.', 'c', 'o', 'm', '\0',
   /* "auplidespages.fr", true */ 'a', 'u', 'p', 'l', 'i', 'd', 'e', 's', 'p', 'a', 'g', 'e', 's', '.', 'f', 'r', '\0',
-  /* "aur.rocks", true */ 'a', 'u', 'r', '.', 'r', 'o', 'c', 'k', 's', '\0',
   /* "aureus.pw", true */ 'a', 'u', 'r', 'e', 'u', 's', '.', 'p', 'w', '\0',
   /* "auri.ga", true */ 'a', 'u', 'r', 'i', '.', 'g', 'a', '\0',
   /* "auricblue.com", true */ 'a', 'u', 'r', 'i', 'c', 'b', 'l', 'u', 'e', '.', 'c', 'o', 'm', '\0',
   /* "auriko-games.de", true */ 'a', 'u', 'r', 'i', 'k', 'o', '-', 'g', 'a', 'm', 'e', 's', '.', 'd', 'e', '\0',
   /* "aurora-terraria.org", true */ 'a', 'u', 'r', 'o', 'r', 'a', '-', 't', 'e', 'r', 'r', 'a', 'r', 'i', 'a', '.', 'o', 'r', 'g', '\0',
   /* "aurorarecordings.com", true */ 'a', 'u', 'r', 'o', 'r', 'a', 'r', 'e', 'c', 'o', 'r', 'd', 'i', 'n', 'g', 's', '.', 'c', 'o', 'm', '\0',
   /* "aurugs.com", true */ 'a', 'u', 'r', 'u', 'g', 's', '.', 'c', 'o', 'm', '\0',
   /* "aus-ryugaku.info", true */ 'a', 'u', 's', '-', 'r', 'y', 'u', 'g', 'a', 'k', 'u', '.', 'i', 'n', 'f', 'o', '\0',
@@ -1705,16 +1695,17 @@ static const char kSTSHostTable[] = {
   /* "avastantivirus.ro", true */ 'a', 'v', 'a', 's', 't', 'a', 'n', 't', 'i', 'v', 'i', 'r', 'u', 's', '.', 'r', 'o', '\0',
   /* "avdagic.net", true */ 'a', 'v', 'd', 'a', 'g', 'i', 'c', '.', 'n', 'e', 't', '\0',
   /* "avdelivers.com", true */ 'a', 'v', 'd', 'e', 'l', 'i', 'v', 'e', 'r', 's', '.', 'c', 'o', 'm', '\0',
   /* "ave.zone", true */ 'a', 'v', 'e', '.', 'z', 'o', 'n', 'e', '\0',
   /* "avenueeyecare.com", true */ 'a', 'v', 'e', 'n', 'u', 'e', 'e', 'y', 'e', 'c', 'a', 'r', 'e', '.', 'c', 'o', 'm', '\0',
   /* "averen.co.uk", true */ 'a', 'v', 'e', 'r', 'e', 'n', '.', 'c', 'o', '.', 'u', 'k', '\0',
   /* "averysphotography.com", true */ 'a', 'v', 'e', 'r', 'y', 's', 'p', 'h', 'o', 't', 'o', 'g', 'r', 'a', 'p', 'h', 'y', '.', 'c', 'o', 'm', '\0',
   /* "avg.club", true */ 'a', 'v', 'g', '.', 'c', 'l', 'u', 'b', '\0',
+  /* "avi9526.pp.ua", true */ 'a', 'v', 'i', '9', '5', '2', '6', '.', 'p', 'p', '.', 'u', 'a', '\0',
   /* "aviationstrategy.aero", true */ 'a', 'v', 'i', 'a', 't', 'i', 'o', 'n', 's', 't', 'r', 'a', 't', 'e', 'g', 'y', '.', 'a', 'e', 'r', 'o', '\0',
   /* "aviodeals.com", true */ 'a', 'v', 'i', 'o', 'd', 'e', 'a', 'l', 's', '.', 'c', 'o', 'm', '\0',
   /* "avmemo.com", true */ 'a', 'v', 'm', 'e', 'm', 'o', '.', 'c', 'o', 'm', '\0',
   /* "avmo.pw", true */ 'a', 'v', 'm', 'o', '.', 'p', 'w', '\0',
   /* "avmoo.com", true */ 'a', 'v', 'm', 'o', 'o', '.', 'c', 'o', 'm', '\0',
   /* "avonlearningcampus.com", true */ 'a', 'v', 'o', 'n', 'l', 'e', 'a', 'r', 'n', 'i', 'n', 'g', 'c', 'a', 'm', 'p', 'u', 's', '.', 'c', 'o', 'm', '\0',
   /* "avotoma.com", true */ 'a', 'v', 'o', 't', 'o', 'm', 'a', '.', 'c', 'o', 'm', '\0',
   /* "avpres.net", true */ 'a', 'v', 'p', 'r', 'e', 's', '.', 'n', 'e', 't', '\0',
@@ -1810,17 +1801,16 @@ static const char kSTSHostTable[] = {
   /* "bacula.jp", true */ 'b', 'a', 'c', 'u', 'l', 'a', '.', 'j', 'p', '\0',
   /* "bad.horse", true */ 'b', 'a', 'd', '.', 'h', 'o', 'r', 's', 'e', '\0',
   /* "bad.show", true */ 'b', 'a', 'd', '.', 's', 'h', 'o', 'w', '\0',
   /* "badam.co", true */ 'b', 'a', 'd', 'a', 'm', '.', 'c', 'o', '\0',
   /* "badbee.cc", true */ 'b', 'a', 'd', 'b', 'e', 'e', '.', 'c', 'c', '\0',
   /* "badf00d.de", true */ 'b', 'a', 'd', 'f', '0', '0', 'd', '.', 'd', 'e', '\0',
   /* "badges.fedoraproject.org", true */ 'b', 'a', 'd', 'g', 'e', 's', '.', 'f', 'e', 'd', 'o', 'r', 'a', 'p', 'r', 'o', 'j', 'e', 'c', 't', '.', 'o', 'r', 'g', '\0',
   /* "badges.stg.fedoraproject.org", true */ 'b', 'a', 'd', 'g', 'e', 's', '.', 's', 't', 'g', '.', 'f', 'e', 'd', 'o', 'r', 'a', 'p', 'r', 'o', 'j', 'e', 'c', 't', '.', 'o', 'r', 'g', '\0',
-  /* "badhusky.com", true */ 'b', 'a', 'd', 'h', 'u', 's', 'k', 'y', '.', 'c', 'o', 'm', '\0',
   /* "badoo.com", true */ 'b', 'a', 'd', 'o', 'o', '.', 'c', 'o', 'm', '\0',
   /* "badseacoffee.com", true */ 'b', 'a', 'd', 's', 'e', 'a', 'c', 'o', 'f', 'f', 'e', 'e', '.', 'c', 'o', 'm', '\0',
   /* "baer.im", false */ 'b', 'a', 'e', 'r', '.', 'i', 'm', '\0',
   /* "baer.one", false */ 'b', 'a', 'e', 'r', '.', 'o', 'n', 'e', '\0',
   /* "baffinlee.com", true */ 'b', 'a', 'f', 'f', 'i', 'n', 'l', 'e', 'e', '.', 'c', 'o', 'm', '\0',
   /* "bagelsbakery.com", false */ 'b', 'a', 'g', 'e', 'l', 's', 'b', 'a', 'k', 'e', 'r', 'y', '.', 'c', 'o', 'm', '\0',
   /* "baggy.me.uk", true */ 'b', 'a', 'g', 'g', 'y', '.', 'm', 'e', '.', 'u', 'k', '\0',
   /* "bagheera.me.uk", true */ 'b', 'a', 'g', 'h', 'e', 'e', 'r', 'a', '.', 'm', 'e', '.', 'u', 'k', '\0',
@@ -1987,17 +1977,16 @@ static const char kSTSHostTable[] = {
   /* "bchep.com", true */ 'b', 'c', 'h', 'e', 'p', '.', 'c', 'o', 'm', '\0',
   /* "bck.me", true */ 'b', 'c', 'k', '.', 'm', 'e', '\0',
   /* "bcmguide.com", true */ 'b', 'c', 'm', 'g', 'u', 'i', 'd', 'e', '.', 'c', 'o', 'm', '\0',
   /* "bcmlu.org", true */ 'b', 'c', 'm', 'l', 'u', '.', 'o', 'r', 'g', '\0',
   /* "bcpc-ccgpfcheminots.com", true */ 'b', 'c', 'p', 'c', '-', 'c', 'c', 'g', 'p', 'f', 'c', 'h', 'e', 'm', 'i', 'n', 'o', 't', 's', '.', 'c', 'o', 'm', '\0',
   /* "bcrook.com", false */ 'b', 'c', 'r', 'o', 'o', 'k', '.', 'c', 'o', 'm', '\0',
   /* "bcswampcabins.com", true */ 'b', 'c', 's', 'w', 'a', 'm', 'p', 'c', 'a', 'b', 'i', 'n', 's', '.', 'c', 'o', 'm', '\0',
   /* "bdd.fi", true */ 'b', 'd', 'd', '.', 'f', 'i', '\0',
-  /* "bddemir.com", true */ 'b', 'd', 'd', 'e', 'm', 'i', 'r', '.', 'c', 'o', 'm', '\0',
   /* "bdikaros-network.net", true */ 'b', 'd', 'i', 'k', 'a', 'r', 'o', 's', '-', 'n', 'e', 't', 'w', 'o', 'r', 'k', '.', 'n', 'e', 't', '\0',
   /* "bdsmxxxpics.com", true */ 'b', 'd', 's', 'm', 'x', 'x', 'x', 'p', 'i', 'c', 's', '.', 'c', 'o', 'm', '\0',
   /* "bdvg.org", true */ 'b', 'd', 'v', 'g', '.', 'o', 'r', 'g', '\0',
   /* "be-ka-tec.de", true */ 'b', 'e', '-', 'k', 'a', '-', 't', 'e', 'c', '.', 'd', 'e', '\0',
   /* "be-real.life", true */ 'b', 'e', '-', 'r', 'e', 'a', 'l', '.', 'l', 'i', 'f', 'e', '\0',
   /* "be-webdesign.com", true */ 'b', 'e', '-', 'w', 'e', 'b', 'd', 'e', 's', 'i', 'g', 'n', '.', 'c', 'o', 'm', '\0',
   /* "be2cloud.de", true */ 'b', 'e', '2', 'c', 'l', 'o', 'u', 'd', '.', 'd', 'e', '\0',
   /* "beadare.com", true */ 'b', 'e', 'a', 'd', 'a', 'r', 'e', '.', 'c', 'o', 'm', '\0',
@@ -2124,16 +2113,17 @@ static const char kSTSHostTable[] = {
   /* "bennink.me", true */ 'b', 'e', 'n', 'n', 'i', 'n', 'k', '.', 'm', 'e', '\0',
   /* "benno.frl", true */ 'b', 'e', 'n', 'n', 'o', '.', 'f', 'r', 'l', '\0',
   /* "bennythink.com", true */ 'b', 'e', 'n', 'n', 'y', 't', 'h', 'i', 'n', 'k', '.', 'c', 'o', 'm', '\0',
   /* "benschnarr.com", true */ 'b', 'e', 'n', 's', 'c', 'h', 'n', 'a', 'r', 'r', '.', 'c', 'o', 'm', '\0',
   /* "benscobie.com", true */ 'b', 'e', 'n', 's', 'c', 'o', 'b', 'i', 'e', '.', 'c', 'o', 'm', '\0',
   /* "bentertain.de", true */ 'b', 'e', 'n', 't', 'e', 'r', 't', 'a', 'i', 'n', '.', 'd', 'e', '\0',
   /* "bentley.link", true */ 'b', 'e', 'n', 't', 'l', 'e', 'y', '.', 'l', 'i', 'n', 'k', '\0',
   /* "bentrask.com", true */ 'b', 'e', 'n', 't', 'r', 'a', 's', 'k', '.', 'c', 'o', 'm', '\0',
+  /* "benwattie.com", true */ 'b', 'e', 'n', 'w', 'a', 't', 't', 'i', 'e', '.', 'c', 'o', 'm', '\0',
   /* "benzou-space.com", true */ 'b', 'e', 'n', 'z', 'o', 'u', '-', 's', 'p', 'a', 'c', 'e', '.', 'c', 'o', 'm', '\0',
   /* "beoordelingen.be", true */ 'b', 'e', 'o', 'o', 'r', 'd', 'e', 'l', 'i', 'n', 'g', 'e', 'n', '.', 'b', 'e', '\0',
   /* "bep362.vn", true */ 'b', 'e', 'p', '3', '6', '2', '.', 'v', 'n', '\0',
   /* "beranovi.com", true */ 'b', 'e', 'r', 'a', 'n', 'o', 'v', 'i', '.', 'c', 'o', 'm', '\0',
   /* "berdu.id", true */ 'b', 'e', 'r', 'd', 'u', '.', 'i', 'd', '\0',
   /* "bergenhave.nl", true */ 'b', 'e', 'r', 'g', 'e', 'n', 'h', 'a', 'v', 'e', '.', 'n', 'l', '\0',
   /* "bergland-seefeld.at", true */ 'b', 'e', 'r', 'g', 'l', 'a', 'n', 'd', '-', 's', 'e', 'e', 'f', 'e', 'l', 'd', '.', 'a', 't', '\0',
   /* "bergstoneware.com", true */ 'b', 'e', 'r', 'g', 's', 't', 'o', 'n', 'e', 'w', 'a', 'r', 'e', '.', 'c', 'o', 'm', '\0',
@@ -2152,16 +2142,17 @@ static const char kSTSHostTable[] = {
   /* "bersierservices.ch", true */ 'b', 'e', 'r', 's', 'i', 'e', 'r', 's', 'e', 'r', 'v', 'i', 'c', 'e', 's', '.', 'c', 'h', '\0',
   /* "bersotavocats.fr", true */ 'b', 'e', 'r', 's', 'o', 't', 'a', 'v', 'o', 'c', 'a', 't', 's', '.', 'f', 'r', '\0',
   /* "berst.cz", true */ 'b', 'e', 'r', 's', 't', '.', 'c', 'z', '\0',
   /* "berthabailey.com", true */ 'b', 'e', 'r', 't', 'h', 'a', 'b', 'a', 'i', 'l', 'e', 'y', '.', 'c', 'o', 'm', '\0',
   /* "bertholdsson.com", true */ 'b', 'e', 'r', 't', 'h', 'o', 'l', 'd', 's', 's', 'o', 'n', '.', 'c', 'o', 'm', '\0',
   /* "bertoliniodontoiatria.it", true */ 'b', 'e', 'r', 't', 'o', 'l', 'i', 'n', 'i', 'o', 'd', 'o', 'n', 't', 'o', 'i', 'a', 't', 'r', 'i', 'a', '.', 'i', 't', '\0',
   /* "bertrand.bio", true */ 'b', 'e', 'r', 't', 'r', 'a', 'n', 'd', '.', 'b', 'i', 'o', '\0',
   /* "beryl.net", true */ 'b', 'e', 'r', 'y', 'l', '.', 'n', 'e', 't', '\0',
+  /* "besnik.de", true */ 'b', 'e', 's', 'n', 'i', 'k', '.', 'd', 'e', '\0',
   /* "bespokestraps.com", true */ 'b', 'e', 's', 'p', 'o', 'k', 'e', 's', 't', 'r', 'a', 'p', 's', '.', 'c', 'o', 'm', '\0',
   /* "best-wallpaper.net", true */ 'b', 'e', 's', 't', '-', 'w', 'a', 'l', 'l', 'p', 'a', 'p', 'e', 'r', '.', 'n', 'e', 't', '\0',
   /* "best-wedding-quotes.com", true */ 'b', 'e', 's', 't', '-', 'w', 'e', 'd', 'd', 'i', 'n', 'g', '-', 'q', 'u', 'o', 't', 'e', 's', '.', 'c', 'o', 'm', '\0',
   /* "best10websitebuilders.com", true */ 'b', 'e', 's', 't', '1', '0', 'w', 'e', 'b', 's', 'i', 't', 'e', 'b', 'u', 'i', 'l', 'd', 'e', 'r', 's', '.', 'c', 'o', 'm', '\0',
   /* "bestbestbitcoin.com", true */ 'b', 'e', 's', 't', 'b', 'e', 's', 't', 'b', 'i', 't', 'c', 'o', 'i', 'n', '.', 'c', 'o', 'm', '\0',
   /* "bestbrakes.com", true */ 'b', 'e', 's', 't', 'b', 'r', 'a', 'k', 'e', 's', '.', 'c', 'o', 'm', '\0',
   /* "bestbridal.top", true */ 'b', 'e', 's', 't', 'b', 'r', 'i', 'd', 'a', 'l', '.', 't', 'o', 'p', '\0',
   /* "bestellipticalmachinereview.info", true */ 'b', 'e', 's', 't', 'e', 'l', 'l', 'i', 'p', 't', 'i', 'c', 'a', 'l', 'm', 'a', 'c', 'h', 'i', 'n', 'e', 'r', 'e', 'v', 'i', 'e', 'w', '.', 'i', 'n', 'f', 'o', '\0',
@@ -2654,16 +2645,18 @@ static const char kSTSHostTable[] = {
   /* "book-of-ra.de", true */ 'b', 'o', 'o', 'k', '-', 'o', 'f', '-', 'r', 'a', '.', 'd', 'e', '\0',
   /* "bookingapp.nl", true */ 'b', 'o', 'o', 'k', 'i', 'n', 'g', 'a', 'p', 'p', '.', 'n', 'l', '\0',
   /* "bookluk.com", true */ 'b', 'o', 'o', 'k', 'l', 'u', 'k', '.', 'c', 'o', 'm', '\0',
   /* "bookmein.in", true */ 'b', 'o', 'o', 'k', 'm', 'e', 'i', 'n', '.', 'i', 'n', '\0',
   /* "bookshopofindia.com", true */ 'b', 'o', 'o', 'k', 's', 'h', 'o', 'p', 'o', 'f', 'i', 'n', 'd', 'i', 'a', '.', 'c', 'o', 'm', '\0',
   /* "bookwitty.social", true */ 'b', 'o', 'o', 'k', 'w', 'i', 't', 't', 'y', '.', 's', 'o', 'c', 'i', 'a', 'l', '\0',
   /* "bool.be", true */ 'b', 'o', 'o', 'l', '.', 'b', 'e', '\0',
   /* "boomersurf.com", true */ 'b', 'o', 'o', 'm', 'e', 'r', 's', 'u', 'r', 'f', '.', 'c', 'o', 'm', '\0',
+  /* "boomshelf.com", true */ 'b', 'o', 'o', 'm', 's', 'h', 'e', 'l', 'f', '.', 'c', 'o', 'm', '\0',
+  /* "boomshelf.org", true */ 'b', 'o', 'o', 'm', 's', 'h', 'e', 'l', 'f', '.', 'o', 'r', 'g', '\0',
   /* "boonbox.com", true */ 'b', 'o', 'o', 'n', 'b', 'o', 'x', '.', 'c', 'o', 'm', '\0',
   /* "booox.cc", true */ 'b', 'o', 'o', 'o', 'x', '.', 'c', 'c', '\0',
   /* "booq.org", true */ 'b', 'o', 'o', 'q', '.', 'o', 'r', 'g', '\0',
   /* "booth.in.th", true */ 'b', 'o', 'o', 't', 'h', '.', 'i', 'n', '.', 't', 'h', '\0',
   /* "bootikexpress.fr", true */ 'b', 'o', 'o', 't', 'i', 'k', 'e', 'x', 'p', 'r', 'e', 's', 's', '.', 'f', 'r', '\0',
   /* "boozinyan.com", true */ 'b', 'o', 'o', 'z', 'i', 'n', 'y', 'a', 'n', '.', 'c', 'o', 'm', '\0',
   /* "bopera.co.uk", true */ 'b', 'o', 'p', 'e', 'r', 'a', '.', 'c', 'o', '.', 'u', 'k', '\0',
   /* "borahan.net", true */ 'b', 'o', 'r', 'a', 'h', 'a', 'n', '.', 'n', 'e', 't', '\0',
@@ -2672,17 +2665,16 @@ static const char kSTSHostTable[] = {
   /* "boringsmith.com", true */ 'b', 'o', 'r', 'i', 'n', 'g', 's', 'm', 'i', 't', 'h', '.', 'c', 'o', 'm', '\0',
   /* "boris64.net", true */ 'b', 'o', 'r', 'i', 's', '6', '4', '.', 'n', 'e', 't', '\0',
   /* "borisbesemer.com", true */ 'b', 'o', 'r', 'i', 's', 'b', 'e', 's', 'e', 'm', 'e', 'r', '.', 'c', 'o', 'm', '\0',
   /* "born-to-learn.com", true */ 'b', 'o', 'r', 'n', '-', 't', 'o', '-', 'l', 'e', 'a', 'r', 'n', '.', 'c', 'o', 'm', '\0',
   /* "bornandgrazed.com", true */ 'b', 'o', 'r', 'n', 'a', 'n', 'd', 'g', 'r', 'a', 'z', 'e', 'd', '.', 'c', 'o', 'm', '\0',
   /* "bornhack.dk", true */ 'b', 'o', 'r', 'n', 'h', 'a', 'c', 'k', '.', 'd', 'k', '\0',
   /* "borowski.pw", true */ 'b', 'o', 'r', 'o', 'w', 's', 'k', 'i', '.', 'p', 'w', '\0',
   /* "borrelioz.com", true */ 'b', 'o', 'r', 'r', 'e', 'l', 'i', 'o', 'z', '.', 'c', 'o', 'm', '\0',
-  /* "borscheid-wenig.com", true */ 'b', 'o', 'r', 's', 'c', 'h', 'e', 'i', 'd', '-', 'w', 'e', 'n', 'i', 'g', '.', 'c', 'o', 'm', '\0',
   /* "borysek.net", true */ 'b', 'o', 'r', 'y', 's', 'e', 'k', '.', 'n', 'e', 't', '\0',
   /* "borzoi.com.br", true */ 'b', 'o', 'r', 'z', 'o', 'i', '.', 'c', 'o', 'm', '.', 'b', 'r', '\0',
   /* "boss.az", true */ 'b', 'o', 's', 's', '.', 'a', 'z', '\0',
   /* "bostadsportal.se", true */ 'b', 'o', 's', 't', 'a', 'd', 's', 'p', 'o', 'r', 't', 'a', 'l', '.', 's', 'e', '\0',
   /* "bosun.io", true */ 'b', 'o', 's', 'u', 'n', '.', 'i', 'o', '\0',
   /* "bosworthdental.co.uk", true */ 'b', 'o', 's', 'w', 'o', 'r', 't', 'h', 'd', 'e', 'n', 't', 'a', 'l', '.', 'c', 'o', '.', 'u', 'k', '\0',
   /* "bottaerisposta.net", true */ 'b', 'o', 't', 't', 'a', 'e', 'r', 'i', 's', 'p', 'o', 's', 't', 'a', '.', 'n', 'e', 't', '\0',
   /* "bottineauneighborhood.org", true */ 'b', 'o', 't', 't', 'i', 'n', 'e', 'a', 'u', 'n', 'e', 'i', 'g', 'h', 'b', 'o', 'r', 'h', 'o', 'o', 'd', '.', 'o', 'r', 'g', '\0',
@@ -2728,17 +2720,16 @@ static const char kSTSHostTable[] = {
   /* "br.search.yahoo.com", false */ 'b', 'r', '.', 's', 'e', 'a', 'r', 'c', 'h', '.', 'y', 'a', 'h', 'o', 'o', '.', 'c', 'o', 'm', '\0',
   /* "bracho.xyz", true */ 'b', 'r', 'a', 'c', 'h', 'o', '.', 'x', 'y', 'z', '\0',
   /* "bracoitaliano.com.br", true */ 'b', 'r', 'a', 'c', 'o', 'i', 't', 'a', 'l', 'i', 'a', 'n', 'o', '.', 'c', 'o', 'm', '.', 'b', 'r', '\0',
   /* "bradbrockmeyer.com", true */ 'b', 'r', 'a', 'd', 'b', 'r', 'o', 'c', 'k', 'm', 'e', 'y', 'e', 'r', '.', 'c', 'o', 'm', '\0',
   /* "bradkovach.com", true */ 'b', 'r', 'a', 'd', 'k', 'o', 'v', 'a', 'c', 'h', '.', 'c', 'o', 'm', '\0',
   /* "bradler.net", true */ 'b', 'r', 'a', 'd', 'l', 'e', 'r', '.', 'n', 'e', 't', '\0',
   /* "bradlinder.org", true */ 'b', 'r', 'a', 'd', 'l', 'i', 'n', 'd', 'e', 'r', '.', 'o', 'r', 'g', '\0',
   /* "braemer-it-consulting.de", true */ 'b', 'r', 'a', 'e', 'm', 'e', 'r', '-', 'i', 't', '-', 'c', 'o', 'n', 's', 'u', 'l', 't', 'i', 'n', 'g', '.', 'd', 'e', '\0',
-  /* "bragasoft.com.br", true */ 'b', 'r', 'a', 'g', 'a', 's', 'o', 'f', 't', '.', 'c', 'o', 'm', '.', 'b', 'r', '\0',
   /* "brahmins.com", true */ 'b', 'r', 'a', 'h', 'm', 'i', 'n', 's', '.', 'c', 'o', 'm', '\0',
   /* "brahmstaedt.de", true */ 'b', 'r', 'a', 'h', 'm', 's', 't', 'a', 'e', 'd', 't', '.', 'd', 'e', '\0',
   /* "braiampeguero.xyz", true */ 'b', 'r', 'a', 'i', 'a', 'm', 'p', 'e', 'g', 'u', 'e', 'r', 'o', '.', 'x', 'y', 'z', '\0',
   /* "brain-e.co", true */ 'b', 'r', 'a', 'i', 'n', '-', 'e', '.', 'c', 'o', '\0',
   /* "brain-force.ch", true */ 'b', 'r', 'a', 'i', 'n', '-', 'f', 'o', 'r', 'c', 'e', '.', 'c', 'h', '\0',
   /* "brainfork.org", true */ 'b', 'r', 'a', 'i', 'n', 'f', 'o', 'r', 'k', '.', 'o', 'r', 'g', '\0',
   /* "brainhub.nl", true */ 'b', 'r', 'a', 'i', 'n', 'h', 'u', 'b', '.', 'n', 'l', '\0',
   /* "brainlag.org", true */ 'b', 'r', 'a', 'i', 'n', 'l', 'a', 'g', '.', 'o', 'r', 'g', '\0',
@@ -3009,16 +3000,17 @@ static const char kSTSHostTable[] = {
   /* "buzzprint.it", true */ 'b', 'u', 'z', 'z', 'p', 'r', 'i', 'n', 't', '.', 'i', 't', '\0',
   /* "buzztelco.com.au", true */ 'b', 'u', 'z', 'z', 't', 'e', 'l', 'c', 'o', '.', 'c', 'o', 'm', '.', 'a', 'u', '\0',
   /* "bvalle.com", true */ 'b', 'v', 'a', 'l', 'l', 'e', '.', 'c', 'o', 'm', '\0',
   /* "bvexplained.co.uk", true */ 'b', 'v', 'e', 'x', 'p', 'l', 'a', 'i', 'n', 'e', 'd', '.', 'c', 'o', '.', 'u', 'k', '\0',
   /* "bvionline.eu", true */ 'b', 'v', 'i', 'o', 'n', 'l', 'i', 'n', 'e', '.', 'e', 'u', '\0',
   /* "bw.codes", true */ 'b', 'w', '.', 'c', 'o', 'd', 'e', 's', '\0',
   /* "bwcscorecard.org", true */ 'b', 'w', 'c', 's', 'c', 'o', 'r', 'e', 'c', 'a', 'r', 'd', '.', 'o', 'r', 'g', '\0',
   /* "bwh1.net", true */ 'b', 'w', 'h', '1', '.', 'n', 'e', 't', '\0',
+  /* "bwilkinson.co.uk", true */ 'b', 'w', 'i', 'l', 'k', 'i', 'n', 's', 'o', 'n', '.', 'c', 'o', '.', 'u', 'k', '\0',
   /* "bws16.de", true */ 'b', 'w', 's', '1', '6', '.', 'd', 'e', '\0',
   /* "bwwb.nu", true */ 'b', 'w', 'w', 'b', '.', 'n', 'u', '\0',
   /* "bx-n.de", true */ 'b', 'x', '-', 'n', '.', 'd', 'e', '\0',
   /* "bxdev.me", true */ 'b', 'x', 'd', 'e', 'v', '.', 'm', 'e', '\0',
   /* "bxp40.at", true */ 'b', 'x', 'p', '4', '0', '.', 'a', 't', '\0',
   /* "by77.com", true */ 'b', 'y', '7', '7', '.', 'c', 'o', 'm', '\0',
   /* "by777.com", true */ 'b', 'y', '7', '7', '7', '.', 'c', 'o', 'm', '\0',
   /* "bygningsregistrering.dk", true */ 'b', 'y', 'g', 'n', 'i', 'n', 'g', 's', 'r', 'e', 'g', 'i', 's', 't', 'r', 'e', 'r', 'i', 'n', 'g', '.', 'd', 'k', '\0',
@@ -3297,16 +3289,17 @@ static const char kSTSHostTable[] = {
   /* "cartucce24.it", true */ 'c', 'a', 'r', 't', 'u', 'c', 'c', 'e', '2', '4', '.', 'i', 't', '\0',
   /* "carusorealestate.com", true */ 'c', 'a', 'r', 'u', 's', 'o', 'r', 'e', 'a', 'l', 'e', 's', 't', 'a', 't', 'e', '.', 'c', 'o', 'm', '\0',
   /* "casa-due-pur.com", true */ 'c', 'a', 's', 'a', '-', 'd', 'u', 'e', '-', 'p', 'u', 'r', '.', 'c', 'o', 'm', '\0',
   /* "casa-due-pur.de", true */ 'c', 'a', 's', 'a', '-', 'd', 'u', 'e', '-', 'p', 'u', 'r', '.', 'd', 'e', '\0',
   /* "casa-due.com", true */ 'c', 'a', 's', 'a', '-', 'd', 'u', 'e', '.', 'c', 'o', 'm', '\0',
   /* "casa-su.casa", true */ 'c', 'a', 's', 'a', '-', 's', 'u', '.', 'c', 'a', 's', 'a', '\0',
   /* "casbuijs.nl", true */ 'c', 'a', 's', 'b', 'u', 'i', 'j', 's', '.', 'n', 'l', '\0',
   /* "casburggraaf.com", true */ 'c', 'a', 's', 'b', 'u', 'r', 'g', 'g', 'r', 'a', 'a', 'f', '.', 'c', 'o', 'm', '\0',
+  /* "cash-pos.com", true */ 'c', 'a', 's', 'h', '-', 'p', 'o', 's', '.', 'c', 'o', 'm', '\0',
   /* "cashew3d.com", true */ 'c', 'a', 's', 'h', 'e', 'w', '3', 'd', '.', 'c', 'o', 'm', '\0',
   /* "cashfortulsahouses.com", true */ 'c', 'a', 's', 'h', 'f', 'o', 'r', 't', 'u', 'l', 's', 'a', 'h', 'o', 'u', 's', 'e', 's', '.', 'c', 'o', 'm', '\0',
   /* "cashless.fr", true */ 'c', 'a', 's', 'h', 'l', 'e', 's', 's', '.', 'f', 'r', '\0',
   /* "cashlink.de", true */ 'c', 'a', 's', 'h', 'l', 'i', 'n', 'k', '.', 'd', 'e', '\0',
   /* "cashplk.com", true */ 'c', 'a', 's', 'h', 'p', 'l', 'k', '.', 'c', 'o', 'm', '\0',
   /* "casinolegal.pt", true */ 'c', 'a', 's', 'i', 'n', 'o', 'l', 'e', 'g', 'a', 'l', '.', 'p', 't', '\0',
   /* "casinolistings.com", true */ 'c', 'a', 's', 'i', 'n', 'o', 'l', 'i', 's', 't', 'i', 'n', 'g', 's', '.', 'c', 'o', 'm', '\0',
   /* "casinoreal.com", true */ 'c', 'a', 's', 'i', 'n', 'o', 'r', 'e', 'a', 'l', '.', 'c', 'o', 'm', '\0',
@@ -3343,17 +3336,16 @@ static const char kSTSHostTable[] = {
   /* "cavzodiaco.com.br", true */ 'c', 'a', 'v', 'z', 'o', 'd', 'i', 'a', 'c', 'o', '.', 'c', 'o', 'm', '.', 'b', 'r', '\0',
   /* "caylercapital.com", true */ 'c', 'a', 'y', 'l', 'e', 'r', 'c', 'a', 'p', 'i', 't', 'a', 'l', '.', 'c', 'o', 'm', '\0',
   /* "cazes.info", true */ 'c', 'a', 'z', 'e', 's', '.', 'i', 'n', 'f', 'o', '\0',
   /* "cbamo.org", true */ 'c', 'b', 'a', 'm', 'o', '.', 'o', 'r', 'g', '\0',
   /* "cbbank.com", true */ 'c', 'b', 'b', 'a', 'n', 'k', '.', 'c', 'o', 'm', '\0',
   /* "cbd.supply", true */ 'c', 'b', 'd', '.', 's', 'u', 'p', 'p', 'l', 'y', '\0',
   /* "cbdev.de", true */ 'c', 'b', 'd', 'e', 'v', '.', 'd', 'e', '\0',
   /* "cbecrft.net", true */ 'c', 'b', 'e', 'c', 'r', 'f', 't', '.', 'n', 'e', 't', '\0',
-  /* "cbengineeringinc.com", true */ 'c', 'b', 'e', 'n', 'g', 'i', 'n', 'e', 'e', 'r', 'i', 'n', 'g', 'i', 'n', 'c', '.', 'c', 'o', 'm', '\0',
   /* "cbintermountainrealty.com", true */ 'c', 'b', 'i', 'n', 't', 'e', 'r', 'm', 'o', 'u', 'n', 't', 'a', 'i', 'n', 'r', 'e', 'a', 'l', 't', 'y', '.', 'c', 'o', 'm', '\0',
   /* "ccac.gov", true */ 'c', 'c', 'a', 'c', '.', 'g', 'o', 'v', '\0',
   /* "ccayearbook.com", true */ 'c', 'c', 'a', 'y', 'e', 'a', 'r', 'b', 'o', 'o', 'k', '.', 'c', 'o', 'm', '\0',
   /* "ccgn.co", true */ 'c', 'c', 'g', 'n', '.', 'c', 'o', '\0',
   /* "ccja.ro", false */ 'c', 'c', 'j', 'a', '.', 'r', 'o', '\0',
   /* "ccl-sti.ch", true */ 'c', 'c', 'l', '-', 's', 't', 'i', '.', 'c', 'h', '\0',
   /* "ccsys.com", true */ 'c', 'c', 's', 'y', 's', '.', 'c', 'o', 'm', '\0',
   /* "cctld.com", true */ 'c', 'c', 't', 'l', 'd', '.', 'c', 'o', 'm', '\0',
@@ -3443,17 +3435,16 @@ static const char kSTSHostTable[] = {
   /* "cesipagano.com", true */ 'c', 'e', 's', 'i', 'p', 'a', 'g', 'a', 'n', 'o', '.', 'c', 'o', 'm', '\0',
   /* "cesobaly.cz", true */ 'c', 'e', 's', 'o', 'b', 'a', 'l', 'y', '.', 'c', 'z', '\0',
   /* "cestlav.it", true */ 'c', 'e', 's', 't', 'l', 'a', 'v', '.', 'i', 't', '\0',
   /* "cetamol.com", true */ 'c', 'e', 't', 'a', 'm', 'o', 'l', '.', 'c', 'o', 'm', '\0',
   /* "ceu.edu", false */ 'c', 'e', 'u', '.', 'e', 'd', 'u', '\0',
   /* "ceyizlikelisleri.com", true */ 'c', 'e', 'y', 'i', 'z', 'l', 'i', 'k', 'e', 'l', 'i', 's', 'l', 'e', 'r', 'i', '.', 'c', 'o', 'm', '\0',
   /* "cf-ide.de", true */ 'c', 'f', '-', 'i', 'd', 'e', '.', 'd', 'e', '\0',
   /* "cfa.gov", true */ 'c', 'f', 'a', '.', 'g', 'o', 'v', '\0',
-  /* "cfan.space", true */ 'c', 'f', 'a', 'n', '.', 's', 'p', 'a', 'c', 'e', '\0',
   /* "cfcnexus.org", true */ 'c', 'f', 'c', 'n', 'e', 'x', 'u', 's', '.', 'o', 'r', 'g', '\0',
   /* "cfh.com", true */ 'c', 'f', 'h', '.', 'c', 'o', 'm', '\0',
   /* "cfo.gov", true */ 'c', 'f', 'o', '.', 'g', 'o', 'v', '\0',
   /* "cfxdesign.com", true */ 'c', 'f', 'x', 'd', 'e', 's', 'i', 'g', 'n', '.', 'c', 'o', 'm', '\0',
   /* "cg-systems.hu", true */ 'c', 'g', '-', 's', 'y', 's', 't', 'e', 'm', 's', '.', 'h', 'u', '\0',
   /* "cgan.de", true */ 'c', 'g', 'a', 'n', '.', 'd', 'e', '\0',
   /* "cgan.pw", true */ 'c', 'g', 'a', 'n', '.', 'p', 'w', '\0',
   /* "cgbassurances.ch", true */ 'c', 'g', 'b', 'a', 's', 's', 'u', 'r', 'a', 'n', 'c', 'e', 's', '.', 'c', 'h', '\0',
@@ -3664,16 +3655,17 @@ static const char kSTSHostTable[] = {
   /* "christian-host.com", true */ 'c', 'h', 'r', 'i', 's', 't', 'i', 'a', 'n', '-', 'h', 'o', 's', 't', '.', 'c', 'o', 'm', '\0',
   /* "christianforums.com", true */ 'c', 'h', 'r', 'i', 's', 't', 'i', 'a', 'n', 'f', 'o', 'r', 'u', 'm', 's', '.', 'c', 'o', 'm', '\0',
   /* "christiangaetano.com", true */ 'c', 'h', 'r', 'i', 's', 't', 'i', 'a', 'n', 'g', 'a', 'e', 't', 'a', 'n', 'o', '.', 'c', 'o', 'm', '\0',
   /* "christianhospitaltank.org", true */ 'c', 'h', 'r', 'i', 's', 't', 'i', 'a', 'n', 'h', 'o', 's', 'p', 'i', 't', 'a', 'l', 't', 'a', 'n', 'k', '.', 'o', 'r', 'g', '\0',
   /* "christianliebel.com", true */ 'c', 'h', 'r', 'i', 's', 't', 'i', 'a', 'n', 'l', 'i', 'e', 'b', 'e', 'l', '.', 'c', 'o', 'm', '\0',
   /* "christianpusch.de", true */ 'c', 'h', 'r', 'i', 's', 't', 'i', 'a', 'n', 'p', 'u', 's', 'c', 'h', '.', 'd', 'e', '\0',
   /* "christians.dating", true */ 'c', 'h', 'r', 'i', 's', 't', 'i', 'a', 'n', 's', '.', 'd', 'a', 't', 'i', 'n', 'g', '\0',
   /* "christiansayswords.com", true */ 'c', 'h', 'r', 'i', 's', 't', 'i', 'a', 'n', 's', 'a', 'y', 's', 'w', 'o', 'r', 'd', 's', '.', 'c', 'o', 'm', '\0',
+  /* "christianscholz.de", true */ 'c', 'h', 'r', 'i', 's', 't', 'i', 'a', 'n', 's', 'c', 'h', 'o', 'l', 'z', '.', 'd', 'e', '\0',
   /* "christianscholz.eu", true */ 'c', 'h', 'r', 'i', 's', 't', 'i', 'a', 'n', 's', 'c', 'h', 'o', 'l', 'z', '.', 'e', 'u', '\0',
   /* "christiesantiques.com", true */ 'c', 'h', 'r', 'i', 's', 't', 'i', 'e', 's', 'a', 'n', 't', 'i', 'q', 'u', 'e', 's', '.', 'c', 'o', 'm', '\0',
   /* "christina-quast.de", true */ 'c', 'h', 'r', 'i', 's', 't', 'i', 'n', 'a', '-', 'q', 'u', 'a', 's', 't', '.', 'd', 'e', '\0',
   /* "christmascard.be", true */ 'c', 'h', 'r', 'i', 's', 't', 'm', 'a', 's', 'c', 'a', 'r', 'd', '.', 'b', 'e', '\0',
   /* "christoph-conrads.name", true */ 'c', 'h', 'r', 'i', 's', 't', 'o', 'p', 'h', '-', 'c', 'o', 'n', 'r', 'a', 'd', 's', '.', 'n', 'a', 'm', 'e', '\0',
   /* "christopherburg.com", true */ 'c', 'h', 'r', 'i', 's', 't', 'o', 'p', 'h', 'e', 'r', 'b', 'u', 'r', 'g', '.', 'c', 'o', 'm', '\0',
   /* "christopherl.com", true */ 'c', 'h', 'r', 'i', 's', 't', 'o', 'p', 'h', 'e', 'r', 'l', '.', 'c', 'o', 'm', '\0',
   /* "christopherpritchard.co.uk", true */ 'c', 'h', 'r', 'i', 's', 't', 'o', 'p', 'h', 'e', 'r', 'p', 'r', 'i', 't', 'c', 'h', 'a', 'r', 'd', '.', 'c', 'o', '.', 'u', 'k', '\0',
@@ -3817,16 +3809,17 @@ static const char kSTSHostTable[] = {
   /* "clic-music.com", true */ 'c', 'l', 'i', 'c', '-', 'm', 'u', 's', 'i', 'c', '.', 'c', 'o', 'm', '\0',
   /* "click-licht.de", true */ 'c', 'l', 'i', 'c', 'k', '-', 'l', 'i', 'c', 'h', 't', '.', 'd', 'e', '\0',
   /* "clickclickphish.com", false */ 'c', 'l', 'i', 'c', 'k', 'c', 'l', 'i', 'c', 'k', 'p', 'h', 'i', 's', 'h', '.', 'c', 'o', 'm', '\0',
   /* "clickclock.cc", true */ 'c', 'l', 'i', 'c', 'k', 'c', 'l', 'o', 'c', 'k', '.', 'c', 'c', '\0',
   /* "clickenergy.com.au", true */ 'c', 'l', 'i', 'c', 'k', 'e', 'n', 'e', 'r', 'g', 'y', '.', 'c', 'o', 'm', '.', 'a', 'u', '\0',
   /* "clickforclever.com", true */ 'c', 'l', 'i', 'c', 'k', 'f', 'o', 'r', 'c', 'l', 'e', 'v', 'e', 'r', '.', 'c', 'o', 'm', '\0',
   /* "clickphish.com", true */ 'c', 'l', 'i', 'c', 'k', 'p', 'h', 'i', 's', 'h', '.', 'c', 'o', 'm', '\0',
   /* "clicks.co.za", true */ 'c', 'l', 'i', 'c', 'k', 's', '.', 'c', 'o', '.', 'z', 'a', '\0',
+  /* "clientboss.com", true */ 'c', 'l', 'i', 'e', 'n', 't', 'b', 'o', 's', 's', '.', 'c', 'o', 'm', '\0',
   /* "clifflu.net", true */ 'c', 'l', 'i', 'f', 'f', 'l', 'u', '.', 'n', 'e', 't', '\0',
   /* "cliftons.com", true */ 'c', 'l', 'i', 'f', 't', 'o', 'n', 's', '.', 'c', 'o', 'm', '\0',
   /* "climaprecio.es", true */ 'c', 'l', 'i', 'm', 'a', 'p', 'r', 'e', 'c', 'i', 'o', '.', 'e', 's', '\0',
   /* "climateinteractive.org", true */ 'c', 'l', 'i', 'm', 'a', 't', 'e', 'i', 'n', 't', 'e', 'r', 'a', 'c', 't', 'i', 'v', 'e', '.', 'o', 'r', 'g', '\0',
   /* "climatestew.com", true */ 'c', 'l', 'i', 'm', 'a', 't', 'e', 's', 't', 'e', 'w', '.', 'c', 'o', 'm', '\0',
   /* "clinicadam.com", true */ 'c', 'l', 'i', 'n', 'i', 'c', 'a', 'd', 'a', 'm', '.', 'c', 'o', 'm', '\0',
   /* "clinicadelogopedia.net", true */ 'c', 'l', 'i', 'n', 'i', 'c', 'a', 'd', 'e', 'l', 'o', 'g', 'o', 'p', 'e', 'd', 'i', 'a', '.', 'n', 'e', 't', '\0',
   /* "clinicaltrials.gov", true */ 'c', 'l', 'i', 'n', 'i', 'c', 'a', 'l', 't', 'r', 'i', 'a', 'l', 's', '.', 'g', 'o', 'v', '\0',
@@ -3841,28 +3834,26 @@ static const char kSTSHostTable[] = {
   /* "clochix.net", true */ 'c', 'l', 'o', 'c', 'h', 'i', 'x', '.', 'n', 'e', 't', '\0',
   /* "clockcaster.com", true */ 'c', 'l', 'o', 'c', 'k', 'c', 'a', 's', 't', 'e', 'r', '.', 'c', 'o', 'm', '\0',
   /* "clockworksms.com", true */ 'c', 'l', 'o', 'c', 'k', 'w', 'o', 'r', 'k', 's', 'm', 's', '.', 'c', 'o', 'm', '\0',
   /* "clojurescript.ru", true */ 'c', 'l', 'o', 'j', 'u', 'r', 'e', 's', 'c', 'r', 'i', 'p', 't', '.', 'r', 'u', '\0',
   /* "close.com", false */ 'c', 'l', 'o', 's', 'e', '.', 'c', 'o', 'm', '\0',
   /* "closeli.cn", true */ 'c', 'l', 'o', 's', 'e', 'l', 'i', '.', 'c', 'n', '\0',
   /* "closeli.com", false */ 'c', 'l', 'o', 's', 'e', 'l', 'i', '.', 'c', 'o', 'm', '\0',
   /* "closelinksecurity.co.uk", true */ 'c', 'l', 'o', 's', 'e', 'l', 'i', 'n', 'k', 's', 'e', 'c', 'u', 'r', 'i', 't', 'y', '.', 'c', 'o', '.', 'u', 'k', '\0',
-  /* "closelinksecurity.com", true */ 'c', 'l', 'o', 's', 'e', 'l', 'i', 'n', 'k', 's', 'e', 'c', 'u', 'r', 'i', 't', 'y', '.', 'c', 'o', 'm', '\0',
   /* "closetemail.com", true */ 'c', 'l', 'o', 's', 'e', 't', 'e', 'm', 'a', 'i', 'l', '.', 'c', 'o', 'm', '\0',
   /* "closient.com", true */ 'c', 'l', 'o', 's', 'i', 'e', 'n', 't', '.', 'c', 'o', 'm', '\0',
   /* "closingholding.com", true */ 'c', 'l', 'o', 's', 'i', 'n', 'g', 'h', 'o', 'l', 'd', 'i', 'n', 'g', '.', 'c', 'o', 'm', '\0',
   /* "cloud-crowd.com.au", true */ 'c', 'l', 'o', 'u', 'd', '-', 'c', 'r', 'o', 'w', 'd', '.', 'c', 'o', 'm', '.', 'a', 'u', '\0',
   /* "cloud-surfer.net", true */ 'c', 'l', 'o', 'u', 'd', '-', 's', 'u', 'r', 'f', 'e', 'r', '.', 'n', 'e', 't', '\0',
   /* "cloud.google.com", true */ 'c', 'l', 'o', 'u', 'd', '.', 'g', 'o', 'o', 'g', 'l', 'e', '.', 'c', 'o', 'm', '\0',
   /* "cloud.gov", false */ 'c', 'l', 'o', 'u', 'd', '.', 'g', 'o', 'v', '\0',
   /* "cloudapps.digital", true */ 'c', 'l', 'o', 'u', 'd', 'a', 'p', 'p', 's', '.', 'd', 'i', 'g', 'i', 't', 'a', 'l', '\0',
   /* "cloudbased.info", true */ 'c', 'l', 'o', 'u', 'd', 'b', 'a', 's', 'e', 'd', '.', 'i', 'n', 'f', 'o', '\0',
   /* "cloudbasedsite.com", true */ 'c', 'l', 'o', 'u', 'd', 'b', 'a', 's', 'e', 'd', 's', 'i', 't', 'e', '.', 'c', 'o', 'm', '\0',
-  /* "cloudbleed.info", true */ 'c', 'l', 'o', 'u', 'd', 'b', 'l', 'e', 'e', 'd', '.', 'i', 'n', 'f', 'o', '\0',
   /* "cloudbolin.es", true */ 'c', 'l', 'o', 'u', 'd', 'b', 'o', 'l', 'i', 'n', '.', 'e', 's', '\0',
   /* "cloudcaprice.net", true */ 'c', 'l', 'o', 'u', 'd', 'c', 'a', 'p', 'r', 'i', 'c', 'e', '.', 'n', 'e', 't', '\0',
   /* "cloudflareonazure.com", true */ 'c', 'l', 'o', 'u', 'd', 'f', 'l', 'a', 'r', 'e', 'o', 'n', 'a', 'z', 'u', 'r', 'e', '.', 'c', 'o', 'm', '\0',
   /* "cloudia.org", true */ 'c', 'l', 'o', 'u', 'd', 'i', 'a', '.', 'o', 'r', 'g', '\0',
   /* "cloudily.com", true */ 'c', 'l', 'o', 'u', 'd', 'i', 'l', 'y', '.', 'c', 'o', 'm', '\0',
   /* "cloudmigrator365.com", true */ 'c', 'l', 'o', 'u', 'd', 'm', 'i', 'g', 'r', 'a', 't', 'o', 'r', '3', '6', '5', '.', 'c', 'o', 'm', '\0',
   /* "cloudoptimizedsmb.com", true */ 'c', 'l', 'o', 'u', 'd', 'o', 'p', 't', 'i', 'm', 'i', 'z', 'e', 'd', 's', 'm', 'b', '.', 'c', 'o', 'm', '\0',
   /* "cloudoptimus.com", true */ 'c', 'l', 'o', 'u', 'd', 'o', 'p', 't', 'i', 'm', 'u', 's', '.', 'c', 'o', 'm', '\0',
@@ -3870,17 +3861,16 @@ static const char kSTSHostTable[] = {
   /* "cloudpebble.net", true */ 'c', 'l', 'o', 'u', 'd', 'p', 'e', 'b', 'b', 'l', 'e', '.', 'n', 'e', 't', '\0',
   /* "cloudpengu.in", true */ 'c', 'l', 'o', 'u', 'd', 'p', 'e', 'n', 'g', 'u', '.', 'i', 'n', '\0',
   /* "cloudpipes.com", true */ 'c', 'l', 'o', 'u', 'd', 'p', 'i', 'p', 'e', 's', '.', 'c', 'o', 'm', '\0',
   /* "clouds.webcam", true */ 'c', 'l', 'o', 'u', 'd', 's', '.', 'w', 'e', 'b', 'c', 'a', 'm', '\0',
   /* "cloudsecurityalliance.org", true */ 'c', 'l', 'o', 'u', 'd', 's', 'e', 'c', 'u', 'r', 'i', 't', 'y', 'a', 'l', 'l', 'i', 'a', 'n', 'c', 'e', '.', 'o', 'r', 'g', '\0',
   /* "cloudservice.io", true */ 'c', 'l', 'o', 'u', 'd', 's', 'e', 'r', 'v', 'i', 'c', 'e', '.', 'i', 'o', '\0',
   /* "cloudspace-analytics.com", true */ 'c', 'l', 'o', 'u', 'd', 's', 'p', 'a', 'c', 'e', '-', 'a', 'n', 'a', 'l', 'y', 't', 'i', 'c', 's', '.', 'c', 'o', 'm', '\0',
   /* "cloudspeedy.net", true */ 'c', 'l', 'o', 'u', 'd', 's', 'p', 'e', 'e', 'd', 'y', '.', 'n', 'e', 't', '\0',
-  /* "cloudstrike.co", true */ 'c', 'l', 'o', 'u', 'd', 's', 't', 'r', 'i', 'k', 'e', '.', 'c', 'o', '\0',
   /* "cloudteam.de", true */ 'c', 'l', 'o', 'u', 'd', 't', 'e', 'a', 'm', '.', 'd', 'e', '\0',
   /* "cloudup.com", true */ 'c', 'l', 'o', 'u', 'd', 'u', 'p', '.', 'c', 'o', 'm', '\0',
   /* "cloudwarez.xyz", true */ 'c', 'l', 'o', 'u', 'd', 'w', 'a', 'r', 'e', 'z', '.', 'x', 'y', 'z', '\0',
   /* "clounix.online", true */ 'c', 'l', 'o', 'u', 'n', 'i', 'x', '.', 'o', 'n', 'l', 'i', 'n', 'e', '\0',
   /* "clouz.de", true */ 'c', 'l', 'o', 'u', 'z', '.', 'd', 'e', '\0',
   /* "clovissantos.com", true */ 'c', 'l', 'o', 'v', 'i', 's', 's', 'a', 'n', 't', 'o', 's', '.', 'c', 'o', 'm', '\0',
   /* "clowde.in", true */ 'c', 'l', 'o', 'w', 'd', 'e', '.', 'i', 'n', '\0',
   /* "clownish.co.il", true */ 'c', 'l', 'o', 'w', 'n', 'i', 's', 'h', '.', 'c', 'o', '.', 'i', 'l', '\0',
@@ -3890,17 +3880,16 @@ static const char kSTSHostTable[] = {
   /* "clu-in.org", true */ 'c', 'l', 'u', '-', 'i', 'n', '.', 'o', 'r', 'g', '\0',
   /* "club-is.ru", true */ 'c', 'l', 'u', 'b', '-', 'i', 's', '.', 'r', 'u', '\0',
   /* "clubdeslecteurs.net", true */ 'c', 'l', 'u', 'b', 'd', 'e', 's', 'l', 'e', 'c', 't', 'e', 'u', 'r', 's', '.', 'n', 'e', 't', '\0',
   /* "clubempleos.com", true */ 'c', 'l', 'u', 'b', 'e', 'm', 'p', 'l', 'e', 'o', 's', '.', 'c', 'o', 'm', '\0',
   /* "clubeohara.com", true */ 'c', 'l', 'u', 'b', 'e', 'o', 'h', 'a', 'r', 'a', '.', 'c', 'o', 'm', '\0',
   /* "clubmate.rocks", true */ 'c', 'l', 'u', 'b', 'm', 'a', 't', 'e', '.', 'r', 'o', 'c', 'k', 's', '\0',
   /* "clubmini.jp", true */ 'c', 'l', 'u', 'b', 'm', 'i', 'n', 'i', '.', 'j', 'p', '\0',
   /* "clubon.space", true */ 'c', 'l', 'u', 'b', 'o', 'n', '.', 's', 'p', 'a', 'c', 'e', '\0',
-  /* "clusterfuck.nz", true */ 'c', 'l', 'u', 's', 't', 'e', 'r', 'f', 'u', 'c', 'k', '.', 'n', 'z', '\0',
   /* "clvs7.com", true */ 'c', 'l', 'v', 's', '7', '.', 'c', 'o', 'm', '\0',
   /* "clycat.ru", true */ 'c', 'l', 'y', 'c', 'a', 't', '.', 'r', 'u', '\0',
   /* "cmacacias.ch", true */ 'c', 'm', 'a', 'c', 'a', 'c', 'i', 'a', 's', '.', 'c', 'h', '\0',
   /* "cmahy.be", true */ 'c', 'm', 'a', 'h', 'y', '.', 'b', 'e', '\0',
   /* "cmcressy.ch", true */ 'c', 'm', 'c', 'r', 'e', 's', 's', 'y', '.', 'c', 'h', '\0',
   /* "cmdline.org", true */ 'c', 'm', 'd', 'l', 'i', 'n', 'e', '.', 'o', 'r', 'g', '\0',
   /* "cmlachapelle.ch", true */ 'c', 'm', 'l', 'a', 'c', 'h', 'a', 'p', 'e', 'l', 'l', 'e', '.', 'c', 'h', '\0',
   /* "cmlancy.ch", true */ 'c', 'm', 'l', 'a', 'n', 'c', 'y', '.', 'c', 'h', '\0',
@@ -4117,17 +4106,16 @@ static const char kSTSHostTable[] = {
   /* "completesecurityessex.com", true */ 'c', 'o', 'm', 'p', 'l', 'e', 't', 'e', 's', 'e', 'c', 'u', 'r', 'i', 't', 'y', 'e', 's', 's', 'e', 'x', '.', 'c', 'o', 'm', '\0',
   /* "completesportperformance.com", true */ 'c', 'o', 'm', 'p', 'l', 'e', 't', 'e', 's', 'p', 'o', 'r', 't', 'p', 'e', 'r', 'f', 'o', 'r', 'm', 'a', 'n', 'c', 'e', '.', 'c', 'o', 'm', '\0',
   /* "completionist.me", true */ 'c', 'o', 'm', 'p', 'l', 'e', 't', 'i', 'o', 'n', 'i', 's', 't', '.', 'm', 'e', '\0',
   /* "complexart.ro", true */ 'c', 'o', 'm', 'p', 'l', 'e', 'x', 'a', 'r', 't', '.', 'r', 'o', '\0',
   /* "compliance-systeme.de", true */ 'c', 'o', 'm', 'p', 'l', 'i', 'a', 'n', 'c', 'e', '-', 's', 'y', 's', 't', 'e', 'm', 'e', '.', 'd', 'e', '\0',
   /* "compliancedictionary.com", true */ 'c', 'o', 'm', 'p', 'l', 'i', 'a', 'n', 'c', 'e', 'd', 'i', 'c', 't', 'i', 'o', 'n', 'a', 'r', 'y', '.', 'c', 'o', 'm', '\0',
   /* "complt.xyz", true */ 'c', 'o', 'm', 'p', 'l', 't', '.', 'x', 'y', 'z', '\0',
   /* "compsmag.com", true */ 'c', 'o', 'm', 'p', 's', 'm', 'a', 'g', '.', 'c', 'o', 'm', '\0',
-  /* "compucorner.mx", true */ 'c', 'o', 'm', 'p', 'u', 'c', 'o', 'r', 'n', 'e', 'r', '.', 'm', 'x', '\0',
   /* "computer-acquisti.com", true */ 'c', 'o', 'm', 'p', 'u', 't', 'e', 'r', '-', 'a', 'c', 'q', 'u', 'i', 's', 't', 'i', '.', 'c', 'o', 'm', '\0',
   /* "computerassistance.co.uk", true */ 'c', 'o', 'm', 'p', 'u', 't', 'e', 'r', 'a', 's', 's', 'i', 's', 't', 'a', 'n', 'c', 'e', '.', 'c', 'o', '.', 'u', 'k', '\0',
   /* "computerbase.de", true */ 'c', 'o', 'm', 'p', 'u', 't', 'e', 'r', 'b', 'a', 's', 'e', '.', 'd', 'e', '\0',
   /* "computerhilfe-feucht.de", true */ 'c', 'o', 'm', 'p', 'u', 't', 'e', 'r', 'h', 'i', 'l', 'f', 'e', '-', 'f', 'e', 'u', 'c', 'h', 't', '.', 'd', 'e', '\0',
   /* "computerslotopschool.nl", true */ 'c', 'o', 'm', 'p', 'u', 't', 'e', 'r', 's', 'l', 'o', 't', 'o', 'p', 's', 'c', 'h', 'o', 'o', 'l', '.', 'n', 'l', '\0',
   /* "computertal.de", true */ 'c', 'o', 'm', 'p', 'u', 't', 'e', 'r', 't', 'a', 'l', '.', 'd', 'e', '\0',
   /* "comssa.org.au", true */ 'c', 'o', 'm', 's', 's', 'a', '.', 'o', 'r', 'g', '.', 'a', 'u', '\0',
   /* "concentrade.de", true */ 'c', 'o', 'n', 'c', 'e', 'n', 't', 'r', 'a', 'd', 'e', '.', 'd', 'e', '\0',
@@ -4301,16 +4289,17 @@ static const char kSTSHostTable[] = {
   /* "cpvmatch.eu", true */ 'c', 'p', 'v', 'm', 'a', 't', 'c', 'h', '.', 'e', 'u', '\0',
   /* "cpy.pt", true */ 'c', 'p', 'y', '.', 'p', 't', '\0',
   /* "cqchome.com", true */ 'c', 'q', 'c', 'h', 'o', 'm', 'e', '.', 'c', 'o', 'm', '\0',
   /* "cracker.in.th", true */ 'c', 'r', 'a', 'c', 'k', 'e', 'r', '.', 'i', 'n', '.', 't', 'h', '\0',
   /* "crackingking.com", false */ 'c', 'r', 'a', 'c', 'k', 'i', 'n', 'g', 'k', 'i', 'n', 'g', '.', 'c', 'o', 'm', '\0',
   /* "crackle.io", true */ 'c', 'r', 'a', 'c', 'k', 'l', 'e', '.', 'i', 'o', '\0',
   /* "crackorsquad.in", true */ 'c', 'r', 'a', 'c', 'k', 'o', 'r', 's', 'q', 'u', 'a', 'd', '.', 'i', 'n', '\0',
   /* "crackpfer.de", true */ 'c', 'r', 'a', 'c', 'k', 'p', 'f', 'e', 'r', '.', 'd', 'e', '\0',
+  /* "crackslut.eu", true */ 'c', 'r', 'a', 'c', 'k', 's', 'l', 'u', 't', '.', 'e', 'u', '\0',
   /* "crackstation.net", true */ 'c', 'r', 'a', 'c', 'k', 's', 't', 'a', 't', 'i', 'o', 'n', '.', 'n', 'e', 't', '\0',
   /* "cradlepointecm.com", true */ 'c', 'r', 'a', 'd', 'l', 'e', 'p', 'o', 'i', 'n', 't', 'e', 'c', 'm', '.', 'c', 'o', 'm', '\0',
   /* "craftandbuild.de", true */ 'c', 'r', 'a', 'f', 't', 'a', 'n', 'd', 'b', 'u', 'i', 'l', 'd', '.', 'd', 'e', '\0',
   /* "craftcms.com", false */ 'c', 'r', 'a', 'f', 't', 'c', 'm', 's', '.', 'c', 'o', 'm', '\0',
   /* "craftcommerce.com", true */ 'c', 'r', 'a', 'f', 't', 'c', 'o', 'm', 'm', 'e', 'r', 'c', 'e', '.', 'c', 'o', 'm', '\0',
   /* "craftination.net", true */ 'c', 'r', 'a', 'f', 't', 'i', 'n', 'a', 't', 'i', 'o', 'n', '.', 'n', 'e', 't', '\0',
   /* "craftinginredlipstick.com", true */ 'c', 'r', 'a', 'f', 't', 'i', 'n', 'g', 'i', 'n', 'r', 'e', 'd', 'l', 'i', 'p', 's', 't', 'i', 'c', 'k', '.', 'c', 'o', 'm', '\0',
   /* "craftyguy.net", true */ 'c', 'r', 'a', 'f', 't', 'y', 'g', 'u', 'y', '.', 'n', 'e', 't', '\0',
@@ -4455,17 +4444,16 @@ static const char kSTSHostTable[] = {
   /* "cscau.com", true */ 'c', 's', 'c', 'a', 'u', '.', 'c', 'o', 'm', '\0',
   /* "csengle.de", true */ 'c', 's', 'e', 'n', 'g', 'l', 'e', '.', 'd', 'e', '\0',
   /* "csfm.com", true */ 'c', 's', 'f', 'm', '.', 'c', 'o', 'm', '\0',
   /* "csgo.help", true */ 'c', 's', 'g', 'o', '.', 'h', 'e', 'l', 'p', '\0',
   /* "csgo77.com", true */ 'c', 's', 'g', 'o', '7', '7', '.', 'c', 'o', 'm', '\0',
   /* "csgoelemental.com", true */ 'c', 's', 'g', 'o', 'e', 'l', 'e', 'm', 'e', 'n', 't', 'a', 'l', '.', 'c', 'o', 'm', '\0',
   /* "csgogamers.com", true */ 'c', 's', 'g', 'o', 'g', 'a', 'm', 'e', 'r', 's', '.', 'c', 'o', 'm', '\0',
   /* "csgohandouts.com", true */ 'c', 's', 'g', 'o', 'h', 'a', 'n', 'd', 'o', 'u', 't', 's', '.', 'c', 'o', 'm', '\0',
-  /* "csgoshifter.com", true */ 'c', 's', 'g', 'o', 's', 'h', 'i', 'f', 't', 'e', 'r', '.', 'c', 'o', 'm', '\0',
   /* "csgotwister.com", true */ 'c', 's', 'g', 'o', 't', 'w', 'i', 's', 't', 'e', 'r', '.', 'c', 'o', 'm', '\0',
   /* "cshopify.com", true */ 'c', 's', 'h', 'o', 'p', 'i', 'f', 'y', '.', 'c', 'o', 'm', '\0',
   /* "csmainframe.com", true */ 'c', 's', 'm', 'a', 'i', 'n', 'f', 'r', 'a', 'm', 'e', '.', 'c', 'o', 'm', '\0',
   /* "csokolade.hu", true */ 'c', 's', 'o', 'k', 'o', 'l', 'a', 'd', 'e', '.', 'h', 'u', '\0',
   /* "csp.ch", true */ 'c', 's', 'p', '.', 'c', 'h', '\0',
   /* "cspvalidator.org", true */ 'c', 's', 'p', 'v', 'a', 'l', 'i', 'd', 'a', 't', 'o', 'r', '.', 'o', 'r', 'g', '\0',
   /* "css.net", true */ 'c', 's', 's', '.', 'n', 'e', 't', '\0',
   /* "cssaunion.com", true */ 'c', 's', 's', 'a', 'u', 'n', 'i', 'o', 'n', '.', 'c', 'o', 'm', '\0',
@@ -4543,17 +4531,16 @@ static const char kSTSHostTable[] = {
   /* "customfilmworks.com", true */ 'c', 'u', 's', 't', 'o', 'm', 'f', 'i', 'l', 'm', 'w', 'o', 'r', 'k', 's', '.', 'c', 'o', 'm', '\0',
   /* "customshort.link", true */ 'c', 'u', 's', 't', 'o', 'm', 's', 'h', 'o', 'r', 't', '.', 'l', 'i', 'n', 'k', '\0',
   /* "customwritings.com", true */ 'c', 'u', 's', 't', 'o', 'm', 'w', 'r', 'i', 't', 'i', 'n', 'g', 's', '.', 'c', 'o', 'm', '\0',
   /* "cutimbo.ovh", true */ 'c', 'u', 't', 'i', 'm', 'b', 'o', '.', 'o', 'v', 'h', '\0',
   /* "cuvva.co", true */ 'c', 'u', 'v', 'v', 'a', '.', 'c', 'o', '\0',
   /* "cuvva.co.uk", true */ 'c', 'u', 'v', 'v', 'a', '.', 'c', 'o', '.', 'u', 'k', '\0',
   /* "cuvva.com", true */ 'c', 'u', 'v', 'v', 'a', '.', 'c', 'o', 'm', '\0',
   /* "cuvva.eu", true */ 'c', 'u', 'v', 'v', 'a', '.', 'e', 'u', '\0',
-  /* "cuvva.io", true */ 'c', 'u', 'v', 'v', 'a', '.', 'i', 'o', '\0',
   /* "cuvva.it", true */ 'c', 'u', 'v', 'v', 'a', '.', 'i', 't', '\0',
   /* "cuvva.me", true */ 'c', 'u', 'v', 'v', 'a', '.', 'm', 'e', '\0',
   /* "cuvva.net", true */ 'c', 'u', 'v', 'v', 'a', '.', 'n', 'e', 't', '\0',
   /* "cuvva.org", true */ 'c', 'u', 'v', 'v', 'a', '.', 'o', 'r', 'g', '\0',
   /* "cuvva.uk", true */ 'c', 'u', 'v', 'v', 'a', '.', 'u', 'k', '\0',
   /* "cuvva.us", true */ 'c', 'u', 'v', 'v', 'a', '.', 'u', 's', '\0',