link.wearmedicine.com Open in urlscan Pro
91.199.51.78 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://link.wearmedicine.com/c/ksG/IgC/0rizYeAqRDq_NTzypLURgy/a/FvZK/F/2cd017f5
Effective URL:
https://link.wearmedicine.com/v/ksG/0rizYeAqRDq_NTzypLURgy/13184151?utm_source=newsletter&utm_medium=email&utm_content=ona&utm...
Submission: On November 14 via api (November 14th 2022, 10:00:27 am UTC) from US — Scanned from DE

Summary HTTP 13 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 3 countries across 3 domains to perform 13 HTTP transactions. The main IP is 91.199.51.78, located in Poland and belongs to IQPL-AS, PL. The main domain is link.wearmedicine.com.
TLS certificate: Issued by R3 on November 7th 2022. Valid for: 3 months.

This is the only time link.wearmedicine.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 13	91.199.51.78 91.199.51.78	47544 (IQPL-AS) (IQPL-AS)
1 2	13.69.68.37 13.69.68.37	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
13	3

13 91.199.51.78 (Poland) 2 redirects

ASN47544 (IQPL-AS, PL)
PTR: 91-199-51-78.rev.iq.pl

link.wearmedicine.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.69.68.37 (Amsterdam, Netherlands) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

r.ar-mtch1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	wearmedicine.com 2 redirects link.wearmedicine.com	8 MB
2	ar-mtch1.com 1 redirects r.ar-mtch1.com — Cisco Umbrella Rank: 175921	883 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 43	3 KB
13	3

	Domain	Requested by
13	link.wearmedicine.com	2 redirects link.wearmedicine.com
2	r.ar-mtch1.com	1 redirects link.wearmedicine.com
1	fonts.googleapis.com	link.wearmedicine.com
13	3

This site contains no links.

Subject Issuer	Validity	Valid
link.wearmedicine.com R3	`2022-11-07` - `2023-02-05`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://link.wearmedicine.com/v/ksG/0rizYeAqRDq_NTzypLURgy/13184151?utm_source=newsletter&utm_medium=email&utm_content=ona&utm_campaign=promo_111122&ar_h=DxDfxfDq8x_fA9Z8_l_ZdfZeVD_lfADl
Frame ID: E4C07827C58AD1A601FE4B7F96BBDD15
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Setki produktów taniej do -50% online!

Page URL History Show full URLs

https://link.wearmedicine.com/c/ksG/IgC/0rizYeAqRDq_NTzypLURgy/a/FvZK/F/2cd017f5 HTTP 302
https://r.ar-mtch1.com/Redirect?aid=z&wid=FL&md5=0c09c90a6c29e3562d25b958402d9e0d&sha256=27e0788f08... HTTP 302
https://link.wearmedicine.com/v/ksG/0rizYeAqRDq_NTzypLURgy/13184151?utm_source=newsletter&utm_medium=email... Page URL

Page Statistics

13
Requests

92 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

3
IPs

3
Countries

8242 kB
Transfer

8286 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://link.wearmedicine.com/c/ksG/IgC/0rizYeAqRDq_NTzypLURgy/a/FvZK/F/2cd017f5 HTTP 302
https://r.ar-mtch1.com/Redirect?aid=z&wid=FL&md5=0c09c90a6c29e3562d25b958402d9e0d&sha256=27e0788f08dd2d9dd52ddfc4c26ee6b4dc8caf2e403d25367b65feadd9ea7d4e&url=https%3a%2f%2flink.wearmedicine.com%2fv%2fksG%2f0rizYeAqRDq_NTzypLURgy%2f13184151%3futm_source%3dnewsletter%26utm_medium%3demail%26utm_content%3dona%26utm_campaign%3dpromo_111122&type=c&esp=F HTTP 302
https://link.wearmedicine.com/v/ksG/0rizYeAqRDq_NTzypLURgy/13184151?utm_source=newsletter&utm_medium=email&utm_content=ona&utm_campaign=promo_111122&ar_h=DxDfxfDq8x_fA9Z8_l_ZdfZeVD_lfADl Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 11

https://link.wearmedicine.com/o/ksG/0rizYeAqRDq_NTzypLURgy/FvZK/F/527dab71 HTTP 302
https://r.ar-mtch1.com/Redirect?aid=z&wid=FL&md5=0c09c90a6c29e3562d25b958402d9e0d&sha256=27e0788f08dd2d9dd52ddfc4c26ee6b4dc8caf2e403d25367b65feadd9ea7d4e&type=o&esp=F

13 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request 13184151 Show response
link.wearmedicine.com/v/ksG/0rizYeAqRDq_NTzypLURgy/
Redirect Chain

https://link.wearmedicine.com/c/ksG/IgC/0rizYeAqRDq_NTzypLURgy/a/FvZK/F/2cd017f5
https://r.ar-mtch1.com/Redirect?aid=z&wid=FL&md5=0c09c90a6c29e3562d25b958402d9e0d&sha256=27e0788f08dd2d9dd52ddfc4c26ee6b4dc8caf2e403d25367b65feadd9ea7d4e&url=https%3a%2f%2flink.wearmedicine.com%2fv...
https://link.wearmedicine.com/v/ksG/0rizYeAqRDq_NTzypLURgy/13184151?utm_source=newsletter&utm_medium=email&utm_content=ona&utm_campaign=promo_111122&ar_h=DxDfxfDq8x_fA9Z8_l_ZdfZeVD_lfADl

26 KB
6 KB

79ms
78ms

Document
text/html

91.199.51.78
IQPL-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://link.wearmedicine.com/v/ksG/0rizYeAqRDq_NTzypLURgy/13184151?utm_source=newsletter&utm_medium=email&utm_content=ona&utm_campaign=promo_111122&ar_h=DxDfxfDq8x_fA9Z8_l_ZdfZeVD_lfADl
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 91.199.51.78 , Poland, ASN47544 (IQPL-AS, PL),
Reverse DNS: 91-199-51-78.rev.iq.pl
Software: /
Resource Hash: 0a03deb8d58aed40e326e0e297baa9f4a367921f6519120f4ea4d6a220b1c12c

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private
content-encoding: gzip
content-length: 6050
content-type: text/html; charset=utf-8
date: Mon, 14 Nov 2022 10:00:22 GMT
vary: Accept-Encoding

Redirect headers

content-length: 0
date: Mon, 14 Nov 2022 10:00:22 GMT
location: https://link.wearmedicine.com:443/v/ksG/0rizYeAqRDq_NTzypLURgy/13184151?utm_source=newsletter&utm_medium=email&utm_content=ona&utm_campaign=promo_111122&ar_h=DxDfxfDq8x_fA9Z8_l_ZdfZeVD_lfADl
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
H2 200 css
fonts.googleapis.com/ 33 KB
3 KB 44ms
21ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: link.wearmedicine.com
URL: https://link.wearmedicine.com/v/ksG/0rizYeAqRDq_NTzypLURgy/13184151?utm_source=newsletter&utm_medium=email&utm_content=ona&utm_campaign=promo_111122&ar_h=DxDfxfDq8x_fA9Z8_l_ZdfZeVD_lfADl

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b669b3f34627c4113e632d2746e27c283124c46ed9351b1b10f2c3a0de0972e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://link.wearmedicine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 14 Nov 2022 10:00:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 10:00:23 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 14 Nov 2022 10:00:23 GMT

GET
H2 200 NL-on-01.jpg
link.wearmedicine.com/Content/i2/50418/HostedImages/4986/ 9 KB
9 KB 41ms
40ms Image
image/jpeg 91.199.51.78
IQPL-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://link.wearmedicine.com/Content/i2/50418/HostedImages/4986/NL-on-01.jpg
Requested by: Host: link.wearmedicine.com
URL: https://link.wearmedicine.com/v/ksG/0rizYeAqRDq_NTzypLURgy/13184151?utm_source=newsletter&utm_medium=email&utm_content=ona&utm_campaign=promo_111122&ar_h=DxDfxfDq8x_fA9Z8_l_ZdfZeVD_lfADl
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 91.199.51.78 , Poland, ASN47544 (IQPL-AS, PL),
Reverse DNS: 91-199-51-78.rev.iq.pl
Software: /
Resource Hash: 9390ee47194b2005912bd3c195f0ddd8f89730153c4e934ceb7ff742955d96e0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://link.wearmedicine.com/v/ksG/0rizYeAqRDq_NTzypLURgy/13184151?utm_source=newsletter&utm_medium=email&utm_content=ona&utm_campaign=promo_111122&ar_h=DxDfxfDq8x_fA9Z8_l_ZdfZeVD_lfADl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 10:00:22 GMT
cache-control: no-cache
last-modified: Thu, 10 Nov 2022 15:35:15 GMT
accept-ranges: bytes
etag: "f7b4ed71af5d81:0"
content-length: 9274
content-type: image/jpeg

GET
H2 200 NL-animacja-pl.gif
link.wearmedicine.com/Content/i2/50418/HostedImages/4986/ 8 MB
8 MB 104ms
99ms Image
image/gif 91.199.51.78
IQPL-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://link.wearmedicine.com/Content/i2/50418/HostedImages/4986/NL-animacja-pl.gif
Requested by: Host: link.wearmedicine.com
URL: https://link.wearmedicine.com/v/ksG/0rizYeAqRDq_NTzypLURgy/13184151?utm_source=newsletter&utm_medium=email&utm_content=ona&utm_campaign=promo_111122&ar_h=DxDfxfDq8x_fA9Z8_l_ZdfZeVD_lfADl
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 91.199.51.78 , Poland, ASN47544 (IQPL-AS, PL),
Reverse DNS: 91-199-51-78.rev.iq.pl
Software: /
Resource Hash: 0249e52a711e1e6f3155c9f932e18619666024bdc7ad253ba46a7e4583ada57c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://link.wearmedicine.com/v/ksG/0rizYeAqRDq_NTzypLURgy/13184151?utm_source=newsletter&utm_medium=email&utm_content=ona&utm_campaign=promo_111122&ar_h=DxDfxfDq8x_fA9Z8_l_ZdfZeVD_lfADl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 10:00:22 GMT
cache-control: no-cache
last-modified: Thu, 10 Nov 2022 15:44:47 GMT
accept-ranges: bytes
etag: "a66de25c1bf5d81:0"
content-length: 8362130
content-type: image/gif

GET
H2 200 NL-pl.jpg
link.wearmedicine.com/Content/i2/50418/HostedImages/4986/ 30 KB
30 KB 64ms
59ms Image
image/jpeg 91.199.51.78
IQPL-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://link.wearmedicine.com/Content/i2/50418/HostedImages/4986/NL-pl.jpg
Requested by: Host: link.wearmedicine.com
URL: https://link.wearmedicine.com/v/ksG/0rizYeAqRDq_NTzypLURgy/13184151?utm_source=newsletter&utm_medium=email&utm_content=ona&utm_campaign=promo_111122&ar_h=DxDfxfDq8x_fA9Z8_l_ZdfZeVD_lfADl
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 91.199.51.78 , Poland, ASN47544 (IQPL-AS, PL),
Reverse DNS: 91-199-51-78.rev.iq.pl
Software: /
Resource Hash: f3d726874c43aba4f5c64a45643ac4bfc7352f4db35d3ccd1d111b0a5510da2c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://link.wearmedicine.com/v/ksG/0rizYeAqRDq_NTzypLURgy/13184151?utm_source=newsletter&utm_medium=email&utm_content=ona&utm_campaign=promo_111122&ar_h=DxDfxfDq8x_fA9Z8_l_ZdfZeVD_lfADl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 10:00:22 GMT
cache-control: no-cache
last-modified: Thu, 10 Nov 2022 15:35:16 GMT
accept-ranges: bytes
etag: "8c633c81af5d81:0"
content-length: 30798
content-type: image/jpeg

GET
H2 200 nowa-stopka-przycisk-FB.jpg
link.wearmedicine.com/Content/i2/50418/HostedImages/2279/ 2 KB
2 KB 86ms
81ms Image
image/jpeg 91.199.51.78
IQPL-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://link.wearmedicine.com/Content/i2/50418/HostedImages/2279/nowa-stopka-przycisk-FB.jpg
Requested by: Host: link.wearmedicine.com
URL: https://link.wearmedicine.com/v/ksG/0rizYeAqRDq_NTzypLURgy/13184151?utm_source=newsletter&utm_medium=email&utm_content=ona&utm_campaign=promo_111122&ar_h=DxDfxfDq8x_fA9Z8_l_ZdfZeVD_lfADl
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 91.199.51.78 , Poland, ASN47544 (IQPL-AS, PL),
Reverse DNS: 91-199-51-78.rev.iq.pl
Software: /
Resource Hash: 7c4080e3fc0b1552a72f00bb6d2631704efec02dbaeeb69bf276d5b667c6204e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://link.wearmedicine.com/v/ksG/0rizYeAqRDq_NTzypLURgy/13184151?utm_source=newsletter&utm_medium=email&utm_content=ona&utm_campaign=promo_111122&ar_h=DxDfxfDq8x_fA9Z8_l_ZdfZeVD_lfADl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 10:00:22 GMT
cache-control: no-cache
last-modified: Wed, 15 Jul 2020 10:46:37 GMT
accept-ranges: bytes
etag: "32c52937955ad61:0"
content-length: 1932
content-type: image/jpeg

GET
H2 200 nowa-stopka-przycisk-IG.jpg
link.wearmedicine.com/Content/i2/50418/HostedImages/2279/ 2 KB
2 KB 66ms
61ms Image
image/jpeg 91.199.51.78
IQPL-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://link.wearmedicine.com/Content/i2/50418/HostedImages/2279/nowa-stopka-przycisk-IG.jpg
Requested by: Host: link.wearmedicine.com
URL: https://link.wearmedicine.com/v/ksG/0rizYeAqRDq_NTzypLURgy/13184151?utm_source=newsletter&utm_medium=email&utm_content=ona&utm_campaign=promo_111122&ar_h=DxDfxfDq8x_fA9Z8_l_ZdfZeVD_lfADl
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 91.199.51.78 , Poland, ASN47544 (IQPL-AS, PL),
Reverse DNS: 91-199-51-78.rev.iq.pl
Software: /
Resource Hash: 5965b961d0e492cee6247c13b0bc54ec1e26cffbc7f098d9b4796f79e9b6f998

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://link.wearmedicine.com/v/ksG/0rizYeAqRDq_NTzypLURgy/13184151?utm_source=newsletter&utm_medium=email&utm_content=ona&utm_campaign=promo_111122&ar_h=DxDfxfDq8x_fA9Z8_l_ZdfZeVD_lfADl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 10:00:22 GMT
cache-control: no-cache
last-modified: Wed, 15 Jul 2020 10:46:41 GMT
accept-ranges: bytes
etag: "bd477439955ad61:0"
content-length: 2223
content-type: image/jpeg

GET
H2 200 nowa-stopka-przycisk-YT.jpg
link.wearmedicine.com/Content/i2/50418/HostedImages/2279/ 2 KB
2 KB 86ms
81ms Image
image/jpeg 91.199.51.78
IQPL-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://link.wearmedicine.com/Content/i2/50418/HostedImages/2279/nowa-stopka-przycisk-YT.jpg
Requested by: Host: link.wearmedicine.com
URL: https://link.wearmedicine.com/v/ksG/0rizYeAqRDq_NTzypLURgy/13184151?utm_source=newsletter&utm_medium=email&utm_content=ona&utm_campaign=promo_111122&ar_h=DxDfxfDq8x_fA9Z8_l_ZdfZeVD_lfADl
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 91.199.51.78 , Poland, ASN47544 (IQPL-AS, PL),
Reverse DNS: 91-199-51-78.rev.iq.pl
Software: /
Resource Hash: f98c0c4bc995aae4b6a984451c6d8a9d3023b24e9ae9c8c225a41e683e89d711

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://link.wearmedicine.com/v/ksG/0rizYeAqRDq_NTzypLURgy/13184151?utm_source=newsletter&utm_medium=email&utm_content=ona&utm_campaign=promo_111122&ar_h=DxDfxfDq8x_fA9Z8_l_ZdfZeVD_lfADl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 10:00:22 GMT
cache-control: no-cache
last-modified: Wed, 15 Jul 2020 10:46:44 GMT
accept-ranges: bytes
etag: "612f833b955ad61:0"
content-length: 2014
content-type: image/jpeg

GET
H2 200 nowa-stopka-zaslepka.jpg
link.wearmedicine.com/Content/i2/50418/HostedImages/2279/ 1 KB
1 KB 86ms
82ms Image
image/jpeg 91.199.51.78
IQPL-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://link.wearmedicine.com/Content/i2/50418/HostedImages/2279/nowa-stopka-zaslepka.jpg
Requested by: Host: link.wearmedicine.com
URL: https://link.wearmedicine.com/v/ksG/0rizYeAqRDq_NTzypLURgy/13184151?utm_source=newsletter&utm_medium=email&utm_content=ona&utm_campaign=promo_111122&ar_h=DxDfxfDq8x_fA9Z8_l_ZdfZeVD_lfADl
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 91.199.51.78 , Poland, ASN47544 (IQPL-AS, PL),
Reverse DNS: 91-199-51-78.rev.iq.pl
Software: /
Resource Hash: 07f45fc657b3428d6e547b24688431dac26806cebee3557d01ed1495af62315f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://link.wearmedicine.com/v/ksG/0rizYeAqRDq_NTzypLURgy/13184151?utm_source=newsletter&utm_medium=email&utm_content=ona&utm_campaign=promo_111122&ar_h=DxDfxfDq8x_fA9Z8_l_ZdfZeVD_lfADl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 10:00:22 GMT
cache-control: no-cache
last-modified: Thu, 16 Jul 2020 09:46:56 GMT
accept-ranges: bytes
etag: "c0f548b565bd61:0"
content-length: 1262
content-type: image/jpeg

GET
H2 200 nowa-stopka-przycisk-01.jpg
link.wearmedicine.com/Content/i2/50418/HostedImages/2273/ 4 KB
4 KB 87ms
83ms Image
image/jpeg 91.199.51.78
IQPL-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://link.wearmedicine.com/Content/i2/50418/HostedImages/2273/nowa-stopka-przycisk-01.jpg
Requested by: Host: link.wearmedicine.com
URL: https://link.wearmedicine.com/v/ksG/0rizYeAqRDq_NTzypLURgy/13184151?utm_source=newsletter&utm_medium=email&utm_content=ona&utm_campaign=promo_111122&ar_h=DxDfxfDq8x_fA9Z8_l_ZdfZeVD_lfADl
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 91.199.51.78 , Poland, ASN47544 (IQPL-AS, PL),
Reverse DNS: 91-199-51-78.rev.iq.pl
Software: /
Resource Hash: 7d6397bc1e0163fbfe7ed73c19b63a00cb57c4cdae67be6d271e264ec1781ec2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://link.wearmedicine.com/v/ksG/0rizYeAqRDq_NTzypLURgy/13184151?utm_source=newsletter&utm_medium=email&utm_content=ona&utm_campaign=promo_111122&ar_h=DxDfxfDq8x_fA9Z8_l_ZdfZeVD_lfADl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 10:00:22 GMT
cache-control: no-cache
last-modified: Wed, 15 Jul 2020 10:46:27 GMT
accept-ranges: bytes
etag: "14e7f530955ad61:0"
content-length: 4311
content-type: image/jpeg

GET
H2 200 nowa-stopka-przycisk-02.jpg
link.wearmedicine.com/Content/i2/50418/HostedImages/2273/ 6 KB
6 KB 87ms
83ms Image
image/jpeg 91.199.51.78
IQPL-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://link.wearmedicine.com/Content/i2/50418/HostedImages/2273/nowa-stopka-przycisk-02.jpg
Requested by: Host: link.wearmedicine.com
URL: https://link.wearmedicine.com/v/ksG/0rizYeAqRDq_NTzypLURgy/13184151?utm_source=newsletter&utm_medium=email&utm_content=ona&utm_campaign=promo_111122&ar_h=DxDfxfDq8x_fA9Z8_l_ZdfZeVD_lfADl
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 91.199.51.78 , Poland, ASN47544 (IQPL-AS, PL),
Reverse DNS: 91-199-51-78.rev.iq.pl
Software: /
Resource Hash: 5aa1bf0cb78dc3901c332e38574f94d3d8b508109cb2454f453315664c9bc0ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://link.wearmedicine.com/v/ksG/0rizYeAqRDq_NTzypLURgy/13184151?utm_source=newsletter&utm_medium=email&utm_content=ona&utm_campaign=promo_111122&ar_h=DxDfxfDq8x_fA9Z8_l_ZdfZeVD_lfADl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 10:00:22 GMT
cache-control: no-cache
last-modified: Wed, 15 Jul 2020 10:46:30 GMT
accept-ranges: bytes
etag: "9659ef32955ad61:0"
content-length: 5638
content-type: image/jpeg

GET
H2 200 nowa-stopka-przycisk-03.jpg
link.wearmedicine.com/Content/i2/50418/HostedImages/2273/ 5 KB
5 KB 87ms
84ms Image
image/jpeg 91.199.51.78
IQPL-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://link.wearmedicine.com/Content/i2/50418/HostedImages/2273/nowa-stopka-przycisk-03.jpg
Requested by: Host: link.wearmedicine.com
URL: https://link.wearmedicine.com/v/ksG/0rizYeAqRDq_NTzypLURgy/13184151?utm_source=newsletter&utm_medium=email&utm_content=ona&utm_campaign=promo_111122&ar_h=DxDfxfDq8x_fA9Z8_l_ZdfZeVD_lfADl
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 91.199.51.78 , Poland, ASN47544 (IQPL-AS, PL),
Reverse DNS: 91-199-51-78.rev.iq.pl
Software: /
Resource Hash: a372aa8b94c5c75ab4f653df879dc20e72455d29858d6dc1e517f58569f85d03

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://link.wearmedicine.com/v/ksG/0rizYeAqRDq_NTzypLURgy/13184151?utm_source=newsletter&utm_medium=email&utm_content=ona&utm_campaign=promo_111122&ar_h=DxDfxfDq8x_fA9Z8_l_ZdfZeVD_lfADl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 10:00:22 GMT
cache-control: no-cache
last-modified: Wed, 15 Jul 2020 10:46:33 GMT
accept-ranges: bytes
etag: "2ecce834955ad61:0"
content-length: 4886
content-type: image/jpeg

GET
H2

200

Redirect
r.ar-mtch1.com/
Redirect Chain

https://link.wearmedicine.com/o/ksG/0rizYeAqRDq_NTzypLURgy/FvZK/F/527dab71
https://r.ar-mtch1.com/Redirect?aid=z&wid=FL&md5=0c09c90a6c29e3562d25b958402d9e0d&sha256=27e0788f08dd2d9dd52ddfc4c26ee6b4dc8caf2e403d25367b65feadd9ea7d4e&type=o&esp=F

43 B
355 B

18ms
18ms

Image
image/gif

13.69.68.37
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.ar-mtch1.com/Redirect?aid=z&wid=FL&md5=0c09c90a6c29e3562d25b958402d9e0d&sha256=27e0788f08dd2d9dd52ddfc4c26ee6b4dc8caf2e403d25367b65feadd9ea7d4e&type=o&esp=F
Requested by: Host: link.wearmedicine.com
URL: https://link.wearmedicine.com/v/ksG/0rizYeAqRDq_NTzypLURgy/13184151?utm_source=newsletter&utm_medium=email&utm_content=ona&utm_campaign=promo_111122&ar_h=DxDfxfDq8x_fA9Z8_l_ZdfZeVD_lfADl
Protocol: H2
Server: 13.69.68.37 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://link.wearmedicine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 10:00:22 GMT
cache-control: no-cache, max-age=0
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
content-length: 43
content-type: image/gif

Redirect headers

location: https://r.ar-mtch1.com/Redirect?aid=z&wid=FL&md5=0c09c90a6c29e3562d25b958402d9e0d&sha256=27e0788f08dd2d9dd52ddfc4c26ee6b4dc8caf2e403d25367b65feadd9ea7d4e&type=o&esp=F
date: Mon, 14 Nov 2022 10:00:22 GMT
cache-control: private
content-length: 303
content-type: text/html; charset=utf-8

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			link.wearmedicine.com/	1969-12-31 23:59:59	Name: TEMP_DATA Value: a49eff49-2c01-449b-ac78-261d348a5b39
			link.wearmedicine.com/	1969-12-31 23:59:59	Name: esg1 Value: ksG/IgC/0rizYeAqRDq_NTzypLURgy/a/FvZK/F/0271b30d

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
link.wearmedicine.com
r.ar-mtch1.com
13.69.68.37
2a00:1450:4001:829::200a
91.199.51.78
0249e52a711e1e6f3155c9f932e18619666024bdc7ad253ba46a7e4583ada57c
07f45fc657b3428d6e547b24688431dac26806cebee3557d01ed1495af62315f
0a03deb8d58aed40e326e0e297baa9f4a367921f6519120f4ea4d6a220b1c12c
5965b961d0e492cee6247c13b0bc54ec1e26cffbc7f098d9b4796f79e9b6f998
5aa1bf0cb78dc3901c332e38574f94d3d8b508109cb2454f453315664c9bc0ea
7c4080e3fc0b1552a72f00bb6d2631704efec02dbaeeb69bf276d5b667c6204e
7d6397bc1e0163fbfe7ed73c19b63a00cb57c4cdae67be6d271e264ec1781ec2
9390ee47194b2005912bd3c195f0ddd8f89730153c4e934ceb7ff742955d96e0
a372aa8b94c5c75ab4f653df879dc20e72455d29858d6dc1e517f58569f85d03
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b669b3f34627c4113e632d2746e27c283124c46ed9351b1b10f2c3a0de0972e8
f3d726874c43aba4f5c64a45643ac4bfc7352f4db35d3ccd1d111b0a5510da2c
f98c0c4bc995aae4b6a984451c6d8a9d3023b24e9ae9c8c225a41e683e89d711

link.wearmedicine.com Open in urlscan Pro 91.199.51.78 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

13 Requests

92 %HTTPS

33 %IPv6

3 Domains

3 Subdomains

3 IPs

3 Countries

8242 kBTransfer

8286 kBSize

2 Cookies

0 Outgoing links

Page URL History

Redirected requests

13 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

2 Cookies

Indicators

link.wearmedicine.com Open in urlscan Pro
91.199.51.78 Public Scan

Screenshot
Live screenshot

Full Image

13
Requests

92 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

3
IPs

3
Countries

8242 kB
Transfer

8286 kB
Size

2
Cookies

13 HTTP transactions
0 data transactions