Facebook hellocdn.html?v=1 browser popup. Not a virus.

tl;dr Not a virus. Its popup from Facebook Messenger application to ping the CDN.

-----

I noticed that from time to time, especially when my left comp is idle overnight, I'll have these blank pages opened in my browser window the next day.

https://fbcdn-creative-a.akamaihd.net/hads-ak-prn1/hellocdn.html?v=1

My first thought was like... gosh, is there's malware on my comp? Then I started to inspect my comp.

First Question. Is the CDN address valid?

Did a search on the list of CDN addresses and found this stackoverflow page. Seems like its "fbcdn-creative-a.akamaihd.net" is one of the Facebook CDN. Furthermore, akamaihd.net is a reliable CDN provider.

Next Question. If the CDN address is valid, could it be that Facebook CDN got compromised?

So I inspect the page elements, and resources (js files).


Seems like pretty OK, the URL that the script call is actually defined in the "result_endpoint " variable.
// hardcode the return url var result_endpoint = "https://www.facebook.com/hellocdn/results";

More Google Searches

According to nerdanswer and reddit, seems like there are others who faced this issue as well. As few of them confirmed that its caused by Facebook Messenger application.

I've also found a couple of suspicious post that tells visitors that this is caused by virus, and suggest them to install some other "antivirus" to remove the "virus".
Well, you shouldn't trust any antivirus other than Microsoft Security Essentials (MSE). Any maybe AVG, and Norton. But I would recommend MSE, for various reasons.


Conclusion

So all good!

Hope this helps!


Comments

Popular posts from this blog

225019099301.apps.googleusercontent.com

Backup MySQL to Azure Storage in 30 Seconds

Generate GoDaddy SSL Certificate (.crt) for Azure Websites (.pfx)