is this a spoofing attempt to download malicious files piggy-backing Avast updates?
Please see enclosed screendump where after the IP addresss is a VPX file.
What makes me supiciois is that the vpx file is right after the IP address…Would assume that the actual update to be downloaded would never be shown as part of the IP address that Avas tis connecting to? or?