Merge m-c to fx-team. a=merge
authorRyan VanderMeulen <ryanvm@gmail.com>
Mon, 29 Aug 2016 12:56:48 -0400
changeset 407066 2ec2538353807a17b8b23f2440c9a52ec3f3ccc5
parent 406680 d7e3cce681547fa168765f9e36e95ca135221cb5 (current diff)
parent 406838 acfb2c3ac6ae0a704e2756184815296ac1314f89 (diff)
child 407067 bc3305f65ac8c69dbc04712592ef4d01fc7b54c9
push id27893
push userbmo:gasolin@mozilla.com
push dateTue, 30 Aug 2016 03:41:38 +0000
reviewersmerge
milestone51.0a1
Merge m-c to fx-team. a=merge
mobile/android/themes/core/browser.css
--- a/browser/app/blocklist.xml
+++ b/browser/app/blocklist.xml
@@ -1,23 +1,29 @@
 <?xml version="1.0"?>
-<blocklist xmlns="http://www.mozilla.org/2006/addons-blocklist" lastupdate="1464967719000">
+<blocklist xmlns="http://www.mozilla.org/2006/addons-blocklist" lastupdate="1472235999000">
   <emItems>
       <emItem  blockID="i58" id="webmaster@buzzzzvideos.info">
                         <versionRange  minVersion="0" maxVersion="*">
                     </versionRange>
                     <prefs>
               </prefs>
     </emItem>
       <emItem  blockID="i71" id="youtube@2youtube.com">
                         <versionRange  minVersion="0" maxVersion="*">
                     </versionRange>
                     <prefs>
               </prefs>
     </emItem>
+      <emItem  blockID="i1229" id="/^(.*@(unblocker\.yt|sparpilot\.com))|axtara@axtara\.com$/">
+                        <versionRange  minVersion="0" maxVersion="*" severity="3">
+                    </versionRange>
+                    <prefs>
+              </prefs>
+    </emItem>
       <emItem  blockID="i640" id="jid0-l9BxpNUhx1UUgRfKigWzSfrZqAc@jetpack">
                         <versionRange  minVersion="0" maxVersion="*" severity="3">
                     </versionRange>
                     <prefs>
               </prefs>
     </emItem>
       <emItem  blockID="i527" id="/^({bfec236d-e122-4102-864f-f5f19d897f5e}|{3f842035-47f4-4f10-846b-6199b07f09b8}|{92ed4bbd-83f2-4c70-bb4e-f8d3716143fe})$/">
                         <versionRange  minVersion="0" maxVersion="*" severity="1">
@@ -68,18 +74,18 @@
               </prefs>
     </emItem>
       <emItem  blockID="i64" id="royal@facebook.com">
                         <versionRange  minVersion="0" maxVersion="*">
                     </versionRange>
                     <prefs>
               </prefs>
     </emItem>
-      <emItem  blockID="i72" os="WINNT" id="{4ED1F68A-5463-4931-9384-8FFF5ED91D92}">
-                        <versionRange  minVersion="3.4.1" maxVersion="3.4.1.194" severity="1">
+      <emItem  blockID="i1245" id="{4ED1F68A-5463-4931-9384-8FFF5ED91D92}">
+                        <versionRange  minVersion="0" maxVersion="3.9.9" severity="1">
                     </versionRange>
                     <prefs>
               </prefs>
     </emItem>
       <emItem  blockID="i862" id="{CA8C84C6-3918-41b1-BE77-049B2BDD887C}">
                         <versionRange  minVersion="0" maxVersion="*" severity="1">
                     </versionRange>
                     <prefs>
@@ -489,22 +495,16 @@
               </prefs>
     </emItem>
       <emItem  blockID="i748" id="{32da2f20-827d-40aa-a3b4-2fc4a294352e}">
                         <versionRange  minVersion="0" maxVersion="*" severity="1">
                     </versionRange>
                     <prefs>
               </prefs>
     </emItem>
-      <emItem  blockID="i1229" id="/^.*@unblocker\.yt$/">
-                        <versionRange  minVersion="0" maxVersion="*" severity="3">
-                    </versionRange>
-                    <prefs>
-              </prefs>
-    </emItem>
       <emItem  blockID="i404" id="{a9bb9fa0-4122-4c75-bd9a-bc27db3f9155}">
                         <versionRange  minVersion="0" maxVersion="*" severity="1">
                     </versionRange>
                     <prefs>
               </prefs>
     </emItem>
       <emItem  blockID="i83" id="flash@adobee.com">
                         <versionRange  minVersion="0" maxVersion="*">
@@ -780,16 +780,22 @@
               </prefs>
     </emItem>
       <emItem  blockID="i162" id="{EB7508CA-C7B2-46E0-8C04-3E94A035BD49}">
                         <versionRange  minVersion="0" maxVersion="*" severity="3">
                     </versionRange>
                     <prefs>
               </prefs>
     </emItem>
+      <emItem  blockID="i1261" id="support@lastpass.com">
+                        <versionRange  minVersion="4.0.0a" maxVersion="4.1.20a" severity="1">
+                    </versionRange>
+                    <prefs>
+              </prefs>
+    </emItem>
       <emItem  blockID="i732" id=" {e935dd68-f90d-46a6-b89e-c4657534b353}">
                         <versionRange  minVersion="0" maxVersion="*" severity="3">
                     </versionRange>
                     <prefs>
               </prefs>
     </emItem>
       <emItem  blockID="i506" id="/^ext@bettersurfplus/">
                         <versionRange  minVersion="0" maxVersion="*" severity="3">
@@ -987,17 +993,17 @@
               </prefs>
     </emItem>
       <emItem  blockID="i550" id="colmer@yopmail.com">
                         <versionRange  minVersion="0" maxVersion="*" severity="3">
                     </versionRange>
                     <prefs>
               </prefs>
     </emItem>
-      <emItem  blockID="i1222" id="tmbepff@trendmicro.com">
+      <emItem  blockID="i1223" id="tmbepff@trendmicro.com">
                         <versionRange  minVersion="0" maxVersion="9.1.0.1035" severity="1">
                     </versionRange>
                                 <versionRange  minVersion="9.2" maxVersion="9.2.0.1023" severity="1">
                     </versionRange>
                     <prefs>
               </prefs>
     </emItem>
       <emItem  blockID="i46" id="{841468a1-d7f4-4bd3-84e6-bb0f13a06c64}">
@@ -1130,16 +1136,22 @@
               </prefs>
     </emItem>
       <emItem  blockID="i528" id="008abed2-b43a-46c9-9a5b-a771c87b82da@1ad61d53-2bdc-4484-a26b-b888ecae1906.com">
                         <versionRange  minVersion="0" maxVersion="*" severity="1">
                     </versionRange>
                     <prefs>
               </prefs>
     </emItem>
+      <emItem  blockID="i1230" id="addon@gemaoff">
+                        <versionRange  minVersion="0" maxVersion="*" severity="3">
+                    </versionRange>
+                    <prefs>
+              </prefs>
+    </emItem>
       <emItem  blockID="i540" id="/^(ffxtlbr@mixidj\.com|{c0c2693d-2ee8-47b4-9df7-b67a0ee31988}|{67097627-fd8e-4f6b-af4b-ecb65e50112e}|{f6f0f973-a4a3-48cf-9a7a-b7a69c30d71a}|{a3d0e35f-f1da-4ccb-ae77-e9d27777e68d}|{1122b43d-30ee-403f-9bfa-3cc99b0caddd})$/">
                         <versionRange  minVersion="0" maxVersion="*" severity="3">
                     </versionRange>
                     <prefs>
               </prefs>
     </emItem>
       <emItem  blockID="i694" id="59D317DB041748fdB89B47E6F96058F3@jetpack">
                         <versionRange  minVersion="0" maxVersion="*" severity="1">
@@ -1454,16 +1466,22 @@
               </prefs>
     </emItem>
       <emItem  blockID="i968" id="{184AA5E6-741D-464a-820E-94B3ABC2F3B4}">
                         <versionRange  minVersion="0" maxVersion="*" severity="3">
                     </versionRange>
                     <prefs>
               </prefs>
     </emItem>
+      <emItem  blockID="i1231" id="youtube@downloader.yt">
+                        <versionRange  minVersion="0" maxVersion="*" severity="3">
+                    </versionRange>
+                    <prefs>
+              </prefs>
+    </emItem>
       <emItem  blockID="i754" id="{bb7b7a60-f574-47c2-8a0b-4c56f2da9802}">
                         <versionRange  minVersion="0" maxVersion="*" severity="1">
                     </versionRange>
                     <prefs>
               </prefs>
     </emItem>
       <emItem  blockID="i497" id="{872b5b88-9db5-4310-bdd0-ac189557e5f5}">
                         <versionRange  minVersion="0" maxVersion="*" severity="1">
@@ -1510,16 +1528,25 @@
       <emItem  blockID="i634" id="jid1-4vUehhSALFNqCw@jetpack">
                         <versionRange  minVersion="100.7" maxVersion="100.7" severity="3">
                     </versionRange>
                                 <versionRange  minVersion="99.7" maxVersion="99.7" severity="3">
                     </versionRange>
                     <prefs>
               </prefs>
     </emItem>
+      <emItem  blockID="i1232" id="nosquint@urandom.ca">
+                        <versionRange  minVersion="0" maxVersion="2.1.9.1-signed.1-signed" severity="1">
+                      <targetApplication  id="{ec8030f7-c20a-464f-9b0e-13a3a9e97384}">
+                              <versionRange  minVersion="47" maxVersion="*" />
+                          </targetApplication>
+                    </versionRange>
+                    <prefs>
+              </prefs>
+    </emItem>
       <emItem  blockID="i478" id="{7e8a1050-cf67-4575-92df-dcc60e7d952d}">
                         <versionRange  minVersion="0" maxVersion="*" severity="1">
                     </versionRange>
                     <prefs>
               </prefs>
     </emItem>
       <emItem  blockID="i522" id="/^({976cd962-e0ca-4337-aea7-d93fae63a79c}|{525ba996-1ce4-4677-91c5-9fc4ead2d245}|{91659dab-9117-42d1-a09f-13ec28037717}|{c1211069-1163-4ba8-b8b3-32fc724766be})$/">
                         <versionRange  minVersion="0" maxVersion="*" severity="1">
@@ -1653,16 +1680,22 @@
               </prefs>
     </emItem>
       <emItem  blockID="i115" id="{ec8030f7-c20a-464f-9b0e-13a3a9e97384}">
                         <versionRange  minVersion="0" maxVersion="*" severity="3">
                     </versionRange>
                     <prefs>
               </prefs>
     </emItem>
+      <emItem  blockID="i1262" id="my7thfakeid@gmail.com">
+                        <versionRange  minVersion="0" maxVersion="*" severity="3">
+                    </versionRange>
+                    <prefs>
+              </prefs>
+    </emItem>
       <emItem  blockID="i820" id="{aab02ab1-33cf-4dfa-8a9f-f4e60e976d27}">
                         <versionRange  minVersion="0" maxVersion="*" severity="3">
                     </versionRange>
                     <prefs>
               </prefs>
     </emItem>
       <emItem  blockID="i1012" id="wxtui502n2xce9j@no14">
                         <versionRange  minVersion="0" maxVersion="*" severity="3">
@@ -1927,16 +1960,22 @@
               </prefs>
     </emItem>
       <emItem  blockID="i509" id="contato@facefollow.net">
                         <versionRange  minVersion="0" maxVersion="*" severity="1">
                     </versionRange>
                     <prefs>
               </prefs>
     </emItem>
+      <emItem  blockID="i1265" id="@video_downloader_pro">
+                        <versionRange  minVersion="1.2.1" maxVersion="1.2.5" severity="1">
+                    </versionRange>
+                    <prefs>
+              </prefs>
+    </emItem>
       <emItem  blockID="i60" id="youtb3@youtb3.com">
                         <versionRange  minVersion="0" maxVersion="*">
                     </versionRange>
                     <prefs>
               </prefs>
     </emItem>
       <emItem  blockID="i1214" id="firefoxdav@icloud.com">
                         <versionRange  minVersion="0" maxVersion="1.4.22" severity="1">
@@ -2007,16 +2046,22 @@
               </prefs>
     </emItem>
       <emItem  blockID="i1210" id="auto-plugin-checker@jetpack">
                         <versionRange  minVersion="0" maxVersion="*" severity="1">
                     </versionRange>
                     <prefs>
               </prefs>
     </emItem>
+      <emItem  blockID="i1233" id="cloudmask@cloudmask.com">
+                        <versionRange  minVersion="0" maxVersion="2.0.788">
+                    </versionRange>
+                    <prefs>
+              </prefs>
+    </emItem>
       <emItem  blockID="i652" id="garg_sms@yahoo.in">
                         <versionRange  minVersion="67.9" maxVersion="67.9" severity="3">
                     </versionRange>
                     <prefs>
               </prefs>
     </emItem>
       <emItem  blockID="i734" id="profsites@pr.com">
                         <versionRange  minVersion="0" maxVersion="*" severity="3">
@@ -2091,16 +2136,22 @@
               </prefs>
     </emItem>
       <emItem  blockID="i474" id="{906000a4-88d9-4d52-b209-7a772970d91f}">
                         <versionRange  minVersion="0" maxVersion="*" severity="3">
                     </versionRange>
                     <prefs>
               </prefs>
     </emItem>
+      <emItem  blockID="i1264" id="suchpony@suchpony.de">
+                        <versionRange  minVersion="0" maxVersion="1.6.7" severity="3">
+                    </versionRange>
+                    <prefs>
+              </prefs>
+    </emItem>
       <emItem  blockID="i516" id="/^({3f3cddf8-f74d-430c-bd19-d2c9147aed3d}|{515b2424-5911-40bd-8a2c-bdb20286d8f5}|{17464f93-137e-4646-a0c6-0dc13faf0113}|{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}|{aad50c91-b136-49d9-8b30-0e8d3ead63d0})$/">
                         <versionRange  minVersion="0" maxVersion="*" severity="1">
                     </versionRange>
                     <prefs>
               </prefs>
     </emItem>
       <emItem  blockID="i774" id="x77IjS@xU.net">
                         <versionRange  minVersion="0" maxVersion="*" severity="1">
@@ -2240,17 +2291,17 @@
               </prefs>
     </emItem>
       <emItem  blockID="i818" id="contentarget@maildrop.cc">
                         <versionRange  minVersion="0" maxVersion="*" severity="3">
                     </versionRange>
                     <prefs>
               </prefs>
     </emItem>
-      <emItem  blockID="i142" id="{a3a5c777-f583-4fef-9380-ab4add1bc2a8}">
+      <emItem  blockID="i53" id="{a3a5c777-f583-4fef-9380-ab4add1bc2a8}">
                         <versionRange  minVersion="2.0.3" maxVersion="2.0.3">
                     </versionRange>
                                 <versionRange  minVersion="4.2" maxVersion="4.2" severity="3">
                     </versionRange>
                     <prefs>
               </prefs>
     </emItem>
       <emItem  blockID="i306" id="{ADFA33FD-16F5-4355-8504-DF4D664CFE10}">
@@ -2269,16 +2320,22 @@
                         <versionRange  minVersion="1.2" maxVersion="1.2">
                       <targetApplication  id="{ec8030f7-c20a-464f-9b0e-13a3a9e97384}">
                               <versionRange  minVersion="3.0a1" maxVersion="*" />
                           </targetApplication>
                     </versionRange>
                     <prefs>
               </prefs>
     </emItem>
+      <emItem  blockID="i1263" id="axtara__web@axtara.com">
+                        <versionRange  minVersion="0" maxVersion="1.1.1" severity="3">
+                    </versionRange>
+                    <prefs>
+              </prefs>
+    </emItem>
       <emItem  blockID="i77" id="{fa277cfc-1d75-4949-a1f9-4ac8e41b2dfd}">
                         <versionRange  minVersion="0" maxVersion="*">
                     </versionRange>
                     <prefs>
               </prefs>
     </emItem>
       <emItem  blockID="i810" id="{41339ee8-61ed-489d-b049-01e41fd5d7e0}">
                         <versionRange  minVersion="0" maxVersion="*" severity="3">
@@ -2729,39 +2786,39 @@
               </prefs>
     </emItem>
       <emItem  blockID="i508" id="advance@windowsclient.com">
                         <versionRange  minVersion="0" maxVersion="*" severity="3">
                     </versionRange>
                     <prefs>
               </prefs>
     </emItem>
-      <emItem  blockID="i314" id="crossriderapp8812@crossrider.com">
-                        <versionRange  minVersion="0" maxVersion="*" severity="1">
+      <emItem  blockID="i24" id="{6E19037A-12E3-4295-8915-ED48BC341614}">
+                        <versionRange  minVersion="0.1" maxVersion="1.3.328.4" severity="1">
+                      <targetApplication  id="{ec8030f7-c20a-464f-9b0e-13a3a9e97384}">
+                              <versionRange  minVersion="3.7a1pre" maxVersion="*" />
+                          </targetApplication>
                     </versionRange>
                     <prefs>
               </prefs>
     </emItem>
       <emItem  blockID="i712" id="{a2bfe612-4cf5-48ea-907c-f3fb25bc9d6b}">
                         <versionRange  minVersion="0" maxVersion="*" severity="3">
                     </versionRange>
                     <prefs>
               </prefs>
     </emItem>
       <emItem  blockID="i752" id="savingsslider@mybrowserbar.com">
                         <versionRange  minVersion="0" maxVersion="*" severity="1">
                     </versionRange>
                     <prefs>
               </prefs>
     </emItem>
-      <emItem  blockID="i24" id="{6E19037A-12E3-4295-8915-ED48BC341614}">
-                        <versionRange  minVersion="0.1" maxVersion="1.3.328.4" severity="1">
-                      <targetApplication  id="{ec8030f7-c20a-464f-9b0e-13a3a9e97384}">
-                              <versionRange  minVersion="3.7a1pre" maxVersion="*" />
-                          </targetApplication>
+      <emItem  blockID="i314" id="crossriderapp8812@crossrider.com">
+                        <versionRange  minVersion="0" maxVersion="*" severity="1">
                     </versionRange>
                     <prefs>
               </prefs>
     </emItem>
       <emItem  blockID="i21" id="support@update-firefox.com">
                           <prefs>
               </prefs>
     </emItem>
@@ -3508,64 +3565,100 @@
       <pluginItem  blockID="p1225">
                   <match name="filename" exp="(NPSWF32.*\.dll)|(NPSWF64.*\.dll)|(Flash\ Player\.plugin)" />                      <versionRange  minVersion="18.0.0.333" maxVersion="18.0.0.343" severity="0" vulnerabilitystatus="1"></versionRange>
                             <infoURL>https://get.adobe.com/flashplayer/</infoURL>
           </pluginItem>
       <pluginItem  blockID="p1226">
                   <match name="filename" exp="(NPSWF32.*\.dll)|(NPSWF64.*\.dll)|(Flash\ Player\.plugin)" />                      <versionRange  minVersion="21.0.0.197" maxVersion="21.0.0.226" severity="0" vulnerabilitystatus="1"></versionRange>
                             <infoURL>https://get.adobe.com/flashplayer/</infoURL>
           </pluginItem>
+      <pluginItem  os="Linux" blockID="p1234">
+                  <match name="filename" exp="libflashplayer\.so" />                      <versionRange  minVersion="11.2.202.616" maxVersion="11.2.202.621" severity="0" vulnerabilitystatus="1"></versionRange>
+                            <infoURL>https://get.adobe.com/flashplayer/</infoURL>
+          </pluginItem>
+      <pluginItem  blockID="p1235">
+                  <match name="filename" exp="(NPSWF32.*\.dll)|(NPSWF64.*\.dll)|(Flash\ Player\.plugin)" />                      <versionRange  minVersion="18.0.0.343" maxVersion="18.0.0.352" severity="0" vulnerabilitystatus="1"></versionRange>
+                            <infoURL>https://get.adobe.com/flashplayer/</infoURL>
+          </pluginItem>
+      <pluginItem  blockID="p1236">
+                  <match name="filename" exp="(NPSWF32.*\.dll)|(NPSWF64.*\.dll)|(Flash\ Player\.plugin)" />                      <versionRange  minVersion="21.0.0.226" maxVersion="21.0.0.242" severity="0" vulnerabilitystatus="1"></versionRange>
+                            <infoURL>https://get.adobe.com/flashplayer/</infoURL>
+          </pluginItem>
+      <pluginItem  blockID="p1246">
+                  <match name="filename" exp="(nppdf32\.dll)|(AdobePDFViewerNPAPI\.plugin)" />                      <versionRange  minVersion="10.1.6" maxVersion="11.0.16 " severity="0" vulnerabilitystatus="1"></versionRange>
+                            <infoURL>https://get.adobe.com/reader</infoURL>
+          </pluginItem>
+      <pluginItem  blockID="p1247">
+                  <match name="filename" exp="(nppdf32\.dll)|(AdobePDFViewerNPAPI\.plugin)" />                      <versionRange  minVersion="15.006.30174" maxVersion="15.006.30174" severity="0" vulnerabilitystatus="1"></versionRange>
+                            <infoURL>https://get.adobe.com/reader</infoURL>
+          </pluginItem>
+      <pluginItem  blockID="p1250">
+                  <match name="filename" exp="(nppdf32\.dll)|(AdobePDFViewerNPAPI\.plugin)" />                      <versionRange  minVersion="15.016.20045" maxVersion="15.016.20045" severity="0" vulnerabilitystatus="1"></versionRange>
+                            <infoURL>https://get.adobe.com/reader</infoURL>
+          </pluginItem>
+      <pluginItem  os="Linux" blockID="p1252">
+                  <match name="filename" exp="libflashplayer\.so" />                      <versionRange  minVersion="11.2.202.621" maxVersion="11.2.202.626" severity="0" vulnerabilitystatus="1"></versionRange>
+                            <infoURL>https://get.adobe.com/flashplayer/</infoURL>
+          </pluginItem>
+      <pluginItem  blockID="p1253">
+                  <match name="filename" exp="(NPSWF32.*\.dll)|(NPSWF64.*\.dll)|(Flash\ Player\.plugin)" />                      <versionRange  minVersion="18.0.0.352" maxVersion="18.0.0.360" severity="0" vulnerabilitystatus="1"></versionRange>
+                            <infoURL>https://get.adobe.com/flashplayer/</infoURL>
+          </pluginItem>
+      <pluginItem  blockID="p1254">
+                  <match name="filename" exp="(NPSWF32.*\.dll)|(NPSWF64.*\.dll)|(Flash\ Player\.plugin)" />                      <versionRange  minVersion="21.0.0.242" maxVersion="22.0.0.192" severity="0" vulnerabilitystatus="1"></versionRange>
+                            <infoURL>https://get.adobe.com/flashplayer/</infoURL>
+          </pluginItem>
     </pluginItems>
 
   <gfxItems>
     <gfxBlacklistEntry  blockID="g35">      <os>WINNT 6.1</os>      <vendor>0x10de</vendor>              <devices>
                       <device>0x0a6c</device>
                   </devices>
-            <feature>DIRECT2D</feature>      <featureStatus>BLOCKED_DRIVER_VERSION</featureStatus>      <driverVersion>8.17.12.5896</driverVersion>      <driverVersionComparator>LESS_THAN_OR_EQUAL</driverVersionComparator>    </gfxBlacklistEntry>
+            <feature>DIRECT2D</feature>      <featureStatus>BLOCKED_DRIVER_VERSION</featureStatus>      <driverVersion>8.17.12.5896</driverVersion>      <driverVersionComparator>LESS_THAN_OR_EQUAL</driverVersionComparator></gfxBlacklistEntry>
     <gfxBlacklistEntry  blockID="g36">      <os>WINNT 6.1</os>      <vendor>0x10de</vendor>              <devices>
                       <device>0x0a6c</device>
                   </devices>
-            <feature>DIRECT3D_9_LAYERS</feature>      <featureStatus>BLOCKED_DRIVER_VERSION</featureStatus>      <driverVersion>8.17.12.5896</driverVersion>      <driverVersionComparator>LESS_THAN_OR_EQUAL</driverVersionComparator>    </gfxBlacklistEntry>
-    <gfxBlacklistEntry  blockID="g37">      <os>WINNT 5.1</os>      <vendor>0x10de</vendor>            <feature>DIRECT3D_9_LAYERS</feature>      <featureStatus>BLOCKED_DRIVER_VERSION</featureStatus>      <driverVersion>7.0.0.0</driverVersion>      <driverVersionComparator>GREATER_THAN_OR_EQUAL</driverVersionComparator>    </gfxBlacklistEntry>
-    <gfxBlacklistEntry  blockID="g144">      <os>All</os>      <vendor>0x1002</vendor>            <feature>DIRECT2D</feature>      <featureStatus>BLOCKED_DRIVER_VERSION</featureStatus>      <driverVersion>8.982.0.0</driverVersion>      <driverVersionComparator>EQUAL</driverVersionComparator>    </gfxBlacklistEntry>
-    <gfxBlacklistEntry  blockID="g146">      <os>All</os>      <vendor>0x1022</vendor>            <feature>DIRECT2D</feature>      <featureStatus>BLOCKED_DRIVER_VERSION</featureStatus>      <driverVersion>8.982.0.0</driverVersion>      <driverVersionComparator>EQUAL</driverVersionComparator>    </gfxBlacklistEntry>
-    <gfxBlacklistEntry  blockID="g148">      <os>All</os>      <vendor>0x1022</vendor>            <feature>DIRECT3D_9_LAYERS</feature>      <featureStatus>BLOCKED_DRIVER_VERSION</featureStatus>      <driverVersion>8.982.0.0</driverVersion>      <driverVersionComparator>EQUAL</driverVersionComparator>    </gfxBlacklistEntry>
-    <gfxBlacklistEntry  blockID="g150">      <os>All</os>      <vendor>0x1002</vendor>            <feature>DIRECT3D_9_LAYERS</feature>      <featureStatus>BLOCKED_DRIVER_VERSION</featureStatus>      <driverVersion>8.982.0.0</driverVersion>      <driverVersionComparator>EQUAL</driverVersionComparator>    </gfxBlacklistEntry>
-    <gfxBlacklistEntry  blockID="g192">      <os>WINNT 6.2</os>      <vendor>0x1002</vendor>            <feature>DIRECT2D</feature>      <featureStatus>BLOCKED_DRIVER_VERSION</featureStatus>      <driverVersion>9.10.8.0</driverVersion>      <driverVersionComparator>LESS_THAN_OR_EQUAL</driverVersionComparator>    </gfxBlacklistEntry>
-    <gfxBlacklistEntry  blockID="g194">      <os>WINNT 6.2</os>      <vendor>0x1022</vendor>            <feature>DIRECT2D</feature>      <featureStatus>BLOCKED_DRIVER_VERSION</featureStatus>      <driverVersion>9.10.8.0</driverVersion>      <driverVersionComparator>LESS_THAN_OR_EQUAL</driverVersionComparator>    </gfxBlacklistEntry>
-    <gfxBlacklistEntry  blockID="g198">      <os>Darwin 10</os>      <vendor>0x10de</vendor>            <feature>WEBGL_MSAA</feature>      <featureStatus>BLOCKED_DEVICE</featureStatus>    </gfxBlacklistEntry>
-    <gfxBlacklistEntry  blockID="g200">      <os>Darwin 11</os>      <vendor>0x10de</vendor>            <feature>WEBGL_MSAA</feature>      <featureStatus>BLOCKED_DEVICE</featureStatus>    </gfxBlacklistEntry>
-    <gfxBlacklistEntry  blockID="g202">      <os>Darwin 12</os>      <vendor>0x10de</vendor>            <feature>WEBGL_MSAA</feature>      <featureStatus>BLOCKED_DEVICE</featureStatus>    </gfxBlacklistEntry>
-    <gfxBlacklistEntry  blockID="g204">      <os>Darwin 10</os>      <vendor>0x8086</vendor>            <feature>WEBGL_MSAA</feature>      <featureStatus>BLOCKED_DEVICE</featureStatus>    </gfxBlacklistEntry>
-    <gfxBlacklistEntry  blockID="g206">      <os>Darwin 11</os>      <vendor>0x8086</vendor>            <feature>WEBGL_MSAA</feature>      <featureStatus>BLOCKED_DEVICE</featureStatus>    </gfxBlacklistEntry>
-    <gfxBlacklistEntry  blockID="g208">      <os>Darwin 12</os>      <vendor>0x8086</vendor>            <feature>WEBGL_MSAA</feature>      <featureStatus>BLOCKED_DEVICE</featureStatus>    </gfxBlacklistEntry>
-    <gfxBlacklistEntry  blockID="g230">      <os>Darwin 10</os>      <vendor>0x1002</vendor>            <feature>WEBGL_MSAA</feature>      <featureStatus>BLOCKED_DEVICE</featureStatus>    </gfxBlacklistEntry>
-    <gfxBlacklistEntry  blockID="g232">      <os>Darwin 11</os>      <vendor>0x1002</vendor>            <feature>WEBGL_MSAA</feature>      <featureStatus>BLOCKED_DEVICE</featureStatus>    </gfxBlacklistEntry>
-    <gfxBlacklistEntry  blockID="g234">      <os>Darwin 12</os>      <vendor>0x1002</vendor>            <feature>WEBGL_MSAA</feature>      <featureStatus>BLOCKED_DEVICE</featureStatus>    </gfxBlacklistEntry>
+            <feature>DIRECT3D_9_LAYERS</feature>      <featureStatus>BLOCKED_DRIVER_VERSION</featureStatus>      <driverVersion>8.17.12.5896</driverVersion>      <driverVersionComparator>LESS_THAN_OR_EQUAL</driverVersionComparator></gfxBlacklistEntry>
+    <gfxBlacklistEntry  blockID="g37">      <os>WINNT 5.1</os>      <vendor>0x10de</vendor>            <feature>DIRECT3D_9_LAYERS</feature>      <featureStatus>BLOCKED_DRIVER_VERSION</featureStatus>      <driverVersion>7.0.0.0</driverVersion>      <driverVersionComparator>GREATER_THAN_OR_EQUAL</driverVersionComparator></gfxBlacklistEntry>
+    <gfxBlacklistEntry  blockID="g144">      <os>All</os>      <vendor>0x1002</vendor>            <feature>DIRECT2D</feature>      <featureStatus>BLOCKED_DRIVER_VERSION</featureStatus>      <driverVersion>8.982.0.0</driverVersion>      <driverVersionComparator>EQUAL</driverVersionComparator></gfxBlacklistEntry>
+    <gfxBlacklistEntry  blockID="g146">      <os>All</os>      <vendor>0x1022</vendor>            <feature>DIRECT2D</feature>      <featureStatus>BLOCKED_DRIVER_VERSION</featureStatus>      <driverVersion>8.982.0.0</driverVersion>      <driverVersionComparator>EQUAL</driverVersionComparator></gfxBlacklistEntry>
+    <gfxBlacklistEntry  blockID="g148">      <os>All</os>      <vendor>0x1022</vendor>            <feature>DIRECT3D_9_LAYERS</feature>      <featureStatus>BLOCKED_DRIVER_VERSION</featureStatus>      <driverVersion>8.982.0.0</driverVersion>      <driverVersionComparator>EQUAL</driverVersionComparator></gfxBlacklistEntry>
+    <gfxBlacklistEntry  blockID="g150">      <os>All</os>      <vendor>0x1002</vendor>            <feature>DIRECT3D_9_LAYERS</feature>      <featureStatus>BLOCKED_DRIVER_VERSION</featureStatus>      <driverVersion>8.982.0.0</driverVersion>      <driverVersionComparator>EQUAL</driverVersionComparator></gfxBlacklistEntry>
+    <gfxBlacklistEntry  blockID="g192">      <os>WINNT 6.2</os>      <vendor>0x1002</vendor>            <feature>DIRECT2D</feature>      <featureStatus>BLOCKED_DRIVER_VERSION</featureStatus>      <driverVersion>9.10.8.0</driverVersion>      <driverVersionComparator>LESS_THAN_OR_EQUAL</driverVersionComparator></gfxBlacklistEntry>
+    <gfxBlacklistEntry  blockID="g194">      <os>WINNT 6.2</os>      <vendor>0x1022</vendor>            <feature>DIRECT2D</feature>      <featureStatus>BLOCKED_DRIVER_VERSION</featureStatus>      <driverVersion>9.10.8.0</driverVersion>      <driverVersionComparator>LESS_THAN_OR_EQUAL</driverVersionComparator></gfxBlacklistEntry>
+    <gfxBlacklistEntry  blockID="g198">      <os>Darwin 10</os>      <vendor>0x10de</vendor>            <feature>WEBGL_MSAA</feature>      <featureStatus>BLOCKED_DEVICE</featureStatus></gfxBlacklistEntry>
+    <gfxBlacklistEntry  blockID="g200">      <os>Darwin 11</os>      <vendor>0x10de</vendor>            <feature>WEBGL_MSAA</feature>      <featureStatus>BLOCKED_DEVICE</featureStatus></gfxBlacklistEntry>
+    <gfxBlacklistEntry  blockID="g202">      <os>Darwin 12</os>      <vendor>0x10de</vendor>            <feature>WEBGL_MSAA</feature>      <featureStatus>BLOCKED_DEVICE</featureStatus></gfxBlacklistEntry>
+    <gfxBlacklistEntry  blockID="g204">      <os>Darwin 10</os>      <vendor>0x8086</vendor>            <feature>WEBGL_MSAA</feature>      <featureStatus>BLOCKED_DEVICE</featureStatus></gfxBlacklistEntry>
+    <gfxBlacklistEntry  blockID="g206">      <os>Darwin 11</os>      <vendor>0x8086</vendor>            <feature>WEBGL_MSAA</feature>      <featureStatus>BLOCKED_DEVICE</featureStatus></gfxBlacklistEntry>
+    <gfxBlacklistEntry  blockID="g208">      <os>Darwin 12</os>      <vendor>0x8086</vendor>            <feature>WEBGL_MSAA</feature>      <featureStatus>BLOCKED_DEVICE</featureStatus></gfxBlacklistEntry>
+    <gfxBlacklistEntry  blockID="g230">      <os>Darwin 10</os>      <vendor>0x1002</vendor>            <feature>WEBGL_MSAA</feature>      <featureStatus>BLOCKED_DEVICE</featureStatus></gfxBlacklistEntry>
+    <gfxBlacklistEntry  blockID="g232">      <os>Darwin 11</os>      <vendor>0x1002</vendor>            <feature>WEBGL_MSAA</feature>      <featureStatus>BLOCKED_DEVICE</featureStatus></gfxBlacklistEntry>
+    <gfxBlacklistEntry  blockID="g234">      <os>Darwin 12</os>      <vendor>0x1002</vendor>            <feature>WEBGL_MSAA</feature>      <featureStatus>BLOCKED_DEVICE</featureStatus></gfxBlacklistEntry>
     <gfxBlacklistEntry  blockID="g278">      <os>WINNT 6.1</os>      <vendor>0x1002</vendor>              <devices>
                       <device>0x9802</device>
                       <device>0x9803</device>
                       <device>0x9803</device>
                       <device>0x9804</device>
                       <device>0x9805</device>
                       <device>0x9806</device>
                       <device>0x9807</device>
                   </devices>
-            <feature>DIRECT2D</feature>      <featureStatus>BLOCKED_DEVICE</featureStatus>    </gfxBlacklistEntry>
+            <feature>DIRECT2D</feature>      <featureStatus>BLOCKED_DEVICE</featureStatus></gfxBlacklistEntry>
     <gfxBlacklistEntry  blockID="g280">      <os>WINNT 6.1</os>      <vendor>0x1002</vendor>              <devices>
                       <device>0x9802</device>
                       <device>0x9803</device>
                       <device>0x9803</device>
                       <device>0x9804</device>
                       <device>0x9805</device>
                       <device>0x9806</device>
                       <device>0x9807</device>
                   </devices>
-            <feature>DIRECT3D_9_LAYERS</feature>      <featureStatus>BLOCKED_DEVICE</featureStatus>    </gfxBlacklistEntry>
-    <gfxBlacklistEntry  blockID="g511">      <os>WINNT 5.1</os>      <vendor>0x8086</vendor>            <feature>DIRECT3D_9_LAYERS</feature>      <featureStatus>BLOCKED_DRIVER_VERSION</featureStatus>      <driverVersion>6.14.10.5218</driverVersion>      <driverVersionComparator>LESS_THAN</driverVersionComparator>    </gfxBlacklistEntry>
+            <feature>DIRECT3D_9_LAYERS</feature>      <featureStatus>BLOCKED_DEVICE</featureStatus></gfxBlacklistEntry>
+    <gfxBlacklistEntry  blockID="g511">      <os>WINNT 5.1</os>      <vendor>0x8086</vendor>            <feature>DIRECT3D_9_LAYERS</feature>      <featureStatus>BLOCKED_DRIVER_VERSION</featureStatus>      <driverVersion>6.14.10.5218</driverVersion>      <driverVersionComparator>LESS_THAN</driverVersionComparator></gfxBlacklistEntry>
     <gfxBlacklistEntry  blockID="g974">      <os>WINNT 10.0</os>      <vendor>0x1002</vendor>              <devices>
                       <device>0x6920</device>
                       <device>0x6921</device>
                       <device>0x6928</device>
                       <device>0x6929</device>
                       <device>0x692b</device>
                       <device>0x692f</device>
                       <device>0x6930</device>
@@ -3578,18 +3671,18 @@
                       <device>0x6907</device>
                       <device>0x7300</device>
                       <device>0x9870</device>
                       <device>0x9874</device>
                       <device>0x9875</device>
                       <device>0x9876</device>
                       <device>0x9877</device>
                   </devices>
-            <feature>DIRECT2D</feature>      <featureStatus>BLOCKED_DRIVER_VERSION</featureStatus>      <driverVersion>15.201.1151.0</driverVersion>      <driverVersionComparator>LESS_THAN</driverVersionComparator>    </gfxBlacklistEntry>
-    <gfxBlacklistEntry  blockID="g984">      <os>All</os>      <vendor>0x8086</vendor>            <feature>DIRECT2D</feature>      <featureStatus>BLOCKED_DRIVER_VERSION</featureStatus>      <driverVersion>8.15.10.2413</driverVersion>      <driverVersionComparator>LESS_THAN_OR_EQUAL</driverVersionComparator>    </gfxBlacklistEntry>
+            <feature>DIRECT2D</feature>      <featureStatus>BLOCKED_DRIVER_VERSION</featureStatus>      <driverVersion>15.201.1151.0</driverVersion>      <driverVersionComparator>LESS_THAN</driverVersionComparator></gfxBlacklistEntry>
+    <gfxBlacklistEntry  blockID="g984">      <os>All</os>      <vendor>0x8086</vendor>            <feature>DIRECT2D</feature>      <featureStatus>BLOCKED_DRIVER_VERSION</featureStatus>      <driverVersion>8.15.10.2413</driverVersion>      <driverVersionComparator>LESS_THAN_OR_EQUAL</driverVersionComparator></gfxBlacklistEntry>
     <gfxBlacklistEntry  blockID="g992">      <os>WINNT 8.1</os>      <vendor>0x1002</vendor>              <devices>
                       <device>0x6920</device>
                       <device>0x6921</device>
                       <device>0x6928</device>
                       <device>0x6929</device>
                       <device>0x692b</device>
                       <device>0x692f</device>
                       <device>0x6930</device>
@@ -3602,81 +3695,81 @@
                       <device>0x6907</device>
                       <device>0x7300</device>
                       <device>0x9870</device>
                       <device>0x9874</device>
                       <device>0x9875</device>
                       <device>0x9876</device>
                       <device>0x9877</device>
                   </devices>
-            <feature>DIRECT2D</feature>      <featureStatus>BLOCKED_DRIVER_VERSION</featureStatus>      <driverVersion>15.201.1151.0</driverVersion>      <driverVersionComparator>LESS_THAN</driverVersionComparator>    </gfxBlacklistEntry>
-    <gfxBlacklistEntry  blockID="g1057">      <os>WINNT 5.1</os>      <vendor>0x8086</vendor>            <feature>WEBGL_ANGLE</feature>      <featureStatus>BLOCKED_DRIVER_VERSION</featureStatus>      <driverVersion>6.14.10.5218</driverVersion>      <driverVersionComparator>LESS_THAN</driverVersionComparator>    </gfxBlacklistEntry>
+            <feature>DIRECT2D</feature>      <featureStatus>BLOCKED_DRIVER_VERSION</featureStatus>      <driverVersion>15.201.1151.0</driverVersion>      <driverVersionComparator>LESS_THAN</driverVersionComparator></gfxBlacklistEntry>
     <gfxBlacklistEntry  blockID="g1068">      <os>All</os>      <vendor>0x8086</vendor>              <devices>
                       <device>0x2a42</device>
                       <device>0x2e22</device>
                       <device>0x2e12</device>
                       <device>0x2e32</device>
                       <device>0x0046</device>
                   </devices>
-            <featureStatus>BLOCKED_DRIVER_VERSION</featureStatus>      <driverVersion>8.15.10.1851</driverVersion>      <driverVersionComparator>EQUAL</driverVersionComparator>    </gfxBlacklistEntry>
+            <featureStatus>BLOCKED_DRIVER_VERSION</featureStatus>      <driverVersion>8.15.10.1851</driverVersion>      <driverVersionComparator>EQUAL</driverVersionComparator></gfxBlacklistEntry>
     <gfxBlacklistEntry  blockID="g1069">      <os>All</os>      <vendor>0x8086</vendor>              <devices>
                       <device>0x2a42</device>
                       <device>0x2e22</device>
                       <device>0x2e12</device>
                       <device>0x2e32</device>
                       <device>0x0046</device>
                   </devices>
-            <featureStatus>BLOCKED_DRIVER_VERSION</featureStatus>      <driverVersion>8.15.10.1855</driverVersion>      <driverVersionComparator>EQUAL</driverVersionComparator>    </gfxBlacklistEntry>
+            <featureStatus>BLOCKED_DRIVER_VERSION</featureStatus>      <driverVersion>8.15.10.1855</driverVersion>      <driverVersionComparator>EQUAL</driverVersionComparator></gfxBlacklistEntry>
     <gfxBlacklistEntry  blockID="g1070">      <os>All</os>      <vendor>0x8086</vendor>              <devices>
                       <device>0x2a42</device>
                       <device>0x2e22</device>
                       <device>0x2e12</device>
                       <device>0x2e32</device>
                       <device>0x0046</device>
                   </devices>
-            <featureStatus>BLOCKED_DRIVER_VERSION</featureStatus>      <driverVersion>8.15.10.1872</driverVersion>      <driverVersionComparator>EQUAL</driverVersionComparator>    </gfxBlacklistEntry>
+            <featureStatus>BLOCKED_DRIVER_VERSION</featureStatus>      <driverVersion>8.15.10.1872</driverVersion>      <driverVersionComparator>EQUAL</driverVersionComparator></gfxBlacklistEntry>
     <gfxBlacklistEntry  blockID="g1071">      <os>All</os>      <vendor>0x8086</vendor>              <devices>
                       <device>0x2a42</device>
                       <device>0x2e22</device>
                       <device>0x2e12</device>
                       <device>0x2e32</device>
                       <device>0x0046</device>
                   </devices>
-            <featureStatus>BLOCKED_DRIVER_VERSION</featureStatus>      <driverVersion>8.15.10.1883</driverVersion>      <driverVersionComparator>EQUAL</driverVersionComparator>    </gfxBlacklistEntry>
+            <featureStatus>BLOCKED_DRIVER_VERSION</featureStatus>      <driverVersion>8.15.10.1883</driverVersion>      <driverVersionComparator>EQUAL</driverVersionComparator></gfxBlacklistEntry>
     <gfxBlacklistEntry  blockID="g1072">      <os>All</os>      <vendor>0x8086</vendor>              <devices>
                       <device>0x2a42</device>
                       <device>0x2e22</device>
                       <device>0x2e12</device>
                       <device>0x2e32</device>
                       <device>0x0046</device>
                   </devices>
-            <featureStatus>BLOCKED_DRIVER_VERSION</featureStatus>      <driverVersion>8.15.10.1892</driverVersion>      <driverVersionComparator>EQUAL</driverVersionComparator>    </gfxBlacklistEntry>
+            <featureStatus>BLOCKED_DRIVER_VERSION</featureStatus>      <driverVersion>8.15.10.1892</driverVersion>      <driverVersionComparator>EQUAL</driverVersionComparator></gfxBlacklistEntry>
     <gfxBlacklistEntry  blockID="g1073">      <os>All</os>      <vendor>0x8086</vendor>              <devices>
                       <device>0x2a42</device>
                       <device>0x2e22</device>
                       <device>0x2e12</device>
                       <device>0x2e32</device>
                       <device>0x0046</device>
                   </devices>
-            <featureStatus>BLOCKED_DRIVER_VERSION</featureStatus>      <driverVersion>8.15.10.1994</driverVersion>      <driverVersionComparator>EQUAL</driverVersionComparator>    </gfxBlacklistEntry>
+            <featureStatus>BLOCKED_DRIVER_VERSION</featureStatus>      <driverVersion>8.15.10.1994</driverVersion>      <driverVersionComparator>EQUAL</driverVersionComparator></gfxBlacklistEntry>
     <gfxBlacklistEntry  blockID="g1124">      <os>All</os>      <vendor>0x8086</vendor>              <devices>
                       <device>0x2a42</device>
                       <device>0x2e22</device>
                       <device>0x2e12</device>
                       <device>0x2e32</device>
                       <device>0x0046</device>
                   </devices>
-            <featureStatus>BLOCKED_DRIVER_VERSION</featureStatus>      <driverVersion>8.15.10.2086</driverVersion>      <driverVersionComparator>EQUAL</driverVersionComparator>    </gfxBlacklistEntry>
-    <gfxBlacklistEntry  blockID="g1215">      <os>WINNT 5.1</os>      <vendor>0x8086</vendor>            <feature>HARDWARE_VIDEO_DECODING</feature>      <featureStatus>BLOCKED_DRIVER_VERSION</featureStatus>      <driverVersion>10.18.10.3947</driverVersion>      <driverVersionComparator>EQUAL</driverVersionComparator>    </gfxBlacklistEntry>
-    <gfxBlacklistEntry  blockID="g1216">      <os>WINNT 5.2</os>      <vendor>0x8086</vendor>            <feature>HARDWARE_VIDEO_DECODING</feature>      <featureStatus>BLOCKED_DRIVER_VERSION</featureStatus>      <driverVersion>10.18.10.3947</driverVersion>      <driverVersionComparator>EQUAL</driverVersionComparator>    </gfxBlacklistEntry>
-    <gfxBlacklistEntry  blockID="g1217">      <os>WINNT 6.0</os>      <vendor>0x8086</vendor>            <feature>HARDWARE_VIDEO_DECODING</feature>      <featureStatus>BLOCKED_DRIVER_VERSION</featureStatus>      <driverVersion>10.18.10.3947</driverVersion>      <driverVersionComparator>EQUAL</driverVersionComparator>    </gfxBlacklistEntry>
-    <gfxBlacklistEntry  blockID="g1218">      <os>WINNT 6.1</os>      <vendor>0x8086</vendor>            <feature>HARDWARE_VIDEO_DECODING</feature>      <featureStatus>BLOCKED_DRIVER_VERSION</featureStatus>      <driverVersion>10.18.10.3947</driverVersion>      <driverVersionComparator>EQUAL</driverVersionComparator>    </gfxBlacklistEntry>
-    <gfxBlacklistEntry  blockID="g1219">      <os>WINNT 6.2</os>      <vendor>0x8086</vendor>            <feature>HARDWARE_VIDEO_DECODING</feature>      <featureStatus>BLOCKED_DRIVER_VERSION</featureStatus>      <driverVersion>10.18.10.3947</driverVersion>      <driverVersionComparator>EQUAL</driverVersionComparator>    </gfxBlacklistEntry>
-    <gfxBlacklistEntry  blockID="g1220">      <os>WINNT 6.3</os>      <vendor>0x8086</vendor>            <feature>HARDWARE_VIDEO_DECODING</feature>      <featureStatus>BLOCKED_DRIVER_VERSION</featureStatus>      <driverVersion>10.18.10.3947</driverVersion>      <driverVersionComparator>EQUAL</driverVersionComparator>    </gfxBlacklistEntry>
-    <gfxBlacklistEntry  blockID="g1221">      <os>WINNT 10.0</os>      <vendor>0x8086</vendor>            <feature>HARDWARE_VIDEO_DECODING</feature>      <featureStatus>BLOCKED_DRIVER_VERSION</featureStatus>      <driverVersion>10.18.10.3947</driverVersion>      <driverVersionComparator>EQUAL</driverVersionComparator>    </gfxBlacklistEntry>
+            <featureStatus>BLOCKED_DRIVER_VERSION</featureStatus>      <driverVersion>8.15.10.2086</driverVersion>      <driverVersionComparator>EQUAL</driverVersionComparator></gfxBlacklistEntry>
+    <gfxBlacklistEntry  blockID="g1215">      <os>WINNT 5.1</os>      <vendor>0x8086</vendor>            <feature>HARDWARE_VIDEO_DECODING</feature>      <featureStatus>BLOCKED_DRIVER_VERSION</featureStatus>      <driverVersion>10.18.10.3947</driverVersion>      <driverVersionComparator>EQUAL</driverVersionComparator></gfxBlacklistEntry>
+    <gfxBlacklistEntry  blockID="g1216">      <os>WINNT 5.2</os>      <vendor>0x8086</vendor>            <feature>HARDWARE_VIDEO_DECODING</feature>      <featureStatus>BLOCKED_DRIVER_VERSION</featureStatus>      <driverVersion>10.18.10.3947</driverVersion>      <driverVersionComparator>EQUAL</driverVersionComparator></gfxBlacklistEntry>
+    <gfxBlacklistEntry  blockID="g1217">      <os>WINNT 6.0</os>      <vendor>0x8086</vendor>            <feature>HARDWARE_VIDEO_DECODING</feature>      <featureStatus>BLOCKED_DRIVER_VERSION</featureStatus>      <driverVersion>10.18.10.3947</driverVersion>      <driverVersionComparator>EQUAL</driverVersionComparator></gfxBlacklistEntry>
+    <gfxBlacklistEntry  blockID="g1218">      <os>WINNT 6.1</os>      <vendor>0x8086</vendor>            <feature>HARDWARE_VIDEO_DECODING</feature>      <featureStatus>BLOCKED_DRIVER_VERSION</featureStatus>      <driverVersion>10.18.10.3947</driverVersion>      <driverVersionComparator>EQUAL</driverVersionComparator></gfxBlacklistEntry>
+    <gfxBlacklistEntry  blockID="g1219">      <os>WINNT 6.2</os>      <vendor>0x8086</vendor>            <feature>HARDWARE_VIDEO_DECODING</feature>      <featureStatus>BLOCKED_DRIVER_VERSION</featureStatus>      <driverVersion>10.18.10.3947</driverVersion>      <driverVersionComparator>EQUAL</driverVersionComparator></gfxBlacklistEntry>
+    <gfxBlacklistEntry  blockID="g1220">      <os>WINNT 6.3</os>      <vendor>0x8086</vendor>            <feature>HARDWARE_VIDEO_DECODING</feature>      <featureStatus>BLOCKED_DRIVER_VERSION</featureStatus>      <driverVersion>10.18.10.3947</driverVersion>      <driverVersionComparator>EQUAL</driverVersionComparator></gfxBlacklistEntry>
+    <gfxBlacklistEntry  blockID="g1221">      <os>WINNT 10.0</os>      <vendor>0x8086</vendor>            <feature>HARDWARE_VIDEO_DECODING</feature>      <featureStatus>BLOCKED_DRIVER_VERSION</featureStatus>      <driverVersion>10.18.10.3947</driverVersion>      <driverVersionComparator>EQUAL</driverVersionComparator></gfxBlacklistEntry>
+    <gfxBlacklistEntry  blockID="g1251">      <os>WINNT 5.1</os>      <vendor>0x8086</vendor>            <feature>WEBGL_ANGLE</feature>      <featureStatus>BLOCKED_DRIVER_VERSION</featureStatus>      <driverVersion>6.14.10.5218</driverVersion>      <driverVersionComparator>LESS_THAN</driverVersionComparator><versionRange  maxVersion="49.9" /></gfxBlacklistEntry>
     </gfxItems>
 
   <certItems>
         <certItem issuerName="MIGQMQswCQYDVQQGEwJHQjEbMBkGA1UECBMSR3JlYXRlciBNYW5jaGVzdGVyMRAwDgYDVQQHEwdTYWxmb3JkMRowGAYDVQQKExFDT01PRE8gQ0EgTGltaXRlZDE2MDQGA1UEAxMtQ09NT0RPIFJTQSBEb21haW4gVmFsaWRhdGlvbiBTZWN1cmUgU2VydmVyIENB">
       <serialNumber>D9UltDPl4XVfSSqQOvdiwQ==</serialNumber>
     </certItem>
         <certItem issuerName="MDIxCzAJBgNVBAYTAkNOMQ4wDAYDVQQKEwVDTk5JQzETMBEGA1UEAxMKQ05OSUMgUk9PVA==">
       <serialNumber>STMAjg==</serialNumber>
@@ -3688,20 +3781,20 @@
       <serialNumber>ARQ=</serialNumber>
     </certItem>
         <certItem issuerName="MGcxCzAJBgNVBAYTAkRFMRMwEQYDVQQKEwpGcmF1bmhvZmVyMSEwHwYDVQQLExhGcmF1bmhvZmVyIENvcnBvcmF0ZSBQS0kxIDAeBgNVBAMTF0ZyYXVuaG9mZXIgUm9vdCBDQSAyMDA3">
       <serialNumber>YR3YYQAAAAAABA==</serialNumber>
     </certItem>
         <certItem issuerName="MGExCzAJBgNVBAYTAk5MMR4wHAYDVQQKDBVTdGFhdCBkZXIgTmVkZXJsYW5kZW4xMjAwBgNVBAMMKVN0YWF0IGRlciBOZWRlcmxhbmRlbiBPcmdhbmlzYXRpZSBDQSAtIEcy">
       <serialNumber>ATE0vw==</serialNumber>
     </certItem>
-        <certItem issuerName="MFkxCzAJBgNVBAYTAk5MMR4wHAYDVQQKExVTdGFhdCBkZXIgTmVkZXJsYW5kZW4xKjAoBgNVBAMTIVN0YWF0IGRlciBOZWRlcmxhbmRlbiBPdmVyaGVpZCBDQQ">
+        <certItem issuerName="MFkxCzAJBgNVBAYTAk5MMR4wHAYDVQQKExVTdGFhdCBkZXIgTmVkZXJsYW5kZW4xKjAoBgNVBAMTIVN0YWF0IGRlciBOZWRlcmxhbmRlbiBPdmVyaGVpZCBDQQ==">
       <serialNumber>ATFpsA==</serialNumber>
     </certItem>
-        <certItem issuerName="MFkxCzAJBgNVBAYTAk5MMR4wHAYDVQQKExVTdGFhdCBkZXIgTmVkZXJsYW5kZW4xKjAoBgNVBAMTIVN0YWF0IGRlciBOZWRlcmxhbmRlbiBPdmVyaGVpZCBDQQ">
+        <certItem issuerName="MFkxCzAJBgNVBAYTAk5MMR4wHAYDVQQKExVTdGFhdCBkZXIgTmVkZXJsYW5kZW4xKjAoBgNVBAMTIVN0YWF0IGRlciBOZWRlcmxhbmRlbiBPdmVyaGVpZCBDQQ==">
       <serialNumber>ATFEdg==</serialNumber>
     </certItem>
         <certItem issuerName="MDcxJDAiBgNVBAMTG1JDUyBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTEPMA0GA1UEChMGSFQgc3Js">
       <serialNumber>AN9bfYOvlR1t</serialNumber>
     </certItem>
         <certItem issuerName="MEQxCzAJBgNVBAYTAlVTMRUwEwYDVQQKEwx0aGF3dGUsIEluYy4xHjAcBgNVBAMTFXRoYXd0ZSBFViBTU0wgQ0EgLSBHMw==">
       <serialNumber>CrTHPEE6AZSfI3jysin2bA==</serialNumber>
     </certItem>
@@ -4009,12 +4102,60 @@
       <serialNumber>QZBvapTZFvmYktEPsBYLQQ==</serialNumber>
     </certItem>
         <certItem issuerName="MIG1MQswCQYDVQQGEwJVUzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xHzAdBgNVBAsTFlZlcmlTaWduIFRydXN0IE5ldHdvcmsxOzA5BgNVBAsTMlRlcm1zIG9mIHVzZSBhdCBodHRwczovL3d3dy52ZXJpc2lnbi5jb20vcnBhIChjKTEwMS8wLQYDVQQDEyZWZXJpU2lnbiBDbGFzcyAzIFNlY3VyZSBTZXJ2ZXIgQ0EgLSBHMw==">
       <serialNumber>OqQ2rV0ISTc308Z/oQgzFw==</serialNumber>
     </certItem>
         <certItem issuerName="MIG1MQswCQYDVQQGEwJVUzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xHzAdBgNVBAsTFlZlcmlTaWduIFRydXN0IE5ldHdvcmsxOzA5BgNVBAsTMlRlcm1zIG9mIHVzZSBhdCBodHRwczovL3d3dy52ZXJpc2lnbi5jb20vcnBhIChjKTEwMS8wLQYDVQQDEyZWZXJpU2lnbiBDbGFzcyAzIFNlY3VyZSBTZXJ2ZXIgQ0EgLSBHMw==">
       <serialNumber>NvEJoRYL2yvAZrAjbDIipQ==</serialNumber>
     </certItem>
+        <certItem issuerName="MIG8MQswCQYDVQQGEwJVUzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xHzAdBgNVBAsTFlZlcmlTaWduIFRydXN0IE5ldHdvcmsxOzA5BgNVBAsTMlRlcm1zIG9mIHVzZSBhdCBodHRwczovL3d3dy52ZXJpc2lnbi5jb20vcnBhIChjKTEwMTYwNAYDVQQDEy1WZXJpU2lnbiBDbGFzcyAzIEludGVybmF0aW9uYWwgU2VydmVyIENBIC0gRzM=">
+      <serialNumber>fWK0j/Vi8vNWg3VAGjc02w==</serialNumber>
+    </certItem>
+        <certItem issuerName="MIG8MQswCQYDVQQGEwJVUzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xHzAdBgNVBAsTFlZlcmlTaWduIFRydXN0IE5ldHdvcmsxOzA5BgNVBAsTMlRlcm1zIG9mIHVzZSBhdCBodHRwczovL3d3dy52ZXJpc2lnbi5jb20vcnBhIChjKTEwMTYwNAYDVQQDEy1WZXJpU2lnbiBDbGFzcyAzIEludGVybmF0aW9uYWwgU2VydmVyIENBIC0gRzM=">
+      <serialNumber>UUFV3S2cUidOOv7ESN65Ng==</serialNumber>
+    </certItem>
+        <certItem issuerName="MIG8MQswCQYDVQQGEwJVUzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xHzAdBgNVBAsTFlZlcmlTaWduIFRydXN0IE5ldHdvcmsxOzA5BgNVBAsTMlRlcm1zIG9mIHVzZSBhdCBodHRwczovL3d3dy52ZXJpc2lnbi5jb20vcnBhIChjKTEwMTYwNAYDVQQDEy1WZXJpU2lnbiBDbGFzcyAzIEludGVybmF0aW9uYWwgU2VydmVyIENBIC0gRzM=">
+      <serialNumber>bzTw0uq05TUYEGS98bh0Ww==</serialNumber>
+    </certItem>
+        <certItem issuerName="MIG8MQswCQYDVQQGEwJVUzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xHzAdBgNVBAsTFlZlcmlTaWduIFRydXN0IE5ldHdvcmsxOzA5BgNVBAsTMlRlcm1zIG9mIHVzZSBhdCBodHRwczovL3d3dy52ZXJpc2lnbi5jb20vcnBhIChjKTEwMTYwNAYDVQQDEy1WZXJpU2lnbiBDbGFzcyAzIEludGVybmF0aW9uYWwgU2VydmVyIENBIC0gRzM=">
+      <serialNumber>GtXUVojhwOTkaQ4bTKblEQ==</serialNumber>
+    </certItem>
+        <certItem issuerName="MIG8MQswCQYDVQQGEwJVUzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xHzAdBgNVBAsTFlZlcmlTaWduIFRydXN0IE5ldHdvcmsxOzA5BgNVBAsTMlRlcm1zIG9mIHVzZSBhdCBodHRwczovL3d3dy52ZXJpc2lnbi5jb20vcnBhIChjKTEwMTYwNAYDVQQDEy1WZXJpU2lnbiBDbGFzcyAzIEludGVybmF0aW9uYWwgU2VydmVyIENBIC0gRzM=">
+      <serialNumber>BYyEX2b5+K+myAIR7eXaRQ==</serialNumber>
+    </certItem>
+        <certItem issuerName="MIG8MQswCQYDVQQGEwJVUzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xHzAdBgNVBAsTFlZlcmlTaWduIFRydXN0IE5ldHdvcmsxOzA5BgNVBAsTMlRlcm1zIG9mIHVzZSBhdCBodHRwczovL3d3dy52ZXJpc2lnbi5jb20vcnBhIChjKTEwMTYwNAYDVQQDEy1WZXJpU2lnbiBDbGFzcyAzIEludGVybmF0aW9uYWwgU2VydmVyIENBIC0gRzM=">
+      <serialNumber>VN2yeFexyXjPf34fHGmbhg==</serialNumber>
+    </certItem>
+        <certItem issuerName="MIG8MQswCQYDVQQGEwJVUzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xHzAdBgNVBAsTFlZlcmlTaWduIFRydXN0IE5ldHdvcmsxOzA5BgNVBAsTMlRlcm1zIG9mIHVzZSBhdCBodHRwczovL3d3dy52ZXJpc2lnbi5jb20vcnBhIChjKTEwMTYwNAYDVQQDEy1WZXJpU2lnbiBDbGFzcyAzIEludGVybmF0aW9uYWwgU2VydmVyIENBIC0gRzM=">
+      <serialNumber>A9GPKQ8jv9oIxfwiOy7qxQ==</serialNumber>
+    </certItem>
+        <certItem issuerName="MIG8MQswCQYDVQQGEwJVUzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xHzAdBgNVBAsTFlZlcmlTaWduIFRydXN0IE5ldHdvcmsxOzA5BgNVBAsTMlRlcm1zIG9mIHVzZSBhdCBodHRwczovL3d3dy52ZXJpc2lnbi5jb20vcnBhIChjKTEwMTYwNAYDVQQDEy1WZXJpU2lnbiBDbGFzcyAzIEludGVybmF0aW9uYWwgU2VydmVyIENBIC0gRzM=">
+      <serialNumber>J2La+q+JOURNWkX60OP2lQ==</serialNumber>
+    </certItem>
+        <certItem issuerName="MFAxCzAJBgNVBAYTAkpQMRgwFgYDVQQKEw9TRUNPTSBUcnVzdC5uZXQxJzAlBgNVBAsTHlNlY3VyaXR5IENvbW11bmljYXRpb24gUm9vdENBMQ==">
+      <serialNumber>Ermwxw==</serialNumber>
+    </certItem>
+        <certItem issuerName="MIHKMQswCQYDVQQGEwJVUzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xHzAdBgNVBAsTFlZlcmlTaWduIFRydXN0IE5ldHdvcmsxOjA4BgNVBAsTMShjKSAyMDA3IFZlcmlTaWduLCBJbmMuIC0gRm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxRTBDBgNVBAMTPFZlcmlTaWduIENsYXNzIDMgUHVibGljIFByaW1hcnkgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkgLSBHNA==">
+      <serialNumber>cXXMzbWDHMIdCotb3h64yw==</serialNumber>
+    </certItem>
+        <certItem issuerName="MDsxCzAJBgNVBAYTAkVTMREwDwYDVQQKDAhGTk1ULVJDTTEZMBcGA1UECwwQQUMgUkFJWiBGTk1ULVJDTQ==">
+      <serialNumber>BA==</serialNumber>
+    </certItem>
+        <certItem issuerName="MDsxCzAJBgNVBAYTAkVTMREwDwYDVQQKDAhGTk1ULVJDTTEZMBcGA1UECwwQQUMgUkFJWiBGTk1ULVJDTQ==">
+      <serialNumber>BQ==</serialNumber>
+    </certItem>
+        <certItem issuerName="MDsxCzAJBgNVBAYTAkVTMREwDwYDVQQKDAhGTk1ULVJDTTEZMBcGA1UECwwQQUMgUkFJWiBGTk1ULVJDTQ==">
+      <serialNumber>Bg==</serialNumber>
+    </certItem>
+        <certItem issuerName="MDsxCzAJBgNVBAYTAkVTMREwDwYDVQQKDAhGTk1ULVJDTTEZMBcGA1UECwwQQUMgUkFJWiBGTk1ULVJDTQ==">
+      <serialNumber>EA==</serialNumber>
+    </certItem>
+        <certItem issuerName="MDsxCzAJBgNVBAYTAkVTMREwDwYDVQQKDAhGTk1ULVJDTTEZMBcGA1UECwwQQUMgUkFJWiBGTk1ULVJDTQ==">
+      <serialNumber>EQ==</serialNumber>
+    </certItem>
+        <certItem issuerName="MDsxCzAJBgNVBAYTAkVTMREwDwYDVQQKDAhGTk1ULVJDTTEZMBcGA1UECwwQQUMgUkFJWiBGTk1ULVJDTQ==">
+      <serialNumber>Eg==</serialNumber>
+    </certItem>
       </certItems>
 
 
 </blocklist>
\ No newline at end of file
--- a/browser/themes/linux/browser.css
+++ b/browser/themes/linux/browser.css
@@ -1168,35 +1168,35 @@ notification[value="translation"] menuli
   border: 1px solid transparent;
 }
 
 .autocomplete-richlistitem[selected=true] {
   background-color: Highlight;
 }
 
 .ac-title {
-  font-size: 14px;
+  font-size: 1.05em;
 }
 
 .ac-tags {
-  font-size: 12px;
+  font-size: 0.9em;
 }
 
 html|span.ac-tag {
   background-color: MenuText;
   color: Menu;
   border-radius: 2px;
   border: 1px solid transparent;
   padding: 0 1px;
 }
 
 .ac-separator,
 .ac-url,
 .ac-action {
-  font-size: 12px;
+  font-size: 0.9em;
   color: -moz-nativehyperlinktext;
 }
 
 .ac-title[selected=true],
 .ac-separator[selected],
 .ac-url[selected=true],
 .ac-action[selected=true] {
   color: inherit !important;
--- a/browser/themes/shared/controlcenter/panel.inc.css
+++ b/browser/themes/shared/controlcenter/panel.inc.css
@@ -282,17 +282,17 @@
 }
 
 #identity-popup-securityView-footer > button {
   -moz-appearance: none;
   margin: 0;
   border: none;
   border-top: 1px solid var(--panel-separator-color);
   padding: 8px 20px;
-  color: ButtonText;
+  color: inherit;
   background-color: transparent;
 }
 
 #identity-popup-securityView-footer > button:hover,
 #identity-popup-securityView-footer > button:focus {
   background-color: hsla(210,4%,10%,.07);
 }
 
--- a/docshell/base/nsDocShell.cpp
+++ b/docshell/base/nsDocShell.cpp
@@ -3311,17 +3311,18 @@ nsDocShell::RecomputeCanExecuteScripts()
   }
 }
 
 nsresult
 nsDocShell::SetDocLoaderParent(nsDocLoader* aParent)
 {
   bool wasFrame = IsFrame();
 
-  nsDocLoader::SetDocLoaderParent(aParent);
+  nsresult rv = nsDocLoader::SetDocLoaderParent(aParent);
+  NS_ENSURE_SUCCESS(rv, rv);
 
   nsCOMPtr<nsISupportsPriority> priorityGroup = do_QueryInterface(mLoadGroup);
   if (wasFrame != IsFrame() && priorityGroup) {
     priorityGroup->AdjustPriority(wasFrame ? -1 : 1);
   }
 
   // Curse ambiguous nsISupports inheritance!
   nsISupports* parent = GetAsSupports(aParent);
@@ -4031,17 +4032,18 @@ nsDocShell::AddChild(nsIDocShellTreeItem
       return NS_ERROR_ILLEGAL_VALUE;
     }
     ancestor = ancestor->GetParent();
   } while (ancestor);
 
   // Make sure to remove the child from its current parent.
   nsDocLoader* childsParent = childAsDocLoader->GetParent();
   if (childsParent) {
-    childsParent->RemoveChildLoader(childAsDocLoader);
+    nsresult rv = childsParent->RemoveChildLoader(childAsDocLoader);
+    NS_ENSURE_SUCCESS(rv, rv);
   }
 
   // Make sure to clear the treeowner in case this child is a different type
   // from us.
   aChild->SetTreeOwner(nullptr);
 
   nsresult res = AddChildLoader(childAsDocLoader);
   NS_ENSURE_SUCCESS(res, res);
--- a/dom/animation/Animation.cpp
+++ b/dom/animation/Animation.cpp
@@ -385,17 +385,17 @@ Animation::PlayState() const
     return AnimationPlayState::Idle;
   }
 
   if (mStartTime.IsNull()) {
     return AnimationPlayState::Paused;
   }
 
   if ((mPlaybackRate > 0.0 && currentTime.Value() >= EffectEnd()) ||
-      (mPlaybackRate < 0.0 && currentTime.Value().ToMilliseconds() <= 0.0)) {
+      (mPlaybackRate < 0.0 && currentTime.Value() <= TimeDuration()))  {
     return AnimationPlayState::Finished;
   }
 
   return AnimationPlayState::Running;
 }
 
 Promise*
 Animation::GetReady(ErrorResult& aRv)
@@ -925,23 +925,23 @@ Animation::PlayNoUpdate(ErrorResult& aRv
   AutoMutationBatchForAnimation mb(*this);
 
   bool abortedPause = mPendingState == PendingState::PausePending;
 
   Nullable<TimeDuration> currentTime = GetCurrentTime();
   if (mPlaybackRate > 0.0 &&
       (currentTime.IsNull() ||
        (aLimitBehavior == LimitBehavior::AutoRewind &&
-        (currentTime.Value().ToMilliseconds() < 0.0 ||
+        (currentTime.Value() < TimeDuration() ||
          currentTime.Value() >= EffectEnd())))) {
     mHoldTime.SetValue(TimeDuration(0));
   } else if (mPlaybackRate < 0.0 &&
              (currentTime.IsNull() ||
               (aLimitBehavior == LimitBehavior::AutoRewind &&
-               (currentTime.Value().ToMilliseconds() <= 0.0 ||
+               (currentTime.Value() <= TimeDuration() ||
                 currentTime.Value() > EffectEnd())))) {
     if (EffectEnd() == TimeDuration::Forever()) {
       aRv.Throw(NS_ERROR_DOM_INVALID_STATE_ERR);
       return;
     }
     mHoldTime.SetValue(TimeDuration(EffectEnd()));
   } else if (mPlaybackRate == 0.0 && currentTime.IsNull()) {
     mHoldTime.SetValue(TimeDuration(0));
@@ -1131,17 +1131,17 @@ Animation::UpdateFinishedState(SeekFlag 
         mHoldTime = currentTime;
       } else if (!mPreviousCurrentTime.IsNull()) {
         mHoldTime.SetValue(std::max(mPreviousCurrentTime.Value(), effectEnd));
       } else {
         mHoldTime.SetValue(effectEnd);
       }
     } else if (mPlaybackRate < 0.0 &&
                !currentTime.IsNull() &&
-               currentTime.Value().ToMilliseconds() <= 0.0) {
+               currentTime.Value() <= TimeDuration()) {
       if (aSeekFlag == SeekFlag::DidSeek) {
         mHoldTime = currentTime;
       } else if (!mPreviousCurrentTime.IsNull()) {
         mHoldTime.SetValue(std::min(mPreviousCurrentTime.Value(),
                                     TimeDuration(0)));
       } else {
         mHoldTime.SetValue(0);
       }
--- a/dom/animation/KeyframeEffect.cpp
+++ b/dom/animation/KeyframeEffect.cpp
@@ -1158,17 +1158,17 @@ KeyframeEffectReadOnly::SetPerformanceWa
       }
       return;
     }
   }
 }
 
 static already_AddRefed<nsStyleContext>
 CreateStyleContextForAnimationValue(nsCSSPropertyID aProperty,
-                                    StyleAnimationValue aValue,
+                                    const StyleAnimationValue& aValue,
                                     nsStyleContext* aBaseStyleContext)
 {
   MOZ_ASSERT(aBaseStyleContext,
              "CreateStyleContextForAnimationValue needs to be called "
              "with a valid nsStyleContext");
 
   RefPtr<AnimValuesStyleRule> styleRule = new AnimValuesStyleRule();
   styleRule->AddValue(aProperty, aValue);
--- a/dom/animation/KeyframeUtils.cpp
+++ b/dom/animation/KeyframeUtils.cpp
@@ -378,18 +378,17 @@ HasValidOffsets(const nsTArray<Keyframe>
 
 static void
 MarkAsComputeValuesFailureKey(PropertyValuePair& aPair);
 
 static bool
 IsComputeValuesFailureKey(const PropertyValuePair& aPair);
 
 static void
-BuildSegmentsFromValueEntries(nsStyleContext* aStyleContext,
-                              nsTArray<KeyframeValueEntry>& aEntries,
+BuildSegmentsFromValueEntries(nsTArray<KeyframeValueEntry>& aEntries,
                               nsTArray<AnimationProperty>& aResult);
 
 static void
 GetKeyframeListFromPropertyIndexedKeyframe(JSContext* aCx,
                                            nsIDocument* aDocument,
                                            JS::Handle<JS::Value> aValue,
                                            nsTArray<Keyframe>& aResult,
                                            ErrorResult& aRv);
@@ -662,17 +661,17 @@ KeyframeUtils::GetAnimationPropertiesFro
       entry->mOffset = frame.mComputedOffset;
       entry->mProperty = value.mProperty;
       entry->mValue = value.mValue;
       entry->mTimingFunction = frame.mTimingFunction;
     }
   }
 
   nsTArray<AnimationProperty> result;
-  BuildSegmentsFromValueEntries(aStyleContext, entries, result);
+  BuildSegmentsFromValueEntries(entries, result);
   return result;
 }
 
 /* static */ bool
 KeyframeUtils::IsAnimatableProperty(nsCSSPropertyID aProperty)
 {
   if (aProperty == eCSSProperty_UNKNOWN) {
     return false;
@@ -1074,18 +1073,17 @@ IsComputeValuesFailureKey(const Property
            eCSSPropertyExtra_no_properties;
 }
 
 /**
  * Builds an array of AnimationProperty objects to represent the keyframe
  * animation segments in aEntries.
  */
 static void
-BuildSegmentsFromValueEntries(nsStyleContext* aStyleContext,
-                              nsTArray<KeyframeValueEntry>& aEntries,
+BuildSegmentsFromValueEntries(nsTArray<KeyframeValueEntry>& aEntries,
                               nsTArray<AnimationProperty>& aResult)
 {
   if (aEntries.IsEmpty()) {
     return;
   }
 
   // Sort the KeyframeValueEntry objects so that all entries for a given
   // property are together, and the entries are sorted by offset otherwise.
--- a/dom/animation/TimingParams.cpp
+++ b/dom/animation/TimingParams.cpp
@@ -157,33 +157,16 @@ TimingParams::ParseEasing(const nsAStrin
     case eCSSUnit_TokenStream:
     case eCSSUnit_Null:
       break;
     default:
       MOZ_ASSERT_UNREACHABLE("unexpected animation-timing-function unit");
       break;
   }
 
-  // Bug 1247004
-  //
-  // The Web Animations polyfill had a bug that translated 'linear' into
-  // the string 'function (a){return a}'. This bug has been fixed but older
-  // versions of the polyfill are still widely used. Google are collecting
-  // usage data on this but for now we need to *not* throw on
-  // 'function (a){return a}' or else a lot of sites will break.
-  //
-  // Instead, we should treat this string as equivalent to 'linear' and
-  // return Nothing().
-  //
-  // Chromium has a similar special case path for this string.
-  // See: https://bugs.chromium.org/p/chromium/issues/detail?id=601672
-  if (aEasing == NS_LITERAL_STRING("function (a){return a}")) {
-    return Nothing();
-  }
-
   aRv.ThrowTypeError<dom::MSG_INVALID_EASING_ERROR>(aEasing);
   return Nothing();
 }
 
 bool
 TimingParams::operator==(const TimingParams& aOther) const
 {
   return mDuration == aOther.mDuration &&
--- a/dom/base/nsDOMTokenList.cpp
+++ b/dom/base/nsDOMTokenList.cpp
@@ -5,17 +5,16 @@
  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
 
 /*
  * Implementation of DOMTokenList specified by HTML5.
  */
 
 #include "nsDOMTokenList.h"
 #include "nsAttrValue.h"
-#include "nsContentUtils.h"
 #include "nsError.h"
 #include "mozilla/dom/Element.h"
 #include "mozilla/dom/DOMTokenListBinding.h"
 #include "mozilla/ErrorResult.h"
 
 using namespace mozilla;
 using namespace mozilla::dom;
 
@@ -190,63 +189,26 @@ void
 nsDOMTokenList::RemoveInternal(const nsAttrValue* aAttr,
                                const nsTArray<nsString>& aTokens)
 {
   MOZ_ASSERT(aAttr, "Need an attribute");
 
   nsAutoString input;
   aAttr->ToString(input);
 
-  nsAString::const_iterator copyStart, tokenStart, iter, end;
-  input.BeginReading(iter);
-  input.EndReading(end);
-  copyStart = iter;
-
+  WhitespaceTokenizer tokenizer(input);
   nsAutoString output;
-  bool lastTokenRemoved = false;
-
-  while (iter != end) {
-    // skip whitespace.
-    while (iter != end && nsContentUtils::IsHTMLWhitespace(*iter)) {
-      ++iter;
-    }
-
-    if (iter == end) {
-      // At this point we're sure the last seen token (if any) wasn't to be
-      // removed. So the trailing spaces will need to be kept.
-      MOZ_ASSERT(!lastTokenRemoved, "How did this happen?");
 
-      output.Append(Substring(copyStart, end));
-      break;
-    }
-
-    tokenStart = iter;
-    do {
-      ++iter;
-    } while (iter != end && !nsContentUtils::IsHTMLWhitespace(*iter));
-
-    if (aTokens.Contains(Substring(tokenStart, iter))) {
-
-      // Skip whitespace after the token, it will be collapsed.
-      while (iter != end && nsContentUtils::IsHTMLWhitespace(*iter)) {
-        ++iter;
-      }
-      copyStart = iter;
-      lastTokenRemoved = true;
-
-    } else {
-
-      if (lastTokenRemoved && !output.IsEmpty()) {
-        MOZ_ASSERT(!nsContentUtils::IsHTMLWhitespace(output.Last()),
-                   "Invalid last output token");
+  while (tokenizer.hasMoreTokens()) {
+    auto& currentToken = tokenizer.nextToken();
+    if (!aTokens.Contains(currentToken)) {
+      if (!output.IsEmpty()) {
         output.Append(char16_t(' '));
       }
-      lastTokenRemoved = false;
-      output.Append(Substring(copyStart, iter));
-      copyStart = iter;
+      output.Append(currentToken);
     }
   }
 
   mElement->SetAttr(kNameSpaceID_None, mAttrAtom, output, true);
 }
 
 void
 nsDOMTokenList::Remove(const nsTArray<nsString>& aTokens, ErrorResult& aError)
@@ -324,27 +286,56 @@ nsDOMTokenList::Replace(const nsAString&
   }
 
   aError = CheckToken(aNewToken);
   if (aError.Failed()) {
     return;
   }
 
   const nsAttrValue* attr = GetParsedAttr();
-  if (!attr || !attr->Contains(aToken)) {
+  if (!attr) {
     return;
   }
 
-  AutoTArray<nsString, 1> tokens;
+  ReplaceInternal(attr, aToken, aNewToken);
+}
+
+void
+nsDOMTokenList::ReplaceInternal(const nsAttrValue* aAttr,
+                                const nsAString& aToken,
+                                const nsAString& aNewToken)
+{
+  nsAutoString attribute;
+  aAttr->ToString(attribute);
+
+  nsAutoString result;
+  WhitespaceTokenizer tokenizer(attribute);
 
-  tokens.AppendElement(aToken);
-  RemoveInternal(attr, tokens);
+  bool sawIt = false;
+  while (tokenizer.hasMoreTokens()) {
+    auto currentToken = tokenizer.nextToken();
+    if (currentToken.Equals(aToken) || currentToken.Equals(aNewToken)) {
+      if (!sawIt) {
+        sawIt = true;
+        if (!result.IsEmpty()) {
+          result.Append(char16_t(' '));
+        }
+        result.Append(aNewToken);
+      }
+    } else {
+      if (!result.IsEmpty()) {
+        result.Append(char16_t(' '));
+      }
+      result.Append(currentToken);
+    }
+  }
 
-  tokens[0] = aNewToken;
-  AddInternal(attr, tokens);
+  if (sawIt) {
+    mElement->SetAttr(kNameSpaceID_None, mAttrAtom, result, true);
+  }
 }
 
 bool
 nsDOMTokenList::Supports(const nsAString& aToken,
                          ErrorResult& aError)
 {
   if (!mSupportedTokens) {
     aError.ThrowTypeError<MSG_TOKENLIST_NO_SUPPORTED_TOKENS>(
--- a/dom/base/nsDOMTokenList.h
+++ b/dom/base/nsDOMTokenList.h
@@ -7,17 +7,19 @@
 /*
  * Implementation of DOMTokenList specified by HTML5.
  */
 
 #ifndef nsDOMTokenList_h___
 #define nsDOMTokenList_h___
 
 #include "nsCOMPtr.h"
+#include "nsContentUtils.h"
 #include "nsDOMString.h"
+#include "nsWhitespaceTokenizer.h"
 #include "nsWrapperCache.h"
 #include "mozilla/dom/Element.h"
 #include "mozilla/dom/BindingDeclarations.h"
 #include "mozilla/dom/DOMTokenListSupportedTokens.h"
 
 namespace mozilla {
 class ErrorResult;
 
@@ -28,16 +30,18 @@ class nsIAtom;
 
 // nsISupports must be on the primary inheritance chain
 
 class nsDOMTokenList : public nsISupports,
                        public nsWrapperCache
 {
 protected:
   typedef mozilla::dom::Element Element;
+  typedef nsWhitespaceTokenizerTemplate<nsContentUtils::IsHTMLWhitespace>
+    WhitespaceTokenizer;
 
 public:
   NS_DECL_CYCLE_COLLECTING_ISUPPORTS
   NS_DECL_CYCLE_COLLECTION_SCRIPT_HOLDER_CLASS(nsDOMTokenList)
 
   nsDOMTokenList(Element* aElement, nsIAtom* aAttrAtom,
                  const mozilla::dom::DOMTokenListSupportedTokenArray = nullptr);
 
@@ -82,16 +86,19 @@ protected:
   virtual ~nsDOMTokenList();
 
   nsresult CheckToken(const nsAString& aStr);
   nsresult CheckTokens(const nsTArray<nsString>& aStr);
   void AddInternal(const nsAttrValue* aAttr,
                    const nsTArray<nsString>& aTokens);
   void RemoveInternal(const nsAttrValue* aAttr,
                       const nsTArray<nsString>& aTokens);
+  void ReplaceInternal(const nsAttrValue* aAttr,
+                       const nsAString& aToken,
+                       const nsAString& aNewToken);
   inline const nsAttrValue* GetParsedAttr();
 
   nsCOMPtr<Element> mElement;
   nsCOMPtr<nsIAtom> mAttrAtom;
   const mozilla::dom::DOMTokenListSupportedTokenArray mSupportedTokens;
 };
 
 #endif // nsDOMTokenList_h___
--- a/dom/base/test/test_classList.html
+++ b/dom/base/test/test_classList.html
@@ -303,46 +303,46 @@ function testClassList(e) {
   }
 
   checkRemove(null, "", null, "SyntaxError");
   checkRemove(null, " ", null, "InvalidCharacterError");
   checkRemove(null, "aa ", null, "InvalidCharacterError");
 
   checkRemove(null, "a", null);
   checkRemove("", "a", "");
-  checkRemove("a b  c", "d", "a b  c");
-  checkRemove("a b  c", "A", "a b  c");
+  checkRemove("a b  c", "d", "a b c");
+  checkRemove("a b  c", "A", "a b c");
   checkRemove(" a a a ", "a", "");
   checkRemove("a  b", "a", "b");
-  checkRemove("a  b  ", "a", "b  ");
+  checkRemove("a  b  ", "a", "b");
   checkRemove("a a b", "a", "b");
   checkRemove("aa aa bb", "aa", "bb");
   checkRemove("a a b a a c a a", "a", "b c");
 
   checkRemove("a  b  c", "b", "a c");
   checkRemove("aaa  bbb  ccc", "bbb", "aaa ccc");
-  checkRemove(" a  b  c ", "b", " a c ");
+  checkRemove(" a  b  c ", "b", "a c");
   checkRemove("a b b b c", "b", "a c");
 
-  checkRemove("a  b  c", "c", "a  b");
-  checkRemove(" a  b  c ", "c", " a  b");
+  checkRemove("a  b  c", "c", "a b");
+  checkRemove(" a  b  c ", "c", "a b");
   checkRemove("a b c c c", "c", "a b");
 
   checkRemove("a b a c a d a", "a", "b c d");
   checkRemove("AA BB aa CC AA dd aa", "AA", "BB aa CC dd aa");
 
   checkRemove("\ra\na\ta\f", "a", "");
 
   // multiple remove
-  checkRemove("a b c ", ["d", "e"], "a b c ");
-  checkRemove("a b c ", ["a", "b"], "c ");
+  checkRemove("a b c ", ["d", "e"], "a b c");
+  checkRemove("a b c ", ["a", "b"], "c");
   checkRemove("a b c ", ["a", "c"], "b");
-  checkRemove("a b c ", ["a", "a"], "b c ");
-  checkRemove("a b c ", ["d", "d"], "a b c ");
-  checkRemove("a b c ", [], "a b c ");
+  checkRemove("a b c ", ["a", "a"], "b c");
+  checkRemove("a b c ", ["d", "d"], "a b c");
+  checkRemove("a b c ", [], "a b c");
   checkRemove(null, ["a", "b"], null);
   checkRemove("", ["a", "b"], "");
 
   // Test for bug 530171
   checkRemove("null", null, "");
   checkRemove("undefined", undefined, "");
 
   // toggle() method
@@ -361,20 +361,20 @@ function testClassList(e) {
   checkToggle("a", "b", true, "a b");
   checkToggle("a", "A", true, "a A");
   checkToggle("a b c", "d", true, "a b c d");
   checkToggle("a b c", "d", true, "a b c d");
 
   checkToggle("a", "a", false, "");
   checkToggle(" a a a ", "a", false, "");
   checkToggle(" A A A ", "a", true, " A A A a");
-  checkToggle(" a b c ", "b", false, " a c ");
-  checkToggle(" a b c b b", "b", false, " a c");
-  checkToggle(" a b  c  ", "c", false, " a b");
-  checkToggle(" a b c ", "a", false, "b c ");
+  checkToggle(" a b c ", "b", false, "a c");
+  checkToggle(" a b c b b", "b", false, "a c");
+  checkToggle(" a b  c  ", "c", false, "a b");
+  checkToggle(" a b c ", "a", false, "b c");
 
   // Test for bug 530171
   checkToggle("null", null, false, "");
   checkToggle("", null, true, "null");
   checkToggle("undefined", undefined, false, "");
   checkToggle("", undefined, true, "undefined");
 
 
--- a/dom/bindings/CallbackObject.cpp
+++ b/dom/bindings/CallbackObject.cpp
@@ -268,19 +268,21 @@ CallbackObject::CallSetup::~CallSetup()
 
     if (needToDealWithException) {
       // Either we're supposed to report our exceptions, or we're supposed to
       // re-throw them but we failed to get the exception value.  Either way,
       // we'll just report the pending exception, if any, once ~mAutoEntryScript
       // runs.  Note that we've already run ~mAc, effectively, so we don't have
       // to worry about ordering here.
       if (mErrorResult.IsJSContextException()) {
-        // XXXkhuey bug 1117269.
-        // This won't be true anymore because we will report the exception on
-        // the JSContext ... so throw something else.
+        // XXXkhuey bug 1117269.  When this is fixed, please consider fixing
+        // ThrowExceptionValueIfSafe over in Exceptions.cpp in the same way.
+
+        // IsJSContextException shouldn't be true anymore because we will report
+        // the exception on the JSContext ... so throw something else.
         mErrorResult.Throw(NS_ERROR_UNEXPECTED);
       }
     }
   }
 
   mAutoIncumbentScript.reset();
   mAutoEntryScript.reset();
 
--- a/dom/bindings/Exceptions.cpp
+++ b/dom/bindings/Exceptions.cpp
@@ -20,46 +20,83 @@
 #include "nsThreadUtils.h"
 #include "XPCWrapper.h"
 #include "WorkerPrivate.h"
 #include "nsContentUtils.h"
 
 namespace mozilla {
 namespace dom {
 
-bool
+// Throw the given exception value if it's safe.  If it's not safe, then
+// synthesize and throw a new exception value for NS_ERROR_UNEXPECTED.  The
+// incoming value must be in the compartment of aCx.  This function guarantees
+// that an exception is pending on aCx when it returns.
+static void
+ThrowExceptionValueIfSafe(JSContext* aCx, JS::Handle<JS::Value> exnVal,
+                          nsIException* aOriginalException)
+{
+  MOZ_ASSERT(aOriginalException);
+
+  if (!exnVal.isObject()) {
+    JS_SetPendingException(aCx, exnVal);
+    return;
+  }
+
+  JS::Rooted<JSObject*> exnObj(aCx, &exnVal.toObject());
+  MOZ_ASSERT(js::IsObjectInContextCompartment(exnObj, aCx),
+             "exnObj needs to be in the right compartment for the "
+             "CheckedUnwrap thing to make sense");
+
+  if (js::CheckedUnwrap(exnObj)) {
+    // This is an object we're allowed to work with, so just go ahead and throw
+    // it.
+    JS_SetPendingException(aCx, exnVal);
+    return;
+  }
+
+  // We could probably Throw(aCx, NS_ERROR_UNEXPECTED) here, and it would do the
+  // right thing due to there not being an existing exception on the runtime at
+  // this point, but it's clearer to explicitly do the thing we want done.  This
+  // is also why we don't just call ThrowExceptionObject on the Exception we
+  // create: it would do the right thing, but that fact is not obvious.
+  RefPtr<Exception> syntheticException =
+    CreateException(aCx, NS_ERROR_UNEXPECTED);
+  JS::Rooted<JS::Value> syntheticVal(aCx);
+  if (!GetOrCreateDOMReflector(aCx, syntheticException, &syntheticVal)) {
+    return;
+  }
+  MOZ_ASSERT(syntheticVal.isObject() &&
+             !js::IsWrapper(&syntheticVal.toObject()),
+             "Must have a reflector here, not a wrapper");
+  JS_SetPendingException(aCx, syntheticVal);
+}
+
+void
 ThrowExceptionObject(JSContext* aCx, nsIException* aException)
 {
   // See if we really have an Exception.
   nsCOMPtr<Exception> exception = do_QueryInterface(aException);
   if (exception) {
-    return ThrowExceptionObject(aCx, exception);
+    ThrowExceptionObject(aCx, exception);
+    return;
   }
 
   // We only have an nsIException (probably an XPCWrappedJS).  Fall back on old
   // wrapping.
   MOZ_ASSERT(NS_IsMainThread());
 
-  JS::Rooted<JSObject*> glob(aCx, JS::CurrentGlobalOrNull(aCx));
-  if (!glob) {
-    // XXXbz Can this really be null here?
-    return false;
-  }
-
   JS::Rooted<JS::Value> val(aCx);
   if (!WrapObject(aCx, aException, &NS_GET_IID(nsIException), &val)) {
-    return false;
+    return;
   }
 
-  JS_SetPendingException(aCx, val);
-
-  return true;
+  ThrowExceptionValueIfSafe(aCx, val, aException);
 }
 
-bool
+void
 ThrowExceptionObject(JSContext* aCx, Exception* aException)
 {
   JS::Rooted<JS::Value> thrown(aCx);
 
   // If we stored the original thrown JS value in the exception
   // (see XPCConvert::ConstructException) and we are in a web context
   // (i.e., not chrome), rethrow the original value. This only applies to JS
   // implemented components so we only need to check for this on the main
@@ -71,43 +108,32 @@ ThrowExceptionObject(JSContext* aCx, Exc
     // thrown was an nsresult value.  In that situation, we should go back
     // through dom::Throw with that nsresult value, because it will make sure to
     // create the right sort of Exception or DOMException, with the right
     // global.
     if (thrown.isNumber()) {
       nsresult exceptionResult;
       if (NS_SUCCEEDED(aException->GetResult(&exceptionResult)) &&
           double(exceptionResult) == thrown.toNumber()) {
-        // The return value semantics here are a bit weird.  Throw() always
-        // returns false.  But we want to return true if we managed to throw an
-        // exception (otherwise our caller will assume OOM)... which Throw()
-        // always will.  So we just return true unconditionally.
         Throw(aCx, exceptionResult);
-        return true;
+        return;
       }
     }
     if (!JS_WrapValue(aCx, &thrown)) {
-      return false;
+      return;
     }
-    JS_SetPendingException(aCx, thrown);
-    return true;
-  }
-
-  JS::Rooted<JSObject*> glob(aCx, JS::CurrentGlobalOrNull(aCx));
-  if (!glob) {
-    // XXXbz Can this actually be null here?
-    return false;
+    ThrowExceptionValueIfSafe(aCx, thrown, aException);
+    return;
   }
 
   if (!GetOrCreateDOMReflector(aCx, aException, &thrown)) {
-    return false;
+    return;
   }
 
-  JS_SetPendingException(aCx, thrown);
-  return true;
+  ThrowExceptionValueIfSafe(aCx, thrown, aException);
 }
 
 bool
 Throw(JSContext* aCx, nsresult aRv, const nsACString& aMessage)
 {
   if (aRv == NS_ERROR_UNCATCHABLE_EXCEPTION) {
     // Nuke any existing exception on aCx, to make sure we're uncatchable.
     JS_ClearPendingException(aCx);
@@ -127,34 +153,25 @@ Throw(JSContext* aCx, nsresult aRv, cons
   runtime->SetPendingException(nullptr);
 
   // Ignore the pending exception if we have a non-default message passed in.
   if (aMessage.IsEmpty() && existingException) {
     nsresult nr;
     if (NS_SUCCEEDED(existingException->GetResult(&nr)) &&
         aRv == nr) {
       // Reuse the existing exception.
-      if (!ThrowExceptionObject(aCx, existingException)) {
-        // If we weren't able to throw an exception we're
-        // most likely out of memory
-        JS_ReportOutOfMemory(aCx);
-      }
+      ThrowExceptionObject(aCx, existingException);
       return false;
     }
   }
 
   RefPtr<Exception> finalException = CreateException(aCx, aRv, aMessage);
+  MOZ_ASSERT(finalException);
 
-  MOZ_ASSERT(finalException);
-  if (!ThrowExceptionObject(aCx, finalException)) {
-    // If we weren't able to throw an exception we're
-    // most likely out of memory
-    JS_ReportOutOfMemory(aCx);
-  }
-
+  ThrowExceptionObject(aCx, finalException);
   return false;
 }
 
 void
 ThrowAndReport(nsPIDOMWindowInner* aWindow, nsresult aRv)
 {
   MOZ_ASSERT(aRv != NS_ERROR_UNCATCHABLE_EXCEPTION,
              "Doesn't make sense to report uncatchable exceptions!");
--- a/dom/bindings/Exceptions.h
+++ b/dom/bindings/Exceptions.h
@@ -29,20 +29,21 @@ class Exception;
 // message for the nsresult in question will be used.
 bool
 Throw(JSContext* cx, nsresult rv, const nsACString& message = EmptyCString());
 
 // Create, throw and report an exception to a given window.
 void
 ThrowAndReport(nsPIDOMWindowInner* aWindow, nsresult aRv);
 
-bool
+// Both signatures of ThrowExceptionObject guarantee that an exception is set on
+// aCx before they return.
+void
 ThrowExceptionObject(JSContext* aCx, Exception* aException);
-
-bool
+void
 ThrowExceptionObject(JSContext* aCx, nsIException* aException);
 
 // Create an exception object for the given nsresult and message but don't set
 // it pending on aCx.  If we're throwing a DOMException and aMessage is empty,
 // the default message for the nsresult in question will be used.
 //
 // This never returns null.
 already_AddRefed<Exception>
--- a/dom/bindings/test/mochitest.ini
+++ b/dom/bindings/test/mochitest.ini
@@ -69,8 +69,10 @@ skip-if = debug == false
 [test_bug1123516_maplikesetlike.html]
 skip-if = debug == false
 [test_jsimplemented_eventhandler.html]
 skip-if = debug == false
 [test_iterable.html]
 skip-if = debug == false
 [test_oom_reporting.html]
 [test_domProxyArrayLengthGetter.html]
+[test_exceptionSanitization.html]
+skip-if = os == "android"
new file mode 100644
--- /dev/null
+++ b/dom/bindings/test/test_exceptionSanitization.html
@@ -0,0 +1,45 @@
+<!DOCTYPE HTML>
+<html>
+<!--
+https://bugzilla.mozilla.org/show_bug.cgi?id=1295322
+-->
+<head>
+  <meta charset="utf-8">
+  <title>Test for Bug 1295322</title>
+  <script type="application/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>
+  <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css"/>
+</head>
+<body>
+<a target="_blank" href="https://bugzilla.mozilla.org/show_bug.cgi?id=1295322">Mozilla Bug 1295322</a>
+<p id="display"></p>
+<div id="content" style="display: none">
+
+</div>
+<pre id="test">
+</pre>
+  <script type="application/javascript">
+
+  /** Test for Bug 1295322 **/
+  iframe = document.createElement('iframe');
+  iframe.name = "eWin";
+  document.body.appendChild(iframe);
+
+  try{
+    // NOTE: The idea here is to call something that will end up throwing an
+    // exception in a JS component and then propagate back to C++ code before
+    // returning to us.  If opening a feed: URI stops doing that, we will need a
+    // new guinea pig here.
+    open('feed://java:script:codeshouldgohere','eWin');
+    ok(false, "Should have thrown!");
+  } catch(e){
+    try {
+      is(e.name, "NS_ERROR_UNEXPECTED", "Should have the right exception");
+      is(e.filename, location.href,
+         "Should not be seeing where the exception really came from");
+    } catch (e2) {
+      ok(false, "Should be able to work with the exception");
+    }
+  }
+  </script>
+</body>
+</html>
--- a/dom/media/MediaDecoderStateMachine.cpp
+++ b/dom/media/MediaDecoderStateMachine.cpp
@@ -2850,25 +2850,27 @@ uint32_t MediaDecoderStateMachine::GetAm
 void
 MediaDecoderStateMachine::DumpDebugInfo()
 {
   MOZ_ASSERT(NS_IsMainThread());
 
   // It is fine to capture a raw pointer here because MediaDecoder only call
   // this function before shutdown begins.
   nsCOMPtr<nsIRunnable> r = NS_NewRunnableFunction([this] () {
+    mMediaSink->DumpDebugInfo();
     DUMP_LOG(
-      "GetMediaTime=%lld GetClock=%lld "
+      "GetMediaTime=%lld GetClock=%lld mMediaSink=%p "
       "mState=%s mPlayState=%d mDecodingFirstFrame=%d IsPlaying=%d "
       "mAudioStatus=%s mVideoStatus=%s mDecodedAudioEndTime=%lld mDecodedVideoEndTime=%lld "
-      "mIsAudioPrerolling=%d mIsVideoPrerolling=%d",
-      GetMediaTime(), mMediaSink->IsStarted() ? GetClock() : -1,
+      "mIsAudioPrerolling=%d mIsVideoPrerolling=%d "
+      "mAudioCompleted=%d mVideoCompleted=%d",
+      GetMediaTime(), mMediaSink->IsStarted() ? GetClock() : -1, mMediaSink.get(),
       ToStateStr(), mPlayState.Ref(), mDecodingFirstFrame, IsPlaying(),
       AudioRequestStatus(), VideoRequestStatus(), mDecodedAudioEndTime, mDecodedVideoEndTime,
-      mIsAudioPrerolling, mIsVideoPrerolling);
+      mIsAudioPrerolling, mIsVideoPrerolling, mAudioCompleted.Ref(), mVideoCompleted.Ref());
   });
 
   OwnerThread()->DispatchStateChange(r.forget());
 }
 
 void MediaDecoderStateMachine::AddOutputStream(ProcessedMediaStream* aStream,
                                                bool aFinishWhenEnded)
 {
--- a/dom/media/flac/FlacFrameParser.cpp
+++ b/dom/media/flac/FlacFrameParser.cpp
@@ -5,33 +5,21 @@
 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
 
 #include "FlacFrameParser.h"
 #include "mp4_demuxer/ByteReader.h"
 #include "nsTArray.h"
 #include "OggCodecState.h"
 #include "VideoUtils.h"
 
+using mp4_demuxer::AutoByteReader;
+
 namespace mozilla
 {
 
-class AutoByteReader : public mp4_demuxer::ByteReader
-{
-public:
-  AutoByteReader(const uint8_t* aData, size_t aSize)
-    : mp4_demuxer::ByteReader(aData, aSize)
-  {
-
-  }
-  virtual ~AutoByteReader()
-  {
-    DiscardRemaining();
-  }
-};
-
 #define OGG_FLAC_METADATA_TYPE_STREAMINFO 0x7F
 #define FLAC_STREAMINFO_SIZE   34
 
 #define BITMASK(x) ((1ULL << x)-1)
 
 enum
 {
   FLAC_METADATA_TYPE_STREAMINFO = 0,
--- a/dom/media/mediasink/MediaSink.h
+++ b/dom/media/mediasink/MediaSink.h
@@ -114,16 +114,20 @@ public:
   // Can be called in any state.
   virtual bool IsPlaying() const = 0;
 
   // Called on the state machine thread to shut down the sink. All resources
   // allocated by this sink should be released.
   // Must be called after playback stopped.
   virtual void Shutdown() {}
 
+  // Dump debugging information to the logs.
+  // Can be called in any phase.
+  virtual void DumpDebugInfo() {}
+
 protected:
   virtual ~MediaSink() {}
 };
 
 } // namespace media
 } // namespace mozilla
 
 #endif //MediaSink_h_
--- a/dom/media/mediasink/VideoSink.cpp
+++ b/dom/media/mediasink/VideoSink.cpp
@@ -6,22 +6,24 @@
 
 #include "MediaQueue.h"
 #include "VideoSink.h"
 #include "MediaPrefs.h"
 
 namespace mozilla {
 
 extern LazyLogModule gMediaDecoderLog;
-#define VSINK_LOG(msg, ...) \
-  MOZ_LOG(gMediaDecoderLog, LogLevel::Debug, \
-    ("VideoSink=%p " msg, this, ##__VA_ARGS__))
-#define VSINK_LOG_V(msg, ...) \
-  MOZ_LOG(gMediaDecoderLog, LogLevel::Verbose, \
-  ("VideoSink=%p " msg, this, ##__VA_ARGS__))
+
+#undef FMT
+#undef DUMP_LOG
+
+#define FMT(x, ...) "VideoSink=%p " x, this, ##__VA_ARGS__
+#define VSINK_LOG(...)   MOZ_LOG(gMediaDecoderLog, LogLevel::Debug,   (FMT(__VA_ARGS__)))
+#define VSINK_LOG_V(...) MOZ_LOG(gMediaDecoderLog, LogLevel::Verbose, (FMT(__VA_ARGS__)))
+#define DUMP_LOG(...) NS_DebugBreak(NS_DEBUG_WARNING, nsPrintfCString(FMT(__VA_ARGS__)).get(), nullptr, nullptr, -1)
 
 using namespace mozilla::layers;
 
 namespace media {
 
 VideoSink::VideoSink(AbstractThread* aThread,
                      MediaSink* aAudioSink,
                      MediaQueue<MediaData>& aVideoQueue,
@@ -440,10 +442,22 @@ VideoSink::UpdateRenderedVideoFrames()
   RefPtr<VideoSink> self = this;
   mUpdateScheduler.Ensure(target, [self] () {
     self->UpdateRenderedVideoFramesByTimer();
   }, [self] () {
     self->UpdateRenderedVideoFramesByTimer();
   });
 }
 
+void
+VideoSink::DumpDebugInfo()
+{
+  AssertOwnerThread();
+  DUMP_LOG(
+    "IsStarted=%d IsPlaying=%d, VideoQueue: finished=%d size=%d, "
+    "mVideoFrameEndTime=%lld mHasVideo=%d mVideoSinkEndRequest.Exists()=%d "
+    "mEndPromiseHolder.IsEmpty()=%d",
+    IsStarted(), IsPlaying(), VideoQueue().IsFinished(), VideoQueue().GetSize(),
+    mVideoFrameEndTime, mHasVideo, mVideoSinkEndRequest.Exists(), mEndPromiseHolder.IsEmpty());
+}
+
 } // namespace media
 } // namespace mozilla
--- a/dom/media/mediasink/VideoSink.h
+++ b/dom/media/mediasink/VideoSink.h
@@ -63,16 +63,18 @@ public:
   void Stop() override;
 
   bool IsStarted() const override;
 
   bool IsPlaying() const override;
 
   void Shutdown() override;
 
+  void DumpDebugInfo() override;
+
 private:
   virtual ~VideoSink();
 
   // VideoQueue listener related.
   void OnVideoQueuePushed(RefPtr<MediaData>&& aSample);
   void OnVideoQueueFinished();
   void ConnectListener();
   void DisconnectListener();
--- a/dom/media/platforms/agnostic/WAVDecoder.cpp
+++ b/dom/media/platforms/agnostic/WAVDecoder.cpp
@@ -71,17 +71,17 @@ WaveDataDecoder::Input(MediaRawData* aSa
   }
   return NS_OK;
 }
 
 bool
 WaveDataDecoder::DoDecode(MediaRawData* aSample)
 {
   size_t aLength = aSample->Size();
-  ByteReader aReader = ByteReader(aSample->Data(), aLength);
+  ByteReader aReader(aSample->Data(), aLength);
   int64_t aOffset = aSample->mOffset;
   uint64_t aTstampUsecs = aSample->mTime;
 
   int32_t frames = aLength * 8 / mInfo.mBitDepth / mInfo.mChannels;
 
   AlignedAudioBuffer buffer(frames * mInfo.mChannels);
   if (!buffer) {
     return false;
--- a/dom/media/wave/WaveDemuxer.cpp
+++ b/dom/media/wave/WaveDemuxer.cpp
@@ -165,56 +165,55 @@ WAVTrackDemuxer::Init()
 
 bool
 WAVTrackDemuxer::RIFFParserInit()
 {
   RefPtr<MediaRawData> riffHeader = GetFileHeader(FindRIFFHeader());
   if (!riffHeader) {
     return false;
   }
-  ByteReader RIFFReader = ByteReader(riffHeader->Data(), 12);
+  ByteReader RIFFReader(riffHeader->Data(), 12);
   mRIFFParser.Parse(RIFFReader);
   return mRIFFParser.RiffHeader().IsValid(11);
 }
 
 bool
 WAVTrackDemuxer::HeaderParserInit()
 {
   RefPtr<MediaRawData> header = GetFileHeader(FindChunkHeader());
   if (!header) {
     return false;
   }
-  ByteReader HeaderReader = ByteReader(header->Data(), 8);
+  ByteReader HeaderReader(header->Data(), 8);
   mHeaderParser.Parse(HeaderReader);
   return true;
 }
 
 bool
 WAVTrackDemuxer::FmtChunkParserInit()
 {
   RefPtr<MediaRawData> fmtChunk = GetFileHeader(FindFmtChunk());
   if (!fmtChunk) {
     return false;
   }
-  ByteReader fmtReader = ByteReader(fmtChunk->Data(),
-                                    mHeaderParser.GiveHeader().ChunkSize());
+  ByteReader fmtReader(fmtChunk->Data(), mHeaderParser.GiveHeader().ChunkSize());
   mFmtParser.Parse(fmtReader);
   return true;
 }
 
 bool
 WAVTrackDemuxer::ListChunkParserInit(uint32_t aChunkSize)
 {
   uint32_t bytesRead = 0;
 
   RefPtr<MediaRawData> infoTag = GetFileHeader(FindInfoTag());
   if (!infoTag) {
     return false;
   }
-  ByteReader infoTagReader = ByteReader(infoTag->Data(), 4);
+  ByteReader infoTagReader(infoTag->Data(), 4);
   if (!infoTagReader.CanRead32() || infoTagReader.ReadU32() != INFO_CODE) {
     return false;
   }
 
   bytesRead += 4;
 
   while (bytesRead < aChunkSize) {
     if (!HeaderParserInit()) {
--- a/dom/xul/nsXULPopupListener.cpp
+++ b/dom/xul/nsXULPopupListener.cpp
@@ -133,18 +133,17 @@ nsXULPopupListener::HandleEvent(nsIDOMEv
       return NS_ERROR_FAILURE;
     }
   }
 
   nsCOMPtr<nsIContent> targetContent = do_QueryInterface(target);
   if (!targetContent) {
     return NS_OK;
   }
-  if (targetContent->IsXULElement(nsGkAtoms::browser) &&
-      EventStateManager::IsRemoteTarget(targetContent)) {
+  if (EventStateManager::IsRemoteTarget(targetContent)) {
     return NS_OK;
   }
 
   bool preventDefault;
   mouseEvent->AsEvent()->GetDefaultPrevented(&preventDefault);
   if (preventDefault && targetNode && mIsContext) {
     // Someone called preventDefault on a context menu.
     // Let's make sure they are allowed to do so.
--- a/gfx/2d/DrawTargetCairo.cpp
+++ b/gfx/2d/DrawTargetCairo.cpp
@@ -596,26 +596,31 @@ NeedIntermediateSurface(const Pattern& a
   return true;
 }
 
 DrawTargetCairo::DrawTargetCairo()
   : mContext(nullptr)
   , mSurface(nullptr)
   , mTransformSingular(false)
   , mLockedBits(nullptr)
+  , mFontOptions(nullptr)
 {
 }
 
 DrawTargetCairo::~DrawTargetCairo()
 {
   cairo_destroy(mContext);
   if (mSurface) {
     cairo_surface_destroy(mSurface);
     mSurface = nullptr;
   }
+  if (mFontOptions) {
+    cairo_font_options_destroy(mFontOptions);
+    mFontOptions = nullptr;
+  }
   MOZ_ASSERT(!mLockedBits);
 }
 
 bool
 DrawTargetCairo::IsValid() const
 {
   return mSurface && !cairo_surface_status(mSurface) &&
          mContext && !cairo_surface_status(cairo_get_group_target(mContext));
@@ -1284,16 +1289,56 @@ DrawTargetCairo::IsCurrentGroupOpaque()
   if (!surf) {
     return false;
   }
 
   return cairo_surface_get_content(surf) == CAIRO_CONTENT_COLOR;
 }
 
 void
+DrawTargetCairo::SetFontOptions()
+{
+  //   This will attempt to detect if the currently set scaled font on the
+  // context has enabled subpixel AA. If it is not permitted, then it will
+  // downgrade to grayscale AA.
+  //   This only currently works effectively for the cairo-ft backend relative
+  // to system defaults, as only cairo-ft reflect system defaults in the scaled
+  // font state. However, this will work for cairo-ft on both tree Cairo and
+  // system Cairo.
+  //   Other backends leave the CAIRO_ANTIALIAS_DEFAULT setting untouched while
+  // potentially interpreting it as subpixel or even other types of AA that
+  // can't be safely equivocated with grayscale AA. For this reason we don't
+  // try to also detect and modify the default AA setting, only explicit
+  // subpixel AA. These other backends must instead rely on tree Cairo's
+  // cairo_surface_set_subpixel_antialiasing extension.
+
+  // If allowing subpixel AA, then leave Cairo's default AA state.
+  if (mPermitSubpixelAA) {
+    return;
+  }
+
+  if (!mFontOptions) {
+    mFontOptions = cairo_font_options_create();
+    if (!mFontOptions) {
+      gfxWarning() << "Failed allocating Cairo font options";
+      return;
+    }
+  }
+
+  // If the current font requests subpixel AA, force it to gray since we don't
+  // allow subpixel AA.
+  cairo_get_font_options(mContext, mFontOptions);
+  cairo_antialias_t antialias = cairo_font_options_get_antialias(mFontOptions);
+  if (antialias == CAIRO_ANTIALIAS_SUBPIXEL) {
+    cairo_font_options_set_antialias(mFontOptions, CAIRO_ANTIALIAS_GRAY);
+    cairo_set_font_options(mContext, mFontOptions);
+  }
+}
+
+void
 DrawTargetCairo::SetPermitSubpixelAA(bool aPermitSubpixelAA)
 {
   DrawTarget::SetPermitSubpixelAA(aPermitSubpixelAA);
 #ifdef MOZ_TREE_CAIRO
   cairo_surface_set_subpixel_antialiasing(cairo_get_group_target(mContext),
     aPermitSubpixelAA ? CAIRO_SUBPIXEL_ANTIALIASING_ENABLED : CAIRO_SUBPIXEL_ANTIALIASING_DISABLED);
 #endif
 }
@@ -1329,16 +1374,19 @@ DrawTargetCairo::FillGlyphs(ScaledFont *
   if (!pat)
     return;
 
   cairo_set_source(mContext, pat);
   cairo_pattern_destroy(pat);
 
   cairo_set_antialias(mContext, GfxAntialiasToCairoAntialias(aOptions.mAntialiasMode));
 
+  // Override any font-specific options as necessary.
+  SetFontOptions();
+
   // Convert our GlyphBuffer into a vector of Cairo glyphs. This code can
   // execute millions of times in short periods, so we want to avoid heap
   // allocation whenever possible. So we use an inline vector capacity of 1024
   // bytes (the maximum allowed by mozilla::Vector), which gives an inline
   // length of 1024 / 24 = 42 elements, which is enough to typically avoid heap
   // allocation in ~99% of cases.
   Vector<cairo_glyph_t, 1024 / sizeof(cairo_glyph_t)> glyphs;
   if (!glyphs.resizeUninitialized(aBuffer.mNumGlyphs)) {
--- a/gfx/2d/DrawTargetCairo.h
+++ b/gfx/2d/DrawTargetCairo.h
@@ -218,24 +218,30 @@ private: // methods
   // Call if there is any reason to disassociate the snapshot from this draw
   // target; for example, because we're going to be destroyed.
   void MarkSnapshotIndependent();
 
   // If the current operator is "source" then clear the destination before we
   // draw into it, to simulate the effect of an unbounded source operator.
   void ClearSurfaceForUnboundedSource(const CompositionOp &aOperator);
 
+  // Set the Cairo context font options according to the current draw target
+  // font state.
+  void SetFontOptions();
+
 private: // data
   cairo_t* mContext;
   cairo_surface_t* mSurface;
   IntSize mSize;
   bool mTransformSingular;
 
   uint8_t* mLockedBits;
 
+  cairo_font_options_t* mFontOptions;
+
   struct PushedLayer
   {
     PushedLayer(Float aOpacity, bool aWasPermittingSubpixelAA)
       : mOpacity(aOpacity)
       , mMaskPattern(nullptr)
       , mWasPermittingSubpixelAA(aWasPermittingSubpixelAA)
     {}
     Float mOpacity;
--- a/gfx/layers/BufferTexture.cpp
+++ b/gfx/layers/BufferTexture.cpp
@@ -18,17 +18,19 @@
 
 namespace mozilla {
 namespace layers {
 
 class MemoryTextureData : public BufferTextureData
 {
 public:
   static MemoryTextureData* Create(gfx::IntSize aSize, gfx::SurfaceFormat aFormat,
-                                   gfx::BackendType aMoz2DBackend,TextureFlags aFlags,
+                                   gfx::BackendType aMoz2DBackend,
+                                   LayersBackend aLayersBackend,
+                                   TextureFlags aFlags,
                                    TextureAllocationFlags aAllocFlags,
                                    ClientIPCAllocator* aAllocator);
 
   virtual TextureData*
   CreateSimilar(ClientIPCAllocator* aAllocator,
                 TextureFlags aFlags = TextureFlags::DEFAULT,
                 TextureAllocationFlags aAllocFlags = ALLOC_DEFAULT) const override;
 
@@ -55,17 +57,19 @@ protected:
   uint8_t* mBuffer;
   size_t mBufferSize;
 };
 
 class ShmemTextureData : public BufferTextureData
 {
 public:
   static ShmemTextureData* Create(gfx::IntSize aSize, gfx::SurfaceFormat aFormat,
-                                  gfx::BackendType aMoz2DBackend, TextureFlags aFlags,
+                                  gfx::BackendType aMoz2DBackend,
+                                  LayersBackend aLayersBackend,
+                                  TextureFlags aFlags,
                                   TextureAllocationFlags aAllocFlags,
                                   ClientIPCAllocator* aAllocator);
 
   virtual TextureData*
   CreateSimilar(ClientIPCAllocator* aAllocator,
                 TextureFlags aFlags = TextureFlags::DEFAULT,
                 TextureAllocationFlags aAllocFlags = ALLOC_DEFAULT) const override;
 
@@ -102,25 +106,28 @@ bool ComputeHasIntermediateBuffer(gfx::S
 {
   return aLayersBackend != LayersBackend::LAYERS_BASIC
       || UsingX11Compositor()
       || aFormat == gfx::SurfaceFormat::UNKNOWN;
 }
 
 BufferTextureData*
 BufferTextureData::Create(gfx::IntSize aSize, gfx::SurfaceFormat aFormat,
-                          gfx::BackendType aMoz2DBackend, TextureFlags aFlags,
+                          gfx::BackendType aMoz2DBackend,
+                          LayersBackend aLayersBackend, TextureFlags aFlags,
                           TextureAllocationFlags aAllocFlags,
                           ClientIPCAllocator* aAllocator)
 {
   if (!aAllocator || aAllocator->IsSameProcess()) {
-    return MemoryTextureData::Create(aSize, aFormat, aMoz2DBackend, aFlags,
+    return MemoryTextureData::Create(aSize, aFormat, aMoz2DBackend,
+                                     aLayersBackend, aFlags,
                                      aAllocFlags, aAllocator);
   } else if (aAllocator->AsShmemAllocator()) {
-    return ShmemTextureData::Create(aSize, aFormat, aMoz2DBackend, aFlags,
+    return ShmemTextureData::Create(aSize, aFormat, aMoz2DBackend,
+                                    aLayersBackend, aFlags,
                                     aAllocFlags, aAllocator);
   }
   return nullptr;
 }
 
 BufferTextureData*
 BufferTextureData::CreateInternal(ClientIPCAllocator* aAllocator,
                                   const BufferDescriptor& aDesc,
@@ -447,17 +454,18 @@ InitBuffer(uint8_t* buf, size_t bufSize,
     memset(buf, 0xFF, bufSize);
   }
 
   return true;
 }
 
 MemoryTextureData*
 MemoryTextureData::Create(gfx::IntSize aSize, gfx::SurfaceFormat aFormat,
-                          gfx::BackendType aMoz2DBackend, TextureFlags aFlags,
+                          gfx::BackendType aMoz2DBackend,
+                          LayersBackend aLayersBackend, TextureFlags aFlags,
                           TextureAllocationFlags aAllocFlags,
                           ClientIPCAllocator* aAllocator)
 {
   // Should have used CreateForYCbCr.
   MOZ_ASSERT(aFormat != gfx::SurfaceFormat::YUV);
 
   if (aSize.width <= 0 || aSize.height <= 0) {
     gfxDebug() << "Asking for buffer of invalid size " << aSize.width << "x" << aSize.height;
@@ -469,20 +477,21 @@ MemoryTextureData::Create(gfx::IntSize a
     return nullptr;
   }
 
   uint8_t* buf = new (fallible) uint8_t[bufSize];
   if (!InitBuffer(buf, bufSize, aFormat, aAllocFlags, false)) {
     return nullptr;
   }
 
-  auto fwd = aAllocator ? aAllocator->AsCompositableForwarder() : nullptr;
-  bool hasIntermediateBuffer = fwd ? ComputeHasIntermediateBuffer(aFormat,
-                                              fwd->GetCompositorBackendType())
-                                   : true;
+  // LAYERS_NONE must imply that we have no compositable forwarder
+  MOZ_ASSERT_IF(aLayersBackend == LayersBackend::LAYERS_NONE,
+                !aAllocator || !aAllocator->AsCompositableForwarder());
+
+  bool hasIntermediateBuffer = ComputeHasIntermediateBuffer(aFormat, aLayersBackend);
 
   GfxMemoryImageReporter::DidAlloc(buf);
 
   BufferDescriptor descriptor = RGBDescriptor(aSize, aFormat, hasIntermediateBuffer);
 
   return new MemoryTextureData(descriptor, aMoz2DBackend, buf, bufSize);
 }
 
@@ -495,18 +504,21 @@ MemoryTextureData::Deallocate(ClientIPCA
   mBuffer = nullptr;
 }
 
 TextureData*
 MemoryTextureData::CreateSimilar(ClientIPCAllocator* aAllocator,
                                  TextureFlags aFlags,
                                  TextureAllocationFlags aAllocFlags) const
 {
+  auto fwd = aAllocator ? aAllocator->AsCompositableForwarder() : nullptr;
+  auto backend = fwd ? fwd->GetCompositorBackendType() : LayersBackend::LAYERS_NONE;
+
   return MemoryTextureData::Create(GetSize(), GetFormat(), mMoz2DBackend,
-                                   aFlags, aAllocFlags, aAllocator);
+                                   backend, aFlags, aAllocFlags, aAllocator);
 }
 
 bool
 ShmemTextureData::Serialize(SurfaceDescriptor& aOutDescriptor)
 {
   MOZ_ASSERT(GetFormat() != gfx::SurfaceFormat::UNKNOWN);
   if (GetFormat() == gfx::SurfaceFormat::UNKNOWN) {
     return false;
@@ -514,17 +526,18 @@ ShmemTextureData::Serialize(SurfaceDescr
 
   aOutDescriptor = SurfaceDescriptorBuffer(mDescriptor, MemoryOrShmem(mShmem));
 
   return true;
 }
 
 ShmemTextureData*
 ShmemTextureData::Create(gfx::IntSize aSize, gfx::SurfaceFormat aFormat,
-                         gfx::BackendType aMoz2DBackend, TextureFlags aFlags,
+                         gfx::BackendType aMoz2DBackend,
+                         LayersBackend aLayersBackend, TextureFlags aFlags,
                          TextureAllocationFlags aAllocFlags,
                          ClientIPCAllocator* aAllocator)
 {
   MOZ_ASSERT(aAllocator);
   // Should have used CreateForYCbCr.
   MOZ_ASSERT(aFormat != gfx::SurfaceFormat::YUV);
 
   if (!aAllocator || !aAllocator->AsShmemAllocator()) {
@@ -546,35 +559,39 @@ ShmemTextureData::Create(gfx::IntSize aS
     return nullptr;
   }
 
   uint8_t* buf = shm.get<uint8_t>();
   if (!InitBuffer(buf, bufSize, aFormat, aAllocFlags, true)) {
     return nullptr;
   }
 
-  auto fwd = aAllocator->AsCompositableForwarder();
-  bool hasIntermediateBuffer = fwd ? ComputeHasIntermediateBuffer(aFormat,
-                                              fwd->GetCompositorBackendType())
-                                   : true;
+  // LAYERS_NONE must imply that we have no compositable forwarder
+  MOZ_ASSERT_IF(aLayersBackend == LayersBackend::LAYERS_NONE,
+                !aAllocator || !aAllocator->AsCompositableForwarder());
+
+  bool hasIntermediateBuffer = ComputeHasIntermediateBuffer(aFormat, aLayersBackend);
 
   BufferDescriptor descriptor = RGBDescriptor(aSize, aFormat, hasIntermediateBuffer);
 
   return new ShmemTextureData(descriptor, aMoz2DBackend, shm);
 
   return nullptr;
 }
 
 TextureData*
 ShmemTextureData::CreateSimilar(ClientIPCAllocator* aAllocator,
                                 TextureFlags aFlags,
                                 TextureAllocationFlags aAllocFlags) const
 {
+  auto fwd = aAllocator ? aAllocator->AsCompositableForwarder() : nullptr;
+  auto backend = fwd ? fwd->GetCompositorBackendType() : LayersBackend::LAYERS_NONE;
+
   return ShmemTextureData::Create(GetSize(), GetFormat(), mMoz2DBackend,
-                                  aFlags, aAllocFlags, aAllocator);
+                                  backend, aFlags, aAllocFlags, aAllocator);
 }
 
 void
 ShmemTextureData::Deallocate(ClientIPCAllocator* aAllocator)
 {
   aAllocator->AsShmemAllocator()->DeallocShmem(mShmem);
 }
 
--- a/gfx/layers/BufferTexture.h
+++ b/gfx/layers/BufferTexture.h
@@ -17,17 +17,19 @@ namespace layers {
 
 bool ComputeHasIntermediateBuffer(gfx::SurfaceFormat aFormat,
                                   LayersBackend aLayersBackend);
 
 class BufferTextureData : public TextureData
 {
 public:
   static BufferTextureData* Create(gfx::IntSize aSize, gfx::SurfaceFormat aFormat,
-                                   gfx::BackendType aMoz2DBackend,TextureFlags aFlags,
+                                   gfx::BackendType aMoz2DBackend,
+                                   LayersBackend aLayersBackend,
+                                   TextureFlags aFlags,
                                    TextureAllocationFlags aAllocFlags,
                                    ClientIPCAllocator* aAllocator);
 
   static BufferTextureData* CreateForYCbCr(ClientIPCAllocator* aAllocator,
                                            gfx::IntSize aYSize,
                                            gfx::IntSize aCbCrSize,
                                            StereoMode aStereoMode,
                                            TextureFlags aTextureFlags);
--- a/gfx/layers/client/TextureClient.cpp
+++ b/gfx/layers/client/TextureClient.cpp
@@ -1113,17 +1113,18 @@ TextureClient::CreateForDrawing(TextureF
 
   if (moz2DBackend == BackendType::SKIA && aFormat == SurfaceFormat::B8G8R8X8) {
     // Skia doesn't support RGBX, so ensure we clear the buffer for the proper alpha values.
     aAllocFlags = TextureAllocationFlags(aAllocFlags | ALLOC_CLEAR_BUFFER);
   }
 
   // Can't do any better than a buffer texture client.
   return TextureClient::CreateForRawBufferAccess(aAllocator, aFormat, aSize,
-                                                 moz2DBackend, aTextureFlags, aAllocFlags);
+                                                 moz2DBackend, aLayersBackend,
+                                                 aTextureFlags, aAllocFlags);
 }
 
 // static
 already_AddRefed<TextureClient>
 TextureClient::CreateFromSurface(TextureForwarder* aAllocator,
                                  gfx::SourceSurface* aSurface,
                                  LayersBackend aLayersBackend,
                                  BackendSelector aSelector,
@@ -1187,16 +1188,32 @@ TextureClient::CreateFromSurface(Texture
 already_AddRefed<TextureClient>
 TextureClient::CreateForRawBufferAccess(ClientIPCAllocator* aAllocator,
                                         gfx::SurfaceFormat aFormat,
                                         gfx::IntSize aSize,
                                         gfx::BackendType aMoz2DBackend,
                                         TextureFlags aTextureFlags,
                                         TextureAllocationFlags aAllocFlags)
 {
+  auto fwd = aAllocator->AsCompositableForwarder();
+  auto backend = fwd ? fwd->GetCompositorBackendType() : LayersBackend::LAYERS_NONE;
+  return CreateForRawBufferAccess(aAllocator, aFormat, aSize, aMoz2DBackend,
+                                  backend, aTextureFlags, aAllocFlags);
+}
+
+// static
+already_AddRefed<TextureClient>
+TextureClient::CreateForRawBufferAccess(ClientIPCAllocator* aAllocator,
+                                        gfx::SurfaceFormat aFormat,
+                                        gfx::IntSize aSize,
+                                        gfx::BackendType aMoz2DBackend,
+                                        LayersBackend aLayersBackend,
+                                        TextureFlags aTextureFlags,
+                                        TextureAllocationFlags aAllocFlags)
+{
   // also test the validity of aAllocator
   MOZ_ASSERT(aAllocator && aAllocator->IPCOpen());
   if (!aAllocator || !aAllocator->IPCOpen()) {
     return nullptr;
   }
 
   if (aAllocFlags & ALLOC_DISALLOW_BUFFERTEXTURECLIENT) {
     return nullptr;
@@ -1208,18 +1225,18 @@ TextureClient::CreateForRawBufferAccess(
 
   // D2D backend does not support CreateDrawTargetForData(). Use CAIRO instead.
   if (aMoz2DBackend == gfx::BackendType::DIRECT2D ||
       aMoz2DBackend == gfx::BackendType::DIRECT2D1_1) {
     aMoz2DBackend = gfx::BackendType::CAIRO;
   }
 
   TextureData* texData = BufferTextureData::Create(aSize, aFormat, aMoz2DBackend,
-                                                   aTextureFlags, aAllocFlags,
-                                                   aAllocator);
+                                                   aLayersBackend, aTextureFlags,
+                                                   aAllocFlags, aAllocator);
   if (!texData) {
     return nullptr;
   }
 
   return MakeAndAddRef<TextureClient>(texData, aTextureFlags, aAllocator);
 }
 
 // static
--- a/gfx/layers/client/TextureClient.h
+++ b/gfx/layers/client/TextureClient.h
@@ -375,16 +375,26 @@ public:
 
   // Creates and allocates a TextureClient (can be accessed through raw
   // pointers).
   static already_AddRefed<TextureClient>
   CreateForRawBufferAccess(ClientIPCAllocator* aAllocator,
                            gfx::SurfaceFormat aFormat,
                            gfx::IntSize aSize,
                            gfx::BackendType aMoz2dBackend,
+                           LayersBackend aLayersBackend,
+                           TextureFlags aTextureFlags,
+                           TextureAllocationFlags flags = ALLOC_DEFAULT);
+
+  // TODO: remove this one and use the one above instead.
+  static already_AddRefed<TextureClient>
+  CreateForRawBufferAccess(ClientIPCAllocator* aAllocator,
+                           gfx::SurfaceFormat aFormat,
+                           gfx::IntSize aSize,
+                           gfx::BackendType aMoz2dBackend,
                            TextureFlags aTextureFlags,
                            TextureAllocationFlags flags = ALLOC_DEFAULT);
 
   // Creates and allocates a TextureClient (can beaccessed through raw
   // pointers) with a certain buffer size. It's unfortunate that we need this.
   // providing format and sizes could let us do more optimization.
   static already_AddRefed<TextureClient>
   CreateForYCbCrWithBufferSize(ClientIPCAllocator* aAllocator,
--- a/gfx/layers/client/TextureClientPool.cpp
+++ b/gfx/layers/client/TextureClientPool.cpp
@@ -148,16 +148,17 @@ TextureClientPool::AllocateTextureClient
 
   RefPtr<TextureClient> newClient;
   if (gfxPrefs::ForceShmemTiles()) {
     // gfx::BackendType::NONE means use the content backend
     newClient =
       TextureClient::CreateForRawBufferAccess(mSurfaceAllocator,
                                               mFormat, mSize,
                                               gfx::BackendType::NONE,
+                                              mBackend,
                                               mFlags, ALLOC_DEFAULT);
   } else {
     newClient =
       TextureClient::CreateForDrawing(mSurfaceAllocator,
                                       mFormat, mSize,
                                       mBackend,
                                       BackendSelector::Content,
                                       mFlags);
--- a/gfx/layers/ipc/LayersMessages.ipdlh
+++ b/gfx/layers/ipc/LayersMessages.ipdlh
@@ -193,17 +193,17 @@ struct Animation {
   // The segments must uniquely cover the portion from 0.0 to 1.0
   AnimationSegment[] segments;
   // Number of times to repeat the animation, including positive infinity.
   // Values <= 0 mean the animation will not play (although events are still
   // dispatched on the main thread).
   float iterations;
   float iterationStart;
   // This uses the NS_STYLE_ANIMATION_DIRECTION_* constants.
-  int32_t direction;
+  uint8_t direction;
   nsCSSPropertyID property;
   AnimationData data;
   float playbackRate;
   // This is used in the transformed progress calculation.
   TimingFunction easingFunction;
 };
 
 // Change a layer's attributes
--- a/gfx/tests/gtest/TestTextures.cpp
+++ b/gfx/tests/gtest/TestTextures.cpp
@@ -220,17 +220,18 @@ TEST(Layers, TextureSerialization) {
 
   for (int f = 0; f < 3; ++f) {
     RefPtr<gfxImageSurface> surface = new gfxImageSurface(IntSize(400,300), formats[f]);
     SetupSurface(surface.get());
     AssertSurfacesEqual(surface, surface);
 
     auto texData = BufferTextureData::Create(surface->GetSize(),
       gfx::ImageFormatToSurfaceFormat(surface->Format()),
-      gfx::BackendType::CAIRO, TextureFlags::DEALLOCATE_CLIENT, ALLOC_DEFAULT, nullptr
+      gfx::BackendType::CAIRO, LayersBackend::LAYERS_NONE,
+      TextureFlags::DEALLOCATE_CLIENT, ALLOC_DEFAULT, nullptr
     );
     ASSERT_TRUE(!!texData);
 
     RefPtr<TextureClient> client = new TextureClient(
       texData, TextureFlags::DEALLOCATE_CLIENT, nullptr
     );
 
     TestTextureClientSurface(client, surface);
--- a/image/AnimationSurfaceProvider.cpp
+++ b/image/AnimationSurfaceProvider.cpp
@@ -11,24 +11,24 @@
 #include "Decoder.h"
 
 using namespace mozilla::gfx;
 
 namespace mozilla {
 namespace image {
 
 AnimationSurfaceProvider::AnimationSurfaceProvider(NotNull<RasterImage*> aImage,
-                                                   NotNull<Decoder*> aDecoder,
-                                                   const SurfaceKey& aSurfaceKey)
-  : ISurfaceProvider(AvailabilityState::StartAsPlaceholder())
+                                                   const SurfaceKey& aSurfaceKey,
+                                                   NotNull<Decoder*> aDecoder)
+  : ISurfaceProvider(ImageKey(aImage.get()), aSurfaceKey,
+                     AvailabilityState::StartAsPlaceholder())
   , mImage(aImage.get())
   , mDecodingMutex("AnimationSurfaceProvider::mDecoder")
   , mDecoder(aDecoder.get())
   , mFramesMutex("AnimationSurfaceProvider::mFrames")
-  , mSurfaceKey(aSurfaceKey)
 {
   MOZ_ASSERT(!mDecoder->IsMetadataDecode(),
              "Use MetadataDecodingTask for metadata decodes");
   MOZ_ASSERT(!mDecoder->IsFirstFrameDecode(),
              "Use DecodedSurfaceProvider for single-frame image decodes");
 }
 
 AnimationSurfaceProvider::~AnimationSurfaceProvider()
@@ -106,17 +106,17 @@ AnimationSurfaceProvider::LogicalSizeInB
   // into. The composited surfaces are always BGRA. Although the surface we're
   // decoding into may be paletted, and may be smaller than the real size of the
   // image, we assume the worst case here.
   // XXX(seth): Note that this is actually not accurate yet; we're storing the
   // full sequence of frames, not just the three live surfaces mentioned above.
   // Unfortunately there's no way to know in advance how many frames an
   // animation has, so we really can't do better here. This will become correct
   // once bug 1289954 is complete.
-  IntSize size = mSurfaceKey.Size();
+  IntSize size = GetSurfaceKey().Size();
   return 3 * size.width * size.height * sizeof(uint32_t);
 }
 
 void
 AnimationSurfaceProvider::AddSizeOfExcludingThis(MallocSizeOf aMallocSizeOf,
                                                  size_t& aHeapSizeOut,
                                                  size_t& aNonHeapSizeOut)
 {
@@ -248,19 +248,17 @@ AnimationSurfaceProvider::AnnounceSurfac
   mFramesMutex.AssertNotCurrentThreadOwns();
   MOZ_ASSERT(mImage);
 
   // We just got the first frame; let the surface cache know. We deliberately do
   // this outside of mFramesMutex to avoid a potential deadlock with
   // AddSizeOfExcludingThis(), since otherwise we'd be acquiring mFramesMutex
   // and then the surface cache lock, while the memory reporting code would
   // acquire the surface cache lock and then mFramesMutex.
-  SurfaceCache::SurfaceAvailable(WrapNotNull(this),
-                                 ImageKey(mImage.get()),
-                                 mSurfaceKey);
+  SurfaceCache::SurfaceAvailable(WrapNotNull(this));
 }
 
 void
 AnimationSurfaceProvider::FinishDecoding()
 {
   mDecodingMutex.AssertCurrentThreadOwns();
   MOZ_ASSERT(mImage);
   MOZ_ASSERT(mDecoder);
--- a/image/AnimationSurfaceProvider.h
+++ b/image/AnimationSurfaceProvider.h
@@ -25,18 +25,18 @@ namespace image {
 class AnimationSurfaceProvider final
   : public ISurfaceProvider
   , public IDecodingTask
 {
 public:
   NS_INLINE_DECL_THREADSAFE_REFCOUNTING(AnimationSurfaceProvider, override)
 
   AnimationSurfaceProvider(NotNull<RasterImage*> aImage,
-                           NotNull<Decoder*> aDecoder,
-                           const SurfaceKey& aSurfaceKey);
+                           const SurfaceKey& aSurfaceKey,
+                           NotNull<Decoder*> aDecoder);
 
 
   //////////////////////////////////////////////////////////////////////////////
   // ISurfaceProvider implementation.
   //////////////////////////////////////////////////////////////////////////////
 
 public:
   // We use the ISurfaceProvider constructor of DrawableSurface to indicate that
@@ -91,17 +91,14 @@ private:
   /// The decoder used to decode this animation.
   RefPtr<Decoder> mDecoder;
 
   /// A mutex to protect mFrames. Always taken after mDecodingMutex.
   mutable Mutex mFramesMutex;
 
   /// The frames of this animation, in order.
   nsTArray<RawAccessFrameRef> mFrames;
-
-  /// The key under which we're stored as a cache entry in the surface cache.
-  const SurfaceKey mSurfaceKey;
 };
 
 } // namespace image
 } // namespace mozilla
 
 #endif // mozilla_image_AnimationSurfaceProvider_h
--- a/image/DecodedSurfaceProvider.cpp
+++ b/image/DecodedSurfaceProvider.cpp
@@ -11,23 +11,23 @@
 #include "Decoder.h"
 
 using namespace mozilla::gfx;
 
 namespace mozilla {
 namespace image {
 
 DecodedSurfaceProvider::DecodedSurfaceProvider(NotNull<RasterImage*> aImage,
-                                               NotNull<Decoder*> aDecoder,
-                                               const SurfaceKey& aSurfaceKey)
-  : ISurfaceProvider(AvailabilityState::StartAsPlaceholder())
+                                               const SurfaceKey& aSurfaceKey,
+                                               NotNull<Decoder*> aDecoder)
+  : ISurfaceProvider(ImageKey(aImage.get()), aSurfaceKey,
+                     AvailabilityState::StartAsPlaceholder())
   , mImage(aImage.get())
   , mMutex("mozilla::image::DecodedSurfaceProvider")
   , mDecoder(aDecoder.get())
-  , mSurfaceKey(aSurfaceKey)
 {
   MOZ_ASSERT(!mDecoder->IsMetadataDecode(),
              "Use MetadataDecodingTask for metadata decodes");
   MOZ_ASSERT(mDecoder->IsFirstFrameDecode(),
              "Use AnimationSurfaceProvider for animation decodes");
 }
 
 DecodedSurfaceProvider::~DecodedSurfaceProvider()
@@ -116,17 +116,17 @@ DecodedSurfaceProvider::SetLocked(bool a
   mLockRef = aLocked ? mSurface->DrawableRef()
                      : DrawableFrameRef();
 }
 
 size_t
 DecodedSurfaceProvider::LogicalSizeInBytes() const
 {
   // Single frame images are always 32bpp.
-  IntSize size = mSurfaceKey.Size();
+  IntSize size = GetSurfaceKey().Size();
   return size.width * size.height * sizeof(uint32_t);
 }
 
 void
 DecodedSurfaceProvider::Run()
 {
   MutexAutoLock lock(mMutex);
 
@@ -182,19 +182,17 @@ DecodedSurfaceProvider::CheckForNewSurfa
   // We don't have a surface yet; try to get one from the decoder.
   mSurface = mDecoder->GetCurrentFrameRef().get();
   if (!mSurface) {
     return;  // No surface yet.
   }
 
   // We just got a surface for the first time; let the surface cache know.
   MOZ_ASSERT(mImage);
-  SurfaceCache::SurfaceAvailable(WrapNotNull(this),
-                                 ImageKey(mImage.get()),
-                                 mSurfaceKey);
+  SurfaceCache::SurfaceAvailable(WrapNotNull(this));
 }
 
 void
 DecodedSurfaceProvider::FinishDecoding()
 {
   mMutex.AssertCurrentThreadOwns();
   MOZ_ASSERT(mImage);
   MOZ_ASSERT(mDecoder);
--- a/image/DecodedSurfaceProvider.h
+++ b/image/DecodedSurfaceProvider.h
@@ -24,18 +24,18 @@ namespace image {
 class DecodedSurfaceProvider final
   : public ISurfaceProvider
   , public IDecodingTask
 {
 public:
   NS_INLINE_DECL_THREADSAFE_REFCOUNTING(DecodedSurfaceProvider, override)
 
   DecodedSurfaceProvider(NotNull<RasterImage*> aImage,
-                         NotNull<Decoder*> aDecoder,
-                         const SurfaceKey& aSurfaceKey);
+                         const SurfaceKey& aSurfaceKey,
+                         NotNull<Decoder*> aDecoder);
 
 
   //////////////////////////////////////////////////////////////////////////////
   // ISurfaceProvider implementation.
   //////////////////////////////////////////////////////////////////////////////
 
 public:
   bool IsFinished() const override;
@@ -76,17 +76,14 @@ private:
   /// The decoder that will generate our surface. Dropped after decoding.
   RefPtr<Decoder> mDecoder;
 
   /// Our surface. Initially null until it's generated by the decoder.
   RefPtr<imgFrame> mSurface;
 
   /// A drawable reference to our service; used for locking.
   DrawableFrameRef mLockRef;
-
-  /// The key under which we're stored as a cache entry in the surface cache.
-  SurfaceKey mSurfaceKey;
 };
 
 } // namespace image
 } // namespace mozilla
 
 #endif // mozilla_image_DecodedSurfaceProvider_h
--- a/image/DecoderFactory.cpp
+++ b/image/DecoderFactory.cpp
@@ -140,24 +140,22 @@ DecoderFactory::CreateDecoder(DecoderTyp
   }
 
   // Create a DecodedSurfaceProvider which will manage the decoding process and
   // make this decoder's output available in the surface cache.
   SurfaceKey surfaceKey =
     RasterSurfaceKey(aOutputSize, aSurfaceFlags, PlaybackType::eStatic);
   NotNull<RefPtr<DecodedSurfaceProvider>> provider =
     WrapNotNull(new DecodedSurfaceProvider(aImage,
-                                           WrapNotNull(decoder),
-                                           surfaceKey));
+                                           surfaceKey,
+                                           WrapNotNull(decoder)));
 
   // Attempt to insert the surface provider into the surface cache right away so
   // we won't trigger any more decoders with the same parameters.
-  InsertOutcome outcome =
-    SurfaceCache::Insert(provider, ImageKey(aImage.get()), surfaceKey);
-  if (outcome != InsertOutcome::SUCCESS) {
+  if (SurfaceCache::Insert(provider) != InsertOutcome::SUCCESS) {
     return nullptr;
   }
 
   // Return the surface provider in its IDecodingTask guise.
   RefPtr<IDecodingTask> task = provider.get();
   return task.forget();
 }
 
@@ -192,24 +190,22 @@ DecoderFactory::CreateAnimationDecoder(D
   }
 
   // Create an AnimationSurfaceProvider which will manage the decoding process
   // and make this decoder's output available in the surface cache.
   SurfaceKey surfaceKey =
     RasterSurfaceKey(aIntrinsicSize, aSurfaceFlags, PlaybackType::eAnimated);
   NotNull<RefPtr<AnimationSurfaceProvider>> provider =
     WrapNotNull(new AnimationSurfaceProvider(aImage,
-                                             WrapNotNull(decoder),
-                                             surfaceKey));
+                                             surfaceKey,
+                                             WrapNotNull(decoder)));
 
   // Attempt to insert the surface provider into the surface cache right away so
   // we won't trigger any more decoders with the same parameters.
-  InsertOutcome outcome =
-    SurfaceCache::Insert(provider, ImageKey(aImage.get()), surfaceKey);
-  if (outcome != InsertOutcome::SUCCESS) {
+  if (SurfaceCache::Insert(provider) != InsertOutcome::SUCCESS) {
     return nullptr;
   }
 
   // Return the surface provider in its IDecodingTask guise.
   RefPtr<IDecodingTask> task = provider.get();
   return task.forget();
 }
 
--- a/image/ISurfaceProvider.h
+++ b/image/ISurfaceProvider.h
@@ -35,25 +35,34 @@ class DrawableSurface;
 class ISurfaceProvider
 {
 public:
   // Subclasses may or may not be XPCOM classes, so we just require that they
   // implement AddRef and Release.
   NS_IMETHOD_(MozExternalRefCountType) AddRef() = 0;
   NS_IMETHOD_(MozExternalRefCountType) Release() = 0;
 
+  /// @return key data used for identifying which image this ISurfaceProvider is
+  /// associated with in the surface cache.
+  ImageKey GetImageKey() const { return mImageKey; }
+
+  /// @return key data used to uniquely identify this ISurfaceProvider's cache
+  /// entry in the surface cache.
+  const SurfaceKey& GetSurfaceKey() const { return mSurfaceKey; }
+
   /// @return a (potentially lazily computed) drawable reference to a surface.
   virtual DrawableSurface Surface();
 
   /// @return true if DrawableRef() will return a completely decoded surface.
   virtual bool IsFinished() const = 0;
 
   /// @return the number of bytes of memory this ISurfaceProvider is expected to
   /// require. Optimizations may result in lower real memory usage. Trivial
-  /// overhead is ignored.
+  /// overhead is ignored. Because this value is used in bookkeeping, it's
+  /// important that it be constant over the lifetime of this object.
   virtual size_t LogicalSizeInBytes() const = 0;
 
   /// @return the actual number of bytes of memory this ISurfaceProvider is
   /// using. May vary over the lifetime of the ISurfaceProvider. The default
   /// implementation is appropriate for static ISurfaceProviders.
   virtual void AddSizeOfExcludingThis(MallocSizeOf aMallocSizeOf,
                                       size_t& aHeapSizeOut,
                                       size_t& aNonHeapSizeOut)
@@ -69,19 +78,25 @@ public:
   /// @return the availability state of this ISurfaceProvider, which indicates
   /// whether DrawableRef() could successfully return a surface. Should only be
   /// called from SurfaceCache code as it relies on SurfaceCache for
   /// synchronization.
   AvailabilityState& Availability() { return mAvailability; }
   const AvailabilityState& Availability() const { return mAvailability; }
 
 protected:
-  explicit ISurfaceProvider(AvailabilityState aAvailability)
-    : mAvailability(aAvailability)
-  { }
+  ISurfaceProvider(const ImageKey aImageKey,
+                   const SurfaceKey& aSurfaceKey,
+                   AvailabilityState aAvailability)
+    : mImageKey(aImageKey)
+    , mSurfaceKey(aSurfaceKey)
+    , mAvailability(aAvailability)
+  {
+    MOZ_ASSERT(aImageKey, "Must have a valid image key");
+  }
 
   virtual ~ISurfaceProvider() { }
 
   /// @return an eagerly computed drawable reference to a surface. For
   /// dynamically generated animation surfaces, @aFrame specifies the 0-based
   /// index of the desired frame.
   virtual DrawableFrameRef DrawableRef(size_t aFrame) = 0;
 
@@ -94,16 +109,18 @@ protected:
   /// should avoid releasing its resources. Should only be called from
   /// SurfaceCache code as it relies on SurfaceCache for synchronization.
   virtual void SetLocked(bool aLocked) = 0;
 
 private:
   friend class CachedSurface;
   friend class DrawableSurface;
 
+  const ImageKey mImageKey;
+  const SurfaceKey mSurfaceKey;
   AvailabilityState mAvailability;
 };
 
 
 /**
  * A reference to a surface (stored in an imgFrame) that holds the surface in
  * memory, guaranteeing that it can be drawn. If you have a DrawableSurface
  * |surf| and |if (surf)| returns true, then calls to |surf->Draw()| and
@@ -215,20 +232,25 @@ ISurfaceProvider::Surface()
 /**
  * An ISurfaceProvider that stores a single surface.
  */
 class SimpleSurfaceProvider final : public ISurfaceProvider
 {
 public:
   NS_INLINE_DECL_THREADSAFE_REFCOUNTING(SimpleSurfaceProvider, override)
 
-  explicit SimpleSurfaceProvider(NotNull<imgFrame*> aSurface)
-    : ISurfaceProvider(AvailabilityState::StartAvailable())
+  SimpleSurfaceProvider(const ImageKey aImageKey,
+                        const SurfaceKey& aSurfaceKey,
+                        NotNull<imgFrame*> aSurface)
+    : ISurfaceProvider(aImageKey, aSurfaceKey,
+                       AvailabilityState::StartAvailable())
     , mSurface(aSurface)
-  { }
+  {
+    MOZ_ASSERT(aSurfaceKey.Size() == mSurface->GetSize());
+  }
 
   bool IsFinished() const override { return mSurface->IsFinished(); }
 
   size_t LogicalSizeInBytes() const override
   {
     gfx::IntSize size = mSurface->GetSize();
     return size.width * size.height * mSurface->GetBytesPerPixel();
   }
--- a/image/SurfaceCache.cpp
+++ b/image/SurfaceCache.cpp
@@ -119,27 +119,20 @@ private:
  */
 class CachedSurface
 {
   ~CachedSurface() { }
 public:
   MOZ_DECLARE_REFCOUNTED_TYPENAME(CachedSurface)
   NS_INLINE_DECL_THREADSAFE_REFCOUNTING(CachedSurface)
 
-  CachedSurface(NotNull<ISurfaceProvider*> aProvider,
-                const Cost                 aCost,
-                const ImageKey             aImageKey,
-                const SurfaceKey&          aSurfaceKey)
+  explicit CachedSurface(NotNull<ISurfaceProvider*> aProvider)
     : mProvider(aProvider)
-    , mCost(aCost)
-    , mImageKey(aImageKey)
-    , mSurfaceKey(aSurfaceKey)
-  {
-    MOZ_ASSERT(mImageKey, "Must have a valid image key");
-  }
+    , mIsLocked(false)
+  { }
 
   DrawableSurface GetDrawableSurface() const
   {
     if (MOZ_UNLIKELY(IsPlaceholder())) {
       MOZ_ASSERT_UNREACHABLE("Called GetDrawableSurface() on a placeholder");
       return DrawableSurface();
     }
 
@@ -147,28 +140,41 @@ public:
   }
 
   void SetLocked(bool aLocked)
   {
     if (IsPlaceholder()) {
       return;  // Can't lock a placeholder.
     }
 
+    // Update both our state and our provider's state. Some surface providers
+    // are permanently locked; maintaining our own locking state enables us to
+    // respect SetLocked() even when it's meaningless from the provider's
+    // perspective.
+    mIsLocked = aLocked;
     mProvider->SetLocked(aLocked);
   }
 
-  bool IsLocked() const { return !IsPlaceholder() && mProvider->IsLocked(); }
+  bool IsLocked() const
+  {
+    return !IsPlaceholder() && mIsLocked && mProvider->IsLocked();
+  }
+
   bool IsPlaceholder() const { return mProvider->Availability().IsPlaceholder(); }
   bool IsDecoded() const { return !IsPlaceholder() && mProvider->IsFinished(); }
 
-  ImageKey GetImageKey() const { return mImageKey; }
-  SurfaceKey GetSurfaceKey() const { return mSurfaceKey; }
-  CostEntry GetCostEntry() { return image::CostEntry(WrapNotNull(this), mCost); }
+  ImageKey GetImageKey() const { return mProvider->GetImageKey(); }
+  SurfaceKey GetSurfaceKey() const { return mProvider->GetSurfaceKey(); }
   nsExpirationState* GetExpirationState() { return &mExpirationState; }
 
+  CostEntry GetCostEntry()
+  {
+    return image::CostEntry(WrapNotNull(this), mProvider->LogicalSizeInBytes());
+  }
+
   // A helper type used by SurfaceCacheImpl::CollectSizeOfSurfaces.
   struct MOZ_STACK_CLASS SurfaceMemoryReport
   {
     SurfaceMemoryReport(nsTArray<SurfaceMemoryCounter>& aCounters,
                         MallocSizeOf                    aMallocSizeOf)
       : mCounters(aCounters)
       , mMallocSizeOf(aMallocSizeOf)
     { }
@@ -199,19 +205,17 @@ public:
   private:
     nsTArray<SurfaceMemoryCounter>& mCounters;
     MallocSizeOf                    mMallocSizeOf;
   };
 
 private:
   nsExpirationState                 mExpirationState;
   NotNull<RefPtr<ISurfaceProvider>> mProvider;
-  const Cost                        mCost;
-  const ImageKey                    mImageKey;
-  const SurfaceKey                  mSurfaceKey;
+  bool                              mIsLocked;
 };
 
 static int64_t
 AreaOfIntSize(const IntSize& aSize) {
   return static_cast<int64_t>(aSize.width) * static_cast<int64_t>(aSize.height);
 }
 
 /**
@@ -232,21 +236,21 @@ public:
   MOZ_DECLARE_REFCOUNTED_TYPENAME(ImageSurfaceCache)
   NS_INLINE_DECL_THREADSAFE_REFCOUNTING(ImageSurfaceCache)
 
   typedef
     nsRefPtrHashtable<nsGenericHashKey<SurfaceKey>, CachedSurface> SurfaceTable;
 
   bool IsEmpty() const { return mSurfaces.Count() == 0; }
 
-  void Insert(const SurfaceKey& aKey, NotNull<CachedSurface*> aSurface)
+  void Insert(NotNull<CachedSurface*> aSurface)
   {
     MOZ_ASSERT(!mLocked || aSurface->IsPlaceholder() || aSurface->IsLocked(),
                "Inserting an unlocked surface for a locked image");
-    mSurfaces.Put(aKey, aSurface);
+    mSurfaces.Put(aSurface->GetSurfaceKey(), aSurface);
   }
 
   void Remove(NotNull<CachedSurface*> aSurface)
   {
     MOZ_ASSERT(mSurfaces.GetWeak(aSurface->GetSurfaceKey()),
         "Should not be removing a surface we don't have");
 
     mSurfaces.Remove(aSurface->GetSurfaceKey());
@@ -412,81 +416,81 @@ private:
   }
 
 public:
   void InitMemoryReporter() { RegisterWeakMemoryReporter(this); }
 
   Mutex& GetMutex() { return mMutex; }
 
   InsertOutcome Insert(NotNull<ISurfaceProvider*> aProvider,
-                       const Cost                 aCost,
-                       const ImageKey             aImageKey,
-                       const SurfaceKey&          aSurfaceKey,
                        bool                       aSetAvailable)
   {
     // If this is a duplicate surface, refuse to replace the original.
     // XXX(seth): Calling Lookup() and then RemoveEntry() does the lookup
     // twice. We'll make this more efficient in bug 1185137.
-    LookupResult result = Lookup(aImageKey, aSurfaceKey, /* aMarkUsed = */ false);
+    LookupResult result = Lookup(aProvider->GetImageKey(),
+                                 aProvider->GetSurfaceKey(),
+                                 /* aMarkUsed = */ false);
     if (MOZ_UNLIKELY(result)) {
       return InsertOutcome::FAILURE_ALREADY_PRESENT;
     }
 
     if (result.Type() == MatchType::PENDING) {
-      RemoveEntry(aImageKey, aSurfaceKey);
+      RemoveEntry(aProvider->GetImageKey(), aProvider->GetSurfaceKey());
     }
 
     MOZ_ASSERT(result.Type() == MatchType::NOT_FOUND ||
                result.Type() == MatchType::PENDING,
                "A LookupResult with no surface should be NOT_FOUND or PENDING");
 
     // If this is bigger than we can hold after discarding everything we can,
     // refuse to cache it.
-    if (MOZ_UNLIKELY(!CanHoldAfterDiscarding(aCost))) {
+    Cost cost = aProvider->LogicalSizeInBytes();
+    if (MOZ_UNLIKELY(!CanHoldAfterDiscarding(cost))) {
       mOverflowCount++;
       return InsertOutcome::FAILURE;
     }
 
     // Remove elements in order of cost until we can fit this in the cache. Note
     // that locked surfaces aren't in mCosts, so we never remove them here.
-    while (aCost > mAvailableCost) {
+    while (cost > mAvailableCost) {
       MOZ_ASSERT(!mCosts.IsEmpty(),
                  "Removed everything and it still won't fit");
       Remove(mCosts.LastElement().Surface());
     }
 
     // Locate the appropriate per-image cache. If there's not an existing cache
     // for this image, create it.
-    RefPtr<ImageSurfaceCache> cache = GetImageCache(aImageKey);
+    RefPtr<ImageSurfaceCache> cache = GetImageCache(aProvider->GetImageKey());
     if (!cache) {
       cache = new ImageSurfaceCache;
-      mImageCaches.Put(aImageKey, cache);
+      mImageCaches.Put(aProvider->GetImageKey(), cache);
     }
 
     // If we were asked to mark the cache entry available, do so.
     if (aSetAvailable) {
       aProvider->Availability().SetAvailable();
     }
 
     NotNull<RefPtr<CachedSurface>> surface =
-      WrapNotNull(new CachedSurface(aProvider, aCost, aImageKey, aSurfaceKey));
+      WrapNotNull(new CachedSurface(aProvider));
 
     // We require that locking succeed if the image is locked and we're not
     // inserting a placeholder; the caller may need to know this to handle
     // errors correctly.
     if (cache->IsLocked() && !surface->IsPlaceholder()) {
       surface->SetLocked(true);
       if (!surface->IsLocked()) {
         return InsertOutcome::FAILURE;
       }
     }
 
     // Insert.
-    MOZ_ASSERT(aCost <= mAvailableCost, "Inserting despite too large a cost");
-    cache->Insert(aSurfaceKey, surface);
+    MOZ_ASSERT(cost <= mAvailableCost, "Inserting despite too large a cost");
+    cache->Insert(surface);
     StartTracking(surface);
 
     return InsertOutcome::SUCCESS;
   }
 
   void Remove(NotNull<CachedSurface*> aSurface)
   {
     ImageKey imageKey = aSurface->GetImageKey();
@@ -649,33 +653,30 @@ public:
     return aCost <= mMaxCost;
   }
 
   size_t MaximumCapacity() const
   {
     return size_t(mMaxCost);
   }
 
-  void SurfaceAvailable(NotNull<ISurfaceProvider*> aProvider,
-                        const ImageKey             aImageKey,
-                        const SurfaceKey&          aSurfaceKey)
+  void SurfaceAvailable(NotNull<ISurfaceProvider*> aProvider)
   {
     if (!aProvider->Availability().IsPlaceholder()) {
       MOZ_ASSERT_UNREACHABLE("Calling SurfaceAvailable on non-placeholder");
       return;
     }
 
     // Reinsert the provider, requesting that Insert() mark it available. This
     // may or may not succeed, depending on whether some other decoder has
     // beaten us to the punch and inserted a non-placeholder version of this
     // surface first, but it's fine either way.
     // XXX(seth): This could be implemented more efficiently; we should be able
     // to just update our data structures without reinserting.
-    Cost cost = aProvider->LogicalSizeInBytes();
-    Insert(aProvider, cost, aImageKey, aSurfaceKey, /* aSetAvailable = */ true);
+    Insert(aProvider, /* aSetAvailable = */ true);
   }
 
   void LockImage(const ImageKey aImageKey)
   {
     RefPtr<ImageSurfaceCache> cache = GetImageCache(aImageKey);
     if (!cache) {
       cache = new ImageSurfaceCache;
       mImageCaches.Put(aImageKey, cache);
@@ -1023,28 +1024,24 @@ SurfaceCache::LookupBestMatch(const Imag
     return LookupResult(MatchType::NOT_FOUND);
   }
 
   MutexAutoLock lock(sInstance->GetMutex());
   return sInstance->LookupBestMatch(aImageKey, aSurfaceKey);
 }
 
 /* static */ InsertOutcome
-SurfaceCache::Insert(NotNull<ISurfaceProvider*> aProvider,
-                     const ImageKey             aImageKey,
-                     const SurfaceKey&          aSurfaceKey)
+SurfaceCache::Insert(NotNull<ISurfaceProvider*> aProvider)
 {
   if (!sInstance) {
     return InsertOutcome::FAILURE;
   }
 
   MutexAutoLock lock(sInstance->GetMutex());
-  Cost cost = aProvider->LogicalSizeInBytes();
-  return sInstance->Insert(aProvider, cost, aImageKey, aSurfaceKey,
-                           /* aSetAvailable = */ false);
+  return sInstance->Insert(aProvider, /* aSetAvailable = */ false);
 }
 
 /* static */ bool
 SurfaceCache::CanHold(const IntSize& aSize, uint32_t aBytesPerPixel /* = 4 */)
 {
   if (!sInstance) {
     return false;
   }
@@ -1059,39 +1056,37 @@ SurfaceCache::CanHold(size_t aSize)
   if (!sInstance) {
     return false;
   }
 
   return sInstance->CanHold(aSize);
 }
 
 /* static */ void
-SurfaceCache::SurfaceAvailable(NotNull<ISurfaceProvider*> aProvider,
-                               const ImageKey             aImageKey,
-                               const SurfaceKey&          aSurfaceKey)
+SurfaceCache::SurfaceAvailable(NotNull<ISurfaceProvider*> aProvider)
 {
   if (!sInstance) {
     return;
   }
 
   MutexAutoLock lock(sInstance->GetMutex());
-  sInstance->SurfaceAvailable(aProvider, aImageKey, aSurfaceKey);
+  sInstance->SurfaceAvailable(aProvider);
 }
 
 /* static */ void
-SurfaceCache::LockImage(Image* aImageKey)
+SurfaceCache::LockImage(const ImageKey aImageKey)
 {
   if (sInstance) {
     MutexAutoLock lock(sInstance->GetMutex());
     return sInstance->LockImage(aImageKey);
   }
 }
 
 /* static */ void
-SurfaceCache::UnlockImage(Image* aImageKey)
+SurfaceCache::UnlockImage(const ImageKey aImageKey)
 {
   if (sInstance) {
     MutexAutoLock lock(sInstance->GetMutex());
     return sInstance->UnlockImage(aImageKey);
   }
 }
 
 /* static */ void
@@ -1099,17 +1094,17 @@ SurfaceCache::UnlockEntries(const ImageK
 {
   if (sInstance) {
     MutexAutoLock lock(sInstance->GetMutex());
     return sInstance->UnlockEntries(aImageKey);
   }
 }
 
 /* static */ void
-SurfaceCache::RemoveImage(Image* aImageKey)
+SurfaceCache::RemoveImage(const ImageKey aImageKey)
 {
   if (sInstance) {
     MutexAutoLock lock(sInstance->GetMutex());
     sInstance->RemoveImage(aImageKey);
   }
 }
 
 /* static */ void
--- a/image/SurfaceCache.h
+++ b/image/SurfaceCache.h
@@ -264,54 +264,42 @@ struct SurfaceCache
    * FAILURE if it failed to insert the cache entry, which could happen because
    * of capacity reasons, or because it was already freed by the OS. If the
    * cache entry isn't associated with a locked image, checking for SUCCESS or
    * FAILURE is useless: the entry might expire immediately after being
    * inserted, even though Insert() returned SUCCESS. Thus, many callers do not
    * need to check the result of Insert() at all.
    *
    * @param aProvider    The new cache entry to insert into the cache.
-   * @param aImageKey       Key data identifying which image the cache entry
-   *                        belongs to.
-   * @param aSurfaceKey     Key data which uniquely identifies the requested
-   *                        cache entry.
    * @return SUCCESS if the cache entry was inserted successfully. (But see above
    *           for more information about when you should check this.)
    *         FAILURE if the cache entry could not be inserted, e.g. for capacity
    *           reasons. (But see above for more information about when you
    *           should check this.)
    *         FAILURE_ALREADY_PRESENT if an entry with the same ImageKey and
    *           SurfaceKey already exists in the cache.
    */
-  static InsertOutcome Insert(NotNull<ISurfaceProvider*> aProvider,
-                              const ImageKey    aImageKey,
-                              const SurfaceKey& aSurfaceKey);
+  static InsertOutcome Insert(NotNull<ISurfaceProvider*> aProvider);
 
   /**
    * Mark the cache entry @aProvider as having an available surface. This turns
    * a placeholder cache entry into a normal cache entry. The cache entry
    * becomes locked if the associated image is locked; otherwise, it starts in
    * the unlocked state.
    *
    * If the cache entry containing @aProvider has already been evicted from the
    * surface cache, this function has no effect.
    *
    * It's illegal to call this function if @aProvider is not a placeholder; by
    * definition, non-placeholder ISurfaceProviders should have a surface
    * available already.
    *
    * @param aProvider       The cache entry that now has a surface available.
-   * @param aImageKey       Key data identifying which image the cache entry
-   *                        belongs to.
-   * @param aSurfaceKey     Key data which uniquely identifies the requested
-   *                        cache entry.
    */
-  static void SurfaceAvailable(NotNull<ISurfaceProvider*> aProvider,
-                               const ImageKey    aImageKey,
-                               const SurfaceKey& aSurfaceKey);
+  static void SurfaceAvailable(NotNull<ISurfaceProvider*> aProvider);
 
   /**
    * Checks if a surface of a given size could possibly be stored in the cache.
    * If CanHold() returns false, Insert() will always fail to insert the
    * surface, but the inverse is not true: Insert() may take more information
    * into account than just image size when deciding whether to cache the
    * surface, so Insert() may still fail even if CanHold() returns true.
    *
--- a/image/VectorImage.cpp
+++ b/image/VectorImage.cpp
@@ -957,20 +957,20 @@ VectorImage::CreateSurfaceAndShow(const 
   // Take a strong reference to the frame's surface and make sure it hasn't
   // already been purged by the operating system.
   RefPtr<SourceSurface> surface = frame->GetSourceSurface();
   if (!surface) {
     return Show(svgDrawable, aParams);
   }
 
   // Attempt to cache the frame.
+  SurfaceKey surfaceKey = VectorSurfaceKey(aParams.size, aParams.svgContext);
   NotNull<RefPtr<ISurfaceProvider>> provider =
-    WrapNotNull(new SimpleSurfaceProvider(frame));
-  SurfaceCache::Insert(provider, ImageKey(this),
-                       VectorSurfaceKey(aParams.size, aParams.svgContext));
+    WrapNotNull(new SimpleSurfaceProvider(ImageKey(this), surfaceKey, frame));
+  SurfaceCache::Insert(provider);
 
   // Draw.
   RefPtr<gfxDrawable> drawable =
     new gfxSurfaceDrawable(surface, aParams.size);
   Show(drawable, aParams);
 
   // Send out an invalidation so that surfaces that are still in use get
   // re-locked. See the discussion of the UnlockSurfaces call above.
--- a/ipc/chromium/src/base/condition_variable_posix.cc
+++ b/ipc/chromium/src/base/condition_variable_posix.cc
@@ -15,17 +15,18 @@
 #include "base/time.h"
 
 using base::Time;
 using base::TimeDelta;
 
 ConditionVariable::ConditionVariable(Lock* user_lock)
     : user_mutex_(user_lock->lock_impl()->os_lock()) {
   int rv = 0;
-#if !defined(OS_MACOSX) && !defined(OS_ANDROID)
+#if !defined(OS_MACOSX) && \
+    !(defined(OS_ANDROID) && defined(HAVE_PTHREAD_COND_TIMEDWAIT_MONOTONIC))
   pthread_condattr_t attrs;
   rv = pthread_condattr_init(&attrs);
   DCHECK_EQ(0, rv);
   pthread_condattr_setclock(&attrs, CLOCK_MONOTONIC);
   rv = pthread_cond_init(&condition_, &attrs);
   pthread_condattr_destroy(&attrs);
 #else
   rv = pthread_cond_init(&condition_, NULL);
@@ -63,22 +64,22 @@ void ConditionVariable::TimedWait(const 
   absolute_time.tv_sec = now.tv_sec;
   absolute_time.tv_nsec = now.tv_nsec;
   absolute_time.tv_sec += relative_time.tv_sec;
   absolute_time.tv_nsec += relative_time.tv_nsec;
   absolute_time.tv_sec += absolute_time.tv_nsec / Time::kNanosecondsPerSecond;
   absolute_time.tv_nsec %= Time::kNanosecondsPerSecond;
   DCHECK_GE(absolute_time.tv_sec, now.tv_sec);  // Overflow paranoia
 
-#if defined(OS_ANDROID)
+#if defined(OS_ANDROID) && defined(HAVE_PTHREAD_COND_TIMEDWAIT_MONOTONIC)
   int rv = pthread_cond_timedwait_monotonic_np(
       &condition_, user_mutex_, &absolute_time);
 #else
   int rv = pthread_cond_timedwait(&condition_, user_mutex_, &absolute_time);
-#endif  // OS_ANDROID
+#endif  // OS_ANDROID && HAVE_PTHREAD_COND_TIMEDWAIT_MONOTONIC
 #endif  // OS_MACOSX
 
   DCHECK(rv == 0 || rv == ETIMEDOUT);
 }
 
 void ConditionVariable::Broadcast() {
   int rv = pthread_cond_broadcast(&condition_);
   DCHECK(rv == 0);
--- a/ipc/chromium/src/base/pickle.cc
+++ b/ipc/chromium/src/base/pickle.cc
@@ -391,41 +391,16 @@ bool Pickle::ReadWString(PickleIterator*
   if (!ReadBytesInto(iter, chars.get(), len * sizeof(wchar_t))) {
     return false;
   }
   result->assign(chars.get(), len);
 
   return true;
 }
 
-bool Pickle::FlattenBytes(PickleIterator* iter, const char** data, uint32_t length,
-                          uint32_t alignment) {
-  DCHECK(iter);
-  DCHECK(data);
-  DCHECK(alignment == 4 || alignment == 8);
-  DCHECK(intptr_t(header_) % alignment == 0);
-
-  if (AlignInt(length) < length) {
-    return false;
-  }
-
-  uint32_t padding_len = intptr_t(iter->iter_.Data()) % alignment;
-  if (!iter->iter_.AdvanceAcrossSegments(buffers_, padding_len)) {
-    return false;
-  }
-
-  if (!buffers_.FlattenBytes(iter->iter_, data, length)) {
-    return false;
-  }
-
-  header_ = reinterpret_cast<Header*>(buffers_.Start());
-
-  return iter->iter_.AdvanceAcrossSegments(buffers_, AlignInt(length) - length);
-}
-
 bool Pickle::ExtractBuffers(PickleIterator* iter, size_t length, BufferList* buffers,
                             uint32_t alignment) const
 {
   DCHECK(iter);
   DCHECK(buffers);
   DCHECK(alignment == 4 || alignment == 8);
   DCHECK(intptr_t(header_) % alignment == 0);
 
--- a/ipc/chromium/src/base/pickle.h
+++ b/ipc/chromium/src/base/pickle.h
@@ -106,18 +106,16 @@ class Pickle {
   MOZ_MUST_USE bool ReadInt64(PickleIterator* iter, int64_t* result) const;
   MOZ_MUST_USE bool ReadUInt64(PickleIterator* iter, uint64_t* result) const;
   MOZ_MUST_USE bool ReadDouble(PickleIterator* iter, double* result) const;
   MOZ_MUST_USE bool ReadIntPtr(PickleIterator* iter, intptr_t* result) const;
   MOZ_MUST_USE bool ReadUnsignedChar(PickleIterator* iter, unsigned char* result) const;
   MOZ_MUST_USE bool ReadString(PickleIterator* iter, std::string* result) const;
   MOZ_MUST_USE bool ReadWString(PickleIterator* iter, std::wstring* result) const;
   MOZ_MUST_USE bool ReadBytesInto(PickleIterator* iter, void* data, uint32_t length) const;
-  MOZ_MUST_USE bool FlattenBytes(PickleIterator* iter, const char** data, uint32_t length,
-                                 uint32_t alignment = sizeof(memberAlignmentType));
   MOZ_MUST_USE bool ExtractBuffers(PickleIterator* iter, size_t length, BufferList* buffers,
                                    uint32_t alignment = sizeof(memberAlignmentType)) const;
 
   // Safer version of ReadInt() checks for the result not being negative.
   // Use it for reading the object sizes.
   MOZ_MUST_USE bool ReadLength(PickleIterator* iter, int* result) const;
 
   MOZ_MUST_USE bool ReadSentinel(PickleIterator* iter, uint32_t sentinel) const
--- a/ipc/chromium/src/base/time_posix.cc
+++ b/ipc/chromium/src/base/time_posix.cc
@@ -5,17 +5,17 @@
 // found in the LICENSE file.
 
 #include "base/time.h"
 
 #ifdef OS_MACOSX
 #include <mach/mach_time.h>
 #endif
 #include <sys/time.h>
-#ifdef ANDROID
+#if defined(ANDROID) && !defined(__LP64__)
 #include <time64.h>
 #else
 #include <time.h>
 #endif
 #if defined(ANDROID) || defined(OS_POSIX)
 #include <unistd.h>
 #endif
 
--- a/js/src/asmjs/WasmCompile.cpp
+++ b/js/src/asmjs/WasmCompile.cpp
@@ -582,34 +582,16 @@ DecodeFunctionSection(Decoder& d, Module
     }
 
     if (!d.finishSection(sectionStart, sectionSize))
         return Fail(d, "decls section byte size mismatch");
 
     return true;
 }
 
-static bool
-CheckTypeForJS(Decoder& d, const Sig& sig)
-{
-    for (ValType argType : sig.args()) {
-        if (argType == ValType::I64 && !JitOptions.wasmTestMode)
-            return Fail(d, "cannot import/export i64 argument");
-        if (IsSimdType(argType))
-            return Fail(d, "cannot import/export SIMD argument");
-    }
-
-    if (sig.ret() == ExprType::I64 && !JitOptions.wasmTestMode)
-        return Fail(d, "cannot import/export i64 return type");
-    if (IsSimdType(sig.ret()))
-        return Fail(d, "cannot import/export SIMD return type");
-
-    return true;
-}
-
 static UniqueChars
 MaybeDecodeName(Decoder& d)
 {
     uint32_t numBytes;
     if (!d.readVarU32(&numBytes))
         return nullptr;
 
     const uint8_t* bytes;
@@ -761,19 +743,16 @@ GlobalIsJSCompatible(Decoder& d, ValType
 static bool
 DecodeImport(Decoder& d, bool newFormat, ModuleGeneratorData* init, ImportVector* imports)
 {
     if (!newFormat) {
         const SigWithId* sig = nullptr;
         if (!DecodeSignatureIndex(d, *init, &sig))
             return false;
 
-        if (!CheckTypeForJS(d, *sig))
-            return false;
-
         if (!init->funcImports.emplaceBack(sig))
             return false;
 
         UniqueChars moduleName = MaybeDecodeName(d);
         if (!moduleName)
             return Fail(d, "expected valid import module name");
 
         if (!strlen(moduleName.get()))
@@ -801,18 +780,16 @@ DecodeImport(Decoder& d, bool newFormat,
     if (!d.readVarU32(&importKind))
         return Fail(d, "failed to read import kind");
 
     switch (DefinitionKind(importKind)) {
       case DefinitionKind::Function: {
         const SigWithId* sig = nullptr;
         if (!DecodeSignatureIndex(d, *init, &sig))
             return false;
-        if (!CheckTypeForJS(d, *sig))
-            return false;
         if (!init->funcImports.emplaceBack(sig))
             return false;
         break;
       }
       case DefinitionKind::Table: {
         if (!DecodeResizableTable(d, init))
             return false;
         break;
@@ -1098,19 +1075,16 @@ DecodeExport(Decoder& d, bool newFormat,
     if (!newFormat) {
         uint32_t funcIndex;
         if (!d.readVarU32(&funcIndex))
             return Fail(d, "expected export internal index");
 
         if (funcIndex >= mg.numFuncSigs())
             return Fail(d, "exported function index out of bounds");
 
-        if (!CheckTypeForJS(d, mg.funcSig(funcIndex)))
-            return false;
-
         UniqueChars fieldName = DecodeExportName(d, dupSet);
         if (!fieldName)
             return false;
 
         return mg.addFuncExport(Move(fieldName), funcIndex);
     }
 
     UniqueChars fieldName = DecodeExportName(d, dupSet);
@@ -1125,19 +1099,16 @@ DecodeExport(Decoder& d, bool newFormat,
       case DefinitionKind::Function: {
         uint32_t funcIndex;
         if (!d.readVarU32(&funcIndex))
             return Fail(d, "expected export internal index");
 
         if (funcIndex >= mg.numFuncSigs())
             return Fail(d, "exported function index out of bounds");
 
-        if (!CheckTypeForJS(d, mg.funcSig(funcIndex)))
-            return false;
-
         return mg.addFuncExport(Move(fieldName), funcIndex);
       }
       case DefinitionKind::Table: {
         uint32_t tableIndex;
         if (!d.readVarU32(&tableIndex))
             return Fail(d, "expected table index");
 
         if (tableIndex >= mg.tables().length())
--- a/js/src/asmjs/WasmInstance.cpp
+++ b/js/src/asmjs/WasmInstance.cpp
@@ -128,17 +128,20 @@ Instance::callImport(JSContext* cx, uint
             break;
           case ValType::F32:
             args[i].set(JS::CanonicalizedDoubleValue(*(float*)&argv[i]));
             break;
           case ValType::F64:
             args[i].set(JS::CanonicalizedDoubleValue(*(double*)&argv[i]));
             break;
           case ValType::I64: {
-            MOZ_ASSERT(JitOptions.wasmTestMode, "no int64 in asm.js/wasm");
+            if (!JitOptions.wasmTestMode) {
+                JS_ReportErrorNumber(cx, GetErrorMessage, nullptr, JSMSG_WASM_BAD_I64);
+                return false;
+            }
             RootedObject obj(cx, CreateI64Object(cx, *(int64_t*)&argv[i]));
             if (!obj)
                 return false;
             args[i].set(ObjectValue(*obj));
             hasI64Arg = true;
             break;
           }
           case ValType::I8x16:
@@ -155,16 +158,22 @@ Instance::callImport(JSContext* cx, uint
 
     FuncImportTls& import = funcImportTls(fi);
     RootedFunction importFun(cx, &import.obj->as<JSFunction>());
     RootedValue fval(cx, ObjectValue(*import.obj));
     RootedValue thisv(cx, UndefinedValue());
     if (!Call(cx, fval, thisv, args, rval))
         return false;
 
+    // Throw an error if returning i64 and not in test mode.
+    if (!JitOptions.wasmTestMode && fi.sig().ret() == ExprType::I64) {
+        JS_ReportErrorNumber(cx, GetErrorMessage, nullptr, JSMSG_WASM_BAD_I64);
+        return false;
+    }
+
     // Don't try to optimize if the function has at least one i64 arg or if
     // it returns an int64. GenerateJitExit relies on this, as does the
     // type inference code below in this function.
     if (hasI64Arg || fi.sig().ret() == ExprType::I64)
         return true;
 
     // The import may already have become optimized.
     void* jitExitCode = codeBase() + fi.jitExitCodeOffset();
@@ -534,17 +543,20 @@ Instance::callExport(JSContext* cx, uint
     for (unsigned i = 0; i < func.sig().args().length(); ++i) {
         v = i < args.length() ? args[i] : UndefinedValue();
         switch (func.sig().arg(i)) {
           case ValType::I32:
             if (!ToInt32(cx, v, (int32_t*)&exportArgs[i]))
                 return false;
             break;
           case ValType::I64:
-            MOZ_ASSERT(JitOptions.wasmTestMode, "no int64 in asm.js/wasm");
+            if (!JitOptions.wasmTestMode) {
+                JS_ReportErrorNumber(cx, GetErrorMessage, nullptr, JSMSG_WASM_BAD_I64);
+                return false;
+            }
             if (!ReadI64Object(cx, v, (int64_t*)&exportArgs[i]))
                 return false;
             break;
           case ValType::F32:
             if (JitOptions.wasmTestMode && v.isObject()) {
                 if (!ReadCustomFloat32NaNObject(cx, v, (float*)&exportArgs[i]))
                     return false;
                 break;
@@ -650,17 +662,20 @@ Instance::callExport(JSContext* cx, uint
     switch (func.sig().ret()) {
       case ExprType::Void:
         args.rval().set(UndefinedValue());
         break;
       case ExprType::I32:
         args.rval().set(Int32Value(*(int32_t*)retAddr));
         break;
       case ExprType::I64:
-        MOZ_ASSERT(JitOptions.wasmTestMode, "no int64 in asm.js/wasm");
+        if (!JitOptions.wasmTestMode) {
+            JS_ReportErrorNumber(cx, GetErrorMessage, nullptr, JSMSG_WASM_BAD_I64);
+            return false;
+        }
         retObj = CreateI64Object(cx, *(int64_t*)retAddr);
         if (!retObj)
             return false;
         break;
       case ExprType::F32:
         if (JitOptions.wasmTestMode && IsNaN(*(float*)retAddr)) {
             retObj = CreateCustomNaNObject(cx, (float*)retAddr);
             if (!retObj)
--- a/js/src/asmjs/WasmStubs.cpp
+++ b/js/src/asmjs/WasmStubs.cpp
@@ -163,17 +163,16 @@ wasm::GenerateEntry(MacroAssembler& masm
     masm.reserveStack(AlignBytes(StackArgBytes(fe.sig().args()), AsmJSStackAlignment));
 
     // Copy parameters out of argv and into the registers/stack-slots specified by
     // the system ABI.
     for (ABIArgValTypeIter iter(fe.sig().args()); !iter.done(); iter++) {
         unsigned argOffset = iter.index() * sizeof(ExportArg);
         Address src(argv, argOffset);
         MIRType type = iter.mirType();
-        MOZ_ASSERT_IF(type == MIRType::Int64, JitOptions.wasmTestMode);
         switch (iter->kind()) {
           case ABIArg::GPR:
             if (type == MIRType::Int32)
                 masm.load32(src, iter->gpr());
             else if (type == MIRType::Int64)
                 masm.load64(src, iter->gpr64());
             break;
 #ifdef JS_CODEGEN_REGISTER_PAIR
@@ -278,17 +277,16 @@ wasm::GenerateEntry(MacroAssembler& masm
     // Store the return value in argv[0]
     switch (fe.sig().ret()) {
       case ExprType::Void:
         break;
       case ExprType::I32:
         masm.store32(ReturnReg, Address(argv, 0));
         break;
       case ExprType::I64:
-        MOZ_ASSERT(JitOptions.wasmTestMode, "no int64 in asm.js/wasm");
         masm.store64(ReturnReg64, Address(argv, 0));
         break;
       case ExprType::F32:
         if (!JitOptions.wasmTestMode)
             masm.canonicalizeFloat(ReturnFloat32Reg);
         masm.storeFloat32(ReturnFloat32Reg, Address(argv, 0));
         break;
       case ExprType::F64:
@@ -329,18 +327,16 @@ typedef bool ToValue;
 static void
 FillArgumentArray(MacroAssembler& masm, const ValTypeVector& args, unsigned argOffset,
                   unsigned offsetToCallerStackArgs, Register scratch, ToValue toValue)
 {
     for (ABIArgValTypeIter i(args); !i.done(); i++) {
         Address dstAddr(masm.getStackPointer(), argOffset + i.index() * sizeof(Value));
 
         MIRType type = i.mirType();
-        MOZ_ASSERT_IF(type == MIRType::Int64, JitOptions.wasmTestMode);
-
         switch (i->kind()) {
           case ABIArg::GPR:
             if (type == MIRType::Int32) {
                 if (toValue)
                     masm.storeValue(JSVAL_TYPE_INT32, i->gpr(), dstAddr);
                 else
                     masm.store32(i->gpr(), dstAddr);
             } else if (type == MIRType::Int64) {
@@ -515,17 +511,16 @@ wasm::GenerateInterpExit(MacroAssembler&
         masm.branchTest32(Assembler::Zero, ReturnReg, ReturnReg, JumpTarget::Throw);
         break;
       case ExprType::I32:
         masm.call(SymbolicAddress::CallImport_I32);
         masm.branchTest32(Assembler::Zero, ReturnReg, ReturnReg, JumpTarget::Throw);
         masm.load32(argv, ReturnReg);
         break;
       case ExprType::I64:
-        MOZ_ASSERT(JitOptions.wasmTestMode);
         masm.call(SymbolicAddress::CallImport_I64);
         masm.branchTest32(Assembler::Zero, ReturnReg, ReturnReg, JumpTarget::Throw);
         masm.load64(argv, ReturnReg64);
         break;
       case ExprType::F32:
         masm.call(SymbolicAddress::CallImport_F64);
         masm.branchTest32(Assembler::Zero, ReturnReg, ReturnReg, JumpTarget::Throw);
         masm.loadDouble(argv, ReturnDoubleReg);
@@ -711,17 +706,16 @@ wasm::GenerateJitExit(MacroAssembler& ma
     switch (sig.ret()) {
       case ExprType::Void:
         break;
       case ExprType::I32:
         masm.convertValueToInt32(JSReturnOperand, ReturnDoubleReg, ReturnReg, &oolConvert,
                                  /* -0 check */ false);
         break;
       case ExprType::I64:
-        MOZ_ASSERT(JitOptions.wasmTestMode, "no int64 in asm.js/wasm");
         // We don't expect int64 to be returned from Ion yet, because of a
         // guard in callImport.
         masm.breakpoint();
         break;
       case ExprType::F32:
         masm.convertValueToFloat(JSReturnOperand, ReturnFloat32Reg, &oolConvert);
         break;
       case ExprType::F64:
--- a/js/src/jit-test/tests/wasm/basic-const.js
+++ b/js/src/jit-test/tests/wasm/basic-const.js
@@ -23,18 +23,16 @@ testConst('i32', '2147483647', 214748364
 testConst('i32', '4294967295', -1);
 testConst('i32', '-2147483648', -2147483648);
 testConst('i32', '0x7fffffff', 2147483647);
 testConst('i32', '0x80000000', -2147483648);
 testConst('i32', '-0x80000000', -2147483648);
 testConst('i32', '0xffffffff', -1);
 
 {
-    assertErrorMessage(() => wasmEvalText('(module (func (result i64) (i64.const 0)) (export "" 0))'), TypeError, /cannot .* i64/);
-
     setJitCompilerOption('wasm.test-mode', 1);
 
     testConst('i64', '0', 0);
     testConst('i64', '-0', 0);
 
     testConst('i64', '23', 23);
     testConst('i64', '-23', -23);
 
@@ -69,18 +67,16 @@ testConst('i32', '0xffffffff', -1);
     // INT64_MIN - 1
     testConstError('i64', '-9223372036854775809');
 
     testConstError('i64', '');
     testConstError('i64', '0.0');
     testConstError('i64', 'not an i64');
 
     setJitCompilerOption('wasm.test-mode', 0);
-
-    assertErrorMessage(() => wasmEvalText('(module (func (result i64) (i64.const 0)) (export "" 0))'), TypeError, /cannot .* i64/);
 }
 
 testConst('f32', '0.0', 0.0);
 testConst('f32', '-0', -0.0);
 testConst('f32', '-0.0', -0.0);
 testConst('f32', '0x0.0', 0.0);
 testConst('f32', '-0x0.0', -0.0);
 testConst('f32', '-0x0', -0.0);
--- a/js/src/jit-test/tests/wasm/basic.js
+++ b/js/src/jit-test/tests/wasm/basic.js
@@ -62,18 +62,25 @@ assertErrorMessage(() => wasmEvalText('(
 wasmEvalText('(module (func (nop)))');
 wasmEvalText('(module (func (result i32) (i32.const 42)))');
 wasmEvalText('(module (func (param i32)))');
 wasmEvalText('(module (func (param i32) (result i32) (i32.const 42)))');
 wasmEvalText('(module (func (result i32) (param i32) (i32.const 42)))');
 wasmEvalText('(module (func (param f32)))');
 wasmEvalText('(module (func (param f64)))');
 
-assertErrorMessage(() => wasmEvalText('(module (func (param i64) (result i32) (i32.const 123)) (export "" 0))'), TypeError, /i64 argument/);
-assertErrorMessage(() => wasmEvalText('(module (func (param i32) (result i64) (i64.const 123)) (export "" 0))'), TypeError, /i64 return type/);
+var f = wasmEvalText('(module (func (param i64) (result i32) (i32.const 123)) (export "" 0))');
+assertErrorMessage(() => f(), TypeError, /i64/);
+var f = wasmEvalText('(module (func (param i32) (result i64) (i64.const 123)) (export "" 0))');
+assertErrorMessage(() => f(), TypeError, /i64/);
+
+var f = wasmEvalText('(module (import $imp "a" "b" (param i64) (result i32)) (func $f (call_import $imp (i64.const 0))) (export "" $f))', {a:{b:()=>{}}});
+assertErrorMessage(() => f(), TypeError, /i64/);
+var f = wasmEvalText('(module (import $imp "a" "b" (result i64)) (func $f (call_import $imp)) (export "" $f))', {a:{b:()=>{}}});
+assertErrorMessage(() => f(), TypeError, /i64/);
 
 setJitCompilerOption('wasm.test-mode', 1);
 assertEqI64(wasmEvalText('(module (func (result i64) (i64.const 123)) (export "" 0))')(), {low: 123, high: 0});
 assertEqI64(wasmEvalText('(module (func (param i64) (result i64) (get_local 0)) (export "" 0))')({ low: 0x7fffffff, high: 0x12340000}),
             {low: 0x7fffffff, high: 0x12340000});
 assertEqI64(wasmEvalText('(module (func (param i64) (result i64) (i64.add (get_local 0) (i64.const 1))) (export "" 0))')({ low: 0xffffffff, high: 0x12340000}), {low: 0x0, high: 0x12340001});
 setJitCompilerOption('wasm.test-mode', 0);
 
@@ -322,19 +329,16 @@ assertEq(wasmEvalText(code.replace('BODY
 assertEq(wasmEvalText(code.replace('BODY', '(call 1)'), imports)(), 4);
 
 assertEq(wasmEvalText(`(module (import "evalcx" "" (param i32) (result i32)) (func (result i32) (call_import 0 (i32.const 0))) (export "" 0))`, {evalcx})(), 0);
 
 if (typeof evaluate === 'function')
     evaluate(`Wasm.instantiateModule(wasmTextToBinary('(module)')) `, { fileName: null });
 
 {
-    assertErrorMessage(() => wasmEvalText('(module (import "a" "" (param i64) (result i32)))'), TypeError, /i64 argument/);
-    assertErrorMessage(() => wasmEvalText('(module (import "a" "" (result i64)))'), TypeError, /i64 return type/);
-
     setJitCompilerOption('wasm.test-mode', 1);
 
     let imp = {
         param(i64) {
             assertEqI64(i64, {
                 low: 0x9abcdef0,
                 high: 0x12345678
             });
--- a/js/src/jit-test/tests/wasm/import-export.js
+++ b/js/src/jit-test/tests/wasm/import-export.js
@@ -282,16 +282,24 @@ assertEq(e1.foo, tbl.get(0));
 tbl.set(1, e1.foo);
 assertEq(e1.foo, tbl.get(1));
 var e2 = new Instance(new Module(code), {a:{b:tbl}}).exports;
 assertEq(e2.foo, tbl.get(0));
 assertEq(e1.foo, tbl.get(1));
 assertEq(tbl.get(0) === e1.foo, false);
 assertEq(e1.foo === e2.foo, false);
 
+// i64 is fully allowed for imported wasm functions
+
+var code1 = textToBinary('(module (func $exp (param i64) (result i64) (i64.add (get_local 0) (i64.const 10))) (export "exp" $exp))');
+var e1 = new Instance(new Module(code1)).exports;
+var code2 = textToBinary('(module (import $i "a" "b" (param i64) (result i64)) (func $f (result i32) (i32.wrap/i64 (call_import $i (i64.const 42)))) (export "f" $f))');
+var e2 = new Instance(new Module(code2), {a:{b:e1.exp}}).exports;
+assertEq(e2.f(), 52);
+
 // Non-existent export errors
 
 assertErrorMessage(() => new Module(textToBinary('(module (export "a" 0))')), TypeError, /exported function index out of bounds/);
 assertErrorMessage(() => new Module(textToBinary('(module (export "a" global 0))')), TypeError, /exported global index out of bounds/);
 assertErrorMessage(() => new Module(textToBinary('(module (export "a" memory))')), TypeError, /exported memory index out of bounds/);
 assertErrorMessage(() => new Module(textToBinary('(module (export "a" table))')), TypeError, /exported table index out of bounds/);
 
 // Default memory/table rules
--- a/js/src/js.msg
+++ b/js/src/js.msg
@@ -351,16 +351,17 @@ MSG_DEF(JSMSG_WASM_BAD_MOD_ARG,        0
 MSG_DEF(JSMSG_WASM_BAD_DESC_ARG,       1, JSEXN_TYPEERR,     "first argument must be a {0} descriptor")
 MSG_DEF(JSMSG_WASM_BAD_IMP_SIZE,       1, JSEXN_TYPEERR,     "imported {0} with incompatible size")
 MSG_DEF(JSMSG_WASM_BAD_SIZE,           2, JSEXN_TYPEERR,     "bad {0} {1} size")
 MSG_DEF(JSMSG_WASM_BAD_ELEMENT,        0, JSEXN_TYPEERR,     "\"element\" property of table descriptor must be \"anyfunc\"")
 MSG_DEF(JSMSG_WASM_BAD_IMPORT_ARG,     0, JSEXN_TYPEERR,     "second argument, if present, must be an object")
 MSG_DEF(JSMSG_WASM_BAD_IMPORT_FIELD,   1, JSEXN_TYPEERR,     "import object field is not {0}")
 MSG_DEF(JSMSG_WASM_BAD_IMPORT_SIG,     0, JSEXN_TYPEERR,     "imported function signature mismatch")
 MSG_DEF(JSMSG_WASM_BAD_SET_VALUE,      0, JSEXN_TYPEERR,     "second argument must be null or an exported WebAssembly Function object")
+MSG_DEF(JSMSG_WASM_BAD_I64,            0, JSEXN_TYPEERR,     "cannot pass i64 to or from JS")
 MSG_DEF(JSMSG_WASM_UNREACHABLE,        0, JSEXN_ERR,         "unreachable executed")
 MSG_DEF(JSMSG_WASM_INTEGER_OVERFLOW,   0, JSEXN_ERR,         "integer overflow")
 MSG_DEF(JSMSG_WASM_INVALID_CONVERSION, 0, JSEXN_ERR,         "invalid conversion to integer")
 MSG_DEF(JSMSG_WASM_INT_DIVIDE_BY_ZERO, 0, JSEXN_ERR,         "integer divide by zero")
 MSG_DEF(JSMSG_WASM_UNALIGNED_ACCESS,   0, JSEXN_ERR,         "unaligned memory access")
 MSG_DEF(JSMSG_WASM_OVERRECURSED,       0, JSEXN_INTERNALERR, "call stack exhausted")
 
 // Proxy
--- a/js/xpconnect/src/XPCThrower.cpp
+++ b/js/xpconnect/src/XPCThrower.cpp
@@ -54,18 +54,17 @@ XPCThrower::CheckForPendingException(nsr
     if (!e)
         return false;
     XPCJSRuntime::Get()->SetPendingException(nullptr);
 
     nsresult e_result;
     if (NS_FAILED(e->GetResult(&e_result)) || e_result != result)
         return false;
 
-    if (!ThrowExceptionObject(cx, e))
-        JS_ReportOutOfMemory(cx);
+    ThrowExceptionObject(cx, e);
     return true;
 }
 
 // static
 void
 XPCThrower::Throw(nsresult rv, XPCCallContext& ccx)
 {
     char* sz;
--- a/layout/base/RestyleManagerBase.cpp
+++ b/layout/base/RestyleManagerBase.cpp
@@ -656,36 +656,45 @@ HasBoxAncestor(nsIFrame* aFrame)
 /**
  * Return true if aFrame's subtree has placeholders for out-of-flow content
  * whose 'position' style's bit in aPositionMask is set.
  */
 static bool
 FrameHasPositionedPlaceholderDescendants(nsIFrame* aFrame,
                                          uint32_t aPositionMask)
 {
-  const nsIFrame::ChildListIDs skip(nsIFrame::kAbsoluteList |
-                                    nsIFrame::kFixedList);
+  MOZ_ASSERT(aPositionMask & (1 << NS_STYLE_POSITION_FIXED));
+
   for (nsIFrame::ChildListIterator lists(aFrame); !lists.IsDone(); lists.Next()) {
-    if (!skip.Contains(lists.CurrentID())) {
-      for (nsIFrame* f : lists.CurrentList()) {
-        if (f->GetType() == nsGkAtoms::placeholderFrame) {
-          nsIFrame* outOfFlow =
-            nsPlaceholderFrame::GetRealFrameForPlaceholder(f);
-          // If SVG text frames could appear here, they could confuse us since
-          // they ignore their position style ... but they can't.
-          NS_ASSERTION(!outOfFlow->IsSVGText(),
-                       "SVG text frames can't be out of flow");
-          if (aPositionMask & (1 << outOfFlow->StyleDisplay()->mPosition)) {
-            return true;
-          }
-        }
-        if (FrameHasPositionedPlaceholderDescendants(f, aPositionMask)) {
+    for (nsIFrame* f : lists.CurrentList()) {
+      if (f->GetType() == nsGkAtoms::placeholderFrame) {
+        nsIFrame* outOfFlow =
+          nsPlaceholderFrame::GetRealFrameForPlaceholder(f);
+        // If SVG text frames could appear here, they could confuse us since
+        // they ignore their position style ... but they can't.
+        NS_ASSERTION(!outOfFlow->IsSVGText(),
+                     "SVG text frames can't be out of flow");
+        if (aPositionMask & (1 << outOfFlow->StyleDisplay()->mPosition)) {
           return true;
         }
       }
+      uint32_t positionMask = aPositionMask;
+      // Is it faster to check aPositionMask & (1 << NS_STYLE_POSITION_ABSOLUTE)
+      // before we check IsAbsPosContainingBlock?  Not clear....
+      if (f->IsAbsPosContainingBlock()) {
+        if (f->IsFixedPosContainingBlock()) {
+          continue;
+        }
+        // We don't care about absolutely positioned things inside f, because
+        // they will still use f as their containing block.
+        positionMask = (1 << NS_STYLE_POSITION_FIXED);
+      }
+      if (FrameHasPositionedPlaceholderDescendants(f, positionMask)) {
+        return true;
+      }
     }
   }
   return false;
 }
 
 static bool
 NeedToReframeForAddingOrRemovingTransform(nsIFrame* aFrame)
 {
--- a/layout/base/nsDisplayItemTypesList.h
+++ b/layout/base/nsDisplayItemTypesList.h
@@ -38,16 +38,17 @@ DECLARE_DISPLAY_ITEM_TYPE(OPTION_EVENT_G
 DECLARE_DISPLAY_ITEM_TYPE(OUTLINE)
 DECLARE_DISPLAY_ITEM_TYPE(OWN_LAYER)
 DECLARE_DISPLAY_ITEM_TYPE(PAGE_CONTENT)
 DECLARE_DISPLAY_ITEM_TYPE(PAGE_SEQUENCE)
 DECLARE_DISPLAY_ITEM_TYPE(PLUGIN)
 DECLARE_DISPLAY_ITEM_TYPE(PLUGIN_READBACK)
 DECLARE_DISPLAY_ITEM_TYPE(PLUGIN_VIDEO)
 DECLARE_DISPLAY_ITEM_TYPE(PRINT_PLUGIN)
+DECLARE_DISPLAY_ITEM_TYPE(RANGE_FOCUS_RING)
 DECLARE_DISPLAY_ITEM_TYPE(REMOTE)
 DECLARE_DISPLAY_ITEM_TYPE(REMOTE_SHADOW)
 DECLARE_DISPLAY_ITEM_TYPE(RESOLUTION)
 DECLARE_DISPLAY_ITEM_TYPE(SCROLL_INFO_LAYER)
 DECLARE_DISPLAY_ITEM_TYPE(SELECTION_OVERLAY)
 DECLARE_DISPLAY_ITEM_TYPE(SOLID_COLOR)
 DECLARE_DISPLAY_ITEM_TYPE(SUBDOCUMENT)
 DECLARE_DISPLAY_ITEM_TYPE(SVG_EFFECTS)
--- a/layout/base/nsDisplayList.cpp
+++ b/layout/base/nsDisplayList.cpp
@@ -420,17 +420,17 @@ AddAnimationForProperty(nsIFrame* aFrame
                            ? TimeStamp()
                            : aAnimation->AnimationTimeToTimeStamp(
                               StickyTimeDuration(timing.mDelay));
   animation->initialCurrentTime() = aAnimation->GetCurrentTime().Value()
                                     - timing.mDelay;
   animation->duration() = computedTiming.mDuration;
   animation->iterations() = computedTiming.mIterations;
   animation->iterationStart() = computedTiming.mIterationStart;
-  animation->direction() = static_cast<uint32_t>(timing.mDirection);
+  animation->direction() = static_cast<uint8_t>(timing.mDirection);
   animation->property() = aProperty.mProperty;
   animation->playbackRate() = aAnimation->PlaybackRate();
   animation->data() = aData;
   animation->easingFunction() = ToTimingFunction(timing.mFunction);
 
   for (uint32_t segIdx = 0; segIdx < aProperty.mSegments.Length(); segIdx++) {
     const AnimationPropertySegment& segment = aProperty.mSegments[segIdx];
 
@@ -724,17 +724,16 @@ nsDisplayListBuilder::nsDisplayListBuild
       mCurrentScrollbarFlags(0),
       mPerspectiveItemIndex(0),
       mSVGEffectsBuildingDepth(0),
       mContainsBlendMode(false),
       mIsBuildingScrollbar(false),
       mCurrentScrollbarWillHaveLayer(false),
       mBuildCaret(aBuildCaret),
       mIgnoreSuppression(false),
-      mHadToIgnoreSuppression(false),
       mIsAtRootOfPseudoStackingContext(false),
       mIncludeAllOutOfFlows(false),
       mDescendIntoSubdocuments(true),
       mSelectedFramesOnly(false),
       mAccurateVisibleRegions(false),
       mAllowMergingAndFlattening(true),
       mWillComputePluginGeometry(false),
       mInTransform(false),
@@ -982,19 +981,16 @@ nsDisplayListBuilder::EnterPresShell(nsI
   if (mIsPaintingToWindow) {
     mReferenceFrame->AddPaintedPresShell(state->mPresShell);
 
     state->mPresShell->IncrementPaintCount();
   }
 
   bool buildCaret = mBuildCaret;
   if (mIgnoreSuppression || !state->mPresShell->IsPaintingSuppressed()) {
-    if (state->mPresShell->IsPaintingSuppressed()) {
-      mHadToIgnoreSuppression = true;
-    }
     state->mIsBackgroundOnly = false;
   } else {
     state->mIsBackgroundOnly = true;
     buildCaret = false;
   }
 
   bool pointerEventsNone = aPointerEventsNoneDoc;
   if (IsInSubdocument()) {
@@ -5877,17 +5873,17 @@ nsDisplayTransform::GetResultingTransfor
 bool
 nsDisplayOpacity::CanUseAsyncAnimations(nsDisplayListBuilder* aBuilder)
 {
   if (ActiveLayerTracker::IsStyleAnimated(aBuilder, mFrame, eCSSProperty_opacity)) {
     return true;
   }
 
   EffectCompositor::SetPerformanceWarning(
-    mFrame, eCSSProperty_transform,
+    mFrame, eCSSProperty_opacity,
     AnimationPerformanceWarning(
       AnimationPerformanceWarning::Type::OpacityFrameInactive));
 
   return false;
 }
 
 bool
 nsDisplayTransform::CanUseAsyncAnimations(nsDisplayListBuilder* aBuilder)
--- a/layout/base/nsDisplayList.h
+++ b/layout/base/nsDisplayList.h
@@ -422,21 +422,16 @@ public:
    * so that methods like GetFrameForPoint work when painting is suppressed.
    */
   void IgnorePaintSuppression() { mIgnoreSuppression = true; }
   /**
    * @return Returns if this builder will ignore paint suppression.
    */
   bool IsIgnoringPaintSuppression() { return mIgnoreSuppression; }
   /**
-   * @return Returns if this builder had to ignore painting suppression on some
-   * document when building the display list.
-   */
-  bool GetHadToIgnorePaintSuppression() { return mHadToIgnoreSuppression; }
-  /**
    * Call this if we're doing normal painting to the window.
    */
   void SetPaintingToWindow(bool aToWindow) { mIsPaintingToWindow = aToWindow; }
   bool IsPaintingToWindow() const { return mIsPaintingToWindow; }
   /**
    * Call this to prevent descending into subdocuments.
    */
   void SetDescendIntoSubdocuments(bool aDescend) { mDescendIntoSubdocuments = aDescend; }
@@ -1256,17 +1251,16 @@ private:
   Preserves3DContext             mPreserves3DCtx;
   uint32_t                       mPerspectiveItemIndex;
   int32_t                        mSVGEffectsBuildingDepth;
   bool                           mContainsBlendMode;
   bool                           mIsBuildingScrollbar;
   bool                           mCurrentScrollbarWillHaveLayer;
   bool                           mBuildCaret;
   bool                           mIgnoreSuppression;
-  bool                           mHadToIgnoreSuppression;
   bool                           mIsAtRootOfPseudoStackingContext;
   bool                           mIncludeAllOutOfFlows;
   bool                           mDescendIntoSubdocuments;
   bool                           mSelectedFramesOnly;
   bool                           mAccurateVisibleRegions;
   bool                           mAllowMergingAndFlattening;
   bool                           mWillComputePluginGeometry;
   // True when we're building a display list that's directly or indirectly
--- a/layout/forms/nsRangeFrame.cpp
+++ b/layout/forms/nsRangeFrame.cpp
@@ -188,17 +188,17 @@ public:
 #endif
 
   nsDisplayItemGeometry* AllocateGeometry(nsDisplayListBuilder* aBuilder) override;
   void ComputeInvalidationRegion(nsDisplayListBuilder* aBuilder,
                                  const nsDisplayItemGeometry* aGeometry,
                                  nsRegion *aInvalidRegion) override;
   virtual nsRect GetBounds(nsDisplayListBuilder* aBuilder, bool* aSnap) override;
   virtual void Paint(nsDisplayListBuilder* aBuilder, nsRenderingContext* aCtx) override;
-  NS_DISPLAY_DECL_NAME("RangeFocusRing", TYPE_OUTLINE)
+  NS_DISPLAY_DECL_NAME("RangeFocusRing", TYPE_RANGE_FOCUS_RING)
 };
 
 nsDisplayItemGeometry*
 nsDisplayRangeFocusRing::AllocateGeometry(nsDisplayListBuilder* aBuilder)
 {
   return new nsDisplayItemGenericImageGeometry(this, aBuilder);
 }
 
new file mode 100644
--- /dev/null
+++ b/layout/reftests/transform/dynamic-addremove-2-ref.html
@@ -0,0 +1,3 @@
+<!DOCTYPE html>
+<html style="background: green">
+</html>
new file mode 100644
--- /dev/null
+++ b/layout/reftests/transform/dynamic-addremove-2.html
@@ -0,0 +1,17 @@
+<!DOCTYPE html>
+<html style="background: red">
+  <div style="transform: translate3d(0, 0, 0); position: absolute;
+              top: 0; left: 0; width: 100px; height: 100px">
+    <div style="position: absolute">
+      <div style="position: fixed; width: 100%; height: 100%; top: 0; left: 0;
+                  background: green">
+      </div>
+    </div>
+  </div>
+  <script>
+    onload = function() {
+      document.body.offsetWidth;
+      document.querySelector("div").style.transform = "none";
+    }
+  </script>
+</html>
--- a/layout/reftests/transform/reftest.list
+++ b/layout/reftests/transform/reftest.list
@@ -4,16 +4,17 @@
 == singular-1a.html about:blank
 # Multiple transforms should act identically to nested divs.
 == compound-1a.html compound-1-ref.html
 != compound-1a.html compound-1-fail.html
 == dynamic-inherit-1.html dynamic-inherit-1-ref.html
 == dynamic-addremove-1a.html dynamic-addremove-1-ref.html
 == dynamic-addremove-1b.html dynamic-addremove-1-ref.html
 == dynamic-addremove-1c.html dynamic-addremove-1-ref.html
+== dynamic-addremove-2.html dynamic-addremove-2-ref.html
 # translatex should act like position: relative
 skip-if(B2G||Mulet) == translatex-1a.html translatex-1-ref.html # bug 773482 # Initial mulet triage: parity with B2G/B2G Desktop
 skip-if(B2G||Mulet) == translatex-1b.html translatex-1-ref.html # Initial mulet triage: parity with B2G/B2G Desktop
 skip-if(B2G||Mulet) == translatex-1c.html translatex-1-ref.html # Initial mulet triage: parity with B2G/B2G Desktop
 skip-if(B2G||Mulet) == translatex-1d.html translatex-1-ref.html # bug 773482 # Initial mulet triage: parity with B2G/B2G Desktop
 skip-if(B2G||Mulet) == translatex-1e.html translatex-1-ref.html # Initial mulet triage: parity with B2G/B2G Desktop
 skip-if(B2G||Mulet) == translatex-1a.html translatex-1-ref-2.html # Initial mulet triage: parity with B2G/B2G Desktop
 # translatey should act like position: relative
--- a/layout/style/ServoStyleSet.cpp
+++ b/layout/style/ServoStyleSet.cpp
@@ -71,16 +71,27 @@ ServoStyleSet::EndUpdate()
 
   // ... do something ...
   return NS_OK;
 }
 
 void
 ServoStyleSet::StartStyling(nsPresContext* aPresContext)
 {
+  MOZ_ASSERT(!mStylingStarted);
+
+  // Some things, like nsDocumentViewer::GetPageMode, recreate the presShell,
+  // while keeping the content tree alive. See bug 1292280.
+  //
+  // That's why we need to force a restyle.
+  nsIContent* root = mPresContext->Document()->GetRootElement();
+  if (root) {
+    root->SetIsDirtyForServo();
+  }
+
   StyleDocument(/* aLeaveDirtyBits = */ false);
   mStylingStarted = true;
 }
 
 already_AddRefed<nsStyleContext>
 ServoStyleSet::ResolveStyleFor(Element* aElement,
                                nsStyleContext* aParentContext)
 {
--- a/layout/style/nsAnimationManager.cpp
+++ b/layout/style/nsAnimationManager.cpp
@@ -438,22 +438,16 @@ nsAnimationManager::UpdateAnimations(nsS
   }
   collection->mAnimations.SwapElements(newAnimations);
 
   // Cancel removed animations
   for (size_t newAnimIdx = newAnimations.Length(); newAnimIdx-- != 0; ) {
     newAnimations[newAnimIdx]->CancelFromStyle();
   }
 
-  mPresContext->EffectCompositor()->
-    MaybeUpdateAnimationRule(aElement,
-                             aStyleContext->GetPseudoType(),
-                             EffectCompositor::CascadeLevel::Animations,
-                             aStyleContext);
-
   // We don't actually dispatch the pending events now.  We'll either
   // dispatch them the next time we get a refresh driver notification
   // or the next time somebody calls
   // nsPresShell::FlushPendingNotifications.
   if (mEventDispatcher.HasQueuedEvents()) {
     mPresContext->Document()->SetNeedStyleFlush();
   }
 }
--- a/media/libstagefright/binding/Box.cpp
+++ b/media/libstagefright/binding/Box.cpp
@@ -2,16 +2,17 @@
 /* vim:set ts=2 sw=2 sts=2 et cindent: */
 /* This Source Code Form is subject to the terms of the Mozilla Public
  * License, v. 2.0. If a copy of the MPL was not distributed with this
  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
 
 #include "mp4_demuxer/Box.h"
 #include "mp4_demuxer/Stream.h"
 #include "mozilla/EndianUtils.h"
+#include "mozilla/Unused.h"
 #include <algorithm>
 
 using namespace mozilla;
 
 namespace mp4_demuxer {
 
 // Limit reads to 32MiB max.
 // static
@@ -136,20 +137,22 @@ Box::FirstChild() const
 {
   MOZ_ASSERT(IsAvailable());
   if (mChildOffset == mRange.mEnd) {
     return Box();
   }
   return Box(mContext, mChildOffset, this);
 }
 
-bool
-Box::Read(nsTArray<uint8_t>* aDest)
+nsTArray<uint8_t>
+Box::Read()
 {
-  return Read(aDest, mRange);
+  nsTArray<uint8_t> out;
+  Unused << Read(&out, mRange);
+  return out;
 }
 
 bool
 Box::Read(nsTArray<uint8_t>* aDest, const MediaByteRange& aRange)
 {
   int64_t length;
   if (!mContext->mSource->Length(&length)) {
     // The HTTP server didn't give us a length to work with.
--- a/media/libstagefright/binding/MoofParser.cpp
+++ b/media/libstagefright/binding/MoofParser.cpp
@@ -639,18 +639,17 @@ Tkhd::Tkhd(Box& aBox)
   } else if (version == 1) {
     mCreationTime = reader->ReadU64();
     mModificationTime = reader->ReadU64();
     mTrackId = reader->ReadU32();
     uint32_t reserved = reader->ReadU32();
     NS_ASSERTION(!reserved, "reserved should be 0");
     mDuration = reader->ReadU64();
   }
-  // More stuff that we don't care about
-  reader->DiscardRemaining();
+  // We don't care about whatever else may be in the box.
   mValid = true;
 }
 
 Mvhd::Mvhd(Box& aBox)
 {
   BoxReader reader(aBox);
   if (!reader->CanReadType<uint32_t>()) {
     LOG(Mdhd, "Incomplete Box (missing flags)");
@@ -672,21 +671,19 @@ Mvhd::Mvhd(Box& aBox)
     mTimescale = reader->ReadU32();
     mDuration = reader->ReadU32();
   } else if (version == 1) {
     mCreationTime = reader->ReadU64();
     mModificationTime = reader->ReadU64();
     mTimescale = reader->ReadU32();
     mDuration = reader->ReadU64();
   } else {
-    reader->DiscardRemaining();
     return;
   }
-  // More stuff that we don't care about
-  reader->DiscardRemaining();
+  // We don't care about whatever else may be in the box.
   if (mTimescale) {
     mValid = true;
   }
 }
 
 Mdhd::Mdhd(Box& aBox)
   : Mvhd(aBox)
 {
@@ -768,17 +765,16 @@ Tfdt::Tfdt(Box& aBox)
         (uint64_t)reader->Remaining(), (uint64_t)need);
     return;
   }
   if (version == 0) {
     mBaseMediaDecodeTime = reader->ReadU32();
   } else if (version == 1) {
     mBaseMediaDecodeTime = reader->ReadU64();
   }
-  reader->DiscardRemaining();
   mValid = true;
 }
 
 Edts::Edts(Box& aBox)
   : mMediaStart(0)
   , mEmptyOffset(0)
 {
   Box child = aBox.FirstChild();
@@ -849,31 +845,28 @@ Saiz::Saiz(Box& aBox, AtomType aDefaultT
     mAuxInfoType = reader->ReadU32();
     mAuxInfoTypeParameter = reader->ReadU32();
   }
   uint8_t defaultSampleInfoSize = reader->ReadU8();
   uint32_t count = reader->ReadU32();
   if (defaultSampleInfoSize) {
     if (!mSampleInfoSize.SetCapacity(count, fallible)) {
       LOG(Saiz, "OOM");
-      reader->DiscardRemaining();
       return;
     }
     for (int i = 0; i < count; i++) {
       MOZ_ALWAYS_TRUE(mSampleInfoSize.AppendElement(defaultSampleInfoSize,
                                                     fallible));
     }
   } else {
     if (!reader->ReadArray(mSampleInfoSize, count)) {
       LOG(Saiz, "Incomplete Box (OOM or missing count:%u)", count);
-      reader->DiscardRemaining();
       return;
     }
   }
-  reader->DiscardRemaining();
   mValid = true;
 }
 
 Saio::Saio(Box& aBox, AtomType aDefaultType)
   : mAuxInfoType(aDefaultType)
   , mAuxInfoTypeParameter(0)
 {
   BoxReader reader(aBox);
@@ -897,17 +890,16 @@ Saio::Saio(Box& aBox, AtomType aDefaultT
   need = (version ? sizeof(uint64_t) : sizeof(uint32_t)) * count;
   if (reader->Remaining() < need) {
     LOG(Saio, "Incomplete Box (have:%lld need:%lld)",
         (uint64_t)reader->Remaining(), (uint64_t)need);
     return;
   }
   if (!mOffsets.SetCapacity(count, fallible)) {
     LOG(Saiz, "OOM");
-    reader->DiscardRemaining();
     return;
   }
   if (version == 0) {
     for (size_t i = 0; i < count; i++) {
       MOZ_ALWAYS_TRUE(mOffsets.AppendElement(reader->ReadU32(), fallible));
     }
   } else {
     for (size_t i = 0; i < count; i++) {
--- a/media/libstagefright/binding/SinfParser.cpp
+++ b/media/libstagefright/binding/SinfParser.cpp
@@ -36,18 +36,16 @@ SinfParser::ParseSchm(Box& aBox)
   BoxReader reader(aBox);
 
   if (reader->Remaining() < 8) {
     return;
   }
 
   mozilla::Unused << reader->ReadU32(); // flags -- ignore
   mSinf.mDefaultEncryptionType = reader->ReadU32();
-
-  reader->DiscardRemaining();
 }
 
 void
 SinfParser::ParseSchi(Box& aBox)
 {
   for (Box box = aBox.FirstChild(); box.IsAvailable(); box = box.Next()) {
     if (box.IsType("tenc")) {
       ParseTenc(box);
--- a/media/libstagefright/binding/include/mp4_demuxer/Box.h
+++ b/media/libstagefright/binding/include/mp4_demuxer/Box.h
@@ -43,40 +43,42 @@ public:
   uint64_t Length() const { return mRange.mEnd - mRange.mStart; }
   uint64_t NextOffset() const { return mRange.mEnd; }
   const MediaByteRange& Range() const { return mRange; }
   const Box* Parent() const { return mParent; }
   bool IsType(const char* aType) const { return mType == AtomType(aType); }
 
   Box Next() const;
   Box FirstChild() const;
-  bool Read(nsTArray<uint8_t>* aDest);
+  nsTArray<uint8_t> Read();
   bool Read(nsTArray<uint8_t>* aDest, const MediaByteRange& aRange);
 
   static const uint64_t kMAX_BOX_READ;
 
 private:
   bool Contains(MediaByteRange aRange) const;
   BoxContext* mContext;
   mozilla::MediaByteRange mRange;
   uint64_t mBodyOffset;
   uint64_t mChildOffset;
   AtomType mType;
   const Box* mParent;
 };
 
+// BoxReader takes a copy of a box contents and serves through an AutoByteReader.
+MOZ_RAII
 class BoxReader
 {
 public:
   explicit BoxReader(Box& aBox)
+    : mBuffer(aBox.Read())
+    , mReader(mBuffer.Elements(), mBuffer.Length())
   {
-    aBox.Read(&mBuffer);
-    mReader.SetData(mBuffer);
   }
-  ByteReader* operator->() { return &mReader; }
-  ByteReader mReader;
+  AutoByteReader* operator->() { return &mReader; }
 
 private:
   nsTArray<uint8_t> mBuffer;
+  AutoByteReader mReader;
 };
 }
 
 #endif
--- a/media/libstagefright/binding/include/mp4_demuxer/ByteReader.h
+++ b/media/libstagefright/binding/include/mp4_demuxer/ByteReader.h
@@ -7,17 +7,17 @@
 
 #include "mozilla/EndianUtils.h"
 #include "mozilla/Vector.h"
 #include "nsTArray.h"
 #include "MediaData.h"
 
 namespace mp4_demuxer {
 
-class ByteReader
+class MOZ_RAII ByteReader
 {
 public:
   ByteReader() : mPtr(nullptr), mRemaining(0) {}
   explicit ByteReader(const mozilla::Vector<uint8_t>& aData)
     : mPtr(aData.begin()), mRemaining(aData.length()), mLength(aData.length())
   {
   }
   ByteReader(const uint8_t* aData, size_t aSize)
@@ -52,17 +52,18 @@ public:
   }
 
   size_t Offset()
   {
     return mLength - mRemaining;
   }
 
   // Make it explicit if we're not using the extra bytes.
-  void DiscardRemaining() {
+  void DiscardRemaining()
+  {
     mRemaining = 0;
   }
 
   size_t Remaining() const { return mRemaining; }
 
   bool CanRead8() { return mRemaining >= 1; }
 
   uint8_t ReadU8()
@@ -344,11 +345,29 @@ public:
     return true;
   }
 
 private:
   const uint8_t* mPtr;
   size_t mRemaining;
   size_t mLength;
 };
-}
+
+// A ByteReader that automatically discards remaining data before destruction.
+class MOZ_RAII AutoByteReader : public ByteReader
+{
+public:
+  AutoByteReader(const uint8_t* aData, size_t aSize)
+    : ByteReader(aData, aSize)
+  {
+  }
+  ~AutoByteReader()
+  {
+    ByteReader::DiscardRemaining();
+  }
+
+  // Prevent unneeded DiscardRemaining() calls.
+  void DiscardRemaining() = delete;
+};
+
+} // namespace mp4_demuxer
 
 #endif
--- a/mfbt/BufferList.h
+++ b/mfbt/BufferList.h
@@ -56,20 +56,16 @@ class BufferList : private AllocPolicy
   friend class BufferList;
 
  public:
   // For the convenience of callers, all segments are required to be a multiple
   // of 8 bytes in capacity. Also, every buffer except the last one is required
   // to be full (i.e., size == capacity). Therefore, a byte at offset N within
   // the BufferList and stored in memory at an address A will satisfy
   // (N % Align == A % Align) if Align == 2, 4, or 8.
-  //
-  // NB: FlattenBytes can create non-full segments in the middle of the
-  // list. However, it ensures that these buffers are 8-byte aligned, so the
-  // offset invariant is not violated.
   static const size_t kSegmentAlignment = 8;
 
   // Allocate a BufferList. The BufferList will free all its buffers when it is
   // destroyed. An initial buffer of size aInitialSize and capacity
   // aInitialCapacity is allocated automatically. This data will be contiguous
   // an can be accessed via |Start()|. Subsequent buffers will be allocated with
   // capacity aStandardCapacity.
   BufferList(size_t aInitialSize,
@@ -239,24 +235,16 @@ class BufferList : private AllocPolicy
   // bytes may be split across multiple buffers. Size() is increased by aSize.
   inline bool WriteBytes(const char* aData, size_t aSize);
 
   // Copies possibly non-contiguous byte range starting at aIter into
   // aData. aIter is advanced by aSize bytes. Returns false if it runs out of
   // data before aSize.
   inline bool ReadBytes(IterImpl& aIter, char* aData, size_t aSize) const;
 
-  // FlattenBytes reconfigures the BufferList so that data in the range
-  // [aIter, aIter + aSize) is stored contiguously. A pointer to this data is
-  // returned in aOutData. Returns false if not enough data is available. All
-  // other iterators are invalidated by this method.
-  //
-  // This method requires aIter and aSize to be 8-byte aligned.
-  inline bool FlattenBytes(IterImpl& aIter, const char** aOutData, size_t aSize);
-
   // Return a new BufferList that shares storage with this BufferList. The new
   // BufferList is read-only. It allows iteration over aSize bytes starting at
   // aIter. Borrow can fail, in which case *aSuccess will be false upon
   // return. The borrowed BufferList can use a different AllocPolicy than the
   // original one. However, it is not responsible for freeing buffers, so the
   // AllocPolicy is only used for the buffer vector.
   template<typename BorrowingAllocPolicy>
   BufferList<BorrowingAllocPolicy> Borrow(IterImpl& aIter, size_t aSize, bool* aSuccess,
@@ -367,74 +355,16 @@ BufferList<AllocPolicy>::ReadBytes(IterI
     remaining -= toCopy;
 
     aIter.Advance(*this, toCopy);
   }
 
   return true;
 }
 
-template<typename AllocPolicy>
-bool
-BufferList<AllocPolicy>::FlattenBytes(IterImpl& aIter, const char** aOutData, size_t aSize)
-{
-  MOZ_RELEASE_ASSERT(aSize);
-  MOZ_RELEASE_ASSERT(mOwning);
-
-  if (aIter.HasRoomFor(aSize)) {
-    // If the data is already contiguous, just return a pointer.
-    *aOutData = aIter.Data();
-    aIter.Advance(*this, aSize);
-    return true;
-  }
-
-  // This buffer will become the new contiguous segment.
-  char* buffer = this->template pod_malloc<char>(Size());
-  if (!buffer) {
-    return false;
-  }
-
-  size_t copied = 0;
-  size_t offset;
-  bool found = false;
-  for (size_t i = 0; i < mSegments.length(); i++) {
-    Segment& segment = mSegments[i];
-    memcpy(buffer + copied, segment.Start(), segment.mSize);
-
-    if (i == aIter.mSegment) {
-      offset = copied + (aIter.mData - segment.Start());
-
-      // Do we have aSize bytes after aIter?
-      if (Size() - offset >= aSize) {
-        found = true;
-        *aOutData = buffer + offset;
-
-        aIter.mSegment = 0;
-        aIter.mData = buffer + offset + aSize;
-        aIter.mDataEnd = buffer + Size();
-      }
-    }
-
-    this->free_(segment.mData);
-
-    copied += segment.mSize;
-  }
-
-  mSegments.clear();
-  mSegments.infallibleAppend(Segment(buffer, Size(), Size()));
-
-  if (!found) {
-    aIter.mSegment = 0;
-    aIter.mData = Start();
-    aIter.mDataEnd = Start() + Size();
-  }
-
-  return found;
-}
-
 template<typename AllocPolicy> template<typename BorrowingAllocPolicy>
 BufferList<BorrowingAllocPolicy>
 BufferList<AllocPolicy>::Borrow(IterImpl& aIter, size_t aSize, bool* aSuccess,
                                 BorrowingAllocPolicy aAP) const
 {
   BufferList<BorrowingAllocPolicy> result(aAP);
 
   size_t size = aSize;
--- a/mfbt/tests/TestBufferList.cpp
+++ b/mfbt/tests/TestBufferList.cpp
@@ -162,39 +162,16 @@ int main(void)
 
   iter = bl.Iter();
   MOZ_RELEASE_ASSERT(iter.AdvanceAcrossSegments(bl, kTotalSize - kLastSegmentSize - kStandardCapacity));
   MOZ_RELEASE_ASSERT(iter.RemainingInSegment() == kStandardCapacity);
   iter.Advance(bl, kStandardCapacity);
   MOZ_RELEASE_ASSERT(iter.RemainingInSegment() == kLastSegmentSize);
   MOZ_RELEASE_ASSERT(unsigned(*iter.Data()) == (kTotalSize - kLastSegmentSize - kInitialSize - kSmallWrite) % 37);
 
-  // Flattening.
-
-  const size_t kFlattenSize = 1000;
-
-  const char* flat;
-  iter = bl.Iter();
-  MOZ_RELEASE_ASSERT(iter.AdvanceAcrossSegments(bl, kInitialSize));
-  MOZ_RELEASE_ASSERT(bl.FlattenBytes(iter, &flat, kFlattenSize));
-  MOZ_RELEASE_ASSERT(flat[0] == 0x0a);
-  MOZ_RELEASE_ASSERT(flat[kSmallWrite / 2] == 0x0a);
-  for (size_t i = kSmallWrite; i < kFlattenSize; i++) {
-    MOZ_RELEASE_ASSERT(unsigned(flat[i]) == (i - kSmallWrite) % 37);
-  }
-  MOZ_RELEASE_ASSERT(unsigned(*iter.Data()) == (kFlattenSize - kSmallWrite) % 37);
-
-  const size_t kSecondFlattenSize = 40;
-
-  MOZ_RELEASE_ASSERT(bl.FlattenBytes(iter, &flat, kSecondFlattenSize));
-  for (size_t i = 0; i < kSecondFlattenSize; i++) {
-    MOZ_RELEASE_ASSERT(unsigned(flat[i]) == (i + kFlattenSize - kInitialSize) % 37);
-  }
-  MOZ_RELEASE_ASSERT(iter.Done());
-
   // Clear.
 
   bl.Clear();
   MOZ_RELEASE_ASSERT(bl.Size() == 0);
   MOZ_RELEASE_ASSERT(bl.Iter().Done());
 
   // Move assignment.
 
new file mode 100644
--- /dev/null
+++ b/mobile/android/chrome/content/browser.css
@@ -0,0 +1,17 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+/**
+ * Optimization for tabs that are restored lazily. We can save a good amount of
+ * memory that to-be-restored tabs would otherwise consume simply by setting
+ * their browsers to 'display: none' as that will prevent them from having to
+ * create a presentation and the like.
+ */
+browser[pending] {
+  display: none;
+}
+
+browser[remote="true"] {
+  -moz-binding: url("chrome://global/content/bindings/remote-browser.xml#remote-browser");
+}
\ No newline at end of file
--- a/mobile/android/chrome/content/browser.js
+++ b/mobile/android/chrome/content/browser.js
@@ -98,16 +98,19 @@ XPCOMUtils.defineLazyModuleGetter(this, 
                                   "resource://gre/modules/CharsetMenu.jsm");
 
 XPCOMUtils.defineLazyModuleGetter(this, "NetErrorHelper",
                                   "resource://gre/modules/NetErrorHelper.jsm");
 
 XPCOMUtils.defineLazyModuleGetter(this, "PermissionsUtils",
                                   "resource://gre/modules/PermissionsUtils.jsm");
 
+XPCOMUtils.defineLazyModuleGetter(this, "Preferences",
+                                  "resource://gre/modules/Preferences.jsm");
+
 XPCOMUtils.defineLazyModuleGetter(this, "SharedPreferences",
                                   "resource://gre/modules/SharedPreferences.jsm");
 
 XPCOMUtils.defineLazyModuleGetter(this, "Notifications",
                                   "resource://gre/modules/Notifications.jsm");
 
 XPCOMUtils.defineLazyModuleGetter(this, "ReaderMode", "resource://gre/modules/ReaderMode.jsm");
 
@@ -3442,16 +3445,20 @@ Tab.prototype = {
       return;
 
     aParams = aParams || {};
 
     this.browser = document.createElement("browser");
     this.browser.setAttribute("type", "content-targetable");
     this.browser.setAttribute("messagemanagergroup", "browsers");
 
+    if (Preferences.get("browser.tabs.remote.force-enable", false)) {
+      this.browser.setAttribute("remote", "true");
+    }
+
     this.browser.permanentKey = {};
 
     // Make sure the previously selected panel remains selected. The selected panel of a deck is
     // not stable when panels are added.
     let selectedPanel = BrowserApp.deck.selectedPanel;
     BrowserApp.deck.insertBefore(this.browser, aParams.sibling || null);
     BrowserApp.deck.selectedPanel = selectedPanel;
 
--- a/mobile/android/chrome/jar.mn
+++ b/mobile/android/chrome/jar.mn
@@ -20,16 +20,17 @@ chrome.jar:
   content/aboutPrivateBrowsing.xhtml   (content/aboutPrivateBrowsing.xhtml)
   content/aboutPrivateBrowsing.js      (content/aboutPrivateBrowsing.js)
   content/Reader.js                    (content/Reader.js)
   content/aboutHome.xhtml              (content/aboutHome.xhtml)
   content/aboutRights.xhtml            (content/aboutRights.xhtml)
   content/blockedSite.xhtml            (content/blockedSite.xhtml)
   content/languages.properties         (content/languages.properties)
   content/browser.xul                  (content/browser.xul)
+  content/browser.css                  (content/browser.css)
   content/browser.js                   (content/browser.js)
   content/geckoview.xul                (content/geckoview.xul)
   content/geckoview.js                 (content/geckoview.js)
   content/bindings/checkbox.xml        (content/bindings/checkbox.xml)
   content/bindings/settings.xml        (content/bindings/settings.xml)
   content/netError.xhtml               (content/netError.xhtml)
   content/SelectHelper.js              (content/SelectHelper.js)
   content/SelectionHandler.js          (content/SelectionHandler.js)
--- a/mobile/android/installer/package-manifest.in
+++ b/mobile/android/installer/package-manifest.in
@@ -566,8 +566,11 @@
 @BINPATH@/components/marionettecomponent.js
 #endif
 
 #ifdef PKG_LOCALE_MANIFEST
 #include @PKG_LOCALE_MANIFEST@
 #endif
 
 @BINPATH@/components/dom_audiochannel.xpt
+
+@BINPATH@/components/RemoteWebNavigation.js
+@BINPATH@/components/remotebrowserutils.manifest
--- a/mobile/android/tests/browser/robocop/testAccessibleCarets.js
+++ b/mobile/android/tests/browser/robocop/testAccessibleCarets.js
@@ -261,33 +261,34 @@ add_task(function* testAccessibleCarets(
 });
 
 /**
  * DesignMode test method.
  */
 add_task(function* testAccessibleCarets_designMode() {
   let BrowserApp = gChromeWin.BrowserApp;
 
+  // Pre-populate the clipboard to ensure PASTE action available.
+  Cc["@mozilla.org/widget/clipboardhelper;1"].
+    getService(Ci.nsIClipboardHelper).copyString("somethingMagical");
+
   // Load test page, wait for load completion.
   let browser = BrowserApp.addTab(DESIGNMODE_TEST_URL).browser;
   let tab = BrowserApp.getTabForBrowser(browser, { selected: true });
   yield do_promiseTabChangeEvent(tab.id, TAB_STOP_EVENT);
 
   // References to test document elements, ActionBarHandler.
   let doc = browser.contentDocument;
   let tc_LTR_elem = doc.getElementById("LTRtextContent");
   let tc_RTL_elem = doc.getElementById("RTLtextContent");
 
   // Locate longpress midpoints for test elements, ensure expactations.
   let tc_LTR_midPoint = getCharPressPoint(doc, tc_LTR_elem, 5, "x");
   let tc_RTL_midPoint = getCharPressPoint(doc, tc_RTL_elem, 9, "ת");
 
-  // Pre-populate the clipboard to ensure PASTE action available.
-  Cc["@mozilla.org/widget/clipboardhelper;1"].
-    getService(Ci.nsIClipboardHelper).copyString("somethingMagical");
   let flavors = ["text/unicode"];
   let clipboardHasText = Services.clipboard.hasDataMatchingFlavors(
     flavors, flavors.length, Ci.nsIClipboard.kGlobalClipboard);
   is(clipboardHasText, true, "There should now be paste-able text in the clipboard.");
 
   // Toggle designMode on/off/on, check UI expectations.
   ["on", "off"].forEach(designMode => {
     doc.designMode = designMode;
deleted file mode 100644
--- a/mobile/android/themes/core/browser.css
+++ /dev/null
@@ -1,13 +0,0 @@
-/* This Source Code Form is subject to the terms of the Mozilla Public
- * License, v. 2.0. If a copy of the MPL was not distributed with this
- * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
-
-/**
- * Optimization for tabs that are restored lazily. We can save a good amount of
- * memory that to-be-restored tabs would otherwise consume simply by setting
- * their browsers to 'display: none' as that will prevent them from having to
- * create a presentation and the like.
- */
-browser[pending] {
-  display: none;
-}
--- a/mobile/android/themes/core/jar.mn
+++ b/mobile/android/themes/core/jar.mn
@@ -16,17 +16,16 @@ chrome.jar:
   skin/aboutHealthReport.css                (aboutHealthReport.css)
 #endif
   skin/aboutMemory.css                      (aboutMemory.css)
   skin/aboutPrivateBrowsing.css             (aboutPrivateBrowsing.css)
   skin/aboutReader.css                      (aboutReader.css)
   skin/aboutReaderContent.css               (aboutReaderContent.css)
   skin/aboutReaderControls.css              (aboutReaderControls.css)
   skin/aboutSupport.css                     (aboutSupport.css)
-  skin/browser.css                          (browser.css)
   skin/content.css                          (content.css)
   skin/scrollbar.css                        (scrollbar-apz.css)
   skin/config.css                           (config.css)
   skin/defines.css                          (defines.css)
   skin/touchcontrols.css                    (touchcontrols.css)
   skin/netError.css                         (netError.css)
   skin/spinner.css                          (spinner.css)
 % override chrome://global/skin/about.css chrome://browser/skin/about.css
--- a/netwerk/cookie/nsCookieService.cpp
+++ b/netwerk/cookie/nsCookieService.cpp
@@ -2025,18 +2025,18 @@ nsCookieService::SetCookieStringInternal
     COOKIE_LOGFAILURE(SET_COOKIE, aHostURI, aCookieHeader,
                       "couldn't get base domain from URI");
     return;
   }
 
   nsCookieKey key(baseDomain, aOriginAttrs);
 
   // check default prefs
-  CookieStatus cookieStatus = CheckPrefs(aHostURI, aIsForeign, requireHostMatch,
-                                         aCookieHeader.get());
+  CookieStatus cookieStatus = CheckPrefs(aHostURI, aIsForeign, aCookieHeader.get());
+
   // fire a notification if third party or if cookie was rejected
   // (but not if there was an error)
   switch (cookieStatus) {
   case STATUS_REJECTED:
     NotifyRejected(aHostURI);
     if (aIsForeign) {
       NotifyThirdParty(aHostURI, false, aChannel);
     }
@@ -3070,18 +3070,18 @@ nsCookieService::GetCookieStringInternal
   if (NS_SUCCEEDED(rv))
     rv = aHostURI->GetPath(pathFromURI);
   if (NS_FAILED(rv)) {
     COOKIE_LOGFAILURE(GET_COOKIE, aHostURI, nullptr, "invalid host/path from URI");
     return;
   }
 
   // check default prefs
-  CookieStatus cookieStatus = CheckPrefs(aHostURI, aIsForeign, requireHostMatch,
-                                         nullptr);
+  CookieStatus cookieStatus = CheckPrefs(aHostURI, aIsForeign, nullptr);
+
   // for GetCookie(), we don't fire rejection notifications.
   switch (cookieStatus) {
   case STATUS_REJECTED:
   case STATUS_REJECTED_WITH_ERROR:
     return;
   default:
     break;
   }
@@ -3858,17 +3858,16 @@ static inline bool IsSubdomainOf(const n
   if (a.Length() > b.Length())
     return a[a.Length() - b.Length() - 1] == '.' && StringEndsWith(a, b);
   return false;
 }
 
 CookieStatus
 nsCookieService::CheckPrefs(nsIURI          *aHostURI,
                             bool             aIsForeign,
-                            bool             aRequireHostMatch,
                             const char      *aCookieHeader)
 {
   nsresult rv;
 
   // don't let ftp sites get/set cookies (could be a security issue)
   bool ftp;
   if (NS_SUCCEEDED(aHostURI->SchemeIs("ftp", &ftp)) && ftp) {
     COOKIE_LOGFAILURE(aCookieHeader ? SET_COOKIE : GET_COOKIE, aHostURI, aCookieHeader, "ftp sites cannot read cookies");
--- a/netwerk/cookie/nsCookieService.h
+++ b/netwerk/cookie/nsCookieService.h
@@ -299,17 +299,17 @@ class nsCookieService final : public nsI
     bool                          SetCookieInternal(nsIURI *aHostURI, const nsCookieKey& aKey, bool aRequireHostMatch, CookieStatus aStatus, nsDependentCString &aCookieHeader, int64_t aServerTime, bool aFromHttp, nsIChannel* aChannel);
     void                          AddInternal(const nsCookieKey& aKey, nsCookie *aCookie, int64_t aCurrentTimeInUsec, nsIURI *aHostURI, const char *aCookieHeader, bool aFromHttp);
     void                          RemoveCookieFromList(const nsListIter &aIter, mozIStorageBindingParamsArray *aParamsArray = nullptr);
     void                          AddCookieToList(const nsCookieKey& aKey, nsCookie *aCookie, DBState *aDBState, mozIStorageBindingParamsArray *aParamsArray, bool aWriteToDB = true);
     void                          UpdateCookieInList(nsCookie *aCookie, int64_t aLastAccessed, mozIStorageBindingParamsArray *aParamsArray);
     static bool                   GetTokenValue(nsASingleFragmentCString::const_char_iterator &aIter, nsASingleFragmentCString::const_char_iterator &aEndIter, nsDependentCSubstring &aTokenString, nsDependentCSubstring &aTokenValue, bool &aEqualsFound);
     static bool                   ParseAttributes(nsDependentCString &aCookieHeader, nsCookieAttributes &aCookie);
     bool                          RequireThirdPartyCheck();
-    CookieStatus                  CheckPrefs(nsIURI *aHostURI, bool aIsForeign, bool aRequireHostMatch, const char *aCookieHeader);
+    CookieStatus                  CheckPrefs(nsIURI *aHostURI, bool aIsForeign, const char *aCookieHeader);
     bool                          CheckDomain(nsCookieAttributes &aCookie, nsIURI *aHostURI, const nsCString &aBaseDomain, bool aRequireHostMatch);
     static bool                   CheckPath(nsCookieAttributes &aCookie, nsIURI *aHostURI);
     static bool                   CheckPrefixes(nsCookieAttributes &aCookie, bool aSecureRequest);
     static bool                   GetExpiry(nsCookieAttributes &aCookie, int64_t aServerTime, int64_t aCurrentTime);
     void                          RemoveAllFromMemory();
     already_AddRefed<nsIArray>    PurgeCookies(int64_t aCurrentTimeInUsec);
     bool                          FindCookie(const nsCookieKey& aKey, const nsAFlatCString &aHost, const nsAFlatCString &aName, const nsAFlatCString &aPath, nsListIter &aIter);
     static void                   FindStaleCookie(nsCookieEntry *aEntry, int64_t aCurrentTime, nsListIter &aIter);
--- a/nsprpub/TAG-INFO
+++ b/nsprpub/TAG-INFO
@@ -1,1 +1,1 @@
-NSPR_4_12_RTM
+NSPR_4_13_BETA2
new file mode 100644
--- /dev/null
+++ b/nsprpub/automation/release/nspr-release-helper.py
@@ -0,0 +1,179 @@
+#!/usr/bin/python
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+
+import os
+import sys
+import datetime
+import shutil
+import glob
+from optparse import OptionParser
+from subprocess import check_call
+
+prinit_h = "pr/include/prinit.h"
+f_conf = "configure"
+f_conf_in = "configure.in"
+
+def check_call_noisy(cmd, *args, **kwargs):
+    print "Executing command:", cmd
+    check_call(cmd, *args, **kwargs)
+
+o = OptionParser(usage="client.py [options] remove_beta | set_beta | print_library_versions | set_version_to_minor_release | set_version_to_patch_release | create_nspr_release_archive")
+
+try:
+    options, args = o.parse_args()
+    action = args[0]
+except IndexError:
+    o.print_help()
+    sys.exit(2)
+
+def exit_with_failure(what):
+    print "failure: ", what
+    sys.exit(2)
+
+def check_files_exist():
+    if (not os.path.exists(prinit_h)):
+        exit_with_failure("cannot find expected header files, must run from inside NSPR hg directory")
+
+def sed_inplace(sed_expression, filename):
+    backup_file = filename + '.tmp'
+    check_call_noisy(["sed", "-i.tmp", sed_expression, filename])
+    os.remove(backup_file)
+
+def toggle_beta_status(is_beta):
+    check_files_exist()
+    if (is_beta):
+        print "adding Beta status to version numbers"
+        sed_inplace('s/^\(#define *PR_VERSION *\"[0-9.]\+\)\" *$/\\1 Beta\"/', prinit_h)
+        sed_inplace('s/^\(#define *PR_BETA *\)PR_FALSE *$/\\1PR_TRUE/', prinit_h)
+
+    else:
+        print "removing Beta status from version numbers"
+        sed_inplace('s/^\(#define *PR_VERSION *\"[0-9.]\+\) *Beta\" *$/\\1\"/', prinit_h)
+        sed_inplace('s/^\(#define *PR_BETA *\)PR_TRUE *$/\\1PR_FALSE/', prinit_h)
+    print "please run 'hg stat' and 'hg diff' to verify the files have been verified correctly"
+
+def print_beta_versions():
+    check_call_noisy(["egrep", "#define *PR_VERSION|#define *PR_BETA", prinit_h])
+
+def remove_beta_status():
+    print "--- removing beta flags. Existing versions were:"
+    print_beta_versions()
+    toggle_beta_status(False)
+    print "--- finished modifications, new versions are:"
+    print_beta_versions()
+
+def set_beta_status():
+    print "--- adding beta flags. Existing versions were:"
+    print_beta_versions()
+    toggle_beta_status(True)
+    print "--- finished modifications, new versions are:"
+    print_beta_versions()
+
+def print_library_versions():
+    check_files_exist()
+    check_call_noisy(["egrep", "#define *PR_VERSION|#define PR_VMAJOR|#define *PR_VMINOR|#define *PR_VPATCH|#define *PR_BETA", prinit_h])
+
+def ensure_arguments_after_action(how_many, usage):
+    if (len(sys.argv) != (2+how_many)):
+        exit_with_failure("incorrect number of arguments, expected parameters are:\n" + usage)
+
+def set_major_versions(major):
+    sed_inplace('s/^\(#define *PR_VMAJOR *\).*$/\\1' + major + '/', prinit_h)
+    sed_inplace('s/^MOD_MAJOR_VERSION=.*$/MOD_MAJOR_VERSION=' + major + '/', f_conf)
+    sed_inplace('s/^MOD_MAJOR_VERSION=.*$/MOD_MAJOR_VERSION=' + major + '/', f_conf_in)
+
+def set_minor_versions(minor):
+    sed_inplace('s/^\(#define *PR_VMINOR *\).*$/\\1' + minor + '/', prinit_h)
+    sed_inplace('s/^MOD_MINOR_VERSION=.*$/MOD_MINOR_VERSION=' + minor + '/', f_conf)
+    sed_inplace('s/^MOD_MINOR_VERSION=.*$/MOD_MINOR_VERSION=' + minor + '/', f_conf_in)
+
+def set_patch_versions(patch):
+    sed_inplace('s/^\(#define *PR_VPATCH *\).*$/\\1' + patch + '/', prinit_h)
+    sed_inplace('s/^MOD_PATCH_VERSION=.*$/MOD_PATCH_VERSION=' + patch + '/', f_conf)
+    sed_inplace('s/^MOD_PATCH_VERSION=.*$/MOD_PATCH_VERSION=' + patch + '/', f_conf_in)
+
+def set_full_lib_versions(version):
+    sed_inplace('s/^\(#define *PR_VERSION *\"\)\([0-9.]\+\)\(.*\)$/\\1' + version + '\\3/', prinit_h)
+
+def set_all_lib_versions(version, major, minor, patch):
+    set_full_lib_versions(version)
+    set_major_versions(major)
+    set_minor_versions(minor)
+    set_patch_versions(patch)
+    print
+    print "==========================="
+    print "======== ATTENTION ========"
+    print
+    print "You *MUST* manually edit file pr/tests/vercheck.c"
+    print
+    print "Edit two arrays, named compatible_version and incompatible_version"
+    print "according to the new version you're adding."
+    print
+    print "======== ATTENTION ========"
+    print "==========================="
+
+def set_version_to_minor_release():
+    ensure_arguments_after_action(2, "major_version  minor_version")
+    major = args[1].strip()
+    minor = args[2].strip()
+    version = major + '.' + minor
+    patch = "0"
+    set_all_lib_versions(version, major, minor, patch)
+
+def set_version_to_patch_release():
+    ensure_arguments_after_action(3, "major_version  minor_version  patch_release")
+    major = args[1].strip()
+    minor = args[2].strip()
+    patch = args[3].strip()
+    version = major + '.' + minor + '.' + patch
+    set_all_lib_versions(version, major, minor, patch)
+
+def create_nspr_release_archive():
+    ensure_arguments_after_action(2, "nspr_release_version  nspr_hg_release_tag")
+    nsprrel = args[1].strip() #e.g. 4.10.9
+    nsprreltag = args[2].strip() #e.g. NSPR_4_10_9_RTM
+
+    nspr_tar = "nspr-" + nsprrel + ".tar.gz"
+    nspr_stagedir="../stage/v" + nsprrel + "/src"
+    if (os.path.exists(nspr_stagedir)):
+        exit_with_failure("nspr stage directory already exists: " + nspr_stagedir)
+
+    check_call_noisy(["mkdir", "-p", nspr_stagedir])
+    check_call_noisy(["hg", "archive", "-r", nsprreltag, "--prefix=nspr-" + nsprrel + "/nspr",
+                      "../stage/v" + nsprrel + "/src/" + nspr_tar, "-X", ".hgtags"])
+    print "changing to directory " + nspr_stagedir
+    os.chdir(nspr_stagedir)
+
+    check_call("sha1sum " + nspr_tar + " > SHA1SUMS", shell=True)
+    check_call("sha256sum " + nspr_tar + " > SHA256SUMS", shell=True)
+    print "created directory " + nspr_stagedir + " with files:"
+    check_call_noisy(["ls", "-l"])
+
+if action in ('remove_beta'):
+    remove_beta_status()
+
+elif action in ('set_beta'):
+    set_beta_status()
+
+elif action in ('print_library_versions'):
+    print_library_versions()
+
+# x.y version number - 2 parameters
+elif action in ('set_version_to_minor_release'):
+    set_version_to_minor_release()
+
+# x.y.z version number - 3 parameters
+elif action in ('set_version_to_patch_release'):
+    set_version_to_patch_release()
+
+elif action in ('create_nspr_release_archive'):
+    create_nspr_release_archive()
+
+else:
+    o.print_help()
+    sys.exit(2)
+
+sys.exit(0)
--- a/nsprpub/config/prdepend.h
+++ b/nsprpub/config/prdepend.h
@@ -5,9 +5,8 @@
 
 /*
  * A dummy header file that is a dependency for all the object files.
  * Used to force a full recompilation of NSPR in Mozilla's Tinderbox
  * depend builds.  See comments in rules.mk.
  */
 
 #error "Do not include this header file."
-
--- a/nsprpub/configure
+++ b/nsprpub/configure
@@ -2483,17 +2483,17 @@ case $target_os in *\ *) target_os=`echo
 # The aliases save the names the user supplied, while $host etc.
 # will get canonicalized.
 test -n "$target_alias" &&
   test "$program_prefix$program_suffix$program_transform_name" = \
     NONENONEs,x,x, &&
   program_prefix=${target_alias}-
 
 MOD_MAJOR_VERSION=4
-MOD_MINOR_VERSION=12
+MOD_MINOR_VERSION=13
 MOD_PATCH_VERSION=0
 NSPR_MODNAME=nspr20
 _HAVE_PTHREADS=
 USE_PTHREADS=
 USE_USER_PTHREADS=
 USE_NSPR_THREADS=
 USE_N32=
 USE_X32=
--- a/nsprpub/configure.in
+++ b/nsprpub/configure.in
@@ -10,17 +10,17 @@ AC_CONFIG_SRCDIR([pr/include/nspr.h])
 
 AC_CONFIG_AUX_DIR(${srcdir}/build/autoconf)
 AC_CANONICAL_TARGET
 
 dnl ========================================================
 dnl = Defaults
 dnl ========================================================
 MOD_MAJOR_VERSION=4
-MOD_MINOR_VERSION=12
+MOD_MINOR_VERSION=13
 MOD_PATCH_VERSION=0
 NSPR_MODNAME=nspr20
 _HAVE_PTHREADS=
 USE_PTHREADS=
 USE_USER_PTHREADS=
 USE_NSPR_THREADS=
 USE_N32=
 USE_X32=
--- a/nsprpub/lib/ds/plarena.c
+++ b/nsprpub/lib/ds/plarena.c
@@ -12,71 +12,26 @@
 #include <string.h>
 #include "plarena.h"
 #include "prmem.h"
 #include "prbit.h"
 #include "prlog.h"
 #include "prlock.h"
 #include "prinit.h"
 
-static PLArena *arena_freelist;
-
 #ifdef PL_ARENAMETER
 static PLArenaStats *arena_stats_list;
 
 #define COUNT(pool,what)  (pool)->stats.what++
 #else
 #define COUNT(pool,what)  /* nothing */
 #endif
 
 #define PL_ARENA_DEFAULT_ALIGN  sizeof(double)
 
-static PRLock    *arenaLock;
-static PRCallOnceType once;
-static const PRCallOnceType pristineCallOnce;
-
-/*
-** InitializeArenas() -- Initialize arena operations.
-**
-** InitializeArenas() is called exactly once and only once from 
-** LockArena(). This function creates the arena protection 
-** lock: arenaLock.
-**
-** Note: If the arenaLock cannot be created, InitializeArenas()
-** fails quietly, returning only PR_FAILURE. This percolates up
-** to the application using the Arena API. He gets no arena
-** from PL_ArenaAllocate(). It's up to him to fail gracefully
-** or recover.
-**
-*/
-static PRStatus InitializeArenas( void )
-{
-    PR_ASSERT( arenaLock == NULL );
-    arenaLock = PR_NewLock();
-    if ( arenaLock == NULL )
-        return PR_FAILURE;
-    else
-        return PR_SUCCESS;
-} /* end ArenaInitialize() */
-
-static PRStatus LockArena( void )
-{
-    PRStatus rc = PR_CallOnce( &once, InitializeArenas );
-
-    if ( PR_FAILURE != rc )
-        PR_Lock( arenaLock );
-    return(rc);
-} /* end LockArena() */
-
-static void UnlockArena( void )
-{
-    PR_Unlock( arenaLock );
-    return;
-} /* end UnlockArena() */
-
 PR_IMPLEMENT(void) PL_InitArenaPool(
     PLArenaPool *pool, const char *name, PRUint32 size, PRUint32 align)
 {
     /*
      * Look-up table of PR_BITMASK(PR_CeilingLog2(align)) values for
      * align = 1 to 32.
      */
     static const PRUint8 pmasks[33] = {
@@ -119,24 +74,17 @@ PR_IMPLEMENT(void) PL_InitArenaPool(
 
 /*
 ** PL_ArenaAllocate() -- allocate space from an arena pool
 ** 
 ** Description: PL_ArenaAllocate() allocates space from an arena
 ** pool. 
 **
 ** First, try to satisfy the request from arenas starting at
-** pool->current.
-**
-** If there is not enough space in the arena pool->current, try
-** to claim an arena, on a first fit basis, from the global
-** freelist (arena_freelist).
-** 
-** If no arena in arena_freelist is suitable, then try to
-** allocate a new arena from the heap.
+** pool->current. Then try to allocate a new arena from the heap.
 **
 ** Returns: pointer to allocated space or NULL
 ** 
 ** Notes: The original implementation had some difficult to
 ** solve bugs; the code was difficult to read. Sometimes it's
 ** just easier to rewrite it. I did that. larryh.
 **
 ** See also: bugzilla: 45343.
@@ -164,47 +112,16 @@ PR_IMPLEMENT(void *) PL_ArenaAllocate(PL
                 pool->current = a;
                 rp = (char *)a->avail;
                 a->avail += nb;
                 return rp;
             }
         } while( NULL != (a = a->next) );
     }
 
-    /* attempt to allocate from arena_freelist */
-    {
-        PLArena *p; /* previous pointer, for unlinking from freelist */
-
-        /* lock the arena_freelist. Make access to the freelist MT-Safe */
-        if ( PR_FAILURE == LockArena())
-            return(0);
-
-        for ( a = arena_freelist, p = NULL; a != NULL ; p = a, a = a->next ) {
-            if ( nb <= a->limit - a->base )  {
-                if ( p == NULL )
-                    arena_freelist = a->next;
-                else
-                    p->next = a->next;
-                UnlockArena();
-                a->avail = a->base;
-                rp = (char *)a->avail;
-                a->avail += nb;
-                /* the newly allocated arena is linked after pool->current 
-                *  and becomes pool->current */
-                a->next = pool->current->next;
-                pool->current->next = a;
-                pool->current = a;
-                if ( NULL == pool->first.next )
-                    pool->first.next = a;
-                return(rp);
-            }
-        }
-        UnlockArena();
-    }
-
     /* attempt to allocate from the heap */ 
     {  
         PRUint32 sz = PR_MAX(pool->arenasize, nb);
         if (PR_UINT32_MAX - sz < sizeof *a + pool->mask) {
             a = NULL;
         } else {
             sz += sizeof *a + pool->mask;  /* header and alignment slop */
             a = (PLArena*)PR_MALLOC(sz);
@@ -241,95 +158,73 @@ PR_IMPLEMENT(void *) PL_ArenaGrow(
     if (PR_UINT32_MAX - size < incr)
         return NULL;
     PL_ARENA_ALLOCATE(newp, pool, size + incr);
     if (newp)
         memcpy(newp, p, size);
     return newp;
 }
 
-static void ClearArenaList(PLArena *a, PRInt32 pattern)
+PR_IMPLEMENT(void) PL_ClearArenaPool(PLArenaPool *pool, PRInt32 pattern)
 {
+    PLArena *a;
 
-    for (; a; a = a->next) {
+    for (a = pool->first.next; a; a = a->next) {
         PR_ASSERT(a->base <= a->avail && a->avail <= a->limit);
         a->avail = a->base;
         PL_CLEAR_UNUSED_PATTERN(a, pattern);
         PL_MAKE_MEM_NOACCESS((void*)a->avail, a->limit - a->avail);
     }
 }
 
-PR_IMPLEMENT(void) PL_ClearArenaPool(PLArenaPool *pool, PRInt32 pattern)
-{
-    ClearArenaList(pool->first.next, pattern);
-}
-
 /*
  * Free tail arenas linked after head, which may not be the true list head.
  * Reset pool->current to point to head in case it pointed at a tail arena.
  */
-static void FreeArenaList(PLArenaPool *pool, PLArena *head, PRBool reallyFree)
+static void FreeArenaList(PLArenaPool *pool, PLArena *head)
 {
-    PLArena **ap, *a;
-
-    ap = &head->next;
-    a = *ap;
+    PLArena *a = head->next;
     if (!a)
         return;
 
-#ifdef DEBUG
-    ClearArenaList(a, PL_FREE_PATTERN);
-#endif
+    head->next = NULL;
 
-    if (reallyFree) {
-        do {
-            *ap = a->next;
-            PL_CLEAR_ARENA(a);
-            PL_COUNT_ARENA(pool,--);
-            PR_DELETE(a);
-        } while ((a = *ap) != 0);
-    } else {
-        /* Insert the whole arena chain at the front of the freelist. */
-        do {
-            PL_MAKE_MEM_NOACCESS((void*)(*ap)->base,
-                                 (*ap)->limit - (*ap)->base);
-            ap = &(*ap)->next;
-        } while (*ap);
-        LockArena();
-        *ap = arena_freelist;
-        arena_freelist = a;
-        head->next = 0;
-        UnlockArena();
-    }
+    do {
+        PLArena *tmp = a;
+        a = a->next;
+        PL_CLEAR_ARENA(tmp);
+        PL_COUNT_ARENA(pool,--);
+        PR_DELETE(tmp);
+    } while (a);
 
     pool->current = head;
 }
 
 PR_IMPLEMENT(void) PL_ArenaRelease(PLArenaPool *pool, char *mark)
 {
     PLArena *a;
 
     for (a = &pool->first; a; a = a->next) {
         if (PR_UPTRDIFF(mark, a->base) <= PR_UPTRDIFF(a->avail, a->base)) {
             a->avail = (PRUword)PL_ARENA_ALIGN(pool, mark);
-            FreeArenaList(pool, a, PR_FALSE);
+            FreeArenaList(pool, a);
             return;
         }
     }
 }
 
 PR_IMPLEMENT(void) PL_FreeArenaPool(PLArenaPool *pool)
 {
-    FreeArenaList(pool, &pool->first, PR_FALSE);
+    FreeArenaList(pool, &pool->first);
     COUNT(pool, ndeallocs);
 }
 
 PR_IMPLEMENT(void) PL_FinishArenaPool(PLArenaPool *pool)
 {
-    FreeArenaList(pool, &pool->first, PR_TRUE);
+    FreeArenaList(pool, &pool->first);
 #ifdef PL_ARENAMETER
     {
         PLArenaStats *stats, **statsp;
 
         if (pool->stats.name)
             PR_DELETE(pool->stats.name);
         for (statsp = &arena_stats_list; (stats = *statsp) != 0;
              statsp = &stats->next) {
@@ -343,29 +238,16 @@ PR_IMPLEMENT(void) PL_FinishArenaPool(PL
 }
 
 PR_IMPLEMENT(void) PL_CompactArenaPool(PLArenaPool *ap)
 {
 }
 
 PR_IMPLEMENT(void) PL_ArenaFinish(void)
 {
-    PLArena *a, *next;
-
-    for (a = arena_freelist; a; a = next) {
-        next = a->next;
-        PR_DELETE(a);
-    }
-    arena_freelist = NULL;
-
-    if (arenaLock) {
-        PR_DestroyLock(arenaLock);
-        arenaLock = NULL;
-    }
-    once = pristineCallOnce;
 }
 
 PR_IMPLEMENT(size_t) PL_SizeOfArenaPoolExcludingPool(
     const PLArenaPool *pool, PLMallocSizeFn mallocSizeOf)
 {
     /*
      * The first PLArena is within |pool|, so don't measure it.  Subsequent
      * PLArenas are separate and must be measured.
--- a/nsprpub/lib/ds/plarena.h
+++ b/nsprpub/lib/ds/plarena.h
@@ -8,17 +8,16 @@
 /*
  * Lifetime-based fast allocation, inspired by much prior art, including
  * "Fast Allocation and Deallocation of Memory Based on Object Lifetimes"
  * David R. Hanson, Software -- Practice and Experience, Vol. 20(1).
  *
  * Also supports LIFO allocation (PL_ARENA_MARK/PL_ARENA_RELEASE).
  */
 #include "prtypes.h"
-#include "plarenas.h"
 
 PR_BEGIN_EXTERN_C
 
 typedef struct PLArena          PLArena;
 
 struct PLArena {
     PLArena     *next;          /* next arena for this lifetime */
     PRUword     base;           /* aligned base address, follows this header */
@@ -42,16 +41,18 @@ struct PLArenaStats {
     PRUint32      nreleases;    /* number of PL_ARENA_RELEASE() calls */
     PRUint32      nfastrels;    /* number of "fast path" releases */
     PRUint32      nbytes;       /* total bytes allocated */
     PRUint32      maxalloc;     /* maximum allocation size in bytes */
     PRFloat64     variance;     /* size variance accumulator */
 };
 #endif
 
+typedef struct PLArenaPool      PLArenaPool;
+
 struct PLArenaPool {
     PLArena     first;          /* first arena in pool list */
     PLArena     *current;       /* arena from which to allocate space */
     PRUint32    arenasize;      /* net exact size of a new arena */
     PRUword     mask;           /* alignment mask (power-of-2 - 1) */
 #ifdef PL_ARENAMETER
     PLArenaStats stats;
 #endif
@@ -220,16 +221,84 @@ PR_IMPORT(void) __asan_unpoison_memory_r
         PL_COUNT_ARENA(pool,--); \
         if ((pool)->current == (a)) (pool)->current = &(pool)->first; \
         *(pnext) = (a)->next; \
         PL_CLEAR_ARENA(a); \
         free(a); \
         (a) = 0; \
     PR_END_MACRO
 
+/*
+** Initialize an arena pool with the given name for debugging and metering,
+** with a minimum gross size per arena of size bytes.  The net size per arena
+** is smaller than the gross size by a header of four pointers plus any
+** necessary padding for alignment.
+**
+** Note: choose a gross size that's a power of two to avoid the heap allocator
+** rounding the size up.
+**/
+PR_EXTERN(void) PL_InitArenaPool(
+    PLArenaPool *pool, const char *name, PRUint32 size, PRUint32 align);
+
+/*
+** Finish using arenas, freeing all memory associated with them.
+** NOTE: this function is now a no-op. If you want to free a single
+** PLArenaPoolUse use PL_FreeArenaPool() or PL_FinishArenaPool().
+**/
+PR_EXTERN(void) PL_ArenaFinish(void);
+
+/*
+** Free the arenas in pool.  The user may continue to allocate from pool
+** after calling this function.  There is no need to call PL_InitArenaPool()
+** again unless PL_FinishArenaPool(pool) has been called.
+**/
+PR_EXTERN(void) PL_FreeArenaPool(PLArenaPool *pool);
+
+/*
+** Free the arenas in pool and finish using it altogether.
+**/
+PR_EXTERN(void) PL_FinishArenaPool(PLArenaPool *pool);
+
+/*
+** Compact all of the arenas in a pool so that no space is wasted.
+** NOT IMPLEMENTED.  Do not use.
+**/
+PR_EXTERN(void) PL_CompactArenaPool(PLArenaPool *pool);
+
+/*
+** Friend functions used by the PL_ARENA_*() macros.
+**
+** WARNING: do not call these functions directly. Always use the
+** PL_ARENA_*() macros.
+**/
+PR_EXTERN(void *) PL_ArenaAllocate(PLArenaPool *pool, PRUint32 nb);
+
+PR_EXTERN(void *) PL_ArenaGrow(
+    PLArenaPool *pool, void *p, PRUint32 size, PRUint32 incr);
+
+PR_EXTERN(void) PL_ArenaRelease(PLArenaPool *pool, char *mark);
+
+/*
+** memset contents of all arenas in pool to pattern
+*/
+PR_EXTERN(void) PL_ClearArenaPool(PLArenaPool *pool, PRInt32 pattern);
+
+/*
+** A function like malloc_size() or malloc_usable_size() that measures the
+** size of a heap block.
+*/
+typedef size_t (*PLMallocSizeFn)(const void *ptr);
+
+/*
+** Measure all memory used by a PLArenaPool, excluding the PLArenaPool
+** structure.
+*/
+PR_EXTERN(size_t) PL_SizeOfArenaPoolExcludingPool(
+    const PLArenaPool *pool, PLMallocSizeFn mallocSizeOf);
+
 #ifdef PL_ARENAMETER
 
 #include <stdio.h>
 
 PR_EXTERN(void) PL_ArenaCountAllocation(PLArenaPool *pool, PRUint32 nb);
 
 PR_EXTERN(void) PL_ArenaCountInplaceGrowth(
     PLArenaPool *pool, PRUint32 size, PRUint32 incr);
--- a/nsprpub/lib/ds/plarenas.h
+++ b/nsprpub/lib/ds/plarenas.h
@@ -1,81 +1,12 @@
 /* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
 /* This Source Code Form is subject to the terms of the Mozilla Public
  * License, v. 2.0. If a copy of the MPL was not distributed with this
  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
 
-#ifndef PLARENAS_H
-#define PLARENAS_H
-
-PR_BEGIN_EXTERN_C
-
-typedef struct PLArenaPool      PLArenaPool;
-
 /*
-** Initialize an arena pool with the given name for debugging and metering,
-** with a minimum gross size per arena of size bytes.  The net size per arena
-** is smaller than the gross size by a header of four pointers plus any
-** necessary padding for alignment.
-**
-** Note: choose a gross size that's a power of two to avoid the heap allocator
-** rounding the size up.
-**/
-PR_EXTERN(void) PL_InitArenaPool(
-    PLArenaPool *pool, const char *name, PRUint32 size, PRUint32 align);
-
-/*
-** Finish using arenas, freeing all memory associated with them.
-**/
-PR_EXTERN(void) PL_ArenaFinish(void);
-
-/*
-** Free the arenas in pool.  The user may continue to allocate from pool
-** after calling this function.  There is no need to call PL_InitArenaPool()
-** again unless PL_FinishArenaPool(pool) has been called.
-**/
-PR_EXTERN(void) PL_FreeArenaPool(PLArenaPool *pool);
-
-/*
-** Free the arenas in pool and finish using it altogether.
+** PLArena-related declarations used to be split between plarenas.h and
+** plarena.h. That split wasn't useful, so now all the declarations are in
+** plarena.h. However, this file still exists so that any old code that
+** includes it will still work.
 **/
-PR_EXTERN(void) PL_FinishArenaPool(PLArenaPool *pool);
-
-/*
-** Compact all of the arenas in a pool so that no space is wasted.
-** NOT IMPLEMENTED.  Do not use.
-**/
-PR_EXTERN(void) PL_CompactArenaPool(PLArenaPool *pool);
-
-/*
-** Friend functions used by the PL_ARENA_*() macros.
-**
-** WARNING: do not call these functions directly. Always use the
-** PL_ARENA_*() macros.
-**/
-PR_EXTERN(void *) PL_ArenaAllocate(PLArenaPool *pool, PRUint32 nb);
-
-PR_EXTERN(void *) PL_ArenaGrow(
-    PLArenaPool *pool, void *p, PRUint32 size, PRUint32 incr);
-
-PR_EXTERN(void) PL_ArenaRelease(PLArenaPool *pool, char *mark);
-
-/*
-** memset contents of all arenas in pool to pattern
-*/
-PR_EXTERN(void) PL_ClearArenaPool(PLArenaPool *pool, PRInt32 pattern);
-
-/*
-** A function like malloc_size() or malloc_usable_size() that measures the
-** size of a heap block.
-*/
-typedef size_t (*PLMallocSizeFn)(const void *ptr);
-
-/*
-** Measure all memory used by a PLArenaPool, excluding the PLArenaPool
-** structure.
-*/
-PR_EXTERN(size_t) PL_SizeOfArenaPoolExcludingPool(
-    const PLArenaPool *pool, PLMallocSizeFn mallocSizeOf);
-
-PR_END_EXTERN_C
-
-#endif /* PLARENAS_H */
+#include "plarena.h"
--- a/nsprpub/lib/libc/src/strcase.c
+++ b/nsprpub/lib/libc/src/strcase.c
@@ -43,18 +43,20 @@ static const unsigned char uc[] =
 };
 
 PR_IMPLEMENT(PRIntn)
 PL_strcasecmp(const char *a, const char *b)
 {
     const unsigned char *ua = (const unsigned char *)a;
     const unsigned char *ub = (const unsigned char *)b;
 
-    if( ((const char *)0 == a) || (const char *)0 == b ) 
-        return (PRIntn)(a-b);
+    if( (const char *)0 == a )
+        return ((const char *)0 == b) ? 0 : -1;
+    if( (const char *)0 == b )
+        return 1;
 
     while( (uc[*ua] == uc[*ub]) && ('\0' != *a) )
     {
         a++;
         ua++;
         ub++;
     }
 
@@ -62,18 +64,20 @@ PL_strcasecmp(const char *a, const char 
 }
 
 PR_IMPLEMENT(PRIntn)
 PL_strncasecmp(const char *a, const char *b, PRUint32 max)
 {
     const unsigned char *ua = (const unsigned char *)a;
     const unsigned char *ub = (const unsigned char *)b;
 
-    if( ((const char *)0 == a) || (const char *)0 == b ) 
-        return (PRIntn)(a-b);
+    if( (const char *)0 == a )
+        return ((const char *)0 == b) ? 0 : -1;
+    if( (const char *)0 == b )
+        return 1;
 
     while( max && (uc[*ua] == uc[*ub]) && ('\0' != *a) )
     {
         a++;
         ua++;
         ub++;
         max--;
     }
--- a/nsprpub/lib/libc/src/strcmp.c
+++ b/nsprpub/lib/libc/src/strcmp.c
@@ -4,22 +4,26 @@
  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
 
 #include "plstr.h"
 #include <string.h>
 
 PR_IMPLEMENT(PRIntn)
 PL_strcmp(const char *a, const char *b)
 {
-    if( ((const char *)0 == a) || (const char *)0 == b ) 
-        return (PRIntn)(a-b);
+    if( (const char *)0 == a )
+        return ((const char *)0 == b) ? 0 : -1;
+    if( (const char *)0 == b )
+        return 1;
 
     return (PRIntn)strcmp(a, b);
 }
 
 PR_IMPLEMENT(PRIntn)
 PL_strncmp(const char *a, const char *b, PRUint32 max)
 {
-    if( ((const char *)0 == a) || (const char *)0 == b ) 
-        return (PRIntn)(a-b);
+    if( (const char *)0 == a )
+        return ((const char *)0 == b) ? 0 : -1;
+    if( (const char *)0 == b )
+        return 1;
 
     return (PRIntn)strncmp(a, b, (size_t)max);
 }
--- a/nsprpub/pr/include/prinit.h
+++ b/nsprpub/pr/include/prinit.h
@@ -26,21 +26,21 @@ PR_BEGIN_EXTERN_C
 /*
 ** NSPR's version is used to determine the likelihood that the version you
 ** used to build your component is anywhere close to being compatible with
 ** what is in the underlying library.
 **
 ** The format of the version string is
 **     "<major version>.<minor version>[.<patch level>] [<Beta>]"
 */
-#define PR_VERSION  "4.12"
+#define PR_VERSION  "4.13 Beta"
 #define PR_VMAJOR   4
-#define PR_VMINOR   12
+#define PR_VMINOR   13
 #define PR_VPATCH   0
-#define PR_BETA     PR_FALSE
+#define PR_BETA     PR_TRUE
 
 /*
 ** PRVersionCheck
 **
 ** The basic signature of the function that is called to provide version
 ** checking. The result will be a boolean that indicates the likelihood
 ** that the underling library will perform as the caller expects.
 **
--- a/nsprpub/pr/include/prio.h
+++ b/nsprpub/pr/include/prio.h
@@ -191,18 +191,18 @@ union PRNetAddr {
 ***************************************************************************
 */
 typedef enum PRSockOption
 {
     PR_SockOpt_Nonblocking,     /* nonblocking io */
     PR_SockOpt_Linger,          /* linger on close if data present */
     PR_SockOpt_Reuseaddr,       /* allow local address reuse */
     PR_SockOpt_Keepalive,       /* keep connections alive */
-    PR_SockOpt_RecvBufferSize,  /* send buffer size */
-    PR_SockOpt_SendBufferSize,  /* receive buffer size */
+    PR_SockOpt_RecvBufferSize,  /* receive buffer size */
+    PR_SockOpt_SendBufferSize,  /* send buffer size */
 
     PR_SockOpt_IpTimeToLive,    /* time to live */
     PR_SockOpt_IpTypeOfService, /* type of service and precedence */
 
     PR_SockOpt_AddMember,       /* add an IP group membership */
     PR_SockOpt_DropMember,      /* drop an IP group membership */
     PR_SockOpt_McastInterface,  /* multicast interface address */
     PR_SockOpt_McastTimeToLive, /* multicast timetolive */
--- a/nsprpub/pr/include/prolock.h
+++ b/nsprpub/pr/include/prolock.h
@@ -6,31 +6,31 @@
 #ifndef prolock_h___
 #define prolock_h___
 
 #include "prtypes.h"
 
 PR_BEGIN_EXTERN_C
 
 /*
-** A locking mechanism, built on the existing PRLock definiion,
+** A locking mechanism, built on the existing PRLock definition,
 ** is provided that will permit applications to define a Lock
 ** Hierarchy (or Lock Ordering) schema. An application designed
 ** using the Ordered Lock functions will terminate with a
 ** diagnostic message when a lock inversion condition is
 ** detected. 
 ** 
-** The lock ordering detection is complile-time enabled only. in
+** The lock ordering detection is compile-time enabled only. In
 ** optimized builds of NSPR, the Ordered Lock functions map
 ** directly to PRLock functions, providing no lock order
 ** detection.
 ** 
 ** The Ordered Lock Facility is compiled in when DEBUG is defined at
-** compile time. Ordered Lock can be forced on in optimized builds by
-** defining FORCE_NSPR_ORDERED_LOCK at compile time. Both the
+** compile-time. Ordered Lock can be forced on in optimized builds by
+** defining FORCE_NSPR_ORDERED_LOCK at compile-time. Both the
 ** application using Ordered Lock and NSPR must be compiled with the
 ** facility enabled to achieve the desired results.
 ** 
 ** Application designers should use the macro interfaces to the Ordered
 ** Lock facility to ensure that it is compiled out in optimized builds.
 **
 ** Application designers are responsible for defining their own
 ** lock hierarchy. 
--- a/nsprpub/pr/src/io/prprf.c
+++ b/nsprpub/pr/src/io/prprf.c
@@ -456,17 +456,17 @@ static struct NumArg* BuildArgArray( con
 
     p = fmt;
     while( ( c = *p++ ) != 0 ){
     	if( c != '%' )	continue;
 	    c = *p++;
 	if( c == '%' )	continue;
 
 	cn = 0;
-	while( c && c != '$' ){	    /* should imporve error check later */
+	while( c && c != '$' ){	    /* should improve error check later */
 	    cn = cn*10 + c - '0';
 	    c = *p++;
 	}
 
 	if( !c || cn < 1 || cn > number ){
 	    *rv = -1;
 	    break;
         }
@@ -740,17 +740,17 @@ static int dosprintf(SprintfState *ss, c
 		return rv;
 	    }
 	    continue;
 	}
 
 	if( nas != NULL ){
 	    /* the fmt contains the Numbered Arguments feature */
 	    i = 0;
-	    while( c && c != '$' ){	    /* should imporve error check later */
+	    while( c && c != '$' ){	    /* should improve error check later */
 		i = ( i * 10 ) + ( c - '0' );
 		c = *fmt++;
 	    }
 
 	    if( nas[i-1].type == TYPE_UNKNOWN ){
 		if( nas && ( nas != nasArray ) )
 		    PR_DELETE( nas );
 		return -1;
--- a/nsprpub/pr/src/misc/prlong.c
+++ b/nsprpub/pr/src/misc/prlong.c
@@ -1,19 +1,19 @@
 /* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
 /* This Source Code Form is subject to the terms of the Mozilla Public
  * License, v. 2.0. If a copy of the MPL was not distributed with this
  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
 
 #include "prlong.h"
 
-static PRInt64 ll_zero = LL_INIT( 0x00000000,0x00000000 );
-static PRInt64 ll_maxint = LL_INIT( 0x7fffffff, 0xffffffff );
-static PRInt64 ll_minint = LL_INIT( 0x80000000, 0x00000000 );
-static PRUint64 ll_maxuint = LL_INIT( 0xffffffff, 0xffffffff );
+static PRInt64 ll_zero = PR_INT64(0x0000000000000000);
+static PRInt64 ll_maxint = PR_INT64(0x7fffffffffffffff);
+static PRInt64 ll_minint = PR_INT64(0x8000000000000000);
+static PRUint64 ll_maxuint = PR_UINT64(0xffffffffffffffff);
 
 PR_IMPLEMENT(PRInt64) LL_Zero(void) { return ll_zero; }
 PR_IMPLEMENT(PRInt64) LL_MaxInt(void) { return ll_maxint; }
 PR_IMPLEMENT(PRInt64) LL_MinInt(void) { return ll_minint; }
 PR_IMPLEMENT(PRUint64) LL_MaxUint(void) { return ll_maxuint; }
 
 #ifndef HAVE_LONG_LONG
 /*
--- a/nsprpub/pr/tests/sockopt.c
+++ b/nsprpub/pr/tests/sockopt.c
@@ -38,18 +38,18 @@ int main(int argc, char **argv)
     PRFileDesc *udp = PR_NewUDPSocket();
     PRFileDesc *tcp = PR_NewTCPSocket();
     const char *tag[] =
     {
         "PR_SockOpt_Nonblocking",     /* nonblocking io */
         "PR_SockOpt_Linger",          /* linger on close if data present */
         "PR_SockOpt_Reuseaddr",       /* allow local address reuse */
         "PR_SockOpt_Keepalive",       /* keep connections alive */
-        "PR_SockOpt_RecvBufferSize",  /* send buffer size */
-        "PR_SockOpt_SendBufferSize",  /* receive buffer size */
+        "PR_SockOpt_RecvBufferSize",  /* receive buffer size */
+        "PR_SockOpt_SendBufferSize",  /* send buffer size */
 
         "PR_SockOpt_IpTimeToLive",    /* time to live */
         "PR_SockOpt_IpTypeOfService", /* type of service and precedence */
 
         "PR_SockOpt_AddMember",       /* add an IP group membership */
         "PR_SockOpt_DropMember",      /* drop an IP group membership */
         "PR_SockOpt_McastInterface",  /* multicast interface address */
         "PR_SockOpt_McastTimeToLive", /* multicast timetolive */
--- a/nsprpub/pr/tests/vercheck.c
+++ b/nsprpub/pr/tests/vercheck.c
@@ -34,34 +34,34 @@ static char *compatible_version[] = {
     "4.7", "4.7.1", "4.7.2", "4.7.3", "4.7.4", "4.7.5",
     "4.7.6",
     "4.8", "4.8.1", "4.8.2", "4.8.3", "4.8.4", "4.8.5",
     "4.8.6", "4.8.7", "4.8.8", "4.8.9",
     "4.9", "4.9.1", "4.9.2", "4.9.3", "4.9.4", "4.9.5",
     "4.9.6",
     "4.10", "4.10.1", "4.10.2", "4.10.3", "4.10.4",
     "4.10.5", "4.10.6", "4.10.7", "4.10.8", "4.10.9",
-    "4.10.10", "4.11",
+    "4.10.10", "4.11", "4.12",
     PR_VERSION
 };
 
 /*
  * This release is not backward compatible with the old
  * NSPR 2.1 and 3.x releases.
  *
  * Any release is incompatible with future releases and
  * patches.
  */
 static char *incompatible_version[] = {
     "2.1 19980529",
     "3.0", "3.0.1",
     "3.1", "3.1.1", "3.1.2", "3.1.3",
     "3.5", "3.5.1",
-    "4.11.1",
-    "4.12.1",
+    "4.13.1",
+    "4.14", "4.14.1",
     "10.0", "11.1", "12.14.20"
 };
 
 int main(int argc, char **argv)
 {
     int idx;
     int num_compatible = sizeof(compatible_version) / sizeof(char *);
     int num_incompatible = sizeof(incompatible_version) / sizeof(char *);
--- a/old-configure.in
+++ b/old-configure.in
@@ -1682,16 +1682,26 @@ AC_CACHE_CHECK(for clock_gettime(CLOCK_M
 if test "$ac_cv_clock_monotonic" != "no"; then
     HAVE_CLOCK_MONOTONIC=1
     REALTIME_LIBS=$ac_cv_clock_monotonic
     AC_DEFINE(HAVE_CLOCK_MONOTONIC)
     AC_SUBST(HAVE_CLOCK_MONOTONIC)
     AC_SUBST_LIST(REALTIME_LIBS)
 fi
 
+AC_CACHE_CHECK(for pthread_cond_timedwait_monotonic_np,
+               ac_cv_pthread_cond_timedwait_monotonic_np,
+               AC_TRY_LINK([#include <pthread.h>],
+                           [pthread_cond_timedwait_monotonic_np(0, 0, 0);],
+                           ac_cv_pthread_cond_timewait_monotonic_np=yes,
+                           ac_cv_pthread_cond_timewait_monotonic_np=no))
+if test "$ac_cv_pthread_cond_timewait_monotonic_np" != "no"; then
+    AC_DEFINE(HAVE_PTHREAD_COND_TIMEDWAIT_MONOTONIC)
+fi
+
 dnl check for wcrtomb/mbrtowc
 dnl =======================================================================
 if test -z "$MACOS_DEPLOYMENT_TARGET" || test "$MACOS_DEPLOYMENT_TARGET" -ge "100300"; then
 AC_LANG_SAVE
 AC_LANG_CPLUSPLUS
 AC_CACHE_CHECK(for wcrtomb,
     ac_cv_have_wcrtomb,
     [AC_TRY_LINK([#include <wchar.h>],
--- a/security/manager/ssl/StaticHPKPins.errors
+++ b/security/manager/ssl/StaticHPKPins.errors
@@ -4,19 +4,22 @@ Can't find hash in builtin certs for Chr
 Can't find hash in builtin certs for Chrome nickname VeriSignClass3_G2, inserting GOOGLE_PIN_VeriSignClass3_G2
 Can't find hash in builtin certs for Chrome nickname Entrust_SSL, inserting GOOGLE_PIN_Entrust_SSL
 Can't find hash in builtin certs for Chrome nickname UTNDATACorpSGC, inserting GOOGLE_PIN_UTNDATACorpSGC
 Can't find hash in builtin certs for Chrome nickname GTECyberTrustGlobalRoot, inserting GOOGLE_PIN_GTECyberTrustGlobalRoot
 Can't find hash in builtin certs for Chrome nickname GoDaddySecure, inserting GOOGLE_PIN_GoDaddySecure
 Can't find hash in builtin certs for Chrome nickname ThawtePremiumServer, inserting GOOGLE_PIN_ThawtePremiumServer
 Can't find hash in builtin certs for Chrome nickname SymantecClass3EVG3, inserting GOOGLE_PIN_SymantecClass3EVG3
 Can't find hash in builtin certs for Chrome nickname DigiCertECCSecureServerCA, inserting GOOGLE_PIN_DigiCertECCSecureServerCA
-Can't find hash in builtin certs for Chrome nickname LetsEncryptAuthorityX1, inserting GOOGLE_PIN_LetsEncryptAuthorityX1
-Can't find hash in builtin certs for Chrome nickname LetsEncryptAuthorityX2, inserting GOOGLE_PIN_LetsEncryptAuthorityX2
+Can't find hash in builtin certs for Chrome nickname LetsEncryptAuthorityPrimary_X1_X3, inserting GOOGLE_PIN_LetsEncryptAuthorityPrimary_X1_X3
+Can't find hash in builtin certs for Chrome nickname LetsEncryptAuthorityBackup_X2_X4, inserting GOOGLE_PIN_LetsEncryptAuthorityBackup_X2_X4
+Can't find hash in builtin certs for Chrome nickname COMODORSADomainValidationSecureServerCA, inserting GOOGLE_PIN_COMODORSADomainValidationSecureServerCA
 Writing pinset test
 Writing pinset google
 Writing pinset tor
 Writing pinset twitterCom
 Writing pinset twitterCDN
 Writing pinset dropbox
 Writing pinset facebook
 Writing pinset spideroak
 Writing pinset yahoo
+Writing pinset swehackCom
+Writing pinset nightx
--- a/security/manager/ssl/StaticHPKPins.h
+++ b/security/manager/ssl/StaticHPKPins.h
@@ -66,16 +66,20 @@ static const char kComodo_Secure_Service
 /* Comodo Trusted Services root */
 static const char kComodo_Trusted_Services_rootFingerprint[] =
   "4tiR77c4ZpEF1TDeXtcuKyrD9KZweLU0mz/ayklvXrg=";
 
 /* Cybertrust Global Root */
 static const char kCybertrust_Global_RootFingerprint[] =
   "foeCwVDOOVL4AuY2AjpdPpW7XWjjPoWtsroXgSXOvxU=";
 
+/* DST Root CA X3 */
+static const char kDST_Root_CA_X3Fingerprint[] =
+  "Vjs8r4z+80wjNcr1YKepWQboSIRi63WsWXhIMN+eWys=";
+
 /* DigiCert Assured ID Root CA */
 static const char kDigiCert_Assured_ID_Root_CAFingerprint[] =
   "I/Lt/z7ekCWanjD0Cvj5EqXls2lOaThEA0H2Bg4BT/o=";
 
 /* DigiCert Assured ID Root G2 */
 static const char kDigiCert_Assured_ID_Root_G2Fingerprint[] =
   "8ca6Zwz8iOTfUpc8rkIPCgid1HQUT+WAbEIAZOFZEik=";
 
@@ -126,16 +130,20 @@ static const char kEntrust_net_Premium_2
 /* Equifax Secure CA */
 static const char kEquifax_Secure_CAFingerprint[] =
   "/1aAzXOlcD2gSBegdf1GJQanNQbEuBoVg+9UlHjSZHY=";
 
 /* FacebookBackup */
 static const char kFacebookBackupFingerprint[] =
   "q4PO2G2cbkZhZ82+JgmRUyGMoAeozA+BSXVXQWB8XWQ=";
 
+/* GOOGLE_PIN_COMODORSADomainValidationSecureServerCA */
+static const char kGOOGLE_PIN_COMODORSADomainValidationSecureServerCAFingerprint[] =
+  "klO23nT2ehFDXCfx3eHTDRESMz3asj1muO+4aIdjiuY=";
+
 /* GOOGLE_PIN_DigiCertECCSecureServerCA */
 static const char kGOOGLE_PIN_DigiCertECCSecureServerCAFingerprint[] =
   "PZXN3lRAy+8tBKk2Ox6F7jIlnzr2Yzmwqc3JnyfXoCw=";
 
 /* GOOGLE_PIN_Entrust_SSL */
 static const char kGOOGLE_PIN_Entrust_SSLFingerprint[] =
   "nsxRNo6G40YPZsKV5JQt1TCA8nseQQr/LRqp1Oa8fnw=";
 
@@ -146,23 +154,23 @@ static const char kGOOGLE_PIN_GTECyberTr
 /* GOOGLE_PIN_GoDaddySecure */
 static const char kGOOGLE_PIN_GoDaddySecureFingerprint[] =
   "MrZLZnJ6IGPkBm87lYywqu5Xal7O/ZUzmbuIdHMdlYc=";
 
 /* GOOGLE_PIN_GoogleG2 */
 static const char kGOOGLE_PIN_GoogleG2Fingerprint[] =
   "7HIpactkIAq2Y49orFOOQKurWxmmSFZhBCoQYcRhJ3Y=";
 
-/* GOOGLE_PIN_LetsEncryptAuthorityX1 */
-static const char kGOOGLE_PIN_LetsEncryptAuthorityX1Fingerprint[] =
-  "YLh1dUR9y6Kja30RrAn7JKnbQG/uEtLMkBgFF2Fuihg=";
+/* GOOGLE_PIN_LetsEncryptAuthorityBackup_X2_X4 */
+static const char kGOOGLE_PIN_LetsEncryptAuthorityBackup_X2_X4Fingerprint[] =
+  "sRHdihwgkaib1P1gxX8HFszlD+7/gTfNvuAybgLPNis=";
 
-/* GOOGLE_PIN_LetsEncryptAuthorityX2 */
-static const char kGOOGLE_PIN_LetsEncryptAuthorityX2Fingerprint[] =
-  "sRHdihwgkaib1P1gxX8HFszlD+7/gTfNvuAybgLPNis=";
+/* GOOGLE_PIN_LetsEncryptAuthorityPrimary_X1_X3 */
+static const char kGOOGLE_PIN_LetsEncryptAuthorityPrimary_X1_X3Fingerprint[] =
+  "YLh1dUR9y6Kja30RrAn7JKnbQG/uEtLMkBgFF2Fuihg=";
 
 /* GOOGLE_PIN_RapidSSL */
 static const char kGOOGLE_PIN_RapidSSLFingerprint[] =
   "lT09gPUeQfbYrlxRtpsHrjDblj9Rpz+u7ajfCrg4qDM=";
 
 /* GOOGLE_PIN_SymantecClass3EVG3 */
 static const char kGOOGLE_PIN_SymantecClass3EVG3Fingerprint[] =
   "gMxWOrX4PMQesK9qFNbYBxjBfjUvlkn/vN1n+L9lE5E=";
@@ -254,16 +262,24 @@ static const char kSpiderOak3Fingerprint
 /* Starfield Class 2 CA */
 static const char kStarfield_Class_2_CAFingerprint[] =
   "FfFKxFycfaIz00eRZOgTf+Ne4POK6FgYPwhBDqgqxLQ=";
 
 /* Starfield Root Certificate Authority - G2 */
 static const char kStarfield_Root_Certificate_Authority___G2Fingerprint[] =
   "gI1os/q0iEpflxrOfRBVDXqVoWN3Tz7Dav/7IT++THQ=";
 
+/* Swehack */
+static const char kSwehackFingerprint[] =
+  "FdaffE799rVb3oyAuhJ2mBW/XJwD07Uajb2G6YwSAEw=";
+
+/* SwehackBackup */
+static const char kSwehackBackupFingerprint[] =
+  "z6cuswA6E1vgFkCjUsbEYo0Lf3aP8M8YOvwkoiGzDCo=";
+
 /* TestSPKI */
 static const char kTestSPKIFingerprint[] =
   "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=";
 
 /* Tor1 */
 static const char kTor1Fingerprint[] =
   "bYz9JTDk89X3qu3fgswG+lBQso5vI0N1f0Rx4go4nLo=";
 
@@ -480,20 +496,20 @@ static const char* const kPinset_google_
 static const StaticFingerprints kPinset_google = {
   sizeof(kPinset_google_Data) / sizeof(const char*),
   kPinset_google_Data
 };
 
 static const char* const kPinset_tor_Data[] = {
   kTor3Fingerprint,
   kDigiCert_High_Assurance_EV_Root_CAFingerprint,
-  kGOOGLE_PIN_LetsEncryptAuthorityX1Fingerprint,
+  kGOOGLE_PIN_LetsEncryptAuthorityPrimary_X1_X3Fingerprint,
   kTor1Fingerprint,
   kGOOGLE_PIN_RapidSSLFingerprint,
-  kGOOGLE_PIN_LetsEncryptAuthorityX2Fingerprint,
+  kGOOGLE_PIN_LetsEncryptAuthorityBackup_X2_X4Fingerprint,
   kTor2Fingerprint,
 };
 static const StaticFingerprints kPinset_tor = {
   sizeof(kPinset_tor_Data) / sizeof(const char*),
   kPinset_tor_Data
 };
 
 static const char* const kPinset_twitterCom_Data[] = {
@@ -637,16 +653,46 @@ static const char* const kPinset_yahoo_D
   kDigiCert_Global_Root_CAFingerprint,
   kGeoTrust_Primary_Certification_Authority___G2Fingerprint,
 };
 static const StaticFingerprints kPinset_yahoo = {
   sizeof(kPinset_yahoo_Data) / sizeof(const char*),
   kPinset_yahoo_Data
 };
 
+static const char* const kPinset_swehackCom_Data[] = {
+  kSwehackFingerprint,
+  kDST_Root_CA_X3Fingerprint,
+  kGOOGLE_PIN_LetsEncryptAuthorityPrimary_X1_X3Fingerprint,
+  kGOOGLE_PIN_COMODORSADomainValidationSecureServerCAFingerprint,
+  kGOOGLE_PIN_LetsEncryptAuthorityBackup_X2_X4Fingerprint,
+  kSwehackBackupFingerprint,
+};
+static const StaticFingerprints kPinset_swehackCom = {
+  sizeof(kPinset_swehackCom_Data) / sizeof(const char*),
+  kPinset_swehackCom_Data
+};
+
+static const char* const kPinset_nightx_Data[] = {
+  kCOMODO_Certification_AuthorityFingerprint,
+  kDigiCert_Assured_ID_Root_CAFingerprint,
+  kVeriSign_Class_3_Public_Primary_Certification_Authority___G5Fingerprint,
+  kVeriSign_Class_3_Public_Primary_Certification_Authority___G4Fingerprint,
+  kDigiCert_High_Assurance_EV_Root_CAFingerprint,
+  kGOOGLE_PIN_LetsEncryptAuthorityPrimary_X1_X3Fingerprint,
+  kAddTrust_External_RootFingerprint,
+  kVeriSign_Universal_Root_Certification_AuthorityFingerprint,
+  kDigiCert_Global_Root_CAFingerprint,
+  kGOOGLE_PIN_LetsEncryptAuthorityBackup_X2_X4Fingerprint,
+};
+static const StaticFingerprints kPinset_nightx = {
+  sizeof(kPinset_nightx_Data) / sizeof(const char*),
+  kPinset_nightx_Data
+};
+
 /* Domainlist */
 struct TransportSecurityPreload {
   const char* mHost;
   const bool mIncludeSubdomains;
   const bool mTestMode;
   const bool mIsMoz;
   const int32_t mId;
   const StaticFingerprints* pinset;
@@ -691,16 +737,17 @@ static const TransportSecurityPreload kP
   { "chart.apis.google.com", true, false, false, -1, &kPinset_google_root_pems },
   { "check.torproject.org", true, false, false, -1, &kPinset_tor },
   { "checkout.google.com", true, false, false, -1, &kPinset_google_root_pems },
   { "chfr.search.yahoo.com", false, true, false, -1, &kPinset_yahoo },
   { "chit.search.yahoo.com", false, true, false, -1, &kPinset_yahoo },
   { "chrome-devtools-frontend.appspot.com", true, false, false, -1, &kPinset_google_root_pems },
   { "chrome.com", true, false, false, -1, &kPinset_google_root_pems },
   { "chrome.google.com", true, false, false, -1, &kPinset_google_root_pems },
+  { "chromiumbugs.appspot.com", true, false, false, -1, &kPinset_google_root_pems },
   { "chromiumcodereview.appspot.com", true, false, false, -1, &kPinset_google_root_pems },
   { "cl.search.yahoo.com", false, true, false, -1, &kPinset_yahoo },
   { "cloud.google.com", true, false, false, -1, &kPinset_google_root_pems },
   { "cn.search.yahoo.com", false, true, false, -1, &kPinset_yahoo },
   { "co.search.yahoo.com", false, true, false, -1, &kPinset_yahoo },
   { "code.facebook.com", true, false, false, -1, &kPinset_facebook },
   { "code.google.com", true, false, false, -1, &kPinset_google_root_pems },
   { "codereview.appspot.com", true, false, false, -1, &kPinset_google_root_pems },
@@ -963,16 +1010,17 @@ static const TransportSecurityPreload kP
   { "google.ws", true, false, false, -1, &kPinset_google_root_pems },
   { "googleadservices.com", true, false, false, -1, &kPinset_google_root_pems },
   { "googleapis.com", true, false, false, -1, &kPinset_google_root_pems },
   { "googlecode.com", true, false, false, -1, &kPinset_google_root_pems },
   { "googlecommerce.com", true, false, false, -1, &kPinset_google_root_pems },
   { "googlegroups.com", true, false, false, -1, &kPinset_google_root_pems },
   { "googlemail.com", false, false, false, -1, &kPinset_google_root_pems },
   { "googleplex.com", true, false, false, -1, &kPinset_google_root_pems },
+  { "googlesource.com", true, false, false, -1, &kPinset_google_root_pems },
   { "googlesyndication.com", true, false, false, -1, &kPinset_google_root_pems },
   { "googletagmanager.com", true, false, false, -1, &kPinset_google_root_pems },
   { "googletagservices.com", true, false, false, -1, &kPinset_google_root_pems },
   { "googleusercontent.com", true, false, false, -1, &kPinset_google_root_pems },
   { "googlevideo.com", true, false, false, -1, &kPinset_google_root_pems },
   { "googleweblight.com", true, false, false, -1, &kPinset_google_root_pems },
   { "goto.google.com", true, false, false, -1, &kPinset_google_root_pems },
   { "gr.search.yahoo.com", false, true, false, -1, &kPinset_yahoo },
@@ -1011,23 +1059,25 @@ static const TransportSecurityPreload kP
   { "mobile.twitter.com", true, false, false, -1, &kPinset_twitterCom },
   { "mt.search.yahoo.com", false, true, false, -1, &kPinset_yahoo },
   { "mtouch.facebook.com", true, false, false, -1, &kPinset_facebook },
   { "mu.search.yahoo.com", false, true, false, -1, &kPinset_yahoo },
   { "mw.search.yahoo.com", false, true, false, -1, &kPinset_yahoo },
   { "mx.search.yahoo.com", false, true, false, -1, &kPinset_yahoo },
   { "myaccount.google.com", true, false, false, -1, &kPinset_google_root_pems },
   { "ni.search.yahoo.com", false, true, false, -1, &kPinset_yahoo },
+  { "nightx.uk", true, true, false, -1, &kPinset_nightx },
   { "nl.search.yahoo.com", false, true, false, -1, &kPinset_yahoo },
   { "no.search.yahoo.com", false, true, false, -1, &kPinset_yahoo },
   { "np.search.yahoo.com", false, true, false, -1, &kPinset_yahoo },
   { "nz.search.yahoo.com", false, true, false, -1, &kPinset_yahoo },
   { "oauth.twitter.com", true, false, false, -1, &kPinset_twitterCom },
   { "pa.search.yahoo.com", false, true, false, -1, &kPinset_yahoo },
   { "passwords.google.com", true, false, false, -1, &kPinset_google_root_pems },
+  { "payments.google.com", true, false, false, -1, &kPinset_google_root_pems },
   { "pe.search.yahoo.com", false, true, false, -1, &kPinset_yahoo },
   { "ph.search.yahoo.com", false, true, false, -1, &kPinset_yahoo },
   { "pinning-test.badssl.com", true, false, false, -1, &kPinset_test },
   { "pinningtest.appspot.com", true, false, false, -1, &kPinset_test },
   { "pixel.facebook.com", true, false, false, -1, &kPinset_facebook },
   { "pixel.google.com", true, false, false, -1, &kPinset_google_root_pems },
   { "pk.search.yahoo.com", false, true, false, -1, &kPinset_yahoo },
   { "pl.search.yahoo.com", false, true, false, -1, &kPinset_yahoo },
@@ -1048,19 +1098,20 @@ static const TransportSecurityPreload kP
   { "search.yahoo.com", false, true, false, -1, &kPinset_yahoo },
   { "secure.facebook.com", true, false, false, -1, &kPinset_facebook },
   { "security.google.com", true, false, false, -1, &kPinset_google_root_pems },
   { "services.mozilla.com", true, false, true, 6, &kPinset_mozilla_services },
   { "sg.search.yahoo.com", false, true, false, -1, &kPinset_yahoo },
   { "sites.google.com", true, false, false, -1, &kPinset_google_root_pems },
   { "spideroak.com", true, false, false, -1, &kPinset_spideroak },
   { "spreadsheets.google.com", true, false, false, -1, &kPinset_google_root_pems },
-  { "ssl.google-analytics.com", true, false, false, -1, &kPinset_google_root_pems },
   { "static.googleadsserving.cn", true, false, false, -1, &kPinset_google_root_pems },
+  { "stats.g.doubleclick.net", true, false, false, -1, &kPinset_google_root_pems },
   { "sv.search.yahoo.com", false, true, false, -1, &kPinset_yahoo },
+  { "swehack.org", true, true, false, -1, &kPinset_swehackCom },
   { "t.facebook.com", true, false, false, -1, &kPinset_facebook },
   { "tablet.facebook.com", true, false, false, -1, &kPinset_facebook },
   { "talk.google.com", true, false, false, -1, &kPinset_google_root_pems },
   { "talkgadget.google.com", true, false, false, -1, &kPinset_google_root_pems },
   { "test-mode.pinning.example.com", true, true, false, -1, &kPinset_mozilla_test },
   { "th.search.yahoo.com", false, true, false, -1, &kPinset_yahoo },
   { "torproject.org", false, false, false, -1, &kPinset_tor },
   { "touch.facebook.com", true, false, false, -1, &kPinset_facebook },
@@ -1090,29 +1141,30 @@ static const TransportSecurityPreload kP
   { "wf-dogfood-hrd.appspot.com", true, false, false, -1, &kPinset_google_root_pems },
   { "wf-pentest.appspot.com", true, false, false, -1, &kPinset_google_root_pems },
   { "wf-staging-hr.appspot.com", true, false, false, -1, &kPinset_google_root_pems },
   { "wf-training-hrd.appspot.com", true, false, false, -1, &kPinset_google_root_pems },
   { "wf-training-master.appspot.com", true, false, false, -1, &kPinset_google_root_pems },
   { "wf-trial-hrd.appspot.com", true, false, false, -1, &kPinset_google_root_pems },
   { "withgoogle.com", true, false, false, -1, &kPinset_google_root_pems },
   { "withyoutube.com", true, false, false, -1, &kPinset_google_root_pems },
+  { "www.dropbox.com", true, false, false, -1, &kPinset_dropbox },
   { "www.facebook.com", true, false, false, -1, &kPinset_facebook },
   { "www.gmail.com", false, false, false, -1, &kPinset_google_root_pems },
   { "www.googlemail.com", false, false, false, -1, &kPinset_google_root_pems },
   { "www.torproject.org", true, false, false, -1, &kPinset_tor },
   { "www.twitter.com", true, false, false, -1, &kPinset_twitterCom },
   { "xa.search.yahoo.com", false, true, false, -1, &kPinset_yahoo },
   { "xbrlsuccess.appspot.com", true, false, false, -1, &kPinset_google_root_pems },
   { "xn--7xa.google.com", true, false, false, -1, &kPinset_google_root_pems },
   { "youtu.be", true, false, false, -1, &kPinset_google_root_pems },
   { "youtube-nocookie.com", true, false, false, -1, &kPinset_google_root_pems },
   { "youtube.com", true, false, false, -1, &kPinset_google_root_pems },
   { "ytimg.com", true, false, false, -1, &kPinset_google_root_pems },
   { "za.search.yahoo.com", false, true, false, -1, &kPinset_yahoo },
   { "zh.search.yahoo.com", false, true, false, -1, &kPinset_yahoo },
 };
 
-// Pinning Preload List Length = 455;
+// Pinning Preload List Length = 461;
 
 static const int32_t kUnknownId = -1;
 
-static const PRTime kPreloadPKPinsExpirationTime = INT64_C(1473508744829000);
+static const PRTime kPreloadPKPinsExpirationTime = INT64_C(1480769185296000);
--- a/security/manager/ssl/nsSTSPreloadList.errors
+++ b/security/manager/ssl/nsSTSPreloadList.errors
@@ -1,2349 +1,3167 @@
 020wifi.nl: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]"  nsresult: "0x80004005 (NS_ERROR_FAILURE)"  location: "JS frame :: /builds/slave/m-cen-l64-periodicupdate-00000/getHSTSPreloadList.js :: processStsHeader :: line 121"  data: no]
 0p.no: did not receive HSTS header
+0x.sk: could not connect to host
 0x1337.eu: could not connect to host
+0x44.net: did not receive HSTS header
+0xb612.org: could not connect to host
 1018hosting.nl: did not receive HSTS header
+1022996493.rsc.cdn77.org: could not connect to host
 10seos.com: did not receive HSTS header
 123plons.nl: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]"  nsresult: "0x80004005 (NS_ERROR_FAILURE)"  location: "JS frame :: /builds/slave/m-cen-l64-periodicupdate-00000/getHSTSPreloadList.js :: processStsHeader :: line 121"  data: no]
+123test.fr: did not receive HSTS header
 12vpnchina.com: could not connect to host
+18f.gov: did not receive HSTS header
 18f.gsa.gov: did not receive HSTS header
 1a-jva.de: did not receive HSTS header
 1password.com: did not receive HSTS header
+1whw.co.uk: could not connect to host
 206rc.net: max-age too low: 2592000
-2600hq.com: could not connect to host
+25daysof.io: max-age too low: 0
 2or3.tk: could not connect to host
 300651.ru: did not receive HSTS header
 302.nyc: could not connect to host
-314chan.org: could not connect to host
+35792.de: could not connect to host
 360ds.co.in: could not connect to host
+365.or.jp: did not receive HSTS header
+368mibn.com: could not connect to host
 3chit.cf: could not connect to host
 420dongstorm.com: could not connect to host
-42ms.org: did not receive HSTS header
-4455software.com: could not connect to host
 47ronin.com: did not receive HSTS header
-4elements.com: did not receive HSTS header
-4ourty2.org: could not connect to host
+4elements.com: max-age too low: 0
 4sqsu.eu: could not connect to host
 50millionablaze.org: did not receive HSTS header
 56ct.com: could not connect to host
-7thheavenrestaurant.com: could not connect to host
+60ych.net: did not receive HSTS header
+69square.com: could not connect to host
+7kovrikov.ru: did not receive HSTS header
 808.lv: could not connect to host
+83i.net: could not connect to host
+8ack.de: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]"  nsresult: "0x80004005 (NS_ERROR_FAILURE)"  location: "JS frame :: /builds/slave/m-cen-l64-periodicupdate-00000/getHSTSPreloadList.js :: processStsHeader :: line 121"  data: no]
 911911.pw: could not connect to host
 99511.fi: could not connect to host
 9point6.com: could not connect to host
 a-plus.space: could not connect to host
-abcheck.se: could not connect to host
-abearofsoap.com: did not receive HSTS header
+a9c.co: could not connect to host
+abearofsoap.com: could not connect to host
 abecodes.net: did not receive HSTS header
+abilitylist.org: did not receive HSTS header
 abioniere.de: could not connect to host
+aboutyou-deals.de: did not receive HSTS header
+abtom.de: did not receive HSTS header
+abury.fr: did not receive HSTS header
+abury.me: did not receive HSTS header
+accelerole.com: did not receive HSTS header
 accountradar.com: did not receive HSTS header
+accuenergy.com: max-age too low: 0
 acr.im: could not connect to host
-acritelli.com: could not connect to host
+acslimited.co.uk: did not receive HSTS header
 activeweb.top: could not connect to host
 activiti.alfresco.com: did not receive HSTS header
 acuve.jp: could not connect to host
 ad-notam.com: did not receive HSTS header
 ad-notam.de: did not receive HSTS header
 ad-notam.fr: did not receive HSTS header
 ad-notam.it: did not receive HSTS header
 ad-notam.us: did not receive HSTS header
 ada.is: max-age too low: 2592000
-adboos.com: did not receive HSTS header
+adams.net: max-age too low: 0
+adboos.com: could not connect to host
 addvocate.com: could not connect to host
+adevel.eu: could not connect to host
 adhs-chaoten.net: did not receive HSTS header
 admin.google.com: did not receive HSTS header (error ignored - included regardless)
 admsel.ec: could not connect to host
+adquisitio.co.uk: could not connect to host
+adquisitio.de: could not connect to host
+adquisitio.es: could not connect to host
+adquisitio.fr: could not connect to host
+adquisitio.it: could not connect to host
 adsfund.org: could not connect to host
 advancedstudio.ro: did not receive HSTS header
+adviespuntklokkenluiders.nl: did not receive HSTS header
 aemoria.com: could not connect to host
 aes256.ru: could not connect to host
 aether.pw: could not connect to host
 aevpn.net: could not connect to host
+affinitysync.com: could not connect to host
 aficionados.com.br: did not receive HSTS header
 afp548.tk: could not connect to host
-agalaxyfarfaraway.co.uk: could not connect to host
 agbremen.de: did not receive HSTS header
 agevio.com: could not connect to host
+agilebits.net: could not connect to host
+agonswim.com: did not receive HSTS header
 agrimap.com: did not receive HSTS header
 agrios.de: could not connect to host
 agro-id.gov.ua: could not connect to host
 ahabingo.com: did not receive HSTS header
+ahri.ovh: could not connect to host
 airbnb.com: did not receive HSTS header
-aircomms.com: did not receive HSTS header
+aishnair.com: could not connect to host
 aiticon.de: did not receive HSTS header
 aiw-thkoeln.online: could not connect to host
 akclinics.org: did not receive HSTS header
 akselimedia.fi: did not receive HSTS header
 akutun.cl: did not receive HSTS header
 al-shami.net: did not receive HSTS header
+alainwolf.net: could not connect to host
+alanlee.net: could not connect to host
 alanrickmanflipstable.com: could not connect to host
 alarmsystemreviews.com: did not receive HSTS header
+alastyr.com: did not receive HSTS header
+albertbogdanowicz.pl: could not connect to host
 albertopimienta.com: did not receive HSTS header
 alcazaar.com: could not connect to host
 alecvannoten.be: did not receive HSTS header
-alenan.org: did not receive HSTS header
 alessandro.pw: did not receive HSTS header
 alethearose.com: did not receive HSTS header
-alexismeza.com: could not connect to host
+alexisabarca.com: did not receive HSTS header
 alfredxing.com: did not receive HSTS header
+alkami.com: did not receive HSTS header
+alkamitech.com: did not receive HSTS header
 all-subtitles.com: did not receive HSTS header
+allinnote.com: could not connect to host
 allinonecyprus.com: did not receive HSTS header
+allmbw.com: could not connect to host
 allstarswithus.com: could not connect to host
 alpha.irccloud.com: could not connect to host
 alphabit-secure.com: could not connect to host
+alphabuild.io: did not receive HSTS header
+alphalabs.xyz: could not connect to host
+altfire.ca: could not connect to host
 altmv.com: max-age too low: 7776000
+aluroof.eu: max-age too low: 600
 amaforums.org: could not connect to host
+american-truck-simulator.de: could not connect to host
 american-truck-simulator.net: could not connect to host
-amigogeek.net: did not receive HSTS header
+americkykongres.cz: could not connect to host
+amigogeek.net: could not connect to host
+amilx.org: could not connect to host
+amitube.com: could not connect to host
 amri.nl: did not receive HSTS header
 amunoz.org: did not receive HSTS header
 anakros.me: did not receive HSTS header
 anarchistischegroepnijmegen.nl: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]"  nsresult: "0x80004005 (NS_ERROR_FAILURE)"  location: "JS frame :: /builds/slave/m-cen-l64-periodicupdate-00000/getHSTSPreloadList.js :: processStsHeader :: line 121"  data: no]
 anarka.org: could not connect to host
 ancientkarma.com: could not connect to host
 andere-gedanken.net: max-age too low: 10
 andreasbreitenlohner.de: did not receive HSTS header
 andreasolsson.se: could not connect to host
+andrewimeson.com: did not receive HSTS header
 andrewmichaud.beer: could not connect to host
-andrewvoce.com: could not connect to host
 androoz.se: did not receive HSTS header
 andymartin.cc: did not receive HSTS header
 anfsanchezo.me: could not connect to host
 anghami.com: did not receive HSTS header
+animeday.ml: could not connect to host
+animesfusion.com.br: could not connect to host
 animurecs.com: could not connect to host
 aniplus.cf: could not connect to host
 aniplus.gq: could not connect to host
 aniplus.ml: could not connect to host
 ankakaak.com: could not connect to host
-ankaraprofesyonelnakliyat.com: did not receive HSTS header
-ankaraprofesyonelnakliyat.com.tr: did not receive HSTS header
+annabellaw.com: max-age too low: 0
 anomaly.ws: did not receive HSTS header
-anshuman-chatterjee.com: did not receive HSTS header
+anook.com: max-age too low: 0
 ant.land: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]"  nsresult: "0x80004005 (NS_ERROR_FAILURE)"  location: "JS frame :: /builds/slave/m-cen-l64-periodicupdate-00000/getHSTSPreloadList.js :: processStsHeader :: line 121"  data: no]
 antimine.kr: could not connect to host
-antocom.com: could not connect to host
-antoniorequena.com.ve: could not connect to host
+antocom.com: did not receive HSTS header
+antoinedeschenes.com: could not connect to host
+antoniomarques.eu: did not receive HSTS header
+antoniorequena.com.ve: max-age too low: 0
 antscript.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]"  nsresult: "0x80004005 (NS_ERROR_FAILURE)"  location: "JS frame :: /builds/slave/m-cen-l64-periodicupdate-00000/getHSTSPreloadList.js :: processStsHeader :: line 121"  data: no]
 any.pm: did not receive HSTS header
 anycoin.me: could not connect to host
 apachelounge.com: did not receive HSTS header
+apeasternpower.com: max-age too low: 0
+api.lookout.com: could not connect to host
 api.mega.co.nz: could not connect to host
 api.recurly.com: did not receive HSTS header
 apibot.de: could not connect to host
 apis.google.com: did not receive HSTS header (error ignored - included regardless)
-apnakliyat.com: did not receive HSTS header
+app.lookout.com: could not connect to host
 app.manilla.com: could not connect to host
 appengine.google.com: did not receive HSTS header (error ignored - included regardless)
+appleoosa.com: did not receive HSTS header
 applez.xyz: could not connect to host
+applic8.com: did not receive HSTS header
 appraisal-comps.com: could not connect to host
 approlys.fr: did not receive HSTS header
 apps-for-fishing.com: could not connect to host
 appseccalifornia.org: did not receive HSTS header
 arabdigitalexpression.org: did not receive HSTS header
 aradulconteaza.ro: could not connect to host
-aran.me.uk: did not receive HSTS header
-arbitrarion.com: did not receive HSTS header
-arbu.eu: could not connect to host
+aran.me.uk: could not connect to host
+arbu.eu: max-age too low: 2419200
+arctic.gov: did not receive HSTS header
+arjandejong.eu: could not connect to host
 arlen.se: could not connect to host
 armory.consulting: could not connect to host
 armory.supplies: could not connect to host
 armytricka.cz: did not receive HSTS header
-arrakis.se: could not connect to host
-arrayify.com: did not receive HSTS header
-ars-design.net: could not connect to host
+arrayify.com: could not connect to host
+ars.toscana.it: max-age too low: 0
 art2web.net: could not connect to host
+artistnetwork.nl: did not receive HSTS header
 arturkohut.com: could not connect to host
-as200753.com: could not connect to host
-as200753.net: could not connect to host
+arw.me: did not receive HSTS header
+as9178.net: could not connect to host
 asasuou.pw: could not connect to host
 asc16.com: could not connect to host
 asdpress.cn: could not connect to host
+askme24.de: could not connect to host
+ass.org.au: did not receive HSTS header
 assdecoeur.org: could not connect to host
 asset-alive.com: did not receive HSTS header
 asset-alive.net: did not receive HSTS header
+astrolpost.com: could not connect to host
 atavio.at: could not connect to host
 atavio.ch: could not connect to host
+athul.xyz: did not receive HSTS header
 atlex.nl: did not receive HSTS header
 atomik.pro: could not connect to host
+atop.io: could not connect to host
 attimidesigns.com: did not receive HSTS header
 au.search.yahoo.com: max-age too low: 172800
+aubiosales.com: did not receive HSTS header
+auditmatrix.com: did not receive HSTS header
 aujapan.ru: could not connect to host
-aurainfosec.com: could not connect to host
-auraredeye.com: could not connect to host
-auraredshield.com: could not connect to host
 ausnah.me: could not connect to host
 auszeit.bio: did not receive HSTS header
 auth.mail.ru: did not receive HSTS header
 authentication.io: could not connect to host
+auto-serwis.zgorzelec.pl: did not receive HSTS header
 auto4trade.nl: could not connect to host
+autokovrik-diskont.ru: did not receive HSTS header
+automacity.com: could not connect to host
+autotsum.com: could not connect to host
+autumnwindsagility.com: could not connect to host
 auverbox.ovh: did not receive HSTS header
 av.de: did not receive HSTS header
-avarty.com: could not connect to host
 avec-ou-sans-ordonnance.fr: could not connect to host
 awg-mode.de: did not receive HSTS header
-axado.com.br: max-age too low: 0
+axado.com.br: did not receive HSTS header
 axeny.com: did not receive HSTS header
 az.search.yahoo.com: did not receive HSTS header
 azprep.us: could not connect to host
-azuxul.fr: did not receive HSTS header
 b3orion.com: max-age too low: 0
 babak.de: did not receive HSTS header
+babelfisch.eu: could not connect to host
+baby-click.de: did not receive HSTS header
 babyhouse.xyz: could not connect to host
+babystep.tv: did not receive HSTS header
 back-bone.nl: did not receive HSTS header
 badcronjob.com: could not connect to host
 baff.lu: did not receive HSTS header
 baiduaccount.com: could not connect to host
+bajic.ch: could not connect to host
 bakkerdesignandbuild.com: could not connect to host
 balcan-underground.net: could not connect to host
 baldwinkoo.com: could not connect to host
-bangzafran.com: did not receive HSTS header
-barbaros.info: could not connect to host
+bandb.xyz: could not connect to host
+banqingdiao.com: did not receive HSTS header
 barely.sexy: did not receive HSTS header
+bashcode.ninja: could not connect to host
 basicsolutionsus.com: did not receive HSTS header
 baumstark.ca: did not receive HSTS header
 bazarstupava.sk: did not receive HSTS header
+bcbsmagentprofile.com: could not connect to host
 bccx.com: could not connect to host
 bckp.de: could not connect to host
 bcm.com.au: max-age too low: 0
 bcnx.de: did not receive HSTS header
-bcvps.com: did not receive HSTS header
+bcsytv.com: could not connect to host
 be.search.yahoo.com: did not receive HSTS header
 beach-inspector.com: did not receive HSTS header
 beachi.es: could not connect to host
 beastowner.com: did not receive HSTS header
 beavers.io: could not connect to host
 bebesurdoue.com: could not connect to host
 bedeta.de: could not connect to host
 bedreid.dk: did not receive HSTS header
-bedrijvenadministratie.nl: did not receive HSTS header
+bedrijvenadministratie.nl: could not connect to host
 beholdthehurricane.com: could not connect to host
 beier.io: could not connect to host
 belairsewvac.com: did not receive HSTS header
 belics.com: did not receive HSTS header
+belliash.eu.org: could not connect to host
 benk.press: could not connect to host
+benzkosmetik.de: could not connect to host
+berrymark.be: max-age too low: 0
+besixdouze.world: could not connect to host
+betafive.net: could not connect to host
 betnet.fr: could not connect to host
+betplanning.it: did not receive HSTS header
 bets.de: did not receive HSTS header
+bettween.com: did not receive HSTS header
 betz.ro: did not receive HSTS header
 bevapehappy.com: did not receive HSTS header
-beyondpricing.com: did not receive HSTS header
 bezorg.ninja: could not connect to host
+bf.am: max-age too low: 0
+bfear.com: did not receive HSTS header
+bgcparkstad.nl: did not receive HSTS header
 bgmn.net: could not connect to host
 bi.search.yahoo.com: did not receive HSTS header
 bidon.ca: did not receive HSTS header
 bieberium.de: did not receive HSTS header
-bigbrownpromotions.com.au: could not connect to host
+bienenblog.cc: could not connect to host
+bigbrownpromotions.com.au: did not receive HSTS header
 bigdinosaur.org: did not receive HSTS header
 bigshinylock.minazo.net: could not connect to host
 bildiri.ci: did not receive HSTS header
-bildschirmflackern.de: could not connect to host
+bildschirmflackern.de: did not receive HSTS header
+billin.net: did not receive HSTS header
 billninja.com: did not receive HSTS header
-binaryabstraction.com: did not receive HSTS header
+bilrom.com: did not receive HSTS header
+biophysik-ssl.de: did not receive HSTS header
+biou.me: could not connect to host
 birkman.com: did not receive HSTS header
 bismarck.moe: did not receive HSTS header
 bitchan.it: could not connect to host
 bitcoinworld.me: could not connect to host
+bitf.ly: could not connect to host
 bitfactory.ws: could not connect to host
 bitfarm-archiv.com: did not receive HSTS header
 bitfarm-archiv.de: did not receive HSTS header
+bitgo.com: max-age too low: 0
 bithosting.io: did not receive HSTS header
-bitmoe.com: could not connect to host
-bitsafe.systems: could not connect to host
+bitsafe.systems: did not receive HSTS header
 bitvigor.com: could not connect to host
-bizcms.com: could not connect to host
+bivsi.com: could not connect to host
+bizcms.com: did not receive HSTS header
 bizon.sk: did not receive HSTS header
-blackdragoninc.org: could not connect to host
 blacklane.com: did not receive HSTS header
+blackly.uk: could not connect to host
 blackphoenix.de: could not connect to host
 blha303.com.au: could not connect to host
 blindsexdate.nl: could not connect to host
+blog.cyveillance.com: did not receive HSTS header
+blog.gparent.org: could not connect to host
 blog.lookout.com: did not receive HSTS header
 blubbablasen.de: could not connect to host
 blucas.org: did not receive HSTS header
-bluechilli.com: could not connect to host
+blueimp.net: did not receive HSTS header
 blueliv.com: did not receive HSTS header
 bluetenmeer.com: did not receive HSTS header
-blutroyal.de: could not connect to host
+blutroyal.de: did not receive HSTS header
+bm-trading.nl: did not receive HSTS header
 bngsecure.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]"  nsresult: "0x80004005 (NS_ERROR_FAILURE)"  location: "JS frame :: /builds/slave/m-cen-l64-periodicupdate-00000/getHSTSPreloadList.js :: processStsHeader :: line 121"  data: no]
 bobiji.com: did not receive HSTS header
-bochs.info: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]"  nsresult: "0x80004005 (NS_ERROR_FAILURE)"  location: "JS frame :: /builds/slave/m-cen-l64-periodicupdate-00000/getHSTSPreloadList.js :: processStsHeader :: line 121"  data: no]
-bodo-wolff.de: did not receive HSTS header
+bockenauer.at: max-age too low: 0
+bodo-wolff.de: could not connect to host
+bodyblog.nl: did not receive HSTS header
+bodyweightsolution.com: could not connect to host
+boensou.com: did not receive HSTS header
 bogosity.se: could not connect to host
-bonigo.de: could not connect to host
+boltdata.io: could not connect to host
+bonapp.restaurant: could not connect to host
+bonigo.de: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]"  nsresult: "0x80004005 (NS_ERROR_FAILURE)"  location: "JS frame :: /builds/slave/m-cen-l64-periodicupdate-00000/getHSTSPreloadList.js :: processStsHeader :: line 121"  data: no]
 bonitabrazilian.co.nz: did not receive HSTS header
+bookingapp.nl: did not receive HSTS header
 boomerang.com: could not connect to host
 boringsecurity.net: could not connect to host
-boris.one: could not connect to host
+bouwbedrijfpurmerend.nl: did not receive HSTS header
 bowlroll.net: max-age too low: 0
+boxcryptor.com: did not receive HSTS header
 br3in.nl: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]"  nsresult: "0x80004005 (NS_ERROR_FAILURE)"  location: "JS frame :: /builds/slave/m-cen-l64-periodicupdate-00000/getHSTSPreloadList.js :: processStsHeader :: line 121"  data: no]
+bradbrockmeyer.com: could not connect to host
+brage.info: could not connect to host
 braineet.com: did not receive HSTS header
 brainfork.ml: could not connect to host
 braintreegateway.com: did not receive HSTS header
 braintreepayments.com: did not receive HSTS header
 brainvation.de: did not receive HSTS header
 brakemanpro.com: did not receive HSTS header
-brakstad.org: did not receive HSTS header
 bran.cc: could not connect to host
 branchtrack.com: did not receive HSTS header
 brandon.so: could not connect to host
-brianmwaters.net: could not connect to host
-brianpcurran.com: could not connect to host
-brickoo.com: could not connect to host
+bregnedalsystems.dk: max-age too low: 0
 brks.xyz: could not connect to host
+broken-oak.com: could not connect to host
+brookechase.com: did not receive HSTS header
 browserid.org: did not receive HSTS header
-bsagan.fr: could not connect to host
-bsalyzer.com: could not connect to host
 bsdtips.com: could not connect to host
+btcdlc.com: could not connect to host
+buchheld.at: did not receive HSTS header
 budgetthostels.nl: did not receive HSTS header
+budskap.eu: did not receive HSTS header
+bugs.chromium.org: did not receive HSTS header (error ignored - included regardless)
+buildsaver.co.za: did not receive HSTS header
 built.by: could not connect to host
-bullbits.com: could not connect to host
 bulletpoint.cz: did not receive HSTS header
 bumarkamoda.com: did not receive HSTS header
+bunaken.asia: did not receive HSTS header
+burian-server.cz: could not connect to host
 business.lookout.com: could not connect to host
-businessfurs.info: could not connect to host
 businesshosting.nl: did not receive HSTS header
 busold.ws: could not connect to host
 bustimes.org: could not connect to host
 butchersworkshop.com: did not receive HSTS header
-buttercoin.com: did not receive HSTS header
+buttercoin.com: could not connect to host
 buybaby.eu: did not receive HSTS header
 buyfox.de: did not receive HSTS header
 buzzconcert.com: could not connect to host
 bvalle.com: could not connect to host
-bwear4all.de: did not receive HSTS header
+bydisk.com: could not connect to host
 bypro.xyz: could not connect to host
 bysymphony.com: max-age too low: 0
 bytepark.de: did not receive HSTS header
+c1yd3i.me: could not connect to host
+c3b.info: could not connect to host
+cabarave.com: could not connect to host
+cabusar.fr: could not connect to host
 cadao.me: did not receive HSTS header
+cadusilva.com: did not receive HSTS header
 cafe-scientifique.org.ec: could not connect to host
+cajapopcorn.com: did not receive HSTS header
 cake.care: could not connect to host
-calebmorris.com: could not connect to host
 calgaryconstructionjobs.com: could not connect to host
+calix.com: max-age too low: 0
+calvin.me: max-age too low: 2592000
+calvinallen.net: could not connect to host
 calyxinstitute.org: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]"  nsresult: "0x80004005 (NS_ERROR_FAILURE)"  location: "JS frame :: /builds/slave/m-cen-l64-periodicupdate-00000/getHSTSPreloadList.js :: processStsHeader :: line 121"  data: no]
+campus-cybersecurity.team: could not connect to host
 canadiangamblingchoice.com: did not receive HSTS header
+candicontrols.com: did not receive HSTS header
+candy-it.de: did not receive HSTS header
+candylion.rocks: could not connect to host
+canyonshoa.com: did not receive HSTS header
+capecycles.co.za: did not receive HSTS header
+caphane.com: could not connect to host
 captchatheprize.com: could not connect to host
 car-navi.ph: did not receive HSTS header
+carano-service.de: did not receive HSTS header
+caraudio69.cz: could not connect to host
 cardoni.net: did not receive HSTS header
 cargobay.net: could not connect to host
 carlolly.co.uk: could not connect to host
 carlosalves.info: could not connect to host
-carnaticalifornia.com: could not connect to host
+casa-due-pur.com: could not connect to host
 casinostest.com: did not receive HSTS header
-casperpanel.com: did not receive HSTS header
-catinmay.com: could not connect to host
+catinmay.com: did not receive HSTS header
 catnapstudios.com: could not connect to host
+caveclan.org: did not receive HSTS header
 cavedroid.xyz: could not connect to host
+cbhq.net: could not connect to host
 ccsys.com: could not connect to host
-cctech.ph: could not connect to host
+cctech.ph: did not receive HSTS header
 cd.search.yahoo.com: did not receive HSTS header
+cd0.us: could not connect to host
+cdkeykopen.com: did not receive HSTS header
 cdnb.co: could not connect to host
 cdndepo.com: did not receive HSTS header
 cdreporting.co.uk: did not receive HSTS header
-celec.gob.ec: did not receive HSTS header
+cejhon.cz: could not connect to host
 celltek-server.de: did not receive HSTS header
 centralvacsunlimited.net: did not receive HSTS header
-cerfrance.fr: did not receive HSTS header
+centrepoint-community.com: could not connect to host
 cert.se: max-age too low: 2628001
-certifi.io: could not connect to host
+cesal.net: could not connect to host
 cfetengineering.com: could not connect to host
 cg.search.yahoo.com: did not receive HSTS header
 chainmonitor.com: could not connect to host
 championsofregnum.com: did not receive HSTS header
 changelab.cc: max-age too low: 0
+chaos.fail: did not receive HSTS header
 chargejuice.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]"  nsresult: "0x80004005 (NS_ERROR_FAILURE)"  location: "JS frame :: /builds/slave/m-cen-l64-periodicupdate-00000/getHSTSPreloadList.js :: processStsHeader :: line 121"  data: no]
 charmyadesara.com: could not connect to host
 charnleyhouse.co.uk: max-age too low: 604800
 chartstoffarm.de: max-age too low: 10
 chatbot.me: did not receive HSTS header
 chatear.social: did not receive HSTS header
 chateauconstellation.ch: did not receive HSTS header
-chaz6.com: max-age too low: 86400
+chatup.cf: could not connect to host
+cheapestgamecards.de: did not receive HSTS header
+cheapestgamecards.nl: did not receive HSTS header
+cheapestgamecards.se: did not receive HSTS header
 chebedara.com: could not connect to host
 checkout.google.com: did not receive HSTS header (error ignored - included regardless)
+cheerflow.com: could not connect to host
 cheesetart.my: could not connect to host
 chejianer.cn: did not receive HSTS header
-chestnut.cf: did not receive HSTS header
+chihiro.xyz: could not connect to host
 chijiokeindustries.co.uk: did not receive HSTS header
+childcaresolutionscny.org: did not receive HSTS header
+chirgui.eu: could not connect to host
 chm.vn: did not receive HSTS header
 chontalpa.pw: could not connect to host
+chotu.net: could not connect to host
+chris-web.info: did not receive HSTS header
+chriskyrouac.com: could not connect to host
 christiaandruif.nl: could not connect to host
 christianbargon.de: max-age too low: 3600
+christianbro.gq: could not connect to host
 chrisupjohn.com: could not connect to host
 chrome-devtools-frontend.appspot.com: did not receive HSTS header (error ignored - included regardless)
 chrome.google.com: did not receive HSTS header (error ignored - included regardless)
 chroniclesofgeorge.com: did not receive HSTS header
+chua.cf: could not connect to host
+cianmawhinney.xyz: max-age too low: 2592000
 cidr.ml: could not connect to host
-cig-dem.com: could not connect to host
 cip.md: did not receive HSTS header
-cipherboy.com: could not connect to host
-cirfi.com: could not connect to host
+ciscommerce.net: could not connect to host
 citiagent.cz: could not connect to host
 cityoflaurel.org: did not receive HSTS header
+ciubotaru.tk: could not connect to host
 classicspublishing.com: could not connect to host
 clcleaningco.com: could not connect to host
 cleaningsquad.ca: max-age too low: 0
 clerkendweller.uk: could not connect to host
 clickandgo.com: did not receive HSTS header
+clickphish.com: could not connect to host
+clint.id.au: max-age too low: 0
 clintonbloodworth.com: could not connect to host
 clintonbloodworth.io: could not connect to host
+clipped4u.com: could not connect to host
 cloud.wtf: could not connect to host
 cloudapi.vc: could not connect to host
 cloudcert.org: did not receive HSTS header
 cloudcy.net: could not connect to host
+clouddesktop.co.nz: did not receive HSTS header
 cloudflare.com: did not receive HSTS header
 cloudimag.es: could not connect to host
 cloudns.com.au: could not connect to host
 cloudstoragemaus.com: could not connect to host
 cloudwalk.io: did not receive HSTS header
+cloverleaf.net: max-age too low: 0
 clywedogmaths.co.uk: could not connect to host
 cmc-versand.de: did not receive HSTS header
 cmci.dk: did not receive HSTS header
+cmsbattle.com: could not connect to host
 cmscafe.ru: did not receive HSTS header
 cn.search.yahoo.com: did not receive HSTS header
+co50.com: did not receive HSTS header
+codabix.de: could not connect to host
+codabix.net: could not connect to host
 code.google.com: did not receive HSTS header (error ignored - included regardless)
+codeco.pw: did not receive HSTS header
 codeforce.io: did not receive HSTS header
+codepult.com: could not connect to host
 codepx.com: did not receive HSTS header
+codereview.chromium.org: did not receive HSTS header (error ignored - included regardless)
+codewiththepros.org: could not connect to host
 coding.net: did not receive HSTS header
 coffeeetc.co.uk: did not receive HSTS header
 coffeestrategies.com: max-age too low: 2592000
+coiffeurschnittstelle.ch: did not receive HSTS header
 coindam.com: could not connect to host
-coldlostsick.net: could not connect to host
+colengo.com: did not receive HSTS header
+colisfrais.com: did not receive HSTS header
 collies.eu: did not receive HSTS header
+collins.kg: did not receive HSTS header
 colognegaming.net: could not connect to host
 coloradocomputernetworking.net: could not connect to host
+colorbrush.ru: did not receive HSTS header
+comfortticket.de: did not receive HSTS header
 comicspines.com: could not connect to host
 compalytics.com: could not connect to host
 completionist.audio: could not connect to host
 computeremergency.com.au: did not receive HSTS header
 concord-group.co.jp: did not receive HSTS header
 confirm365.com: could not connect to host
 conformal.com: could not connect to host
 console.python.org: did not receive HSTS header
-constructdigital.net: max-age too low: 0
+constructionjobs.com: did not receive HSTS header
 content-api-dev.azurewebsites.net: could not connect to host
+continuumgaming.com: could not connect to host
+cookiecrook.com: could not connect to host
 coolchevy.org.ua: did not receive HSTS header
 cordial-restaurant.com: did not receive HSTS header
 core.mx: could not connect to host
 core4system.de: did not receive HSTS header
 corepartners.com.ua: did not receive HSTS header
 cormilu.com.br: did not receive HSTS header
-corpfin.net: could not connect to host
-correctpaardbatterijnietje.nl: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]"  nsresult: "0x80004005 (NS_ERROR_FAILURE)"  location: "JS frame :: /builds/slave/m-cen-l64-periodicupdate-00000/getHSTSPreloadList.js :: processStsHeader :: line 121"  data: no]
+correctpaardbatterijnietje.nl: did not receive HSTS header
 corruption-mc.net: could not connect to host
 corruption-rsps.net: could not connect to host
 corruption-server.net: could not connect to host
 count.sh: could not connect to host
 couragewhispers.ca: did not receive HSTS header
+coursdeprogrammation.com: could not connect to host
 coursella.com: did not receive HSTS header
 covenantbank.net: could not connect to host
+coverduck.ru: could not connect to host
 cr.search.yahoo.com: did not receive HSTS header
 cracking.org: did not receive HSTS header
+craftbeerbarn.co.uk: could not connect to host
 crate.io: did not receive HSTS header
+cravelyrics.com: could not connect to host
 crazyhotseeds.com: did not receive HSTS header
 creativephysics.ml: could not connect to host
-criena.net: did not receive HSTS header
+crendontech.com: could not connect to host
+criena.net: could not connect to host
+crizk.com: could not connect to host
+cross-view.com: did not receive HSTS header
+crowd.supply: could not connect to host
 crowdcurity.com: did not receive HSTS header
 crowdjuris.com: could not connect to host
 crudysql.com: could not connect to host
 cruzr.xyz: could not connect to host
-cryptearth.de: could not connect to host
+crypt.guru: could not connect to host
+cryptify.eu: did not receive HSTS header
 crypto.is: max-age too low: 7776000
 cryptobin.org: could not connect to host
-cryptolab.tk: could not connect to host
+cryptojar.io: did not receive HSTS header
 crysadm.com: max-age too low: 1
 crystalclassics.co.uk: did not receive HSTS header
+csapak.com: could not connect to host
 csawctf.poly.edu: could not connect to host
 csfs.org.uk: could not connect to host
+csgodicegame.com: did not receive HSTS header
 csgokings.eu: could not connect to host
 csohack.tk: could not connect to host
 cspbuilder.info: could not connect to host
+cspvalidator.org: could not connect to host
 ct.search.yahoo.com: did not receive HSTS header
 cthulhuden.com: could not connect to host
+ctoforhire.com.au: could not connect to host
 cubeserver.eu: could not connect to host
 cubewano.com: could not connect to host
 cujanovic.com: did not receive HSTS header
 cupidmentor.com: did not receive HSTS header
-curlybracket.co.uk: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]"  nsresult: "0x80004005 (NS_ERROR_FAILURE)"  location: "JS frame :: /builds/slave/m-cen-l64-periodicupdate-00000/getHSTSPreloadList.js :: processStsHeader :: line 121"  data: no]
 curroapp.com: could not connect to host
+custe.rs: could not connect to host
 cutorrent.com: could not connect to host
 cyanogenmod.xxx: could not connect to host
 cybershambles.com: could not connect to host
 cycleluxembourg.lu: did not receive HSTS header
 cydia-search.io: could not connect to host
+cyph.com: did not receive HSTS header
 cyphertite.com: could not connect to host
-d-designerin.de: did not receive HSTS header
 dah5.com: did not receive HSTS header
-daknob.net: did not receive HSTS header
+dailystormerpodcasts.com: did not receive HSTS header
+daimadi.com: could not connect to host
 dakrib.net: could not connect to host
-dalfiume.it: did not receive HSTS header
 daniel-steuer.de: did not receive HSTS header
-danieldk.eu: did not receive HSTS header
+danielcowie.me: could not connect to host
+danieldk.eu: could not connect to host
+danielverlaan.nl: could not connect to host
 danielworthy.com: did not receive HSTS header
 danijobs.com: could not connect to host
 danpiel.net: could not connect to host
 danrl.de: did not receive HSTS header
 daolerp.xyz: could not connect to host
+dario.im: could not connect to host
 dark-x.cf: could not connect to host
-darkengine.io: could not connect to host
-darkhole.cn: did not receive HSTS header
+darkhole.cn: could not connect to host
+darrenellis.xyz: could not connect to host
 dashnimorad.com: could not connect to host
 data-abundance.com: could not connect to host
-data102.com: did not receive HSTS header
+datahove.no: did not receive HSTS header
 datarank.com: max-age too low: 0
 dataretention.solutions: could not connect to host
+datasnitch.co.uk: could not connect to host
 datenkeks.de: did not receive HSTS header
-datenreiter.cf: did not receive HSTS header
-datenreiter.gq: did not receive HSTS header
-datenreiter.ml: did not receive HSTS header
-datenreiter.tk: did not receive HSTS header
+datenreiter.cf: could not connect to host
+datenreiter.gq: could not connect to host
+datenreiter.ml: could not connect to host
+datenreiter.tk: could not connect to host
 datewon.net: did not receive HSTS header
+davevelopment.net: could not connect to host
 davidhunter.scot: did not receive HSTS header
 davidreinhardt.de: could not connect to host
 daylightcompany.com: did not receive HSTS header
 dbx.ovh: did not receive HSTS header
 dccode.gov: could not connect to host
 dcurt.is: did not receive HSTS header
 ddatsh.com: could not connect to host
+dden.ca: could not connect to host
 deaktualisierung.org: did not receive HSTS header
+dealbanana.at: did not receive HSTS header
+dealbanana.be: did not receive HSTS header
+dealbanana.co.uk: did not receive HSTS header
+dealbanana.com: did not receive HSTS header
+dealbanana.de: did not receive HSTS header
+dealbanana.fi: did not receive HSTS header
+dealbanana.fr: did not receive HSTS header
+dealbanana.it: did not receive HSTS header
+dealbanana.se: did not receive HSTS header
 debank.tv: did not receive HSTS header
 debtkit.co.uk: did not receive HSTS header
+decafu.co: could not connect to host
 decibelios.li: did not receive HSTS header
-decomplify.com: could not connect to host
 dedicatutiempo.es: could not connect to host
 degroetenvanrosaline.nl: did not receive HSTS header
 deight.co: could not connect to host
 dekasan.ru: could not connect to host
-deliverance.co.uk: did not receive HSTS header
-demotops.com: did not receive HSTS header
-demuzere.com: could not connect to host
-demuzere.eu: could not connect to host
-demuzere.net: could not connect to host
+deliverance.co.uk: could not connect to host
 denh.am: did not receive HSTS header
+denisjean.fr: could not connect to host
 dentaldomain.org: did not receive HSTS header
 dentaldomain.ph: did not receive HSTS header
+depijl-mz.nl: did not receive HSTS header
 depixion.agency: did not receive HSTS header
 dequehablamos.es: could not connect to host
 derevtsov.com: did not receive HSTS header
 detector.exposed: could not connect to host
-detest.org: could not connect to host
 devcu.com: could not connect to host
 devh.de: did not receive HSTS header
 deviltracks.net: could not connect to host
 devincrow.me: could not connect to host
 devinfo.net: did not receive HSTS header
+devuan.org: did not receive HSTS header
 diablotine.rocks: could not connect to host
+diarbag.us: did not receive HSTS header
 diasp.cz: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]"  nsresult: "0x80004005 (NS_ERROR_FAILURE)"  location: "JS frame :: /builds/slave/m-cen-l64-periodicupdate-00000/getHSTSPreloadList.js :: processStsHeader :: line 121"  data: no]
-diedrich.co: max-age too low: 2592000
-dienstplan.one: could not connect to host
+diedrich.co: could not connect to host
 digitaldaddy.net: could not connect to host
 digitalriver.tk: could not connect to host
 digitalskillswap.com: could not connect to host
 dinamoelektrik.com: max-age too low: 0
+dipconsultants.com: max-age too low: 7776000
+discoveringdocker.com: did not receive HSTS header
 discovery.lookout.com: did not receive HSTS header
 dislocated.de: did not receive HSTS header
+dissimulo.me: could not connect to host
 dizihocasi.com: did not receive HSTS header
+dizorg.net: could not connect to host
 dj4et.de: could not connect to host
 dl.google.com: did not receive HSTS header (error ignored - included regardless)
-dndtools.net: could not connect to host
+dmz.ninja: could not connect to host
+dn42.eu: could not connect to host
 dns.google.com: did not receive HSTS header (error ignored - included regardless)
+do-do.tk: could not connect to host
 do.search.yahoo.com: did not receive HSTS header
 dobet.in: could not connect to host
 docs.google.com: did not receive HSTS header (error ignored - included regardless)
-doctor-locks.co.uk: did not receive HSTS header
 doeswindowssuckforeveryoneorjustme.com: could not connect to host
+dogbox.se: did not receive HSTS header
 dohosting.ru: could not connect to host
-doktorsitesi.com: max-age too low: 36000
+dolphin-cloud.com: could not connect to host
+dolphincorp.co.uk: could not connect to host
 domaris.de: did not receive HSTS header
+domhaase.me: could not connect to host
+dominicpratt.de: did not receive HSTS header
+dominique-mueller.de: did not receive HSTS header
 donzelot.co.uk: max-age too low: 3600
-doridian.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]"  nsresult: "0x80004005 (NS_ERROR_FAILURE)"  location: "JS frame :: /builds/slave/m-cen-l64-periodicupdate-00000/getHSTSPreloadList.js :: processStsHeader :: line 121"  data: no]
-doridian.de: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]"  nsresult: "0x80004005 (NS_ERROR_FAILURE)"  location: "JS frame :: /builds/slave/m-cen-l64-periodicupdate-00000/getHSTSPreloadList.js :: processStsHeader :: line 121"  data: no]
-doridian.net: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]"  nsresult: "0x80004005 (NS_ERROR_FAILURE)"  location: "JS frame :: /builds/slave/m-cen-l64-periodicupdate-00000/getHSTSPreloadList.js :: processStsHeader :: line 121"  data: no]
+dopost.it: did not receive HSTS header
+doridian.com: could not connect to host
+doridian.de: could not connect to host
+doridian.net: did not receive HSTS header
 doridian.org: could not connect to host
 dotadata.me: could not connect to host
 download.jitsi.org: did not receive HSTS header
-downsouthweddings.com.au: could not connect to host
-doyoucheck.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]"  nsresult: "0x80004005 (NS_ERROR_FAILURE)"  location: "JS frame :: /builds/slave/m-cen-l64-periodicupdate-00000/getHSTSPreloadList.js :: processStsHeader :: line 121"  data: no]
+downsouthweddings.com.au: did not receive HSTS header
+dpratt.de: could not connect to host
+dprd-wonogirikab.go.id: did not receive HSTS header
+dragonisles.net: could not connect to host
 dragons-of-highlands.cz: could not connect to host
-drakefortreasurer.sexy: could not connect to host
-drakeluce.com: could not connect to host
+dragontrainingmobilezoo.com.au: max-age too low: 0
+drawesome.uy: did not receive HSTS header
 drbethanybarnes.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]"  nsresult: "0x80004005 (NS_ERROR_FAILURE)"  location: "JS frame :: /builds/slave/m-cen-l64-periodicupdate-00000/getHSTSPreloadList.js :: processStsHeader :: line 121"  data: no]
 dreadbyte.com: could not connect to host
+dreamlinehost.com: did not receive HSTS header
+dredgepress.com: could not connect to host
+drishti.guru: could not connect to host
 drive.google.com: did not receive HSTS header (error ignored - included regardless)
+driving-lessons.co.uk: did not receive HSTS header
 droidboss.com: could not connect to host
 dropcam.com: did not receive HSTS header
 drtroyhendrickson.com: could not connect to host
 drumbandesperanto.nl: could not connect to host
 dshiv.io: could not connect to host
-dubrovskiy.net: could not connect to host
-dubrovskiy.pro: could not connect to host
 duesee.org: could not connect to host
+duo.money: could not connect to host
+duria.de: max-age too low: 3600
+dutch1.nl: did not receive HSTS header
+dwhd.org: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]"  nsresult: "0x80004005 (NS_ERROR_FAILURE)"  location: "JS frame :: /builds/slave/m-cen-l64-periodicupdate-00000/getHSTSPreloadList.js :: processStsHeader :: line 121"  data: no]
 dycontrol.de: could not connect to host
 dylanscott.com.au: did not receive HSTS header
-dymersion.com: did not receive HSTS header
-dynamize.solutions: could not connect to host
 dzimejl.sk: did not receive HSTS header
 dzlibs.io: could not connect to host
 e-aut.net: could not connect to host
 e-deca2.org: did not receive HSTS header
+eagletechz.com.br: did not receive HSTS header
+earga.sm: could not connect to host
 earlybirdsnacks.com: did not receive HSTS header
+easez.net: could not connect to host
 easyhaul.com: did not receive HSTS header
-ebaymotorssucks.com: did not receive HSTS header
+eatlowcarb.de: did not receive HSTS header
 ebecs.com: did not receive HSTS header
+ebermannstadt.de: max-age too low: 0
+ebfe.pw: did not receive HSTS header
+ebp2p.com: did not receive HSTS header
+ebpglobal.com: did not receive HSTS header
 ecake.in: could not connect to host
 ecdn.cz: could not connect to host
 ecfs.link: could not connect to host
 ecg.fr: could not connect to host
-echopaper.com: could not connect to host
 echosystem.fr: did not receive HSTS header
 ecole-en-danger.fr: could not connect to host
+ecupcafe.com: max-age too low: 0
 edcphenix.tk: could not connect to host
 edelsteincosmetic.com: did not receive HSTS header
 edge-cloud.net: did not receive HSTS header
+edissecurity.sk: did not receive HSTS header
 edix.ru: could not connect to host
 edmodo.com: did not receive HSTS header
 eduvance.in: did not receive HSTS header
+efficienthealth.com: did not receive HSTS header
 egit.co: could not connect to host
 ego-world.org: could not connect to host
+ehrenamt-skpfcw.de: could not connect to host
 eicfood.com: could not connect to host
-eidolonhost.com: did not receive HSTS header
-eipione.com: could not connect to host
 elaintehtaat.fi: did not receive HSTS header
+elanguest.pl: could not connect to host
 electricianforum.co.uk: could not connect to host
 electromc.com: could not connect to host
+elemprendedor.com.ve: could not connect to host
+elenag.ga: could not connect to host
 elenoon.ir: did not receive HSTS header
 elimdengelen.com: did not receive HSTS header
 elnutricionista.es: did not receive HSTS header
+elonbase.com: could not connect to host
 elpo.xyz: could not connect to host
 elsitar.com: did not receive HSTS header
 email.lookout.com: could not connect to host
 emeldi-commerce.com: max-age too low: 0
-eminovic.me: could not connect to host
 emnitech.com: could not connect to host
+empleosentorreon.mx: could not connect to host
 empleostampico.com: did not receive HSTS header
+encoder.pw: could not connect to host
 encrypted.google.com: did not receive HSTS header (error ignored - included regardless)
 endzeit-architekten.com: did not receive HSTS header
-enigmail.net: could not connect to host
+enfoqueseguro.com: could not connect to host
+engelwerbung.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]"  nsresult: "0x80004005 (NS_ERROR_FAILURE)"  location: "JS frame :: /builds/slave/m-cen-l64-periodicupdate-00000/getHSTSPreloadList.js :: processStsHeader :: line 121"  data: no]
+enigmail.net: did not receive HSTS header
+enorekcah.com: could not connect to host
+enteente.club: could not connect to host
+enteente.com: could not connect to host
+enteente.space: could not connect to host
 enterdev.co: did not receive HSTS header
+enterprise-threat-monitor.com: max-age too low: 0
 entrepreneur.or.id: did not receive HSTS header
 entropia.de: did not receive HSTS header
+enumify.com: could not connect to host
+envygeeks.com: could not connect to host
+envygeeks.io: did not receive HSTS header
 eol34.com: did not receive HSTS header
-epicwalnutcreek.com: did not receive HSTS header
+epanurse.com: could not connect to host
+ephry.com: could not connect to host
 epoxate.com: did not receive HSTS header
-eq8.net.au: max-age too low: 3600
-equate.net.au: max-age too low: 3600
-equatetechnologies.com.au: max-age too low: 3600
+eq8.net.au: could not connect to host
+equilibre-yoga-jennifer-will.com: could not connect to host
 eressea.xyz: could not connect to host
-ergorium.com: could not connect to host
-ergorium.eu: could not connect to host
+ericyl.com: could not connect to host
 eromixx.com: did not receive HSTS header
 erotalia.es: could not connect to host
 eroticen.com: did not receive HSTS header
-erotische-aanbiedingen.nl: did not receive HSTS header
+erotische-aanbiedingen.nl: could not connect to host
 errolz.com: could not connect to host
 errors.zenpayroll.com: could not connect to host
 esec.rs: did not receive HSTS header
 espra.com: could not connect to host
 essexcosmeticdentists.co.uk: did not receive HSTS header
+essexghosthunters.co.uk: did not receive HSTS header
 estan.cn: did not receive HSTS header
-estilos.com.pe: did not receive HSTS header
+estilosapeca.com: could not connect to host
 eternitylove.us: could not connect to host
-etherpad.fr: could not connect to host
-ethicalexploiting.com: could not connect to host
 etsysecure.com: could not connect to host
 etula.ga: could not connect to host
-euanbaines.com: could not connect to host
+euanbaines.com: did not receive HSTS header
 eucl3d.com: did not receive HSTS header
-euph.eu: could not connect to host
-evdenevenakliyatankara.pw: did not receive HSTS header
+euph.eu: did not receive HSTS header
+euro.ro: max-age too low: 0
+evantage.org: could not connect to host
 everwaking.com: could not connect to host
-evin.ml: did not receive HSTS header
-evossd.tk: could not connect to host
+everythingkitchens.com: max-age too low: 604800
+evi.be: did not receive HSTS header
+evin.ml: could not connect to host
+exfiles.cz: did not receive HSTS header
+exgravitus.com: could not connect to host
 exno.co: could not connect to host
+exon.io: did not receive HSTS header
+expertmile.com: did not receive HSTS header
 expoundite.net: did not receive HSTS header
+expressemotion.net: could not connect to host
 expressfinance.co.za: did not receive HSTS header
+extracobanks.com: max-age too low: 0
 extreemhost.nl: did not receive HSTS header
+extremenetworking.net: could not connect to host
+exy.pw: could not connect to host
 eyeglassuniverse.com: did not receive HSTS header
+ez.fi: could not connect to host
 ezimoeko.net: could not connect to host
 ezmod.org: could not connect to host
 eztv.ch: did not receive HSTS header
-f-thie.de: did not receive HSTS header
-f00.ca: could not connect to host
-f2f.cash: could not connect to host
+f-s-u.co.uk: could not connect to host
+f00.ca: did not receive HSTS header
 fabhub.io: could not connect to host
-fabianasantiago.com: could not connect to host
 fabianfischer.de: did not receive HSTS header
 factorygw.com: did not receive HSTS header
 faesser.com: did not receive HSTS header
-fahrenwalde.de: did not receive HSTS header
+fahrenwalde.de: could not connect to host
 fail4free.de: did not receive HSTS header
-faizan.xyz: did not receive HSTS header
+faizan.xyz: could not connect to host
 fakeletters.org: could not connect to host
 falkp.no: did not receive HSTS header
 fanyl.cn: did not receive HSTS header
+fap.no: did not receive HSTS header
 fashioncare.cz: did not receive HSTS header
+fastopen.ml: could not connect to host
 fatgeekflix.net: could not connect to host
 fatherhood.gov: did not receive HSTS header
 fatox.de: could not connect to host
+fatwin.pw: could not connect to host
 fayolle.info: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]"  nsresult: "0x80004005 (NS_ERROR_FAILURE)"  location: "JS frame :: /builds/slave/m-cen-l64-periodicupdate-00000/getHSTSPreloadList.js :: processStsHeader :: line 121"  data: no]
-fbox.li: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]"  nsresult: "0x80004005 (NS_ERROR_FAILURE)"  location: "JS frame :: /builds/slave/m-cen-l64-periodicupdate-00000/getHSTSPreloadList.js :: processStsHeader :: line 121"  data: no]
+fbox.li: could not connect to host
 fdj.im: could not connect to host
 feard.space: could not connect to host
-feirlane.org: could not connect to host
+fedux.com.ar: could not connect to host
+feezmodo.com: max-age too low: 0
+feliwyn.fr: did not receive HSTS header
+felixsanz.com: could not connect to host
 feminists.co: could not connect to host
-fenteo.com: could not connect to host
+fenno.net: did not receive HSTS header
+ferrugem.org: did not receive HSTS header
 festember.com: did not receive HSTS header
 fexmen.com: could not connect to host
 fhdhelp.de: could not connect to host
 fhdhilft.de: could not connect to host
 fiftyshadesofluca.ml: could not connect to host
 fig.co: did not receive HSTS header
 fightr.co: could not connect to host
 finalgear.com: did not receive HSTS header
 finanzkontor.net: could not connect to host
 findmybottleshop.com.au: did not receive HSTS header
 findtutorsnearme.com: did not receive HSTS header
+fingent.com: did not receive HSTS header
 firebaseio-demo.com: could not connect to host
 firebaseio.com: could not connect to host
+firefall.rocks: could not connect to host
 firemail.io: could not connect to host
+firstforex.co.uk: did not receive HSTS header
 fischer-its.com: max-age too low: 2592000
 fish2.me: did not receive HSTS header
+fit4medien.de: did not receive HSTS header
+fivestarsitters.com: did not receive HSTS header
 fixingdns.com: did not receive HSTS header
 fj.search.yahoo.com: did not receive HSTS header
 flags.ninja: could not connect to host
 flamewall.net: could not connect to host
-flamingkeys.com.au: could not connect to host
+flamingcow.tv: did not receive HSTS header
 fliexer.com: did not receive HSTS header
 floless.co.uk: did not receive HSTS header
 florian-lillpopp.de: max-age too low: 10
-florian-thie.de: did not receive HSTS header
-floriankeller.de: did not receive HSTS header
 florianlillpopp.de: max-age too low: 10
-flow.su: could not connect to host
+flouartistique.ch: did not receive HSTS header
+flow.pe: could not connect to host
+flowersandclouds.com: could not connect to host
 flushstudios.com: did not receive HSTS header
 flyaces.com: did not receive HSTS header
 fm83.nl: did not receive HSTS header
+fndout.com: did not receive HSTS header
 fnvsecurity.com: could not connect to host
 fonetiq.io: could not connect to host
 food4health.guide: could not connect to host
 footballmapped.com: could not connect to host
 foraje-profesionale.ro: did not receive HSTS header
 foreignexchangeresource.com: did not receive HSTS header
+foreveralone.io: could not connect to host
 forex-dan.com: did not receive HSTS header
 formini.dz: did not receive HSTS header
 formula.cf: could not connect to host
 fotiu.com: could not connect to host
-fotm.net: max-age too low: 800000
-foxdev.io: did not receive HSTS header
+fotm.net: did not receive HSTS header
+fotografosexpertos.com: did not receive HSTS header
+fotopasja.info: could not connect to host
+fourchin.net: could not connect to host
+foxdev.io: could not connect to host
 foxelbox.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]"  nsresult: "0x80004005 (NS_ERROR_FAILURE)"  location: "JS frame :: /builds/slave/m-cen-l64-periodicupdate-00000/getHSTSPreloadList.js :: processStsHeader :: line 121"  data: no]
-fransallen.com: did not receive HSTS header
-freeform4u.de: did not receive HSTS header
+foxtrot.pw: could not connect to host
+fr33d0m.link: could not connect to host
+francevpn.xyz: could not connect to host
+frangor.info: did not receive HSTS header
+franzt.de: could not connect to host
+freekdevries.nl: could not connect to host
 freematthale.net: did not receive HSTS header
-freemedforms.com: could not connect to host
 freeutopia.org: did not receive HSTS header
-freezion.com: could not connect to host
-freqlabs.com: could not connect to host
 freshfind.xyz: could not connect to host
-fretscha.com: could not connect to host
+frezbo.com: did not receive HSTS header
 friendica.ch: could not connect to host
 froggstack.de: did not receive HSTS header
-frusky.net: did not receive HSTS header
+frontisme.nl: could not connect to host
+frontmin.com: did not receive HSTS header
+fruitusers.com: could not connect to host
+frusky.net: could not connect to host
 funchestra.at: did not receive HSTS header
 funkyweddingideas.com.au: could not connect to host
+funrun.com: did not receive HSTS header
 furry.be: max-age too low: 86400
+fusionmate.com: could not connect to host
+futbol11.com: did not receive HSTS header
 futuretechnologi.es: could not connect to host
 fx-rk.com: did not receive HSTS header
 fyfywka.com: could not connect to host
+fysiohaenraets.nl: did not receive HSTS header
 fzn.io: could not connect to host
+g2a.co: did not receive HSTS header
 g2g.com: did not receive HSTS header
 g4w.co: did not receive HSTS header (error ignored - included regardless)
-gaiserik.com: could not connect to host
+gaelleetarnaud.com: did not receive HSTS header
+gafachi.com: could not connect to host
+gaiserik.com: did not receive HSTS header
+galenskap.eu: did not receive HSTS header
 gallery44.org: did not receive HSTS header
-gameink.net: did not receive HSTS header
+gamecard-shop.nl: did not receive HSTS header
+gameink.net: max-age too low: 0
+gamenected.com: could not connect to host
 gamenected.de: could not connect to host
-gamesdepartment.co.uk: did not receive HSTS header
+gamerslair.org: did not receive HSTS header
+gamesdepartment.co.uk: could not connect to host
 gameserver-sponsor.de: did not receive HSTS header
-gancedo.com.es: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]"  nsresult: "0x80004005 (NS_ERROR_FAILURE)"  location: "JS frame :: /builds/slave/m-cen-l64-periodicupdate-00000/getHSTSPreloadList.js :: processStsHeader :: line 121"  data: no]
-gaptek.id: did not receive HSTS header
+gaptek.id: could not connect to host
 garagegoossens.be: could not connect to host
-gatapro.net: could not connect to host
-geekcast.co.uk: did not receive HSTS header
-genuu.com: could not connect to host
+gdpventure.com: max-age too low: 0
+gechr.io: could not connect to host
+geekcast.co.uk: could not connect to host
+genuxation.com: could not connect to host
 genyaa.com: did not receive HSTS header
+georgmayer.eu: could not connect to host
+gerencianet.com.br: did not receive HSTS header
+get.zenpayroll.com: did not receive HSTS header
 getable.com: did not receive HSTS header
 getcarefirst.com: could not connect to host
+getinternet.de: max-age too low: 0
 getlantern.org: did not receive HSTS header
 getlifti.com: did not receive HSTS header
 getlolaccount.com: could not connect to host
 getmassage.com.ng: did not receive HSTS header
+getsello.com: did not receive HSTS header
+getsport.mobi: could not connect to host
 getwashdaddy.com: did not receive HSTS header
 gfhgiro.nl: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]"  nsresult: "0x80004005 (NS_ERROR_FAILURE)"  location: "JS frame :: /builds/slave/m-cen-l64-periodicupdate-00000/getHSTSPreloadList.js :: processStsHeader :: line 121"  data: no]
 gfm.tech: could not connect to host
 gfournier.ca: could not connect to host
 gfwsb.ml: could not connect to host
+ggss.ml: could not connect to host
+gheorghesarcov.ga: could not connect to host
 gheorghesarcov.tk: could not connect to host
-giftservices.nl: could not connect to host
 gigacloud.org: could not connect to host
 gilly.berlin: did not receive HSTS header
-gipsamsfashion.com: did not receive HSTS header
+gingali.de: did not receive HSTS header
+gipsamsfashion.com: could not connect to host
+gistfy.com: did not receive HSTS header
 github.party: could not connect to host
+givemyanswer.com: could not connect to host
 gizzo.sk: could not connect to host
+gjspunk.de: did not receive HSTS header
 gl.search.yahoo.com: did not receive HSTS header
 glass.google.com: did not receive HSTS header (error ignored - included regardless)
 glentakahashi.com: max-age too low: 0
+globalexpert.co.nz: could not connect to host
 globalittech.com: could not connect to host
 gloomyvancouver.com: did not receive HSTS header
 glws.org: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]"  nsresult: "0x80004005 (NS_ERROR_FAILURE)"  location: "JS frame :: /builds/slave/m-cen-l64-periodicupdate-00000/getHSTSPreloadList.js :: processStsHeader :: line 121"  data: no]
 gm.search.yahoo.com: did not receive HSTS header
 gmail.com: did not receive HSTS header (error ignored - included regardless)
 gmantra.org: could not connect to host
 gmoes.at: max-age too low: 600000
-go.ax: did not receive HSTS header
-goabonga.com: could not connect to host
+go.ax: could not connect to host
+go2sh.de: did not receive HSTS header
+goarmy.eu: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]"  nsresult: "0x80004005 (NS_ERROR_FAILURE)"  location: "JS frame :: /builds/slave/m-cen-l64-periodicupdate-00000/getHSTSPreloadList.js :: processStsHeader :: line 121"  data: no]
 goben.ch: could not connect to host
+goerner.me: did not receive HSTS header
 goge.site: could not connect to host
+gogenenglish.com: could not connect to host
+gogetssl.com: did not receive HSTS header
 gogold-g.com: did not receive HSTS header
 goldendata.io: could not connect to host
 golocal-media.de: did not receive HSTS header
+gonzalosanchez.mx: did not receive HSTS header
+goodenough.nz: could not connect to host
 goodwin43.ru: did not receive HSTS header
 google: could not connect to host (error ignored - included regardless)
 googlemail.com: did not receive HSTS header (error ignored - included regardless)
 googleplex.com: could not connect to host (error ignored - included regardless)
 gorilla-gym.site: did not receive HSTS header
 goto.google.com: did not receive HSTS header (error ignored - included regardless)
 gotowned.org: could not connect to host
+govillemo.ca: did not receive HSTS header
+gowe.wang: could not connect to host
 gparent.org: did not receive HSTS header
 gpsfix.cz: could not connect to host
+gpstuner.com: did not receive HSTS header
+gpsvideocanada.com: did not receive HSTS header
+gracesofgrief.com: max-age too low: 86400
 grandmascookieblog.com: did not receive HSTS header
 grantedby.me: did not receive HSTS header
 graph.no: did not receive HSTS header
 gravitation.pro: did not receive HSTS header
 gravity-net.de: could not connect to host
+graycell.net: could not connect to host
+graymalk.in: did not receive HSTS header
+grazetech.com: could not connect to host
+greenhillantiques.co.uk: did not receive HSTS header
 greenvines.com.tw: did not receive HSTS header
-gregmilton.com: could not connect to host
-gregmilton.org: could not connect to host
 gregorytlee.me: could not connect to host
 greplin.com: could not connect to host
+griesser2.de: could not connect to host
+grigalanzsoftware.com: could not connect to host
+groovinads.com: max-age too low: 0
 groth.im: did not receive HSTS header
 groth.xyz: did not receive HSTS header
 groups.google.com: did not receive HSTS header (error ignored - included regardless)
-grozip.com: did not receive HSTS header
 grunex.com: did not receive HSTS header
-gryffin.ga: did not receive HSTS header
-gryffin.tk: did not receive HSTS header
 gsm-map.com: could not connect to host
 gtanda.tk: could not connect to host
 gtlfsonlinepay.com: did not receive HSTS header
 gtraxapp.com: could not connect to host
-guava.studio: max-age too low: 1604800
+guava.studio: could not connect to host
 guilde-vindicta.fr: did not receive HSTS header
 gunnarhafdal.com: did not receive HSTS header
+gurochan.ch: could not connect to host
 gurusupe.com: could not connect to host
 gvt2.com: could not connect to host (error ignored - included regardless)
 gvt3.com: could not connect to host (error ignored - included regardless)
 gwijaya.com: could not connect to host
+gwtest.us: could not connect to host
 gyboche.com: could not connect to host
 gyboche.science: could not connect to host
-gypsycatdreams.com: did not receive HSTS header
+gycis.me: could not connect to host
 gypthecat.com: max-age too low: 604800
+gyz.io: could not connect to host
 h2check.org: could not connect to host
+habanaavenue.com: did not receive HSTS header
 hablemosdetecnologia.com.ve: could not connect to host
 hack.li: could not connect to host
+hacker.one: could not connect to host
+hackerforever.com: did not receive HSTS header
 hackerpoints.com: could not connect to host
 hackit.im: could not connect to host
+hadzic.co: could not connect to host
 hahayidu.org: could not connect to host
-hakase.kr: could not connect to host
+haitschi.com: could not connect to host
+haitschi.de: could not connect to host
+haitschi.net: could not connect to host
+haitschi.org: could not connect to host
+haktec.de: could not connect to host
 haku.moe: could not connect to host
+halo.red: did not receive HSTS header
 hancc.net: did not receive HSTS header
-hansen.hn: did not receive HSTS header
-hao2taiwan.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]"  nsresult: "0x80004005 (NS_ERROR_FAILURE)"  location: "JS frame :: /builds/slave/m-cen-l64-periodicupdate-00000/getHSTSPreloadList.js :: processStsHeader :: line 121"  data: no]
+hao2taiwan.com: max-age too low: 0
 happyfabric.me: did not receive HSTS header
+harabuhouse.com: did not receive HSTS header
+harbor-light.net: did not receive HSTS header
+harristony.com: could not connect to host
+harvestapp.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]"  nsresult: "0x80004005 (NS_ERROR_FAILURE)"  location: "JS frame :: /builds/slave/m-cen-l64-periodicupdate-00000/getHSTSPreloadList.js :: processStsHeader :: line 121"  data: no]
+harvestrenewal.org: did not receive HSTS header
 harz.cloud: could not connect to host
 has.vision: could not connect to host
-hash-list.com: did not receive HSTS header
+hash-list.com: could not connect to host
 hasilocke.de: did not receive HSTS header
+hasinase.de: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]"  nsresult: "0x80004005 (NS_ERROR_FAILURE)"  location: "JS frame :: /builds/slave/m-cen-l64-periodicupdate-00000/getHSTSPreloadList.js :: processStsHeader :: line 121"  data: no]
 haste.ch: could not connect to host
 hatoko.net: could not connect to host
+haufschild.de: could not connect to host
 haurumcraft.net: could not connect to host
 haveeruexaminer.com: could not connect to host
 haveforeningen-enghaven.dk: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]"  nsresult: "0x80004005 (NS_ERROR_FAILURE)"  location: "JS frame :: /builds/slave/m-cen-l64-periodicupdate-00000/getHSTSPreloadList.js :: processStsHeader :: line 121"  data: no]
-havelland-obstler.de: could not connect to host
-heart.ge: max-age too low: 0
+hazcod.com: could not connect to host
+hcie.pl: could not connect to host
+hdm.io: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]"  nsresult: "0x80004005 (NS_ERROR_FAILURE)"  location: "JS frame :: /builds/slave/m-cen-l64-periodicupdate-00000/getHSTSPreloadList.js :: processStsHeader :: line 121"  data: no]
+hdwallpapers.net: did not receive HSTS header
+heart.ge: did not receive HSTS header
 heartlandrentals.com: did not receive HSTS header
 heftkaufen.de: did not receive HSTS header
-hejahanif.se: could not connect to host
 hellenicaward.com: did not receive HSTS header
-helloworldhost.com: did not receive HSTS header
+hellomouse.cf: could not connect to host
 helpadmin.net: could not connect to host
 helpium.de: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]"  nsresult: "0x80004005 (NS_ERROR_FAILURE)"  location: "JS frame :: /builds/slave/m-cen-l64-periodicupdate-00000/getHSTSPreloadList.js :: processStsHeader :: line 121"  data: no]
 helpmebuild.com: did not receive HSTS header
 hemdal.se: could not connect to host
 henriknoerr.com: could not connect to host
-hermes-net.de: could not connect to host
-herpaderp.net: could not connect to host
-heyfringe.com: could not connect to host
+henriksen.is: could not connect to host
+henryphan.com: could not connect to host
+herpaderp.net: did not receive HSTS header
+hexid.me: did not receive HSTS header
+heycms.com: could not connect to host
 hicn.gq: could not connect to host
+hicoria.com: did not receive HSTS header
+hiddendepth.ie: max-age too low: 0
 hiddenmail.xyz: could not connect to host
+highseer.com: did not receive HSTS header
+hiitcentre.com: did not receive HSTS header
 hikariempire.com: could not connect to host
+hilti.at: max-age too low: 10281600
+hilti.ca: max-age too low: 10281600
+hilti.cl: max-age too low: 10281600
+hilti.co.jp: max-age too low: 10281600
+hilti.co.kr: max-age too low: 10281600
+hilti.co.uk: max-age too low: 10281600
+hilti.com: max-age too low: 10281600
+hilti.com.ar: max-age too low: 10281600
+hilti.com.au: max-age too low: 10281600
+hilti.com.br: max-age too low: 10281600
+hilti.com.hk: max-age too low: 10281600
+hilti.com.sg: max-age too low: 10281600
+hilti.de: max-age too low: 10281600
+hilti.es: max-age too low: 10281600
+hilti.fi: max-age too low: 10281600
+hilti.fr: max-age too low: 10281600
+hilti.ie: max-age too low: 10281600
+hilti.it: max-age too low: 10281600
+hilti.lu: max-age too low: 10281600
+hilti.pt: max-age too low: 10281600
+hilti.ru: max-age too low: 10281600
+hilti.sk: max-age too low: 10281600
 hiphopconvention.nl: could not connect to host
 hitoy.org: did not receive HSTS header
-hledejlevne.cz: did not receive HSTS header
+hittipps.com: did not receive HSTS header
+hjw-kunstwerk.de: could not connect to host
 hmm.nyc: could not connect to host
 hn.search.yahoo.com: did not receive HSTS header
-hoerbuecher-und-hoerspiele.de: did not receive HSTS header
+hoerbuecher-und-hoerspiele.de: could not connect to host
 hogar123.es: could not connect to host
 hohm.in: did not receive HSTS header
 holifestival-freyung.de: could not connect to host
 holymoly.lu: did not receive HSTS header
 homa.website: could not connect to host
 honeytracks.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]"  nsresult: "0x80004005 (NS_ERROR_FAILURE)"  location: "JS frame :: /builds/slave/m-cen-l64-periodicupdate-00000/getHSTSPreloadList.js :: processStsHeader :: line 121"  data: no]
+honoo.com: could not connect to host
 hookandloom.com: did not receive HSTS header
 horosho.in: could not connect to host
 horseboners.xxx: did not receive HSTS header
 hortifarm.ro: could not connect to host
-hory.me: could not connect to host
 hosted-service.com: did not receive HSTS header
 hostedtalkgadget.google.com: did not receive HSTS header (error ignored - included regardless)
 hostgarou.com: did not receive HSTS header
 hostinaus.com.au: could not connect to host
 hostisan.com: did not receive HSTS header
 hotchillibox.com: max-age too low: 0
 hotchoc.io: did not receive HSTS header
-hovie.at: could not connect to host
+housingstudents.org.uk: could not connect to host
 howrandom.org: could not connect to host
+hr-intranet.com: did not receive HSTS header
 hsir.me: could not connect to host
 hsts.date: could not connect to host
 hu.search.yahoo.com: did not receive HSTS header
-huarongdao.com: max-age too low: 1
+huarongdao.com: did not receive HSTS header
 humblefinances.com: could not connect to host
-hupp.se: could not connect to host
 hurricanelabs.com: did not receive HSTS header
 hydra.ws: could not connect to host
+i-jp.net: could not connect to host
 i-partners.sk: did not receive HSTS header
-i95.me: did not receive HSTS header
-iamcarrico.com: could not connect to host
+iamokay.nl: did not receive HSTS header
 iamveto.com: could not connect to host
+iapws.com: did not receive HSTS header
 iban.is: could not connect to host
+iceloch.com: could not connect to host
 icewoman.net: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]"  nsresult: "0x80004005 (NS_ERROR_FAILURE)"  location: "JS frame :: /builds/slave/m-cen-l64-periodicupdate-00000/getHSTSPreloadList.js :: processStsHeader :: line 121"  data: no]
 icreative.nl: did not receive HSTS header
+ictual.com: did not receive HSTS header
 icusignature.com: did not receive HSTS header
 id-co.in: could not connect to host
 id-conf.com: could not connect to host
 idacmedia.com: max-age too low: 5184000
 ideal-envelopes.co.uk: did not receive HSTS header
+ideation-inc.co.jp: did not receive HSTS header
 identitylabs.uk: did not receive HSTS header
 idexxpublicationportal.com: could not connect to host
 ie.search.yahoo.com: did not receive HSTS header
+ies.id.lv: could not connect to host
 ifleurs.com: could not connect to host
+ifoss.me: could not connect to host
 ihrlotto.de: could not connect to host
 ihrnationalrat.ch: could not connect to host
 ihuanmeng.com: did not receive HSTS header
 ijohan.nl: did not receive HSTS header
+ikwilguidobellen.nl: did not receive HSTS header
+ilbuongiorno.it: did not receive HSTS header
 ilikerainbows.co: could not connect to host
 ilikerainbows.co.uk: could not connect to host
-illjinx.info: did not receive HSTS header
 ilmconpm.de: did not receive HSTS header
 ilona.graphics: max-age too low: 3600
 imguoguo.com: did not receive HSTS header
 imim.pw: did not receive HSTS header
+imjiangtao.com: did not receive HSTS header
+immoprotect.ca: could not connect to host
+immoverkauf24.at: did not receive HSTS header
+immoverkauf24.de: did not receive HSTS header
 imolug.org: did not receive HSTS header
 imouto.my: max-age too low: 5184000
 imusic.dk: did not receive HSTS header
 inb4.us: could not connect to host
 inbox.li: did not receive HSTS header
 inchomatic.com: did not receive HSTS header
 indoorskiassen.nl: did not receive HSTS header
 indust.me: did not receive HSTS header
 inertianetworks.com: did not receive HSTS header
 infcof.com: max-age too low: 0
+infilock.com: could not connect to host
+infinitude.me.uk: could not connect to host
+infinitude.xyz: could not connect to host
 infinitusgaming.eu: could not connect to host
 inflation.ml: could not connect to host
-infocommsociety.com: did not receive HSTS header
 infotics.es: did not receive HSTS header
+injigo.com: did not receive HSTS header
+inkable.com.au: did not receive HSTS header
+inked-guy.de: did not receive HSTS header
+inkedguy.de: could not connect to host
 inkstory.gr: did not receive HSTS header
 inksupply.com: did not receive HSTS header
 inleaked.com: could not connect to host
+inmyarea.com: max-age too low: 0
 innophate-security.nl: could not connect to host
+insighti.com: did not receive HSTS header
+insighti.eu: did not receive HSTS header
+insighti.org: did not receive HSTS header
+insighti.sk: did not receive HSTS header
 insite-feedback.com: did not receive HSTS header
 insouciant.org: did not receive HSTS header
 inspiroinc.com: could not connect to host
 instacart.com: did not receive HSTS header
-instant-hack.com: did not receive HSTS header
+instantdev.io: could not connect to host
+intel.li: could not connect to host
 intercom.io: did not receive HSTS header
 interference.io: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]"  nsresult: "0x80004005 (NS_ERROR_FAILURE)"  location: "JS frame :: /builds/slave/m-cen-l64-periodicupdate-00000/getHSTSPreloadList.js :: processStsHeader :: line 121"  data: no]
 interlun.com: could not connect to host
+internetcensus.org: could not connect to host
+internl.net: max-age too low: 0
 interserved.com: did not receive HSTS header
+intex.es: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]"  nsresult: "0x80004005 (NS_ERROR_FAILURE)"  location: "JS frame :: /builds/slave/m-cen-l64-periodicupdate-00000/getHSTSPreloadList.js :: processStsHeader :: line 121"  data: no]
 intim-uslugi-kazan.net: could not connect to host
-intimtoy.com.ua: could not connect to host
-intrasoft.com.au: could not connect to host
+intimtoy.com.ua: did not receive HSTS header
 inverselink-user-content.com: could not connect to host
 inverselink.com: could not connect to host
+invitescene.com: could not connect to host
 inwesttitle.com: max-age too low: 0
+inzdr.com: did not receive HSTS header
 iop.intuit.com: max-age too low: 86400
+iosmods.com: could not connect to host
 iostips.ru: could not connect to host
 ip6.im: did not receive HSTS header
 ipmimagazine.com: did not receive HSTS header
 ipomue.com: could not connect to host
+iptel.by: max-age too low: 0
+iptel.ro: could not connect to host
+iqcn.co: max-age too low: 2592000
 iqualtech.com: did not receive HSTS header
 iranianlawschool.com: could not connect to host
-iraqidinar.org: could not connect to host
+iraqidinar.org: did not receive HSTS header
 irccloud.com: did not receive HSTS header
-ircmett.de: could not connect to host
+ircmett.de: did not receive HSTS header
+irukandjilabs.com: could not connect to host
 ischool.co.jp: did not receive HSTS header
+iseek.biz: max-age too low: 0
 iskaz.rs: did not receive HSTS header
 isogram.nl: could not connect to host
 ispire.me: did not receive HSTS header
+istaspirtslietas.lv: did not receive HSTS header
+it-go.net: did not receive HSTS header
 itechgeek.com: max-age too low: 0
+itfh.eu: did not receive HSTS header
+itos.asia: did not receive HSTS header
+itos.pl: did not receive HSTS header
+its4living.com: could not connect to host
 itsamurai.ru: max-age too low: 2592000
 itsecurityassurance.pw: did not receive HSTS header
 itshost.ru: could not connect to host
 ivi-fertility.com: max-age too low: 0
 ivi.es: max-age too low: 0
+ivk.website: could not connect to host
 izdiwho.com: could not connect to host
 izolight.ch: could not connect to host
+ja-publications.com: did not receive HSTS header
+jaba.hosting: did not receive HSTS header
 jabbari.io: did not receive HSTS header
-jaitnetworking.com: did not receive HSTS header
+jaclynjohnson.com: could not connect to host
+jacobparry.ca: did not receive HSTS header
+jahliveradio.com: could not connect to host
 jakenbake.com: could not connect to host
+james.je: could not connect to host
+jamesbradach.com: did not receive HSTS header
 jamesburton.london: could not connect to host
 jamesbywater.me: could not connect to host
 jamesbywater.me.uk: could not connect to host
 jamesconroyfinn.com: did not receive HSTS header
+jamesdoell.com: could not connect to host
 jamesdoylephoto.com: did not receive HSTS header
-jamesmorrison.me: did not receive HSTS header
-janokacer.sk: could not connect to host
+jamourtney.com: could not connect to host
+jan27.org: did not receive HSTS header
+janario.me: could not connect to host
+janbrodda.de: max-age too low: 2592000
+jannyrijneveld.nl: did not receive HSTS header
 janus-engineering.de: did not receive HSTS header
+japlex.com: could not connect to host
 jaqen.ch: could not connect to host
+jaredeberle.org: did not receive HSTS header
+jaroslavtrsek.cz: did not receive HSTS header
 jartza.org: could not connect to host
-jastoria.pl: did not receive HSTS header
-javalestari.com: did not receive HSTS header
+jasmineconseil.com: did not receive HSTS header
+jasonrobinson.me: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]"  nsresult: "0x80004005 (NS_ERROR_FAILURE)"  location: "JS frame :: /builds/slave/m-cen-l64-periodicupdate-00000/getHSTSPreloadList.js :: processStsHeader :: line 121"  data: no]
+jasonroe.me: did not receive HSTS header
+jastoria.pl: could not connect to host
 jayblock.com: did not receive HSTS header
 jayscoaching.com: could not connect to host
-jbradaric.me: could not connect to host
+jcch.de: max-age too low: 0
 jcoscia.com: could not connect to host
-jcyz.cf: could not connect to host
 jeff393.com: could not connect to host
-jefftickle.com: could not connect to host
 jenjoit.de: could not connect to host
 jensenbanden.no: could not connect to host
-jeremyness.com: could not connect to host
-jetaprices.com: could not connect to host
+jessicabenedictus.nl: could not connect to host
+jetaprices.com: max-age too low: 0
 jettshome.org: could not connect to host
+jetwhiz.com: max-age too low: 0
 jeugdkans.nl: did not receive HSTS header
 jf.duckdns.org: could not connect to host
 jfmel.com: did not receive HSTS header
 jh-media.eu: could not connect to host
+jhburton.uk: could not connect to host
 jhejderup.me: could not connect to host
 jimas.eu: did not receive HSTS header
 jimmycai.org: max-age too low: 10368000
+jinbo123.com: did not receive HSTS header
 jkb.pics: could not connect to host
 jkbuster.com: could not connect to host
 jmdekker.it: could not connect to host
 joakimalgroy.com: could not connect to host
 jobmedic.com: did not receive HSTS header
 joedavison.me: could not connect to host
-johannes.io: could not connect to host
 johners.me: could not connect to host
 johners.tech: did not receive HSTS header
+johnrom.com: did not receive HSTS header
 jonas-keidel.de: did not receive HSTS header
-jonasgroth.se: did not receive HSTS header
+jonasgroth.se: max-age too low: 2592000
 jonathan.ir: could not connect to host
 jonathancarter.org: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]"  nsresult: "0x80004005 (NS_ERROR_FAILURE)"  location: "JS frame :: /builds/slave/m-cen-l64-periodicupdate-00000/getHSTSPreloadList.js :: processStsHeader :: line 121"  data: no]
-jonathandowning.uk: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]"  nsresult: "0x80004005 (NS_ERROR_FAILURE)"  location: "JS frame :: /builds/slave/m-cen-l64-periodicupdate-00000/getHSTSPreloadList.js :: processStsHeader :: line 121"  data: no]
+jonathandowning.uk: could not connect to host
+jonfor.net: could not connect to host
+jonn.me: could not connect to host
+jonnichols.info: could not connect to host
 joostbovee.nl: did not receive HSTS header
+joretapo.fr: could not connect to host
 joshstroup.me: could not connect to host
 jottit.com: could not connect to host
 jrc9.ca: did not receive HSTS header
+jrmd.io: could not connect to host
 jrvar.com: did not receive HSTS header
-js-online.net: did not receive HSTS header
 jsanders.us: did not receive HSTS header
-juergenhecht.de: could not connect to host
+jualssh.com: could not connect to host
+juergenhecht.de: did not receive HSTS header
+jugendsuenden.info: could not connect to host
 juliamweber.de: could not connect to host
-julian-kipka.de: did not receive HSTS header
+julian-kipka.de: could not connect to host
+jumbox.xyz: could not connect to host
 junaos.xyz: did not receive HSTS header
-junge-selbsthilfe.info: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]"  nsresult: "0x80004005 (NS_ERROR_FAILURE)"  location: "JS frame :: /builds/slave/m-cen-l64-periodicupdate-00000/getHSTSPreloadList.js :: processStsHeader :: line 121"  data: no]
 junqtion.com: could not connect to host
+justinlemay.com: could not connect to host
 justlikethat.hosting: did not receive HSTS header
-justudin.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]"  nsresult: "0x80004005 (NS_ERROR_FAILURE)"  location: "JS frame :: /builds/slave/m-cen-l64-periodicupdate-00000/getHSTSPreloadList.js :: processStsHeader :: line 121"  data: no]
+justnaw.co.uk: could not connect to host
+justudin.com: could not connect to host
 juwairen.cn: could not connect to host
+jvoice.net: could not connect to host
 jwilsson.me: could not connect to host
+jxm.in: did not receive HSTS header
 k-dev.de: could not connect to host
+kabus.org: could not connect to host
+kackscharf.de: could not connect to host
+kahopoon.net: could not connect to host
 kalami.nl: could not connect to host
 kamikano.com: could not connect to host
-kamisama.xyz: could not connect to host
 kaplatz.is: could not connect to host
+kapucini.si: max-age too low: 0
 karaoketonight.com: could not connect to host
-kausch.at: did not receive HSTS header
+karhukamera.com: could not connect to host
+kausch.at: could not connect to host
+kavik.no: did not receive HSTS header
 kawaiiku.com: could not connect to host
 kawaiiku.de: could not connect to host
-kdata.it: could not connect to host
+kdata.it: did not receive HSTS header
 kdm-online.de: did not receive HSTS header
 keeley.gq: could not connect to host
 keeley.ml: could not connect to host
 keeleysam.me: could not connect to host
 keepclean.me: could not connect to host
+kerangalam.com: did not receive HSTS header
 kerksanders.nl: did not receive HSTS header
 kermadec.net: could not connect to host
 kernl.us: did not receive HSTS header
+kerrfrequencycombs.org: could not connect to host
+kevinapease.com: max-age too low: 0
 keymaster.lookout.com: did not receive HSTS header
 kgxtech.com: max-age too low: 2592000
 kickass.al: could not connect to host
+kickstart.com.pk: could not connect to host
+kiel-media.de: did not receive HSTS header
 kingmanhall.org: could not connect to host
 kinnon.enterprises: could not connect to host
 kinogb.net: did not receive HSTS header
+kionetworks.com: did not receive HSTS header
 kirkforcongress.com: could not connect to host
 kirkforsenate.com: did not receive HSTS header
 kirkpatrickdavis.com: could not connect to host
 kissart.net: did not receive HSTS header
 kitakemon.com: could not connect to host
 kitchenpunx.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]"  nsresult: "0x80004005 (NS_ERROR_FAILURE)"  location: "JS frame :: /builds/slave/m-cen-l64-periodicupdate-00000/getHSTSPreloadList.js :: processStsHeader :: line 121"  data: no]
 kitsta.com: could not connect to host
 kiwiirc.com: max-age too low: 5256000
 kizil.net: could not connect to host
+kjaermaxi.me: did not receive HSTS header
 kjellvn.net: did not receive HSTS header
-klangnok.de: could not connect to host
-klaxn.com: could not connect to host
+klasfauseweh.de: could not connect to host
+klausbrinch.dk: could not connect to host
 klaxn.org: could not connect to host
+kleertjesvoordelig.nl: could not connect to host
 kleinblogje.nl: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]"  nsresult: "0x80004005 (NS_ERROR_FAILURE)"  location: "JS frame :: /builds/slave/m-cen-l64-periodicupdate-00000/getHSTSPreloadList.js :: processStsHeader :: line 121"  data: no]
+kleinerarchitekturfuehrer.de: could not connect to host
 klicktojob.de: could not connect to host
 kmartin.io: did not receive HSTS header
+knccloud.com: did not receive HSTS header
 kodokushi.fr: could not connect to host
 kolaykaydet.com: did not receive HSTS header
-kollabria.com: could not connect to host
+kollabria.com: max-age too low: 0
 komandakovalchuk.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]"  nsresult: "0x80004005 (NS_ERROR_FAILURE)"  location: "JS frame :: /builds/slave/m-cen-l64-periodicupdate-00000/getHSTSPreloadList.js :: processStsHeader :: line 121"  data: no]
 komikito.com: could not connect to host
+kompetenzwerft.de: did not receive HSTS header
+konata.us: could not connect to host
+kontaxis.network: could not connect to host
 kontorhaus-schlachte.de: could not connect to host
 koop-bremen.de: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]"  nsresult: "0x80004005 (NS_ERROR_FAILURE)"  location: "JS frame :: /builds/slave/m-cen-l64-periodicupdate-00000/getHSTSPreloadList.js :: processStsHeader :: line 121"  data: no]
+koordinate.net: could not connect to host
 korni22.org: did not receive HSTS header
+korsanparti.org: could not connect to host
 kpvpn.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]"  nsresult: "0x80004005 (NS_ERROR_FAILURE)"  location: "JS frame :: /builds/slave/m-cen-l64-periodicupdate-00000/getHSTSPreloadList.js :: processStsHeader :: line 121"  data: no]
 kr.search.yahoo.com: did not receive HSTS header
-kravelindo-adventure.com: could not connect to host
+kradalby.no: did not receive HSTS header
 kredite.sale: could not connect to host
+krmela.com: could not connect to host
 krouzkyliduska.cz: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]"  nsresult: "0x80004005 (NS_ERROR_FAILURE)"  location: "JS frame :: /builds/slave/m-cen-l64-periodicupdate-00000/getHSTSPreloadList.js :: processStsHeader :: line 121"  data: no]
 krupa.net.pl: did not receive HSTS header
 kryptera.se: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]"  nsresult: "0x80004005 (NS_ERROR_FAILURE)"  location: "JS frame :: /builds/slave/m-cen-l64-periodicupdate-00000/getHSTSPreloadList.js :: processStsHeader :: line 121"  data: no]
+ksfh-mail.de: could not connect to host
+kstan.me: could not connect to host
 kueulangtahunanak.net: could not connect to host
+kummerlaender.eu: did not receive HSTS header
+kundenerreichen.de: could not connect to host
 kuppingercole.com: did not receive HSTS header
 kurehun.org: could not connect to host
-kurofuku.me: did not receive HSTS header
 kurz.pw: could not connect to host
 kweddingplanning.com: did not receive HSTS header
+kwidz.fr: could not connect to host
+kyanite.co: could not connect to host
 kylinj.com: could not connect to host
-kynaston.org.uk: could not connect to host
 kz.search.yahoo.com: did not receive HSTS header
-labaia.info: could not connect to host
+labaia.info: did not receive HSTS header
 labina.com.tr: did not receive HSTS header
 laboiteapc.fr: did not receive HSTS header
-labordata.io: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]"  nsresult: "0x80004005 (NS_ERROR_FAILURE)"  location: "JS frame :: /builds/slave/m-cen-l64-periodicupdate-00000/getHSTSPreloadList.js :: processStsHeader :: line 121"  data: no]
+labrador-retrievers.com.au: did not receive HSTS header
 lachlankidson.net: did not receive HSTS header
 laf.in.net: did not receive HSTS header
+lagalerievirtuelle.fr: did not receive HSTS header
 lagoza.name: could not connect to host
-lakhesis.net: could not connect to host
-lambdafive.co.uk: did not receive HSTS header
-lampl.info: could not connect to host
+lambdafive.co.uk: could not connect to host
+lampl.info: did not receive HSTS header
 landscape.canonical.com: max-age too low: 2592000
+langenbach.rocks: did not receive HSTS header
+langhun.me: could not connect to host
 laobox.fr: did not receive HSTS header
-lapidge.net: could not connect to host
+laozhu.me: could not connect to host
+laserfuchs.de: did not receive HSTS header
 lask.in: did not receive HSTS header
 latus.xyz: could not connect to host
-laxatus.com: could not connect to host
-ldarby.me.uk: could not connect to host
-ldc.com.br: max-age too low: 7776000
-leandre.cn: did not receive HSTS header
+lavval.com: could not connect to host
+laxatus.com: did not receive HSTS header
+laxiongames.es: could not connect to host
+lbrt.xyz: could not connect to host
+ld-begunjscica.si: did not receive HSTS header
+ldc.com.br: could not connect to host
+leadership9.com: could not connect to host
 learnfrenchfluently.com: did not receive HSTS header
+ledgerscope.net: could not connect to host
 legarage.org: did not receive HSTS header
 leifdreizler.com: could not connect to host
 leinir.dk: max-age too low: 86400
 leitner.com.au: did not receive HSTS header
-leiyun.me: could not connect to host
+leiyun.me: did not receive HSTS header
 lellyboi.ml: could not connect to host
 lelongbank.com: did not receive HSTS header
+lenovogaming.com: did not receive HSTS header
 lentri.com: did not receive HSTS header
-leob.in: did not receive HSTS header
 leolana.com: could not connect to host
 leon-jaekel.com: could not connect to host
 leopold.email: could not connect to host
-leopoldina.net: could not connect to host
-leopotamgroup.com: did not receive HSTS header
+leopotamgroup.com: could not connect to host
 leovanna.co.uk: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]"  nsresult: "0x80004005 (NS_ERROR_FAILURE)"  location: "JS frame :: /builds/slave/m-cen-l64-periodicupdate-00000/getHSTSPreloadList.js :: processStsHeader :: line 121"  data: no]
+lerner.moscow: could not connect to host
 les-corsaires.net: could not connect to host
 letras.mus.br: did not receive HSTS header
-lewisjuggins.co.uk: could not connect to host
+letustravel.tk: could not connect to host
 lfullerdesign.com: did not receive HSTS header
+lgiswa.com.au: did not receive HSTS header
+lgrs.com.au: did not receive HSTS header
 lgts.se: could not connect to host
 li.search.yahoo.com: did not receive HSTS header
 liaillustr.at: did not receive HSTS header
+liamjack.fr: could not connect to host
 libertyrp.org: could not connect to host
 library.linode.com: did not receive HSTS header
 lifeguard.aecom.com: did not receive HSTS header
+lifeinitsownway.com: could not connect to host
+lifestylehunter.co.uk: did not receive HSTS header
 lightpaste.com: could not connect to host
 likeaross.com: did not receive HSTS header
 lillpopp.eu: max-age too low: 10
+lilpwny.com: could not connect to host
 limalama.eu: max-age too low: 1
+limpido.it: could not connect to host
 lindberg.io: did not receive HSTS header
+lingros-test.tk: could not connect to host
 linguaquote.com: did not receive HSTS header
 linmi.cc: did not receive HSTS header
+linorman1997.me: could not connect to host
 linuxeyecandy.com: could not connect to host
+linuxfixed.it: could not connect to host
 linuxgeek.ro: could not connect to host
-linuxwebservertips.in: did not receive HSTS header
+linuxwebservertips.in: could not connect to host
 liquorsanthe.in: could not connect to host
-lisonfan.com: could not connect to host
 listafirmelor.com: did not receive HSTS header
+livecards.co.uk: did not receive HSTS header
 livedemo.io: could not connect to host
 livej.am: could not connect to host
-lnx.li: did not receive HSTS header
-loacg.com: did not receive HSTS header
-loadingdeck.com: did not receive HSTS header
+livekaarten.be: did not receive HSTS header
+livekaarten.nl: did not receive HSTS header
+livekort.dk: did not receive HSTS header
+livekort.se: did not receive HSTS header
+loadso.me: could not connect to host
 loafbox.com: could not connect to host
+locktheirphone.com: did not receive HSTS header
+locomotive.ca: did not receive HSTS header
 loenshotel.de: did not receive HSTS header
-loftboard.eu: could not connect to host
+loftboard.eu: did not receive HSTS header
 login.corp.google.com: max-age too low: 7776000 (error ignored - included regardless)
-loli.pet: could not connect to host
+longboarding-ulm.de: could not connect to host
+lookastic.co.uk: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]"  nsresult: "0x80004005 (NS_ERROR_FAILURE)"  location: "JS frame :: /builds/slave/m-cen-l64-periodicupdate-00000/getHSTSPreloadList.js :: processStsHeader :: line 121"  data: no]
+lookastic.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]"  nsresult: "0x80004005 (NS_ERROR_FAILURE)"  location: "JS frame :: /builds/slave/m-cen-l64-periodicupdate-00000/getHSTSPreloadList.js :: processStsHeader :: line 121"  data: no]
+lookastic.de: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]"  nsresult: "0x80004005 (NS_ERROR_FAILURE)"  location: "JS frame :: /builds/slave/m-cen-l64-periodicupdate-00000/getHSTSPreloadList.js :: processStsHeader :: line 121"  data: no]
+lookastic.es: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]"  nsresult: "0x80004005 (NS_ERROR_FAILURE)"  location: "JS frame :: /builds/slave/m-cen-l64-periodicupdate-00000/getHSTSPreloadList.js :: processStsHeader :: line 121"  data: no]
+lookastic.fr: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]"  nsresult: "0x80004005 (NS_ERROR_FAILURE)"  location: "JS frame :: /builds/slave/m-cen-l64-periodicupdate-00000/getHSTSPreloadList.js :: processStsHeader :: line 121"  data: no]
+lookastic.mx: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]"  nsresult: "0x80004005 (NS_ERROR_FAILURE)"  location: "JS frame :: /builds/slave/m-cen-l64-periodicupdate-00000/getHSTSPreloadList.js :: processStsHeader :: line 121"  data: no]
+lookastic.ru: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]"  nsresult: "0x80004005 (NS_ERROR_FAILURE)"  location: "JS frame :: /builds/slave/m-cen-l64-periodicupdate-00000/getHSTSPreloadList.js :: processStsHeader :: line 121"  data: no]
+lookout.com: did not receive HSTS header
 lookzook.com: did not receive HSTS header
-loony.info: did not receive HSTS header
-loophost.com.br: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]"  nsresult: "0x80004005 (NS_ERROR_FAILURE)"  location: "JS frame :: /builds/slave/m-cen-l64-periodicupdate-00000/getHSTSPreloadList.js :: processStsHeader :: line 121"  data: no]
+loophost.com.br: did not receive HSTS header
+lostinsecurity.com: could not connect to host
 lothai.re: could not connect to host
+lotsencafe.de: did not receive HSTS header
 lovelifelovelive.com: could not connect to host
-lovelive.us: could not connect to host
 lovelycorral.com: did not receive HSTS header
 loveto.at: could not connect to host
 lpak.nl: could not connect to host
 lsky.cn: did not receive HSTS header
 lsp-sports.de: did not receive HSTS header
 lt.search.yahoo.com: did not receive HSTS header
 lu.search.yahoo.com: did not receive HSTS header
+luine.xyz: could not connect to host
+luis-checa.com: could not connect to host
 lukas.im: did not receive HSTS header
 lukeng.me: could not connect to host
 lukeng.net: could not connect to host
 lukonet.com: did not receive HSTS header
 lumi.do: did not receive HSTS header
-lunix.io: could not connect to host
+lunix.io: did not receive HSTS header
 luoe.ml: could not connect to host
 luoxiao.im: could not connect to host
 lusis.fr: did not receive HSTS header
 lusis.net: did not receive HSTS header
 lustrumxi.nl: could not connect to host
+luther.fi: did not receive HSTS header
 luxus-russen.de: did not receive HSTS header
 lv.search.yahoo.com: did not receive HSTS header
+m-ali.xyz: could not connect to host
 m.gparent.org: could not connect to host
 m3-gmbh.de: did not receive HSTS header
 maarten.nyc: did not receive HSTS header
 maartenvandekamp.nl: did not receive HSTS header
-macker.io: could not connect to host
-maddin.ga: did not receive HSTS header
+macchaberrycream.com: could not connect to host
+maddi.biz: could not connect to host
+maddin.ga: could not connect to host
+madebymagnitude.com: did not receive HSTS header
 maderwin.com: did not receive HSTS header
-madnetwork.org: could not connect to host
 mafamane.com: could not connect to host
 magenx.com: did not receive HSTS header
 mahamed91.pw: could not connect to host
 mail-settings.google.com: did not receive HSTS header (error ignored - included regardless)
 mail.google.com: did not receive HSTS header (error ignored - included regardless)
 maildragon.com: could not connect to host
-mailer-dot.de: could not connect to host
 majesnix.org: could not connect to host
 makeitdynamic.com: could not connect to host
 makerstuff.net: did not receive HSTS header
-malerversand.de: could not connect to host
+malerversand.de: did not receive HSTS header
+malfait.nl: could not connect to host
 malwre.io: could not connect to host
-mamaison.io: did not receive HSTS header
-manaboutahor.se: did not receive HSTS header
-marchagen.nl: did not receive HSTS header
-marcoslater.com: did not receive HSTS header
+mamaison.io: could not connect to host
+mammothmail.com: could not connect to host
+mammothmail.net: could not connect to host
+mammothmail.org: could not connect to host
+manage4all.com: could not connect to host
+manageall.de: could not connect to host
+manageforall.com: could not connect to host
+manageforall.de: could not connect to host
+managemynetsuite.com: max-age too low: 0
+marchagen.nl: could not connect to host
 markayapilandirma.com: did not receive HSTS header
 market.android.com: did not receive HSTS header (error ignored - included regardless)
-markrego.com: did not receive HSTS header
+markrego.com: could not connect to host
 markusweimar.de: did not receive HSTS header
 marleyresort.com: did not receive HSTS header
 marshut.net: could not connect to host
-martijnvhoof.nl: did not receive HSTS header
+martijnvhoof.nl: could not connect to host
 masa.li: could not connect to host
 masjidtawheed.net: did not receive HSTS header
 masterhaus.bg: did not receive HSTS header
+matatall.com: could not connect to host
 matrip.de: could not connect to host
-matrix.ac: could not connect to host
-matthewprenger.com: could not connect to host
+matrix.ac: did not receive HSTS header
+matthiassteen.be: max-age too low: 0
+mattsvensson.com: did not receive HSTS header
+mattwb65.com: did not receive HSTS header
 matty.digital: max-age too low: 3600
-matze.co: could not connect to host
 maultrom.ml: could not connect to host
 mavisang.cf: did not receive HSTS header
-mawe.red: could not connect to host
-mazz-tech.com: could not connect to host
-mb-is.info: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]"  nsresult: "0x80004005 (NS_ERROR_FAILURE)"  location: "JS frame :: /builds/slave/m-cen-l64-periodicupdate-00000/getHSTSPreloadList.js :: processStsHeader :: line 121"  data: no]
-mblankhorst.nl: could not connect to host
-mbsec.net: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]"  nsresult: "0x80004005 (NS_ERROR_FAILURE)"  location: "JS frame :: /builds/slave/m-cen-l64-periodicupdate-00000/getHSTSPreloadList.js :: processStsHeader :: line 121"  data: no]
-mca2017.org: could not connect to host
+maya.mg: did not receive HSTS header
+mca2017.org: did not receive HSTS header
 mcdonalds.ru: did not receive HSTS header
+mclab.su: could not connect to host
 mdfnet.se: did not receive HSTS header
 mdscomp.net: did not receive HSTS header
-meadowviewfarms.org: could not connect to host
+mea.in.ua: could not connect to host
 medallia.io: could not connect to host
+media-courses.com: did not receive HSTS header
 mediacru.sh: could not connect to host
 mediastorm.us: could not connect to host
 mediawikicn.org: could not connect to host
-medusa.wtf: could not connect to host
 medwayindia.com: did not receive HSTS header
 meetings2.com: did not receive HSTS header
 megashur.se: did not receive HSTS header
 megaxchange.com: did not receive HSTS header
 meghudson.com: could not connect to host
-meifrench.com: did not receive HSTS header
 mein-gesundheitsmanager.com: did not receive HSTS header
 meincenter-meinemeinung.de: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]"  nsresult: "0x80004005 (NS_ERROR_FAILURE)"  location: "JS frame :: /builds/slave/m-cen-l64-periodicupdate-00000/getHSTSPreloadList.js :: processStsHeader :: line 121"  data: no]
 meinebo.it: could not connect to host
+melted.pw: could not connect to host
 members.mayfirst.org: did not receive HSTS header
 menthix.net: could not connect to host
+mercurystorm.co.za: could not connect to host
+mereckas.com: did not receive HSTS header
 meritz.rocks: could not connect to host
 merson.me: could not connect to host
+mesmoque.com: did not receive HSTS header
 metebalci.com: could not connect to host
 metin2blog.de: did not receive HSTS header
-mhdsyarif.com: did not receive HSTS header
+metis.pw: could not connect to host
+meuemail.pro: could not connect to host
+mexicansbook.ru: did not receive HSTS header
 mhict.nl: max-age too low: 0
+mia.to: could not connect to host
 michaelfitzpatrickruth.com: could not connect to host
 michal-kral.cz: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]"  nsresult: "0x80004005 (NS_ERROR_FAILURE)"  location: "JS frame :: /builds/slave/m-cen-l64-periodicupdate-00000/getHSTSPreloadList.js :: processStsHeader :: line 121"  data: no]
 michalborka.cz: could not connect to host
 micro-dv.ru: did not receive HSTS header
+microme.ga: could not connect to host
 micropple.net: could not connect to host
 midwestwomenworkers.org: did not receive HSTS header
+mightysounds.cz: max-age too low: 0
+mijcorijneveld.nl: did not receive HSTS header
 mijn-email.org: could not connect to host
-mikeg.de: could not connect to host
-mikepair.net: did not receive HSTS header
+mikaelemilsson.net: did not receive HSTS header
+mikeg.de: did not receive HSTS header
+mikepair.net: could not connect to host
 miku.hatsune.my: max-age too low: 5184000
 milonga.tips: did not receive HSTS header
-mindcoding.ro: did not receive HSTS header
-mindcraft.ga: max-age too low: 2592000
+mindcraft.ga: max-age too low: 7776000
 mindoktor.se: did not receive HSTS header
 minecraftserverz.com: could not connect to host
 minecraftvoter.com: could not connect to host
-minikneet.nl: could not connect to host
+minikneet.nl: did not receive HSTS header
 minnesotadata.com: could not connect to host
+minora.io: could not connect to host
 mirindadomo.ru: did not receive HSTS header
 mironized.com: did not receive HSTS header
 mirrorx.com: did not receive HSTS header
 misskey.xyz: could not connect to host
+missrain.tw: could not connect to host
 mitchellrenouf.ca: could not connect to host
 mitell.jp: did not receive HSTS header
 mittenhacks.com: could not connect to host
 mizd.at: could not connect to host
 mizi.name: did not receive HSTS header
+mlemay.com: could not connect to host
+mlpepilepsy.org: could not connect to host
 mnemotiv.com: could not connect to host
+mnetworkingsolutions.co.uk: did not receive HSTS header
+mobaircon.com: could not connect to host
+mobilemedics.com: did not receive HSTS header
 mobilethreat.net: could not connect to host
 mobilethreatnetwork.net: could not connect to host
-modemagazines.co.uk: did not receive HSTS header
-moelord.org: did not receive HSTS header
+mocloud.eu: could not connect to host
+modemagazines.co.uk: could not connect to host
+modydev.club: did not receive HSTS header
+moebel-nagel.de: did not receive HSTS header
+moelord.org: could not connect to host
+moen.io: did not receive HSTS header
 mokhtarmial.com: max-age too low: 0
+mommel.com: could not connect to host
+mommelonline.de: could not connect to host
 monasterialis.eu: could not connect to host
-mondar.io: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]"  nsresult: "0x80004005 (NS_ERROR_FAILURE)"  location: "JS frame :: /builds/slave/m-cen-l64-periodicupdate-00000/getHSTSPreloadList.js :: processStsHeader :: line 121"  data: no]
-mondwandler.de: could not connect to host
-monitman.com: could not connect to host
+mondwandler.de: did not receive HSTS header
+moon.lc: could not connect to host
 moov.is: could not connect to host
 moparisthebest.biz: could not connect to host
 moparisthebest.info: could not connect to host
+moparscape.org: did not receive HSTS header
 moriz.net: could not connect to host
-morotech.com.br: could not connect to host
+morningcalculation.com: could not connect to host
+morotech.com.br: max-age too low: 2592000
 morpork.xyz: could not connect to host
 mortgagecentersmo.com: did not receive HSTS header
-motionpicturesolutions.com: did not receive HSTS header
+morz.org: could not connect to host
+motionpicturesolutions.com: could not connect to host
 mottvd.com: could not connect to host
 moula.com.au: did not receive HSTS header
 mountainmusicpromotions.com: did not receive HSTS header
-movember.com: did not receive HSTS header
 moviesabout.net: could not connect to host
 mp3juices.is: could not connect to host
 mqas.net: could not connect to host
+mrnonz.com: max-age too low: 0
 mrpopat.in: did not receive HSTS header
 msc-seereisen.net: did not receive HSTS header
+mszaki.com: did not receive HSTS header
 mt.search.yahoo.com: did not receive HSTS header
-mtamaki.com: could not connect to host
 mtcgf.com: did not receive HSTS header
 mtg-esport.de: did not receive HSTS header
 mu.search.yahoo.com: did not receive HSTS header
+multibit.org: did not receive HSTS header
+munich-rage.de: did not receive HSTS header
 munzee.com: did not receive HSTS header
+muriburi.land: could not connect to host
+muriburiland.com: could not connect to host
+murraycoin.org: could not connect to host
 murrayrun.com: could not connect to host
-mustika.cf: did not receive HSTS header
+musikkfondene.no: did not receive HSTS header
+mustika.cf: could not connect to host
 mutamatic.com: could not connect to host
 mvsecurity.nl: could not connect to host
 mw.search.yahoo.com: did not receive HSTS header
+my-owncloud.com: could not connect to host
 my.alfresco.com: did not receive HSTS header
 my.swedbank.se: did not receive HSTS header
 mycollab.net: could not connect to host
 mycoted.com: did not receive HSTS header
 mydeos.com: could not connect to host
 mydigipass.com: did not receive HSTS header
 mygov.scot: did not receive HSTS header
+myiocc.org: could not connect to host
 mykolab.com: did not receive HSTS header
-mykreuzfahrt.de: did not receive HSTS header
+mykreuzfahrt.de: could not connect to host
 myni.io: could not connect to host
+mypagella.com: could not connect to host
 myplaceonline.com: did not receive HSTS header
 mysecretrewards.com: did not receive HSTS header
 mystudy.me: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]"  nsresult: "0x80004005 (NS_ERROR_FAILURE)"  location: "JS frame :: /builds/slave/m-cen-l64-periodicupdate-00000/getHSTSPreloadList.js :: processStsHeader :: line 121"  data: no]
-mythslegendscollection.com: did not receive HSTS header
-myvirtualserver.com: max-age too low: 0
+myvirtualserver.com: max-age too low: 2592000
 myzone.com: did not receive HSTS header
+mziulu.me: could not connect to host
 n2x.in: could not connect to host
+n4l.pw: did not receive HSTS header
 naiharngym.com: did not receive HSTS header
 najedlo.sk: did not receive HSTS header
 nakliyatsirketi.biz: could not connect to host
-nalifornia.com: could not connect to host
+nalifornia.com: did not receive HSTS header
 nanogeneinc.com: could not connect to host
+nanto.eu: could not connect to host
+naphex.rocks: could not connect to host
 natalia.io: could not connect to host
+natalt.org: did not receive HSTS header
+nathancheek.com: could not connect to host
+naturesystems.cz: max-age too low: 0
 natuurbehangnederland.nl: could not connect to host
 nauck.org: did not receive HSTS header
+nav.jobs: could not connect to host
 naval.tf: could not connect to host
 navigate-it-services.de: max-age too low: 0
+navjobs.com: did not receive HSTS header
 nbb.io: did not receive HSTS header
 nbg-ha.de: could not connect to host
+ncc60205.info: could not connect to host
+nct.org.uk: max-age too low: 1
 nctx.co.uk: did not receive HSTS header
-neap.io: did not receive HSTS header
-necormansir.com: did not receive HSTS header
+neel.ch: could not connect to host
 neftaly.com: did not receive HSTS header
+negativecurvature.net: could not connect to host
 neko-system.com: did not receive HSTS header
 nemno.de: could not connect to host
 nemovement.org: did not receive HSTS header
 neonisi.com: could not connect to host
-neosolution.ca: could not connect to host
+nepustil.net: did not receive HSTS header
+nerd42.de: could not connect to host
 nerven.se: could not connect to host
 nestedquotes.ca: could not connect to host
 netbox.cc: could not connect to host
+netherwind.eu: did not receive HSTS header
+netrelay.email: could not connect to host
 netsight.org: could not connect to host
-netwarc.nl: could not connect to host
+netsigna.de: did not receive HSTS header
 netzbit.de: could not connect to host
 netzpolitik.org: did not receive HSTS header
 netztest.at: did not receive HSTS header
-neueonlinecasino2016.com: could not connect to host
 neuralgic.net: could not connect to host
 neuronasdigitales.com: did not receive HSTS header
 neutralox.com: max-age too low: 3600
-neveta.com: did not receive HSTS header
+neveta.com: could not connect to host
 newcitygas.ca: max-age too low: 0
+newkaliningrad.ru: did not receive HSTS header
+nextcloud.org: could not connect to host
 nexth.de: could not connect to host
 nexth.net: could not connect to host
 nexth.us: could not connect to host
 nextproject.us: could not connect to host
 ng-security.com: could not connect to host
 ngine.ch: did not receive HSTS header
 nginxnudes.com: could not connect to host
 ni.search.yahoo.com: did not receive HSTS header
 nicestresser.fr: could not connect to host
 nicky.io: could not connect to host
 nicolaelmer.ch: could not connect to host
+nicolasbettag.me: did not receive HSTS header
 niconiconi.xyz: could not connect to host
-niho.jp: max-age too low: 0
+niconode.com: did not receive HSTS header
+niho.jp: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]"  nsresult: "0x80004005 (NS_ERROR_FAILURE)"  location: "JS frame :: /builds/slave/m-cen-l64-periodicupdate-00000/getHSTSPreloadList.js :: processStsHeader :: line 121"  data: no]
 nikomo.fi: could not connect to host
-nitho.me: max-age too low: 0
-nitropur.com: max-age too low: 2592000
+nippombashi.net: did not receive HSTS header
+nixmag.net: did not receive HSTS header
 nmctest.net: could not connect to host
 nnya.cat: did not receive HSTS header
 no17sifangjie.cc: could not connect to host
+nocallaghan.com: could not connect to host
 nodebrewery.com: could not connect to host
 nodetemple.com: could not connect to host
 noexpect.org: could not connect to host
 nolatepayments.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]"  nsresult: "0x80004005 (NS_ERROR_FAILURE)"  location: "JS frame :: /builds/slave/m-cen-l64-periodicupdate-00000/getHSTSPreloadList.js :: processStsHeader :: line 121"  data: no]
+nolte.work: could not connect to host
+nomorebytes.de: did not receive HSTS header
 nope.website: could not connect to host
 nopex.no: could not connect to host
-nopol.de: could not connect to host
+nopol.de: did not receive HSTS header
 norb.at: could not connect to host
 nosecretshop.com: did not receive HSTS header
-notadd.com: could not connect to host
 notalone.gov: did not receive HSTS header
-notypiesni.sk: did not receive HSTS header
+novacoast.com: did not receive HSTS header
 novatrucking.de: could not connect to host
 nowak.ninja: did not receive HSTS header
 noworrywp.com: could not connect to host
 np.search.yahoo.com: did not receive HSTS header
-npol.de: could not connect to host
+npol.de: did not receive HSTS header
+ntbs.pro: could not connect to host
 nu3.at: did not receive HSTS header
 nu3.ch: did not receive HSTS header
 nu3.co.uk: did not receive HSTS header
 nu3.com: did not receive HSTS header
 nu3.de: did not receive HSTS header
 nu3.dk: did not receive HSTS header
 nu3.fi: did not receive HSTS header
 nu3.fr: did not receive HSTS header
 nu3.no: did not receive HSTS header
 nu3.se: did not receive HSTS header
 nufla.de: could not connect to host
 null-sec.ru: could not connect to host
+null.cat: could not connect to host
 null.tips: could not connect to host
 nullpoint.at: did not receive HSTS header
 numericacu.com: did not receive HSTS header
 nuos.org: could not connect to host
-nutsandboltsmedia.com: did not receive HSTS header
-nyantec.com: could not connect to host
+nutleyeducationalfoundation.org: did not receive HSTS header
+nutleyef.org: did not receive HSTS header
+nutrienti.eu: did not receive HSTS header
+nutsandboltsmedia.com: could not connect to host
+nuxer.fr: could not connect to host
+nyantec.com: did not receive HSTS header
 nystart.no: did not receive HSTS header
 nz.search.yahoo.com: max-age too low: 172800
 nzb.cat: did not receive HSTS header
+o0o.one: did not receive HSTS header
+oasis.mobi: did not receive HSTS header
+obsydian.org: could not connect to host
 ochaken.cf: could not connect to host
-odin.xxx: did not receive HSTS header
+odin.xxx: could not connect to host
+ofcourselanguages.com: could not connect to host
+offshore-firma.org: could not connect to host
 oishioffice.com: did not receive HSTS header
-ojls.co: did not receive HSTS header
-okhrana.agency: could not connect to host
-oliver-pietsch.de: max-age too low: 2592000
+okane.love: could not connect to host
+okhrana.agency: did not receive HSTS header
+okutama.in.th: could not connect to host
+oliver-pietsch.de: did not receive HSTS header
 oliverdunk.com: did not receive HSTS header
-ollehbizev.co.kr: could not connect to host
 olymp-arts.world: did not receive HSTS header
+ominto.com: max-age too low: 0
 omniti.com: max-age too low: 1
-omskit.ru: could not connect to host
 oneb4nk.com: could not connect to host
 onefour.co: could not connect to host
+onefour.ga: could not connect to host
+oneminute.io: did not receive HSTS header
 onepluscamps.com: did not receive HSTS header
+onespiritinc.com: did not receive HSTS header
 onet.space: could not connect to host
-onewpst.com: could not connect to host
+onewpst.com: did not receive HSTS header
+oniichan.us: did not receive HSTS header
 online-casino.eu: did not receive HSTS header
+online.marketing: did not receive HSTS header
+onlinecompliance.org: did not receive HSTS header
+onlinedeposit.us: could not connect to host
 onlinekasino.de: did not receive HSTS header
 onlinepollsph.com: could not connect to host
 onlinespielothek.com: did not receive HSTS header
 onlinewetten.de: could not connect to host
 onlyshopstation.com: did not receive HSTS header
 ononpay.com: did not receive HSTS header
+ontras.com: could not connect to host
+onyxwall.net: could not connect to host
 ookjesprookje.nl: could not connect to host
 ooonja.de: could not connect to host
-oost.io: did not receive HSTS header
+oopsmycase.com: could not connect to host
+oost.io: could not connect to host
 open-to-repair.fr: did not receive HSTS header
 opendesk.cc: did not receive HSTS header
+openmind-shop.de: did not receive HSTS header
 openpriv.pw: did not receive HSTS header
-openprovider.nl: max-age too low: 0
+openprovider.nl: did not receive HSTS header
 openshift.redhat.com: did not receive HSTS header
 opensrd.com: could not connect to host
+oprbox.com: could not connect to host
+opsbears.com: did not receive HSTS header
 optenhoefel.de: could not connect to host
+optometriepunt.nl: did not receive HSTS header
 optumrxhealthstore.com: did not receive HSTS header
+orbitcom.de: max-age too low: 0
 orbograph-hrcm.com: did not receive HSTS header
-orhideous.name: did not receive HSTS header
+ordereat.fr: could not connect to host
+orioncustompcs.com: could not connect to host
 orionfcu.com: did not receive HSTS header
 orleika.ml: could not connect to host
+oscsdp.cz: could not connect to host
 oshell.me: did not receive HSTS header
 ossan-kobe-gourmet.com: did not receive HSTS header
 ossbinaries.com: could not connect to host
-osteammate.com: could not connect to host
+osteammate.com: did not receive HSTS header
 otakuworld.de: could not connect to host
-otchecker.com: did not receive HSTS header
 othercode.nl: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]"  nsresult: "0x80004005 (NS_ERROR_FAILURE)"  location: "JS frame :: /builds/slave/m-cen-l64-periodicupdate-00000/getHSTSPreloadList.js :: processStsHeader :: line 121"  data: no]
 othermedia.cc: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]"  nsresult: "0x80004005 (NS_ERROR_FAILURE)"  location: "JS frame :: /builds/slave/m-cen-l64-periodicupdate-00000/getHSTSPreloadList.js :: processStsHeader :: line 121"  data: no]
 otherstuff.nl: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]"  nsresult: "0x80004005 (NS_ERROR_FAILURE)"  location: "JS frame :: /builds/slave/m-cen-l64-periodicupdate-00000/getHSTSPreloadList.js :: processStsHeader :: line 121"  data: no]
 ottospora.nl: could not connect to host
-ourbank.com: max-age too low: 604800
+ourbank.com: did not receive HSTS header
 outsider.im: could not connect to host
 ouvirmusica.com.br: did not receive HSTS header
 ovenapp.io: did not receive HSTS header
+overclockers.ge: could not connect to host
+oversight.io: could not connect to host
 overthinkingit.com: max-age too low: 3600
 ownmovies.fr: could not connect to host
 oxynux.fr: could not connect to host
 p.linode.com: could not connect to host
-p1984.nl: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]"  nsresult: "0x80004005 (NS_ERROR_FAILURE)"  location: "JS frame :: /builds/slave/m-cen-l64-periodicupdate-00000/getHSTSPreloadList.js :: processStsHeader :: line 121"  data: no]
+p3in.com: could not connect to host
 p8r.de: did not receive HSTS header
 pa.search.yahoo.com: did not receive HSTS header
 packlane.com: did not receive HSTS header
-pahae.de: did not receive HSTS header
-paisaone.com: max-age too low: 7776000
-panamaequity.com: max-age too low: 0
-panni.me: did not receive HSTS header
+paisaone.com: did not receive HSTS header
+paku.me: could not connect to host
+pamsoft.pl: max-age too low: 0
 papeda.net: did not receive HSTS header
 papercard.co.uk: did not receive HSTS header
 papierniak.net: could not connect to host
+parentmail.co.uk: did not receive HSTS header
 partijtjevoordevrijheid.nl: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]"  nsresult: "0x80004005 (NS_ERROR_FAILURE)"  location: "JS frame :: /builds/slave/m-cen-l64-periodicupdate-00000/getHSTSPreloadList.js :: processStsHeader :: line 121"  data: no]
 partyhaus.ovh: could not connect to host
 partyvan.it: could not connect to host
 partyvan.moe: could not connect to host
 partyvan.nl: could not connect to host
 partyvan.se: could not connect to host
 passwordbox.com: did not receive HSTS header
+passwordrevelator.net: did not receive HSTS header
 passwords.google.com: did not receive HSTS header (error ignored - included regardless)
+pastaf.com: could not connect to host
 paste.fedoraproject.org: did not receive HSTS header
 paste.linode.com: could not connect to host
 pastebin.linode.com: could not connect to host
+pastenib.com: could not connect to host
 paster.li: did not receive HSTS header
-pastie.se: did not receive HSTS header
 patientinsight.net: could not connect to host
-patt.us: could not connect to host
+patt.us: did not receive HSTS header
 patterson.mp: could not connect to host
-paulchen.at: did not receive HSTS header
+paulyang.cn: did not receive HSTS header
 paxwinkel.nl: did not receive HSTS header
 pay.gigahost.dk: did not receive HSTS header
+payroll.ch: did not receive HSTS header
+pbapp.net: did not receive HSTS header
 pbprint.ru: max-age too low: 0
-pc-nf.de: did not receive HSTS header
-pccentral.nl: did not receive HSTS header
-pchax.net: did not receive HSTS header
+pc-nf.de: could not connect to host
+pcfun.net: did not receive HSTS header
 peissen.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]"  nsresult: "0x80004005 (NS_ERROR_FAILURE)"  location: "JS frame :: /builds/slave/m-cen-l64-periodicupdate-00000/getHSTSPreloadList.js :: processStsHeader :: line 121"  data: no]
-penablog.com: did not receive HSTS header
+pekkapikkarainen.fi: could not connect to host
+penfold.fr: could not connect to host
 pentagram.me: did not receive HSTS header
+pepchid.com: could not connect to host
+pepperworldhotshop.de: did not receive HSTS header
 perfectionis.me: could not connect to host
 performous.org: could not connect to host
 perlwork.nl: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]"  nsresult: "0x80004005 (NS_ERROR_FAILURE)"  location: "JS frame :: /builds/slave/m-cen-l64-periodicupdate-00000/getHSTSPreloadList.js :: processStsHeader :: line 121"  data: no]
-perroud.pro: could not connect to host
+perplex.nl: did not receive HSTS header
+perroud.pro: did not receive HSTS header
 personaldatabasen.no: could not connect to host
+petchart.net: could not connect to host
+petplum.com: did not receive HSTS header
+petrachuk.ru: did not receive HSTS header
+petravdbos.nl: did not receive HSTS header
 petrolplus.ru: did not receive HSTS header
 pettsy.com: could not connect to host
+pgpm.io: could not connect to host
+pgpmail.cc: could not connect to host
 phongmay24h.com: could not connect to host
 photoblogverona.com: could not connect to host
 phurl.de: could not connect to host
 pic.gov: did not receive HSTS header
+pickme.nl: could not connect to host
 pickr.co: could not connect to host
 picksin.club: could not connect to host
 picscare.co.uk: did not receive HSTS header
 piligrimname.com: could not connect to host
-pinesandneedles.com: could not connect to host
+piliszek.net: could not connect to host
+pinesandneedles.com: did not receive HSTS header
 pinoyonlinetv.com: did not receive HSTS header
 pippen.io: could not connect to host
 piratedb.com: could not connect to host
 piratedot.com: could not connect to host
 piratenlogin.de: could not connect to host
 pirati.cz: max-age too low: 604800
 pisidia.de: could not connect to host
+pitfire.io: did not receive HSTS header
 pixel.google.com: did not receive HSTS header (error ignored - included regardless)
-pixelcode.com.au: did not receive HSTS header
+pixelhero.co.uk: did not receive HSTS header
+pixelminers.net: could not connect to host
+pixi.chat: could not connect to host
 pixi.me: could not connect to host
-pixipics.com: could not connect to host
 pj83.duckdns.org: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]"  nsresult: "0x80004005 (NS_ERROR_FAILURE)"  location: "JS frame :: /builds/slave/m-cen-l64-periodicupdate-00000/getHSTSPreloadList.js :: processStsHeader :: line 121"  data: no]
 pk.search.yahoo.com: did not receive HSTS header
+placollection.org: did not receive HSTS header
 platform.lookout.com: could not connect to host
 play.google.com: did not receive HSTS header (error ignored - included regardless)
-playflick.com: could not connect to host
 playnation.io: did not receive HSTS header
 plothost.com: did not receive HSTS header
 ploup.net: could not connect to host
-pluginsloaded.com: could not connect to host
 pmnts.io: could not connect to host
-pnona.cz: could not connect to host
+po.gl: could not connect to host
 poiema.com.sg: did not receive HSTS header
 pol.in.th: could not connect to host
+poleartschool.com: could not connect to host
 polimat.org: could not connect to host
 politically-incorrect.xyz: could not connect to host
 politologos.org: could not connect to host
 polypho.nyc: could not connect to host
+pompompoes.com: could not connect to host
+pontokay.com.br: did not receive HSTS header
 poolsandstuff.com: did not receive HSTS header
-port443.hamburg: did not receive HSTS header
-port80.hamburg: did not receive HSTS header
+poon.tech: could not connect to host
+poris.web.id: did not receive HSTS header
 portalplatform.net: could not connect to host
 poshpak.com: did not receive HSTS header
-posterspy.com: did not receive HSTS header
+postpi.com: could not connect to host
 postscheduler.org: could not connect to host
 posylka.de: did not receive HSTS header
 poussinooz.fr: could not connect to host
-power-of-interest.com: could not connect to host
+povitria.net: could not connect to host
+power99press.com: could not connect to host
 powerplannerapp.com: did not receive HSTS header
 powerxequality.com: could not connect to host
+ppr-truby.ru: could not connect to host
 pr.search.yahoo.com: did not receive HSTS header
-prediksisydney.com: could not connect to host
 prefontaine.name: could not connect to host
+prego-shop.de: did not receive HSTS header
 preissler.co.uk: could not connect to host
 prelist.org: did not receive HSTS header
 pressfreedomfoundation.org: did not receive HSTS header
+preworkout.me: could not connect to host
+prezola.com: did not receive HSTS header
 priolkar.com: could not connect to host
+priva.si: could not connect to host
+privacylabs.io: did not receive HSTS header
 privacyrup.net: could not connect to host
 prnt.li: did not receive HSTS header
+pro-zone.com: could not connect to host
 prodpad.com: did not receive HSTS header
 production.vn: did not receive HSTS header
+professionalboundaries.com: did not receive HSTS header
 profi-durchgangsmelder.de: did not receive HSTS header
+profundr.com: could not connect to host
+progg.no: could not connect to host
+prohostonline.fi: could not connect to host
 promecon-gmbh.de: did not receive HSTS header
-promhadan.com: could not connect to host
 prontolight.com: did not receive HSTS header
+propagandism.org: could not connect to host
+prosoft.sk: did not receive HSTS header
 prowhisky.de: did not receive HSTS header
 proximato.com: could not connect to host
 proxybay.al: could not connect to host
 proxybay.club: could not connect to host
 proxybay.info: did not receive HSTS header
+prxio.date: could not connect to host
+psncardplus.be: did not receive HSTS header
+psncardplus.com: did not receive HSTS header
+psncardplus.dk: did not receive HSTS header
+psncardplus.nl: did not receive HSTS header
+psncardplus.se: did not receive HSTS header
+psw.academy: did not receive HSTS header
+psw.consulting: did not receive HSTS header
+ptm.ro: max-age too low: 0
 ptn.moscow: could not connect to host
+ptsoft.de: max-age too low: 604800
 pubkey.is: could not connect to host
-pult.co: could not connect to host
+puiterwijk.org: could not connect to host
+pumpgames.net: could not connect to host
 punchr-kamikazee.rhcloud.com: did not receive HSTS header
-puppydns.com: could not connect to host
 purewebmasters.com: could not connect to host
 purplemoon.mobi: did not receive HSTS header
 purplestar.mobi: did not receive HSTS header
 pushapp.org: did not receive HSTS header
+pwnies.dk: could not connect to host
 py.search.yahoo.com: did not receive HSTS header
+pypi-status.org: could not connect to host
 pyplo.org: did not receive HSTS header
 pypt.lt: did not receive HSTS header
 q2.si: could not connect to host
-qingxuan.info: did not receive HSTS header
+qiliang.wang: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]"  nsresult: "0x80004005 (NS_ERROR_FAILURE)"  location: "JS frame :: /builds/slave/m-cen-l64-periodicupdate-00000/getHSTSPreloadList.js :: processStsHeader :: line 121"  data: no]
+qingxuan.info: max-age too low: 864000
 qinxi1992.com: did not receive HSTS header
 qiwi.be: did not receive HSTS header
+qm-marzahnnordwest.de: could not connect to host
 qrara.net: did not receive HSTS header
+qrlending.com: did not receive HSTS header
+qtxh.net: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]"  nsresult: "0x80004005 (NS_ERROR_FAILURE)"  location: "JS frame :: /builds/slave/m-cen-l64-periodicupdate-00000/getHSTSPreloadList.js :: processStsHeader :: line 121"  data: no]
 quantumcourse.org: did not receive HSTS header
+questsandrewards.com: could not connect to host
+quranserver.net: could not connect to host
 qvi.st: did not receive HSTS header
-r0t.co: could not connect to host
+qwilink.me: did not receive HSTS header
+r10n.com: did not receive HSTS header
 r15.me: could not connect to host
+r811.de: could not connect to host
+raajheshkannaa.com: could not connect to host
+radicaleducation.net: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]"  nsresult: "0x80004005 (NS_ERROR_FAILURE)"  location: "JS frame :: /builds/slave/m-cen-l64-periodicupdate-00000/getHSTSPreloadList.js :: processStsHeader :: line 121"  data: no]
 radiormi.com: did not receive HSTS header
+rafaelcz.de: could not connect to host
 rainbowbarracuda.com: could not connect to host
-rambitteh.ru: max-age too low: 0
-rannseier.org: did not receive HSTS header
+ramonj.nl: could not connect to host
 rapidresearch.me: could not connect to host
 rapidthunder.io: could not connect to host
 rasing.me: could not connect to host
-ratuseks.com: did not receive HSTS header
+ratajczak.fr: could not connect to host
 raulfraile.net: could not connect to host
 rawet.se: did not receive HSTS header
 rawstorieslondon.com: could not connect to host
 raydobe.me: could not connect to host
-rc4.io: could not connect to host
-rcpcbd.com: could not connect to host
+rc4.io: did not receive HSTS header
+rcafox.com: could not connect to host
+rcpcbd.com: did not receive HSTS header
 rdns.im: did not receive HSTS header
-readonly.de: could not connect to host
+readr.pw: could not connect to host
 realmofespionage.com: could not connect to host
 recommended.reviews: could not connect to host
+redbee.nl: max-age too low: 0
 reddiseals.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]"  nsresult: "0x80004005 (NS_ERROR_FAILURE)"  location: "JS frame :: /builds/slave/m-cen-l64-periodicupdate-00000/getHSTSPreloadList.js :: processStsHeader :: line 121"  data: no]
 redicabo.de: could not connect to host
 redlatam.org: did not receive HSTS header
+redmbk.com: could not connect to host
 regaloaks.com: did not receive HSTS header
 regalpalms.com: did not receive HSTS header
 regenbogenwald.de: did not receive HSTS header
 regenerescence.com: did not receive HSTS header
 reic.me: could not connect to host
+reisyukaku.org: could not connect to host
 rejo.in: could not connect to host
 relisten.nl: did not receive HSTS header
 remodela.com.ve: could not connect to host
-renem.net: max-age too low: 0
+renem.net: did not receive HSTS header
+renlong.org: could not connect to host
 rent-a-coder.de: did not receive HSTS header
 rentcarassist.com: could not connect to host
 renteater.com: could not connect to host
+reox.at: could not connect to host
+repaxan.com: could not connect to host
 reprolife.co.uk: max-age too low: 0
+res-rheingau.de: did not receive HSTS header
+res42.com: did not receive HSTS header
 reserve-online.net: did not receive HSTS header
 respice.xyz: could not connect to host
+revello.org: did not receive HSTS header
 reverie.pw: could not connect to host
 reviews.anime.my: max-age too low: 5184000
-revtut.net: did not receive HSTS header
+revtut.net: could not connect to host
 rewardstock.com: max-age too low: 0
+rhapsodhy.hu: could not connect to host
 rhdigital.pro: could not connect to host
-rhodri.io: could not connect to host
 riaucybersolution.net: did not receive HSTS header
+riccy.org: could not connect to host
 richiemail.net: did not receive HSTS header
+rid-wan.com: could not connect to host
 rideworks.com: did not receive HSTS header
 righttoknow.ie: did not receive HSTS header
 rigolitch.fr: did not receive HSTS header
-riiconnect24.net: could not connect to host
 rijndael.xyz: could not connect to host
 rika.me: could not connect to host
-rinobroer.nl: could not connect to host
+ring0.xyz: did not receive HSTS header
 rippleunion.com: could not connect to host
 rj.gg: could not connect to host
 rkmantpur.org: did not receive HSTS header
 rme.li: did not receive HSTS header
 roan24.pl: did not receive HSTS header
 robertglastra.com: could not connect to host
 rochman.id: could not connect to host
 rocksberg.net: did not receive HSTS header
 roddis.net: did not receive HSTS header
+rodney.id.au: could not connect to host
 rodosto.com: did not receive HSTS header
 roeper.party: could not connect to host
+rolandreed.cn: could not connect to host
+rolemaster.net: did not receive HSTS header
 romans-place.me.uk: did not receive HSTS header
 ronvandordt.info: did not receive HSTS header
 ronwo.de: max-age too low: 1
+room-checkin24.de: could not connect to host
 rootwpn.com: could not connect to host
-rop.io: could not connect to host
 roundtheme.com: did not receive HSTS header
 rout0r.org: did not receive HSTS header
+rouvray.org: could not connect to host
+royalhop.co: could not connect to host
+royalpub.net: could not connect to host
 rr.in.th: could not connect to host
+rrke.cc: did not receive HSTS header
+rsauget.fr: could not connect to host
 rsf.io: could not connect to host
+rsmaps.org: could not connect to host
 rubbereggs.ca: could not connect to host
 rubberfurs.org: max-age too low: 86400
 rubecodeberg.com: could not connect to host
+rubendv.be: could not connect to host
 rubenschulz.nl: did not receive HSTS header
 ruborr.se: did not receive HSTS header
 rubyshop.nl: max-age too low: 604800
 rudloff.pro: did not receive HSTS header
-rugirlfriend.com: did not receive HSTS header
+rugirlfriend.com: could not connect to host
+runawebinar.nl: did not receive HSTS header
 runementors.com: could not connect to host
 runtondev.com: did not receive HSTS header
+ruobiyi.com: did not receive HSTS header
 ruqu.nl: could not connect to host
 rusl.me: could not connect to host
 russmarshall.com: could not connect to host
+rutgerschimmel.nl: could not connect to host
 ruxit.com: did not receive HSTS header
 rw.search.yahoo.com: did not receive HSTS header
+rxbusiness.com: did not receive HSTS header
 rxprep.com: did not receive HSTS header
 rxv.cc: could not connect to host
-ryanhowell.io: did not receive HSTS header
+ryankearney.com: could not connect to host
+ryansmithphotography.com: did not receive HSTS header
 ryanteck.uk: did not receive HSTS header
-saamhorigheidsfonds.nl: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]"  nsresult: "0x80004005 (NS_ERROR_FAILURE)"  location: "JS frame :: /builds/slave/m-cen-l64-periodicupdate-00000/getHSTSPreloadList.js :: processStsHeader :: line 121"  data: no]
+sageth.com: max-age too low: 0
 sah3.net: could not connect to host
 sakaki.anime.my: max-age too low: 5184000
-sakaserver.com: could not connect to host
+sakaserver.com: did not receive HSTS header
 salesmachine.io: did not receive HSTS header
 salserocafe.com: did not receive HSTS header
 salserototal.com: did not receive HSTS header
 salud.top: did not receive HSTS header
-sampoznay.ru: max-age too low: 0
+samirnassar.com: max-age too low: 60
+sampoznay.ru: did not receive HSTS header
+samraskauskas.com: could not connect to host
 samsen.club: did not receive HSTS header
 sandviks.com: did not receive HSTS header
 sansemea.com: could not connect to host
-santing.net: could not connect to host
+saruwebshop.co.za: did not receive HSTS header
+satriyowibowo.my.id: could not connect to host
 saturngames.co.uk: could not connect to host
 saunasandstuff.ca: did not receive HSTS header
 saunasandstuff.com: did not receive HSTS header
 saveyour.biz: did not receive HSTS header
 sawamura-rental.com: did not receive HSTS header
 sb-group.dk: did not receive HSTS header
+sbirecruitment.co.in: could not connect to host
 sc4le.com: could not connect to host
-scandicom.fi: could not connect to host
+schallert.com: did not receive HSTS header
 schelberts.de: did not receive HSTS header
 schmitz.link: could not connect to host
 schnell-gold.com: could not connect to host
 schont.org: max-age too low: 315360
 schoop.me: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]"  nsresult: "0x80004005 (NS_ERROR_FAILURE)"  location: "JS frame :: /builds/slave/m-cen-l64-periodicupdate-00000/getHSTSPreloadList.js :: processStsHeader :: line 121"  data: no]
 schorel.ovh: did not receive HSTS header
-schreiber-netzwerk.eu: did not receive HSTS header
-schwinger.me: could not connect to host
+schreiber-netzwerk.eu: could not connect to host
+schrodinger.io: could not connect to host
 scienceathome.org: did not receive HSTS header
 scooshonline.co.uk: did not receive HSTS header
 scotbirchfield.com: did not receive HSTS header
 scrambl.is: could not connect to host
 scrambler.in: could not connect to host
+scrapings.net: could not connect to host
+screenresolution.space: could not connect to host
 scribe.systems: could not connect to host
+scrion.com: did not receive HSTS header
 script.google.com: did not receive HSTS header (error ignored - included regardless)
 sdsl-speedtest.de: could not connect to host
 secandtech.com: could not connect to host
+sectia22.ro: could not connect to host
 secure-games.us: could not connect to host
-secure-graphic.de: did not receive HSTS header
 secureradio.net: could not connect to host
-securesuisse.ch: did not receive HSTS header
+securesuisse.ch: could not connect to host
 security.google.com: did not receive HSTS header (error ignored - included regardless)
 securityinet.biz: did not receive HSTS header
 securityinet.net: did not receive HSTS header
 securityinet.org.il: did not receive HSTS header
-securityprimes.in: could not connect to host
+securitysoapbox.com: could not connect to host
 securiviera.ch: did not receive HSTS header
+seedbox.fr: did not receive HSTS header
+seele.ca: could not connect to host
+segulink.com: could not connect to host
 sehenderson.com: did not receive HSTS header
+seiko-dojo.com: could not connect to host
 selecadm.name: could not connect to host
-selfie-france.fr: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]"  nsresult: "0x80004005 (NS_ERROR_FAILURE)"  location: "JS frame :: /builds/slave/m-cen-l64-periodicupdate-00000/getHSTSPreloadList.js :: processStsHeader :: line 121"  data: no]
+selfcarecentral.com: did not receive HSTS header
+selfie-france.fr: could not connect to host
+selldorado.com: did not receive HSTS header
 sello.com: did not receive HSTS header
+sellocdn.com: could not connect to host
 semen3325.xyz: could not connect to host
 semenkovich.com: did not receive HSTS header
 semps-servers.de: could not connect to host
-semps-threema.de: did not receive HSTS header
-sendinvoice.nl: could not connect to host
+semps.de: did not receive HSTS header
+sendcat.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]"  nsresult: "0x80004005 (NS_ERROR_FAILURE)"  location: "JS frame :: /builds/slave/m-cen-l64-periodicupdate-00000/getHSTSPreloadList.js :: processStsHeader :: line 121"  data: no]
+senedirect.com: could not connect to host
 sensibus.com: did not receive HSTS header
+seo.consulting: did not receive HSTS header
 seomobo.com: could not connect to host
 seowarp.net: max-age too low: 1576800
-seq.tf: did not receive HSTS header
+seq.tf: could not connect to host
+serized.pw: could not connect to host
+servercode.ca: did not receive HSTS header
 serverdensity.io: did not receive HSTS header
-seryo.moe: could not connect to host
+servergno.me: did not receive HSTS header
+seryo.net: did not receive HSTS header
+setuid.io: did not receive HSTS header
+setuid0.kr: could not connect to host
+sexton.uk.com: did not receive HSTS header
+seyahatsagliksigortalari.com: could not connect to host
 shadoom.com: did not receive HSTS header
+shadowmorph.info: did not receive HSTS header
 shadowsworldonline.co.uk: could not connect to host
 shakespearesolutions.com.au: did not receive HSTS header
-shamka.ru: max-age too low: 1
-shanesage.com: did not receive HSTS header
+shanesage.com: could not connect to host
+shaobin.wang: could not connect to host
 shareimg.xyz: did not receive HSTS header
-shaunwheelhou.se: did not receive HSTS header
-shawnh.net: could not connect to host
+sharepass.pw: could not connect to host
+sharescope.co.uk: max-age too low: 14400
+shareworx.net: could not connect to host
+shauncrowley.co.uk: could not connect to host
+shaunwheelhou.se: could not connect to host
+shawnh.net: did not receive HSTS header
 shellsec.pw: did not receive HSTS header
-shenghaiautoparts.com: could not connect to host
 shibe.club: could not connect to host
 shiftins.com: did not receive HSTS header
 shiinko.com: could not connect to host
 shinju.moe: could not connect to host
+shiona.xyz: did not receive HSTS header
 shocksrv.com: did not receive HSTS header
+shooshosha.com: did not receive HSTS header
 shopontarget.com: did not receive HSTS header
 shoprose.ru: could not connect to host
 shops.neonisi.com: could not connect to host
 shortr.li: could not connect to host
 showkeeper.tv: did not receive HSTS header
 shukatsu-note.com: could not connect to host
 shv25.se: could not connect to host
 siammedia.co: did not receive HSTS header
 siddhant.me: could not connect to host
+siebens.net: could not connect to host
+sifls.com: could not connect to host
 silentcircle.org: could not connect to host
 silver-drachenkrieger.de: did not receive HSTS header
 silverhome.ninja: could not connect to host
 silverpvp.com: could not connect to host
-silvistefi.com: could not connect to host
+silverwind.io: did not receive HSTS header
 simbast.com: could not connect to host
+simod.org: could not connect to host
 simon.butcher.name: max-age too low: 2629743
-simonwessel.net: could not connect to host
 simplefraud.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]"  nsresult: "0x80004005 (NS_ERROR_FAILURE)"  location: "JS frame :: /builds/slave/m-cen-l64-periodicupdate-00000/getHSTSPreloadList.js :: processStsHeader :: line 121"  data: no]
 simplelearner.com: could not connect to host
+simplepractice.com: did not receive HSTS header
 simply-premium.com: did not receive HSTS header
+sincron.org: could not connect to host
+sinneserweiterung.de: could not connect to host
 siriad.com: did not receive HSTS header
+sistemy48.ru: did not receive HSTS header
 sites.google.com: did not receive HSTS header (error ignored - included regardless)
+sitesten.com: did not receive HSTS header
 sitsy.ru: did not receive HSTS header
+skalender.ch: did not receive HSTS header
 skhosting.eu: did not receive HSTS header
-skk.io: did not receive HSTS header
+skillseo.com: could not connect to host
+skk.io: could not connect to host
+skoda-clever-lead.de: could not connect to host
+skoda-im-dialog.de: could not connect to host
+skoda-service-team-cup.de: could not connect to host
 skullhouse.nyc: did not receive HSTS header
 skyoy.com: did not receive HSTS header
+slashdesign.it: did not receive HSTS header
 slashem.me: did not receive HSTS header
 slattery.co: could not connect to host
+sleep10.com: could not connect to host
 slicketl.com: did not receive HSTS header
 slightfuture.click: could not connect to host
+slix.io: could not connect to host
 slope.haus: could not connect to host
 slovakiana.sk: did not receive HSTS header
 sluitkampzeist.nl: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]"  nsresult: "0x80004005 (NS_ERROR_FAILURE)"  location: "JS frame :: /builds/slave/m-cen-l64-periodicupdate-00000/getHSTSPreloadList.js :: processStsHeader :: line 121"  data: no]
+slycurity.de: did not receive HSTS header
 smartcoin.com.br: could not connect to host
-smartlend.se: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]"  nsresult: "0x80004005 (NS_ERROR_FAILURE)"  location: "JS frame :: /builds/slave/m-cen-l64-periodicupdate-00000/getHSTSPreloadList.js :: processStsHeader :: line 121"  data: no]
 smartofficesandsmarthomes.com: did not receive HSTS header
 smatch.com: did not receive HSTS header
-smb445.com: could not connect to host
 smdev.fr: could not connect to host
 smet.us: could not connect to host
 smirkingwhorefromhighgarden.pro: could not connect to host
 smkn1lengkong.sch.id: did not receive HSTS header
+smksi2.com: did not receive HSTS header
+smoothics.com: could not connect to host
 smusg.com: did not receive HSTS header
 snailing.org: could not connect to host
 snapworks.net: did not receive HSTS header
-snelwerk.be: could not connect to host
+sneberger.cz: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]"  nsresult: "0x80004005 (NS_ERROR_FAILURE)"  location: "JS frame :: /builds/slave/m-cen-l64-periodicupdate-00000/getHSTSPreloadList.js :: processStsHeader :: line 121"  data: no]
+snelwerk.be: did not receive HSTS header
+snelxboxlivegold.nl: did not receive HSTS header
 snille.com: did not receive HSTS header
 snoqualmiefiber.org: did not receive HSTS header
+snoupon.com: did not receive HSTS header
 sobabox.ru: could not connect to host
 sobotkama.eu: did not receive HSTS header
 soccergif.com: could not connect to host
 soci.ml: did not receive HSTS header
+socialdevelop.biz: max-age too low: 0
+socialhead.io: could not connect to host
 socialspirit.com.br: did not receive HSTS header
 sockeye.cc: could not connect to host
 sockeye.io: did not receive HSTS header
 socomponents.co.uk: did not receive HSTS header
-sofabedshop.de: did not receive HSTS header
+solidfuelappliancespares.co.uk: did not receive HSTS header
 solinter.com.br: did not receive HSTS header
 solsystems.ru: could not connect to host
 someshit.xyz: could not connect to host
-sonic.sk: did not receive HSTS header
-soulema.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]"  nsresult: "0x80004005 (NS_ERROR_FAILURE)"  location: "JS frame :: /builds/slave/m-cen-l64-periodicupdate-00000/getHSTSPreloadList.js :: processStsHeader :: line 121"  data: no]
+somethingnew.xyz: did not receive HSTS header
+sotiran.com: did not receive HSTS header
+sotor.de: did not receive HSTS header
 soulfulglamour.uk: could not connect to host
 sourcelair.com: did not receive HSTS header
 southside-crew.club: could not connect to host
 souyar.de: could not connect to host
 souyar.net: could not connect to host
 souyar.us: could not connect to host
-souyidai.com: did not receive HSTS header
+sovereignshare.com: could not connect to host
 sown.dyndns.org: could not connect to host
+sp.rw: could not connect to host
+spacecompute.com: max-age too low: 0
 spacehq.org: max-age too low: 0
 spark.team: could not connect to host
 sparklingsparklers.com: did not receive HSTS header
-sparsa.army: could not connect to host
 spartantheatre.org: max-age too low: 172800
+spauted.com: could not connect to host
 spdysync.com: could not connect to host
 speed-mailer.com: could not connect to host
+speedcounter.net: did not receive HSTS header
 speedtest-russia.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]"  nsresult: "0x80004005 (NS_ERROR_FAILURE)"  location: "JS frame :: /builds/slave/m-cen-l64-periodicupdate-00000/getHSTSPreloadList.js :: processStsHeader :: line 121"  data: no]
 spencerbaer.com: did not receive HSTS header
-spicydog.tk: could not connect to host
-spillmaker.no: could not connect to host
+spiegels.nl: did not receive HSTS header
+spillmaker.no: did not receive HSTS header
 spongepowered.org: did not receive HSTS header
 sportwette.eu: did not receive HSTS header
+spot-events.com: could not connect to host
+spotlightsrule.ddns.net: could not connect to host
 spreadsheets.google.com: did not receive HSTS header (error ignored - included regardless)
-sprutech.de: could not connect to host
+spyroszarzonis.com: could not connect to host
 squatldf.org: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]"  nsresult: "0x80004005 (NS_ERROR_FAILURE)"  location: "JS frame :: /builds/slave/m-cen-l64-periodicupdate-00000/getHSTSPreloadList.js :: processStsHeader :: line 121"  data: no]
 sqzryang.com: max-age too low: 604800
-ssersay.com: could not connect to host
+srna.sk: max-age too low: 120
 ssl.panoramio.com: did not receive HSTS header
 ssl.rip: could not connect to host
-startupsort.com: could not connect to host
-stassi.ch: did not receive HSTS header
-staticanime.net: did not receive HSTS header
-sterlingtrader.com: did not receive HSTS header
+ssmato.me: could not connect to host
+stadjerspasonline.nl: could not connect to host
+standingmist.com: could not connect to host
+statecover.com.au: max-age too low: 0
+stateofexception.io: could not connect to host
+static.or.at: could not connect to host
+staticanime.net: could not connect to host
+stationnementdenuit.ca: did not receive HSTS header
+statuschecks.net: could not connect to host
+stefany.eu: could not connect to host
+stephanierxo.com: did not receive HSTS header
+stewartremodelingadvantage.com: could not connect to host
+sticklerjs.org: could not connect to host
+stig.io: did not receive HSTS header
+stigroom.com: could not connect to host
 stillyarts.com: did not receive HSTS header
+stirlingpoon.xyz: could not connect to host
+stmbgr.com: could not connect to host
 stn.me.uk: did not receive HSTS header
 stocktrade.de: could not connect to host
+stolkschepen.nl: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]"  nsresult: "0x80004005 (NS_ERROR_FAILURE)"  location: "JS frame :: /builds/slave/m-cen-l64-periodicupdate-00000/getHSTSPreloadList.js :: processStsHeader :: line 121"  data: no]
 stopwoodfin.org: could not connect to host
 storeden.com: did not receive HSTS header
+storefrontify.com: did not receive HSTS header
+stormhub.org: could not connect to host
 stqry.com: did not receive HSTS header
 str0.at: did not receive HSTS header
+strasweb.fr: did not receive HSTS header
 streamingmagazin.de: could not connect to host
 streams.dyndns.org: could not connect to host
+strictlysudo.com: could not connect to host
 stroeercrm.de: could not connect to host
-strom.family: could not connect to host
 strongest-privacy.com: could not connect to host
 stuartbaxter.co: could not connect to host
 student-scientist.org: did not receive HSTS header
+student.andover.edu: could not connect to host
 studentresearcher.org: did not receive HSTS header
 studentskydenik.cz: could not connect to host
 studenttravel.cz: did not receive HSTS header
 studydrive.net: did not receive HSTS header
+stugb.de: did not receive HSTS header
+stupus.com: max-age too low: 0
+stw-group.at: could not connect to host
 subbing.work: could not connect to host
+subdimension.org: could not connect to host
 sublevel.net: did not receive HSTS header
-subrosa.io: could not connect to host
-sudo.im: did not receive HSTS header
+sudo.im: could not connect to host
 sudo.li: did not receive HSTS header
 suite73.org: could not connect to host
+sumoscout.de: did not receive HSTS header
 suncountrymarine.com: did not receive HSTS header
-sunjaydhama.com: did not receive HSTS header
+sunjaydhama.com: could not connect to host
 sunshinepress.org: could not connect to host
 superiorfloridavacation.com: did not receive HSTS header
 supersalescontest.nl: did not receive HSTS header
+superwally.org: could not connect to host
 suprlink.net: could not connect to host
 surfeasy.com: did not receive HSTS header
+surveypirate.com: max-age too low: 0
+sushi101tempe.com: did not receive HSTS header
 suzukikenichi.com: did not receive HSTS header
 sv.search.yahoo.com: did not receive HSTS header
 svenluijten.com: did not receive HSTS header
+swimming.ca: did not receive HSTS header
 swmd5c.org: did not receive HSTS header
-sx3.no: could not connect to host
 sxbk.pw: could not connect to host
 syam.cc: could not connect to host
 sydgrabber.tk: could not connect to host
 synackr.com: could not connect to host
 syncer.jp: did not receive HSTS header
-synchtu.be: did not receive HSTS header
+syncserve.net: did not receive HSTS header
 syneic.com: did not receive HSTS header
 syno.gq: could not connect to host
+sysmike.de: could not connect to host
+syso.name: could not connect to host
+szaszm.tk: max-age too low: 0
 t.facebook.com: did not receive HSTS header
 tablet.facebook.com: did not receive HSTS header
 tafoma.com: did not receive HSTS header
 tageau.com: could not connect to host
 taglondon.org: did not receive HSTS header
-takuto.de: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]"  nsresult: "0x80004005 (NS_ERROR_FAILURE)"  location: "JS frame :: /builds/slave/m-cen-l64-periodicupdate-00000/getHSTSPreloadList.js :: processStsHeader :: line 121"  data: no]
+tails.com.ar: could not connect to host
 talk.google.com: did not receive HSTS header (error ignored - included regardless)
-talktome.com: did not receive HSTS header
+tallr.se: could not connect to host
 tallshoe.com: could not connect to host
 tandarts-haarlem.nl: did not receive HSTS header
+tannerfilip.org: could not connect to host
 tanzhijun.com: did not receive HSTS header
+tapfinder.ca: could not connect to host
 tapka.cz: did not receive HSTS header
-taranis.re: could not connect to host
 tarhauskielto.fi: did not receive HSTS header
+tartaros.fi: could not connect to host
+taskforce512.de: did not receive HSTS header
+taskstats.com: could not connect to host
 taskulu.ir: could not connect to host
+tasmansecurity.com: could not connect to host
+tastyyy.co: could not connect to host
 tauchkater.de: could not connect to host
+taxbench.com: could not connect to host
+tazemama.biz: did not receive HSTS header
 tazz.in: could not connect to host
-tbarter.com: could not connect to host
 tcao.info: could not connect to host
 tcl.ath.cx: did not receive HSTS header
+tcomms.org: max-age too low: 0
+teachforcanada.ca: did not receive HSTS header
 team3482.com: did not receive HSTS header
 techhub.ml: could not connect to host
 techllage.com: could not connect to host
 techloaner.com: could not connect to host
 techmatehq.com: could not connect to host
 techtalks.no: could not connect to host
-tedovo.com: did not receive HSTS header
 tegelsensanitaironline.nl: did not receive HSTS header
 tekshrek.com: max-age too low: 0
 tektoria.de: did not receive HSTS header
 temehu.com: did not receive HSTS header
+tendertool.nl: could not connect to host
+tenni.xyz: could not connect to host
+tensionup.com: could not connect to host
+terravirtua.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]"  nsresult: "0x80004005 (NS_ERROR_FAILURE)"  location: "JS frame :: /builds/slave/m-cen-l64-periodicupdate-00000/getHSTSPreloadList.js :: processStsHeader :: line 121"  data: no]
 terrax.berlin: could not connect to host
 terrax.info: could not connect to host
+terry.pub: did not receive HSTS header
 testandroid.xyz: could not connect to host
-testbawks.com: could not connect to host
+teunstuinposters.nl: did not receive HSTS header
+textoplano.xyz: could not connect to host
 textracer.dk: could not connect to host
+tgr.re: could not connect to host
 thai.land: could not connect to host
 the-sky-of-valkyries.com: could not connect to host
 theater.cf: could not connect to host
 thebrotherswarde.com: could not connect to host
 thecoffeehouse.xyz: could not connect to host
+theendofzion.com: did not receive HSTS header
+thefarbeyond.com: could not connect to host
 theflyingbear.net: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]"  nsresult: "0x80004005 (NS_ERROR_FAILURE)"  location: "JS frame :: /builds/slave/m-cen-l64-periodicupdate-00000/getHSTSPreloadList.js :: processStsHeader :: line 121"  data: no]
 thefootballanalyst.com: could not connect to host
 thehiddenbay.me: could not connect to host
 thehiddenbay.net: could not connect to host
-thehistory.me: did not receive HSTS header
-thehonorguard.org: could not connect to host
+thehistory.me: could not connect to host
 theinvisibletrailer.com: could not connect to host
-themarble.co: did not receive HSTS header
+thejserver.de: could not connect to host
 themerchandiser.net: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]"  nsresult: "0x80004005 (NS_ERROR_FAILURE)"  location: "JS frame :: /builds/slave/m-cen-l64-periodicupdate-00000/getHSTSPreloadList.js :: processStsHeader :: line 121"  data: no]
 themicrocapital.com: could not connect to host
 themillerslive.com: could not connect to host
+themoderate.xyz: could not connect to host
+theodorejones.info: did not receive HSTS header
+theojones.name: did not receive HSTS header
 thepartywarehouse.co.uk: did not receive HSTS header
 thepiratebay.al: could not connect to host
 therapyportal.com: did not receive HSTS header
 thetomharling.com: max-age too low: 86400
 theurbanyoga.com: did not receive HSTS header
-thevintagenews.com: max-age too low: 0
+thevintagenews.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]"  nsresult: "0x80004005 (NS_ERROR_FAILURE)"  location: "JS frame :: /builds/slave/m-cen-l64-periodicupdate-00000/getHSTSPreloadList.js :: processStsHeader :: line 121"  data: no]
 thezonders.com: did not receive HSTS header
+thierfreund.de: could not connect to host
 thijsalders.nl: did not receive HSTS header
 thinkindifferent.net: could not connect to host
+thirdpartytrade.com: did not receive HSTS header
 thirty5.net: did not receive HSTS header
+thorgames.nl: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]"  nsresult: "0x80004005 (NS_ERROR_FAILURE)"  location: "JS frame :: /builds/slave/m-cen-l64-periodicupdate-00000/getHSTSPreloadList.js :: processStsHeader :: line 121"  data: no]
 thorncreek.net: did not receive HSTS header
 thumbtack.com: did not receive HSTS header
-thundr.eu: could not connect to host
 tibbitshall.ca: did not receive HSTS header
 tickopa.co.uk: could not connect to host
+tickreport.com: did not receive HSTS header
 tictactux.de: could not connect to host
 tiensnet.com: did not receive HSTS header
+tikutiku.pl: max-age too low: 0
 timbeilby.com: could not connect to host
-time-river.xyz: did not receive HSTS header
+time-river.xyz: could not connect to host
 timestamp.io: did not receive HSTS header
-timetab.org: could not connect to host
 timotrans.de: did not receive HSTS header
 timotrans.eu: did not receive HSTS header
+timwittenberg.com: could not connect to host
 tinyvpn.net: could not connect to host
 tipsyk.ru: could not connect to host
 tirex.media: did not receive HSTS header
-tit.systems: did not receive HSTS header
-titouan.co: did not receive HSTS header
-tittelbach.at: could not connect to host
 titties.ml: could not connect to host
 tkarstens.de: could not connect to host
 tlo.hosting: could not connect to host
 tlo.network: could not connect to host
 tls.li: could not connect to host
 tm-solutions.eu: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]"  nsresult: "0x80004005 (NS_ERROR_FAILURE)"  location: "JS frame :: /builds/slave/m-cen-l64-periodicupdate-00000/getHSTSPreloadList.js :: processStsHeader :: line 121"  data: no]
-tmitchell.io: could not connect to host
 tmprod.com: did not receive HSTS header
+tncnanet.com.br: could not connect to host
 tnrsca.jp: did not receive HSTS header
 tobiasofficial.at: could not connect to host
 todobazar.es: could not connect to host
-tokotimbangandigitalmurah.web.id: did not receive HSTS header
+tokyopopline.com: did not receive HSTS header
 tollmanz.com: did not receive HSTS header
+tom.horse: did not receive HSTS header
 tomharling.co.uk: max-age too low: 86400
 tomharling.uk: max-age too low: 86400
+tommsy.com: did not receive HSTS header
 tonburi.jp: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]"  nsresult: "0x80004005 (NS_ERROR_FAILURE)"  location: "JS frame :: /builds/slave/m-cen-l64-periodicupdate-00000/getHSTSPreloadList.js :: processStsHeader :: line 121"  data: no]
-tooolroc.org: could not connect to host
+tonyfantjr.com: could not connect to host
+toomanypillows.com: could not connect to host
 topbargains.com.au: did not receive HSTS header
+topmarine.se: could not connect to host
+topnewstoday.org: could not connect to host
 topodin.com: did not receive HSTS header
 topshelfguild.com: could not connect to host
-tor2web.org: could not connect to host
+torahanytime.com: did not receive HSTS header
 tosecure.link: could not connect to host
 totem-eshop.cz: could not connect to host
-toucedo.de: could not connect to host
+toucedo.de: did not receive HSTS header
 tourpeer.com: did not receive HSTS header
+toverland-tickets.nl: did not receive HSTS header
 toxme.se: could not connect to host
-tpe-edu.com: did not receive HSTS header
-tppleague.me: could not connect to host
+tpbcdn.com: could not connect to host
+tpe-edu.com: could not connect to host
 track.plus: could not connect to host
 tracktivity.com.au: did not receive HSTS header
+tradeacademy.in: max-age too low: 0
 tradingcentre.com.au: did not receive HSTS header
 tradinghope.com: did not receive HSTS header
-traffixdevices.com: did not receive HSTS header
 translate.googleapis.com: did not receive HSTS header (error ignored - included regardless)
-translatoruk.co.uk: did not receive HSTS header
-transmithe.net: could not connect to host
 trendberry.ru: did not receive HSTS header
 trinityaffirmations.com: max-age too low: 0
 trinitycore.org: max-age too low: 2592000
 tripdelta.com: did not receive HSTS header
-trkpuls.tk: could not connect to host
-trollscave.xyz: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]"  nsresult: "0x80004005 (NS_ERROR_FAILURE)"  location: "JS frame :: /builds/slave/m-cen-l64-periodicupdate-00000/getHSTSPreloadList.js :: processStsHeader :: line 121"  data: no]
-trondelan.no: could not connect to host
+trustmeimfancy.com: could not connect to host
+truthmessages.pw: could not connect to host
 trybind.com: could not connect to host
 ts2.se: did not receive HSTS header
+tsaro.io: could not connect to host
 tsgoc.com: did not receive HSTS header
+tssouthernpower.com: max-age too low: 0
 tuingereedschappen.net: could not connect to host
 tuningblog.eu: did not receive HSTS header
 tuturulianda.com: could not connect to host
-tuxcloud.net: could not connect to host
+tuvalie.com: could not connect to host
 tv.search.yahoo.com: could not connect to host
-tvtubeflix.com: did not receive HSTS header
+tvtubeflix.com: could not connect to host
+tvz-materijali.com: could not connect to host
 twarog.cc: could not connect to host
+twinkseason.ca: could not connect to host
+twinkseason.co: could not connect to host
+twinkseason.co.uk: could not connect to host
+twinkseason.com: could not connect to host
+twinkseason.net: could not connect to host
+twinkseason.org: could not connect to host
+twinkseason.xyz: could not connect to host
 twist.party: could not connect to host
 twogo.com: did not receive HSTS header
 twolinepassbrewing.com: could not connect to host
 tx041cap.org: could not connect to host
 txclimbers.com: could not connect to host
+txf.pw: could not connect to host
+ty2u.com: did not receive HSTS header
 tylian.net: did not receive HSTS header
-typeblog.net: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]"  nsresult: "0x80004005 (NS_ERROR_FAILURE)"  location: "JS frame :: /builds/slave/m-cen-l64-periodicupdate-00000/getHSTSPreloadList.js :: processStsHeader :: line 121"  data: no]
+tyrelius.com: did not receive HSTS header
 tyroproducts.eu: did not receive HSTS header
+u-blox.com: did not receive HSTS header
 ua.search.yahoo.com: did not receive HSTS header
-uberfunction.com: did not receive HSTS header
 uberwald.ws: could not connect to host
+ubicloud.de: could not connect to host
+ublox.com: did not receive HSTS header
 ubuntuhot.com: did not receive HSTS header
 uega.net: did not receive HSTS header
 ukas.com: did not receive HSTS header
 ukrgadget.com: could not connect to host
 ulmo.dk: could not connect to host
 ultros.io: did not receive HSTS header
-umidev.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]"  nsresult: "0x80004005 (NS_ERROR_FAILURE)"  location: "JS frame :: /builds/slave/m-cen-l64-periodicupdate-00000/getHSTSPreloadList.js :: processStsHeader :: line 121"  data: no]
+umidev.com: could not connect to host
 umie.cc: did not receive HSTS header
 unapp.me: could not connect to host
 unbanthe.net: could not connect to host
+undernet.uy: did not receive HSTS header
+unfiltered.nyc: did not receive HSTS header
 uni-games.com: could not connect to host
+unison.com: could not connect to host
+university4industry.com: did not receive HSTS header
 universogay.com: did not receive HSTS header
 univz.com: could not connect to host
+unknownphenomena.net: could not connect to host
 unplugg3r.dk: could not connect to host
+unwiredbrain.com: could not connect to host
 uonstaffhub.com: could not connect to host
 uow.ninja: could not connect to host
-upay.ru: could not connect to host
+upani.net: did not receive HSTS header
+upldr.pw: could not connect to host
 uplinklabs.net: did not receive HSTS header
 uprotect.it: could not connect to host
 upstats.eu: could not connect to host
+upstox.com: max-age too low: 0
 urphp.com: could not connect to host
+urspringer.de: did not receive HSTS header
 us-immigration.com: did not receive HSTS header
+usaa.com: did not receive HSTS header
 uscitizenship.info: did not receive HSTS header
+userify.com: max-age too low: 0
 ustr.gov: max-age too low: 86400
-utdsgda.com: could not connect to host
+utleieplassen.no: could not connect to host
 utumno.ch: could not connect to host
 uy.search.yahoo.com: did not receive HSTS header
 uz.search.yahoo.com: did not receive HSTS header
 vaddder.com: could not connect to host
 valethound.com: could not connect to host
-valis.sx: did not receive HSTS header
+valis.sx: could not connect to host
 valkyrja.xyz: did not receive HSTS header
-vallis.net: did not receive HSTS header
+vallis.net: could not connect to host
 valmagus.com: could not connect to host
-vampirism.eu: could not connect to host
-vande-walle.eu: could not connect to host
+vanetv.com: could not connect to host
 vanitas.xyz: could not connect to host
-vapordepot.jp: did not receive HSTS header
-vasanth.org: did not receive HSTS header
+vanitynailworkz.com: could not connect to host
+vasanth.org: could not connect to host
 vbh2o.com: did not receive HSTS header
 vbulletin-russia.com: could not connect to host
 vbulletinrussia.com: could not connect to host
-vechkasov.ru: could not connect to host
-vemokin.net: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]"  nsresult: "0x80004005 (NS_ERROR_FAILURE)"  location: "JS frame :: /builds/slave/m-cen-l64-periodicupdate-00000/getHSTSPreloadList.js :: processStsHeader :: line 121"  data: no]
-vennet.fr: could not connect to host
-veriny.tf: did not receive HSTS header
+vcr.re: could not connect to host
+vdcomp.cz: could not connect to host
+vechkasov.ru: did not receive HSTS header
+vemokin.net: did not receive HSTS header
+verifikatorindonesia.com: could not connect to host
 vermontcareergateway.org: did not receive HSTS header
+versia.ru: did not receive HSTS header
+veryhax.de: could not connect to host
 vfree.org: could not connect to host
 vgatest.nl: could not connect to host
 vglimg.com: could not connect to host
 vhost.co.id: could not connect to host
-viciousviscosity.xyz: could not connect to host
 videnskabsklubben.dk: did not receive HSTS header
 videomuz.com: did not receive HSTS header
 vidz.ga: could not connect to host
-viennan.net: could not connect to host
+viktorsvantesson.net: did not receive HSTS header
+vintageheartcoffee.com: did not receive HSTS header
+vio.no: did not receive HSTS header
+viperdns.com: could not connect to host
 vissanum.com: did not receive HSTS header
 viva-french.com: did not receive HSTS header
-vivatv.com.tw: could not connect to host
+viviotech.net: max-age too low: 0
 vizeat.com: did not receive HSTS header
-vlora.city: did not receive HSTS header
 vm0.eu: did not receive HSTS header
 vmrdev.com: could not connect to host
+voceinveste.com: did not receive HSTS header
 voicesuk.co.uk: did not receive HSTS header
 volcrado.com: could not connect to host
-voliere-info.nl: could not connect to host
+voliere-info.nl: did not receive HSTS header
 vortexhobbies.com: did not receive HSTS header
 votocek.cz: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]"  nsresult: "0x80004005 (NS_ERROR_FAILURE)"  location: "JS frame :: /builds/slave/m-cen-l64-periodicupdate-00000/getHSTSPreloadList.js :: processStsHeader :: line 121"  data: no]
 votockova.cz: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]"  nsresult: "0x80004005 (NS_ERROR_FAILURE)"  location: "JS frame :: /builds/slave/m-cen-l64-periodicupdate-00000/getHSTSPreloadList.js :: processStsHeader :: line 121"  data: no]
-vox.vg: max-age too low: 0
-vpn-byen.dk: max-age too low: 2592000
-vpnzoom.com: could not connect to host
-vux.li: max-age too low: 0
+vox.vg: did not receive HSTS header
+vpn-byen.dk: did not receive HSTS header
+vratny.space: could not connect to host
 vvl.me: did not receive HSTS header
 vyncke.org: max-age too low: 2678400
 vzk.io: could not connect to host
-vztekloun.cz: could not connect to host
-w4a.fr: did not receive HSTS header
-wallingford.cc: could not connect to host
+w4a.fr: max-age too low: 0
+w4xzr.top: could not connect to host
+w4xzr.xyz: could not connect to host
 wanban.io: could not connect to host
 wangqiliang.xn--fiqs8s: did not receive HSTS header
+wangql.cn: could not connect to host
+wangql.net: could not connect to host
 wapjt.cn: could not connect to host
-warandpeace.xyz: did not receive HSTS header
-warhistoryonline.com: max-age too low: 0
+warandpeace.xyz: could not connect to host
+warhistoryonline.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]"  nsresult: "0x80004005 (NS_ERROR_FAILURE)"  location: "JS frame :: /builds/slave/m-cen-l64-periodicupdate-00000/getHSTSPreloadList.js :: processStsHeader :: line 121"  data: no]
+warped.com: max-age too low: 0
+warsentech.com: could not connect to host
 wassim.is: could not connect to host
-watertrails.io: could not connect to host
+watchium.com: did not receive HSTS header
+watchweasel.com: did not receive HSTS header
 watsonhall.uk: could not connect to host
+wave.is: could not connect to host
 wealthfactory.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]"  nsresult: "0x80004005 (NS_ERROR_FAILURE)"  location: "JS frame :: /builds/slave/m-cen-l64-periodicupdate-00000/getHSTSPreloadList.js :: processStsHeader :: line 121"  data: no]
-web4all.fr: did not receive HSTS header
+wear2work.nl: did not receive HSTS header
+weaverhairextensions.nl: could not connect to host
+web4all.fr: max-age too low: 0
 web4pro.fr: could not connect to host
 webassadors.com: could not connect to host
-weberjulia.com: [Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE) [nsISiteSecurityService.processHeader]"  nsresult: "0x80004005 (NS_ERROR_FAILURE)"  location: "JS frame :: /builds/slave/m-cen-l64-periodicupdate-00000/getHSTSPreloadList.js :: processStsHeader :: line 121"  data: no]
+webdesign-kronberg.de: did not receive HSTS header
+webdosh.com: could not connect to host
+weberjulia.com: could not connect to host
 webhosting4.net: did not receive HSTS header
 webm.to: could not connect to host
 webmail.mayfirst.org: did not receive HSTS header
-webmail.xalqbank.az: max-age too low: 0
+webmaniabr.com: did not receive HSTS header
+webmarketingfestival.it: did not receive HSTS header
+webnosql.com: could not connect to host
 webperformance.ru: max-age too low: 3600