Home

whatsapp.com

Scanned: 10:16:10+0000 on 11 October 2024

{
  "time": 1728641769.16099,
  "raw_target": "whatsapp.com",
  "has_contact": true,
  "target": "whatsapp.com",
  "scan_type": "domain",
  "message": "whatsapp.com",
  "domain_details": {
    "a_records": [
      "157.240.22.53"
    ],
    "cname_records": [],
    "txt_records": [
      "google-site-verification=MXbDGih8wW-64G5maXGw8iIkFbH7iv_vLobZd-kxdNo",
      "bFwlY7J2JzFYHw5qkQFcBD6EOr9JL4VBpYSXSk3p8lA",
      "adobe-idp-site-verification=a0d9793b-fc40-430b-9ab4-d3c75e4dcfba",
      "v=spf1 include:_spf.fb.com include:_spf.google.com include:facebookmail.com -all",
      "Ghm7XCdpYQEendZNsepA80OBAhbN9sfITvUxiy9FNdOGBxeAQICCmLbuXm23hNaysns+wZ6GskJWMtWD1/Ha9Q==",
      "MS=ms22994725",
      "dropbox-domain-verification=lfq0o9x85s8s",
      "b42e0aa4-9d21-4a73-a111-fba236f1a835"
    ],
    "time": 0,
    "dns_resolve_time": 1728641769.5125747
  },
  "dnssecuritytxt": {
    "security_contact": null,
    "security_policy": null,
    "matching_domain": null
  },
  "port": 443,
  "certificate": {
    "issuer": "/C=US/O=DigiCert Inc/OU=www.digicert.com/CN=DigiCert SHA2 High Assurance Server CA",
    "notAfter": "2024-10-18 23:59:59 UTC",
    "notBefore": "2024-07-20 00:00:00 UTC",
    "serialNumber": 3245386883978697556843374503938766081,
    "subject": "/C=US/ST=California/L=Menlo Park/O=Meta Platforms, Inc./CN=*.whatsapp.net",
    "authorityKeyIdentifier": [
      "51:68:FF:90:AF:02:07:75:3C:CC:D9:65:64:62:A2:12:B8:59:72:3B"
    ],
    "subjectKeyIdentifier": [
      "D3:96:05:96:9A:CC:CB:5D:76:54:BB:62:65:39:9D:A2:AA:90:7F:8E"
    ],
    "subjectAltName": {
      "DNS": [
        "*.whatsapp.net",
        "*.cdn.whatsapp.net",
        "*.snr.whatsapp.net",
        "*.whatsapp.com",
        "wa.me",
        "whatsapp.com",
        "whatsapp.net"
      ]
    },
    "certificatePolicies": [
      "Policy: 2.23.140.1.2.2",
      "CPS: http://www.digicert.com/CPS"
    ],
    "keyUsage": [
      "Digital Signature, Key Agreement"
    ],
    "extendedKeyUsage": [
      "TLS Web Server Authentication, TLS Web Client Authentication"
    ],
    "crlDistributionPoints": [
      "Full Name:",
      {
        "URI": "http://crl3.digicert.com/sha2-ha-server-g6.crl"
      },
      {
        "URI": "http://crl4.digicert.com/sha2-ha-server-g6.crl"
      }
    ],
    "authorityInfoAccess": [
      {
        "OCSP - URI": "http://ocsp.digicert.com"
      },
      {
        "CA Issuers - URI": "http://cacerts.digicert.com/DigiCertSHA2HighAssuranceServerCA.crt"
      }
    ],
    "basicConstraints": [
      "CA:FALSE"
    ],
    "ct_precert_scts": [
      "Signed Certificate Timestamp:",
      "Version   : v1 (0x0)",
      "Log ID    : EE:CD:D0:64:D5:DB:1A:CE:C5:5C:B7:9D:B4:CD:13:A2:",
      "32:87:46:7C:BC:EC:DE:C3:51:48:59:46:71:1F:B5:9B",
      "Timestamp : Jul 20 00:17:48.457 2024 GMT",
      "Extensions: none",
      "Signature : ecdsa-with-SHA256",
      "30:44:02:20:19:A8:25:E3:4A:13:45:A5:D4:68:D2:39:",
      "7D:8C:3E:3A:92:64:5A:0C:56:16:BA:2F:71:B7:4F:66:",
      "0F:33:BF:98:02:20:7B:D0:9D:14:F9:D5:01:F9:9E:55:",
      "63:B2:AA:65:D2:D5:56:56:45:D2:41:40:34:92:67:ED:",
      "09:2D:F0:9F:19:56",
      "Log ID    : DA:B6:BF:6B:3F:B5:B6:22:9F:9B:C2:BB:5C:6B:E8:70:",
      "91:71:6C:BB:51:84:85:34:BD:A4:3D:30:48:D7:FB:AB",
      "Timestamp : Jul 20 00:17:48.504 2024 GMT",
      "30:45:02:20:33:41:8D:FC:11:52:84:04:F6:2D:30:52:",
      "83:3B:F5:7B:A8:A6:41:98:4A:08:2C:BD:A2:B9:0D:1B:",
      "74:BF:1A:F0:02:21:00:86:B6:87:5D:BB:CB:3D:4B:55:",
      "E2:A7:06:57:8D:2E:8D:83:33:80:F3:E7:E9:BD:86:2B:",
      "E3:63:04:F5:7C:9F:CF",
      "Log ID    : 76:FF:88:3F:0A:B6:FB:95:51:C2:61:CC:F5:87:BA:34:",
      "B4:A4:CD:BB:29:DC:68:42:0A:9F:E6:67:4C:5A:3A:74",
      "Timestamp : Jul 20 00:17:48.513 2024 GMT",
      "30:46:02:21:00:9C:BA:CC:46:68:9B:74:9A:C6:D3:C3:",
      "18:B8:25:02:ED:AB:C3:65:EE:11:D4:E8:C3:DB:E4:0C:",
      "C3:C7:10:E2:8E:02:21:00:9F:5A:D7:63:B1:EC:F7:2F:",
      "4D:E8:8B:1C:5F:BA:B4:63:B5:3A:D6:38:9A:24:C8:F0:",
      "9C:66:33:70:92:A3:B2:B2"
    ]
  },
  "http_security_txt": {
    "url": "https://whatsapp.com/.well-known/security.txt",
    "status_code": 200,
    "has_contact": true,
    "valid_https": true,
    "valid_content_type": true,
    "full_text": "Contact: https://www.facebook.com/whitehat/report/\nAcknowledgments: https://bugbounty.meta.com/leaderboard/\nHiring: https://www.metacareers.com/areas-of-work/security/\n\n# Found a bug? Our bug bounty policy:\nPolicy: https://bugbounty.meta.com/\n\n# What we do when we find a bug in another product:\nPolicy: https://about.meta.com/security/vulnerability-disclosure-policy\n\nExpires: Sun, 10 Nov 2024 02:16:10 -0800",
    "min_text": "Contact: https://www.facebook.com/whitehat/report/\nAcknowledgements: https://bugbounty.meta.com/leaderboard/\nHiring: https://www.metacareers.com/areas-of-work/security/\nPolicy: https://bugbounty.meta.com/\nPolicy: https://about.meta.com/security/vulnerability-disclosure-policy\nExpires: Sun, 10 Nov 2024 02:16:10 -0800\n",
    "items": {
      "Acknowledgements": [
        "https://bugbounty.meta.com/leaderboard/"
      ],
      "Canonical": [],
      "Contact": [
        "https://www.facebook.com/whitehat/report/"
      ],
      "Encryption": [],
      "Preferred-Languages": "",
      "Expires": "Sun, 10 Nov 2024 02:16:10 -0800",
      "Hiring": [
        "https://www.metacareers.com/areas-of-work/security/"
      ],
      "Policy": [
        "https://bugbounty.meta.com/",
        "https://about.meta.com/security/vulnerability-disclosure-policy"
      ]
    },
    "headers": {
      "vary": "Accept-Encoding",
      "content-encoding": "br",
      "content-type": "text/plain;charset=utf-8",
      "reporting-endpoints": "coop_report=\"https://www.facebook.com/browser_reporting/coop/?minimize=0\", coep_report=\"https://www.facebook.com/browser_reporting/coep/?minimize=0\", default=\"https://www.whatsapp.com/whatsapp_browser_error_reports/?device_level=unknown&brsid=7424459870104393984\", permissions_policy=\"https://www.whatsapp.com/whatsapp_browser_error_reports/\"",
      "report-to": "{\"max_age\":2592000,\"endpoints\":[{\"url\":\"https:\\/\\/www.facebook.com\\/browser_reporting\\/coop\\/?minimize=0\"}],\"group\":\"coop_report\",\"include_subdomains\":true}, {\"max_age\":86400,\"endpoints\":[{\"url\":\"https:\\/\\/www.facebook.com\\/browser_reporting\\/coep\\/?minimize=0\"}],\"group\":\"coep_report\"}, {\"max_age\":259200,\"endpoints\":[{\"url\":\"https:\\/\\/www.whatsapp.com\\/whatsapp_browser_error_reports\\/?device_level=unknown&brsid=7424459870104393984\"}]}, {\"max_age\":21600,\"endpoints\":[{\"url\":\"https:\\/\\/www.whatsapp.com\\/whatsapp_browser_error_reports\\/\"}],\"group\":\"permissions_policy\"}",
      "content-security-policy": "default-src 'self' data: blob:;script-src *.whatsapp.com *.whatsapp.net *.facebook.com *.facebook.net 'unsafe-inline' 'self' data: blob: *.twitter.com;style-src *.whatsapp.com *.whatsapp.net 'unsafe-inline' *.facebook.com 'self' data: blob:;connect-src *.whatsapp.com *.whatsapp.net wss://*.facebook.com:* *.fbcdn.net 'self' data: blob:;font-src *.whatsapp.com *.whatsapp.net *.facebook.com static.xx.fbcdn.net data: https://fonts.gstatic.com;img-src *.whatsapp.com *.whatsapp.net *.facebook.com *.fbcdn.net static.xx.fbcdn.net 'self' data: blob: *.ytimg.com *.twitter.com;media-src *.fbcdn.net 'self' data: blob:;frame-src *.facebook.com *.whatsapp.com 'self' data: blob: https://*.youtube.com *.youtube-nocookie.com *.twitter.com;block-all-mixed-content;upgrade-insecure-requests;",
      "document-policy": "force-load-at-top",
      "permissions-policy": "accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to=\"permissions_policy\"",
      "cross-origin-resource-policy": "same-origin",
      "cross-origin-embedder-policy-report-only": "require-corp;report-to=\"coep_report\"",
      "cross-origin-opener-policy": "same-origin-allow-popups",
      "pragma": "no-cache",
      "cache-control": "private, no-cache, no-store, must-revalidate",
      "expires": "Sat, 01 Jan 2000 00:00:00 GMT",
      "x-content-type-options": "nosniff",
      "x-xss-protection": "0",
      "x-frame-options": "DENY",
      "origin-agent-cluster": "?1",
      "strict-transport-security": "max-age=31536000; preload; includeSubDomains",
      "x-fb-debug": "nd34a1qxzpcQsWTau5PfF6gHKYbHhECgnuPPkvSFJH3s0sF1MzG9zOaHNNi9k7wE+JHMFV0gqrJIBgcBtGhBmw==",
      "date": "Fri, 11 Oct 2024 10:16:10 GMT",
      "x-fb-connection-quality": "EXCELLENT; q=0.9, rtt=18, rtx=0, c=16, mss=1380, tbw=3466, tp=-1, tpl=-1, uplat=101, ullat=0",
      "alt-svc": "h3=\":443\"; ma=86400"
    },
    "http_version": "HTTP/2",
    "redirects": [
      {
        "type": "200",
        "val": "https://whatsapp.com/.well-known/security.txt",
        "https": true,
        "http_version": "HTTP/2"
      }
    ],
    "type": "https_well-known"
  },
  "rank": 24
}

dnssecuritytxt (DNS)

You can find out more about dnssecuritytxt here.

No DNS records found

security.txt (HTTP)

You can find out more about security.txt here or by looking up RFC 9116.

Status: 200

Scheme: https

URL: https://whatsapp.com/.well-known/security.txt (HTTP/2)

Has a contact: Yes

Contacts:

Policy:

Minimal version:

Contact: https://www.facebook.com/whitehat/report/
Acknowledgements: https://bugbounty.meta.com/leaderboard/
Hiring: https://www.metacareers.com/areas-of-work/security/
Policy: https://bugbounty.meta.com/
Policy: https://about.meta.com/security/vulnerability-disclosure-policy
Expires: Sun, 10 Nov 2024 02:16:10 -0800

Full version:

Contact: https://www.facebook.com/whitehat/report/
Acknowledgments: https://bugbounty.meta.com/leaderboard/
Hiring: https://www.metacareers.com/areas-of-work/security/

# Found a bug? Our bug bounty policy:
Policy: https://bugbounty.meta.com/

# What we do when we find a bug in another product:
Policy: https://about.meta.com/security/vulnerability-disclosure-policy

Expires: Sun, 10 Nov 2024 02:16:10 -0800

Updated at: 10:16:10+0000 on 11 October 2024