NetWork | ZeroBOX

IP Address	Status	Action
157.240.215.14	Active	Moloch
164.124.101.2	Active	Moloch

Name	Response	Post-Analysis Lookup
static.xx.fbcdn.net	A 157.240.215.14 CNAME scontent.xx.fbcdn.net	31.13.82.7

TCP Requests

UDP Requests

GET 200 https://static.xx.fbcdn.net/rsrc.php/v5/yP/l/0,cross/hdizZSl7vs1pXN_QbzK5g5.css

:	GET /rsrc.php/v5/yP/l/0,cross/hdizZSl7vs1pXN_QbzK5g5.css HTTP/1.1
Accept:	text/css
Accept-Language:	ko-KR
User-Agent:	Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
UA-CPU:	AMD64
Accept-Encoding:	gzip, deflate
Host:	static.xx.fbcdn.net
Connection:	Keep-Alive

:	HTTP/1.1 200 OK
Vary:	Accept-Encoding
Content-Encoding:	gzip
Content-Type:	text/css; charset=utf-8
Access-Control-Allow-Origin:	*
Last-Modified:	Mon, 01 Jan 2001 08
Expires:	Thu, 16 Apr 2026 23
Cache-Control:	public,max-age=31536000,immutable
reporting-endpoints:	permissions_policy="https
timing-allow-origin:	*
document-policy:	force-load-at-top
permissions-policy:	accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
cross-origin-resource-policy:	cross-origin
X-Content-Type-Options:	nosniff
report-to:	{"max_age"
origin-agent-cluster:	?1
content-md5:	arnKq43s5PY+QtcYNASqNg==
X-FB-Debug:	SUHxjklc/MJqYROo/s0mGvnC6MSQh4Z4ymeP+Tam+jcoIJEjY4ad4O3yoChq8GzZ/IbDOw6wx+np3eW3pB3LSQ==
Date:	Thu, 17 Apr 2025 18
X-FB-Connection-Quality:	EXCELLENT; q=0.9, rtt=23, rtx=0, c=14, mss=1392, tbw=3227, tp=-1, tpl=-1, uplat=5, ullat=-1
Alt-Svc:	h3="
Connection:	keep-alive
Content-Length:	221272

GET 200 https://static.xx.fbcdn.net/rsrc.php/v4ikYC4/ye/l/pl_PL/4UJPryDl6vQ.js

:	GET /rsrc.php/v4ikYC4/ye/l/pl_PL/4UJPryDl6vQ.js HTTP/1.1
Accept:	application/javascript, /;q=0.8
Accept-Language:	ko-KR
User-Agent:	Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
UA-CPU:	AMD64
Accept-Encoding:	gzip, deflate
Host:	static.xx.fbcdn.net
Connection:	Keep-Alive

:	HTTP/1.1 200 OK
Vary:	Accept-Encoding
Content-Encoding:	gzip
Content-Type:	application/x-javascript; charset=utf-8
Access-Control-Allow-Origin:	*
Last-Modified:	Mon, 01 Jan 2001 08
Expires:	Fri, 17 Apr 2026 18
Cache-Control:	public,max-age=31536000,immutable
reporting-endpoints:	permissions_policy="https
timing-allow-origin:	*
document-policy:	force-load-at-top
permissions-policy:	accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
cross-origin-resource-policy:	cross-origin
X-Content-Type-Options:	nosniff
report-to:	{"max_age"
x-ua-compatible:	IE=edge
origin-agent-cluster:	?1
content-md5:	b2oF9fIPTtu0XN5qWXlJrQ==
X-FB-Debug:	bSepudfSstxJzc28ZX61l6QqT38jBCWbXoUTbcXBOgP2Ah/DEzbs+/QIDFcDym4fbyJiGoCy0q9+1GRl8nrgGg==
Date:	Thu, 17 Apr 2025 18
X-FB-Connection-Quality:	EXCELLENT; q=0.9, rtt=24, rtx=0, c=14, mss=1392, tbw=3228, tp=-1, tpl=-1, uplat=663, ullat=0
Alt-Svc:	h3="
Connection:	keep-alive
Content-Length:	30497

GET 200 https://static.xx.fbcdn.net/rsrc.php/v4i1hI4/yB/l/pl_PL/iZlynKqupyeJxZpg7m_h7q81-kCxOHvH-jJTXU6VJG0Kqf4IO3ef2VeaNyM5x7xjrVVSiB1Bshw99hbqzKu9tM7F_Y7Xk1cp1ZY2YkxqMpyzfiubWjH6HmqBA3tJbBUoPL58XEhTixJo7zxRE8M1ZFyQWnT9xFtruSNYVw8-m6b_Uv7ObcEfnFd0zmg_Lq0Ssl_q8so13prljcrpG.js

:	GET /rsrc.php/v4i1hI4/yB/l/pl_PL/iZlynKqupyeJxZpg7m_h7q81-kCxOHvH-jJTXU6VJG0Kqf4IO3ef2VeaNyM5x7xjrVVSiB1Bshw99hbqzKu9tM7F_Y7Xk1cp1ZY2YkxqMpyzfiubWjH6HmqBA3tJbBUoPL58XEhTixJo7zxRE8M1ZFyQWnT9xFtruSNYVw8-m6b_Uv7ObcEfnFd0zmg_Lq0Ssl_q8so13prljcrpG.js HTTP/1.1
Accept:	application/javascript, /;q=0.8
Accept-Language:	ko-KR
User-Agent:	Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
UA-CPU:	AMD64
Accept-Encoding:	gzip, deflate
Host:	static.xx.fbcdn.net
Connection:	Keep-Alive

:	HTTP/1.1 200 OK
Vary:	Accept-Encoding
Content-Encoding:	gzip
Content-Type:	application/x-javascript; charset=utf-8
Access-Control-Allow-Origin:	*
Last-Modified:	Mon, 01 Jan 2001 08
Expires:	Fri, 17 Apr 2026 18
Cache-Control:	public,max-age=31536000,immutable
reporting-endpoints:	permissions_policy="https
timing-allow-origin:	*
document-policy:	force-load-at-top
permissions-policy:	accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
cross-origin-resource-policy:	cross-origin
X-Content-Type-Options:	nosniff
report-to:	{"max_age"
x-ua-compatible:	IE=edge
origin-agent-cluster:	?1
content-md5:	CAjBfyQ3jjeCl+C8lW9xgA==
X-FB-Debug:	s0rslqhYImLz/r1ka8rXwkOgsadDAcuh28VIT/cOGt3XnD1pua8WKsFH1H2DytSpvsTu7D9ZLaaT1a90uXFhLA==
Date:	Thu, 17 Apr 2025 18
X-FB-Connection-Quality:	EXCELLENT; q=0.9, rtt=23, rtx=0, c=14, mss=1392, tbw=3229, tp=-1, tpl=-1, uplat=600, ullat=0
Alt-Svc:	h3="
Connection:	keep-alive
Content-Length:	105534

GET 200 https://static.xx.fbcdn.net/rsrc.php/v4i3Z54/y-/l/pl_PL/QI6a6eMB_Rd.js

:	GET /rsrc.php/v4i3Z54/y-/l/pl_PL/QI6a6eMB_Rd.js HTTP/1.1
Accept:	application/javascript, /;q=0.8
Accept-Language:	ko-KR
User-Agent:	Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
UA-CPU:	AMD64
Accept-Encoding:	gzip, deflate
Host:	static.xx.fbcdn.net
Connection:	Keep-Alive

:	HTTP/1.1 200 OK
Vary:	Accept-Encoding
Content-Encoding:	gzip
Content-Type:	application/x-javascript; charset=utf-8
Access-Control-Allow-Origin:	*
Last-Modified:	Mon, 01 Jan 2001 08
Expires:	Fri, 17 Apr 2026 18
Cache-Control:	public,max-age=31536000,immutable
reporting-endpoints:	permissions_policy="https
timing-allow-origin:	*
document-policy:	force-load-at-top
permissions-policy:	accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
cross-origin-resource-policy:	cross-origin
X-Content-Type-Options:	nosniff
report-to:	{"max_age"
x-ua-compatible:	IE=edge
origin-agent-cluster:	?1
content-md5:	5Tvup/j1hDjyJ12CNn4Hzw==
X-FB-Debug:	tGLwY7JWnRO1f5FRlFfFaUX/AP7xXbZ+XF5hcjKuhMdtDOtz4YfmrOdtinLV96DUs55hqO+ZTkjlIS/aFEvukw==
Date:	Thu, 17 Apr 2025 18
X-FB-Connection-Quality:	EXCELLENT; q=0.9, rtt=24, rtx=0, c=14, mss=1392, tbw=3228, tp=-1, tpl=-1, uplat=223, ullat=1
Alt-Svc:	h3="
Connection:	keep-alive
Content-Length:	25340

GET 200 https://static.xx.fbcdn.net/rsrc.php/v4ih9w4/yH/l/pl_PL/u5eNGFq3WhgRnT2Z3dd70t0BUXE7BctrMPOyxLFPsfmEuk8vLtdffcjlUV7BVDeuTY5KnvPi9YnXpZxNQZM-9qQm9FNo6EWfQ8TbUQ5LoxjLorwy1DKBSsTAnxMKEPueP2LsGoiMt_RY_Bx4ZxpRYeCkYXwettdgmkSZ1wuvR42D6xbRi0SBmuDjByG_AXEDxgHlco1Rdzuzi16ygzT1sbQZyoV41jlFha1shB9W520aphfApDHnsYNsuC0kULDczav0pBCHyQAQhgl2OqFfuFZO4v9aC1p55HfXW__mMzi95_wmB-51MKSPKuAkuWtGsXcG4xa-CQ.js

:	GET /rsrc.php/v4ih9w4/yH/l/pl_PL/u5eNGFq3WhgRnT2Z3dd70t0BUXE7BctrMPOyxLFPsfmEuk8vLtdffcjlUV7BVDeuTY5KnvPi9YnXpZxNQZM-9qQm9FNo6EWfQ8TbUQ5LoxjLorwy1DKBSsTAnxMKEPueP2LsGoiMt_RY_Bx4ZxpRYeCkYXwettdgmkSZ1wuvR42D6xbRi0SBmuDjByG_AXEDxgHlco1Rdzuzi16ygzT1sbQZyoV41jlFha1shB9W520aphfApDHnsYNsuC0kULDczav0pBCHyQAQhgl2OqFfuFZO4v9aC1p55HfXW__mMzi95_wmB-51MKSPKuAkuWtGsXcG4xa-CQ.js HTTP/1.1
Accept:	application/javascript, /;q=0.8
Accept-Language:	ko-KR
User-Agent:	Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
UA-CPU:	AMD64
Accept-Encoding:	gzip, deflate
Host:	static.xx.fbcdn.net
Connection:	Keep-Alive

:	HTTP/1.1 200 OK
Vary:	Accept-Encoding
Content-Encoding:	gzip
Content-Type:	application/x-javascript; charset=utf-8
Access-Control-Allow-Origin:	*
Last-Modified:	Mon, 01 Jan 2001 08
Expires:	Fri, 17 Apr 2026 18
Cache-Control:	public,max-age=31536000,immutable
reporting-endpoints:	permissions_policy="https
timing-allow-origin:	*
document-policy:	force-load-at-top
permissions-policy:	accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
cross-origin-resource-policy:	cross-origin
X-Content-Type-Options:	nosniff
report-to:	{"max_age"
x-ua-compatible:	IE=edge
origin-agent-cluster:	?1
content-md5:	RZrH9eXtOXZnXdLtX2jsiw==
X-FB-Debug:	HZR+Kj5yrnvo1KPW/Em58O0L3IsDb+rA9f11XhYT1PfyXLO+APM/am76LKgPMoYUj5d91CFBacfZD6+4nLhaow==
Date:	Thu, 17 Apr 2025 18
X-FB-Connection-Quality:	EXCELLENT; q=0.9, rtt=2, rtx=0, c=11, mss=1392, tbw=145, tp=-1, tpl=-1, uplat=240, ullat=0
Alt-Svc:	h3="
Connection:	keep-alive
Content-Length:	72829

GET 200 https://static.xx.fbcdn.net/rsrc.php/v4/yf/r/1Fs8rBQNSz9.js

:	GET /rsrc.php/v4/yf/r/1Fs8rBQNSz9.js HTTP/1.1
Accept:	application/javascript, /;q=0.8
Accept-Language:	ko-KR
User-Agent:	Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
UA-CPU:	AMD64
Accept-Encoding:	gzip, deflate
Host:	static.xx.fbcdn.net
Connection:	Keep-Alive

:	HTTP/1.1 200 OK
Vary:	Accept-Encoding
Content-Encoding:	gzip
Content-Type:	application/x-javascript; charset=utf-8
Access-Control-Allow-Origin:	*
Last-Modified:	Mon, 01 Jan 2001 08
Expires:	Thu, 16 Apr 2026 21
Cache-Control:	public,max-age=31536000,immutable
reporting-endpoints:	permissions_policy="https
timing-allow-origin:	*
document-policy:	force-load-at-top
permissions-policy:	accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
cross-origin-resource-policy:	cross-origin
X-Content-Type-Options:	nosniff
report-to:	{"max_age"
origin-agent-cluster:	?1
content-md5:	cUEPkjtvX/jlmZJPQcQKTA==
X-FB-Debug:	cVuDxdyzCZijlOfTaoY9QUseePhomF9i+NjbwlWe6yC+e9mOu4MSWYlv2qGmCqEBEIzEE23xCRgNfZi7rM4P1Q==
Date:	Thu, 17 Apr 2025 18
X-FB-Connection-Quality:	EXCELLENT; q=0.9, rtt=5, rtx=0, c=11, mss=1392, tbw=145, tp=-1, tpl=-1, uplat=1, ullat=-1
Alt-Svc:	h3="
Connection:	keep-alive
Content-Length:	75976

GET 200 https://static.xx.fbcdn.net/rsrc.php/v4ii3Z4/yC/l/pl_PL/yosNSWC8z_t.js

:	GET /rsrc.php/v4ii3Z4/yC/l/pl_PL/yosNSWC8z_t.js HTTP/1.1
Accept:	application/javascript, /;q=0.8
Accept-Language:	ko-KR
User-Agent:	Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
UA-CPU:	AMD64
Accept-Encoding:	gzip, deflate
Host:	static.xx.fbcdn.net
Connection:	Keep-Alive

:	HTTP/1.1 200 OK
Vary:	Accept-Encoding
Content-Encoding:	gzip
Content-Type:	application/x-javascript; charset=utf-8
Access-Control-Allow-Origin:	*
Last-Modified:	Mon, 01 Jan 2001 08
Expires:	Fri, 17 Apr 2026 18
Cache-Control:	public,max-age=31536000,immutable
reporting-endpoints:	permissions_policy="https
timing-allow-origin:	*
document-policy:	force-load-at-top
permissions-policy:	accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
cross-origin-resource-policy:	cross-origin
X-Content-Type-Options:	nosniff
report-to:	{"max_age"
x-ua-compatible:	IE=edge
origin-agent-cluster:	?1
content-md5:	oz23sDPMU2C63ex6wqqbZA==
X-FB-Debug:	tnMhM05BeaasCwb1B12I+ZNQushbVAP1hVGPe16xOD2ODEhIYz0K2ymQ6YQyM1IteEPrmhRrSEVCYX8JVf+vDg==
Date:	Thu, 17 Apr 2025 18
X-FB-Connection-Quality:	EXCELLENT; q=0.9, rtt=4, rtx=0, c=11, mss=1392, tbw=145, tp=-1, tpl=-1, uplat=266, ullat=0
Alt-Svc:	h3="
Connection:	keep-alive
Content-Length:	130969

GET 200 https://static.xx.fbcdn.net/rsrc.php/v4ioN94/ys/l/pl_PL/NuW542bho60.js

:	GET /rsrc.php/v4ioN94/ys/l/pl_PL/NuW542bho60.js HTTP/1.1
Accept:	application/javascript, /;q=0.8
Accept-Language:	ko-KR
User-Agent:	Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
UA-CPU:	AMD64
Accept-Encoding:	gzip, deflate
Host:	static.xx.fbcdn.net
Connection:	Keep-Alive

:	HTTP/1.1 200 OK
Vary:	Accept-Encoding
Content-Encoding:	gzip
Content-Type:	application/x-javascript; charset=utf-8
Access-Control-Allow-Origin:	*
Last-Modified:	Mon, 01 Jan 2001 08
Expires:	Fri, 17 Apr 2026 18
Cache-Control:	public,max-age=31536000,immutable
reporting-endpoints:	permissions_policy="https
timing-allow-origin:	*
document-policy:	force-load-at-top
permissions-policy:	accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
cross-origin-resource-policy:	cross-origin
X-Content-Type-Options:	nosniff
report-to:	{"max_age"
x-ua-compatible:	IE=edge
origin-agent-cluster:	?1
content-md5:	sY1/2fkenko6IEo06H1Lvw==
X-FB-Debug:	CDWY0Vmc4cqxovKyURfbmoeP2/sHPuHzTrLPqXSMKf2UmhjJafHxubQqsPrpQeDSeX/A6ut2foAWsQD9vtGcvQ==
Date:	Thu, 17 Apr 2025 18
X-FB-Connection-Quality:	EXCELLENT; q=0.9, rtt=3, rtx=0, c=11, mss=1392, tbw=145, tp=-1, tpl=-1, uplat=261, ullat=0
Alt-Svc:	h3="
Connection:	keep-alive
Content-Length:	183988

GET 200 https://static.xx.fbcdn.net/rsrc.php/v4iiH84/y-/l/pl_PL/gYR6XdR5Jlz.js

:	GET /rsrc.php/v4iiH84/y-/l/pl_PL/gYR6XdR5Jlz.js HTTP/1.1
Accept:	application/javascript, /;q=0.8
Accept-Language:	ko-KR
User-Agent:	Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0)
UA-CPU:	AMD64
Accept-Encoding:	gzip, deflate
Host:	static.xx.fbcdn.net
Connection:	Keep-Alive

:	HTTP/1.1 200 OK
Vary:	Accept-Encoding
Content-Encoding:	gzip
Content-Type:	application/x-javascript; charset=utf-8
Access-Control-Allow-Origin:	*
Last-Modified:	Mon, 01 Jan 2001 08
Expires:	Fri, 17 Apr 2026 18
Cache-Control:	public,max-age=31536000,immutable
reporting-endpoints:	permissions_policy="https
timing-allow-origin:	*
document-policy:	force-load-at-top
permissions-policy:	accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
cross-origin-resource-policy:	cross-origin
X-Content-Type-Options:	nosniff
report-to:	{"max_age"
x-ua-compatible:	IE=edge
origin-agent-cluster:	?1
content-md5:	8nUR6ulVoIeJd0saykdFkg==
X-FB-Debug:	YzfChtwoIDYmyPy3BGX7XV/RhSkGGUCEcKGRYedz+J6IX9sMxbgzCQOdGm3BvHuWSAUen+fe+Of4d52Py+AGnA==
Date:	Thu, 17 Apr 2025 18
X-FB-Connection-Quality:	EXCELLENT; q=0.9, rtt=7, rtx=0, c=11, mss=1392, tbw=145, tp=-1, tpl=-1, uplat=604, ullat=0
Alt-Svc:	h3="
Connection:	keep-alive
Content-Length:	45576

ICMP traffic

No ICMP traffic performed.

IRC traffic

No IRC requests performed.

Suricata Alerts

Flow	SID	Signature	Category
TCP 192.168.56.101:49168 -> 157.240.215.14:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 192.168.56.101:49166 -> 157.240.215.14:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 192.168.56.101:49175 -> 157.240.215.14:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 192.168.56.101:49170 -> 157.240.215.14:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 192.168.56.101:49165 -> 157.240.215.14:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 192.168.56.101:49167 -> 157.240.215.14:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 192.168.56.101:49169 -> 157.240.215.14:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 192.168.56.101:49171 -> 157.240.215.14:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 192.168.56.101:49176 -> 157.240.215.14:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 192.168.56.101:49173 -> 157.240.215.14:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 192.168.56.101:49180 -> 52.239.160.33:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 192.168.56.101:49181 -> 52.239.160.33:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined
TCP 192.168.56.101:49177 -> 157.240.215.14:443	906200054	SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)	undefined

Suricata TLS

Flow	Issuer	Subject	Fingerprint
TLSv1 192.168.56.101:49168 157.240.215.14:443	C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert SHA2 High Assurance Server CA	C=US, ST=California, L=Menlo Park, O=Meta Platforms, Inc., CN=*.facebook.com	16:e8:ac:11:c1:39:9b:a5:c8:88:4c:bf:b3:42:2e:17:41:e5:a9:79
TLSv1 192.168.56.101:49166 157.240.215.14:443	C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert SHA2 High Assurance Server CA	C=US, ST=California, L=Menlo Park, O=Meta Platforms, Inc., CN=*.facebook.com	16:e8:ac:11:c1:39:9b:a5:c8:88:4c:bf:b3:42:2e:17:41:e5:a9:79
TLSv1 192.168.56.101:49175 157.240.215.14:443	None	None	None
TLSv1 192.168.56.101:49170 157.240.215.14:443	C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert SHA2 High Assurance Server CA	C=US, ST=California, L=Menlo Park, O=Meta Platforms, Inc., CN=*.facebook.com	16:e8:ac:11:c1:39:9b:a5:c8:88:4c:bf:b3:42:2e:17:41:e5:a9:79
TLSv1 192.168.56.101:49165 157.240.215.14:443	C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert SHA2 High Assurance Server CA	C=US, ST=California, L=Menlo Park, O=Meta Platforms, Inc., CN=*.facebook.com	16:e8:ac:11:c1:39:9b:a5:c8:88:4c:bf:b3:42:2e:17:41:e5:a9:79
TLSv1 192.168.56.101:49167 157.240.215.14:443	C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert SHA2 High Assurance Server CA	C=US, ST=California, L=Menlo Park, O=Meta Platforms, Inc., CN=*.facebook.com	16:e8:ac:11:c1:39:9b:a5:c8:88:4c:bf:b3:42:2e:17:41:e5:a9:79
TLSv1 192.168.56.101:49169 157.240.215.14:443	C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert SHA2 High Assurance Server CA	C=US, ST=California, L=Menlo Park, O=Meta Platforms, Inc., CN=*.facebook.com	16:e8:ac:11:c1:39:9b:a5:c8:88:4c:bf:b3:42:2e:17:41:e5:a9:79
TLSv1 192.168.56.101:49171 157.240.215.14:443	None	None	None
TLSv1 192.168.56.101:49173 157.240.215.14:443	None	None	None
TLSv1 192.168.56.101:49176 157.240.215.14:443	None	None	None
TLSv1 192.168.56.101:49180 52.239.160.33:443	C=US, O=Microsoft Corporation, CN=Microsoft Azure RSA TLS Issuing CA 03	C=US, ST=WA, L=Redmond, O=Microsoft Corporation, CN=*.web.core.windows.net	22:d9:a8:14:ff:86:7a:4b:f0:95:ea:b0:9f:c1:b5:62:6b:b0:62:a9
TLSv1 192.168.56.101:49181 52.239.160.33:443	C=US, O=Microsoft Corporation, CN=Microsoft Azure RSA TLS Issuing CA 03	C=US, ST=WA, L=Redmond, O=Microsoft Corporation, CN=*.web.core.windows.net	22:d9:a8:14:ff:86:7a:4b:f0:95:ea:b0:9f:c1:b5:62:6b:b0:62:a9
TLSv1 192.168.56.101:49177 157.240.215.14:443	None	None	None

Snort Alerts

No Snort Alerts