| IP Address | Port | Hostname | ||
|---|---|---|---|---|
| Source | (local) | 61143 | ||
| Destination | 205.234.175.175 (United States) | http (80) | vip1.g5.cachefly.net |
Description:
- This matches 'Autoupdate' in the User-Agent for an HTTP request.Description:
False Positive:
- YES
- In this particular instance, we see the Host: pointing to get.acclivitysoftware.com.
- This is legitimate business software which just happens to use the User-Agent AutoUpdatePlusAgent as part of their automated update process.
Action:
- none
Comments