HTTP Headers Analysis for https://facebook.in

SSL Verification Bypassed

The server's SSL certificate could not be verified. The analysis was completed using insecure mode. Data may be less reliable.

Reason:

Hostname Mismatch - certificate is issued for *.facebook.com, *.facebook.net, *.fbcdn.net, *.fbsbx.com, *.m.facebook.com, *.messenger.com, *.xx.fbcdn.net, *.xy.fbcdn.net, *.xz.fbcdn.net, not for facebook.in

Open Cached · 15h ago

26 Headers

Detected Technologies from Headers

See all in URL Inspect 12

Facebook

GIPHY

Google Analytics

Google Conversion Tracking

Google DoubleClick

Google Fonts

Google Search

Google Sign-In

Instagram

Tenor

Trustly

HTTP Security Headers

Status

Strict-Transport-Security

Present

max-age=15552000; preload

Content-Security-Policy

Basic

default-src; script-src; style-src; +11 more Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Excellent

DENY

X-Content-Type-Options

Good

nosniff

Referrer-Policy

Missing

Not configured

Permissions-Policy

Present

accelerometer=(), attribution-reporting=(self), autoplay=(); +45 more

Recommendations

• Increase HSTS max-age to at least 1 year and add includeSubDomains
• Improve CSP by adding more specific directives and removing 'unsafe-inline'
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)

Performance Headers

Connection

Performance

Transfer-Encoding

Performance

chunked

Vary

Performance

Accept-Encoding

connection: close
transfer-encoding: chunked
vary: Accept-Encoding

Caching Headers

Cache-Control

Caching

private, no-cache, no-store, must-revalidate

Expires

Caching

Sat, 01 Jan 2000 00:00:00 GMT

Pragma

Caching

no-cache

cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache

Content Headers

Content-Type

Content

text/html; charset="utf-8"

content-type: text/html; charset="utf-8"

Server Headers

No server headers found

CORS Headers

No CORS headers found

Cookies Headers

Set-Cookie

set-cookie: fr=0IxnF7M8LwgS43zNL..Bp2pLv..AAA.0.0.Bp2pLv.AWeHuDRsgH_OVOfvNmBLjMCRYLE; expires=Fri, 10-Jul-2026 18:29:03 GMT; Max-Age=7776000; path=/; domain=.facebook.com; secure; httponly
sb=75LaaRz6h42xefHPBkKlya1l; expires=Sun, 16-May-2027 18:29:03 GMT; Max-Age=34560000; path=/; domain=.facebook.com; secure; httponly

Other Headers

Accept-Ch

Other

viewport-width,dpr,Sec-CH-Prefers-Color-Scheme,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model

Accept-Ch-Lifetime

Other

4838400

Alt-Svc

Other

h3=":443"; ma=86400

Date

Other

Sat, 11 Apr 2026 18:29:04 GMT

Document-Policy

Other

force-load-at-top, include-js-call-stacks-in-crash-reports

Origin-Agent-Cluster

Other

Report-To

Other

Group coop_report max-age: 4w

Endpoint 1 https://www.facebook.com/browser_reporting/coop/?minimize=0

Group default max-age: 3d

Endpoint 1 https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7627570475698001643&cpp=C3&cv=1037153588&st=1775932143985

Group permissions_policy max-age: 6h

Endpoint 1 https://www.facebook.com/ajax/browser_error_reports/

Reporting-Endpoints

Other

coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7627570475698001643&cpp=C3&cv=1037153588&st=1775932143985", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"

X-Fb-Connection-Quality

Other

UNKNOWN; q=-1, rtt=-1, rtx=0, c=10, mss=1368, tbw=3273, tp=-1, tpl=-1, uplat=285, ullat=0

X-Fb-Debug

Other

Pn7Kmw8usfn2erdTMZJeJ/WucBTmFnPMojKSoSyo3wJLDAKZyrswJD1TV3j+veUBIkBTKltCeRKy7rVwctCEcg==

accept-ch: viewport-width,dpr,Sec-CH-Prefers-Color-Scheme,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model
accept-ch-lifetime: 4838400
alt-svc: h3=":443"; ma=86400
date: Sat, 11 Apr 2026 18:29:04 GMT
document-policy: force-load-at-top, include-js-call-stacks-in-crash-reports
origin-agent-cluster: ?1
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7627570475698001643&cpp=C3&cv=1037153588&st=1775932143985"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7627570475698001643&cpp=C3&cv=1037153588&st=1775932143985", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: UNKNOWN; q=-1, rtt=-1, rtx=0, c=10, mss=1368, tbw=3273, tp=-1, tpl=-1, uplat=285, ullat=0
x-fb-debug: Pn7Kmw8usfn2erdTMZJeJ/WucBTmFnPMojKSoSyo3wJLDAKZyrswJD1TV3j+veUBIkBTKltCeRKy7rVwctCEcg==

Recommendations

Enable compression (gzip/brotli) to improve performance