urlscan.io logo urlscan.io
SecurityTrails logo

www.dexknows.com Open in urlscan Pro
151.138.15.25  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.dexknows.com/denver-co/bp/amp/peak-physical-therapy-539469158-Fake-Malicious-Google-Search-Result-Blank
Submission: On January 25 via manual from JP — Scanned from JP
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 16 IPs in 6 countries across 15 domains to perform 43 HTTP transactions. The main IP is 151.138.15.25, located in United States and belongs to SUPER-AS1, US. The main domain is www.dexknows.com. The Cisco Umbrella rank of the primary domain is 332448.
TLS certificate: Issued by DigiCert SHA2 High Assurance Server CA on June 11th 2020. Valid for: 2 years.
This is the only time www.dexknows.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    151.138.15.25 (United States)

ASN6482 (SUPER-AS1, US)
www.dexknows.com
20    23.34.98.198 (Tokyo, Japan)

ASN16625 (AKAMAI-AS, US)
PTR: a23-34-98-198.deploy.static.akamaitechnologies.com
i2.ypcdn.com
i4.ypcdn.com
c.ypcdn.com
i1.ypcdn.com
i3.ypcdn.com
1    107.178.244.193 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 193.244.178.107.bc.googleusercontent.com
tapestry.tapad.com
3    3.113.223.255 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-113-223-255.ap-northeast-1.compute.amazonaws.com
dpm.demdex.net
2    2404:6800:4004:81f::200e (Australia)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2a03:2880:f00f:8:face:b00c:0:1 (Tokyo, Japan)

ASN32934 (FACEBOOK, US)
connect.facebook.net
3    18.65.166.108 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-65-166-108.nrt57.r.cloudfront.net
sb.scorecardresearch.com
1    52.196.177.45 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-196-177-45.ap-northeast-1.compute.amazonaws.com
yellowpagescomllc.demdex.net
2    54.178.162.114 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-178-162-114.ap-northeast-1.compute.amazonaws.com
metrics.yellowpages.com
1    13.228.211.6 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-228-211-6.ap-southeast-1.compute.amazonaws.com
cm.everesttech.net
2    2606:2800:248:2f:1d8a:787:dc7:17df (United States)

ASN15133 (EDGECAST, US)
platform.twitter.com
2    2404:6800:4004:825::200e (Australia)

ASN15169 (GOOGLE, US)
apis.google.com
1    2404:6800:4008:c07::9a (Taipei, Taiwan)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    2a03:2880:f15e:83:face:b00c:0:25de (Tsuen Wan, Hong Kong)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    104.244.42.200 (United States)

ASN13414 (TWITTER, US)
syndication.twitter.com
1    151.101.194.137 (United States)

ASN54113 (FASTLY, US)
js-agent.newrelic.com
2    162.247.243.146 (United States)

ASN13335 (CLOUDFLARENET, US)
bam-cell.nr-data.net
Apex Domain
Subdomains		 Transfer
20 ypcdn.com
i2.ypcdn.com — Cisco Umbrella Rank: 57842
i4.ypcdn.com — Cisco Umbrella Rank: 59976
c.ypcdn.com — Cisco Umbrella Rank: 57350
i1.ypcdn.com — Cisco Umbrella Rank: 57621
i3.ypcdn.com — Cisco Umbrella Rank: 56100
190 KB
4 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 205
yellowpagescomllc.demdex.net — Cisco Umbrella Rank: 73391
6 KB
3 twitter.com
platform.twitter.com — Cisco Umbrella Rank: 592
syndication.twitter.com — Cisco Umbrella Rank: 844
133 KB
3 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 138
2 KB
2 nr-data.net
bam-cell.nr-data.net — Cisco Umbrella Rank: 348
1 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 98
497 B
2 google.com
apis.google.com — Cisco Umbrella Rank: 140
71 KB
2 yellowpages.com
metrics.yellowpages.com — Cisco Umbrella Rank: 64636
732 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 146
114 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 42
20 KB
1 newrelic.com
js-agent.newrelic.com — Cisco Umbrella Rank: 367
13 KB
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 96
440 B
1 everesttech.net
cm.everesttech.net — Cisco Umbrella Rank: 992
517 B
1 tapad.com
tapestry.tapad.com — Cisco Umbrella Rank: 1115
413 B
1 dexknows.com
www.dexknows.com — Cisco Umbrella Rank: 332448
11 KB
43 15
Domain Requested by
6 i2.ypcdn.com www.dexknows.com
i2.ypcdn.com
5 i3.ypcdn.com www.dexknows.com
5 i1.ypcdn.com www.dexknows.com
3 sb.scorecardresearch.com 1 redirects www.dexknows.com
3 dpm.demdex.net 1 redirects www.dexknows.com
2 bam-cell.nr-data.net js-agent.newrelic.com
2 www.facebook.com www.dexknows.com
2 apis.google.com i1.ypcdn.com
apis.google.com
2 platform.twitter.com i1.ypcdn.com
platform.twitter.com
2 metrics.yellowpages.com i2.ypcdn.com
www.dexknows.com
2 connect.facebook.net www.dexknows.com
connect.facebook.net
2 www.google-analytics.com www.dexknows.com
2 c.ypcdn.com 1 redirects www.dexknows.com
2 i4.ypcdn.com www.dexknows.com
1 js-agent.newrelic.com www.dexknows.com
1 syndication.twitter.com platform.twitter.com
1 stats.g.doubleclick.net www.google-analytics.com
1 cm.everesttech.net 1 redirects
1 yellowpagescomllc.demdex.net i2.ypcdn.com
1 tapestry.tapad.com www.dexknows.com
1 www.dexknows.com
43 21

This site contains links to these domains. Also see Links.

Domain
corporate.thryv.com
Subject Issuer Validity Valid
*.dexknows.com
DigiCert SHA2 High Assurance Server CA		 2020-06-11 -
2022-06-16		 2 years crt.sh
i1.ypcdn.com
DigiCert EV RSA CA G2		 2020-07-09 -
2022-07-14		 2 years crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-11-03 -
2022-02-01		 3 months crt.sh
*.scorecardresearch.com
Amazon		 2021-02-28 -
2022-03-29		 a year crt.sh
*.demdex.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-19 -
2022-11-19		 a year crt.sh
metrics.yellowpages.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-12-10 -
2023-01-10		 a year crt.sh
*.twimg.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-20 -
2022-10-19		 a year crt.sh
*.apis.google.com
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
syndication.twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-24 -
2022-02-22		 a year crt.sh
*.google.com
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
js-agent.newrelic.com
GlobalSign Atlas R3 DV TLS CA H2 2021		 2021-10-06 -
2022-11-07		 a year crt.sh
*.nr-data.net
DigiCert SHA2 Secure Server CA		 2020-02-05 -
2022-02-08		 2 years crt.sh

This page contains 3 frames:

Primary Page: https://www.dexknows.com/denver-co/bp/amp/peak-physical-therapy-539469158-Fake-Malicious-Google-Search-Result-Blank
Frame ID: DF6878A9CD830876AC08A71EDCCBCE25
Requests: 40 HTTP requests in this frame

Frame: https://yellowpagescomllc.demdex.net/dest5.html?d_nsid=0
Frame ID: 90A9840BA686AFCD6CB8A648D964F6B4
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.8f764d5bd2778f88121d31d7d8d8e1e3.html?origin=https%3A%2F%2Fwww.dexknows.com
Frame ID: A2B55B903BD5CA9FF462185E7A5142DE
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

404 – Page Not Found

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • apis\.google\.com/js/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • //platform\.twitter\.com/widgets\.js
Overall confidence: 100%
Detected patterns
  • <iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery-ui[.-]([\d.]*\d)[^/]*\.js
  • jquery-ui.*\.js

Page Statistics

43
Requests

91 %
HTTPS

35 %
IPv6

15
Domains

21
Subdomains

16
IPs

6
Countries

561 kB
Transfer

1839 kB
Size

24
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 18
  • https://c.ypcdn.com/ta1/73a73a76-a79a-4a57-a777-b854bb681e8a HTTP 302
  • https://tapestry.tapad.com/tapestry/1?ta_partner_id=1064&ta_partner_did=73a73a76-a79a-4a57-a777-b854bb681e8a
Request Chain 19
  • https://dpm.demdex.net/id?d_visid_ver=3.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=A57E776A5245AEA80A490D44%40AdobeOrg&d_nsid=0&ts=1643099489787 HTTP 302
  • https://dpm.demdex.net/id/rd?d_visid_ver=3.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=A57E776A5245AEA80A490D44%40AdobeOrg&d_nsid=0&ts=1643099489787
Request Chain 26
  • https://cm.everesttech.net/cm/dd?d_uuid=11094833342086051114427415606186996815 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=Ye_1YgAAAFf4GwQw
Request Chain 31
  • https://sb.scorecardresearch.com/b?c1=2&c2=6035991&c3=&c4=&c5=&c6=&c15=&ns__t=1643099490235&ns_c=UTF-8&cv=3.5&c8=404%20%E2%80%93%20Page%20Not%20Found&c7=https%3A%2F%2Fwww.dexknows.com%2Fdenver-co%2Fbp%2Famp%2Fpeak-physical-therapy-539469158-Fake-Malicious-Google-Search-Result-Blank&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=6035991&c3=&c4=&c5=&c6=&c15=&ns__t=1643099490235&ns_c=UTF-8&cv=3.5&c8=404%20%E2%80%93%20Page%20Not%20Found&c7=https%3A%2F%2Fwww.dexknows.com%2Fdenver-co%2Fbp%2Famp%2Fpeak-physical-therapy-539469158-Fake-Malicious-Google-Search-Result-Blank&c9=

43 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request peak-physical-therapy-539469158-Fake-Malicious-Google-Search-Result-Blank
www.dexknows.com/denver-co/bp/amp/ 		26 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.dexknows.com/denver-co/bp/amp/peak-physical-therapy-539469158-Fake-Malicious-Google-Search-Result-Blank
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.138.15.25 , United States, ASN6482 (SUPER-AS1, US),
Reverse DNS
Software
nginx / Express
Resource Hash
9b464b3873e8d99ebeaf19d1b62266721cca553212ca5d7873480017762b4bd5

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
jp-JP,jp;q=0.9

Response headers

Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Server
nginx
Date
Tue, 25 Jan 2022 08:31:29 GMT
X-Powered-By
Express
P3P
CP="This site does not have a p3p policy."
Vary
User-Agent, Accept-Encoding
Content-Encoding
gzip
VisitorAPI.js
i2.ypcdn.com/dk/vendor/ 		44 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://i2.ypcdn.com/dk/vendor/VisitorAPI.js?bc1f892
Requested by
Host: www.dexknows.com
URL: https://www.dexknows.com/denver-co/bp/amp/peak-physical-therapy-539469158-Fake-Malicious-Google-Search-Result-Blank
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.34.98.198 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-34-98-198.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
969d8b578c740b88cb6f47881264a17d6946a276adcd8a009694afe5ea4fcc30

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://www.dexknows.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 08:31:29 GMT
content-encoding
br
last-modified
Fri, 21 Jan 2022 17:20:54 GMT
server
Akamai Resource Optimizer
access-control-allow-methods
GET, POST
p3p
CP="This site does not have a p3p policy."
cache-control
max-age=2592000
content-type
application/x-javascript
access-control-allow-headers
origin, x-requested-with, content-type, accept
content-length
13166
expires
Sun, 20 Feb 2022 17:20:54 GMT
common.min.css
i4.ypcdn.com/dk/css/ 		55 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://i4.ypcdn.com/dk/css/common.min.css?bc1f892
Requested by
Host: www.dexknows.com
URL: https://www.dexknows.com/denver-co/bp/amp/peak-physical-therapy-539469158-Fake-Malicious-Google-Search-Result-Blank
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.34.98.198 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-34-98-198.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
87fa6bdbad91f8c107995b53757524f417af98925bf04c8e7c3fcdb3cb4a859b

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://www.dexknows.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 08:31:29 GMT
content-encoding
br
last-modified
Fri, 21 Jan 2022 17:25:56 GMT
server
Akamai Resource Optimizer
access-control-allow-methods
GET, POST
p3p
CP="This site does not have a p3p policy."
cache-control
max-age=2592000
content-type
text/css
access-control-allow-headers
origin, x-requested-with, content-type, accept
content-length
9551
expires
Sun, 20 Feb 2022 17:20:50 GMT
error.min.css
i2.ypcdn.com/dk/css/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://i2.ypcdn.com/dk/css/error.min.css?bc1f892
Requested by
Host: www.dexknows.com
URL: https://www.dexknows.com/denver-co/bp/amp/peak-physical-therapy-539469158-Fake-Malicious-Google-Search-Result-Blank
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.34.98.198 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-34-98-198.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
10c4a00caf22893ed3474b3e66a044aca3e0a9d1117072c7787269889a9cbdca

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://www.dexknows.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 08:31:29 GMT
content-encoding
br
last-modified
Fri, 21 Jan 2022 17:40:19 GMT
server
Akamai Resource Optimizer
access-control-allow-methods
GET, POST
p3p
CP="This site does not have a p3p policy."
cache-control
max-age=2592000
content-type
text/css
access-control-allow-headers
origin, x-requested-with, content-type, accept
content-length
804
expires
Sun, 20 Feb 2022 17:39:01 GMT
webyp
c.ypcdn.com/2/p/ 		43 B
313 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.ypcdn.com/2/p/webyp?ptid=dkdesktop&rid=webyp-f816051d-1b9b-47ef-80af-9355a86361c4&vrid=73a73a76-a79a-4a57-a777-b854bb681e8a
Requested by
Host: www.dexknows.com
URL: https://www.dexknows.com/denver-co/bp/amp/peak-physical-therapy-539469158-Fake-Malicious-Google-Search-Result-Blank
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.34.98.198 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-34-98-198.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://www.dexknows.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

status
200 OK
date
Tue, 25 Jan 2022 08:31:31 GMT
cache-control
no-cache
last-modified
Thu, 01 Jan 1970 00:00:00 GMT
content-length
43
content-type
image/gif
logo.svg
i1.ypcdn.com/dk/images/svgs/ 		7 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.ypcdn.com/dk/images/svgs/logo.svg?bc1f892
Requested by
Host: www.dexknows.com
URL: https://www.dexknows.com/denver-co/bp/amp/peak-physical-therapy-539469158-Fake-Malicious-Google-Search-Result-Blank
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.34.98.198 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-34-98-198.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
5c5652744c1844a7c63c88a18a6fbd73d0fd4c57c6461f4f4a9724b337624ba5

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://www.dexknows.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 08:31:30 GMT
content-encoding
br
last-modified
Fri, 21 Jan 2022 17:29:53 GMT
server
Akamai Resource Optimizer
access-control-allow-methods
GET, POST
p3p
CP="This site does not have a p3p policy."
cache-control
max-age=2592000
content-type
image/svg+xml
access-control-allow-headers
origin, x-requested-with, content-type, accept
content-length
2528
expires
Sun, 20 Feb 2022 17:29:20 GMT
search-icon.svg
i2.ypcdn.com/dk/images/svgs/ 		486 B
561 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i2.ypcdn.com/dk/images/svgs/search-icon.svg?bc1f892
Requested by
Host: www.dexknows.com
URL: https://www.dexknows.com/denver-co/bp/amp/peak-physical-therapy-539469158-Fake-Malicious-Google-Search-Result-Blank
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.34.98.198 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-34-98-198.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
49af932b6b23c2916aa7b78931217787a8e8b2fc161a11153f649fa671d4583c

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://www.dexknows.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 08:31:30 GMT
content-encoding
br
last-modified
Fri, 21 Jan 2022 17:30:07 GMT
server
Akamai Resource Optimizer
access-control-allow-methods
GET, POST
p3p
CP="This site does not have a p3p policy."
cache-control
max-age=2592000
accept-ranges
bytes
content-type
image/svg+xml
access-control-allow-headers
origin, x-requested-with, content-type, accept
content-length
264
expires
Sun, 20 Feb 2022 17:29:34 GMT
icon-menu.svg
i3.ypcdn.com/dk/images/svgs/ 		203 B
441 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i3.ypcdn.com/dk/images/svgs/icon-menu.svg?bc1f892
Requested by
Host: www.dexknows.com
URL: https://www.dexknows.com/denver-co/bp/amp/peak-physical-therapy-539469158-Fake-Malicious-Google-Search-Result-Blank
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.34.98.198 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-34-98-198.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
868f641c992d560048ccc16c97cfb8a3ca62de7b591c0acf6dab9f92dc748ec4

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://www.dexknows.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 08:31:30 GMT
content-encoding
br
last-modified
Fri, 21 Jan 2022 17:38:26 GMT
server
Akamai Resource Optimizer
access-control-allow-methods
GET, POST
p3p
CP="This site does not have a p3p policy."
cache-control
max-age=2592000
accept-ranges
bytes
content-type
image/svg+xml
access-control-allow-headers
origin, x-requested-with, content-type, accept
content-length
144
expires
Sun, 20 Feb 2022 17:38:26 GMT
close.svg
i1.ypcdn.com/dk/images/svgs/ 		290 B
444 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.ypcdn.com/dk/images/svgs/close.svg?bc1f892
Requested by
Host: www.dexknows.com
URL: https://www.dexknows.com/denver-co/bp/amp/peak-physical-therapy-539469158-Fake-Malicious-Google-Search-Result-Blank
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.34.98.198 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-34-98-198.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
1694d5d3f0275cefe0a92913737a2c4b6ff9c8a2c7dc1b0f1839156dfb2044ab

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://www.dexknows.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 08:31:30 GMT
content-encoding
br
last-modified
Fri, 21 Jan 2022 17:31:08 GMT
server
Akamai Resource Optimizer
access-control-allow-methods
GET, POST
p3p
CP="This site does not have a p3p policy."
cache-control
max-age=2592000
accept-ranges
bytes
content-type
image/svg+xml
access-control-allow-headers
origin, x-requested-with, content-type, accept
content-length
147
expires
Sun, 20 Feb 2022 17:30:26 GMT
user.svg
i2.ypcdn.com/dk/images/svgs/ 		766 B
689 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i2.ypcdn.com/dk/images/svgs/user.svg?bc1f892
Requested by
Host: www.dexknows.com
URL: https://www.dexknows.com/denver-co/bp/amp/peak-physical-therapy-539469158-Fake-Malicious-Google-Search-Result-Blank
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.34.98.198 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-34-98-198.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
fd830867bc1abce59127b76463ea651cac5ec5ed3c3277e1cb6c7eee2a0c535e

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://www.dexknows.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 08:31:29 GMT
content-encoding
br
last-modified
Fri, 21 Jan 2022 17:19:51 GMT
server
Akamai Resource Optimizer
access-control-allow-methods
GET, POST
p3p
CP="This site does not have a p3p policy."
cache-control
max-age=2592000
content-type
image/svg+xml
access-control-allow-headers
origin, x-requested-with, content-type, accept
content-length
400
expires
Sun, 20 Feb 2022 17:19:50 GMT
edit.svg
i3.ypcdn.com/dk/images/svgs/ 		1 KB
913 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i3.ypcdn.com/dk/images/svgs/edit.svg?bc1f892
Requested by
Host: www.dexknows.com
URL: https://www.dexknows.com/denver-co/bp/amp/peak-physical-therapy-539469158-Fake-Malicious-Google-Search-Result-Blank
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.34.98.198 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-34-98-198.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
42a0a5f5a4aea04d53ddde78586125261c22ece1ebe9f5816bc289404f59b143

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://www.dexknows.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 08:31:30 GMT
content-encoding
br
last-modified
Fri, 21 Jan 2022 17:35:29 GMT
server
Akamai Resource Optimizer
access-control-allow-methods
GET, POST
p3p
CP="This site does not have a p3p policy."
cache-control
max-age=2592000
content-type
image/svg+xml
access-control-allow-headers
origin, x-requested-with, content-type, accept
content-length
623
expires
Sun, 20 Feb 2022 17:35:28 GMT
btn-cancel.svg
i4.ypcdn.com/dk/images/svgs/ 		310 B
490 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i4.ypcdn.com/dk/images/svgs/btn-cancel.svg?bc1f892
Requested by
Host: www.dexknows.com
URL: https://www.dexknows.com/denver-co/bp/amp/peak-physical-therapy-539469158-Fake-Malicious-Google-Search-Result-Blank
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.34.98.198 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-34-98-198.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
7ffb8326e23698a5ed7c4fd72c5daa21f2d49d9a446276d8ba8880acc1bf789e

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://www.dexknows.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 08:31:29 GMT
content-encoding
br
last-modified
Fri, 21 Jan 2022 18:14:58 GMT
server
Akamai Resource Optimizer
access-control-allow-methods
GET, POST
p3p
CP="This site does not have a p3p policy."
cache-control
max-age=2592000
accept-ranges
bytes
content-type
image/svg+xml
access-control-allow-headers
origin, x-requested-with, content-type, accept
content-length
193
expires
Sun, 20 Feb 2022 18:14:57 GMT
search-icon-light.svg
i1.ypcdn.com/dk/images/svgs/ 		2 KB
874 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.ypcdn.com/dk/images/svgs/search-icon-light.svg?bc1f892
Requested by
Host: www.dexknows.com
URL: https://www.dexknows.com/denver-co/bp/amp/peak-physical-therapy-539469158-Fake-Malicious-Google-Search-Result-Blank
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.34.98.198 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-34-98-198.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
68e8c7ceeeaf8a7d6030c13ca6f00a8238d21b37412236cb6fa54c33bb27a767

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://www.dexknows.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 08:31:30 GMT
content-encoding
br
last-modified
Fri, 21 Jan 2022 17:42:51 GMT
server
Akamai Resource Optimizer
access-control-allow-methods
GET, POST
p3p
CP="This site does not have a p3p policy."
cache-control
max-age=2592000
content-type
image/svg+xml
access-control-allow-headers
origin, x-requested-with, content-type, accept
content-length
584
expires
Sun, 20 Feb 2022 17:39:43 GMT
index.bundle.js
i3.ypcdn.com/dk/vendor/ 		266 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://i3.ypcdn.com/dk/vendor/index.bundle.js?bc1f892
Requested by
Host: www.dexknows.com
URL: https://www.dexknows.com/denver-co/bp/amp/peak-physical-therapy-539469158-Fake-Malicious-Google-Search-Result-Blank
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.34.98.198 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-34-98-198.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
8a56dc92a54fd18a196d60fa1ab4883a0ecf3ce1a599fe8389e18d10e0352e2d

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://www.dexknows.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 08:31:30 GMT
content-encoding
br
last-modified
Fri, 21 Jan 2022 18:06:16 GMT
server
Akamai Resource Optimizer
access-control-allow-methods
GET, POST
p3p
CP="This site does not have a p3p policy."
cache-control
max-age=2592000
content-type
application/x-javascript
access-control-allow-headers
origin, x-requested-with, content-type, accept
content-length
80384
expires
Sun, 20 Feb 2022 18:06:15 GMT
jquery-ui-1.10.3.custom.min.js
i3.ypcdn.com/dk/vendor/ 		223 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://i3.ypcdn.com/dk/vendor/jquery-ui-1.10.3.custom.min.js?bc1f892
Requested by
Host: www.dexknows.com
URL: https://www.dexknows.com/denver-co/bp/amp/peak-physical-therapy-539469158-Fake-Malicious-Google-Search-Result-Blank
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.34.98.198 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-34-98-198.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
29429c5d8dfc89242e88e2a532b1426e98f2d8cfab5851868ac6a46c6bbd77b8

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://www.dexknows.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 08:31:30 GMT
content-encoding
br
last-modified
Fri, 21 Jan 2022 17:45:51 GMT
server
Akamai Resource Optimizer
access-control-allow-methods
GET, POST
p3p
CP="This site does not have a p3p policy."
cache-control
max-age=2592000
content-type
application/x-javascript
access-control-allow-headers
origin, x-requested-with, content-type, accept
content-length
51495
expires
Sun, 20 Feb 2022 17:25:09 GMT
yp.js
i1.ypcdn.com/dk/js/ 		121 B
397 B 		Script
General
Check archive.org
Download Go to
Full URL
https://i1.ypcdn.com/dk/js/yp.js?bc1f892
Requested by
Host: www.dexknows.com
URL: https://www.dexknows.com/denver-co/bp/amp/peak-physical-therapy-539469158-Fake-Malicious-Google-Search-Result-Blank
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.34.98.198 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-34-98-198.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
b5a50ba3a123b362d78654ebab27ca01b8fc65dd44cb0f9caf413d762be5d444

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://www.dexknows.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 08:31:30 GMT
content-encoding
br
last-modified
Fri, 21 Jan 2022 17:35:24 GMT
server
Akamai Resource Optimizer
access-control-allow-methods
GET, POST
p3p
CP="This site does not have a p3p policy."
cache-control
max-age=2592000
accept-ranges
bytes
content-type
application/x-javascript
access-control-allow-headers
origin, x-requested-with, content-type, accept
content-length
95
expires
Sun, 20 Feb 2022 17:34:01 GMT
view.js
i2.ypcdn.com/dk/js/views/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://i2.ypcdn.com/dk/js/views/view.js?bc1f892
Requested by
Host: www.dexknows.com
URL: https://www.dexknows.com/denver-co/bp/amp/peak-physical-therapy-539469158-Fake-Malicious-Google-Search-Result-Blank
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.34.98.198 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-34-98-198.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
8ec72ec876923ad778bdfc90ed2f1c99b4cb1d3c6f945ab35b80335f7db26030

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://www.dexknows.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 08:31:29 GMT
content-encoding
br
last-modified
Fri, 21 Jan 2022 17:26:16 GMT
server
Akamai Resource Optimizer
access-control-allow-methods
GET, POST
p3p
CP="This site does not have a p3p policy."
cache-control
max-age=2592000
content-type
application/x-javascript
access-control-allow-headers
origin, x-requested-with, content-type, accept
content-length
887
expires
Sun, 20 Feb 2022 17:21:22 GMT
desktop.js
i1.ypcdn.com/dk/js/compiled/ 		88 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://i1.ypcdn.com/dk/js/compiled/desktop.js?bc1f892
Requested by
Host: www.dexknows.com
URL: https://www.dexknows.com/denver-co/bp/amp/peak-physical-therapy-539469158-Fake-Malicious-Google-Search-Result-Blank
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.34.98.198 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-34-98-198.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
a78af0ada2e4b98043f288b69b03372c1673e6429b227b977ca6ce13b86fa167

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://www.dexknows.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 08:31:30 GMT
content-encoding
br
last-modified
Fri, 21 Jan 2022 17:20:42 GMT
server
Akamai Resource Optimizer
access-control-allow-methods
GET, POST
p3p
CP="This site does not have a p3p policy."
cache-control
max-age=2592000
content-type
application/x-javascript
access-control-allow-headers
origin, x-requested-with, content-type, accept
content-length
24962
expires
Sun, 20 Feb 2022 17:20:41 GMT
errors.js
i3.ypcdn.com/dk/js/compiled/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://i3.ypcdn.com/dk/js/compiled/errors.js?bc1f892
Requested by
Host: www.dexknows.com
URL: https://www.dexknows.com/denver-co/bp/amp/peak-physical-therapy-539469158-Fake-Malicious-Google-Search-Result-Blank
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.34.98.198 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-34-98-198.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
0f7f6eee5303dcb04983b11e551078b926956bbe1491ace35e529adace3b71f1

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://www.dexknows.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 08:31:30 GMT
content-encoding
br
last-modified
Fri, 21 Jan 2022 17:22:31 GMT
server
Akamai Resource Optimizer
access-control-allow-methods
GET, POST
p3p
CP="This site does not have a p3p policy."
cache-control
max-age=2592000
content-type
application/x-javascript
access-control-allow-headers
origin, x-requested-with, content-type, accept
content-length
1890
expires
Sun, 20 Feb 2022 17:20:13 GMT
1
tapestry.tapad.com/tapestry/
Redirect Chain
  • https://c.ypcdn.com/ta1/73a73a76-a79a-4a57-a777-b854bb681e8a
  • https://tapestry.tapad.com/tapestry/1?ta_partner_id=1064&ta_partner_did=73a73a76-a79a-4a57-a777-b854bb681e8a
2 B
413 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tapestry.tapad.com/tapestry/1?ta_partner_id=1064&ta_partner_did=73a73a76-a79a-4a57-a777-b854bb681e8a
Requested by
Host: www.dexknows.com
URL: https://www.dexknows.com/denver-co/bp/amp/peak-physical-therapy-539469158-Fake-Malicious-Google-Search-Result-Blank
Protocol
H2
Server
107.178.244.193 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
193.244.178.107.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://www.dexknows.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 08:31:31 GMT
via
1.1 google
content-type
application/json;charset=utf-8
alt-svc
clear
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

Redirect headers

status
302 Found
date
Tue, 25 Jan 2022 08:31:31 GMT
content-length
0
location
https://tapestry.tapad.com/tapestry/1?ta_partner_id=1064&ta_partner_did=73a73a76-a79a-4a57-a777-b854bb681e8a
content-type
text/html
rd
dpm.demdex.net/id/
Redirect Chain
  • https://dpm.demdex.net/id?d_visid_ver=3.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=A57E776A5245AEA80A490D44%40AdobeOrg&d_nsid=0&ts=1643099489787
  • https://dpm.demdex.net/id/rd?d_visid_ver=3.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=A57E776A5245AEA80A490D44%40AdobeOrg&d_nsid=0&ts=1643099489787
377 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id/rd?d_visid_ver=3.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=A57E776A5245AEA80A490D44%40AdobeOrg&d_nsid=0&ts=1643099489787
Requested by
Host: www.dexknows.com
URL: https://www.dexknows.com/denver-co/bp/amp/peak-physical-therapy-539469158-Fake-Malicious-Google-Search-Result-Blank
Protocol
HTTP/1.1
Server
3.113.223.255 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-113-223-255.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
42c0abf958a4e8a95c5bf31e050bad6affe8bd2d9d5c25f849b328e15af613a7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://www.dexknows.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

DCS
dcs-prod-tyo3-2-v025-08073c489.edge-tyo3.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-TID
EUXmQ06JTCQ=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://www.dexknows.com
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json;charset=utf-8
Content-Length
317
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-tyo3-1-v025-0c7d22aa8.edge-tyo3.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
Access-Control-Allow-Origin
https://www.dexknows.com
X-TID
TpYXCigETRM=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/id/rd?d_visid_ver=3.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=A57E776A5245AEA80A490D44%40AdobeOrg&d_nsid=0&ts=1643099489787
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.dexknows.com
URL: https://www.dexknows.com/denver-co/bp/amp/peak-physical-therapy-539469158-Fake-Malicious-Google-Search-Result-Blank
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:81f::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://www.dexknows.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
2244
date
Tue, 25 Jan 2022 07:54:06 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Tue, 25 Jan 2022 09:54:06 GMT
fbevents.js
connect.facebook.net/en_US/ 		99 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.dexknows.com
URL: https://www.dexknows.com/denver-co/bp/amp/peak-physical-therapy-539469158-Fake-Malicious-Google-Search-Result-Blank
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
c55508ea7ce1ad08364772fbfadb835d2b1d1b9238d345c45eee1943ada4ff6f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://www.dexknows.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
26237
x-xss-protection
0
pragma
private
x-fb-debug
YZvICKjxACoxZumIpsJYam6jnZcuNdLo4GL4I/3XqCH9Ujce+mgn3ejKjkdujC9LSrmi4A2Cwfkw6YC1+R8klA==
x-fb-trip-id
382461245
x-frame-options
DENY
date
Tue, 25 Jan 2022 08:31:30 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
private
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
beacon.js
sb.scorecardresearch.com/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: www.dexknows.com
URL: https://www.dexknows.com/denver-co/bp/amp/peak-physical-therapy-539469158-Fake-Malicious-Google-Search-Result-Blank
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.166.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-166-108.nrt57.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://www.dexknows.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 10:41:46 GMT
content-encoding
gzip
etag
W/"1827f116c73f319409b97f10b8a58ade"
last-modified
Fri, 26 Feb 2021 14:35:05 GMT
server
AmazonS3
age
78585
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 7106e6a5fc5cbd5146f77eb1884fef3a.cloudfront.net (CloudFront)
x-amz-cf-pop
NRT57-P1
x-amz-cf-id
dqVMe2TB9NJXKJWQT5EOt7bO4IfqY33sIX7qehc-nyoNzpHEWSf3uw==
error-sprite.png
i2.ypcdn.com/dk/images/icons/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i2.ypcdn.com/dk/images/icons/error-sprite.png?v=bc1f892
Requested by
Host: i2.ypcdn.com
URL: https://i2.ypcdn.com/dk/css/error.min.css?bc1f892
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.34.98.198 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-34-98-198.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://i2.ypcdn.com/dk/css/error.min.css?bc1f892
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
dest5.html
yellowpagescomllc.demdex.net/ Frame 90A9 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://yellowpagescomllc.demdex.net/dest5.html?d_nsid=0
Requested by
Host: i2.ypcdn.com
URL: https://i2.ypcdn.com/dk/vendor/VisitorAPI.js?bc1f892
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.196.177.45 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-196-177-45.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
jp-JP,jp;q=0.9
Referer
https://www.dexknows.com/

Response headers

Accept-Ranges
bytes
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding
gzip
Content-Type
text/html;charset=UTF-8
date
Tue, 25 Jan 2022 08:31:30 GMT
DCS
dcs-prod-tyo3-2-v025-018260a6e.edge-tyo3.demdex.com UNKNOWN
Expires
Thu, 01 Jan 1970 00:00:00 UTC
last-modified
Thu, 20 Jan 2022 09:26:12 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
vary
accept-encoding
X-TID
QufZzQOBSIw=
Content-Length
2791
Connection
keep-alive
id
metrics.yellowpages.com/ 		48 B
511 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://metrics.yellowpages.com/id?d_visid_ver=3.3.0&d_fieldgroup=A&mcorgid=A57E776A5245AEA80A490D44%40AdobeOrg&mid=04053255302018543224014109504116862602&ts=1643099489952
Requested by
Host: i2.ypcdn.com
URL: https://i2.ypcdn.com/dk/vendor/VisitorAPI.js?bc1f892
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.178.162.114 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-178-162-114.ap-northeast-1.compute.amazonaws.com
Software
jag /
Resource Hash
f821944d48e5e057630b8745330e6ad9a36151aa1fe035cd1c6332497018e89a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.dexknows.com/
Accept-Language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Tue, 25 Jan 2022 08:31:30 GMT
x-content-type-options
nosniff
server
jag
xserver
anedge-55ffccf6c-sj8nm
vary
Origin
x-c
main-1585.I7afc85.M0-540
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://www.dexknows.com
cache-control
no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/x-javascript;charset=utf-8
content-length
48
x-xss-protection
1; mode=block
ibs:dpid=411&dpuuid=Ye_1YgAAAFf4GwQw
dpm.demdex.net/
Redirect Chain
  • https://cm.everesttech.net/cm/dd?d_uuid=11094833342086051114427415606186996815
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=Ye_1YgAAAFf4GwQw
42 B
945 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Ye_1YgAAAFf4GwQw
Requested by
Host: www.dexknows.com
URL: https://www.dexknows.com/denver-co/bp/amp/peak-physical-therapy-539469158-Fake-Malicious-Google-Search-Result-Blank
Protocol
HTTP/1.1
Server
3.113.223.255 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-113-223-255.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://www.dexknows.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

DCS
dcs-prod-tyo3-2-v025-01e3f2f35.edge-tyo3.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
wWLBPpc3TIY=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Ye_1YgAAAFf4GwQw
Date
Tue, 25 Jan 2022 08:31:30 GMT
Cache-Control
no-cache
Server
AMO-cookiemap/1.1
Connection
keep-alive
Content-Length
0
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
886701991493531
connect.facebook.net/signals/config/ 		306 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/886701991493531?v=2.9.51&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
7664f508b0b60fe3c6ec06036524d3c81de5d9c23a08d64dd47c80ab6d0c66be
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://www.dexknows.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
89321
x-xss-protection
0
pragma
public
x-fb-debug
Rrw4wmWwH36VgEF+1XEFnBwMzyJ/HXhT3tnpOMHOucuUf/sjL+OTg2DtKdHi7WUOjoJSH6sAZdG41dWIo/aOUg==
x-fb-trip-id
382461245
x-frame-options
DENY
date
Tue, 25 Jan 2022 08:31:30 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
widgets.js
platform.twitter.com/ 		96 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: i1.ypcdn.com
URL: https://i1.ypcdn.com/dk/js/compiled/desktop.js?bc1f892
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:248:2f:1d8a:787:dc7:17df , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (itm/75AC) /
Resource Hash
aec1273daa6df2443053427acbd188f229d60ed9d83ef9bccba3f8a8f21fc3dc

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://www.dexknows.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Tue, 25 Jan 2022 08:31:30 GMT
Content-Encoding
gzip
Age
909
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
"x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
Content-Length
29180
x-tw-cdn
VZ
Last-Modified
Wed, 19 Jan 2022 19:22:23 GMT
Server
ECS (itm/75AC)
Etag
"e92bd51c447ba1dbd509a1e23d3a8521+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=1800
plusone.js
apis.google.com/js/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/plusone.js
Requested by
Host: i1.ypcdn.com
URL: https://i1.ypcdn.com/dk/js/compiled/desktop.js?bc1f892
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:825::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1c0ba20dd6ab974307ca4fb34d7d48a7537bce6eb56c562c1e69264745221540
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-649Tes/YEFT/5BJzkAuPCQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://www.dexknows.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 08:31:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
x-ua-compatible
IE=edge, chrome=1
server
ESF
cross-origin-opener-policy
same-origin
etag
"c9f5a685272db812846def3c0d393045"
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
content-security-policy
script-src 'report-sample' 'nonce-649Tes/YEFT/5BJzkAuPCQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin
*
expires
Tue, 25 Jan 2022 08:31:30 GMT
s83208640513695
metrics.yellowpages.com/b/ss/yellowpagesglobal/1/JS-2.10.0/ 		43 B
221 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://metrics.yellowpages.com/b/ss/yellowpagesglobal/1/JS-2.10.0/s83208640513695?AQB=1&ndh=1&pf=1&t=25%2F0%2F2022%208%3A31%3A30%202%200&mid=04053255302018543224014109504116862602&aamlh=11&ce=UTF-8&ns=yellowpages&pageName=error_page_404&g=https%3A%2F%2Fwww.dexknows.com%2Fdenver-co%2Fbp%2Famp%2Fpeak-physical-therapy-539469158-Fake-Malicious-Google-Search-Result-Blank&c.&ecid.&pageDomain=www.dexknows.com&vapiVersion=3.3.0&aamVersion=not%20set&atVersion=not%20set&icsmcvid=server%20side%20mid&mcidcto=successful%20response&aidcto=successful%20response&mcorgid=D%3Dmcorgid&.ecid&.c&cc=USD&ch=dk&aamb=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&c4=www.dexknows.com&v4=error_page_404&v5=New&v10=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F97.0.4692.71%20Safari%2F537.36&c12=https%3A%2F%2Fwww.dexknows.com%2Fdenver-co%2Fbp%2Famp%2Fpeak-physical-therapy-539469158-Fake-Malicious-Google-Search-Result-Blank&v13=no&c17=desktop&c19=1&c26=73a73a76-a79a-4a57-a777-b854bb681e8a&v28=true&v29=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F97.0.4692.71%20Safari%2F537.36&v42=73a73a76-a79a-4a57-a777-b854bb681e8a&v44=not%20registered&v45=Web&v49=Los%20Angeles%2C%20CA&c55=Los%20Angeles%2C%20CA&v59=desktop%20web%20browser%20device%20type&c60=ypu%3Aypu%3Adefault&v60=ypu%3Aypu%3Adefault&c69=ypu%3Aypu%3Adefault&c70=January&v70=January&c71=5&v71=5&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=A57E776A5245AEA80A490D44%40AdobeOrg&AQE=1
Requested by
Host: www.dexknows.com
URL: https://www.dexknows.com/denver-co/bp/amp/peak-physical-therapy-539469158-Fake-Malicious-Google-Search-Result-Blank
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.178.162.114 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-178-162-114.ap-northeast-1.compute.amazonaws.com
Software
jag /
Resource Hash
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://www.dexknows.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 08:31:30 GMT
x-content-type-options
nosniff
x-c
main-1585.I7afc85.M0-540
p3p
CP="This is not a P3P policy"
vary
*
content-length
43
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Wed, 26 Jan 2022 08:31:30 GMT
server
jag
xserver
anedge-55ffccf6c-fmw9b
etag
3528529287655030784-4619834923907907322
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store, max-age=0, no-transform, private
expires
Mon, 24 Jan 2022 08:31:30 GMT
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=6035991&c3=&c4=&c5=&c6=&c15=&ns__t=1643099490235&ns_c=UTF-8&cv=3.5&c8=404%20%E2%80%93%20Page%20Not%20Found&c7=https%3A%2F%2Fwww.dexknows.com%2Fdenver-co%2...
  • https://sb.scorecardresearch.com/b2?c1=2&c2=6035991&c3=&c4=&c5=&c6=&c15=&ns__t=1643099490235&ns_c=UTF-8&cv=3.5&c8=404%20%E2%80%93%20Page%20Not%20Found&c7=https%3A%2F%2Fwww.dexknows.com%2Fdenver-co%...
0
224 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=6035991&c3=&c4=&c5=&c6=&c15=&ns__t=1643099490235&ns_c=UTF-8&cv=3.5&c8=404%20%E2%80%93%20Page%20Not%20Found&c7=https%3A%2F%2Fwww.dexknows.com%2Fdenver-co%2Fbp%2Famp%2Fpeak-physical-therapy-539469158-Fake-Malicious-Google-Search-Result-Blank&c9=
Requested by
Host: www.dexknows.com
URL: https://www.dexknows.com/denver-co/bp/amp/peak-physical-therapy-539469158-Fake-Malicious-Google-Search-Result-Blank
Protocol
H2
Server
18.65.166.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-166-108.nrt57.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://www.dexknows.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 08:31:30 GMT
via
1.1 7106e6a5fc5cbd5146f77eb1884fef3a.cloudfront.net (CloudFront)
x-amz-cf-pop
NRT57-P1
etag
W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
x-amz-cf-id
OJhM74ycyplzyW-zZL0uk05Al73SmFHk12XIAnrW0NwySIWggSvw7g==
x-cache
Miss from cloudfront

Redirect headers

date
Tue, 25 Jan 2022 08:31:30 GMT
via
1.1 7106e6a5fc5cbd5146f77eb1884fef3a.cloudfront.net (CloudFront)
x-amz-cf-pop
NRT57-P1
vary
Accept
x-cache
Miss from cloudfront
content-type
text/plain; charset=utf-8
location
https://sb.scorecardresearch.com/b2?c1=2&c2=6035991&c3=&c4=&c5=&c6=&c15=&ns__t=1643099490235&ns_c=UTF-8&cv=3.5&c8=404%20%E2%80%93%20Page%20Not%20Found&c7=https%3A%2F%2Fwww.dexknows.com%2Fdenver-co%2Fbp%2Famp%2Fpeak-physical-therapy-539469158-Fake-Malicious-Google-Search-Result-Blank&c9=
content-length
309
x-amz-cf-id
DYGU7NFqRQTlbx52QyOCmugcT-CzsiZyGVAcRGkeQac3a5gsnf_aBg==
collect
stats.g.doubleclick.net/j/ 		1 B
440 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-27682698-1&cid=870984350.1643099490&jid=1171663638&gjid=595207612&_gid=2113938215.1643099490&_u=IGBAgEABAAAAAE~&z=866184106
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4008:c07::9a Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.dexknows.com/
Accept-Language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Tue, 25 Jan 2022 08:31:30 GMT
content-type
text/plain
access-control-allow-origin
https://www.dexknows.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=954587370&t=pageview&_s=1&dl=https%3A%2F%2Fwww.dexknows.com%2Fdenver-co%2Fbp%2Famp%2Fpeak-physical-therapy-539469158-Fake-Malicious-Google-Search-Result-Blank&ul=en-us&de=UTF-8&dt=404%20%E2%80%93%20Page%20Not%20Found&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IGBAgEAB~&jid=1171663638&gjid=595207612&cid=870984350.1643099490&tid=UA-27682698-1&_gid=2113938215.1643099490&z=192067941
Requested by
Host: www.dexknows.com
URL: https://www.dexknows.com/denver-co/bp/amp/peak-physical-therapy-539469158-Fake-Malicious-Google-Search-Result-Blank
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:81f::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://www.dexknows.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Jan 2022 22:37:04 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
35666
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
406 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=886701991493531&ev=PageView&dl=https%3A%2F%2Fwww.dexknows.com%2Fdenver-co%2Fbp%2Famp%2Fpeak-physical-therapy-539469158-Fake-Malicious-Google-Search-Result-Blank&rl=&if=false&ts=1643099490266&sw=1600&sh=1200&v=2.9.51&r=stable&ec=0&o=30&fbp=fb.1.1643099490264.695449316&it=1643099490211&coo=false&exp=p0&rqm=GET
Requested by
Host: www.dexknows.com
URL: https://www.dexknows.com/denver-co/bp/amp/peak-physical-therapy-539469158-Fake-Malicious-Google-Search-Result-Blank
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f15e:83:face:b00c:0:25de Tsuen Wan, Hong Kong, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://www.dexknows.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 08:31:30 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length
44
expires
Tue, 25 Jan 2022 08:31:30 GMT
widget_iframe.8f764d5bd2778f88121d31d7d8d8e1e3.html
platform.twitter.com/widgets/ Frame A2B5 		319 KB
104 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/widget_iframe.8f764d5bd2778f88121d31d7d8d8e1e3.html?origin=https%3A%2F%2Fwww.dexknows.com
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:248:2f:1d8a:787:dc7:17df , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (itm/7545) /
Resource Hash
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
jp-JP,jp;q=0.9
Referer
https://www.dexknows.com/

Response headers

Content-Encoding
gzip
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
380584
Cache-Control
public, max-age=315360000
Content-Type
text/html; charset=utf-8
Date
Tue, 25 Jan 2022 08:31:30 GMT
Etag
"8321d7cf58d70200c1423dfa0bca40f6+gzip"
Last-Modified
Wed, 19 Jan 2022 19:04:27 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (itm/7545)
Server-Timing
"x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=2
Vary
Accept-Encoding
X-Cache
HIT
x-tw-cdn
VZ
Content-Length
105433
settings
syndication.twitter.com/ Frame A2B5 		233 B
449 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://syndication.twitter.com/settings?session_id=c6fdbbbb0246a9f5069dc60423ba854dbf357db8
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.8f764d5bd2778f88121d31d7d8d8e1e3.html?origin=https%3A%2F%2Fwww.dexknows.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.200 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_m /
Resource Hash
2816082c025f64540b613fde3096d814ae21ac75279461ec1d6bcb5c07099fdd
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-response-time
95
date
Tue, 25 Jan 2022 08:31:30 GMT
content-encoding
gzip
last-modified
Tue, 25 Jan 2022 08:31:30 GMT
server
tsa_m
vary
Origin
strict-transport-security
max-age=631138519
content-type
application/json; charset=utf-8
access-control-allow-origin
https://platform.twitter.com
cache-control
must-revalidate, max-age=600
access-control-allow-credentials
true
x-connection-hash
4635f781f8cd55847dbe4e45a22fa41ef21f2b73ba24d06d21368cf8017bde7a
content-length
167
cb=gapi.loaded_0
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.qv6viowpwpE.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCOaUfPxgj7Tq1y4CPKAnKfHQ9ZJNQ/ 		148 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.qv6viowpwpE.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCOaUfPxgj7Tq1y4CPKAnKfHQ9ZJNQ/cb=gapi.loaded_0
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/plusone.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:825::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a2b8c98adb1d2f405aa95c776222f4eacb326f0622b1aaaa2dfbdebb70d11eef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://www.dexknows.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 08:16:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
519282
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51833
x-xss-protection
0
last-modified
Wed, 01 Dec 2021 04:25:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding, Origin
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Thu, 19 Jan 2023 08:16:48 GMT
nr-1214.min.js
js-agent.newrelic.com/ 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/nr-1214.min.js
Requested by
Host: www.dexknows.com
URL: https://www.dexknows.com/denver-co/bp/amp/peak-physical-therapy-539469158-Fake-Malicious-Google-Search-Result-Blank
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0488245474d8936c20a8c05f06e2640e0242f5d44aa9dbbd025d859ca1713641

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://www.dexknows.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
9SGCo4Tu7CQ6f76Rop9iQ50y_vaEgb87
content-encoding
gzip
etag
"8f16e3e6b3dfe5feb6c019492aedcc2d"
x-amz-request-id
K2PPM6CQ6FFFZ40J
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
13145
x-amz-id-2
asQovjpKW6+WKm7S5O3w0+NacxI5om1nDZxd25KGXdnuQUBxNDNBwAI7e6KQULiNy+My0U9Sll0=
x-served-by
cache-nrt18338-NRT
last-modified
Tue, 04 Jan 2022 23:13:18 GMT
server
AmazonS3
x-timer
S1643099491.315575,VS0,VE0
date
Tue, 25 Jan 2022 08:31:31 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
1495
a7bc01046c
bam-cell.nr-data.net/1/ 		49 B
632 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bam-cell.nr-data.net/1/a7bc01046c?a=904796295,904796296&v=1214.62a3223&to=MgRSZBMFXkMHVhZdWgtOdUgRFlVDFV8RG3IgNR8fSw%3D%3D&rst=3053&ck=0&ref=https://www.dexknows.com/denver-co/bp/amp/peak-physical-therapy-539469158-Fake-Malicious-Google-Search-Result-Blank&ap=9.50488&be=1122&fe=3012&dc=1933&tt=c6497726bbd018&perf=%7B%22timing%22:%7B%22of%22:1643099488285,%22n%22:0,%22f%22:0,%22dn%22:1,%22dne%22:626,%22c%22:626,%22s%22:774,%22ce%22:931,%22rq%22:931,%22rp%22:1094,%22rpe%22:1097,%22dl%22:1103,%22di%22:1933,%22ds%22:1933,%22de%22:1950,%22dc%22:3012,%22l%22:3012,%22le%22:3019%7D,%22navigation%22:%7B%7D%7D&fp=1670&fcp=1670&jsonp=NREUM.setToken
Requested by
Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1214.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.243.146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://www.dexknows.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Tue, 25 Jan 2022 08:31:32 GMT
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
Server
cloudflare
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Transfer-Encoding
chunked
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
access-control-allow-credentials
true
CF-Ray
6d30254d0ed01eb3-NRT
/
www.facebook.com/tr/ 		44 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=886701991493531&ev=Microdata&dl=https%3A%2F%2Fwww.dexknows.com%2Fdenver-co%2Fbp%2Famp%2Fpeak-physical-therapy-539469158-Fake-Malicious-Google-Search-Result-Blank&rl=&if=false&ts=1643099491774&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22404%20%E2%80%93%20Page%20Not%20Found%22%2C%22meta%3Adescription%22%3A%22Find%20local%20business%20listings%2C%20driving%20directions%2C%20maps%2C%20people%20and%20local%20information%20at%20DexKnows.com.%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.51&r=stable&ec=1&o=30&fbp=fb.1.1643099490264.695449316&it=1643099490211&coo=false&es=automatic&tm=3&exp=p0&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f15e:83:face:b00c:0:25de Tsuen Wan, Hong Kong, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
jp-JP,jp;q=0.9
Referer
https://www.dexknows.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 08:31:31 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority
u=3,i
expires
Tue, 25 Jan 2022 08:31:31 GMT
a7bc01046c
bam-cell.nr-data.net/ins/1/ 		0
443 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bam-cell.nr-data.net/ins/1/a7bc01046c?a=904796295,904796296&v=1214.62a3223&to=MgRSZBMFXkMHVhZdWgtOdUgRFlVDFV8RG3IgNR8fSw%3D%3D&rst=3981&ck=0&ref=https://www.dexknows.com/denver-co/bp/amp/peak-physical-therapy-539469158-Fake-Malicious-Google-Search-Result-Blank
Requested by
Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1214.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.243.146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.dexknows.com/
Accept-Language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
content-type
text/plain

Response headers

Date
Tue, 25 Jan 2022 08:31:33 GMT
CF-Cache-Status
DYNAMIC
Server
cloudflare
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
Access-Control-Allow-Origin
https://www.dexknows.com
access-control-allow-credentials
true
Connection
keep-alive
CF-Ray
6d302552ae2e1eb3-NRT

Verdicts & Comments Add Verdict or Comment

68 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| NREUM object| newrelic function| __nr_require object| CurrentUser boolean| UserLoggedIn string| source object| Tracking object| YPFB object| YPGoogle object| YPU function| e object| visitor function| Visitor object| s_c_il number| s_c_in object| ValidationJSON undefined| optOut string| GoogleAnalyticsObject function| ga function| fbq function| _fbq object| _comscore function| s_doPlugins function| AppMeasurement_Module_ActivityMap function| AppMeasurement function| s_gi function| s_pgicq string| s_account object| s function| $ function| jQuery function| _ object| Backbone boolean| websiteBot number| s_objectID number| s_giq function| AjaxUpload function| Ractive object| YP object| Analytics object| jQuery19003115928550302476 object| s_i_yellowpagesglobal function| udm_ object| ns_p object| COMSCORE object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| __twttrll object| twttr object| __twttr object| gapi object| ___jsl object| osapi object| gadgets object| iframer object| __gapi_jstiming__ object| shindig function| ToolbarApi object| iframes function| IframeBase function| Iframe function| IframeProxy function| IframeWindow

24 Cookies

Domain/Path Name / Value
.dexknows.com/ Name: vrid
Value: 73a73a76-a79a-4a57-a777-b854bb681e8a
.dexknows.com/ Name: bucket
Value: ypu%3Aypu%3Adefault
.dexknows.com/ Name: bucketsrc
Value: default
www.dexknows.com/ Name: express:sess
Value: eyJka3MiOiI4YjEwNDdiNS1hZTUzLTQ2YzMtOWI0Ny00YmRmZjVjODQwZmUifQ==
www.dexknows.com/ Name: express:sess.sig
Value: 1xUldMsCMjr_tNKC6CHMC3k7CwE
.demdex.net/ Name: demdex
Value: 11094833342086051114427415606186996815
.dexknows.com/ Name: AMCVS_A57E776A5245AEA80A490D44%40AdobeOrg
Value: 1
www.dexknows.com/ Name: zone
Value: 0
.dexknows.com/ Name: s_nr
Value: 1643099490226
.dexknows.com/ Name: s_tp
Value: 1200
.dexknows.com/ Name: s_ppv
Value: error_page_404%2C100%2C100%2C1200
.dexknows.com/ Name: s_cc
Value: true
.dexknows.com/ Name: _ga
Value: GA1.2.870984350.1643099490
.dexknows.com/ Name: _gid
Value: GA1.2.2113938215.1643099490
.dexknows.com/ Name: _gat
Value: 1
.dexknows.com/ Name: _fbp
Value: fb.1.1643099490264.695449316
.facebook.com/ Name: fr
Value: 0UnFRJq5EVgRBnq08..Bh77Vi...1.0.Bh77Vi.
.scorecardresearch.com/ Name: UID
Value: 1CAe0dd29d92baadd52b71e1643099490
.google.com/ Name: NID
Value: 511=jQzARZDS8qvX6zLspuJ5qMCdgi9WTrW2wfTfy0hloRgkeioTZzl9i-yOlT0Tzu0MEt84_svK-GWx7mkPJL45WFs5rrIpZpMH4AjpBu-GskAR_GKxVIJEExCXeQzT0soo-D3z5GvGfcyvQR2WzfvHukit9xy1sFbF1_cLBNoJjQo
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~Ye_1YgAAAFf4GwQw
.dpm.demdex.net/ Name: dpm
Value: 11094833342086051114427415606186996815
.dexknows.com/ Name: AMCV_A57E776A5245AEA80A490D44%40AdobeOrg
Value: -1303530583%7CMCIDTS%7C19018%7CMCMID%7C04053255302018543224014109504116862602%7CMCAAMLH-1643704289%7C11%7CMCAAMB-1643704289%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1643106689s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19025%7CvVersion%7C3.3.0
.tapad.com/ Name: TapAd_TS
Value: 1643099491276
.tapad.com/ Name: TapAd_DID
Value: d6b7725b-f82b-4d07-a774-f2cca2357d3a

2 Console Messages

Source Level URL
Text
network error URL: https://www.dexknows.com/denver-co/bp/amp/peak-physical-therapy-539469158-Fake-Malicious-Google-Search-Result-Blank
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: https://i2.ypcdn.com/dk/images/icons/error-sprite.png?v=bc1f892
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

apis.google.com
bam-cell.nr-data.net
c.ypcdn.com
cm.everesttech.net
connect.facebook.net
dpm.demdex.net
i1.ypcdn.com
i2.ypcdn.com
i3.ypcdn.com
i4.ypcdn.com
js-agent.newrelic.com
metrics.yellowpages.com
platform.twitter.com
sb.scorecardresearch.com
stats.g.doubleclick.net
syndication.twitter.com
tapestry.tapad.com
www.dexknows.com
www.facebook.com
www.google-analytics.com
yellowpagescomllc.demdex.net
104.244.42.200
107.178.244.193
13.228.211.6
151.101.194.137
151.138.15.25
162.247.243.146
18.65.166.108
23.34.98.198
2404:6800:4004:81f::200e
2404:6800:4004:825::200e
2404:6800:4008:c07::9a
2606:2800:248:2f:1d8a:787:dc7:17df
2a03:2880:f00f:8:face:b00c:0:1
2a03:2880:f15e:83:face:b00c:0:25de
3.113.223.255
52.196.177.45
54.178.162.114
0488245474d8936c20a8c05f06e2640e0242f5d44aa9dbbd025d859ca1713641
0f7f6eee5303dcb04983b11e551078b926956bbe1491ace35e529adace3b71f1
10c4a00caf22893ed3474b3e66a044aca3e0a9d1117072c7787269889a9cbdca
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1694d5d3f0275cefe0a92913737a2c4b6ff9c8a2c7dc1b0f1839156dfb2044ab
1c0ba20dd6ab974307ca4fb34d7d48a7537bce6eb56c562c1e69264745221540
2816082c025f64540b613fde3096d814ae21ac75279461ec1d6bcb5c07099fdd
29429c5d8dfc89242e88e2a532b1426e98f2d8cfab5851868ac6a46c6bbd77b8
42a0a5f5a4aea04d53ddde78586125261c22ece1ebe9f5816bc289404f59b143
42c0abf958a4e8a95c5bf31e050bad6affe8bd2d9d5c25f849b328e15af613a7
49af932b6b23c2916aa7b78931217787a8e8b2fc161a11153f649fa671d4583c
5c5652744c1844a7c63c88a18a6fbd73d0fd4c57c6461f4f4a9724b337624ba5
68e8c7ceeeaf8a7d6030c13ca6f00a8238d21b37412236cb6fa54c33bb27a767
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7664f508b0b60fe3c6ec06036524d3c81de5d9c23a08d64dd47c80ab6d0c66be
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7ffb8326e23698a5ed7c4fd72c5daa21f2d49d9a446276d8ba8880acc1bf789e
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
868f641c992d560048ccc16c97cfb8a3ca62de7b591c0acf6dab9f92dc748ec4
87fa6bdbad91f8c107995b53757524f417af98925bf04c8e7c3fcdb3cb4a859b
8a56dc92a54fd18a196d60fa1ab4883a0ecf3ce1a599fe8389e18d10e0352e2d
8ec72ec876923ad778bdfc90ed2f1c99b4cb1d3c6f945ab35b80335f7db26030
969d8b578c740b88cb6f47881264a17d6946a276adcd8a009694afe5ea4fcc30
9b464b3873e8d99ebeaf19d1b62266721cca553212ca5d7873480017762b4bd5
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a2b8c98adb1d2f405aa95c776222f4eacb326f0622b1aaaa2dfbdebb70d11eef
a78af0ada2e4b98043f288b69b03372c1673e6429b227b977ca6ce13b86fa167
aec1273daa6df2443053427acbd188f229d60ed9d83ef9bccba3f8a8f21fc3dc
b5a50ba3a123b362d78654ebab27ca01b8fc65dd44cb0f9caf413d762be5d444
c55508ea7ce1ad08364772fbfadb835d2b1d1b9238d345c45eee1943ada4ff6f
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f821944d48e5e057630b8745330e6ad9a36151aa1fe035cd1c6332497018e89a
fd830867bc1abce59127b76463ea651cac5ec5ed3c3277e1cb6c7eee2a0c535e