www.messenger.com
Open in
urlscan Pro
2a03:2880:f02d:e:face:b00c:0:2
Public Scan
Submitted URL: https://lavoripubblici.musvc6.net/e/t?q=0%3dDUAd%26t%3dT%26s%3dXHYEc%26w%3dUAgEVCYB%26N%3dmQ2Ix_OYvU_Zi_KVzX_Uk_OYvU_YnF.rB_ztXw_0...
Effective URL: https://www.messenger.com/login.php?next=https%3A%2F%2Fwww.messenger.com%2Ft%2F270835526271550%2F%3Fmessaging_source%3Dsou...
Submission: On February 13 via api from US — Scanned from DE
Effective URL: https://www.messenger.com/login.php?next=https%3A%2F%2Fwww.messenger.com%2Ft%2F270835526271550%2F%3Fmessaging_source%3Dsou...
Submission: On February 13 via api from US — Scanned from DE
Summary
This website contacted 3 IPs
in 2 countries
across 5 domains to perform 15 HTTP transactions.
The main IP is 2a03:2880:f02d:e:face:b00c:0:2, located in
Frankfurt am Main, Germany and
belongs to FACEBOOK, US.
The main domain is www.messenger.com.
The Cisco Umbrella rank of the primary domain is 12218.
TLS certificate: Issued by DigiCert SHA2 High Assurance Server CA on November 23rd 2022. Valid for: 3 months.
This is the only time www.messenger.com was scanned on urlscan.io!
TLS certificate: Issued by DigiCert SHA2 High Assurance Server CA on November 23rd 2022. Valid for: 3 months.
This is the only time www.messenger.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 1 1 | 54.72.230.31 54.72.230.31 | 16509 (AMAZON-02) (AMAZON-02) | |
| 2 4 | 2a03:2880:f02... 2a03:2880:f02d:e:face:b00c:0:2 | 32934 (FACEBOOK) (FACEBOOK) | |
| 1 2 | 2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de | 32934 (FACEBOOK) (FACEBOOK) | |
| 12 | 2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3 | 32934 (FACEBOOK) (FACEBOOK) | |
| 15 | 3 |
1
54.72.230.31
(Dublin, Ireland)
ASN16509 (AMAZON-02, US)
PTR: ec2-54-72-230-31.eu-west-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-54-72-230-31.eu-west-1.compute.amazonaws.com
| lavoripubblici.musvc6.net |
4
2a03:2880:f02d:e:face:b00c:0:2
(Frankfurt am Main, Germany)
ASN32934 (FACEBOOK, US)
ASN32934 (FACEBOOK, US)
| m.me | |
| www.messenger.com |
2
2a03:2880:f12d:83:face:b00c:0:25de
(Frankfurt am Main, Germany)
ASN32934 (FACEBOOK, US)
ASN32934 (FACEBOOK, US)
| www.facebook.com |
12
2a03:2880:f02d:12:face:b00c:0:3
(Frankfurt am Main, Germany)
ASN32934 (FACEBOOK, US)
ASN32934 (FACEBOOK, US)
| static.xx.fbcdn.net |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 12 |
fbcdn.net
static.xx.fbcdn.net — Cisco Umbrella Rank: 660 |
227 KB |
| 3 |
messenger.com
1 redirects
www.messenger.com — Cisco Umbrella Rank: 12218 |
21 KB |
| 2 |
facebook.com
1 redirects
www.facebook.com — Cisco Umbrella Rank: 98 |
2 KB |
| 1 |
m.me
1 redirects
m.me — Cisco Umbrella Rank: 54367 |
608 B |
| 1 |
musvc6.net
1 redirects
lavoripubblici.musvc6.net |
189 B |
| 15 | 5 |
| Domain | Requested by | |
|---|---|---|
| 12 | static.xx.fbcdn.net |
www.messenger.com
static.xx.fbcdn.net |
| 3 | www.messenger.com |
1 redirects
static.xx.fbcdn.net
|
| 2 | www.facebook.com |
1 redirects
static.xx.fbcdn.net
|
| 1 | m.me | 1 redirects |
| 1 | lavoripubblici.musvc6.net | 1 redirects |
| 15 | 5 |
This site contains links to these domains. Also see Links.
| Domain |
|---|
| www.facebook.com |
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| *.facebook.com DigiCert SHA2 High Assurance Server CA |
2022-11-23 - 2023-02-21 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://www.messenger.com/login.php?next=https%3A%2F%2Fwww.messenger.com%2Ft%2F270835526271550%2F%3Fmessaging_source%3Dsource%253Apages%253Amessage_shortlink%26source_id%3D1441792%26recurring_notification%3D0
Frame ID: 449D84E41B21A4A1DEB632983F602E38
Requests: 15 HTTP requests in this frame
Screenshot
Page Title
MessengerPage URL History Show full URLs
-
https://lavoripubblici.musvc6.net/e/t?q=0%3dDUAd%26t%3dT%26s%3dXHYEc%26w%3dUAgEVCYB%26N%3dmQ2Ix_OYvU_Zi_KVzX_U...
HTTP 301
https://m.me/grafill.editoria.tecnica?utm_source=newsletter&utm_medium=email&utm_campaign... HTTP 302
https://www.facebook.com/msg/270835526271550/?show_interstitial=0&mdotme_uri=https%3A%2F%2Fm.me%2Fgra... HTTP 302
https://www.messenger.com/t/270835526271550/?messaging_source=source%3Apages%3Amessage_shortlink&sourc... HTTP 302
https://www.messenger.com/login.php?next=https%3A%2F%2Fwww.messenger.com%2Ft%2F270835526271550%2F%3Fme... Page URL
Detected technologies
PHP
(Programming Languages)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- \.php(?:$|\?)
Page Statistics
5 Outgoing links
These are links going to different origins than the main page.
URL: https://www.facebook.com/r.php
Title: Nicht auf Facebook?
Title: Nicht auf Facebook?
Search URL Search Domain Scan URL
URL: https://www.facebook.com/login/identify?ctx=recover
Title: Passwort vergessen
Title: Passwort vergessen
Search URL Search Domain Scan URL
URL: https://www.facebook.com/privacy/policy/
Title: Datenschutzrichtlinie
Title: Datenschutzrichtlinie
Search URL Search Domain Scan URL
URL: https://www.facebook.com/legal/terms/
Title: Nutzungsbedingungen
Title: Nutzungsbedingungen
Search URL Search Domain Scan URL
URL: https://www.facebook.com/policies/cookies/
Title: Cookie-Richtlinie
Title: Cookie-Richtlinie
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://lavoripubblici.musvc6.net/e/t?q=0%3dDUAd%26t%3dT%26s%3dXHYEc%26w%3dUAgEVCYB%26N%3dmQ2Ix_OYvU_Zi_KVzX_Uk_OYvU_YnF.rB_ztXw_09lOi9nIt.8iF2HwFi.Mj0vBh8_ztXw_A9zQu_LtRz6j_O8i4fYvU_ZlGjT1EjQ28w_OYvU_YDNyJ_u8iF3F_wxas_8AmFfFt_KVzX_UAR2F_h8uIfFoG_wxas_8AtEuM%26l%3dFzP46A.KmM%26nP%3dAYBf9&mupckp=mupAtu4m8OiX0wt
HTTP 301
https://m.me/grafill.editoria.tecnica?utm_source=newsletter&utm_medium=email&utm_campaign=llpp HTTP 302
https://www.facebook.com/msg/270835526271550/?show_interstitial=0&mdotme_uri=https%3A%2F%2Fm.me%2Fgrafill.editoria.tecnica%3Futm_source%3Dnewsletter%26utm_medium%3Demail%26utm_campaign%3Dllpp&source_id=1441792&handler=m.me&referer HTTP 302
https://www.messenger.com/t/270835526271550/?messaging_source=source%3Apages%3Amessage_shortlink&source_id=1441792&recurring_notification=0 HTTP 302
https://www.messenger.com/login.php?next=https%3A%2F%2Fwww.messenger.com%2Ft%2F270835526271550%2F%3Fmessaging_source%3Dsource%253Apages%253Amessage_shortlink%26source_id%3D1441792%26recurring_notification%3D0 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
15 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H2 |
Primary Request
login.php
www.messenger.com/ Redirect Chain
|
50 KB 18 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
oWLmrQlYddk.css
static.xx.fbcdn.net/rsrc.php/v3/yJ/l/0,cross/ |
25 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
5IY8j2Ul2i6.js
static.xx.fbcdn.net/rsrc.php/v3/yy/r/ |
306 KB 82 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
hlvibnBVrEb.svg
static.xx.fbcdn.net/rsrc.php/yd/r/ |
1 KB 630 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
p55HfXW__mM.js
static.xx.fbcdn.net/rsrc.php/v3/yF/r/ |
507 B 485 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
nrd1pNP4bDH.js
static.xx.fbcdn.net/rsrc.php/v3iN_84/y0/l/de_DE/ |
100 KB 27 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
WIrAD1WdmQs.js
static.xx.fbcdn.net/rsrc.php/v3/yv/r/ |
26 KB 8 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
wPkOlVBOMMz.js
static.xx.fbcdn.net/rsrc.php/v3iwgc4/yj/l/de_DE/ |
252 KB 72 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
/
www.facebook.com/login/async_sso/messenger_dot_com/ |
111 B 537 B |
XHR
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
1y-VVhQm1Cc.js
static.xx.fbcdn.net/rsrc.php/v3/yd/r/ |
26 KB 8 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
C9YZVDJUu1x.js
static.xx.fbcdn.net/rsrc.php/v3i2UN4/yG/l/de_DE/ |
35 KB 11 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
Vq2pGyQkSuG.js
static.xx.fbcdn.net/rsrc.php/v3/y4/r/ |
33 KB 10 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
PQFVgR7hi7-.png
static.xx.fbcdn.net/rsrc.php/v3/y_/r/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
O7nelmd9XSI.png
static.xx.fbcdn.net/rsrc.php/v3/yU/r/ |
95 B 147 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H3 |
bz
www.messenger.com/ajax/ |
0 33 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
68 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
boolean| credentialless object| oncontentvisibilityautostatechange number| _cstart function| envFlush object| Env number| __DEV__ undefined| MAX_CALLS_TO_EXEC function| __annotator function| __bodyWrapper function| __t function| __w function| emptyFunction function| FB_enumerate function| __m object| babelHelpers function| define function| require function| importDefault function| importNamespace function| requireDynamic function| requireLazy object| __onBeforeModuleFactory object| __onAfterModuleFactory function| __d function| $RefreshReg$ function| $RefreshSig$ function| getErrorSafe object| ErrorGuard object| ErrorSerializer object| ErrorUtils function| Arbiter object| JSCC function| $ function| ge object| Parent object| TimeSlice function| goURI object| Bootloader object| PageEvents function| _domcontentready function| onloadRegister_DEPRECATED function| onloadRegister function| onafterloadRegister_DEPRECATED function| onafterloadRegister function| onleaveRegister function| onbeforeunloadRegister function| onunloadRegister function| $E number| __bigPipeFactory string| _script_path object| onloadhooks function| now_inl number| __bigPipeFR number| __bigPipeCtor object| bigPipe function| AsyncRequest object| PageHooks function| _domreadyHook function| _onloadHook function| runHook function| runHooks function| keep_window_set_as_loaded object| onbeforeunloadhooks object| __FB_STORE boolean| domready object| onunloadhooks object| onafterunloadhooks boolean| loaded3 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| .messenger.com/ | Name: sb Value: ILbqY0Lxy0Unr2Imi55s0eya |
|
| .messenger.com/ | Name: _js_datr Value: ILbqYyATdQn5PGwz2KNK6ean |
|
| .messenger.com/ | Name: wd Value: 1600x1200 |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
| Header | Value |
|---|---|
| Content-Security-Policy | default-src data: blob: https://*.fbcdn.net https://*.facebook.com *.fbsbx.com *.messenger.com;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net *.messenger.com;style-src data: blob: 'unsafe-inline' *.facebook.com *.fbcdn.net *.messenger.com;connect-src http://localhost:3103 *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' *.messenger.com wss://*.messenger.com www.messenger.com www.google-analytics.com wss://*.messenger.com:*;font-src *.messenger.com *.facebook.com https://*.fbcdn.net data: *.gstatic.com;img-src *.fbcdn.net https://*.facebook.com cdninstagram.com *.cdninstagram.com *.tenor.co *.tenor.com *.giphy.com data: *.fbsbx.com *.messenger.com messenger.com blob: android-webview-video-poster: *.xx.fbcdn.net https://messenger.com *.oculuscdn.com;media-src *.messenger.com *.facebook.com https://*.fbcdn.net data: *.fbsbx.com *.fbcdn.net *.cdninstagram.com https://*.giphy.com blob:;frame-src *.messenger.com *.facebook.com https://*.fbcdn.net data: *.fbsbx.com *.fbcdn.net *.cdninstagram.com blob: *.doubleclick.net; |
| Strict-Transport-Security | max-age=15552000; preload; includeSubDomains |
| X-Content-Type-Options | nosniff |
| X-Frame-Options | DENY |
| X-Xss-Protection | 0 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
lavoripubblici.musvc6.net
m.me
static.xx.fbcdn.net
www.facebook.com
www.messenger.com
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f02d:e:face:b00c:0:2
2a03:2880:f12d:83:face:b00c:0:25de
54.72.230.31
0442ee226acb166d581a5b44d03f02b3e3f533545cf8e9b99e023ed50eb640ad
260fbeb66875b6936348afe61b469beaf6141aa28977872569305962c8b6f9c2
5906a137658ae63958e7623225deb033c9267e046461a514703593962734a670
5c093aee3c80e278ff7eba012fd549535c71be748e2bf59a2bf5213c63c30443
88c41abedb60acad56cee2056f4769b8e292b91878c363de2ca8210c6c354cf5
96d4e264508293176bc25637ee602610c7f20be218cc71137dd8b0951000e50d
9e57fedb96b3686621bccd5521f43a2037a823c74f062176952890b179b3955b
c0f9968d0fa5f4deff86babccd6df52306138314607a6f3f0acd2e7afc783d1c
cd85d9fd2449056376148c8886f04be913347054a16943973a0c919aa6d94bfd
d38434578d82d4f6524780e503e7a4154824b60a5d84dd6bbb1d4ae28b6ab1af
e1539a421f897ec67672ccbb87b08a54af0f8f74c9057a278cb0421948d691ba
e1b5845d3d5325fa6db301bc8c2d4b0a309d2f91b7f05aa56879678b88cee86e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f5b73e5ec38216ba5caaa5382f8bbcdc3584e4d3a231ee7e079f9f17d4ad3087
ffbec86563693ba2d2e85281e7b804604b133884e859078d6cb612b7b2ea90b7