Analysis

  • max time kernel
    125s
  • max time network
    140s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240611-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240611-enlocale:en-usos:windows10-2004-x64system
  • submitted
    12/06/2024, 09:52 UTC

General

  • Target

    c4df16d335825ebfeaa2f812681a27032bd7e1e7ccaf0e6cad4cda6f25d40568.exe

  • Size

    219KB

  • MD5

    105d0f2bcd9667e474c60be026298d6a

  • SHA1

    589e7829ed8b371b1787c7952192fe13b257674a

  • SHA256

    c4df16d335825ebfeaa2f812681a27032bd7e1e7ccaf0e6cad4cda6f25d40568

  • SHA512

    2937cffb77a20a075538eeac63132b3fbcc326dcbd24f7ea020814b07eaad77ae9b8597399880a400cf78e0ed223123477b6a55acec0372f93a940c0c006dec6

  • SSDEEP

    3072:42RaiKg4xmUh1WXHqw/l+qmOELhakVsm3mxB32tLEv8zfdn5f2dZLCoKOhh9K0KT:40KgGwHqwOOELha+sm2D2+UhngNHK46p

Score
8/10

Malware Config

Signatures

  • Downloads MZ/PE file
  • Executes dropped EXE 11 IoCs
  • Loads dropped DLL 13 IoCs
  • Checks for any installed AV software in registry 1 TTPs 6 IoCs
  • Writes to the Master Boot Record (MBR) 1 TTPs 4 IoCs

    Bootkits write to the MBR to gain persistence at a level below the operating system.

  • Checks processor information in registry 2 TTPs 15 IoCs

    Processor information is often read in order to detect sandboxing environments.

  • Modifies registry class 64 IoCs
  • Suspicious behavior: EnumeratesProcesses 8 IoCs
  • Suspicious use of AdjustPrivilegeToken 9 IoCs
  • Suspicious use of SetWindowsHookEx 2 IoCs
  • Suspicious use of WriteProcessMemory 24 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\c4df16d335825ebfeaa2f812681a27032bd7e1e7ccaf0e6cad4cda6f25d40568.exe
    "C:\Users\Admin\AppData\Local\Temp\c4df16d335825ebfeaa2f812681a27032bd7e1e7ccaf0e6cad4cda6f25d40568.exe"
    1⤵
    • Loads dropped DLL
    • Writes to the Master Boot Record (MBR)
    • Suspicious use of WriteProcessMemory
    PID:3336
    • C:\Windows\Temp\asw.eecc863cc3decc7b\avg_antivirus_free_setup_x64.exe
      "C:\Windows\Temp\asw.eecc863cc3decc7b\avg_antivirus_free_setup_x64.exe" /cookie:mmm_bav_tst_007_402_f /ga_clientid:0d7835ce-cfbc-44fd-a61d-d83a60311cc8 /edat_dir:C:\Windows\Temp\asw.eecc863cc3decc7b
      2⤵
      • Executes dropped EXE
      • Checks for any installed AV software in registry
      • Writes to the Master Boot Record (MBR)
      • Checks processor information in registry
      • Modifies registry class
      • Suspicious behavior: EnumeratesProcesses
      • Suspicious use of AdjustPrivilegeToken
      • Suspicious use of WriteProcessMemory
      PID:4900
      • C:\Windows\Temp\asw.bfabaa787f845146\instup.exe
        "C:\Windows\Temp\asw.bfabaa787f845146\instup.exe" /sfx:lite /sfxstorage:C:\Windows\Temp\asw.bfabaa787f845146 /edition:15 /prod:ais /stub_context:2c64507b-b59f-4dfd-839b-8d41d68a8629:9994552 /guid:84c21b69-27f1-47fc-9d8f-99820cf029ac /ga_clientid:0d7835ce-cfbc-44fd-a61d-d83a60311cc8 /cookie:mmm_bav_tst_007_402_f /ga_clientid:0d7835ce-cfbc-44fd-a61d-d83a60311cc8 /edat_dir:C:\Windows\Temp\asw.eecc863cc3decc7b
        3⤵
        • Executes dropped EXE
        • Loads dropped DLL
        • Checks for any installed AV software in registry
        • Writes to the Master Boot Record (MBR)
        • Checks processor information in registry
        • Modifies registry class
        • Suspicious use of AdjustPrivilegeToken
        • Suspicious use of SetWindowsHookEx
        • Suspicious use of WriteProcessMemory
        PID:216
        • C:\Windows\Temp\asw.bfabaa787f845146\New_18050d08\instup.exe
          "C:\Windows\Temp\asw.bfabaa787f845146\New_18050d08\instup.exe" /sfx /sfxstorage:C:\Windows\Temp\asw.bfabaa787f845146 /edition:15 /prod:ais /stub_context:2c64507b-b59f-4dfd-839b-8d41d68a8629:9994552 /guid:84c21b69-27f1-47fc-9d8f-99820cf029ac /ga_clientid:0d7835ce-cfbc-44fd-a61d-d83a60311cc8 /cookie:mmm_bav_tst_007_402_f /edat_dir:C:\Windows\Temp\asw.eecc863cc3decc7b /online_installer
          4⤵
          • Executes dropped EXE
          • Loads dropped DLL
          • Checks for any installed AV software in registry
          • Writes to the Master Boot Record (MBR)
          • Checks processor information in registry
          • Modifies registry class
          • Suspicious behavior: EnumeratesProcesses
          • Suspicious use of AdjustPrivilegeToken
          • Suspicious use of SetWindowsHookEx
          • Suspicious use of WriteProcessMemory
          PID:1676
          • C:\Windows\Temp\asw.bfabaa787f845146\New_18050d08\aswOfferTool.exe
            "C:\Windows\Temp\asw.bfabaa787f845146\New_18050d08\aswOfferTool.exe" -checkGToolbar -elevated
            5⤵
            • Executes dropped EXE
            PID:3436
          • C:\Windows\Temp\asw.bfabaa787f845146\New_18050d08\aswOfferTool.exe
            "C:\Windows\Temp\asw.bfabaa787f845146\New_18050d08\aswOfferTool.exe" /check_secure_browser
            5⤵
            • Executes dropped EXE
            PID:2292
          • C:\Windows\Temp\asw.bfabaa787f845146\New_18050d08\aswOfferTool.exe
            "C:\Windows\Temp\asw.bfabaa787f845146\New_18050d08\aswOfferTool.exe" -checkChrome -elevated
            5⤵
            • Executes dropped EXE
            • Loads dropped DLL
            PID:452
          • C:\Windows\Temp\asw.bfabaa787f845146\New_18050d08\aswOfferTool.exe
            "C:\Windows\Temp\asw.bfabaa787f845146\New_18050d08\aswOfferTool.exe" -checkChromeReactivation -elevated -bc=AWFC
            5⤵
            • Executes dropped EXE
            • Suspicious use of AdjustPrivilegeToken
            PID:3056
            • C:\Users\Public\Documents\aswOfferTool.exe
              "C:\Users\Public\Documents\aswOfferTool.exe" -checkChromeReactivation -bc=AWFC
              6⤵
              • Executes dropped EXE
              • Loads dropped DLL
              PID:1656
          • C:\Windows\Temp\asw.bfabaa787f845146\New_18050d08\aswOfferTool.exe
            "C:\Windows\Temp\asw.bfabaa787f845146\New_18050d08\aswOfferTool.exe" -checkChromeReactivation -elevated -bc=AWFC
            5⤵
            • Executes dropped EXE
            • Suspicious use of AdjustPrivilegeToken
            PID:4680
            • C:\Users\Public\Documents\aswOfferTool.exe
              "C:\Users\Public\Documents\aswOfferTool.exe" -checkChromeReactivation -bc=AWFC
              6⤵
              • Executes dropped EXE
              • Loads dropped DLL
              PID:3376
          • C:\Windows\Temp\asw.bfabaa787f845146\New_18050d08\aswOfferTool.exe
            "C:\Windows\Temp\asw.bfabaa787f845146\New_18050d08\aswOfferTool.exe" -checkChrome -elevated
            5⤵
            • Executes dropped EXE
            • Loads dropped DLL
            PID:4412
  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --field-trial-handle=3852,i,7977653611488681184,6839495125838449898,262144 --variations-seed-version --mojo-platform-channel-handle=4040 /prefetch:8
    1⤵
      PID:212

    Network

    • flag-us
      DNS
      iavs9x.avg.u.avcdn.net
      c4df16d335825ebfeaa2f812681a27032bd7e1e7ccaf0e6cad4cda6f25d40568.exe
      Remote address:
      8.8.8.8:53
      Request
      iavs9x.avg.u.avcdn.net
      IN A
      Response
      iavs9x.avg.u.avcdn.net
      IN CNAME
      iavs9x4.u.avcdn.net.edgesuite.net
      iavs9x4.u.avcdn.net.edgesuite.net
      IN CNAME
      a117.dscd.akamai.net
      a117.dscd.akamai.net
      IN A
      23.73.139.81
      a117.dscd.akamai.net
      IN A
      23.73.139.56
    • flag-us
      DNS
      v7event.stats.avast.com
      c4df16d335825ebfeaa2f812681a27032bd7e1e7ccaf0e6cad4cda6f25d40568.exe
      Remote address:
      8.8.8.8:53
      Request
      v7event.stats.avast.com
      IN A
      Response
      v7event.stats.avast.com
      IN CNAME
      analytics.ff.avast.com
      analytics.ff.avast.com
      IN CNAME
      analytics-prod-gcp.ff.avast.com
      analytics-prod-gcp.ff.avast.com
      IN A
      34.117.223.223
    • flag-us
      POST
      http://v7event.stats.avast.com/cgi-bin/iavsevents.cgi
      c4df16d335825ebfeaa2f812681a27032bd7e1e7ccaf0e6cad4cda6f25d40568.exe
      Remote address:
      34.117.223.223:80
      Request
      POST /cgi-bin/iavsevents.cgi HTTP/1.1
      Connection: Keep-Alive
      Content-Type: iavs4/stats
      User-Agent: AVG Microstub/2.1
      Content-Length: 268
      Host: v7event.stats.avast.com
      Response
      HTTP/1.1 204 No Content
      Server: nginx
      Date: Wed, 12 Jun 2024 09:52:48 GMT
      Via: 1.1 google
    • flag-us
      POST
      http://v7event.stats.avast.com/cgi-bin/iavsevents.cgi
      c4df16d335825ebfeaa2f812681a27032bd7e1e7ccaf0e6cad4cda6f25d40568.exe
      Remote address:
      34.117.223.223:80
      Request
      POST /cgi-bin/iavsevents.cgi HTTP/1.1
      Connection: Keep-Alive
      Content-Type: iavs4/stats
      User-Agent: AVG Microstub/2.1
      Content-Length: 282
      Host: v7event.stats.avast.com
      Response
      HTTP/1.1 204 No Content
      Server: nginx
      Date: Wed, 12 Jun 2024 09:52:56 GMT
      Via: 1.1 google
    • flag-gb
      POST
      http://www.google-analytics.com/collect
      c4df16d335825ebfeaa2f812681a27032bd7e1e7ccaf0e6cad4cda6f25d40568.exe
      Remote address:
      216.58.213.14:80
      Request
      POST /collect HTTP/1.1
      Connection: Keep-Alive
      User-Agent: AVG Microstub/2.1
      Content-Length: 140
      Host: www.google-analytics.com
      Response
      HTTP/1.1 200 OK
      Access-Control-Allow-Origin: *
      Date: Wed, 12 Jun 2024 09:52:48 GMT
      Pragma: no-cache
      Expires: Fri, 01 Jan 1990 00:00:00 GMT
      Cache-Control: no-cache, no-store, must-revalidate
      Last-Modified: Sun, 17 May 1998 03:00:00 GMT
      X-Content-Type-Options: nosniff
      Content-Type: image/gif
      Cross-Origin-Resource-Policy: cross-origin
      Server: Golfe2
      Content-Length: 35
    • flag-gb
      POST
      http://www.google-analytics.com/collect
      c4df16d335825ebfeaa2f812681a27032bd7e1e7ccaf0e6cad4cda6f25d40568.exe
      Remote address:
      216.58.213.14:80
      Request
      POST /collect HTTP/1.1
      Connection: Keep-Alive
      User-Agent: AVG Microstub/2.1
      Content-Length: 143
      Host: www.google-analytics.com
      Response
      HTTP/1.1 200 OK
      Access-Control-Allow-Origin: *
      Date: Wed, 12 Jun 2024 09:52:56 GMT
      Pragma: no-cache
      Expires: Fri, 01 Jan 1990 00:00:00 GMT
      Cache-Control: no-cache, no-store, must-revalidate
      Last-Modified: Sun, 17 May 1998 03:00:00 GMT
      X-Content-Type-Options: nosniff
      Content-Type: image/gif
      Cross-Origin-Resource-Policy: cross-origin
      Server: Golfe2
      Content-Length: 35
    • flag-us
      DNS
      g.bing.com
      Remote address:
      8.8.8.8:53
      Request
      g.bing.com
      IN A
      Response
      g.bing.com
      IN CNAME
      g-bing-com.dual-a-0034.a-msedge.net
      g-bing-com.dual-a-0034.a-msedge.net
      IN CNAME
      dual-a-0034.a-msedge.net
      dual-a-0034.a-msedge.net
      IN A
      204.79.197.237
      dual-a-0034.a-msedge.net
      IN A
      13.107.21.237
    • flag-us
      GET
      https://g.bing.com/neg/0?action=impression&rlink=https%3A%2F%2Fwww.bing.com%2Faclick%3Fld%3De8TzD80AXHemFM0p5li3gwezVUCUyd_ACmPOlMBeKmGfAvja8shH-WCVcWeaeHQYyzr4hCcAKuQcU-NZrmI32uWiOF8z2pKTAaK39MmKoTbu3p0zGoxP8u8wxTUpBxuAtTcr0mon3uu3N7yibL0260Aup6YOQ8avurh0Kj5-Kd_keW7zuw%26u%3DbWljcm9zb2Z0LWVkZ2UlM2FodHRwcyUzYSUyZiUyZnd3dy5taWNyb3NvZnQuY29tJTJmbWljcm9zb2Z0LTM2NSUyZm1pY3Jvc29mdC0zNjUtYmFzaWMtZmFxcyUzZk9DSUQlM2RjbW1sdWMyOWxxOQ%26rlid%3Dfaab1187f039144342cb77ef3b0a9d69&TIME=20240611T221026Z&CID=531098720&EID=531098720&tids=15000&adUnitId=11730597&localId=w:8CE4F47C-62C1-CBA1-6083-4AA98427395E&deviceId=6825835407638640&muid=8CE4F47C62C1CBA160834AA98427395E
      Remote address:
      204.79.197.237:443
      Request
      GET /neg/0?action=impression&rlink=https%3A%2F%2Fwww.bing.com%2Faclick%3Fld%3De8TzD80AXHemFM0p5li3gwezVUCUyd_ACmPOlMBeKmGfAvja8shH-WCVcWeaeHQYyzr4hCcAKuQcU-NZrmI32uWiOF8z2pKTAaK39MmKoTbu3p0zGoxP8u8wxTUpBxuAtTcr0mon3uu3N7yibL0260Aup6YOQ8avurh0Kj5-Kd_keW7zuw%26u%3DbWljcm9zb2Z0LWVkZ2UlM2FodHRwcyUzYSUyZiUyZnd3dy5taWNyb3NvZnQuY29tJTJmbWljcm9zb2Z0LTM2NSUyZm1pY3Jvc29mdC0zNjUtYmFzaWMtZmFxcyUzZk9DSUQlM2RjbW1sdWMyOWxxOQ%26rlid%3Dfaab1187f039144342cb77ef3b0a9d69&TIME=20240611T221026Z&CID=531098720&EID=531098720&tids=15000&adUnitId=11730597&localId=w:8CE4F47C-62C1-CBA1-6083-4AA98427395E&deviceId=6825835407638640&muid=8CE4F47C62C1CBA160834AA98427395E HTTP/2.0
      host: g.bing.com
      accept-encoding: gzip, deflate
      user-agent: WindowsShellClient/9.0.40929.0 (Windows)
      Response
      HTTP/2.0 204
      cache-control: no-cache, must-revalidate
      pragma: no-cache
      expires: Fri, 01 Jan 1990 00:00:00 GMT
      set-cookie: MUID=11FA1080E0D46C351EFA041CE16F6D59; domain=.bing.com; expires=Mon, 07-Jul-2025 09:52:49 GMT; path=/; SameSite=None; Secure; Priority=High;
      strict-transport-security: max-age=31536000; includeSubDomains; preload
      access-control-allow-origin: *
      x-cache: CONFIG_NOCACHE
      accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
      x-msedge-ref: Ref A: 7C9357C56F284550BD9053D36F4EA157 Ref B: LON04EDGE0817 Ref C: 2024-06-12T09:52:49Z
      date: Wed, 12 Jun 2024 09:52:48 GMT
    • flag-us
      GET
      https://g.bing.com/neg/0?action=impression&rlink=https%3A%2F%2Fwww.bing.com%2Faclick%3Fld%3De8TzD80AXHemFM0p5li3gwezVUCUyd_ACmPOlMBeKmGfAvja8shH-WCVcWeaeHQYyzr4hCcAKuQcU-NZrmI32uWiOF8z2pKTAaK39MmKoTbu3p0zGoxP8u8wxTUpBxuAtTcr0mon3uu3N7yibL0260Aup6YOQ8avurh0Kj5-Kd_keW7zuw%26u%3DbWljcm9zb2Z0LWVkZ2UlM2FodHRwcyUzYSUyZiUyZnd3dy5taWNyb3NvZnQuY29tJTJmbWljcm9zb2Z0LTM2NSUyZm1pY3Jvc29mdC0zNjUtYmFzaWMtZmFxcyUzZk9DSUQlM2RjbW1sdWMyOWxxOQ%26rlid%3Dfaab1187f039144342cb77ef3b0a9d69&TIME=20240611T221026Z&CID=531098720&EID=&tids=15000&adUnitId=11730597&localId=w:8CE4F47C-62C1-CBA1-6083-4AA98427395E&deviceId=6825835407638640&muid=8CE4F47C62C1CBA160834AA98427395E
      Remote address:
      204.79.197.237:443
      Request
      GET /neg/0?action=impression&rlink=https%3A%2F%2Fwww.bing.com%2Faclick%3Fld%3De8TzD80AXHemFM0p5li3gwezVUCUyd_ACmPOlMBeKmGfAvja8shH-WCVcWeaeHQYyzr4hCcAKuQcU-NZrmI32uWiOF8z2pKTAaK39MmKoTbu3p0zGoxP8u8wxTUpBxuAtTcr0mon3uu3N7yibL0260Aup6YOQ8avurh0Kj5-Kd_keW7zuw%26u%3DbWljcm9zb2Z0LWVkZ2UlM2FodHRwcyUzYSUyZiUyZnd3dy5taWNyb3NvZnQuY29tJTJmbWljcm9zb2Z0LTM2NSUyZm1pY3Jvc29mdC0zNjUtYmFzaWMtZmFxcyUzZk9DSUQlM2RjbW1sdWMyOWxxOQ%26rlid%3Dfaab1187f039144342cb77ef3b0a9d69&TIME=20240611T221026Z&CID=531098720&EID=&tids=15000&adUnitId=11730597&localId=w:8CE4F47C-62C1-CBA1-6083-4AA98427395E&deviceId=6825835407638640&muid=8CE4F47C62C1CBA160834AA98427395E HTTP/2.0
      host: g.bing.com
      accept-encoding: gzip, deflate
      user-agent: WindowsShellClient/9.0.40929.0 (Windows)
      cookie: MUID=11FA1080E0D46C351EFA041CE16F6D59; _EDGE_S=SID=13BDB94A741660500C60ADD675106191
      Response
      HTTP/2.0 204
      cache-control: no-cache, must-revalidate
      pragma: no-cache
      expires: Fri, 01 Jan 1990 00:00:00 GMT
      set-cookie: MSPTC=r9IEIpgE4xysX4mNPR6qqI7uEd-BcFoGXc0ES3xHVbs; domain=.bing.com; expires=Mon, 07-Jul-2025 09:52:49 GMT; path=/; Partitioned; secure; SameSite=None
      strict-transport-security: max-age=31536000; includeSubDomains; preload
      access-control-allow-origin: *
      x-cache: CONFIG_NOCACHE
      accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
      x-msedge-ref: Ref A: 71677715AAAF4BFC9FFD346051CE94A7 Ref B: LON04EDGE0817 Ref C: 2024-06-12T09:52:49Z
      date: Wed, 12 Jun 2024 09:52:49 GMT
    • flag-be
      GET
      https://www.bing.com/aes/c.gif?RG=8d1e52730a014cfdbe18e33db04dd9d1&med=10&pubId=251978541&tids=15000&type=mv&reqver=1.0&TIME=20240611T221026Z&adUnitId=11730597&localId=w:8CE4F47C-62C1-CBA1-6083-4AA98427395E&deviceId=6825835407638640
      Remote address:
      88.221.83.218:443
      Request
      GET /aes/c.gif?RG=8d1e52730a014cfdbe18e33db04dd9d1&med=10&pubId=251978541&tids=15000&type=mv&reqver=1.0&TIME=20240611T221026Z&adUnitId=11730597&localId=w:8CE4F47C-62C1-CBA1-6083-4AA98427395E&deviceId=6825835407638640 HTTP/2.0
      host: www.bing.com
      accept-encoding: gzip, deflate
      user-agent: WindowsShellClient/9.0.40929.0 (Windows)
      cookie: MUID=11FA1080E0D46C351EFA041CE16F6D59
      Response
      HTTP/2.0 200
      cache-control: private,no-store
      pragma: no-cache
      vary: Origin
      p3p: CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
      accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
      x-msedge-ref: Ref A: 7F449249089C49F69F5D574589AA018A Ref B: LON212050701033 Ref C: 2024-06-12T09:52:49Z
      content-length: 0
      date: Wed, 12 Jun 2024 09:52:49 GMT
      set-cookie: _EDGE_S=SID=13BDB94A741660500C60ADD675106191; path=/; httponly; domain=bing.com
      set-cookie: MUIDB=11FA1080E0D46C351EFA041CE16F6D59; path=/; httponly; expires=Mon, 07-Jul-2025 09:52:49 GMT
      alt-svc: h3=":443"; ma=93600
      x-cdn-traceid: 0.d653dd58.1718185969.6419a7f
    • flag-us
      DNS
      8.8.8.8.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      8.8.8.8.in-addr.arpa
      IN PTR
      Response
      8.8.8.8.in-addr.arpa
      IN PTR
      dnsgoogle
    • flag-us
      DNS
      14.213.58.216.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      14.213.58.216.in-addr.arpa
      IN PTR
      Response
      14.213.58.216.in-addr.arpa
      IN PTR
      ber01s14-in-f141e100net
      14.213.58.216.in-addr.arpa
      IN PTR
      lhr25s25-in-f14�H
    • flag-us
      DNS
      223.223.117.34.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      223.223.117.34.in-addr.arpa
      IN PTR
      Response
      223.223.117.34.in-addr.arpa
      IN PTR
      22322311734bcgoogleusercontentcom
    • flag-us
      DNS
      81.139.73.23.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      81.139.73.23.in-addr.arpa
      IN PTR
      Response
      81.139.73.23.in-addr.arpa
      IN PTR
      a23-73-139-81deploystaticakamaitechnologiescom
    • flag-us
      DNS
      71.31.126.40.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      71.31.126.40.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      237.197.79.204.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      237.197.79.204.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      218.83.221.88.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      218.83.221.88.in-addr.arpa
      IN PTR
      Response
      218.83.221.88.in-addr.arpa
      IN PTR
      a88-221-83-218deploystaticakamaitechnologiescom
    • flag-gb
      GET
      http://iavs9x.avg.u.avcdn.net/avg/iavs9x/avg_antivirus_free_setup_x64.exe
      c4df16d335825ebfeaa2f812681a27032bd7e1e7ccaf0e6cad4cda6f25d40568.exe
      Remote address:
      23.73.139.81:80
      Request
      GET /avg/iavs9x/avg_antivirus_free_setup_x64.exe HTTP/1.1
      Connection: Keep-Alive
      User-Agent: avast! Antivirus (instup)
      Host: iavs9x.avg.u.avcdn.net
      Response
      HTTP/1.1 200 OK
      Server: nginx
      Content-Type: application/octet-stream
      Content-Length: 9994552
      Last-Modified: Tue, 28 May 2024 09:46:18 GMT
      ETag: "6655a7ea-988138"
      Access-Control-Allow-Origin: *
      x-cache-status: HIT
      x-origin-cache: vpsorigin-cache-re-prod-001.europe-west1-b.ppp-lopst-vpsorigin-10
      Accept-Ranges: bytes
      Cache-Control: max-age=1
      Expires: Wed, 12 Jun 2024 09:52:55 GMT
      Date: Wed, 12 Jun 2024 09:52:54 GMT
      Connection: keep-alive
    • flag-us
      DNS
      v7event.stats.avcdn.net
      avg_antivirus_free_setup_x64.exe
      Remote address:
      8.8.8.8:53
      Request
      v7event.stats.avcdn.net
      IN A
      Response
      v7event.stats.avcdn.net
      IN CNAME
      analytics.ff.avast.com
      analytics.ff.avast.com
      IN CNAME
      analytics-prod-gcp.ff.avast.com
      analytics-prod-gcp.ff.avast.com
      IN A
      34.117.223.223
    • flag-us
      DNS
      analytics.avcdn.net
      instup.exe
      Remote address:
      8.8.8.8:53
      Request
      analytics.avcdn.net
      IN A
      Response
      analytics.avcdn.net
      IN CNAME
      analytics.ff.avast.com
      analytics.ff.avast.com
      IN CNAME
      analytics-prod-gcp.ff.avast.com
      analytics-prod-gcp.ff.avast.com
      IN A
      34.117.223.223
    • flag-gb
      GET
      http://www.google-analytics.com/collect?aiid=mmm_bav_tst_007_402_f&an=Avg%20Free&av=24.5.9153&cd=stub-extended&cd3=Online&cid=84c21b69-27f1-47fc-9d8f-99820cf029ac&dt=Installation&t=screenview&tid=UA-58120669-4&v=1
      avg_antivirus_free_setup_x64.exe
      Remote address:
      216.58.213.14:80
      Request
      GET /collect?aiid=mmm_bav_tst_007_402_f&an=Avg%20Free&av=24.5.9153&cd=stub-extended&cd3=Online&cid=84c21b69-27f1-47fc-9d8f-99820cf029ac&dt=Installation&t=screenview&tid=UA-58120669-4&v=1 HTTP/1.1
      Connection: Keep-Alive
      User-Agent: Avast SFX/1.0
      Host: www.google-analytics.com
      Response
      HTTP/1.1 200 OK
      Access-Control-Allow-Origin: *
      Pragma: no-cache
      X-Content-Type-Options: nosniff
      Cross-Origin-Resource-Policy: cross-origin
      Server: Golfe2
      Content-Length: 35
      Date: Tue, 11 Jun 2024 21:07:49 GMT
      Expires: Mon, 01 Jan 1990 00:00:00 GMT
      Cache-Control: no-cache, no-store, must-revalidate
      Age: 45907
      Last-Modified: Sun, 17 May 1998 03:00:00 GMT
      Content-Type: image/gif
    • flag-us
      POST
      https://v7event.stats.avcdn.net/cgi-bin/iavsevents.cgi
      avg_antivirus_free_setup_x64.exe
      Remote address:
      34.117.223.223:443
      Request
      POST /cgi-bin/iavsevents.cgi HTTP/1.1
      Connection: Keep-Alive
      Content-Type: iavs4/stats
      Content-MD5: cBw7ZB3ReqgC5NBacIuGvA==
      User-Agent: Avast SimpleHttp/3.0
      Content-Length: 382
      Host: v7event.stats.avcdn.net
      Response
      HTTP/1.1 204 No Content
      Server: nginx
      Date: Wed, 12 Jun 2024 09:52:57 GMT
      Via: 1.1 google
      Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
    • flag-us
      POST
      https://v7event.stats.avcdn.net/cgi-bin/iavsevents.cgi
      avg_antivirus_free_setup_x64.exe
      Remote address:
      34.117.223.223:443
      Request
      POST /cgi-bin/iavsevents.cgi HTTP/1.1
      Connection: Keep-Alive
      Content-Type: iavs4/stats
      Content-MD5: cBw7ZB3ReqgC5NBacIuGvA==
      User-Agent: Avast SimpleHttp/3.0
      Content-Length: 382
      Host: v7event.stats.avcdn.net
      Response
      HTTP/1.1 204 No Content
      Server: nginx
      Date: Wed, 12 Jun 2024 09:52:57 GMT
      Via: 1.1 google
      Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
    • flag-us
      POST
      https://analytics.avcdn.net/v4/receive/json/70
      avg_antivirus_free_setup_x64.exe
      Remote address:
      34.117.223.223:443
      Request
      POST /v4/receive/json/70 HTTP/1.1
      Connection: Keep-Alive
      Content-Type: application/json
      User-Agent: Avast SimpleHttp/3.0
      Content-Length: 595
      Host: analytics.avcdn.net
      Response
      HTTP/1.1 200 OK
      Server: nginx
      Date: Wed, 12 Jun 2024 09:52:57 GMT
      Content-Type: application/json
      Content-Length: 19
      Via: 1.1 google
      Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
    • flag-us
      DNS
      shepherd.avcdn.net
      instup.exe
      Remote address:
      8.8.8.8:53
      Request
      shepherd.avcdn.net
      IN A
      Response
      shepherd.avcdn.net
      IN CNAME
      shepherd.ff.avast.com
      shepherd.ff.avast.com
      IN CNAME
      shepherd-gcp.ff.avast.com
      shepherd-gcp.ff.avast.com
      IN A
      34.160.176.28
    • flag-us
      DNS
      shepherd.avcdn.net
      instup.exe
      Remote address:
      8.8.8.8:53
      Request
      shepherd.avcdn.net
      IN AAAA
      Response
      shepherd.avcdn.net
      IN CNAME
      shepherd.ff.avast.com
      shepherd.ff.avast.com
      IN CNAME
      shepherd-gcp.ff.avast.com
    • flag-us
      DNS
      shepherd.avcdn.net
      instup.exe
      Remote address:
      8.8.8.8:53
      Request
      shepherd.avcdn.net
      IN A
      Response
      shepherd.avcdn.net
      IN CNAME
      shepherd.ff.avast.com
      shepherd.ff.avast.com
      IN CNAME
      shepherd-gcp.ff.avast.com
      shepherd-gcp.ff.avast.com
      IN A
      34.160.176.28
    • flag-us
      POST
      https://shepherd.avcdn.net/
      instup.exe
      Remote address:
      34.160.176.28:443
      Request
      POST / HTTP/1.1
      Connection: Keep-Alive
      Content-Type: application/x-www-form-urlencoded
      Host: shepherd.avcdn.net
      User-Agent: Avast Antivirus
      Content-Length: 267
      Response
      HTTP/1.1 200 OK
      Server: nginx
      Date: Wed, 12 Jun 2024 09:52:58 GMT
      Content-Type: text/plain
      Content-Length: 19354
      AB-Tests: dfc58839-be72-45b0-b5e8-6c31c27f4a30:A,oa-7820-v1-fake-blatny:a
      Access-Control-Allow-Origin: *
      Access-Control-Expose-Headers: Config-Id, Config-Name, Config-Version, Segments, AB-Tests, TTL, TTL-Spread
      Config-Id: 9
      Config-Name: AVG-Windows-AV-Consumer_websocket-testing_release-20-percent-userbase_ipm_6363_chrome_offer_setup_free_avg-free_version-18.6-and-higher_windows-8-and-higher_avg-free-and-release_uk-gb_production_product-version-older-than-24.4_quic-sni-block-release_pap-before-20.2_avg-r18-7-and-r18-8-and-older_new-installation_versions-older-than-23.1_opening-browser-onboarding_ipm_6513_open_ui_a_v19.2-and-older-6dab41b0c2b07742937620ff69fddadb9ad6d67d36fd14ee001d72f894358198
      Config-Version: 2089
      Segments: websocket testing,release 20 percent userbase,ipm_6363_chrome_offer_setup_free,avg free,version 18.6 and higher,windows 8 and higher,avg free and release,uk gb,production,product version older than 24.4,quic sni block release,pap before 20.2,avg r18 7 and r18 8 and older,new installation,versions older than 23.1,opening browser onboarding,ipm_6513_open_ui_a,v19.2 and older
      TTL: 86400
      TTL-Spread: 43200
      Via: 1.1 google
      Alt-Svc: clear
    • flag-us
      DNS
      28.176.160.34.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      28.176.160.34.in-addr.arpa
      IN PTR
      Response
      28.176.160.34.in-addr.arpa
      IN PTR
      2817616034bcgoogleusercontentcom
    • flag-us
      DNS
      b0017156.iavs9x.avg.u.avcdn.net
      instup.exe
      Remote address:
      8.8.8.8:53
      Request
      b0017156.iavs9x.avg.u.avcdn.net
      IN A
      Response
      s-iavs9x.avcdn.net
      IN CNAME
      fallbackupdates.avcdn.net.edgekey.net
      fallbackupdates.avcdn.net.edgekey.net
      IN CNAME
      e9229.dscd.akamaiedge.net
      e9229.dscd.akamaiedge.net
      IN A
      104.120.141.25
    • flag-us
      DNS
      g5856219.iavs9x.avg.u.avcdn.net
      instup.exe
      Remote address:
      8.8.8.8:53
      Request
      g5856219.iavs9x.avg.u.avcdn.net
      IN A
      Response
      l9346865.iavs9x.avg.u.avcdn.net
      IN CNAME
      iavs9x4.u.avcdn.net.edgesuite.net
      iavs9x4.u.avcdn.net.edgesuite.net
      IN CNAME
      a117.dscd.akamai.net
      a117.dscd.akamai.net
      IN A
      23.73.139.81
      a117.dscd.akamai.net
      IN A
      23.73.139.56
    • flag-us
      DNS
      l9346865.iavs9x.avg.u.avcdn.net
      instup.exe
      Remote address:
      8.8.8.8:53
      Request
      l9346865.iavs9x.avg.u.avcdn.net
      IN A
      Response
      g5856219.iavs9x.avg.u.avcdn.net
      IN CNAME
      iavs9x4.u.avcdn.net.edgesuite.net
      iavs9x4.u.avcdn.net.edgesuite.net
      IN CNAME
      a117.dscd.akamai.net
      a117.dscd.akamai.net
      IN A
      23.73.139.56
      a117.dscd.akamai.net
      IN A
      23.73.139.81
    • flag-us
      DNS
      l9518228.iavs9x.avg.u.avcdn.net
      instup.exe
      Remote address:
      8.8.8.8:53
      Request
      l9518228.iavs9x.avg.u.avcdn.net
      IN A
      Response
      b0017156.iavs9x.avg.u.avcdn.net
      IN CNAME
      iavs9x4.u.avcdn.net.edgesuite.net
      iavs9x4.u.avcdn.net.edgesuite.net
      IN CNAME
      a117.dscd.akamai.net
      a117.dscd.akamai.net
      IN A
      23.73.139.56
      a117.dscd.akamai.net
      IN A
      23.73.139.81
    • flag-us
      DNS
      s-iavs9x.avcdn.net
      instup.exe
      Remote address:
      8.8.8.8:53
      Request
      s-iavs9x.avcdn.net
      IN A
      Response
      l9518228.iavs9x.avg.u.avcdn.net
      IN CNAME
      iavs9x4.u.avcdn.net.edgesuite.net
      iavs9x4.u.avcdn.net.edgesuite.net
      IN CNAME
      a117.dscd.akamai.net
      a117.dscd.akamai.net
      IN A
      23.73.139.81
      a117.dscd.akamai.net
      IN A
      23.73.139.56
    • flag-us
      DNS
      s9788044.iavs9x.avg.u.avcdn.net
      instup.exe
      Remote address:
      8.8.8.8:53
      Request
      s9788044.iavs9x.avg.u.avcdn.net
      IN A
      Response
      s9788044.iavs9x.avg.u.avcdn.net
      IN CNAME
      iavs9x4.u.avcdn.net.edgesuite.net
      iavs9x4.u.avcdn.net.edgesuite.net
      IN CNAME
      a117.dscd.akamai.net
      a117.dscd.akamai.net
      IN A
      23.73.139.56
      a117.dscd.akamai.net
      IN A
      23.73.139.81
    • flag-us
      DNS
      b0017156.iavs9x.avg.u.avcdn.net
      instup.exe
      Remote address:
      8.8.8.8:53
      Request
      b0017156.iavs9x.avg.u.avcdn.net
      IN A
      Response
      b0017156.iavs9x.avg.u.avcdn.net
      IN CNAME
      iavs9x4.u.avcdn.net.edgesuite.net
      iavs9x4.u.avcdn.net.edgesuite.net
      IN CNAME
      a117.dscd.akamai.net
      a117.dscd.akamai.net
      IN A
      23.73.139.56
      a117.dscd.akamai.net
      IN A
      23.73.139.81
    • flag-us
      DNS
      g5856219.iavs9x.avg.u.avcdn.net
      instup.exe
      Remote address:
      8.8.8.8:53
      Request
      g5856219.iavs9x.avg.u.avcdn.net
      IN A
      Response
      g5856219.iavs9x.avg.u.avcdn.net
      IN CNAME
      iavs9x4.u.avcdn.net.edgesuite.net
      iavs9x4.u.avcdn.net.edgesuite.net
      IN CNAME
      a117.dscd.akamai.net
      a117.dscd.akamai.net
      IN A
      23.73.139.56
      a117.dscd.akamai.net
      IN A
      23.73.139.81
    • flag-us
      DNS
      l9346865.iavs9x.avg.u.avcdn.net
      instup.exe
      Remote address:
      8.8.8.8:53
      Request
      l9346865.iavs9x.avg.u.avcdn.net
      IN A
      Response
      l9346865.iavs9x.avg.u.avcdn.net
      IN CNAME
      iavs9x4.u.avcdn.net.edgesuite.net
      iavs9x4.u.avcdn.net.edgesuite.net
      IN CNAME
      a117.dscd.akamai.net
      a117.dscd.akamai.net
      IN A
      23.73.139.56
      a117.dscd.akamai.net
      IN A
      23.73.139.81
    • flag-us
      DNS
      l9518228.iavs9x.avg.u.avcdn.net
      instup.exe
      Remote address:
      8.8.8.8:53
      Request
      l9518228.iavs9x.avg.u.avcdn.net
      IN A
      Response
      l9518228.iavs9x.avg.u.avcdn.net
      IN CNAME
      iavs9x4.u.avcdn.net.edgesuite.net
      iavs9x4.u.avcdn.net.edgesuite.net
      IN CNAME
      a117.dscd.akamai.net
      a117.dscd.akamai.net
      IN A
      23.73.139.56
      a117.dscd.akamai.net
      IN A
      23.73.139.81
    • flag-us
      DNS
      s-iavs9x.avcdn.net
      instup.exe
      Remote address:
      8.8.8.8:53
      Request
      s-iavs9x.avcdn.net
      IN A
      Response
      s-iavs9x.avcdn.net
      IN CNAME
      fallbackupdates.avcdn.net.edgekey.net
      fallbackupdates.avcdn.net.edgekey.net
      IN CNAME
      e9229.dscd.akamaiedge.net
      e9229.dscd.akamaiedge.net
      IN A
      104.120.141.25
    • flag-us
      DNS
      s9788044.iavs9x.avg.u.avcdn.net
      instup.exe
      Remote address:
      8.8.8.8:53
      Request
      s9788044.iavs9x.avg.u.avcdn.net
      IN A
      Response
      s9788044.iavs9x.avg.u.avcdn.net
      IN CNAME
      iavs9x4.u.avcdn.net.edgesuite.net
      iavs9x4.u.avcdn.net.edgesuite.net
      IN CNAME
      a117.dscd.akamai.net
      a117.dscd.akamai.net
      IN A
      23.73.139.56
      a117.dscd.akamai.net
      IN A
      23.73.139.81
    • flag-us
      DNS
      b0017156.iavs9x.avg.u.avcdn.net
      instup.exe
      Remote address:
      8.8.8.8:53
      Request
      b0017156.iavs9x.avg.u.avcdn.net
      IN AAAA
      Response
      b0017156.iavs9x.avg.u.avcdn.net
      IN CNAME
      iavs9x4.u.avcdn.net.edgesuite.net
      iavs9x4.u.avcdn.net.edgesuite.net
      IN CNAME
      a117.dscd.akamai.net
      a117.dscd.akamai.net
      IN AAAA
      2a02:26f0:1780:5::216:902b
      a117.dscd.akamai.net
      IN AAAA
      2a02:26f0:1780:5::216:9007
    • flag-us
      DNS
      g5856219.iavs9x.avg.u.avcdn.net
      instup.exe
      Remote address:
      8.8.8.8:53
      Request
      g5856219.iavs9x.avg.u.avcdn.net
      IN AAAA
      Response
      g5856219.iavs9x.avg.u.avcdn.net
      IN CNAME
      iavs9x4.u.avcdn.net.edgesuite.net
      iavs9x4.u.avcdn.net.edgesuite.net
      IN CNAME
      a117.dscd.akamai.net
      a117.dscd.akamai.net
      IN AAAA
      2a02:26f0:1780:5::216:9007
      a117.dscd.akamai.net
      IN AAAA
      2a02:26f0:1780:5::216:902b
    • flag-us
      DNS
      l9346865.iavs9x.avg.u.avcdn.net
      instup.exe
      Remote address:
      8.8.8.8:53
      Request
      l9346865.iavs9x.avg.u.avcdn.net
      IN AAAA
      Response
      l9346865.iavs9x.avg.u.avcdn.net
      IN CNAME
      iavs9x4.u.avcdn.net.edgesuite.net
      iavs9x4.u.avcdn.net.edgesuite.net
      IN CNAME
      a117.dscd.akamai.net
      a117.dscd.akamai.net
      IN AAAA
      2a02:26f0:1780:5::216:9007
      a117.dscd.akamai.net
      IN AAAA
      2a02:26f0:1780:5::216:902b
    • flag-us
      DNS
      l9518228.iavs9x.avg.u.avcdn.net
      instup.exe
      Remote address:
      8.8.8.8:53
      Request
      l9518228.iavs9x.avg.u.avcdn.net
      IN AAAA
      Response
      l9518228.iavs9x.avg.u.avcdn.net
      IN CNAME
      iavs9x4.u.avcdn.net.edgesuite.net
      iavs9x4.u.avcdn.net.edgesuite.net
      IN CNAME
      a117.dscd.akamai.net
      a117.dscd.akamai.net
      IN AAAA
      2a02:26f0:1780:5::216:902b
      a117.dscd.akamai.net
      IN AAAA
      2a02:26f0:1780:5::216:9007
    • flag-us
      DNS
      s-iavs9x.avcdn.net
      instup.exe
      Remote address:
      8.8.8.8:53
      Request
      s-iavs9x.avcdn.net
      IN AAAA
      Response
      s-iavs9x.avcdn.net
      IN CNAME
      fallbackupdates.avcdn.net.edgekey.net
      fallbackupdates.avcdn.net.edgekey.net
      IN CNAME
      e9229.dscd.akamaiedge.net
      e9229.dscd.akamaiedge.net
      IN AAAA
      2a02:26f0:5700:19d::240d
      e9229.dscd.akamaiedge.net
      IN AAAA
      2a02:26f0:5700:182::240d
    • flag-us
      DNS
      s9788044.iavs9x.avg.u.avcdn.net
      instup.exe
      Remote address:
      8.8.8.8:53
      Request
      s9788044.iavs9x.avg.u.avcdn.net
      IN AAAA
      Response
      s9788044.iavs9x.avg.u.avcdn.net
      IN CNAME
      iavs9x4.u.avcdn.net.edgesuite.net
      iavs9x4.u.avcdn.net.edgesuite.net
      IN CNAME
      a117.dscd.akamai.net
      a117.dscd.akamai.net
      IN AAAA
      2a02:26f0:1780:5::216:902b
      a117.dscd.akamai.net
      IN AAAA
      2a02:26f0:1780:5::216:9007
    • flag-us
      DNS
      b0017156.iavs9x.avg.u.avcdn.net
      instup.exe
      Remote address:
      8.8.8.8:53
      Request
      b0017156.iavs9x.avg.u.avcdn.net
      IN AAAA
      Response
      b0017156.iavs9x.avg.u.avcdn.net
      IN CNAME
      iavs9x4.u.avcdn.net.edgesuite.net
      iavs9x4.u.avcdn.net.edgesuite.net
      IN CNAME
      a117.dscd.akamai.net
      a117.dscd.akamai.net
      IN AAAA
      2a02:26f0:1780:5::216:902b
      a117.dscd.akamai.net
      IN AAAA
      2a02:26f0:1780:5::216:9007
    • flag-us
      DNS
      g5856219.iavs9x.avg.u.avcdn.net
      instup.exe
      Remote address:
      8.8.8.8:53
      Request
      g5856219.iavs9x.avg.u.avcdn.net
      IN AAAA
      Response
      g5856219.iavs9x.avg.u.avcdn.net
      IN CNAME
      iavs9x4.u.avcdn.net.edgesuite.net
      iavs9x4.u.avcdn.net.edgesuite.net
      IN CNAME
      a117.dscd.akamai.net
      a117.dscd.akamai.net
      IN AAAA
      2a02:26f0:1780:5::216:9007
      a117.dscd.akamai.net
      IN AAAA
      2a02:26f0:1780:5::216:902b
    • flag-us
      DNS
      l9346865.iavs9x.avg.u.avcdn.net
      instup.exe
      Remote address:
      8.8.8.8:53
      Request
      l9346865.iavs9x.avg.u.avcdn.net
      IN AAAA
      Response
      l9346865.iavs9x.avg.u.avcdn.net
      IN CNAME
      iavs9x4.u.avcdn.net.edgesuite.net
      iavs9x4.u.avcdn.net.edgesuite.net
      IN CNAME
      a117.dscd.akamai.net
      a117.dscd.akamai.net
      IN AAAA
      2a02:26f0:1780:5::216:9007
      a117.dscd.akamai.net
      IN AAAA
      2a02:26f0:1780:5::216:902b
    • flag-us
      DNS
      l9518228.iavs9x.avg.u.avcdn.net
      instup.exe
      Remote address:
      8.8.8.8:53
      Request
      l9518228.iavs9x.avg.u.avcdn.net
      IN AAAA
      Response
      l9518228.iavs9x.avg.u.avcdn.net
      IN CNAME
      iavs9x4.u.avcdn.net.edgesuite.net
      iavs9x4.u.avcdn.net.edgesuite.net
      IN CNAME
      a117.dscd.akamai.net
      a117.dscd.akamai.net
      IN AAAA
      2a02:26f0:1780:5::216:902b
      a117.dscd.akamai.net
      IN AAAA
      2a02:26f0:1780:5::216:9007
    • flag-us
      DNS
      s-iavs9x.avcdn.net
      instup.exe
      Remote address:
      8.8.8.8:53
      Request
      s-iavs9x.avcdn.net
      IN AAAA
      Response
      s-iavs9x.avcdn.net
      IN CNAME
      fallbackupdates.avcdn.net.edgekey.net
      fallbackupdates.avcdn.net.edgekey.net
      IN CNAME
      e9229.dscd.akamaiedge.net
      e9229.dscd.akamaiedge.net
      IN AAAA
      2a02:26f0:5700:182::240d
      e9229.dscd.akamaiedge.net
      IN AAAA
      2a02:26f0:5700:19d::240d
    • flag-us
      DNS
      s9788044.iavs9x.avg.u.avcdn.net
      instup.exe
      Remote address:
      8.8.8.8:53
      Request
      s9788044.iavs9x.avg.u.avcdn.net
      IN AAAA
      Response
      s9788044.iavs9x.avg.u.avcdn.net
      IN CNAME
      iavs9x4.u.avcdn.net.edgesuite.net
      iavs9x4.u.avcdn.net.edgesuite.net
      IN CNAME
      a117.dscd.akamai.net
      a117.dscd.akamai.net
      IN AAAA
      2a02:26f0:1780:5::216:9007
      a117.dscd.akamai.net
      IN AAAA
      2a02:26f0:1780:5::216:902b
    • flag-gb
      GET
      http://s9788044.iavs9x.avg.u.avcdn.net/avg/iavs9x/servers.def.vpx
      instup.exe
      Remote address:
      23.73.139.81:80
      Request
      GET /avg/iavs9x/servers.def.vpx HTTP/1.1
      Host: s9788044.iavs9x.avg.u.avcdn.net
      Accept: */*
      User-Agent: avast! Antivirus (instup)
      Response
      HTTP/1.1 200 OK
      Server: nginx
      Content-Type: application/octet-stream
      Content-Length: 1389
      Last-Modified: Tue, 28 May 2024 09:45:54 GMT
      ETag: "6655a7d2-56d"
      Access-Control-Allow-Origin: *
      x-cache-status: HIT
      x-origin-cache: vpsorigin-cache-re-prod-001.europe-west1-b.ppp-lopst-vpsorigin-10
      Accept-Ranges: bytes
      Cache-Control: max-age=49
      Expires: Wed, 12 Jun 2024 09:53:50 GMT
      Date: Wed, 12 Jun 2024 09:53:01 GMT
      Connection: keep-alive
    • flag-gb
      GET
      http://l9346865.iavs9x.avg.u.avcdn.net/avg/iavs9x/prod-pgm.vpx
      instup.exe
      Remote address:
      23.73.139.56:80
      Request
      GET /avg/iavs9x/prod-pgm.vpx HTTP/1.1
      Host: l9346865.iavs9x.avg.u.avcdn.net
      Accept: */*
      User-Agent: avast! Antivirus (instup)
      Response
      HTTP/1.1 200 OK
      Server: nginx
      Content-Type: application/octet-stream
      Content-Length: 572
      Last-Modified: Tue, 28 May 2024 09:45:56 GMT
      ETag: "6655a7d4-23c"
      Access-Control-Allow-Origin: *
      x-cache-status: HIT
      x-origin-cache: vpsorigin-cache-re-prod-001.europe-west1-b.ppp-lopst-vpsorigin-10
      Accept-Ranges: bytes
      Cache-Control: max-age=33
      Expires: Wed, 12 Jun 2024 09:53:34 GMT
      Date: Wed, 12 Jun 2024 09:53:01 GMT
      Connection: keep-alive
    • flag-gb
      GET
      http://l9346865.iavs9x.avg.u.avcdn.net/avg/iavs9x/avbugreport_x64_ais-d08.vpx
      instup.exe
      Remote address:
      23.73.139.56:80
      Request
      GET /avg/iavs9x/avbugreport_x64_ais-d08.vpx HTTP/1.1
      Host: l9346865.iavs9x.avg.u.avcdn.net
      Accept: */*
      User-Agent: avast! Antivirus (instup)
      Response
      HTTP/1.1 200 OK
      Server: nginx
      Content-Type: application/octet-stream
      Content-Length: 1447794
      Last-Modified: Tue, 28 May 2024 09:42:03 GMT
      ETag: "6655a6eb-161772"
      Access-Control-Allow-Origin: *
      x-cache-status: MISS
      x-origin-cache: vpsorigin-cache-re-prod-001.europe-west1-b.ppp-lopst-vpsorigin-10
      Accept-Ranges: bytes
      Cache-Control: max-age=1640
      Expires: Wed, 12 Jun 2024 10:20:22 GMT
      Date: Wed, 12 Jun 2024 09:53:02 GMT
      Connection: keep-alive
    • flag-gb
      GET
      http://l9346865.iavs9x.avg.u.avcdn.net/avg/iavs9x/avdump_x64_ais-d08.vpx
      instup.exe
      Remote address:
      23.73.139.56:80
      Request
      GET /avg/iavs9x/avdump_x64_ais-d08.vpx HTTP/1.1
      Host: l9346865.iavs9x.avg.u.avcdn.net
      Accept: */*
      User-Agent: avast! Antivirus (instup)
      Response
      HTTP/1.1 200 OK
      Server: nginx
      Content-Type: application/octet-stream
      Content-Length: 1012134
      Last-Modified: Tue, 28 May 2024 09:42:02 GMT
      ETag: "6655a6ea-f71a6"
      Access-Control-Allow-Origin: *
      x-cache-status: MISS
      x-origin-cache: vpsorigin-cache-re-prod-001.europe-west1-b.ppp-lopst-vpsorigin-10
      Accept-Ranges: bytes
      Cache-Control: max-age=1685
      Expires: Wed, 12 Jun 2024 10:21:07 GMT
      Date: Wed, 12 Jun 2024 09:53:02 GMT
      Connection: keep-alive
    • flag-us
      DNS
      56.139.73.23.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      56.139.73.23.in-addr.arpa
      IN PTR
      Response
      56.139.73.23.in-addr.arpa
      IN PTR
      a23-73-139-56deploystaticakamaitechnologiescom
    • flag-gb
      GET
      http://l9346865.iavs9x.avg.u.avcdn.net/avg/iavs9x/avdump_x86_ais-d08.vpx
      instup.exe
      Remote address:
      23.73.139.56:80
      Request
      GET /avg/iavs9x/avdump_x86_ais-d08.vpx HTTP/1.1
      Host: l9346865.iavs9x.avg.u.avcdn.net
      Accept: */*
      User-Agent: avast! Antivirus (instup)
      Response
      HTTP/1.1 200 OK
      Server: nginx
      Content-Type: application/octet-stream
      Content-Length: 931935
      Last-Modified: Tue, 28 May 2024 09:42:00 GMT
      ETag: "6655a6e8-e385f"
      Access-Control-Allow-Origin: *
      x-cache-status: MISS
      x-origin-cache: vpsorigin-cache-re-prod-001.europe-west1-b.ppp-lopst-vpsorigin-10
      Accept-Ranges: bytes
      Cache-Control: max-age=1726
      Expires: Wed, 12 Jun 2024 10:21:49 GMT
      Date: Wed, 12 Jun 2024 09:53:03 GMT
      Connection: keep-alive
    • flag-gb
      GET
      http://l9346865.iavs9x.avg.u.avcdn.net/avg/iavs9x/instcont_x64_ais-d08.vpx
      instup.exe
      Remote address:
      23.73.139.56:80
      Request
      GET /avg/iavs9x/instcont_x64_ais-d08.vpx HTTP/1.1
      Host: l9346865.iavs9x.avg.u.avcdn.net
      Accept: */*
      User-Agent: avast! Antivirus (instup)
      Response
      HTTP/1.1 200 OK
      Server: nginx
      Content-Type: application/octet-stream
      Content-Length: 1029003
      Last-Modified: Tue, 28 May 2024 09:42:02 GMT
      ETag: "6655a6ea-fb38b"
      Access-Control-Allow-Origin: *
      x-cache-status: HIT
      x-origin-cache: vpsorigin-cache-re-prod-001.europe-west1-b.ppp-lopst-vpsorigin-10
      Accept-Ranges: bytes
      Cache-Control: max-age=1647
      Expires: Wed, 12 Jun 2024 10:20:30 GMT
      Date: Wed, 12 Jun 2024 09:53:03 GMT
      Connection: keep-alive
    • flag-gb
      GET
      http://l9346865.iavs9x.avg.u.avcdn.net/avg/iavs9x/instup_x64_ais-d08.vpx
      instup.exe
      Remote address:
      23.73.139.56:80
      Request
      GET /avg/iavs9x/instup_x64_ais-d08.vpx HTTP/1.1
      Host: l9346865.iavs9x.avg.u.avcdn.net
      Accept: */*
      User-Agent: avast! Antivirus (instup)
      Response
      HTTP/1.1 200 OK
      Server: nginx
      Content-Type: application/octet-stream
      Content-Length: 5643604
      Last-Modified: Tue, 28 May 2024 09:42:08 GMT
      ETag: "6655a6f0-561d54"
      Access-Control-Allow-Origin: *
      x-cache-status: MISS
      x-origin-cache: vpsorigin-cache-re-prod-001.europe-west1-b.ppp-lopst-vpsorigin-10
      Accept-Ranges: bytes
      Cache-Control: max-age=2687
      Expires: Wed, 12 Jun 2024 10:37:51 GMT
      Date: Wed, 12 Jun 2024 09:53:04 GMT
      Connection: keep-alive
    • flag-gb
      GET
      http://l9346865.iavs9x.avg.u.avcdn.net/avg/iavs9x/offertool_x64_ais-d08.vpx
      instup.exe
      Remote address:
      23.73.139.56:80
      Request
      GET /avg/iavs9x/offertool_x64_ais-d08.vpx HTTP/1.1
      Host: l9346865.iavs9x.avg.u.avcdn.net
      Accept: */*
      User-Agent: avast! Antivirus (instup)
      Response
      HTTP/1.1 200 OK
      Server: nginx
      Content-Type: application/octet-stream
      Content-Length: 923096
      Last-Modified: Tue, 28 May 2024 09:42:02 GMT
      ETag: "6655a6ea-e15d8"
      Access-Control-Allow-Origin: *
      x-cache-status: REVALIDATED
      x-origin-cache: vpsorigin-cache-re-prod-001.europe-west1-b.ppp-lopst-vpsorigin-10
      Accept-Ranges: bytes
      Cache-Control: max-age=2654
      Expires: Wed, 12 Jun 2024 10:37:19 GMT
      Date: Wed, 12 Jun 2024 09:53:05 GMT
      Connection: keep-alive
    • flag-gb
      GET
      http://l9346865.iavs9x.avg.u.avcdn.net/avg/iavs9x/sbr_x64_ais-d08.vpx
      instup.exe
      Remote address:
      23.73.139.56:80
      Request
      GET /avg/iavs9x/sbr_x64_ais-d08.vpx HTTP/1.1
      Host: l9346865.iavs9x.avg.u.avcdn.net
      Accept: */*
      User-Agent: avast! Antivirus (instup)
      Response
      HTTP/1.1 200 OK
      Server: nginx
      Content-Type: application/octet-stream
      Content-Length: 11708
      Last-Modified: Tue, 28 May 2024 09:42:04 GMT
      ETag: "6655a6ec-2dbc"
      Access-Control-Allow-Origin: *
      x-cache-status: REVALIDATED
      x-origin-cache: vpsorigin-cache-re-prod-001.europe-west1-b.ppp-lopst-vpsorigin-10
      Accept-Ranges: bytes
      Cache-Control: max-age=1684
      Expires: Wed, 12 Jun 2024 10:21:10 GMT
      Date: Wed, 12 Jun 2024 09:53:06 GMT
      Connection: keep-alive
    • flag-gb
      GET
      http://l9346865.iavs9x.avg.u.avcdn.net/avg/iavs9x/setgui_x64_ais-d08.vpx
      instup.exe
      Remote address:
      23.73.139.56:80
      Request
      GET /avg/iavs9x/setgui_x64_ais-d08.vpx HTTP/1.1
      Host: l9346865.iavs9x.avg.u.avcdn.net
      Accept: */*
      User-Agent: avast! Antivirus (instup)
      Response
      HTTP/1.1 200 OK
      Server: nginx
      Content-Type: application/octet-stream
      Content-Length: 1427509
      Last-Modified: Tue, 28 May 2024 09:42:02 GMT
      ETag: "6655a6ea-15c835"
      Access-Control-Allow-Origin: *
      x-cache-status: REVALIDATED
      x-origin-cache: vpsorigin-cache-re-prod-001.europe-west1-b.ppp-lopst-vpsorigin-10
      Accept-Ranges: bytes
      Cache-Control: max-age=1664
      Expires: Wed, 12 Jun 2024 10:20:50 GMT
      Date: Wed, 12 Jun 2024 09:53:06 GMT
      Connection: keep-alive
    • flag-us
      DNS
      f4973661.iavs9x.avg.u.avcdn.net
      instup.exe
      Remote address:
      8.8.8.8:53
      Request
      f4973661.iavs9x.avg.u.avcdn.net
      IN A
      Response
      f4973661.iavs9x.avg.u.avcdn.net
      IN CNAME
      iavs9x4.u.avcdn.net.edgesuite.net
      iavs9x4.u.avcdn.net.edgesuite.net
      IN CNAME
      a117.dscd.akamai.net
      a117.dscd.akamai.net
      IN A
      23.73.139.56
      a117.dscd.akamai.net
      IN A
      23.73.139.81
    • flag-us
      DNS
      k6951768.iavs9x.avg.u.avcdn.net
      instup.exe
      Remote address:
      8.8.8.8:53
      Request
      k6951768.iavs9x.avg.u.avcdn.net
      IN A
      Response
      y1284511.iavs9x.avg.u.avcdn.net
      IN CNAME
      iavs9x4.u.avcdn.net.edgesuite.net
      iavs9x4.u.avcdn.net.edgesuite.net
      IN CNAME
      a117.dscd.akamai.net
      a117.dscd.akamai.net
      IN A
      23.73.139.56
      a117.dscd.akamai.net
      IN A
      23.73.139.81
    • flag-us
      DNS
      l8318517.iavs9x.avg.u.avcdn.net
      instup.exe
      Remote address:
      8.8.8.8:53
      Request
      l8318517.iavs9x.avg.u.avcdn.net
      IN A
      Response
      s9788044.iavs9x.avg.u.avcdn.net
      IN CNAME
      iavs9x4.u.avcdn.net.edgesuite.net
      iavs9x4.u.avcdn.net.edgesuite.net
      IN CNAME
      a117.dscd.akamai.net
      a117.dscd.akamai.net
      IN A
      23.73.139.56
      a117.dscd.akamai.net
      IN A
      23.73.139.81
    • flag-us
      DNS
      s-iavs9x.avcdn.net
      instup.exe
      Remote address:
      8.8.8.8:53
      Request
      s-iavs9x.avcdn.net
      IN A
      Response
      s-iavs9x.avcdn.net
      IN CNAME
      fallbackupdates.avcdn.net.edgekey.net
      fallbackupdates.avcdn.net.edgekey.net
      IN CNAME
      e9229.dscd.akamaiedge.net
      e9229.dscd.akamaiedge.net
      IN A
      104.120.141.25
    • flag-us
      DNS
      s9788044.iavs9x.avg.u.avcdn.net
      instup.exe
      Remote address:
      8.8.8.8:53
      Request
      s9788044.iavs9x.avg.u.avcdn.net
      IN A
      Response
      l8318517.iavs9x.avg.u.avcdn.net
      IN CNAME
      iavs9x4.u.avcdn.net.edgesuite.net
      iavs9x4.u.avcdn.net.edgesuite.net
      IN CNAME
      a117.dscd.akamai.net
      a117.dscd.akamai.net
      IN A
      23.73.139.56
      a117.dscd.akamai.net
      IN A
      23.73.139.81
    • flag-us
      DNS
      y1284511.iavs9x.avg.u.avcdn.net
      instup.exe
      Remote address:
      8.8.8.8:53
      Request
      y1284511.iavs9x.avg.u.avcdn.net
      IN A
      Response
      k6951768.iavs9x.avg.u.avcdn.net
      IN CNAME
      iavs9x4.u.avcdn.net.edgesuite.net
      iavs9x4.u.avcdn.net.edgesuite.net
      IN CNAME
      a117.dscd.akamai.net
      a117.dscd.akamai.net
      IN A
      23.73.139.56
      a117.dscd.akamai.net
      IN A
      23.73.139.81
    • flag-us
      DNS
      f4973661.iavs9x.avg.u.avcdn.net
      instup.exe
      Remote address:
      8.8.8.8:53
      Request
      f4973661.iavs9x.avg.u.avcdn.net
      IN A
      Response
      f4973661.iavs9x.avg.u.avcdn.net
      IN CNAME
      iavs9x4.u.avcdn.net.edgesuite.net
      iavs9x4.u.avcdn.net.edgesuite.net
      IN CNAME
      a117.dscd.akamai.net
      a117.dscd.akamai.net
      IN A
      23.73.139.81
      a117.dscd.akamai.net
      IN A
      23.73.139.56
    • flag-us
      DNS
      k6951768.iavs9x.avg.u.avcdn.net
      instup.exe
      Remote address:
      8.8.8.8:53
      Request
      k6951768.iavs9x.avg.u.avcdn.net
      IN A
      Response
      k6951768.iavs9x.avg.u.avcdn.net
      IN CNAME
      iavs9x4.u.avcdn.net.edgesuite.net
      iavs9x4.u.avcdn.net.edgesuite.net
      IN CNAME
      a117.dscd.akamai.net
      a117.dscd.akamai.net
      IN A
      23.73.139.56
      a117.dscd.akamai.net
      IN A
      23.73.139.81
    • flag-us
      DNS
      l8318517.iavs9x.avg.u.avcdn.net
      instup.exe
      Remote address:
      8.8.8.8:53
      Request
      l8318517.iavs9x.avg.u.avcdn.net
      IN A
      Response
      l8318517.iavs9x.avg.u.avcdn.net
      IN CNAME
      iavs9x4.u.avcdn.net.edgesuite.net
      iavs9x4.u.avcdn.net.edgesuite.net
      IN CNAME
      a117.dscd.akamai.net
      a117.dscd.akamai.net
      IN A
      23.73.139.56
      a117.dscd.akamai.net
      IN A
      23.73.139.81
    • flag-us
      DNS
      s-iavs9x.avcdn.net
      instup.exe
      Remote address:
      8.8.8.8:53
      Request
      s-iavs9x.avcdn.net
      IN A
      Response
      s-iavs9x.avcdn.net
      IN CNAME
      fallbackupdates.avcdn.net.edgekey.net
      fallbackupdates.avcdn.net.edgekey.net
      IN CNAME
      e9229.dscd.akamaiedge.net
      e9229.dscd.akamaiedge.net
      IN A
      104.120.141.25
    • flag-us
      DNS
      s9788044.iavs9x.avg.u.avcdn.net
      instup.exe
      Remote address:
      8.8.8.8:53
      Request
      s9788044.iavs9x.avg.u.avcdn.net
      IN A
      Response
      s9788044.iavs9x.avg.u.avcdn.net
      IN CNAME
      iavs9x4.u.avcdn.net.edgesuite.net
      iavs9x4.u.avcdn.net.edgesuite.net
      IN CNAME
      a117.dscd.akamai.net
      a117.dscd.akamai.net
      IN A
      23.73.139.56
      a117.dscd.akamai.net
      IN A
      23.73.139.81
    • flag-us
      DNS
      y1284511.iavs9x.avg.u.avcdn.net
      instup.exe
      Remote address:
      8.8.8.8:53
      Request
      y1284511.iavs9x.avg.u.avcdn.net
      IN A
      Response
      y1284511.iavs9x.avg.u.avcdn.net
      IN CNAME
      iavs9x4.u.avcdn.net.edgesuite.net
      iavs9x4.u.avcdn.net.edgesuite.net
      IN CNAME
      a117.dscd.akamai.net
      a117.dscd.akamai.net
      IN A
      23.73.139.56
      a117.dscd.akamai.net
      IN A
      23.73.139.81
    • flag-us
      DNS
      f4973661.iavs9x.avg.u.avcdn.net
      instup.exe
      Remote address:
      8.8.8.8:53
      Request
      f4973661.iavs9x.avg.u.avcdn.net
      IN AAAA
      Response
      f4973661.iavs9x.avg.u.avcdn.net
      IN CNAME
      iavs9x4.u.avcdn.net.edgesuite.net
      iavs9x4.u.avcdn.net.edgesuite.net
      IN CNAME
      a117.dscd.akamai.net
      a117.dscd.akamai.net
      IN AAAA
      2a02:26f0:1780:5::216:9007
      a117.dscd.akamai.net
      IN AAAA
      2a02:26f0:1780:5::216:902b
    • flag-us
      DNS
      k6951768.iavs9x.avg.u.avcdn.net
      instup.exe
      Remote address:
      8.8.8.8:53
      Request
      k6951768.iavs9x.avg.u.avcdn.net
      IN AAAA
      Response
      l8318517.iavs9x.avg.u.avcdn.net
      IN CNAME
      iavs9x4.u.avcdn.net.edgesuite.net
      iavs9x4.u.avcdn.net.edgesuite.net
      IN CNAME
      a117.dscd.akamai.net
      a117.dscd.akamai.net
      IN AAAA
      2a02:26f0:1780:5::216:902b
      a117.dscd.akamai.net
      IN AAAA
      2a02:26f0:1780:5::216:9007
    • flag-us
      DNS
      l8318517.iavs9x.avg.u.avcdn.net
      instup.exe
      Remote address:
      8.8.8.8:53
      Request
      l8318517.iavs9x.avg.u.avcdn.net
      IN AAAA
      Response
      y1284511.iavs9x.avg.u.avcdn.net
      IN CNAME
      iavs9x4.u.avcdn.net.edgesuite.net
      iavs9x4.u.avcdn.net.edgesuite.net
      IN CNAME
      a117.dscd.akamai.net
      a117.dscd.akamai.net
      IN AAAA
      2a02:26f0:1780:5::216:902b
      a117.dscd.akamai.net
      IN AAAA
      2a02:26f0:1780:5::216:9007
    • flag-us
      DNS
      s-iavs9x.avcdn.net
      instup.exe
      Remote address:
      8.8.8.8:53
      Request
      s-iavs9x.avcdn.net
      IN AAAA
      Response
      s-iavs9x.avcdn.net
      IN CNAME
      fallbackupdates.avcdn.net.edgekey.net
      fallbackupdates.avcdn.net.edgekey.net
      IN CNAME
      e9229.dscd.akamaiedge.net
      e9229.dscd.akamaiedge.net
      IN AAAA
      2a02:26f0:5700:19d::240d
      e9229.dscd.akamaiedge.net
      IN AAAA
      2a02:26f0:5700:182::240d
    • flag-us
      DNS
      s9788044.iavs9x.avg.u.avcdn.net
      instup.exe
      Remote address:
      8.8.8.8:53
      Request
      s9788044.iavs9x.avg.u.avcdn.net
      IN AAAA
      Response
      s9788044.iavs9x.avg.u.avcdn.net
      IN CNAME
      iavs9x4.u.avcdn.net.edgesuite.net
      iavs9x4.u.avcdn.net.edgesuite.net
      IN CNAME
      a117.dscd.akamai.net
      a117.dscd.akamai.net
      IN AAAA
      2a02:26f0:1780:5::216:9007
      a117.dscd.akamai.net
      IN AAAA
      2a02:26f0:1780:5::216:902b
    • flag-us
      DNS
      y1284511.iavs9x.avg.u.avcdn.net
      instup.exe
      Remote address:
      8.8.8.8:53
      Request
      y1284511.iavs9x.avg.u.avcdn.net
      IN AAAA
      Response
      k6951768.iavs9x.avg.u.avcdn.net
      IN CNAME
      iavs9x4.u.avcdn.net.edgesuite.net
      iavs9x4.u.avcdn.net.edgesuite.net
      IN CNAME
      a117.dscd.akamai.net
      a117.dscd.akamai.net
      IN AAAA
      2a02:26f0:1780:5::216:9007
      a117.dscd.akamai.net
      IN AAAA
      2a02:26f0:1780:5::216:902b
    • flag-us
      DNS
      f4973661.iavs9x.avg.u.avcdn.net
      instup.exe
      Remote address:
      8.8.8.8:53
      Request
      f4973661.iavs9x.avg.u.avcdn.net
      IN AAAA
      Response
      f4973661.iavs9x.avg.u.avcdn.net
      IN CNAME
      iavs9x4.u.avcdn.net.edgesuite.net
      iavs9x4.u.avcdn.net.edgesuite.net
      IN CNAME
      a117.dscd.akamai.net
      a117.dscd.akamai.net
      IN AAAA
      2a02:26f0:1780:5::216:9007
      a117.dscd.akamai.net
      IN AAAA
      2a02:26f0:1780:5::216:902b
    • flag-us
      DNS
      k6951768.iavs9x.avg.u.avcdn.net
      instup.exe
      Remote address:
      8.8.8.8:53
      Request
      k6951768.iavs9x.avg.u.avcdn.net
      IN AAAA
      Response
      k6951768.iavs9x.avg.u.avcdn.net
      IN CNAME
      iavs9x4.u.avcdn.net.edgesuite.net
      iavs9x4.u.avcdn.net.edgesuite.net
      IN CNAME
      a117.dscd.akamai.net
      a117.dscd.akamai.net
      IN AAAA
      2a02:26f0:1780:5::216:9007
      a117.dscd.akamai.net
      IN AAAA
      2a02:26f0:1780:5::216:902b
    • flag-us
      DNS
      l8318517.iavs9x.avg.u.avcdn.net
      instup.exe
      Remote address:
      8.8.8.8:53
      Request
      l8318517.iavs9x.avg.u.avcdn.net
      IN AAAA
      Response
      l8318517.iavs9x.avg.u.avcdn.net
      IN CNAME
      iavs9x4.u.avcdn.net.edgesuite.net
      iavs9x4.u.avcdn.net.edgesuite.net
      IN CNAME
      a117.dscd.akamai.net
      a117.dscd.akamai.net
      IN AAAA
      2a02:26f0:1780:5::216:9007
      a117.dscd.akamai.net
      IN AAAA
      2a02:26f0:1780:5::216:902b
    • flag-us
      DNS
      s-iavs9x.avcdn.net
      instup.exe
      Remote address:
      8.8.8.8:53
      Request
      s-iavs9x.avcdn.net
      IN AAAA
      Response
      s-iavs9x.avcdn.net
      IN CNAME
      fallbackupdates.avcdn.net.edgekey.net
      fallbackupdates.avcdn.net.edgekey.net
      IN CNAME
      e9229.dscd.akamaiedge.net
      e9229.dscd.akamaiedge.net
      IN AAAA
      2a02:26f0:5700:19d::240d
      e9229.dscd.akamaiedge.net
      IN AAAA
      2a02:26f0:5700:182::240d
    • flag-us
      DNS
      s9788044.iavs9x.avg.u.avcdn.net
      instup.exe
      Remote address:
      8.8.8.8:53
      Request
      s9788044.iavs9x.avg.u.avcdn.net
      IN AAAA
      Response
      s9788044.iavs9x.avg.u.avcdn.net
      IN CNAME
      iavs9x4.u.avcdn.net.edgesuite.net
      iavs9x4.u.avcdn.net.edgesuite.net
      IN CNAME
      a117.dscd.akamai.net
      a117.dscd.akamai.net
      IN AAAA
      2a02:26f0:1780:5::216:9007
      a117.dscd.akamai.net
      IN AAAA
      2a02:26f0:1780:5::216:902b
    • flag-us
      DNS
      y1284511.iavs9x.avg.u.avcdn.net
      instup.exe
      Remote address:
      8.8.8.8:53
      Request
      y1284511.iavs9x.avg.u.avcdn.net
      IN AAAA
      Response
      y1284511.iavs9x.avg.u.avcdn.net
      IN CNAME
      iavs9x4.u.avcdn.net.edgesuite.net
      iavs9x4.u.avcdn.net.edgesuite.net
      IN CNAME
      a117.dscd.akamai.net
      a117.dscd.akamai.net
      IN AAAA
      2a02:26f0:1780:5::216:9007
      a117.dscd.akamai.net
      IN AAAA
      2a02:26f0:1780:5::216:902b
    • flag-gb
      GET
      http://k6951768.iavs9x.avg.u.avcdn.net/avg/iavs9x/prod-pgm.vpx
      instup.exe
      Remote address:
      23.73.139.56:80
      Request
      GET /avg/iavs9x/prod-pgm.vpx HTTP/1.1
      Host: k6951768.iavs9x.avg.u.avcdn.net
      Accept: */*
      User-Agent: avast! Antivirus (instup)
      Response
      HTTP/1.1 200 OK
      Server: nginx
      Content-Type: application/octet-stream
      Content-Length: 572
      Last-Modified: Tue, 28 May 2024 09:45:56 GMT
      ETag: "6655a7d4-23c"
      Access-Control-Allow-Origin: *
      x-cache-status: HIT
      x-origin-cache: vpsorigin-cache-re-prod-001.europe-west1-b.ppp-lopst-vpsorigin-10
      Accept-Ranges: bytes
      Cache-Control: max-age=25
      Expires: Wed, 12 Jun 2024 09:53:34 GMT
      Date: Wed, 12 Jun 2024 09:53:09 GMT
      Connection: keep-alive
    • flag-us
      DNS
      d9217321.avi18tiny.u.avcdn.net
      instup.exe
      Remote address:
      8.8.8.8:53
      Request
      d9217321.avi18tiny.u.avcdn.net
      IN A
      Response
      n3338300.avi18tiny.u.avcdn.net
      IN CNAME
      u4.avcdn.net.edgesuite.net
      u4.avcdn.net.edgesuite.net
      IN CNAME
      a27.dscd.akamai.net
      a27.dscd.akamai.net
      IN A
      23.73.139.50
      a27.dscd.akamai.net
      IN A
      23.73.139.43
    • flag-us
      DNS
      n3338300.avi18tiny.u.avcdn.net
      instup.exe
      Remote address:
      8.8.8.8:53
      Request
      n3338300.avi18tiny.u.avcdn.net
      IN A
      Response
      s-avi18tiny.avcdn.net
      IN CNAME
      fallbackupdates.avcdn.net.edgekey.net
      fallbackupdates.avcdn.net.edgekey.net
      IN CNAME
      e9229.dscd.akamaiedge.net
      e9229.dscd.akamaiedge.net
      IN A
      104.120.141.25
    • flag-us
      DNS
      s-avi18tiny.avcdn.net
      instup.exe
      Remote address:
      8.8.8.8:53
      Request
      s-avi18tiny.avcdn.net
      IN A
      Response
      d9217321.avi18tiny.u.avcdn.net
      IN CNAME
      u4.avcdn.net.edgesuite.net
      u4.avcdn.net.edgesuite.net
      IN CNAME
      a27.dscd.akamai.net
      a27.dscd.akamai.net
      IN A
      23.73.139.43
      a27.dscd.akamai.net
      IN A
      23.73.139.50
    • flag-us
      DNS
      s9788044.avi18tiny.u.avcdn.net
      instup.exe
      Remote address:
      8.8.8.8:53
      Request
      s9788044.avi18tiny.u.avcdn.net
      IN A
      Response
      x1281465.avi18tiny.u.avcdn.net
      IN CNAME
      u4.avcdn.net.edgesuite.net
      u4.avcdn.net.edgesuite.net
      IN CNAME
      a27.dscd.akamai.net
      a27.dscd.akamai.net
      IN A
      23.73.139.50
      a27.dscd.akamai.net
      IN A
      23.73.139.43
    • flag-us
      DNS
      x1281465.avi18tiny.u.avcdn.net
      instup.exe
      Remote address:
      8.8.8.8:53
      Request
      x1281465.avi18tiny.u.avcdn.net
      IN A
      Response
      s9788044.avi18tiny.u.avcdn.net
      IN CNAME
      u4.avcdn.net.edgesuite.net
      u4.avcdn.net.edgesuite.net
      IN CNAME
      a27.dscd.akamai.net
      a27.dscd.akamai.net
      IN A
      23.73.139.43
      a27.dscd.akamai.net
      IN A
      23.73.139.50
    • flag-us
      DNS
      y7637820.avi18tiny.u.avcdn.net
      instup.exe
      Remote address:
      8.8.8.8:53
      Request
      y7637820.avi18tiny.u.avcdn.net
      IN A
      Response
      y7637820.avi18tiny.u.avcdn.net
      IN CNAME
      u4.avcdn.net.edgesuite.net
      u4.avcdn.net.edgesuite.net
      IN CNAME
      a27.dscd.akamai.net
      a27.dscd.akamai.net
      IN A
      23.73.139.50
      a27.dscd.akamai.net
      IN A
      23.73.139.43
    • flag-us
      DNS
      d9217321.avi18tiny.u.avcdn.net
      instup.exe
      Remote address:
      8.8.8.8:53
      Request
      d9217321.avi18tiny.u.avcdn.net
      IN A
      Response
      d9217321.avi18tiny.u.avcdn.net
      IN CNAME
      u4.avcdn.net.edgesuite.net
      u4.avcdn.net.edgesuite.net
      IN CNAME
      a27.dscd.akamai.net
      a27.dscd.akamai.net
      IN A
      23.73.139.50
      a27.dscd.akamai.net
      IN A
      23.73.139.43
    • flag-us
      DNS
      n3338300.avi18tiny.u.avcdn.net
      instup.exe
      Remote address:
      8.8.8.8:53
      Request
      n3338300.avi18tiny.u.avcdn.net
      IN A
      Response
      n3338300.avi18tiny.u.avcdn.net
      IN CNAME
      u4.avcdn.net.edgesuite.net
      u4.avcdn.net.edgesuite.net
      IN CNAME
      a27.dscd.akamai.net
      a27.dscd.akamai.net
      IN A
      23.73.139.50
      a27.dscd.akamai.net
      IN A
      23.73.139.43
    • flag-us
      DNS
      s-avi18tiny.avcdn.net
      instup.exe
      Remote address:
      8.8.8.8:53
      Request
      s-avi18tiny.avcdn.net
      IN A
      Response
      s-avi18tiny.avcdn.net
      IN CNAME
      fallbackupdates.avcdn.net.edgekey.net
      fallbackupdates.avcdn.net.edgekey.net
      IN CNAME
      e9229.dscd.akamaiedge.net
      e9229.dscd.akamaiedge.net
      IN A
      104.120.141.25
    • flag-us
      DNS
      s9788044.avi18tiny.u.avcdn.net
      instup.exe
      Remote address:
      8.8.8.8:53
      Request
      s9788044.avi18tiny.u.avcdn.net
      IN A
      Response
      s9788044.avi18tiny.u.avcdn.net
      IN CNAME
      u4.avcdn.net.edgesuite.net
      u4.avcdn.net.edgesuite.net
      IN CNAME
      a27.dscd.akamai.net
      a27.dscd.akamai.net
      IN A
      23.73.139.50
      a27.dscd.akamai.net
      IN A
      23.73.139.43
    • flag-us
      DNS
      x1281465.avi18tiny.u.avcdn.net
      instup.exe
      Remote address:
      8.8.8.8:53
      Request
      x1281465.avi18tiny.u.avcdn.net
      IN A
      Response
      x1281465.avi18tiny.u.avcdn.net
      IN CNAME
      u4.avcdn.net.edgesuite.net
      u4.avcdn.net.edgesuite.net
      IN CNAME
      a27.dscd.akamai.net
      a27.dscd.akamai.net
      IN A
      23.73.139.50
      a27.dscd.akamai.net
      IN A
      23.73.139.43
    • flag-us
      DNS
      y7637820.avi18tiny.u.avcdn.net
      instup.exe
      Remote address:
      8.8.8.8:53
      Request
      y7637820.avi18tiny.u.avcdn.net
      IN A
      Response
      y7637820.avi18tiny.u.avcdn.net
      IN CNAME
      u4.avcdn.net.edgesuite.net
      u4.avcdn.net.edgesuite.net
      IN CNAME
      a27.dscd.akamai.net
      a27.dscd.akamai.net
      IN A
      23.73.139.50
      a27.dscd.akamai.net
      IN A
      23.73.139.43
    • flag-us
      DNS
      d9217321.avi18tiny.u.avcdn.net
      instup.exe
      Remote address:
      8.8.8.8:53
      Request
      d9217321.avi18tiny.u.avcdn.net
      IN AAAA
      Response
      y7637820.avi18tiny.u.avcdn.net
      IN CNAME
      u4.avcdn.net.edgesuite.net
      u4.avcdn.net.edgesuite.net
      IN CNAME
      a27.dscd.akamai.net
      a27.dscd.akamai.net
      IN AAAA
      2a02:26f0:1780:5::216:9027
      a27.dscd.akamai.net
      IN AAAA
      2a02:26f0:1780:5::216:901f
    • flag-us
      DNS
      n3338300.avi18tiny.u.avcdn.net
      instup.exe
      Remote address:
      8.8.8.8:53
      Request
      n3338300.avi18tiny.u.avcdn.net
      IN AAAA
      Response
      x1281465.avi18tiny.u.avcdn.net
      IN CNAME
      u4.avcdn.net.edgesuite.net
      u4.avcdn.net.edgesuite.net
      IN CNAME
      a27.dscd.akamai.net
      a27.dscd.akamai.net
      IN AAAA
      2a02:26f0:1780:5::216:9027
      a27.dscd.akamai.net
      IN AAAA
      2a02:26f0:1780:5::216:901f
    • flag-us
      DNS
      s-avi18tiny.avcdn.net
      instup.exe
      Remote address:
      8.8.8.8:53
      Request
      s-avi18tiny.avcdn.net
      IN AAAA
      Response
      s9788044.avi18tiny.u.avcdn.net
      IN CNAME
      u4.avcdn.net.edgesuite.net
      u4.avcdn.net.edgesuite.net
      IN CNAME
      a27.dscd.akamai.net
      a27.dscd.akamai.net
      IN AAAA
      2a02:26f0:1780:5::216:901f
      a27.dscd.akamai.net
      IN AAAA
      2a02:26f0:1780:5::216:9027
    • flag-us
      DNS
      s9788044.avi18tiny.u.avcdn.net
      instup.exe
      Remote address:
      8.8.8.8:53
      Request
      s9788044.avi18tiny.u.avcdn.net
      IN AAAA
      Response
      d9217321.avi18tiny.u.avcdn.net
      IN CNAME
      u4.avcdn.net.edgesuite.net
      u4.avcdn.net.edgesuite.net
      IN CNAME
      a27.dscd.akamai.net
      a27.dscd.akamai.net
      IN AAAA
      2a02:26f0:1780:5::216:901f
      a27.dscd.akamai.net
      IN AAAA
      2a02:26f0:1780:5::216:9027
    • flag-us
      DNS
      x1281465.avi18tiny.u.avcdn.net
      instup.exe
      Remote address:
      8.8.8.8:53
      Request
      x1281465.avi18tiny.u.avcdn.net
      IN AAAA
      Response
      n3338300.avi18tiny.u.avcdn.net
      IN CNAME
      u4.avcdn.net.edgesuite.net
      u4.avcdn.net.edgesuite.net
      IN CNAME
      a27.dscd.akamai.net
      a27.dscd.akamai.net
      IN AAAA
      2a02:26f0:1780:5::216:9027
      a27.dscd.akamai.net
      IN AAAA
      2a02:26f0:1780:5::216:901f
    • flag-us
      DNS
      y7637820.avi18tiny.u.avcdn.net
      instup.exe
      Remote address:
      8.8.8.8:53
      Request
      y7637820.avi18tiny.u.avcdn.net
      IN AAAA
      Response
      s-avi18tiny.avcdn.net
      IN CNAME
      fallbackupdates.avcdn.net.edgekey.net
      fallbackupdates.avcdn.net.edgekey.net
      IN CNAME
      e9229.dscd.akamaiedge.net
      e9229.dscd.akamaiedge.net
      IN AAAA
      2a02:26f0:5700:19d::240d
      e9229.dscd.akamaiedge.net
      IN AAAA
      2a02:26f0:5700:182::240d
    • flag-us
      DNS
      d9217321.avi18tiny.u.avcdn.net
      instup.exe
      Remote address:
      8.8.8.8:53
      Request
      d9217321.avi18tiny.u.avcdn.net
      IN AAAA
      Response
      d9217321.avi18tiny.u.avcdn.net
      IN CNAME
      u4.avcdn.net.edgesuite.net
      u4.avcdn.net.edgesuite.net
      IN CNAME
      a27.dscd.akamai.net
      a27.dscd.akamai.net
      IN AAAA
      2a02:26f0:1780:5::216:9027
      a27.dscd.akamai.net
      IN AAAA
      2a02:26f0:1780:5::216:901f
    • flag-us
      DNS
      n3338300.avi18tiny.u.avcdn.net
      instup.exe
      Remote address:
      8.8.8.8:53
      Request
      n3338300.avi18tiny.u.avcdn.net
      IN AAAA
      Response
      n3338300.avi18tiny.u.avcdn.net
      IN CNAME
      u4.avcdn.net.edgesuite.net
      u4.avcdn.net.edgesuite.net
      IN CNAME
      a27.dscd.akamai.net
      a27.dscd.akamai.net
      IN AAAA
      2a02:26f0:1780:5::216:9027
      a27.dscd.akamai.net
      IN AAAA
      2a02:26f0:1780:5::216:901f
    • flag-us
      DNS
      s-avi18tiny.avcdn.net
      instup.exe
      Remote address:
      8.8.8.8:53
      Request
      s-avi18tiny.avcdn.net
      IN AAAA
      Response
      s-avi18tiny.avcdn.net
      IN CNAME
      fallbackupdates.avcdn.net.edgekey.net
      fallbackupdates.avcdn.net.edgekey.net
      IN CNAME
      e9229.dscd.akamaiedge.net
      e9229.dscd.akamaiedge.net
      IN AAAA
      2a02:26f0:5700:182::240d
      e9229.dscd.akamaiedge.net
      IN AAAA
      2a02:26f0:5700:19d::240d
    • flag-us
      DNS
      s9788044.avi18tiny.u.avcdn.net
      instup.exe
      Remote address:
      8.8.8.8:53
      Request
      s9788044.avi18tiny.u.avcdn.net
      IN AAAA
      Response
      s9788044.avi18tiny.u.avcdn.net
      IN CNAME
      u4.avcdn.net.edgesuite.net
      u4.avcdn.net.edgesuite.net
      IN CNAME
      a27.dscd.akamai.net
      a27.dscd.akamai.net
      IN AAAA
      2a02:26f0:1780:5::216:9027
      a27.dscd.akamai.net
      IN AAAA
      2a02:26f0:1780:5::216:901f
    • flag-us
      DNS
      x1281465.avi18tiny.u.avcdn.net
      instup.exe
      Remote address:
      8.8.8.8:53
      Request
      x1281465.avi18tiny.u.avcdn.net
      IN AAAA
      Response
      x1281465.avi18tiny.u.avcdn.net
      IN CNAME
      u4.avcdn.net.edgesuite.net
      u4.avcdn.net.edgesuite.net
      IN CNAME
      a27.dscd.akamai.net
      a27.dscd.akamai.net
      IN AAAA
      2a02:26f0:1780:5::216:9027
      a27.dscd.akamai.net
      IN AAAA
      2a02:26f0:1780:5::216:901f
    • flag-us
      DNS
      y7637820.avi18tiny.u.avcdn.net
      instup.exe
      Remote address:
      8.8.8.8:53
      Request
      y7637820.avi18tiny.u.avcdn.net
      IN AAAA
      Response
      y7637820.avi18tiny.u.avcdn.net
      IN CNAME
      u4.avcdn.net.edgesuite.net
      u4.avcdn.net.edgesuite.net
      IN CNAME
      a27.dscd.akamai.net
      a27.dscd.akamai.net
      IN AAAA
      2a02:26f0:1780:5::216:9027
      a27.dscd.akamai.net
      IN AAAA
      2a02:26f0:1780:5::216:901f
    • flag-gb
      GET
      http://x1281465.avi18tiny.u.avcdn.net/avi18tiny/prod-vps.vpx
      instup.exe
      Remote address:
      23.73.139.50:80
      Request
      GET /avi18tiny/prod-vps.vpx HTTP/1.1
      Host: x1281465.avi18tiny.u.avcdn.net
      Accept: */*
      User-Agent: avast! Antivirus (instup)
      Response
      HTTP/1.1 200 OK
      Server: nginx
      Content-Type: application/octet-stream
      Content-Length: 340
      Last-Modified: Wed, 12 Jun 2024 07:27:03 GMT
      ETag: "66694dc7-154"
      Access-Control-Allow-Origin: *
      x-cache-status: REVALIDATED
      x-origin-cache: vpsorigin-cache-re-prod-001.europe-west1-b.ppp-lopst-vpsorigin-10
      Accept-Ranges: bytes
      Cache-Control: max-age=60
      Expires: Wed, 12 Jun 2024 09:54:09 GMT
      Date: Wed, 12 Jun 2024 09:53:09 GMT
      Connection: keep-alive
    • flag-gb
      GET
      http://x1281465.avi18tiny.u.avcdn.net/avi18tiny/part-jrog2-79.vpx
      instup.exe
      Remote address:
      23.73.139.50:80
      Request
      GET /avi18tiny/part-jrog2-79.vpx HTTP/1.1
      Host: x1281465.avi18tiny.u.avcdn.net
      Accept: */*
      User-Agent: avast! Antivirus (instup)
      Response
      HTTP/1.1 200 OK
      Server: nginx
      Content-Type: application/octet-stream
      Content-Length: 211
      Last-Modified: Wed, 12 Jun 2024 07:27:01 GMT
      ETag: "66694dc5-d3"
      Access-Control-Allow-Origin: *
      x-cache-status: MISS
      x-origin-cache: vpsorigin-cache-re-prod-001.europe-west1-b.ppp-lopst-vpsorigin-10
      Accept-Ranges: bytes
      Cache-Control: max-age=3220
      Expires: Wed, 12 Jun 2024 10:46:49 GMT
      Date: Wed, 12 Jun 2024 09:53:09 GMT
      Connection: keep-alive
    • flag-gb
      GET
      http://x1281465.avi18tiny.u.avcdn.net/avi18tiny/part-vps_windows-24061199.vpx
      instup.exe
      Remote address:
      23.73.139.50:80
      Request
      GET /avi18tiny/part-vps_windows-24061199.vpx HTTP/1.1
      Host: x1281465.avi18tiny.u.avcdn.net
      Accept: */*
      User-Agent: avast! Antivirus (instup)
      Response
      HTTP/1.1 200 OK
      Server: nginx
      Content-Type: application/octet-stream
      Content-Length: 7408
      Last-Modified: Wed, 12 Jun 2024 07:27:02 GMT
      ETag: "66694dc6-1cf0"
      Access-Control-Allow-Origin: *
      x-cache-status: MISS
      x-origin-cache: vpsorigin-cache-re-prod-001.europe-west1-b.ppp-lopst-vpsorigin-10
      Accept-Ranges: bytes
      Cache-Control: max-age=2746
      Expires: Wed, 12 Jun 2024 10:38:56 GMT
      Date: Wed, 12 Jun 2024 09:53:10 GMT
      Connection: keep-alive
    • flag-us
      DNS
      shepherd.avcdn.net
      instup.exe
      Remote address:
      8.8.8.8:53
      Request
      shepherd.avcdn.net
      IN AAAA
      Response
      shepherd.avcdn.net
      IN CNAME
      shepherd.ff.avast.com
      shepherd.ff.avast.com
      IN CNAME
      shepherd-gcp.ff.avast.com
    • flag-us
      POST
      https://shepherd.avcdn.net/
      instup.exe
      Remote address:
      34.160.176.28:443
      Request
      POST / HTTP/1.1
      Connection: Keep-Alive
      Content-Type: application/x-www-form-urlencoded
      Host: shepherd.avcdn.net
      User-Agent: Avast Antivirus
      Content-Length: 219
      Response
      HTTP/1.1 200 OK
      Server: nginx
      Date: Wed, 12 Jun 2024 09:53:10 GMT
      Content-Type: text/plain
      Content-Length: 25592
      AB-Tests: 921ba9e1-e8ab-4473-8916-6d120da28b76:B,AV-32666-v2-fake:a,dfc58839-be72-45b0-b5e8-6c31c27f4a30:A,oa-7820-v1-fake-blatny:a
      Access-Control-Allow-Origin: *
      Access-Control-Expose-Headers: Config-Id, Config-Name, Config-Version, Segments, AB-Tests, TTL, TTL-Spread
      Config-Id: 9
      Config-Name: AVG-Windows-AV-Consumer_email-signatures_webshield-tls-processes---stage-1_release-20-percent-userbase_asb-and-chrome-since-21.2_version-23.2-and-higher-not-in-fr-de_avg-free_disabled-extensions-sideloading_21.10-and-newer_version-19.1-and-higher-in-gb_us_ca_nz_au_ipm_4932_opm_pus_fullscale_previous-version_version-18.6-and-higher_windows-8-and-higher_icarus-migration_avg-free-and-release_uk-gb_production_webshield.quic.block---fraction-test-setup_quic-sni-block-release_quic-on_emailscanner-ignored-processes_ipm-bau-v23.1-and-higher_version-20.5-and-higher_useopenidwebauth_streaming-updates-globalflags_devicewatcheron_version-20.9-and-higher_pups-in-avg---rollout_winre-bts_avg-forrelease-and-beta-24.4_smartscan-free-win10-antivirus_aosstorelink_enableddwm_enablehns3_performator_avg-r24-4---r24-5_fs-and-idp-integration_cef-91_cefsettings-on_new-installation_opening-browser-onboarding_opm_burger_tracking_limitation_productversion-higher-23.2-and-country-not-in-fr-de_multidetection_ipm_6515_6516_vps_sites_test_b_ipm_6513_open_ui_a-3d4b04f301b1ff8b358c89a2ba8f12f0826d032b4371ee7c5e238e1863fea24a
      Config-Version: 2089
      Segments: email signatures,webshield tls processes - stage 1,release 20 percent userbase,asb and chrome since 21.2,version 23.2 and higher not in fr de,avg free,disabled extensions sideloading,21.10 and newer,version 19.1 and higher in gb_us_ca_nz_au,ipm_4932_opm_pus_fullscale,previous version,version 18.6 and higher,windows 8 and higher,icarus migration,avg free and release,uk gb,production,webshield.quic.block - fraction test setup,quic sni block release,quic on,emailscanner ignored processes,ipm bau v23.1 and higher,version 20.5 and higher,useopenidwebauth,streaming updates globalflags,devicewatcheron,version 20.9 and higher,pups in avg - rollout,winre bts,avg forrelease and beta 24.4,smartscan free win10 antivirus,aosstorelink,enableddwm,enablehns3,performator,avg r24 4 - r24 5,fs and idp integration,cef 91,cefsettings on,new installation,opening browser onboarding,opm_burger_tracking_limitation,productversion higher 23.2 and country not in fr de,multidetection,ipm_6515_6516_vps_sites_test_b,ipm_6513_open_ui_a
      TTL: 60
      TTL-Spread: 43200
      Via: 1.1 google
      Alt-Svc: clear
    • flag-us
      DNS
      50.139.73.23.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      50.139.73.23.in-addr.arpa
      IN PTR
      Response
      50.139.73.23.in-addr.arpa
      IN PTR
      a23-73-139-50deploystaticakamaitechnologiescom
    • flag-us
      DNS
      v7event.stats.avcdn.net
      avg_antivirus_free_setup_x64.exe
      Remote address:
      8.8.8.8:53
      Request
      v7event.stats.avcdn.net
      IN A
      Response
      v7event.stats.avcdn.net
      IN CNAME
      analytics.ff.avast.com
      analytics.ff.avast.com
      IN CNAME
      analytics-prod-gcp.ff.avast.com
      analytics-prod-gcp.ff.avast.com
      IN A
      34.117.223.223
    • flag-us
      DNS
      v7event.stats.avcdn.net
      avg_antivirus_free_setup_x64.exe
      Remote address:
      8.8.8.8:53
      Request
      v7event.stats.avcdn.net
      IN A
      Response
      v7event.stats.avcdn.net
      IN CNAME
      analytics.ff.avast.com
      analytics.ff.avast.com
      IN CNAME
      analytics-prod-gcp.ff.avast.com
      analytics-prod-gcp.ff.avast.com
      IN A
      34.117.223.223
    • flag-us
      DNS
      v7event.stats.avcdn.net
      avg_antivirus_free_setup_x64.exe
      Remote address:
      8.8.8.8:53
      Request
      v7event.stats.avcdn.net
      IN AAAA
      Response
      v7event.stats.avcdn.net
      IN CNAME
      analytics.ff.avast.com
      analytics.ff.avast.com
      IN CNAME
      analytics-prod-gcp.ff.avast.com
    • flag-us
      DNS
      v7event.stats.avcdn.net
      avg_antivirus_free_setup_x64.exe
      Remote address:
      8.8.8.8:53
      Request
      v7event.stats.avcdn.net
      IN AAAA
      Response
      v7event.stats.avcdn.net
      IN CNAME
      analytics.ff.avast.com
      analytics.ff.avast.com
      IN CNAME
      analytics-prod-gcp.ff.avast.com
    • flag-us
      DNS
      v7event.stats.avcdn.net
      avg_antivirus_free_setup_x64.exe
      Remote address:
      8.8.8.8:53
      Request
      v7event.stats.avcdn.net
      IN A
      Response
      v7event.stats.avcdn.net
      IN CNAME
      analytics.ff.avast.com
      analytics.ff.avast.com
      IN CNAME
      analytics-prod-gcp.ff.avast.com
      analytics-prod-gcp.ff.avast.com
      IN A
      34.117.223.223
    • flag-us
      POST
      https://analytics.avcdn.net/v4/receive/json/70
      instup.exe
      Remote address:
      34.117.223.223:443
      Request
      POST /v4/receive/json/70 HTTP/1.1
      Connection: Keep-Alive
      Content-Type: application/json
      User-Agent: Avast SimpleHttp/3.0
      Content-Length: 494
      Host: analytics.avcdn.net
      Response
      HTTP/1.1 200 OK
      Server: nginx
      Date: Wed, 12 Jun 2024 09:53:13 GMT
      Content-Type: application/json
      Content-Length: 19
      Via: 1.1 google
      Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
    • flag-us
      POST
      https://analytics.avcdn.net/receive3
      instup.exe
      Remote address:
      34.117.223.223:443
      Request
      POST /receive3 HTTP/1.1
      Connection: Keep-Alive
      Content-Type: application/x-enc-sb
      Content-Encoding: gzip
      User-Agent: Avast Antivirus
      Content-Length: 559
      Host: analytics.avcdn.net
      Response
      HTTP/1.1 200 OK
      Server: nginx
      Date: Wed, 12 Jun 2024 09:54:12 GMT
      Content-Type: application/octet-stream
      Content-Length: 24
      X-ASW-Receiver-Ack: processed
      Via: 1.1 google
      Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
    • flag-us
      POST
      https://v7event.stats.avcdn.net/cgi-bin/iavsevents.cgi
      instup.exe
      Remote address:
      34.117.223.223:443
      Request
      POST /cgi-bin/iavsevents.cgi HTTP/1.1
      Host: v7event.stats.avcdn.net
      User-Agent: avast! Antivirus
      Accept: */*
      Content-MD5: Yjj7WLYosqFQU9Bu5rYR6w==
      Content-Type: iavs4/stats
      Content-Length: 327
      Response
      HTTP/1.1 204 No Content
      Server: nginx
      Date: Wed, 12 Jun 2024 09:53:13 GMT
      Via: 1.1 google
      Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
    • flag-us
      DNS
      ssl.google-analytics.com
      instup.exe
      Remote address:
      8.8.8.8:53
      Request
      ssl.google-analytics.com
      IN A
      Response
      ssl.google-analytics.com
      IN A
      142.250.180.8
    • flag-gb
      POST
      https://ssl.google-analytics.com/collect
      instup.exe
      Remote address:
      142.250.180.8:443
      Request
      POST /collect HTTP/1.1
      Connection: Keep-Alive
      User-Agent: Avast Antivirus
      Content-Length: 439
      Host: ssl.google-analytics.com
      Response
      HTTP/1.1 200 OK
      Access-Control-Allow-Origin: *
      Date: Wed, 12 Jun 2024 09:53:14 GMT
      Pragma: no-cache
      Expires: Fri, 01 Jan 1990 00:00:00 GMT
      Cache-Control: no-cache, no-store, must-revalidate
      Last-Modified: Sun, 17 May 1998 03:00:00 GMT
      X-Content-Type-Options: nosniff
      Content-Type: image/gif
      Cross-Origin-Resource-Policy: cross-origin
      Server: Golfe2
      Content-Length: 35
      Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
    • flag-us
      DNS
      ipm.avcdn.net
      instup.exe
      Remote address:
      8.8.8.8:53
      Request
      ipm.avcdn.net
      IN A
      Response
      ipm.avcdn.net
      IN CNAME
      ipm-provider.ff.avast.com
      ipm-provider.ff.avast.com
      IN CNAME
      ipm-gcp-prod.ff.avast.com
      ipm-gcp-prod.ff.avast.com
      IN A
      34.111.24.1
    • flag-us
      DNS
      ipm.avcdn.net
      instup.exe
      Remote address:
      8.8.8.8:53
      Request
      ipm.avcdn.net
      IN A
      Response
      ipm.avcdn.net
      IN CNAME
      ipm-provider.ff.avast.com
      ipm-provider.ff.avast.com
      IN CNAME
      ipm-gcp-prod.ff.avast.com
      ipm-gcp-prod.ff.avast.com
      IN A
      34.111.24.1
    • flag-us
      DNS
      8.180.250.142.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      8.180.250.142.in-addr.arpa
      IN PTR
      Response
      8.180.250.142.in-addr.arpa
      IN PTR
      lhr25s32-in-f81e100net
    • flag-us
      GET
      https://ipm.avcdn.net/?action=1&p_elm=76&p_pro=70&p_osv=10.0&p_cpua=x64&p_lid=en-us&repoid=avg&p_lan=1033&p_lng=en&p_vep=24&p_ves=5&p_vbd=3336&p_cnm=PXHSTPPU&p_hid=84c21b69-27f1-47fc-9d8f-99820cf029ac&p_bld=mmm_bav_tst_007_402_f&p_adp=0000&p_midex=E7AE39FA5EEE477481DC83EE66F9242B00000000000000000000000000000000&p_chs=5&p_chr=0&p_gccc=0&p_scr=intro&p_sbi=0&p_ram=8192&p_dpi=100&p_wndwidth=1010&p_wndheight=674&p_srid=0&p_pav=0
      instup.exe
      Remote address:
      34.111.24.1:443
      Request
      GET /?action=1&p_elm=76&p_pro=70&p_osv=10.0&p_cpua=x64&p_lid=en-us&repoid=avg&p_lan=1033&p_lng=en&p_vep=24&p_ves=5&p_vbd=3336&p_cnm=PXHSTPPU&p_hid=84c21b69-27f1-47fc-9d8f-99820cf029ac&p_bld=mmm_bav_tst_007_402_f&p_adp=0000&p_midex=E7AE39FA5EEE477481DC83EE66F9242B00000000000000000000000000000000&p_chs=5&p_chr=0&p_gccc=0&p_scr=intro&p_sbi=0&p_ram=8192&p_dpi=100&p_wndwidth=1010&p_wndheight=674&p_srid=0&p_pav=0 HTTP/1.1
      Cache-Control: no-cache
      Connection: Keep-Alive
      Pragma: no-cache
      Accept: */*
      User-Agent: htmlayout 3.3; above-Windows-7; www.terrainformatica.com )
      Host: ipm.avcdn.net
      Response
      HTTP/1.1 200 OK
      Server: nginx
      Date: Wed, 12 Jun 2024 09:53:14 GMT
      Content-Type: text/html
      Content-Length: 27204
      IPM-Asset-URL-659273231: https://ipmcdn.avast.com/images/banner/img-secure-browser-avg-v1.png
      IPM-Asset-Base-URL: https://ipm-static.avcdn.net/content-assets-prod/,https://ipmcdn.avast.com/images/
      Cache-Control: no-cache, no-store, must-revalidate
      Pragma: no-cache
      Expires: 0
      Content-Identifier: avgfree/en-ww/setup-avg-offer_secure-browser_variant-a.html
      ETag: W/87c5508a
      Set-Cookie: ViewCounter_ipm-10553-browser-offer-shared=1718185994; Max-Age=1728000; Expires=Tue, 02 Jul 2024 09:53:14 GMT; Secure; SameSite=None
      Set-Cookie: ScreenName_76=avgfree/en-ww/setup-avg-offer_secure-browser_variant-a.html; Max-Age=3888000; Expires=Sat, 27 Jul 2024 09:53:14 GMT; Secure; SameSite=None
      Set-Cookie: ClientId=59218e28-4f2e-4a9a-9c4b-0ab55991f817; Max-Age=63072000; Expires=Fri, 12 Jun 2026 09:53:14 GMT; Secure; SameSite=None
      Set-Cookie: ViewCounter_ipm-10553-browser-offer-shared=1718185994; Max-Age=1728000; Expires=Tue, 02 Jul 2024 09:53:14 GMT; Secure; SameSite=None
      Set-Cookie: ScreenName_76=avgfree/en-ww/setup-avg-offer_secure-browser_variant-a.html; Max-Age=3888000; Expires=Sat, 27 Jul 2024 09:53:14 GMT; Secure; SameSite=None
      Set-Cookie: ClientId=59218e28-4f2e-4a9a-9c4b-0ab55991f817; Max-Age=63072000; Expires=Fri, 12 Jun 2026 09:53:14 GMT; Secure; SameSite=None
      Via: 1.1 google
      Alt-Svc: clear
    • flag-us
      DNS
      ipmcdn.avast.com
      instup.exe
      Remote address:
      8.8.8.8:53
      Request
      ipmcdn.avast.com
      IN A
      Response
      ipmcdn.avast.com
      IN CNAME
      ipmcdn.avast.com.edgekey.net
      ipmcdn.avast.com.edgekey.net
      IN CNAME
      e13223.dscd.akamaiedge.net
      e13223.dscd.akamaiedge.net
      IN A
      2.22.15.85
    • flag-us
      DNS
      analytics.ff.avast.com
      instup.exe
      Remote address:
      8.8.8.8:53
      Request
      analytics.ff.avast.com
      IN A
      Response
      analytics.ff.avast.com
      IN CNAME
      analytics-prod-gcp.ff.avast.com
      analytics-prod-gcp.ff.avast.com
      IN A
      34.117.223.223
    • flag-us
      DNS
      ssl.google-analytics.com
      instup.exe
      Remote address:
      8.8.8.8:53
      Request
      ssl.google-analytics.com
      IN A
      Response
      ssl.google-analytics.com
      IN A
      142.250.180.8
    • flag-us
      DNS
      analytics.ff.avast.com
      instup.exe
      Remote address:
      8.8.8.8:53
      Request
      analytics.ff.avast.com
      IN A
      Response
      analytics.ff.avast.com
      IN CNAME
      analytics-prod-gcp.ff.avast.com
      analytics-prod-gcp.ff.avast.com
      IN A
      34.117.223.223
    • flag-gb
      GET
      https://ssl.google-analytics.com/collect?v=1&tid=UA-16796122-3&cid=84c21b69-27f1-47fc-9d8f-99820cf029ac&dh=ipm.avcdn.net&dp=avgfree%2Fen-gb%2Fsetup-avg-offer_secure-browser_variant-a.html&z=58148334&uid=E7AE39FA5EEE477481DC83EE66F9242B00000000000000000000000000000000&ds=ipm2&dt=setup-avg-offer_secure-browser_variant-a.html&ul=en-gb&cd5=avgfree%2Fen-gb%2Fsetup-avg-offer_secure-browser_variant-a.html&t=pageview&cg2=fn&cd1=fn&cd11=en&cd14=avgfree%2Fen-ww%2Fsetup-avg-offer_secure-browser_variant-a.html&cd16=0&cd17=en-us&cd18=0&cd28=ipm.avcdn.net&cd100=E7AE39FA5EEE477481DC83EE66F9242B00000000000000000000000000000000&cd101=70&cd102=24&cd103=5&cd104=3336&cd106=0&cd107=0&cd108=10.0&cd109=76&cd110=0&cd118=0&cd123=-1&cd127=8192&cd130=0&cd134=0&cd136=1&cd141=-1&cd142=0&cd148=8&cd153=0&cd170=setup_paid_intro&cd2=AVGFREE-0&cd3=24.5.3336.mmm_bav_tst_007_402_f&cd4=Paid%20Program%20%7C%20Licensed%20%7C%2076&cd12=en-ww&cd20=mmm_bav_tst_007_402_f&cd27=84c21b69-27f1-47fc-9d8f-99820cf029ac&cd41=84c21b69-27f1-47fc-9d8f-99820cf029ac&cd154=1&cd155=7&cd175=cba425b2-9d98-4bda-9d73-3477f6e05b85&cd176=cba425b2-9d98-4bda-9d73-3477f6e05b85
      instup.exe
      Remote address:
      142.250.180.8:443
      Request
      GET /collect?v=1&tid=UA-16796122-3&cid=84c21b69-27f1-47fc-9d8f-99820cf029ac&dh=ipm.avcdn.net&dp=avgfree%2Fen-gb%2Fsetup-avg-offer_secure-browser_variant-a.html&z=58148334&uid=E7AE39FA5EEE477481DC83EE66F9242B00000000000000000000000000000000&ds=ipm2&dt=setup-avg-offer_secure-browser_variant-a.html&ul=en-gb&cd5=avgfree%2Fen-gb%2Fsetup-avg-offer_secure-browser_variant-a.html&t=pageview&cg2=fn&cd1=fn&cd11=en&cd14=avgfree%2Fen-ww%2Fsetup-avg-offer_secure-browser_variant-a.html&cd16=0&cd17=en-us&cd18=0&cd28=ipm.avcdn.net&cd100=E7AE39FA5EEE477481DC83EE66F9242B00000000000000000000000000000000&cd101=70&cd102=24&cd103=5&cd104=3336&cd106=0&cd107=0&cd108=10.0&cd109=76&cd110=0&cd118=0&cd123=-1&cd127=8192&cd130=0&cd134=0&cd136=1&cd141=-1&cd142=0&cd148=8&cd153=0&cd170=setup_paid_intro&cd2=AVGFREE-0&cd3=24.5.3336.mmm_bav_tst_007_402_f&cd4=Paid%20Program%20%7C%20Licensed%20%7C%2076&cd12=en-ww&cd20=mmm_bav_tst_007_402_f&cd27=84c21b69-27f1-47fc-9d8f-99820cf029ac&cd41=84c21b69-27f1-47fc-9d8f-99820cf029ac&cd154=1&cd155=7&cd175=cba425b2-9d98-4bda-9d73-3477f6e05b85&cd176=cba425b2-9d98-4bda-9d73-3477f6e05b85 HTTP/1.1
      Cache-Control: no-cache
      Connection: Keep-Alive
      Pragma: no-cache
      Accept: */*
      User-Agent: htmlayout 3.3; above-Windows-7; www.terrainformatica.com )
      Host: ssl.google-analytics.com
      Response
      HTTP/1.1 200 OK
      Access-Control-Allow-Origin: *
      Pragma: no-cache
      X-Content-Type-Options: nosniff
      Cross-Origin-Resource-Policy: cross-origin
      Server: Golfe2
      Content-Length: 35
      Date: Wed, 12 Jun 2024 09:05:03 GMT
      Expires: Mon, 01 Jan 1990 00:00:00 GMT
      Cache-Control: no-cache, no-store, must-revalidate
      Age: 2892
      Last-Modified: Sun, 17 May 1998 03:00:00 GMT
      Content-Type: image/gif
      Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
    • flag-us
      DNS
      ipmcdn.avast.com
      instup.exe
      Remote address:
      8.8.8.8:53
      Request
      ipmcdn.avast.com
      IN A
      Response
      ipmcdn.avast.com
      IN CNAME
      ipmcdn.avast.com.edgekey.net
      ipmcdn.avast.com.edgekey.net
      IN CNAME
      e13223.dscd.akamaiedge.net
      e13223.dscd.akamaiedge.net
      IN A
      2.22.15.85
    • flag-us
      GET
      https://analytics.ff.avast.com/v4/receive/get/json/10?data=%7B%22record%22%3A%5B%7B%22event%22%3A%7B%22type%22%3A10%2C%22subtype%22%3A2%2C%22request_id%22%3A%22cba425b2-9d98-4bda-9d73-3477f6e05b85%22%7D%2C%22identity%22%3A%7B%22guid%22%3A%2284c21b69-27f1-47fc-9d8f-99820cf029ac%22%2C%22hwid%22%3A%22E7AE39FA5EEE477481DC83EE66F9242B00000000000000000000000000000000%22%7D%2C%22product%22%3A%7B%22id%22%3A64%2C%22edition%22%3A15%2C%22lang%22%3A%22en-gb%22%2C%22version_app%22%3A%2224.5.3336.mmm_bav_tst_007_402_f%22%2C%22build%22%3A3336%2C%22ipm_product%22%3A70%7D%2C%22platform%22%3A%7B%22version%22%3A%2210.0%22%2C%22lang%22%3A%22en-gb%22%7D%2C%22license%22%3A%7B%22subscription_mode%22%3Afalse%2C%22stack%22%3A%22STACK_AVAST%22%2C%22gen_license%22%3A%7B%7D%7D%2C%22shepherd%22%3A%7B%7D%2C%22ab_test%22%3A%7B%7D%2C%22ipm%22%3A%7B%22common%22%3A%7B%22element%22%3A76%2C%22license_type%22%3A%22STANDARD%22%2C%22licensing_stage%22%3A%22LICENSED%22%2C%22customer_segment%22%3A%22FN%22%2C%22flow_id%22%3A%22cba425b2-9d98-4bda-9d73-3477f6e05b85%22%7D%2C%22content%22%3A%7B%22content_identifier%22%3A%22avgfree%2Fen-ww%2Fsetup-avg-offer_secure-browser_variant-a.html%22%2C%22content_type%22%3A%22SCREEN%22%2C%22screen_language%22%3A%22en%22%2C%22screen_name%22%3A%22setup-avg-offer_secure-browser_variant-a%22%7D%2C%22action%22%3A%7B%7D%7D%7D%5D%7D
      instup.exe
      Remote address:
      34.117.223.223:443
      Request
      GET /v4/receive/get/json/10?data=%7B%22record%22%3A%5B%7B%22event%22%3A%7B%22type%22%3A10%2C%22subtype%22%3A2%2C%22request_id%22%3A%22cba425b2-9d98-4bda-9d73-3477f6e05b85%22%7D%2C%22identity%22%3A%7B%22guid%22%3A%2284c21b69-27f1-47fc-9d8f-99820cf029ac%22%2C%22hwid%22%3A%22E7AE39FA5EEE477481DC83EE66F9242B00000000000000000000000000000000%22%7D%2C%22product%22%3A%7B%22id%22%3A64%2C%22edition%22%3A15%2C%22lang%22%3A%22en-gb%22%2C%22version_app%22%3A%2224.5.3336.mmm_bav_tst_007_402_f%22%2C%22build%22%3A3336%2C%22ipm_product%22%3A70%7D%2C%22platform%22%3A%7B%22version%22%3A%2210.0%22%2C%22lang%22%3A%22en-gb%22%7D%2C%22license%22%3A%7B%22subscription_mode%22%3Afalse%2C%22stack%22%3A%22STACK_AVAST%22%2C%22gen_license%22%3A%7B%7D%7D%2C%22shepherd%22%3A%7B%7D%2C%22ab_test%22%3A%7B%7D%2C%22ipm%22%3A%7B%22common%22%3A%7B%22element%22%3A76%2C%22license_type%22%3A%22STANDARD%22%2C%22licensing_stage%22%3A%22LICENSED%22%2C%22customer_segment%22%3A%22FN%22%2C%22flow_id%22%3A%22cba425b2-9d98-4bda-9d73-3477f6e05b85%22%7D%2C%22content%22%3A%7B%22content_identifier%22%3A%22avgfree%2Fen-ww%2Fsetup-avg-offer_secure-browser_variant-a.html%22%2C%22content_type%22%3A%22SCREEN%22%2C%22screen_language%22%3A%22en%22%2C%22screen_name%22%3A%22setup-avg-offer_secure-browser_variant-a%22%7D%2C%22action%22%3A%7B%7D%7D%7D%5D%7D HTTP/1.1
      Cache-Control: no-cache
      Connection: Keep-Alive
      Pragma: no-cache
      Accept: */*
      User-Agent: htmlayout 3.3; above-Windows-7; www.terrainformatica.com )
      Host: analytics.ff.avast.com
      Response
      HTTP/1.1 200 OK
      Server: nginx
      Date: Wed, 12 Jun 2024 09:53:15 GMT
      Content-Type: application/json
      Content-Length: 19
      Via: 1.1 google
      Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
    • flag-gb
      GET
      https://ipmcdn.avast.com/images/banner/img-secure-browser-avg-v1.png
      instup.exe
      Remote address:
      2.22.15.85:443
      Request
      GET /images/banner/img-secure-browser-avg-v1.png HTTP/1.1
      Cache-Control: no-cache
      Connection: Keep-Alive
      Pragma: no-cache
      Accept: */*
      User-Agent: htmlayout 3.3; above-Windows-7; www.terrainformatica.com )
      Host: ipmcdn.avast.com
      Response
      HTTP/1.1 200 OK
      Server: nginx
      Content-Type: image/png
      Content-Length: 10878
      Last-Modified: Thu, 17 Dec 2020 10:43:38 GMT
      ETag: "5fdb365a-2a7e"
      X-Cache-Status: REVALIDATED
      X-Origin-Cache: vpsorigin-cache-re-prod-001.europe-west1-b.ppp-lopst-vpsorigin-10
      Accept-Ranges: bytes
      Cache-Control: max-age=3601
      Expires: Wed, 12 Jun 2024 10:53:16 GMT
      Date: Wed, 12 Jun 2024 09:53:15 GMT
      Connection: keep-alive
      Access-Control-Allow-Origin: *
    • flag-us
      DNS
      1.24.111.34.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      1.24.111.34.in-addr.arpa
      IN PTR
      Response
      1.24.111.34.in-addr.arpa
      IN PTR
      12411134bcgoogleusercontentcom
    • flag-us
      DNS
      85.15.22.2.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      85.15.22.2.in-addr.arpa
      IN PTR
      Response
      85.15.22.2.in-addr.arpa
      IN PTR
      a2-22-15-85deploystaticakamaitechnologiescom
    • flag-us
      DNS
      29.243.111.52.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      29.243.111.52.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      172.210.232.199.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      172.210.232.199.in-addr.arpa
      IN PTR
      Response
    • 34.117.223.223:80
      http://v7event.stats.avast.com/cgi-bin/iavsevents.cgi
      http
      c4df16d335825ebfeaa2f812681a27032bd7e1e7ccaf0e6cad4cda6f25d40568.exe
      1.3kB
      484 B
      10
      7

      HTTP Request

      POST http://v7event.stats.avast.com/cgi-bin/iavsevents.cgi

      HTTP Response

      204

      HTTP Request

      POST http://v7event.stats.avast.com/cgi-bin/iavsevents.cgi

      HTTP Response

      204
    • 216.58.213.14:80
      http://www.google-analytics.com/collect
      http
      c4df16d335825ebfeaa2f812681a27032bd7e1e7ccaf0e6cad4cda6f25d40568.exe
      999 B
      1.6kB
      10
      8

      HTTP Request

      POST http://www.google-analytics.com/collect

      HTTP Response

      200

      HTTP Request

      POST http://www.google-analytics.com/collect

      HTTP Response

      200
    • 23.73.139.81:443
      iavs9x.avg.u.avcdn.net
      tls
      c4df16d335825ebfeaa2f812681a27032bd7e1e7ccaf0e6cad4cda6f25d40568.exe
      677 B
      4.2kB
      8
      9
    • 204.79.197.237:443
      https://g.bing.com/neg/0?action=impression&rlink=https%3A%2F%2Fwww.bing.com%2Faclick%3Fld%3De8TzD80AXHemFM0p5li3gwezVUCUyd_ACmPOlMBeKmGfAvja8shH-WCVcWeaeHQYyzr4hCcAKuQcU-NZrmI32uWiOF8z2pKTAaK39MmKoTbu3p0zGoxP8u8wxTUpBxuAtTcr0mon3uu3N7yibL0260Aup6YOQ8avurh0Kj5-Kd_keW7zuw%26u%3DbWljcm9zb2Z0LWVkZ2UlM2FodHRwcyUzYSUyZiUyZnd3dy5taWNyb3NvZnQuY29tJTJmbWljcm9zb2Z0LTM2NSUyZm1pY3Jvc29mdC0zNjUtYmFzaWMtZmFxcyUzZk9DSUQlM2RjbW1sdWMyOWxxOQ%26rlid%3Dfaab1187f039144342cb77ef3b0a9d69&TIME=20240611T221026Z&CID=531098720&EID=&tids=15000&adUnitId=11730597&localId=w:8CE4F47C-62C1-CBA1-6083-4AA98427395E&deviceId=6825835407638640&muid=8CE4F47C62C1CBA160834AA98427395E
      tls, http2
      2.5kB
      9.0kB
      20
      17

      HTTP Request

      GET https://g.bing.com/neg/0?action=impression&rlink=https%3A%2F%2Fwww.bing.com%2Faclick%3Fld%3De8TzD80AXHemFM0p5li3gwezVUCUyd_ACmPOlMBeKmGfAvja8shH-WCVcWeaeHQYyzr4hCcAKuQcU-NZrmI32uWiOF8z2pKTAaK39MmKoTbu3p0zGoxP8u8wxTUpBxuAtTcr0mon3uu3N7yibL0260Aup6YOQ8avurh0Kj5-Kd_keW7zuw%26u%3DbWljcm9zb2Z0LWVkZ2UlM2FodHRwcyUzYSUyZiUyZnd3dy5taWNyb3NvZnQuY29tJTJmbWljcm9zb2Z0LTM2NSUyZm1pY3Jvc29mdC0zNjUtYmFzaWMtZmFxcyUzZk9DSUQlM2RjbW1sdWMyOWxxOQ%26rlid%3Dfaab1187f039144342cb77ef3b0a9d69&TIME=20240611T221026Z&CID=531098720&EID=531098720&tids=15000&adUnitId=11730597&localId=w:8CE4F47C-62C1-CBA1-6083-4AA98427395E&deviceId=6825835407638640&muid=8CE4F47C62C1CBA160834AA98427395E

      HTTP Response

      204

      HTTP Request

      GET https://g.bing.com/neg/0?action=impression&rlink=https%3A%2F%2Fwww.bing.com%2Faclick%3Fld%3De8TzD80AXHemFM0p5li3gwezVUCUyd_ACmPOlMBeKmGfAvja8shH-WCVcWeaeHQYyzr4hCcAKuQcU-NZrmI32uWiOF8z2pKTAaK39MmKoTbu3p0zGoxP8u8wxTUpBxuAtTcr0mon3uu3N7yibL0260Aup6YOQ8avurh0Kj5-Kd_keW7zuw%26u%3DbWljcm9zb2Z0LWVkZ2UlM2FodHRwcyUzYSUyZiUyZnd3dy5taWNyb3NvZnQuY29tJTJmbWljcm9zb2Z0LTM2NSUyZm1pY3Jvc29mdC0zNjUtYmFzaWMtZmFxcyUzZk9DSUQlM2RjbW1sdWMyOWxxOQ%26rlid%3Dfaab1187f039144342cb77ef3b0a9d69&TIME=20240611T221026Z&CID=531098720&EID=&tids=15000&adUnitId=11730597&localId=w:8CE4F47C-62C1-CBA1-6083-4AA98427395E&deviceId=6825835407638640&muid=8CE4F47C62C1CBA160834AA98427395E

      HTTP Response

      204
    • 88.221.83.218:443
      https://www.bing.com/aes/c.gif?RG=8d1e52730a014cfdbe18e33db04dd9d1&med=10&pubId=251978541&tids=15000&type=mv&reqver=1.0&TIME=20240611T221026Z&adUnitId=11730597&localId=w:8CE4F47C-62C1-CBA1-6083-4AA98427395E&deviceId=6825835407638640
      tls, http2
      1.4kB
      5.3kB
      16
      10

      HTTP Request

      GET https://www.bing.com/aes/c.gif?RG=8d1e52730a014cfdbe18e33db04dd9d1&med=10&pubId=251978541&tids=15000&type=mv&reqver=1.0&TIME=20240611T221026Z&adUnitId=11730597&localId=w:8CE4F47C-62C1-CBA1-6083-4AA98427395E&deviceId=6825835407638640

      HTTP Response

      200
    • 23.73.139.81:443
      iavs9x.avg.u.avcdn.net
      tls
      c4df16d335825ebfeaa2f812681a27032bd7e1e7ccaf0e6cad4cda6f25d40568.exe
      677 B
      4.2kB
      8
      9
    • 23.73.139.81:443
      iavs9x.avg.u.avcdn.net
      tls
      c4df16d335825ebfeaa2f812681a27032bd7e1e7ccaf0e6cad4cda6f25d40568.exe
      677 B
      4.2kB
      8
      9
    • 23.73.139.81:443
      iavs9x.avg.u.avcdn.net
      tls
      c4df16d335825ebfeaa2f812681a27032bd7e1e7ccaf0e6cad4cda6f25d40568.exe
      677 B
      4.2kB
      8
      9
    • 23.73.139.81:443
      iavs9x.avg.u.avcdn.net
      tls
      c4df16d335825ebfeaa2f812681a27032bd7e1e7ccaf0e6cad4cda6f25d40568.exe
      677 B
      4.2kB
      8
      9
    • 23.73.139.81:80
      http://iavs9x.avg.u.avcdn.net/avg/iavs9x/avg_antivirus_free_setup_x64.exe
      http
      c4df16d335825ebfeaa2f812681a27032bd7e1e7ccaf0e6cad4cda6f25d40568.exe
      403.2kB
      10.8MB
      6023
      7726

      HTTP Request

      GET http://iavs9x.avg.u.avcdn.net/avg/iavs9x/avg_antivirus_free_setup_x64.exe

      HTTP Response

      200
    • 216.58.213.14:80
      http://www.google-analytics.com/collect?aiid=mmm_bav_tst_007_402_f&an=Avg%20Free&av=24.5.9153&cd=stub-extended&cd3=Online&cid=84c21b69-27f1-47fc-9d8f-99820cf029ac&dt=Installation&t=screenview&tid=UA-58120669-4&v=1
      http
      avg_antivirus_free_setup_x64.exe
      558 B
      601 B
      6
      4

      HTTP Request

      GET http://www.google-analytics.com/collect?aiid=mmm_bav_tst_007_402_f&an=Avg%20Free&av=24.5.9153&cd=stub-extended&cd3=Online&cid=84c21b69-27f1-47fc-9d8f-99820cf029ac&dt=Installation&t=screenview&tid=UA-58120669-4&v=1

      HTTP Response

      200
    • 34.117.223.223:443
      https://v7event.stats.avcdn.net/cgi-bin/iavsevents.cgi
      tls, http
      avg_antivirus_free_setup_x64.exe
      2.2kB
      5.9kB
      14
      12

      HTTP Request

      POST https://v7event.stats.avcdn.net/cgi-bin/iavsevents.cgi

      HTTP Response

      204

      HTTP Request

      POST https://v7event.stats.avcdn.net/cgi-bin/iavsevents.cgi

      HTTP Response

      204
    • 34.117.223.223:443
      https://analytics.avcdn.net/v4/receive/json/70
      tls, http
      avg_antivirus_free_setup_x64.exe
      1.6kB
      5.7kB
      11
      10

      HTTP Request

      POST https://analytics.avcdn.net/v4/receive/json/70

      HTTP Response

      200
    • 34.160.176.28:443
      https://shepherd.avcdn.net/
      tls, http
      instup.exe
      1.6kB
      26.9kB
      18
      26

      HTTP Request

      POST https://shepherd.avcdn.net/

      HTTP Response

      200
    • 23.73.139.81:80
      http://s9788044.iavs9x.avg.u.avcdn.net/avg/iavs9x/servers.def.vpx
      http
      instup.exe
      411 B
      2.1kB
      6
      5

      HTTP Request

      GET http://s9788044.iavs9x.avg.u.avcdn.net/avg/iavs9x/servers.def.vpx

      HTTP Response

      200
    • 23.73.139.56:80
      http://l9346865.iavs9x.avg.u.avcdn.net/avg/iavs9x/prod-pgm.vpx
      http
      instup.exe
      362 B
      1.2kB
      5
      4

      HTTP Request

      GET http://l9346865.iavs9x.avg.u.avcdn.net/avg/iavs9x/prod-pgm.vpx

      HTTP Response

      200
    • 23.73.139.56:80
      http://l9346865.iavs9x.avg.u.avcdn.net/avg/iavs9x/avbugreport_x64_ais-d08.vpx
      http
      instup.exe
      25.0kB
      1.5MB
      540
      1073

      HTTP Request

      GET http://l9346865.iavs9x.avg.u.avcdn.net/avg/iavs9x/avbugreport_x64_ais-d08.vpx

      HTTP Response

      200
    • 23.73.139.56:80
      http://l9346865.iavs9x.avg.u.avcdn.net/avg/iavs9x/avdump_x64_ais-d08.vpx
      http
      instup.exe
      17.6kB
      1.0MB
      380
      754

      HTTP Request

      GET http://l9346865.iavs9x.avg.u.avcdn.net/avg/iavs9x/avdump_x64_ais-d08.vpx

      HTTP Response

      200
    • 23.73.139.56:80
      http://l9346865.iavs9x.avg.u.avcdn.net/avg/iavs9x/avdump_x86_ais-d08.vpx
      http
      instup.exe
      16.3kB
      960.2kB
      351
      696

      HTTP Request

      GET http://l9346865.iavs9x.avg.u.avcdn.net/avg/iavs9x/avdump_x86_ais-d08.vpx

      HTTP Response

      200
    • 23.73.139.56:80
      http://l9346865.iavs9x.avg.u.avcdn.net/avg/iavs9x/instcont_x64_ais-d08.vpx
      http
      instup.exe
      17.9kB
      1.1MB
      387
      768

      HTTP Request

      GET http://l9346865.iavs9x.avg.u.avcdn.net/avg/iavs9x/instcont_x64_ais-d08.vpx

      HTTP Response

      200
    • 23.73.139.56:80
      http://l9346865.iavs9x.avg.u.avcdn.net/avg/iavs9x/instup_x64_ais-d08.vpx
      http
      instup.exe
      191.7kB
      5.9MB
      3126
      4199

      HTTP Request

      GET http://l9346865.iavs9x.avg.u.avcdn.net/avg/iavs9x/instup_x64_ais-d08.vpx

      HTTP Response

      200
    • 23.73.139.56:80
      http://l9346865.iavs9x.avg.u.avcdn.net/avg/iavs9x/offertool_x64_ais-d08.vpx
      http
      instup.exe
      16.2kB
      951.2kB
      349
      691

      HTTP Request

      GET http://l9346865.iavs9x.avg.u.avcdn.net/avg/iavs9x/offertool_x64_ais-d08.vpx

      HTTP Response

      200
    • 23.73.139.56:80
      http://l9346865.iavs9x.avg.u.avcdn.net/avg/iavs9x/sbr_x64_ais-d08.vpx
      http
      instup.exe
      553 B
      12.7kB
      9
      12

      HTTP Request

      GET http://l9346865.iavs9x.avg.u.avcdn.net/avg/iavs9x/sbr_x64_ais-d08.vpx

      HTTP Response

      200
    • 23.73.139.56:80
      http://l9346865.iavs9x.avg.u.avcdn.net/avg/iavs9x/setgui_x64_ais-d08.vpx
      http
      instup.exe
      24.7kB
      1.5MB
      534
      1062

      HTTP Request

      GET http://l9346865.iavs9x.avg.u.avcdn.net/avg/iavs9x/setgui_x64_ais-d08.vpx

      HTTP Response

      200
    • 23.73.139.56:80
      http://k6951768.iavs9x.avg.u.avcdn.net/avg/iavs9x/prod-pgm.vpx
      http
      instup.exe
      362 B
      1.2kB
      5
      4

      HTTP Request

      GET http://k6951768.iavs9x.avg.u.avcdn.net/avg/iavs9x/prod-pgm.vpx

      HTTP Response

      200
    • 23.73.139.50:80
      http://x1281465.avi18tiny.u.avcdn.net/avi18tiny/prod-vps.vpx
      http
      instup.exe
      360 B
      969 B
      5
      4

      HTTP Request

      GET http://x1281465.avi18tiny.u.avcdn.net/avi18tiny/prod-vps.vpx

      HTTP Response

      200
    • 23.73.139.50:80
      http://x1281465.avi18tiny.u.avcdn.net/avi18tiny/part-jrog2-79.vpx
      http
      instup.exe
      365 B
      834 B
      5
      4

      HTTP Request

      GET http://x1281465.avi18tiny.u.avcdn.net/avi18tiny/part-jrog2-79.vpx

      HTTP Response

      200
    • 23.73.139.50:80
      http://x1281465.avi18tiny.u.avcdn.net/avi18tiny/part-vps_windows-24061199.vpx
      http
      instup.exe
      515 B
      8.2kB
      8
      9

      HTTP Request

      GET http://x1281465.avi18tiny.u.avcdn.net/avi18tiny/part-vps_windows-24061199.vpx

      HTTP Response

      200
    • 34.160.176.28:443
      https://shepherd.avcdn.net/
      tls, http
      instup.exe
      1.7kB
      34.7kB
      21
      31

      HTTP Request

      POST https://shepherd.avcdn.net/

      HTTP Response

      200
    • 34.117.223.223:443
      https://analytics.avcdn.net/receive3
      tls, http
      instup.exe
      2.3kB
      6.1kB
      12
      12

      HTTP Request

      POST https://analytics.avcdn.net/v4/receive/json/70

      HTTP Response

      200

      HTTP Request

      POST https://analytics.avcdn.net/receive3

      HTTP Response

      200
    • 34.117.223.223:443
      https://v7event.stats.avcdn.net/cgi-bin/iavsevents.cgi
      tls, http
      instup.exe
      1.4kB
      5.7kB
      11
      10

      HTTP Request

      POST https://v7event.stats.avcdn.net/cgi-bin/iavsevents.cgi

      HTTP Response

      204
    • 142.250.180.8:443
      https://ssl.google-analytics.com/collect
      tls, http
      instup.exe
      1.4kB
      6.0kB
      11
      10

      HTTP Request

      POST https://ssl.google-analytics.com/collect

      HTTP Response

      200
    • 34.111.24.1:443
      https://ipm.avcdn.net/?action=1&p_elm=76&p_pro=70&p_osv=10.0&p_cpua=x64&p_lid=en-us&repoid=avg&p_lan=1033&p_lng=en&p_vep=24&p_ves=5&p_vbd=3336&p_cnm=PXHSTPPU&p_hid=84c21b69-27f1-47fc-9d8f-99820cf029ac&p_bld=mmm_bav_tst_007_402_f&p_adp=0000&p_midex=E7AE39FA5EEE477481DC83EE66F9242B00000000000000000000000000000000&p_chs=5&p_chr=0&p_gccc=0&p_scr=intro&p_sbi=0&p_ram=8192&p_dpi=100&p_wndwidth=1010&p_wndheight=674&p_srid=0&p_pav=0
      tls, http
      instup.exe
      1.9kB
      35.5kB
      21
      33

      HTTP Request

      GET https://ipm.avcdn.net/?action=1&p_elm=76&p_pro=70&p_osv=10.0&p_cpua=x64&p_lid=en-us&repoid=avg&p_lan=1033&p_lng=en&p_vep=24&p_ves=5&p_vbd=3336&p_cnm=PXHSTPPU&p_hid=84c21b69-27f1-47fc-9d8f-99820cf029ac&p_bld=mmm_bav_tst_007_402_f&p_adp=0000&p_midex=E7AE39FA5EEE477481DC83EE66F9242B00000000000000000000000000000000&p_chs=5&p_chr=0&p_gccc=0&p_scr=intro&p_sbi=0&p_ram=8192&p_dpi=100&p_wndwidth=1010&p_wndheight=674&p_srid=0&p_pav=0

      HTTP Response

      200
    • 142.250.180.8:443
      https://ssl.google-analytics.com/collect?v=1&tid=UA-16796122-3&cid=84c21b69-27f1-47fc-9d8f-99820cf029ac&dh=ipm.avcdn.net&dp=avgfree%2Fen-gb%2Fsetup-avg-offer_secure-browser_variant-a.html&z=58148334&uid=E7AE39FA5EEE477481DC83EE66F9242B00000000000000000000000000000000&ds=ipm2&dt=setup-avg-offer_secure-browser_variant-a.html&ul=en-gb&cd5=avgfree%2Fen-gb%2Fsetup-avg-offer_secure-browser_variant-a.html&t=pageview&cg2=fn&cd1=fn&cd11=en&cd14=avgfree%2Fen-ww%2Fsetup-avg-offer_secure-browser_variant-a.html&cd16=0&cd17=en-us&cd18=0&cd28=ipm.avcdn.net&cd100=E7AE39FA5EEE477481DC83EE66F9242B00000000000000000000000000000000&cd101=70&cd102=24&cd103=5&cd104=3336&cd106=0&cd107=0&cd108=10.0&cd109=76&cd110=0&cd118=0&cd123=-1&cd127=8192&cd130=0&cd134=0&cd136=1&cd141=-1&cd142=0&cd148=8&cd153=0&cd170=setup_paid_intro&cd2=AVGFREE-0&cd3=24.5.3336.mmm_bav_tst_007_402_f&cd4=Paid%20Program%20%7C%20Licensed%20%7C%2076&cd12=en-ww&cd20=mmm_bav_tst_007_402_f&cd27=84c21b69-27f1-47fc-9d8f-99820cf029ac&cd41=84c21b69-27f1-47fc-9d8f-99820cf029ac&cd154=1&cd155=7&cd175=cba425b2-9d98-4bda-9d73-3477f6e05b85&cd176=cba425b2-9d98-4bda-9d73-3477f6e05b85
      tls, http
      instup.exe
      2.1kB
      6.0kB
      10
      9

      HTTP Request

      GET https://ssl.google-analytics.com/collect?v=1&tid=UA-16796122-3&cid=84c21b69-27f1-47fc-9d8f-99820cf029ac&dh=ipm.avcdn.net&dp=avgfree%2Fen-gb%2Fsetup-avg-offer_secure-browser_variant-a.html&z=58148334&uid=E7AE39FA5EEE477481DC83EE66F9242B00000000000000000000000000000000&ds=ipm2&dt=setup-avg-offer_secure-browser_variant-a.html&ul=en-gb&cd5=avgfree%2Fen-gb%2Fsetup-avg-offer_secure-browser_variant-a.html&t=pageview&cg2=fn&cd1=fn&cd11=en&cd14=avgfree%2Fen-ww%2Fsetup-avg-offer_secure-browser_variant-a.html&cd16=0&cd17=en-us&cd18=0&cd28=ipm.avcdn.net&cd100=E7AE39FA5EEE477481DC83EE66F9242B00000000000000000000000000000000&cd101=70&cd102=24&cd103=5&cd104=3336&cd106=0&cd107=0&cd108=10.0&cd109=76&cd110=0&cd118=0&cd123=-1&cd127=8192&cd130=0&cd134=0&cd136=1&cd141=-1&cd142=0&cd148=8&cd153=0&cd170=setup_paid_intro&cd2=AVGFREE-0&cd3=24.5.3336.mmm_bav_tst_007_402_f&cd4=Paid%20Program%20%7C%20Licensed%20%7C%2076&cd12=en-ww&cd20=mmm_bav_tst_007_402_f&cd27=84c21b69-27f1-47fc-9d8f-99820cf029ac&cd41=84c21b69-27f1-47fc-9d8f-99820cf029ac&cd154=1&cd155=7&cd175=cba425b2-9d98-4bda-9d73-3477f6e05b85&cd176=cba425b2-9d98-4bda-9d73-3477f6e05b85

      HTTP Response

      200
    • 34.117.223.223:443
      https://analytics.ff.avast.com/v4/receive/get/json/10?data=%7B%22record%22%3A%5B%7B%22event%22%3A%7B%22type%22%3A10%2C%22subtype%22%3A2%2C%22request_id%22%3A%22cba425b2-9d98-4bda-9d73-3477f6e05b85%22%7D%2C%22identity%22%3A%7B%22guid%22%3A%2284c21b69-27f1-47fc-9d8f-99820cf029ac%22%2C%22hwid%22%3A%22E7AE39FA5EEE477481DC83EE66F9242B00000000000000000000000000000000%22%7D%2C%22product%22%3A%7B%22id%22%3A64%2C%22edition%22%3A15%2C%22lang%22%3A%22en-gb%22%2C%22version_app%22%3A%2224.5.3336.mmm_bav_tst_007_402_f%22%2C%22build%22%3A3336%2C%22ipm_product%22%3A70%7D%2C%22platform%22%3A%7B%22version%22%3A%2210.0%22%2C%22lang%22%3A%22en-gb%22%7D%2C%22license%22%3A%7B%22subscription_mode%22%3Afalse%2C%22stack%22%3A%22STACK_AVAST%22%2C%22gen_license%22%3A%7B%7D%7D%2C%22shepherd%22%3A%7B%7D%2C%22ab_test%22%3A%7B%7D%2C%22ipm%22%3A%7B%22common%22%3A%7B%22element%22%3A76%2C%22license_type%22%3A%22STANDARD%22%2C%22licensing_stage%22%3A%22LICENSED%22%2C%22customer_segment%22%3A%22FN%22%2C%22flow_id%22%3A%22cba425b2-9d98-4bda-9d73-3477f6e05b85%22%7D%2C%22content%22%3A%7B%22content_identifier%22%3A%22avgfree%2Fen-ww%2Fsetup-avg-offer_secure-browser_variant-a.html%22%2C%22content_type%22%3A%22SCREEN%22%2C%22screen_language%22%3A%22en%22%2C%22screen_name%22%3A%22setup-avg-offer_secure-browser_variant-a%22%7D%2C%22action%22%3A%7B%7D%7D%7D%5D%7D
      tls, http
      instup.exe
      2.3kB
      5.7kB
      11
      10

      HTTP Request

      GET https://analytics.ff.avast.com/v4/receive/get/json/10?data=%7B%22record%22%3A%5B%7B%22event%22%3A%7B%22type%22%3A10%2C%22subtype%22%3A2%2C%22request_id%22%3A%22cba425b2-9d98-4bda-9d73-3477f6e05b85%22%7D%2C%22identity%22%3A%7B%22guid%22%3A%2284c21b69-27f1-47fc-9d8f-99820cf029ac%22%2C%22hwid%22%3A%22E7AE39FA5EEE477481DC83EE66F9242B00000000000000000000000000000000%22%7D%2C%22product%22%3A%7B%22id%22%3A64%2C%22edition%22%3A15%2C%22lang%22%3A%22en-gb%22%2C%22version_app%22%3A%2224.5.3336.mmm_bav_tst_007_402_f%22%2C%22build%22%3A3336%2C%22ipm_product%22%3A70%7D%2C%22platform%22%3A%7B%22version%22%3A%2210.0%22%2C%22lang%22%3A%22en-gb%22%7D%2C%22license%22%3A%7B%22subscription_mode%22%3Afalse%2C%22stack%22%3A%22STACK_AVAST%22%2C%22gen_license%22%3A%7B%7D%7D%2C%22shepherd%22%3A%7B%7D%2C%22ab_test%22%3A%7B%7D%2C%22ipm%22%3A%7B%22common%22%3A%7B%22element%22%3A76%2C%22license_type%22%3A%22STANDARD%22%2C%22licensing_stage%22%3A%22LICENSED%22%2C%22customer_segment%22%3A%22FN%22%2C%22flow_id%22%3A%22cba425b2-9d98-4bda-9d73-3477f6e05b85%22%7D%2C%22content%22%3A%7B%22content_identifier%22%3A%22avgfree%2Fen-ww%2Fsetup-avg-offer_secure-browser_variant-a.html%22%2C%22content_type%22%3A%22SCREEN%22%2C%22screen_language%22%3A%22en%22%2C%22screen_name%22%3A%22setup-avg-offer_secure-browser_variant-a%22%7D%2C%22action%22%3A%7B%7D%7D%7D%5D%7D

      HTTP Response

      200
    • 2.22.15.85:443
      https://ipmcdn.avast.com/images/banner/img-secure-browser-avg-v1.png
      tls, http
      instup.exe
      1.2kB
      16.2kB
      14
      17

      HTTP Request

      GET https://ipmcdn.avast.com/images/banner/img-secure-browser-avg-v1.png

      HTTP Response

      200
    • 8.8.8.8:53
      iavs9x.avg.u.avcdn.net
      dns
      c4df16d335825ebfeaa2f812681a27032bd7e1e7ccaf0e6cad4cda6f25d40568.exe
      68 B
      175 B
      1
      1

      DNS Request

      iavs9x.avg.u.avcdn.net

      DNS Response

      23.73.139.81
      23.73.139.56

    • 8.8.8.8:53
      v7event.stats.avast.com
      dns
      c4df16d335825ebfeaa2f812681a27032bd7e1e7ccaf0e6cad4cda6f25d40568.exe
      69 B
      145 B
      1
      1

      DNS Request

      v7event.stats.avast.com

      DNS Response

      34.117.223.223

    • 8.8.8.8:53
      g.bing.com
      dns
      56 B
      151 B
      1
      1

      DNS Request

      g.bing.com

      DNS Response

      204.79.197.237
      13.107.21.237

    • 8.8.8.8:53
      8.8.8.8.in-addr.arpa
      dns
      66 B
      90 B
      1
      1

      DNS Request

      8.8.8.8.in-addr.arpa

    • 8.8.8.8:53
      14.213.58.216.in-addr.arpa
      dns
      72 B
      141 B
      1
      1

      DNS Request

      14.213.58.216.in-addr.arpa

    • 8.8.8.8:53
      223.223.117.34.in-addr.arpa
      dns
      73 B
      126 B
      1
      1

      DNS Request

      223.223.117.34.in-addr.arpa

    • 8.8.8.8:53
      81.139.73.23.in-addr.arpa
      dns
      71 B
      135 B
      1
      1

      DNS Request

      81.139.73.23.in-addr.arpa

    • 8.8.8.8:53
      71.31.126.40.in-addr.arpa
      dns
      71 B
      157 B
      1
      1

      DNS Request

      71.31.126.40.in-addr.arpa

    • 8.8.8.8:53
      237.197.79.204.in-addr.arpa
      dns
      73 B
      143 B
      1
      1

      DNS Request

      237.197.79.204.in-addr.arpa

    • 8.8.8.8:53
      218.83.221.88.in-addr.arpa
      dns
      72 B
      137 B
      1
      1

      DNS Request

      218.83.221.88.in-addr.arpa

    • 8.8.8.8:53
      v7event.stats.avcdn.net
      dns
      avg_antivirus_free_setup_x64.exe
      69 B
      154 B
      1
      1

      DNS Request

      v7event.stats.avcdn.net

      DNS Response

      34.117.223.223

    • 8.8.8.8:53
      analytics.avcdn.net
      dns
      instup.exe
      65 B
      150 B
      1
      1

      DNS Request

      analytics.avcdn.net

      DNS Response

      34.117.223.223

    • 8.8.8.8:53
      shepherd.avcdn.net
      dns
      instup.exe
      64 B
      142 B
      1
      1

      DNS Request

      shepherd.avcdn.net

      DNS Response

      34.160.176.28

    • 8.8.8.8:53
      shepherd.avcdn.net
      dns
      instup.exe
      64 B
      188 B
      1
      1

      DNS Request

      shepherd.avcdn.net

    • 8.8.8.8:53
      shepherd.avcdn.net
      dns
      instup.exe
      64 B
      142 B
      1
      1

      DNS Request

      shepherd.avcdn.net

      DNS Response

      34.160.176.28

    • 8.8.8.8:53
      28.176.160.34.in-addr.arpa
      dns
      72 B
      124 B
      1
      1

      DNS Request

      28.176.160.34.in-addr.arpa

    • 8.8.8.8:53
      b0017156.iavs9x.avg.u.avcdn.net
      dns
      instup.exe
      515 B
      1.1kB
      6
      6

      DNS Request

      b0017156.iavs9x.avg.u.avcdn.net

      DNS Request

      g5856219.iavs9x.avg.u.avcdn.net

      DNS Request

      l9346865.iavs9x.avg.u.avcdn.net

      DNS Request

      l9518228.iavs9x.avg.u.avcdn.net

      DNS Request

      s-iavs9x.avcdn.net

      DNS Request

      s9788044.iavs9x.avg.u.avcdn.net

      DNS Response

      104.120.141.25

      DNS Response

      23.73.139.81
      23.73.139.56

      DNS Response

      23.73.139.56
      23.73.139.81

      DNS Response

      23.73.139.56
      23.73.139.81

      DNS Response

      23.73.139.81
      23.73.139.56

      DNS Response

      23.73.139.56
      23.73.139.81

    • 8.8.8.8:53
      b0017156.iavs9x.avg.u.avcdn.net
      dns
      instup.exe
      77 B
      184 B
      1
      1

      DNS Request

      b0017156.iavs9x.avg.u.avcdn.net

      DNS Response

      23.73.139.56
      23.73.139.81

    • 8.8.8.8:53
      g5856219.iavs9x.avg.u.avcdn.net
      dns
      instup.exe
      77 B
      184 B
      1
      1

      DNS Request

      g5856219.iavs9x.avg.u.avcdn.net

      DNS Response

      23.73.139.56
      23.73.139.81

    • 8.8.8.8:53
      l9346865.iavs9x.avg.u.avcdn.net
      dns
      instup.exe
      77 B
      184 B
      1
      1

      DNS Request

      l9346865.iavs9x.avg.u.avcdn.net

      DNS Response

      23.73.139.56
      23.73.139.81

    • 8.8.8.8:53
      l9518228.iavs9x.avg.u.avcdn.net
      dns
      instup.exe
      77 B
      184 B
      1
      1

      DNS Request

      l9518228.iavs9x.avg.u.avcdn.net

      DNS Response

      23.73.139.56
      23.73.139.81

    • 8.8.8.8:53
      s-iavs9x.avcdn.net
      dns
      instup.exe
      64 B
      164 B
      1
      1

      DNS Request

      s-iavs9x.avcdn.net

      DNS Response

      104.120.141.25

    • 8.8.8.8:53
      s9788044.iavs9x.avg.u.avcdn.net
      dns
      instup.exe
      77 B
      184 B
      1
      1

      DNS Request

      s9788044.iavs9x.avg.u.avcdn.net

      DNS Response

      23.73.139.56
      23.73.139.81

    • 8.8.8.8:53
      b0017156.iavs9x.avg.u.avcdn.net
      dns
      instup.exe
      515 B
      1.3kB
      6
      6

      DNS Request

      b0017156.iavs9x.avg.u.avcdn.net

      DNS Request

      g5856219.iavs9x.avg.u.avcdn.net

      DNS Request

      l9346865.iavs9x.avg.u.avcdn.net

      DNS Request

      l9518228.iavs9x.avg.u.avcdn.net

      DNS Request

      s-iavs9x.avcdn.net

      DNS Request

      s9788044.iavs9x.avg.u.avcdn.net

      DNS Response

      2a02:26f0:1780:5::216:902b
      2a02:26f0:1780:5::216:9007

      DNS Response

      2a02:26f0:1780:5::216:9007
      2a02:26f0:1780:5::216:902b

      DNS Response

      2a02:26f0:1780:5::216:9007
      2a02:26f0:1780:5::216:902b

      DNS Response

      2a02:26f0:1780:5::216:902b
      2a02:26f0:1780:5::216:9007

      DNS Response

      2a02:26f0:5700:19d::240d
      2a02:26f0:5700:182::240d

      DNS Response

      2a02:26f0:1780:5::216:902b
      2a02:26f0:1780:5::216:9007

    • 8.8.8.8:53
      b0017156.iavs9x.avg.u.avcdn.net
      dns
      instup.exe
      77 B
      208 B
      1
      1

      DNS Request

      b0017156.iavs9x.avg.u.avcdn.net

      DNS Response

      2a02:26f0:1780:5::216:902b
      2a02:26f0:1780:5::216:9007

    • 8.8.8.8:53
      g5856219.iavs9x.avg.u.avcdn.net
      dns
      instup.exe
      77 B
      208 B
      1
      1

      DNS Request

      g5856219.iavs9x.avg.u.avcdn.net

      DNS Response

      2a02:26f0:1780:5::216:9007
      2a02:26f0:1780:5::216:902b

    • 8.8.8.8:53
      l9346865.iavs9x.avg.u.avcdn.net
      dns
      instup.exe
      77 B
      208 B
      1
      1

      DNS Request

      l9346865.iavs9x.avg.u.avcdn.net

      DNS Response

      2a02:26f0:1780:5::216:9007
      2a02:26f0:1780:5::216:902b

    • 8.8.8.8:53
      l9518228.iavs9x.avg.u.avcdn.net
      dns
      instup.exe
      77 B
      208 B
      1
      1

      DNS Request

      l9518228.iavs9x.avg.u.avcdn.net

      DNS Response

      2a02:26f0:1780:5::216:902b
      2a02:26f0:1780:5::216:9007

    • 8.8.8.8:53
      s-iavs9x.avcdn.net
      dns
      instup.exe
      64 B
      204 B
      1
      1

      DNS Request

      s-iavs9x.avcdn.net

      DNS Response

      2a02:26f0:5700:182::240d
      2a02:26f0:5700:19d::240d

    • 8.8.8.8:53
      s9788044.iavs9x.avg.u.avcdn.net
      dns
      instup.exe
      77 B
      208 B
      1
      1

      DNS Request

      s9788044.iavs9x.avg.u.avcdn.net

      DNS Response

      2a02:26f0:1780:5::216:9007
      2a02:26f0:1780:5::216:902b

    • 8.8.8.8:53
      56.139.73.23.in-addr.arpa
      dns
      71 B
      135 B
      1
      1

      DNS Request

      56.139.73.23.in-addr.arpa

    • 8.8.8.8:53
      f4973661.iavs9x.avg.u.avcdn.net
      dns
      instup.exe
      515 B
      1.1kB
      6
      6

      DNS Request

      f4973661.iavs9x.avg.u.avcdn.net

      DNS Request

      k6951768.iavs9x.avg.u.avcdn.net

      DNS Request

      l8318517.iavs9x.avg.u.avcdn.net

      DNS Request

      s-iavs9x.avcdn.net

      DNS Request

      s9788044.iavs9x.avg.u.avcdn.net

      DNS Request

      y1284511.iavs9x.avg.u.avcdn.net

      DNS Response

      23.73.139.56
      23.73.139.81

      DNS Response

      23.73.139.56
      23.73.139.81

      DNS Response

      23.73.139.56
      23.73.139.81

      DNS Response

      104.120.141.25

      DNS Response

      23.73.139.56
      23.73.139.81

      DNS Response

      23.73.139.56
      23.73.139.81

    • 8.8.8.8:53
      f4973661.iavs9x.avg.u.avcdn.net
      dns
      instup.exe
      77 B
      184 B
      1
      1

      DNS Request

      f4973661.iavs9x.avg.u.avcdn.net

      DNS Response

      23.73.139.81
      23.73.139.56

    • 8.8.8.8:53
      k6951768.iavs9x.avg.u.avcdn.net
      dns
      instup.exe
      77 B
      184 B
      1
      1

      DNS Request

      k6951768.iavs9x.avg.u.avcdn.net

      DNS Response

      23.73.139.56
      23.73.139.81

    • 8.8.8.8:53
      l8318517.iavs9x.avg.u.avcdn.net
      dns
      instup.exe
      77 B
      184 B
      1
      1

      DNS Request

      l8318517.iavs9x.avg.u.avcdn.net

      DNS Response

      23.73.139.56
      23.73.139.81

    • 8.8.8.8:53
      s-iavs9x.avcdn.net
      dns
      instup.exe
      64 B
      164 B
      1
      1

      DNS Request

      s-iavs9x.avcdn.net

      DNS Response

      104.120.141.25

    • 8.8.8.8:53
      s9788044.iavs9x.avg.u.avcdn.net
      dns
      instup.exe
      77 B
      184 B
      1
      1

      DNS Request

      s9788044.iavs9x.avg.u.avcdn.net

      DNS Response

      23.73.139.56
      23.73.139.81

    • 8.8.8.8:53
      y1284511.iavs9x.avg.u.avcdn.net
      dns
      instup.exe
      77 B
      184 B
      1
      1

      DNS Request

      y1284511.iavs9x.avg.u.avcdn.net

      DNS Response

      23.73.139.56
      23.73.139.81

    • 8.8.8.8:53
      f4973661.iavs9x.avg.u.avcdn.net
      dns
      instup.exe
      515 B
      1.3kB
      6
      6

      DNS Request

      f4973661.iavs9x.avg.u.avcdn.net

      DNS Request

      k6951768.iavs9x.avg.u.avcdn.net

      DNS Request

      l8318517.iavs9x.avg.u.avcdn.net

      DNS Request

      s-iavs9x.avcdn.net

      DNS Request

      s9788044.iavs9x.avg.u.avcdn.net

      DNS Request

      y1284511.iavs9x.avg.u.avcdn.net

      DNS Response

      2a02:26f0:1780:5::216:9007
      2a02:26f0:1780:5::216:902b

      DNS Response

      2a02:26f0:1780:5::216:902b
      2a02:26f0:1780:5::216:9007

      DNS Response

      2a02:26f0:1780:5::216:902b
      2a02:26f0:1780:5::216:9007

      DNS Response

      2a02:26f0:5700:19d::240d
      2a02:26f0:5700:182::240d

      DNS Response

      2a02:26f0:1780:5::216:9007
      2a02:26f0:1780:5::216:902b

      DNS Response

      2a02:26f0:1780:5::216:9007
      2a02:26f0:1780:5::216:902b

    • 8.8.8.8:53
      f4973661.iavs9x.avg.u.avcdn.net
      dns
      instup.exe
      77 B
      208 B
      1
      1

      DNS Request

      f4973661.iavs9x.avg.u.avcdn.net

      DNS Response

      2a02:26f0:1780:5::216:9007
      2a02:26f0:1780:5::216:902b

    • 8.8.8.8:53
      k6951768.iavs9x.avg.u.avcdn.net
      dns
      instup.exe
      77 B
      208 B
      1
      1

      DNS Request

      k6951768.iavs9x.avg.u.avcdn.net

      DNS Response

      2a02:26f0:1780:5::216:9007
      2a02:26f0:1780:5::216:902b

    • 8.8.8.8:53
      l8318517.iavs9x.avg.u.avcdn.net
      dns
      instup.exe
      77 B
      208 B
      1
      1

      DNS Request

      l8318517.iavs9x.avg.u.avcdn.net

      DNS Response

      2a02:26f0:1780:5::216:9007
      2a02:26f0:1780:5::216:902b

    • 8.8.8.8:53
      s-iavs9x.avcdn.net
      dns
      instup.exe
      64 B
      204 B
      1
      1

      DNS Request

      s-iavs9x.avcdn.net

      DNS Response

      2a02:26f0:5700:19d::240d
      2a02:26f0:5700:182::240d

    • 8.8.8.8:53
      s9788044.iavs9x.avg.u.avcdn.net
      dns
      instup.exe
      77 B
      208 B
      1
      1

      DNS Request

      s9788044.iavs9x.avg.u.avcdn.net

      DNS Response

      2a02:26f0:1780:5::216:9007
      2a02:26f0:1780:5::216:902b

    • 8.8.8.8:53
      y1284511.iavs9x.avg.u.avcdn.net
      dns
      instup.exe
      77 B
      208 B
      1
      1

      DNS Request

      y1284511.iavs9x.avg.u.avcdn.net

      DNS Response

      2a02:26f0:1780:5::216:9007
      2a02:26f0:1780:5::216:902b

    • 8.8.8.8:53
      d9217321.avi18tiny.u.avcdn.net
      dns
      instup.exe
      513 B
      1.1kB
      6
      6

      DNS Request

      d9217321.avi18tiny.u.avcdn.net

      DNS Request

      n3338300.avi18tiny.u.avcdn.net

      DNS Request

      s-avi18tiny.avcdn.net

      DNS Request

      s9788044.avi18tiny.u.avcdn.net

      DNS Request

      x1281465.avi18tiny.u.avcdn.net

      DNS Request

      y7637820.avi18tiny.u.avcdn.net

      DNS Response

      23.73.139.50
      23.73.139.43

      DNS Response

      104.120.141.25

      DNS Response

      23.73.139.43
      23.73.139.50

      DNS Response

      23.73.139.50
      23.73.139.43

      DNS Response

      23.73.139.43
      23.73.139.50

      DNS Response

      23.73.139.50
      23.73.139.43

    • 8.8.8.8:53
      d9217321.avi18tiny.u.avcdn.net
      dns
      instup.exe
      76 B
      175 B
      1
      1

      DNS Request

      d9217321.avi18tiny.u.avcdn.net

      DNS Response

      23.73.139.50
      23.73.139.43

    • 8.8.8.8:53
      n3338300.avi18tiny.u.avcdn.net
      dns
      instup.exe
      76 B
      175 B
      1
      1

      DNS Request

      n3338300.avi18tiny.u.avcdn.net

      DNS Response

      23.73.139.50
      23.73.139.43

    • 8.8.8.8:53
      s-avi18tiny.avcdn.net
      dns
      instup.exe
      67 B
      167 B
      1
      1

      DNS Request

      s-avi18tiny.avcdn.net

      DNS Response

      104.120.141.25

    • 8.8.8.8:53
      s9788044.avi18tiny.u.avcdn.net
      dns
      instup.exe
      76 B
      175 B
      1
      1

      DNS Request

      s9788044.avi18tiny.u.avcdn.net

      DNS Response

      23.73.139.50
      23.73.139.43

    • 8.8.8.8:53
      x1281465.avi18tiny.u.avcdn.net
      dns
      instup.exe
      76 B
      175 B
      1
      1

      DNS Request

      x1281465.avi18tiny.u.avcdn.net

      DNS Response

      23.73.139.50
      23.73.139.43

    • 8.8.8.8:53
      y7637820.avi18tiny.u.avcdn.net
      dns
      instup.exe
      76 B
      175 B
      1
      1

      DNS Request

      y7637820.avi18tiny.u.avcdn.net

      DNS Response

      23.73.139.50
      23.73.139.43

    • 8.8.8.8:53
      d9217321.avi18tiny.u.avcdn.net
      dns
      instup.exe
      513 B
      1.3kB
      6
      6

      DNS Request

      d9217321.avi18tiny.u.avcdn.net

      DNS Request

      n3338300.avi18tiny.u.avcdn.net

      DNS Request

      s-avi18tiny.avcdn.net

      DNS Request

      s9788044.avi18tiny.u.avcdn.net

      DNS Request

      x1281465.avi18tiny.u.avcdn.net

      DNS Request

      y7637820.avi18tiny.u.avcdn.net

      DNS Response

      2a02:26f0:1780:5::216:9027
      2a02:26f0:1780:5::216:901f

      DNS Response

      2a02:26f0:1780:5::216:9027
      2a02:26f0:1780:5::216:901f

      DNS Response

      2a02:26f0:1780:5::216:901f
      2a02:26f0:1780:5::216:9027

      DNS Response

      2a02:26f0:1780:5::216:901f
      2a02:26f0:1780:5::216:9027

      DNS Response

      2a02:26f0:1780:5::216:9027
      2a02:26f0:1780:5::216:901f

      DNS Response

      2a02:26f0:5700:19d::240d
      2a02:26f0:5700:182::240d

    • 8.8.8.8:53
      d9217321.avi18tiny.u.avcdn.net
      dns
      instup.exe
      76 B
      199 B
      1
      1

      DNS Request

      d9217321.avi18tiny.u.avcdn.net

      DNS Response

      2a02:26f0:1780:5::216:9027
      2a02:26f0:1780:5::216:901f

    • 8.8.8.8:53
      n3338300.avi18tiny.u.avcdn.net
      dns
      instup.exe
      76 B
      199 B
      1
      1

      DNS Request

      n3338300.avi18tiny.u.avcdn.net

      DNS Response

      2a02:26f0:1780:5::216:9027
      2a02:26f0:1780:5::216:901f

    • 8.8.8.8:53
      s-avi18tiny.avcdn.net
      dns
      instup.exe
      67 B
      207 B
      1
      1

      DNS Request

      s-avi18tiny.avcdn.net

      DNS Response

      2a02:26f0:5700:182::240d
      2a02:26f0:5700:19d::240d

    • 8.8.8.8:53
      s9788044.avi18tiny.u.avcdn.net
      dns
      instup.exe
      76 B
      199 B
      1
      1

      DNS Request

      s9788044.avi18tiny.u.avcdn.net

      DNS Response

      2a02:26f0:1780:5::216:9027
      2a02:26f0:1780:5::216:901f

    • 8.8.8.8:53
      x1281465.avi18tiny.u.avcdn.net
      dns
      instup.exe
      76 B
      199 B
      1
      1

      DNS Request

      x1281465.avi18tiny.u.avcdn.net

      DNS Response

      2a02:26f0:1780:5::216:9027
      2a02:26f0:1780:5::216:901f

    • 8.8.8.8:53
      y7637820.avi18tiny.u.avcdn.net
      dns
      instup.exe
      76 B
      199 B
      1
      1

      DNS Request

      y7637820.avi18tiny.u.avcdn.net

      DNS Response

      2a02:26f0:1780:5::216:9027
      2a02:26f0:1780:5::216:901f

    • 8.8.8.8:53
      shepherd.avcdn.net
      dns
      instup.exe
      64 B
      188 B
      1
      1

      DNS Request

      shepherd.avcdn.net

    • 8.8.8.8:53
      50.139.73.23.in-addr.arpa
      dns
      71 B
      135 B
      1
      1

      DNS Request

      50.139.73.23.in-addr.arpa

    • 8.8.8.8:53
      v7event.stats.avcdn.net
      dns
      avg_antivirus_free_setup_x64.exe
      80 B
      165 B
      1
      1

      DNS Request

      v7event.stats.avcdn.net

      DNS Response

      34.117.223.223

    • 8.8.8.8:53
      v7event.stats.avcdn.net
      dns
      avg_antivirus_free_setup_x64.exe
      69 B
      154 B
      1
      1

      DNS Request

      v7event.stats.avcdn.net

      DNS Response

      34.117.223.223

    • 8.8.8.8:53
      v7event.stats.avcdn.net
      dns
      avg_antivirus_free_setup_x64.exe
      80 B
      211 B
      1
      1

      DNS Request

      v7event.stats.avcdn.net

    • 8.8.8.8:53
      v7event.stats.avcdn.net
      dns
      avg_antivirus_free_setup_x64.exe
      69 B
      200 B
      1
      1

      DNS Request

      v7event.stats.avcdn.net

    • 8.8.8.8:53
      v7event.stats.avcdn.net
      dns
      avg_antivirus_free_setup_x64.exe
      80 B
      165 B
      1
      1

      DNS Request

      v7event.stats.avcdn.net

      DNS Response

      34.117.223.223

    • 8.8.8.8:53
      ssl.google-analytics.com
      dns
      instup.exe
      70 B
      86 B
      1
      1

      DNS Request

      ssl.google-analytics.com

      DNS Response

      142.250.180.8

    • 8.8.8.8:53
      ipm.avcdn.net
      dns
      instup.exe
      59 B
      141 B
      1
      1

      DNS Request

      ipm.avcdn.net

      DNS Response

      34.111.24.1

    • 8.8.8.8:53
      ipm.avcdn.net
      dns
      instup.exe
      59 B
      141 B
      1
      1

      DNS Request

      ipm.avcdn.net

      DNS Response

      34.111.24.1

    • 8.8.8.8:53
      8.180.250.142.in-addr.arpa
      dns
      72 B
      110 B
      1
      1

      DNS Request

      8.180.250.142.in-addr.arpa

    • 8.8.8.8:53
      ipmcdn.avast.com
      dns
      instup.exe
      62 B
      157 B
      1
      1

      DNS Request

      ipmcdn.avast.com

      DNS Response

      2.22.15.85

    • 8.8.8.8:53
      analytics.ff.avast.com
      dns
      instup.exe
      68 B
      117 B
      1
      1

      DNS Request

      analytics.ff.avast.com

      DNS Response

      34.117.223.223

    • 8.8.8.8:53
      ssl.google-analytics.com
      dns
      instup.exe
      70 B
      86 B
      1
      1

      DNS Request

      ssl.google-analytics.com

      DNS Response

      142.250.180.8

    • 8.8.8.8:53
      analytics.ff.avast.com
      dns
      instup.exe
      68 B
      117 B
      1
      1

      DNS Request

      analytics.ff.avast.com

      DNS Response

      34.117.223.223

    • 8.8.8.8:53
      ipmcdn.avast.com
      dns
      instup.exe
      62 B
      157 B
      1
      1

      DNS Request

      ipmcdn.avast.com

      DNS Response

      2.22.15.85

    • 8.8.8.8:53
      1.24.111.34.in-addr.arpa
      dns
      70 B
      120 B
      1
      1

      DNS Request

      1.24.111.34.in-addr.arpa

    • 8.8.8.8:53
      85.15.22.2.in-addr.arpa
      dns
      69 B
      131 B
      1
      1

      DNS Request

      85.15.22.2.in-addr.arpa

    • 8.8.8.8:53
      29.243.111.52.in-addr.arpa
      dns
      72 B
      158 B
      1
      1

      DNS Request

      29.243.111.52.in-addr.arpa

    • 8.8.8.8:53
      172.210.232.199.in-addr.arpa
      dns
      74 B
      128 B
      1
      1

      DNS Request

      172.210.232.199.in-addr.arpa

    MITRE ATT&CK Enterprise v15

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • C:\ProgramData\AVG\Persistent Data\Antivirus\Logs\Setup.log

      Filesize

      26KB

      MD5

      d45fc9c860b24cad904d651f5ea35a3f

      SHA1

      d8233a1c7e773d8cb7994806b0e4c4c986e8ab31

      SHA256

      0098443dc5f5242035e0eaa1e418c70e8832a2f2cd29cbd581da647d5378ab91

      SHA512

      407a64457a9297ac8b28c7ad48b3b7055a59afebe6a9c6580dd5b3bfe8049bfe27f099ead3e6fae3c5519483aa23bc80fb427e9f23914bf54d3469acdc030ed0

    • C:\ProgramData\AVG\Persistent Data\Antivirus\Logs\Setup.log

      Filesize

      1KB

      MD5

      471b11eea34e4bb95854aae00bc898d2

      SHA1

      8c6278a3fbe04ce7bbd05f640447cce3c19225c2

      SHA256

      8380145f8e604813c75ba11cbd919ed18af3b87307949d448d70936d8e332888

      SHA512

      78a3bed138b7a14dc82769cd1f94ae42d4598a85ed8b67057d0cc0e43b1cedd4279e63fdf0495340fc9f372594f359e6cc1afcc91647364c782cdd432675704a

    • C:\ProgramData\AVG\Persistent Data\Antivirus\Logs\event_manager.log

      Filesize

      281B

      MD5

      622db09c358517b5b342c31ed2b65df1

      SHA1

      2c38476954751df44e54bbed724ac2203e3e5df3

      SHA256

      4571cc909151ddb0a590acabd3faa672a0dcd8c49ecc4e1b0ec0f16eea095166

      SHA512

      24335ea4bf1221a6c2d792817aa60707668f4be6a5da47c7c2be744b19ae0f8eafd630f95447c27918d75d8d4a76f54dfadb94e5d88665a83e16cc9baa41f7fb

    • C:\Windows\Temp\asw.bfabaa787f845146\HTMLayout.dll

      Filesize

      4.0MB

      MD5

      4cc6efda014cc654142c97cd09175e37

      SHA1

      9ff80f73eb8aa9563ee04f3857fedbb4167a9a2a

      SHA256

      0ffd67c501dd1778c35830465f07f2390e318a485e0b22e437404b0a9d4b5ad2

      SHA512

      064ceb07ef2a8a5db7d07a3ee58df07008efd642f12960c7dce837f533876199c0773a4b9861cf7907487b7fb2a96d6a1efdcc854855fd9246198ca438cab751

    • C:\Windows\Temp\asw.bfabaa787f845146\Instup.dll

      Filesize

      18.1MB

      MD5

      e9134948a4db2642f9bfaaf157a18bd0

      SHA1

      98249d941c196e9ee01f5d77713f13a12fff87f4

      SHA256

      67721cd04b1866888a97c1027e6d6ca5805b08124b724a31ff9931f9f3e28b2a

      SHA512

      629b39736755e9a9987a74aa9dab6aec94be061a3c70c140ce98d4eb9ca3575ccc02380990a023f3fbc1f49d56518f1dc9345fd8c7fe3b9cfbf7eb9c80187995

    • C:\Windows\Temp\asw.bfabaa787f845146\Instup.exe

      Filesize

      3.6MB

      MD5

      cb33ee6145c1dfad640103e1bc8b00e9

      SHA1

      e68405536c9501a5f7617636db734a7e7bfdb61c

      SHA256

      068bd9cd5dc944ff9030bdf3e31638408314e54861b93cdaf8c3c905a8005cac

      SHA512

      31608dc1d295c91d012fd4634494b182c6d4b70c255036cbd0f71ace56fbc1a69f8358b8799d2db21e0bea1010ad79dee774b6049bf31dd513042b460722508b

    • C:\Windows\Temp\asw.bfabaa787f845146\New_18050d08\asw7bf102b3a7467094.tmp

      Filesize

      19KB

      MD5

      ebd5c38aa827d9777dcde81e2a037b6f

      SHA1

      740eee39569863c6baa780e7d82c848c92abe0c1

      SHA256

      7fd358eddcef6756f315fec2bfad52286402f7194104fcfd3dcec7d588597025

      SHA512

      fc22fff31b6e84297af9769b84142960e45bf9d8b71e9039e3829be9c671fc173dd47c88c25807f3e7bca0b87f842de500f5227e21ed312bfae2e89d0b65ff0d

    • C:\Windows\Temp\asw.bfabaa787f845146\New_18050d08\gcapi.dll

      Filesize

      867KB

      MD5

      3ead47f44293e18d66fb32259904197a

      SHA1

      e61e88bd81c05d4678aeb2d62c75dee35a25d16b

      SHA256

      e0d08b9da7e502ad8c75f8be52e9a08a6bcd0c5f98d360704173be33777e4905

      SHA512

      927a134bdaec1c7c13d11e4044b30f7c45bbb23d5caf1756c2beada6507a69df0a2e6252ec28a913861e4924d1c766704f1036d7fc39c6ddb22e5eb81f3007f0

    • C:\Windows\Temp\asw.bfabaa787f845146\aswaf95038bd6ce18a5.ini

      Filesize

      1KB

      MD5

      2f4301ac41da3c8c865bcf0a2686246d

      SHA1

      fe799dedf9d99c05e79e54539ca8c0e853f4cf91

      SHA256

      584591ed817da7b6addff5b70ab11508288eab29c06e48f7d61d7fd861e5594b

      SHA512

      8717af385c54f98d6ca9f8a054d6eed0a99608dbbf943d1d24007ee3ebc589e563d69e799e0c11e822e7328501739dd52752b0902c4982229387ba45df50d3cb

    • C:\Windows\Temp\asw.bfabaa787f845146\avbugreport_x64_ais-d08.vpx

      Filesize

      4.7MB

      MD5

      ebc2e21a31af7ba94c3a70db0caf23ad

      SHA1

      36a25c19c6becbcf8e1c959458867f59cab774a3

      SHA256

      b1819bf1551be44e0f293f6b6ead1841aacb63ca3a9d90f1a31c9cb52f648c6e

      SHA512

      e777fd82cf1d782e73dc8796c57ecb9be4ed09256af456190ae0e414de651226c3eb616ae4ec1c245e55934843dd85485e0594c0125e013c47b48d89fff5f739

    • C:\Windows\Temp\asw.bfabaa787f845146\avdump_x64_ais-d08.vpx

      Filesize

      3.3MB

      MD5

      c339cfe0485edefebae496b088d41221

      SHA1

      684e4fa30a601ef645293cc5a8b008bbc03b9483

      SHA256

      55ebd9dc7c26877a51e11722d3ea17f1afdf39a30aeda07ef6804659c34e54c4

      SHA512

      c78b4735ed9184219f95a461e97a47d95b60f353ded28d692a72f9c3db2ead081b700731c8b673e8a1ca969519281d8e73cef449d5bb6bcfd282fcd2261f4a5d

    • C:\Windows\Temp\asw.bfabaa787f845146\config.def

      Filesize

      18KB

      MD5

      b86dd14aadb9e34d004ad39a4693ced0

      SHA1

      1cb7775cee3e4106b2ddba89a0ccdc9dd547c521

      SHA256

      b64d1d23aef5cdeeb2279216a00c931b201bce90407c9cbff3a7ef2742873878

      SHA512

      03cb9215521da45e1df7b926fad7b0afd5ee001944c475a90c8646d7621d0d062267a682e102d81da0b5204ed215ec6ba4c7646d9340d71b0cb77ca12ddef0c1

    • C:\Windows\Temp\asw.bfabaa787f845146\config.def

      Filesize

      18KB

      MD5

      0b575a6d40715ef6b6437f3d651365ec

      SHA1

      22c0e7f738cadb4e9287ce8b0ff75dd6781fc0a0

      SHA256

      4b442e9da01b6ba0e1f53afedbdbc6aea667cb1fde4b47f5a4cb871102ee2423

      SHA512

      bab5777b2a14edcc927d9a2feeaae3f76d4d670ab1ef4685cfe1f1432c3f058dcaf0c4b1b3c697c1e20698087d80eb549cf92ede68638cd2bf48b53a73a26782

    • C:\Windows\Temp\asw.bfabaa787f845146\config.def

      Filesize

      24KB

      MD5

      209f5135ae4c7e8ff1f1948876c5ee32

      SHA1

      8c009e6864e653320b8cc62e65d890788d9a7fd7

      SHA256

      ee62e0b16dc86b89f4c4801c531124190b2853c3333983289ef1d9b8ffd41eb3

      SHA512

      01551c424195fb3cb1dbb014096c1b9c042ee196f90dfdb5d26a7130578978f161d7b84c71d73f1daa4fb6554d9802570c4bf8953d29d5f88eb9e486766e98ea

    • C:\Windows\Temp\asw.bfabaa787f845146\config.ini

      Filesize

      696B

      MD5

      49e06bf9341fd92a249159483627845d

      SHA1

      d23b7e1f861cedca0b1212935b5328fee3cabafb

      SHA256

      feceb79022e6100df56347a6c86b1aab254bbe156f9dfc2002c013bf7b7e8ae8

      SHA512

      99c7c4430fbec3d82b1c22d2a413d2d1a905ccdad4c03bb85a760b66e0d8f7ddba82db2f8463f100fc661a1a4dddc7a37ac08b77b5f9a4592315244fcb978df9

    • C:\Windows\Temp\asw.bfabaa787f845146\offertool_x64_ais-d08.vpx

      Filesize

      2.3MB

      MD5

      993a67fbd5162510a2b0f3fba05bad33

      SHA1

      3c76258240a04c05341e611f55bef10341e34ff3

      SHA256

      0b7c3caa31928131ce0e1ca570aa72e20a98dda13e4ca0c59f31cc677d8e8c6e

      SHA512

      44a335d3db00fa9148066a5f2d2a9f5250d7df2315d132ab2798b02e2d21b700525a00be91d960e1564a6ffc0ee95347f0df9ffc27a10cf807d5a926ab5154a3

    • C:\Windows\Temp\asw.bfabaa787f845146\part-jrog2-79.vpx

      Filesize

      211B

      MD5

      aa442786f758e5ad442aea88d6cf6124

      SHA1

      6c464722d20d261a155e2c5f6105cd8a4f0e5c21

      SHA256

      ba1333f2355a7660001410efc8ae3e0b49d1600806272050883980889d6e250b

      SHA512

      add459ffec8fa3883a56a64fb0a34bf0c99fbda9e296e30911f2fee313626a68ba3e1d56671615b6250a9adfa8a6e07e76a86dab234500a03c60a07556a50e1f

    • C:\Windows\Temp\asw.bfabaa787f845146\part-prg_ais-18050d08.vpx

      Filesize

      73KB

      MD5

      d264bf74d7ffcbad341d9fcefa4893bb

      SHA1

      c7e9a0972524fa573825865c46eb6728d3e219e0

      SHA256

      4b01a68078d7e1af1c0197baddbbb1ef4d3cbf13f71e8b9df766f88b4e6d8025

      SHA512

      afbfdf6fdeb5dc427340de691726e79cb5bcc41bd488c557c684efe3f26d83a17f1118cc50bd64541a9a839d3dd4329a72a9423e65d3e9cdcfbd14003f1e0dc3

    • C:\Windows\Temp\asw.bfabaa787f845146\part-setup_ais-18050d08.vpx

      Filesize

      4KB

      MD5

      0344288a18997069003d84c226a168f9

      SHA1

      0fe47920601834e620737ad321fbb24d38c7ee94

      SHA256

      675bd92f752a51bd7d9797895252b3130095a06d7d5db8f221ab6251735ead8d

      SHA512

      b1680ef42d7e2e56fbb124c91da27f15e6c946450c7d03d95b937c3cde80dbc2260e11926578075df255058c2307058429fd2f7307fc0a105c775a9b8aa82429

    • C:\Windows\Temp\asw.bfabaa787f845146\part-vps_windows-24061199.vpx

      Filesize

      7KB

      MD5

      91760dd268918f34d5035b70231c6662

      SHA1

      c244a869726ab00bc674ea81970ddc739f240426

      SHA256

      60cbcb938b4d06ec162bb2379fe94f0f22cac8927ea5740cb52260809c5ef50a

      SHA512

      30f015fc4cb040e617caff7545290b7add9ce500a2bf10a72d53eed64b0972754e4a5dc1296b50b06f286a473950b21c3bec9fadbe9733942d59542ec19175d6

    • C:\Windows\Temp\asw.bfabaa787f845146\prod-pgm.vpx

      Filesize

      572B

      MD5

      6d08ac0131cac7a2f9f2ea5d9d0b0cc6

      SHA1

      25983c1419089c6a7570963dda2d06e022b3b36d

      SHA256

      846f9f2f624c8a1f001a4bd7c7ca3158c8c79cb11fa6d474cfdf8e48d0238a3f

      SHA512

      753890f34fc1a925177a594c8bc5e19dc509fb8b32c1eef429496c5d19421200bdd75879c529981823340718bee82dafdf3f262a9ecf65de9ef03d12a1684b2c

    • C:\Windows\Temp\asw.bfabaa787f845146\prod-vps.vpx

      Filesize

      343B

      MD5

      b516373c4f4f0bd98bbbcd71b4022e4d

      SHA1

      fb2ccdcbec8ddcd91f35fd762dd86a5b2cb8e062

      SHA256

      52e06087d9c0968150bc5d3b06895e3ab9b69aebea20e0328434b703aa242099

      SHA512

      b1ef7ffd12b104a3caf8676c95285693c2af057537df0e87a292cea51bddf34be3ff00adae1337ecede93a8de9bb9ee71c464920f9f54c7bf3236d74aae98469

    • C:\Windows\Temp\asw.bfabaa787f845146\prod-vps.vpx

      Filesize

      340B

      MD5

      a6aa5195417c52019dac2ea520161d70

      SHA1

      3867f26e50214fbef5698dcea3840ba6c35ab23b

      SHA256

      b5992d7f4f9cfbd8c06d0b40110f296e70a7b804e581553d120d22146efdfc92

      SHA512

      6986e715d9adf1142d965f0b8d0ec99915537015cb95ea14b9565f0aab3f2fde6c36ef06d760c8c32e0ad452419edcce0695eee5397f97afed3a28e75f25fc50

    • C:\Windows\Temp\asw.bfabaa787f845146\servers.def

      Filesize

      27KB

      MD5

      2b62fb1ecd174c7e951f2b8af502c1c0

      SHA1

      90744a9355dd5b74d2ecc7ee34fccbeca1c18f1b

      SHA256

      1fc616dd97e72451eda1324979f65df6af823aaaee1c83e5c2c3f3308cd26a67

      SHA512

      0f14fbab88469ed19cde8d54ad74276ae4b03a783bf99def2d0f4d655a6ff86a35aa7ce4e8a7dcb936c70789efc4714b9bf1b317e485a6a44f150be6792cd7a0

    • C:\Windows\Temp\asw.bfabaa787f845146\servers.def.vpx

      Filesize

      1KB

      MD5

      ca027a5ef5f6d21d7e42855fa4db4120

      SHA1

      eee669fe1c3cabd5f96c65ac992e4851f8eca9da

      SHA256

      e1b5e5122457b19ad5175b0b372d6d0b55813503827ad1d84c26f23b8506a66d

      SHA512

      8dcd63d2406f6f7e67053342553345bb372401a8dda64e1b41e937df7359a8e4c0afa9705d8fbb953aeed403d54bcd6a5d5bddf7ca1d6c43f1da37020bdda491

    • C:\Windows\Temp\asw.bfabaa787f845146\setup.def

      Filesize

      38KB

      MD5

      49474897d267894daa13e9dcb168793d

      SHA1

      10331de148bb89ecc6e1af25bd3b0a862dd2b4eb

      SHA256

      0b9aedce74468150c054d27649dad8f98109e537a581649be6668a13cd29e6a7

      SHA512

      687dfcfdff27d8be7fa2b7a277a6bd269bf719ca12bf5e7f38643582785032cb8b0e11c04180736dfa56c2b10a12e10c10e50427ceacf6d6332125ebf65eb9da

    • C:\Windows\Temp\asw.bfabaa787f845146\uat64.dll

      Filesize

      29KB

      MD5

      c53dc6d8050e08d12939b95e2f5c53dc

      SHA1

      01f3fd1a4c730cad939d243e6bb8f9fe8f1e0138

      SHA256

      5a690ef46a5c889adbad580b773a6025040426ee11d3817927dd1e77698e8ece

      SHA512

      75ec453cfa12a071322877db4244746de6ecec779c4f267cb3b9729437f3e0a90ffa2fe1d42e5baf05c159c8c6ef6c71bc7e258044162e5fcbaad10a9e93d84a

    • C:\Windows\Temp\asw.bfabaa787f845146\uat64.vpx

      Filesize

      16KB

      MD5

      bd33707a5e0b6cc434fbaa32e69cb30a

      SHA1

      34ddc8fbda6acef9e07de571d4c00e65e3c09958

      SHA256

      bf60d1aa67abc73f927e1544ba8b66a79ec9143caedb15e1d94d023be6aba036

      SHA512

      02b78b7796e55e245d00ae5b94ae767c6c7da480ec609e84b1a4deafb5f6dbb8f15ad5947b3db421048e17d46419b2149ef23aa369ce42288d3bb5817a0863de

    • C:\Windows\Temp\asw.eecc863cc3decc7b\avg_antivirus_free_setup_x64.exe

      Filesize

      9.5MB

      MD5

      72c1cad77d7a37f6eed6606b00b22738

      SHA1

      1883d039f42ead5318de8f5f37b61bad4b61fa72

      SHA256

      47cee4d44e8fe27f3229fa751c11259227a00b605d6a42e2cb066f100a9049c3

      SHA512

      87104f2cf47683f113398e71b795fbeadd6835b5d333e1aedf22e7d3afec7de3e138cbc949947235ff4892489caaf219405832df91885084e361806ac22d0209

    • C:\Windows\Temp\asw.eecc863cc3decc7b\ecoo.edat

      Filesize

      21B

      MD5

      b7a649f519bca7f8e5186aaea02b48c9

      SHA1

      9a1e5074bbea1693659a70c85ef8f66e20a97422

      SHA256

      d9defeae2cfb91b2871eaf62bcdc2b0e2390de6ba02343407dd658e37f75f543

      SHA512

      dc033fc80e06b5013f85f5bda1927421f6635d85bc85d2ae7a5694b69e4bb14e50d9320a7963bfabf113f9e0e58cd6fd1442dc3530335ea3908383e36e2dd506

    We care about your privacy.

    This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.