findsecuritycontacts.com

Home

fb.com

Scanned: 10:17:33+0000 on 29 April 2024

{
  "time": 1714385852.0397465,
  "raw_target": "fb.com",
  "has_contact": true,
  "target": "fb.com",
  "scan_type": "domain",
  "message": "fb.com",
  "domain_details": {
    "a_records": [
      "157.240.229.35"
    ],
    "cname_records": [],
    "txt_records": [
      "mentimeter-16bdc82d-93be-47de-a6d4-fd6adb17c403",
      "mentimeter-8599dcd1-e0da-4326-882e-7570e7c942fb",
      "docusign=ad7f789d-eff1-4283-9d90-fdc9484527e1",
      "google-site-verification=Dsycvk_Ky3uQjdvuPrI_Z6A98lWghNTntdS4LuATOj8",
      "G3X1k1XGYGra1nUpTv7Rdk2wAEFHfkKIr9/4/6+Nu67Ks9cR8xaiqAZPPhis9lGD6mb/+9vygIr4QKXIpxIc7w==",
      "atlassian-domain-verification=I7HLjLnlhJiDT58wzrru2Pd/2cRWa3AKlgCjDPOO43GMP7H0QuafH6eBts3D1GaP",
      "586957ce-d11e-4efa-9fe5-a887498bf838",
      "v=spf1 redirect=_spf.fb.com",
      "parkable-domain-verification=N89SxXel0S4pUXDFVpckFmXIO9MUvN4Or0bO_Lcb8Os=",
      "I2B7AuxY6G1G_NeiaHF-9A0zn-3NDBnlOBi4zItNCU8",
      "smartsheet-site-validation=sB5xgx-1nsnQCgORYUhnyDG3Jr739OxJ",
      "MS=ms56927146"
    ],
    "time": 0,
    "dns_resolve_time": 1714385852.126357
  },
  "dnssecuritytxt": {
    "security_contact": null,
    "security_policy": null,
    "matching_domain": null
  },
  "port": 443,
  "certificate": {
    "issuer": "/C=US/O=DigiCert Inc/OU=www.digicert.com/CN=DigiCert SHA2 High Assurance Server CA",
    "notAfter": "2024-05-06 23:59:59 UTC",
    "notBefore": "2024-02-06 00:00:00 UTC",
    "serialNumber": 18615698270173295425407264369784700167,
    "subject": "/C=US/ST=California/L=Menlo Park/O=Meta Platforms, Inc./CN=*.fb.com",
    "authorityKeyIdentifier": [
      "51:68:FF:90:AF:02:07:75:3C:CC:D9:65:64:62:A2:12:B8:59:72:3B"
    ],
    "subjectKeyIdentifier": [
      "C3:08:B3:F6:BC:24:69:84:FC:8F:B6:4E:77:08:4A:E0:D7:AD:D7:0C"
    ],
    "subjectAltName": {
      "DNS": [
        "*.fb.com",
        "fb.com"
      ]
    },
    "certificatePolicies": [
      "Policy: 2.23.140.1.2.2",
      "CPS: http://www.digicert.com/CPS"
    ],
    "keyUsage": [
      "Digital Signature, Key Encipherment"
    ],
    "extendedKeyUsage": [
      "TLS Web Server Authentication, TLS Web Client Authentication"
    ],
    "crlDistributionPoints": [
      "Full Name:",
      {
        "URI": "http://crl3.digicert.com/sha2-ha-server-g6.crl"
      },
      {
        "URI": "http://crl4.digicert.com/sha2-ha-server-g6.crl"
      }
    ],
    "authorityInfoAccess": [
      {
        "OCSP - URI": "http://ocsp.digicert.com"
      },
      {
        "CA Issuers - URI": "http://cacerts.digicert.com/DigiCertSHA2HighAssuranceServerCA.crt"
      }
    ],
    "basicConstraints": [
      "CA:FALSE"
    ],
    "ct_precert_scts": [
      "Signed Certificate Timestamp:",
      "Version   : v1 (0x0)",
      "Log ID    : 76:FF:88:3F:0A:B6:FB:95:51:C2:61:CC:F5:87:BA:34:",
      "B4:A4:CD:BB:29:DC:68:42:0A:9F:E6:67:4C:5A:3A:74",
      "Timestamp : Feb  6 00:21:19.503 2024 GMT",
      "Extensions: none",
      "Signature : ecdsa-with-SHA256",
      "30:46:02:21:00:BD:67:35:44:F5:0A:D0:05:6C:DB:43:",
      "09:5C:4D:AB:99:34:BC:76:84:FF:AD:82:FF:D0:66:C1:",
      "D4:6B:CC:6E:31:02:21:00:DF:6F:AA:E3:31:25:B5:88:",
      "65:F3:97:F6:99:83:89:6D:6B:90:FD:DE:9D:63:B1:9B:",
      "96:9F:BF:99:33:C3:37:61",
      "Log ID    : 48:B0:E3:6B:DA:A6:47:34:0F:E5:6A:02:FA:9D:30:EB:",
      "1C:52:01:CB:56:DD:2C:81:D9:BB:BF:AB:39:D8:84:73",
      "Timestamp : Feb  6 00:21:19.439 2024 GMT",
      "30:46:02:21:00:98:14:6F:C8:D5:03:3F:74:7A:4B:3B:",
      "62:C3:34:C8:3B:B0:67:06:78:B6:26:0C:11:7A:70:89:",
      "39:DE:AA:C2:92:02:21:00:8E:5E:87:4E:90:85:C4:CD:",
      "2B:3F:10:57:08:4B:F3:6B:15:EB:D2:A5:28:1D:2A:C0:",
      "B9:91:92:BB:C3:66:F5:29",
      "Log ID    : DA:B6:BF:6B:3F:B5:B6:22:9F:9B:C2:BB:5C:6B:E8:70:",
      "91:71:6C:BB:51:84:85:34:BD:A4:3D:30:48:D7:FB:AB",
      "Timestamp : Feb  6 00:21:19.432 2024 GMT",
      "30:46:02:21:00:D2:C4:B9:18:A7:81:4D:03:05:15:4F:",
      "C2:73:C2:87:31:5F:98:95:54:24:29:CA:C1:B7:72:53:",
      "58:AE:F9:1E:E7:02:21:00:9D:B1:FA:11:EB:58:39:96:",
      "02:C4:BD:3E:A2:48:7D:9E:6B:B5:8D:C1:80:3A:A3:56:",
      "F6:96:99:9C:72:66:11:ED"
    ]
  },
  "http_security_txt": {
    "url": "https://www.facebook.com/.well-known/security.txt",
    "status_code": 200,
    "has_contact": true,
    "valid_https": true,
    "valid_content_type": true,
    "full_text": "Contact: https://www.facebook.com/whitehat/report/\nAcknowledgments: https://www.facebook.com/whitehat/thanks/\nHiring: https://www.metacareers.com/areas-of-work/security/\n\n# Found a bug? Our bug bounty policy:\nPolicy: https://www.facebook.com/whitehat/info/\n\n# What we do when we find a bug in another product:\nPolicy: https://about.meta.com/security/vulnerability-disclosure-policy\n\nExpires: Wed, 29 May 2024 03:17:33 -0700",
    "min_text": "Contact: https://www.facebook.com/whitehat/report/\nAcknowledgements: https://www.facebook.com/whitehat/thanks/\nHiring: https://www.metacareers.com/areas-of-work/security/\nPolicy: https://www.facebook.com/whitehat/info/\nPolicy: https://about.meta.com/security/vulnerability-disclosure-policy\nExpires: Wed, 29 May 2024 03:17:33 -0700\n",
    "items": {
      "Acknowledgements": [
        "https://www.facebook.com/whitehat/thanks/"
      ],
      "Canonical": [],
      "Contact": [
        "https://www.facebook.com/whitehat/report/"
      ],
      "Encryption": [],
      "Preferred-Languages": "",
      "Expires": "Wed, 29 May 2024 03:17:33 -0700",
      "Hiring": [
        "https://www.metacareers.com/areas-of-work/security/"
      ],
      "Policy": [
        "https://www.facebook.com/whitehat/info/",
        "https://about.meta.com/security/vulnerability-disclosure-policy"
      ]
    },
    "headers": {
      "vary": "Accept-Encoding",
      "content-encoding": "br",
      "content-type": "text/plain;charset=utf-8",
      "reporting-endpoints": "coop_report=\"https://www.facebook.com/browser_reporting/coop/?minimize=0\", coep_report=\"https://www.facebook.com/browser_reporting/coep/?minimize=0\", default=\"https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown\", permissions_policy=\"https://www.facebook.com/ajax/browser_error_reports/\"",
      "report-to": "{\"max_age\":2592000,\"endpoints\":[{\"url\":\"https:\\/\\/www.facebook.com\\/browser_reporting\\/coop\\/?minimize=0\"}],\"group\":\"coop_report\",\"include_subdomains\":true}, {\"max_age\":86400,\"endpoints\":[{\"url\":\"https:\\/\\/www.facebook.com\\/browser_reporting\\/coep\\/?minimize=0\"}],\"group\":\"coep_report\"}, {\"max_age\":259200,\"endpoints\":[{\"url\":\"https:\\/\\/www.facebook.com\\/ajax\\/browser_error_reports\\/?device_level=unknown\"}]}, {\"max_age\":21600,\"endpoints\":[{\"url\":\"https:\\/\\/www.facebook.com\\/ajax\\/browser_error_reports\\/\"}],\"group\":\"permissions_policy\"}",
      "content-security-policy": "default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;",
      "document-policy": "force-load-at-top",
      "permissions-policy": "accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=(self);report-to=\"permissions_policy\"",
      "cross-origin-resource-policy": "same-origin",
      "cross-origin-embedder-policy-report-only": "require-corp;report-to=\"coep_report\"",
      "cross-origin-opener-policy": "same-origin-allow-popups;report-to=\"coop_report\"",
      "pragma": "no-cache",
      "cache-control": "private, no-cache, no-store, must-revalidate",
      "expires": "Sat, 01 Jan 2000 00:00:00 GMT",
      "x-content-type-options": "nosniff",
      "x-xss-protection": "0",
      "x-frame-options": "DENY",
      "strict-transport-security": "max-age=15552000; preload",
      "x-fb-debug": "+yoMBJNFwlt/VuvjuCFESKcRd/8eOYOwrr3RvqeHp9OYLDCEt+Beci1sZ6u6++Li1wNXYRWi4ZhTML27y3RwhQ==",
      "date": "Mon, 29 Apr 2024 10:17:33 GMT",
      "x-fb-connection-quality": "GOOD; q=0.7, rtt=76, rtx=0, c=10, mss=1380, tbw=3534, tp=-1, tpl=-1, uplat=68, ullat=0",
      "alt-svc": "h3=\":443\"; ma=86400"
    },
    "http_version": "HTTP/2",
    "redirects": [
      {
        "type": "301",
        "val": "https://fb.com/.well-known/security.txt",
        "https": true,
        "http_version": "HTTP/2"
      },
      {
        "type": "200",
        "val": "https://www.facebook.com/.well-known/security.txt",
        "https": true,
        "http_version": "HTTP/2"
      }
    ],
    "type": "https_well-known"
  },
  "rank": 79
}

dnssecuritytxt (DNS)

You can find out more about dnssecuritytxt here.

No DNS records found

security.txt (HTTP)

You can find out more about security.txt here or by looking up RFC 9116.

Status: 200

Scheme: https

URL: https://www.facebook.com/.well-known/security.txt (HTTP/2)

Has a contact: Yes

Contacts:

https://www.facebook.com/whitehat/report/

Policy:

Minimal version:

Contact: https://www.facebook.com/whitehat/report/
Acknowledgements: https://www.facebook.com/whitehat/thanks/
Hiring: https://www.metacareers.com/areas-of-work/security/
Policy: https://www.facebook.com/whitehat/info/
Policy: https://about.meta.com/security/vulnerability-disclosure-policy
Expires: Wed, 29 May 2024 03:17:33 -0700

Full version:

Contact: https://www.facebook.com/whitehat/report/
Acknowledgments: https://www.facebook.com/whitehat/thanks/
Hiring: https://www.metacareers.com/areas-of-work/security/

# Found a bug? Our bug bounty policy:
Policy: https://www.facebook.com/whitehat/info/

# What we do when we find a bug in another product:
Policy: https://about.meta.com/security/vulnerability-disclosure-policy

Expires: Wed, 29 May 2024 03:17:33 -0700

Redirects:

301: https://fb.com/.well-known/security.txt (HTTP/2)
200: https://www.facebook.com/.well-known/security.txt (HTTP/2)

Updated at: 10:17:33+0000 on 29 April 2024