CONTINUOUS INTERNET TELEMETRY24H DRIFT2,490 material changesacross 2,262 domains · -908 vs yesterdayDNS DRIFT16 domains changed DNS providertop destination cloudflare.com · -11 vs yesterdayEMAIL DRIFT5 domains switched email providertop destination google.com · -1 vs yesterdayCERT DRIFT5 domains switched issuing CA24h · -2 vs yesterdayNOW3,325 curated domains not answering-6,393 vs yesterdayERRORS10,915 responded with an errorlast probe · 5xx / 404 / 429 / 40324H DRIFT2,490 material changesacross 2,262 domains · -908 vs yesterdayDNS DRIFT16 domains changed DNS providertop destination cloudflare.com · -11 vs yesterdayEMAIL DRIFT5 domains switched email providertop destination google.com · -1 vs yesterdayCERT DRIFT5 domains switched issuing CA24h · -2 vs yesterdayNOW3,325 curated domains not answering-6,393 vs yesterdayERRORS10,915 responded with an errorlast probe · 5xx / 404 / 429 / 403

fb.com

Observed 2026-07-13T21:01:20.602Z (2h ago). Every field below was attested with an Ed25519 signature at scan time.

Up right now
Runs onCloudflare
Email byProofpoint
Also usesDocuSignGoogle Search ConsoleAtlassian
IPv6 · 7 subdomains · tranco_1k
Every line above is a signed observation. Check the math at the bottom of the page.
INFRASTRUCTURE MAPwhat fb.com actually stands on - every host below is a signed observation
fb.com
A / AAAA
57.144.104.12a03:2880:f32b:9:face:b00c:0:25de
Cloudflareserves the site
NS
d.ns.facebook.comc.ns.facebook.coma.ns.facebook.comb.ns.facebook.com
facebook.comanswers its DNS
MX
mxb-00082601.gslb.pphosted.commxa-00082601.gslb.pphosted.com
Proofpointreceives its email

HTTPS probe

redirect Redirecting (3xx) 301 → https://www.facebook.com/
HTTP status301
Servercloudflare
TLS protocolHTTP/3
TLS issuernot observed
Behind Cloudflareyes
Response time190 ms
DNS resolutionNOERROR
Redirect chain
https://www.facebook.com/

Every field above is part of the same signed observation as the records below. Blank means not observed, never "none".

DNS Records

A 1

  • 57.144.104.1

AAAA 1

  • 2a03:2880:f32b:9:face:b00c:0:25de

MX 2

  • 10mxb-00082601.gslb.pphosted.com
  • 10mxa-00082601.gslb.pphosted.com

TXT 15

  • MS=ms56927146
  • smartsheet-site-validation=r-TtxwzdAh2KN_Zi6mTLGu02fz-9vQU4
  • mentimeter-8599dcd1-e0da-4326-882e-7570e7c942fb
  • parkable-domain-verification=N89SxXel0S4pUXDFVpckFmXIO9MUvN4Or0bO_Lcb8Os=
  • docusign=ad7f789d-eff1-4283-9d90-fdc9484527e1
  • v=spf1 redirect=_spf.fb.com
  • smartsheet-site-validation=sB5xgx-1nsnQCgORYUhnyDG3Jr739OxJ
  • G3X1k1XGYGra1nUpTv7Rdk2wAEFHfkKIr9/4/6+Nu67Ks9cR8xaiqAZPPhis9lGD6mb/+9vygIr4QKXIpxIc7w==
  • google-site-verification=Dsycvk_Ky3uQjdvuPrI_Z6A98lWghNTntdS4LuATOj8
  • 586957ce-d11e-4efa-9fe5-a887498bf838

NS 4

  • d.ns.facebook.com
  • c.ns.facebook.com
  • a.ns.facebook.com
  • b.ns.facebook.com

SOA 1

  • a.ns.facebook.com dns.facebook.com

TLS Certificates (0)

None.

Subdomains (7)

The proof

Signed at scan time. Check the math yourself. Every line above is part of one signed observation. Re-hash it and check the Ed25519 signature in your own browser; nothing leaves your machine.

Verify this receipt

Put the receipt on your own site. A live badge showing what DomainDrift observes and signs for fb.com. It updates itself. It attests a signed observation - not that the site is safe.

DomainDrift signed-observation badge for fb.com <a href="https://domaindrift.io/t/fb.com"> <img src="https://domaindrift.io/badge/fb.com.svg" width="300" height="64" alt="DomainDrift signed observations for fb.com"> </a>

Ed25519 Receipt

Receipt ID
0fc5a26e-a174-4ee4-8d1e-ee33bb12e8fd
Output Hash
2ac23c65d4182daec00d5b22e729cc75e321a773e2d92b9c60f1b5b4d5f75224
Signature
ed25519:28c4e81fe1dd9be53dcd8add15c1bbfcc52a3eb35c7716501a36623ea2ef41f881e4043e67a87a89e80407b84022b3707192fac55ce2689508596ea10ed0870d
Public Key
ed25519:d610d74ef18f683e5beb859d241d5e67dff0c122e8928b06bec1c2476f4ba27b
Parent
(genesis)
Plane
fast
Verify this in your browser