Analysis

  • max time kernel
    142s
  • max time network
    144s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230915-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230915-enlocale:en-usos:windows10-2004-x64system
  • submitted
    12/10/2023, 12:21 UTC

General

  • Target

    avast_free_antivirus_setup_online.exe

  • Size

    257KB

  • MD5

    8356d4c424f871c71a8911dce65bea34

  • SHA1

    489cf2c7e0b7a90355534be8b68d01ff2d60122f

  • SHA256

    ab8ec4bd9d4783e076c8bda3f9e0dba984e4ebdb494df6871f9c647a444699cd

  • SHA512

    77fc21b27c47b53afd0b448c11288ddaa891f99b6678b24f5cf005dde87a901b06c1fc3656eabbc8e1b07993ad646b38d33b1749b7ca14d885cd6cad0fa3d5ff

  • SSDEEP

    3072:42RaiKg4xmUh1WXHqw/l+qmOELhakVsm3mxB32tLEv8zfdn5f2dZLCozOhhOn+T7:40KgGwHqwOOELha+sm2D2+Uhngufw

Score
8/10

Malware Config

Signatures

  • Downloads MZ/PE file
  • Checks for any installed AV software in registry 1 TTPs 51 IoCs
  • Writes to the Master Boot Record (MBR) 1 TTPs 4 IoCs

    Bootkits write to the MBR to gain persistence at a level below the operating system.

  • Executes dropped EXE 11 IoCs
  • Loads dropped DLL 13 IoCs
  • Checks processor information in registry 2 TTPs 15 IoCs

    Processor information is often read in order to detect sandboxing environments.

  • Modifies registry class 64 IoCs
  • Suspicious behavior: EnumeratesProcesses 8 IoCs
  • Suspicious use of AdjustPrivilegeToken 9 IoCs
  • Suspicious use of SetWindowsHookEx 2 IoCs
  • Suspicious use of WriteProcessMemory 24 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\avast_free_antivirus_setup_online.exe
    "C:\Users\Admin\AppData\Local\Temp\avast_free_antivirus_setup_online.exe"
    1⤵
    • Writes to the Master Boot Record (MBR)
    • Loads dropped DLL
    • Suspicious use of WriteProcessMemory
    PID:4016
    • C:\Windows\Temp\asw.b78032b754ceede6\avast_free_antivirus_setup_online_x64.exe
      "C:\Windows\Temp\asw.b78032b754ceede6\avast_free_antivirus_setup_online_x64.exe" /cookie:mmm_ava_012_999_a7i_m /ga_clientid:632ca97e-596e-4789-bc30-dc37daa8088b /edat_dir:C:\Windows\Temp\asw.b78032b754ceede6
      2⤵
      • Checks for any installed AV software in registry
      • Writes to the Master Boot Record (MBR)
      • Executes dropped EXE
      • Checks processor information in registry
      • Modifies registry class
      • Suspicious behavior: EnumeratesProcesses
      • Suspicious use of AdjustPrivilegeToken
      • Suspicious use of WriteProcessMemory
      PID:2408
      • C:\Windows\Temp\asw.defc4a2d8969f754\instup.exe
        "C:\Windows\Temp\asw.defc4a2d8969f754\instup.exe" /sfx:lite /sfxstorage:C:\Windows\Temp\asw.defc4a2d8969f754 /edition:1 /prod:ais /guid:befa3776-92c3-463e-abf8-d81806c314e7 /ga_clientid:632ca97e-596e-4789-bc30-dc37daa8088b /cookie:mmm_ava_012_999_a7i_m /ga_clientid:632ca97e-596e-4789-bc30-dc37daa8088b /edat_dir:C:\Windows\Temp\asw.b78032b754ceede6
        3⤵
        • Checks for any installed AV software in registry
        • Writes to the Master Boot Record (MBR)
        • Executes dropped EXE
        • Loads dropped DLL
        • Checks processor information in registry
        • Modifies registry class
        • Suspicious use of AdjustPrivilegeToken
        • Suspicious use of SetWindowsHookEx
        • Suspicious use of WriteProcessMemory
        PID:4388
        • C:\Windows\Temp\asw.defc4a2d8969f754\New_170917c2\instup.exe
          "C:\Windows\Temp\asw.defc4a2d8969f754\New_170917c2\instup.exe" /sfx /sfxstorage:C:\Windows\Temp\asw.defc4a2d8969f754 /edition:1 /prod:ais /guid:befa3776-92c3-463e-abf8-d81806c314e7 /ga_clientid:632ca97e-596e-4789-bc30-dc37daa8088b /cookie:mmm_ava_012_999_a7i_m /edat_dir:C:\Windows\Temp\asw.b78032b754ceede6 /online_installer
          4⤵
          • Checks for any installed AV software in registry
          • Writes to the Master Boot Record (MBR)
          • Executes dropped EXE
          • Loads dropped DLL
          • Checks processor information in registry
          • Modifies registry class
          • Suspicious behavior: EnumeratesProcesses
          • Suspicious use of AdjustPrivilegeToken
          • Suspicious use of SetWindowsHookEx
          • Suspicious use of WriteProcessMemory
          PID:1432
          • C:\Windows\Temp\asw.defc4a2d8969f754\New_170917c2\aswOfferTool.exe
            "C:\Windows\Temp\asw.defc4a2d8969f754\New_170917c2\aswOfferTool.exe" -checkGToolbar -elevated
            5⤵
            • Executes dropped EXE
            PID:752
          • C:\Windows\Temp\asw.defc4a2d8969f754\New_170917c2\aswOfferTool.exe
            "C:\Windows\Temp\asw.defc4a2d8969f754\New_170917c2\aswOfferTool.exe" /check_secure_browser
            5⤵
            • Executes dropped EXE
            PID:3592
          • C:\Windows\Temp\asw.defc4a2d8969f754\New_170917c2\aswOfferTool.exe
            "C:\Windows\Temp\asw.defc4a2d8969f754\New_170917c2\aswOfferTool.exe" -checkChrome -elevated
            5⤵
            • Executes dropped EXE
            • Loads dropped DLL
            PID:4668
          • C:\Windows\Temp\asw.defc4a2d8969f754\New_170917c2\aswOfferTool.exe
            "C:\Windows\Temp\asw.defc4a2d8969f754\New_170917c2\aswOfferTool.exe" -checkChromeReactivation -elevated -bc=AVFC
            5⤵
            • Executes dropped EXE
            • Suspicious use of AdjustPrivilegeToken
            PID:3152
            • C:\Users\Public\Documents\aswOfferTool.exe
              "C:\Users\Public\Documents\aswOfferTool.exe" -checkChromeReactivation -bc=AVFC
              6⤵
              • Executes dropped EXE
              • Loads dropped DLL
              PID:1956
          • C:\Windows\Temp\asw.defc4a2d8969f754\New_170917c2\aswOfferTool.exe
            "C:\Windows\Temp\asw.defc4a2d8969f754\New_170917c2\aswOfferTool.exe" -checkChromeReactivation -elevated -bc=AVFC
            5⤵
            • Executes dropped EXE
            • Suspicious use of AdjustPrivilegeToken
            PID:2564
            • C:\Users\Public\Documents\aswOfferTool.exe
              "C:\Users\Public\Documents\aswOfferTool.exe" -checkChromeReactivation -bc=AVFC
              6⤵
              • Executes dropped EXE
              • Loads dropped DLL
              PID:2184
          • C:\Windows\Temp\asw.defc4a2d8969f754\New_170917c2\aswOfferTool.exe
            "C:\Windows\Temp\asw.defc4a2d8969f754\New_170917c2\aswOfferTool.exe" -checkChrome -elevated
            5⤵
            • Executes dropped EXE
            • Loads dropped DLL
            PID:4184

Network

  • flag-us
    DNS
    iavs9x.u.avcdn.net
    avast_free_antivirus_setup_online.exe
    Remote address:
    8.8.8.8:53
    Request
    iavs9x.u.avcdn.net
    IN A
    Response
    iavs9x.u.avcdn.net
    IN CNAME
    iavs9x4.u.avcdn.net.edgesuite.net
    iavs9x4.u.avcdn.net.edgesuite.net
    IN CNAME
    a117.dscd.akamai.net
    a117.dscd.akamai.net
    IN A
    84.53.175.64
    a117.dscd.akamai.net
    IN A
    84.53.175.137
  • flag-us
    DNS
    v7event.stats.avast.com
    avast_free_antivirus_setup_online_x64.exe
    Remote address:
    8.8.8.8:53
    Request
    v7event.stats.avast.com
    IN A
    Response
    v7event.stats.avast.com
    IN CNAME
    analytics.ff.avast.com
    analytics.ff.avast.com
    IN CNAME
    analytics-prod-gcp.ff.avast.com
    analytics-prod-gcp.ff.avast.com
    IN A
    34.117.223.223
  • flag-us
    POST
    http://v7event.stats.avast.com/cgi-bin/iavsevents.cgi
    avast_free_antivirus_setup_online.exe
    Remote address:
    34.117.223.223:80
    Request
    POST /cgi-bin/iavsevents.cgi HTTP/1.1
    Connection: Keep-Alive
    Content-Type: iavs4/stats
    User-Agent: Avast Microstub/2.1
    Content-Length: 267
    Host: v7event.stats.avast.com
    Response
    HTTP/1.1 204 No Content
    Server: nginx
    Date: Mon, 16 Oct 2023 03:48:50 GMT
    Via: 1.1 google
  • flag-us
    POST
    http://v7event.stats.avast.com/cgi-bin/iavsevents.cgi
    avast_free_antivirus_setup_online.exe
    Remote address:
    34.117.223.223:80
    Request
    POST /cgi-bin/iavsevents.cgi HTTP/1.1
    Connection: Keep-Alive
    Content-Type: iavs4/stats
    User-Agent: Avast Microstub/2.1
    Content-Length: 281
    Host: v7event.stats.avast.com
    Response
    HTTP/1.1 204 No Content
    Server: nginx
    Date: Mon, 16 Oct 2023 03:48:57 GMT
    Via: 1.1 google
  • flag-de
    POST
    http://www.google-analytics.com/collect
    avast_free_antivirus_setup_online.exe
    Remote address:
    172.217.23.206:80
    Request
    POST /collect HTTP/1.1
    Connection: Keep-Alive
    User-Agent: Avast Microstub/2.1
    Content-Length: 140
    Host: www.google-analytics.com
    Response
    HTTP/1.1 200 OK
    Access-Control-Allow-Origin: *
    Date: Mon, 16 Oct 2023 03:48:50 GMT
    Pragma: no-cache
    Expires: Fri, 01 Jan 1990 00:00:00 GMT
    Cache-Control: no-cache, no-store, must-revalidate
    Last-Modified: Sun, 17 May 1998 03:00:00 GMT
    X-Content-Type-Options: nosniff
    Content-Type: image/gif
    Cross-Origin-Resource-Policy: cross-origin
    Server: Golfe2
    Content-Length: 35
  • flag-de
    POST
    http://www.google-analytics.com/collect
    avast_free_antivirus_setup_online.exe
    Remote address:
    172.217.23.206:80
    Request
    POST /collect HTTP/1.1
    Connection: Keep-Alive
    User-Agent: Avast Microstub/2.1
    Content-Length: 143
    Host: www.google-analytics.com
    Response
    HTTP/1.1 200 OK
    Access-Control-Allow-Origin: *
    Date: Mon, 16 Oct 2023 03:48:57 GMT
    Pragma: no-cache
    Expires: Fri, 01 Jan 1990 00:00:00 GMT
    Cache-Control: no-cache, no-store, must-revalidate
    Last-Modified: Sun, 17 May 1998 03:00:00 GMT
    X-Content-Type-Options: nosniff
    Content-Type: image/gif
    Cross-Origin-Resource-Policy: cross-origin
    Server: Golfe2
    Content-Length: 35
  • flag-us
    DNS
    8.8.8.8.in-addr.arpa
    Remote address:
    8.8.8.8:53
    Request
    8.8.8.8.in-addr.arpa
    IN PTR
    Response
    8.8.8.8.in-addr.arpa
    IN PTR
    dnsgoogle
  • flag-us
    DNS
    64.175.53.84.in-addr.arpa
    Remote address:
    8.8.8.8:53
    Request
    64.175.53.84.in-addr.arpa
    IN PTR
    Response
    64.175.53.84.in-addr.arpa
    IN PTR
    a84-53-175-64deploystaticakamaitechnologiescom
  • flag-us
    DNS
    223.223.117.34.in-addr.arpa
    Remote address:
    8.8.8.8:53
    Request
    223.223.117.34.in-addr.arpa
    IN PTR
    Response
    223.223.117.34.in-addr.arpa
    IN PTR
    22322311734bcgoogleusercontentcom
  • flag-us
    DNS
    206.23.217.172.in-addr.arpa
    Remote address:
    8.8.8.8:53
    Request
    206.23.217.172.in-addr.arpa
    IN PTR
    Response
    206.23.217.172.in-addr.arpa
    IN PTR
    ams16s37-in-f141e100net
    206.23.217.172.in-addr.arpa
    IN PTR
    prg03s05-in-f14�I
    206.23.217.172.in-addr.arpa
    IN PTR
    prg03s05-in-f206�I
  • flag-us
    DNS
    2.136.104.51.in-addr.arpa
    Remote address:
    8.8.8.8:53
    Request
    2.136.104.51.in-addr.arpa
    IN PTR
    Response
  • flag-nl
    GET
    http://iavs9x.u.avcdn.net/iavs9x/avast_free_antivirus_setup_online_x64.exe
    avast_free_antivirus_setup_online.exe
    Remote address:
    84.53.175.64:80
    Request
    GET /iavs9x/avast_free_antivirus_setup_online_x64.exe HTTP/1.1
    Connection: Keep-Alive
    User-Agent: avast! Antivirus (instup)
    Host: iavs9x.u.avcdn.net
    Response
    HTTP/1.1 200 OK
    Server: nginx
    Last-Modified: Tue, 19 Sep 2023 16:56:22 GMT
    ETag: "6509d2b6-9ef938"
    Access-Control-Allow-Origin: *
    X-Cache-Status: HIT
    X-Origin-Cache: vpsorigin-cache-re-prod-001.europe-west1-b.ppp-lopst-vpsorigin-10
    Content-Type: application/octet-stream
    Content-Length: 10418488
    Accept-Ranges: bytes
    Cache-Control: max-age=49
    Expires: Mon, 16 Oct 2023 03:49:45 GMT
    Date: Mon, 16 Oct 2023 03:48:56 GMT
    Connection: keep-alive
  • flag-us
    DNS
    108.211.229.192.in-addr.arpa
    Remote address:
    8.8.8.8:53
    Request
    108.211.229.192.in-addr.arpa
    IN PTR
    Response
  • flag-us
    DNS
    68.32.126.40.in-addr.arpa
    Remote address:
    8.8.8.8:53
    Request
    68.32.126.40.in-addr.arpa
    IN PTR
    Response
  • flag-de
    GET
    http://www.google-analytics.com/collect?aiid=mmm_ava_012_999_a7i_m&an=Free&av=23.9.8494&cd=stub-extended&cd3=Online&cid=befa3776-92c3-463e-abf8-d81806c314e7&dt=Installation&t=screenview&tid=UA-58120669-3&v=1
    avast_free_antivirus_setup_online_x64.exe
    Remote address:
    172.217.23.206:80
    Request
    GET /collect?aiid=mmm_ava_012_999_a7i_m&an=Free&av=23.9.8494&cd=stub-extended&cd3=Online&cid=befa3776-92c3-463e-abf8-d81806c314e7&dt=Installation&t=screenview&tid=UA-58120669-3&v=1 HTTP/1.1
    Connection: Keep-Alive
    User-Agent: Avast SFX/1.0
    Host: www.google-analytics.com
    Response
    HTTP/1.1 200 OK
    Access-Control-Allow-Origin: *
    Pragma: no-cache
    X-Content-Type-Options: nosniff
    Cross-Origin-Resource-Policy: cross-origin
    Server: Golfe2
    Content-Length: 35
    Date: Sun, 15 Oct 2023 13:57:07 GMT
    Expires: Mon, 01 Jan 1990 00:00:00 GMT
    Cache-Control: no-cache, no-store, must-revalidate
    Age: 49915
    Last-Modified: Sun, 17 May 1998 03:00:00 GMT
    Content-Type: image/gif
  • flag-us
    DNS
    analytics.ff.avast.com
    instup.exe
    Remote address:
    8.8.8.8:53
    Request
    analytics.ff.avast.com
    IN A
    Response
    analytics.ff.avast.com
    IN CNAME
    analytics-prod-gcp.ff.avast.com
    analytics-prod-gcp.ff.avast.com
    IN A
    34.117.223.223
  • flag-us
    POST
    https://analytics.ff.avast.com/v4/receive/json/70
    avast_free_antivirus_setup_online_x64.exe
    Remote address:
    34.117.223.223:443
    Request
    POST /v4/receive/json/70 HTTP/1.1
    Connection: Keep-Alive
    Content-Type: application/json
    User-Agent: Avast SimpleHttp/3.0
    Content-Length: 602
    Host: analytics.ff.avast.com
    Response
    HTTP/1.1 200 OK
    Server: nginx
    Date: Mon, 16 Oct 2023 03:49:02 GMT
    Content-Type: application/json
    Content-Length: 19
    Via: 1.1 google
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-us
    POST
    https://v7event.stats.avast.com/cgi-bin/iavsevents.cgi
    avast_free_antivirus_setup_online_x64.exe
    Remote address:
    34.117.223.223:443
    Request
    POST /cgi-bin/iavsevents.cgi HTTP/1.1
    Connection: Keep-Alive
    Content-Type: iavs4/stats
    Content-MD5: 9gD7Pc8hmcOzF2XQquJ2LA==
    User-Agent: Avast SimpleHttp/3.0
    Content-Length: 391
    Host: v7event.stats.avast.com
    Response
    HTTP/1.1 204 No Content
    Server: nginx
    Date: Mon, 16 Oct 2023 03:49:02 GMT
    Via: 1.1 google
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-us
    POST
    https://v7event.stats.avast.com/cgi-bin/iavsevents.cgi
    avast_free_antivirus_setup_online_x64.exe
    Remote address:
    34.117.223.223:443
    Request
    POST /cgi-bin/iavsevents.cgi HTTP/1.1
    Connection: Keep-Alive
    Content-Type: iavs4/stats
    Content-MD5: 9gD7Pc8hmcOzF2XQquJ2LA==
    User-Agent: Avast SimpleHttp/3.0
    Content-Length: 391
    Host: v7event.stats.avast.com
    Response
    HTTP/1.1 204 No Content
    Server: nginx
    Date: Mon, 16 Oct 2023 03:49:02 GMT
    Via: 1.1 google
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-us
    POST
    https://v7event.stats.avast.com/cgi-bin/iavsevents.cgi
    avast_free_antivirus_setup_online_x64.exe
    Remote address:
    34.117.223.223:443
    Request
    POST /cgi-bin/iavsevents.cgi HTTP/1.1
    Connection: Keep-Alive
    Content-Type: iavs4/stats
    Content-MD5: 9gD7Pc8hmcOzF2XQquJ2LA==
    User-Agent: Avast SimpleHttp/3.0
    Content-Length: 391
    Host: v7event.stats.avast.com
    Response
    HTTP/1.1 204 No Content
    Server: nginx
    Date: Mon, 16 Oct 2023 03:49:02 GMT
    Via: 1.1 google
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-us
    POST
    https://v7event.stats.avast.com/cgi-bin/iavsevents.cgi
    avast_free_antivirus_setup_online_x64.exe
    Remote address:
    34.117.223.223:443
    Request
    POST /cgi-bin/iavsevents.cgi HTTP/1.1
    Connection: Keep-Alive
    Content-Type: iavs4/stats
    Content-MD5: 9gD7Pc8hmcOzF2XQquJ2LA==
    User-Agent: Avast SimpleHttp/3.0
    Content-Length: 391
    Host: v7event.stats.avast.com
    Response
    HTTP/1.1 204 No Content
    Server: nginx
    Date: Mon, 16 Oct 2023 03:49:03 GMT
    Via: 1.1 google
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-us
    POST
    https://v7event.stats.avast.com/cgi-bin/iavsevents.cgi
    avast_free_antivirus_setup_online_x64.exe
    Remote address:
    34.117.223.223:443
    Request
    POST /cgi-bin/iavsevents.cgi HTTP/1.1
    Connection: Keep-Alive
    Content-Type: iavs4/stats
    Content-MD5: 9gD7Pc8hmcOzF2XQquJ2LA==
    User-Agent: Avast SimpleHttp/3.0
    Content-Length: 391
    Host: v7event.stats.avast.com
    Response
    HTTP/1.1 204 No Content
    Server: nginx
    Date: Mon, 16 Oct 2023 03:49:04 GMT
    Via: 1.1 google
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-us
    POST
    https://v7event.stats.avast.com/cgi-bin/iavsevents.cgi
    avast_free_antivirus_setup_online_x64.exe
    Remote address:
    34.117.223.223:443
    Request
    POST /cgi-bin/iavsevents.cgi HTTP/1.1
    Connection: Keep-Alive
    Content-Type: iavs4/stats
    Content-MD5: 9gD7Pc8hmcOzF2XQquJ2LA==
    User-Agent: Avast SimpleHttp/3.0
    Content-Length: 391
    Host: v7event.stats.avast.com
    Response
    HTTP/1.1 204 No Content
    Server: nginx
    Date: Mon, 16 Oct 2023 03:49:05 GMT
    Via: 1.1 google
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-us
    POST
    https://v7event.stats.avast.com/cgi-bin/iavsevents.cgi
    avast_free_antivirus_setup_online_x64.exe
    Remote address:
    34.117.223.223:443
    Request
    POST /cgi-bin/iavsevents.cgi HTTP/1.1
    Connection: Keep-Alive
    Content-Type: iavs4/stats
    Content-MD5: 9gD7Pc8hmcOzF2XQquJ2LA==
    User-Agent: Avast SimpleHttp/3.0
    Content-Length: 391
    Host: v7event.stats.avast.com
    Response
    HTTP/1.1 204 No Content
    Server: nginx
    Date: Mon, 16 Oct 2023 03:49:07 GMT
    Via: 1.1 google
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-us
    POST
    https://v7event.stats.avast.com/cgi-bin/iavsevents.cgi
    avast_free_antivirus_setup_online_x64.exe
    Remote address:
    34.117.223.223:443
    Request
    POST /cgi-bin/iavsevents.cgi HTTP/1.1
    Connection: Keep-Alive
    Content-Type: iavs4/stats
    Content-MD5: 9gD7Pc8hmcOzF2XQquJ2LA==
    User-Agent: Avast SimpleHttp/3.0
    Content-Length: 391
    Host: v7event.stats.avast.com
    Response
    HTTP/1.1 204 No Content
    Server: nginx
    Date: Mon, 16 Oct 2023 03:49:08 GMT
    Via: 1.1 google
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-us
    DNS
    shepherd.ff.avast.com
    instup.exe
    Remote address:
    8.8.8.8:53
    Request
    shepherd.ff.avast.com
    IN A
    Response
    shepherd.ff.avast.com
    IN CNAME
    shepherd-gcp.ff.avast.com
    shepherd-gcp.ff.avast.com
    IN A
    34.160.176.28
  • flag-us
    DNS
    shepherd.ff.avast.com
    instup.exe
    Remote address:
    8.8.8.8:53
    Request
    shepherd.ff.avast.com
    IN AAAA
    Response
    shepherd.ff.avast.com
    IN CNAME
    shepherd-gcp.ff.avast.com
  • flag-us
    DNS
    shepherd.ff.avast.com
    instup.exe
    Remote address:
    8.8.8.8:53
    Request
    shepherd.ff.avast.com
    IN A
    Response
    shepherd.ff.avast.com
    IN CNAME
    shepherd-gcp.ff.avast.com
    shepherd-gcp.ff.avast.com
    IN A
    34.160.176.28
  • flag-us
    POST
    https://shepherd.ff.avast.com/
    instup.exe
    Remote address:
    34.160.176.28:443
    Request
    POST / HTTP/1.1
    Connection: Keep-Alive
    Content-Type: application/x-www-form-urlencoded
    Host: shepherd.ff.avast.com
    User-Agent: Avast Antivirus
    Content-Length: 271
    Response
    HTTP/1.1 200 OK
    Server: nginx
    Date: Mon, 16 Oct 2023 03:49:08 GMT
    Content-Type: text/plain
    Content-Length: 29110
    AB-Tests: 9c39bb00-0319-40bf-b991-5c9ed9d0a85b:C,oa-7466-v0:c
    Access-Control-Allow-Origin: *
    Access-Control-Expose-Headers: Config-Id, Config-Name, Config-Version, Segments, AB-Tests, TTL, TTL-Spread
    Config-Id: 5
    Config-Name: Avast-Windows-AV-Consumer_websocket-testing_ipm_6363_chrome_offer_setup_free_free_production-new-installs_version-18.6-and-higher_production_quic-sni-block-release_v2017_hns-pre-scan-enabled-countries_phone-support-tile_avast-18-r7-and-18-r8_fs-and-idp-integration_cef-settings-off_opening-browser-onboarding_old-smartscan_alpha-new-installs_ipm_6513_open_ui_c_test-akamai_test-pam-no-master-password_v18.5-and-higher_cleanup-premium-installation_release---iavs9x-only_version-19.1-and-older-faf7cc8f8bb291a9a8ecacd08ba69384b3eb896842c81a37f2c3dc6a898ba5b0
    Config-Version: 4801
    Segments: websocket testing,ipm_6363_chrome_offer_setup_free,free,production new installs,version 18.6 and higher,production,quic sni block release,v2017,hns pre-scan enabled countries,phone support tile,avast 18 r7 and 18 r8,fs and idp integration,cef settings off,opening browser onboarding,old smartscan,alpha new installs,ipm_6513_open_ui_c,test akamai,test pam no master password,v18.5 and higher,cleanup premium installation,release - iavs9x only,version 19.1 and older
    TTL: 86400
    TTL-Spread: 43200
    Via: 1.1 google
    Alt-Svc: clear
  • flag-us
    DNS
    28.176.160.34.in-addr.arpa
    Remote address:
    8.8.8.8:53
    Request
    28.176.160.34.in-addr.arpa
    IN PTR
    Response
    28.176.160.34.in-addr.arpa
    IN PTR
    2817616034bcgoogleusercontentcom
  • flag-us
    DNS
    b8003600.iavs9x.u.avast.com
    instup.exe
    Remote address:
    8.8.8.8:53
    Request
    b8003600.iavs9x.u.avast.com
    IN A
    Response
    b8003600.iavs9x.u.avast.com
    IN CNAME
    iavs9x4.u.avcdn.net.edgesuite.net
    iavs9x4.u.avcdn.net.edgesuite.net
    IN CNAME
    a117.dscd.akamai.net
    a117.dscd.akamai.net
    IN A
    84.53.175.64
    a117.dscd.akamai.net
    IN A
    84.53.175.137
  • flag-us
    DNS
    g1928587.iavs9x.u.avast.com
    instup.exe
    Remote address:
    8.8.8.8:53
    Request
    g1928587.iavs9x.u.avast.com
    IN A
    Response
    r9319236.iavs9x.u.avast.com
    IN CNAME
    iavs9x4.u.avcdn.net.edgesuite.net
    iavs9x4.u.avcdn.net.edgesuite.net
    IN CNAME
    a117.dscd.akamai.net
    a117.dscd.akamai.net
    IN A
    84.53.175.64
    a117.dscd.akamai.net
    IN A
    84.53.175.137
  • flag-us
    DNS
    l4691727.iavs9x.u.avast.com
    instup.exe
    Remote address:
    8.8.8.8:53
    Request
    l4691727.iavs9x.u.avast.com
    IN A
    Response
    l4691727.iavs9x.u.avast.com
    IN CNAME
    iavs9x4.u.avcdn.net.edgesuite.net
    iavs9x4.u.avcdn.net.edgesuite.net
    IN CNAME
    a117.dscd.akamai.net
    a117.dscd.akamai.net
    IN A
    84.53.175.64
    a117.dscd.akamai.net
    IN A
    84.53.175.137
  • flag-us
    DNS
    r9319236.iavs9x.u.avast.com
    instup.exe
    Remote address:
    8.8.8.8:53
    Request
    r9319236.iavs9x.u.avast.com
    IN A
    Response
    g1928587.iavs9x.u.avast.com
    IN CNAME
    iavs9x4.u.avcdn.net.edgesuite.net
    iavs9x4.u.avcdn.net.edgesuite.net
    IN CNAME
    a117.dscd.akamai.net
    a117.dscd.akamai.net
    IN A
    84.53.175.137
    a117.dscd.akamai.net
    IN A
    84.53.175.64
  • flag-us
    DNS
    s-iavs9x.avcdn.net
    instup.exe
    Remote address:
    8.8.8.8:53
    Request
    s-iavs9x.avcdn.net
    IN A
    Response
    s1843811.iavs9x.u.avast.com
    IN CNAME
    iavs9x4.u.avcdn.net.edgesuite.net
    iavs9x4.u.avcdn.net.edgesuite.net
    IN CNAME
    a117.dscd.akamai.net
    a117.dscd.akamai.net
    IN A
    84.53.175.64
    a117.dscd.akamai.net
    IN A
    84.53.175.137
  • flag-us
    DNS
    s1843811.iavs9x.u.avast.com
    instup.exe
    Remote address:
    8.8.8.8:53
    Request
    s1843811.iavs9x.u.avast.com
    IN A
    Response
    s-iavs9x.avcdn.net
    IN CNAME
    fallbackupdates.avcdn.net.edgekey.net
    fallbackupdates.avcdn.net.edgekey.net
    IN CNAME
    e9229.dscd.akamaiedge.net
    e9229.dscd.akamaiedge.net
    IN A
    23.36.245.4
  • flag-us
    DNS
    b8003600.iavs9x.u.avast.com
    instup.exe
    Remote address:
    8.8.8.8:53
    Request
    b8003600.iavs9x.u.avast.com
    IN A
    Response
    b8003600.iavs9x.u.avast.com
    IN CNAME
    iavs9x4.u.avcdn.net.edgesuite.net
    iavs9x4.u.avcdn.net.edgesuite.net
    IN CNAME
    a117.dscd.akamai.net
    a117.dscd.akamai.net
    IN A
    84.53.175.137
    a117.dscd.akamai.net
    IN A
    84.53.175.64
  • flag-us
    DNS
    g1928587.iavs9x.u.avast.com
    instup.exe
    Remote address:
    8.8.8.8:53
    Request
    g1928587.iavs9x.u.avast.com
    IN A
    Response
    g1928587.iavs9x.u.avast.com
    IN CNAME
    iavs9x4.u.avcdn.net.edgesuite.net
    iavs9x4.u.avcdn.net.edgesuite.net
    IN CNAME
    a117.dscd.akamai.net
    a117.dscd.akamai.net
    IN A
    84.53.175.64
    a117.dscd.akamai.net
    IN A
    84.53.175.137
  • flag-us
    DNS
    l4691727.iavs9x.u.avast.com
    instup.exe
    Remote address:
    8.8.8.8:53
    Request
    l4691727.iavs9x.u.avast.com
    IN A
    Response
    l4691727.iavs9x.u.avast.com
    IN CNAME
    iavs9x4.u.avcdn.net.edgesuite.net
    iavs9x4.u.avcdn.net.edgesuite.net
    IN CNAME
    a117.dscd.akamai.net
    a117.dscd.akamai.net
    IN A
    84.53.175.137
    a117.dscd.akamai.net
    IN A
    84.53.175.64
  • flag-us
    DNS
    r9319236.iavs9x.u.avast.com
    instup.exe
    Remote address:
    8.8.8.8:53
    Request
    r9319236.iavs9x.u.avast.com
    IN A
    Response
    r9319236.iavs9x.u.avast.com
    IN CNAME
    iavs9x4.u.avcdn.net.edgesuite.net
    iavs9x4.u.avcdn.net.edgesuite.net
    IN CNAME
    a117.dscd.akamai.net
    a117.dscd.akamai.net
    IN A
    84.53.175.64
    a117.dscd.akamai.net
    IN A
    84.53.175.137
  • flag-us
    DNS
    s-iavs9x.avcdn.net
    instup.exe
    Remote address:
    8.8.8.8:53
    Request
    s-iavs9x.avcdn.net
    IN A
    Response
    s-iavs9x.avcdn.net
    IN CNAME
    fallbackupdates.avcdn.net.edgekey.net
    fallbackupdates.avcdn.net.edgekey.net
    IN CNAME
    e9229.dscd.akamaiedge.net
    e9229.dscd.akamaiedge.net
    IN A
    23.36.245.4
  • flag-us
    DNS
    s1843811.iavs9x.u.avast.com
    instup.exe
    Remote address:
    8.8.8.8:53
    Request
    s1843811.iavs9x.u.avast.com
    IN A
    Response
    s1843811.iavs9x.u.avast.com
    IN CNAME
    iavs9x4.u.avcdn.net.edgesuite.net
    iavs9x4.u.avcdn.net.edgesuite.net
    IN CNAME
    a117.dscd.akamai.net
    a117.dscd.akamai.net
    IN A
    84.53.175.137
    a117.dscd.akamai.net
    IN A
    84.53.175.64
  • flag-us
    DNS
    b8003600.iavs9x.u.avast.com
    instup.exe
    Remote address:
    8.8.8.8:53
    Request
    b8003600.iavs9x.u.avast.com
    IN AAAA
    Response
    b8003600.iavs9x.u.avast.com
    IN CNAME
    iavs9x4.u.avcdn.net.edgesuite.net
    iavs9x4.u.avcdn.net.edgesuite.net
    IN CNAME
    a117.dscd.akamai.net
    a117.dscd.akamai.net
    IN AAAA
    2a02:26f0:fe00::5c7a:6533
    a117.dscd.akamai.net
    IN AAAA
    2a02:26f0:fe00::5c7a:6522
  • flag-us
    DNS
    g1928587.iavs9x.u.avast.com
    instup.exe
    Remote address:
    8.8.8.8:53
    Request
    g1928587.iavs9x.u.avast.com
    IN AAAA
    Response
    g1928587.iavs9x.u.avast.com
    IN CNAME
    iavs9x4.u.avcdn.net.edgesuite.net
    iavs9x4.u.avcdn.net.edgesuite.net
    IN CNAME
    a117.dscd.akamai.net
    a117.dscd.akamai.net
    IN AAAA
    2a02:26f0:fe00::5c7a:6533
    a117.dscd.akamai.net
    IN AAAA
    2a02:26f0:fe00::5c7a:6522
  • flag-us
    DNS
    l4691727.iavs9x.u.avast.com
    instup.exe
    Remote address:
    8.8.8.8:53
    Request
    l4691727.iavs9x.u.avast.com
    IN AAAA
    Response
    l4691727.iavs9x.u.avast.com
    IN CNAME
    iavs9x4.u.avcdn.net.edgesuite.net
    iavs9x4.u.avcdn.net.edgesuite.net
    IN CNAME
    a117.dscd.akamai.net
    a117.dscd.akamai.net
    IN AAAA
    2a02:26f0:fe00::5c7a:6533
    a117.dscd.akamai.net
    IN AAAA
    2a02:26f0:fe00::5c7a:6522
  • flag-us
    DNS
    r9319236.iavs9x.u.avast.com
    instup.exe
    Remote address:
    8.8.8.8:53
    Request
    r9319236.iavs9x.u.avast.com
    IN AAAA
    Response
    r9319236.iavs9x.u.avast.com
    IN CNAME
    iavs9x4.u.avcdn.net.edgesuite.net
    iavs9x4.u.avcdn.net.edgesuite.net
    IN CNAME
    a117.dscd.akamai.net
    a117.dscd.akamai.net
    IN AAAA
    2a02:26f0:fe00::5c7a:6533
    a117.dscd.akamai.net
    IN AAAA
    2a02:26f0:fe00::5c7a:6522
  • flag-us
    DNS
    s-iavs9x.avcdn.net
    instup.exe
    Remote address:
    8.8.8.8:53
    Request
    s-iavs9x.avcdn.net
    IN AAAA
    Response
    s-iavs9x.avcdn.net
    IN CNAME
    fallbackupdates.avcdn.net.edgekey.net
    fallbackupdates.avcdn.net.edgekey.net
    IN CNAME
    e9229.dscd.akamaiedge.net
    e9229.dscd.akamaiedge.net
    IN AAAA
    2a02:26f0:fe00:282::240d
    e9229.dscd.akamaiedge.net
    IN AAAA
    2a02:26f0:fe00:29a::240d
  • flag-us
    DNS
    s1843811.iavs9x.u.avast.com
    instup.exe
    Remote address:
    8.8.8.8:53
    Request
    s1843811.iavs9x.u.avast.com
    IN AAAA
    Response
    s1843811.iavs9x.u.avast.com
    IN CNAME
    iavs9x4.u.avcdn.net.edgesuite.net
    iavs9x4.u.avcdn.net.edgesuite.net
    IN CNAME
    a117.dscd.akamai.net
    a117.dscd.akamai.net
    IN AAAA
    2a02:26f0:fe00::5c7a:6533
    a117.dscd.akamai.net
    IN AAAA
    2a02:26f0:fe00::5c7a:6522
  • flag-us
    DNS
    b8003600.iavs9x.u.avast.com
    instup.exe
    Remote address:
    8.8.8.8:53
    Request
    b8003600.iavs9x.u.avast.com
    IN AAAA
    Response
    b8003600.iavs9x.u.avast.com
    IN CNAME
    iavs9x4.u.avcdn.net.edgesuite.net
    iavs9x4.u.avcdn.net.edgesuite.net
    IN CNAME
    a117.dscd.akamai.net
    a117.dscd.akamai.net
    IN AAAA
    2a02:26f0:fe00::5c7a:6522
    a117.dscd.akamai.net
    IN AAAA
    2a02:26f0:fe00::5c7a:6533
  • flag-us
    DNS
    g1928587.iavs9x.u.avast.com
    instup.exe
    Remote address:
    8.8.8.8:53
    Request
    g1928587.iavs9x.u.avast.com
    IN AAAA
    Response
    g1928587.iavs9x.u.avast.com
    IN CNAME
    iavs9x4.u.avcdn.net.edgesuite.net
    iavs9x4.u.avcdn.net.edgesuite.net
    IN CNAME
    a117.dscd.akamai.net
    a117.dscd.akamai.net
    IN AAAA
    2a02:26f0:fe00::5c7a:6533
    a117.dscd.akamai.net
    IN AAAA
    2a02:26f0:fe00::5c7a:6522
  • flag-us
    DNS
    l4691727.iavs9x.u.avast.com
    instup.exe
    Remote address:
    8.8.8.8:53
    Request
    l4691727.iavs9x.u.avast.com
    IN AAAA
    Response
    l4691727.iavs9x.u.avast.com
    IN CNAME
    iavs9x4.u.avcdn.net.edgesuite.net
    iavs9x4.u.avcdn.net.edgesuite.net
    IN CNAME
    a117.dscd.akamai.net
    a117.dscd.akamai.net
    IN AAAA
    2a02:26f0:fe00::5c7a:6533
    a117.dscd.akamai.net
    IN AAAA
    2a02:26f0:fe00::5c7a:6522
  • flag-us
    DNS
    r9319236.iavs9x.u.avast.com
    instup.exe
    Remote address:
    8.8.8.8:53
    Request
    r9319236.iavs9x.u.avast.com
    IN AAAA
    Response
    r9319236.iavs9x.u.avast.com
    IN CNAME
    iavs9x4.u.avcdn.net.edgesuite.net
    iavs9x4.u.avcdn.net.edgesuite.net
    IN CNAME
    a117.dscd.akamai.net
    a117.dscd.akamai.net
    IN AAAA
    2a02:26f0:fe00::5c7a:6533
    a117.dscd.akamai.net
    IN AAAA
    2a02:26f0:fe00::5c7a:6522
  • flag-us
    DNS
    s-iavs9x.avcdn.net
    instup.exe
    Remote address:
    8.8.8.8:53
    Request
    s-iavs9x.avcdn.net
    IN AAAA
    Response
    s-iavs9x.avcdn.net
    IN CNAME
    fallbackupdates.avcdn.net.edgekey.net
    fallbackupdates.avcdn.net.edgekey.net
    IN CNAME
    e9229.dscd.akamaiedge.net
    e9229.dscd.akamaiedge.net
    IN AAAA
    2a02:26f0:fe00:29a::240d
    e9229.dscd.akamaiedge.net
    IN AAAA
    2a02:26f0:fe00:282::240d
  • flag-us
    DNS
    s1843811.iavs9x.u.avast.com
    instup.exe
    Remote address:
    8.8.8.8:53
    Request
    s1843811.iavs9x.u.avast.com
    IN AAAA
  • flag-us
    DNS
    157.123.68.40.in-addr.arpa
    Remote address:
    8.8.8.8:53
    Request
    157.123.68.40.in-addr.arpa
    IN PTR
    Response
  • flag-us
    DNS
    56.126.166.20.in-addr.arpa
    Remote address:
    8.8.8.8:53
    Request
    56.126.166.20.in-addr.arpa
    IN PTR
    Response
  • flag-us
    DNS
    s1843811.iavs9x.u.avast.com
    instup.exe
    Remote address:
    8.8.4.4:53
    Request
    s1843811.iavs9x.u.avast.com
    IN AAAA
  • flag-nl
    GET
    http://r9319236.iavs9x.u.avast.com/iavs9x/servers.def.vpx
    instup.exe
    Remote address:
    84.53.175.64:80
    Request
    GET /iavs9x/servers.def.vpx HTTP/1.1
    Host: r9319236.iavs9x.u.avast.com
    Accept: */*
    User-Agent: avast! Antivirus (instup)
    Response
    HTTP/1.1 200 OK
    Last-Modified: Tue, 19 Sep 2023 16:55:58 GMT
    ETag: "6509d29e-995"
    Server: nginx
    Content-Type: application/octet-stream
    Content-Length: 2453
    Access-Control-Allow-Origin: *
    X-Cache-Status: HIT
    X-Origin-Cache: vpsorigin-cache-re-prod-001.europe-west1-b.ppp-lopst-vpsorigin-10
    Accept-Ranges: bytes
    Cache-Control: max-age=51
    Expires: Mon, 16 Oct 2023 03:50:03 GMT
    Date: Mon, 16 Oct 2023 03:49:12 GMT
    Connection: keep-alive
  • flag-nl
    GET
    http://s1843811.iavs9x.u.avast.com/iavs9x/prod-pgm.vpx
    instup.exe
    Remote address:
    84.53.175.64:80
    Request
    GET /iavs9x/prod-pgm.vpx HTTP/1.1
    Host: s1843811.iavs9x.u.avast.com
    Accept: */*
    User-Agent: avast! Antivirus (instup)
    Response
    HTTP/1.1 200 OK
    Last-Modified: Tue, 19 Sep 2023 16:56:00 GMT
    ETag: "6509d2a0-23c"
    Server: nginx
    Content-Type: application/octet-stream
    Content-Length: 572
    Access-Control-Allow-Origin: *
    X-Cache-Status: HIT
    X-Origin-Cache: vpsorigin-cache-re-prod-001.europe-west1-b.ppp-lopst-vpsorigin-10
    Accept-Ranges: bytes
    Cache-Control: max-age=12
    Expires: Mon, 16 Oct 2023 03:49:25 GMT
    Date: Mon, 16 Oct 2023 03:49:13 GMT
    Connection: keep-alive
  • flag-us
    DNS
    126.179.238.8.in-addr.arpa
    Remote address:
    8.8.8.8:53
    Request
    126.179.238.8.in-addr.arpa
    IN PTR
    Response
  • flag-us
    DNS
    4.4.8.8.in-addr.arpa
    Remote address:
    8.8.8.8:53
    Request
    4.4.8.8.in-addr.arpa
    IN PTR
    Response
    4.4.8.8.in-addr.arpa
    IN PTR
    dnsgoogle
  • flag-nl
    GET
    http://s1843811.iavs9x.u.avast.com/iavs9x/avbugreport_x64_ais-a1b.vpx
    instup.exe
    Remote address:
    84.53.175.64:80
    Request
    GET /iavs9x/avbugreport_x64_ais-a1b.vpx HTTP/1.1
    Host: s1843811.iavs9x.u.avast.com
    Accept: */*
    User-Agent: avast! Antivirus (instup)
    Response
    HTTP/1.1 200 OK
    Server: nginx
    Content-Type: application/octet-stream
    Content-Length: 1458125
    Last-Modified: Tue, 19 Sep 2023 16:52:43 GMT
    ETag: "6509d1db-163fcd"
    Access-Control-Allow-Origin: *
    X-Cache-Status: HIT
    X-Origin-Cache: vpsorigin-cache-re-prod-001.europe-west1-b.ppp-lopst-vpsorigin-10
    Accept-Ranges: bytes
    Cache-Control: max-age=1205
    Expires: Mon, 16 Oct 2023 04:09:18 GMT
    Date: Mon, 16 Oct 2023 03:49:13 GMT
    Connection: keep-alive
  • flag-nl
    GET
    http://s1843811.iavs9x.u.avast.com/iavs9x/avdump_x64_ais-a1b.vpx
    instup.exe
    Remote address:
    84.53.175.64:80
    Request
    GET /iavs9x/avdump_x64_ais-a1b.vpx HTTP/1.1
    Host: s1843811.iavs9x.u.avast.com
    Accept: */*
    User-Agent: avast! Antivirus (instup)
    Response
    HTTP/1.1 200 OK
    Server: nginx
    Content-Type: application/octet-stream
    Content-Length: 399416
    Last-Modified: Tue, 19 Sep 2023 16:52:42 GMT
    ETag: "6509d1da-61838"
    Access-Control-Allow-Origin: *
    X-Cache-Status: HIT
    X-Origin-Cache: vpsorigin-cache-re-prod-001.europe-west1-b.ppp-lopst-vpsorigin-10
    Accept-Ranges: bytes
    Cache-Control: max-age=3304
    Expires: Mon, 16 Oct 2023 04:44:18 GMT
    Date: Mon, 16 Oct 2023 03:49:14 GMT
    Connection: keep-alive
  • flag-nl
    GET
    http://s1843811.iavs9x.u.avast.com/iavs9x/avdump_x86_ais-a1b.vpx
    instup.exe
    Remote address:
    84.53.175.64:80
    Request
    GET /iavs9x/avdump_x86_ais-a1b.vpx HTTP/1.1
    Host: s1843811.iavs9x.u.avast.com
    Accept: */*
    User-Agent: avast! Antivirus (instup)
    Response
    HTTP/1.1 200 OK
    Last-Modified: Tue, 19 Sep 2023 16:52:40 GMT
    ETag: "6509d1d8-58c44"
    Server: nginx
    Content-Type: application/octet-stream
    Content-Length: 363588
    Access-Control-Allow-Origin: *
    X-Cache-Status: HIT
    X-Origin-Cache: vpsorigin-cache-re-prod-001.europe-west1-b.ppp-lopst-vpsorigin-10
    Accept-Ranges: bytes
    Cache-Control: max-age=1192
    Expires: Mon, 16 Oct 2023 04:09:06 GMT
    Date: Mon, 16 Oct 2023 03:49:14 GMT
    Connection: keep-alive
  • flag-nl
    GET
    http://s1843811.iavs9x.u.avast.com/iavs9x/offertool_x64_ais-a1b.vpx
    instup.exe
    Remote address:
    84.53.175.64:80
    Request
    GET /iavs9x/offertool_x64_ais-a1b.vpx HTTP/1.1
    Host: s1843811.iavs9x.u.avast.com
    Accept: */*
    User-Agent: avast! Antivirus (instup)
    Response
    HTTP/1.1 200 OK
    Last-Modified: Tue, 19 Sep 2023 16:52:42 GMT
    ETag: "6509d1da-d274b"
    Server: nginx
    Content-Type: application/octet-stream
    Content-Length: 862027
    Access-Control-Allow-Origin: *
    X-Cache-Status: REVALIDATED
    X-Origin-Cache: vpsorigin-cache-re-prod-001.europe-west1-b.ppp-lopst-vpsorigin-10
    Accept-Ranges: bytes
    Cache-Control: max-age=618
    Expires: Mon, 16 Oct 2023 03:59:33 GMT
    Date: Mon, 16 Oct 2023 03:49:15 GMT
    Connection: keep-alive
  • flag-nl
    GET
    http://s1843811.iavs9x.u.avast.com/iavs9x/sbr_x64_ais-a1b.vpx
    instup.exe
    Remote address:
    84.53.175.64:80
    Request
    GET /iavs9x/sbr_x64_ais-a1b.vpx HTTP/1.1
    Host: s1843811.iavs9x.u.avast.com
    Accept: */*
    User-Agent: avast! Antivirus (instup)
    Response
    HTTP/1.1 200 OK
    Last-Modified: Tue, 19 Sep 2023 16:52:44 GMT
    ETag: "6509d1dc-2d8d"
    Server: nginx
    Content-Type: application/octet-stream
    Content-Length: 11661
    Access-Control-Allow-Origin: *
    X-Cache-Status: HIT
    X-Origin-Cache: vpsorigin-cache-re-prod-001.europe-west1-b.ppp-lopst-vpsorigin-10
    Accept-Ranges: bytes
    Cache-Control: max-age=8
    Expires: Mon, 16 Oct 2023 03:49:24 GMT
    Date: Mon, 16 Oct 2023 03:49:16 GMT
    Connection: keep-alive
  • flag-us
    DNS
    b7210692.iavs9x.u.avast.com
    instup.exe
    Remote address:
    8.8.8.8:53
    Request
    b7210692.iavs9x.u.avast.com
    IN A
    Response
    t1024579.iavs9x.u.avast.com
    IN CNAME
    iavs9x4.u.avcdn.net.edgesuite.net
    iavs9x4.u.avcdn.net.edgesuite.net
    IN CNAME
    a117.dscd.akamai.net
    a117.dscd.akamai.net
    IN A
    84.53.175.64
    a117.dscd.akamai.net
    IN A
    84.53.175.137
  • flag-us
    DNS
    f3461309.iavs9x.u.avast.com
    instup.exe
    Remote address:
    8.8.8.8:53
    Request
    f3461309.iavs9x.u.avast.com
    IN A
    Response
    s-iavs9x.avcdn.net
    IN CNAME
    fallbackupdates.avcdn.net.edgekey.net
    fallbackupdates.avcdn.net.edgekey.net
    IN CNAME
    e9229.dscd.akamaiedge.net
    e9229.dscd.akamaiedge.net
    IN A
    23.36.245.4
  • flag-us
    DNS
    r0965026.iavs9x.u.avast.com
    instup.exe
    Remote address:
    8.8.8.8:53
    Request
    r0965026.iavs9x.u.avast.com
    IN A
    Response
    z4055813.iavs9x.u.avast.com
    IN CNAME
    iavs9x4.u.avcdn.net.edgesuite.net
    iavs9x4.u.avcdn.net.edgesuite.net
    IN CNAME
    a117.dscd.akamai.net
    a117.dscd.akamai.net
    IN A
    84.53.175.137
    a117.dscd.akamai.net
    IN A
    84.53.175.64
  • flag-us
    DNS
    s-iavs9x.avcdn.net
    instup.exe
    Remote address:
    8.8.8.8:53
    Request
    s-iavs9x.avcdn.net
    IN A
    Response
    f3461309.iavs9x.u.avast.com
    IN CNAME
    iavs9x4.u.avcdn.net.edgesuite.net
    iavs9x4.u.avcdn.net.edgesuite.net
    IN CNAME
    a117.dscd.akamai.net
    a117.dscd.akamai.net
    IN A
    84.53.175.64
    a117.dscd.akamai.net
    IN A
    84.53.175.137
  • flag-us
    DNS
    t1024579.iavs9x.u.avast.com
    instup.exe
    Remote address:
    8.8.8.8:53
    Request
    t1024579.iavs9x.u.avast.com
    IN A
    Response
    r0965026.iavs9x.u.avast.com
    IN CNAME
    iavs9x4.u.avcdn.net.edgesuite.net
    iavs9x4.u.avcdn.net.edgesuite.net
    IN CNAME
    a117.dscd.akamai.net
    a117.dscd.akamai.net
    IN A
    84.53.175.64
    a117.dscd.akamai.net
    IN A
    84.53.175.137
  • flag-us
    DNS
    z4055813.iavs9x.u.avast.com
    instup.exe
    Remote address:
    8.8.8.8:53
    Request
    z4055813.iavs9x.u.avast.com
    IN A
    Response
    b7210692.iavs9x.u.avast.com
    IN CNAME
    iavs9x4.u.avcdn.net.edgesuite.net
    iavs9x4.u.avcdn.net.edgesuite.net
    IN CNAME
    a117.dscd.akamai.net
    a117.dscd.akamai.net
    IN A
    84.53.175.64
    a117.dscd.akamai.net
    IN A
    84.53.175.137
  • flag-us
    DNS
    b7210692.iavs9x.u.avast.com
    instup.exe
    Remote address:
    8.8.8.8:53
    Request
    b7210692.iavs9x.u.avast.com
    IN A
    Response
    b7210692.iavs9x.u.avast.com
    IN CNAME
    iavs9x4.u.avcdn.net.edgesuite.net
    iavs9x4.u.avcdn.net.edgesuite.net
    IN CNAME
    a117.dscd.akamai.net
    a117.dscd.akamai.net
    IN A
    84.53.175.64
    a117.dscd.akamai.net
    IN A
    84.53.175.137
  • flag-us
    DNS
    f3461309.iavs9x.u.avast.com
    instup.exe
    Remote address:
    8.8.8.8:53
    Request
    f3461309.iavs9x.u.avast.com
    IN A
    Response
    f3461309.iavs9x.u.avast.com
    IN CNAME
    iavs9x4.u.avcdn.net.edgesuite.net
    iavs9x4.u.avcdn.net.edgesuite.net
    IN CNAME
    a117.dscd.akamai.net
    a117.dscd.akamai.net
    IN A
    84.53.175.137
    a117.dscd.akamai.net
    IN A
    84.53.175.64
  • flag-us
    DNS
    r0965026.iavs9x.u.avast.com
    instup.exe
    Remote address:
    8.8.8.8:53
    Request
    r0965026.iavs9x.u.avast.com
    IN A
    Response
    r0965026.iavs9x.u.avast.com
    IN CNAME
    iavs9x4.u.avcdn.net.edgesuite.net
    iavs9x4.u.avcdn.net.edgesuite.net
    IN CNAME
    a117.dscd.akamai.net
    a117.dscd.akamai.net
    IN A
    84.53.175.137
    a117.dscd.akamai.net
    IN A
    84.53.175.64
  • flag-us
    DNS
    s-iavs9x.avcdn.net
    instup.exe
    Remote address:
    8.8.8.8:53
    Request
    s-iavs9x.avcdn.net
    IN A
    Response
    s-iavs9x.avcdn.net
    IN CNAME
    fallbackupdates.avcdn.net.edgekey.net
    fallbackupdates.avcdn.net.edgekey.net
    IN CNAME
    e9229.dscd.akamaiedge.net
    e9229.dscd.akamaiedge.net
    IN A
    23.36.245.4
  • flag-us
    DNS
    t1024579.iavs9x.u.avast.com
    instup.exe
    Remote address:
    8.8.8.8:53
    Request
    t1024579.iavs9x.u.avast.com
    IN A
    Response
    t1024579.iavs9x.u.avast.com
    IN CNAME
    iavs9x4.u.avcdn.net.edgesuite.net
    iavs9x4.u.avcdn.net.edgesuite.net
    IN CNAME
    a117.dscd.akamai.net
    a117.dscd.akamai.net
    IN A
    84.53.175.137
    a117.dscd.akamai.net
    IN A
    84.53.175.64
  • flag-us
    DNS
    z4055813.iavs9x.u.avast.com
    instup.exe
    Remote address:
    8.8.8.8:53
    Request
    z4055813.iavs9x.u.avast.com
    IN A
    Response
    z4055813.iavs9x.u.avast.com
    IN CNAME
    iavs9x4.u.avcdn.net.edgesuite.net
    iavs9x4.u.avcdn.net.edgesuite.net
    IN CNAME
    a117.dscd.akamai.net
    a117.dscd.akamai.net
    IN A
    84.53.175.137
    a117.dscd.akamai.net
    IN A
    84.53.175.64
  • flag-us
    DNS
    b7210692.iavs9x.u.avast.com
    instup.exe
    Remote address:
    8.8.8.8:53
    Request
    b7210692.iavs9x.u.avast.com
    IN AAAA
    Response
    b7210692.iavs9x.u.avast.com
    IN CNAME
    iavs9x4.u.avcdn.net.edgesuite.net
    iavs9x4.u.avcdn.net.edgesuite.net
    IN CNAME
    a117.dscd.akamai.net
    a117.dscd.akamai.net
    IN AAAA
    2a02:26f0:fe00::5c7a:6533
    a117.dscd.akamai.net
    IN AAAA
    2a02:26f0:fe00::5c7a:6522
  • flag-us
    DNS
    f3461309.iavs9x.u.avast.com
    instup.exe
    Remote address:
    8.8.8.8:53
    Request
    f3461309.iavs9x.u.avast.com
    IN AAAA
    Response
    f3461309.iavs9x.u.avast.com
    IN CNAME
    iavs9x4.u.avcdn.net.edgesuite.net
    iavs9x4.u.avcdn.net.edgesuite.net
    IN CNAME
    a117.dscd.akamai.net
    a117.dscd.akamai.net
    IN AAAA
    2a02:26f0:fe00::5c7a:6533
    a117.dscd.akamai.net
    IN AAAA
    2a02:26f0:fe00::5c7a:6522
  • flag-us
    DNS
    r0965026.iavs9x.u.avast.com
    instup.exe
    Remote address:
    8.8.8.8:53
    Request
    r0965026.iavs9x.u.avast.com
    IN AAAA
    Response
    r0965026.iavs9x.u.avast.com
    IN CNAME
    iavs9x4.u.avcdn.net.edgesuite.net
    iavs9x4.u.avcdn.net.edgesuite.net
    IN CNAME
    a117.dscd.akamai.net
    a117.dscd.akamai.net
    IN AAAA
    2a02:26f0:fe00::5c7a:6533
    a117.dscd.akamai.net
    IN AAAA
    2a02:26f0:fe00::5c7a:6522
  • flag-us
    DNS
    s-iavs9x.avcdn.net
    instup.exe
    Remote address:
    8.8.8.8:53
    Request
    s-iavs9x.avcdn.net
    IN AAAA
    Response
    t1024579.iavs9x.u.avast.com
    IN CNAME
    iavs9x4.u.avcdn.net.edgesuite.net
    iavs9x4.u.avcdn.net.edgesuite.net
    IN CNAME
    a117.dscd.akamai.net
    a117.dscd.akamai.net
    IN AAAA
    2a02:26f0:fe00::5c7a:6533
    a117.dscd.akamai.net
    IN AAAA
    2a02:26f0:fe00::5c7a:6522
  • flag-us
    DNS
    t1024579.iavs9x.u.avast.com
    instup.exe
    Remote address:
    8.8.8.8:53
    Request
    t1024579.iavs9x.u.avast.com
    IN AAAA
    Response
    z4055813.iavs9x.u.avast.com
    IN CNAME
    iavs9x4.u.avcdn.net.edgesuite.net
    iavs9x4.u.avcdn.net.edgesuite.net
    IN CNAME
    a117.dscd.akamai.net
    a117.dscd.akamai.net
    IN AAAA
    2a02:26f0:fe00::5c7a:6533
    a117.dscd.akamai.net
    IN AAAA
    2a02:26f0:fe00::5c7a:6522
  • flag-us
    DNS
    z4055813.iavs9x.u.avast.com
    instup.exe
    Remote address:
    8.8.8.8:53
    Request
    z4055813.iavs9x.u.avast.com
    IN AAAA
    Response
    s-iavs9x.avcdn.net
    IN CNAME
    fallbackupdates.avcdn.net.edgekey.net
    fallbackupdates.avcdn.net.edgekey.net
    IN CNAME
    e9229.dscd.akamaiedge.net
    e9229.dscd.akamaiedge.net
    IN AAAA
    2a02:26f0:fe00:29a::240d
    e9229.dscd.akamaiedge.net
    IN AAAA
    2a02:26f0:fe00:282::240d
  • flag-us
    DNS
    b7210692.iavs9x.u.avast.com
    instup.exe
    Remote address:
    8.8.8.8:53
    Request
    b7210692.iavs9x.u.avast.com
    IN AAAA
    Response
    b7210692.iavs9x.u.avast.com
    IN CNAME
    iavs9x4.u.avcdn.net.edgesuite.net
    iavs9x4.u.avcdn.net.edgesuite.net
    IN CNAME
    a117.dscd.akamai.net
    a117.dscd.akamai.net
    IN AAAA
    2a02:26f0:fe00::5c7a:6522
    a117.dscd.akamai.net
    IN AAAA
    2a02:26f0:fe00::5c7a:6533
  • flag-us
    DNS
    f3461309.iavs9x.u.avast.com
    instup.exe
    Remote address:
    8.8.8.8:53
    Request
    f3461309.iavs9x.u.avast.com
    IN AAAA
    Response
    f3461309.iavs9x.u.avast.com
    IN CNAME
    iavs9x4.u.avcdn.net.edgesuite.net
    iavs9x4.u.avcdn.net.edgesuite.net
    IN CNAME
    a117.dscd.akamai.net
    a117.dscd.akamai.net
    IN AAAA
    2a02:26f0:fe00::5c7a:6533
    a117.dscd.akamai.net
    IN AAAA
    2a02:26f0:fe00::5c7a:6522
  • flag-us
    DNS
    r0965026.iavs9x.u.avast.com
    instup.exe
    Remote address:
    8.8.8.8:53
    Request
    r0965026.iavs9x.u.avast.com
    IN AAAA
    Response
    r0965026.iavs9x.u.avast.com
    IN CNAME
    iavs9x4.u.avcdn.net.edgesuite.net
    iavs9x4.u.avcdn.net.edgesuite.net
    IN CNAME
    a117.dscd.akamai.net
    a117.dscd.akamai.net
    IN AAAA
    2a02:26f0:fe00::5c7a:6522
    a117.dscd.akamai.net
    IN AAAA
    2a02:26f0:fe00::5c7a:6533
  • flag-us
    DNS
    s-iavs9x.avcdn.net
    instup.exe
    Remote address:
    8.8.8.8:53
    Request
    s-iavs9x.avcdn.net
    IN AAAA
    Response
    s-iavs9x.avcdn.net
    IN CNAME
    fallbackupdates.avcdn.net.edgekey.net
    fallbackupdates.avcdn.net.edgekey.net
    IN CNAME
    e9229.dscd.akamaiedge.net
    e9229.dscd.akamaiedge.net
    IN AAAA
    2a02:26f0:fe00:282::240d
    e9229.dscd.akamaiedge.net
    IN AAAA
    2a02:26f0:fe00:29a::240d
  • flag-us
    DNS
    t1024579.iavs9x.u.avast.com
    instup.exe
    Remote address:
    8.8.8.8:53
    Request
    t1024579.iavs9x.u.avast.com
    IN AAAA
    Response
    t1024579.iavs9x.u.avast.com
    IN CNAME
    iavs9x4.u.avcdn.net.edgesuite.net
    iavs9x4.u.avcdn.net.edgesuite.net
    IN CNAME
    a117.dscd.akamai.net
    a117.dscd.akamai.net
    IN AAAA
    2a02:26f0:fe00::5c7a:6533
    a117.dscd.akamai.net
    IN AAAA
    2a02:26f0:fe00::5c7a:6522
  • flag-us
    DNS
    z4055813.iavs9x.u.avast.com
    instup.exe
    Remote address:
    8.8.8.8:53
    Request
    z4055813.iavs9x.u.avast.com
    IN AAAA
    Response
    z4055813.iavs9x.u.avast.com
    IN CNAME
    iavs9x4.u.avcdn.net.edgesuite.net
    iavs9x4.u.avcdn.net.edgesuite.net
    IN CNAME
    a117.dscd.akamai.net
    a117.dscd.akamai.net
    IN AAAA
    2a02:26f0:fe00::5c7a:6533
    a117.dscd.akamai.net
    IN AAAA
    2a02:26f0:fe00::5c7a:6522
  • flag-nl
    GET
    http://b7210692.iavs9x.u.avast.com/iavs9x/prod-pgm.vpx
    instup.exe
    Remote address:
    84.53.175.64:80
    Request
    GET /iavs9x/prod-pgm.vpx HTTP/1.1
    Host: b7210692.iavs9x.u.avast.com
    Accept: */*
    User-Agent: avast! Antivirus (instup)
    Response
    HTTP/1.1 200 OK
    Last-Modified: Tue, 19 Sep 2023 16:56:00 GMT
    ETag: "6509d2a0-23c"
    Server: nginx
    Content-Type: application/octet-stream
    Content-Length: 572
    Access-Control-Allow-Origin: *
    X-Cache-Status: HIT
    X-Origin-Cache: vpsorigin-cache-re-prod-001.europe-west1-b.ppp-lopst-vpsorigin-10
    Accept-Ranges: bytes
    Cache-Control: max-age=5
    Expires: Mon, 16 Oct 2023 03:49:25 GMT
    Date: Mon, 16 Oct 2023 03:49:20 GMT
    Connection: keep-alive
  • flag-us
    DNS
    c3978047.vps18tiny.u.avcdn.net
    instup.exe
    Remote address:
    8.8.8.8:53
    Request
    c3978047.vps18tiny.u.avcdn.net
    IN A
    Response
    l7814800.vps18tiny.u.avcdn.net
    IN CNAME
    u4.avcdn.net.edgesuite.net
    u4.avcdn.net.edgesuite.net
    IN CNAME
    a27.dscd.akamai.net
    a27.dscd.akamai.net
    IN A
    84.53.175.50
    a27.dscd.akamai.net
    IN A
    84.53.175.35
  • flag-us
    DNS
    l4691727.vps18tiny.u.avcdn.net
    instup.exe
    Remote address:
    8.8.8.8:53
    Request
    l4691727.vps18tiny.u.avcdn.net
    IN A
    Response
    n8283613.vps18tiny.u.avcdn.net
    IN CNAME
    u4.avcdn.net.edgesuite.net
    u4.avcdn.net.edgesuite.net
    IN CNAME
    a27.dscd.akamai.net
    a27.dscd.akamai.net
    IN A
    84.53.175.50
    a27.dscd.akamai.net
    IN A
    84.53.175.35
  • flag-us
    DNS
    l7814800.vps18tiny.u.avcdn.net
    instup.exe
    Remote address:
    8.8.8.8:53
    Request
    l7814800.vps18tiny.u.avcdn.net
    IN A
    Response
    c3978047.vps18tiny.u.avcdn.net
    IN CNAME
    u4.avcdn.net.edgesuite.net
    u4.avcdn.net.edgesuite.net
    IN CNAME
    a27.dscd.akamai.net
    a27.dscd.akamai.net
    IN A
    84.53.175.35
    a27.dscd.akamai.net
    IN A
    84.53.175.50
  • flag-us
    DNS
    n8283613.vps18tiny.u.avcdn.net
    instup.exe
    Remote address:
    8.8.8.8:53
    Request
    n8283613.vps18tiny.u.avcdn.net
    IN A
    Response
    l4691727.vps18tiny.u.avcdn.net
    IN CNAME
    u4.avcdn.net.edgesuite.net
    u4.avcdn.net.edgesuite.net
    IN CNAME
    a27.dscd.akamai.net
    a27.dscd.akamai.net
    IN A
    84.53.175.35
    a27.dscd.akamai.net
    IN A
    84.53.175.50
  • flag-us
    DNS
    r4427608.vps18tiny.u.avcdn.net
    instup.exe
    Remote address:
    8.8.8.8:53
    Request
    r4427608.vps18tiny.u.avcdn.net
    IN A
    Response
    r4427608.vps18tiny.u.avcdn.net
    IN CNAME
    u4.avcdn.net.edgesuite.net
    u4.avcdn.net.edgesuite.net
    IN CNAME
    a27.dscd.akamai.net
    a27.dscd.akamai.net
    IN A
    84.53.175.50
    a27.dscd.akamai.net
    IN A
    84.53.175.35
  • flag-us
    DNS
    s-vps18tiny.avcdn.net
    instup.exe
    Remote address:
    8.8.8.8:53
    Request
    s-vps18tiny.avcdn.net
    IN A
    Response
    s-vps18tiny.avcdn.net
    IN CNAME
    fallbackupdates.avcdn.net.edgekey.net
    fallbackupdates.avcdn.net.edgekey.net
    IN CNAME
    e9229.dscd.akamaiedge.net
    e9229.dscd.akamaiedge.net
    IN A
    23.36.245.4
  • flag-us
    DNS
    c3978047.vps18tiny.u.avcdn.net
    instup.exe
    Remote address:
    8.8.8.8:53
    Request
    c3978047.vps18tiny.u.avcdn.net
    IN A
    Response
    c3978047.vps18tiny.u.avcdn.net
    IN CNAME
    u4.avcdn.net.edgesuite.net
    u4.avcdn.net.edgesuite.net
    IN CNAME
    a27.dscd.akamai.net
    a27.dscd.akamai.net
    IN A
    84.53.175.50
    a27.dscd.akamai.net
    IN A
    84.53.175.35
  • flag-us
    DNS
    l4691727.vps18tiny.u.avcdn.net
    instup.exe
    Remote address:
    8.8.8.8:53
    Request
    l4691727.vps18tiny.u.avcdn.net
    IN A
    Response
    l4691727.vps18tiny.u.avcdn.net
    IN CNAME
    u4.avcdn.net.edgesuite.net
    u4.avcdn.net.edgesuite.net
    IN CNAME
    a27.dscd.akamai.net
    a27.dscd.akamai.net
    IN A
    84.53.175.50
    a27.dscd.akamai.net
    IN A
    84.53.175.35
  • flag-us
    DNS
    l7814800.vps18tiny.u.avcdn.net
    instup.exe
    Remote address:
    8.8.8.8:53
    Request
    l7814800.vps18tiny.u.avcdn.net
    IN A
    Response
    l7814800.vps18tiny.u.avcdn.net
    IN CNAME
    u4.avcdn.net.edgesuite.net
    u4.avcdn.net.edgesuite.net
    IN CNAME
    a27.dscd.akamai.net
    a27.dscd.akamai.net
    IN A
    84.53.175.50
    a27.dscd.akamai.net
    IN A
    84.53.175.35
  • flag-us
    DNS
    n8283613.vps18tiny.u.avcdn.net
    instup.exe
    Remote address:
    8.8.8.8:53
    Request
    n8283613.vps18tiny.u.avcdn.net
    IN A
    Response
    n8283613.vps18tiny.u.avcdn.net
    IN CNAME
    u4.avcdn.net.edgesuite.net
    u4.avcdn.net.edgesuite.net
    IN CNAME
    a27.dscd.akamai.net
    a27.dscd.akamai.net
    IN A
    84.53.175.50
    a27.dscd.akamai.net
    IN A
    84.53.175.35
  • flag-us
    DNS
    r4427608.vps18tiny.u.avcdn.net
    instup.exe
    Remote address:
    8.8.8.8:53
    Request
    r4427608.vps18tiny.u.avcdn.net
    IN A
    Response
    r4427608.vps18tiny.u.avcdn.net
    IN CNAME
    u4.avcdn.net.edgesuite.net
    u4.avcdn.net.edgesuite.net
    IN CNAME
    a27.dscd.akamai.net
    a27.dscd.akamai.net
    IN A
    84.53.175.50
    a27.dscd.akamai.net
    IN A
    84.53.175.35
  • flag-us
    DNS
    s-vps18tiny.avcdn.net
    instup.exe
    Remote address:
    8.8.8.8:53
    Request
    s-vps18tiny.avcdn.net
    IN A
    Response
    s-vps18tiny.avcdn.net
    IN CNAME
    fallbackupdates.avcdn.net.edgekey.net
    fallbackupdates.avcdn.net.edgekey.net
    IN CNAME
    e9229.dscd.akamaiedge.net
    e9229.dscd.akamaiedge.net
    IN A
    23.36.245.4
  • flag-us
    DNS
    c3978047.vps18tiny.u.avcdn.net
    instup.exe
    Remote address:
    8.8.8.8:53
    Request
    c3978047.vps18tiny.u.avcdn.net
    IN AAAA
    Response
    n8283613.vps18tiny.u.avcdn.net
    IN CNAME
    u4.avcdn.net.edgesuite.net
    u4.avcdn.net.edgesuite.net
    IN CNAME
    a27.dscd.akamai.net
    a27.dscd.akamai.net
    IN AAAA
    2a02:26f0:fe00::5c7a:651a
    a27.dscd.akamai.net
    IN AAAA
    2a02:26f0:fe00::5c7a:6530
  • flag-us
    DNS
    l4691727.vps18tiny.u.avcdn.net
    instup.exe
    Remote address:
    8.8.8.8:53
    Request
    l4691727.vps18tiny.u.avcdn.net
    IN AAAA
    Response
    l4691727.vps18tiny.u.avcdn.net
    IN CNAME
    u4.avcdn.net.edgesuite.net
    u4.avcdn.net.edgesuite.net
    IN CNAME
    a27.dscd.akamai.net
    a27.dscd.akamai.net
    IN AAAA
    2a02:26f0:fe00::5c7a:651a
    a27.dscd.akamai.net
    IN AAAA
    2a02:26f0:fe00::5c7a:6530
  • flag-us
    DNS
    l7814800.vps18tiny.u.avcdn.net
    instup.exe
    Remote address:
    8.8.8.8:53
    Request
    l7814800.vps18tiny.u.avcdn.net
    IN AAAA
    Response
    l7814800.vps18tiny.u.avcdn.net
    IN CNAME
    u4.avcdn.net.edgesuite.net
    u4.avcdn.net.edgesuite.net
    IN CNAME
    a27.dscd.akamai.net
    a27.dscd.akamai.net
    IN AAAA
    2a02:26f0:fe00::5c7a:651a
    a27.dscd.akamai.net
    IN AAAA
    2a02:26f0:fe00::5c7a:6530
  • flag-us
    DNS
    n8283613.vps18tiny.u.avcdn.net
    instup.exe
    Remote address:
    8.8.8.8:53
    Request
    n8283613.vps18tiny.u.avcdn.net
    IN AAAA
    Response
    c3978047.vps18tiny.u.avcdn.net
    IN CNAME
    u4.avcdn.net.edgesuite.net
    u4.avcdn.net.edgesuite.net
    IN CNAME
    a27.dscd.akamai.net
    a27.dscd.akamai.net
    IN AAAA
    2a02:26f0:fe00::5c7a:651a
    a27.dscd.akamai.net
    IN AAAA
    2a02:26f0:fe00::5c7a:6530
  • flag-us
    DNS
    r4427608.vps18tiny.u.avcdn.net
    instup.exe
    Remote address:
    8.8.8.8:53
    Request
    r4427608.vps18tiny.u.avcdn.net
    IN AAAA
    Response
    r4427608.vps18tiny.u.avcdn.net
    IN CNAME
    u4.avcdn.net.edgesuite.net
    u4.avcdn.net.edgesuite.net
    IN CNAME
    a27.dscd.akamai.net
    a27.dscd.akamai.net
    IN AAAA
    2a02:26f0:fe00::5c7a:6530
    a27.dscd.akamai.net
    IN AAAA
    2a02:26f0:fe00::5c7a:651a
  • flag-us
    DNS
    s-vps18tiny.avcdn.net
    instup.exe
    Remote address:
    8.8.8.8:53
    Request
    s-vps18tiny.avcdn.net
    IN AAAA
    Response
    s-vps18tiny.avcdn.net
    IN CNAME
    fallbackupdates.avcdn.net.edgekey.net
    fallbackupdates.avcdn.net.edgekey.net
    IN CNAME
    e9229.dscd.akamaiedge.net
    e9229.dscd.akamaiedge.net
    IN AAAA
    2a02:26f0:fe00:29a::240d
    e9229.dscd.akamaiedge.net
    IN AAAA
    2a02:26f0:fe00:282::240d
  • flag-us
    DNS
    c3978047.vps18tiny.u.avcdn.net
    instup.exe
    Remote address:
    8.8.8.8:53
    Request
    c3978047.vps18tiny.u.avcdn.net
    IN AAAA
    Response
    c3978047.vps18tiny.u.avcdn.net
    IN CNAME
    u4.avcdn.net.edgesuite.net
    u4.avcdn.net.edgesuite.net
    IN CNAME
    a27.dscd.akamai.net
    a27.dscd.akamai.net
    IN AAAA
    2a02:26f0:fe00::5c7a:651a
    a27.dscd.akamai.net
    IN AAAA
    2a02:26f0:fe00::5c7a:6530
  • flag-us
    DNS
    l4691727.vps18tiny.u.avcdn.net
    instup.exe
    Remote address:
    8.8.8.8:53
    Request
    l4691727.vps18tiny.u.avcdn.net
    IN AAAA
    Response
    l4691727.vps18tiny.u.avcdn.net
    IN CNAME
    u4.avcdn.net.edgesuite.net
    u4.avcdn.net.edgesuite.net
    IN CNAME
    a27.dscd.akamai.net
    a27.dscd.akamai.net
    IN AAAA
    2a02:26f0:fe00::5c7a:651a
    a27.dscd.akamai.net
    IN AAAA
    2a02:26f0:fe00::5c7a:6530
  • flag-us
    DNS
    l7814800.vps18tiny.u.avcdn.net
    instup.exe
    Remote address:
    8.8.8.8:53
    Request
    l7814800.vps18tiny.u.avcdn.net
    IN AAAA
    Response
    l7814800.vps18tiny.u.avcdn.net
    IN CNAME
    u4.avcdn.net.edgesuite.net
    u4.avcdn.net.edgesuite.net
    IN CNAME
    a27.dscd.akamai.net
    a27.dscd.akamai.net
    IN AAAA
    2a02:26f0:fe00::5c7a:651a
    a27.dscd.akamai.net
    IN AAAA
    2a02:26f0:fe00::5c7a:6530
  • flag-us
    DNS
    n8283613.vps18tiny.u.avcdn.net
    instup.exe
    Remote address:
    8.8.8.8:53
    Request
    n8283613.vps18tiny.u.avcdn.net
    IN AAAA
    Response
    n8283613.vps18tiny.u.avcdn.net
    IN CNAME
    u4.avcdn.net.edgesuite.net
    u4.avcdn.net.edgesuite.net
    IN CNAME
    a27.dscd.akamai.net
    a27.dscd.akamai.net
    IN AAAA
    2a02:26f0:fe00::5c7a:651a
    a27.dscd.akamai.net
    IN AAAA
    2a02:26f0:fe00::5c7a:6530
  • flag-us
    DNS
    r4427608.vps18tiny.u.avcdn.net
    instup.exe
    Remote address:
    8.8.8.8:53
    Request
    r4427608.vps18tiny.u.avcdn.net
    IN AAAA
    Response
    r4427608.vps18tiny.u.avcdn.net
    IN CNAME
    u4.avcdn.net.edgesuite.net
    u4.avcdn.net.edgesuite.net
    IN CNAME
    a27.dscd.akamai.net
    a27.dscd.akamai.net
    IN AAAA
    2a02:26f0:fe00::5c7a:6530
    a27.dscd.akamai.net
    IN AAAA
    2a02:26f0:fe00::5c7a:651a
  • flag-us
    DNS
    s-vps18tiny.avcdn.net
    instup.exe
    Remote address:
    8.8.8.8:53
    Request
    s-vps18tiny.avcdn.net
    IN AAAA
    Response
    s-vps18tiny.avcdn.net
    IN CNAME
    fallbackupdates.avcdn.net.edgekey.net
    fallbackupdates.avcdn.net.edgekey.net
    IN CNAME
    e9229.dscd.akamaiedge.net
    e9229.dscd.akamaiedge.net
    IN AAAA
    2a02:26f0:fe00:29a::240d
    e9229.dscd.akamaiedge.net
    IN AAAA
    2a02:26f0:fe00:282::240d
  • flag-nl
    GET
    http://l7814800.vps18tiny.u.avcdn.net/vps18tiny/prod-vps.vpx
    instup.exe
    Remote address:
    84.53.175.50:80
    Request
    GET /vps18tiny/prod-vps.vpx HTTP/1.1
    Host: l7814800.vps18tiny.u.avcdn.net
    Accept: */*
    User-Agent: avast! Antivirus (instup)
    Response
    HTTP/1.1 200 OK
    Server: nginx
    Content-Type: application/octet-stream
    Content-Length: 340
    Last-Modified: Sun, 15 Oct 2023 07:50:44 GMT
    ETag: "652b99d4-154"
    Access-Control-Allow-Origin: *
    X-Cache-Status: REVALIDATED
    X-Origin-Cache: vpsorigin-cache-re-prod-001.europe-west1-b.ppp-lopst-vpsorigin-10
    Accept-Ranges: bytes
    Cache-Control: max-age=57
    Expires: Mon, 16 Oct 2023 03:50:19 GMT
    Date: Mon, 16 Oct 2023 03:49:22 GMT
    Connection: keep-alive
  • flag-nl
    GET
    http://l7814800.vps18tiny.u.avcdn.net/vps18tiny/part-jrog2-7d.vpx
    instup.exe
    Remote address:
    84.53.175.50:80
    Request
    GET /vps18tiny/part-jrog2-7d.vpx HTTP/1.1
    Host: l7814800.vps18tiny.u.avcdn.net
    Accept: */*
    User-Agent: avast! Antivirus (instup)
    Response
    HTTP/1.1 200 OK
    Server: nginx
    Content-Type: application/octet-stream
    Content-Length: 211
    Last-Modified: Sun, 15 Oct 2023 07:50:42 GMT
    ETag: "652b99d2-d3"
    Access-Control-Allow-Origin: *
    X-Cache-Status: REVALIDATED
    X-Origin-Cache: vpsorigin-cache-re-prod-001.europe-west1-b.ppp-lopst-vpsorigin-10
    Accept-Ranges: bytes
    Cache-Control: max-age=2289
    Expires: Mon, 16 Oct 2023 04:27:31 GMT
    Date: Mon, 16 Oct 2023 03:49:22 GMT
    Connection: keep-alive
  • flag-nl
    GET
    http://l7814800.vps18tiny.u.avcdn.net/vps18tiny/part-vps_windows-23101499.vpx
    instup.exe
    Remote address:
    84.53.175.50:80
    Request
    GET /vps18tiny/part-vps_windows-23101499.vpx HTTP/1.1
    Host: l7814800.vps18tiny.u.avcdn.net
    Accept: */*
    User-Agent: avast! Antivirus (instup)
    Response
    HTTP/1.1 200 OK
    Server: nginx
    Content-Type: application/octet-stream
    Content-Length: 7274
    Last-Modified: Sun, 15 Oct 2023 07:50:43 GMT
    ETag: "652b99d3-1c6a"
    Access-Control-Allow-Origin: *
    X-Cache-Status: REVALIDATED
    X-Origin-Cache: vpsorigin-cache-re-prod-001.europe-west1-b.ppp-lopst-vpsorigin-10
    Accept-Ranges: bytes
    Cache-Control: max-age=1409
    Expires: Mon, 16 Oct 2023 04:12:52 GMT
    Date: Mon, 16 Oct 2023 03:49:23 GMT
    Connection: keep-alive
  • flag-us
    DNS
    shepherd.ff.avast.com
    instup.exe
    Remote address:
    8.8.8.8:53
    Request
    shepherd.ff.avast.com
    IN AAAA
    Response
    shepherd.ff.avast.com
    IN CNAME
    shepherd-gcp.ff.avast.com
  • flag-us
    POST
    https://shepherd.ff.avast.com/
    instup.exe
    Remote address:
    34.160.176.28:443
    Request
    POST / HTTP/1.1
    Connection: Keep-Alive
    Content-Type: application/x-www-form-urlencoded
    Host: shepherd.ff.avast.com
    User-Agent: Avast Antivirus
    Content-Length: 223
    Response
    HTTP/1.1 200 OK
    Server: nginx
    Date: Mon, 16 Oct 2023 03:49:23 GMT
    Content-Type: text/plain
    Content-Length: 32224
    AB-Tests: 19fa92d7-cec3-489b-9f86-f88a9780902e:A,2a38b33e-2944-40ef-a1df-c417feb3f742:B,9c39bb00-0319-40bf-b991-5c9ed9d0a85b:C,oa-7466-v0:c
    Access-Control-Allow-Origin: *
    Access-Control-Expose-Headers: Config-Id, Config-Name, Config-Version, Segments, AB-Tests, TTL, TTL-Spread
    Config-Id: 5
    Config-Name: Avast-Windows-AV-Consumer_websocket-testing_email-signatures_ipm_6363_chrome_offer_setup_free_asb-and-chrome-since-21.2_version-23.2-and-higher-not-in-fr-de_free_production-new-installs_disabled-aos-sideloading_webshield-tls-processes---release_v19.1-and-higher-free_ipm_4932_opm_pus_fullscale_version-18.6-and-higher_production_webshield.quic.block---fraction-test-setup_quic-sni-block-release_quic-on_versions--22.1-and-higher_previous-version_ipm-bau-v23.1-and-higher_version-20.5-and-higher_useopenidwebauth_v2017_globalflags---streamproduction-_devicewatcheron_hns-pre-scan-enabled-countries_version-20.9-and-higher_pups-in-avast-rollout_winre-bts_smartscanfreetrail_smartscan-free---antivirus---win10---ab-test_aosstorelink_enableddwm_enablehns3_performator_phone-support-tile_avast-22-r6---23-r9_version-20.1-plus_fs-and-idp-integration_cef-72.3_v19.1-and-higher-off_opening-browser-onboarding_smartscan-free---antivirus---win10_opm_burger_tracking_limitation_multidetection_alpha-new-installs_ipm_6515_6516_vps_sites_test_b_ipm_5258_campaign_toaster_reach_test_a_ipm_6513_open_ui_c_a1-migration-button_test-akamai_test-pam-no-master-password_v18.5-and-higher_installation-telemetry_cleanup-premium-installation_release---iavs9x-only_newuninstallsurvey-1ca23c6d51dea1984b5181ddf7592ecc2428413bd1f91a61d95c8f7cce93bf50
    Config-Version: 4801
    Segments: websocket testing,email signatures,ipm_6363_chrome_offer_setup_free,asb and chrome since 21.2,version 23.2 and higher not in fr de,free,production new installs,disabled aos sideloading,webshield tls processes - release,v19.1 and higher free,ipm_4932_opm_pus_fullscale,version 18.6 and higher,production,webshield.quic.block - fraction test setup,quic sni block release,quic on,versions 22.1 and higher,previous version,ipm bau v23.1 and higher,version 20.5 and higher,useopenidwebauth,v2017,globalflags - streamproduction ,devicewatcheron,hns pre-scan enabled countries,version 20.9 and higher,pups in avast rollout,winre bts,smartscanfreetrail,smartscan free - antivirus - win10 - ab test,aosstorelink,enableddwm,enablehns3,performator,phone support tile,avast 22 r6 - 23 r9,version 20.1 plus,fs and idp integration,cef 72.3,v19.1 and higher off,opening browser onboarding,smartscan free - antivirus - win10,opm_burger_tracking_limitation,multidetection,alpha new installs,ipm_6515_6516_vps_sites_test_b,ipm_5258_campaign_toaster_reach_test_a,ipm_6513_open_ui_c,a1 migration button,test akamai,test pam no master password,v18.5 and higher,installation telemetry,cleanup premium installation,release - iavs9x only,newuninstallsurvey
    TTL: 86400
    TTL-Spread: 43200
    Via: 1.1 google
    Alt-Svc: clear
  • flag-us
    DNS
    50.175.53.84.in-addr.arpa
    Remote address:
    8.8.8.8:53
    Request
    50.175.53.84.in-addr.arpa
    IN PTR
    Response
    50.175.53.84.in-addr.arpa
    IN PTR
    a84-53-175-50deploystaticakamaitechnologiescom
  • flag-us
    DNS
    v7event.stats.avast.com
    avast_free_antivirus_setup_online_x64.exe
    Remote address:
    8.8.8.8:53
    Request
    v7event.stats.avast.com
    IN A
    Response
    v7event.stats.avast.com
    IN CNAME
    analytics.ff.avast.com
    analytics.ff.avast.com
    IN CNAME
    analytics-prod-gcp.ff.avast.com
    analytics-prod-gcp.ff.avast.com
    IN A
    34.117.223.223
  • flag-us
    DNS
    v7event.stats.avast.com
    avast_free_antivirus_setup_online_x64.exe
    Remote address:
    8.8.8.8:53
    Request
    v7event.stats.avast.com
    IN A
    Response
    v7event.stats.avast.com
    IN CNAME
    analytics.ff.avast.com
    analytics.ff.avast.com
    IN CNAME
    analytics-prod-gcp.ff.avast.com
    analytics-prod-gcp.ff.avast.com
    IN A
    34.117.223.223
  • flag-us
    DNS
    v7event.stats.avast.com
    avast_free_antivirus_setup_online_x64.exe
    Remote address:
    8.8.8.8:53
    Request
    v7event.stats.avast.com
    IN AAAA
    Response
    v7event.stats.avast.com
    IN CNAME
    analytics.ff.avast.com
    analytics.ff.avast.com
    IN CNAME
    analytics-prod-gcp.ff.avast.com
  • flag-us
    DNS
    v7event.stats.avast.com
    avast_free_antivirus_setup_online_x64.exe
    Remote address:
    8.8.8.8:53
    Request
    v7event.stats.avast.com
    IN AAAA
    Response
    v7event.stats.avast.com
    IN CNAME
    analytics.ff.avast.com
    analytics.ff.avast.com
    IN CNAME
    analytics-prod-gcp.ff.avast.com
  • flag-us
    DNS
    v7event.stats.avast.com
    avast_free_antivirus_setup_online_x64.exe
    Remote address:
    8.8.8.8:53
    Request
    v7event.stats.avast.com
    IN A
    Response
    v7event.stats.avast.com
    IN CNAME
    analytics.ff.avast.com
    analytics.ff.avast.com
    IN CNAME
    analytics-prod-gcp.ff.avast.com
    analytics-prod-gcp.ff.avast.com
    IN A
    34.117.223.223
  • flag-us
    POST
    https://v7event.stats.avast.com/cgi-bin/iavsevents.cgi
    instup.exe
    Remote address:
    34.117.223.223:443
    Request
    POST /cgi-bin/iavsevents.cgi HTTP/1.1
    Host: v7event.stats.avast.com
    User-Agent: avast! Antivirus
    Accept: */*
    Content-MD5: L7lvir9JlGJ5e0xZfDE9Sw==
    Content-Type: iavs4/stats
    Content-Length: 326
    Response
    HTTP/1.1 204 No Content
    Server: nginx
    Date: Mon, 16 Oct 2023 03:49:27 GMT
    Via: 1.1 google
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-us
    POST
    https://analytics.ff.avast.com/v4/receive/json/70
    instup.exe
    Remote address:
    34.117.223.223:443
    Request
    POST /v4/receive/json/70 HTTP/1.1
    Connection: Keep-Alive
    Content-Type: application/json
    User-Agent: Avast SimpleHttp/3.0
    Content-Length: 492
    Host: analytics.ff.avast.com
    Response
    HTTP/1.1 200 OK
    Server: nginx
    Date: Mon, 16 Oct 2023 03:49:27 GMT
    Content-Type: application/json
    Content-Length: 19
    Via: 1.1 google
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-us
    POST
    https://analytics.ff.avast.com/receive3
    instup.exe
    Remote address:
    34.117.223.223:443
    Request
    POST /receive3 HTTP/1.1
    Connection: Keep-Alive
    Content-Type: application/x-enc-sb
    Content-Encoding: gzip
    User-Agent: Avast Antivirus
    Content-Length: 577
    Host: analytics.ff.avast.com
    Response
    HTTP/1.1 200 OK
    Server: nginx
    Date: Mon, 16 Oct 2023 03:50:25 GMT
    Content-Type: application/octet-stream
    Content-Length: 24
    X-ASW-Receiver-Ack: processed
    Via: 1.1 google
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-us
    DNS
    ssl.google-analytics.com
    instup.exe
    Remote address:
    8.8.8.8:53
    Request
    ssl.google-analytics.com
    IN A
    Response
    ssl.google-analytics.com
    IN A
    142.250.179.200
  • flag-nl
    POST
    https://ssl.google-analytics.com/collect
    instup.exe
    Remote address:
    142.250.179.200:443
    Request
    POST /collect HTTP/1.1
    Connection: Keep-Alive
    User-Agent: Avast Antivirus
    Content-Length: 423
    Host: ssl.google-analytics.com
    Response
    HTTP/1.1 200 OK
    Access-Control-Allow-Origin: *
    Date: Mon, 16 Oct 2023 03:49:30 GMT
    Pragma: no-cache
    Expires: Fri, 01 Jan 1990 00:00:00 GMT
    Cache-Control: no-cache, no-store, must-revalidate
    Last-Modified: Sun, 17 May 1998 03:00:00 GMT
    X-Content-Type-Options: nosniff
    Content-Type: image/gif
    Cross-Origin-Resource-Policy: cross-origin
    Server: Golfe2
    Content-Length: 35
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-us
    DNS
    200.179.250.142.in-addr.arpa
    Remote address:
    8.8.8.8:53
    Request
    200.179.250.142.in-addr.arpa
    IN PTR
    Response
    200.179.250.142.in-addr.arpa
    IN PTR
    ams15s42-in-f81e100net
  • flag-us
    DNS
    ipm.avcdn.net
    instup.exe
    Remote address:
    8.8.8.8:53
    Request
    ipm.avcdn.net
    IN A
    Response
    ipm.avcdn.net
    IN CNAME
    ipm-provider.ff.avast.com
    ipm-provider.ff.avast.com
    IN CNAME
    ipm-gcp-prod.ff.avast.com
    ipm-gcp-prod.ff.avast.com
    IN A
    34.111.24.1
  • flag-us
    DNS
    ipm.avcdn.net
    instup.exe
    Remote address:
    8.8.8.8:53
    Request
    ipm.avcdn.net
    IN A
    Response
    ipm.avcdn.net
    IN CNAME
    ipm-provider.ff.avast.com
    ipm-provider.ff.avast.com
    IN CNAME
    ipm-gcp-prod.ff.avast.com
    ipm-gcp-prod.ff.avast.com
    IN A
    34.111.24.1
  • flag-us
    GET
    https://ipm.avcdn.net/?action=1&p_elm=76&p_pro=0&p_osv=10.0&p_cpua=x64&p_lid=en-us&repoid=iavs9x&p_lan=1033&p_lng=en&p_vep=23&p_ves=9&p_vbd=6082&p_cnm=RYHSSIAS&p_hid=befa3776-92c3-463e-abf8-d81806c314e7&p_bld=mmm_ava_012_999_a7i_m&p_adp=0000&p_midex=F5EA51DA667ECD6B5F2B9D06E4A3FC5239A707E5A9D81CB3284490AEDECFADD0&p_chs=5&p_chr=0&p_gccc=0&p_scr=intro&p_sbi=0&p_ram=8192&p_dpi=100&p_wndwidth=1010&p_wndheight=674&p_srid=0&p_pav=0
    instup.exe
    Remote address:
    34.111.24.1:443
    Request
    GET /?action=1&p_elm=76&p_pro=0&p_osv=10.0&p_cpua=x64&p_lid=en-us&repoid=iavs9x&p_lan=1033&p_lng=en&p_vep=23&p_ves=9&p_vbd=6082&p_cnm=RYHSSIAS&p_hid=befa3776-92c3-463e-abf8-d81806c314e7&p_bld=mmm_ava_012_999_a7i_m&p_adp=0000&p_midex=F5EA51DA667ECD6B5F2B9D06E4A3FC5239A707E5A9D81CB3284490AEDECFADD0&p_chs=5&p_chr=0&p_gccc=0&p_scr=intro&p_sbi=0&p_ram=8192&p_dpi=100&p_wndwidth=1010&p_wndheight=674&p_srid=0&p_pav=0 HTTP/1.1
    Cache-Control: no-cache
    Connection: Keep-Alive
    Pragma: no-cache
    Accept: */*
    User-Agent: htmlayout 3.3; above-Windows-7; www.terrainformatica.com )
    Host: ipm.avcdn.net
    Response
    HTTP/1.1 200 OK
    Server: nginx
    Date: Mon, 16 Oct 2023 03:49:31 GMT
    Content-Type: text/html
    Content-Length: 27368
    IPM-Asset-URL--266817469: https://ipmcdn.avast.com/images/banner/img_secure-browser-v2.png
    IPM-Asset-Base-URL: https://ipm-static.avcdn.net/content-assets-prod/,https://ipmcdn.avast.com/images/
    Cache-Control: no-cache, no-store, must-revalidate
    Pragma: no-cache
    Expires: 0
    Content-Identifier: fa/en-ww/setup-avast-offer_nitro-secure-browser_variant-a.html
    ETag: W/e7010d18
    Set-Cookie: ViewCounter_ipm-10553-browser-offer-shared=1697428171; Max-Age=1728000; Expires=Sun, 05 Nov 2023 03:49:31 GMT; Secure; SameSite=None
    Set-Cookie: ScreenName_76=fa/en-ww/setup-avast-offer_nitro-secure-browser_variant-a.html; Max-Age=3888000; Expires=Thu, 30 Nov 2023 03:49:31 GMT; Secure; SameSite=None
    Set-Cookie: ClientId=f21a655c-290c-4516-9cfd-cc727b9b921f; Max-Age=63072000; Expires=Wed, 15 Oct 2025 03:49:31 GMT; Secure; SameSite=None
    Set-Cookie: ViewCounter_ipm-10553-browser-offer-shared=1697428171; Max-Age=1728000; Expires=Sun, 05 Nov 2023 03:49:31 GMT; Secure; SameSite=None
    Set-Cookie: ScreenName_76=fa/en-ww/setup-avast-offer_nitro-secure-browser_variant-a.html; Max-Age=3888000; Expires=Thu, 30 Nov 2023 03:49:31 GMT; Secure; SameSite=None
    Set-Cookie: ClientId=f21a655c-290c-4516-9cfd-cc727b9b921f; Max-Age=63072000; Expires=Wed, 15 Oct 2025 03:49:31 GMT; Secure; SameSite=None
    Via: 1.1 google
    Alt-Svc: clear
  • flag-us
    DNS
    1.24.111.34.in-addr.arpa
    Remote address:
    8.8.8.8:53
    Request
    1.24.111.34.in-addr.arpa
    IN PTR
    Response
    1.24.111.34.in-addr.arpa
    IN PTR
    12411134bcgoogleusercontentcom
  • flag-us
    DNS
    ipmcdn.avast.com
    instup.exe
    Remote address:
    8.8.8.8:53
    Request
    ipmcdn.avast.com
    IN A
    Response
    ipmcdn.avast.com
    IN CNAME
    ipmcdn.avast.com.edgekey.net
    ipmcdn.avast.com.edgekey.net
    IN CNAME
    e13223.dscd.akamaiedge.net
    e13223.dscd.akamaiedge.net
    IN A
    23.207.111.75
  • flag-us
    DNS
    analytics.ff.avast.com
    instup.exe
    Remote address:
    8.8.8.8:53
    Request
    analytics.ff.avast.com
    IN A
    Response
    analytics.ff.avast.com
    IN CNAME
    analytics-prod-gcp.ff.avast.com
    analytics-prod-gcp.ff.avast.com
    IN A
    34.117.223.223
  • flag-us
    DNS
    ssl.google-analytics.com
    instup.exe
    Remote address:
    8.8.8.8:53
    Request
    ssl.google-analytics.com
    IN A
    Response
    ssl.google-analytics.com
    IN A
    142.250.179.200
  • flag-us
    GET
    https://analytics.ff.avast.com/v4/receive/get/json/10?data=%7B%22record%22%3A%5B%7B%22event%22%3A%7B%22type%22%3A10%2C%22subtype%22%3A2%2C%22request_id%22%3A%22bfd03b3c-7bc7-42b0-ba46-054d79423271%22%7D%2C%22identity%22%3A%7B%22guid%22%3A%22befa3776-92c3-463e-abf8-d81806c314e7%22%2C%22hwid%22%3A%22F5EA51DA667ECD6B5F2B9D06E4A3FC5239A707E5A9D81CB3284490AEDECFADD0%22%7D%2C%22product%22%3A%7B%22id%22%3A1%2C%22edition%22%3A1%2C%22lang%22%3A%22en-us%22%2C%22version_app%22%3A%2223.9.6082.mmm_ava_012_999_a7i_m%22%2C%22build%22%3A6082%2C%22ipm_product%22%3A0%7D%2C%22platform%22%3A%7B%22version%22%3A%2210.0%22%2C%22lang%22%3A%22en-us%22%7D%2C%22license%22%3A%7B%22subscription_mode%22%3Afalse%2C%22stack%22%3A%22STACK_AVAST%22%2C%22gen_license%22%3A%7B%7D%7D%2C%22shepherd%22%3A%7B%7D%2C%22ab_test%22%3A%7B%7D%2C%22ipm%22%3A%7B%22common%22%3A%7B%22element%22%3A76%2C%22license_type%22%3A%22STANDARD%22%2C%22licensing_stage%22%3A%22LICENSED%22%2C%22customer_segment%22%3A%22FN%22%2C%22flow_id%22%3A%22bfd03b3c-7bc7-42b0-ba46-054d79423271%22%7D%2C%22content%22%3A%7B%22content_identifier%22%3A%22fa%2Fen-ww%2Fsetup-avast-offer_nitro-secure-browser_variant-a.html%22%2C%22content_type%22%3A%22SCREEN%22%2C%22screen_language%22%3A%22en%22%2C%22screen_name%22%3A%22setup-avast-offer_nitro-secure-browser_variant-a%22%7D%2C%22action%22%3A%7B%7D%7D%7D%5D%7D
    instup.exe
    Remote address:
    34.117.223.223:443
    Request
    GET /v4/receive/get/json/10?data=%7B%22record%22%3A%5B%7B%22event%22%3A%7B%22type%22%3A10%2C%22subtype%22%3A2%2C%22request_id%22%3A%22bfd03b3c-7bc7-42b0-ba46-054d79423271%22%7D%2C%22identity%22%3A%7B%22guid%22%3A%22befa3776-92c3-463e-abf8-d81806c314e7%22%2C%22hwid%22%3A%22F5EA51DA667ECD6B5F2B9D06E4A3FC5239A707E5A9D81CB3284490AEDECFADD0%22%7D%2C%22product%22%3A%7B%22id%22%3A1%2C%22edition%22%3A1%2C%22lang%22%3A%22en-us%22%2C%22version_app%22%3A%2223.9.6082.mmm_ava_012_999_a7i_m%22%2C%22build%22%3A6082%2C%22ipm_product%22%3A0%7D%2C%22platform%22%3A%7B%22version%22%3A%2210.0%22%2C%22lang%22%3A%22en-us%22%7D%2C%22license%22%3A%7B%22subscription_mode%22%3Afalse%2C%22stack%22%3A%22STACK_AVAST%22%2C%22gen_license%22%3A%7B%7D%7D%2C%22shepherd%22%3A%7B%7D%2C%22ab_test%22%3A%7B%7D%2C%22ipm%22%3A%7B%22common%22%3A%7B%22element%22%3A76%2C%22license_type%22%3A%22STANDARD%22%2C%22licensing_stage%22%3A%22LICENSED%22%2C%22customer_segment%22%3A%22FN%22%2C%22flow_id%22%3A%22bfd03b3c-7bc7-42b0-ba46-054d79423271%22%7D%2C%22content%22%3A%7B%22content_identifier%22%3A%22fa%2Fen-ww%2Fsetup-avast-offer_nitro-secure-browser_variant-a.html%22%2C%22content_type%22%3A%22SCREEN%22%2C%22screen_language%22%3A%22en%22%2C%22screen_name%22%3A%22setup-avast-offer_nitro-secure-browser_variant-a%22%7D%2C%22action%22%3A%7B%7D%7D%7D%5D%7D HTTP/1.1
    Cache-Control: no-cache
    Connection: Keep-Alive
    Pragma: no-cache
    Accept: */*
    User-Agent: htmlayout 3.3; above-Windows-7; www.terrainformatica.com )
    Host: analytics.ff.avast.com
    Response
    HTTP/1.1 200 OK
    Server: nginx
    Date: Mon, 16 Oct 2023 03:49:34 GMT
    Content-Type: application/json
    Content-Length: 19
    Via: 1.1 google
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-nl
    GET
    https://ssl.google-analytics.com/collect?v=1&tid=UA-58120669-2&cid=befa3776-92c3-463e-abf8-d81806c314e7&dh=ipm.avcdn.net&dp=fa%2Fen-us%2Fsetup-avast-offer_nitro-secure-browser_variant-a.html&z=1958476639&uid=F5EA51DA667ECD6B5F2B9D06E4A3FC5239A707E5A9D81CB3284490AEDECFADD0&ds=ipm2&dt=setup-avast-offer_nitro-secure-browser_variant-a.html&ul=en-us&cd5=fa%2Fen-us%2Fsetup-avast-offer_nitro-secure-browser_variant-a.html&t=pageview&cg2=fn&cd1=fn&cd11=en&cd14=fa%2Fen-ww%2Fsetup-avast-offer_nitro-secure-browser_variant-a.html&cd16=0&cd17=en-us&cd18=0&cd28=ipm.avcdn.net&cd100=F5EA51DA667ECD6B5F2B9D06E4A3FC5239A707E5A9D81CB3284490AEDECFADD0&cd101=0&cd102=23&cd103=9&cd104=6082&cd106=0&cd107=0&cd108=10.0&cd109=76&cd110=0&cd118=0&cd123=-1&cd127=8192&cd130=0&cd134=0&cd136=1&cd141=-1&cd142=0&cd148=18&cd153=0&cd170=setup_free_intro&cd2=FAV-0&cd3=23.9.6082.mmm_ava_012_999_a7i_m&cd4=Free%20Program%20%7C%20Registered%20%7C%2076&cd12=en-ww&cd20=mmm_ava_012_999_a7i_m&cd27=befa3776-92c3-463e-abf8-d81806c314e7&cd41=befa3776-92c3-463e-abf8-d81806c314e7&cd154=1&cd155=24&cd175=bfd03b3c-7bc7-42b0-ba46-054d79423271&cd176=bfd03b3c-7bc7-42b0-ba46-054d79423271
    instup.exe
    Remote address:
    142.250.179.200:443
    Request
    GET /collect?v=1&tid=UA-58120669-2&cid=befa3776-92c3-463e-abf8-d81806c314e7&dh=ipm.avcdn.net&dp=fa%2Fen-us%2Fsetup-avast-offer_nitro-secure-browser_variant-a.html&z=1958476639&uid=F5EA51DA667ECD6B5F2B9D06E4A3FC5239A707E5A9D81CB3284490AEDECFADD0&ds=ipm2&dt=setup-avast-offer_nitro-secure-browser_variant-a.html&ul=en-us&cd5=fa%2Fen-us%2Fsetup-avast-offer_nitro-secure-browser_variant-a.html&t=pageview&cg2=fn&cd1=fn&cd11=en&cd14=fa%2Fen-ww%2Fsetup-avast-offer_nitro-secure-browser_variant-a.html&cd16=0&cd17=en-us&cd18=0&cd28=ipm.avcdn.net&cd100=F5EA51DA667ECD6B5F2B9D06E4A3FC5239A707E5A9D81CB3284490AEDECFADD0&cd101=0&cd102=23&cd103=9&cd104=6082&cd106=0&cd107=0&cd108=10.0&cd109=76&cd110=0&cd118=0&cd123=-1&cd127=8192&cd130=0&cd134=0&cd136=1&cd141=-1&cd142=0&cd148=18&cd153=0&cd170=setup_free_intro&cd2=FAV-0&cd3=23.9.6082.mmm_ava_012_999_a7i_m&cd4=Free%20Program%20%7C%20Registered%20%7C%2076&cd12=en-ww&cd20=mmm_ava_012_999_a7i_m&cd27=befa3776-92c3-463e-abf8-d81806c314e7&cd41=befa3776-92c3-463e-abf8-d81806c314e7&cd154=1&cd155=24&cd175=bfd03b3c-7bc7-42b0-ba46-054d79423271&cd176=bfd03b3c-7bc7-42b0-ba46-054d79423271 HTTP/1.1
    Cache-Control: no-cache
    Connection: Keep-Alive
    Pragma: no-cache
    Accept: */*
    User-Agent: htmlayout 3.3; above-Windows-7; www.terrainformatica.com )
    Host: ssl.google-analytics.com
    Response
    HTTP/1.1 200 OK
    Access-Control-Allow-Origin: *
    Pragma: no-cache
    X-Content-Type-Options: nosniff
    Cross-Origin-Resource-Policy: cross-origin
    Server: Golfe2
    Content-Length: 35
    Date: Sun, 15 Oct 2023 21:48:25 GMT
    Expires: Mon, 01 Jan 1990 00:00:00 GMT
    Cache-Control: no-cache, no-store, must-revalidate
    Age: 21669
    Last-Modified: Sun, 17 May 1998 03:00:00 GMT
    Content-Type: image/gif
    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
  • flag-us
    DNS
    ipmcdn.avast.com
    instup.exe
    Remote address:
    8.8.8.8:53
    Request
    ipmcdn.avast.com
    IN A
    Response
    ipmcdn.avast.com
    IN CNAME
    ipmcdn.avast.com.edgekey.net
    ipmcdn.avast.com.edgekey.net
    IN CNAME
    e13223.dscd.akamaiedge.net
    e13223.dscd.akamaiedge.net
    IN A
    23.207.111.75
  • flag-jp
    GET
    https://ipmcdn.avast.com/images/banner/img_secure-browser-v2.png
    instup.exe
    Remote address:
    23.207.111.75:443
    Request
    GET /images/banner/img_secure-browser-v2.png HTTP/1.1
    Cache-Control: no-cache
    Connection: Keep-Alive
    Pragma: no-cache
    Accept: */*
    User-Agent: htmlayout 3.3; above-Windows-7; www.terrainformatica.com )
    Host: ipmcdn.avast.com
    Response
    HTTP/1.1 200 OK
    Server: nginx
    Content-Type: image/png
    Content-Length: 28199
    Last-Modified: Thu, 17 Dec 2020 10:43:38 GMT
    ETag: "5fdb365a-6e27"
    X-Cache-Status: HIT
    X-Origin-Cache: vpsorigin-cache-re-prod-001.europe-west1-b.ppp-lopst-vpsorigin-10
    Accept-Ranges: bytes
    Cache-Control: max-age=3601
    Expires: Mon, 16 Oct 2023 04:49:35 GMT
    Date: Mon, 16 Oct 2023 03:49:34 GMT
    Connection: keep-alive
    Access-Control-Allow-Origin: *
  • flag-us
    DNS
    75.111.207.23.in-addr.arpa
    Remote address:
    8.8.8.8:53
    Request
    75.111.207.23.in-addr.arpa
    IN PTR
    Response
    75.111.207.23.in-addr.arpa
    IN PTR
    a23-207-111-75deploystaticakamaitechnologiescom
  • flag-us
    DNS
    48.229.111.52.in-addr.arpa
    Remote address:
    8.8.8.8:53
    Request
    48.229.111.52.in-addr.arpa
    IN PTR
    Response
  • flag-us
    DNS
    252.15.104.51.in-addr.arpa
    Remote address:
    8.8.8.8:53
    Request
    252.15.104.51.in-addr.arpa
    IN PTR
    Response
  • 34.117.223.223:80
    http://v7event.stats.avast.com/cgi-bin/iavsevents.cgi
    http
    avast_free_antivirus_setup_online.exe
    1.3kB
    484 B
    10
    7

    HTTP Request

    POST http://v7event.stats.avast.com/cgi-bin/iavsevents.cgi

    HTTP Response

    204

    HTTP Request

    POST http://v7event.stats.avast.com/cgi-bin/iavsevents.cgi

    HTTP Response

    204
  • 84.53.175.64:443
    iavs9x.u.avcdn.net
    tls
    avast_free_antivirus_setup_online.exe
    719 B
    4.2kB
    9
    9
  • 172.217.23.206:80
    http://www.google-analytics.com/collect
    http
    avast_free_antivirus_setup_online.exe
    997 B
    1.1kB
    10
    7

    HTTP Request

    POST http://www.google-analytics.com/collect

    HTTP Response

    200

    HTTP Request

    POST http://www.google-analytics.com/collect

    HTTP Response

    200
  • 84.53.175.64:443
    iavs9x.u.avcdn.net
    tls
    avast_free_antivirus_setup_online.exe
    673 B
    4.2kB
    8
    9
  • 84.53.175.64:443
    iavs9x.u.avcdn.net
    tls
    avast_free_antivirus_setup_online.exe
    673 B
    4.2kB
    8
    9
  • 84.53.175.64:443
    iavs9x.u.avcdn.net
    tls
    avast_free_antivirus_setup_online.exe
    673 B
    4.2kB
    8
    9
  • 84.53.175.64:443
    iavs9x.u.avcdn.net
    tls
    avast_free_antivirus_setup_online.exe
    673 B
    4.2kB
    8
    9
  • 84.53.175.64:80
    http://iavs9x.u.avcdn.net/iavs9x/avast_free_antivirus_setup_online_x64.exe
    http
    avast_free_antivirus_setup_online.exe
    196.3kB
    10.7MB
    4042
    7666

    HTTP Request

    GET http://iavs9x.u.avcdn.net/iavs9x/avast_free_antivirus_setup_online_x64.exe

    HTTP Response

    200
  • 172.217.23.206:80
    http://www.google-analytics.com/collect?aiid=mmm_ava_012_999_a7i_m&an=Free&av=23.9.8494&cd=stub-extended&cd3=Online&cid=befa3776-92c3-463e-abf8-d81806c314e7&dt=Installation&t=screenview&tid=UA-58120669-3&v=1
    http
    avast_free_antivirus_setup_online_x64.exe
    552 B
    601 B
    6
    4

    HTTP Request

    GET http://www.google-analytics.com/collect?aiid=mmm_ava_012_999_a7i_m&an=Free&av=23.9.8494&cd=stub-extended&cd3=Online&cid=befa3776-92c3-463e-abf8-d81806c314e7&dt=Installation&t=screenview&tid=UA-58120669-3&v=1

    HTTP Response

    200
  • 34.117.223.223:443
    https://analytics.ff.avast.com/v4/receive/json/70
    tls, http
    avast_free_antivirus_setup_online_x64.exe
    1.6kB
    5.8kB
    11
    10

    HTTP Request

    POST https://analytics.ff.avast.com/v4/receive/json/70

    HTTP Response

    200
  • 34.117.223.223:443
    https://v7event.stats.avast.com/cgi-bin/iavsevents.cgi
    tls, http
    avast_free_antivirus_setup_online_x64.exe
    7.0kB
    7.6kB
    32
    24

    HTTP Request

    POST https://v7event.stats.avast.com/cgi-bin/iavsevents.cgi

    HTTP Response

    204

    HTTP Request

    POST https://v7event.stats.avast.com/cgi-bin/iavsevents.cgi

    HTTP Response

    204

    HTTP Request

    POST https://v7event.stats.avast.com/cgi-bin/iavsevents.cgi

    HTTP Response

    204

    HTTP Request

    POST https://v7event.stats.avast.com/cgi-bin/iavsevents.cgi

    HTTP Response

    204

    HTTP Request

    POST https://v7event.stats.avast.com/cgi-bin/iavsevents.cgi

    HTTP Response

    204

    HTTP Request

    POST https://v7event.stats.avast.com/cgi-bin/iavsevents.cgi

    HTTP Response

    204

    HTTP Request

    POST https://v7event.stats.avast.com/cgi-bin/iavsevents.cgi

    HTTP Response

    204

    HTTP Request

    POST https://v7event.stats.avast.com/cgi-bin/iavsevents.cgi

    HTTP Response

    204
  • 34.160.176.28:443
    https://shepherd.ff.avast.com/
    tls, http
    instup.exe
    1.9kB
    37.7kB
    24
    36

    HTTP Request

    POST https://shepherd.ff.avast.com/

    HTTP Response

    200
  • 84.53.175.64:80
    http://r9319236.iavs9x.u.avast.com/iavs9x/servers.def.vpx
    http
    instup.exe
    403 B
    3.2kB
    6
    6

    HTTP Request

    GET http://r9319236.iavs9x.u.avast.com/iavs9x/servers.def.vpx

    HTTP Response

    200
  • 84.53.175.64:80
    http://s1843811.iavs9x.u.avast.com/iavs9x/prod-pgm.vpx
    http
    instup.exe
    354 B
    1.2kB
    5
    4

    HTTP Request

    GET http://s1843811.iavs9x.u.avast.com/iavs9x/prod-pgm.vpx

    HTTP Response

    200
  • 84.53.175.64:80
    http://s1843811.iavs9x.u.avast.com/iavs9x/avbugreport_x64_ais-a1b.vpx
    http
    instup.exe
    25.3kB
    1.5MB
    548
    1085

    HTTP Request

    GET http://s1843811.iavs9x.u.avast.com/iavs9x/avbugreport_x64_ais-a1b.vpx

    HTTP Response

    200
  • 84.53.175.64:80
    http://s1843811.iavs9x.u.avast.com/iavs9x/avdump_x64_ais-a1b.vpx
    http
    instup.exe
    7.1kB
    411.8kB
    152
    298

    HTTP Request

    GET http://s1843811.iavs9x.u.avast.com/iavs9x/avdump_x64_ais-a1b.vpx

    HTTP Response

    200
  • 84.53.175.64:80
    http://s1843811.iavs9x.u.avast.com/iavs9x/avdump_x86_ais-a1b.vpx
    http
    instup.exe
    6.5kB
    374.9kB
    139
    271

    HTTP Request

    GET http://s1843811.iavs9x.u.avast.com/iavs9x/avdump_x86_ais-a1b.vpx

    HTTP Response

    200
  • 84.53.175.64:80
    http://s1843811.iavs9x.u.avast.com/iavs9x/offertool_x64_ais-a1b.vpx
    http
    instup.exe
    15.1kB
    888.1kB
    326
    641

    HTTP Request

    GET http://s1843811.iavs9x.u.avast.com/iavs9x/offertool_x64_ais-a1b.vpx

    HTTP Response

    200
  • 84.53.175.64:80
    http://s1843811.iavs9x.u.avast.com/iavs9x/sbr_x64_ais-a1b.vpx
    http
    instup.exe
    545 B
    12.6kB
    9
    12

    HTTP Request

    GET http://s1843811.iavs9x.u.avast.com/iavs9x/sbr_x64_ais-a1b.vpx

    HTTP Response

    200
  • 84.53.175.64:80
    http://b7210692.iavs9x.u.avast.com/iavs9x/prod-pgm.vpx
    http
    instup.exe
    354 B
    1.2kB
    5
    4

    HTTP Request

    GET http://b7210692.iavs9x.u.avast.com/iavs9x/prod-pgm.vpx

    HTTP Response

    200
  • 84.53.175.50:80
    http://l7814800.vps18tiny.u.avcdn.net/vps18tiny/prod-vps.vpx
    http
    instup.exe
    360 B
    969 B
    5
    4

    HTTP Request

    GET http://l7814800.vps18tiny.u.avcdn.net/vps18tiny/prod-vps.vpx

    HTTP Response

    200
  • 84.53.175.50:80
    http://l7814800.vps18tiny.u.avcdn.net/vps18tiny/part-jrog2-7d.vpx
    http
    instup.exe
    365 B
    841 B
    5
    4

    HTTP Request

    GET http://l7814800.vps18tiny.u.avcdn.net/vps18tiny/part-jrog2-7d.vpx

    HTTP Response

    200
  • 84.53.175.50:80
    http://l7814800.vps18tiny.u.avcdn.net/vps18tiny/part-vps_windows-23101499.vpx
    http
    instup.exe
    515 B
    8.1kB
    8
    9

    HTTP Request

    GET http://l7814800.vps18tiny.u.avcdn.net/vps18tiny/part-vps_windows-23101499.vpx

    HTTP Response

    200
  • 34.160.176.28:443
    https://shepherd.ff.avast.com/
    tls, http
    instup.exe
    1.8kB
    42.6kB
    23
    38

    HTTP Request

    POST https://shepherd.ff.avast.com/

    HTTP Response

    200
  • 34.117.223.223:443
    https://v7event.stats.avast.com/cgi-bin/iavsevents.cgi
    tls, http
    instup.exe
    1.4kB
    5.8kB
    12
    11

    HTTP Request

    POST https://v7event.stats.avast.com/cgi-bin/iavsevents.cgi

    HTTP Response

    204
  • 34.117.223.223:443
    https://analytics.ff.avast.com/receive3
    tls, http
    instup.exe
    2.4kB
    6.1kB
    12
    11

    HTTP Request

    POST https://analytics.ff.avast.com/v4/receive/json/70

    HTTP Response

    200

    HTTP Request

    POST https://analytics.ff.avast.com/receive3

    HTTP Response

    200
  • 142.250.179.200:443
    https://ssl.google-analytics.com/collect
    tls, http
    instup.exe
    1.3kB
    5.7kB
    9
    9

    HTTP Request

    POST https://ssl.google-analytics.com/collect

    HTTP Response

    200
  • 34.111.24.1:443
    https://ipm.avcdn.net/?action=1&p_elm=76&p_pro=0&p_osv=10.0&p_cpua=x64&p_lid=en-us&repoid=iavs9x&p_lan=1033&p_lng=en&p_vep=23&p_ves=9&p_vbd=6082&p_cnm=RYHSSIAS&p_hid=befa3776-92c3-463e-abf8-d81806c314e7&p_bld=mmm_ava_012_999_a7i_m&p_adp=0000&p_midex=F5EA51DA667ECD6B5F2B9D06E4A3FC5239A707E5A9D81CB3284490AEDECFADD0&p_chs=5&p_chr=0&p_gccc=0&p_scr=intro&p_sbi=0&p_ram=8192&p_dpi=100&p_wndwidth=1010&p_wndheight=674&p_srid=0&p_pav=0
    tls, http
    instup.exe
    1.9kB
    36.0kB
    21
    35

    HTTP Request

    GET https://ipm.avcdn.net/?action=1&p_elm=76&p_pro=0&p_osv=10.0&p_cpua=x64&p_lid=en-us&repoid=iavs9x&p_lan=1033&p_lng=en&p_vep=23&p_ves=9&p_vbd=6082&p_cnm=RYHSSIAS&p_hid=befa3776-92c3-463e-abf8-d81806c314e7&p_bld=mmm_ava_012_999_a7i_m&p_adp=0000&p_midex=F5EA51DA667ECD6B5F2B9D06E4A3FC5239A707E5A9D81CB3284490AEDECFADD0&p_chs=5&p_chr=0&p_gccc=0&p_scr=intro&p_sbi=0&p_ram=8192&p_dpi=100&p_wndwidth=1010&p_wndheight=674&p_srid=0&p_pav=0

    HTTP Response

    200
  • 34.117.223.223:443
    https://analytics.ff.avast.com/v4/receive/get/json/10?data=%7B%22record%22%3A%5B%7B%22event%22%3A%7B%22type%22%3A10%2C%22subtype%22%3A2%2C%22request_id%22%3A%22bfd03b3c-7bc7-42b0-ba46-054d79423271%22%7D%2C%22identity%22%3A%7B%22guid%22%3A%22befa3776-92c3-463e-abf8-d81806c314e7%22%2C%22hwid%22%3A%22F5EA51DA667ECD6B5F2B9D06E4A3FC5239A707E5A9D81CB3284490AEDECFADD0%22%7D%2C%22product%22%3A%7B%22id%22%3A1%2C%22edition%22%3A1%2C%22lang%22%3A%22en-us%22%2C%22version_app%22%3A%2223.9.6082.mmm_ava_012_999_a7i_m%22%2C%22build%22%3A6082%2C%22ipm_product%22%3A0%7D%2C%22platform%22%3A%7B%22version%22%3A%2210.0%22%2C%22lang%22%3A%22en-us%22%7D%2C%22license%22%3A%7B%22subscription_mode%22%3Afalse%2C%22stack%22%3A%22STACK_AVAST%22%2C%22gen_license%22%3A%7B%7D%7D%2C%22shepherd%22%3A%7B%7D%2C%22ab_test%22%3A%7B%7D%2C%22ipm%22%3A%7B%22common%22%3A%7B%22element%22%3A76%2C%22license_type%22%3A%22STANDARD%22%2C%22licensing_stage%22%3A%22LICENSED%22%2C%22customer_segment%22%3A%22FN%22%2C%22flow_id%22%3A%22bfd03b3c-7bc7-42b0-ba46-054d79423271%22%7D%2C%22content%22%3A%7B%22content_identifier%22%3A%22fa%2Fen-ww%2Fsetup-avast-offer_nitro-secure-browser_variant-a.html%22%2C%22content_type%22%3A%22SCREEN%22%2C%22screen_language%22%3A%22en%22%2C%22screen_name%22%3A%22setup-avast-offer_nitro-secure-browser_variant-a%22%7D%2C%22action%22%3A%7B%7D%7D%7D%5D%7D
    tls, http
    instup.exe
    2.2kB
    5.8kB
    9
    9

    HTTP Request

    GET https://analytics.ff.avast.com/v4/receive/get/json/10?data=%7B%22record%22%3A%5B%7B%22event%22%3A%7B%22type%22%3A10%2C%22subtype%22%3A2%2C%22request_id%22%3A%22bfd03b3c-7bc7-42b0-ba46-054d79423271%22%7D%2C%22identity%22%3A%7B%22guid%22%3A%22befa3776-92c3-463e-abf8-d81806c314e7%22%2C%22hwid%22%3A%22F5EA51DA667ECD6B5F2B9D06E4A3FC5239A707E5A9D81CB3284490AEDECFADD0%22%7D%2C%22product%22%3A%7B%22id%22%3A1%2C%22edition%22%3A1%2C%22lang%22%3A%22en-us%22%2C%22version_app%22%3A%2223.9.6082.mmm_ava_012_999_a7i_m%22%2C%22build%22%3A6082%2C%22ipm_product%22%3A0%7D%2C%22platform%22%3A%7B%22version%22%3A%2210.0%22%2C%22lang%22%3A%22en-us%22%7D%2C%22license%22%3A%7B%22subscription_mode%22%3Afalse%2C%22stack%22%3A%22STACK_AVAST%22%2C%22gen_license%22%3A%7B%7D%7D%2C%22shepherd%22%3A%7B%7D%2C%22ab_test%22%3A%7B%7D%2C%22ipm%22%3A%7B%22common%22%3A%7B%22element%22%3A76%2C%22license_type%22%3A%22STANDARD%22%2C%22licensing_stage%22%3A%22LICENSED%22%2C%22customer_segment%22%3A%22FN%22%2C%22flow_id%22%3A%22bfd03b3c-7bc7-42b0-ba46-054d79423271%22%7D%2C%22content%22%3A%7B%22content_identifier%22%3A%22fa%2Fen-ww%2Fsetup-avast-offer_nitro-secure-browser_variant-a.html%22%2C%22content_type%22%3A%22SCREEN%22%2C%22screen_language%22%3A%22en%22%2C%22screen_name%22%3A%22setup-avast-offer_nitro-secure-browser_variant-a%22%7D%2C%22action%22%3A%7B%7D%7D%7D%5D%7D

    HTTP Response

    200
  • 142.250.179.200:443
    https://ssl.google-analytics.com/collect?v=1&tid=UA-58120669-2&cid=befa3776-92c3-463e-abf8-d81806c314e7&dh=ipm.avcdn.net&dp=fa%2Fen-us%2Fsetup-avast-offer_nitro-secure-browser_variant-a.html&z=1958476639&uid=F5EA51DA667ECD6B5F2B9D06E4A3FC5239A707E5A9D81CB3284490AEDECFADD0&ds=ipm2&dt=setup-avast-offer_nitro-secure-browser_variant-a.html&ul=en-us&cd5=fa%2Fen-us%2Fsetup-avast-offer_nitro-secure-browser_variant-a.html&t=pageview&cg2=fn&cd1=fn&cd11=en&cd14=fa%2Fen-ww%2Fsetup-avast-offer_nitro-secure-browser_variant-a.html&cd16=0&cd17=en-us&cd18=0&cd28=ipm.avcdn.net&cd100=F5EA51DA667ECD6B5F2B9D06E4A3FC5239A707E5A9D81CB3284490AEDECFADD0&cd101=0&cd102=23&cd103=9&cd104=6082&cd106=0&cd107=0&cd108=10.0&cd109=76&cd110=0&cd118=0&cd123=-1&cd127=8192&cd130=0&cd134=0&cd136=1&cd141=-1&cd142=0&cd148=18&cd153=0&cd170=setup_free_intro&cd2=FAV-0&cd3=23.9.6082.mmm_ava_012_999_a7i_m&cd4=Free%20Program%20%7C%20Registered%20%7C%2076&cd12=en-ww&cd20=mmm_ava_012_999_a7i_m&cd27=befa3776-92c3-463e-abf8-d81806c314e7&cd41=befa3776-92c3-463e-abf8-d81806c314e7&cd154=1&cd155=24&cd175=bfd03b3c-7bc7-42b0-ba46-054d79423271&cd176=bfd03b3c-7bc7-42b0-ba46-054d79423271
    tls, http
    instup.exe
    2.0kB
    5.7kB
    8
    8

    HTTP Request

    GET https://ssl.google-analytics.com/collect?v=1&tid=UA-58120669-2&cid=befa3776-92c3-463e-abf8-d81806c314e7&dh=ipm.avcdn.net&dp=fa%2Fen-us%2Fsetup-avast-offer_nitro-secure-browser_variant-a.html&z=1958476639&uid=F5EA51DA667ECD6B5F2B9D06E4A3FC5239A707E5A9D81CB3284490AEDECFADD0&ds=ipm2&dt=setup-avast-offer_nitro-secure-browser_variant-a.html&ul=en-us&cd5=fa%2Fen-us%2Fsetup-avast-offer_nitro-secure-browser_variant-a.html&t=pageview&cg2=fn&cd1=fn&cd11=en&cd14=fa%2Fen-ww%2Fsetup-avast-offer_nitro-secure-browser_variant-a.html&cd16=0&cd17=en-us&cd18=0&cd28=ipm.avcdn.net&cd100=F5EA51DA667ECD6B5F2B9D06E4A3FC5239A707E5A9D81CB3284490AEDECFADD0&cd101=0&cd102=23&cd103=9&cd104=6082&cd106=0&cd107=0&cd108=10.0&cd109=76&cd110=0&cd118=0&cd123=-1&cd127=8192&cd130=0&cd134=0&cd136=1&cd141=-1&cd142=0&cd148=18&cd153=0&cd170=setup_free_intro&cd2=FAV-0&cd3=23.9.6082.mmm_ava_012_999_a7i_m&cd4=Free%20Program%20%7C%20Registered%20%7C%2076&cd12=en-ww&cd20=mmm_ava_012_999_a7i_m&cd27=befa3776-92c3-463e-abf8-d81806c314e7&cd41=befa3776-92c3-463e-abf8-d81806c314e7&cd154=1&cd155=24&cd175=bfd03b3c-7bc7-42b0-ba46-054d79423271&cd176=bfd03b3c-7bc7-42b0-ba46-054d79423271

    HTTP Response

    200
  • 23.207.111.75:443
    https://ipmcdn.avast.com/images/banner/img_secure-browser-v2.png
    tls, http
    instup.exe
    1.4kB
    34.1kB
    18
    31

    HTTP Request

    GET https://ipmcdn.avast.com/images/banner/img_secure-browser-v2.png

    HTTP Response

    200
  • 8.8.8.8:53
    iavs9x.u.avcdn.net
    dns
    avast_free_antivirus_setup_online.exe
    64 B
    171 B
    1
    1

    DNS Request

    iavs9x.u.avcdn.net

    DNS Response

    84.53.175.64
    84.53.175.137

  • 8.8.8.8:53
    v7event.stats.avast.com
    dns
    avast_free_antivirus_setup_online_x64.exe
    69 B
    145 B
    1
    1

    DNS Request

    v7event.stats.avast.com

    DNS Response

    34.117.223.223

  • 8.8.8.8:53
    8.8.8.8.in-addr.arpa
    dns
    66 B
    90 B
    1
    1

    DNS Request

    8.8.8.8.in-addr.arpa

  • 8.8.8.8:53
    223.223.117.34.in-addr.arpa
    dns
    73 B
    126 B
    1
    1

    DNS Request

    223.223.117.34.in-addr.arpa

  • 8.8.8.8:53
    64.175.53.84.in-addr.arpa
    dns
    71 B
    135 B
    1
    1

    DNS Request

    64.175.53.84.in-addr.arpa

  • 8.8.8.8:53
    206.23.217.172.in-addr.arpa
    dns
    73 B
    173 B
    1
    1

    DNS Request

    206.23.217.172.in-addr.arpa

  • 8.8.8.8:53
    2.136.104.51.in-addr.arpa
    dns
    71 B
    157 B
    1
    1

    DNS Request

    2.136.104.51.in-addr.arpa

  • 8.8.8.8:53
    108.211.229.192.in-addr.arpa
    dns
    74 B
    145 B
    1
    1

    DNS Request

    108.211.229.192.in-addr.arpa

  • 8.8.8.8:53
    68.32.126.40.in-addr.arpa
    dns
    71 B
    157 B
    1
    1

    DNS Request

    68.32.126.40.in-addr.arpa

  • 8.8.8.8:53
    analytics.ff.avast.com
    dns
    instup.exe
    68 B
    117 B
    1
    1

    DNS Request

    analytics.ff.avast.com

    DNS Response

    34.117.223.223

  • 8.8.8.8:53
    shepherd.ff.avast.com
    dns
    instup.exe
    67 B
    110 B
    1
    1

    DNS Request

    shepherd.ff.avast.com

    DNS Response

    34.160.176.28

  • 8.8.8.8:53
    shepherd.ff.avast.com
    dns
    instup.exe
    67 B
    159 B
    1
    1

    DNS Request

    shepherd.ff.avast.com

  • 8.8.8.8:53
    shepherd.ff.avast.com
    dns
    instup.exe
    67 B
    110 B
    1
    1

    DNS Request

    shepherd.ff.avast.com

    DNS Response

    34.160.176.28

  • 8.8.8.8:53
    28.176.160.34.in-addr.arpa
    dns
    72 B
    124 B
    1
    1

    DNS Request

    28.176.160.34.in-addr.arpa

  • 8.8.8.8:53
    b8003600.iavs9x.u.avast.com
    dns
    instup.exe
    429 B
    1.1kB
    6
    6

    DNS Request

    b8003600.iavs9x.u.avast.com

    DNS Request

    g1928587.iavs9x.u.avast.com

    DNS Request

    l4691727.iavs9x.u.avast.com

    DNS Request

    r9319236.iavs9x.u.avast.com

    DNS Request

    s-iavs9x.avcdn.net

    DNS Response

    84.53.175.64
    84.53.175.137

    DNS Response

    84.53.175.64
    84.53.175.137

    DNS Request

    s1843811.iavs9x.u.avast.com

    DNS Response

    84.53.175.64
    84.53.175.137

    DNS Response

    84.53.175.137
    84.53.175.64

    DNS Response

    84.53.175.64
    84.53.175.137

    DNS Response

    23.36.245.4

  • 8.8.8.8:53
    b8003600.iavs9x.u.avast.com
    dns
    instup.exe
    73 B
    183 B
    1
    1

    DNS Request

    b8003600.iavs9x.u.avast.com

    DNS Response

    84.53.175.137
    84.53.175.64

  • 8.8.8.8:53
    g1928587.iavs9x.u.avast.com
    dns
    instup.exe
    73 B
    183 B
    1
    1

    DNS Request

    g1928587.iavs9x.u.avast.com

    DNS Response

    84.53.175.64
    84.53.175.137

  • 8.8.8.8:53
    l4691727.iavs9x.u.avast.com
    dns
    instup.exe
    73 B
    183 B
    1
    1

    DNS Request

    l4691727.iavs9x.u.avast.com

    DNS Response

    84.53.175.137
    84.53.175.64

  • 8.8.8.8:53
    r9319236.iavs9x.u.avast.com
    dns
    instup.exe
    73 B
    183 B
    1
    1

    DNS Request

    r9319236.iavs9x.u.avast.com

    DNS Response

    84.53.175.64
    84.53.175.137

  • 8.8.8.8:53
    s-iavs9x.avcdn.net
    dns
    instup.exe
    64 B
    164 B
    1
    1

    DNS Request

    s-iavs9x.avcdn.net

    DNS Response

    23.36.245.4

  • 8.8.8.8:53
    s1843811.iavs9x.u.avast.com
    dns
    instup.exe
    73 B
    183 B
    1
    1

    DNS Request

    s1843811.iavs9x.u.avast.com

    DNS Response

    84.53.175.137
    84.53.175.64

  • 8.8.8.8:53
    b8003600.iavs9x.u.avast.com
    dns
    instup.exe
    429 B
    1.2kB
    6
    6

    DNS Request

    b8003600.iavs9x.u.avast.com

    DNS Request

    g1928587.iavs9x.u.avast.com

    DNS Request

    l4691727.iavs9x.u.avast.com

    DNS Request

    r9319236.iavs9x.u.avast.com

    DNS Request

    s-iavs9x.avcdn.net

    DNS Request

    s1843811.iavs9x.u.avast.com

    DNS Response

    2a02:26f0:fe00::5c7a:6533
    2a02:26f0:fe00::5c7a:6522

    DNS Response

    2a02:26f0:fe00::5c7a:6533
    2a02:26f0:fe00::5c7a:6522

    DNS Response

    2a02:26f0:fe00::5c7a:6533
    2a02:26f0:fe00::5c7a:6522

    DNS Response

    2a02:26f0:fe00::5c7a:6533
    2a02:26f0:fe00::5c7a:6522

    DNS Response

    2a02:26f0:fe00:282::240d
    2a02:26f0:fe00:29a::240d

    DNS Response

    2a02:26f0:fe00::5c7a:6533
    2a02:26f0:fe00::5c7a:6522

  • 8.8.8.8:53
    b8003600.iavs9x.u.avast.com
    dns
    instup.exe
    73 B
    207 B
    1
    1

    DNS Request

    b8003600.iavs9x.u.avast.com

    DNS Response

    2a02:26f0:fe00::5c7a:6522
    2a02:26f0:fe00::5c7a:6533

  • 8.8.8.8:53
    g1928587.iavs9x.u.avast.com
    dns
    instup.exe
    73 B
    207 B
    1
    1

    DNS Request

    g1928587.iavs9x.u.avast.com

    DNS Response

    2a02:26f0:fe00::5c7a:6533
    2a02:26f0:fe00::5c7a:6522

  • 8.8.8.8:53
    l4691727.iavs9x.u.avast.com
    dns
    instup.exe
    73 B
    207 B
    1
    1

    DNS Request

    l4691727.iavs9x.u.avast.com

    DNS Response

    2a02:26f0:fe00::5c7a:6533
    2a02:26f0:fe00::5c7a:6522

  • 8.8.8.8:53
    r9319236.iavs9x.u.avast.com
    dns
    instup.exe
    73 B
    207 B
    1
    1

    DNS Request

    r9319236.iavs9x.u.avast.com

    DNS Response

    2a02:26f0:fe00::5c7a:6533
    2a02:26f0:fe00::5c7a:6522

  • 8.8.8.8:53
    s-iavs9x.avcdn.net
    dns
    instup.exe
    64 B
    204 B
    1
    1

    DNS Request

    s-iavs9x.avcdn.net

    DNS Response

    2a02:26f0:fe00:29a::240d
    2a02:26f0:fe00:282::240d

  • 8.8.8.8:53
    s1843811.iavs9x.u.avast.com
    dns
    instup.exe
    73 B
    1

    DNS Request

    s1843811.iavs9x.u.avast.com

  • 8.8.8.8:53
    157.123.68.40.in-addr.arpa
    dns
    72 B
    146 B
    1
    1

    DNS Request

    157.123.68.40.in-addr.arpa

  • 8.8.8.8:53
    56.126.166.20.in-addr.arpa
    dns
    72 B
    158 B
    1
    1

    DNS Request

    56.126.166.20.in-addr.arpa

  • 8.8.4.4:53
    s1843811.iavs9x.u.avast.com
    dns
    instup.exe
    73 B
    1

    DNS Request

    s1843811.iavs9x.u.avast.com

  • 8.8.8.8:53
    126.179.238.8.in-addr.arpa
    dns
    72 B
    126 B
    1
    1

    DNS Request

    126.179.238.8.in-addr.arpa

  • 8.8.8.8:53
    4.4.8.8.in-addr.arpa
    dns
    66 B
    90 B
    1
    1

    DNS Request

    4.4.8.8.in-addr.arpa

  • 8.8.8.8:53
    b7210692.iavs9x.u.avast.com
    dns
    instup.exe
    429 B
    1.1kB
    6
    6

    DNS Request

    b7210692.iavs9x.u.avast.com

    DNS Request

    f3461309.iavs9x.u.avast.com

    DNS Request

    r0965026.iavs9x.u.avast.com

    DNS Request

    s-iavs9x.avcdn.net

    DNS Request

    t1024579.iavs9x.u.avast.com

    DNS Request

    z4055813.iavs9x.u.avast.com

    DNS Response

    84.53.175.64
    84.53.175.137

    DNS Response

    23.36.245.4

    DNS Response

    84.53.175.137
    84.53.175.64

    DNS Response

    84.53.175.64
    84.53.175.137

    DNS Response

    84.53.175.64
    84.53.175.137

    DNS Response

    84.53.175.64
    84.53.175.137

  • 8.8.8.8:53
    b7210692.iavs9x.u.avast.com
    dns
    instup.exe
    73 B
    183 B
    1
    1

    DNS Request

    b7210692.iavs9x.u.avast.com

    DNS Response

    84.53.175.64
    84.53.175.137

  • 8.8.8.8:53
    f3461309.iavs9x.u.avast.com
    dns
    instup.exe
    73 B
    183 B
    1
    1

    DNS Request

    f3461309.iavs9x.u.avast.com

    DNS Response

    84.53.175.137
    84.53.175.64

  • 8.8.8.8:53
    r0965026.iavs9x.u.avast.com
    dns
    instup.exe
    73 B
    183 B
    1
    1

    DNS Request

    r0965026.iavs9x.u.avast.com

    DNS Response

    84.53.175.137
    84.53.175.64

  • 8.8.8.8:53
    s-iavs9x.avcdn.net
    dns
    instup.exe
    64 B
    164 B
    1
    1

    DNS Request

    s-iavs9x.avcdn.net

    DNS Response

    23.36.245.4

  • 8.8.8.8:53
    t1024579.iavs9x.u.avast.com
    dns
    instup.exe
    73 B
    183 B
    1
    1

    DNS Request

    t1024579.iavs9x.u.avast.com

    DNS Response

    84.53.175.137
    84.53.175.64

  • 8.8.8.8:53
    z4055813.iavs9x.u.avast.com
    dns
    instup.exe
    73 B
    183 B
    1
    1

    DNS Request

    z4055813.iavs9x.u.avast.com

    DNS Response

    84.53.175.137
    84.53.175.64

  • 8.8.8.8:53
    b7210692.iavs9x.u.avast.com
    dns
    instup.exe
    429 B
    1.2kB
    6
    6

    DNS Request

    b7210692.iavs9x.u.avast.com

    DNS Request

    f3461309.iavs9x.u.avast.com

    DNS Request

    r0965026.iavs9x.u.avast.com

    DNS Request

    s-iavs9x.avcdn.net

    DNS Request

    t1024579.iavs9x.u.avast.com

    DNS Response

    2a02:26f0:fe00::5c7a:6533
    2a02:26f0:fe00::5c7a:6522

    DNS Request

    z4055813.iavs9x.u.avast.com

    DNS Response

    2a02:26f0:fe00::5c7a:6533
    2a02:26f0:fe00::5c7a:6522

    DNS Response

    2a02:26f0:fe00::5c7a:6533
    2a02:26f0:fe00::5c7a:6522

    DNS Response

    2a02:26f0:fe00::5c7a:6533
    2a02:26f0:fe00::5c7a:6522

    DNS Response

    2a02:26f0:fe00::5c7a:6533
    2a02:26f0:fe00::5c7a:6522

    DNS Response

    2a02:26f0:fe00:29a::240d
    2a02:26f0:fe00:282::240d

  • 8.8.8.8:53
    b7210692.iavs9x.u.avast.com
    dns
    instup.exe
    73 B
    207 B
    1
    1

    DNS Request

    b7210692.iavs9x.u.avast.com

    DNS Response

    2a02:26f0:fe00::5c7a:6522
    2a02:26f0:fe00::5c7a:6533

  • 8.8.8.8:53
    f3461309.iavs9x.u.avast.com
    dns
    instup.exe
    73 B
    207 B
    1
    1

    DNS Request

    f3461309.iavs9x.u.avast.com

    DNS Response

    2a02:26f0:fe00::5c7a:6533
    2a02:26f0:fe00::5c7a:6522

  • 8.8.8.8:53
    r0965026.iavs9x.u.avast.com
    dns
    instup.exe
    73 B
    207 B
    1
    1

    DNS Request

    r0965026.iavs9x.u.avast.com

    DNS Response

    2a02:26f0:fe00::5c7a:6522
    2a02:26f0:fe00::5c7a:6533

  • 8.8.8.8:53
    s-iavs9x.avcdn.net
    dns
    instup.exe
    64 B
    204 B
    1
    1

    DNS Request

    s-iavs9x.avcdn.net

    DNS Response

    2a02:26f0:fe00:282::240d
    2a02:26f0:fe00:29a::240d

  • 8.8.8.8:53
    t1024579.iavs9x.u.avast.com
    dns
    instup.exe
    73 B
    207 B
    1
    1

    DNS Request

    t1024579.iavs9x.u.avast.com

    DNS Response

    2a02:26f0:fe00::5c7a:6533
    2a02:26f0:fe00::5c7a:6522

  • 8.8.8.8:53
    z4055813.iavs9x.u.avast.com
    dns
    instup.exe
    73 B
    207 B
    1
    1

    DNS Request

    z4055813.iavs9x.u.avast.com

    DNS Response

    2a02:26f0:fe00::5c7a:6533
    2a02:26f0:fe00::5c7a:6522

  • 8.8.8.8:53
    c3978047.vps18tiny.u.avcdn.net
    dns
    instup.exe
    447 B
    1.0kB
    6
    6

    DNS Request

    c3978047.vps18tiny.u.avcdn.net

    DNS Request

    l4691727.vps18tiny.u.avcdn.net

    DNS Request

    l7814800.vps18tiny.u.avcdn.net

    DNS Request

    n8283613.vps18tiny.u.avcdn.net

    DNS Request

    r4427608.vps18tiny.u.avcdn.net

    DNS Request

    s-vps18tiny.avcdn.net

    DNS Response

    84.53.175.50
    84.53.175.35

    DNS Response

    84.53.175.50
    84.53.175.35

    DNS Response

    84.53.175.35
    84.53.175.50

    DNS Response

    84.53.175.35
    84.53.175.50

    DNS Response

    84.53.175.50
    84.53.175.35

    DNS Response

    23.36.245.4

  • 8.8.8.8:53
    c3978047.vps18tiny.u.avcdn.net
    dns
    instup.exe
    76 B
    175 B
    1
    1

    DNS Request

    c3978047.vps18tiny.u.avcdn.net

    DNS Response

    84.53.175.50
    84.53.175.35

  • 8.8.8.8:53
    l4691727.vps18tiny.u.avcdn.net
    dns
    instup.exe
    76 B
    175 B
    1
    1

    DNS Request

    l4691727.vps18tiny.u.avcdn.net

    DNS Response

    84.53.175.50
    84.53.175.35

  • 8.8.8.8:53
    l7814800.vps18tiny.u.avcdn.net
    dns
    instup.exe
    76 B
    175 B
    1
    1

    DNS Request

    l7814800.vps18tiny.u.avcdn.net

    DNS Response

    84.53.175.50
    84.53.175.35

  • 8.8.8.8:53
    n8283613.vps18tiny.u.avcdn.net
    dns
    instup.exe
    76 B
    175 B
    1
    1

    DNS Request

    n8283613.vps18tiny.u.avcdn.net

    DNS Response

    84.53.175.50
    84.53.175.35

  • 8.8.8.8:53
    r4427608.vps18tiny.u.avcdn.net
    dns
    instup.exe
    76 B
    175 B
    1
    1

    DNS Request

    r4427608.vps18tiny.u.avcdn.net

    DNS Response

    84.53.175.50
    84.53.175.35

  • 8.8.8.8:53
    s-vps18tiny.avcdn.net
    dns
    instup.exe
    67 B
    167 B
    1
    1

    DNS Request

    s-vps18tiny.avcdn.net

    DNS Response

    23.36.245.4

  • 8.8.8.8:53
    c3978047.vps18tiny.u.avcdn.net
    dns
    instup.exe
    447 B
    1.2kB
    6
    6

    DNS Request

    c3978047.vps18tiny.u.avcdn.net

    DNS Request

    l4691727.vps18tiny.u.avcdn.net

    DNS Request

    l7814800.vps18tiny.u.avcdn.net

    DNS Request

    n8283613.vps18tiny.u.avcdn.net

    DNS Request

    r4427608.vps18tiny.u.avcdn.net

    DNS Request

    s-vps18tiny.avcdn.net

    DNS Response

    2a02:26f0:fe00::5c7a:651a
    2a02:26f0:fe00::5c7a:6530

    DNS Response

    2a02:26f0:fe00::5c7a:651a
    2a02:26f0:fe00::5c7a:6530

    DNS Response

    2a02:26f0:fe00::5c7a:651a
    2a02:26f0:fe00::5c7a:6530

    DNS Response

    2a02:26f0:fe00::5c7a:651a
    2a02:26f0:fe00::5c7a:6530

    DNS Response

    2a02:26f0:fe00::5c7a:6530
    2a02:26f0:fe00::5c7a:651a

    DNS Response

    2a02:26f0:fe00:29a::240d
    2a02:26f0:fe00:282::240d

  • 8.8.8.8:53
    c3978047.vps18tiny.u.avcdn.net
    dns
    instup.exe
    76 B
    199 B
    1
    1

    DNS Request

    c3978047.vps18tiny.u.avcdn.net

    DNS Response

    2a02:26f0:fe00::5c7a:651a
    2a02:26f0:fe00::5c7a:6530

  • 8.8.8.8:53
    l4691727.vps18tiny.u.avcdn.net
    dns
    instup.exe
    76 B
    199 B
    1
    1

    DNS Request

    l4691727.vps18tiny.u.avcdn.net

    DNS Response

    2a02:26f0:fe00::5c7a:651a
    2a02:26f0:fe00::5c7a:6530

  • 8.8.8.8:53
    l7814800.vps18tiny.u.avcdn.net
    dns
    instup.exe
    76 B
    199 B
    1
    1

    DNS Request

    l7814800.vps18tiny.u.avcdn.net

    DNS Response

    2a02:26f0:fe00::5c7a:651a
    2a02:26f0:fe00::5c7a:6530

  • 8.8.8.8:53
    n8283613.vps18tiny.u.avcdn.net
    dns
    instup.exe
    76 B
    199 B
    1
    1

    DNS Request

    n8283613.vps18tiny.u.avcdn.net

    DNS Response

    2a02:26f0:fe00::5c7a:651a
    2a02:26f0:fe00::5c7a:6530

  • 8.8.8.8:53
    r4427608.vps18tiny.u.avcdn.net
    dns
    instup.exe
    76 B
    199 B
    1
    1

    DNS Request

    r4427608.vps18tiny.u.avcdn.net

    DNS Response

    2a02:26f0:fe00::5c7a:6530
    2a02:26f0:fe00::5c7a:651a

  • 8.8.8.8:53
    s-vps18tiny.avcdn.net
    dns
    instup.exe
    67 B
    207 B
    1
    1

    DNS Request

    s-vps18tiny.avcdn.net

    DNS Response

    2a02:26f0:fe00:29a::240d
    2a02:26f0:fe00:282::240d

  • 8.8.8.8:53
    shepherd.ff.avast.com
    dns
    instup.exe
    67 B
    159 B
    1
    1

    DNS Request

    shepherd.ff.avast.com

  • 8.8.8.8:53
    50.175.53.84.in-addr.arpa
    dns
    71 B
    135 B
    1
    1

    DNS Request

    50.175.53.84.in-addr.arpa

  • 8.8.8.8:53
    v7event.stats.avast.com
    dns
    avast_free_antivirus_setup_online_x64.exe
    69 B
    145 B
    1
    1

    DNS Request

    v7event.stats.avast.com

    DNS Response

    34.117.223.223

  • 8.8.8.8:53
    v7event.stats.avast.com
    dns
    avast_free_antivirus_setup_online_x64.exe
    69 B
    145 B
    1
    1

    DNS Request

    v7event.stats.avast.com

    DNS Response

    34.117.223.223

  • 8.8.8.8:53
    v7event.stats.avast.com
    dns
    avast_free_antivirus_setup_online_x64.exe
    69 B
    194 B
    1
    1

    DNS Request

    v7event.stats.avast.com

  • 8.8.8.8:53
    v7event.stats.avast.com
    dns
    avast_free_antivirus_setup_online_x64.exe
    69 B
    194 B
    1
    1

    DNS Request

    v7event.stats.avast.com

  • 8.8.8.8:53
    v7event.stats.avast.com
    dns
    avast_free_antivirus_setup_online_x64.exe
    69 B
    145 B
    1
    1

    DNS Request

    v7event.stats.avast.com

    DNS Response

    34.117.223.223

  • 8.8.8.8:53
    ssl.google-analytics.com
    dns
    instup.exe
    70 B
    86 B
    1
    1

    DNS Request

    ssl.google-analytics.com

    DNS Response

    142.250.179.200

  • 8.8.8.8:53
    200.179.250.142.in-addr.arpa
    dns
    74 B
    112 B
    1
    1

    DNS Request

    200.179.250.142.in-addr.arpa

  • 8.8.8.8:53
    ipm.avcdn.net
    dns
    instup.exe
    59 B
    141 B
    1
    1

    DNS Request

    ipm.avcdn.net

    DNS Response

    34.111.24.1

  • 8.8.8.8:53
    ipm.avcdn.net
    dns
    instup.exe
    59 B
    141 B
    1
    1

    DNS Request

    ipm.avcdn.net

    DNS Response

    34.111.24.1

  • 8.8.8.8:53
    1.24.111.34.in-addr.arpa
    dns
    70 B
    120 B
    1
    1

    DNS Request

    1.24.111.34.in-addr.arpa

  • 8.8.8.8:53
    ipmcdn.avast.com
    dns
    instup.exe
    62 B
    157 B
    1
    1

    DNS Request

    ipmcdn.avast.com

    DNS Response

    23.207.111.75

  • 8.8.8.8:53
    analytics.ff.avast.com
    dns
    instup.exe
    68 B
    117 B
    1
    1

    DNS Request

    analytics.ff.avast.com

    DNS Response

    34.117.223.223

  • 8.8.8.8:53
    ssl.google-analytics.com
    dns
    instup.exe
    70 B
    86 B
    1
    1

    DNS Request

    ssl.google-analytics.com

    DNS Response

    142.250.179.200

  • 8.8.8.8:53
    ipmcdn.avast.com
    dns
    instup.exe
    62 B
    157 B
    1
    1

    DNS Request

    ipmcdn.avast.com

    DNS Response

    23.207.111.75

  • 8.8.8.8:53
    75.111.207.23.in-addr.arpa
    dns
    72 B
    137 B
    1
    1

    DNS Request

    75.111.207.23.in-addr.arpa

  • 8.8.8.8:53
    48.229.111.52.in-addr.arpa
    dns
    72 B
    158 B
    1
    1

    DNS Request

    48.229.111.52.in-addr.arpa

  • 8.8.8.8:53
    252.15.104.51.in-addr.arpa
    dns
    72 B
    146 B
    1
    1

    DNS Request

    252.15.104.51.in-addr.arpa

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\ProgramData\Avast Software\Persistent Data\Avast\Logs\Setup.log

    Filesize

    27KB

    MD5

    711b923aa33e084e475d027886d052c6

    SHA1

    51d91d1876c7ff6ef3b5407b2f7957446c4988fb

    SHA256

    b1fb03a5a41ab3c7441139e094cd062e45477b613b8972fbac330e84f057a00f

    SHA512

    114600e5f8c1b981a4197d8db2044e2611d75644bd5f8909fc061856b03621039ea3c29dde6c85282aa3efbfaecfb1a8b47c99dd17f3b7c6be4245f1e791688f

  • C:\ProgramData\Avast Software\Persistent Data\Avast\Logs\Setup.log

    Filesize

    2KB

    MD5

    ef6de234bfd8de3fd5f969daef77ba97

    SHA1

    92e035cd799201f62e57b47203e660a010a4a745

    SHA256

    152261b77a097a4c8e2290193bda31a86e3af1a2372281171563383f3e24e117

    SHA512

    c9ed92ec98538b610727b9a9bfafc0332dc90712a15545af31aa2746685a0b26393e87672f704f90bd845e0eb71838aefbba0e6c7f0d38a660e4fc54ddc81c15

  • C:\ProgramData\Avast Software\Persistent Data\Avast\Logs\event_manager.log

    Filesize

    142B

    MD5

    16712089ae0e7a8302eef0cfbda87abe

    SHA1

    fc13476016682402ea4aed1cf0d2c22e73d9da22

    SHA256

    fb8efcca8623552f8161c3c77d873b67e1fb6dcf3bc1bc0950e95e459bf299eb

    SHA512

    5ae61e1863b40ef51cb63ab3221994b79ce5c88c62af03b519ea7f18f8ceef1408237b576f81df9b26bd0d9c4c183e4cacd9b0bdb92bff9c7289a274b74b9fe1

  • C:\Users\Public\Documents\aswOfferTool.exe

    Filesize

    2.1MB

    MD5

    808150479511e3360d5cac3b35f6fcf2

    SHA1

    ae388884d4e0ac073ebc2e43be108fd8641815a7

    SHA256

    775bfcf98018f7eb9c968f68e087678999a79b159a2288e46508f9f2d95bd16b

    SHA512

    e6231b4e510630ac71d9e716f723856441257c3405a82f0bc8d8a9ac13cb314309088a17b0f299db8e584b53a6bed86886ec549dc8ff037af0e603104c11c1c4

  • C:\Users\Public\Documents\aswOfferTool.exe

    Filesize

    2.1MB

    MD5

    808150479511e3360d5cac3b35f6fcf2

    SHA1

    ae388884d4e0ac073ebc2e43be108fd8641815a7

    SHA256

    775bfcf98018f7eb9c968f68e087678999a79b159a2288e46508f9f2d95bd16b

    SHA512

    e6231b4e510630ac71d9e716f723856441257c3405a82f0bc8d8a9ac13cb314309088a17b0f299db8e584b53a6bed86886ec549dc8ff037af0e603104c11c1c4

  • C:\Users\Public\Documents\gcapi.dll

    Filesize

    867KB

    MD5

    3ead47f44293e18d66fb32259904197a

    SHA1

    e61e88bd81c05d4678aeb2d62c75dee35a25d16b

    SHA256

    e0d08b9da7e502ad8c75f8be52e9a08a6bcd0c5f98d360704173be33777e4905

    SHA512

    927a134bdaec1c7c13d11e4044b30f7c45bbb23d5caf1756c2beada6507a69df0a2e6252ec28a913861e4924d1c766704f1036d7fc39c6ddb22e5eb81f3007f0

  • C:\Users\Public\Documents\gcapi.dll

    Filesize

    867KB

    MD5

    3ead47f44293e18d66fb32259904197a

    SHA1

    e61e88bd81c05d4678aeb2d62c75dee35a25d16b

    SHA256

    e0d08b9da7e502ad8c75f8be52e9a08a6bcd0c5f98d360704173be33777e4905

    SHA512

    927a134bdaec1c7c13d11e4044b30f7c45bbb23d5caf1756c2beada6507a69df0a2e6252ec28a913861e4924d1c766704f1036d7fc39c6ddb22e5eb81f3007f0

  • C:\Users\Public\Documents\gcapi.dll

    Filesize

    867KB

    MD5

    3ead47f44293e18d66fb32259904197a

    SHA1

    e61e88bd81c05d4678aeb2d62c75dee35a25d16b

    SHA256

    e0d08b9da7e502ad8c75f8be52e9a08a6bcd0c5f98d360704173be33777e4905

    SHA512

    927a134bdaec1c7c13d11e4044b30f7c45bbb23d5caf1756c2beada6507a69df0a2e6252ec28a913861e4924d1c766704f1036d7fc39c6ddb22e5eb81f3007f0

  • C:\Users\Public\Documents\gcapi.dll

    Filesize

    867KB

    MD5

    3ead47f44293e18d66fb32259904197a

    SHA1

    e61e88bd81c05d4678aeb2d62c75dee35a25d16b

    SHA256

    e0d08b9da7e502ad8c75f8be52e9a08a6bcd0c5f98d360704173be33777e4905

    SHA512

    927a134bdaec1c7c13d11e4044b30f7c45bbb23d5caf1756c2beada6507a69df0a2e6252ec28a913861e4924d1c766704f1036d7fc39c6ddb22e5eb81f3007f0

  • C:\Windows\Temp\asw.b78032b754ceede6\avast_free_antivirus_setup_online_x64.exe

    Filesize

    9.9MB

    MD5

    0a9c8a91718657b5f89163128dc1cc1e

    SHA1

    40b9ea2d13eb6be1840c332d6e02e632061d2207

    SHA256

    a23ef9bd8e028faf3c419a007916a06fe41a93e6c273db3e52a4ae4d76b24dc2

    SHA512

    175b1d4cd748ec5abd998f3b4b5eb5682799cb1e416b88f43cbeba7306f6a0e00ca16b222a62d6ae3d3961fe778e83c31ea17216efe09f8a518a58717e491530

  • C:\Windows\Temp\asw.b78032b754ceede6\avast_free_antivirus_setup_online_x64.exe

    Filesize

    9.9MB

    MD5

    0a9c8a91718657b5f89163128dc1cc1e

    SHA1

    40b9ea2d13eb6be1840c332d6e02e632061d2207

    SHA256

    a23ef9bd8e028faf3c419a007916a06fe41a93e6c273db3e52a4ae4d76b24dc2

    SHA512

    175b1d4cd748ec5abd998f3b4b5eb5682799cb1e416b88f43cbeba7306f6a0e00ca16b222a62d6ae3d3961fe778e83c31ea17216efe09f8a518a58717e491530

  • C:\Windows\Temp\asw.b78032b754ceede6\avast_free_antivirus_setup_online_x64.exe

    Filesize

    9.9MB

    MD5

    0a9c8a91718657b5f89163128dc1cc1e

    SHA1

    40b9ea2d13eb6be1840c332d6e02e632061d2207

    SHA256

    a23ef9bd8e028faf3c419a007916a06fe41a93e6c273db3e52a4ae4d76b24dc2

    SHA512

    175b1d4cd748ec5abd998f3b4b5eb5682799cb1e416b88f43cbeba7306f6a0e00ca16b222a62d6ae3d3961fe778e83c31ea17216efe09f8a518a58717e491530

  • C:\Windows\Temp\asw.b78032b754ceede6\ecoo.edat

    Filesize

    21B

    MD5

    3667000a1ef99a2fa95d2ad6232deb6c

    SHA1

    2d9e6b6fe10054eb91a2c5a5d641f3088d308ed7

    SHA256

    a9faf10057b799209f3a5c81fe8798b1142968c0df9711488f67d43168255270

    SHA512

    f29421649be776edca063ed4e882f378c7a902335aa99e2955f40951e6fb82057aab53f044bd84e31071c40f86130cd0079107f3b267902170b89d72431fb928

  • C:\Windows\Temp\asw.defc4a2d8969f754\HTMLayout.dll

    Filesize

    4.0MB

    MD5

    6df77a49e9109f05f049cc490ddac43b

    SHA1

    f1d1353c14095159ddadd6f28da7f809fe23544d

    SHA256

    9d73c0193ea260725f53540757991e80a6874c855e9d726d4b9f000a5e47cce7

    SHA512

    31d59716cac574ecddc05d54217ab8c6ff4020fbef0e11089462f1146ae82ea2b04d3f694989617455b3e1e260494779332c21857fa354b9b92de4ba9ade5646

  • C:\Windows\Temp\asw.defc4a2d8969f754\HTMLayout.dll

    Filesize

    4.0MB

    MD5

    6df77a49e9109f05f049cc490ddac43b

    SHA1

    f1d1353c14095159ddadd6f28da7f809fe23544d

    SHA256

    9d73c0193ea260725f53540757991e80a6874c855e9d726d4b9f000a5e47cce7

    SHA512

    31d59716cac574ecddc05d54217ab8c6ff4020fbef0e11089462f1146ae82ea2b04d3f694989617455b3e1e260494779332c21857fa354b9b92de4ba9ade5646

  • C:\Windows\Temp\asw.defc4a2d8969f754\HTMLayout.dll

    Filesize

    4.0MB

    MD5

    6df77a49e9109f05f049cc490ddac43b

    SHA1

    f1d1353c14095159ddadd6f28da7f809fe23544d

    SHA256

    9d73c0193ea260725f53540757991e80a6874c855e9d726d4b9f000a5e47cce7

    SHA512

    31d59716cac574ecddc05d54217ab8c6ff4020fbef0e11089462f1146ae82ea2b04d3f694989617455b3e1e260494779332c21857fa354b9b92de4ba9ade5646

  • C:\Windows\Temp\asw.defc4a2d8969f754\Instup.dll

    Filesize

    21.8MB

    MD5

    56a08ab0739891737166b9ec5ba091d5

    SHA1

    824f9fb3a5e30d74b00e2c07aa4233e07c315d34

    SHA256

    f426ea1266d3eff2cd772ced53c0b497085bf01bec84333ab3b166a18f728814

    SHA512

    fec29de61d15410dfc4f6a38cd6edacb33853fede8c03b2b3ed56ee5c1ee70fb578f5cb8c93b3d21b103dca5b590225846abdc8906fe7292d455df26f30288f9

  • C:\Windows\Temp\asw.defc4a2d8969f754\Instup.dll

    Filesize

    21.8MB

    MD5

    56a08ab0739891737166b9ec5ba091d5

    SHA1

    824f9fb3a5e30d74b00e2c07aa4233e07c315d34

    SHA256

    f426ea1266d3eff2cd772ced53c0b497085bf01bec84333ab3b166a18f728814

    SHA512

    fec29de61d15410dfc4f6a38cd6edacb33853fede8c03b2b3ed56ee5c1ee70fb578f5cb8c93b3d21b103dca5b590225846abdc8906fe7292d455df26f30288f9

  • C:\Windows\Temp\asw.defc4a2d8969f754\Instup.exe

    Filesize

    3.7MB

    MD5

    90b5ab7fe78f31bb5fcc415a3674154d

    SHA1

    699120b13af9f37bc20eac7825073d20523d9415

    SHA256

    85a8c3126f58aa24d673a74215b365fbf0c4c2c6ed1b484711ac0be3fa1d2310

    SHA512

    acfafe685a8698cc4fc7fa8390d4bdbcda1b8a15d80c942587d8ddb926712e186bd7c2bab956793ba4bf454413e8cf311b2773fdddb51cc3d071a4e11e4e0023

  • C:\Windows\Temp\asw.defc4a2d8969f754\Instup.exe

    Filesize

    3.7MB

    MD5

    90b5ab7fe78f31bb5fcc415a3674154d

    SHA1

    699120b13af9f37bc20eac7825073d20523d9415

    SHA256

    85a8c3126f58aa24d673a74215b365fbf0c4c2c6ed1b484711ac0be3fa1d2310

    SHA512

    acfafe685a8698cc4fc7fa8390d4bdbcda1b8a15d80c942587d8ddb926712e186bd7c2bab956793ba4bf454413e8cf311b2773fdddb51cc3d071a4e11e4e0023

  • C:\Windows\Temp\asw.defc4a2d8969f754\New_170917c2\HTMLayout.dll

    Filesize

    4.0MB

    MD5

    6df77a49e9109f05f049cc490ddac43b

    SHA1

    f1d1353c14095159ddadd6f28da7f809fe23544d

    SHA256

    9d73c0193ea260725f53540757991e80a6874c855e9d726d4b9f000a5e47cce7

    SHA512

    31d59716cac574ecddc05d54217ab8c6ff4020fbef0e11089462f1146ae82ea2b04d3f694989617455b3e1e260494779332c21857fa354b9b92de4ba9ade5646

  • C:\Windows\Temp\asw.defc4a2d8969f754\New_170917c2\HTMLayout.dll

    Filesize

    4.0MB

    MD5

    6df77a49e9109f05f049cc490ddac43b

    SHA1

    f1d1353c14095159ddadd6f28da7f809fe23544d

    SHA256

    9d73c0193ea260725f53540757991e80a6874c855e9d726d4b9f000a5e47cce7

    SHA512

    31d59716cac574ecddc05d54217ab8c6ff4020fbef0e11089462f1146ae82ea2b04d3f694989617455b3e1e260494779332c21857fa354b9b92de4ba9ade5646

  • C:\Windows\Temp\asw.defc4a2d8969f754\New_170917c2\HTMLayout.dll

    Filesize

    4.0MB

    MD5

    6df77a49e9109f05f049cc490ddac43b

    SHA1

    f1d1353c14095159ddadd6f28da7f809fe23544d

    SHA256

    9d73c0193ea260725f53540757991e80a6874c855e9d726d4b9f000a5e47cce7

    SHA512

    31d59716cac574ecddc05d54217ab8c6ff4020fbef0e11089462f1146ae82ea2b04d3f694989617455b3e1e260494779332c21857fa354b9b92de4ba9ade5646

  • C:\Windows\Temp\asw.defc4a2d8969f754\New_170917c2\Instup.dll

    Filesize

    21.8MB

    MD5

    56a08ab0739891737166b9ec5ba091d5

    SHA1

    824f9fb3a5e30d74b00e2c07aa4233e07c315d34

    SHA256

    f426ea1266d3eff2cd772ced53c0b497085bf01bec84333ab3b166a18f728814

    SHA512

    fec29de61d15410dfc4f6a38cd6edacb33853fede8c03b2b3ed56ee5c1ee70fb578f5cb8c93b3d21b103dca5b590225846abdc8906fe7292d455df26f30288f9

  • C:\Windows\Temp\asw.defc4a2d8969f754\New_170917c2\aswOfferTool.exe

    Filesize

    2.1MB

    MD5

    808150479511e3360d5cac3b35f6fcf2

    SHA1

    ae388884d4e0ac073ebc2e43be108fd8641815a7

    SHA256

    775bfcf98018f7eb9c968f68e087678999a79b159a2288e46508f9f2d95bd16b

    SHA512

    e6231b4e510630ac71d9e716f723856441257c3405a82f0bc8d8a9ac13cb314309088a17b0f299db8e584b53a6bed86886ec549dc8ff037af0e603104c11c1c4

  • C:\Windows\Temp\asw.defc4a2d8969f754\New_170917c2\aswOfferTool.exe

    Filesize

    2.1MB

    MD5

    808150479511e3360d5cac3b35f6fcf2

    SHA1

    ae388884d4e0ac073ebc2e43be108fd8641815a7

    SHA256

    775bfcf98018f7eb9c968f68e087678999a79b159a2288e46508f9f2d95bd16b

    SHA512

    e6231b4e510630ac71d9e716f723856441257c3405a82f0bc8d8a9ac13cb314309088a17b0f299db8e584b53a6bed86886ec549dc8ff037af0e603104c11c1c4

  • C:\Windows\Temp\asw.defc4a2d8969f754\New_170917c2\aswOfferTool.exe

    Filesize

    2.1MB

    MD5

    808150479511e3360d5cac3b35f6fcf2

    SHA1

    ae388884d4e0ac073ebc2e43be108fd8641815a7

    SHA256

    775bfcf98018f7eb9c968f68e087678999a79b159a2288e46508f9f2d95bd16b

    SHA512

    e6231b4e510630ac71d9e716f723856441257c3405a82f0bc8d8a9ac13cb314309088a17b0f299db8e584b53a6bed86886ec549dc8ff037af0e603104c11c1c4

  • C:\Windows\Temp\asw.defc4a2d8969f754\New_170917c2\aswOfferTool.exe

    Filesize

    2.1MB

    MD5

    808150479511e3360d5cac3b35f6fcf2

    SHA1

    ae388884d4e0ac073ebc2e43be108fd8641815a7

    SHA256

    775bfcf98018f7eb9c968f68e087678999a79b159a2288e46508f9f2d95bd16b

    SHA512

    e6231b4e510630ac71d9e716f723856441257c3405a82f0bc8d8a9ac13cb314309088a17b0f299db8e584b53a6bed86886ec549dc8ff037af0e603104c11c1c4

  • C:\Windows\Temp\asw.defc4a2d8969f754\New_170917c2\aswOfferTool.exe

    Filesize

    2.1MB

    MD5

    808150479511e3360d5cac3b35f6fcf2

    SHA1

    ae388884d4e0ac073ebc2e43be108fd8641815a7

    SHA256

    775bfcf98018f7eb9c968f68e087678999a79b159a2288e46508f9f2d95bd16b

    SHA512

    e6231b4e510630ac71d9e716f723856441257c3405a82f0bc8d8a9ac13cb314309088a17b0f299db8e584b53a6bed86886ec549dc8ff037af0e603104c11c1c4

  • C:\Windows\Temp\asw.defc4a2d8969f754\New_170917c2\aswOfferTool.exe

    Filesize

    2.1MB

    MD5

    808150479511e3360d5cac3b35f6fcf2

    SHA1

    ae388884d4e0ac073ebc2e43be108fd8641815a7

    SHA256

    775bfcf98018f7eb9c968f68e087678999a79b159a2288e46508f9f2d95bd16b

    SHA512

    e6231b4e510630ac71d9e716f723856441257c3405a82f0bc8d8a9ac13cb314309088a17b0f299db8e584b53a6bed86886ec549dc8ff037af0e603104c11c1c4

  • C:\Windows\Temp\asw.defc4a2d8969f754\New_170917c2\aswOfferTool.exe

    Filesize

    2.1MB

    MD5

    808150479511e3360d5cac3b35f6fcf2

    SHA1

    ae388884d4e0ac073ebc2e43be108fd8641815a7

    SHA256

    775bfcf98018f7eb9c968f68e087678999a79b159a2288e46508f9f2d95bd16b

    SHA512

    e6231b4e510630ac71d9e716f723856441257c3405a82f0bc8d8a9ac13cb314309088a17b0f299db8e584b53a6bed86886ec549dc8ff037af0e603104c11c1c4

  • C:\Windows\Temp\asw.defc4a2d8969f754\New_170917c2\gcapi.dll

    Filesize

    867KB

    MD5

    3ead47f44293e18d66fb32259904197a

    SHA1

    e61e88bd81c05d4678aeb2d62c75dee35a25d16b

    SHA256

    e0d08b9da7e502ad8c75f8be52e9a08a6bcd0c5f98d360704173be33777e4905

    SHA512

    927a134bdaec1c7c13d11e4044b30f7c45bbb23d5caf1756c2beada6507a69df0a2e6252ec28a913861e4924d1c766704f1036d7fc39c6ddb22e5eb81f3007f0

  • C:\Windows\Temp\asw.defc4a2d8969f754\New_170917c2\gcapi.dll

    Filesize

    867KB

    MD5

    3ead47f44293e18d66fb32259904197a

    SHA1

    e61e88bd81c05d4678aeb2d62c75dee35a25d16b

    SHA256

    e0d08b9da7e502ad8c75f8be52e9a08a6bcd0c5f98d360704173be33777e4905

    SHA512

    927a134bdaec1c7c13d11e4044b30f7c45bbb23d5caf1756c2beada6507a69df0a2e6252ec28a913861e4924d1c766704f1036d7fc39c6ddb22e5eb81f3007f0

  • C:\Windows\Temp\asw.defc4a2d8969f754\New_170917c2\gcapi.dll

    Filesize

    867KB

    MD5

    3ead47f44293e18d66fb32259904197a

    SHA1

    e61e88bd81c05d4678aeb2d62c75dee35a25d16b

    SHA256

    e0d08b9da7e502ad8c75f8be52e9a08a6bcd0c5f98d360704173be33777e4905

    SHA512

    927a134bdaec1c7c13d11e4044b30f7c45bbb23d5caf1756c2beada6507a69df0a2e6252ec28a913861e4924d1c766704f1036d7fc39c6ddb22e5eb81f3007f0

  • C:\Windows\Temp\asw.defc4a2d8969f754\New_170917c2\gcapi.dll

    Filesize

    867KB

    MD5

    3ead47f44293e18d66fb32259904197a

    SHA1

    e61e88bd81c05d4678aeb2d62c75dee35a25d16b

    SHA256

    e0d08b9da7e502ad8c75f8be52e9a08a6bcd0c5f98d360704173be33777e4905

    SHA512

    927a134bdaec1c7c13d11e4044b30f7c45bbb23d5caf1756c2beada6507a69df0a2e6252ec28a913861e4924d1c766704f1036d7fc39c6ddb22e5eb81f3007f0

  • C:\Windows\Temp\asw.defc4a2d8969f754\New_170917c2\gcapi.dll

    Filesize

    867KB

    MD5

    3ead47f44293e18d66fb32259904197a

    SHA1

    e61e88bd81c05d4678aeb2d62c75dee35a25d16b

    SHA256

    e0d08b9da7e502ad8c75f8be52e9a08a6bcd0c5f98d360704173be33777e4905

    SHA512

    927a134bdaec1c7c13d11e4044b30f7c45bbb23d5caf1756c2beada6507a69df0a2e6252ec28a913861e4924d1c766704f1036d7fc39c6ddb22e5eb81f3007f0

  • C:\Windows\Temp\asw.defc4a2d8969f754\New_170917c2\instup.dll

    Filesize

    21.8MB

    MD5

    56a08ab0739891737166b9ec5ba091d5

    SHA1

    824f9fb3a5e30d74b00e2c07aa4233e07c315d34

    SHA256

    f426ea1266d3eff2cd772ced53c0b497085bf01bec84333ab3b166a18f728814

    SHA512

    fec29de61d15410dfc4f6a38cd6edacb33853fede8c03b2b3ed56ee5c1ee70fb578f5cb8c93b3d21b103dca5b590225846abdc8906fe7292d455df26f30288f9

  • C:\Windows\Temp\asw.defc4a2d8969f754\New_170917c2\instup.exe

    Filesize

    3.7MB

    MD5

    90b5ab7fe78f31bb5fcc415a3674154d

    SHA1

    699120b13af9f37bc20eac7825073d20523d9415

    SHA256

    85a8c3126f58aa24d673a74215b365fbf0c4c2c6ed1b484711ac0be3fa1d2310

    SHA512

    acfafe685a8698cc4fc7fa8390d4bdbcda1b8a15d80c942587d8ddb926712e186bd7c2bab956793ba4bf454413e8cf311b2773fdddb51cc3d071a4e11e4e0023

  • C:\Windows\Temp\asw.defc4a2d8969f754\asw0d86a7d34dc6a90e.ini

    Filesize

    1KB

    MD5

    69db1bba68002517087bbb86f736d8eb

    SHA1

    a7647c762f486ccfe8f044e506bf4997521cc198

    SHA256

    b6eec422994fe7f9965241c2ef8a78d394ade470fe3996643b0ad0fe1b219a7b

    SHA512

    cc4fb64a87575cbd5353e34457bfb1980cb40ee5ab07a5d14a4dfcdae2a03e54d28d1566f7a0298dee7891448c467caebbe8f3d42506f9a0aa88224210481655

  • C:\Windows\Temp\asw.defc4a2d8969f754\aswad18eca10e49652b.ini

    Filesize

    776B

    MD5

    6cde672bb4beb29dd6ef1308b4c2176f

    SHA1

    5dae1ab21315ff71e51b7249416e9ae3072b4469

    SHA256

    80b5e0604e0a0f10626732df52aa500c15a1ddee163cff2a56680b682d5608b5

    SHA512

    e11e343772b9bd82b778930d4ea17c0868e9851bfadd0e0b447a3209bedf511bf5b29577c278676035bc2326fb55cd519f83f33e0ee05b20a203aa53a94c4b6b

  • C:\Windows\Temp\asw.defc4a2d8969f754\avbugreport_x64_ais-a1b.vpx

    Filesize

    4.7MB

    MD5

    eef7137170fe8be552c2243d17c90df2

    SHA1

    d1f0e14b23310c5346df4f1a5318672c6bc822e1

    SHA256

    f29ce91481cf72f286833e477dba63fc31b0cfd63748de2ee4048cc3dc63e447

    SHA512

    4664fae2c8deb390a62559034a6d039220339f99008945eb297434f9d34aa3c766a9fa53f9f05d8267a80883f18bed1e7b8417c01c1b1cf482d5f7bfd7b003b4

  • C:\Windows\Temp\asw.defc4a2d8969f754\avdump_x64_ais-a1b.vpx

    Filesize

    1.0MB

    MD5

    44fc156d02d396f15b47d82d8f244054

    SHA1

    9771391b9d2894980fa051807a108d63f7b58408

    SHA256

    0aeec57e3a32c367e4eb38b8ef95d7eb40f2479a802e4446ceadde91505cee12

    SHA512

    c0f56f6e31368ea68fe40c14027a2f36d55f47f3c05099b532bc765b0cb4c85b366bad4205d028773ba8e372f440c63487b677417aa0bc7a5a9646d867127a6a

  • C:\Windows\Temp\asw.defc4a2d8969f754\config.def

    Filesize

    27KB

    MD5

    2074f100cce201f50090e7e5b944cd31

    SHA1

    403c13c646e4b5687fbda4804760415db8408057

    SHA256

    c285188d5e3af454764ba67ba1eb9105e0f3bf7f1e6cd64c55f044f96c36cbb9

    SHA512

    c2b17740b4c60cf6c70ff636795a6f962d429555aa53e850cf671bcdca8a677c9f66494d644bdf37d657ce70ae667b1947d0eb15aeb29eb67e8f3dab749ce9db

  • C:\Windows\Temp\asw.defc4a2d8969f754\config.def

    Filesize

    28KB

    MD5

    62d8e447aa9f79d608746f2e50ebb07c

    SHA1

    8609a26d8dd57e7e0574c337db7903d006e3b775

    SHA256

    33e4caba64240cb2c463abfceab9b81a18dd93474db0353d7a37f07fac147db8

    SHA512

    274abc476dbaba806d62b5f54007e3bc8d254b3babd88533b838f1983c01bd0372fb2c419a040b610b36d2e0ab3a4dc0a03e0ed6bdd7c8388c62147fc0d6e285

  • C:\Windows\Temp\asw.defc4a2d8969f754\config.def

    Filesize

    28KB

    MD5

    62d8e447aa9f79d608746f2e50ebb07c

    SHA1

    8609a26d8dd57e7e0574c337db7903d006e3b775

    SHA256

    33e4caba64240cb2c463abfceab9b81a18dd93474db0353d7a37f07fac147db8

    SHA512

    274abc476dbaba806d62b5f54007e3bc8d254b3babd88533b838f1983c01bd0372fb2c419a040b610b36d2e0ab3a4dc0a03e0ed6bdd7c8388c62147fc0d6e285

  • C:\Windows\Temp\asw.defc4a2d8969f754\config.def

    Filesize

    31KB

    MD5

    bc77dcfe940b4173e864dd6199f77165

    SHA1

    e0158d07c0c8a1f9fa8fddd57ae35dbc1839e218

    SHA256

    f2d3464cdbac2d65b68e4e02fbde6a7d6c1c6e7ee0b11aabc75ed45cce004994

    SHA512

    11de3ca4c03c59da0c11c20ac35f78e028f47c40589056c7c9b7674fe109b6cf9e117828de06b77f93e2ef9be8104eef9077644e9320fd1f1f3280127f1a43f9

  • C:\Windows\Temp\asw.defc4a2d8969f754\config.ini

    Filesize

    776B

    MD5

    6cde672bb4beb29dd6ef1308b4c2176f

    SHA1

    5dae1ab21315ff71e51b7249416e9ae3072b4469

    SHA256

    80b5e0604e0a0f10626732df52aa500c15a1ddee163cff2a56680b682d5608b5

    SHA512

    e11e343772b9bd82b778930d4ea17c0868e9851bfadd0e0b447a3209bedf511bf5b29577c278676035bc2326fb55cd519f83f33e0ee05b20a203aa53a94c4b6b

  • C:\Windows\Temp\asw.defc4a2d8969f754\instcont_x64_ais-a1b.vpx

    Filesize

    3.7MB

    MD5

    90b5ab7fe78f31bb5fcc415a3674154d

    SHA1

    699120b13af9f37bc20eac7825073d20523d9415

    SHA256

    85a8c3126f58aa24d673a74215b365fbf0c4c2c6ed1b484711ac0be3fa1d2310

    SHA512

    acfafe685a8698cc4fc7fa8390d4bdbcda1b8a15d80c942587d8ddb926712e186bd7c2bab956793ba4bf454413e8cf311b2773fdddb51cc3d071a4e11e4e0023

  • C:\Windows\Temp\asw.defc4a2d8969f754\instup_x64_ais-a1b.vpx

    Filesize

    21.8MB

    MD5

    56a08ab0739891737166b9ec5ba091d5

    SHA1

    824f9fb3a5e30d74b00e2c07aa4233e07c315d34

    SHA256

    f426ea1266d3eff2cd772ced53c0b497085bf01bec84333ab3b166a18f728814

    SHA512

    fec29de61d15410dfc4f6a38cd6edacb33853fede8c03b2b3ed56ee5c1ee70fb578f5cb8c93b3d21b103dca5b590225846abdc8906fe7292d455df26f30288f9

  • C:\Windows\Temp\asw.defc4a2d8969f754\instup_x64_ais-a1b.vpx

    Filesize

    21.8MB

    MD5

    56a08ab0739891737166b9ec5ba091d5

    SHA1

    824f9fb3a5e30d74b00e2c07aa4233e07c315d34

    SHA256

    f426ea1266d3eff2cd772ced53c0b497085bf01bec84333ab3b166a18f728814

    SHA512

    fec29de61d15410dfc4f6a38cd6edacb33853fede8c03b2b3ed56ee5c1ee70fb578f5cb8c93b3d21b103dca5b590225846abdc8906fe7292d455df26f30288f9

  • C:\Windows\Temp\asw.defc4a2d8969f754\offertool_x64_ais-a1b.vpx

    Filesize

    2.1MB

    MD5

    808150479511e3360d5cac3b35f6fcf2

    SHA1

    ae388884d4e0ac073ebc2e43be108fd8641815a7

    SHA256

    775bfcf98018f7eb9c968f68e087678999a79b159a2288e46508f9f2d95bd16b

    SHA512

    e6231b4e510630ac71d9e716f723856441257c3405a82f0bc8d8a9ac13cb314309088a17b0f299db8e584b53a6bed86886ec549dc8ff037af0e603104c11c1c4

  • C:\Windows\Temp\asw.defc4a2d8969f754\part-jrog2-7d.vpx

    Filesize

    211B

    MD5

    6f7e8a4ecb72c523bd7d31df00b1c585

    SHA1

    b956ecf1ab8c33049431b5cb0046d5696ec03df2

    SHA256

    694fa232383f1bfa1de3de6f0607ec7f24412f669f72010e8427c0e711ab7343

    SHA512

    e6c9f1b7164d84687679f5b0e9af635dd15e73ce36c52cb0db79c2a92890c06073fefc3e627972e47675eb1ee10ad50c88bd7d0f50a4a7317fbab681decd15d2

  • C:\Windows\Temp\asw.defc4a2d8969f754\part-prg_ais-170917c2.vpx

    Filesize

    74KB

    MD5

    3b7c2d6294a969884c1c12e56e4c1f57

    SHA1

    d6a3f896f59c20eb1baac8c4a182ad2ae6e28c75

    SHA256

    c5ba83d753f9f49b491ef717742c6532b755c2adaffda6729915ff071ce09103

    SHA512

    789bd8559dd9127cccd2336a0194f7a0783c9f43b3c0eb4f14050ff9fa177255eb9ea7d948ea6429cb46c8cb8545efbd2de7813091f899508c33c4812e39a2e7

  • C:\Windows\Temp\asw.defc4a2d8969f754\part-setup_ais-170917c2.vpx

    Filesize

    4KB

    MD5

    2425758177a1b2cd2e7023f9079ec16e

    SHA1

    43d73471ca4d4b2d431ff16228a3c807e8282161

    SHA256

    550e2a2e26e56b7a91dbc0a1b79dbfdb7ff5dbf4125531a0740021881b3a54b5

    SHA512

    cd15624b5fae17f6c4beb2d4971f0f56f4f67514bdd52a3da3333d918379b8a9fca3a79978ee1f3d59fe635d2e45aec3fd2fa9746909b335a01f11d409d806f2

  • C:\Windows\Temp\asw.defc4a2d8969f754\part-vps_windows-23101499.vpx

    Filesize

    7KB

    MD5

    967d79775dee23a78cf524ffffdb8f9e

    SHA1

    5763819c8828c1dbf2962deef3977b2995bce415

    SHA256

    38dc9e2587216f5050beee21c425784bd775dec4cb93bbc6ba3089b53dc7d2db

    SHA512

    b0bbfddfc46d449faca2978dc5313c34f17b7f80f8840881de4eb27fe8cca8e860c9c849f87a1314178cec29a71db33802d0faf5d5b772d61c7147413b8479fc

  • C:\Windows\Temp\asw.defc4a2d8969f754\prod-pgm.vpx

    Filesize

    572B

    MD5

    8d19380d13ddb276d6d4916f9249de30

    SHA1

    38c6debfc34017ce1b516b16d7087219e1a3d9f3

    SHA256

    c223bac4d0607cb1e1f3f93df59d77a761bf6a70158fbd58031fb19baa30162e

    SHA512

    b0b0070caddd5ea3187511c0aa2784b1db2dad0bd1be2f579bdee53d6ea95919e484c4cb1c71edf90772b06a4d32a344dbcdd288d15d346e4bb7356b4b5931b1

  • C:\Windows\Temp\asw.defc4a2d8969f754\prod-vps.vpx

    Filesize

    343B

    MD5

    3006eb2f30a8893079d2d218e549550c

    SHA1

    cc149ce8d492be0e2c6a8198f415ce25f88e4d6e

    SHA256

    f2d4915124c274cbb02f3ef7449da92e0b8719b6c51bc847557c3c32670f144c

    SHA512

    6070ade5a4d1a78110010769a3c14867cde8d42e9d4a16d4e09d56e66d0f49fc10bcbaf561caf748ea1f5cdeca0424eaad94f6645735593616d7500131ff746c

  • C:\Windows\Temp\asw.defc4a2d8969f754\prod-vps.vpx

    Filesize

    340B

    MD5

    be1c2d7f944e5ccb922232b23572d4f1

    SHA1

    e1380119aacf97794c53d22d3d85c509d511692d

    SHA256

    50f2b2d80b778393c8ae598db47853701a2a998c388620a7c715dde12cd721c1

    SHA512

    2b8d4fbcb499097d1b2851e31e6209e1fca0e0492c686cf0afa6b3e7324aa5b8906b40d2fe38bf008f71f0e399116a90075db68fc84d0e06505115c48994d2d9

  • C:\Windows\Temp\asw.defc4a2d8969f754\sbr_x64_ais-a1b.vpx

    Filesize

    19KB

    MD5

    4a2e4d82a3540d5419297f74f2cc7806

    SHA1

    80997fc93c2f9ae7376f793f9af81b84f0a22d64

    SHA256

    97c310431444bed0b3ed0c1633f14644ede471a375ba2406a58fff4b1f105625

    SHA512

    950b575128d4b9abd50d43b91783f10491219222b3d1c8376ec98e384ff134f5eba314447926402b78c9fb7b36a5645d14b28843631227ad27956e85eb3c57e8

  • C:\Windows\Temp\asw.defc4a2d8969f754\servers.def

    Filesize

    29KB

    MD5

    fdd67548f6593a9a9df47db471e3407e

    SHA1

    a2e35bfc90e0a70a41b3ac7bbe24e2937b1ec09f

    SHA256

    4f24b85f4c97a5485bf7c4460e4c195fa4b4f1da5816d1e8adb814dd0aa7b575

    SHA512

    93884d6acfbe2f2408d677ddb3a70a72a316e5432d09bd0eb9b9be128d1add409050df3be29d2e5e6a6e632a841fcec83bcd5f783700af99e6bb411e6aef8f8f

  • C:\Windows\Temp\asw.defc4a2d8969f754\servers.def

    Filesize

    29KB

    MD5

    fdd67548f6593a9a9df47db471e3407e

    SHA1

    a2e35bfc90e0a70a41b3ac7bbe24e2937b1ec09f

    SHA256

    4f24b85f4c97a5485bf7c4460e4c195fa4b4f1da5816d1e8adb814dd0aa7b575

    SHA512

    93884d6acfbe2f2408d677ddb3a70a72a316e5432d09bd0eb9b9be128d1add409050df3be29d2e5e6a6e632a841fcec83bcd5f783700af99e6bb411e6aef8f8f

  • C:\Windows\Temp\asw.defc4a2d8969f754\servers.def.lkg

    Filesize

    29KB

    MD5

    fdd67548f6593a9a9df47db471e3407e

    SHA1

    a2e35bfc90e0a70a41b3ac7bbe24e2937b1ec09f

    SHA256

    4f24b85f4c97a5485bf7c4460e4c195fa4b4f1da5816d1e8adb814dd0aa7b575

    SHA512

    93884d6acfbe2f2408d677ddb3a70a72a316e5432d09bd0eb9b9be128d1add409050df3be29d2e5e6a6e632a841fcec83bcd5f783700af99e6bb411e6aef8f8f

  • C:\Windows\Temp\asw.defc4a2d8969f754\servers.def.vpx

    Filesize

    2KB

    MD5

    af0fb774d3aae25e6d199706bc660fdd

    SHA1

    9c5b215b3e06961b54cc6143fad697e810df8c82

    SHA256

    eb563fbd0f5bfeb09902c4db5788fba04582959ce6662af2a83aa7eea69e420c

    SHA512

    81bb03edb92e7ff0d2b998335ab8a89563bf19be3f785d6992b00feb89f3b1b64bbc6f9cfd02b25b9dec0fda12c2dfc181d9dd91ea366ad79b1a5bc8ada9dea1

  • C:\Windows\Temp\asw.defc4a2d8969f754\setgui_x64_ais-a1b.vpx

    Filesize

    4.0MB

    MD5

    6df77a49e9109f05f049cc490ddac43b

    SHA1

    f1d1353c14095159ddadd6f28da7f809fe23544d

    SHA256

    9d73c0193ea260725f53540757991e80a6874c855e9d726d4b9f000a5e47cce7

    SHA512

    31d59716cac574ecddc05d54217ab8c6ff4020fbef0e11089462f1146ae82ea2b04d3f694989617455b3e1e260494779332c21857fa354b9b92de4ba9ade5646

  • C:\Windows\Temp\asw.defc4a2d8969f754\setgui_x64_ais-a1b.vpx

    Filesize

    4.0MB

    MD5

    6df77a49e9109f05f049cc490ddac43b

    SHA1

    f1d1353c14095159ddadd6f28da7f809fe23544d

    SHA256

    9d73c0193ea260725f53540757991e80a6874c855e9d726d4b9f000a5e47cce7

    SHA512

    31d59716cac574ecddc05d54217ab8c6ff4020fbef0e11089462f1146ae82ea2b04d3f694989617455b3e1e260494779332c21857fa354b9b92de4ba9ade5646

  • C:\Windows\Temp\asw.defc4a2d8969f754\setup.def

    Filesize

    38KB

    MD5

    1afab016deb47c3cb268f666d78e9c65

    SHA1

    ab7dc546e16de1ff0952b256bb399eb6a1aa0c4c

    SHA256

    76daaa15b418f8eeac9ba8cf5b1ca17fd6c78fd23dc6937e7c4ce5fbf6aaf25c

    SHA512

    062676a297c5aea97efe46cb3117c64dc0a586bd3525cdcaf93a74de2adf4006a1e4b0d3977f8cbb27f09d4085c3aa930925bbae6204ec077a255de881bd37a6

  • C:\Windows\Temp\asw.defc4a2d8969f754\uat64.dll

    Filesize

    29KB

    MD5

    e77f9f6241a53fee7ca7095859a4986a

    SHA1

    29820936035fb68b8b29c1be08341fae18cac14e

    SHA256

    6649da55038c59d0f831e370b477a008546be2ceb125fa1de568238ad35899b8

    SHA512

    087fc5aff4fffa3c2ef789303e2b90c5dd4372d67fb8aa872813f7ab1a0d6b33ffd19ffd4448414efeecfacbc7b6bcd0fc7ff69edc0604b1a1b5c498ed0c99e6

  • C:\Windows\Temp\asw.defc4a2d8969f754\uat64.dll

    Filesize

    29KB

    MD5

    e77f9f6241a53fee7ca7095859a4986a

    SHA1

    29820936035fb68b8b29c1be08341fae18cac14e

    SHA256

    6649da55038c59d0f831e370b477a008546be2ceb125fa1de568238ad35899b8

    SHA512

    087fc5aff4fffa3c2ef789303e2b90c5dd4372d67fb8aa872813f7ab1a0d6b33ffd19ffd4448414efeecfacbc7b6bcd0fc7ff69edc0604b1a1b5c498ed0c99e6

  • C:\Windows\Temp\asw.defc4a2d8969f754\uat64.dll

    Filesize

    29KB

    MD5

    e77f9f6241a53fee7ca7095859a4986a

    SHA1

    29820936035fb68b8b29c1be08341fae18cac14e

    SHA256

    6649da55038c59d0f831e370b477a008546be2ceb125fa1de568238ad35899b8

    SHA512

    087fc5aff4fffa3c2ef789303e2b90c5dd4372d67fb8aa872813f7ab1a0d6b33ffd19ffd4448414efeecfacbc7b6bcd0fc7ff69edc0604b1a1b5c498ed0c99e6

  • C:\Windows\Temp\asw.defc4a2d8969f754\uat64.dll

    Filesize

    29KB

    MD5

    e77f9f6241a53fee7ca7095859a4986a

    SHA1

    29820936035fb68b8b29c1be08341fae18cac14e

    SHA256

    6649da55038c59d0f831e370b477a008546be2ceb125fa1de568238ad35899b8

    SHA512

    087fc5aff4fffa3c2ef789303e2b90c5dd4372d67fb8aa872813f7ab1a0d6b33ffd19ffd4448414efeecfacbc7b6bcd0fc7ff69edc0604b1a1b5c498ed0c99e6

  • C:\Windows\Temp\asw.defc4a2d8969f754\uat64.vpx

    Filesize

    16KB

    MD5

    fb78e1d04ead991718b60800fe65b3a4

    SHA1

    d5038ad11b32fcbb568333bd7f2512ef92162c1c

    SHA256

    6ece666c17e4cd2be075d75078b57545162bc970af4c19c41d9c34569b3f8ea3

    SHA512

    39e9baa63e276752366338cfd1a977b2a999d37aa008a286e90fdf23495173f16e4b3c6ac875787afd79ec418433587164090fc43672d1e856628b6388dd433c

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.