![](/screenshots/f8bffdd4-3736-4901-8356-29c4d0245b9c.png)
messengernews.fb.com
Open in
urlscan Pro
2a04:fa87:fffd::c000:42ac
Malicious Activity!
Public Scan
Submission: On June 10 via manual from US — Scanned from DE
Summary
TLS certificate: Issued by DigiCert SHA2 High Assurance Server CA on October 13th 2022. Valid for: a year.
This is the only time messengernews.fb.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Community Verdicts: Suspicious — 1 votes Show Verdicts
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
27 | 2a04:fa87:fff... 2a04:fa87:fffd::c000:42ac | 2635 (AUTOMATTIC) (AUTOMATTIC) | |
1 | 2a00:1450:400... 2a00:1450:4001:809::200a | 15169 (GOOGLE) (GOOGLE) | |
28 | 2 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
27 |
fb.com
messengernews.fb.com |
2 MB |
1 |
googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 422 |
87 KB |
28 | 2 |
Domain | Requested by | |
---|---|---|
27 | messengernews.fb.com |
messengernews.fb.com
|
1 | ajax.googleapis.com |
messengernews.fb.com
|
28 | 2 |
This site contains links to these domains. Also see Links.
Domain |
---|
messenger.com |
www.facebook.com |
www.twitter.com |
www.instagram.com |
wpvip.com |
jetpack.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
messengernews.fb.com DigiCert SHA2 High Assurance Server CA |
2022-10-13 - 2023-10-13 |
a year | crt.sh |
upload.video.google.com GTS CA 1C3 |
2023-05-19 - 2023-08-11 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://messengernews.fb.com/
Frame ID: 0BB767B4FF0A954C8E8D0AAFF52A59DE
Requests: 28 HTTP requests in this frame
Screenshot
![](/screenshots/f8bffdd4-3736-4901-8356-29c4d0245b9c.png)
Page Title
Messenger NewsMagnifying GlassClose search resultsDetected technologies
Detected patterns
- <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
- /wp-(?:content|includes)/
Detected patterns
- /([\d.]+)/jquery(?:\.min)?\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
7 Outgoing links
These are links going to different origins than the main page.
Title: Learn More >
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: Terms
Search URL Search Domain Scan URL
Title: WordPress VIP
Search URL Search Domain Scan URL
Title: Search powered by Jetpack
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
28 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
messengernews.fb.com/ |
41 KB 11 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.min.css
messengernews.fb.com/wp-includes/css/dist/block-library/ |
95 KB 13 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
messengernews.fb.com/_static/ |
15 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
messengernews.fb.com/_static/ |
129 KB 24 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gdprconsent.js
messengernews.fb.com/wp-content/plugins/wp-gdpr-consent/dist/ |
7 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
messengernews.fb.com/_static/ |
37 KB 12 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
i18n.min.js
messengernews.fb.com/wp-includes/js/dist/ |
10 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
i18n-loader.js
messengernews.fb.com/wp-content/mu-plugins/jetpack-12.0/jetpack_vendor/automattic/jetpack-assets/build/ |
6 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo.png
messengernews.fb.com/wp-content/themes/messenger/images/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Header-Image_3784x2128-3.jpg
messengernews.fb.com/wp-content/uploads/2023/02/ |
260 KB 260 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
wp-emoji-release.min.js
messengernews.fb.com/wp-includes/js/ |
18 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
url.min.js
messengernews.fb.com/wp-includes/js/dist/ |
9 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jp-search.js
messengernews.fb.com/wp-content/mu-plugins/jetpack-12.0/jetpack_vendor/automattic/jetpack-search/build/instant-search/ |
7 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.4.1/ |
86 KB 87 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
messengernews.fb.com/_static/ |
10 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Calibre-RWeb-Medium.woff2
messengernews.fb.com/wp-content/themes/messenger/fonts/ |
37 KB 37 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Calibre-RWeb-Semibold.woff2
messengernews.fb.com/wp-content/themes/messenger/fonts/ |
40 KB 40 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Calibre-RWeb-Regular.woff2
messengernews.fb.com/wp-content/themes/messenger/fonts/ |
38 KB 38 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Blog-Header.png
messengernews.fb.com/wp-content/uploads/2023/01/ |
127 KB 128 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Header.png
messengernews.fb.com/wp-content/uploads/2022/12/ |
298 KB 299 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
HalloweenEndsHeader-wide.jpg
messengernews.fb.com/wp-content/uploads/2022/10/ |
134 KB 134 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Community-Chats-Product-Screens.png
messengernews.fb.com/wp-content/uploads/2022/09/ |
234 KB 234 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Hero-Image.png
messengernews.fb.com/wp-content/uploads/2022/08/ |
190 KB 191 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Copy-of-NBD-Newsroom-Header.png
messengernews.fb.com/wp-content/uploads/2022/07/ |
426 KB 427 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Trust-Newsroom-Header-2.png
messengernews.fb.com/wp-content/uploads/2022/06/ |
159 KB 159 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jp-search.defaultVendors.js
messengernews.fb.com/wp-content/mu-plugins/jetpack-12.0/jetpack_vendor/automattic/jetpack-search/build/instant-search/ |
77 KB 24 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jp-search.chunk-main-payload.css
messengernews.fb.com/wp-content/mu-plugins/jetpack-12.0/jetpack_vendor/automattic/jetpack-search/build/instant-search/ |
35 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jp-search.chunk-main-payload.js
messengernews.fb.com/wp-content/mu-plugins/jetpack-12.0/jetpack_vendor/automattic/jetpack-search/build/instant-search/ |
76 KB 19 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Suspicious
page.url
Submitted on
June 10th 2023, 5:02:10 pm
UTC —
From United States
Threats:
Social Engineering
Phishing
Brand Impersonation
Comment: Random message saying I won a contest with dave linked this
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
20 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
boolean| credentialless object| onbeforetoggle object| onscrollend object| _wpemojiSettings object| _domassistevents function| gdprSafeTrack object| runtime object| regeneratorRuntime function| setImmediate function| clearImmediate object| wp function| sprintf function| vsprintf object| JetpackInstantSearchOptions object| webpackChunkjetpack_search object| twemoji function| $ function| jQuery function| multiDownload object| _tkq0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=31536000 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ajax.googleapis.com
messengernews.fb.com
2a00:1450:4001:809::200a
2a04:fa87:fffd::c000:42ac
01c3955df67a9b9d1367957e2c187729eae46b72e92c2b52bdb217b14a8fc874
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
1767a65cf7f2309bd57b6e0a0b05c7333ddb92ff0d59493bf6d26bb2b16ff728
28d7cefcb8d905642b38655f85c9c3ff9ab995b8ccb9e4d4533ff0be0f4df530
3100e13b2694ea010dce378bd46fa64eb1db75be94ba688fe358a4bfc1145e9d
3f1b70b14d0c8dd8034f5ef7ef04849f40cd73e0a9c280209f2a52ae64a8ddcf
4885c8ea530654ecb6223858c1cbe6b8f6e6b849ce2d96dc100ad060b4f7dd39
4bbad81204f81fa97329988781da94698eb8fa2f28405c30ef13980732e7b616
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
55dbc14271e1daf1a3982b2cb682669fb4e84c5a9d7867dc1e3062e3d9165273
57f54248e8f676a56bb492228341e504c4027c3a40a77b18ab30f2eea2953832
69a5d1ac0e718c866a2c332b4df0acd674c42760382e30e01b80fa7d010a436c
69f6d56e33d24949275ee66724125bf9eec2115a91c61c12c840087ba844bfbb
84782c137d482c250bb3097e6d19e726d1342a1e78f8b1c95b014ffbe6829572
8f26b74ee6fdf084129d0b800230fe0632dfcebf9876729f1e190542f3b82806
9dcd2bff97ecc3fc1913255e8dfd5658a2b3d6fcccdd04153a7fd64c490e3062
aca566587618e75fa291a419c7c430be02e03fc72f6105658c1bc8e7d59a65e4
ad43e1b68280cb5a55cca3583b2f021e10768fee8bc76a484acc76808500a4f7
c55bfb56fa68fbac67e48defc78fb47f9b92ddc18f979ce190d125220fb9e701
dc7da615de0c66f49c3a8bca4a608655101779aac58644b569e6515f911b4da7
dd8d9822bf81127dddedc4bbf30bf607247e6d4181579b967a3806f218d78f36
e0021caad6f099209362c5c46c18efdda3fcbd1da53d8600d532a1b155a2e356
e142d4ccca5ae2e68ee7abc7036db3e7d46de225fedf411546f42005b80df660
e3710d28f811ced36052fe7ed9b7376234e682fbc02546b3f67c60727f8c5e9d
e674507b3d67fd2eec3af25030bfcbf509a6d2136fe332d592c52ff10c74da11
e90f7f0534f7f627cac21624014ad9d3084192945f7b11c054d545710240e4df
ec30db6b39ab68781ca798bbdc0adb10cc74c37634fc537481fbcd7d9351fe1f
ff8c877a566c3ecb23fc3f2a2e0619cab119f06b7a96b97402f6f321495d039e