I haven’t changed any settings on my Sophia XG but today I started receiving multiple threat alerts from ATP for the following:
2020-11-22 20:26:14Advanced threat protectionmessageid="18010" log_type="ATP" log_component="Firewall" log_subtype="Drop" user="" protocol="TCP" src_port="49348" dst_port="80" src_ip="172.16.16.47" dst_ip="31.171.154.67" url="31.171.154.67" threat="C2/Generic-A" event_id="7825B787-F721-400B-BEBD-40BEA61EFDC9" type="Standard" host_login_user="" host_process_user="" endpoint_id="" execution_path=""
It’s occurring for two devices on my network, my Apple iPad and Dell XPS laptop (Ubuntu). Tried looking up the destination IP but nothing comes up. I’ll get about 20-30 alerts in rapid succession then it stops. I wasn’t doing anything particular on either my Dell XPS or iPad.
Anyone have any idea what might be causing this?
This thread was automatically locked due to age.
