findsecuritycontacts.com

Home

fb.com

Scanned: 10:17:16+0000 on 27 April 2024

{
  "time": 1714213035.3686428,
  "raw_target": "fb.com",
  "has_contact": true,
  "target": "fb.com",
  "scan_type": "domain",
  "message": "fb.com",
  "domain_details": {
    "a_records": [
      "157.240.229.35"
    ],
    "cname_records": [],
    "txt_records": [
      "mentimeter-16bdc82d-93be-47de-a6d4-fd6adb17c403",
      "mentimeter-8599dcd1-e0da-4326-882e-7570e7c942fb",
      "docusign=ad7f789d-eff1-4283-9d90-fdc9484527e1",
      "google-site-verification=Dsycvk_Ky3uQjdvuPrI_Z6A98lWghNTntdS4LuATOj8",
      "G3X1k1XGYGra1nUpTv7Rdk2wAEFHfkKIr9/4/6+Nu67Ks9cR8xaiqAZPPhis9lGD6mb/+9vygIr4QKXIpxIc7w==",
      "atlassian-domain-verification=I7HLjLnlhJiDT58wzrru2Pd/2cRWa3AKlgCjDPOO43GMP7H0QuafH6eBts3D1GaP",
      "586957ce-d11e-4efa-9fe5-a887498bf838",
      "v=spf1 redirect=_spf.fb.com",
      "parkable-domain-verification=N89SxXel0S4pUXDFVpckFmXIO9MUvN4Or0bO_Lcb8Os=",
      "I2B7AuxY6G1G_NeiaHF-9A0zn-3NDBnlOBi4zItNCU8",
      "smartsheet-site-validation=sB5xgx-1nsnQCgORYUhnyDG3Jr739OxJ",
      "MS=ms56927146"
    ],
    "time": 0,
    "dns_resolve_time": 1714213035.7187824
  },
  "dnssecuritytxt": {
    "security_contact": null,
    "security_policy": null,
    "matching_domain": null
  },
  "port": 443,
  "certificate": {
    "issuer": "/C=US/O=DigiCert Inc/OU=www.digicert.com/CN=DigiCert SHA2 High Assurance Server CA",
    "notAfter": "2024-05-04 23:59:59 UTC",
    "notBefore": "2024-02-04 00:00:00 UTC",
    "serialNumber": 16103270795442559985226909587095852709,
    "subject": "/C=US/ST=California/L=Menlo Park/O=Meta Platforms, Inc./CN=*.fb.com",
    "authorityKeyIdentifier": [
      "51:68:FF:90:AF:02:07:75:3C:CC:D9:65:64:62:A2:12:B8:59:72:3B"
    ],
    "subjectKeyIdentifier": [
      "D7:78:17:A6:D1:B8:2D:20:B3:2F:9B:9E:77:75:DC:11:22:34:AD:9F"
    ],
    "subjectAltName": {
      "DNS": [
        "*.fb.com",
        "fb.com"
      ]
    },
    "certificatePolicies": [
      "Policy: 2.23.140.1.2.2",
      "CPS: http://www.digicert.com/CPS"
    ],
    "keyUsage": [
      "Digital Signature, Key Encipherment"
    ],
    "extendedKeyUsage": [
      "TLS Web Server Authentication, TLS Web Client Authentication"
    ],
    "crlDistributionPoints": [
      "Full Name:",
      {
        "URI": "http://crl3.digicert.com/sha2-ha-server-g6.crl"
      },
      {
        "URI": "http://crl4.digicert.com/sha2-ha-server-g6.crl"
      }
    ],
    "authorityInfoAccess": [
      {
        "OCSP - URI": "http://ocsp.digicert.com"
      },
      {
        "CA Issuers - URI": "http://cacerts.digicert.com/DigiCertSHA2HighAssuranceServerCA.crt"
      }
    ],
    "basicConstraints": [
      "CA:FALSE"
    ],
    "ct_precert_scts": [
      "Signed Certificate Timestamp:",
      "Version   : v1 (0x0)",
      "Log ID    : 76:FF:88:3F:0A:B6:FB:95:51:C2:61:CC:F5:87:BA:34:",
      "B4:A4:CD:BB:29:DC:68:42:0A:9F:E6:67:4C:5A:3A:74",
      "Timestamp : Feb  4 00:18:23.699 2024 GMT",
      "Extensions: none",
      "Signature : ecdsa-with-SHA256",
      "30:45:02:20:41:B6:60:07:A2:1E:48:F8:FB:3C:F4:5C:",
      "86:B0:93:C9:84:0C:C9:78:0C:73:04:19:33:09:29:CF:",
      "CA:D9:BD:B8:02:21:00:A1:AE:1F:F7:11:DD:74:7A:0C:",
      "DF:66:6D:2D:84:6B:85:DD:EE:D5:83:55:36:B5:3C:E0:",
      "64:EC:B5:AD:1F:A2:82",
      "Log ID    : 48:B0:E3:6B:DA:A6:47:34:0F:E5:6A:02:FA:9D:30:EB:",
      "1C:52:01:CB:56:DD:2C:81:D9:BB:BF:AB:39:D8:84:73",
      "Timestamp : Feb  4 00:18:23.625 2024 GMT",
      "30:45:02:21:00:C4:ED:EF:9F:54:5F:FA:69:D1:FB:CE:",
      "1A:A6:30:78:19:E1:98:5A:03:FB:CB:1C:0D:D2:A2:25:",
      "7E:2A:73:5E:3C:02:20:02:6E:A9:AD:C8:A6:0D:21:98:",
      "EF:03:B0:17:E7:AC:20:9E:A2:B1:BD:97:0A:49:D6:3A:",
      "D8:AC:B2:C9:BF:8D:5B",
      "Log ID    : DA:B6:BF:6B:3F:B5:B6:22:9F:9B:C2:BB:5C:6B:E8:70:",
      "91:71:6C:BB:51:84:85:34:BD:A4:3D:30:48:D7:FB:AB",
      "Timestamp : Feb  4 00:18:23.590 2024 GMT",
      "30:45:02:20:37:14:0D:32:09:B0:8D:F0:20:37:F3:41:",
      "3F:04:FC:11:84:C9:35:99:0C:DA:8F:2A:D9:54:E2:35:",
      "C7:8F:52:33:02:21:00:9D:DF:F9:92:2C:E6:1D:7F:2E:",
      "91:85:DD:40:28:5B:C9:CF:09:FD:9C:10:15:61:7C:39:",
      "44:B0:42:70:E9:0E:3E"
    ]
  },
  "http_security_txt": {
    "url": "https://www.facebook.com/.well-known/security.txt",
    "status_code": 200,
    "has_contact": true,
    "valid_https": true,
    "valid_content_type": true,
    "full_text": "Contact: https://www.facebook.com/whitehat/report/\nAcknowledgments: https://www.facebook.com/whitehat/thanks/\nHiring: https://www.metacareers.com/areas-of-work/security/\n\n# Found a bug? Our bug bounty policy:\nPolicy: https://www.facebook.com/whitehat/info/\n\n# What we do when we find a bug in another product:\nPolicy: https://about.meta.com/security/vulnerability-disclosure-policy\n\nExpires: Mon, 27 May 2024 03:17:16 -0700",
    "min_text": "Contact: https://www.facebook.com/whitehat/report/\nAcknowledgements: https://www.facebook.com/whitehat/thanks/\nHiring: https://www.metacareers.com/areas-of-work/security/\nPolicy: https://www.facebook.com/whitehat/info/\nPolicy: https://about.meta.com/security/vulnerability-disclosure-policy\nExpires: Mon, 27 May 2024 03:17:16 -0700\n",
    "items": {
      "Acknowledgements": [
        "https://www.facebook.com/whitehat/thanks/"
      ],
      "Canonical": [],
      "Contact": [
        "https://www.facebook.com/whitehat/report/"
      ],
      "Encryption": [],
      "Preferred-Languages": "",
      "Expires": "Mon, 27 May 2024 03:17:16 -0700",
      "Hiring": [
        "https://www.metacareers.com/areas-of-work/security/"
      ],
      "Policy": [
        "https://www.facebook.com/whitehat/info/",
        "https://about.meta.com/security/vulnerability-disclosure-policy"
      ]
    },
    "headers": {
      "vary": "Accept-Encoding",
      "content-encoding": "br",
      "content-type": "text/plain;charset=utf-8",
      "reporting-endpoints": "coop_report=\"https://www.facebook.com/browser_reporting/coop/?minimize=0\", coep_report=\"https://www.facebook.com/browser_reporting/coep/?minimize=0\", default=\"https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown\", permissions_policy=\"https://www.facebook.com/ajax/browser_error_reports/\"",
      "report-to": "{\"max_age\":2592000,\"endpoints\":[{\"url\":\"https:\\/\\/www.facebook.com\\/browser_reporting\\/coop\\/?minimize=0\"}],\"group\":\"coop_report\",\"include_subdomains\":true}, {\"max_age\":86400,\"endpoints\":[{\"url\":\"https:\\/\\/www.facebook.com\\/browser_reporting\\/coep\\/?minimize=0\"}],\"group\":\"coep_report\"}, {\"max_age\":259200,\"endpoints\":[{\"url\":\"https:\\/\\/www.facebook.com\\/ajax\\/browser_error_reports\\/?device_level=unknown\"}]}, {\"max_age\":21600,\"endpoints\":[{\"url\":\"https:\\/\\/www.facebook.com\\/ajax\\/browser_error_reports\\/\"}],\"group\":\"permissions_policy\"}",
      "content-security-policy": "default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;",
      "document-policy": "force-load-at-top",
      "permissions-policy": "accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=(self);report-to=\"permissions_policy\"",
      "cross-origin-resource-policy": "same-origin",
      "cross-origin-embedder-policy-report-only": "require-corp;report-to=\"coep_report\"",
      "cross-origin-opener-policy": "same-origin-allow-popups;report-to=\"coop_report\"",
      "pragma": "no-cache",
      "cache-control": "private, no-cache, no-store, must-revalidate",
      "expires": "Sat, 01 Jan 2000 00:00:00 GMT",
      "x-content-type-options": "nosniff",
      "x-xss-protection": "0",
      "x-frame-options": "DENY",
      "strict-transport-security": "max-age=15552000; preload",
      "x-fb-debug": "LYCEfFpHueEwm2YgbGxR27Dte7d5iZNPJILXiaAD93YZXswlFxDg1sX93qs5p2dU4mQXweS/3id8ZP932SMZ+A==",
      "date": "Sat, 27 Apr 2024 10:17:16 GMT",
      "x-fb-connection-quality": "EXCELLENT; q=0.9, rtt=24, rtx=0, c=10, mss=1380, tbw=3531, tp=-1, tpl=-1, uplat=86, ullat=0",
      "alt-svc": "h3=\":443\"; ma=86400"
    },
    "http_version": "HTTP/2",
    "redirects": [
      {
        "type": "301",
        "val": "https://fb.com/.well-known/security.txt",
        "https": true,
        "http_version": "HTTP/2"
      },
      {
        "type": "200",
        "val": "https://www.facebook.com/.well-known/security.txt",
        "https": true,
        "http_version": "HTTP/2"
      }
    ],
    "type": "https_well-known"
  },
  "rank": 79
}

dnssecuritytxt (DNS)

You can find out more about dnssecuritytxt here.

No DNS records found

security.txt (HTTP)

You can find out more about security.txt here or by looking up RFC 9116.

Status: 200

Scheme: https

URL: https://www.facebook.com/.well-known/security.txt (HTTP/2)

Has a contact: Yes

Contacts:

https://www.facebook.com/whitehat/report/

Policy:

Minimal version:

Contact: https://www.facebook.com/whitehat/report/
Acknowledgements: https://www.facebook.com/whitehat/thanks/
Hiring: https://www.metacareers.com/areas-of-work/security/
Policy: https://www.facebook.com/whitehat/info/
Policy: https://about.meta.com/security/vulnerability-disclosure-policy
Expires: Mon, 27 May 2024 03:17:16 -0700

Full version:

Contact: https://www.facebook.com/whitehat/report/
Acknowledgments: https://www.facebook.com/whitehat/thanks/
Hiring: https://www.metacareers.com/areas-of-work/security/

# Found a bug? Our bug bounty policy:
Policy: https://www.facebook.com/whitehat/info/

# What we do when we find a bug in another product:
Policy: https://about.meta.com/security/vulnerability-disclosure-policy

Expires: Mon, 27 May 2024 03:17:16 -0700

Redirects:

301: https://fb.com/.well-known/security.txt (HTTP/2)
200: https://www.facebook.com/.well-known/security.txt (HTTP/2)

Updated at: 10:17:16+0000 on 27 April 2024