https://mitmdetection.services.mozilla.com/ is contacted over catch-all circuit
If one triggers a MitM-warning (e.g. on https://mitm-software.badssl.com/) what seems to be a background request is sent over the catch-all circuit to https://mitmdetection.services.mozilla.com:
[10-25 07:50:12] Torbutton INFO: tor SOCKS: https://mitmdetection.services.mozilla.com/ via
--unknown--:3c6a3286392291d7459b9e131ebc8f73
Either we properly do FPI here OR we just omit contacting Mozilla here at all (I think the latter sounds fine).