|Site title||Facebook – log in or sign up|
|Description||Create an account or log in to Facebook. Connect with friends, family and other people you know. Share photos and videos, send messages and get updates.|
|Date first seen||May 1997|
|Netcraft Risk Rating||0/10|
|Netblock Owner||Facebook, Inc.|
|IP address||126.96.36.199 (VirusTotal)|
|Organisation||Facebook, Inc., 1601 Willow Rd, Menlo Park, 94025, United States|
|Top Level Domain||Commercial entities (.com)|
|DNS Security Extensions||unknown|
|Latest Performance||Performance Graph|
|0.0.0.0-255.255.255.255||N/A||IANA-BLK||The whole IPv4 address space|
|↳ 188.8.131.52-184.108.40.206||United States||NET157||Various Registries (Maintained by ARIN)|
|↳ 220.127.116.11-18.104.22.168||United States||THEFA-3||Facebook, Inc.|
|↳ 22.214.171.124||United States||THEFA-3||Facebook, Inc.|
|::/0||N/A||ROOT||Root inet6num object|
|↳ 2a00::/11||European Union||EU-ZZ-2A00||RIPE NCC|
|↳ 2a00::/12||Netherlands||EU-ZZ-2A00||RIPE Network Coordination Centre|
|Organisational unit||Not Present|
|Subject Alternative Name||*.facebook.com, *.facebook.net, *.fb.com, *.fbcdn.net, *.fbsbx.com, *.messenger.com, facebook.com, fb.com, messenger.com, *.m.facebook.com, *.xx.fbcdn.net, *.xy.fbcdn.net, *.xz.fbcdn.net|
|Validity period||From Mar 1 2020 to May 30 2020 (2 months, 4 weeks, 1 day)|
|Public key algorithm||id-ecPublicKey|
|Public key length||256|
|Perfect Forward Secrecy||Yes|
|Next Protocol Negotiation||Not Present|
|Supported TLS Extensions||RFC5746 renegotiation info, RFC4366 server name, RFC4492 EC point formats, RFC5077 session ticket, unknown|
|Issuing organisation||DigiCert Inc|
|Issuer common name||DigiCert SHA2 High Assurance Server CA|
|Issuer location||Not Present|
|Issuer state||Not Present|
|Certificate Revocation Lists||
|Public Key Hash||29515bc1e07c020f5fd3c319594ee6edc1bcdeda6ff0c977f49a4e1d4dc448c8|
|OCSP servers||http://ocsp.digicert.com - 100% uptime in the past 24 hours
|OCSP stapling response||No response received|
Signed Certificate Timestamps (SCTs)
|Certificate||Google Argon 2020
|Certificate||DigiCert Yeti 2020
This site does not support the SSL version 3 protocol.
The site offered the Heartbeat TLS extension prior to the Heartbleed disclosure, but is using a new certificate and no longer offers Heartbeat.
This test does not exploit the Heartbleed vulnerability but uses information from conventional HTTPS requests. More information about Heartbleed detection.
SSL Certificate Chain
|Common name||DigiCert High Assurance EV Root CA|
|Validity period||From 2006-11-10 to 2031-11-10|
|Common name||DigiCert SHA2 High Assurance Server CA|
|Validity period||From 2013-10-22 to 2028-10-22|
|Netblock owner||IP address||OS||Web server||Last seen|
|Facebook, Inc. 1601 Willow Rd. Menlo Park CA US 94025||126.96.36.199||Linux||unknown||4-Apr-2020|
|Facebook, Inc. 1601 Willow Rd. Menlo Park CA US 94025||188.8.131.52||Linux||unknown||3-Apr-2020|
|Facebook, Inc. 1601 Willow Rd. Menlo Park CA US 94025||184.108.40.206||Linux||unknown||5-Mar-2020|
|Facebook, Inc. 1601 Willow Rd. Menlo Park CA US 94025||220.127.116.11||Linux||unknown||20-Feb-2020|
|Facebook, Inc. 1601 Willow Rd. Menlo Park CA US 94025||18.104.22.168||Linux||unknown||6-Feb-2020|
|Facebook, Inc. 1601 Willow Rd. Menlo Park CA US 94025||22.214.171.124||Linux||unknown||11-Jan-2020|
|Facebook South Africa Pty Ltd||126.96.36.199||Linux||unknown||23-Dec-2019|
|Facebook, Inc. 1601 Willow Rd. Menlo Park CA US 94025||188.8.131.52||Linux||unknown||20-Nov-2019|
Sender Policy Framework
A host's Sender Policy Framework (SPF) describes who can send mail on its behalf. This is done by publishing an SPF record containing a series of rules. Each rule consists of a qualifier followed by a specification of which domains to apply this qualifier to. For more information please see open-spf.org.
Warning: It appears that this host does not have an SPF record. There may be an SPF record on facebook.com: Check the site report.
Setting up an SPF record helps prevent the delivery of forged emails from your domain. Please note that an SPF record will only protect the domain it is added to and not any mail-enabled subdomains. It is recommended to add an SPF record to any subdomain with an MX record.
DMARC (Domain-based Message Authentication, Reporting and Conformance) is a mechanism for domain owners to indicate how mail purporting to originate from their domain should be authenticated. It builds on SPF and DKIM, providing a method to set policy and to give reporting of failures. For more information please see dmarc.org.
This host does not have a DMARC record. There may be a DMARC record on the site report for facebook.com: Check the site report.
Site Technology (fetched 25 days ago)
Includes all the main technologies that Netcraft detects as running on the server such as PHP.
Technology Description Popular sites using this technology PHP PHP is supported and/or running www.trendupdeal.com, www.kinopoisk.ru, www.leparisien.fr XML No description api.popin.cc, images-na.ssl-images-amazon.com, tag.idsync.analytics.yahoo.com SSL A cryptographic protocol providing communication security over the Internet www.bitmex.com, login.microsoftonline.com
Content Delivery Network
A content delivery network or content distribution network (CDN) is a large distributed system of servers deployed in multiple data centers in the Internet. The goal of a CDN is to serve content to end-users with high availability and high performance.
A web search engine is a software that is designed to search for information on the World Wide Web or on a specific site.
A character encoding system consists of a code that pairs each character from a given repertoire with something else such as a bit pattern, sequence of natural numbers, octets, or electrical pulses in order to facilitate the transmission of data (generally numbers or text) through telecommunication networks or for data storage.
HTTP compression is a capability that can be built into web servers and web clients to make better use of available bandwidth, and provide greater transmission speeds between both.
Web Browser Targeting
Web browser targeting enables software applications to make use of specific functions of the browser as well as optimizing the application for specific browser versions.
Technology Description Popular sites using this technology X-Content-Type-Options Browser MIME type sniffing is disabled www.googleadservices.com, disqus.com, gmail.com X-Frame-Options Deny Prevents the web page being embedded in a frame www.t-online.de, www.tumblr.com, www.virustotal.com Strict Transport Security Web security policy mechanism whereby a web server declares that complying user agents are to interact with it using only secure HTTP connections medium.com, accounts.google.com, static.addtoany.com Strict-Transport-Security (preload) No description www.amazon.ca, www.amazon.com, www.amazon.fr X-XSS-Protection Disabled Cross-site scripting protection is disabled www.researchgate.net, www.google.com, www.arco.co.uk
A Document Type Declaration, or DOCTYPE, is an instruction that associates a particular SGML or XML document (for example, a webpage) with a Document Type Definition (DTD).
Cascading Style Sheets (CSS) is a style sheet language used for describing the presentation semantics (the look and formatting) of a document written in a markup language (such as XHTML).