API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Oct 7th, 2013
1,222
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 43.70 KB | None | 0 0
raw download clone embed print report
  1. // Copyright (c) 2012 The Chromium Authors. All rights reserved.
  2. // Use of this source code is governed by a BSD-style license that can be
  3. // found in the LICENSE file.
  4.  
  5. // This file contains the HSTS preloaded list in a machine readable format.
  6.  
  7. // The top-level element is a dictionary with two keys: "pinsets" maps details
  8. // of certificate pinning to a name and "entries" contains the HSTS details for
  9. // each host.
  10. //
  11. // "pinsets" is a list of objects. Each object has the following members:
  12. // name: (string) the name of the pinset
  13. // static_spki_hashes: (list of strings) the set of allowed SPKIs hashes
  14. // bad_static_spki_hashes: (optional list of strings) the set of forbidden SPKIs hashes
  15. //
  16. // For a given pinset, a certifiacte is accepted if at least one of the
  17. // "static_spki_hashes" SPKIs is found in the chain and none of the "bad_static_spki_hashes" SPKIs are.
  18. // SPKIs are specified as names, which must match up with the file of
  19. // certificates.
  20. //
  21. // "entries" is a list of objects. Each object has the following members:
  22. // name: (string) the DNS name of the host in question
  23. // include_subdomains: (optional bool) whether subdomains of |name| are also covered
  24. // mode: (optional string) "force-https" iff covered names should require HTTPS
  25. // pins: (optional string) the |name| member of an object in |pinsets|
  26. // snionly: (optional bool) if true then this entry is only enforced if TLS is
  27. // enabled because the site in question only serves the correct
  28. // certificate if SNI is sent. Note that this only covers the case where
  29. // TLS has been disabled by explicit configuration. If TLS was disabled
  30. // because of SSLv3 fallback, then the entry is still in force and a
  31. // fatal certificate error will result. Spurious certificate errors are
  32. // an unfortunate result of SSLv3 fallback.
  33.  
  34. {
  35. "pinsets": [
  36. {
  37. "name": "test",
  38. "static_spki_hashes": [
  39. "TestSPKI"
  40. ]
  41. },
  42. {
  43. "name": "google",
  44. "static_spki_hashes": [
  45. "VeriSignClass3",
  46. "VeriSignClass3_G3",
  47. "Google1024",
  48. "Google2048",
  49. "GoogleBackup1024",
  50. "GoogleBackup2048",
  51. "GoogleG2",
  52. "EquifaxSecureCA",
  53. "GeoTrustGlobal"
  54. ],
  55. "bad_static_spki_hashes": [
  56. "Aetna",
  57. "Intel",
  58. "TCTrustCenter",
  59. "Vodafone",
  60. "ThawteSGCCA",
  61. "VeriSignClass3SSPIntermediateCA"
  62. ]
  63. },
  64. {
  65. "name": "tor",
  66. "static_spki_hashes": [
  67. "RapidSSL",
  68. "DigiCertEVRoot",
  69. "Tor1",
  70. "Tor2",
  71. "Tor3"
  72. ]
  73. },
  74. {
  75. "name": "twitterCom",
  76. "static_spki_hashes": [
  77. "VeriSignClass1",
  78. "VeriSignClass3",
  79. "VeriSignClass3_G4",
  80. "VeriSignClass4_G3",
  81. "VeriSignClass3_G3",
  82. "VeriSignClass1_G3",
  83. "VeriSignClass2_G3",
  84. "VeriSignClass3_G2",
  85. "VeriSignClass2_G2",
  86. "VeriSignClass3_G5",
  87. "VeriSignUniversal",
  88. "GeoTrustGlobal",
  89. "GeoTrustGlobal2",
  90. "GeoTrustUniversal",
  91. "GeoTrustUniversal2",
  92. "GeoTrustPrimary",
  93. "GeoTrustPrimary_G2",
  94. "GeoTrustPrimary_G3",
  95. "DigiCertGlobalRoot",
  96. "DigiCertEVRoot",
  97. "DigiCertAssuredIDRoot",
  98. "Twitter1"
  99. ]
  100. },
  101. {
  102. "name": "twitterCDN",
  103. "static_spki_hashes": [
  104. "VeriSignClass1",
  105. "VeriSignClass3",
  106. "VeriSignClass3_G4",
  107. "VeriSignClass4_G3",
  108. "VeriSignClass3_G3",
  109. "VeriSignClass1_G3",
  110. "VeriSignClass2_G3",
  111. "VeriSignClass3_G2",
  112. "VeriSignClass2_G2",
  113. "VeriSignClass3_G5",
  114. "VeriSignUniversal",
  115. "GeoTrustGlobal",
  116. "GeoTrustGlobal2",
  117. "GeoTrustUniversal",
  118. "GeoTrustUniversal2",
  119. "GeoTrustPrimary",
  120. "GeoTrustPrimary_G2",
  121. "GeoTrustPrimary_G3",
  122. "DigiCertGlobalRoot",
  123. "DigiCertEVRoot",
  124. "DigiCertAssuredIDRoot",
  125. "Twitter1",
  126.  
  127. "Entrust_2048",
  128. "Entrust_EV",
  129. "Entrust_G2",
  130. "Entrust_SSL",
  131. "AAACertificateServices",
  132. "AddTrustClass1CARoot",
  133. "AddTrustExternalCARoot",
  134. "AddTrustPublicCARoot",
  135. "AddTrustQualifiedCARoot",
  136. "COMODOCertificationAuthority",
  137. "SecureCertificateServices",
  138. "TrustedCertificateServices",
  139. "UTNDATACorpSGC",
  140. "UTNUSERFirstClientAuthenticationandEmail",
  141. "UTNUSERFirstHardware",
  142. "UTNUSERFirstObject",
  143. "GTECyberTrustGlobalRoot"
  144. ]
  145. },
  146. {
  147. "name": "tor2web",
  148. "static_spki_hashes": [
  149. "AlphaSSL_G2",
  150. "Tor2web"
  151. ]
  152. },
  153. {
  154. "name": "cryptoCat",
  155. "static_spki_hashes": [
  156. "DigiCertEVRoot",
  157. "CryptoCat1"
  158. ]
  159. }
  160. ],
  161.  
  162. "entries": [
  163. // Dummy entry to test certificate pinning.
  164. { "name": "pinningtest.appspot.com", "include_subdomains": true, "pins": "test" },
  165.  
  166. // (*.)google.com, iff using SSL, must use an acceptable certificate.
  167. { "name": "google.com", "include_subdomains": true, "pins": "google" },
  168.  
  169. // Now we force HTTPS for subtrees of google.com.
  170. { "name": "wallet.google.com", "include_subdomains": true, "mode": "force-https", "pins": "google" },
  171. { "name": "checkout.google.com", "include_subdomains": true, "mode": "force-https", "pins": "google" },
  172. { "name": "chrome.google.com", "include_subdomains": true, "mode": "force-https", "pins": "google" },
  173. { "name": "docs.google.com", "include_subdomains": true, "mode": "force-https", "pins": "google" },
  174. { "name": "sites.google.com", "include_subdomains": true, "mode": "force-https", "pins": "google" },
  175. { "name": "spreadsheets.google.com", "include_subdomains": true, "mode": "force-https", "pins": "google" },
  176. { "name": "appengine.google.com", "mode": "force-https", "pins": "google" },
  177. { "name": "encrypted.google.com", "include_subdomains": true, "mode": "force-https", "pins": "google" },
  178. { "name": "accounts.google.com", "include_subdomains": true, "mode": "force-https", "pins": "google" },
  179. { "name": "profiles.google.com", "include_subdomains": true, "mode": "force-https", "pins": "google" },
  180. { "name": "mail.google.com", "include_subdomains": true, "mode": "force-https", "pins": "google" },
  181. { "name": "talkgadget.google.com", "include_subdomains": true, "mode": "force-https", "pins": "google" },
  182. { "name": "talk.google.com", "include_subdomains": true, "mode": "force-https", "pins": "google" },
  183. { "name": "hostedtalkgadget.google.com", "include_subdomains": true, "mode": "force-https", "pins": "google" },
  184. { "name": "plus.google.com", "include_subdomains": true, "mode": "force-https", "pins": "google" },
  185. { "name": "plus.sandbox.google.com", "include_subdomains": true, "mode": "force-https", "pins": "google" },
  186. { "name": "script.google.com", "include_subdomains": true, "mode": "force-https", "pins": "google" },
  187. { "name": "history.google.com", "include_subdomains": true, "mode": "force-https", "pins": "google" },
  188. { "name": "security.google.com", "include_subdomains": true, "mode": "force-https", "pins": "google" },
  189. { "name": "translate.google.com", "include_subdomains": true, "mode": "force-https", "pins": "google" },
  190.  
  191. // Other Google-related domains that must use HTTPS.
  192. { "name": "market.android.com", "include_subdomains": true, "mode": "force-https", "pins": "google" },
  193. { "name": "ssl.google-analytics.com", "include_subdomains": true, "mode": "force-https", "pins": "google" },
  194. { "name": "drive.google.com", "include_subdomains": true, "mode": "force-https", "pins": "google" },
  195. { "name": "googleplex.com", "include_subdomains": true, "mode": "force-https", "pins": "google" },
  196. { "name": "groups.google.com", "include_subdomains": true, "mode": "force-https", "pins": "google" },
  197. { "name": "apis.google.com", "include_subdomains": true, "mode": "force-https", "pins": "google" },
  198. { "name": "chromiumcodereview.appspot.com", "include_subdomains": true, "mode": "force-https", "pins": "google" },
  199. { "name": "chrome-devtools-frontend.appspot.com", "include_subdomains": true, "mode": "force-https", "pins": "google" },
  200. { "name": "codereview.appspot.com", "include_subdomains": true, "mode": "force-https", "pins": "google" },
  201. { "name": "codereview.chromium.org", "include_subdomains": true, "mode": "force-https", "pins": "google" },
  202. { "name": "code.google.com", "include_subdomains": true, "mode": "force-https", "pins": "google" },
  203. { "name": "googlecode.com", "include_subdomains": true, "pins": "google" },
  204. { "name": "dl.google.com", "include_subdomains": true, "mode": "force-https", "pins": "google" },
  205. { "name": "translate.googleapis.com", "include_subdomains": true, "mode": "force-https", "pins": "google" },
  206.  
  207. // chart.apis.google.com is *not* HSTS because the certificate doesn't match
  208. // and there are lots of links out there that still use the name. The correct
  209. // hostname for this is chart.googleapis.com.
  210. { "name": "chart.apis.google.com", "include_subdomains": true, "pins": "google" },
  211. { "name": "oraprodsso.corp.google.com", "include_subdomains": true, "mode": "force-https" },
  212.  
  213. // Other Google-related domains that must use an acceptable certificate
  214. // iff using SSL.
  215. { "name": "ytimg.com", "include_subdomains": true, "pins": "google" },
  216. { "name": "googleusercontent.com", "include_subdomains": true, "pins": "google" },
  217. { "name": "youtube.com", "include_subdomains": true, "pins": "google" },
  218. { "name": "googleapis.com", "include_subdomains": true, "pins": "google" },
  219. { "name": "googleadservices.com", "include_subdomains": true, "pins": "google" },
  220. { "name": "appspot.com", "include_subdomains": true, "pins": "google" },
  221. { "name": "googlesyndication.com", "include_subdomains": true, "pins": "google" },
  222. { "name": "doubleclick.net", "include_subdomains": true, "pins": "google" },
  223. { "name": "ssl.gstatic.com", "include_subdomains": true, "pins": "google" },
  224. { "name": "youtu.be", "include_subdomains": true, "pins": "google" },
  225. { "name": "android.com", "include_subdomains": true, "pins": "google" },
  226. { "name": "googlecommerce.com", "include_subdomains": true, "pins": "google" },
  227. { "name": "urchin.com", "include_subdomains": true, "pins": "google" },
  228. { "name": "goo.gl", "include_subdomains": true, "pins": "google" },
  229. { "name": "g.co", "include_subdomains": true, "pins": "google" },
  230. { "name": "google.ac", "include_subdomains": true, "pins": "google" },
  231. { "name": "google.ad", "include_subdomains": true, "pins": "google" },
  232. { "name": "google.ae", "include_subdomains": true, "pins": "google" },
  233. { "name": "google.af", "include_subdomains": true, "pins": "google" },
  234. { "name": "google.ag", "include_subdomains": true, "pins": "google" },
  235. { "name": "google.am", "include_subdomains": true, "pins": "google" },
  236. { "name": "google.as", "include_subdomains": true, "pins": "google" },
  237. { "name": "google.at", "include_subdomains": true, "pins": "google" },
  238. { "name": "google.az", "include_subdomains": true, "pins": "google" },
  239. { "name": "google.ba", "include_subdomains": true, "pins": "google" },
  240. { "name": "google.be", "include_subdomains": true, "pins": "google" },
  241. { "name": "google.bf", "include_subdomains": true, "pins": "google" },
  242. { "name": "google.bg", "include_subdomains": true, "pins": "google" },
  243. { "name": "google.bi", "include_subdomains": true, "pins": "google" },
  244. { "name": "google.bj", "include_subdomains": true, "pins": "google" },
  245. { "name": "google.bs", "include_subdomains": true, "pins": "google" },
  246. { "name": "google.by", "include_subdomains": true, "pins": "google" },
  247. { "name": "google.ca", "include_subdomains": true, "pins": "google" },
  248. { "name": "google.cat", "include_subdomains": true, "pins": "google" },
  249. { "name": "google.cc", "include_subdomains": true, "pins": "google" },
  250. { "name": "google.cd", "include_subdomains": true, "pins": "google" },
  251. { "name": "google.cf", "include_subdomains": true, "pins": "google" },
  252. { "name": "google.cg", "include_subdomains": true, "pins": "google" },
  253. { "name": "google.ch", "include_subdomains": true, "pins": "google" },
  254. { "name": "google.ci", "include_subdomains": true, "pins": "google" },
  255. { "name": "google.cl", "include_subdomains": true, "pins": "google" },
  256. { "name": "google.cm", "include_subdomains": true, "pins": "google" },
  257. { "name": "google.cn", "include_subdomains": true, "pins": "google" },
  258. { "name": "google.co.ao", "include_subdomains": true, "pins": "google" },
  259. { "name": "google.co.bw", "include_subdomains": true, "pins": "google" },
  260. { "name": "google.co.ck", "include_subdomains": true, "pins": "google" },
  261. { "name": "google.co.cr", "include_subdomains": true, "pins": "google" },
  262. { "name": "google.co.hu", "include_subdomains": true, "pins": "google" },
  263. { "name": "google.co.id", "include_subdomains": true, "pins": "google" },
  264. { "name": "google.co.il", "include_subdomains": true, "pins": "google" },
  265. { "name": "google.co.im", "include_subdomains": true, "pins": "google" },
  266. { "name": "google.co.in", "include_subdomains": true, "pins": "google" },
  267. { "name": "google.co.je", "include_subdomains": true, "pins": "google" },
  268. { "name": "google.co.jp", "include_subdomains": true, "pins": "google" },
  269. { "name": "google.co.ke", "include_subdomains": true, "pins": "google" },
  270. { "name": "google.co.kr", "include_subdomains": true, "pins": "google" },
  271. { "name": "google.co.ls", "include_subdomains": true, "pins": "google" },
  272. { "name": "google.co.ma", "include_subdomains": true, "pins": "google" },
  273. { "name": "google.co.mz", "include_subdomains": true, "pins": "google" },
  274. { "name": "google.co.nz", "include_subdomains": true, "pins": "google" },
  275. { "name": "google.co.th", "include_subdomains": true, "pins": "google" },
  276. { "name": "google.co.tz", "include_subdomains": true, "pins": "google" },
  277. { "name": "google.co.ug", "include_subdomains": true, "pins": "google" },
  278. { "name": "google.co.uk", "include_subdomains": true, "pins": "google" },
  279. { "name": "google.co.uz", "include_subdomains": true, "pins": "google" },
  280. { "name": "google.co.ve", "include_subdomains": true, "pins": "google" },
  281. { "name": "google.co.vi", "include_subdomains": true, "pins": "google" },
  282. { "name": "google.co.za", "include_subdomains": true, "pins": "google" },
  283. { "name": "google.co.zm", "include_subdomains": true, "pins": "google" },
  284. { "name": "google.co.zw", "include_subdomains": true, "pins": "google" },
  285. { "name": "google.com.af", "include_subdomains": true, "pins": "google" },
  286. { "name": "google.com.ag", "include_subdomains": true, "pins": "google" },
  287. { "name": "google.com.ai", "include_subdomains": true, "pins": "google" },
  288. { "name": "google.com.ar", "include_subdomains": true, "pins": "google" },
  289. { "name": "google.com.au", "include_subdomains": true, "pins": "google" },
  290. { "name": "google.com.bd", "include_subdomains": true, "pins": "google" },
  291. { "name": "google.com.bh", "include_subdomains": true, "pins": "google" },
  292. { "name": "google.com.bn", "include_subdomains": true, "pins": "google" },
  293. { "name": "google.com.bo", "include_subdomains": true, "pins": "google" },
  294. { "name": "google.com.br", "include_subdomains": true, "pins": "google" },
  295. { "name": "google.com.by", "include_subdomains": true, "pins": "google" },
  296. { "name": "google.com.bz", "include_subdomains": true, "pins": "google" },
  297. { "name": "google.com.cn", "include_subdomains": true, "pins": "google" },
  298. { "name": "google.com.co", "include_subdomains": true, "pins": "google" },
  299. { "name": "google.com.cu", "include_subdomains": true, "pins": "google" },
  300. { "name": "google.com.cy", "include_subdomains": true, "pins": "google" },
  301. { "name": "google.com.do", "include_subdomains": true, "pins": "google" },
  302. { "name": "google.com.ec", "include_subdomains": true, "pins": "google" },
  303. { "name": "google.com.eg", "include_subdomains": true, "pins": "google" },
  304. { "name": "google.com.et", "include_subdomains": true, "pins": "google" },
  305. { "name": "google.com.fj", "include_subdomains": true, "pins": "google" },
  306. { "name": "google.com.ge", "include_subdomains": true, "pins": "google" },
  307. { "name": "google.com.gh", "include_subdomains": true, "pins": "google" },
  308. { "name": "google.com.gi", "include_subdomains": true, "pins": "google" },
  309. { "name": "google.com.gr", "include_subdomains": true, "pins": "google" },
  310. { "name": "google.com.gt", "include_subdomains": true, "pins": "google" },
  311. { "name": "google.com.hk", "include_subdomains": true, "pins": "google" },
  312. { "name": "google.com.iq", "include_subdomains": true, "pins": "google" },
  313. { "name": "google.com.jm", "include_subdomains": true, "pins": "google" },
  314. { "name": "google.com.jo", "include_subdomains": true, "pins": "google" },
  315. { "name": "google.com.kh", "include_subdomains": true, "pins": "google" },
  316. { "name": "google.com.kw", "include_subdomains": true, "pins": "google" },
  317. { "name": "google.com.lb", "include_subdomains": true, "pins": "google" },
  318. { "name": "google.com.ly", "include_subdomains": true, "pins": "google" },
  319. { "name": "google.com.mt", "include_subdomains": true, "pins": "google" },
  320. { "name": "google.com.mx", "include_subdomains": true, "pins": "google" },
  321. { "name": "google.com.my", "include_subdomains": true, "pins": "google" },
  322. { "name": "google.com.na", "include_subdomains": true, "pins": "google" },
  323. { "name": "google.com.nf", "include_subdomains": true, "pins": "google" },
  324. { "name": "google.com.ng", "include_subdomains": true, "pins": "google" },
  325. { "name": "google.com.ni", "include_subdomains": true, "pins": "google" },
  326. { "name": "google.com.np", "include_subdomains": true, "pins": "google" },
  327. { "name": "google.com.nr", "include_subdomains": true, "pins": "google" },
  328. { "name": "google.com.om", "include_subdomains": true, "pins": "google" },
  329. { "name": "google.com.pa", "include_subdomains": true, "pins": "google" },
  330. { "name": "google.com.pe", "include_subdomains": true, "pins": "google" },
  331. { "name": "google.com.ph", "include_subdomains": true, "pins": "google" },
  332. { "name": "google.com.pk", "include_subdomains": true, "pins": "google" },
  333. { "name": "google.com.pl", "include_subdomains": true, "pins": "google" },
  334. { "name": "google.com.pr", "include_subdomains": true, "pins": "google" },
  335. { "name": "google.com.py", "include_subdomains": true, "pins": "google" },
  336. { "name": "google.com.qa", "include_subdomains": true, "pins": "google" },
  337. { "name": "google.com.ru", "include_subdomains": true, "pins": "google" },
  338. { "name": "google.com.sa", "include_subdomains": true, "pins": "google" },
  339. { "name": "google.com.sb", "include_subdomains": true, "pins": "google" },
  340. { "name": "google.com.sg", "include_subdomains": true, "pins": "google" },
  341. { "name": "google.com.sl", "include_subdomains": true, "pins": "google" },
  342. { "name": "google.com.sv", "include_subdomains": true, "pins": "google" },
  343. { "name": "google.com.tj", "include_subdomains": true, "pins": "google" },
  344. { "name": "google.com.tn", "include_subdomains": true, "pins": "google" },
  345. { "name": "google.com.tr", "include_subdomains": true, "pins": "google" },
  346. { "name": "google.com.tw", "include_subdomains": true, "pins": "google" },
  347. { "name": "google.com.ua", "include_subdomains": true, "pins": "google" },
  348. { "name": "google.com.uy", "include_subdomains": true, "pins": "google" },
  349. { "name": "google.com.vc", "include_subdomains": true, "pins": "google" },
  350. { "name": "google.com.ve", "include_subdomains": true, "pins": "google" },
  351. { "name": "google.com.vn", "include_subdomains": true, "pins": "google" },
  352. { "name": "google.cv", "include_subdomains": true, "pins": "google" },
  353. { "name": "google.cz", "include_subdomains": true, "pins": "google" },
  354. { "name": "google.de", "include_subdomains": true, "pins": "google" },
  355. { "name": "google.dj", "include_subdomains": true, "pins": "google" },
  356. { "name": "google.dk", "include_subdomains": true, "pins": "google" },
  357. { "name": "google.dm", "include_subdomains": true, "pins": "google" },
  358. { "name": "google.dz", "include_subdomains": true, "pins": "google" },
  359. { "name": "google.ee", "include_subdomains": true, "pins": "google" },
  360. { "name": "google.es", "include_subdomains": true, "pins": "google" },
  361. { "name": "google.fi", "include_subdomains": true, "pins": "google" },
  362. { "name": "google.fm", "include_subdomains": true, "pins": "google" },
  363. { "name": "google.fr", "include_subdomains": true, "pins": "google" },
  364. { "name": "google.ga", "include_subdomains": true, "pins": "google" },
  365. { "name": "google.ge", "include_subdomains": true, "pins": "google" },
  366. { "name": "google.gg", "include_subdomains": true, "pins": "google" },
  367. { "name": "google.gl", "include_subdomains": true, "pins": "google" },
  368. { "name": "google.gm", "include_subdomains": true, "pins": "google" },
  369. { "name": "google.gp", "include_subdomains": true, "pins": "google" },
  370. { "name": "google.gr", "include_subdomains": true, "pins": "google" },
  371. { "name": "google.gy", "include_subdomains": true, "pins": "google" },
  372. { "name": "google.hk", "include_subdomains": true, "pins": "google" },
  373. { "name": "google.hn", "include_subdomains": true, "pins": "google" },
  374. { "name": "google.hr", "include_subdomains": true, "pins": "google" },
  375. { "name": "google.ht", "include_subdomains": true, "pins": "google" },
  376. { "name": "google.hu", "include_subdomains": true, "pins": "google" },
  377. { "name": "google.ie", "include_subdomains": true, "pins": "google" },
  378. { "name": "google.im", "include_subdomains": true, "pins": "google" },
  379. { "name": "google.info", "include_subdomains": true, "pins": "google" },
  380. { "name": "google.iq", "include_subdomains": true, "pins": "google" },
  381. { "name": "google.is", "include_subdomains": true, "pins": "google" },
  382. { "name": "google.it", "include_subdomains": true, "pins": "google" },
  383. { "name": "google.it.ao", "include_subdomains": true, "pins": "google" },
  384. { "name": "google.je", "include_subdomains": true, "pins": "google" },
  385. { "name": "google.jo", "include_subdomains": true, "pins": "google" },
  386. { "name": "google.jobs", "include_subdomains": true, "pins": "google" },
  387. { "name": "google.jp", "include_subdomains": true, "pins": "google" },
  388. { "name": "google.kg", "include_subdomains": true, "pins": "google" },
  389. { "name": "google.ki", "include_subdomains": true, "pins": "google" },
  390. { "name": "google.kz", "include_subdomains": true, "pins": "google" },
  391. { "name": "google.la", "include_subdomains": true, "pins": "google" },
  392. { "name": "google.li", "include_subdomains": true, "pins": "google" },
  393. { "name": "google.lk", "include_subdomains": true, "pins": "google" },
  394. { "name": "google.lt", "include_subdomains": true, "pins": "google" },
  395. { "name": "google.lu", "include_subdomains": true, "pins": "google" },
  396. { "name": "google.lv", "include_subdomains": true, "pins": "google" },
  397. { "name": "google.md", "include_subdomains": true, "pins": "google" },
  398. { "name": "google.me", "include_subdomains": true, "pins": "google" },
  399. { "name": "google.mg", "include_subdomains": true, "pins": "google" },
  400. { "name": "google.mk", "include_subdomains": true, "pins": "google" },
  401. { "name": "google.ml", "include_subdomains": true, "pins": "google" },
  402. { "name": "google.mn", "include_subdomains": true, "pins": "google" },
  403. { "name": "google.ms", "include_subdomains": true, "pins": "google" },
  404. { "name": "google.mu", "include_subdomains": true, "pins": "google" },
  405. { "name": "google.mv", "include_subdomains": true, "pins": "google" },
  406. { "name": "google.mw", "include_subdomains": true, "pins": "google" },
  407. { "name": "google.ne", "include_subdomains": true, "pins": "google" },
  408. { "name": "google.ne.jp", "include_subdomains": true, "pins": "google" },
  409. { "name": "google.net", "include_subdomains": true, "pins": "google" },
  410. { "name": "google.nl", "include_subdomains": true, "pins": "google" },
  411. { "name": "google.no", "include_subdomains": true, "pins": "google" },
  412. { "name": "google.nr", "include_subdomains": true, "pins": "google" },
  413. { "name": "google.nu", "include_subdomains": true, "pins": "google" },
  414. { "name": "google.off.ai", "include_subdomains": true, "pins": "google" },
  415. { "name": "google.pk", "include_subdomains": true, "pins": "google" },
  416. { "name": "google.pl", "include_subdomains": true, "pins": "google" },
  417. { "name": "google.pn", "include_subdomains": true, "pins": "google" },
  418. { "name": "google.ps", "include_subdomains": true, "pins": "google" },
  419. { "name": "google.pt", "include_subdomains": true, "pins": "google" },
  420. { "name": "google.ro", "include_subdomains": true, "pins": "google" },
  421. { "name": "google.rs", "include_subdomains": true, "pins": "google" },
  422. { "name": "google.ru", "include_subdomains": true, "pins": "google" },
  423. { "name": "google.rw", "include_subdomains": true, "pins": "google" },
  424. { "name": "google.sc", "include_subdomains": true, "pins": "google" },
  425. { "name": "google.se", "include_subdomains": true, "pins": "google" },
  426. { "name": "google.sh", "include_subdomains": true, "pins": "google" },
  427. { "name": "google.si", "include_subdomains": true, "pins": "google" },
  428. { "name": "google.sk", "include_subdomains": true, "pins": "google" },
  429. { "name": "google.sm", "include_subdomains": true, "pins": "google" },
  430. { "name": "google.sn", "include_subdomains": true, "pins": "google" },
  431. { "name": "google.so", "include_subdomains": true, "pins": "google" },
  432. { "name": "google.st", "include_subdomains": true, "pins": "google" },
  433. { "name": "google.td", "include_subdomains": true, "pins": "google" },
  434. { "name": "google.tg", "include_subdomains": true, "pins": "google" },
  435. { "name": "google.tk", "include_subdomains": true, "pins": "google" },
  436. { "name": "google.tl", "include_subdomains": true, "pins": "google" },
  437. { "name": "google.tm", "include_subdomains": true, "pins": "google" },
  438. { "name": "google.tn", "include_subdomains": true, "pins": "google" },
  439. { "name": "google.to", "include_subdomains": true, "pins": "google" },
  440. { "name": "google.tp", "include_subdomains": true, "pins": "google" },
  441. { "name": "google.tt", "include_subdomains": true, "pins": "google" },
  442. { "name": "google.us", "include_subdomains": true, "pins": "google" },
  443. { "name": "google.uz", "include_subdomains": true, "pins": "google" },
  444. { "name": "google.vg", "include_subdomains": true, "pins": "google" },
  445. { "name": "google.vu", "include_subdomains": true, "pins": "google" },
  446. { "name": "google.ws", "include_subdomains": true, "pins": "google" },
  447. // Exclude the learn.doubleclick.net subdomain because it uses a different
  448. // CA.
  449. { "name": "learn.doubleclick.net", "include_subdomains": true },
  450.  
  451. // Force HTTPS for sites that have requested it.
  452. { "name": "www.paypal.com", "mode": "force-https" },
  453. { "name": "paypal.com", "mode": "force-https" },
  454. { "name": "www.elanex.biz", "mode": "force-https" },
  455. { "name": "jottit.com", "include_subdomains": true, "mode": "force-https" },
  456. { "name": "sunshinepress.org", "include_subdomains": true, "mode": "force-https" },
  457. { "name": "www.noisebridge.net", "mode": "force-https" },
  458. { "name": "neg9.org", "mode": "force-https" },
  459. { "name": "riseup.net", "include_subdomains": true, "mode": "force-https" },
  460. { "name": "factor.cc", "mode": "force-https" },
  461. { "name": "members.mayfirst.org", "include_subdomains": true, "mode": "force-https" },
  462. { "name": "support.mayfirst.org", "include_subdomains": true, "mode": "force-https" },
  463. { "name": "id.mayfirst.org", "include_subdomains": true, "mode": "force-https" },
  464. { "name": "lists.mayfirst.org", "include_subdomains": true, "mode": "force-https" },
  465. { "name": "webmail.mayfirst.org", "include_subdomains": true, "mode": "force-https" },
  466. { "name": "roundcube.mayfirst.org", "include_subdomains": true, "mode": "force-https" },
  467. { "name": "aladdinschools.appspot.com", "mode": "force-https" },
  468. { "name": "ottospora.nl", "include_subdomains": true, "mode": "force-https" },
  469. { "name": "www.paycheckrecords.com", "mode": "force-https" },
  470. { "name": "lastpass.com", "mode": "force-https" },
  471. { "name": "www.lastpass.com", "mode": "force-https" },
  472. { "name": "keyerror.com", "include_subdomains": true, "mode": "force-https" },
  473. { "name": "entropia.de", "mode": "force-https" },
  474. { "name": "www.entropia.de", "mode": "force-https" },
  475. { "name": "romab.com", "include_subdomains": true, "mode": "force-https" },
  476. { "name": "logentries.com", "mode": "force-https" },
  477. { "name": "www.logentries.com", "mode": "force-https" },
  478. { "name": "stripe.com", "include_subdomains": true, "mode": "force-https" },
  479. { "name": "cloudsecurityalliance.org", "include_subdomains": true, "mode": "force-https" },
  480. { "name": "login.sapo.pt", "include_subdomains": true, "mode": "force-https" },
  481. { "name": "mattmccutchen.net", "include_subdomains": true, "mode": "force-https" },
  482. { "name": "betnet.fr", "include_subdomains": true, "mode": "force-https" },
  483. { "name": "uprotect.it", "include_subdomains": true, "mode": "force-https" },
  484. { "name": "squareup.com", "mode": "force-https" },
  485. { "name": "square.com", "include_subdomains": true, "mode": "force-https" },
  486. { "name": "cert.se", "include_subdomains": true, "mode": "force-https" },
  487. { "name": "crypto.is", "include_subdomains": true, "mode": "force-https" },
  488. { "name": "simon.butcher.name", "include_subdomains": true, "mode": "force-https" },
  489. { "name": "linx.net", "include_subdomains": true, "mode": "force-https" },
  490. { "name": "dropcam.com", "mode": "force-https" },
  491. { "name": "www.dropcam.com", "mode": "force-https" },
  492. { "name": "ebanking.indovinabank.com.vn", "include_subdomains": true, "mode": "force-https" },
  493. { "name": "epoxate.com", "mode": "force-https" },
  494. { "name": "torproject.org", "mode": "force-https", "pins": "tor" },
  495. { "name": "blog.torproject.org", "include_subdomains": true, "mode": "force-https", "pins": "tor" },
  496. { "name": "check.torproject.org", "include_subdomains": true, "mode": "force-https", "pins": "tor" },
  497. { "name": "www.torproject.org", "include_subdomains": true, "mode": "force-https", "pins": "tor" },
  498. { "name": "dist.torproject.org", "include_subdomains": true, "mode": "force-https", "pins": "tor" },
  499. { "name": "www.moneybookers.com", "include_subdomains": true, "mode": "force-https" },
  500. { "name": "ledgerscope.net", "mode": "force-https" },
  501. { "name": "www.ledgerscope.net", "mode": "force-https" },
  502. { "name": "app.recurly.com", "include_subdomains": true, "mode": "force-https" },
  503. { "name": "api.recurly.com", "include_subdomains": true, "mode": "force-https" },
  504. { "name": "greplin.com", "mode": "force-https" },
  505. { "name": "www.greplin.com", "mode": "force-https" },
  506. { "name": "luneta.nearbuysystems.com", "include_subdomains": true, "mode": "force-https" },
  507. { "name": "ubertt.org", "include_subdomains": true, "mode": "force-https" },
  508. { "name": "pixi.me", "include_subdomains": true, "mode": "force-https" },
  509. { "name": "grepular.com", "include_subdomains": true, "mode": "force-https" },
  510. { "name": "mydigipass.com", "mode": "force-https" },
  511. { "name": "www.mydigipass.com", "mode": "force-https" },
  512. { "name": "developer.mydigipass.com", "mode": "force-https" },
  513. { "name": "www.developer.mydigipass.com", "mode": "force-https" },
  514. { "name": "sandbox.mydigipass.com", "mode": "force-https" },
  515. { "name": "www.sandbox.mydigipass.com", "mode": "force-https" },
  516. { "name": "crypto.cat", "mode": "force-https", "pins": "cryptoCat" },
  517. { "name": "bigshinylock.minazo.net", "include_subdomains": true, "mode": "force-https" },
  518. { "name": "crate.io", "include_subdomains": true, "mode": "force-https" },
  519. { "name": "twitter.com", "mode": "force-https", "pins": "twitterCom" },
  520. { "name": "www.twitter.com", "include_subdomains": true, "mode": "force-https", "pins": "twitterCom" },
  521. { "name": "api.twitter.com", "include_subdomains": true, "pins": "twitterCDN" },
  522. { "name": "oauth.twitter.com", "include_subdomains": true, "pins": "twitterCom" },
  523. { "name": "mobile.twitter.com", "include_subdomains": true, "pins": "twitterCom" },
  524. { "name": "dev.twitter.com", "include_subdomains": true, "pins": "twitterCom" },
  525. { "name": "business.twitter.com", "include_subdomains": true, "pins": "twitterCom" },
  526. { "name": "platform.twitter.com", "include_subdomains": true, "pins": "twitterCDN" },
  527. { "name": "si0.twimg.com", "include_subdomains": true, "pins": "twitterCDN" },
  528. { "name": "twimg0-a.akamaihd.net", "include_subdomains": true, "pins": "twitterCDN" },
  529. { "name": "braintreegateway.com", "include_subdomains": true, "mode": "force-https" },
  530. { "name": "braintreepayments.com", "mode": "force-https" },
  531. { "name": "www.braintreepayments.com", "mode": "force-https" },
  532. { "name": "emailprivacytester.com", "mode": "force-https" },
  533. { "name": "tor2web.org", "include_subdomains": true, "pins": "tor2web" },
  534. { "name": "business.medbank.com.mt", "include_subdomains": true, "mode": "force-https" },
  535. { "name": "arivo.com.br", "include_subdomains": true, "mode": "force-https" },
  536. { "name": "www.apollo-auto.com", "include_subdomains": true, "mode": "force-https" },
  537. { "name": "www.cueup.com", "include_subdomains": true, "mode": "force-https" },
  538. { "name": "jitsi.org", "mode": "force-https" },
  539. { "name": "www.jitsi.org", "mode": "force-https" },
  540. { "name": "download.jitsi.org", "mode": "force-https" },
  541. { "name": "sol.io", "include_subdomains": true, "mode": "force-https" },
  542. { "name": "irccloud.com", "mode": "force-https" },
  543. { "name": "www.irccloud.com", "mode": "force-https" },
  544. { "name": "alpha.irccloud.com", "mode": "force-https" },
  545. { "name": "passwd.io", "include_subdomains": true, "mode": "force-https" },
  546. { "name": "browserid.org", "include_subdomains": true, "mode": "force-https" },
  547. { "name": "login.persona.org", "include_subdomains": true, "mode": "force-https" },
  548. { "name": "neonisi.com", "mode": "force-https" },
  549. { "name": "www.neonisi.com", "include_subdomains": true, "mode": "force-https" },
  550. { "name": "shops.neonisi.com", "include_subdomains": true, "mode": "force-https" },
  551. { "name": "piratenlogin.de", "include_subdomains": true, "mode": "force-https" },
  552. { "name": "howrandom.org", "include_subdomains": true, "mode": "force-https" },
  553. { "name": "intercom.io", "mode": "force-https" },
  554. { "name": "api.intercom.io", "mode": "force-https" },
  555. { "name": "www.intercom.io", "mode": "force-https" },
  556. { "name": "fatzebra.com.au", "include_subdomains": true, "mode": "force-https" },
  557. { "name": "csawctf.poly.edu", "include_subdomains": true, "mode": "force-https" },
  558. { "name": "makeyourlaws.org", "mode": "force-https" },
  559. { "name": "www.makeyourlaws.org", "mode": "force-https" },
  560. { "name": "iop.intuit.com", "include_subdomains": true, "mode": "force-https" },
  561. { "name": "surfeasy.com", "mode": "force-https" },
  562. { "name": "www.surfeasy.com", "mode": "force-https" },
  563. { "name": "packagist.org", "mode": "force-https" },
  564. { "name": "lookout.com", "mode": "force-https" },
  565. { "name": "www.lookout.com", "mode": "force-https" },
  566. { "name": "mylookout.com", "mode": "force-https" },
  567. { "name": "www.mylookout.com", "mode": "force-https" },
  568. { "name": "dm.lookout.com", "mode": "force-https" },
  569. { "name": "dm.mylookout.com", "mode": "force-https" },
  570. { "name": "itriskltd.com", "include_subdomains": true, "mode": "force-https" },
  571. { "name": "stocktrade.de", "include_subdomains": true, "mode": "force-https" },
  572. { "name": "openshift.redhat.com", "include_subdomains": true, "mode": "force-https" },
  573. { "name": "therapynotes.com", "mode": "force-https" },
  574. { "name": "www.therapynotes.com", "mode": "force-https" },
  575. { "name": "wiz.biz", "include_subdomains": true, "mode": "force-https" },
  576. { "name": "my.onlime.ch", "include_subdomains": true, "mode": "force-https" },
  577. { "name": "webmail.onlime.ch", "include_subdomains": true, "mode": "force-https" },
  578. { "name": "crm.onlime.ch", "include_subdomains": true, "mode": "force-https" },
  579. { "name": "www.gov.uk", "include_subdomains": true, "mode": "force-https" },
  580. { "name": "silentcircle.com", "include_subdomains": true, "mode": "force-https" },
  581. { "name": "silentcircle.org", "include_subdomains": true, "mode": "force-https" },
  582. { "name": "serverdensity.io", "include_subdomains": true, "mode": "force-https" },
  583. { "name": "my.alfresco.com", "include_subdomains": true, "mode": "force-https" },
  584. { "name": "webmail.gigahost.dk", "include_subdomains": true, "mode": "force-https" },
  585. { "name": "paymill.com", "include_subdomains": true, "mode": "force-https" },
  586. { "name": "paymill.de", "include_subdomains": true, "mode": "force-https" },
  587. { "name": "gocardless.com", "include_subdomains": true, "mode": "force-https" },
  588. { "name": "espra.com", "include_subdomains": true, "mode": "force-https" },
  589. { "name": "zoo24.de", "include_subdomains": true, "mode": "force-https" },
  590. { "name": "mega.co.nz", "mode": "force-https" },
  591. { "name": "api.mega.co.nz", "include_subdomains": true, "mode": "force-https" },
  592. { "name": "lockify.com", "include_subdomains": true, "mode": "force-https" },
  593. { "name": "writeapp.me", "mode": "force-https" },
  594. { "name": "bugzilla.mozilla.org", "include_subdomains": true, "mode": "force-https" },
  595. { "name": "members.nearlyfreespeech.net", "include_subdomains": true, "mode": "force-https" },
  596. { "name": "ssl.panoramio.com", "mode": "force-https" },
  597. { "name": "kiwiirc.com", "mode": "force-https" },
  598. { "name": "pay.gigahost.dk", "include_subdomains": true, "mode": "force-https" },
  599. { "name": "controlcenter.gigahost.dk", "include_subdomains": true, "mode": "force-https" },
  600. { "name": "simple.com", "mode": "force-https" },
  601. { "name": "www.simple.com", "mode": "force-https" },
  602. { "name": "fj.simple.com", "mode": "force-https" },
  603. { "name": "api.simple.com", "mode": "force-https" },
  604. { "name": "bank.simple.com", "include_subdomains": true, "mode": "force-https" },
  605. { "name": "bassh.net", "include_subdomains": true, "mode": "force-https" },
  606. { "name": "sah3.net", "include_subdomains": true, "mode": "force-https" },
  607. { "name": "grc.com", "mode": "force-https" },
  608. { "name": "www.grc.com", "mode": "force-https" },
  609. { "name": "linode.com", "mode": "force-https" },
  610. { "name": "www.linode.com", "mode": "force-https" },
  611. { "name": "manager.linode.com", "mode": "force-https" },
  612. { "name": "blog.linode.com", "mode": "force-https" },
  613. { "name": "library.linode.com", "mode": "force-https" },
  614. { "name": "forum.linode.com", "mode": "force-https" },
  615. { "name": "p.linode.com", "mode": "force-https" },
  616. { "name": "paste.linode.com", "mode": "force-https" },
  617. { "name": "pastebin.linode.com", "mode": "force-https" },
  618. { "name": "inertianetworks.com", "include_subdomains": true, "mode": "force-https" },
  619. { "name": "carezone.com", "mode": "force-https" },
  620. { "name": "conformal.com", "include_subdomains": true, "mode": "force-https" },
  621. { "name": "cyphertite.com", "include_subdomains": true, "mode": "force-https" },
  622. { "name": "logotype.se", "include_subdomains": true, "mode": "force-https" },
  623. { "name": "bccx.com", "include_subdomains": true, "mode": "force-https" },
  624. { "name": "launchkey.com", "include_subdomains": true, "mode": "force-https" },
  625. { "name": "carlolly.co.uk", "include_subdomains": true, "mode": "force-https" },
  626. { "name": "www.cyveillance.com", "include_subdomains": true, "mode": "force-https" },
  627. { "name": "blog.cyveillance.com", "include_subdomains": true, "mode": "force-https" },
  628. { "name": "whonix.org", "include_subdomains": true, "mode": "force-https" },
  629. { "name": "blueseed.co", "include_subdomains": true, "mode": "force-https" },
  630. { "name": "forum.quantifiedself.com", "include_subdomains": true, "mode": "force-https" },
  631. { "name": "shodan.io", "include_subdomains": true, "mode": "force-https" },
  632. { "name": "rapidresearch.me", "include_subdomains": true, "mode": "force-https" },
  633. { "name": "surkatty.org", "include_subdomains": true, "mode": "force-https" },
  634. { "name": "securityheaders.com", "include_subdomains": true, "mode": "force-https" },
  635. { "name": "haste.ch", "include_subdomains": true, "mode": "force-https" },
  636. { "name": "mudcrab.us", "include_subdomains": true, "mode": "force-https" },
  637. { "name": "mediacru.sh", "include_subdomains": true, "mode": "force-https" },
  638. { "name": "lolicore.ch", "include_subdomains": true, "mode": "force-https" },
  639. { "name": "cloudns.com.au", "include_subdomains": true, "mode": "force-https" },
  640. { "name": "oplop.appspot.com", "include_subdomains": true, "mode": "force-https" },
  641. { "name": "bcrook.com", "mode": "force-https" },
  642. { "name": "wiki.python.org", "include_subdomains": true, "mode": "force-https" },
  643. { "name": "lumi.do", "mode": "force-https" },
  644. { "name": "appseccalifornia.org", "include_subdomains": true, "mode": "force-https" },
  645. { "name": "crowdcurity.com", "include_subdomains": true, "mode": "force-https" },
  646. { "name": "saturngames.co.uk", "include_subdomains": true, "mode": "force-https" },
  647. { "name": "strongest-privacy.com", "include_subdomains": true, "mode": "force-https" },
  648. { "name": "ecosystem.atlassian.net", "include_subdomains": true, "mode": "force-https" },
  649. { "name": "id.atlassian.com", "include_subdomains": true, "mode": "force-https" },
  650. { "name": "bitbucket.org", "mode": "force-https" },
  651. { "name": "cupcake.io", "include_subdomains": true, "mode": "force-https" },
  652. { "name": "cupcake.is", "include_subdomains": true, "mode": "force-https" },
  653. { "name": "tent.io", "include_subdomains": true, "mode": "force-https" },
  654. { "name": "cybozu.com", "include_subdomains": true, "mode": "force-https" },
  655. { "name": "davidlyness.com", "include_subdomains": true, "mode": "force-https" },
  656.  
  657. // Entries that are only valid if the client supports SNI.
  658. { "name": "gmail.com", "mode": "force-https", "pins": "google", "snionly": true },
  659. { "name": "googlemail.com", "mode": "force-https", "pins": "google", "snionly": true },
  660. { "name": "www.gmail.com", "mode": "force-https", "pins": "google", "snionly": true },
  661. { "name": "www.googlemail.com", "mode": "force-https", "pins": "google", "snionly": true },
  662. { "name": "google-analytics.com", "include_subdomains": true, "pins": "google", "snionly": true },
  663. { "name": "googlegroups.com", "include_subdomains": true, "pins": "google", "snionly": true }
  664. ]
  665. }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!