indexo.dev

messenger.com

.com toplist crawl

First seen 2026-04-11 · Last seen 2026-05-18 · ok HTTP/1.1 200 1436 ms crawled 2026-05-18

FI · 157.240.205.1 · AS32934 Facebook, Inc.

Reputation 100/100

Classifying

HTML metadata

Title
Messenger
Description
Hang out anytime, anywhere—Messenger makes it easy and fun to stay close to your favorite people
Language
en
Canonical
https://www.messenger.com/
Translations
  • af
  • ar
  • ar-ar
  • bg
  • bn
  • bn-in
  • ca
  • cs
  • cs-cz
  • cy
  • da
  • da-dk
  • de
  • de-de
  • el
  • el-gr
  • en
  • en-gb
  • en-us
  • es
  • es-es
  • es-la
  • eu
  • fi
  • fi-fi
  • fr
  • fr-ca
  • fr-fr
  • he
  • he-il
  • hi
  • hi-in
  • hr
  • hu
  • hu-hu
  • id
  • id-id
  • it
  • it-it
  • ja
  • ja-jp
  • ko
  • ko-kr
  • lt
  • ml
  • ms
  • ms-my
  • nb
  • nb-no
  • nl
  • nl-nl
  • pa
  • pl
  • pl-pl
  • pt
  • pt-br
  • pt-pt
  • ro
  • ro-ro
  • ru
  • ru-ru
  • sk
  • sl
  • sr
  • sr-rs
  • sv
  • sv-se
  • ta
  • te
  • th
  • th-th
  • tl
  • tl-ph
  • tr
  • tr-tr
  • vi
  • vi-vn
  • zh
  • zh-cn
  • zh-hk
  • zh-tw

Open Graph

url
https://www.messenger.com/
title
Messenger
locale
en_US
site name
Facebook
description
Hang out anytime, anywhere - Messenger makes it easy and fun to stay close to your favorite people.

Technology

Third-party hosts loaded (2)

  • static.xx.fbcdn.net×17
  • scontent-hel3-1.xx.fbcdn.net×4

Social

Registration

Registrar
RegistrarSafe, LLC
Created
1998-11-04
Expires
2034-11-03 3090 days left
Updated
2025-11-26
Name servers
  • a.ns.facebook.com
  • b.ns.facebook.com
  • c.ns.facebook.com
  • d.ns.facebook.com

DNS records live

NS
  • a.ns.facebook.com
  • b.ns.facebook.com
  • c.ns.facebook.com
  • d.ns.facebook.com
MX
  • 10 mxa-00082601.gslb.pphosted.com
  • 10 mxb-00082601.gslb.pphosted.com
TXT
Show 5 TXT records
  • 6fd64222-f6ef-4766-87e8-34729703809a
  • google-site-verification=z9mNNADBbsCO2UKMxiu5UFnUz5SvavUmC2Jx-4Lw9RI
  • google-site-verification=f68cxjENokmrbNLEilsjxlPqbiM3lTmXKGLJFg0OHr4
  • fLEQ2Q8vdk4sDU0r7FqRc8XJoe7FYEj3ihT0KxCABfwuAbMel2204jpnNBjV+c1rfY71OeFf/cTMCKZpzJBPPw==
  • MS=ms57472615

Email authentication strong

SPF
v=spf1 redirect=_spf.fb.com
no all qualifier
DMARC
v=DMARC1; p=reject; rua=mailto:a@dmarc.facebookmail.com; pct=100
policy: reject (enforced)
DKIM
no key found at common selectors

Certificate (current)

DigiCert Global G2 TLS RSA SHA256 2020 CA1
from 2026-02-25 to 2026-05-27
Expires in 8 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 75/100 Checked live page: https://www.messenger.com/

present
  • strict-transport-security
  • content-security-policy
  • x-content-type-options
  • permissions-policy
  • cross-origin-opener-policy
  • cross-origin-resource-policy
findings
  • CSP allows unsafe inline scripts/styles
  • CSP uses wildcard sources
  • missing frame protection
  • missing Referrer Policy
Header values
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self';, default-src blob: https://*.fbcdn.net https://*.facebook.com *.fbsbx.com *.messenger.com *.facebook.net *.whatsapp.com *.whatsapp.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'nonce-GKTtmzNo' blob: 'self' connect.facebook.net *.messenger.com 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *.facebook.com *.fbcdn.net *.messenger.com;connect-src http://localhost:3103 *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' *.messenger.com wss://*.messenger.com www.messenger.com wss://*.messenger.com:* https://*.google-analytics.com;font-src *.messenger.com *.facebook.com https://*.fbcdn.net data: https://fonts.gstatic.com;img-src *.fbcdn.net https://*.facebook.com cdninstagram.com *.cdninstagram.com data: *.fbsbx.com *.messenger.com messenger.com blob: android-webview-video-poster:
strict-transport-security
max-age=15552000; preload; includeSubDomains
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
cross-origin-resource-policy
same-origin

Links to (1)

Linked from (50)