Submitted URL: https://decoded.avast.io/feed/|Avast
Effective URL: https://decoded.avast.io/feed/%7CAvast
Submission: On September 11 via api from US

Summary

This website contacted 5 IPs in 3 countries across 5 domains to perform 25 HTTP transactions.
The main IP is 162.241.248.14, located in Brooklyn, United States and belongs to UNIFIEDLAYER-AS-1 - Unified Layer, US. The main domain is decoded.avast.io.
TLS certificate: Issued by Let's Encrypt Authority X3 on August 25th 2019. Valid for: 3 months.
This is the first time this domain was scanned on urlscan.io!

Verdict: Unknown

Domain & IP information

IP Address AS Autonomous System
18 162.241.248.14 46606 (UNIFIEDLA...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
25 5
Domain
Subdomains
Transfer
18 avast.io
275 KB
3 gstatic.com
34 KB
2 google-analytics.com
18 KB
1 doubleclick.net
107 B
1 fonts.googleapis.com
558 B
25 5
Domain Requested by
18 decoded.avast.io decoded.avast.io
3 fonts.gstatic.com decoded.avast.io
2 www.google-analytics.com decoded.avast.io
1 stats.g.doubleclick.net decoded.avast.io
1 fonts.googleapis.com decoded.avast.io
25 5

This site contains links to these domains. Also see Links.

Domain
avast.io
www.avast.com
wordpress.org
Subject / Issuer Validity Valid
avast.io
Let's Encrypt Authority X3
2019-08-25 -
2019-11-23
3 months
*.googleapis.com
GTS CA 1O1
2019-08-23 -
2019-11-21
3 months
*.google-analytics.com
GTS CA 1O1
2019-08-23 -
2019-11-21
3 months
*.g.doubleclick.net
GTS CA 1O1
2019-08-23 -
2019-11-21
3 months
*.google.com
GTS CA 1O1
2019-08-23 -
2019-11-21
3 months

Screenshot


Detected technologies

Web
Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
  • html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

Web
Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
  • html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

Web
Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
  • html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

Web
Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Web
Overall confidence: 100%
Detected patterns
  • html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

Web
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Web
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i


Stats

0
Requests

0
Ad-blocked

0
Malicious

0 %
HTTPS

0 %
IPv6

0
Domains

0
Subdomains

0
IPs

0
Countries

0 kB
Transfer

0 kB
Size

0
Cookies

25 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
%7CAvast
/feed
82 KB
24 KB
Document
General
Full URL
https://decoded.avast.io/feed/%7CAvast
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.241.248.14 Brooklyn, United States, ASN46606 (UNIFIEDLAYER-AS-1 - Unified Layer, US),
Reverse DNS
wp2.bluehost.com
Software
nginx/1.17.3 /
Resource Hash
65ec8fda5a22aad72203004ec318b405c9760220ed121181f22dc9872eadd794

Request headers

:method
GET
:authority
decoded.avast.io
:scheme
https
:path
/feed/%7CAvast
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode
navigate
sec-fetch-user
?1
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
none
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1

Response headers

status
404
date
Wed, 11 Sep 2019 14:50:51 GMT
server
nginx/1.17.3
content-type
text/html; charset=UTF-8
expires
Wed, 11 Jan 1984 05:00:00 GMT
cache-control
no-cache, must-revalidate, max-age=0
link
<https://decoded.avast.io/wp-json/>; rel="https://api.w.org/"
vary
Accept-Encoding
content-encoding
gzip
style.min.css?ver=5.2.3
/wp-includes/css/dist/block-library
29 KB
6 KB
Stylesheet
General
Full URL
https://decoded.avast.io/wp-includes/css/dist/block-library/style.min.css?ver=5.2.3
Requested by
Host: decoded.avast.io
URL: https://decoded.avast.io/feed/%7CAvast
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.241.248.14 Brooklyn, United States, ASN46606 (UNIFIEDLAYER-AS-1 - Unified Layer, US),
Reverse DNS
wp2.bluehost.com
Software
nginx/1.17.3 /
Resource Hash
4b8fe5c3d0e5ef7a6582185cbf5c535b5d369c8df1da98c03ed69833e55f474d

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://decoded.avast.io/feed/%7CAvast
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 11 Sep 2019 14:50:51 GMT
content-encoding
gzip
last-modified
Mon, 24 Jun 2019 11:02:11 GMT
server
nginx/1.17.3
x-server-cache
false
vary
Accept-Encoding
content-type
text/css
status
200
accept-ranges
bytes
content-length
6507
css?family=Muli%3Aregular%2C900%2C700&ver=1.1.3
fonts.googleapis.com
3 KB
558 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Muli%3Aregular%2C900%2C700&ver=1.1.3
Requested by
Host: decoded.avast.io
URL: https://decoded.avast.io/feed/%7CAvast
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
0a454519f2966b5cde6a17b5d1d7e6b7005f96a67c22a2415aee9ffa9639aef3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://decoded.avast.io/feed/%7CAvast
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Wed, 11 Sep 2019 14:50:51 GMT
server
ESF
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
status
200
date
Wed, 11 Sep 2019 14:50:51 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
x-xss-protection
0
expires
Wed, 11 Sep 2019 14:50:51 GMT
min.css?ver=1.1.3
/wp-content/themes/johannes/assets/css
180 KB
43 KB
Stylesheet
General
Full URL
https://decoded.avast.io/wp-content/themes/johannes/assets/css/min.css?ver=1.1.3
Requested by
Host: decoded.avast.io
URL: https://decoded.avast.io/feed/%7CAvast
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.241.248.14 Brooklyn, United States, ASN46606 (UNIFIEDLAYER-AS-1 - Unified Layer, US),
Reverse DNS
wp2.bluehost.com
Software
nginx/1.17.3 /
Resource Hash
8b7f6b3b98d203b064eeb91445b8bfc6f5bec3a2e7b76af8a23a7cb6cd0d8add

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://decoded.avast.io/feed/%7CAvast
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 11 Sep 2019 14:50:51 GMT
content-encoding
gzip
last-modified
Mon, 24 Jun 2019 11:19:20 GMT
server
nginx/1.17.3
x-server-cache
false
vary
Accept-Encoding
content-type
text/css
status
200
accept-ranges
bytes
Adblocked main.css?ver=1.2.1
/wp-content/plugins/meks-easy-social-share/assets/css
9 KB
2 KB
Stylesheet
General
Full URL
https://decoded.avast.io/wp-content/plugins/meks-easy-social-share/assets/css/main.css?ver=1.2.1
Requested by
Host: decoded.avast.io
URL: https://decoded.avast.io/feed/%7CAvast
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.241.248.14 Brooklyn, United States, ASN46606 (UNIFIEDLAYER-AS-1 - Unified Layer, US),
Reverse DNS
wp2.bluehost.com
Software
nginx/1.17.3 /
Resource Hash
a61e94c6cee47c0f689736d8b6d3a8ba98f9501a3e834b2cdedc374e4b88c6cf
Blocked
Source: easylist, Type: annoyance (This would have been blocked)

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://decoded.avast.io/feed/%7CAvast
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 11 Sep 2019 14:50:51 GMT
content-encoding
gzip
last-modified
Wed, 17 Jul 2019 11:03:00 GMT
server
nginx/1.17.3
x-server-cache
false
vary
Accept-Encoding
content-type
text/css
status
200
accept-ranges
bytes
content-length
1995
frontend.min.js?ver=7.8.0
/wp-content/plugins/google-analytics-for-wordpress/assets/js
8 KB
3 KB
Script
General
Full URL
https://decoded.avast.io/wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend.min.js?ver=7.8.0
Requested by
Host: decoded.avast.io
URL: https://decoded.avast.io/feed/%7CAvast
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.241.248.14 Brooklyn, United States, ASN46606 (UNIFIEDLAYER-AS-1 - Unified Layer, US),
Reverse DNS
wp2.bluehost.com
Software
nginx/1.17.3 /
Resource Hash
79bd057136470ea4ed8d113b2006d9ffd791e5b85340ccb5bb770b3395cf20ca

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://decoded.avast.io/feed/%7CAvast
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 11 Sep 2019 14:50:51 GMT
content-encoding
gzip
last-modified
Tue, 10 Sep 2019 23:08:13 GMT
server
nginx/1.17.3
x-server-cache
false
vary
Accept-Encoding
content-type
application/javascript
status
200
accept-ranges
bytes
content-length
2941
jquery.js?ver=1.12.4-wp
/wp-includes/js/jquery
95 KB
42 KB
Script
General
Full URL
https://decoded.avast.io/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Requested by
Host: decoded.avast.io
URL: https://decoded.avast.io/feed/%7CAvast
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.241.248.14 Brooklyn, United States, ASN46606 (UNIFIEDLAYER-AS-1 - Unified Layer, US),
Reverse DNS
wp2.bluehost.com
Software
nginx/1.17.3 /
Resource Hash
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://decoded.avast.io/feed/%7CAvast
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 11 Sep 2019 14:50:51 GMT
content-encoding
gzip
last-modified
Mon, 24 Jun 2019 11:02:11 GMT
server
nginx/1.17.3
x-server-cache
false
vary
Accept-Encoding
content-type
application/javascript
status
200
accept-ranges
bytes
Verified jquery-migrate.min.js?ver=1.4.1
/wp-includes/js/jquery
10 KB
4 KB
Script
General
Full URL
https://decoded.avast.io/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
Requested by
Host: decoded.avast.io
URL: https://decoded.avast.io/feed/%7CAvast
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.241.248.14 Brooklyn, United States, ASN46606 (UNIFIEDLAYER-AS-1 - Unified Layer, US),
Reverse DNS
wp2.bluehost.com
Software
nginx/1.17.3 /
Resource Hash
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
Verified resource
jquery-migrate/1.4.1/jquery-migrate.min.js at cdnjs.com, project jquery-migrate

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://decoded.avast.io/feed/%7CAvast
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 11 Sep 2019 14:50:51 GMT
content-encoding
gzip
last-modified
Mon, 24 Jun 2019 11:02:11 GMT
server
nginx/1.17.3
x-server-cache
false
vary
Accept-Encoding
content-type
application/javascript
status
200
accept-ranges
bytes
content-length
4444
Adblocked analytics.js
www.google-analytics.com
43 KB
17 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: decoded.avast.io
URL: https://decoded.avast.io/feed/%7CAvast
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
Blocked
Source: easylist, Type: privacy (This would have been blocked)
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://decoded.avast.io/feed/%7CAvast
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 19 Aug 2019 17:22:41 GMT
server
Golfe2
age
438
date
Wed, 11 Sep 2019 14:43:33 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
17803
expires
Wed, 11 Sep 2019 16:43:33 GMT
wp-emoji-release.min.js?ver=5.2.3
/wp-includes/js
14 KB
5 KB
Script
General
Full URL
https://decoded.avast.io/wp-includes/js/wp-emoji-release.min.js?ver=5.2.3
Requested by
Host: decoded.avast.io
URL: https://decoded.avast.io/feed/%7CAvast
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.241.248.14 Brooklyn, United States, ASN46606 (UNIFIEDLAYER-AS-1 - Unified Layer, US),
Reverse DNS
wp2.bluehost.com
Software
nginx/1.17.3 /
Resource Hash
f4799ef2939b8377cf33f07b07b6d90a4a245adbf1c6eaf47ee3b0fcefcc07fe

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://decoded.avast.io/feed/%7CAvast
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 11 Sep 2019 14:50:51 GMT
content-encoding
gzip
last-modified
Mon, 24 Jun 2019 11:02:11 GMT
server
nginx/1.17.3
x-server-cache
false
vary
Accept-Encoding
content-type
application/javascript
status
200
accept-ranges
bytes
content-length
4893
Adblocked collect?v=1&_v=j79&a=353821720&t=pageview&_s=1&dl=https%3A%2F%2Fdecoded.avast.io%2Ffeed%2F%257CAvast&dp=%2F404.html%3Fpage%3D%2Ffeed%2F%257CAvast%26from%3D&ul=en-us&de=UTF-8&dt=Page%20not%20found%2...
www.google-analytics.com
35 B
108 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j79&a=353821720&t=pageview&_s=1&dl=https%3A%2F%2Fdecoded.avast.io%2Ffeed%2F%257CAvast&dp=%2F404.html%3Fpage%3D%2Ffeed%2F%257CAvast%26from%3D&ul=en-us&de=UTF-8&dt=Page%20not%20found%20-%20Avast%20Threat%20Labs&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgUABC~&jid=1951304102&gjid=925715884&cid=630891236.1568213452&tid=UA-143774004-1&_gid=1015400607.1568213452&z=1922980126
Requested by
Host: decoded.avast.io
URL: https://decoded.avast.io/feed/%7CAvast
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Blocked
Source: easylist, Type: privacy (This would have been blocked)
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://decoded.avast.io/feed/%7CAvast
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Aug 2019 16:46:26 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
1721065
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
Adblocked collect?t=dc&aip=1&_r=3&v=1&_v=j79&tid=UA-143774004-1&cid=630891236.1568213452&jid=1951304102&gjid=925715884&_gid=1015400607.1568213452&_u=YGBAgUABC~&z=398291370
stats.g.doubleclick.net/r
35 B
107 B
Image
General
Full URL
https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j79&tid=UA-143774004-1&cid=630891236.1568213452&jid=1951304102&gjid=925715884&_gid=1015400607.1568213452&_u=YGBAgUABC~&z=398291370
Requested by
Host: decoded.avast.io
URL: https://decoded.avast.io/feed/%7CAvast
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9b Brussels, Belgium, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Blocked
Source: easylist, Type: privacy (This would have been blocked)
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://decoded.avast.io/feed/%7CAvast
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Wed, 11 Sep 2019 14:50:51 GMT
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
Asset-22ldpi.png
/wp-content/uploads/sites/2/2019/06
3 KB
3 KB
Image
General
Full URL
https://decoded.avast.io/wp-content/uploads/sites/2/2019/06/Asset-22ldpi.png
Requested by
Host: decoded.avast.io
URL: https://decoded.avast.io/feed/%7CAvast
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.241.248.14 Brooklyn, United States, ASN46606 (UNIFIEDLAYER-AS-1 - Unified Layer, US),
Reverse DNS
wp2.bluehost.com
Software
nginx/1.17.3 /
Resource Hash
250fd3e1a88e39683d7798ac68311b15d4dd859903bc8faec08c37c0142f2c72

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://decoded.avast.io/feed/%7CAvast
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 11 Sep 2019 14:50:51 GMT
last-modified
Thu, 27 Jun 2019 10:05:00 GMT
server
nginx/1.17.3
x-server-cache
true
content-type
image/png
status
200
accept-ranges
bytes
content-length
3109
x-proxy-cache
HIT
Verified imagesloaded.min.js?ver=3.2.0
/wp-includes/js
8 KB
3 KB
Script
General
Full URL
https://decoded.avast.io/wp-includes/js/imagesloaded.min.js?ver=3.2.0
Requested by
Host: decoded.avast.io
URL: https://decoded.avast.io/feed/%7CAvast
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.241.248.14 Brooklyn, United States, ASN46606 (UNIFIEDLAYER-AS-1 - Unified Layer, US),
Reverse DNS
wp2.bluehost.com
Software
nginx/1.17.3 /
Resource Hash
11e15f1d64a63cb498d0d42720a688ed15bf78393d8c460d695a110244c066e3
Verified resource
jquery.imagesloaded/3.2.0/imagesloaded.pkgd.min.js at cdnjs.com, project jquery.imagesloaded

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://decoded.avast.io/feed/%7CAvast
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 11 Sep 2019 14:50:52 GMT
content-encoding
gzip
last-modified
Mon, 24 Jun 2019 11:02:11 GMT
server
nginx/1.17.3
x-server-cache
true
vary
Accept-Encoding
content-type
application/javascript
status
200
accept-ranges
bytes
content-length
2883
x-proxy-cache
HIT
Verified masonry.min.js?ver=3.3.2
/wp-includes/js
28 KB
11 KB
Script
General
Full URL
https://decoded.avast.io/wp-includes/js/masonry.min.js?ver=3.3.2
Requested by
Host: decoded.avast.io
URL: https://decoded.avast.io/feed/%7CAvast
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.241.248.14 Brooklyn, United States, ASN46606 (UNIFIEDLAYER-AS-1 - Unified Layer, US),
Reverse DNS
wp2.bluehost.com
Software
nginx/1.17.3 /
Resource Hash
733d7c26a5fb7240e83e8af2c822218b321b5143e28c2dd65ab2492297ac6bd7
Verified resource
masonry/3.3.2/masonry.pkgd.min.js at cdnjs.com, project masonry

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://decoded.avast.io/feed/%7CAvast
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 11 Sep 2019 14:50:52 GMT
content-encoding
gzip
last-modified
Mon, 24 Jun 2019 11:02:11 GMT
server
nginx/1.17.3
x-server-cache
true
vary
Accept-Encoding
content-type
application/javascript
status
200
accept-ranges
bytes
content-length
10816
x-proxy-cache
HIT
jquery.masonry.min.js?ver=3.1.2b
/wp-includes/js/jquery
2 KB
758 B
Script
General
Full URL
https://decoded.avast.io/wp-includes/js/jquery/jquery.masonry.min.js?ver=3.1.2b
Requested by
Host: decoded.avast.io
URL: https://decoded.avast.io/feed/%7CAvast
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.241.248.14 Brooklyn, United States, ASN46606 (UNIFIEDLAYER-AS-1 - Unified Layer, US),
Reverse DNS
wp2.bluehost.com
Software
nginx/1.17.3 /
Resource Hash
c2e606e1fc82ea3a554aad5d0520e25d2677b89a891dc5c49e7ace08fce92e25

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://decoded.avast.io/feed/%7CAvast
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 11 Sep 2019 14:50:52 GMT
content-encoding
gzip
last-modified
Mon, 24 Jun 2019 11:02:11 GMT
server
nginx/1.17.3
x-server-cache
true
vary
Accept-Encoding
content-type
application/javascript
status
200
accept-ranges
bytes
content-length
724
x-proxy-cache
HIT
min.js?ver=1.1.3
/wp-content/themes/johannes/assets/js
112 KB
45 KB
Script
General
Full URL
https://decoded.avast.io/wp-content/themes/johannes/assets/js/min.js?ver=1.1.3
Requested by
Host: decoded.avast.io
URL: https://decoded.avast.io/feed/%7CAvast
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.241.248.14 Brooklyn, United States, ASN46606 (UNIFIEDLAYER-AS-1 - Unified Layer, US),
Reverse DNS
wp2.bluehost.com
Software
nginx/1.17.3 /
Resource Hash
5f730e0adb0db34601edf0b7449dae5bcd766311ca1aadf57d58126c554fe2ef

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://decoded.avast.io/feed/%7CAvast
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 11 Sep 2019 14:50:52 GMT
content-encoding
gzip
last-modified
Mon, 24 Jun 2019 11:21:52 GMT
server
nginx/1.17.3
x-server-cache
true
vary
Accept-Encoding
content-type
application/javascript
status
200
x-proxy-cache
HIT
Adblocked main.js?ver=1.2.1
/wp-content/plugins/meks-easy-social-share/assets/js
551 B
357 B
Script
General
Full URL
https://decoded.avast.io/wp-content/plugins/meks-easy-social-share/assets/js/main.js?ver=1.2.1
Requested by
Host: decoded.avast.io
URL: https://decoded.avast.io/feed/%7CAvast
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.241.248.14 Brooklyn, United States, ASN46606 (UNIFIEDLAYER-AS-1 - Unified Layer, US),
Reverse DNS
wp2.bluehost.com
Software
nginx/1.17.3 /
Resource Hash
8efd7ef0887f8d97df1f68248a4d6f603ab11021a0f683e61584227ee7a71909
Blocked
Source: easylist, Type: annoyance (This would have been blocked)

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://decoded.avast.io/feed/%7CAvast
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 11 Sep 2019 14:50:52 GMT
content-encoding
gzip
last-modified
Wed, 17 Jul 2019 11:03:00 GMT
server
nginx/1.17.3
x-server-cache
true
vary
Accept-Encoding
content-type
application/javascript
status
200
accept-ranges
bytes
content-length
323
x-proxy-cache
HIT
new-tab.min.js?ver=3.1.2
/wp-content/plugins/page-links-to/js
4 KB
2 KB
Script
General
Full URL
https://decoded.avast.io/wp-content/plugins/page-links-to/js/new-tab.min.js?ver=3.1.2
Requested by
Host: decoded.avast.io
URL: https://decoded.avast.io/feed/%7CAvast
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.241.248.14 Brooklyn, United States, ASN46606 (UNIFIEDLAYER-AS-1 - Unified Layer, US),
Reverse DNS
wp2.bluehost.com
Software
nginx/1.17.3 /
Resource Hash
582278063c6f97f70b739bc1530060e16e176bb7b792ec5bd542d2083ed6b21c

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://decoded.avast.io/feed/%7CAvast
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 11 Sep 2019 14:50:52 GMT
content-encoding
gzip
last-modified
Tue, 23 Jul 2019 23:17:13 GMT
server
nginx/1.17.3
x-server-cache
true
vary
Accept-Encoding
content-type
application/javascript
status
200
accept-ranges
bytes
content-length
2302
x-proxy-cache
HIT
wp-embed.min.js?ver=5.2.3
/wp-includes/js
1 KB
784 B
Script
General
Full URL
https://decoded.avast.io/wp-includes/js/wp-embed.min.js?ver=5.2.3
Requested by
Host: decoded.avast.io
URL: https://decoded.avast.io/feed/%7CAvast
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.241.248.14 Brooklyn, United States, ASN46606 (UNIFIEDLAYER-AS-1 - Unified Layer, US),
Reverse DNS
wp2.bluehost.com
Software
nginx/1.17.3 /
Resource Hash
2152557cac69e2bd7d6debef5037a9f554f9209cc305b8141b3329acb10c42b7

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://decoded.avast.io/feed/%7CAvast
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 11 Sep 2019 14:50:52 GMT
content-encoding
gzip
last-modified
Mon, 24 Jun 2019 11:02:11 GMT
server
nginx/1.17.3
x-server-cache
true
vary
Accept-Encoding
content-type
application/javascript
status
200
accept-ranges
bytes
content-length
750
x-proxy-cache
HIT
7Auwp_0qiz-afTLGLQjUwkQ.woff2
fonts.gstatic.com/s/muli/v16
11 KB
11 KB
Font
General
Full URL
https://fonts.gstatic.com/s/muli/v16/7Auwp_0qiz-afTLGLQjUwkQ.woff2
Requested by
Host: decoded.avast.io
URL: https://decoded.avast.io/feed/%7CAvast
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
559a79dfc55855934e68eae72c755fb1e381e5628cbf2928354ccb871e79beb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
https://fonts.googleapis.com/css?family=Muli%3Aregular%2C900%2C700&ver=1.1.3
Origin
https://decoded.avast.io
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 03 Sep 2019 22:44:40 GMT
x-content-type-options
nosniff
last-modified
Mon, 22 Jul 2019 19:23:05 GMT
server
sffe
age
662772
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
11528
x-xss-protection
0
expires
Wed, 02 Sep 2020 22:44:40 GMT
7Au_p_0qiz-adYnjOCX2z24PMFk.woff2
fonts.gstatic.com/s/muli/v16
11 KB
11 KB
Font
General
Full URL
https://fonts.gstatic.com/s/muli/v16/7Au_p_0qiz-adYnjOCX2z24PMFk.woff2
Requested by
Host: decoded.avast.io
URL: https://decoded.avast.io/feed/%7CAvast
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
ecdc1a24a0a56f42da0ee128d4c2e35235ef86acfbf98aab933aeb9cc5813bed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
https://fonts.googleapis.com/css?family=Muli%3Aregular%2C900%2C700&ver=1.1.3
Origin
https://decoded.avast.io
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 27 Aug 2019 15:33:53 GMT
x-content-type-options
nosniff
last-modified
Mon, 22 Jul 2019 19:17:49 GMT
server
sffe
age
1293419
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
11596
x-xss-protection
0
expires
Wed, 26 Aug 2020 15:33:53 GMT
fontawesome-webfont.woff2?v=4.7.0
/wp-content/themes/johannes/assets/fonts
75 KB
76 KB
Font
General
Full URL
https://decoded.avast.io/wp-content/themes/johannes/assets/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: decoded.avast.io
URL: https://decoded.avast.io/feed/%7CAvast
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.241.248.14 Brooklyn, United States, ASN46606 (UNIFIEDLAYER-AS-1 - Unified Layer, US),
Reverse DNS
wp2.bluehost.com
Software
nginx/1.17.3 /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Sec-Fetch-Mode
cors
Referer
https://decoded.avast.io/wp-content/themes/johannes/assets/css/min.css?ver=1.1.3
Origin
https://decoded.avast.io
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 11 Sep 2019 14:50:52 GMT
last-modified
Mon, 24 Jun 2019 11:19:38 GMT
server
nginx/1.17.3
x-server-cache
true
content-type
font/woff2
status
200
accept-ranges
bytes
content-length
77160
x-proxy-cache
HIT
johannes-font.ttf?
/wp-content/themes/johannes/assets/fonts
3 KB
3 KB
Font
General
Full URL
https://decoded.avast.io/wp-content/themes/johannes/assets/fonts/johannes-font.ttf?
Requested by
Host: decoded.avast.io
URL: https://decoded.avast.io/feed/%7CAvast
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.241.248.14 Brooklyn, United States, ASN46606 (UNIFIEDLAYER-AS-1 - Unified Layer, US),
Reverse DNS
wp2.bluehost.com
Software
nginx/1.17.3 /
Resource Hash
6e1ba7b6b625d488b2be3593d5ec5c3fca1fc192e9b3475573bf75af25b4cde9

Request headers

Sec-Fetch-Mode
cors
Referer
https://decoded.avast.io/wp-content/themes/johannes/assets/css/min.css?ver=1.1.3
Origin
https://decoded.avast.io
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 11 Sep 2019 14:50:52 GMT
last-modified
Mon, 24 Jun 2019 11:19:40 GMT
server
nginx/1.17.3
x-server-cache
true
content-type
font/ttf
status
200
accept-ranges
bytes
content-length
2952
x-proxy-cache
HIT
7Au_p_0qiz-adbHhOCX2z24PMFk.woff2
fonts.gstatic.com/s/muli/v16
11 KB
11 KB
Font
General
Full URL
https://fonts.gstatic.com/s/muli/v16/7Au_p_0qiz-adbHhOCX2z24PMFk.woff2
Requested by
Host: decoded.avast.io
URL: https://decoded.avast.io/feed/%7CAvast
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
e6600dc3d4a01ea1e1f10f82d3046b4995142fa6c8d5e8564b0c3674f02fd85b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
https://fonts.googleapis.com/css?family=Muli%3Aregular%2C900%2C700&ver=1.1.3
Origin
https://decoded.avast.io
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 23 Aug 2019 03:13:57 GMT
x-content-type-options
nosniff
last-modified
Mon, 22 Jul 2019 19:24:07 GMT
server
sffe
age
1683415
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
11644
x-xss-protection
0
expires
Sat, 22 Aug 2020 03:13:57 GMT

Redirect requests

There were HTTP redirects (301, 302) for the following requests:

39 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

string| mi_version boolean| mi_track_user string| mi_no_track_reason string| disableStr function| __gaTrackerIsOptedOut function| __gaTrackerOptout string| GoogleAnalyticsObject function| __gaTracker object| _wpemojiSettings object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| _nsl object| monsterinsights_frontend function| MonsterInsights object| MonsterInsightsObject object| twemoji object| wp undefined| $ function| jQuery function| EventEmitter object| eventie function| imagesLoaded function| getStyleProperty function| getSize function| docReady function| matchesSelector object| fizzyUIUtils function| Outlayer function| Masonry object| johannes_js_settings function| objectFitImages function| PhotoSwipeUI_Default function| PhotoSwipe object| picturefillCFG function| picturefill object| jQuery112406701570650024085 function| NSLPopupCenter

3 Cookies

Domain/Path Name / Value
.avast.io/ Name: _gat
Value: 1
.avast.io/ Name: _gid
Value: GA1.2.1015400607.1568213452
.avast.io/ Name: _ga
Value: GA1.2.630891236.1568213452

1 Console Messages

Source Level URL
Text
console-api log URL: https://decoded.avast.io/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1, Line 2, Column552
Message:
JQMIGRATE: Migrate is installed, version 1.4.1

Indicators of compromise (IoCs)

This is a term in the security industry to describe indicators around an attack. This includes IPs, hashes, domains, etc.

decoded.avast.io
fonts.googleapis.com
fonts.gstatic.com
stats.g.doubleclick.net
www.google-analytics.com


162.241.248.14
2a00:1450:4001:819::200e
2a00:1450:4001:81a::200a
2a00:1450:4001:825::2003
2a00:1450:400c:c0c::9b

0a454519f2966b5cde6a17b5d1d7e6b7005f96a67c22a2415aee9ffa9639aef3
11e15f1d64a63cb498d0d42720a688ed15bf78393d8c460d695a110244c066e3
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
2152557cac69e2bd7d6debef5037a9f554f9209cc305b8141b3329acb10c42b7
250fd3e1a88e39683d7798ac68311b15d4dd859903bc8faec08c37c0142f2c72
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
4b8fe5c3d0e5ef7a6582185cbf5c535b5d369c8df1da98c03ed69833e55f474d
559a79dfc55855934e68eae72c755fb1e381e5628cbf2928354ccb871e79beb9
582278063c6f97f70b739bc1530060e16e176bb7b792ec5bd542d2083ed6b21c
5f730e0adb0db34601edf0b7449dae5bcd766311ca1aadf57d58126c554fe2ef
65ec8fda5a22aad72203004ec318b405c9760220ed121181f22dc9872eadd794
6e1ba7b6b625d488b2be3593d5ec5c3fca1fc192e9b3475573bf75af25b4cde9
733d7c26a5fb7240e83e8af2c822218b321b5143e28c2dd65ab2492297ac6bd7
79bd057136470ea4ed8d113b2006d9ffd791e5b85340ccb5bb770b3395cf20ca
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8b7f6b3b98d203b064eeb91445b8bfc6f5bec3a2e7b76af8a23a7cb6cd0d8add
8efd7ef0887f8d97df1f68248a4d6f603ab11021a0f683e61584227ee7a71909
a61e94c6cee47c0f689736d8b6d3a8ba98f9501a3e834b2cdedc374e4b88c6cf
c2e606e1fc82ea3a554aad5d0520e25d2677b89a891dc5c49e7ace08fce92e25
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
e6600dc3d4a01ea1e1f10f82d3046b4995142fa6c8d5e8564b0c3674f02fd85b
ecdc1a24a0a56f42da0ee128d4c2e35235ef86acfbf98aab933aeb9cc5813bed
f4799ef2939b8377cf33f07b07b6d90a4a245adbf1c6eaf47ee3b0fcefcc07fe