Report - enforcementtoolviralmasters.vercel.app/get

Report Overview

Visited public
2025-04-09 12:30:14
Tags
meta facebook phishing social
URL
enforcementtoolviralmasters.vercel.app/get_help
Finishing URL
enforcementtoolviralmasters.vercel.app/zL20vMDFjcjI4entry=ttu&g_ep=EgoyMDI1MDM
IP / ASN
216.198.79.65
#16509 AMAZON-02
Title
Meta for Business - Page Appeal
Phishing - Facebook

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
enforcementtoolviralmasters.vercel.app	unknown	2020-01-28	2025-04-08	2025-04-08	9.9 kB	1.7 MB	216.198.79.65
ajax.googleapis.com	12905	2005-01-25	2012-05-22	2025-04-09	455 B	88 kB	142.250.74.170
api.db-ip.com	98326	2010-05-18	2017-01-30	2025-04-09	478 B	1.2 kB	104.26.4.15

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

Scan Date	Severity	Indicator	Alert
2025-04-09	medium	enforcementtoolviralmasters.vercel.app/zL20vMDFjcjI4entry=ttu&g_ep=EgoyMDI1MDM	Facebook, Inc.

PhishTank

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2025-04-09	medium	enforcementtoolviralmasters.vercel.app	Sinkholed
2025-04-09	medium	enforcementtoolviralmasters.vercel.app	Sinkholed
2025-04-09	medium	enforcementtoolviralmasters.vercel.app	Sinkholed
2025-04-09	medium	enforcementtoolviralmasters.vercel.app	Sinkholed
2025-04-09	medium	enforcementtoolviralmasters.vercel.app	Sinkholed
2025-04-09	medium	enforcementtoolviralmasters.vercel.app	Sinkholed
2025-04-09	medium	enforcementtoolviralmasters.vercel.app	Sinkholed
2025-04-09	medium	enforcementtoolviralmasters.vercel.app	Sinkholed
2025-04-09	medium	enforcementtoolviralmasters.vercel.app	Sinkholed
2025-04-09	medium	enforcementtoolviralmasters.vercel.app	Sinkholed
2025-04-09	medium	enforcementtoolviralmasters.vercel.app	Sinkholed
2025-04-09	medium	enforcementtoolviralmasters.vercel.app	Sinkholed
2025-04-09	medium	enforcementtoolviralmasters.vercel.app	Sinkholed
2025-04-09	medium	enforcementtoolviralmasters.vercel.app	Sinkholed
2025-04-09	medium	enforcementtoolviralmasters.vercel.app	Sinkholed
2025-04-09	medium	enforcementtoolviralmasters.vercel.app	Sinkholed
2025-04-09	medium	enforcementtoolviralmasters.vercel.app	Sinkholed
2025-04-09	medium	enforcementtoolviralmasters.vercel.app	Sinkholed
2025-04-09	medium	enforcementtoolviralmasters.vercel.app	Sinkholed

ThreatFox

No alerts detected

JavaScript (5)

	URL	From	Size	First Seen	Last Seen
	enforcementtoolviralmasters.vercel.app/get_help	ScriptElement	177 B	2025-03-28	2025-04-29
Pretty URL enforcementtoolviralmasters.vercel.app/get_help IP 216.198.79.65 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2025-03-28 12:28 Last Seen2025-04-29 17:26 Times Seen918 Hash 1426b08955cc54f972cc01011ed7e147 29c617703c88f7b3d2f29af082d9ccab0ad52e6c 092a102bc27f5339095800f59ad09efb571d2417312107b50b46059bf33b892f Loading...

	ajax.googleapis.com/ajax/libs/jquery/3.7.1/jquery.min.js	ScriptElement	88 kB	2023-08-31	2025-06-24
Pretty URL ajax.googleapis.com/ajax/libs/jquery/3.7.1/jquery.min.js IP 142.250.74.170 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-08-31 16:03 Last Seen2025-06-24 05:32 Times Seen41117 Hash 2c872dbe60f4ba70fb85356113d8b35e ee48592d1fff952fcf06ce0b666ed4785493afdc fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a Loading...

	enforcementtoolviralmasters.vercel.app/zL20vMDFjcjI4entry=ttu&g_ep=EgoyMDI1MDM	ScriptElement	152 kB	2024-02-15	2025-06-23
Pretty URL enforcementtoolviralmasters.vercel.app/zL20vMDFjcjI4entry=ttu&g_ep=EgoyMDI1MDM IP 216.198.79.65 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2024-02-15 03:47 Last Seen2025-06-23 23:32 Times Seen12219 Hash 246cdd9342d6df668fd36e314d7a3ffd e7f22a012295f5927074845f8556da9e50390261 6e9718d5fbecd8e2f158db327e1e58f2b865bec456b59f058c0b8c65a91ac0b6 Loading...

	enforcementtoolviralmasters.vercel.app/zL20vMDFjcjI4entry=ttu&g_ep=EgoyMDI1MDM	ScriptElement	2.3 kB	2024-02-15	2025-06-23
Pretty URL enforcementtoolviralmasters.vercel.app/zL20vMDFjcjI4entry=ttu&g_ep=EgoyMDI1MDM IP 216.198.79.65 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2024-02-15 03:47 Last Seen2025-06-23 13:18 Times Seen12155 Hash 3edd31c7a0371af06d714ca479808dee eaf11285d3b5593d666da6837d6c834f5614f61a 32e343a3d26ddd039f4f95587ced16ab59e263fab366741ffbd04cc3a9a11bff Loading...

	enforcementtoolviralmasters.vercel.app/zL20vMDFjcjI4entry=ttu&g_ep=EgoyMDI1MDM	ScriptElement	25 kB	2025-04-07	2025-06-02
Pretty URL enforcementtoolviralmasters.vercel.app/zL20vMDFjcjI4entry=ttu&g_ep=EgoyMDI1MDM IP 216.198.79.65 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2025-04-07 12:02 Last Seen2025-06-02 15:27 Times Seen1191 Hash 4e2f342e5ba972a6ee72b3723a935b95 09467364fe990269c21254e255102cfda9ed164b cbe2509e92db86c8d46fbc26dd42a396f9954e6c9a99cb2f59c3d7458adc0b04 Loading...

HTTP Transactions (21)

URL IP Response Size

GET enforcementtoolviralmasters.vercel.app/img/Mate.mp4

216.198.79.65

206 Partial Content

292 kB

URL GET
enforcementtoolviralmasters.vercel.app/img/Mate.mp4
IP
216.198.79.65:443
ASN
#16509 AMAZON-02

Requested by
https://enforcementtoolviralmasters.vercel.app/get_help
Certificate
IssuerLet's Encrypt
Subject*.vercel.app
FingerprintBE:C5:64:F3:9D:84:B9:A2:9B:BE:C2:3B:DE:FE:C6:32:27:4D:3E:60
ValidityMon, 17 Feb 2025 17:02:07 GMT - Sun, 18 May 2025 17:02:06 GMT

File type
ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]
Size
292 kB (292266 bytes)
Hash
10b6a79b6905a100feb12b61fed435b8
0cc399458bb86e12ebcc7f81a34d7d18d4200d21
2fb6e516e0120a67c26d56cfc201f81f88eee2cd5df9bb5019fc79af6b5650a4

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Facebook
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /img/Mate.mp4 HTTP/1.1
Host: enforcementtoolviralmasters.vercel.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://enforcementtoolviralmasters.vercel.app/get_help
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 206 Partial Content
accept-ranges: bytes
access-control-allow-origin: *
age: 64398
cache-control: public, max-age=0, must-revalidate
content-disposition: inline; filename="Mate.mp4"
content-range: bytes 0-292265/292266
content-type: video/mp4
date: Wed, 09 Apr 2025 12:29:52 GMT
etag: "10b6a79b6905a100feb12b61fed435b8"
last-modified: Tue, 08 Apr 2025 18:36:34 GMT
server: Vercel
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-vercel-cache: HIT
x-vercel-id: arn1::j9s2j-1744201792778-a456fe957be5
content-length: 292266
X-Firefox-Spdy: h2

GET enforcementtoolviralmasters.vercel.app/img/save_img.png

216.198.79.65

200 OK

7.6 kB

URL GET
enforcementtoolviralmasters.vercel.app/img/save_img.png
IP
216.198.79.65:443
ASN
#16509 AMAZON-02

Requested by
https://enforcementtoolviralmasters.vercel.app/zL20vMDFjcjI4entry=ttu&g_ep=EgoyMDI1MDM
Certificate
IssuerLet's Encrypt
Subject*.vercel.app
FingerprintBE:C5:64:F3:9D:84:B9:A2:9B:BE:C2:3B:DE:FE:C6:32:27:4D:3E:60
ValidityMon, 17 Feb 2025 17:02:07 GMT - Sun, 18 May 2025 17:02:06 GMT

File type
PNG image data, 120 x 120, 8-bit colormap, non-interlaced
Size
7.6 kB (7550 bytes)
Hash
8d3bcd1278891fc1e52d38e72549b3d0
af1ab86b5a3993c468c3be9c59a8ed3d9091454d
8fc3f44a189200b47c93a90ad8dffe40fcdeda8a718e62bb4baf98f00d536e97

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Facebook
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /img/save_img.png HTTP/1.1
Host: enforcementtoolviralmasters.vercel.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://enforcementtoolviralmasters.vercel.app/zL20vMDFjcjI4entry=ttu&g_ep=EgoyMDI1MDM
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
age: 64397
cache-control: public, max-age=0, must-revalidate
content-disposition: inline; filename="save_img.png"
content-type: image/png
date: Wed, 09 Apr 2025 12:29:57 GMT
etag: "8d3bcd1278891fc1e52d38e72549b3d0"
last-modified: Tue, 08 Apr 2025 18:36:39 GMT
server: Vercel
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-vercel-cache: HIT
x-vercel-id: arn1::8rq75-1744201797856-6a0cafad1068
content-length: 7550
X-Firefox-Spdy: h2

GET enforcementtoolviralmasters.vercel.app/img/dir.png

216.198.79.65

200 OK

5.1 kB

URL GET
enforcementtoolviralmasters.vercel.app/img/dir.png
IP
216.198.79.65:443
ASN
#16509 AMAZON-02

Requested by
https://enforcementtoolviralmasters.vercel.app/zL20vMDFjcjI4entry=ttu&g_ep=EgoyMDI1MDM
Certificate
IssuerLet's Encrypt
Subject*.vercel.app
FingerprintBE:C5:64:F3:9D:84:B9:A2:9B:BE:C2:3B:DE:FE:C6:32:27:4D:3E:60
ValidityMon, 17 Feb 2025 17:02:07 GMT - Sun, 18 May 2025 17:02:06 GMT

File type
PNG image data, 120 x 120, 8-bit colormap, non-interlaced
Size
5.1 kB (5071 bytes)
Hash
aef2b30f6701ba271c07e3e26ffc416e
71cb73ec54a5fc973ccd4f4127b6716f6370709f
60a4bddc93553f14c2dfef0299fa5f3ad0e4005f7b8054e34db89b8afe6a0f2f

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Facebook
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /img/dir.png HTTP/1.1
Host: enforcementtoolviralmasters.vercel.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://enforcementtoolviralmasters.vercel.app/zL20vMDFjcjI4entry=ttu&g_ep=EgoyMDI1MDM
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
age: 64397
cache-control: public, max-age=0, must-revalidate
content-disposition: inline; filename="dir.png"
content-type: image/png
date: Wed, 09 Apr 2025 12:29:57 GMT
etag: "aef2b30f6701ba271c07e3e26ffc416e"
last-modified: Tue, 08 Apr 2025 18:36:40 GMT
server: Vercel
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-vercel-cache: HIT
x-vercel-id: arn1::cjfhf-1744201797874-6a0233073187
content-length: 5071
X-Firefox-Spdy: h2

GET enforcementtoolviralmasters.vercel.app/zL20vMDFjcjI4entry=ttu&g_ep=EgoyMDI1MDM.html

216.198.79.65

308 Permanent Redirect

258 kB

URL User Request GET
enforcementtoolviralmasters.vercel.app/zL20vMDFjcjI4entry=ttu&g_ep=EgoyMDI1MDM.html
IP
216.198.79.65:443
ASN
#16509 AMAZON-02

Certificate
IssuerLet's Encrypt
Subject*.vercel.app
FingerprintBE:C5:64:F3:9D:84:B9:A2:9B:BE:C2:3B:DE:FE:C6:32:27:4D:3E:60
ValidityMon, 17 Feb 2025 17:02:07 GMT - Sun, 18 May 2025 17:02:06 GMT

File type
HTML document, ASCII text, with very long lines (617)
Size
258 kB (257699 bytes)
Hash
2a1f9010840d648d8b229f7d57a3e07c
1f59810467058fabd0757331391b8f3e031ffee3
e7b8c37611caaf7496592203790a42e5b2ca63e5c5c5c8b031e7e60e3d56f458

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Facebook
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /zL20vMDFjcjI4entry=ttu&g_ep=EgoyMDI1MDM.html HTTP/1.1
Host: enforcementtoolviralmasters.vercel.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://enforcementtoolviralmasters.vercel.app/get_help
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 308 Permanent Redirect
cache-control: public, max-age=0, must-revalidate
content-type: text/html
date: Wed, 09 Apr 2025 12:29:57 GMT
location: /zL20vMDFjcjI4entry=ttu&g_ep=EgoyMDI1MDM
refresh: 0;url=/zL20vMDFjcjI4entry=ttu&g_ep=EgoyMDI1MDM
server: Vercel
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-vercel-id: arn1::86djd-1744201797718-cfcf5ee87712
X-Firefox-Spdy: h2

GET enforcementtoolviralmasters.vercel.app/img/meta-logo-grey.png

216.198.79.65

200 OK

106 kB

URL GET
enforcementtoolviralmasters.vercel.app/img/meta-logo-grey.png
IP
216.198.79.65:443
ASN
#16509 AMAZON-02

Requested by
https://enforcementtoolviralmasters.vercel.app/zL20vMDFjcjI4entry=ttu&g_ep=EgoyMDI1MDM
Certificate
IssuerLet's Encrypt
Subject*.vercel.app
FingerprintBE:C5:64:F3:9D:84:B9:A2:9B:BE:C2:3B:DE:FE:C6:32:27:4D:3E:60
ValidityMon, 17 Feb 2025 17:02:07 GMT - Sun, 18 May 2025 17:02:06 GMT

File type
PNG image data, 900 x 240, 8-bit/color RGBA, non-interlaced
Size
106 kB (105511 bytes)
Hash
ffba640622dd859d554ee43a03d53769
c91a100db7bfc04df9a5f3223d5b6f17536bf5ee
139d38d0fbfed2fd9f2b782af9b3eb08005b9bc75faaa31fe29720cc64bcab0f

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Facebook
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /img/meta-logo-grey.png HTTP/1.1
Host: enforcementtoolviralmasters.vercel.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://enforcementtoolviralmasters.vercel.app/zL20vMDFjcjI4entry=ttu&g_ep=EgoyMDI1MDM
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
age: 64397
cache-control: public, max-age=0, must-revalidate
content-disposition: inline; filename="meta-logo-grey.png"
content-type: image/png
date: Wed, 09 Apr 2025 12:29:57 GMT
etag: "ffba640622dd859d554ee43a03d53769"
last-modified: Tue, 08 Apr 2025 18:36:40 GMT
server: Vercel
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-vercel-cache: HIT
x-vercel-id: arn1::8rq75-1744201797862-4e2c0b53bc9f
content-length: 105511
X-Firefox-Spdy: h2

GET enforcementtoolviralmasters.vercel.app/img/2FA.jpg

216.198.79.65

200 OK

78 kB

URL GET
enforcementtoolviralmasters.vercel.app/img/2FA.jpg
IP
216.198.79.65:443
ASN
#16509 AMAZON-02

Requested by
https://enforcementtoolviralmasters.vercel.app/zL20vMDFjcjI4entry=ttu&g_ep=EgoyMDI1MDM
Certificate
IssuerLet's Encrypt
Subject*.vercel.app
FingerprintBE:C5:64:F3:9D:84:B9:A2:9B:BE:C2:3B:DE:FE:C6:32:27:4D:3E:60
ValidityMon, 17 Feb 2025 17:02:07 GMT - Sun, 18 May 2025 17:02:06 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 1125x492, components 3
Size
78 kB (77602 bytes)
Hash
a2f3ff38b408f1f70fb3aa3e90cc2838
c5671c4cce99ab6698f8ae429431536cb834e4cb
f1cc8240ad4779817a01aeba612a7b91c1f78c75fb84b4a768e5dee6ea6b3ed1

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Facebook
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /img/2FA.jpg HTTP/1.1
Host: enforcementtoolviralmasters.vercel.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://enforcementtoolviralmasters.vercel.app/zL20vMDFjcjI4entry=ttu&g_ep=EgoyMDI1MDM
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
age: 64397
cache-control: public, max-age=0, must-revalidate
content-disposition: inline; filename="2FA.jpg"
content-type: image/jpeg
date: Wed, 09 Apr 2025 12:29:57 GMT
etag: "a2f3ff38b408f1f70fb3aa3e90cc2838"
last-modified: Tue, 08 Apr 2025 18:36:40 GMT
server: Vercel
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-vercel-cache: HIT
x-vercel-id: arn1::8rq75-1744201797865-1aabca86390f
content-length: 77602
X-Firefox-Spdy: h2

GET enforcementtoolviralmasters.vercel.app/img/fb_round_logo.png

216.198.79.65

200 OK

43 kB

URL GET
enforcementtoolviralmasters.vercel.app/img/fb_round_logo.png
IP
216.198.79.65:443
ASN
#16509 AMAZON-02

Requested by
https://enforcementtoolviralmasters.vercel.app/zL20vMDFjcjI4entry=ttu&g_ep=EgoyMDI1MDM
Certificate
IssuerLet's Encrypt
Subject*.vercel.app
FingerprintBE:C5:64:F3:9D:84:B9:A2:9B:BE:C2:3B:DE:FE:C6:32:27:4D:3E:60
ValidityMon, 17 Feb 2025 17:02:07 GMT - Sun, 18 May 2025 17:02:06 GMT

File type
PNG image data, 1200 x 1200, 8-bit/color RGBA, non-interlaced
Size
43 kB (42676 bytes)
Hash
81bb5cf1e451109cf0b1868b2152914b
b70017639afc079394be1ea8625f7c4beb44d617
676c83478e410d324fe56aca428d3305505732c648667b22e15c8222117c75e6

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Facebook
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /img/fb_round_logo.png HTTP/1.1
Host: enforcementtoolviralmasters.vercel.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://enforcementtoolviralmasters.vercel.app/zL20vMDFjcjI4entry=ttu&g_ep=EgoyMDI1MDM
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
age: 64397
cache-control: public, max-age=0, must-revalidate
content-disposition: inline; filename="fb_round_logo.png"
content-type: image/png
date: Wed, 09 Apr 2025 12:29:57 GMT
etag: "81bb5cf1e451109cf0b1868b2152914b"
last-modified: Tue, 08 Apr 2025 18:36:40 GMT
server: Vercel
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-vercel-cache: HIT
x-vercel-id: arn1::wm4pb-1744201797865-8012621736b8
content-length: 42676
X-Firefox-Spdy: h2

GET enforcementtoolviralmasters.vercel.app/ico.ico

216.198.79.65

200 OK

5.4 kB

URL GET
enforcementtoolviralmasters.vercel.app/ico.ico
IP
216.198.79.65:443
ASN
#16509 AMAZON-02

Requested by
https://enforcementtoolviralmasters.vercel.app/zL20vMDFjcjI4entry=ttu&g_ep=EgoyMDI1MDM
Certificate
IssuerLet's Encrypt
Subject*.vercel.app
FingerprintBE:C5:64:F3:9D:84:B9:A2:9B:BE:C2:3B:DE:FE:C6:32:27:4D:3E:60
ValidityMon, 17 Feb 2025 17:02:07 GMT - Sun, 18 May 2025 17:02:06 GMT

File type
MS Windows icon resource - 2 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel
Size
5.4 kB (5430 bytes)
Hash
6701a4ba0b931af579be35b93631da04
c8161484acccdd0cae1cd6484f56942cb7ffd7dc
ce8a22ece441cfd0f09fb0359b8d683fed0e66f8bec0bbc067a8257c95b05fd8

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Facebook
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /ico.ico HTTP/1.1
Host: enforcementtoolviralmasters.vercel.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://enforcementtoolviralmasters.vercel.app/zL20vMDFjcjI4entry=ttu&g_ep=EgoyMDI1MDM
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
age: 64397
cache-control: public, max-age=0, must-revalidate
content-disposition: inline; filename="ico.ico"
content-encoding: br
content-type: image/vnd.microsoft.icon
date: Wed, 09 Apr 2025 12:29:58 GMT
etag: W/"6701a4ba0b931af579be35b93631da04"
last-modified: Tue, 08 Apr 2025 18:36:40 GMT
server: Vercel
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-vercel-cache: HIT
x-vercel-id: arn1::86djd-1744201798461-3b9e49af4204
X-Firefox-Spdy: h2

GET enforcementtoolviralmasters.vercel.app/zL20vMDFjcjI4entry=ttu&g_ep=EgoyMDI1MDM

216.198.79.65

200 OK

258 kB

URL User Request GET
enforcementtoolviralmasters.vercel.app/zL20vMDFjcjI4entry=ttu&g_ep=EgoyMDI1MDM
IP
216.198.79.65:443
ASN
#16509 AMAZON-02

Certificate
IssuerLet's Encrypt
Subject*.vercel.app
FingerprintBE:C5:64:F3:9D:84:B9:A2:9B:BE:C2:3B:DE:FE:C6:32:27:4D:3E:60
ValidityMon, 17 Feb 2025 17:02:07 GMT - Sun, 18 May 2025 17:02:06 GMT

File type
HTML document, ASCII text, with very long lines (617)
Size
258 kB (257699 bytes)
Hash
2a1f9010840d648d8b229f7d57a3e07c
1f59810467058fabd0757331391b8f3e031ffee3
e7b8c37611caaf7496592203790a42e5b2ca63e5c5c5c8b031e7e60e3d56f458

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Facebook
OpenPhish	phishing	Facebook, Inc.
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /zL20vMDFjcjI4entry=ttu&g_ep=EgoyMDI1MDM HTTP/1.1
Host: enforcementtoolviralmasters.vercel.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://enforcementtoolviralmasters.vercel.app/get_help
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
age: 64398
cache-control: public, max-age=0, must-revalidate
content-disposition: inline; filename="zL20vMDFjcjI4entry=ttu&g_ep=EgoyMDI1MDM"
content-encoding: br
content-type: text/html; charset=utf-8
date: Wed, 09 Apr 2025 12:29:57 GMT
etag: W/"2a1f9010840d648d8b229f7d57a3e07c"
last-modified: Tue, 08 Apr 2025 18:36:39 GMT
server: Vercel
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-vercel-cache: HIT
x-vercel-id: arn1::86djd-1744201797744-47b246612e77
X-Firefox-Spdy: h2

GET enforcementtoolviralmasters.vercel.app/styles/bootstrap.min.css

216.198.79.65

200 OK

186 kB

URL GET
enforcementtoolviralmasters.vercel.app/styles/bootstrap.min.css
IP
216.198.79.65:443
ASN
#16509 AMAZON-02

Requested by
https://enforcementtoolviralmasters.vercel.app/zL20vMDFjcjI4entry=ttu&g_ep=EgoyMDI1MDM
Certificate
IssuerLet's Encrypt
Subject*.vercel.app
FingerprintBE:C5:64:F3:9D:84:B9:A2:9B:BE:C2:3B:DE:FE:C6:32:27:4D:3E:60
ValidityMon, 17 Feb 2025 17:02:07 GMT - Sun, 18 May 2025 17:02:06 GMT

File type
Unicode text, UTF-8 text, with very long lines (334)
Size
186 kB (185717 bytes)
Hash
6636c2dab79c70d2af7ee3ac42212655
feb8913114476bee87f055089baa9333760b74c9
1f0b3550fd4a1380d991b3d2ef78a91ca45b8caef07a142a401df48d114aaeb8

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Facebook
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /styles/bootstrap.min.css HTTP/1.1
Host: enforcementtoolviralmasters.vercel.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://enforcementtoolviralmasters.vercel.app/zL20vMDFjcjI4entry=ttu&g_ep=EgoyMDI1MDM
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
age: 64398
cache-control: public, max-age=0, must-revalidate
content-disposition: inline; filename="bootstrap.min.css"
content-encoding: br
content-type: text/css; charset=utf-8
date: Wed, 09 Apr 2025 12:29:57 GMT
etag: W/"6636c2dab79c70d2af7ee3ac42212655"
last-modified: Tue, 08 Apr 2025 18:36:39 GMT
server: Vercel
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-vercel-cache: HIT
x-vercel-id: arn1::wm4pb-1744201797848-199ee9991051
X-Firefox-Spdy: h2

GET enforcementtoolviralmasters.vercel.app/img/phone.png

216.198.79.65

200 OK

255 kB

URL GET
enforcementtoolviralmasters.vercel.app/img/phone.png
IP
216.198.79.65:443
ASN
#16509 AMAZON-02

Requested by
https://enforcementtoolviralmasters.vercel.app/zL20vMDFjcjI4entry=ttu&g_ep=EgoyMDI1MDM
Certificate
IssuerLet's Encrypt
Subject*.vercel.app
FingerprintBE:C5:64:F3:9D:84:B9:A2:9B:BE:C2:3B:DE:FE:C6:32:27:4D:3E:60
ValidityMon, 17 Feb 2025 17:02:07 GMT - Sun, 18 May 2025 17:02:06 GMT

File type
PNG image data, 640 x 280, 8-bit/color RGBA, non-interlaced
Size
255 kB (255341 bytes)
Hash
3c18a93313e72ab9967152a4e92aa238
74671591dd7cc381c6ec6de1137b83c0e2f4d7ec
fbc7addde1cd6057bd59c03941fcf38a6ac17dd90312d142ebd7520891c3656e

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Facebook
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /img/phone.png HTTP/1.1
Host: enforcementtoolviralmasters.vercel.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://enforcementtoolviralmasters.vercel.app/zL20vMDFjcjI4entry=ttu&g_ep=EgoyMDI1MDM
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
age: 64397
cache-control: public, max-age=0, must-revalidate
content-disposition: inline; filename="phone.png"
content-type: image/png
date: Wed, 09 Apr 2025 12:29:57 GMT
etag: "3c18a93313e72ab9967152a4e92aa238"
last-modified: Tue, 08 Apr 2025 18:36:40 GMT
server: Vercel
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-vercel-cache: HIT
x-vercel-id: arn1::cjfhf-1744201797866-bf0886f4b63c
content-length: 255341
X-Firefox-Spdy: h2

GET enforcementtoolviralmasters.vercel.app/get_help

216.198.79.65

200 OK

958 B

URL User Request GET
enforcementtoolviralmasters.vercel.app/get_help
IP
216.198.79.65:443
ASN
#16509 AMAZON-02

Certificate
IssuerLet's Encrypt
Subject*.vercel.app
FingerprintBE:C5:64:F3:9D:84:B9:A2:9B:BE:C2:3B:DE:FE:C6:32:27:4D:3E:60
ValidityMon, 17 Feb 2025 17:02:07 GMT - Sun, 18 May 2025 17:02:06 GMT

File type
HTML document, ASCII text
Size
958 B (958 bytes)
Hash
765142f7e44972f6cbf7722faf0280e8
5f4a4b94c94773dfcabad97db41a7f0f9d215583
b9fab72302b37382b7575835483140389e181bacf46c932005897a07c56e39de

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Facebook
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /get_help HTTP/1.1
Host: enforcementtoolviralmasters.vercel.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
age: 64398
cache-control: public, max-age=0, must-revalidate
content-disposition: inline; filename="get_help"
content-type: text/html; charset=utf-8
date: Wed, 09 Apr 2025 12:29:52 GMT
etag: "765142f7e44972f6cbf7722faf0280e8"
last-modified: Tue, 08 Apr 2025 18:36:33 GMT
server: Vercel
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-vercel-cache: HIT
x-vercel-id: arn1::82vhk-1744201792479-298757b1ba84
content-length: 958
X-Firefox-Spdy: h2

GET ajax.googleapis.com/ajax/libs/jquery/3.7.1/jquery.min.js

142.250.74.170

200 OK

88 kB

URL GET
ajax.googleapis.com/ajax/libs/jquery/3.7.1/jquery.min.js
IP
142.250.74.170:443
ASN
#15169 GOOGLE

Requested by
https://enforcementtoolviralmasters.vercel.app/zL20vMDFjcjI4entry=ttu&g_ep=EgoyMDI1MDM
Certificate
IssuerGoogle Trust Services
Subjectupload.video.google.com
Fingerprint3C:2E:67:30:A6:95:F3:D3:61:49:AB:AC:BC:D1:CF:77:3E:33:8F:B7
ValidityThu, 20 Mar 2025 11:19:46 GMT - Thu, 12 Jun 2025 11:19:45 GMT

File type
JavaScript source, ASCII text, with very long lines (65447)
Size
88 kB (87533 bytes)
Hash
2c872dbe60f4ba70fb85356113d8b35e
ee48592d1fff952fcf06ce0b666ed4785493afdc
fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a

HTTP Headers

GET /ajax/libs/jquery/3.7.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://enforcementtoolviralmasters.vercel.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30462
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 06 Apr 2025 14:36:43 GMT
expires: Mon, 06 Apr 2026 14:36:43 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 12 Sep 2023 02:38:22 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 251595
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET enforcementtoolviralmasters.vercel.app/img/doc.png

216.198.79.65

200 OK

5.7 kB

URL GET
enforcementtoolviralmasters.vercel.app/img/doc.png
IP
216.198.79.65:443
ASN
#16509 AMAZON-02

Requested by
https://enforcementtoolviralmasters.vercel.app/zL20vMDFjcjI4entry=ttu&g_ep=EgoyMDI1MDM
Certificate
IssuerLet's Encrypt
Subject*.vercel.app
FingerprintBE:C5:64:F3:9D:84:B9:A2:9B:BE:C2:3B:DE:FE:C6:32:27:4D:3E:60
ValidityMon, 17 Feb 2025 17:02:07 GMT - Sun, 18 May 2025 17:02:06 GMT

File type
PNG image data, 60 x 60, 8-bit/color RGBA, non-interlaced
Size
5.7 kB (5723 bytes)
Hash
95382a6dab40d5911185a921c53e6f6b
4229cb577571111d747021988aac9dd6cd50634f
e341d9055288dfcd7dd5facab6c915f6b7bcffbf80f8b48468c7275b8cada069

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Facebook
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /img/doc.png HTTP/1.1
Host: enforcementtoolviralmasters.vercel.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://enforcementtoolviralmasters.vercel.app/zL20vMDFjcjI4entry=ttu&g_ep=EgoyMDI1MDM
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
age: 64397
cache-control: public, max-age=0, must-revalidate
content-disposition: inline; filename="doc.png"
content-type: image/png
date: Wed, 09 Apr 2025 12:29:57 GMT
etag: "95382a6dab40d5911185a921c53e6f6b"
last-modified: Tue, 08 Apr 2025 18:36:40 GMT
server: Vercel
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-vercel-cache: HIT
x-vercel-id: arn1::wm4pb-1744201797857-457b450247bc
content-length: 5723
X-Firefox-Spdy: h2

GET enforcementtoolviralmasters.vercel.app/img/block_2.png

216.198.79.65

200 OK

19 kB

URL GET
enforcementtoolviralmasters.vercel.app/img/block_2.png
IP
216.198.79.65:443
ASN
#16509 AMAZON-02

Requested by
https://enforcementtoolviralmasters.vercel.app/zL20vMDFjcjI4entry=ttu&g_ep=EgoyMDI1MDM
Certificate
IssuerLet's Encrypt
Subject*.vercel.app
FingerprintBE:C5:64:F3:9D:84:B9:A2:9B:BE:C2:3B:DE:FE:C6:32:27:4D:3E:60
ValidityMon, 17 Feb 2025 17:02:07 GMT - Sun, 18 May 2025 17:02:06 GMT

File type
PNG image data, 100 x 101, 8-bit/color RGBA, non-interlaced
Size
19 kB (18787 bytes)
Hash
8942e3ff39cd6784c7c89bd6eb26d604
b03e96fa075ba36fc3d6729fb312f0a59c2a023a
9b7c1670777cc38a18fc6b98443b40036fde8de97cdba6087e2a31a1de9e748b

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Facebook
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /img/block_2.png HTTP/1.1
Host: enforcementtoolviralmasters.vercel.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://enforcementtoolviralmasters.vercel.app/zL20vMDFjcjI4entry=ttu&g_ep=EgoyMDI1MDM
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
age: 64398
cache-control: public, max-age=0, must-revalidate
content-disposition: inline; filename="block_2.png"
content-type: image/png
date: Wed, 09 Apr 2025 12:29:57 GMT
etag: "8942e3ff39cd6784c7c89bd6eb26d604"
last-modified: Tue, 08 Apr 2025 18:36:39 GMT
server: Vercel
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-vercel-cache: HIT
x-vercel-id: arn1::5lds5-1744201797854-8b09a524f7dd
content-length: 18787
X-Firefox-Spdy: h2

GET enforcementtoolviralmasters.vercel.app/img/no_avatar.png

216.198.79.65

200 OK

6.0 kB

URL GET
enforcementtoolviralmasters.vercel.app/img/no_avatar.png
IP
216.198.79.65:443
ASN
#16509 AMAZON-02

Requested by
https://enforcementtoolviralmasters.vercel.app/zL20vMDFjcjI4entry=ttu&g_ep=EgoyMDI1MDM
Certificate
IssuerLet's Encrypt
Subject*.vercel.app
FingerprintBE:C5:64:F3:9D:84:B9:A2:9B:BE:C2:3B:DE:FE:C6:32:27:4D:3E:60
ValidityMon, 17 Feb 2025 17:02:07 GMT - Sun, 18 May 2025 17:02:06 GMT

File type
PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced
Size
6.0 kB (6043 bytes)
Hash
d5d30f28ca92743610c956684a424b7e
fd4a7207b724254d981a4ed4c7f675fd87868535
4b842e25c6be485fd7f06b745ac91db2b6e9eee778c5442b157be78d51f83563

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Facebook
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /img/no_avatar.png HTTP/1.1
Host: enforcementtoolviralmasters.vercel.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://enforcementtoolviralmasters.vercel.app/zL20vMDFjcjI4entry=ttu&g_ep=EgoyMDI1MDM
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
age: 64397
cache-control: public, max-age=0, must-revalidate
content-disposition: inline; filename="no_avatar.png"
content-type: image/png
date: Wed, 09 Apr 2025 12:29:57 GMT
etag: "d5d30f28ca92743610c956684a424b7e"
last-modified: Tue, 08 Apr 2025 18:36:40 GMT
server: Vercel
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-vercel-cache: HIT
x-vercel-id: arn1::cjfhf-1744201797878-72b619a588d7
content-length: 6043
X-Firefox-Spdy: h2

GET api.db-ip.com/v2/free/self/

104.26.4.15

200 OK

208 B

URL GET
api.db-ip.com/v2/free/self/
IP
104.26.4.15:443
ASN
#13335 CLOUDFLARENET

Requested by
https://enforcementtoolviralmasters.vercel.app/zL20vMDFjcjI4entry=ttu&g_ep=EgoyMDI1MDM
Certificate
IssuerGoogle Trust Services
Subjectdb-ip.com
Fingerprint79:4B:DC:3A:2A:59:B1:0B:64:8F:19:0F:C3:DC:4F:C5:11:D7:0C:9D
ValidityThu, 06 Mar 2025 00:04:30 GMT - Wed, 04 Jun 2025 01:04:13 GMT

File type
JSON text data
Size
208 B (208 bytes)
Hash
b3cbea51f9a9fcaf6275e88da822e6aa
b9740712e7a8e51a3cfa95a11c75c671644c5ab2
9976a8ae9b1a43de4fb568b400d7026c135c71935aa1041418252b0882ba41ff

HTTP Headers

GET /v2/free/self/ HTTP/1.1
Host: api.db-ip.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://enforcementtoolviralmasters.vercel.app/
Origin: https://enforcementtoolviralmasters.vercel.app
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 09 Apr 2025 12:29:58 GMT
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=1800
x-iplb-request-id: A29EDE0A:C664_93878F2E:0050_67F66846_7313FB95:5647
x-iplb-instance: 54033
cf-cache-status: EXPIRED
last-modified: Wed, 09 Apr 2025 12:29:58 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eUo4q5j4CJdu5nFJ%2BI0mhJyz6iCB%2FSZyjkcGAOJd8focmIYSat6LWZPPe471J5J225hwnOex%2Fzb0o9jzsVW2S9OvWau%2FSiAYwx72plNJ1mlFj6iop%2B52d31wxtQRmqY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 92da03577d40b51d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=6108&min_rtt=521&rtt_var=11217&sent=8&recv=11&lost=0&retrans=0&sent_bytes=3197&recv_bytes=1112&delivery_rate=7387755&cwnd=254&unsent_bytes=0&cid=b0cac51d2c37d5b7&ts=103&x=0"
X-Firefox-Spdy: h2

GET enforcementtoolviralmasters.vercel.app/favicon.ico

216.198.79.65

404 Not Found

79 B

URL GET
enforcementtoolviralmasters.vercel.app/favicon.ico
IP
216.198.79.65:443
ASN
#16509 AMAZON-02

Requested by
https://enforcementtoolviralmasters.vercel.app/get_help
Certificate
IssuerLet's Encrypt
Subject*.vercel.app
FingerprintBE:C5:64:F3:9D:84:B9:A2:9B:BE:C2:3B:DE:FE:C6:32:27:4D:3E:60
ValidityMon, 17 Feb 2025 17:02:07 GMT - Sun, 18 May 2025 17:02:06 GMT

File type
ASCII text
Size
79 B (79 bytes)
Hash
0c81afde8c01c592b74dcdd8c2453f7c
c323c783d8a8f051f560092768849cd1d4e9d08b
901e815bc3549963fa6f0f314b1aae3df65ec17f94cf519d784d85c754905842

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Facebook
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: enforcementtoolviralmasters.vercel.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://enforcementtoolviralmasters.vercel.app/get_help
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
cache-control: public, max-age=0, must-revalidate
content-type: text/plain; charset=utf-8
date: Wed, 09 Apr 2025 12:29:52 GMT
server: Vercel
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-vercel-error: NOT_FOUND
x-vercel-id: arn1::82vhk-1744201792850-65247b8961d7
content-length: 79
X-Firefox-Spdy: h2

GET enforcementtoolviralmasters.vercel.app/styles/style.css

216.198.79.65

200 OK

11 kB

URL GET
enforcementtoolviralmasters.vercel.app/styles/style.css
IP
216.198.79.65:443
ASN
#16509 AMAZON-02

Requested by
https://enforcementtoolviralmasters.vercel.app/zL20vMDFjcjI4entry=ttu&g_ep=EgoyMDI1MDM
Certificate
IssuerLet's Encrypt
Subject*.vercel.app
FingerprintBE:C5:64:F3:9D:84:B9:A2:9B:BE:C2:3B:DE:FE:C6:32:27:4D:3E:60
ValidityMon, 17 Feb 2025 17:02:07 GMT - Sun, 18 May 2025 17:02:06 GMT

File type
ASCII text
Size
11 kB (11187 bytes)
Hash
9dd123d5bb618882e83735464220c16c
da72f3782ad06e7d5a32ae6cc65ca84acb21d97e
65fb9255c6f3d8b705549d8701f2be7625b0f89cdb10dd9b32809b9cfa2b2427

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Facebook
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /styles/style.css HTTP/1.1
Host: enforcementtoolviralmasters.vercel.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://enforcementtoolviralmasters.vercel.app/zL20vMDFjcjI4entry=ttu&g_ep=EgoyMDI1MDM
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
age: 64398
cache-control: public, max-age=0, must-revalidate
content-disposition: inline; filename="style.css"
content-encoding: br
content-type: text/css; charset=utf-8
date: Wed, 09 Apr 2025 12:29:57 GMT
etag: W/"9dd123d5bb618882e83735464220c16c"
last-modified: Tue, 08 Apr 2025 18:36:39 GMT
server: Vercel
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-vercel-cache: HIT
x-vercel-id: arn1::wm4pb-1744201797854-8dca772b21d7
X-Firefox-Spdy: h2

GET enforcementtoolviralmasters.vercel.app/img/PrivacyCenter2.png

216.198.79.65

200 OK

107 kB

URL GET
enforcementtoolviralmasters.vercel.app/img/PrivacyCenter2.png
IP
216.198.79.65:443
ASN
#16509 AMAZON-02

Requested by
https://enforcementtoolviralmasters.vercel.app/zL20vMDFjcjI4entry=ttu&g_ep=EgoyMDI1MDM
Certificate
IssuerLet's Encrypt
Subject*.vercel.app
FingerprintBE:C5:64:F3:9D:84:B9:A2:9B:BE:C2:3B:DE:FE:C6:32:27:4D:3E:60
ValidityMon, 17 Feb 2025 17:02:07 GMT - Sun, 18 May 2025 17:02:06 GMT

File type
PNG image data, 640 x 280, 8-bit/color RGBA, non-interlaced
Size
107 kB (106563 bytes)
Hash
e080b7472e70e2a8e3b64aae15d4d9c3
8412732ce1f899b44fe773b1f304b59845ba3c0e
63cbcba0042e9d9009e0887665c5dc6531af5f277994299e92c1d35724ee72a7

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Facebook
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /img/PrivacyCenter2.png HTTP/1.1
Host: enforcementtoolviralmasters.vercel.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://enforcementtoolviralmasters.vercel.app/zL20vMDFjcjI4entry=ttu&g_ep=EgoyMDI1MDM
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
age: 64398
cache-control: public, max-age=0, must-revalidate
content-disposition: inline; filename="PrivacyCenter2.png"
content-type: image/png
date: Wed, 09 Apr 2025 12:29:57 GMT
etag: "e080b7472e70e2a8e3b64aae15d4d9c3"
last-modified: Tue, 08 Apr 2025 18:36:39 GMT
server: Vercel
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-vercel-cache: HIT
x-vercel-id: arn1::cjfhf-1744201797855-d5176523ba35
content-length: 106563
X-Firefox-Spdy: h2

GET enforcementtoolviralmasters.vercel.app/img/star.png

216.198.79.65

200 OK

2.0 kB

URL GET
enforcementtoolviralmasters.vercel.app/img/star.png
IP
216.198.79.65:443
ASN
#16509 AMAZON-02

Requested by
https://enforcementtoolviralmasters.vercel.app/zL20vMDFjcjI4entry=ttu&g_ep=EgoyMDI1MDM
Certificate
IssuerLet's Encrypt
Subject*.vercel.app
FingerprintBE:C5:64:F3:9D:84:B9:A2:9B:BE:C2:3B:DE:FE:C6:32:27:4D:3E:60
ValidityMon, 17 Feb 2025 17:02:07 GMT - Sun, 18 May 2025 17:02:06 GMT

File type
PNG image data, 41 x 41, 8-bit colormap, non-interlaced
Size
2.0 kB (1980 bytes)
Hash
aae920faed2a3fe4c3083b339cd783df
be5e47195c28b585d65478e2399d0d5f9b74435c
f75d9bcacc1a1aabc6f93c383f5494307d91f7f302c266626d6dc92b4b86585e

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Facebook
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /img/star.png HTTP/1.1
Host: enforcementtoolviralmasters.vercel.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://enforcementtoolviralmasters.vercel.app/zL20vMDFjcjI4entry=ttu&g_ep=EgoyMDI1MDM
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
age: 64397
cache-control: public, max-age=0, must-revalidate
content-disposition: inline; filename="star.png"
content-type: image/png
date: Wed, 09 Apr 2025 12:29:57 GMT
etag: "aae920faed2a3fe4c3083b339cd783df"
last-modified: Tue, 08 Apr 2025 18:36:39 GMT
server: Vercel
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-vercel-cache: HIT
x-vercel-id: arn1::8rq75-1744201797867-f7c700cb463d
content-length: 1980
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

JavaScript (5)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (21)

URL GET

IP

ASN

Requested by

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET

IP

ASN

Requested by

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET

IP

ASN

Requested by

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL User Request GET

IP