urlscan.io logo urlscan.io
SecurityTrails logo

m6b.edu.pl Open in urlscan Pro
172.67.206.28  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://shorturl.at/2Z1jr
Effective URL: https://m6b.edu.pl/user/us/irs/app/
Submission: On November 18 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 1 countries across 3 domains to perform 18 HTTP transactions. The main IP is 172.67.206.28, located in United States and belongs to CLOUDFLARENET, US. The main domain is m6b.edu.pl.
TLS certificate: Issued by WE1 on October 17th 2024. Valid for: 3 months.
This is the only time m6b.edu.pl was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: IRS (Government)

Domain & IP information

IP Address AS Autonomous System
2 2 2606:4700:20:... 13335 (CLOUDFLAR...)
5 22 172.67.206.28 13335 (CLOUDFLAR...)
18 2
Apex Domain
Subdomains		 Transfer
22 m6b.edu.pl
m6b.edu.pl
80 KB
2 shorturl.at
shorturl.at — Cisco Umbrella Rank: 65302
www.shorturl.at — Cisco Umbrella Rank: 74709
1 KB
0 clickmotivefusion.com Failed
clickmotivefusion.com Failed
18 3
Domain Requested by
22 m6b.edu.pl 5 redirects m6b.edu.pl
1 www.shorturl.at 1 redirects
1 shorturl.at 1 redirects
0 clickmotivefusion.com Failed
18 4

This site contains no links.

Subject Issuer Validity Valid
m6b.edu.pl
WE1		 2024-10-17 -
2025-01-15		 3 months crt.sh

This page contains 4 frames:

Primary Page: https://m6b.edu.pl/user/us/irs/app/
Frame ID: 7D1019F6964893D21A432515F968E5BF
Requests: 14 HTTP requests in this frame

Frame: https://m6b.edu.pl/user/us/irs/app/Get%20My%20Payment_files/saved_resource.htm
Frame ID: D11E9607C048485AD4E765D87DA68CCC
Requests: 1 HTTP requests in this frame

Frame: https://m6b.edu.pl/cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/main.js
Frame ID: F25B44F4F902E4D990818BC9FB43D2C5
Requests: 2 HTTP requests in this frame

Frame: https://m6b.edu.pl/cdn-cgi/challenge-platform/scripts/jsd/main.js
Frame ID: A1CF47A6376A337E14036946BECD8945
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Get My Payment

Page URL History Show full URLs

  1. https://shorturl.at/2Z1jr HTTP 301
    https://www.shorturl.at/2Z1jr HTTP 302
    https://m6b.edu.pl/user/us HTTP 301
    https://m6b.edu.pl/user/us/ HTTP 302
    https://m6b.edu.pl/user/us/irs/ HTTP 302
    https://m6b.edu.pl/user/us/irs/app HTTP 301
    https://m6b.edu.pl/user/us/irs/app/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css

Page Statistics

18
Requests

83 %
HTTPS

50 %
IPv6

3
Domains

4
Subdomains

2
IPs

1
Countries

77 kB
Transfer

314 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://shorturl.at/2Z1jr HTTP 301
    https://www.shorturl.at/2Z1jr HTTP 302
    https://m6b.edu.pl/user/us HTTP 301
    https://m6b.edu.pl/user/us/ HTTP 302
    https://m6b.edu.pl/user/us/irs/ HTTP 302
    https://m6b.edu.pl/user/us/irs/app HTTP 301
    https://m6b.edu.pl/user/us/irs/app/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 13
  • https://m6b.edu.pl/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://m6b.edu.pl/cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/main.js

18 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
m6b.edu.pl/user/us/irs/app/
Redirect Chain
  • https://shorturl.at/2Z1jr
  • https://www.shorturl.at/2Z1jr
  • https://m6b.edu.pl/user/us
  • https://m6b.edu.pl/user/us/
  • https://m6b.edu.pl/user/us/irs/
  • https://m6b.edu.pl/user/us/irs/app
  • https://m6b.edu.pl/user/us/irs/app/
16 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://m6b.edu.pl/user/us/irs/app/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.206.28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
20441104c6f72ea0b12dcfcd3fc937af8795d95a385b8a4e8fbdfb6030fe8d85

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8e480c478b8d7c1b-LAX
content-encoding
zstd
content-type
text/html
date
Mon, 18 Nov 2024 12:43:45 GMT
last-modified
Mon, 08 Jan 2024 03:18:44 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2B2gieD6F0txBmLbujPQHtLqTYIzE4h2QHg1svuqmRvy2Qa7twVgQ5StkugWAElXt9uUnTB5Do7LVhGb2fUkkUzA0hb8y5xla9WZ2zF3u59NQmMMCfxUV9YNF8POZ"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=72631&sent=23&recv=18&lost=0&retrans=0&sent_bytes=7460&recv_bytes=6477&delivery_rate=3399&cwnd=12000&unsent_bytes=0&cid=697487559e8c64fb&ts=2169&x=1" cfHdrFlush;dur=0

Redirect headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8e480c45da557c1b-LAX
content-type
text/html; charset=iso-8859-1
date
Mon, 18 Nov 2024 12:43:45 GMT
location
https://m6b.edu.pl/user/us/irs/app/
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TBUXkTrw60Kil%2FFe0DCEwE7IBRrBUef755A%2BcTeGtG6mEHRHNfW9U3NNoKtIAYMNg2jj80c5P%2FY4qJHBSgYx8%2F4n%2BUE1pBezuwLB2THhLchU9F0qSch%2FkjSSFmBn"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=72821&sent=19&recv=15&lost=0&retrans=0&sent_bytes=6521&recv_bytes=5934&delivery_rate=2235&cwnd=12000&unsent_bytes=0&cid=697487559e8c64fb&ts=1904&x=1" cfHdrFlush;dur=0
bootstrap.min.css
m6b.edu.pl/user/us/irs/app/Get%20My%20Payment_files/ 		152 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://m6b.edu.pl/user/us/irs/app/Get%20My%20Payment_files/bootstrap.min.css
Requested by
Host: m6b.edu.pl
URL: https://m6b.edu.pl/user/us/irs/app/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.206.28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer
https://m6b.edu.pl/user/us/irs/app/

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
MISS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=X%2FvJUChzODEaS%2F4Y48KVXLxyS7xgva%2BDdc8FEcbqx%2Fi9oIhvgxM7h3Cd6j7jpPba9AP9HiQwrPwr2HTjgwwcZAVhWOrwI3H9NAVxCFioCVdxPyzj4zM1dbg%2Bnqtk"}],"group":"cf-nel","max_age":604800}
cf-ray
8e480c494cd97c1b-LAX
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=100899&sent=69&recv=51&lost=0&retrans=0&sent_bytes=45482&recv_bytes=11560&delivery_rate=174979&cwnd=22800&unsent_bytes=0&cid=697487559e8c64fb&ts=3211&x=1", cfHdrFlush;dur=0
date
Mon, 18 Nov 2024 12:43:46 GMT
content-type
text/css
last-modified
Sun, 07 Jan 2024 21:37:06 GMT
vary
Accept-Encoding
server
cloudflare
jquery-ui.min.css
m6b.edu.pl/user/us/irs/app/Get%20My%20Payment_files/ 		31 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://m6b.edu.pl/user/us/irs/app/Get%20My%20Payment_files/jquery-ui.min.css
Requested by
Host: m6b.edu.pl
URL: https://m6b.edu.pl/user/us/irs/app/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.206.28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ca4df2bf400a42d8752e115f03366a90b2b4ed06b2da9ef429d41fda5f15705e

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer
https://m6b.edu.pl/user/us/irs/app/

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
MISS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QaKi68uHPTEY%2FQn%2BRhOWILaDJad4Os18bXCtZViy0eXI0IbU5v98xV5cEaPlsCBDCK3aK5IcNWoWmOtApLTwyIZFwAF2%2BvzoqeN93krV%2Bv2zKcAkvsJKpR%2FFNFaf"}],"group":"cf-nel","max_age":604800}
cf-ray
8e480c494cdb7c1b-LAX
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=84289&sent=45&recv=37&lost=0&retrans=0&sent_bytes=22741&recv_bytes=10956&delivery_rate=12819&cwnd=12000&unsent_bytes=0&cid=697487559e8c64fb&ts=3010&x=1", cfHdrFlush;dur=0
date
Mon, 18 Nov 2024 12:43:46 GMT
content-type
text/css
last-modified
Sun, 07 Jan 2024 21:37:06 GMT
vary
Accept-Encoding
server
cloudflare
irs.css
m6b.edu.pl/user/us/irs/app/Get%20My%20Payment_files/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://m6b.edu.pl/user/us/irs/app/Get%20My%20Payment_files/irs.css
Requested by
Host: m6b.edu.pl
URL: https://m6b.edu.pl/user/us/irs/app/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.206.28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c091629a45d384695d3aa0fcea2210eab8edff323d8ecbf81e3a04fda820d7f4

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer
https://m6b.edu.pl/user/us/irs/app/

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
MISS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7U7YGQItVfREjuVnJ4uaCwgsZdKb1wq7LneWYmxnJ%2B7ZZgHtInMZqWYJkfEL%2FfPwVZRCizCWUL18QWHA7%2BlvhiRFOyF%2FvdeuHJSCpksja3pdMZOq2aUHC7o3N8YT"}],"group":"cf-nel","max_age":604800}
cf-ray
8e480c494cdc7c1b-LAX
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=72232&sent=40&recv=32&lost=0&retrans=0&sent_bytes=18599&recv_bytes=10740&delivery_rate=20525&cwnd=12000&unsent_bytes=0&cid=697487559e8c64fb&ts=2846&x=1", cfHdrFlush;dur=0
date
Mon, 18 Nov 2024 12:43:46 GMT
content-type
text/css
last-modified
Sun, 07 Jan 2024 21:37:06 GMT
vary
Accept-Encoding
server
cloudflare
app.css
m6b.edu.pl/user/us/irs/app/Get%20My%20Payment_files/ 		34 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://m6b.edu.pl/user/us/irs/app/Get%20My%20Payment_files/app.css
Requested by
Host: m6b.edu.pl
URL: https://m6b.edu.pl/user/us/irs/app/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.206.28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b767d55dc488f342807acce7bd09cc3555a89e44591f91421e4585b3cb39d14

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer
https://m6b.edu.pl/user/us/irs/app/

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
MISS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bn4erqVrSjx04arPASvuW94%2BnYHWiR5Sd1HovLg5eUV9fgJP3Sut0Zcw1Vg6ZK88F%2BC%2BHBX8Ltv%2BsjOge%2FnvUaIuoaLZTRUMdhoH3HdotbeWw0OFWnInfx2OgPua"}],"group":"cf-nel","max_age":604800}
cf-ray
8e480c494cdd7c1b-LAX
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=84289&sent=56&recv=37&lost=0&retrans=0&sent_bytes=32594&recv_bytes=10956&delivery_rate=12819&cwnd=12000&unsent_bytes=0&cid=697487559e8c64fb&ts=3020&x=1", cfHdrFlush;dur=26
date
Mon, 18 Nov 2024 12:43:46 GMT
content-type
text/css
last-modified
Sun, 07 Jan 2024 21:37:06 GMT
vary
Accept-Encoding
server
cloudflare
app-error.css
m6b.edu.pl/user/us/irs/app/Get%20My%20Payment_files/ 		786 B
939 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://m6b.edu.pl/user/us/irs/app/Get%20My%20Payment_files/app-error.css
Requested by
Host: m6b.edu.pl
URL: https://m6b.edu.pl/user/us/irs/app/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.206.28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c4abb35ccb93590308661b4dafacfe380c89aef07e2d94499d23f1637137bd1c

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer
https://m6b.edu.pl/user/us/irs/app/

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
MISS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BhloUOmSqRvDNsmaZV9pjfJuwdbKR4HLodmmBlCqPVFda%2FzBArHNjgd0R1O8p%2BrvgvcNqmtrcua32FwEzVG14yCcbHBpM3wE%2FUdcFneyPMBVo4I0txeHZwMp6sEH"}],"group":"cf-nel","max_age":604800}
cf-ray
8e480c494cde7c1b-LAX
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=72232&sent=34&recv=32&lost=0&retrans=0&sent_bytes=14625&recv_bytes=10740&delivery_rate=20525&cwnd=12000&unsent_bytes=0&cid=697487559e8c64fb&ts=2811&x=1", cfHdrFlush;dur=0
date
Mon, 18 Nov 2024 12:43:46 GMT
content-type
text/css
last-modified
Sun, 07 Jan 2024 21:37:06 GMT
vary
Accept-Encoding
server
cloudflare
wmsp-shared-secrets.css
m6b.edu.pl/user/us/irs/app/Get%20My%20Payment_files/ 		3 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://m6b.edu.pl/user/us/irs/app/Get%20My%20Payment_files/wmsp-shared-secrets.css
Requested by
Host: m6b.edu.pl
URL: https://m6b.edu.pl/user/us/irs/app/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.206.28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd8245e841b019e192658b02f6d510112f6793dace36c4b29cc44ab2ab6179cd

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer
https://m6b.edu.pl/user/us/irs/app/

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
MISS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2YTfkwRplsdXuY0tpwJHbQB9WXJiOajlxP1Kav4XAaeSI58HpU8ATwx6S%2F4TLsoVt%2BEkNHvWB3JSvpqCUSXsKwVdB1SAKqwQ0jqWH%2FBOsXvjNnSce0qdCPaMO%2BEA"}],"group":"cf-nel","max_age":604800}
cf-ray
8e480c494cdf7c1b-LAX
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=72232&sent=38&recv=32&lost=0&retrans=0&sent_bytes=16912&recv_bytes=10740&delivery_rate=20525&cwnd=12000&unsent_bytes=0&cid=697487559e8c64fb&ts=2839&x=1", cfHdrFlush;dur=0
date
Mon, 18 Nov 2024 12:43:46 GMT
content-type
text/css
last-modified
Sun, 07 Jan 2024 21:37:06 GMT
vary
Accept-Encoding
server
cloudflare
wmsp-results.css
m6b.edu.pl/user/us/irs/app/Get%20My%20Payment_files/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://m6b.edu.pl/user/us/irs/app/Get%20My%20Payment_files/wmsp-results.css
Requested by
Host: m6b.edu.pl
URL: https://m6b.edu.pl/user/us/irs/app/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.206.28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c270883773a53da36d154ea13ce8ea8451489c25aabd20e60ef6eb65c4fe439d

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer
https://m6b.edu.pl/user/us/irs/app/

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
MISS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JhqvsXkcqh0qVEEPxXa9%2FxBLLvL6c85zQdLarPEyOhMFl3yCnnotb6rOJb6P%2FQbewOaRvBDxn5FvMfqLITogVtTLctyiXhrRrWyikd9O90ZVB4mAuL1358l9NBEA"}],"group":"cf-nel","max_age":604800}
cf-ray
8e480c494ce07c1b-LAX
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=72232&sent=36&recv=32&lost=0&retrans=0&sent_bytes=15611&recv_bytes=10740&delivery_rate=20525&cwnd=12000&unsent_bytes=0&cid=697487559e8c64fb&ts=2825&x=1", cfHdrFlush;dur=0
date
Mon, 18 Nov 2024 12:43:46 GMT
content-type
text/css
last-modified
Sun, 07 Jan 2024 21:37:06 GMT
vary
Accept-Encoding
server
cloudflare
datepicker.css
m6b.edu.pl/user/us/irs/app/Get%20My%20Payment_files/ 		21 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://m6b.edu.pl/user/us/irs/app/Get%20My%20Payment_files/datepicker.css
Requested by
Host: m6b.edu.pl
URL: https://m6b.edu.pl/user/us/irs/app/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.206.28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a2538e625a9042c2cd54e13cf52221fce1831dd12c5ca4cdac23137ac22e3010

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer
https://m6b.edu.pl/user/us/irs/app/

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
MISS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uG56Q73GDnKu9C8aHulAXsVr0JEs9Q9VRGUp3u4Tw0PIfXZvo9GtjHV9YRnOaEPgKC9BzO1XxFhPR%2FQh0ylSv7qXwfpEQCdSOsa4gZDn8D3h2NWsISbTa%2BEEv0KK"}],"group":"cf-nel","max_age":604800}
cf-ray
8e480c494ce27c1b-LAX
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=84289&sent=54&recv=37&lost=0&retrans=0&sent_bytes=31859&recv_bytes=10956&delivery_rate=12819&cwnd=12000&unsent_bytes=0&cid=697487559e8c64fb&ts=3015&x=1", cfHdrFlush;dur=0
date
Mon, 18 Nov 2024 12:43:46 GMT
content-type
text/css
last-modified
Sun, 07 Jan 2024 21:37:06 GMT
vary
Accept-Encoding
server
cloudflare
logo.png
m6b.edu.pl/user/us/irs/app/Get%20My%20Payment_files/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m6b.edu.pl/user/us/irs/app/Get%20My%20Payment_files/logo.png
Requested by
Host: m6b.edu.pl
URL: https://m6b.edu.pl/user/us/irs/app/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.206.28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
02ceea374fce34ce8272bb17a67fd862c8ff49eeb05938154570701ca7a62ea7

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer
https://m6b.edu.pl/user/us/irs/app/

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OA6Q0qxi6kUqfbaWOwPSnbhJhirErXVIrI2IWTj6Yc5K5yPNb4us7DQRQYt%2BkaeN82xCeB4XRYuEtGE2pBpblLO9E55fM1JbPxlb8gOiN4KfA8bqgN1MrVfZyedE"}],"group":"cf-nel","max_age":604800}
cf-ray
8e480c4a4dcb7c1b-LAX
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=97252&sent=71&recv=52&lost=0&retrans=0&sent_bytes=46126&recv_bytes=11609&delivery_rate=6420&cwnd=22800&unsent_bytes=0&cid=697487559e8c64fb&ts=3365&x=1", cfHdrFlush;dur=0
content-length
4640
date
Mon, 18 Nov 2024 12:43:46 GMT
content-type
image/png
last-modified
Sun, 07 Jan 2024 21:37:06 GMT
vary
Accept-Encoding
server
cloudflare
irs_horiz_white.png
m6b.edu.pl/user/us/irs/app/Get%20My%20Payment_files/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m6b.edu.pl/user/us/irs/app/Get%20My%20Payment_files/irs_horiz_white.png
Requested by
Host: m6b.edu.pl
URL: https://m6b.edu.pl/user/us/irs/app/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.206.28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d3238bdb8ee9440978b31fadb2af34965dca58b179a1225e13316d4c6cfd5e8

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer
https://m6b.edu.pl/user/us/irs/app/

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=q4Xik4kb8X68j4zo8Dv%2FnEjNdGf7KG0QF6rHVidnc5p%2FNAOVzzmpheO9kd2O27yhA%2F6ekUUjPuLgXN%2Bdve0b8aqMiQWqivVlUAxFXQGHUP%2BY0NjffhITJVTI76PB"}],"group":"cf-nel","max_age":604800}
cf-ray
8e480c4a4dcd7c1b-LAX
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=84289&sent=43&recv=37&lost=0&retrans=0&sent_bytes=20594&recv_bytes=10956&delivery_rate=12819&cwnd=12000&unsent_bytes=0&cid=697487559e8c64fb&ts=2968&x=1", cfHdrFlush;dur=0
content-length
1498
date
Mon, 18 Nov 2024 12:43:46 GMT
content-type
image/png
last-modified
Sun, 07 Jan 2024 21:37:06 GMT
vary
Accept-Encoding
server
cloudflare
saved_resource.htm
m6b.edu.pl/user/us/irs/app/Get%20My%20Payment_files/ Frame D11E 		8 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://m6b.edu.pl/user/us/irs/app/Get%20My%20Payment_files/saved_resource.htm
Requested by
Host: m6b.edu.pl
URL: https://m6b.edu.pl/user/us/irs/app/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.206.28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
96b46026abd454009c01e2463e672d84a94fd009d3cd8463cd1c12668f14486d

Request headers

Referer
https://m6b.edu.pl/user/us/irs/app/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8e480c513aa47c1b-LAX
content-encoding
zstd
content-type
text/html
date
Mon, 18 Nov 2024 12:43:46 GMT
last-modified
Sun, 07 Jan 2024 21:37:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BImzYp1QqJy4dKOa4vC%2F2EQohFcTheUpu%2F5r8TE04CuIPEreSDijn%2FyIViykiQRY8NKelvIpN7mz2DRZ214fSBv9P8Jc9YAF3P2a4S9w%2FMHVYmP0Km%2FOa7tkGENp"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=88282&sent=108&recv=71&lost=0&retrans=0&sent_bytes=82748&recv_bytes=13897&delivery_rate=5559&cwnd=27600&unsent_bytes=0&cid=697487559e8c64fb&ts=3715&x=1" cfHdrFlush;dur=0
swirl_lighter_ca6f4deb.png
m6b.edu.pl/user/us/irs/app/images/ 		315 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m6b.edu.pl/user/us/irs/app/images/swirl_lighter_ca6f4deb.png
Requested by
Host: m6b.edu.pl
URL: https://m6b.edu.pl/user/us/irs/app/Get%20My%20Payment_files/app.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.206.28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer
https://m6b.edu.pl/user/us/irs/app/Get%20My%20Payment_files/app.css

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
MISS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eXBDVzJhL50Jw5TLXq3bzdrR8CsrdrLsrz59KREvBB1ryWvRuMu9ze8IXjzcENDeCxDT2UPOKaDmVeeLvzfXV6zL1sNcPatm3vMbqx%2B6qDO78DDJYYaYtF6ZqpMe"}],"group":"cf-nel","max_age":604800}
cf-ray
8e480c515ab47c1b-LAX
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=84967&sent=134&recv=106&lost=0&retrans=0&sent_bytes=89368&recv_bytes=49117&delivery_rate=10813&cwnd=27600&unsent_bytes=0&cid=697487559e8c64fb&ts=4190&x=1", cfHdrFlush;dur=0
date
Mon, 18 Nov 2024 12:43:47 GMT
content-type
text/html; charset=iso-8859-1
vary
Accept-Encoding
server
cloudflare
truncated
/ 		19 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e2a82173e0e65eefeb0ad04c62d3c8fe8d6d2ddd8cf7d40bb4fafeeaa6be7631

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer

Response headers

Content-Type
image/png
main.js
m6b.edu.pl/cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/ Frame F25B
Redirect Chain
  • https://m6b.edu.pl/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://m6b.edu.pl/cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/main.js?
8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m6b.edu.pl/cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/main.js?
Requested by
Host: m6b.edu.pl
URL: https://m6b.edu.pl/user/us/irs/app/
Protocol
H3
Server
172.67.206.28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
86db8de299e733f5365aef4cbed8a7927b8929474b471c7ec0cfedc8f9ef2029
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer

Response headers

cache-control
max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xUuw%2B%2FW0XAAXKLqmvY5iyEfGP5pPJPRKIucDlV2oV7T%2FQeYt4u3fW53Wdb%2F59o3H16jQ%2BktDB2Z%2Ft0iSySCJra9Akgz%2FjDipGyI1czx2ysbt0Q%2BXjG6faEhaZ2if"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
cf-ray
8e480c51fb6a7c1b-LAX
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=88282&sent=104&recv=71&lost=0&retrans=0&sent_bytes=78137&recv_bytes=13897&delivery_rate=5559&cwnd=27600&unsent_bytes=0&cid=697487559e8c64fb&ts=3650&x=1", cfHdrFlush;dur=0
date
Mon, 18 Nov 2024 12:43:46 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
server
cloudflare

Redirect headers

cache-control
max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
location
/cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/main.js?
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gZDN7dWO1uZwYV0TZNwPOSb2RNyxF4FsHDR04NR4RDHF0NSrCCWuZczmGkA4S2FysibLtI3qn0fLXvzCUcNlFl1ZU7RUygAUnfonT2oex4AB%2FPP2mKWLEy8UQHGb"}],"group":"cf-nel","max_age":604800}
cf-ray
8e480c516ac07c1b-LAX
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
0
server-timing
cfL4;desc="?proto=QUIC&rtt=89709&sent=102&recv=70&lost=0&retrans=0&sent_bytes=77450&recv_bytes=13550&delivery_rate=206271&cwnd=27600&unsent_bytes=0&cid=697487559e8c64fb&ts=3570&x=1", cfHdrFlush;dur=0
date
Mon, 18 Nov 2024 12:43:46 GMT
vary
Accept-Encoding
server
cloudflare
8e480c478b8d7c1b
m6b.edu.pl/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame F25B 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://m6b.edu.pl/cdn-cgi/challenge-platform/h/b/jsd/r/8e480c478b8d7c1b
Requested by
Host: m6b.edu.pl
URL: https://m6b.edu.pl/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.206.28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Content-Type
application/json
Referer

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JG6jfP%2Feoh7tzxJleqHVvliHOtgYpEQ8FlA8DiSEOMRDxzCOWlPSBzi9BJKD1NdPIilqFjVNEVDwTNsEo7%2BKdBk8m2dmSC2IyR3B%2Bwp7O%2B0b1f2BG6iqi%2FUAN%2FH3"}],"group":"cf-nel","max_age":604800}
cf-ray
8e480c533c587c1b-LAX
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=83798&sent=120&recv=89&lost=0&retrans=0&sent_bytes=86757&recv_bytes=31304&delivery_rate=110597&cwnd=27600&unsent_bytes=0&cid=697487559e8c64fb&ts=3865&x=1", cfHdrFlush;dur=0
content-length
0
date
Mon, 18 Nov 2024 12:43:47 GMT
content-type
text/plain; charset=UTF-8
server
cloudflare
main.js
m6b.edu.pl/cdn-cgi/challenge-platform/scripts/jsd/ Frame A1CF 		8 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://m6b.edu.pl/cdn-cgi/challenge-platform/scripts/jsd/main.js
Requested by
Host: m6b.edu.pl
URL: https://m6b.edu.pl/user/us/irs/app/
Protocol
H3
Server
172.67.206.28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
86db8de299e733f5365aef4cbed8a7927b8929474b471c7ec0cfedc8f9ef2029
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Referer

Response headers

cache-control
max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xUuw%2B%2FW0XAAXKLqmvY5iyEfGP5pPJPRKIucDlV2oV7T%2FQeYt4u3fW53Wdb%2F59o3H16jQ%2BktDB2Z%2Ft0iSySCJra9Akgz%2FjDipGyI1czx2ysbt0Q%2BXjG6faEhaZ2if"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
cf-ray
8e480c51fb6a7c1b-LAX
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=88282&sent=104&recv=71&lost=0&retrans=0&sent_bytes=78137&recv_bytes=13897&delivery_rate=5559&cwnd=27600&unsent_bytes=0&cid=697487559e8c64fb&ts=3650&x=1", cfHdrFlush;dur=0
date
Mon, 18 Nov 2024 12:43:46 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
server
cloudflare
8e480c513aa47c1b
m6b.edu.pl/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame A1CF 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://m6b.edu.pl/cdn-cgi/challenge-platform/h/b/jsd/r/8e480c513aa47c1b
Requested by
Host: m6b.edu.pl
URL: https://m6b.edu.pl/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.206.28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 14_7_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.2 Mobile/15E148 Safari/604.1
Content-Type
application/json
Referer

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=L7ZB%2FCabYXaVihg8%2BXulnBaqWr6H2LuqD%2FnY3ZfQvyFap3jDqwsm2OSMXTLAtJjgO7GnB156fcp2feAB0GT6%2FhVTdJbV7p3iSc5Yl21mnmMsYPFMASBQa43HsYsQ"}],"group":"cf-nel","max_age":604800}
cf-ray
8e480c53ecd37c1b-LAX
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=84494&sent=133&recv=105&lost=0&retrans=0&sent_bytes=88209&recv_bytes=49072&delivery_rate=10855&cwnd=27600&unsent_bytes=0&cid=697487559e8c64fb&ts=3979&x=1", cfHdrFlush;dur=0
content-length
0
date
Mon, 18 Nov 2024 12:43:47 GMT
content-type
text/plain; charset=UTF-8
server
cloudflare
favicon.ico
clickmotivefusion.com/AREA16/assets/assets/img/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
clickmotivefusion.com
URL
https://clickmotivefusion.com/AREA16/assets/assets/img/favicon.ico

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: IRS (Government)

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1

2 Cookies

Domain/Path Name / Value
m6b.edu.pl/ Name: PHPSESSID
Value: 1abe916a9cf1be5e2d102e01f95600ca
.m6b.edu.pl/ Name: cf_clearance
Value: MhxwQrjIhPTjZk_f0YLobCkRgwegLQknoNIBQBA8ucI-1731933827-1.2.1.1-u2puPqjHcdtB6_a_xwCTaGHwDjFLTM0pE9OohLR_G6Vyexi1EbmdF8BQgbPzTahalAegTLdgzdMlrlrojEzuMc.XsgbBp4nEojbsYZBRakMtw882njA1qIMhOs5cFxtnf_HkfCsLRWVsGmNMETTNVSuD1CSu_u5T2hqZlzPC4ARdbHdIDpscLbZRbdBmtoiWrB_puL81a5MMGH7L4vf5ueA6.jkf5qiQKtrdVYQF48VkPcLW54mTZsji_v1L_ZmRLBvPTshrKl16R1fH4E_V5Kjs2dNumIs0NxEPml0pKtr2rdW4Y4oQcguc4DboN7gjXOP6W3Nj3oFsHa77kuzy5n9_kLVY7MC.xwmP.vksN_HZ52_q4vwS7tX_XpA_r_Na50FmuB778j9jhlHBAbQLPoAqramgwaSz6Q6DNu_ELKs

1 Console Messages

Source Level URL
Text
network error URL: https://m6b.edu.pl/user/us/irs/app/images/swirl_lighter_ca6f4deb.png
Message:
Failed to load resource: the server responded with a status of 404 ()