Analysis
-
max time kernel
125s -
max time network
140s -
platform
windows10-2004_x64 -
resource
win10v2004-20240611-en -
resource tags
arch:x64arch:x86image:win10v2004-20240611-enlocale:en-usos:windows10-2004-x64system -
submitted
12/06/2024, 09:52 UTC
Static task
static1
Behavioral task
behavioral1
Sample
c4df16d335825ebfeaa2f812681a27032bd7e1e7ccaf0e6cad4cda6f25d40568.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
c4df16d335825ebfeaa2f812681a27032bd7e1e7ccaf0e6cad4cda6f25d40568.exe
Resource
win10v2004-20240611-en
General
-
Target
c4df16d335825ebfeaa2f812681a27032bd7e1e7ccaf0e6cad4cda6f25d40568.exe
-
Size
219KB
-
MD5
105d0f2bcd9667e474c60be026298d6a
-
SHA1
589e7829ed8b371b1787c7952192fe13b257674a
-
SHA256
c4df16d335825ebfeaa2f812681a27032bd7e1e7ccaf0e6cad4cda6f25d40568
-
SHA512
2937cffb77a20a075538eeac63132b3fbcc326dcbd24f7ea020814b07eaad77ae9b8597399880a400cf78e0ed223123477b6a55acec0372f93a940c0c006dec6
-
SSDEEP
3072:42RaiKg4xmUh1WXHqw/l+qmOELhakVsm3mxB32tLEv8zfdn5f2dZLCoKOhh9K0KT:40KgGwHqwOOELha+sm2D2+UhngNHK46p
Malware Config
Signatures
-
Downloads MZ/PE file
-
Executes dropped EXE 11 IoCs
pid Process 4900 avg_antivirus_free_setup_x64.exe 216 instup.exe 1676 instup.exe 3436 aswOfferTool.exe 2292 aswOfferTool.exe 452 aswOfferTool.exe 3056 aswOfferTool.exe 1656 aswOfferTool.exe 4680 aswOfferTool.exe 3376 aswOfferTool.exe 4412 aswOfferTool.exe -
Loads dropped DLL 13 IoCs
pid Process 3336 c4df16d335825ebfeaa2f812681a27032bd7e1e7ccaf0e6cad4cda6f25d40568.exe 216 instup.exe 216 instup.exe 216 instup.exe 216 instup.exe 1676 instup.exe 1676 instup.exe 1676 instup.exe 1676 instup.exe 452 aswOfferTool.exe 1656 aswOfferTool.exe 3376 aswOfferTool.exe 4412 aswOfferTool.exe -
Checks for any installed AV software in registry 1 TTPs 6 IoCs
description ioc Process Key opened \REGISTRY\MACHINE\Software\AVAST Software\Avast avg_antivirus_free_setup_x64.exe Key opened \REGISTRY\MACHINE\Software\AVAST Software\Avast instup.exe Key opened \REGISTRY\MACHINE\Software\Avira\Antivirus instup.exe Key opened \REGISTRY\MACHINE\Software\AVAST Software\Avast instup.exe Key opened \REGISTRY\MACHINE\Software\Avira\Antivirus instup.exe Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Services\avast! Antivirus instup.exe -
Writes to the Master Boot Record (MBR) 1 TTPs 4 IoCs
Bootkits write to the MBR to gain persistence at a level below the operating system.
description ioc Process File opened for modification \??\PhysicalDrive0 instup.exe File opened for modification \??\PhysicalDrive0 c4df16d335825ebfeaa2f812681a27032bd7e1e7ccaf0e6cad4cda6f25d40568.exe File opened for modification \??\PhysicalDrive0 avg_antivirus_free_setup_x64.exe File opened for modification \??\PhysicalDrive0 instup.exe -
Checks processor information in registry 2 TTPs 15 IoCs
Processor information is often read in order to detect sandboxing environments.
description ioc Process Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 instup.exe Key opened \REGISTRY\MACHINE\Hardware\Description\System\CentralProcessor\0 instup.exe Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString instup.exe Key opened \REGISTRY\MACHINE\Hardware\Description\System\CentralProcessor\0 avg_antivirus_free_setup_x64.exe Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz instup.exe Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision instup.exe Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision avg_antivirus_free_setup_x64.exe Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature instup.exe Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision instup.exe Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString instup.exe Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature instup.exe Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature avg_antivirus_free_setup_x64.exe Key opened \REGISTRY\MACHINE\Hardware\Description\System\CentralProcessor\0 instup.exe Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 instup.exe Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz instup.exe -
Modifies registry class 64 IoCs
description ioc Process Set value (int) \REGISTRY\MACHINE\SOFTWARE\Classes\AvgPersistentStorage\InstupProgress_UpdateSetup_Syncer = "14" instup.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\AvgPersistentStorage\InstupProgress_Description = "Extracting file: aswOfferTool.exe" instup.exe Set value (int) \REGISTRY\MACHINE\SOFTWARE\Classes\AvgPersistentStorage\InstupProgress_UpdateSetup_Syncer = "88" instup.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\AvgPersistentStorage\InstupProgress_Description = "File downloaded: sbr_x64_ais-d08.vpx" instup.exe Set value (int) \REGISTRY\MACHINE\SOFTWARE\Classes\AvgPersistentStorage\SfxInstProgress = "14" avg_antivirus_free_setup_x64.exe Set value (int) \REGISTRY\MACHINE\SOFTWARE\Classes\AvgPersistentStorage\InstupProgress_UpdateSetup_Syncer = "12" instup.exe Set value (int) \REGISTRY\MACHINE\SOFTWARE\Classes\AvgPersistentStorage\InstupProgress_UpdateSetup_Syncer = "38" instup.exe Set value (int) \REGISTRY\MACHINE\SOFTWARE\Classes\AvgPersistentStorage\InstupProgress_UpdateSetup_Syncer = "40" instup.exe Set value (int) \REGISTRY\MACHINE\SOFTWARE\Classes\AvgPersistentStorage\InstupProgress_UpdateSetup_Syncer = "71" instup.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\AvgPersistentStorage\InstupProgress_Description = "Updating package: avbugreport_x64_ais" instup.exe Set value (int) \REGISTRY\MACHINE\SOFTWARE\Classes\AvgPersistentStorage\InstupProgress_UpdateSetup_Main = "25" instup.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\AvgPersistentStorage\InstupProgress_Description = "File downloaded: offertool_x64_ais-d08.vpx" instup.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\AvgPersistentStorage instup.exe Set value (int) \REGISTRY\MACHINE\SOFTWARE\Classes\AvgPersistentStorage\InstupProgress_UpdateSetup_Syncer = "9" instup.exe Set value (int) \REGISTRY\MACHINE\SOFTWARE\Classes\AvgPersistentStorage\InstupProgress_UpdateSetup_Syncer = "25" instup.exe Set value (int) \REGISTRY\MACHINE\SOFTWARE\Classes\AvgPersistentStorage\InstupProgress_UpdateSetup_Syncer = "60" instup.exe Set value (int) \REGISTRY\MACHINE\SOFTWARE\Classes\AvgPersistentStorage\InstupProgress_UpdateSetup_Main = "100" instup.exe Set value (int) \REGISTRY\MACHINE\SOFTWARE\Classes\AvgPersistentStorage\InstupProgress_Installation_Main = "0" instup.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\AvgPersistentStorage\InstupProgress_Description = "Checking install conditions" instup.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\AvgPersistentStorage\InstupProgress_Description = "File downloaded: servers.def.vpx" instup.exe Set value (int) \REGISTRY\MACHINE\SOFTWARE\Classes\AvgPersistentStorage\InstupProgress_UpdateSetup_Syncer = "15" instup.exe Set value (int) \REGISTRY\MACHINE\SOFTWARE\Classes\AvgPersistentStorage\InstupProgress_UpdateSetup_Syncer = "74" instup.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\AvgPersistentStorage\InstupProgress_Description = "File downloaded: instup_x64_ais-d08.vpx" instup.exe Set value (int) \REGISTRY\MACHINE\SOFTWARE\Classes\AvgPersistentStorage\InstupProgress_UpdateSetup_Syncer = "93" instup.exe Set value (int) \REGISTRY\MACHINE\SOFTWARE\Classes\AvgPersistentStorage\InstupProgress_UpdateSetup_Main = "12" instup.exe Set value (int) \REGISTRY\MACHINE\SOFTWARE\Classes\AvgPersistentStorage\InstupProgress_UpdateSetup_Syncer = "70" instup.exe Set value (int) \REGISTRY\MACHINE\SOFTWARE\Classes\AvgPersistentStorage\SfxInstProgress = "57" avg_antivirus_free_setup_x64.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\AvgPersistentStorage\InstupProgress_Description = "DNS resolving" instup.exe Set value (int) \REGISTRY\MACHINE\SOFTWARE\Classes\AvgPersistentStorage\InstupProgress_UpdateSetup_Syncer = "13" instup.exe Set value (int) \REGISTRY\MACHINE\SOFTWARE\Classes\AvgPersistentStorage\InstupProgress_UpdateSetup_Syncer = "51" instup.exe Set value (int) \REGISTRY\MACHINE\SOFTWARE\Classes\AvgPersistentStorage\InstupProgress_UpdateSetup_Syncer = "73" instup.exe Set value (int) \REGISTRY\MACHINE\SOFTWARE\Classes\AvgPersistentStorage\InstupProgress_UpdateSetup_Syncer = "77" instup.exe Set value (int) \REGISTRY\MACHINE\SOFTWARE\Classes\AvgPersistentStorage\SfxInstProgress = "35" avg_antivirus_free_setup_x64.exe Set value (int) \REGISTRY\MACHINE\SOFTWARE\Classes\AvgPersistentStorage\InstupProgress_UpdateSetup_Main = "0" instup.exe Set value (int) \REGISTRY\MACHINE\SOFTWARE\Classes\AvgPersistentStorage\InstupProgress_UpdateSetup_Syncer = "100" instup.exe Set value (int) \REGISTRY\MACHINE\SOFTWARE\Classes\AvgPersistentStorage\InstupProgress_UpdateSetup_Syncer = "17" instup.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\AvgPersistentStorage\InstupProgress_Description = "File downloaded: prod-pgm.vpx" instup.exe Set value (int) \REGISTRY\MACHINE\SOFTWARE\Classes\AvgPersistentStorage\InstupProgress_UpdateSetup_Syncer = "3" instup.exe Set value (int) \REGISTRY\MACHINE\SOFTWARE\Classes\AvgPersistentStorage\InstupProgress_UpdateSetup_Syncer = "27" instup.exe Set value (int) \REGISTRY\MACHINE\SOFTWARE\Classes\AvgPersistentStorage\InstupProgress_UpdateSetup_Syncer = "87" instup.exe Set value (int) \REGISTRY\MACHINE\SOFTWARE\Classes\AvgPersistentStorage\InstupProgress_UpdateSetup_Syncer = "4" instup.exe Set value (int) \REGISTRY\MACHINE\SOFTWARE\Classes\AvgPersistentStorage\InstupProgress_UpdateSetup_Syncer = "61" instup.exe Set value (int) \REGISTRY\MACHINE\SOFTWARE\Classes\AvgPersistentStorage\InstupProgress_UpdateSetup_Syncer = "62" instup.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\AvgPersistentStorage\InstupProgress_Description = "Extracting file: instup.dll" instup.exe Set value (int) \REGISTRY\MACHINE\SOFTWARE\Classes\AvgPersistentStorage\InstupProgress_UpdateSetup_Syncer = "54" instup.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\AvgPersistentStorage\InstupProgress_Description = "Updating package: offertool_x64_ais" instup.exe Set value (int) \REGISTRY\MACHINE\SOFTWARE\Classes\AvgPersistentStorage\InstupProgress_UpdateSetup_Syncer = "0" instup.exe Set value (int) \REGISTRY\MACHINE\SOFTWARE\Classes\AvgPersistentStorage\InstupProgress_UpdateSetup_Syncer = "30" instup.exe Set value (int) \REGISTRY\MACHINE\SOFTWARE\Classes\AvgPersistentStorage\InstupProgress_UpdateSetup_Syncer = "46" instup.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\AvgPersistentStorage\InstupProgress_Description = "Updating package: setgui_x64_ais" instup.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\AvgPersistentStorage\InstupProgress_Description = "Extracting file: sbr.exe" instup.exe Set value (int) \REGISTRY\MACHINE\SOFTWARE\Classes\AvgPersistentStorage\InstupProgress_UpdateSetup_Syncer = "33" instup.exe Set value (int) \REGISTRY\MACHINE\SOFTWARE\Classes\AvgPersistentStorage\InstupProgress_UpdateSetup_Syncer = "45" instup.exe Set value (int) \REGISTRY\MACHINE\SOFTWARE\Classes\AvgPersistentStorage\InstupProgress_UpdateSetup_Syncer = "67" instup.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\AvgPersistentStorage\InstupProgress_Description = "Updating package: sbr_x64_ais" instup.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\AvgPersistentStorage\InstupProgress_Description = "File downloaded: avdump_x64_ais-d08.vpx" instup.exe Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\AvgPersistentStorage\InstupProgress_Description = "Updating package: avdump_x86_ais" instup.exe Key created \REGISTRY\MACHINE\SOFTWARE\Classes\AvgPersistentStorage avg_antivirus_free_setup_x64.exe Set value (int) \REGISTRY\MACHINE\SOFTWARE\Classes\AvgPersistentStorage\SfxInstProgress = "78" avg_antivirus_free_setup_x64.exe Set value (int) \REGISTRY\MACHINE\SOFTWARE\Classes\AvgPersistentStorage\InstupProgress_UpdateSetup_Syncer = "18" instup.exe Set value (int) \REGISTRY\MACHINE\SOFTWARE\Classes\AvgPersistentStorage\InstupProgress_UpdateSetup_Syncer = "35" instup.exe Set value (int) \REGISTRY\MACHINE\SOFTWARE\Classes\AvgPersistentStorage\InstupProgress_UpdateSetup_Syncer = "78" instup.exe Set value (int) \REGISTRY\MACHINE\SOFTWARE\Classes\AvgPersistentStorage\InstupProgress_UpdateSetup_Syncer = "95" instup.exe Set value (int) \REGISTRY\MACHINE\SOFTWARE\Classes\AvgPersistentStorage\InstupProgress_Installation_Syncer = "100" instup.exe -
Suspicious behavior: EnumeratesProcesses 8 IoCs
pid Process 4900 avg_antivirus_free_setup_x64.exe 4900 avg_antivirus_free_setup_x64.exe 1676 instup.exe 1676 instup.exe 1676 instup.exe 1676 instup.exe 1676 instup.exe 1676 instup.exe -
Suspicious use of AdjustPrivilegeToken 9 IoCs
description pid Process Token: 32 4900 avg_antivirus_free_setup_x64.exe Token: SeDebugPrivilege 216 instup.exe Token: 32 216 instup.exe Token: SeDebugPrivilege 1676 instup.exe Token: 32 1676 instup.exe Token: SeDebugPrivilege 3056 aswOfferTool.exe Token: SeImpersonatePrivilege 3056 aswOfferTool.exe Token: SeDebugPrivilege 4680 aswOfferTool.exe Token: SeImpersonatePrivilege 4680 aswOfferTool.exe -
Suspicious use of SetWindowsHookEx 2 IoCs
pid Process 216 instup.exe 1676 instup.exe -
Suspicious use of WriteProcessMemory 24 IoCs
description pid Process procid_target PID 3336 wrote to memory of 4900 3336 c4df16d335825ebfeaa2f812681a27032bd7e1e7ccaf0e6cad4cda6f25d40568.exe 91 PID 3336 wrote to memory of 4900 3336 c4df16d335825ebfeaa2f812681a27032bd7e1e7ccaf0e6cad4cda6f25d40568.exe 91 PID 4900 wrote to memory of 216 4900 avg_antivirus_free_setup_x64.exe 92 PID 4900 wrote to memory of 216 4900 avg_antivirus_free_setup_x64.exe 92 PID 216 wrote to memory of 1676 216 instup.exe 93 PID 216 wrote to memory of 1676 216 instup.exe 93 PID 1676 wrote to memory of 3436 1676 instup.exe 94 PID 1676 wrote to memory of 3436 1676 instup.exe 94 PID 1676 wrote to memory of 3436 1676 instup.exe 94 PID 1676 wrote to memory of 2292 1676 instup.exe 95 PID 1676 wrote to memory of 2292 1676 instup.exe 95 PID 1676 wrote to memory of 2292 1676 instup.exe 95 PID 1676 wrote to memory of 452 1676 instup.exe 96 PID 1676 wrote to memory of 452 1676 instup.exe 96 PID 1676 wrote to memory of 452 1676 instup.exe 96 PID 1676 wrote to memory of 3056 1676 instup.exe 97 PID 1676 wrote to memory of 3056 1676 instup.exe 97 PID 1676 wrote to memory of 3056 1676 instup.exe 97 PID 1676 wrote to memory of 4680 1676 instup.exe 100 PID 1676 wrote to memory of 4680 1676 instup.exe 100 PID 1676 wrote to memory of 4680 1676 instup.exe 100 PID 1676 wrote to memory of 4412 1676 instup.exe 102 PID 1676 wrote to memory of 4412 1676 instup.exe 102 PID 1676 wrote to memory of 4412 1676 instup.exe 102
Processes
-
C:\Users\Admin\AppData\Local\Temp\c4df16d335825ebfeaa2f812681a27032bd7e1e7ccaf0e6cad4cda6f25d40568.exe"C:\Users\Admin\AppData\Local\Temp\c4df16d335825ebfeaa2f812681a27032bd7e1e7ccaf0e6cad4cda6f25d40568.exe"1⤵
- Loads dropped DLL
- Writes to the Master Boot Record (MBR)
- Suspicious use of WriteProcessMemory
PID:3336 -
C:\Windows\Temp\asw.eecc863cc3decc7b\avg_antivirus_free_setup_x64.exe"C:\Windows\Temp\asw.eecc863cc3decc7b\avg_antivirus_free_setup_x64.exe" /cookie:mmm_bav_tst_007_402_f /ga_clientid:0d7835ce-cfbc-44fd-a61d-d83a60311cc8 /edat_dir:C:\Windows\Temp\asw.eecc863cc3decc7b2⤵
- Executes dropped EXE
- Checks for any installed AV software in registry
- Writes to the Master Boot Record (MBR)
- Checks processor information in registry
- Modifies registry class
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of WriteProcessMemory
PID:4900 -
C:\Windows\Temp\asw.bfabaa787f845146\instup.exe"C:\Windows\Temp\asw.bfabaa787f845146\instup.exe" /sfx:lite /sfxstorage:C:\Windows\Temp\asw.bfabaa787f845146 /edition:15 /prod:ais /stub_context:2c64507b-b59f-4dfd-839b-8d41d68a8629:9994552 /guid:84c21b69-27f1-47fc-9d8f-99820cf029ac /ga_clientid:0d7835ce-cfbc-44fd-a61d-d83a60311cc8 /cookie:mmm_bav_tst_007_402_f /ga_clientid:0d7835ce-cfbc-44fd-a61d-d83a60311cc8 /edat_dir:C:\Windows\Temp\asw.eecc863cc3decc7b3⤵
- Executes dropped EXE
- Loads dropped DLL
- Checks for any installed AV software in registry
- Writes to the Master Boot Record (MBR)
- Checks processor information in registry
- Modifies registry class
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:216 -
C:\Windows\Temp\asw.bfabaa787f845146\New_18050d08\instup.exe"C:\Windows\Temp\asw.bfabaa787f845146\New_18050d08\instup.exe" /sfx /sfxstorage:C:\Windows\Temp\asw.bfabaa787f845146 /edition:15 /prod:ais /stub_context:2c64507b-b59f-4dfd-839b-8d41d68a8629:9994552 /guid:84c21b69-27f1-47fc-9d8f-99820cf029ac /ga_clientid:0d7835ce-cfbc-44fd-a61d-d83a60311cc8 /cookie:mmm_bav_tst_007_402_f /edat_dir:C:\Windows\Temp\asw.eecc863cc3decc7b /online_installer4⤵
- Executes dropped EXE
- Loads dropped DLL
- Checks for any installed AV software in registry
- Writes to the Master Boot Record (MBR)
- Checks processor information in registry
- Modifies registry class
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:1676 -
C:\Windows\Temp\asw.bfabaa787f845146\New_18050d08\aswOfferTool.exe"C:\Windows\Temp\asw.bfabaa787f845146\New_18050d08\aswOfferTool.exe" -checkGToolbar -elevated5⤵
- Executes dropped EXE
PID:3436
-
-
C:\Windows\Temp\asw.bfabaa787f845146\New_18050d08\aswOfferTool.exe"C:\Windows\Temp\asw.bfabaa787f845146\New_18050d08\aswOfferTool.exe" /check_secure_browser5⤵
- Executes dropped EXE
PID:2292
-
-
C:\Windows\Temp\asw.bfabaa787f845146\New_18050d08\aswOfferTool.exe"C:\Windows\Temp\asw.bfabaa787f845146\New_18050d08\aswOfferTool.exe" -checkChrome -elevated5⤵
- Executes dropped EXE
- Loads dropped DLL
PID:452
-
-
C:\Windows\Temp\asw.bfabaa787f845146\New_18050d08\aswOfferTool.exe"C:\Windows\Temp\asw.bfabaa787f845146\New_18050d08\aswOfferTool.exe" -checkChromeReactivation -elevated -bc=AWFC5⤵
- Executes dropped EXE
- Suspicious use of AdjustPrivilegeToken
PID:3056 -
C:\Users\Public\Documents\aswOfferTool.exe"C:\Users\Public\Documents\aswOfferTool.exe" -checkChromeReactivation -bc=AWFC6⤵
- Executes dropped EXE
- Loads dropped DLL
PID:1656
-
-
-
C:\Windows\Temp\asw.bfabaa787f845146\New_18050d08\aswOfferTool.exe"C:\Windows\Temp\asw.bfabaa787f845146\New_18050d08\aswOfferTool.exe" -checkChromeReactivation -elevated -bc=AWFC5⤵
- Executes dropped EXE
- Suspicious use of AdjustPrivilegeToken
PID:4680 -
C:\Users\Public\Documents\aswOfferTool.exe"C:\Users\Public\Documents\aswOfferTool.exe" -checkChromeReactivation -bc=AWFC6⤵
- Executes dropped EXE
- Loads dropped DLL
PID:3376
-
-
-
C:\Windows\Temp\asw.bfabaa787f845146\New_18050d08\aswOfferTool.exe"C:\Windows\Temp\asw.bfabaa787f845146\New_18050d08\aswOfferTool.exe" -checkChrome -elevated5⤵
- Executes dropped EXE
- Loads dropped DLL
PID:4412
-
-
-
-
-
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --field-trial-handle=3852,i,7977653611488681184,6839495125838449898,262144 --variations-seed-version --mojo-platform-channel-handle=4040 /prefetch:81⤵PID:212
Network
-
Remote address:8.8.8.8:53Requestiavs9x.avg.u.avcdn.netIN AResponseiavs9x.avg.u.avcdn.netIN CNAMEiavs9x4.u.avcdn.net.edgesuite.netiavs9x4.u.avcdn.net.edgesuite.netIN CNAMEa117.dscd.akamai.neta117.dscd.akamai.netIN A23.73.139.81a117.dscd.akamai.netIN A23.73.139.56
-
Remote address:8.8.8.8:53Requestv7event.stats.avast.comIN AResponsev7event.stats.avast.comIN CNAMEanalytics.ff.avast.comanalytics.ff.avast.comIN CNAMEanalytics-prod-gcp.ff.avast.comanalytics-prod-gcp.ff.avast.comIN A34.117.223.223
-
POSThttp://v7event.stats.avast.com/cgi-bin/iavsevents.cgic4df16d335825ebfeaa2f812681a27032bd7e1e7ccaf0e6cad4cda6f25d40568.exeRemote address:34.117.223.223:80RequestPOST /cgi-bin/iavsevents.cgi HTTP/1.1
Connection: Keep-Alive
Content-Type: iavs4/stats
User-Agent: AVG Microstub/2.1
Content-Length: 268
Host: v7event.stats.avast.com
ResponseHTTP/1.1 204 No Content
Date: Wed, 12 Jun 2024 09:52:48 GMT
Via: 1.1 google
-
POSThttp://v7event.stats.avast.com/cgi-bin/iavsevents.cgic4df16d335825ebfeaa2f812681a27032bd7e1e7ccaf0e6cad4cda6f25d40568.exeRemote address:34.117.223.223:80RequestPOST /cgi-bin/iavsevents.cgi HTTP/1.1
Connection: Keep-Alive
Content-Type: iavs4/stats
User-Agent: AVG Microstub/2.1
Content-Length: 282
Host: v7event.stats.avast.com
ResponseHTTP/1.1 204 No Content
Date: Wed, 12 Jun 2024 09:52:56 GMT
Via: 1.1 google
-
POSThttp://www.google-analytics.com/collectc4df16d335825ebfeaa2f812681a27032bd7e1e7ccaf0e6cad4cda6f25d40568.exeRemote address:216.58.213.14:80RequestPOST /collect HTTP/1.1
Connection: Keep-Alive
User-Agent: AVG Microstub/2.1
Content-Length: 140
Host: www.google-analytics.com
ResponseHTTP/1.1 200 OK
Date: Wed, 12 Jun 2024 09:52:48 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate
Last-Modified: Sun, 17 May 1998 03:00:00 GMT
X-Content-Type-Options: nosniff
Content-Type: image/gif
Cross-Origin-Resource-Policy: cross-origin
Server: Golfe2
Content-Length: 35
-
POSThttp://www.google-analytics.com/collectc4df16d335825ebfeaa2f812681a27032bd7e1e7ccaf0e6cad4cda6f25d40568.exeRemote address:216.58.213.14:80RequestPOST /collect HTTP/1.1
Connection: Keep-Alive
User-Agent: AVG Microstub/2.1
Content-Length: 143
Host: www.google-analytics.com
ResponseHTTP/1.1 200 OK
Date: Wed, 12 Jun 2024 09:52:56 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate
Last-Modified: Sun, 17 May 1998 03:00:00 GMT
X-Content-Type-Options: nosniff
Content-Type: image/gif
Cross-Origin-Resource-Policy: cross-origin
Server: Golfe2
Content-Length: 35
-
Remote address:8.8.8.8:53Requestg.bing.comIN AResponseg.bing.comIN CNAMEg-bing-com.dual-a-0034.a-msedge.netg-bing-com.dual-a-0034.a-msedge.netIN CNAMEdual-a-0034.a-msedge.netdual-a-0034.a-msedge.netIN A204.79.197.237dual-a-0034.a-msedge.netIN A13.107.21.237
-
GEThttps://g.bing.com/neg/0?action=impression&rlink=https%3A%2F%2Fwww.bing.com%2Faclick%3Fld%3De8TzD80AXHemFM0p5li3gwezVUCUyd_ACmPOlMBeKmGfAvja8shH-WCVcWeaeHQYyzr4hCcAKuQcU-NZrmI32uWiOF8z2pKTAaK39MmKoTbu3p0zGoxP8u8wxTUpBxuAtTcr0mon3uu3N7yibL0260Aup6YOQ8avurh0Kj5-Kd_keW7zuw%26u%3DbWljcm9zb2Z0LWVkZ2UlM2FodHRwcyUzYSUyZiUyZnd3dy5taWNyb3NvZnQuY29tJTJmbWljcm9zb2Z0LTM2NSUyZm1pY3Jvc29mdC0zNjUtYmFzaWMtZmFxcyUzZk9DSUQlM2RjbW1sdWMyOWxxOQ%26rlid%3Dfaab1187f039144342cb77ef3b0a9d69&TIME=20240611T221026Z&CID=531098720&EID=531098720&tids=15000&adUnitId=11730597&localId=w:8CE4F47C-62C1-CBA1-6083-4AA98427395E&deviceId=6825835407638640&muid=8CE4F47C62C1CBA160834AA98427395ERemote address:204.79.197.237:443RequestGET /neg/0?action=impression&rlink=https%3A%2F%2Fwww.bing.com%2Faclick%3Fld%3De8TzD80AXHemFM0p5li3gwezVUCUyd_ACmPOlMBeKmGfAvja8shH-WCVcWeaeHQYyzr4hCcAKuQcU-NZrmI32uWiOF8z2pKTAaK39MmKoTbu3p0zGoxP8u8wxTUpBxuAtTcr0mon3uu3N7yibL0260Aup6YOQ8avurh0Kj5-Kd_keW7zuw%26u%3DbWljcm9zb2Z0LWVkZ2UlM2FodHRwcyUzYSUyZiUyZnd3dy5taWNyb3NvZnQuY29tJTJmbWljcm9zb2Z0LTM2NSUyZm1pY3Jvc29mdC0zNjUtYmFzaWMtZmFxcyUzZk9DSUQlM2RjbW1sdWMyOWxxOQ%26rlid%3Dfaab1187f039144342cb77ef3b0a9d69&TIME=20240611T221026Z&CID=531098720&EID=531098720&tids=15000&adUnitId=11730597&localId=w:8CE4F47C-62C1-CBA1-6083-4AA98427395E&deviceId=6825835407638640&muid=8CE4F47C62C1CBA160834AA98427395E HTTP/2.0
host: g.bing.com
accept-encoding: gzip, deflate
user-agent: WindowsShellClient/9.0.40929.0 (Windows)
ResponseHTTP/2.0 204
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MUID=11FA1080E0D46C351EFA041CE16F6D59; domain=.bing.com; expires=Mon, 07-Jul-2025 09:52:49 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 7C9357C56F284550BD9053D36F4EA157 Ref B: LON04EDGE0817 Ref C: 2024-06-12T09:52:49Z
date: Wed, 12 Jun 2024 09:52:48 GMT
-
GEThttps://g.bing.com/neg/0?action=impression&rlink=https%3A%2F%2Fwww.bing.com%2Faclick%3Fld%3De8TzD80AXHemFM0p5li3gwezVUCUyd_ACmPOlMBeKmGfAvja8shH-WCVcWeaeHQYyzr4hCcAKuQcU-NZrmI32uWiOF8z2pKTAaK39MmKoTbu3p0zGoxP8u8wxTUpBxuAtTcr0mon3uu3N7yibL0260Aup6YOQ8avurh0Kj5-Kd_keW7zuw%26u%3DbWljcm9zb2Z0LWVkZ2UlM2FodHRwcyUzYSUyZiUyZnd3dy5taWNyb3NvZnQuY29tJTJmbWljcm9zb2Z0LTM2NSUyZm1pY3Jvc29mdC0zNjUtYmFzaWMtZmFxcyUzZk9DSUQlM2RjbW1sdWMyOWxxOQ%26rlid%3Dfaab1187f039144342cb77ef3b0a9d69&TIME=20240611T221026Z&CID=531098720&EID=&tids=15000&adUnitId=11730597&localId=w:8CE4F47C-62C1-CBA1-6083-4AA98427395E&deviceId=6825835407638640&muid=8CE4F47C62C1CBA160834AA98427395ERemote address:204.79.197.237:443RequestGET /neg/0?action=impression&rlink=https%3A%2F%2Fwww.bing.com%2Faclick%3Fld%3De8TzD80AXHemFM0p5li3gwezVUCUyd_ACmPOlMBeKmGfAvja8shH-WCVcWeaeHQYyzr4hCcAKuQcU-NZrmI32uWiOF8z2pKTAaK39MmKoTbu3p0zGoxP8u8wxTUpBxuAtTcr0mon3uu3N7yibL0260Aup6YOQ8avurh0Kj5-Kd_keW7zuw%26u%3DbWljcm9zb2Z0LWVkZ2UlM2FodHRwcyUzYSUyZiUyZnd3dy5taWNyb3NvZnQuY29tJTJmbWljcm9zb2Z0LTM2NSUyZm1pY3Jvc29mdC0zNjUtYmFzaWMtZmFxcyUzZk9DSUQlM2RjbW1sdWMyOWxxOQ%26rlid%3Dfaab1187f039144342cb77ef3b0a9d69&TIME=20240611T221026Z&CID=531098720&EID=&tids=15000&adUnitId=11730597&localId=w:8CE4F47C-62C1-CBA1-6083-4AA98427395E&deviceId=6825835407638640&muid=8CE4F47C62C1CBA160834AA98427395E HTTP/2.0
host: g.bing.com
accept-encoding: gzip, deflate
user-agent: WindowsShellClient/9.0.40929.0 (Windows)
cookie: MUID=11FA1080E0D46C351EFA041CE16F6D59; _EDGE_S=SID=13BDB94A741660500C60ADD675106191
ResponseHTTP/2.0 204
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MSPTC=r9IEIpgE4xysX4mNPR6qqI7uEd-BcFoGXc0ES3xHVbs; domain=.bing.com; expires=Mon, 07-Jul-2025 09:52:49 GMT; path=/; Partitioned; secure; SameSite=None
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 71677715AAAF4BFC9FFD346051CE94A7 Ref B: LON04EDGE0817 Ref C: 2024-06-12T09:52:49Z
date: Wed, 12 Jun 2024 09:52:49 GMT
-
GEThttps://www.bing.com/aes/c.gif?RG=8d1e52730a014cfdbe18e33db04dd9d1&med=10&pubId=251978541&tids=15000&type=mv&reqver=1.0&TIME=20240611T221026Z&adUnitId=11730597&localId=w:8CE4F47C-62C1-CBA1-6083-4AA98427395E&deviceId=6825835407638640Remote address:88.221.83.218:443RequestGET /aes/c.gif?RG=8d1e52730a014cfdbe18e33db04dd9d1&med=10&pubId=251978541&tids=15000&type=mv&reqver=1.0&TIME=20240611T221026Z&adUnitId=11730597&localId=w:8CE4F47C-62C1-CBA1-6083-4AA98427395E&deviceId=6825835407638640 HTTP/2.0
host: www.bing.com
accept-encoding: gzip, deflate
user-agent: WindowsShellClient/9.0.40929.0 (Windows)
cookie: MUID=11FA1080E0D46C351EFA041CE16F6D59
ResponseHTTP/2.0 200
pragma: no-cache
vary: Origin
p3p: CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 7F449249089C49F69F5D574589AA018A Ref B: LON212050701033 Ref C: 2024-06-12T09:52:49Z
content-length: 0
date: Wed, 12 Jun 2024 09:52:49 GMT
set-cookie: _EDGE_S=SID=13BDB94A741660500C60ADD675106191; path=/; httponly; domain=bing.com
set-cookie: MUIDB=11FA1080E0D46C351EFA041CE16F6D59; path=/; httponly; expires=Mon, 07-Jul-2025 09:52:49 GMT
alt-svc: h3=":443"; ma=93600
x-cdn-traceid: 0.d653dd58.1718185969.6419a7f
-
Remote address:8.8.8.8:53Request8.8.8.8.in-addr.arpaIN PTRResponse8.8.8.8.in-addr.arpaIN PTRdnsgoogle
-
Remote address:8.8.8.8:53Request14.213.58.216.in-addr.arpaIN PTRResponse14.213.58.216.in-addr.arpaIN PTRber01s14-in-f141e100net14.213.58.216.in-addr.arpaIN PTRlhr25s25-in-f14�H
-
Remote address:8.8.8.8:53Request223.223.117.34.in-addr.arpaIN PTRResponse223.223.117.34.in-addr.arpaIN PTR22322311734bcgoogleusercontentcom
-
Remote address:8.8.8.8:53Request81.139.73.23.in-addr.arpaIN PTRResponse81.139.73.23.in-addr.arpaIN PTRa23-73-139-81deploystaticakamaitechnologiescom
-
Remote address:8.8.8.8:53Request71.31.126.40.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Request237.197.79.204.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Request218.83.221.88.in-addr.arpaIN PTRResponse218.83.221.88.in-addr.arpaIN PTRa88-221-83-218deploystaticakamaitechnologiescom
-
GEThttp://iavs9x.avg.u.avcdn.net/avg/iavs9x/avg_antivirus_free_setup_x64.exec4df16d335825ebfeaa2f812681a27032bd7e1e7ccaf0e6cad4cda6f25d40568.exeRemote address:23.73.139.81:80RequestGET /avg/iavs9x/avg_antivirus_free_setup_x64.exe HTTP/1.1
Connection: Keep-Alive
User-Agent: avast! Antivirus (instup)
Host: iavs9x.avg.u.avcdn.net
ResponseHTTP/1.1 200 OK
Content-Type: application/octet-stream
Content-Length: 9994552
Last-Modified: Tue, 28 May 2024 09:46:18 GMT
ETag: "6655a7ea-988138"
Access-Control-Allow-Origin: *
x-cache-status: HIT
x-origin-cache: vpsorigin-cache-re-prod-001.europe-west1-b.ppp-lopst-vpsorigin-10
Accept-Ranges: bytes
Cache-Control: max-age=1
Expires: Wed, 12 Jun 2024 09:52:55 GMT
Date: Wed, 12 Jun 2024 09:52:54 GMT
Connection: keep-alive
-
Remote address:8.8.8.8:53Requestv7event.stats.avcdn.netIN AResponsev7event.stats.avcdn.netIN CNAMEanalytics.ff.avast.comanalytics.ff.avast.comIN CNAMEanalytics-prod-gcp.ff.avast.comanalytics-prod-gcp.ff.avast.comIN A34.117.223.223
-
Remote address:8.8.8.8:53Requestanalytics.avcdn.netIN AResponseanalytics.avcdn.netIN CNAMEanalytics.ff.avast.comanalytics.ff.avast.comIN CNAMEanalytics-prod-gcp.ff.avast.comanalytics-prod-gcp.ff.avast.comIN A34.117.223.223
-
GEThttp://www.google-analytics.com/collect?aiid=mmm_bav_tst_007_402_f&an=Avg%20Free&av=24.5.9153&cd=stub-extended&cd3=Online&cid=84c21b69-27f1-47fc-9d8f-99820cf029ac&dt=Installation&t=screenview&tid=UA-58120669-4&v=1avg_antivirus_free_setup_x64.exeRemote address:216.58.213.14:80RequestGET /collect?aiid=mmm_bav_tst_007_402_f&an=Avg%20Free&av=24.5.9153&cd=stub-extended&cd3=Online&cid=84c21b69-27f1-47fc-9d8f-99820cf029ac&dt=Installation&t=screenview&tid=UA-58120669-4&v=1 HTTP/1.1
Connection: Keep-Alive
User-Agent: Avast SFX/1.0
Host: www.google-analytics.com
ResponseHTTP/1.1 200 OK
Pragma: no-cache
X-Content-Type-Options: nosniff
Cross-Origin-Resource-Policy: cross-origin
Server: Golfe2
Content-Length: 35
Date: Tue, 11 Jun 2024 21:07:49 GMT
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate
Age: 45907
Last-Modified: Sun, 17 May 1998 03:00:00 GMT
Content-Type: image/gif
-
Remote address:34.117.223.223:443RequestPOST /cgi-bin/iavsevents.cgi HTTP/1.1
Connection: Keep-Alive
Content-Type: iavs4/stats
Content-MD5: cBw7ZB3ReqgC5NBacIuGvA==
User-Agent: Avast SimpleHttp/3.0
Content-Length: 382
Host: v7event.stats.avcdn.net
ResponseHTTP/1.1 204 No Content
Date: Wed, 12 Jun 2024 09:52:57 GMT
Via: 1.1 google
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
-
Remote address:34.117.223.223:443RequestPOST /cgi-bin/iavsevents.cgi HTTP/1.1
Connection: Keep-Alive
Content-Type: iavs4/stats
Content-MD5: cBw7ZB3ReqgC5NBacIuGvA==
User-Agent: Avast SimpleHttp/3.0
Content-Length: 382
Host: v7event.stats.avcdn.net
ResponseHTTP/1.1 204 No Content
Date: Wed, 12 Jun 2024 09:52:57 GMT
Via: 1.1 google
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
-
Remote address:34.117.223.223:443RequestPOST /v4/receive/json/70 HTTP/1.1
Connection: Keep-Alive
Content-Type: application/json
User-Agent: Avast SimpleHttp/3.0
Content-Length: 595
Host: analytics.avcdn.net
ResponseHTTP/1.1 200 OK
Date: Wed, 12 Jun 2024 09:52:57 GMT
Content-Type: application/json
Content-Length: 19
Via: 1.1 google
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
-
Remote address:8.8.8.8:53Requestshepherd.avcdn.netIN AResponseshepherd.avcdn.netIN CNAMEshepherd.ff.avast.comshepherd.ff.avast.comIN CNAMEshepherd-gcp.ff.avast.comshepherd-gcp.ff.avast.comIN A34.160.176.28
-
Remote address:8.8.8.8:53Requestshepherd.avcdn.netIN AAAAResponseshepherd.avcdn.netIN CNAMEshepherd.ff.avast.comshepherd.ff.avast.comIN CNAMEshepherd-gcp.ff.avast.com
-
Remote address:8.8.8.8:53Requestshepherd.avcdn.netIN AResponseshepherd.avcdn.netIN CNAMEshepherd.ff.avast.comshepherd.ff.avast.comIN CNAMEshepherd-gcp.ff.avast.comshepherd-gcp.ff.avast.comIN A34.160.176.28
-
Remote address:34.160.176.28:443RequestPOST / HTTP/1.1
Connection: Keep-Alive
Content-Type: application/x-www-form-urlencoded
Host: shepherd.avcdn.net
User-Agent: Avast Antivirus
Content-Length: 267
ResponseHTTP/1.1 200 OK
Date: Wed, 12 Jun 2024 09:52:58 GMT
Content-Type: text/plain
Content-Length: 19354
AB-Tests: dfc58839-be72-45b0-b5e8-6c31c27f4a30:A,oa-7820-v1-fake-blatny:a
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Config-Id, Config-Name, Config-Version, Segments, AB-Tests, TTL, TTL-Spread
Config-Id: 9
Config-Name: AVG-Windows-AV-Consumer_websocket-testing_release-20-percent-userbase_ipm_6363_chrome_offer_setup_free_avg-free_version-18.6-and-higher_windows-8-and-higher_avg-free-and-release_uk-gb_production_product-version-older-than-24.4_quic-sni-block-release_pap-before-20.2_avg-r18-7-and-r18-8-and-older_new-installation_versions-older-than-23.1_opening-browser-onboarding_ipm_6513_open_ui_a_v19.2-and-older-6dab41b0c2b07742937620ff69fddadb9ad6d67d36fd14ee001d72f894358198
Config-Version: 2089
Segments: websocket testing,release 20 percent userbase,ipm_6363_chrome_offer_setup_free,avg free,version 18.6 and higher,windows 8 and higher,avg free and release,uk gb,production,product version older than 24.4,quic sni block release,pap before 20.2,avg r18 7 and r18 8 and older,new installation,versions older than 23.1,opening browser onboarding,ipm_6513_open_ui_a,v19.2 and older
TTL: 86400
TTL-Spread: 43200
Via: 1.1 google
Alt-Svc: clear
-
Remote address:8.8.8.8:53Request28.176.160.34.in-addr.arpaIN PTRResponse28.176.160.34.in-addr.arpaIN PTR2817616034bcgoogleusercontentcom
-
Remote address:8.8.8.8:53Requestb0017156.iavs9x.avg.u.avcdn.netIN AResponses-iavs9x.avcdn.netIN CNAMEfallbackupdates.avcdn.net.edgekey.netfallbackupdates.avcdn.net.edgekey.netIN CNAMEe9229.dscd.akamaiedge.nete9229.dscd.akamaiedge.netIN A104.120.141.25
-
Remote address:8.8.8.8:53Requestg5856219.iavs9x.avg.u.avcdn.netIN AResponsel9346865.iavs9x.avg.u.avcdn.netIN CNAMEiavs9x4.u.avcdn.net.edgesuite.netiavs9x4.u.avcdn.net.edgesuite.netIN CNAMEa117.dscd.akamai.neta117.dscd.akamai.netIN A23.73.139.81a117.dscd.akamai.netIN A23.73.139.56
-
Remote address:8.8.8.8:53Requestl9346865.iavs9x.avg.u.avcdn.netIN AResponseg5856219.iavs9x.avg.u.avcdn.netIN CNAMEiavs9x4.u.avcdn.net.edgesuite.netiavs9x4.u.avcdn.net.edgesuite.netIN CNAMEa117.dscd.akamai.neta117.dscd.akamai.netIN A23.73.139.56a117.dscd.akamai.netIN A23.73.139.81
-
Remote address:8.8.8.8:53Requestl9518228.iavs9x.avg.u.avcdn.netIN AResponseb0017156.iavs9x.avg.u.avcdn.netIN CNAMEiavs9x4.u.avcdn.net.edgesuite.netiavs9x4.u.avcdn.net.edgesuite.netIN CNAMEa117.dscd.akamai.neta117.dscd.akamai.netIN A23.73.139.56a117.dscd.akamai.netIN A23.73.139.81
-
Remote address:8.8.8.8:53Requests-iavs9x.avcdn.netIN AResponsel9518228.iavs9x.avg.u.avcdn.netIN CNAMEiavs9x4.u.avcdn.net.edgesuite.netiavs9x4.u.avcdn.net.edgesuite.netIN CNAMEa117.dscd.akamai.neta117.dscd.akamai.netIN A23.73.139.81a117.dscd.akamai.netIN A23.73.139.56
-
Remote address:8.8.8.8:53Requests9788044.iavs9x.avg.u.avcdn.netIN AResponses9788044.iavs9x.avg.u.avcdn.netIN CNAMEiavs9x4.u.avcdn.net.edgesuite.netiavs9x4.u.avcdn.net.edgesuite.netIN CNAMEa117.dscd.akamai.neta117.dscd.akamai.netIN A23.73.139.56a117.dscd.akamai.netIN A23.73.139.81
-
Remote address:8.8.8.8:53Requestb0017156.iavs9x.avg.u.avcdn.netIN AResponseb0017156.iavs9x.avg.u.avcdn.netIN CNAMEiavs9x4.u.avcdn.net.edgesuite.netiavs9x4.u.avcdn.net.edgesuite.netIN CNAMEa117.dscd.akamai.neta117.dscd.akamai.netIN A23.73.139.56a117.dscd.akamai.netIN A23.73.139.81
-
Remote address:8.8.8.8:53Requestg5856219.iavs9x.avg.u.avcdn.netIN AResponseg5856219.iavs9x.avg.u.avcdn.netIN CNAMEiavs9x4.u.avcdn.net.edgesuite.netiavs9x4.u.avcdn.net.edgesuite.netIN CNAMEa117.dscd.akamai.neta117.dscd.akamai.netIN A23.73.139.56a117.dscd.akamai.netIN A23.73.139.81
-
Remote address:8.8.8.8:53Requestl9346865.iavs9x.avg.u.avcdn.netIN AResponsel9346865.iavs9x.avg.u.avcdn.netIN CNAMEiavs9x4.u.avcdn.net.edgesuite.netiavs9x4.u.avcdn.net.edgesuite.netIN CNAMEa117.dscd.akamai.neta117.dscd.akamai.netIN A23.73.139.56a117.dscd.akamai.netIN A23.73.139.81
-
Remote address:8.8.8.8:53Requestl9518228.iavs9x.avg.u.avcdn.netIN AResponsel9518228.iavs9x.avg.u.avcdn.netIN CNAMEiavs9x4.u.avcdn.net.edgesuite.netiavs9x4.u.avcdn.net.edgesuite.netIN CNAMEa117.dscd.akamai.neta117.dscd.akamai.netIN A23.73.139.56a117.dscd.akamai.netIN A23.73.139.81
-
Remote address:8.8.8.8:53Requests-iavs9x.avcdn.netIN AResponses-iavs9x.avcdn.netIN CNAMEfallbackupdates.avcdn.net.edgekey.netfallbackupdates.avcdn.net.edgekey.netIN CNAMEe9229.dscd.akamaiedge.nete9229.dscd.akamaiedge.netIN A104.120.141.25
-
Remote address:8.8.8.8:53Requests9788044.iavs9x.avg.u.avcdn.netIN AResponses9788044.iavs9x.avg.u.avcdn.netIN CNAMEiavs9x4.u.avcdn.net.edgesuite.netiavs9x4.u.avcdn.net.edgesuite.netIN CNAMEa117.dscd.akamai.neta117.dscd.akamai.netIN A23.73.139.56a117.dscd.akamai.netIN A23.73.139.81
-
Remote address:8.8.8.8:53Requestb0017156.iavs9x.avg.u.avcdn.netIN AAAAResponseb0017156.iavs9x.avg.u.avcdn.netIN CNAMEiavs9x4.u.avcdn.net.edgesuite.netiavs9x4.u.avcdn.net.edgesuite.netIN CNAMEa117.dscd.akamai.neta117.dscd.akamai.netIN AAAA2a02:26f0:1780:5::216:902ba117.dscd.akamai.netIN AAAA2a02:26f0:1780:5::216:9007
-
Remote address:8.8.8.8:53Requestg5856219.iavs9x.avg.u.avcdn.netIN AAAAResponseg5856219.iavs9x.avg.u.avcdn.netIN CNAMEiavs9x4.u.avcdn.net.edgesuite.netiavs9x4.u.avcdn.net.edgesuite.netIN CNAMEa117.dscd.akamai.neta117.dscd.akamai.netIN AAAA2a02:26f0:1780:5::216:9007a117.dscd.akamai.netIN AAAA2a02:26f0:1780:5::216:902b
-
Remote address:8.8.8.8:53Requestl9346865.iavs9x.avg.u.avcdn.netIN AAAAResponsel9346865.iavs9x.avg.u.avcdn.netIN CNAMEiavs9x4.u.avcdn.net.edgesuite.netiavs9x4.u.avcdn.net.edgesuite.netIN CNAMEa117.dscd.akamai.neta117.dscd.akamai.netIN AAAA2a02:26f0:1780:5::216:9007a117.dscd.akamai.netIN AAAA2a02:26f0:1780:5::216:902b
-
Remote address:8.8.8.8:53Requestl9518228.iavs9x.avg.u.avcdn.netIN AAAAResponsel9518228.iavs9x.avg.u.avcdn.netIN CNAMEiavs9x4.u.avcdn.net.edgesuite.netiavs9x4.u.avcdn.net.edgesuite.netIN CNAMEa117.dscd.akamai.neta117.dscd.akamai.netIN AAAA2a02:26f0:1780:5::216:902ba117.dscd.akamai.netIN AAAA2a02:26f0:1780:5::216:9007
-
Remote address:8.8.8.8:53Requests-iavs9x.avcdn.netIN AAAAResponses-iavs9x.avcdn.netIN CNAMEfallbackupdates.avcdn.net.edgekey.netfallbackupdates.avcdn.net.edgekey.netIN CNAMEe9229.dscd.akamaiedge.nete9229.dscd.akamaiedge.netIN AAAA2a02:26f0:5700:19d::240de9229.dscd.akamaiedge.netIN AAAA2a02:26f0:5700:182::240d
-
Remote address:8.8.8.8:53Requests9788044.iavs9x.avg.u.avcdn.netIN AAAAResponses9788044.iavs9x.avg.u.avcdn.netIN CNAMEiavs9x4.u.avcdn.net.edgesuite.netiavs9x4.u.avcdn.net.edgesuite.netIN CNAMEa117.dscd.akamai.neta117.dscd.akamai.netIN AAAA2a02:26f0:1780:5::216:902ba117.dscd.akamai.netIN AAAA2a02:26f0:1780:5::216:9007
-
Remote address:8.8.8.8:53Requestb0017156.iavs9x.avg.u.avcdn.netIN AAAAResponseb0017156.iavs9x.avg.u.avcdn.netIN CNAMEiavs9x4.u.avcdn.net.edgesuite.netiavs9x4.u.avcdn.net.edgesuite.netIN CNAMEa117.dscd.akamai.neta117.dscd.akamai.netIN AAAA2a02:26f0:1780:5::216:902ba117.dscd.akamai.netIN AAAA2a02:26f0:1780:5::216:9007
-
Remote address:8.8.8.8:53Requestg5856219.iavs9x.avg.u.avcdn.netIN AAAAResponseg5856219.iavs9x.avg.u.avcdn.netIN CNAMEiavs9x4.u.avcdn.net.edgesuite.netiavs9x4.u.avcdn.net.edgesuite.netIN CNAMEa117.dscd.akamai.neta117.dscd.akamai.netIN AAAA2a02:26f0:1780:5::216:9007a117.dscd.akamai.netIN AAAA2a02:26f0:1780:5::216:902b
-
Remote address:8.8.8.8:53Requestl9346865.iavs9x.avg.u.avcdn.netIN AAAAResponsel9346865.iavs9x.avg.u.avcdn.netIN CNAMEiavs9x4.u.avcdn.net.edgesuite.netiavs9x4.u.avcdn.net.edgesuite.netIN CNAMEa117.dscd.akamai.neta117.dscd.akamai.netIN AAAA2a02:26f0:1780:5::216:9007a117.dscd.akamai.netIN AAAA2a02:26f0:1780:5::216:902b
-
Remote address:8.8.8.8:53Requestl9518228.iavs9x.avg.u.avcdn.netIN AAAAResponsel9518228.iavs9x.avg.u.avcdn.netIN CNAMEiavs9x4.u.avcdn.net.edgesuite.netiavs9x4.u.avcdn.net.edgesuite.netIN CNAMEa117.dscd.akamai.neta117.dscd.akamai.netIN AAAA2a02:26f0:1780:5::216:902ba117.dscd.akamai.netIN AAAA2a02:26f0:1780:5::216:9007
-
Remote address:8.8.8.8:53Requests-iavs9x.avcdn.netIN AAAAResponses-iavs9x.avcdn.netIN CNAMEfallbackupdates.avcdn.net.edgekey.netfallbackupdates.avcdn.net.edgekey.netIN CNAMEe9229.dscd.akamaiedge.nete9229.dscd.akamaiedge.netIN AAAA2a02:26f0:5700:182::240de9229.dscd.akamaiedge.netIN AAAA2a02:26f0:5700:19d::240d
-
Remote address:8.8.8.8:53Requests9788044.iavs9x.avg.u.avcdn.netIN AAAAResponses9788044.iavs9x.avg.u.avcdn.netIN CNAMEiavs9x4.u.avcdn.net.edgesuite.netiavs9x4.u.avcdn.net.edgesuite.netIN CNAMEa117.dscd.akamai.neta117.dscd.akamai.netIN AAAA2a02:26f0:1780:5::216:9007a117.dscd.akamai.netIN AAAA2a02:26f0:1780:5::216:902b
-
Remote address:23.73.139.81:80RequestGET /avg/iavs9x/servers.def.vpx HTTP/1.1
Host: s9788044.iavs9x.avg.u.avcdn.net
Accept: */*
User-Agent: avast! Antivirus (instup)
ResponseHTTP/1.1 200 OK
Content-Type: application/octet-stream
Content-Length: 1389
Last-Modified: Tue, 28 May 2024 09:45:54 GMT
ETag: "6655a7d2-56d"
Access-Control-Allow-Origin: *
x-cache-status: HIT
x-origin-cache: vpsorigin-cache-re-prod-001.europe-west1-b.ppp-lopst-vpsorigin-10
Accept-Ranges: bytes
Cache-Control: max-age=49
Expires: Wed, 12 Jun 2024 09:53:50 GMT
Date: Wed, 12 Jun 2024 09:53:01 GMT
Connection: keep-alive
-
Remote address:23.73.139.56:80RequestGET /avg/iavs9x/prod-pgm.vpx HTTP/1.1
Host: l9346865.iavs9x.avg.u.avcdn.net
Accept: */*
User-Agent: avast! Antivirus (instup)
ResponseHTTP/1.1 200 OK
Content-Type: application/octet-stream
Content-Length: 572
Last-Modified: Tue, 28 May 2024 09:45:56 GMT
ETag: "6655a7d4-23c"
Access-Control-Allow-Origin: *
x-cache-status: HIT
x-origin-cache: vpsorigin-cache-re-prod-001.europe-west1-b.ppp-lopst-vpsorigin-10
Accept-Ranges: bytes
Cache-Control: max-age=33
Expires: Wed, 12 Jun 2024 09:53:34 GMT
Date: Wed, 12 Jun 2024 09:53:01 GMT
Connection: keep-alive
-
Remote address:23.73.139.56:80RequestGET /avg/iavs9x/avbugreport_x64_ais-d08.vpx HTTP/1.1
Host: l9346865.iavs9x.avg.u.avcdn.net
Accept: */*
User-Agent: avast! Antivirus (instup)
ResponseHTTP/1.1 200 OK
Content-Type: application/octet-stream
Content-Length: 1447794
Last-Modified: Tue, 28 May 2024 09:42:03 GMT
ETag: "6655a6eb-161772"
Access-Control-Allow-Origin: *
x-cache-status: MISS
x-origin-cache: vpsorigin-cache-re-prod-001.europe-west1-b.ppp-lopst-vpsorigin-10
Accept-Ranges: bytes
Cache-Control: max-age=1640
Expires: Wed, 12 Jun 2024 10:20:22 GMT
Date: Wed, 12 Jun 2024 09:53:02 GMT
Connection: keep-alive
-
Remote address:23.73.139.56:80RequestGET /avg/iavs9x/avdump_x64_ais-d08.vpx HTTP/1.1
Host: l9346865.iavs9x.avg.u.avcdn.net
Accept: */*
User-Agent: avast! Antivirus (instup)
ResponseHTTP/1.1 200 OK
Content-Type: application/octet-stream
Content-Length: 1012134
Last-Modified: Tue, 28 May 2024 09:42:02 GMT
ETag: "6655a6ea-f71a6"
Access-Control-Allow-Origin: *
x-cache-status: MISS
x-origin-cache: vpsorigin-cache-re-prod-001.europe-west1-b.ppp-lopst-vpsorigin-10
Accept-Ranges: bytes
Cache-Control: max-age=1685
Expires: Wed, 12 Jun 2024 10:21:07 GMT
Date: Wed, 12 Jun 2024 09:53:02 GMT
Connection: keep-alive
-
Remote address:8.8.8.8:53Request56.139.73.23.in-addr.arpaIN PTRResponse56.139.73.23.in-addr.arpaIN PTRa23-73-139-56deploystaticakamaitechnologiescom
-
Remote address:23.73.139.56:80RequestGET /avg/iavs9x/avdump_x86_ais-d08.vpx HTTP/1.1
Host: l9346865.iavs9x.avg.u.avcdn.net
Accept: */*
User-Agent: avast! Antivirus (instup)
ResponseHTTP/1.1 200 OK
Content-Type: application/octet-stream
Content-Length: 931935
Last-Modified: Tue, 28 May 2024 09:42:00 GMT
ETag: "6655a6e8-e385f"
Access-Control-Allow-Origin: *
x-cache-status: MISS
x-origin-cache: vpsorigin-cache-re-prod-001.europe-west1-b.ppp-lopst-vpsorigin-10
Accept-Ranges: bytes
Cache-Control: max-age=1726
Expires: Wed, 12 Jun 2024 10:21:49 GMT
Date: Wed, 12 Jun 2024 09:53:03 GMT
Connection: keep-alive
-
Remote address:23.73.139.56:80RequestGET /avg/iavs9x/instcont_x64_ais-d08.vpx HTTP/1.1
Host: l9346865.iavs9x.avg.u.avcdn.net
Accept: */*
User-Agent: avast! Antivirus (instup)
ResponseHTTP/1.1 200 OK
Content-Type: application/octet-stream
Content-Length: 1029003
Last-Modified: Tue, 28 May 2024 09:42:02 GMT
ETag: "6655a6ea-fb38b"
Access-Control-Allow-Origin: *
x-cache-status: HIT
x-origin-cache: vpsorigin-cache-re-prod-001.europe-west1-b.ppp-lopst-vpsorigin-10
Accept-Ranges: bytes
Cache-Control: max-age=1647
Expires: Wed, 12 Jun 2024 10:20:30 GMT
Date: Wed, 12 Jun 2024 09:53:03 GMT
Connection: keep-alive
-
Remote address:23.73.139.56:80RequestGET /avg/iavs9x/instup_x64_ais-d08.vpx HTTP/1.1
Host: l9346865.iavs9x.avg.u.avcdn.net
Accept: */*
User-Agent: avast! Antivirus (instup)
ResponseHTTP/1.1 200 OK
Content-Type: application/octet-stream
Content-Length: 5643604
Last-Modified: Tue, 28 May 2024 09:42:08 GMT
ETag: "6655a6f0-561d54"
Access-Control-Allow-Origin: *
x-cache-status: MISS
x-origin-cache: vpsorigin-cache-re-prod-001.europe-west1-b.ppp-lopst-vpsorigin-10
Accept-Ranges: bytes
Cache-Control: max-age=2687
Expires: Wed, 12 Jun 2024 10:37:51 GMT
Date: Wed, 12 Jun 2024 09:53:04 GMT
Connection: keep-alive
-
Remote address:23.73.139.56:80RequestGET /avg/iavs9x/offertool_x64_ais-d08.vpx HTTP/1.1
Host: l9346865.iavs9x.avg.u.avcdn.net
Accept: */*
User-Agent: avast! Antivirus (instup)
ResponseHTTP/1.1 200 OK
Content-Type: application/octet-stream
Content-Length: 923096
Last-Modified: Tue, 28 May 2024 09:42:02 GMT
ETag: "6655a6ea-e15d8"
Access-Control-Allow-Origin: *
x-cache-status: REVALIDATED
x-origin-cache: vpsorigin-cache-re-prod-001.europe-west1-b.ppp-lopst-vpsorigin-10
Accept-Ranges: bytes
Cache-Control: max-age=2654
Expires: Wed, 12 Jun 2024 10:37:19 GMT
Date: Wed, 12 Jun 2024 09:53:05 GMT
Connection: keep-alive
-
Remote address:23.73.139.56:80RequestGET /avg/iavs9x/sbr_x64_ais-d08.vpx HTTP/1.1
Host: l9346865.iavs9x.avg.u.avcdn.net
Accept: */*
User-Agent: avast! Antivirus (instup)
ResponseHTTP/1.1 200 OK
Content-Type: application/octet-stream
Content-Length: 11708
Last-Modified: Tue, 28 May 2024 09:42:04 GMT
ETag: "6655a6ec-2dbc"
Access-Control-Allow-Origin: *
x-cache-status: REVALIDATED
x-origin-cache: vpsorigin-cache-re-prod-001.europe-west1-b.ppp-lopst-vpsorigin-10
Accept-Ranges: bytes
Cache-Control: max-age=1684
Expires: Wed, 12 Jun 2024 10:21:10 GMT
Date: Wed, 12 Jun 2024 09:53:06 GMT
Connection: keep-alive
-
Remote address:23.73.139.56:80RequestGET /avg/iavs9x/setgui_x64_ais-d08.vpx HTTP/1.1
Host: l9346865.iavs9x.avg.u.avcdn.net
Accept: */*
User-Agent: avast! Antivirus (instup)
ResponseHTTP/1.1 200 OK
Content-Type: application/octet-stream
Content-Length: 1427509
Last-Modified: Tue, 28 May 2024 09:42:02 GMT
ETag: "6655a6ea-15c835"
Access-Control-Allow-Origin: *
x-cache-status: REVALIDATED
x-origin-cache: vpsorigin-cache-re-prod-001.europe-west1-b.ppp-lopst-vpsorigin-10
Accept-Ranges: bytes
Cache-Control: max-age=1664
Expires: Wed, 12 Jun 2024 10:20:50 GMT
Date: Wed, 12 Jun 2024 09:53:06 GMT
Connection: keep-alive
-
Remote address:8.8.8.8:53Requestf4973661.iavs9x.avg.u.avcdn.netIN AResponsef4973661.iavs9x.avg.u.avcdn.netIN CNAMEiavs9x4.u.avcdn.net.edgesuite.netiavs9x4.u.avcdn.net.edgesuite.netIN CNAMEa117.dscd.akamai.neta117.dscd.akamai.netIN A23.73.139.56a117.dscd.akamai.netIN A23.73.139.81
-
Remote address:8.8.8.8:53Requestk6951768.iavs9x.avg.u.avcdn.netIN AResponsey1284511.iavs9x.avg.u.avcdn.netIN CNAMEiavs9x4.u.avcdn.net.edgesuite.netiavs9x4.u.avcdn.net.edgesuite.netIN CNAMEa117.dscd.akamai.neta117.dscd.akamai.netIN A23.73.139.56a117.dscd.akamai.netIN A23.73.139.81
-
Remote address:8.8.8.8:53Requestl8318517.iavs9x.avg.u.avcdn.netIN AResponses9788044.iavs9x.avg.u.avcdn.netIN CNAMEiavs9x4.u.avcdn.net.edgesuite.netiavs9x4.u.avcdn.net.edgesuite.netIN CNAMEa117.dscd.akamai.neta117.dscd.akamai.netIN A23.73.139.56a117.dscd.akamai.netIN A23.73.139.81
-
Remote address:8.8.8.8:53Requests-iavs9x.avcdn.netIN AResponses-iavs9x.avcdn.netIN CNAMEfallbackupdates.avcdn.net.edgekey.netfallbackupdates.avcdn.net.edgekey.netIN CNAMEe9229.dscd.akamaiedge.nete9229.dscd.akamaiedge.netIN A104.120.141.25
-
Remote address:8.8.8.8:53Requests9788044.iavs9x.avg.u.avcdn.netIN AResponsel8318517.iavs9x.avg.u.avcdn.netIN CNAMEiavs9x4.u.avcdn.net.edgesuite.netiavs9x4.u.avcdn.net.edgesuite.netIN CNAMEa117.dscd.akamai.neta117.dscd.akamai.netIN A23.73.139.56a117.dscd.akamai.netIN A23.73.139.81
-
Remote address:8.8.8.8:53Requesty1284511.iavs9x.avg.u.avcdn.netIN AResponsek6951768.iavs9x.avg.u.avcdn.netIN CNAMEiavs9x4.u.avcdn.net.edgesuite.netiavs9x4.u.avcdn.net.edgesuite.netIN CNAMEa117.dscd.akamai.neta117.dscd.akamai.netIN A23.73.139.56a117.dscd.akamai.netIN A23.73.139.81
-
Remote address:8.8.8.8:53Requestf4973661.iavs9x.avg.u.avcdn.netIN AResponsef4973661.iavs9x.avg.u.avcdn.netIN CNAMEiavs9x4.u.avcdn.net.edgesuite.netiavs9x4.u.avcdn.net.edgesuite.netIN CNAMEa117.dscd.akamai.neta117.dscd.akamai.netIN A23.73.139.81a117.dscd.akamai.netIN A23.73.139.56
-
Remote address:8.8.8.8:53Requestk6951768.iavs9x.avg.u.avcdn.netIN AResponsek6951768.iavs9x.avg.u.avcdn.netIN CNAMEiavs9x4.u.avcdn.net.edgesuite.netiavs9x4.u.avcdn.net.edgesuite.netIN CNAMEa117.dscd.akamai.neta117.dscd.akamai.netIN A23.73.139.56a117.dscd.akamai.netIN A23.73.139.81
-
Remote address:8.8.8.8:53Requestl8318517.iavs9x.avg.u.avcdn.netIN AResponsel8318517.iavs9x.avg.u.avcdn.netIN CNAMEiavs9x4.u.avcdn.net.edgesuite.netiavs9x4.u.avcdn.net.edgesuite.netIN CNAMEa117.dscd.akamai.neta117.dscd.akamai.netIN A23.73.139.56a117.dscd.akamai.netIN A23.73.139.81
-
Remote address:8.8.8.8:53Requests-iavs9x.avcdn.netIN AResponses-iavs9x.avcdn.netIN CNAMEfallbackupdates.avcdn.net.edgekey.netfallbackupdates.avcdn.net.edgekey.netIN CNAMEe9229.dscd.akamaiedge.nete9229.dscd.akamaiedge.netIN A104.120.141.25
-
Remote address:8.8.8.8:53Requests9788044.iavs9x.avg.u.avcdn.netIN AResponses9788044.iavs9x.avg.u.avcdn.netIN CNAMEiavs9x4.u.avcdn.net.edgesuite.netiavs9x4.u.avcdn.net.edgesuite.netIN CNAMEa117.dscd.akamai.neta117.dscd.akamai.netIN A23.73.139.56a117.dscd.akamai.netIN A23.73.139.81
-
Remote address:8.8.8.8:53Requesty1284511.iavs9x.avg.u.avcdn.netIN AResponsey1284511.iavs9x.avg.u.avcdn.netIN CNAMEiavs9x4.u.avcdn.net.edgesuite.netiavs9x4.u.avcdn.net.edgesuite.netIN CNAMEa117.dscd.akamai.neta117.dscd.akamai.netIN A23.73.139.56a117.dscd.akamai.netIN A23.73.139.81
-
Remote address:8.8.8.8:53Requestf4973661.iavs9x.avg.u.avcdn.netIN AAAAResponsef4973661.iavs9x.avg.u.avcdn.netIN CNAMEiavs9x4.u.avcdn.net.edgesuite.netiavs9x4.u.avcdn.net.edgesuite.netIN CNAMEa117.dscd.akamai.neta117.dscd.akamai.netIN AAAA2a02:26f0:1780:5::216:9007a117.dscd.akamai.netIN AAAA2a02:26f0:1780:5::216:902b
-
Remote address:8.8.8.8:53Requestk6951768.iavs9x.avg.u.avcdn.netIN AAAAResponsel8318517.iavs9x.avg.u.avcdn.netIN CNAMEiavs9x4.u.avcdn.net.edgesuite.netiavs9x4.u.avcdn.net.edgesuite.netIN CNAMEa117.dscd.akamai.neta117.dscd.akamai.netIN AAAA2a02:26f0:1780:5::216:902ba117.dscd.akamai.netIN AAAA2a02:26f0:1780:5::216:9007
-
Remote address:8.8.8.8:53Requestl8318517.iavs9x.avg.u.avcdn.netIN AAAAResponsey1284511.iavs9x.avg.u.avcdn.netIN CNAMEiavs9x4.u.avcdn.net.edgesuite.netiavs9x4.u.avcdn.net.edgesuite.netIN CNAMEa117.dscd.akamai.neta117.dscd.akamai.netIN AAAA2a02:26f0:1780:5::216:902ba117.dscd.akamai.netIN AAAA2a02:26f0:1780:5::216:9007
-
Remote address:8.8.8.8:53Requests-iavs9x.avcdn.netIN AAAAResponses-iavs9x.avcdn.netIN CNAMEfallbackupdates.avcdn.net.edgekey.netfallbackupdates.avcdn.net.edgekey.netIN CNAMEe9229.dscd.akamaiedge.nete9229.dscd.akamaiedge.netIN AAAA2a02:26f0:5700:19d::240de9229.dscd.akamaiedge.netIN AAAA2a02:26f0:5700:182::240d
-
Remote address:8.8.8.8:53Requests9788044.iavs9x.avg.u.avcdn.netIN AAAAResponses9788044.iavs9x.avg.u.avcdn.netIN CNAMEiavs9x4.u.avcdn.net.edgesuite.netiavs9x4.u.avcdn.net.edgesuite.netIN CNAMEa117.dscd.akamai.neta117.dscd.akamai.netIN AAAA2a02:26f0:1780:5::216:9007a117.dscd.akamai.netIN AAAA2a02:26f0:1780:5::216:902b
-
Remote address:8.8.8.8:53Requesty1284511.iavs9x.avg.u.avcdn.netIN AAAAResponsek6951768.iavs9x.avg.u.avcdn.netIN CNAMEiavs9x4.u.avcdn.net.edgesuite.netiavs9x4.u.avcdn.net.edgesuite.netIN CNAMEa117.dscd.akamai.neta117.dscd.akamai.netIN AAAA2a02:26f0:1780:5::216:9007a117.dscd.akamai.netIN AAAA2a02:26f0:1780:5::216:902b
-
Remote address:8.8.8.8:53Requestf4973661.iavs9x.avg.u.avcdn.netIN AAAAResponsef4973661.iavs9x.avg.u.avcdn.netIN CNAMEiavs9x4.u.avcdn.net.edgesuite.netiavs9x4.u.avcdn.net.edgesuite.netIN CNAMEa117.dscd.akamai.neta117.dscd.akamai.netIN AAAA2a02:26f0:1780:5::216:9007a117.dscd.akamai.netIN AAAA2a02:26f0:1780:5::216:902b
-
Remote address:8.8.8.8:53Requestk6951768.iavs9x.avg.u.avcdn.netIN AAAAResponsek6951768.iavs9x.avg.u.avcdn.netIN CNAMEiavs9x4.u.avcdn.net.edgesuite.netiavs9x4.u.avcdn.net.edgesuite.netIN CNAMEa117.dscd.akamai.neta117.dscd.akamai.netIN AAAA2a02:26f0:1780:5::216:9007a117.dscd.akamai.netIN AAAA2a02:26f0:1780:5::216:902b
-
Remote address:8.8.8.8:53Requestl8318517.iavs9x.avg.u.avcdn.netIN AAAAResponsel8318517.iavs9x.avg.u.avcdn.netIN CNAMEiavs9x4.u.avcdn.net.edgesuite.netiavs9x4.u.avcdn.net.edgesuite.netIN CNAMEa117.dscd.akamai.neta117.dscd.akamai.netIN AAAA2a02:26f0:1780:5::216:9007a117.dscd.akamai.netIN AAAA2a02:26f0:1780:5::216:902b
-
Remote address:8.8.8.8:53Requests-iavs9x.avcdn.netIN AAAAResponses-iavs9x.avcdn.netIN CNAMEfallbackupdates.avcdn.net.edgekey.netfallbackupdates.avcdn.net.edgekey.netIN CNAMEe9229.dscd.akamaiedge.nete9229.dscd.akamaiedge.netIN AAAA2a02:26f0:5700:19d::240de9229.dscd.akamaiedge.netIN AAAA2a02:26f0:5700:182::240d
-
Remote address:8.8.8.8:53Requests9788044.iavs9x.avg.u.avcdn.netIN AAAAResponses9788044.iavs9x.avg.u.avcdn.netIN CNAMEiavs9x4.u.avcdn.net.edgesuite.netiavs9x4.u.avcdn.net.edgesuite.netIN CNAMEa117.dscd.akamai.neta117.dscd.akamai.netIN AAAA2a02:26f0:1780:5::216:9007a117.dscd.akamai.netIN AAAA2a02:26f0:1780:5::216:902b
-
Remote address:8.8.8.8:53Requesty1284511.iavs9x.avg.u.avcdn.netIN AAAAResponsey1284511.iavs9x.avg.u.avcdn.netIN CNAMEiavs9x4.u.avcdn.net.edgesuite.netiavs9x4.u.avcdn.net.edgesuite.netIN CNAMEa117.dscd.akamai.neta117.dscd.akamai.netIN AAAA2a02:26f0:1780:5::216:9007a117.dscd.akamai.netIN AAAA2a02:26f0:1780:5::216:902b
-
Remote address:23.73.139.56:80RequestGET /avg/iavs9x/prod-pgm.vpx HTTP/1.1
Host: k6951768.iavs9x.avg.u.avcdn.net
Accept: */*
User-Agent: avast! Antivirus (instup)
ResponseHTTP/1.1 200 OK
Content-Type: application/octet-stream
Content-Length: 572
Last-Modified: Tue, 28 May 2024 09:45:56 GMT
ETag: "6655a7d4-23c"
Access-Control-Allow-Origin: *
x-cache-status: HIT
x-origin-cache: vpsorigin-cache-re-prod-001.europe-west1-b.ppp-lopst-vpsorigin-10
Accept-Ranges: bytes
Cache-Control: max-age=25
Expires: Wed, 12 Jun 2024 09:53:34 GMT
Date: Wed, 12 Jun 2024 09:53:09 GMT
Connection: keep-alive
-
Remote address:8.8.8.8:53Requestd9217321.avi18tiny.u.avcdn.netIN AResponsen3338300.avi18tiny.u.avcdn.netIN CNAMEu4.avcdn.net.edgesuite.netu4.avcdn.net.edgesuite.netIN CNAMEa27.dscd.akamai.neta27.dscd.akamai.netIN A23.73.139.50a27.dscd.akamai.netIN A23.73.139.43
-
Remote address:8.8.8.8:53Requestn3338300.avi18tiny.u.avcdn.netIN AResponses-avi18tiny.avcdn.netIN CNAMEfallbackupdates.avcdn.net.edgekey.netfallbackupdates.avcdn.net.edgekey.netIN CNAMEe9229.dscd.akamaiedge.nete9229.dscd.akamaiedge.netIN A104.120.141.25
-
Remote address:8.8.8.8:53Requests-avi18tiny.avcdn.netIN AResponsed9217321.avi18tiny.u.avcdn.netIN CNAMEu4.avcdn.net.edgesuite.netu4.avcdn.net.edgesuite.netIN CNAMEa27.dscd.akamai.neta27.dscd.akamai.netIN A23.73.139.43a27.dscd.akamai.netIN A23.73.139.50
-
Remote address:8.8.8.8:53Requests9788044.avi18tiny.u.avcdn.netIN AResponsex1281465.avi18tiny.u.avcdn.netIN CNAMEu4.avcdn.net.edgesuite.netu4.avcdn.net.edgesuite.netIN CNAMEa27.dscd.akamai.neta27.dscd.akamai.netIN A23.73.139.50a27.dscd.akamai.netIN A23.73.139.43
-
Remote address:8.8.8.8:53Requestx1281465.avi18tiny.u.avcdn.netIN AResponses9788044.avi18tiny.u.avcdn.netIN CNAMEu4.avcdn.net.edgesuite.netu4.avcdn.net.edgesuite.netIN CNAMEa27.dscd.akamai.neta27.dscd.akamai.netIN A23.73.139.43a27.dscd.akamai.netIN A23.73.139.50
-
Remote address:8.8.8.8:53Requesty7637820.avi18tiny.u.avcdn.netIN AResponsey7637820.avi18tiny.u.avcdn.netIN CNAMEu4.avcdn.net.edgesuite.netu4.avcdn.net.edgesuite.netIN CNAMEa27.dscd.akamai.neta27.dscd.akamai.netIN A23.73.139.50a27.dscd.akamai.netIN A23.73.139.43
-
Remote address:8.8.8.8:53Requestd9217321.avi18tiny.u.avcdn.netIN AResponsed9217321.avi18tiny.u.avcdn.netIN CNAMEu4.avcdn.net.edgesuite.netu4.avcdn.net.edgesuite.netIN CNAMEa27.dscd.akamai.neta27.dscd.akamai.netIN A23.73.139.50a27.dscd.akamai.netIN A23.73.139.43
-
Remote address:8.8.8.8:53Requestn3338300.avi18tiny.u.avcdn.netIN AResponsen3338300.avi18tiny.u.avcdn.netIN CNAMEu4.avcdn.net.edgesuite.netu4.avcdn.net.edgesuite.netIN CNAMEa27.dscd.akamai.neta27.dscd.akamai.netIN A23.73.139.50a27.dscd.akamai.netIN A23.73.139.43
-
Remote address:8.8.8.8:53Requests-avi18tiny.avcdn.netIN AResponses-avi18tiny.avcdn.netIN CNAMEfallbackupdates.avcdn.net.edgekey.netfallbackupdates.avcdn.net.edgekey.netIN CNAMEe9229.dscd.akamaiedge.nete9229.dscd.akamaiedge.netIN A104.120.141.25
-
Remote address:8.8.8.8:53Requests9788044.avi18tiny.u.avcdn.netIN AResponses9788044.avi18tiny.u.avcdn.netIN CNAMEu4.avcdn.net.edgesuite.netu4.avcdn.net.edgesuite.netIN CNAMEa27.dscd.akamai.neta27.dscd.akamai.netIN A23.73.139.50a27.dscd.akamai.netIN A23.73.139.43
-
Remote address:8.8.8.8:53Requestx1281465.avi18tiny.u.avcdn.netIN AResponsex1281465.avi18tiny.u.avcdn.netIN CNAMEu4.avcdn.net.edgesuite.netu4.avcdn.net.edgesuite.netIN CNAMEa27.dscd.akamai.neta27.dscd.akamai.netIN A23.73.139.50a27.dscd.akamai.netIN A23.73.139.43
-
Remote address:8.8.8.8:53Requesty7637820.avi18tiny.u.avcdn.netIN AResponsey7637820.avi18tiny.u.avcdn.netIN CNAMEu4.avcdn.net.edgesuite.netu4.avcdn.net.edgesuite.netIN CNAMEa27.dscd.akamai.neta27.dscd.akamai.netIN A23.73.139.50a27.dscd.akamai.netIN A23.73.139.43
-
Remote address:8.8.8.8:53Requestd9217321.avi18tiny.u.avcdn.netIN AAAAResponsey7637820.avi18tiny.u.avcdn.netIN CNAMEu4.avcdn.net.edgesuite.netu4.avcdn.net.edgesuite.netIN CNAMEa27.dscd.akamai.neta27.dscd.akamai.netIN AAAA2a02:26f0:1780:5::216:9027a27.dscd.akamai.netIN AAAA2a02:26f0:1780:5::216:901f
-
Remote address:8.8.8.8:53Requestn3338300.avi18tiny.u.avcdn.netIN AAAAResponsex1281465.avi18tiny.u.avcdn.netIN CNAMEu4.avcdn.net.edgesuite.netu4.avcdn.net.edgesuite.netIN CNAMEa27.dscd.akamai.neta27.dscd.akamai.netIN AAAA2a02:26f0:1780:5::216:9027a27.dscd.akamai.netIN AAAA2a02:26f0:1780:5::216:901f
-
Remote address:8.8.8.8:53Requests-avi18tiny.avcdn.netIN AAAAResponses9788044.avi18tiny.u.avcdn.netIN CNAMEu4.avcdn.net.edgesuite.netu4.avcdn.net.edgesuite.netIN CNAMEa27.dscd.akamai.neta27.dscd.akamai.netIN AAAA2a02:26f0:1780:5::216:901fa27.dscd.akamai.netIN AAAA2a02:26f0:1780:5::216:9027
-
Remote address:8.8.8.8:53Requests9788044.avi18tiny.u.avcdn.netIN AAAAResponsed9217321.avi18tiny.u.avcdn.netIN CNAMEu4.avcdn.net.edgesuite.netu4.avcdn.net.edgesuite.netIN CNAMEa27.dscd.akamai.neta27.dscd.akamai.netIN AAAA2a02:26f0:1780:5::216:901fa27.dscd.akamai.netIN AAAA2a02:26f0:1780:5::216:9027
-
Remote address:8.8.8.8:53Requestx1281465.avi18tiny.u.avcdn.netIN AAAAResponsen3338300.avi18tiny.u.avcdn.netIN CNAMEu4.avcdn.net.edgesuite.netu4.avcdn.net.edgesuite.netIN CNAMEa27.dscd.akamai.neta27.dscd.akamai.netIN AAAA2a02:26f0:1780:5::216:9027a27.dscd.akamai.netIN AAAA2a02:26f0:1780:5::216:901f
-
Remote address:8.8.8.8:53Requesty7637820.avi18tiny.u.avcdn.netIN AAAAResponses-avi18tiny.avcdn.netIN CNAMEfallbackupdates.avcdn.net.edgekey.netfallbackupdates.avcdn.net.edgekey.netIN CNAMEe9229.dscd.akamaiedge.nete9229.dscd.akamaiedge.netIN AAAA2a02:26f0:5700:19d::240de9229.dscd.akamaiedge.netIN AAAA2a02:26f0:5700:182::240d
-
Remote address:8.8.8.8:53Requestd9217321.avi18tiny.u.avcdn.netIN AAAAResponsed9217321.avi18tiny.u.avcdn.netIN CNAMEu4.avcdn.net.edgesuite.netu4.avcdn.net.edgesuite.netIN CNAMEa27.dscd.akamai.neta27.dscd.akamai.netIN AAAA2a02:26f0:1780:5::216:9027a27.dscd.akamai.netIN AAAA2a02:26f0:1780:5::216:901f
-
Remote address:8.8.8.8:53Requestn3338300.avi18tiny.u.avcdn.netIN AAAAResponsen3338300.avi18tiny.u.avcdn.netIN CNAMEu4.avcdn.net.edgesuite.netu4.avcdn.net.edgesuite.netIN CNAMEa27.dscd.akamai.neta27.dscd.akamai.netIN AAAA2a02:26f0:1780:5::216:9027a27.dscd.akamai.netIN AAAA2a02:26f0:1780:5::216:901f
-
Remote address:8.8.8.8:53Requests-avi18tiny.avcdn.netIN AAAAResponses-avi18tiny.avcdn.netIN CNAMEfallbackupdates.avcdn.net.edgekey.netfallbackupdates.avcdn.net.edgekey.netIN CNAMEe9229.dscd.akamaiedge.nete9229.dscd.akamaiedge.netIN AAAA2a02:26f0:5700:182::240de9229.dscd.akamaiedge.netIN AAAA2a02:26f0:5700:19d::240d
-
Remote address:8.8.8.8:53Requests9788044.avi18tiny.u.avcdn.netIN AAAAResponses9788044.avi18tiny.u.avcdn.netIN CNAMEu4.avcdn.net.edgesuite.netu4.avcdn.net.edgesuite.netIN CNAMEa27.dscd.akamai.neta27.dscd.akamai.netIN AAAA2a02:26f0:1780:5::216:9027a27.dscd.akamai.netIN AAAA2a02:26f0:1780:5::216:901f
-
Remote address:8.8.8.8:53Requestx1281465.avi18tiny.u.avcdn.netIN AAAAResponsex1281465.avi18tiny.u.avcdn.netIN CNAMEu4.avcdn.net.edgesuite.netu4.avcdn.net.edgesuite.netIN CNAMEa27.dscd.akamai.neta27.dscd.akamai.netIN AAAA2a02:26f0:1780:5::216:9027a27.dscd.akamai.netIN AAAA2a02:26f0:1780:5::216:901f
-
Remote address:8.8.8.8:53Requesty7637820.avi18tiny.u.avcdn.netIN AAAAResponsey7637820.avi18tiny.u.avcdn.netIN CNAMEu4.avcdn.net.edgesuite.netu4.avcdn.net.edgesuite.netIN CNAMEa27.dscd.akamai.neta27.dscd.akamai.netIN AAAA2a02:26f0:1780:5::216:9027a27.dscd.akamai.netIN AAAA2a02:26f0:1780:5::216:901f
-
Remote address:23.73.139.50:80RequestGET /avi18tiny/prod-vps.vpx HTTP/1.1
Host: x1281465.avi18tiny.u.avcdn.net
Accept: */*
User-Agent: avast! Antivirus (instup)
ResponseHTTP/1.1 200 OK
Content-Type: application/octet-stream
Content-Length: 340
Last-Modified: Wed, 12 Jun 2024 07:27:03 GMT
ETag: "66694dc7-154"
Access-Control-Allow-Origin: *
x-cache-status: REVALIDATED
x-origin-cache: vpsorigin-cache-re-prod-001.europe-west1-b.ppp-lopst-vpsorigin-10
Accept-Ranges: bytes
Cache-Control: max-age=60
Expires: Wed, 12 Jun 2024 09:54:09 GMT
Date: Wed, 12 Jun 2024 09:53:09 GMT
Connection: keep-alive
-
Remote address:23.73.139.50:80RequestGET /avi18tiny/part-jrog2-79.vpx HTTP/1.1
Host: x1281465.avi18tiny.u.avcdn.net
Accept: */*
User-Agent: avast! Antivirus (instup)
ResponseHTTP/1.1 200 OK
Content-Type: application/octet-stream
Content-Length: 211
Last-Modified: Wed, 12 Jun 2024 07:27:01 GMT
ETag: "66694dc5-d3"
Access-Control-Allow-Origin: *
x-cache-status: MISS
x-origin-cache: vpsorigin-cache-re-prod-001.europe-west1-b.ppp-lopst-vpsorigin-10
Accept-Ranges: bytes
Cache-Control: max-age=3220
Expires: Wed, 12 Jun 2024 10:46:49 GMT
Date: Wed, 12 Jun 2024 09:53:09 GMT
Connection: keep-alive
-
Remote address:23.73.139.50:80RequestGET /avi18tiny/part-vps_windows-24061199.vpx HTTP/1.1
Host: x1281465.avi18tiny.u.avcdn.net
Accept: */*
User-Agent: avast! Antivirus (instup)
ResponseHTTP/1.1 200 OK
Content-Type: application/octet-stream
Content-Length: 7408
Last-Modified: Wed, 12 Jun 2024 07:27:02 GMT
ETag: "66694dc6-1cf0"
Access-Control-Allow-Origin: *
x-cache-status: MISS
x-origin-cache: vpsorigin-cache-re-prod-001.europe-west1-b.ppp-lopst-vpsorigin-10
Accept-Ranges: bytes
Cache-Control: max-age=2746
Expires: Wed, 12 Jun 2024 10:38:56 GMT
Date: Wed, 12 Jun 2024 09:53:10 GMT
Connection: keep-alive
-
Remote address:8.8.8.8:53Requestshepherd.avcdn.netIN AAAAResponseshepherd.avcdn.netIN CNAMEshepherd.ff.avast.comshepherd.ff.avast.comIN CNAMEshepherd-gcp.ff.avast.com
-
Remote address:34.160.176.28:443RequestPOST / HTTP/1.1
Connection: Keep-Alive
Content-Type: application/x-www-form-urlencoded
Host: shepherd.avcdn.net
User-Agent: Avast Antivirus
Content-Length: 219
ResponseHTTP/1.1 200 OK
Date: Wed, 12 Jun 2024 09:53:10 GMT
Content-Type: text/plain
Content-Length: 25592
AB-Tests: 921ba9e1-e8ab-4473-8916-6d120da28b76:B,AV-32666-v2-fake:a,dfc58839-be72-45b0-b5e8-6c31c27f4a30:A,oa-7820-v1-fake-blatny:a
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Config-Id, Config-Name, Config-Version, Segments, AB-Tests, TTL, TTL-Spread
Config-Id: 9
Config-Name: AVG-Windows-AV-Consumer_email-signatures_webshield-tls-processes---stage-1_release-20-percent-userbase_asb-and-chrome-since-21.2_version-23.2-and-higher-not-in-fr-de_avg-free_disabled-extensions-sideloading_21.10-and-newer_version-19.1-and-higher-in-gb_us_ca_nz_au_ipm_4932_opm_pus_fullscale_previous-version_version-18.6-and-higher_windows-8-and-higher_icarus-migration_avg-free-and-release_uk-gb_production_webshield.quic.block---fraction-test-setup_quic-sni-block-release_quic-on_emailscanner-ignored-processes_ipm-bau-v23.1-and-higher_version-20.5-and-higher_useopenidwebauth_streaming-updates-globalflags_devicewatcheron_version-20.9-and-higher_pups-in-avg---rollout_winre-bts_avg-forrelease-and-beta-24.4_smartscan-free-win10-antivirus_aosstorelink_enableddwm_enablehns3_performator_avg-r24-4---r24-5_fs-and-idp-integration_cef-91_cefsettings-on_new-installation_opening-browser-onboarding_opm_burger_tracking_limitation_productversion-higher-23.2-and-country-not-in-fr-de_multidetection_ipm_6515_6516_vps_sites_test_b_ipm_6513_open_ui_a-3d4b04f301b1ff8b358c89a2ba8f12f0826d032b4371ee7c5e238e1863fea24a
Config-Version: 2089
Segments: email signatures,webshield tls processes - stage 1,release 20 percent userbase,asb and chrome since 21.2,version 23.2 and higher not in fr de,avg free,disabled extensions sideloading,21.10 and newer,version 19.1 and higher in gb_us_ca_nz_au,ipm_4932_opm_pus_fullscale,previous version,version 18.6 and higher,windows 8 and higher,icarus migration,avg free and release,uk gb,production,webshield.quic.block - fraction test setup,quic sni block release,quic on,emailscanner ignored processes,ipm bau v23.1 and higher,version 20.5 and higher,useopenidwebauth,streaming updates globalflags,devicewatcheron,version 20.9 and higher,pups in avg - rollout,winre bts,avg forrelease and beta 24.4,smartscan free win10 antivirus,aosstorelink,enableddwm,enablehns3,performator,avg r24 4 - r24 5,fs and idp integration,cef 91,cefsettings on,new installation,opening browser onboarding,opm_burger_tracking_limitation,productversion higher 23.2 and country not in fr de,multidetection,ipm_6515_6516_vps_sites_test_b,ipm_6513_open_ui_a
TTL: 60
TTL-Spread: 43200
Via: 1.1 google
Alt-Svc: clear
-
Remote address:8.8.8.8:53Request50.139.73.23.in-addr.arpaIN PTRResponse50.139.73.23.in-addr.arpaIN PTRa23-73-139-50deploystaticakamaitechnologiescom
-
Remote address:8.8.8.8:53Requestv7event.stats.avcdn.netIN AResponsev7event.stats.avcdn.netIN CNAMEanalytics.ff.avast.comanalytics.ff.avast.comIN CNAMEanalytics-prod-gcp.ff.avast.comanalytics-prod-gcp.ff.avast.comIN A34.117.223.223
-
Remote address:8.8.8.8:53Requestv7event.stats.avcdn.netIN AResponsev7event.stats.avcdn.netIN CNAMEanalytics.ff.avast.comanalytics.ff.avast.comIN CNAMEanalytics-prod-gcp.ff.avast.comanalytics-prod-gcp.ff.avast.comIN A34.117.223.223
-
Remote address:8.8.8.8:53Requestv7event.stats.avcdn.netIN AAAAResponsev7event.stats.avcdn.netIN CNAMEanalytics.ff.avast.comanalytics.ff.avast.comIN CNAMEanalytics-prod-gcp.ff.avast.com
-
Remote address:8.8.8.8:53Requestv7event.stats.avcdn.netIN AAAAResponsev7event.stats.avcdn.netIN CNAMEanalytics.ff.avast.comanalytics.ff.avast.comIN CNAMEanalytics-prod-gcp.ff.avast.com
-
Remote address:8.8.8.8:53Requestv7event.stats.avcdn.netIN AResponsev7event.stats.avcdn.netIN CNAMEanalytics.ff.avast.comanalytics.ff.avast.comIN CNAMEanalytics-prod-gcp.ff.avast.comanalytics-prod-gcp.ff.avast.comIN A34.117.223.223
-
Remote address:34.117.223.223:443RequestPOST /v4/receive/json/70 HTTP/1.1
Connection: Keep-Alive
Content-Type: application/json
User-Agent: Avast SimpleHttp/3.0
Content-Length: 494
Host: analytics.avcdn.net
ResponseHTTP/1.1 200 OK
Date: Wed, 12 Jun 2024 09:53:13 GMT
Content-Type: application/json
Content-Length: 19
Via: 1.1 google
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
-
Remote address:34.117.223.223:443RequestPOST /receive3 HTTP/1.1
Connection: Keep-Alive
Content-Type: application/x-enc-sb
Content-Encoding: gzip
User-Agent: Avast Antivirus
Content-Length: 559
Host: analytics.avcdn.net
ResponseHTTP/1.1 200 OK
Date: Wed, 12 Jun 2024 09:54:12 GMT
Content-Type: application/octet-stream
Content-Length: 24
X-ASW-Receiver-Ack: processed
Via: 1.1 google
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
-
Remote address:34.117.223.223:443RequestPOST /cgi-bin/iavsevents.cgi HTTP/1.1
Host: v7event.stats.avcdn.net
User-Agent: avast! Antivirus
Accept: */*
Content-MD5: Yjj7WLYosqFQU9Bu5rYR6w==
Content-Type: iavs4/stats
Content-Length: 327
ResponseHTTP/1.1 204 No Content
Date: Wed, 12 Jun 2024 09:53:13 GMT
Via: 1.1 google
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
-
Remote address:8.8.8.8:53Requestssl.google-analytics.comIN AResponsessl.google-analytics.comIN A142.250.180.8
-
Remote address:142.250.180.8:443RequestPOST /collect HTTP/1.1
Connection: Keep-Alive
User-Agent: Avast Antivirus
Content-Length: 439
Host: ssl.google-analytics.com
ResponseHTTP/1.1 200 OK
Date: Wed, 12 Jun 2024 09:53:14 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate
Last-Modified: Sun, 17 May 1998 03:00:00 GMT
X-Content-Type-Options: nosniff
Content-Type: image/gif
Cross-Origin-Resource-Policy: cross-origin
Server: Golfe2
Content-Length: 35
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
-
Remote address:8.8.8.8:53Requestipm.avcdn.netIN AResponseipm.avcdn.netIN CNAMEipm-provider.ff.avast.comipm-provider.ff.avast.comIN CNAMEipm-gcp-prod.ff.avast.comipm-gcp-prod.ff.avast.comIN A34.111.24.1
-
Remote address:8.8.8.8:53Requestipm.avcdn.netIN AResponseipm.avcdn.netIN CNAMEipm-provider.ff.avast.comipm-provider.ff.avast.comIN CNAMEipm-gcp-prod.ff.avast.comipm-gcp-prod.ff.avast.comIN A34.111.24.1
-
Remote address:8.8.8.8:53Request8.180.250.142.in-addr.arpaIN PTRResponse8.180.250.142.in-addr.arpaIN PTRlhr25s32-in-f81e100net
-
GEThttps://ipm.avcdn.net/?action=1&p_elm=76&p_pro=70&p_osv=10.0&p_cpua=x64&p_lid=en-us&repoid=avg&p_lan=1033&p_lng=en&p_vep=24&p_ves=5&p_vbd=3336&p_cnm=PXHSTPPU&p_hid=84c21b69-27f1-47fc-9d8f-99820cf029ac&p_bld=mmm_bav_tst_007_402_f&p_adp=0000&p_midex=E7AE39FA5EEE477481DC83EE66F9242B00000000000000000000000000000000&p_chs=5&p_chr=0&p_gccc=0&p_scr=intro&p_sbi=0&p_ram=8192&p_dpi=100&p_wndwidth=1010&p_wndheight=674&p_srid=0&p_pav=0instup.exeRemote address:34.111.24.1:443RequestGET /?action=1&p_elm=76&p_pro=70&p_osv=10.0&p_cpua=x64&p_lid=en-us&repoid=avg&p_lan=1033&p_lng=en&p_vep=24&p_ves=5&p_vbd=3336&p_cnm=PXHSTPPU&p_hid=84c21b69-27f1-47fc-9d8f-99820cf029ac&p_bld=mmm_bav_tst_007_402_f&p_adp=0000&p_midex=E7AE39FA5EEE477481DC83EE66F9242B00000000000000000000000000000000&p_chs=5&p_chr=0&p_gccc=0&p_scr=intro&p_sbi=0&p_ram=8192&p_dpi=100&p_wndwidth=1010&p_wndheight=674&p_srid=0&p_pav=0 HTTP/1.1
Cache-Control: no-cache
Connection: Keep-Alive
Pragma: no-cache
Accept: */*
User-Agent: htmlayout 3.3; above-Windows-7; www.terrainformatica.com )
Host: ipm.avcdn.net
ResponseHTTP/1.1 200 OK
Date: Wed, 12 Jun 2024 09:53:14 GMT
Content-Type: text/html
Content-Length: 27204
IPM-Asset-URL-659273231: https://ipmcdn.avast.com/images/banner/img-secure-browser-avg-v1.png
IPM-Asset-Base-URL: https://ipm-static.avcdn.net/content-assets-prod/,https://ipmcdn.avast.com/images/
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Content-Identifier: avgfree/en-ww/setup-avg-offer_secure-browser_variant-a.html
ETag: W/87c5508a
Set-Cookie: ViewCounter_ipm-10553-browser-offer-shared=1718185994; Max-Age=1728000; Expires=Tue, 02 Jul 2024 09:53:14 GMT; Secure; SameSite=None
Set-Cookie: ScreenName_76=avgfree/en-ww/setup-avg-offer_secure-browser_variant-a.html; Max-Age=3888000; Expires=Sat, 27 Jul 2024 09:53:14 GMT; Secure; SameSite=None
Set-Cookie: ClientId=59218e28-4f2e-4a9a-9c4b-0ab55991f817; Max-Age=63072000; Expires=Fri, 12 Jun 2026 09:53:14 GMT; Secure; SameSite=None
Set-Cookie: ViewCounter_ipm-10553-browser-offer-shared=1718185994; Max-Age=1728000; Expires=Tue, 02 Jul 2024 09:53:14 GMT; Secure; SameSite=None
Set-Cookie: ScreenName_76=avgfree/en-ww/setup-avg-offer_secure-browser_variant-a.html; Max-Age=3888000; Expires=Sat, 27 Jul 2024 09:53:14 GMT; Secure; SameSite=None
Set-Cookie: ClientId=59218e28-4f2e-4a9a-9c4b-0ab55991f817; Max-Age=63072000; Expires=Fri, 12 Jun 2026 09:53:14 GMT; Secure; SameSite=None
Via: 1.1 google
Alt-Svc: clear
-
Remote address:8.8.8.8:53Requestipmcdn.avast.comIN AResponseipmcdn.avast.comIN CNAMEipmcdn.avast.com.edgekey.netipmcdn.avast.com.edgekey.netIN CNAMEe13223.dscd.akamaiedge.nete13223.dscd.akamaiedge.netIN A2.22.15.85
-
Remote address:8.8.8.8:53Requestanalytics.ff.avast.comIN AResponseanalytics.ff.avast.comIN CNAMEanalytics-prod-gcp.ff.avast.comanalytics-prod-gcp.ff.avast.comIN A34.117.223.223
-
Remote address:8.8.8.8:53Requestssl.google-analytics.comIN AResponsessl.google-analytics.comIN A142.250.180.8
-
Remote address:8.8.8.8:53Requestanalytics.ff.avast.comIN AResponseanalytics.ff.avast.comIN CNAMEanalytics-prod-gcp.ff.avast.comanalytics-prod-gcp.ff.avast.comIN A34.117.223.223
-
GEThttps://ssl.google-analytics.com/collect?v=1&tid=UA-16796122-3&cid=84c21b69-27f1-47fc-9d8f-99820cf029ac&dh=ipm.avcdn.net&dp=avgfree%2Fen-gb%2Fsetup-avg-offer_secure-browser_variant-a.html&z=58148334&uid=E7AE39FA5EEE477481DC83EE66F9242B00000000000000000000000000000000&ds=ipm2&dt=setup-avg-offer_secure-browser_variant-a.html&ul=en-gb&cd5=avgfree%2Fen-gb%2Fsetup-avg-offer_secure-browser_variant-a.html&t=pageview&cg2=fn&cd1=fn&cd11=en&cd14=avgfree%2Fen-ww%2Fsetup-avg-offer_secure-browser_variant-a.html&cd16=0&cd17=en-us&cd18=0&cd28=ipm.avcdn.net&cd100=E7AE39FA5EEE477481DC83EE66F9242B00000000000000000000000000000000&cd101=70&cd102=24&cd103=5&cd104=3336&cd106=0&cd107=0&cd108=10.0&cd109=76&cd110=0&cd118=0&cd123=-1&cd127=8192&cd130=0&cd134=0&cd136=1&cd141=-1&cd142=0&cd148=8&cd153=0&cd170=setup_paid_intro&cd2=AVGFREE-0&cd3=24.5.3336.mmm_bav_tst_007_402_f&cd4=Paid%20Program%20%7C%20Licensed%20%7C%2076&cd12=en-ww&cd20=mmm_bav_tst_007_402_f&cd27=84c21b69-27f1-47fc-9d8f-99820cf029ac&cd41=84c21b69-27f1-47fc-9d8f-99820cf029ac&cd154=1&cd155=7&cd175=cba425b2-9d98-4bda-9d73-3477f6e05b85&cd176=cba425b2-9d98-4bda-9d73-3477f6e05b85instup.exeRemote address:142.250.180.8:443RequestGET /collect?v=1&tid=UA-16796122-3&cid=84c21b69-27f1-47fc-9d8f-99820cf029ac&dh=ipm.avcdn.net&dp=avgfree%2Fen-gb%2Fsetup-avg-offer_secure-browser_variant-a.html&z=58148334&uid=E7AE39FA5EEE477481DC83EE66F9242B00000000000000000000000000000000&ds=ipm2&dt=setup-avg-offer_secure-browser_variant-a.html&ul=en-gb&cd5=avgfree%2Fen-gb%2Fsetup-avg-offer_secure-browser_variant-a.html&t=pageview&cg2=fn&cd1=fn&cd11=en&cd14=avgfree%2Fen-ww%2Fsetup-avg-offer_secure-browser_variant-a.html&cd16=0&cd17=en-us&cd18=0&cd28=ipm.avcdn.net&cd100=E7AE39FA5EEE477481DC83EE66F9242B00000000000000000000000000000000&cd101=70&cd102=24&cd103=5&cd104=3336&cd106=0&cd107=0&cd108=10.0&cd109=76&cd110=0&cd118=0&cd123=-1&cd127=8192&cd130=0&cd134=0&cd136=1&cd141=-1&cd142=0&cd148=8&cd153=0&cd170=setup_paid_intro&cd2=AVGFREE-0&cd3=24.5.3336.mmm_bav_tst_007_402_f&cd4=Paid%20Program%20%7C%20Licensed%20%7C%2076&cd12=en-ww&cd20=mmm_bav_tst_007_402_f&cd27=84c21b69-27f1-47fc-9d8f-99820cf029ac&cd41=84c21b69-27f1-47fc-9d8f-99820cf029ac&cd154=1&cd155=7&cd175=cba425b2-9d98-4bda-9d73-3477f6e05b85&cd176=cba425b2-9d98-4bda-9d73-3477f6e05b85 HTTP/1.1
Cache-Control: no-cache
Connection: Keep-Alive
Pragma: no-cache
Accept: */*
User-Agent: htmlayout 3.3; above-Windows-7; www.terrainformatica.com )
Host: ssl.google-analytics.com
ResponseHTTP/1.1 200 OK
Pragma: no-cache
X-Content-Type-Options: nosniff
Cross-Origin-Resource-Policy: cross-origin
Server: Golfe2
Content-Length: 35
Date: Wed, 12 Jun 2024 09:05:03 GMT
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate
Age: 2892
Last-Modified: Sun, 17 May 1998 03:00:00 GMT
Content-Type: image/gif
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
-
Remote address:8.8.8.8:53Requestipmcdn.avast.comIN AResponseipmcdn.avast.comIN CNAMEipmcdn.avast.com.edgekey.netipmcdn.avast.com.edgekey.netIN CNAMEe13223.dscd.akamaiedge.nete13223.dscd.akamaiedge.netIN A2.22.15.85
-
GEThttps://analytics.ff.avast.com/v4/receive/get/json/10?data=%7B%22record%22%3A%5B%7B%22event%22%3A%7B%22type%22%3A10%2C%22subtype%22%3A2%2C%22request_id%22%3A%22cba425b2-9d98-4bda-9d73-3477f6e05b85%22%7D%2C%22identity%22%3A%7B%22guid%22%3A%2284c21b69-27f1-47fc-9d8f-99820cf029ac%22%2C%22hwid%22%3A%22E7AE39FA5EEE477481DC83EE66F9242B00000000000000000000000000000000%22%7D%2C%22product%22%3A%7B%22id%22%3A64%2C%22edition%22%3A15%2C%22lang%22%3A%22en-gb%22%2C%22version_app%22%3A%2224.5.3336.mmm_bav_tst_007_402_f%22%2C%22build%22%3A3336%2C%22ipm_product%22%3A70%7D%2C%22platform%22%3A%7B%22version%22%3A%2210.0%22%2C%22lang%22%3A%22en-gb%22%7D%2C%22license%22%3A%7B%22subscription_mode%22%3Afalse%2C%22stack%22%3A%22STACK_AVAST%22%2C%22gen_license%22%3A%7B%7D%7D%2C%22shepherd%22%3A%7B%7D%2C%22ab_test%22%3A%7B%7D%2C%22ipm%22%3A%7B%22common%22%3A%7B%22element%22%3A76%2C%22license_type%22%3A%22STANDARD%22%2C%22licensing_stage%22%3A%22LICENSED%22%2C%22customer_segment%22%3A%22FN%22%2C%22flow_id%22%3A%22cba425b2-9d98-4bda-9d73-3477f6e05b85%22%7D%2C%22content%22%3A%7B%22content_identifier%22%3A%22avgfree%2Fen-ww%2Fsetup-avg-offer_secure-browser_variant-a.html%22%2C%22content_type%22%3A%22SCREEN%22%2C%22screen_language%22%3A%22en%22%2C%22screen_name%22%3A%22setup-avg-offer_secure-browser_variant-a%22%7D%2C%22action%22%3A%7B%7D%7D%7D%5D%7Dinstup.exeRemote address:34.117.223.223:443RequestGET /v4/receive/get/json/10?data=%7B%22record%22%3A%5B%7B%22event%22%3A%7B%22type%22%3A10%2C%22subtype%22%3A2%2C%22request_id%22%3A%22cba425b2-9d98-4bda-9d73-3477f6e05b85%22%7D%2C%22identity%22%3A%7B%22guid%22%3A%2284c21b69-27f1-47fc-9d8f-99820cf029ac%22%2C%22hwid%22%3A%22E7AE39FA5EEE477481DC83EE66F9242B00000000000000000000000000000000%22%7D%2C%22product%22%3A%7B%22id%22%3A64%2C%22edition%22%3A15%2C%22lang%22%3A%22en-gb%22%2C%22version_app%22%3A%2224.5.3336.mmm_bav_tst_007_402_f%22%2C%22build%22%3A3336%2C%22ipm_product%22%3A70%7D%2C%22platform%22%3A%7B%22version%22%3A%2210.0%22%2C%22lang%22%3A%22en-gb%22%7D%2C%22license%22%3A%7B%22subscription_mode%22%3Afalse%2C%22stack%22%3A%22STACK_AVAST%22%2C%22gen_license%22%3A%7B%7D%7D%2C%22shepherd%22%3A%7B%7D%2C%22ab_test%22%3A%7B%7D%2C%22ipm%22%3A%7B%22common%22%3A%7B%22element%22%3A76%2C%22license_type%22%3A%22STANDARD%22%2C%22licensing_stage%22%3A%22LICENSED%22%2C%22customer_segment%22%3A%22FN%22%2C%22flow_id%22%3A%22cba425b2-9d98-4bda-9d73-3477f6e05b85%22%7D%2C%22content%22%3A%7B%22content_identifier%22%3A%22avgfree%2Fen-ww%2Fsetup-avg-offer_secure-browser_variant-a.html%22%2C%22content_type%22%3A%22SCREEN%22%2C%22screen_language%22%3A%22en%22%2C%22screen_name%22%3A%22setup-avg-offer_secure-browser_variant-a%22%7D%2C%22action%22%3A%7B%7D%7D%7D%5D%7D HTTP/1.1
Cache-Control: no-cache
Connection: Keep-Alive
Pragma: no-cache
Accept: */*
User-Agent: htmlayout 3.3; above-Windows-7; www.terrainformatica.com )
Host: analytics.ff.avast.com
ResponseHTTP/1.1 200 OK
Date: Wed, 12 Jun 2024 09:53:15 GMT
Content-Type: application/json
Content-Length: 19
Via: 1.1 google
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
-
Remote address:2.22.15.85:443RequestGET /images/banner/img-secure-browser-avg-v1.png HTTP/1.1
Cache-Control: no-cache
Connection: Keep-Alive
Pragma: no-cache
Accept: */*
User-Agent: htmlayout 3.3; above-Windows-7; www.terrainformatica.com )
Host: ipmcdn.avast.com
ResponseHTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 10878
Last-Modified: Thu, 17 Dec 2020 10:43:38 GMT
ETag: "5fdb365a-2a7e"
X-Cache-Status: REVALIDATED
X-Origin-Cache: vpsorigin-cache-re-prod-001.europe-west1-b.ppp-lopst-vpsorigin-10
Accept-Ranges: bytes
Cache-Control: max-age=3601
Expires: Wed, 12 Jun 2024 10:53:16 GMT
Date: Wed, 12 Jun 2024 09:53:15 GMT
Connection: keep-alive
Access-Control-Allow-Origin: *
-
Remote address:8.8.8.8:53Request1.24.111.34.in-addr.arpaIN PTRResponse1.24.111.34.in-addr.arpaIN PTR12411134bcgoogleusercontentcom
-
Remote address:8.8.8.8:53Request85.15.22.2.in-addr.arpaIN PTRResponse85.15.22.2.in-addr.arpaIN PTRa2-22-15-85deploystaticakamaitechnologiescom
-
Remote address:8.8.8.8:53Request29.243.111.52.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Request172.210.232.199.in-addr.arpaIN PTRResponse
-
34.117.223.223:80http://v7event.stats.avast.com/cgi-bin/iavsevents.cgihttpc4df16d335825ebfeaa2f812681a27032bd7e1e7ccaf0e6cad4cda6f25d40568.exe1.3kB 484 B 10 7
HTTP Request
POST http://v7event.stats.avast.com/cgi-bin/iavsevents.cgiHTTP Response
204HTTP Request
POST http://v7event.stats.avast.com/cgi-bin/iavsevents.cgiHTTP Response
204 -
216.58.213.14:80http://www.google-analytics.com/collecthttpc4df16d335825ebfeaa2f812681a27032bd7e1e7ccaf0e6cad4cda6f25d40568.exe999 B 1.6kB 10 8
HTTP Request
POST http://www.google-analytics.com/collectHTTP Response
200HTTP Request
POST http://www.google-analytics.com/collectHTTP Response
200 -
23.73.139.81:443iavs9x.avg.u.avcdn.nettlsc4df16d335825ebfeaa2f812681a27032bd7e1e7ccaf0e6cad4cda6f25d40568.exe677 B 4.2kB 8 9
-
204.79.197.237:443https://g.bing.com/neg/0?action=impression&rlink=https%3A%2F%2Fwww.bing.com%2Faclick%3Fld%3De8TzD80AXHemFM0p5li3gwezVUCUyd_ACmPOlMBeKmGfAvja8shH-WCVcWeaeHQYyzr4hCcAKuQcU-NZrmI32uWiOF8z2pKTAaK39MmKoTbu3p0zGoxP8u8wxTUpBxuAtTcr0mon3uu3N7yibL0260Aup6YOQ8avurh0Kj5-Kd_keW7zuw%26u%3DbWljcm9zb2Z0LWVkZ2UlM2FodHRwcyUzYSUyZiUyZnd3dy5taWNyb3NvZnQuY29tJTJmbWljcm9zb2Z0LTM2NSUyZm1pY3Jvc29mdC0zNjUtYmFzaWMtZmFxcyUzZk9DSUQlM2RjbW1sdWMyOWxxOQ%26rlid%3Dfaab1187f039144342cb77ef3b0a9d69&TIME=20240611T221026Z&CID=531098720&EID=&tids=15000&adUnitId=11730597&localId=w:8CE4F47C-62C1-CBA1-6083-4AA98427395E&deviceId=6825835407638640&muid=8CE4F47C62C1CBA160834AA98427395Etls, http22.5kB 9.0kB 20 17
HTTP Request
GET https://g.bing.com/neg/0?action=impression&rlink=https%3A%2F%2Fwww.bing.com%2Faclick%3Fld%3De8TzD80AXHemFM0p5li3gwezVUCUyd_ACmPOlMBeKmGfAvja8shH-WCVcWeaeHQYyzr4hCcAKuQcU-NZrmI32uWiOF8z2pKTAaK39MmKoTbu3p0zGoxP8u8wxTUpBxuAtTcr0mon3uu3N7yibL0260Aup6YOQ8avurh0Kj5-Kd_keW7zuw%26u%3DbWljcm9zb2Z0LWVkZ2UlM2FodHRwcyUzYSUyZiUyZnd3dy5taWNyb3NvZnQuY29tJTJmbWljcm9zb2Z0LTM2NSUyZm1pY3Jvc29mdC0zNjUtYmFzaWMtZmFxcyUzZk9DSUQlM2RjbW1sdWMyOWxxOQ%26rlid%3Dfaab1187f039144342cb77ef3b0a9d69&TIME=20240611T221026Z&CID=531098720&EID=531098720&tids=15000&adUnitId=11730597&localId=w:8CE4F47C-62C1-CBA1-6083-4AA98427395E&deviceId=6825835407638640&muid=8CE4F47C62C1CBA160834AA98427395EHTTP Response
204HTTP Request
GET https://g.bing.com/neg/0?action=impression&rlink=https%3A%2F%2Fwww.bing.com%2Faclick%3Fld%3De8TzD80AXHemFM0p5li3gwezVUCUyd_ACmPOlMBeKmGfAvja8shH-WCVcWeaeHQYyzr4hCcAKuQcU-NZrmI32uWiOF8z2pKTAaK39MmKoTbu3p0zGoxP8u8wxTUpBxuAtTcr0mon3uu3N7yibL0260Aup6YOQ8avurh0Kj5-Kd_keW7zuw%26u%3DbWljcm9zb2Z0LWVkZ2UlM2FodHRwcyUzYSUyZiUyZnd3dy5taWNyb3NvZnQuY29tJTJmbWljcm9zb2Z0LTM2NSUyZm1pY3Jvc29mdC0zNjUtYmFzaWMtZmFxcyUzZk9DSUQlM2RjbW1sdWMyOWxxOQ%26rlid%3Dfaab1187f039144342cb77ef3b0a9d69&TIME=20240611T221026Z&CID=531098720&EID=&tids=15000&adUnitId=11730597&localId=w:8CE4F47C-62C1-CBA1-6083-4AA98427395E&deviceId=6825835407638640&muid=8CE4F47C62C1CBA160834AA98427395EHTTP Response
204 -
88.221.83.218:443https://www.bing.com/aes/c.gif?RG=8d1e52730a014cfdbe18e33db04dd9d1&med=10&pubId=251978541&tids=15000&type=mv&reqver=1.0&TIME=20240611T221026Z&adUnitId=11730597&localId=w:8CE4F47C-62C1-CBA1-6083-4AA98427395E&deviceId=6825835407638640tls, http21.4kB 5.3kB 16 10
HTTP Request
GET https://www.bing.com/aes/c.gif?RG=8d1e52730a014cfdbe18e33db04dd9d1&med=10&pubId=251978541&tids=15000&type=mv&reqver=1.0&TIME=20240611T221026Z&adUnitId=11730597&localId=w:8CE4F47C-62C1-CBA1-6083-4AA98427395E&deviceId=6825835407638640HTTP Response
200 -
23.73.139.81:443iavs9x.avg.u.avcdn.nettlsc4df16d335825ebfeaa2f812681a27032bd7e1e7ccaf0e6cad4cda6f25d40568.exe677 B 4.2kB 8 9
-
23.73.139.81:443iavs9x.avg.u.avcdn.nettlsc4df16d335825ebfeaa2f812681a27032bd7e1e7ccaf0e6cad4cda6f25d40568.exe677 B 4.2kB 8 9
-
23.73.139.81:443iavs9x.avg.u.avcdn.nettlsc4df16d335825ebfeaa2f812681a27032bd7e1e7ccaf0e6cad4cda6f25d40568.exe677 B 4.2kB 8 9
-
23.73.139.81:443iavs9x.avg.u.avcdn.nettlsc4df16d335825ebfeaa2f812681a27032bd7e1e7ccaf0e6cad4cda6f25d40568.exe677 B 4.2kB 8 9
-
23.73.139.81:80http://iavs9x.avg.u.avcdn.net/avg/iavs9x/avg_antivirus_free_setup_x64.exehttpc4df16d335825ebfeaa2f812681a27032bd7e1e7ccaf0e6cad4cda6f25d40568.exe403.2kB 10.8MB 6023 7726
HTTP Request
GET http://iavs9x.avg.u.avcdn.net/avg/iavs9x/avg_antivirus_free_setup_x64.exeHTTP Response
200 -
216.58.213.14:80http://www.google-analytics.com/collect?aiid=mmm_bav_tst_007_402_f&an=Avg%20Free&av=24.5.9153&cd=stub-extended&cd3=Online&cid=84c21b69-27f1-47fc-9d8f-99820cf029ac&dt=Installation&t=screenview&tid=UA-58120669-4&v=1httpavg_antivirus_free_setup_x64.exe558 B 601 B 6 4
HTTP Request
GET http://www.google-analytics.com/collect?aiid=mmm_bav_tst_007_402_f&an=Avg%20Free&av=24.5.9153&cd=stub-extended&cd3=Online&cid=84c21b69-27f1-47fc-9d8f-99820cf029ac&dt=Installation&t=screenview&tid=UA-58120669-4&v=1HTTP Response
200 -
34.117.223.223:443https://v7event.stats.avcdn.net/cgi-bin/iavsevents.cgitls, httpavg_antivirus_free_setup_x64.exe2.2kB 5.9kB 14 12
HTTP Request
POST https://v7event.stats.avcdn.net/cgi-bin/iavsevents.cgiHTTP Response
204HTTP Request
POST https://v7event.stats.avcdn.net/cgi-bin/iavsevents.cgiHTTP Response
204 -
34.117.223.223:443https://analytics.avcdn.net/v4/receive/json/70tls, httpavg_antivirus_free_setup_x64.exe1.6kB 5.7kB 11 10
HTTP Request
POST https://analytics.avcdn.net/v4/receive/json/70HTTP Response
200 -
1.6kB 26.9kB 18 26
HTTP Request
POST https://shepherd.avcdn.net/HTTP Response
200 -
411 B 2.1kB 6 5
HTTP Request
GET http://s9788044.iavs9x.avg.u.avcdn.net/avg/iavs9x/servers.def.vpxHTTP Response
200 -
362 B 1.2kB 5 4
HTTP Request
GET http://l9346865.iavs9x.avg.u.avcdn.net/avg/iavs9x/prod-pgm.vpxHTTP Response
200 -
23.73.139.56:80http://l9346865.iavs9x.avg.u.avcdn.net/avg/iavs9x/avbugreport_x64_ais-d08.vpxhttpinstup.exe25.0kB 1.5MB 540 1073
HTTP Request
GET http://l9346865.iavs9x.avg.u.avcdn.net/avg/iavs9x/avbugreport_x64_ais-d08.vpxHTTP Response
200 -
23.73.139.56:80http://l9346865.iavs9x.avg.u.avcdn.net/avg/iavs9x/avdump_x64_ais-d08.vpxhttpinstup.exe17.6kB 1.0MB 380 754
HTTP Request
GET http://l9346865.iavs9x.avg.u.avcdn.net/avg/iavs9x/avdump_x64_ais-d08.vpxHTTP Response
200 -
23.73.139.56:80http://l9346865.iavs9x.avg.u.avcdn.net/avg/iavs9x/avdump_x86_ais-d08.vpxhttpinstup.exe16.3kB 960.2kB 351 696
HTTP Request
GET http://l9346865.iavs9x.avg.u.avcdn.net/avg/iavs9x/avdump_x86_ais-d08.vpxHTTP Response
200 -
23.73.139.56:80http://l9346865.iavs9x.avg.u.avcdn.net/avg/iavs9x/instcont_x64_ais-d08.vpxhttpinstup.exe17.9kB 1.1MB 387 768
HTTP Request
GET http://l9346865.iavs9x.avg.u.avcdn.net/avg/iavs9x/instcont_x64_ais-d08.vpxHTTP Response
200 -
23.73.139.56:80http://l9346865.iavs9x.avg.u.avcdn.net/avg/iavs9x/instup_x64_ais-d08.vpxhttpinstup.exe191.7kB 5.9MB 3126 4199
HTTP Request
GET http://l9346865.iavs9x.avg.u.avcdn.net/avg/iavs9x/instup_x64_ais-d08.vpxHTTP Response
200 -
23.73.139.56:80http://l9346865.iavs9x.avg.u.avcdn.net/avg/iavs9x/offertool_x64_ais-d08.vpxhttpinstup.exe16.2kB 951.2kB 349 691
HTTP Request
GET http://l9346865.iavs9x.avg.u.avcdn.net/avg/iavs9x/offertool_x64_ais-d08.vpxHTTP Response
200 -
23.73.139.56:80http://l9346865.iavs9x.avg.u.avcdn.net/avg/iavs9x/sbr_x64_ais-d08.vpxhttpinstup.exe553 B 12.7kB 9 12
HTTP Request
GET http://l9346865.iavs9x.avg.u.avcdn.net/avg/iavs9x/sbr_x64_ais-d08.vpxHTTP Response
200 -
23.73.139.56:80http://l9346865.iavs9x.avg.u.avcdn.net/avg/iavs9x/setgui_x64_ais-d08.vpxhttpinstup.exe24.7kB 1.5MB 534 1062
HTTP Request
GET http://l9346865.iavs9x.avg.u.avcdn.net/avg/iavs9x/setgui_x64_ais-d08.vpxHTTP Response
200 -
362 B 1.2kB 5 4
HTTP Request
GET http://k6951768.iavs9x.avg.u.avcdn.net/avg/iavs9x/prod-pgm.vpxHTTP Response
200 -
360 B 969 B 5 4
HTTP Request
GET http://x1281465.avi18tiny.u.avcdn.net/avi18tiny/prod-vps.vpxHTTP Response
200 -
365 B 834 B 5 4
HTTP Request
GET http://x1281465.avi18tiny.u.avcdn.net/avi18tiny/part-jrog2-79.vpxHTTP Response
200 -
23.73.139.50:80http://x1281465.avi18tiny.u.avcdn.net/avi18tiny/part-vps_windows-24061199.vpxhttpinstup.exe515 B 8.2kB 8 9
HTTP Request
GET http://x1281465.avi18tiny.u.avcdn.net/avi18tiny/part-vps_windows-24061199.vpxHTTP Response
200 -
1.7kB 34.7kB 21 31
HTTP Request
POST https://shepherd.avcdn.net/HTTP Response
200 -
2.3kB 6.1kB 12 12
HTTP Request
POST https://analytics.avcdn.net/v4/receive/json/70HTTP Response
200HTTP Request
POST https://analytics.avcdn.net/receive3HTTP Response
200 -
1.4kB 5.7kB 11 10
HTTP Request
POST https://v7event.stats.avcdn.net/cgi-bin/iavsevents.cgiHTTP Response
204 -
1.4kB 6.0kB 11 10
HTTP Request
POST https://ssl.google-analytics.com/collectHTTP Response
200 -
34.111.24.1:443https://ipm.avcdn.net/?action=1&p_elm=76&p_pro=70&p_osv=10.0&p_cpua=x64&p_lid=en-us&repoid=avg&p_lan=1033&p_lng=en&p_vep=24&p_ves=5&p_vbd=3336&p_cnm=PXHSTPPU&p_hid=84c21b69-27f1-47fc-9d8f-99820cf029ac&p_bld=mmm_bav_tst_007_402_f&p_adp=0000&p_midex=E7AE39FA5EEE477481DC83EE66F9242B00000000000000000000000000000000&p_chs=5&p_chr=0&p_gccc=0&p_scr=intro&p_sbi=0&p_ram=8192&p_dpi=100&p_wndwidth=1010&p_wndheight=674&p_srid=0&p_pav=0tls, httpinstup.exe1.9kB 35.5kB 21 33
HTTP Request
GET https://ipm.avcdn.net/?action=1&p_elm=76&p_pro=70&p_osv=10.0&p_cpua=x64&p_lid=en-us&repoid=avg&p_lan=1033&p_lng=en&p_vep=24&p_ves=5&p_vbd=3336&p_cnm=PXHSTPPU&p_hid=84c21b69-27f1-47fc-9d8f-99820cf029ac&p_bld=mmm_bav_tst_007_402_f&p_adp=0000&p_midex=E7AE39FA5EEE477481DC83EE66F9242B00000000000000000000000000000000&p_chs=5&p_chr=0&p_gccc=0&p_scr=intro&p_sbi=0&p_ram=8192&p_dpi=100&p_wndwidth=1010&p_wndheight=674&p_srid=0&p_pav=0HTTP Response
200 -
142.250.180.8:443https://ssl.google-analytics.com/collect?v=1&tid=UA-16796122-3&cid=84c21b69-27f1-47fc-9d8f-99820cf029ac&dh=ipm.avcdn.net&dp=avgfree%2Fen-gb%2Fsetup-avg-offer_secure-browser_variant-a.html&z=58148334&uid=E7AE39FA5EEE477481DC83EE66F9242B00000000000000000000000000000000&ds=ipm2&dt=setup-avg-offer_secure-browser_variant-a.html&ul=en-gb&cd5=avgfree%2Fen-gb%2Fsetup-avg-offer_secure-browser_variant-a.html&t=pageview&cg2=fn&cd1=fn&cd11=en&cd14=avgfree%2Fen-ww%2Fsetup-avg-offer_secure-browser_variant-a.html&cd16=0&cd17=en-us&cd18=0&cd28=ipm.avcdn.net&cd100=E7AE39FA5EEE477481DC83EE66F9242B00000000000000000000000000000000&cd101=70&cd102=24&cd103=5&cd104=3336&cd106=0&cd107=0&cd108=10.0&cd109=76&cd110=0&cd118=0&cd123=-1&cd127=8192&cd130=0&cd134=0&cd136=1&cd141=-1&cd142=0&cd148=8&cd153=0&cd170=setup_paid_intro&cd2=AVGFREE-0&cd3=24.5.3336.mmm_bav_tst_007_402_f&cd4=Paid%20Program%20%7C%20Licensed%20%7C%2076&cd12=en-ww&cd20=mmm_bav_tst_007_402_f&cd27=84c21b69-27f1-47fc-9d8f-99820cf029ac&cd41=84c21b69-27f1-47fc-9d8f-99820cf029ac&cd154=1&cd155=7&cd175=cba425b2-9d98-4bda-9d73-3477f6e05b85&cd176=cba425b2-9d98-4bda-9d73-3477f6e05b85tls, httpinstup.exe2.1kB 6.0kB 10 9
HTTP Request
GET https://ssl.google-analytics.com/collect?v=1&tid=UA-16796122-3&cid=84c21b69-27f1-47fc-9d8f-99820cf029ac&dh=ipm.avcdn.net&dp=avgfree%2Fen-gb%2Fsetup-avg-offer_secure-browser_variant-a.html&z=58148334&uid=E7AE39FA5EEE477481DC83EE66F9242B00000000000000000000000000000000&ds=ipm2&dt=setup-avg-offer_secure-browser_variant-a.html&ul=en-gb&cd5=avgfree%2Fen-gb%2Fsetup-avg-offer_secure-browser_variant-a.html&t=pageview&cg2=fn&cd1=fn&cd11=en&cd14=avgfree%2Fen-ww%2Fsetup-avg-offer_secure-browser_variant-a.html&cd16=0&cd17=en-us&cd18=0&cd28=ipm.avcdn.net&cd100=E7AE39FA5EEE477481DC83EE66F9242B00000000000000000000000000000000&cd101=70&cd102=24&cd103=5&cd104=3336&cd106=0&cd107=0&cd108=10.0&cd109=76&cd110=0&cd118=0&cd123=-1&cd127=8192&cd130=0&cd134=0&cd136=1&cd141=-1&cd142=0&cd148=8&cd153=0&cd170=setup_paid_intro&cd2=AVGFREE-0&cd3=24.5.3336.mmm_bav_tst_007_402_f&cd4=Paid%20Program%20%7C%20Licensed%20%7C%2076&cd12=en-ww&cd20=mmm_bav_tst_007_402_f&cd27=84c21b69-27f1-47fc-9d8f-99820cf029ac&cd41=84c21b69-27f1-47fc-9d8f-99820cf029ac&cd154=1&cd155=7&cd175=cba425b2-9d98-4bda-9d73-3477f6e05b85&cd176=cba425b2-9d98-4bda-9d73-3477f6e05b85HTTP Response
200 -
34.117.223.223:443https://analytics.ff.avast.com/v4/receive/get/json/10?data=%7B%22record%22%3A%5B%7B%22event%22%3A%7B%22type%22%3A10%2C%22subtype%22%3A2%2C%22request_id%22%3A%22cba425b2-9d98-4bda-9d73-3477f6e05b85%22%7D%2C%22identity%22%3A%7B%22guid%22%3A%2284c21b69-27f1-47fc-9d8f-99820cf029ac%22%2C%22hwid%22%3A%22E7AE39FA5EEE477481DC83EE66F9242B00000000000000000000000000000000%22%7D%2C%22product%22%3A%7B%22id%22%3A64%2C%22edition%22%3A15%2C%22lang%22%3A%22en-gb%22%2C%22version_app%22%3A%2224.5.3336.mmm_bav_tst_007_402_f%22%2C%22build%22%3A3336%2C%22ipm_product%22%3A70%7D%2C%22platform%22%3A%7B%22version%22%3A%2210.0%22%2C%22lang%22%3A%22en-gb%22%7D%2C%22license%22%3A%7B%22subscription_mode%22%3Afalse%2C%22stack%22%3A%22STACK_AVAST%22%2C%22gen_license%22%3A%7B%7D%7D%2C%22shepherd%22%3A%7B%7D%2C%22ab_test%22%3A%7B%7D%2C%22ipm%22%3A%7B%22common%22%3A%7B%22element%22%3A76%2C%22license_type%22%3A%22STANDARD%22%2C%22licensing_stage%22%3A%22LICENSED%22%2C%22customer_segment%22%3A%22FN%22%2C%22flow_id%22%3A%22cba425b2-9d98-4bda-9d73-3477f6e05b85%22%7D%2C%22content%22%3A%7B%22content_identifier%22%3A%22avgfree%2Fen-ww%2Fsetup-avg-offer_secure-browser_variant-a.html%22%2C%22content_type%22%3A%22SCREEN%22%2C%22screen_language%22%3A%22en%22%2C%22screen_name%22%3A%22setup-avg-offer_secure-browser_variant-a%22%7D%2C%22action%22%3A%7B%7D%7D%7D%5D%7Dtls, httpinstup.exe2.3kB 5.7kB 11 10
HTTP Request
GET https://analytics.ff.avast.com/v4/receive/get/json/10?data=%7B%22record%22%3A%5B%7B%22event%22%3A%7B%22type%22%3A10%2C%22subtype%22%3A2%2C%22request_id%22%3A%22cba425b2-9d98-4bda-9d73-3477f6e05b85%22%7D%2C%22identity%22%3A%7B%22guid%22%3A%2284c21b69-27f1-47fc-9d8f-99820cf029ac%22%2C%22hwid%22%3A%22E7AE39FA5EEE477481DC83EE66F9242B00000000000000000000000000000000%22%7D%2C%22product%22%3A%7B%22id%22%3A64%2C%22edition%22%3A15%2C%22lang%22%3A%22en-gb%22%2C%22version_app%22%3A%2224.5.3336.mmm_bav_tst_007_402_f%22%2C%22build%22%3A3336%2C%22ipm_product%22%3A70%7D%2C%22platform%22%3A%7B%22version%22%3A%2210.0%22%2C%22lang%22%3A%22en-gb%22%7D%2C%22license%22%3A%7B%22subscription_mode%22%3Afalse%2C%22stack%22%3A%22STACK_AVAST%22%2C%22gen_license%22%3A%7B%7D%7D%2C%22shepherd%22%3A%7B%7D%2C%22ab_test%22%3A%7B%7D%2C%22ipm%22%3A%7B%22common%22%3A%7B%22element%22%3A76%2C%22license_type%22%3A%22STANDARD%22%2C%22licensing_stage%22%3A%22LICENSED%22%2C%22customer_segment%22%3A%22FN%22%2C%22flow_id%22%3A%22cba425b2-9d98-4bda-9d73-3477f6e05b85%22%7D%2C%22content%22%3A%7B%22content_identifier%22%3A%22avgfree%2Fen-ww%2Fsetup-avg-offer_secure-browser_variant-a.html%22%2C%22content_type%22%3A%22SCREEN%22%2C%22screen_language%22%3A%22en%22%2C%22screen_name%22%3A%22setup-avg-offer_secure-browser_variant-a%22%7D%2C%22action%22%3A%7B%7D%7D%7D%5D%7DHTTP Response
200 -
2.22.15.85:443https://ipmcdn.avast.com/images/banner/img-secure-browser-avg-v1.pngtls, httpinstup.exe1.2kB 16.2kB 14 17
HTTP Request
GET https://ipmcdn.avast.com/images/banner/img-secure-browser-avg-v1.pngHTTP Response
200
-
8.8.8.8:53iavs9x.avg.u.avcdn.netdnsc4df16d335825ebfeaa2f812681a27032bd7e1e7ccaf0e6cad4cda6f25d40568.exe68 B 175 B 1 1
DNS Request
iavs9x.avg.u.avcdn.net
DNS Response
23.73.139.8123.73.139.56
-
8.8.8.8:53v7event.stats.avast.comdnsc4df16d335825ebfeaa2f812681a27032bd7e1e7ccaf0e6cad4cda6f25d40568.exe69 B 145 B 1 1
DNS Request
v7event.stats.avast.com
DNS Response
34.117.223.223
-
56 B 151 B 1 1
DNS Request
g.bing.com
DNS Response
204.79.197.23713.107.21.237
-
66 B 90 B 1 1
DNS Request
8.8.8.8.in-addr.arpa
-
72 B 141 B 1 1
DNS Request
14.213.58.216.in-addr.arpa
-
73 B 126 B 1 1
DNS Request
223.223.117.34.in-addr.arpa
-
71 B 135 B 1 1
DNS Request
81.139.73.23.in-addr.arpa
-
71 B 157 B 1 1
DNS Request
71.31.126.40.in-addr.arpa
-
73 B 143 B 1 1
DNS Request
237.197.79.204.in-addr.arpa
-
72 B 137 B 1 1
DNS Request
218.83.221.88.in-addr.arpa
-
69 B 154 B 1 1
DNS Request
v7event.stats.avcdn.net
DNS Response
34.117.223.223
-
65 B 150 B 1 1
DNS Request
analytics.avcdn.net
DNS Response
34.117.223.223
-
64 B 142 B 1 1
DNS Request
shepherd.avcdn.net
DNS Response
34.160.176.28
-
64 B 188 B 1 1
DNS Request
shepherd.avcdn.net
-
64 B 142 B 1 1
DNS Request
shepherd.avcdn.net
DNS Response
34.160.176.28
-
72 B 124 B 1 1
DNS Request
28.176.160.34.in-addr.arpa
-
515 B 1.1kB 6 6
DNS Request
b0017156.iavs9x.avg.u.avcdn.net
DNS Request
g5856219.iavs9x.avg.u.avcdn.net
DNS Request
l9346865.iavs9x.avg.u.avcdn.net
DNS Request
l9518228.iavs9x.avg.u.avcdn.net
DNS Request
s-iavs9x.avcdn.net
DNS Request
s9788044.iavs9x.avg.u.avcdn.net
DNS Response
104.120.141.25
DNS Response
23.73.139.8123.73.139.56
DNS Response
23.73.139.5623.73.139.81
DNS Response
23.73.139.5623.73.139.81
DNS Response
23.73.139.8123.73.139.56
DNS Response
23.73.139.5623.73.139.81
-
77 B 184 B 1 1
DNS Request
b0017156.iavs9x.avg.u.avcdn.net
DNS Response
23.73.139.5623.73.139.81
-
77 B 184 B 1 1
DNS Request
g5856219.iavs9x.avg.u.avcdn.net
DNS Response
23.73.139.5623.73.139.81
-
77 B 184 B 1 1
DNS Request
l9346865.iavs9x.avg.u.avcdn.net
DNS Response
23.73.139.5623.73.139.81
-
77 B 184 B 1 1
DNS Request
l9518228.iavs9x.avg.u.avcdn.net
DNS Response
23.73.139.5623.73.139.81
-
64 B 164 B 1 1
DNS Request
s-iavs9x.avcdn.net
DNS Response
104.120.141.25
-
77 B 184 B 1 1
DNS Request
s9788044.iavs9x.avg.u.avcdn.net
DNS Response
23.73.139.5623.73.139.81
-
515 B 1.3kB 6 6
DNS Request
b0017156.iavs9x.avg.u.avcdn.net
DNS Request
g5856219.iavs9x.avg.u.avcdn.net
DNS Request
l9346865.iavs9x.avg.u.avcdn.net
DNS Request
l9518228.iavs9x.avg.u.avcdn.net
DNS Request
s-iavs9x.avcdn.net
DNS Request
s9788044.iavs9x.avg.u.avcdn.net
DNS Response
2a02:26f0:1780:5::216:902b2a02:26f0:1780:5::216:9007
DNS Response
2a02:26f0:1780:5::216:90072a02:26f0:1780:5::216:902b
DNS Response
2a02:26f0:1780:5::216:90072a02:26f0:1780:5::216:902b
DNS Response
2a02:26f0:1780:5::216:902b2a02:26f0:1780:5::216:9007
DNS Response
2a02:26f0:5700:19d::240d2a02:26f0:5700:182::240d
DNS Response
2a02:26f0:1780:5::216:902b2a02:26f0:1780:5::216:9007
-
77 B 208 B 1 1
DNS Request
b0017156.iavs9x.avg.u.avcdn.net
DNS Response
2a02:26f0:1780:5::216:902b2a02:26f0:1780:5::216:9007
-
77 B 208 B 1 1
DNS Request
g5856219.iavs9x.avg.u.avcdn.net
DNS Response
2a02:26f0:1780:5::216:90072a02:26f0:1780:5::216:902b
-
77 B 208 B 1 1
DNS Request
l9346865.iavs9x.avg.u.avcdn.net
DNS Response
2a02:26f0:1780:5::216:90072a02:26f0:1780:5::216:902b
-
77 B 208 B 1 1
DNS Request
l9518228.iavs9x.avg.u.avcdn.net
DNS Response
2a02:26f0:1780:5::216:902b2a02:26f0:1780:5::216:9007
-
64 B 204 B 1 1
DNS Request
s-iavs9x.avcdn.net
DNS Response
2a02:26f0:5700:182::240d2a02:26f0:5700:19d::240d
-
77 B 208 B 1 1
DNS Request
s9788044.iavs9x.avg.u.avcdn.net
DNS Response
2a02:26f0:1780:5::216:90072a02:26f0:1780:5::216:902b
-
71 B 135 B 1 1
DNS Request
56.139.73.23.in-addr.arpa
-
515 B 1.1kB 6 6
DNS Request
f4973661.iavs9x.avg.u.avcdn.net
DNS Request
k6951768.iavs9x.avg.u.avcdn.net
DNS Request
l8318517.iavs9x.avg.u.avcdn.net
DNS Request
s-iavs9x.avcdn.net
DNS Request
s9788044.iavs9x.avg.u.avcdn.net
DNS Request
y1284511.iavs9x.avg.u.avcdn.net
DNS Response
23.73.139.5623.73.139.81
DNS Response
23.73.139.5623.73.139.81
DNS Response
23.73.139.5623.73.139.81
DNS Response
104.120.141.25
DNS Response
23.73.139.5623.73.139.81
DNS Response
23.73.139.5623.73.139.81
-
77 B 184 B 1 1
DNS Request
f4973661.iavs9x.avg.u.avcdn.net
DNS Response
23.73.139.8123.73.139.56
-
77 B 184 B 1 1
DNS Request
k6951768.iavs9x.avg.u.avcdn.net
DNS Response
23.73.139.5623.73.139.81
-
77 B 184 B 1 1
DNS Request
l8318517.iavs9x.avg.u.avcdn.net
DNS Response
23.73.139.5623.73.139.81
-
64 B 164 B 1 1
DNS Request
s-iavs9x.avcdn.net
DNS Response
104.120.141.25
-
77 B 184 B 1 1
DNS Request
s9788044.iavs9x.avg.u.avcdn.net
DNS Response
23.73.139.5623.73.139.81
-
77 B 184 B 1 1
DNS Request
y1284511.iavs9x.avg.u.avcdn.net
DNS Response
23.73.139.5623.73.139.81
-
515 B 1.3kB 6 6
DNS Request
f4973661.iavs9x.avg.u.avcdn.net
DNS Request
k6951768.iavs9x.avg.u.avcdn.net
DNS Request
l8318517.iavs9x.avg.u.avcdn.net
DNS Request
s-iavs9x.avcdn.net
DNS Request
s9788044.iavs9x.avg.u.avcdn.net
DNS Request
y1284511.iavs9x.avg.u.avcdn.net
DNS Response
2a02:26f0:1780:5::216:90072a02:26f0:1780:5::216:902b
DNS Response
2a02:26f0:1780:5::216:902b2a02:26f0:1780:5::216:9007
DNS Response
2a02:26f0:1780:5::216:902b2a02:26f0:1780:5::216:9007
DNS Response
2a02:26f0:5700:19d::240d2a02:26f0:5700:182::240d
DNS Response
2a02:26f0:1780:5::216:90072a02:26f0:1780:5::216:902b
DNS Response
2a02:26f0:1780:5::216:90072a02:26f0:1780:5::216:902b
-
77 B 208 B 1 1
DNS Request
f4973661.iavs9x.avg.u.avcdn.net
DNS Response
2a02:26f0:1780:5::216:90072a02:26f0:1780:5::216:902b
-
77 B 208 B 1 1
DNS Request
k6951768.iavs9x.avg.u.avcdn.net
DNS Response
2a02:26f0:1780:5::216:90072a02:26f0:1780:5::216:902b
-
77 B 208 B 1 1
DNS Request
l8318517.iavs9x.avg.u.avcdn.net
DNS Response
2a02:26f0:1780:5::216:90072a02:26f0:1780:5::216:902b
-
64 B 204 B 1 1
DNS Request
s-iavs9x.avcdn.net
DNS Response
2a02:26f0:5700:19d::240d2a02:26f0:5700:182::240d
-
77 B 208 B 1 1
DNS Request
s9788044.iavs9x.avg.u.avcdn.net
DNS Response
2a02:26f0:1780:5::216:90072a02:26f0:1780:5::216:902b
-
77 B 208 B 1 1
DNS Request
y1284511.iavs9x.avg.u.avcdn.net
DNS Response
2a02:26f0:1780:5::216:90072a02:26f0:1780:5::216:902b
-
513 B 1.1kB 6 6
DNS Request
d9217321.avi18tiny.u.avcdn.net
DNS Request
n3338300.avi18tiny.u.avcdn.net
DNS Request
s-avi18tiny.avcdn.net
DNS Request
s9788044.avi18tiny.u.avcdn.net
DNS Request
x1281465.avi18tiny.u.avcdn.net
DNS Request
y7637820.avi18tiny.u.avcdn.net
DNS Response
23.73.139.5023.73.139.43
DNS Response
104.120.141.25
DNS Response
23.73.139.4323.73.139.50
DNS Response
23.73.139.5023.73.139.43
DNS Response
23.73.139.4323.73.139.50
DNS Response
23.73.139.5023.73.139.43
-
76 B 175 B 1 1
DNS Request
d9217321.avi18tiny.u.avcdn.net
DNS Response
23.73.139.5023.73.139.43
-
76 B 175 B 1 1
DNS Request
n3338300.avi18tiny.u.avcdn.net
DNS Response
23.73.139.5023.73.139.43
-
67 B 167 B 1 1
DNS Request
s-avi18tiny.avcdn.net
DNS Response
104.120.141.25
-
76 B 175 B 1 1
DNS Request
s9788044.avi18tiny.u.avcdn.net
DNS Response
23.73.139.5023.73.139.43
-
76 B 175 B 1 1
DNS Request
x1281465.avi18tiny.u.avcdn.net
DNS Response
23.73.139.5023.73.139.43
-
76 B 175 B 1 1
DNS Request
y7637820.avi18tiny.u.avcdn.net
DNS Response
23.73.139.5023.73.139.43
-
513 B 1.3kB 6 6
DNS Request
d9217321.avi18tiny.u.avcdn.net
DNS Request
n3338300.avi18tiny.u.avcdn.net
DNS Request
s-avi18tiny.avcdn.net
DNS Request
s9788044.avi18tiny.u.avcdn.net
DNS Request
x1281465.avi18tiny.u.avcdn.net
DNS Request
y7637820.avi18tiny.u.avcdn.net
DNS Response
2a02:26f0:1780:5::216:90272a02:26f0:1780:5::216:901f
DNS Response
2a02:26f0:1780:5::216:90272a02:26f0:1780:5::216:901f
DNS Response
2a02:26f0:1780:5::216:901f2a02:26f0:1780:5::216:9027
DNS Response
2a02:26f0:1780:5::216:901f2a02:26f0:1780:5::216:9027
DNS Response
2a02:26f0:1780:5::216:90272a02:26f0:1780:5::216:901f
DNS Response
2a02:26f0:5700:19d::240d2a02:26f0:5700:182::240d
-
76 B 199 B 1 1
DNS Request
d9217321.avi18tiny.u.avcdn.net
DNS Response
2a02:26f0:1780:5::216:90272a02:26f0:1780:5::216:901f
-
76 B 199 B 1 1
DNS Request
n3338300.avi18tiny.u.avcdn.net
DNS Response
2a02:26f0:1780:5::216:90272a02:26f0:1780:5::216:901f
-
67 B 207 B 1 1
DNS Request
s-avi18tiny.avcdn.net
DNS Response
2a02:26f0:5700:182::240d2a02:26f0:5700:19d::240d
-
76 B 199 B 1 1
DNS Request
s9788044.avi18tiny.u.avcdn.net
DNS Response
2a02:26f0:1780:5::216:90272a02:26f0:1780:5::216:901f
-
76 B 199 B 1 1
DNS Request
x1281465.avi18tiny.u.avcdn.net
DNS Response
2a02:26f0:1780:5::216:90272a02:26f0:1780:5::216:901f
-
76 B 199 B 1 1
DNS Request
y7637820.avi18tiny.u.avcdn.net
DNS Response
2a02:26f0:1780:5::216:90272a02:26f0:1780:5::216:901f
-
64 B 188 B 1 1
DNS Request
shepherd.avcdn.net
-
71 B 135 B 1 1
DNS Request
50.139.73.23.in-addr.arpa
-
80 B 165 B 1 1
DNS Request
v7event.stats.avcdn.net
DNS Response
34.117.223.223
-
69 B 154 B 1 1
DNS Request
v7event.stats.avcdn.net
DNS Response
34.117.223.223
-
80 B 211 B 1 1
DNS Request
v7event.stats.avcdn.net
-
69 B 200 B 1 1
DNS Request
v7event.stats.avcdn.net
-
80 B 165 B 1 1
DNS Request
v7event.stats.avcdn.net
DNS Response
34.117.223.223
-
70 B 86 B 1 1
DNS Request
ssl.google-analytics.com
DNS Response
142.250.180.8
-
59 B 141 B 1 1
DNS Request
ipm.avcdn.net
DNS Response
34.111.24.1
-
59 B 141 B 1 1
DNS Request
ipm.avcdn.net
DNS Response
34.111.24.1
-
72 B 110 B 1 1
DNS Request
8.180.250.142.in-addr.arpa
-
62 B 157 B 1 1
DNS Request
ipmcdn.avast.com
DNS Response
2.22.15.85
-
68 B 117 B 1 1
DNS Request
analytics.ff.avast.com
DNS Response
34.117.223.223
-
70 B 86 B 1 1
DNS Request
ssl.google-analytics.com
DNS Response
142.250.180.8
-
68 B 117 B 1 1
DNS Request
analytics.ff.avast.com
DNS Response
34.117.223.223
-
62 B 157 B 1 1
DNS Request
ipmcdn.avast.com
DNS Response
2.22.15.85
-
70 B 120 B 1 1
DNS Request
1.24.111.34.in-addr.arpa
-
69 B 131 B 1 1
DNS Request
85.15.22.2.in-addr.arpa
-
72 B 158 B 1 1
DNS Request
29.243.111.52.in-addr.arpa
-
74 B 128 B 1 1
DNS Request
172.210.232.199.in-addr.arpa
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
26KB
MD5d45fc9c860b24cad904d651f5ea35a3f
SHA1d8233a1c7e773d8cb7994806b0e4c4c986e8ab31
SHA2560098443dc5f5242035e0eaa1e418c70e8832a2f2cd29cbd581da647d5378ab91
SHA512407a64457a9297ac8b28c7ad48b3b7055a59afebe6a9c6580dd5b3bfe8049bfe27f099ead3e6fae3c5519483aa23bc80fb427e9f23914bf54d3469acdc030ed0
-
Filesize
1KB
MD5471b11eea34e4bb95854aae00bc898d2
SHA18c6278a3fbe04ce7bbd05f640447cce3c19225c2
SHA2568380145f8e604813c75ba11cbd919ed18af3b87307949d448d70936d8e332888
SHA51278a3bed138b7a14dc82769cd1f94ae42d4598a85ed8b67057d0cc0e43b1cedd4279e63fdf0495340fc9f372594f359e6cc1afcc91647364c782cdd432675704a
-
Filesize
281B
MD5622db09c358517b5b342c31ed2b65df1
SHA12c38476954751df44e54bbed724ac2203e3e5df3
SHA2564571cc909151ddb0a590acabd3faa672a0dcd8c49ecc4e1b0ec0f16eea095166
SHA51224335ea4bf1221a6c2d792817aa60707668f4be6a5da47c7c2be744b19ae0f8eafd630f95447c27918d75d8d4a76f54dfadb94e5d88665a83e16cc9baa41f7fb
-
Filesize
4.0MB
MD54cc6efda014cc654142c97cd09175e37
SHA19ff80f73eb8aa9563ee04f3857fedbb4167a9a2a
SHA2560ffd67c501dd1778c35830465f07f2390e318a485e0b22e437404b0a9d4b5ad2
SHA512064ceb07ef2a8a5db7d07a3ee58df07008efd642f12960c7dce837f533876199c0773a4b9861cf7907487b7fb2a96d6a1efdcc854855fd9246198ca438cab751
-
Filesize
18.1MB
MD5e9134948a4db2642f9bfaaf157a18bd0
SHA198249d941c196e9ee01f5d77713f13a12fff87f4
SHA25667721cd04b1866888a97c1027e6d6ca5805b08124b724a31ff9931f9f3e28b2a
SHA512629b39736755e9a9987a74aa9dab6aec94be061a3c70c140ce98d4eb9ca3575ccc02380990a023f3fbc1f49d56518f1dc9345fd8c7fe3b9cfbf7eb9c80187995
-
Filesize
3.6MB
MD5cb33ee6145c1dfad640103e1bc8b00e9
SHA1e68405536c9501a5f7617636db734a7e7bfdb61c
SHA256068bd9cd5dc944ff9030bdf3e31638408314e54861b93cdaf8c3c905a8005cac
SHA51231608dc1d295c91d012fd4634494b182c6d4b70c255036cbd0f71ace56fbc1a69f8358b8799d2db21e0bea1010ad79dee774b6049bf31dd513042b460722508b
-
Filesize
19KB
MD5ebd5c38aa827d9777dcde81e2a037b6f
SHA1740eee39569863c6baa780e7d82c848c92abe0c1
SHA2567fd358eddcef6756f315fec2bfad52286402f7194104fcfd3dcec7d588597025
SHA512fc22fff31b6e84297af9769b84142960e45bf9d8b71e9039e3829be9c671fc173dd47c88c25807f3e7bca0b87f842de500f5227e21ed312bfae2e89d0b65ff0d
-
Filesize
867KB
MD53ead47f44293e18d66fb32259904197a
SHA1e61e88bd81c05d4678aeb2d62c75dee35a25d16b
SHA256e0d08b9da7e502ad8c75f8be52e9a08a6bcd0c5f98d360704173be33777e4905
SHA512927a134bdaec1c7c13d11e4044b30f7c45bbb23d5caf1756c2beada6507a69df0a2e6252ec28a913861e4924d1c766704f1036d7fc39c6ddb22e5eb81f3007f0
-
Filesize
1KB
MD52f4301ac41da3c8c865bcf0a2686246d
SHA1fe799dedf9d99c05e79e54539ca8c0e853f4cf91
SHA256584591ed817da7b6addff5b70ab11508288eab29c06e48f7d61d7fd861e5594b
SHA5128717af385c54f98d6ca9f8a054d6eed0a99608dbbf943d1d24007ee3ebc589e563d69e799e0c11e822e7328501739dd52752b0902c4982229387ba45df50d3cb
-
Filesize
4.7MB
MD5ebc2e21a31af7ba94c3a70db0caf23ad
SHA136a25c19c6becbcf8e1c959458867f59cab774a3
SHA256b1819bf1551be44e0f293f6b6ead1841aacb63ca3a9d90f1a31c9cb52f648c6e
SHA512e777fd82cf1d782e73dc8796c57ecb9be4ed09256af456190ae0e414de651226c3eb616ae4ec1c245e55934843dd85485e0594c0125e013c47b48d89fff5f739
-
Filesize
3.3MB
MD5c339cfe0485edefebae496b088d41221
SHA1684e4fa30a601ef645293cc5a8b008bbc03b9483
SHA25655ebd9dc7c26877a51e11722d3ea17f1afdf39a30aeda07ef6804659c34e54c4
SHA512c78b4735ed9184219f95a461e97a47d95b60f353ded28d692a72f9c3db2ead081b700731c8b673e8a1ca969519281d8e73cef449d5bb6bcfd282fcd2261f4a5d
-
Filesize
18KB
MD5b86dd14aadb9e34d004ad39a4693ced0
SHA11cb7775cee3e4106b2ddba89a0ccdc9dd547c521
SHA256b64d1d23aef5cdeeb2279216a00c931b201bce90407c9cbff3a7ef2742873878
SHA51203cb9215521da45e1df7b926fad7b0afd5ee001944c475a90c8646d7621d0d062267a682e102d81da0b5204ed215ec6ba4c7646d9340d71b0cb77ca12ddef0c1
-
Filesize
18KB
MD50b575a6d40715ef6b6437f3d651365ec
SHA122c0e7f738cadb4e9287ce8b0ff75dd6781fc0a0
SHA2564b442e9da01b6ba0e1f53afedbdbc6aea667cb1fde4b47f5a4cb871102ee2423
SHA512bab5777b2a14edcc927d9a2feeaae3f76d4d670ab1ef4685cfe1f1432c3f058dcaf0c4b1b3c697c1e20698087d80eb549cf92ede68638cd2bf48b53a73a26782
-
Filesize
24KB
MD5209f5135ae4c7e8ff1f1948876c5ee32
SHA18c009e6864e653320b8cc62e65d890788d9a7fd7
SHA256ee62e0b16dc86b89f4c4801c531124190b2853c3333983289ef1d9b8ffd41eb3
SHA51201551c424195fb3cb1dbb014096c1b9c042ee196f90dfdb5d26a7130578978f161d7b84c71d73f1daa4fb6554d9802570c4bf8953d29d5f88eb9e486766e98ea
-
Filesize
696B
MD549e06bf9341fd92a249159483627845d
SHA1d23b7e1f861cedca0b1212935b5328fee3cabafb
SHA256feceb79022e6100df56347a6c86b1aab254bbe156f9dfc2002c013bf7b7e8ae8
SHA51299c7c4430fbec3d82b1c22d2a413d2d1a905ccdad4c03bb85a760b66e0d8f7ddba82db2f8463f100fc661a1a4dddc7a37ac08b77b5f9a4592315244fcb978df9
-
Filesize
2.3MB
MD5993a67fbd5162510a2b0f3fba05bad33
SHA13c76258240a04c05341e611f55bef10341e34ff3
SHA2560b7c3caa31928131ce0e1ca570aa72e20a98dda13e4ca0c59f31cc677d8e8c6e
SHA51244a335d3db00fa9148066a5f2d2a9f5250d7df2315d132ab2798b02e2d21b700525a00be91d960e1564a6ffc0ee95347f0df9ffc27a10cf807d5a926ab5154a3
-
Filesize
211B
MD5aa442786f758e5ad442aea88d6cf6124
SHA16c464722d20d261a155e2c5f6105cd8a4f0e5c21
SHA256ba1333f2355a7660001410efc8ae3e0b49d1600806272050883980889d6e250b
SHA512add459ffec8fa3883a56a64fb0a34bf0c99fbda9e296e30911f2fee313626a68ba3e1d56671615b6250a9adfa8a6e07e76a86dab234500a03c60a07556a50e1f
-
Filesize
73KB
MD5d264bf74d7ffcbad341d9fcefa4893bb
SHA1c7e9a0972524fa573825865c46eb6728d3e219e0
SHA2564b01a68078d7e1af1c0197baddbbb1ef4d3cbf13f71e8b9df766f88b4e6d8025
SHA512afbfdf6fdeb5dc427340de691726e79cb5bcc41bd488c557c684efe3f26d83a17f1118cc50bd64541a9a839d3dd4329a72a9423e65d3e9cdcfbd14003f1e0dc3
-
Filesize
4KB
MD50344288a18997069003d84c226a168f9
SHA10fe47920601834e620737ad321fbb24d38c7ee94
SHA256675bd92f752a51bd7d9797895252b3130095a06d7d5db8f221ab6251735ead8d
SHA512b1680ef42d7e2e56fbb124c91da27f15e6c946450c7d03d95b937c3cde80dbc2260e11926578075df255058c2307058429fd2f7307fc0a105c775a9b8aa82429
-
Filesize
7KB
MD591760dd268918f34d5035b70231c6662
SHA1c244a869726ab00bc674ea81970ddc739f240426
SHA25660cbcb938b4d06ec162bb2379fe94f0f22cac8927ea5740cb52260809c5ef50a
SHA51230f015fc4cb040e617caff7545290b7add9ce500a2bf10a72d53eed64b0972754e4a5dc1296b50b06f286a473950b21c3bec9fadbe9733942d59542ec19175d6
-
Filesize
572B
MD56d08ac0131cac7a2f9f2ea5d9d0b0cc6
SHA125983c1419089c6a7570963dda2d06e022b3b36d
SHA256846f9f2f624c8a1f001a4bd7c7ca3158c8c79cb11fa6d474cfdf8e48d0238a3f
SHA512753890f34fc1a925177a594c8bc5e19dc509fb8b32c1eef429496c5d19421200bdd75879c529981823340718bee82dafdf3f262a9ecf65de9ef03d12a1684b2c
-
Filesize
343B
MD5b516373c4f4f0bd98bbbcd71b4022e4d
SHA1fb2ccdcbec8ddcd91f35fd762dd86a5b2cb8e062
SHA25652e06087d9c0968150bc5d3b06895e3ab9b69aebea20e0328434b703aa242099
SHA512b1ef7ffd12b104a3caf8676c95285693c2af057537df0e87a292cea51bddf34be3ff00adae1337ecede93a8de9bb9ee71c464920f9f54c7bf3236d74aae98469
-
Filesize
340B
MD5a6aa5195417c52019dac2ea520161d70
SHA13867f26e50214fbef5698dcea3840ba6c35ab23b
SHA256b5992d7f4f9cfbd8c06d0b40110f296e70a7b804e581553d120d22146efdfc92
SHA5126986e715d9adf1142d965f0b8d0ec99915537015cb95ea14b9565f0aab3f2fde6c36ef06d760c8c32e0ad452419edcce0695eee5397f97afed3a28e75f25fc50
-
Filesize
27KB
MD52b62fb1ecd174c7e951f2b8af502c1c0
SHA190744a9355dd5b74d2ecc7ee34fccbeca1c18f1b
SHA2561fc616dd97e72451eda1324979f65df6af823aaaee1c83e5c2c3f3308cd26a67
SHA5120f14fbab88469ed19cde8d54ad74276ae4b03a783bf99def2d0f4d655a6ff86a35aa7ce4e8a7dcb936c70789efc4714b9bf1b317e485a6a44f150be6792cd7a0
-
Filesize
1KB
MD5ca027a5ef5f6d21d7e42855fa4db4120
SHA1eee669fe1c3cabd5f96c65ac992e4851f8eca9da
SHA256e1b5e5122457b19ad5175b0b372d6d0b55813503827ad1d84c26f23b8506a66d
SHA5128dcd63d2406f6f7e67053342553345bb372401a8dda64e1b41e937df7359a8e4c0afa9705d8fbb953aeed403d54bcd6a5d5bddf7ca1d6c43f1da37020bdda491
-
Filesize
38KB
MD549474897d267894daa13e9dcb168793d
SHA110331de148bb89ecc6e1af25bd3b0a862dd2b4eb
SHA2560b9aedce74468150c054d27649dad8f98109e537a581649be6668a13cd29e6a7
SHA512687dfcfdff27d8be7fa2b7a277a6bd269bf719ca12bf5e7f38643582785032cb8b0e11c04180736dfa56c2b10a12e10c10e50427ceacf6d6332125ebf65eb9da
-
Filesize
29KB
MD5c53dc6d8050e08d12939b95e2f5c53dc
SHA101f3fd1a4c730cad939d243e6bb8f9fe8f1e0138
SHA2565a690ef46a5c889adbad580b773a6025040426ee11d3817927dd1e77698e8ece
SHA51275ec453cfa12a071322877db4244746de6ecec779c4f267cb3b9729437f3e0a90ffa2fe1d42e5baf05c159c8c6ef6c71bc7e258044162e5fcbaad10a9e93d84a
-
Filesize
16KB
MD5bd33707a5e0b6cc434fbaa32e69cb30a
SHA134ddc8fbda6acef9e07de571d4c00e65e3c09958
SHA256bf60d1aa67abc73f927e1544ba8b66a79ec9143caedb15e1d94d023be6aba036
SHA51202b78b7796e55e245d00ae5b94ae767c6c7da480ec609e84b1a4deafb5f6dbb8f15ad5947b3db421048e17d46419b2149ef23aa369ce42288d3bb5817a0863de
-
Filesize
9.5MB
MD572c1cad77d7a37f6eed6606b00b22738
SHA11883d039f42ead5318de8f5f37b61bad4b61fa72
SHA25647cee4d44e8fe27f3229fa751c11259227a00b605d6a42e2cb066f100a9049c3
SHA51287104f2cf47683f113398e71b795fbeadd6835b5d333e1aedf22e7d3afec7de3e138cbc949947235ff4892489caaf219405832df91885084e361806ac22d0209
-
Filesize
21B
MD5b7a649f519bca7f8e5186aaea02b48c9
SHA19a1e5074bbea1693659a70c85ef8f66e20a97422
SHA256d9defeae2cfb91b2871eaf62bcdc2b0e2390de6ba02343407dd658e37f75f543
SHA512dc033fc80e06b5013f85f5bda1927421f6635d85bc85d2ae7a5694b69e4bb14e50d9320a7963bfabf113f9e0e58cd6fd1442dc3530335ea3908383e36e2dd506