{"report_id":"8cf496ed-5de7-4b72-a945-ab566ea1c882","version":6,"status":"done","tags":[],"date":"2025-11-20T18:53:16Z","url":{"schema":"http","addr":"esportesembed.top/juventude-x-cruzeiro-3","fqdn":"esportesembed.top","domain":"esportesembed.top","tld":"top"},"ip":{"addr":"172.67.183.172","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"esportesembed.top/juventude-x-cruzeiro-3","fqdn":"esportesembed.top","domain":"esportesembed.top","tld":"top"},"title":"Player","dom":{"size":188034,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text","md5":"ab3fb5cf85bbb577ab569f009d2bc942","sha1":"5dcb10fdd8af30546c5c9f69272c57d29d35e734","sha256":"aebb5ce4262ed64b2f3f8669ce61a64b4184341e8b82abb8e418eaa0a5eb2e3b","sha512":"3070e112389b9515fa0ce11a6fc8ccc49e788add14225cfdb888794835683f344167a39d96fa50b00c494c0b001af4af679d68d5424ccdca93b397d4049e3ece","ssdeep":"3072:QLls9/7eqCXBQ+mU719kWXq3tGDoCD9i5DozOM/iUm0T8:wO5eqg7B3L3m0o","tlshash":"c504612a69dc251321252b05d3d657c0f33f7e31b2bae485bc0c2c9646de29d6cf6a87","dom_hash":"domhash2ba9e17f605344744320cd307ac7118d","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"esportesembed.top/juventude-x-cruzeiro-3","fqdn":"esportesembed.top","domain":"esportesembed.top","tld":"top"},"ip":{"addr":"172.67.183.172","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null,"user":{"country_code":"zz"}},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-12-25T18:53:16Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":214,"urlquery":0,"analyzer":11}},"detection":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:55Z","timestamp":1763664775,"ip_dst":{"addr":"74.125.250.129","port":19302,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.8","port":52251,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:55.691462+0000\",\"flow_id\":2089466752109830,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":52251,\"dest_ip\":\"74.125.250.129\",\"dest_port\":19302,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":62,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:55.691462+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:55Z","timestamp":1763664775,"ip_dst":{"addr":"74.125.250.129","port":19302,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.8","port":39606,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:55.691596+0000\",\"flow_id\":757365465386380,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":39606,\"dest_ip\":\"74.125.250.129\",\"dest_port\":19302,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":62,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:55.691596+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:55Z","timestamp":1763664775,"ip_dst":{"addr":"74.125.250.129","port":19302,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.8","port":43041,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:55.691640+0000\",\"flow_id\":1440784956493240,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":43041,\"dest_ip\":\"74.125.250.129\",\"dest_port\":19302,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":62,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:55.691640+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:55Z","timestamp":1763664775,"ip_dst":{"addr":"74.125.250.129","port":19302,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.8","port":46885,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:55.691676+0000\",\"flow_id\":1728547765325276,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":46885,\"dest_ip\":\"74.125.250.129\",\"dest_port\":19302,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":62,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:55.691676+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:55Z","timestamp":1763664775,"ip_dst":{"addr":"74.125.250.129","port":19302,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.8","port":39891,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:55.691765+0000\",\"flow_id\":221564000243253,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":39891,\"dest_ip\":\"74.125.250.129\",\"dest_port\":19302,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":62,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:55.691765+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:55Z","timestamp":1763664775,"ip_dst":{"addr":"74.125.250.129","port":19302,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.8","port":43034,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:55.691845+0000\",\"flow_id\":1223425251577477,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":43034,\"dest_ip\":\"74.125.250.129\",\"dest_port\":19302,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":62,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:55.691845+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:55Z","timestamp":1763664775,"ip_dst":{"addr":"74.125.250.129","port":19302,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.8","port":60679,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:55.691808+0000\",\"flow_id\":1904523312860768,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":60679,\"dest_ip\":\"74.125.250.129\",\"dest_port\":19302,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":62,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:55.691808+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:55Z","timestamp":1763664775,"ip_dst":{"addr":"74.125.250.129","port":19302,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.8","port":57185,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:55.691896+0000\",\"flow_id\":24783631126200,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":57185,\"dest_ip\":\"74.125.250.129\",\"dest_port\":19302,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":62,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:55.691896+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:55Z","timestamp":1763664775,"ip_dst":{"addr":"74.125.250.129","port":19302,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.8","port":60491,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:55.691935+0000\",\"flow_id\":1998757042818783,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":60491,\"dest_ip\":\"74.125.250.129\",\"dest_port\":19302,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":62,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:55.691935+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:55Z","timestamp":1763664775,"ip_dst":{"addr":"74.125.250.129","port":19302,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.8","port":50213,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:55.691998+0000\",\"flow_id\":413856128536350,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":50213,\"dest_ip\":\"74.125.250.129\",\"dest_port\":19302,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":62,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:55.691998+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:55Z","timestamp":1763664775,"ip_dst":{"addr":"74.125.250.129","port":19302,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.8","port":48276,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:55.692034+0000\",\"flow_id\":2203055752187714,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":48276,\"dest_ip\":\"74.125.250.129\",\"dest_port\":19302,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":62,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:55.692034+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:55Z","timestamp":1763664775,"ip_dst":{"addr":"74.125.250.129","port":19302,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.8","port":57948,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:55.691970+0000\",\"flow_id\":2186906675154690,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":57948,\"dest_ip\":\"74.125.250.129\",\"dest_port\":19302,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":62,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:55.691970+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:55Z","timestamp":1763664775,"ip_dst":{"addr":"74.125.250.129","port":19302,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.8","port":38573,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:55.692069+0000\",\"flow_id\":845206136524645,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":38573,\"dest_ip\":\"74.125.250.129\",\"dest_port\":19302,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":62,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:55.692069+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:55Z","timestamp":1763664775,"ip_dst":{"addr":"74.125.250.129","port":19302,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.8","port":54200,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:55.692104+0000\",\"flow_id\":571391233986440,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":54200,\"dest_ip\":\"74.125.250.129\",\"dest_port\":19302,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":62,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:55.692104+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:55Z","timestamp":1763664775,"ip_dst":{"addr":"74.125.250.129","port":19302,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.8","port":38634,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:55.692143+0000\",\"flow_id\":1381471458135983,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":38634,\"dest_ip\":\"74.125.250.129\",\"dest_port\":19302,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":62,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:55.692143+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:55Z","timestamp":1763664775,"ip_dst":{"addr":"74.125.250.129","port":19302,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.8","port":43218,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:55.692183+0000\",\"flow_id\":971201149636567,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":43218,\"dest_ip\":\"74.125.250.129\",\"dest_port\":19302,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":62,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:55.692183+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:55Z","timestamp":1763664775,"ip_dst":{"addr":"74.125.250.129","port":19302,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.8","port":58148,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:55.692215+0000\",\"flow_id\":1636586073067511,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":58148,\"dest_ip\":\"74.125.250.129\",\"dest_port\":19302,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":62,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:55.692215+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:55Z","timestamp":1763664775,"ip_dst":{"addr":"74.125.250.129","port":19302,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.8","port":56116,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:55.692251+0000\",\"flow_id\":1793184875647003,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":56116,\"dest_ip\":\"74.125.250.129\",\"dest_port\":19302,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":62,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:55.692251+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:55Z","timestamp":1763664775,"ip_dst":{"addr":"74.125.250.129","port":19302,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.8","port":50353,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:55.692282+0000\",\"flow_id\":612326567284794,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":50353,\"dest_ip\":\"74.125.250.129\",\"dest_port\":19302,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":62,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:55.692282+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:55Z","timestamp":1763664775,"ip_dst":{"addr":"74.125.250.129","port":19302,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.8","port":58968,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:55.692316+0000\",\"flow_id\":2120149998473308,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":58968,\"dest_ip\":\"74.125.250.129\",\"dest_port\":19302,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":62,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:55.692316+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:55Z","timestamp":1763664775,"ip_dst":{"addr":"74.125.250.129","port":19302,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.8","port":52251,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:55.712557+0000\",\"flow_id\":2089466752109830,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":52251,\"dest_ip\":\"74.125.250.129\",\"dest_port\":19302,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":2,\"pkts_toclient\":1,\"bytes_toserver\":124,\"bytes_toclient\":74,\"start\":\"2025-11-20T18:52:55.691462+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:55Z","timestamp":1763664775,"ip_dst":{"addr":"74.125.250.129","port":19302,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.8","port":39606,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:55.712650+0000\",\"flow_id\":757365465386380,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":39606,\"dest_ip\":\"74.125.250.129\",\"dest_port\":19302,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":2,\"pkts_toclient\":1,\"bytes_toserver\":124,\"bytes_toclient\":74,\"start\":\"2025-11-20T18:52:55.691596+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:55Z","timestamp":1763664775,"ip_dst":{"addr":"74.125.250.129","port":19302,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.8","port":43041,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:55.712688+0000\",\"flow_id\":1440784956493240,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":43041,\"dest_ip\":\"74.125.250.129\",\"dest_port\":19302,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":2,\"pkts_toclient\":0,\"bytes_toserver\":124,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:55.691640+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:55Z","timestamp":1763664775,"ip_dst":{"addr":"74.125.250.129","port":19302,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.8","port":46885,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:55.712733+0000\",\"flow_id\":1728547765325276,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":46885,\"dest_ip\":\"74.125.250.129\",\"dest_port\":19302,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":2,\"pkts_toclient\":0,\"bytes_toserver\":124,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:55.691676+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:55Z","timestamp":1763664775,"ip_dst":{"addr":"74.125.250.129","port":19302,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.8","port":39891,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:55.712773+0000\",\"flow_id\":221564000243253,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":39891,\"dest_ip\":\"74.125.250.129\",\"dest_port\":19302,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":2,\"pkts_toclient\":1,\"bytes_toserver\":124,\"bytes_toclient\":74,\"start\":\"2025-11-20T18:52:55.691765+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:55Z","timestamp":1763664775,"ip_dst":{"addr":"74.125.250.129","port":19302,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.8","port":60679,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:55.712812+0000\",\"flow_id\":1904523312860768,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":60679,\"dest_ip\":\"74.125.250.129\",\"dest_port\":19302,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":2,\"pkts_toclient\":0,\"bytes_toserver\":124,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:55.691808+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:55Z","timestamp":1763664775,"ip_dst":{"addr":"74.125.250.129","port":19302,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.8","port":43034,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:55.712848+0000\",\"flow_id\":1223425251577477,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":43034,\"dest_ip\":\"74.125.250.129\",\"dest_port\":19302,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":2,\"pkts_toclient\":1,\"bytes_toserver\":124,\"bytes_toclient\":74,\"start\":\"2025-11-20T18:52:55.691845+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:55Z","timestamp":1763664775,"ip_dst":{"addr":"74.125.250.129","port":19302,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.8","port":57185,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:55.712889+0000\",\"flow_id\":24783631126200,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":57185,\"dest_ip\":\"74.125.250.129\",\"dest_port\":19302,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":2,\"pkts_toclient\":1,\"bytes_toserver\":124,\"bytes_toclient\":74,\"start\":\"2025-11-20T18:52:55.691896+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:55Z","timestamp":1763664775,"ip_dst":{"addr":"74.125.250.129","port":19302,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.8","port":60491,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:55.712928+0000\",\"flow_id\":1998757042818783,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":60491,\"dest_ip\":\"74.125.250.129\",\"dest_port\":19302,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":2,\"pkts_toclient\":1,\"bytes_toserver\":124,\"bytes_toclient\":74,\"start\":\"2025-11-20T18:52:55.691935+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:55Z","timestamp":1763664775,"ip_dst":{"addr":"74.125.250.129","port":19302,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.8","port":57948,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:55.712969+0000\",\"flow_id\":2186906675154690,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":57948,\"dest_ip\":\"74.125.250.129\",\"dest_port\":19302,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":2,\"pkts_toclient\":0,\"bytes_toserver\":124,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:55.691970+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:55Z","timestamp":1763664775,"ip_dst":{"addr":"74.125.250.129","port":19302,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.8","port":50213,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:55.713003+0000\",\"flow_id\":413856128536350,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":50213,\"dest_ip\":\"74.125.250.129\",\"dest_port\":19302,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":2,\"pkts_toclient\":1,\"bytes_toserver\":124,\"bytes_toclient\":74,\"start\":\"2025-11-20T18:52:55.691998+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:55Z","timestamp":1763664775,"ip_dst":{"addr":"74.125.250.129","port":19302,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.8","port":48276,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:55.713042+0000\",\"flow_id\":2203055752187714,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":48276,\"dest_ip\":\"74.125.250.129\",\"dest_port\":19302,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":2,\"pkts_toclient\":1,\"bytes_toserver\":124,\"bytes_toclient\":74,\"start\":\"2025-11-20T18:52:55.692034+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:55Z","timestamp":1763664775,"ip_dst":{"addr":"74.125.250.129","port":19302,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.8","port":38573,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:55.713079+0000\",\"flow_id\":845206136524645,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":38573,\"dest_ip\":\"74.125.250.129\",\"dest_port\":19302,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":2,\"pkts_toclient\":1,\"bytes_toserver\":124,\"bytes_toclient\":74,\"start\":\"2025-11-20T18:52:55.692069+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:55Z","timestamp":1763664775,"ip_dst":{"addr":"74.125.250.129","port":19302,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.8","port":54200,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:55.713118+0000\",\"flow_id\":571391233986440,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":54200,\"dest_ip\":\"74.125.250.129\",\"dest_port\":19302,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":2,\"pkts_toclient\":1,\"bytes_toserver\":124,\"bytes_toclient\":74,\"start\":\"2025-11-20T18:52:55.692104+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:55Z","timestamp":1763664775,"ip_dst":{"addr":"74.125.250.129","port":19302,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.8","port":38634,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:55.713158+0000\",\"flow_id\":1381471458135983,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":38634,\"dest_ip\":\"74.125.250.129\",\"dest_port\":19302,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":2,\"pkts_toclient\":1,\"bytes_toserver\":124,\"bytes_toclient\":74,\"start\":\"2025-11-20T18:52:55.692143+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:55Z","timestamp":1763664775,"ip_dst":{"addr":"74.125.250.129","port":19302,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.8","port":43218,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:55.713197+0000\",\"flow_id\":971201149636567,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":43218,\"dest_ip\":\"74.125.250.129\",\"dest_port\":19302,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":2,\"pkts_toclient\":0,\"bytes_toserver\":124,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:55.692183+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:55Z","timestamp":1763664775,"ip_dst":{"addr":"74.125.250.129","port":19302,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.8","port":58148,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:55.713233+0000\",\"flow_id\":1636586073067511,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":58148,\"dest_ip\":\"74.125.250.129\",\"dest_port\":19302,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":2,\"pkts_toclient\":1,\"bytes_toserver\":124,\"bytes_toclient\":74,\"start\":\"2025-11-20T18:52:55.692215+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:55Z","timestamp":1763664775,"ip_dst":{"addr":"74.125.250.129","port":19302,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.8","port":56116,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:55.713272+0000\",\"flow_id\":1793184875647003,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":56116,\"dest_ip\":\"74.125.250.129\",\"dest_port\":19302,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":2,\"pkts_toclient\":1,\"bytes_toserver\":124,\"bytes_toclient\":74,\"start\":\"2025-11-20T18:52:55.692251+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:55Z","timestamp":1763664775,"ip_dst":{"addr":"74.125.250.129","port":19302,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.8","port":50353,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:55.713308+0000\",\"flow_id\":612326567284794,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":50353,\"dest_ip\":\"74.125.250.129\",\"dest_port\":19302,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":2,\"pkts_toclient\":0,\"bytes_toserver\":124,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:55.692282+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:55Z","timestamp":1763664775,"ip_dst":{"addr":"74.125.250.129","port":19302,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.8","port":58968,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:55.713345+0000\",\"flow_id\":2120149998473308,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":58968,\"dest_ip\":\"74.125.250.129\",\"dest_port\":19302,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":2,\"pkts_toclient\":0,\"bytes_toserver\":124,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:55.692316+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:55Z","timestamp":1763664775,"ip_dst":{"addr":"74.125.250.129","port":19302,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.8","port":52251,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:55.732926+0000\",\"flow_id\":2089466752109830,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":52251,\"dest_ip\":\"74.125.250.129\",\"dest_port\":19302,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":3,\"pkts_toclient\":2,\"bytes_toserver\":186,\"bytes_toclient\":148,\"start\":\"2025-11-20T18:52:55.691462+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:55Z","timestamp":1763664775,"ip_dst":{"addr":"74.125.250.129","port":19302,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.8","port":39606,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:55.733034+0000\",\"flow_id\":757365465386380,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":39606,\"dest_ip\":\"74.125.250.129\",\"dest_port\":19302,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":3,\"pkts_toclient\":2,\"bytes_toserver\":186,\"bytes_toclient\":148,\"start\":\"2025-11-20T18:52:55.691596+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:55Z","timestamp":1763664775,"ip_dst":{"addr":"74.125.250.129","port":19302,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.8","port":46885,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:55.733120+0000\",\"flow_id\":1728547765325276,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":46885,\"dest_ip\":\"74.125.250.129\",\"dest_port\":19302,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":3,\"pkts_toclient\":1,\"bytes_toserver\":186,\"bytes_toclient\":74,\"start\":\"2025-11-20T18:52:55.691676+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:55Z","timestamp":1763664775,"ip_dst":{"addr":"74.125.250.129","port":19302,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.8","port":43041,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:55.733082+0000\",\"flow_id\":1440784956493240,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":43041,\"dest_ip\":\"74.125.250.129\",\"dest_port\":19302,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":3,\"pkts_toclient\":1,\"bytes_toserver\":186,\"bytes_toclient\":74,\"start\":\"2025-11-20T18:52:55.691640+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:55Z","timestamp":1763664775,"ip_dst":{"addr":"74.125.250.129","port":19302,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.8","port":39891,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:55.733165+0000\",\"flow_id\":221564000243253,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":39891,\"dest_ip\":\"74.125.250.129\",\"dest_port\":19302,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":3,\"pkts_toclient\":2,\"bytes_toserver\":186,\"bytes_toclient\":148,\"start\":\"2025-11-20T18:52:55.691765+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:55Z","timestamp":1763664775,"ip_dst":{"addr":"74.125.250.129","port":19302,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.8","port":43034,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:55.733254+0000\",\"flow_id\":1223425251577477,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":43034,\"dest_ip\":\"74.125.250.129\",\"dest_port\":19302,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":3,\"pkts_toclient\":2,\"bytes_toserver\":186,\"bytes_toclient\":148,\"start\":\"2025-11-20T18:52:55.691845+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:55Z","timestamp":1763664775,"ip_dst":{"addr":"74.125.250.129","port":19302,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.8","port":60679,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:55.733213+0000\",\"flow_id\":1904523312860768,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":60679,\"dest_ip\":\"74.125.250.129\",\"dest_port\":19302,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":3,\"pkts_toclient\":1,\"bytes_toserver\":186,\"bytes_toclient\":74,\"start\":\"2025-11-20T18:52:55.691808+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:55Z","timestamp":1763664775,"ip_dst":{"addr":"74.125.250.129","port":19302,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.8","port":57185,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:55.733385+0000\",\"flow_id\":24783631126200,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":57185,\"dest_ip\":\"74.125.250.129\",\"dest_port\":19302,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":3,\"pkts_toclient\":2,\"bytes_toserver\":186,\"bytes_toclient\":148,\"start\":\"2025-11-20T18:52:55.691896+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:55Z","timestamp":1763664775,"ip_dst":{"addr":"74.125.250.129","port":19302,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.8","port":60491,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:55.733427+0000\",\"flow_id\":1998757042818783,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":60491,\"dest_ip\":\"74.125.250.129\",\"dest_port\":19302,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":3,\"pkts_toclient\":2,\"bytes_toserver\":186,\"bytes_toclient\":148,\"start\":\"2025-11-20T18:52:55.691935+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:55Z","timestamp":1763664775,"ip_dst":{"addr":"74.125.250.129","port":19302,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.8","port":50213,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:55.733493+0000\",\"flow_id\":413856128536350,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":50213,\"dest_ip\":\"74.125.250.129\",\"dest_port\":19302,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":3,\"pkts_toclient\":2,\"bytes_toserver\":186,\"bytes_toclient\":148,\"start\":\"2025-11-20T18:52:55.691998+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:55Z","timestamp":1763664775,"ip_dst":{"addr":"74.125.250.129","port":19302,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.8","port":57948,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:55.733463+0000\",\"flow_id\":2186906675154690,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":57948,\"dest_ip\":\"74.125.250.129\",\"dest_port\":19302,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":3,\"pkts_toclient\":1,\"bytes_toserver\":186,\"bytes_toclient\":74,\"start\":\"2025-11-20T18:52:55.691970+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:55Z","timestamp":1763664775,"ip_dst":{"addr":"74.125.250.129","port":19302,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.8","port":38573,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:55.733560+0000\",\"flow_id\":845206136524645,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":38573,\"dest_ip\":\"74.125.250.129\",\"dest_port\":19302,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":3,\"pkts_toclient\":2,\"bytes_toserver\":186,\"bytes_toclient\":148,\"start\":\"2025-11-20T18:52:55.692069+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:55Z","timestamp":1763664775,"ip_dst":{"addr":"74.125.250.129","port":19302,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.8","port":38634,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:55.733630+0000\",\"flow_id\":1381471458135983,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":38634,\"dest_ip\":\"74.125.250.129\",\"dest_port\":19302,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":3,\"pkts_toclient\":2,\"bytes_toserver\":186,\"bytes_toclient\":148,\"start\":\"2025-11-20T18:52:55.692143+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:55Z","timestamp":1763664775,"ip_dst":{"addr":"74.125.250.129","port":19302,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.8","port":54200,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:55.733595+0000\",\"flow_id\":571391233986440,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":54200,\"dest_ip\":\"74.125.250.129\",\"dest_port\":19302,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":3,\"pkts_toclient\":2,\"bytes_toserver\":186,\"bytes_toclient\":148,\"start\":\"2025-11-20T18:52:55.692104+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:55Z","timestamp":1763664775,"ip_dst":{"addr":"74.125.250.129","port":19302,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.8","port":48276,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:55.733529+0000\",\"flow_id\":2203055752187714,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":48276,\"dest_ip\":\"74.125.250.129\",\"dest_port\":19302,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":3,\"pkts_toclient\":2,\"bytes_toserver\":186,\"bytes_toclient\":148,\"start\":\"2025-11-20T18:52:55.692034+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:55Z","timestamp":1763664775,"ip_dst":{"addr":"74.125.250.129","port":19302,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.8","port":43218,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:55.733752+0000\",\"flow_id\":971201149636567,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":43218,\"dest_ip\":\"74.125.250.129\",\"dest_port\":19302,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":3,\"pkts_toclient\":1,\"bytes_toserver\":186,\"bytes_toclient\":74,\"start\":\"2025-11-20T18:52:55.692183+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:55Z","timestamp":1763664775,"ip_dst":{"addr":"74.125.250.129","port":19302,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.8","port":58148,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:55.733790+0000\",\"flow_id\":1636586073067511,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":58148,\"dest_ip\":\"74.125.250.129\",\"dest_port\":19302,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":3,\"pkts_toclient\":2,\"bytes_toserver\":186,\"bytes_toclient\":148,\"start\":\"2025-11-20T18:52:55.692215+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:55Z","timestamp":1763664775,"ip_dst":{"addr":"74.125.250.129","port":19302,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.8","port":56116,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:55.733824+0000\",\"flow_id\":1793184875647003,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":56116,\"dest_ip\":\"74.125.250.129\",\"dest_port\":19302,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":3,\"pkts_toclient\":2,\"bytes_toserver\":186,\"bytes_toclient\":148,\"start\":\"2025-11-20T18:52:55.692251+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:55Z","timestamp":1763664775,"ip_dst":{"addr":"74.125.250.129","port":19302,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.8","port":50353,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:55.733855+0000\",\"flow_id\":612326567284794,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":50353,\"dest_ip\":\"74.125.250.129\",\"dest_port\":19302,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":3,\"pkts_toclient\":1,\"bytes_toserver\":186,\"bytes_toclient\":74,\"start\":\"2025-11-20T18:52:55.692282+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:55Z","timestamp":1763664775,"ip_dst":{"addr":"74.125.250.129","port":19302,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.8","port":58968,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:55.733888+0000\",\"flow_id\":2120149998473308,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":58968,\"dest_ip\":\"74.125.250.129\",\"dest_port\":19302,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":3,\"pkts_toclient\":1,\"bytes_toserver\":186,\"bytes_toclient\":74,\"start\":\"2025-11-20T18:52:55.692316+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:55Z","timestamp":1763664775,"ip_dst":{"addr":"74.125.250.129","port":19302,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.8","port":52251,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:55.766823+0000\",\"flow_id\":2089466752109830,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":52251,\"dest_ip\":\"74.125.250.129\",\"dest_port\":19302,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":248,\"bytes_toclient\":222,\"start\":\"2025-11-20T18:52:55.691462+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:55Z","timestamp":1763664775,"ip_dst":{"addr":"74.125.250.129","port":19302,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.8","port":39606,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:55.766905+0000\",\"flow_id\":757365465386380,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":39606,\"dest_ip\":\"74.125.250.129\",\"dest_port\":19302,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":248,\"bytes_toclient\":222,\"start\":\"2025-11-20T18:52:55.691596+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:55Z","timestamp":1763664775,"ip_dst":{"addr":"74.125.250.129","port":19302,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.8","port":43041,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:55.766946+0000\",\"flow_id\":1440784956493240,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":43041,\"dest_ip\":\"74.125.250.129\",\"dest_port\":19302,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":248,\"bytes_toclient\":222,\"start\":\"2025-11-20T18:52:55.691640+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:55Z","timestamp":1763664775,"ip_dst":{"addr":"74.125.250.129","port":19302,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.8","port":46885,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:55.766985+0000\",\"flow_id\":1728547765325276,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":46885,\"dest_ip\":\"74.125.250.129\",\"dest_port\":19302,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":248,\"bytes_toclient\":222,\"start\":\"2025-11-20T18:52:55.691676+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:55Z","timestamp":1763664775,"ip_dst":{"addr":"74.125.250.129","port":19302,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.8","port":39891,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:55.767019+0000\",\"flow_id\":221564000243253,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":39891,\"dest_ip\":\"74.125.250.129\",\"dest_port\":19302,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":248,\"bytes_toclient\":222,\"start\":\"2025-11-20T18:52:55.691765+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:55Z","timestamp":1763664775,"ip_dst":{"addr":"74.125.250.129","port":19302,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.8","port":60679,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:55.767059+0000\",\"flow_id\":1904523312860768,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":60679,\"dest_ip\":\"74.125.250.129\",\"dest_port\":19302,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":248,\"bytes_toclient\":222,\"start\":\"2025-11-20T18:52:55.691808+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:55Z","timestamp":1763664775,"ip_dst":{"addr":"74.125.250.129","port":19302,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.8","port":43034,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:55.767096+0000\",\"flow_id\":1223425251577477,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":43034,\"dest_ip\":\"74.125.250.129\",\"dest_port\":19302,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":248,\"bytes_toclient\":222,\"start\":\"2025-11-20T18:52:55.691845+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:55Z","timestamp":1763664775,"ip_dst":{"addr":"74.125.250.129","port":19302,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.8","port":57185,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:55.767135+0000\",\"flow_id\":24783631126200,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":57185,\"dest_ip\":\"74.125.250.129\",\"dest_port\":19302,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":248,\"bytes_toclient\":222,\"start\":\"2025-11-20T18:52:55.691896+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:55Z","timestamp":1763664775,"ip_dst":{"addr":"74.125.250.129","port":19302,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.8","port":60491,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:55.767169+0000\",\"flow_id\":1998757042818783,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":60491,\"dest_ip\":\"74.125.250.129\",\"dest_port\":19302,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":248,\"bytes_toclient\":222,\"start\":\"2025-11-20T18:52:55.691935+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:55Z","timestamp":1763664775,"ip_dst":{"addr":"74.125.250.129","port":19302,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.8","port":50213,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:55.767237+0000\",\"flow_id\":413856128536350,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":50213,\"dest_ip\":\"74.125.250.129\",\"dest_port\":19302,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":248,\"bytes_toclient\":222,\"start\":\"2025-11-20T18:52:55.691998+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:55Z","timestamp":1763664775,"ip_dst":{"addr":"74.125.250.129","port":19302,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.8","port":57948,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:55.767206+0000\",\"flow_id\":2186906675154690,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":57948,\"dest_ip\":\"74.125.250.129\",\"dest_port\":19302,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":248,\"bytes_toclient\":222,\"start\":\"2025-11-20T18:52:55.691970+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:55Z","timestamp":1763664775,"ip_dst":{"addr":"74.125.250.129","port":19302,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.8","port":48276,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:55.767274+0000\",\"flow_id\":2203055752187714,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":48276,\"dest_ip\":\"74.125.250.129\",\"dest_port\":19302,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":248,\"bytes_toclient\":222,\"start\":\"2025-11-20T18:52:55.692034+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:55Z","timestamp":1763664775,"ip_dst":{"addr":"74.125.250.129","port":19302,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.8","port":38573,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:55.767308+0000\",\"flow_id\":845206136524645,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":38573,\"dest_ip\":\"74.125.250.129\",\"dest_port\":19302,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":248,\"bytes_toclient\":222,\"start\":\"2025-11-20T18:52:55.692069+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:55Z","timestamp":1763664775,"ip_dst":{"addr":"74.125.250.129","port":19302,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.8","port":54200,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:55.767345+0000\",\"flow_id\":571391233986440,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":54200,\"dest_ip\":\"74.125.250.129\",\"dest_port\":19302,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":248,\"bytes_toclient\":222,\"start\":\"2025-11-20T18:52:55.692104+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:55Z","timestamp":1763664775,"ip_dst":{"addr":"74.125.250.129","port":19302,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.8","port":38634,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:55.767382+0000\",\"flow_id\":1381471458135983,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":38634,\"dest_ip\":\"74.125.250.129\",\"dest_port\":19302,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":248,\"bytes_toclient\":222,\"start\":\"2025-11-20T18:52:55.692143+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:55Z","timestamp":1763664775,"ip_dst":{"addr":"74.125.250.129","port":19302,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.8","port":58148,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:55.767454+0000\",\"flow_id\":1636586073067511,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":58148,\"dest_ip\":\"74.125.250.129\",\"dest_port\":19302,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":248,\"bytes_toclient\":222,\"start\":\"2025-11-20T18:52:55.692215+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:55Z","timestamp":1763664775,"ip_dst":{"addr":"74.125.250.129","port":19302,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.8","port":43218,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:55.767419+0000\",\"flow_id\":971201149636567,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":43218,\"dest_ip\":\"74.125.250.129\",\"dest_port\":19302,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":248,\"bytes_toclient\":222,\"start\":\"2025-11-20T18:52:55.692183+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:55Z","timestamp":1763664775,"ip_dst":{"addr":"74.125.250.129","port":19302,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.8","port":56116,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:55.767491+0000\",\"flow_id\":1793184875647003,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":56116,\"dest_ip\":\"74.125.250.129\",\"dest_port\":19302,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":248,\"bytes_toclient\":222,\"start\":\"2025-11-20T18:52:55.692251+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:55Z","timestamp":1763664775,"ip_dst":{"addr":"74.125.250.129","port":19302,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.8","port":50353,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:55.767527+0000\",\"flow_id\":612326567284794,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":50353,\"dest_ip\":\"74.125.250.129\",\"dest_port\":19302,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":248,\"bytes_toclient\":222,\"start\":\"2025-11-20T18:52:55.692282+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:55Z","timestamp":1763664775,"ip_dst":{"addr":"74.125.250.129","port":19302,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.8","port":58968,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:55.767586+0000\",\"flow_id\":2120149998473308,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":58968,\"dest_ip\":\"74.125.250.129\",\"dest_port\":19302,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":248,\"bytes_toclient\":222,\"start\":\"2025-11-20T18:52:55.692316+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:56Z","timestamp":1763664776,"ip_dst":{"addr":"45.229.120.79","port":23185,"asn":267114,"as":"LINK NET BANDA LARGA EIRELI - ME","country":"Brazil","country_code":"BR"},"ip_src":{"addr":"172.18.0.8","port":60491,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:56.163190+0000\",\"flow_id\":932857829162358,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":60491,\"dest_ip\":\"45.229.120.79\",\"dest_port\":23185,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":138,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.163190+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:56Z","timestamp":1763664776,"ip_dst":{"addr":"187.73.12.211","port":52375,"asn":28201,"as":"Companhia Itabirana Telecomunicacoes Ltda","country":"Brazil","country_code":"BR"},"ip_src":{"addr":"172.18.0.8","port":39606,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:56.174443+0000\",\"flow_id\":2093175456442731,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":39606,\"dest_ip\":\"187.73.12.211\",\"dest_port\":52375,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":138,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.174443+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:56Z","timestamp":1763664776,"ip_dst":{"addr":"186.216.220.5","port":64539,"asn":52999,"as":"START TELECOM LTDA","country":"Brazil","country_code":"BR"},"ip_src":{"addr":"172.18.0.8","port":60679,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:56.192646+0000\",\"flow_id\":522643355267206,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":60679,\"dest_ip\":\"186.216.220.5\",\"dest_port\":64539,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":138,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.192646+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:56Z","timestamp":1763664776,"ip_dst":{"addr":"170.81.211.236","port":48461,"asn":266423,"as":"CONNECTVY TELECOMUNICACOES LTDA","country":"Brazil","country_code":"BR"},"ip_src":{"addr":"172.18.0.8","port":48276,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:56.225429+0000\",\"flow_id\":1074089238753429,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":48276,\"dest_ip\":\"170.81.211.236\",\"dest_port\":48461,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":138,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.225429+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:56Z","timestamp":1763664776,"ip_dst":{"addr":"197.235.239.210","port":33540,"asn":37223,"as":"VODACOM","country":"Mozambique","country_code":"MZ"},"ip_src":{"addr":"172.18.0.8","port":52251,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:56.229419+0000\",\"flow_id\":1104766042669099,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":52251,\"dest_ip\":\"197.235.239.210\",\"dest_port\":33540,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":138,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.229419+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:56Z","timestamp":1763664776,"ip_dst":{"addr":"177.125.223.162","port":28607,"asn":262391,"as":"ACESSOLINE TELECOMUNICACOES LTDA","country":"Brazil","country_code":"BR"},"ip_src":{"addr":"172.18.0.8","port":39891,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:56.233659+0000\",\"flow_id\":145405640216763,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":39891,\"dest_ip\":\"177.125.223.162\",\"dest_port\":28607,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":138,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.233659+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:56Z","timestamp":1763664776,"ip_dst":{"addr":"187.73.12.211","port":52373,"asn":28201,"as":"Companhia Itabirana Telecomunicacoes Ltda","country":"Brazil","country_code":"BR"},"ip_src":{"addr":"172.18.0.8","port":38634,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:56.236660+0000\",\"flow_id\":317726170586228,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":38634,\"dest_ip\":\"187.73.12.211\",\"dest_port\":52373,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":138,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.236660+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:56Z","timestamp":1763664776,"ip_dst":{"addr":"186.216.220.5","port":64537,"asn":52999,"as":"START TELECOM LTDA","country":"Brazil","country_code":"BR"},"ip_src":{"addr":"172.18.0.8","port":54200,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:56.245116+0000\",\"flow_id\":116399578594684,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":54200,\"dest_ip\":\"186.216.220.5\",\"dest_port\":64537,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":138,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.245116+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:56Z","timestamp":1763664776,"ip_dst":{"addr":"168.196.85.91","port":50992,"asn":265447,"as":"Hilink Comunicacoes","country":"Brazil","country_code":"BR"},"ip_src":{"addr":"172.18.0.8","port":46885,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:56.249184+0000\",\"flow_id\":507823570603360,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":46885,\"dest_ip\":\"168.196.85.91\",\"dest_port\":50992,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":138,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.249184+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:56Z","timestamp":1763664776,"ip_dst":{"addr":"189.6.36.74","port":24167,"asn":28573,"as":"Claro NXT Telecomunicacoes Ltda","country":"Brazil","country_code":"BR"},"ip_src":{"addr":"172.18.0.8","port":57185,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:56.252959+0000\",\"flow_id\":1902590577663007,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":57185,\"dest_ip\":\"189.6.36.74\",\"dest_port\":24167,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":138,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.252959+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:56Z","timestamp":1763664776,"ip_dst":{"addr":"45.229.120.79","port":23185,"asn":267114,"as":"LINK NET BANDA LARGA EIRELI - ME","country":"Brazil","country_code":"BR"},"ip_src":{"addr":"172.18.0.8","port":60491,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:56.263408+0000\",\"flow_id\":932857829162358,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":60491,\"dest_ip\":\"45.229.120.79\",\"dest_port\":23185,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":2,\"pkts_toclient\":0,\"bytes_toserver\":276,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.163190+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:56Z","timestamp":1763664776,"ip_dst":{"addr":"197.235.239.210","port":33538,"asn":37223,"as":"VODACOM","country":"Mozambique","country_code":"MZ"},"ip_src":{"addr":"172.18.0.8","port":58148,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:56.266216+0000\",\"flow_id\":1396095821811688,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":58148,\"dest_ip\":\"197.235.239.210\",\"dest_port\":33538,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":138,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.266216+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:56Z","timestamp":1763664776,"ip_dst":{"addr":"177.125.223.162","port":28450,"asn":262391,"as":"ACESSOLINE TELECOMUNICACOES LTDA","country":"Brazil","country_code":"BR"},"ip_src":{"addr":"172.18.0.8","port":58968,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:56.268940+0000\",\"flow_id\":1159305684851340,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":58968,\"dest_ip\":\"177.125.223.162\",\"dest_port\":28450,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":138,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.268940+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:56Z","timestamp":1763664776,"ip_dst":{"addr":"187.73.12.211","port":52375,"asn":28201,"as":"Companhia Itabirana Telecomunicacoes Ltda","country":"Brazil","country_code":"BR"},"ip_src":{"addr":"172.18.0.8","port":39606,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:56.274642+0000\",\"flow_id\":2093175456442731,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":39606,\"dest_ip\":\"187.73.12.211\",\"dest_port\":52375,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":2,\"pkts_toclient\":0,\"bytes_toserver\":276,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.174443+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:56Z","timestamp":1763664776,"ip_dst":{"addr":"189.6.36.74","port":24168,"asn":28573,"as":"Claro NXT Telecomunicacoes Ltda","country":"Brazil","country_code":"BR"},"ip_src":{"addr":"172.18.0.8","port":56116,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:56.277170+0000\",\"flow_id\":212005550570162,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":56116,\"dest_ip\":\"189.6.36.74\",\"dest_port\":24168,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":138,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.277170+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:56Z","timestamp":1763664776,"ip_dst":{"addr":"177.129.45.60","port":6061,"asn":28257,"as":"CONCEITOS NET SERVICOS DE COMUNICACAO E MULTIMIDIA","country":"Brazil","country_code":"BR"},"ip_src":{"addr":"172.18.0.8","port":43041,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:56.279725+0000\",\"flow_id\":2200079339898029,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":43041,\"dest_ip\":\"177.129.45.60\",\"dest_port\":6061,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":138,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.279725+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:56Z","timestamp":1763664776,"ip_dst":{"addr":"168.196.85.91","port":50892,"asn":265447,"as":"Hilink Comunicacoes","country":"Brazil","country_code":"BR"},"ip_src":{"addr":"172.18.0.8","port":50213,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:56.282676+0000\",\"flow_id\":1652709380345908,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":50213,\"dest_ip\":\"168.196.85.91\",\"dest_port\":50892,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":138,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.282676+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:56Z","timestamp":1763664776,"ip_dst":{"addr":"189.28.83.233","port":45616,"asn":27882,"as":"Telefonica Celular de Bolivia S.A.","country":"Bolivia","country_code":"BO"},"ip_src":{"addr":"172.18.0.8","port":43034,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:56.283408+0000\",\"flow_id\":1749910932706064,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":43034,\"dest_ip\":\"189.28.83.233\",\"dest_port\":45616,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":138,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.283408+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:56Z","timestamp":1763664776,"ip_dst":{"addr":"186.216.220.5","port":64539,"asn":52999,"as":"START TELECOM LTDA","country":"Brazil","country_code":"BR"},"ip_src":{"addr":"172.18.0.8","port":60679,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:56.292872+0000\",\"flow_id\":522643355267206,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":60679,\"dest_ip\":\"186.216.220.5\",\"dest_port\":64539,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":2,\"pkts_toclient\":0,\"bytes_toserver\":276,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.192646+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:56Z","timestamp":1763664776,"ip_dst":{"addr":"189.28.83.233","port":45588,"asn":27882,"as":"Telefonica Celular de Bolivia S.A.","country":"Bolivia","country_code":"BO"},"ip_src":{"addr":"172.18.0.8","port":43218,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:56.308767+0000\",\"flow_id\":2080823130502687,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":43218,\"dest_ip\":\"189.28.83.233\",\"dest_port\":45588,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":138,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.308767+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:56Z","timestamp":1763664776,"ip_dst":{"addr":"170.81.211.236","port":48461,"asn":266423,"as":"CONNECTVY TELECOMUNICACOES LTDA","country":"Brazil","country_code":"BR"},"ip_src":{"addr":"172.18.0.8","port":48276,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:56.325652+0000\",\"flow_id\":1074089238753429,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":48276,\"dest_ip\":\"170.81.211.236\",\"dest_port\":48461,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":2,\"pkts_toclient\":0,\"bytes_toserver\":276,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.225429+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:56Z","timestamp":1763664776,"ip_dst":{"addr":"197.235.239.210","port":33540,"asn":37223,"as":"VODACOM","country":"Mozambique","country_code":"MZ"},"ip_src":{"addr":"172.18.0.8","port":52251,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:56.329572+0000\",\"flow_id\":1104766042669099,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":52251,\"dest_ip\":\"197.235.239.210\",\"dest_port\":33540,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":2,\"pkts_toclient\":0,\"bytes_toserver\":276,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.229419+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:56Z","timestamp":1763664776,"ip_dst":{"addr":"177.129.45.60","port":5543,"asn":28257,"as":"CONCEITOS NET SERVICOS DE COMUNICACAO E MULTIMIDIA","country":"Brazil","country_code":"BR"},"ip_src":{"addr":"172.18.0.8","port":38573,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:56.332280+0000\",\"flow_id\":890296850715128,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":38573,\"dest_ip\":\"177.129.45.60\",\"dest_port\":5543,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":138,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.332280+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:56Z","timestamp":1763664776,"ip_dst":{"addr":"177.125.223.162","port":28607,"asn":262391,"as":"ACESSOLINE TELECOMUNICACOES LTDA","country":"Brazil","country_code":"BR"},"ip_src":{"addr":"172.18.0.8","port":39891,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:56.333851+0000\",\"flow_id\":145405640216763,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":39891,\"dest_ip\":\"177.125.223.162\",\"dest_port\":28607,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":2,\"pkts_toclient\":0,\"bytes_toserver\":276,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.233659+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:56Z","timestamp":1763664776,"ip_dst":{"addr":"187.73.12.211","port":52373,"asn":28201,"as":"Companhia Itabirana Telecomunicacoes Ltda","country":"Brazil","country_code":"BR"},"ip_src":{"addr":"172.18.0.8","port":38634,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:56.336834+0000\",\"flow_id\":317726170586228,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":38634,\"dest_ip\":\"187.73.12.211\",\"dest_port\":52373,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":2,\"pkts_toclient\":0,\"bytes_toserver\":276,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.236660+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:56Z","timestamp":1763664776,"ip_dst":{"addr":"186.216.220.5","port":64537,"asn":52999,"as":"START TELECOM LTDA","country":"Brazil","country_code":"BR"},"ip_src":{"addr":"172.18.0.8","port":54200,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:56.345319+0000\",\"flow_id\":116399578594684,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":54200,\"dest_ip\":\"186.216.220.5\",\"dest_port\":64537,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":2,\"pkts_toclient\":0,\"bytes_toserver\":276,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.245116+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:56Z","timestamp":1763664776,"ip_dst":{"addr":"168.196.85.91","port":50992,"asn":265447,"as":"Hilink Comunicacoes","country":"Brazil","country_code":"BR"},"ip_src":{"addr":"172.18.0.8","port":46885,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:56.349371+0000\",\"flow_id\":507823570603360,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":46885,\"dest_ip\":\"168.196.85.91\",\"dest_port\":50992,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":2,\"pkts_toclient\":0,\"bytes_toserver\":276,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.249184+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:56Z","timestamp":1763664776,"ip_dst":{"addr":"189.6.36.74","port":24167,"asn":28573,"as":"Claro NXT Telecomunicacoes Ltda","country":"Brazil","country_code":"BR"},"ip_src":{"addr":"172.18.0.8","port":57185,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:56.353170+0000\",\"flow_id\":1902590577663007,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":57185,\"dest_ip\":\"189.6.36.74\",\"dest_port\":24167,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":2,\"pkts_toclient\":0,\"bytes_toserver\":276,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.252959+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:56Z","timestamp":1763664776,"ip_dst":{"addr":"197.235.239.210","port":33538,"asn":37223,"as":"VODACOM","country":"Mozambique","country_code":"MZ"},"ip_src":{"addr":"172.18.0.8","port":58148,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:56.366464+0000\",\"flow_id\":1396095821811688,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":58148,\"dest_ip\":\"197.235.239.210\",\"dest_port\":33538,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":2,\"pkts_toclient\":0,\"bytes_toserver\":276,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.266216+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:56Z","timestamp":1763664776,"ip_dst":{"addr":"177.125.223.162","port":28450,"asn":262391,"as":"ACESSOLINE TELECOMUNICACOES LTDA","country":"Brazil","country_code":"BR"},"ip_src":{"addr":"172.18.0.8","port":58968,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:56.369160+0000\",\"flow_id\":1159305684851340,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":58968,\"dest_ip\":\"177.125.223.162\",\"dest_port\":28450,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":2,\"pkts_toclient\":0,\"bytes_toserver\":276,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.268940+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:56Z","timestamp":1763664776,"ip_dst":{"addr":"189.6.36.74","port":24168,"asn":28573,"as":"Claro NXT Telecomunicacoes Ltda","country":"Brazil","country_code":"BR"},"ip_src":{"addr":"172.18.0.8","port":56116,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:56.377420+0000\",\"flow_id\":212005550570162,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":56116,\"dest_ip\":\"189.6.36.74\",\"dest_port\":24168,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":2,\"pkts_toclient\":0,\"bytes_toserver\":276,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.277170+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:56Z","timestamp":1763664776,"ip_dst":{"addr":"177.129.45.60","port":6061,"asn":28257,"as":"CONCEITOS NET SERVICOS DE COMUNICACAO E MULTIMIDIA","country":"Brazil","country_code":"BR"},"ip_src":{"addr":"172.18.0.8","port":43041,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:56.379942+0000\",\"flow_id\":2200079339898029,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":43041,\"dest_ip\":\"177.129.45.60\",\"dest_port\":6061,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":2,\"pkts_toclient\":0,\"bytes_toserver\":276,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.279725+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:56Z","timestamp":1763664776,"ip_dst":{"addr":"168.196.85.91","port":50892,"asn":265447,"as":"Hilink Comunicacoes","country":"Brazil","country_code":"BR"},"ip_src":{"addr":"172.18.0.8","port":50213,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:56.382889+0000\",\"flow_id\":1652709380345908,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":50213,\"dest_ip\":\"168.196.85.91\",\"dest_port\":50892,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":2,\"pkts_toclient\":0,\"bytes_toserver\":276,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.282676+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:56Z","timestamp":1763664776,"ip_dst":{"addr":"189.28.83.233","port":45616,"asn":27882,"as":"Telefonica Celular de Bolivia S.A.","country":"Bolivia","country_code":"BO"},"ip_src":{"addr":"172.18.0.8","port":43034,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:56.383550+0000\",\"flow_id\":1749910932706064,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":43034,\"dest_ip\":\"189.28.83.233\",\"dest_port\":45616,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":2,\"pkts_toclient\":0,\"bytes_toserver\":276,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.283408+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:56Z","timestamp":1763664776,"ip_dst":{"addr":"189.28.83.233","port":45588,"asn":27882,"as":"Telefonica Celular de Bolivia S.A.","country":"Bolivia","country_code":"BO"},"ip_src":{"addr":"172.18.0.8","port":43218,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:56.409016+0000\",\"flow_id\":2080823130502687,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":43218,\"dest_ip\":\"189.28.83.233\",\"dest_port\":45588,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":2,\"pkts_toclient\":0,\"bytes_toserver\":276,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.308767+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:56Z","timestamp":1763664776,"ip_dst":{"addr":"177.129.45.60","port":5543,"asn":28257,"as":"CONCEITOS NET SERVICOS DE COMUNICACAO E MULTIMIDIA","country":"Brazil","country_code":"BR"},"ip_src":{"addr":"172.18.0.8","port":38573,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:56.432503+0000\",\"flow_id\":890296850715128,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":38573,\"dest_ip\":\"177.129.45.60\",\"dest_port\":5543,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":2,\"pkts_toclient\":0,\"bytes_toserver\":276,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.332280+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:56Z","timestamp":1763664776,"ip_dst":{"addr":"45.229.120.79","port":23185,"asn":267114,"as":"LINK NET BANDA LARGA EIRELI - ME","country":"Brazil","country_code":"BR"},"ip_src":{"addr":"172.18.0.8","port":60491,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:56.463677+0000\",\"flow_id\":932857829162358,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":60491,\"dest_ip\":\"45.229.120.79\",\"dest_port\":23185,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":3,\"pkts_toclient\":0,\"bytes_toserver\":414,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.163190+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:56Z","timestamp":1763664776,"ip_dst":{"addr":"187.73.12.211","port":52375,"asn":28201,"as":"Companhia Itabirana Telecomunicacoes Ltda","country":"Brazil","country_code":"BR"},"ip_src":{"addr":"172.18.0.8","port":39606,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:56.474855+0000\",\"flow_id\":2093175456442731,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":39606,\"dest_ip\":\"187.73.12.211\",\"dest_port\":52375,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":3,\"pkts_toclient\":0,\"bytes_toserver\":414,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.174443+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:56Z","timestamp":1763664776,"ip_dst":{"addr":"186.216.220.5","port":64539,"asn":52999,"as":"START TELECOM LTDA","country":"Brazil","country_code":"BR"},"ip_src":{"addr":"172.18.0.8","port":60679,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:56.493157+0000\",\"flow_id\":522643355267206,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":60679,\"dest_ip\":\"186.216.220.5\",\"dest_port\":64539,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":3,\"pkts_toclient\":0,\"bytes_toserver\":414,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.192646+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:56Z","timestamp":1763664776,"ip_dst":{"addr":"170.81.211.236","port":48461,"asn":266423,"as":"CONNECTVY TELECOMUNICACOES LTDA","country":"Brazil","country_code":"BR"},"ip_src":{"addr":"172.18.0.8","port":48276,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:56.525871+0000\",\"flow_id\":1074089238753429,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":48276,\"dest_ip\":\"170.81.211.236\",\"dest_port\":48461,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":3,\"pkts_toclient\":0,\"bytes_toserver\":414,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.225429+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:56Z","timestamp":1763664776,"ip_dst":{"addr":"197.235.239.210","port":33540,"asn":37223,"as":"VODACOM","country":"Mozambique","country_code":"MZ"},"ip_src":{"addr":"172.18.0.8","port":52251,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:56.529792+0000\",\"flow_id\":1104766042669099,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":52251,\"dest_ip\":\"197.235.239.210\",\"dest_port\":33540,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":3,\"pkts_toclient\":0,\"bytes_toserver\":414,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.229419+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:56Z","timestamp":1763664776,"ip_dst":{"addr":"177.125.223.162","port":28607,"asn":262391,"as":"ACESSOLINE TELECOMUNICACOES LTDA","country":"Brazil","country_code":"BR"},"ip_src":{"addr":"172.18.0.8","port":39891,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:56.534058+0000\",\"flow_id\":145405640216763,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":39891,\"dest_ip\":\"177.125.223.162\",\"dest_port\":28607,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":3,\"pkts_toclient\":0,\"bytes_toserver\":414,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.233659+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:56Z","timestamp":1763664776,"ip_dst":{"addr":"187.73.12.211","port":52373,"asn":28201,"as":"Companhia Itabirana Telecomunicacoes Ltda","country":"Brazil","country_code":"BR"},"ip_src":{"addr":"172.18.0.8","port":38634,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:56.537079+0000\",\"flow_id\":317726170586228,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":38634,\"dest_ip\":\"187.73.12.211\",\"dest_port\":52373,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":3,\"pkts_toclient\":0,\"bytes_toserver\":414,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.236660+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:56Z","timestamp":1763664776,"ip_dst":{"addr":"186.216.220.5","port":64537,"asn":52999,"as":"START TELECOM LTDA","country":"Brazil","country_code":"BR"},"ip_src":{"addr":"172.18.0.8","port":54200,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:56.545549+0000\",\"flow_id\":116399578594684,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":54200,\"dest_ip\":\"186.216.220.5\",\"dest_port\":64537,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":3,\"pkts_toclient\":0,\"bytes_toserver\":414,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.245116+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:56Z","timestamp":1763664776,"ip_dst":{"addr":"168.196.85.91","port":50992,"asn":265447,"as":"Hilink Comunicacoes","country":"Brazil","country_code":"BR"},"ip_src":{"addr":"172.18.0.8","port":46885,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:56.549552+0000\",\"flow_id\":507823570603360,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":46885,\"dest_ip\":\"168.196.85.91\",\"dest_port\":50992,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":3,\"pkts_toclient\":0,\"bytes_toserver\":414,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.249184+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:56Z","timestamp":1763664776,"ip_dst":{"addr":"189.6.36.74","port":24167,"asn":28573,"as":"Claro NXT Telecomunicacoes Ltda","country":"Brazil","country_code":"BR"},"ip_src":{"addr":"172.18.0.8","port":57185,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:56.553379+0000\",\"flow_id\":1902590577663007,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":57185,\"dest_ip\":\"189.6.36.74\",\"dest_port\":24167,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":3,\"pkts_toclient\":0,\"bytes_toserver\":414,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.252959+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:56Z","timestamp":1763664776,"ip_dst":{"addr":"197.235.239.210","port":33538,"asn":37223,"as":"VODACOM","country":"Mozambique","country_code":"MZ"},"ip_src":{"addr":"172.18.0.8","port":58148,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:56.566703+0000\",\"flow_id\":1396095821811688,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":58148,\"dest_ip\":\"197.235.239.210\",\"dest_port\":33538,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":3,\"pkts_toclient\":0,\"bytes_toserver\":414,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.266216+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:56Z","timestamp":1763664776,"ip_dst":{"addr":"177.125.223.162","port":28450,"asn":262391,"as":"ACESSOLINE TELECOMUNICACOES LTDA","country":"Brazil","country_code":"BR"},"ip_src":{"addr":"172.18.0.8","port":58968,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:56.569349+0000\",\"flow_id\":1159305684851340,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":58968,\"dest_ip\":\"177.125.223.162\",\"dest_port\":28450,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":3,\"pkts_toclient\":0,\"bytes_toserver\":414,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.268940+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:56Z","timestamp":1763664776,"ip_dst":{"addr":"189.6.36.74","port":24168,"asn":28573,"as":"Claro NXT Telecomunicacoes Ltda","country":"Brazil","country_code":"BR"},"ip_src":{"addr":"172.18.0.8","port":56116,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:56.577687+0000\",\"flow_id\":212005550570162,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":56116,\"dest_ip\":\"189.6.36.74\",\"dest_port\":24168,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":3,\"pkts_toclient\":0,\"bytes_toserver\":414,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.277170+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:56Z","timestamp":1763664776,"ip_dst":{"addr":"177.129.45.60","port":6061,"asn":28257,"as":"CONCEITOS NET SERVICOS DE COMUNICACAO E MULTIMIDIA","country":"Brazil","country_code":"BR"},"ip_src":{"addr":"172.18.0.8","port":43041,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:56.580166+0000\",\"flow_id\":2200079339898029,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":43041,\"dest_ip\":\"177.129.45.60\",\"dest_port\":6061,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":3,\"pkts_toclient\":2,\"bytes_toserver\":414,\"bytes_toclient\":332,\"start\":\"2025-11-20T18:52:56.279725+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:56Z","timestamp":1763664776,"ip_dst":{"addr":"168.196.85.91","port":50892,"asn":265447,"as":"Hilink Comunicacoes","country":"Brazil","country_code":"BR"},"ip_src":{"addr":"172.18.0.8","port":50213,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:56.583090+0000\",\"flow_id\":1652709380345908,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":50213,\"dest_ip\":\"168.196.85.91\",\"dest_port\":50892,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":3,\"pkts_toclient\":0,\"bytes_toserver\":414,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.282676+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:56Z","timestamp":1763664776,"ip_dst":{"addr":"189.28.83.233","port":45616,"asn":27882,"as":"Telefonica Celular de Bolivia S.A.","country":"Bolivia","country_code":"BO"},"ip_src":{"addr":"172.18.0.8","port":43034,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:56.583717+0000\",\"flow_id\":1749910932706064,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":43034,\"dest_ip\":\"189.28.83.233\",\"dest_port\":45616,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":3,\"pkts_toclient\":0,\"bytes_toserver\":414,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.283408+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:56Z","timestamp":1763664776,"ip_dst":{"addr":"189.28.83.233","port":45588,"asn":27882,"as":"Telefonica Celular de Bolivia S.A.","country":"Bolivia","country_code":"BO"},"ip_src":{"addr":"172.18.0.8","port":43218,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:56.609279+0000\",\"flow_id\":2080823130502687,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":43218,\"dest_ip\":\"189.28.83.233\",\"dest_port\":45588,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":3,\"pkts_toclient\":0,\"bytes_toserver\":414,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.308767+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:56Z","timestamp":1763664776,"ip_dst":{"addr":"177.129.45.60","port":5543,"asn":28257,"as":"CONCEITOS NET SERVICOS DE COMUNICACAO E MULTIMIDIA","country":"Brazil","country_code":"BR"},"ip_src":{"addr":"172.18.0.8","port":38573,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:56.632751+0000\",\"flow_id\":890296850715128,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":38573,\"dest_ip\":\"177.129.45.60\",\"dest_port\":5543,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":3,\"pkts_toclient\":2,\"bytes_toserver\":414,\"bytes_toclient\":332,\"start\":\"2025-11-20T18:52:56.332280+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:56Z","timestamp":1763664776,"ip_dst":{"addr":"45.229.120.79","port":23185,"asn":267114,"as":"LINK NET BANDA LARGA EIRELI - ME","country":"Brazil","country_code":"BR"},"ip_src":{"addr":"172.18.0.8","port":60491,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:56.863930+0000\",\"flow_id\":932857829162358,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":60491,\"dest_ip\":\"45.229.120.79\",\"dest_port\":23185,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":0,\"bytes_toserver\":552,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.163190+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:56Z","timestamp":1763664776,"ip_dst":{"addr":"187.73.12.211","port":52375,"asn":28201,"as":"Companhia Itabirana Telecomunicacoes Ltda","country":"Brazil","country_code":"BR"},"ip_src":{"addr":"172.18.0.8","port":39606,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:56.875125+0000\",\"flow_id\":2093175456442731,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":39606,\"dest_ip\":\"187.73.12.211\",\"dest_port\":52375,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":0,\"bytes_toserver\":552,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.174443+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:56Z","timestamp":1763664776,"ip_dst":{"addr":"186.216.220.5","port":64539,"asn":52999,"as":"START TELECOM LTDA","country":"Brazil","country_code":"BR"},"ip_src":{"addr":"172.18.0.8","port":60679,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:56.893388+0000\",\"flow_id\":522643355267206,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":60679,\"dest_ip\":\"186.216.220.5\",\"dest_port\":64539,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":0,\"bytes_toserver\":552,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.192646+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:56Z","timestamp":1763664776,"ip_dst":{"addr":"170.81.211.236","port":48461,"asn":266423,"as":"CONNECTVY TELECOMUNICACOES LTDA","country":"Brazil","country_code":"BR"},"ip_src":{"addr":"172.18.0.8","port":48276,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:56.926173+0000\",\"flow_id\":1074089238753429,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":48276,\"dest_ip\":\"170.81.211.236\",\"dest_port\":48461,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":0,\"bytes_toserver\":552,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.225429+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:56Z","timestamp":1763664776,"ip_dst":{"addr":"197.235.239.210","port":33540,"asn":37223,"as":"VODACOM","country":"Mozambique","country_code":"MZ"},"ip_src":{"addr":"172.18.0.8","port":52251,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:56.930029+0000\",\"flow_id\":1104766042669099,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":52251,\"dest_ip\":\"197.235.239.210\",\"dest_port\":33540,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":0,\"bytes_toserver\":552,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.229419+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:56Z","timestamp":1763664776,"ip_dst":{"addr":"177.125.223.162","port":28607,"asn":262391,"as":"ACESSOLINE TELECOMUNICACOES LTDA","country":"Brazil","country_code":"BR"},"ip_src":{"addr":"172.18.0.8","port":39891,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:56.934266+0000\",\"flow_id\":145405640216763,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":39891,\"dest_ip\":\"177.125.223.162\",\"dest_port\":28607,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":0,\"bytes_toserver\":552,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.233659+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:56Z","timestamp":1763664776,"ip_dst":{"addr":"187.73.12.211","port":52373,"asn":28201,"as":"Companhia Itabirana Telecomunicacoes Ltda","country":"Brazil","country_code":"BR"},"ip_src":{"addr":"172.18.0.8","port":38634,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:56.937278+0000\",\"flow_id\":317726170586228,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":38634,\"dest_ip\":\"187.73.12.211\",\"dest_port\":52373,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":0,\"bytes_toserver\":552,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.236660+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:56Z","timestamp":1763664776,"ip_dst":{"addr":"186.216.220.5","port":64537,"asn":52999,"as":"START TELECOM LTDA","country":"Brazil","country_code":"BR"},"ip_src":{"addr":"172.18.0.8","port":54200,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:56.945862+0000\",\"flow_id\":116399578594684,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":54200,\"dest_ip\":\"186.216.220.5\",\"dest_port\":64537,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":0,\"bytes_toserver\":552,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.245116+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:56Z","timestamp":1763664776,"ip_dst":{"addr":"168.196.85.91","port":50992,"asn":265447,"as":"Hilink Comunicacoes","country":"Brazil","country_code":"BR"},"ip_src":{"addr":"172.18.0.8","port":46885,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:56.949763+0000\",\"flow_id\":507823570603360,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":46885,\"dest_ip\":\"168.196.85.91\",\"dest_port\":50992,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":0,\"bytes_toserver\":552,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.249184+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:56Z","timestamp":1763664776,"ip_dst":{"addr":"189.6.36.74","port":24167,"asn":28573,"as":"Claro NXT Telecomunicacoes Ltda","country":"Brazil","country_code":"BR"},"ip_src":{"addr":"172.18.0.8","port":57185,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:56.953592+0000\",\"flow_id\":1902590577663007,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":57185,\"dest_ip\":\"189.6.36.74\",\"dest_port\":24167,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":0,\"bytes_toserver\":552,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.252959+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:56Z","timestamp":1763664776,"ip_dst":{"addr":"197.235.239.210","port":33538,"asn":37223,"as":"VODACOM","country":"Mozambique","country_code":"MZ"},"ip_src":{"addr":"172.18.0.8","port":58148,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:56.966976+0000\",\"flow_id\":1396095821811688,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":58148,\"dest_ip\":\"197.235.239.210\",\"dest_port\":33538,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":0,\"bytes_toserver\":552,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.266216+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:56Z","timestamp":1763664776,"ip_dst":{"addr":"177.125.223.162","port":28450,"asn":262391,"as":"ACESSOLINE TELECOMUNICACOES LTDA","country":"Brazil","country_code":"BR"},"ip_src":{"addr":"172.18.0.8","port":58968,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:56.969562+0000\",\"flow_id\":1159305684851340,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":58968,\"dest_ip\":\"177.125.223.162\",\"dest_port\":28450,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":0,\"bytes_toserver\":552,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.268940+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:56Z","timestamp":1763664776,"ip_dst":{"addr":"189.6.36.74","port":24168,"asn":28573,"as":"Claro NXT Telecomunicacoes Ltda","country":"Brazil","country_code":"BR"},"ip_src":{"addr":"172.18.0.8","port":56116,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:56.977949+0000\",\"flow_id\":212005550570162,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":56116,\"dest_ip\":\"189.6.36.74\",\"dest_port\":24168,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":0,\"bytes_toserver\":552,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.277170+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:56Z","timestamp":1763664776,"ip_dst":{"addr":"177.129.45.60","port":6061,"asn":28257,"as":"CONCEITOS NET SERVICOS DE COMUNICACAO E MULTIMIDIA","country":"Brazil","country_code":"BR"},"ip_src":{"addr":"172.18.0.8","port":43041,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:56.980361+0000\",\"flow_id\":2200079339898029,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":43041,\"dest_ip\":\"177.129.45.60\",\"dest_port\":6061,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":552,\"bytes_toclient\":498,\"start\":\"2025-11-20T18:52:56.279725+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:56Z","timestamp":1763664776,"ip_dst":{"addr":"168.196.85.91","port":50892,"asn":265447,"as":"Hilink Comunicacoes","country":"Brazil","country_code":"BR"},"ip_src":{"addr":"172.18.0.8","port":50213,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:56.983274+0000\",\"flow_id\":1652709380345908,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":50213,\"dest_ip\":\"168.196.85.91\",\"dest_port\":50892,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":0,\"bytes_toserver\":552,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.282676+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:56Z","timestamp":1763664776,"ip_dst":{"addr":"189.28.83.233","port":45616,"asn":27882,"as":"Telefonica Celular de Bolivia S.A.","country":"Bolivia","country_code":"BO"},"ip_src":{"addr":"172.18.0.8","port":43034,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:56.983857+0000\",\"flow_id\":1749910932706064,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":43034,\"dest_ip\":\"189.28.83.233\",\"dest_port\":45616,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":0,\"bytes_toserver\":552,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.283408+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:57Z","timestamp":1763664777,"ip_dst":{"addr":"189.28.83.233","port":45588,"asn":27882,"as":"Telefonica Celular de Bolivia S.A.","country":"Bolivia","country_code":"BO"},"ip_src":{"addr":"172.18.0.8","port":43218,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:57.009548+0000\",\"flow_id\":2080823130502687,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":43218,\"dest_ip\":\"189.28.83.233\",\"dest_port\":45588,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":0,\"bytes_toserver\":552,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.308767+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:57Z","timestamp":1763664777,"ip_dst":{"addr":"177.129.45.60","port":5543,"asn":28257,"as":"CONCEITOS NET SERVICOS DE COMUNICACAO E MULTIMIDIA","country":"Brazil","country_code":"BR"},"ip_src":{"addr":"172.18.0.8","port":38573,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:57.032973+0000\",\"flow_id\":890296850715128,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":38573,\"dest_ip\":\"177.129.45.60\",\"dest_port\":5543,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":552,\"bytes_toclient\":498,\"start\":\"2025-11-20T18:52:56.332280+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:57Z","timestamp":1763664777,"ip_dst":{"addr":"45.229.120.79","port":23185,"asn":267114,"as":"LINK NET BANDA LARGA EIRELI - ME","country":"Brazil","country_code":"BR"},"ip_src":{"addr":"172.18.0.8","port":60491,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:57.664179+0000\",\"flow_id\":932857829162358,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":60491,\"dest_ip\":\"45.229.120.79\",\"dest_port\":23185,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":5,\"pkts_toclient\":0,\"bytes_toserver\":690,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.163190+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:57Z","timestamp":1763664777,"ip_dst":{"addr":"187.73.12.211","port":52375,"asn":28201,"as":"Companhia Itabirana Telecomunicacoes Ltda","country":"Brazil","country_code":"BR"},"ip_src":{"addr":"172.18.0.8","port":39606,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:57.675367+0000\",\"flow_id\":2093175456442731,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":39606,\"dest_ip\":\"187.73.12.211\",\"dest_port\":52375,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":5,\"pkts_toclient\":0,\"bytes_toserver\":690,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.174443+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:57Z","timestamp":1763664777,"ip_dst":{"addr":"186.216.220.5","port":64539,"asn":52999,"as":"START TELECOM LTDA","country":"Brazil","country_code":"BR"},"ip_src":{"addr":"172.18.0.8","port":60679,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:57.693657+0000\",\"flow_id\":522643355267206,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":60679,\"dest_ip\":\"186.216.220.5\",\"dest_port\":64539,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":5,\"pkts_toclient\":0,\"bytes_toserver\":690,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.192646+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:57Z","timestamp":1763664777,"ip_dst":{"addr":"170.81.211.236","port":48461,"asn":266423,"as":"CONNECTVY TELECOMUNICACOES LTDA","country":"Brazil","country_code":"BR"},"ip_src":{"addr":"172.18.0.8","port":48276,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:57.726424+0000\",\"flow_id\":1074089238753429,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":48276,\"dest_ip\":\"170.81.211.236\",\"dest_port\":48461,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":5,\"pkts_toclient\":0,\"bytes_toserver\":690,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.225429+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:57Z","timestamp":1763664777,"ip_dst":{"addr":"197.235.239.210","port":33540,"asn":37223,"as":"VODACOM","country":"Mozambique","country_code":"MZ"},"ip_src":{"addr":"172.18.0.8","port":52251,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:57.730267+0000\",\"flow_id\":1104766042669099,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":52251,\"dest_ip\":\"197.235.239.210\",\"dest_port\":33540,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":5,\"pkts_toclient\":0,\"bytes_toserver\":690,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.229419+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:57Z","timestamp":1763664777,"ip_dst":{"addr":"177.125.223.162","port":28607,"asn":262391,"as":"ACESSOLINE TELECOMUNICACOES LTDA","country":"Brazil","country_code":"BR"},"ip_src":{"addr":"172.18.0.8","port":39891,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:57.734453+0000\",\"flow_id\":145405640216763,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":39891,\"dest_ip\":\"177.125.223.162\",\"dest_port\":28607,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":5,\"pkts_toclient\":0,\"bytes_toserver\":690,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.233659+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:57Z","timestamp":1763664777,"ip_dst":{"addr":"187.73.12.211","port":52373,"asn":28201,"as":"Companhia Itabirana Telecomunicacoes Ltda","country":"Brazil","country_code":"BR"},"ip_src":{"addr":"172.18.0.8","port":38634,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:57.737438+0000\",\"flow_id\":317726170586228,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":38634,\"dest_ip\":\"187.73.12.211\",\"dest_port\":52373,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":5,\"pkts_toclient\":0,\"bytes_toserver\":690,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.236660+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:57Z","timestamp":1763664777,"ip_dst":{"addr":"186.216.220.5","port":64537,"asn":52999,"as":"START TELECOM LTDA","country":"Brazil","country_code":"BR"},"ip_src":{"addr":"172.18.0.8","port":54200,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:57.746072+0000\",\"flow_id\":116399578594684,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":54200,\"dest_ip\":\"186.216.220.5\",\"dest_port\":64537,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":5,\"pkts_toclient\":0,\"bytes_toserver\":690,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.245116+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:57Z","timestamp":1763664777,"ip_dst":{"addr":"168.196.85.91","port":50992,"asn":265447,"as":"Hilink Comunicacoes","country":"Brazil","country_code":"BR"},"ip_src":{"addr":"172.18.0.8","port":46885,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:57.749944+0000\",\"flow_id\":507823570603360,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":46885,\"dest_ip\":\"168.196.85.91\",\"dest_port\":50992,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":5,\"pkts_toclient\":0,\"bytes_toserver\":690,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.249184+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:57Z","timestamp":1763664777,"ip_dst":{"addr":"189.6.36.74","port":24167,"asn":28573,"as":"Claro NXT Telecomunicacoes Ltda","country":"Brazil","country_code":"BR"},"ip_src":{"addr":"172.18.0.8","port":57185,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:57.753808+0000\",\"flow_id\":1902590577663007,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":57185,\"dest_ip\":\"189.6.36.74\",\"dest_port\":24167,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":5,\"pkts_toclient\":0,\"bytes_toserver\":690,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.252959+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:57Z","timestamp":1763664777,"ip_dst":{"addr":"197.235.239.210","port":33538,"asn":37223,"as":"VODACOM","country":"Mozambique","country_code":"MZ"},"ip_src":{"addr":"172.18.0.8","port":58148,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:57.767208+0000\",\"flow_id\":1396095821811688,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":58148,\"dest_ip\":\"197.235.239.210\",\"dest_port\":33538,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":5,\"pkts_toclient\":0,\"bytes_toserver\":690,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.266216+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:57Z","timestamp":1763664777,"ip_dst":{"addr":"177.125.223.162","port":28450,"asn":262391,"as":"ACESSOLINE TELECOMUNICACOES LTDA","country":"Brazil","country_code":"BR"},"ip_src":{"addr":"172.18.0.8","port":58968,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:57.769816+0000\",\"flow_id\":1159305684851340,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":58968,\"dest_ip\":\"177.125.223.162\",\"dest_port\":28450,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":5,\"pkts_toclient\":0,\"bytes_toserver\":690,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.268940+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:57Z","timestamp":1763664777,"ip_dst":{"addr":"189.6.36.74","port":24168,"asn":28573,"as":"Claro NXT Telecomunicacoes Ltda","country":"Brazil","country_code":"BR"},"ip_src":{"addr":"172.18.0.8","port":56116,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:57.778227+0000\",\"flow_id\":212005550570162,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":56116,\"dest_ip\":\"189.6.36.74\",\"dest_port\":24168,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":5,\"pkts_toclient\":0,\"bytes_toserver\":690,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.277170+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:57Z","timestamp":1763664777,"ip_dst":{"addr":"177.129.45.60","port":6061,"asn":28257,"as":"CONCEITOS NET SERVICOS DE COMUNICACAO E MULTIMIDIA","country":"Brazil","country_code":"BR"},"ip_src":{"addr":"172.18.0.8","port":43041,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:57.780526+0000\",\"flow_id\":2200079339898029,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":43041,\"dest_ip\":\"177.129.45.60\",\"dest_port\":6061,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":5,\"pkts_toclient\":3,\"bytes_toserver\":690,\"bytes_toclient\":498,\"start\":\"2025-11-20T18:52:56.279725+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:57Z","timestamp":1763664777,"ip_dst":{"addr":"168.196.85.91","port":50892,"asn":265447,"as":"Hilink Comunicacoes","country":"Brazil","country_code":"BR"},"ip_src":{"addr":"172.18.0.8","port":50213,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:57.783480+0000\",\"flow_id\":1652709380345908,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":50213,\"dest_ip\":\"168.196.85.91\",\"dest_port\":50892,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":5,\"pkts_toclient\":0,\"bytes_toserver\":690,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.282676+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:57Z","timestamp":1763664777,"ip_dst":{"addr":"189.28.83.233","port":45616,"asn":27882,"as":"Telefonica Celular de Bolivia S.A.","country":"Bolivia","country_code":"BO"},"ip_src":{"addr":"172.18.0.8","port":43034,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:57.784005+0000\",\"flow_id\":1749910932706064,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":43034,\"dest_ip\":\"189.28.83.233\",\"dest_port\":45616,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":5,\"pkts_toclient\":0,\"bytes_toserver\":690,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.283408+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:57Z","timestamp":1763664777,"ip_dst":{"addr":"189.28.83.233","port":45588,"asn":27882,"as":"Telefonica Celular de Bolivia S.A.","country":"Bolivia","country_code":"BO"},"ip_src":{"addr":"172.18.0.8","port":43218,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:57.809791+0000\",\"flow_id\":2080823130502687,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":43218,\"dest_ip\":\"189.28.83.233\",\"dest_port\":45588,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":5,\"pkts_toclient\":0,\"bytes_toserver\":690,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.308767+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:57Z","timestamp":1763664777,"ip_dst":{"addr":"177.129.45.60","port":5543,"asn":28257,"as":"CONCEITOS NET SERVICOS DE COMUNICACAO E MULTIMIDIA","country":"Brazil","country_code":"BR"},"ip_src":{"addr":"172.18.0.8","port":38573,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:57.833237+0000\",\"flow_id\":890296850715128,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":38573,\"dest_ip\":\"177.129.45.60\",\"dest_port\":5543,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":5,\"pkts_toclient\":3,\"bytes_toserver\":690,\"bytes_toclient\":498,\"start\":\"2025-11-20T18:52:56.332280+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:59Z","timestamp":1763664779,"ip_dst":{"addr":"45.229.120.79","port":23185,"asn":267114,"as":"LINK NET BANDA LARGA EIRELI - ME","country":"Brazil","country_code":"BR"},"ip_src":{"addr":"172.18.0.8","port":60491,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:59.264416+0000\",\"flow_id\":932857829162358,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":60491,\"dest_ip\":\"45.229.120.79\",\"dest_port\":23185,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":6,\"pkts_toclient\":0,\"bytes_toserver\":828,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.163190+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:59Z","timestamp":1763664779,"ip_dst":{"addr":"187.73.12.211","port":52375,"asn":28201,"as":"Companhia Itabirana Telecomunicacoes Ltda","country":"Brazil","country_code":"BR"},"ip_src":{"addr":"172.18.0.8","port":39606,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:59.275602+0000\",\"flow_id\":2093175456442731,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":39606,\"dest_ip\":\"187.73.12.211\",\"dest_port\":52375,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":6,\"pkts_toclient\":0,\"bytes_toserver\":828,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.174443+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:59Z","timestamp":1763664779,"ip_dst":{"addr":"186.216.220.5","port":64539,"asn":52999,"as":"START TELECOM LTDA","country":"Brazil","country_code":"BR"},"ip_src":{"addr":"172.18.0.8","port":60679,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:59.293898+0000\",\"flow_id\":522643355267206,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":60679,\"dest_ip\":\"186.216.220.5\",\"dest_port\":64539,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":6,\"pkts_toclient\":0,\"bytes_toserver\":828,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.192646+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:59Z","timestamp":1763664779,"ip_dst":{"addr":"170.81.211.236","port":48461,"asn":266423,"as":"CONNECTVY TELECOMUNICACOES LTDA","country":"Brazil","country_code":"BR"},"ip_src":{"addr":"172.18.0.8","port":48276,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:59.326632+0000\",\"flow_id\":1074089238753429,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":48276,\"dest_ip\":\"170.81.211.236\",\"dest_port\":48461,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":6,\"pkts_toclient\":0,\"bytes_toserver\":828,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.225429+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:59Z","timestamp":1763664779,"ip_dst":{"addr":"197.235.239.210","port":33540,"asn":37223,"as":"VODACOM","country":"Mozambique","country_code":"MZ"},"ip_src":{"addr":"172.18.0.8","port":52251,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:59.330519+0000\",\"flow_id\":1104766042669099,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":52251,\"dest_ip\":\"197.235.239.210\",\"dest_port\":33540,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":6,\"pkts_toclient\":0,\"bytes_toserver\":828,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.229419+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:59Z","timestamp":1763664779,"ip_dst":{"addr":"177.125.223.162","port":28607,"asn":262391,"as":"ACESSOLINE TELECOMUNICACOES LTDA","country":"Brazil","country_code":"BR"},"ip_src":{"addr":"172.18.0.8","port":39891,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:59.334654+0000\",\"flow_id\":145405640216763,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":39891,\"dest_ip\":\"177.125.223.162\",\"dest_port\":28607,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":6,\"pkts_toclient\":0,\"bytes_toserver\":828,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.233659+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:59Z","timestamp":1763664779,"ip_dst":{"addr":"187.73.12.211","port":52373,"asn":28201,"as":"Companhia Itabirana Telecomunicacoes Ltda","country":"Brazil","country_code":"BR"},"ip_src":{"addr":"172.18.0.8","port":38634,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:59.337588+0000\",\"flow_id\":317726170586228,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":38634,\"dest_ip\":\"187.73.12.211\",\"dest_port\":52373,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":6,\"pkts_toclient\":0,\"bytes_toserver\":828,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.236660+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:59Z","timestamp":1763664779,"ip_dst":{"addr":"186.216.220.5","port":64537,"asn":52999,"as":"START TELECOM LTDA","country":"Brazil","country_code":"BR"},"ip_src":{"addr":"172.18.0.8","port":54200,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:59.346311+0000\",\"flow_id\":116399578594684,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":54200,\"dest_ip\":\"186.216.220.5\",\"dest_port\":64537,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":6,\"pkts_toclient\":0,\"bytes_toserver\":828,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.245116+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:59Z","timestamp":1763664779,"ip_dst":{"addr":"168.196.85.91","port":50992,"asn":265447,"as":"Hilink Comunicacoes","country":"Brazil","country_code":"BR"},"ip_src":{"addr":"172.18.0.8","port":46885,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:59.350159+0000\",\"flow_id\":507823570603360,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":46885,\"dest_ip\":\"168.196.85.91\",\"dest_port\":50992,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":6,\"pkts_toclient\":0,\"bytes_toserver\":828,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.249184+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:59Z","timestamp":1763664779,"ip_dst":{"addr":"189.6.36.74","port":24167,"asn":28573,"as":"Claro NXT Telecomunicacoes Ltda","country":"Brazil","country_code":"BR"},"ip_src":{"addr":"172.18.0.8","port":57185,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:59.354037+0000\",\"flow_id\":1902590577663007,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":57185,\"dest_ip\":\"189.6.36.74\",\"dest_port\":24167,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":6,\"pkts_toclient\":0,\"bytes_toserver\":828,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.252959+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:59Z","timestamp":1763664779,"ip_dst":{"addr":"197.235.239.210","port":33538,"asn":37223,"as":"VODACOM","country":"Mozambique","country_code":"MZ"},"ip_src":{"addr":"172.18.0.8","port":58148,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:59.367430+0000\",\"flow_id\":1396095821811688,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":58148,\"dest_ip\":\"197.235.239.210\",\"dest_port\":33538,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":6,\"pkts_toclient\":0,\"bytes_toserver\":828,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.266216+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:59Z","timestamp":1763664779,"ip_dst":{"addr":"177.125.223.162","port":28450,"asn":262391,"as":"ACESSOLINE TELECOMUNICACOES LTDA","country":"Brazil","country_code":"BR"},"ip_src":{"addr":"172.18.0.8","port":58968,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:59.370009+0000\",\"flow_id\":1159305684851340,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":58968,\"dest_ip\":\"177.125.223.162\",\"dest_port\":28450,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":6,\"pkts_toclient\":0,\"bytes_toserver\":828,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.268940+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:59Z","timestamp":1763664779,"ip_dst":{"addr":"189.6.36.74","port":24168,"asn":28573,"as":"Claro NXT Telecomunicacoes Ltda","country":"Brazil","country_code":"BR"},"ip_src":{"addr":"172.18.0.8","port":56116,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:59.378479+0000\",\"flow_id\":212005550570162,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":56116,\"dest_ip\":\"189.6.36.74\",\"dest_port\":24168,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":6,\"pkts_toclient\":0,\"bytes_toserver\":828,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.277170+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:59Z","timestamp":1763664779,"ip_dst":{"addr":"177.129.45.60","port":6061,"asn":28257,"as":"CONCEITOS NET SERVICOS DE COMUNICACAO E MULTIMIDIA","country":"Brazil","country_code":"BR"},"ip_src":{"addr":"172.18.0.8","port":43041,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:59.380707+0000\",\"flow_id\":2200079339898029,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":43041,\"dest_ip\":\"177.129.45.60\",\"dest_port\":6061,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":6,\"pkts_toclient\":4,\"bytes_toserver\":828,\"bytes_toclient\":664,\"start\":\"2025-11-20T18:52:56.279725+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:59Z","timestamp":1763664779,"ip_dst":{"addr":"168.196.85.91","port":50892,"asn":265447,"as":"Hilink Comunicacoes","country":"Brazil","country_code":"BR"},"ip_src":{"addr":"172.18.0.8","port":50213,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:59.383678+0000\",\"flow_id\":1652709380345908,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":50213,\"dest_ip\":\"168.196.85.91\",\"dest_port\":50892,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":6,\"pkts_toclient\":0,\"bytes_toserver\":828,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.282676+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:59Z","timestamp":1763664779,"ip_dst":{"addr":"189.28.83.233","port":45616,"asn":27882,"as":"Telefonica Celular de Bolivia S.A.","country":"Bolivia","country_code":"BO"},"ip_src":{"addr":"172.18.0.8","port":43034,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:59.384188+0000\",\"flow_id\":1749910932706064,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":43034,\"dest_ip\":\"189.28.83.233\",\"dest_port\":45616,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":6,\"pkts_toclient\":0,\"bytes_toserver\":828,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.283408+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:59Z","timestamp":1763664779,"ip_dst":{"addr":"189.28.83.233","port":45588,"asn":27882,"as":"Telefonica Celular de Bolivia S.A.","country":"Bolivia","country_code":"BO"},"ip_src":{"addr":"172.18.0.8","port":43218,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:59.410094+0000\",\"flow_id\":2080823130502687,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":43218,\"dest_ip\":\"189.28.83.233\",\"dest_port\":45588,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":6,\"pkts_toclient\":0,\"bytes_toserver\":828,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.308767+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:59Z","timestamp":1763664779,"ip_dst":{"addr":"177.129.45.60","port":5543,"asn":28257,"as":"CONCEITOS NET SERVICOS DE COMUNICACAO E MULTIMIDIA","country":"Brazil","country_code":"BR"},"ip_src":{"addr":"172.18.0.8","port":38573,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:59.433511+0000\",\"flow_id\":890296850715128,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":38573,\"dest_ip\":\"177.129.45.60\",\"dest_port\":5543,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":6,\"pkts_toclient\":3,\"bytes_toserver\":828,\"bytes_toclient\":498,\"start\":\"2025-11-20T18:52:56.332280+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:53:02Z","timestamp":1763664782,"ip_dst":{"addr":"45.229.120.79","port":23185,"asn":267114,"as":"LINK NET BANDA LARGA EIRELI - ME","country":"Brazil","country_code":"BR"},"ip_src":{"addr":"172.18.0.8","port":60491,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:53:02.464620+0000\",\"flow_id\":932857829162358,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":60491,\"dest_ip\":\"45.229.120.79\",\"dest_port\":23185,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":7,\"pkts_toclient\":0,\"bytes_toserver\":966,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.163190+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:53:02Z","timestamp":1763664782,"ip_dst":{"addr":"187.73.12.211","port":52375,"asn":28201,"as":"Companhia Itabirana Telecomunicacoes Ltda","country":"Brazil","country_code":"BR"},"ip_src":{"addr":"172.18.0.8","port":39606,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:53:02.475823+0000\",\"flow_id\":2093175456442731,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":39606,\"dest_ip\":\"187.73.12.211\",\"dest_port\":52375,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":7,\"pkts_toclient\":0,\"bytes_toserver\":966,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.174443+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:53:02Z","timestamp":1763664782,"ip_dst":{"addr":"186.216.220.5","port":64539,"asn":52999,"as":"START TELECOM LTDA","country":"Brazil","country_code":"BR"},"ip_src":{"addr":"172.18.0.8","port":60679,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:53:02.494127+0000\",\"flow_id\":522643355267206,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":60679,\"dest_ip\":\"186.216.220.5\",\"dest_port\":64539,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":7,\"pkts_toclient\":0,\"bytes_toserver\":966,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.192646+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:53:02Z","timestamp":1763664782,"ip_dst":{"addr":"170.81.211.236","port":48461,"asn":266423,"as":"CONNECTVY TELECOMUNICACOES LTDA","country":"Brazil","country_code":"BR"},"ip_src":{"addr":"172.18.0.8","port":48276,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:53:02.526872+0000\",\"flow_id\":1074089238753429,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":48276,\"dest_ip\":\"170.81.211.236\",\"dest_port\":48461,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":7,\"pkts_toclient\":0,\"bytes_toserver\":966,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.225429+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:53:02Z","timestamp":1763664782,"ip_dst":{"addr":"197.235.239.210","port":33540,"asn":37223,"as":"VODACOM","country":"Mozambique","country_code":"MZ"},"ip_src":{"addr":"172.18.0.8","port":52251,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:53:02.530719+0000\",\"flow_id\":1104766042669099,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":52251,\"dest_ip\":\"197.235.239.210\",\"dest_port\":33540,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":7,\"pkts_toclient\":0,\"bytes_toserver\":966,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.229419+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:53:02Z","timestamp":1763664782,"ip_dst":{"addr":"177.125.223.162","port":28607,"asn":262391,"as":"ACESSOLINE TELECOMUNICACOES LTDA","country":"Brazil","country_code":"BR"},"ip_src":{"addr":"172.18.0.8","port":39891,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:53:02.534865+0000\",\"flow_id\":145405640216763,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":39891,\"dest_ip\":\"177.125.223.162\",\"dest_port\":28607,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":7,\"pkts_toclient\":0,\"bytes_toserver\":966,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.233659+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:53:02Z","timestamp":1763664782,"ip_dst":{"addr":"187.73.12.211","port":52373,"asn":28201,"as":"Companhia Itabirana Telecomunicacoes Ltda","country":"Brazil","country_code":"BR"},"ip_src":{"addr":"172.18.0.8","port":38634,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:53:02.537725+0000\",\"flow_id\":317726170586228,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":38634,\"dest_ip\":\"187.73.12.211\",\"dest_port\":52373,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":7,\"pkts_toclient\":0,\"bytes_toserver\":966,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.236660+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:53:02Z","timestamp":1763664782,"ip_dst":{"addr":"186.216.220.5","port":64537,"asn":52999,"as":"START TELECOM LTDA","country":"Brazil","country_code":"BR"},"ip_src":{"addr":"172.18.0.8","port":54200,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:53:02.546546+0000\",\"flow_id\":116399578594684,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":54200,\"dest_ip\":\"186.216.220.5\",\"dest_port\":64537,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":7,\"pkts_toclient\":0,\"bytes_toserver\":966,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.245116+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:53:02Z","timestamp":1763664782,"ip_dst":{"addr":"168.196.85.91","port":50992,"asn":265447,"as":"Hilink Comunicacoes","country":"Brazil","country_code":"BR"},"ip_src":{"addr":"172.18.0.8","port":46885,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:53:02.550331+0000\",\"flow_id\":507823570603360,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":46885,\"dest_ip\":\"168.196.85.91\",\"dest_port\":50992,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":7,\"pkts_toclient\":0,\"bytes_toserver\":966,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.249184+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:53:02Z","timestamp":1763664782,"ip_dst":{"addr":"189.6.36.74","port":24167,"asn":28573,"as":"Claro NXT Telecomunicacoes Ltda","country":"Brazil","country_code":"BR"},"ip_src":{"addr":"172.18.0.8","port":57185,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:53:02.554227+0000\",\"flow_id\":1902590577663007,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":57185,\"dest_ip\":\"189.6.36.74\",\"dest_port\":24167,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":7,\"pkts_toclient\":0,\"bytes_toserver\":966,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.252959+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:53:02Z","timestamp":1763664782,"ip_dst":{"addr":"197.235.239.210","port":33538,"asn":37223,"as":"VODACOM","country":"Mozambique","country_code":"MZ"},"ip_src":{"addr":"172.18.0.8","port":58148,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:53:02.567669+0000\",\"flow_id\":1396095821811688,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":58148,\"dest_ip\":\"197.235.239.210\",\"dest_port\":33538,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":7,\"pkts_toclient\":0,\"bytes_toserver\":966,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.266216+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:53:02Z","timestamp":1763664782,"ip_dst":{"addr":"177.125.223.162","port":28450,"asn":262391,"as":"ACESSOLINE TELECOMUNICACOES LTDA","country":"Brazil","country_code":"BR"},"ip_src":{"addr":"172.18.0.8","port":58968,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:53:02.570203+0000\",\"flow_id\":1159305684851340,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":58968,\"dest_ip\":\"177.125.223.162\",\"dest_port\":28450,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":7,\"pkts_toclient\":0,\"bytes_toserver\":966,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.268940+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:53:02Z","timestamp":1763664782,"ip_dst":{"addr":"189.6.36.74","port":24168,"asn":28573,"as":"Claro NXT Telecomunicacoes Ltda","country":"Brazil","country_code":"BR"},"ip_src":{"addr":"172.18.0.8","port":56116,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:53:02.578716+0000\",\"flow_id\":212005550570162,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":56116,\"dest_ip\":\"189.6.36.74\",\"dest_port\":24168,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":7,\"pkts_toclient\":0,\"bytes_toserver\":966,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.277170+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:53:02Z","timestamp":1763664782,"ip_dst":{"addr":"177.129.45.60","port":6061,"asn":28257,"as":"CONCEITOS NET SERVICOS DE COMUNICACAO E MULTIMIDIA","country":"Brazil","country_code":"BR"},"ip_src":{"addr":"172.18.0.8","port":43041,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:53:02.580891+0000\",\"flow_id\":2200079339898029,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":43041,\"dest_ip\":\"177.129.45.60\",\"dest_port\":6061,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":7,\"pkts_toclient\":5,\"bytes_toserver\":966,\"bytes_toclient\":830,\"start\":\"2025-11-20T18:52:56.279725+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:53:02Z","timestamp":1763664782,"ip_dst":{"addr":"168.196.85.91","port":50892,"asn":265447,"as":"Hilink Comunicacoes","country":"Brazil","country_code":"BR"},"ip_src":{"addr":"172.18.0.8","port":50213,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:53:02.583861+0000\",\"flow_id\":1652709380345908,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":50213,\"dest_ip\":\"168.196.85.91\",\"dest_port\":50892,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":7,\"pkts_toclient\":0,\"bytes_toserver\":966,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.282676+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:53:02Z","timestamp":1763664782,"ip_dst":{"addr":"189.28.83.233","port":45616,"asn":27882,"as":"Telefonica Celular de Bolivia S.A.","country":"Bolivia","country_code":"BO"},"ip_src":{"addr":"172.18.0.8","port":43034,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:53:02.584327+0000\",\"flow_id\":1749910932706064,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":43034,\"dest_ip\":\"189.28.83.233\",\"dest_port\":45616,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":7,\"pkts_toclient\":0,\"bytes_toserver\":966,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.283408+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:53:02Z","timestamp":1763664782,"ip_dst":{"addr":"189.28.83.233","port":45588,"asn":27882,"as":"Telefonica Celular de Bolivia S.A.","country":"Bolivia","country_code":"BO"},"ip_src":{"addr":"172.18.0.8","port":43218,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:53:02.610365+0000\",\"flow_id\":2080823130502687,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":43218,\"dest_ip\":\"189.28.83.233\",\"dest_port\":45588,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":7,\"pkts_toclient\":0,\"bytes_toserver\":966,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.308767+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:53:02Z","timestamp":1763664782,"ip_dst":{"addr":"177.129.45.60","port":5543,"asn":28257,"as":"CONCEITOS NET SERVICOS DE COMUNICACAO E MULTIMIDIA","country":"Brazil","country_code":"BR"},"ip_src":{"addr":"172.18.0.8","port":38573,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:53:02.633761+0000\",\"flow_id\":890296850715128,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":38573,\"dest_ip\":\"177.129.45.60\",\"dest_port\":5543,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":7,\"pkts_toclient\":4,\"bytes_toserver\":966,\"bytes_toclient\":664,\"start\":\"2025-11-20T18:52:56.332280+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:53:12Z","timestamp":1763664792,"ip_dst":{"addr":"74.125.250.129","port":19302,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.8","port":33631,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:53:12.785309+0000\",\"flow_id\":1103550568004509,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":33631,\"dest_ip\":\"74.125.250.129\",\"dest_port\":19302,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":62,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:53:12.785309+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:53:12Z","timestamp":1763664792,"ip_dst":{"addr":"74.125.250.129","port":19302,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.8","port":33631,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:53:12.805357+0000\",\"flow_id\":1103550568004509,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":33631,\"dest_ip\":\"74.125.250.129\",\"dest_port\":19302,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":2,\"pkts_toclient\":1,\"bytes_toserver\":124,\"bytes_toclient\":74,\"start\":\"2025-11-20T18:53:12.785309+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:53:12Z","timestamp":1763664792,"ip_dst":{"addr":"45.179.148.136","port":27994,"asn":269107,"as":"J L TELECOMUNICACAO E MULTIMIDIA COMERCIO E SERVIC","country":"Brazil","country_code":"BR"},"ip_src":{"addr":"172.18.0.8","port":33631,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:53:12.805490+0000\",\"flow_id\":1557408352062066,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":33631,\"dest_ip\":\"45.179.148.136\",\"dest_port\":27994,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":134,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:53:12.805490+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:53:12Z","timestamp":1763664792,"ip_dst":{"addr":"74.125.250.129","port":19302,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.8","port":33631,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:53:12.825365+0000\",\"flow_id\":1103550568004509,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":33631,\"dest_ip\":\"74.125.250.129\",\"dest_port\":19302,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":3,\"pkts_toclient\":2,\"bytes_toserver\":186,\"bytes_toclient\":148,\"start\":\"2025-11-20T18:53:12.785309+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:53:12Z","timestamp":1763664792,"ip_dst":{"addr":"74.125.250.129","port":19302,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.8","port":33631,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:53:12.845365+0000\",\"flow_id\":1103550568004509,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":33631,\"dest_ip\":\"74.125.250.129\",\"dest_port\":19302,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":248,\"bytes_toclient\":222,\"start\":\"2025-11-20T18:53:12.785309+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:53:12Z","timestamp":1763664792,"ip_dst":{"addr":"45.179.148.136","port":27994,"asn":269107,"as":"J L TELECOMUNICACAO E MULTIMIDIA COMERCIO E SERVIC","country":"Brazil","country_code":"BR"},"ip_src":{"addr":"172.18.0.8","port":33631,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:53:12.905730+0000\",\"flow_id\":1557408352062066,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":33631,\"dest_ip\":\"45.179.148.136\",\"dest_port\":27994,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":2,\"pkts_toclient\":0,\"bytes_toserver\":268,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:53:12.805490+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:53:13Z","timestamp":1763664793,"ip_dst":{"addr":"45.179.148.136","port":27994,"asn":269107,"as":"J L TELECOMUNICACAO E MULTIMIDIA COMERCIO E SERVIC","country":"Brazil","country_code":"BR"},"ip_src":{"addr":"172.18.0.8","port":33631,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:53:13.105987+0000\",\"flow_id\":1557408352062066,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":33631,\"dest_ip\":\"45.179.148.136\",\"dest_port\":27994,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":3,\"pkts_toclient\":2,\"bytes_toserver\":402,\"bytes_toclient\":324,\"start\":\"2025-11-20T18:53:12.805490+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:53:13Z","timestamp":1763664793,"ip_dst":{"addr":"45.179.148.136","port":27994,"asn":269107,"as":"J L TELECOMUNICACAO E MULTIMIDIA COMERCIO E SERVIC","country":"Brazil","country_code":"BR"},"ip_src":{"addr":"172.18.0.8","port":33631,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:53:13.506222+0000\",\"flow_id\":1557408352062066,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":33631,\"dest_ip\":\"45.179.148.136\",\"dest_port\":27994,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":536,\"bytes_toclient\":486,\"start\":\"2025-11-20T18:53:12.805490+0000\"}}"}],"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-11-20","alert":"Sinkholed","trigger":"esportesembed.top","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-20","alert":"Sinkholed","trigger":"esportesembed.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-11-20","alert":"Sinkholed","trigger":"usrpubtrk.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-20","alert":"Sinkholed","trigger":"usrpubtrk.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-11-20","alert":"Sinkholed","trigger":"usrpubtrk.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-20","alert":"Sinkholed","trigger":"usrpubtrk.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-20","alert":"Sinkholed","trigger":"usrpubtrk.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-11-20","alert":"Sinkholed","trigger":"tracker.openwebtorrent.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-20","alert":"Sinkholed","trigger":"adexchangeclear.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-11-20","alert":"Sinkholed","trigger":"tracker.btorrent.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-20","alert":"Sinkholed","trigger":"tracker.ghostchu-services.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null},"summary":[{"fqdn":"esportesembed.top","ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-09-10","domain_rank":0,"first_seen":"2025-10-18T21:27:21.793479Z","last_seen":"2025-11-15T14:51:59.222562Z","alert_count":4,"request_count":2,"received_data":242270,"sent_data":971,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"9052bea686a7549fe738d20b0ff7636f.eu.r2.cloudflarestorage.com","ip":{"addr":"141.101.90.97","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2018-07-31","domain_rank":0,"first_seen":"2025-11-20T18:53:17.305025Z","last_seen":"2025-11-20T18:53:17.305026Z","alert_count":0,"request_count":1,"received_data":361,"sent_data":861,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"agropesca.live","ip":{"addr":"172.67.160.183","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"unknown","domain_rank":0,"first_seen":"2025-10-23T01:03:33.522369Z","last_seen":"2025-10-23T01:03:33.522369Z","alert_count":0,"request_count":12,"received_data":45226,"sent_data":5568,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}]},{"fqdn":"9f0d527d48adc98459ac08f2722ffb39.eu.r2.cloudflarestorage.com","ip":{"addr":"141.101.90.96","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2018-07-31","domain_rank":0,"first_seen":"2025-10-23T01:03:33.530081Z","last_seen":"2025-10-23T01:03:33.530081Z","alert_count":0,"request_count":2,"received_data":722,"sent_data":1724,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"53080c823891e21c76bd11880812a6e2.r2.cloudflarestorage.com","ip":{"addr":"172.64.66.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"domain_registered":"2018-07-31","domain_rank":0,"first_seen":"2025-11-20T18:53:17.312174Z","last_seen":"2025-11-20T18:53:17.312174Z","alert_count":0,"request_count":1,"received_data":361,"sent_data":857,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"rdcplayer.online","ip":{"addr":"104.21.56.33","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-08-14","domain_rank":0,"first_seen":"2025-09-14T14:46:09.361416Z","last_seen":"2025-10-23T01:03:35.074607Z","alert_count":0,"request_count":1,"received_data":154390,"sent_data":543,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"cdn.jsdelivr.net","ip":{"addr":"151.101.65.229","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"domain_registered":"2012-05-16","domain_rank":1678,"first_seen":"2012-09-30T00:15:09Z","last_seen":"2025-11-16T22:24:12.204838Z","alert_count":0,"request_count":6,"received_data":736769,"sent_data":2860,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"usrpubtrk.com","ip":{"addr":"104.21.92.33","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-06-16","domain_rank":6824,"first_seen":"2025-06-17T13:34:00.105327Z","last_seen":"2025-11-19T17:18:27.892789Z","alert_count":5,"request_count":1,"received_data":530,"sent_data":492,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}]},{"fqdn":"tracker.openwebtorrent.com","ip":{"addr":"104.21.31.24","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2016-01-13","domain_rank":510801,"first_seen":"2016-08-24T12:44:04Z","last_seen":"2025-11-15T23:50:13.207181Z","alert_count":1,"request_count":1,"received_data":948,"sent_data":566,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"932aa9b73656f4979c91ac15dd86e976.eu.r2.cloudflarestorage.com","ip":{"addr":"141.101.90.96","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2018-07-31","domain_rank":0,"first_seen":"2025-11-20T18:53:17.318773Z","last_seen":"2025-11-20T18:53:17.318773Z","alert_count":0,"request_count":1,"received_data":361,"sent_data":864,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"adexchangeclear.com","ip":{"addr":"172.67.223.87","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2015-04-27","domain_rank":24943,"first_seen":"2025-07-16T08:40:02.47428Z","last_seen":"2025-11-17T13:55:56.757999Z","alert_count":1,"request_count":1,"received_data":1708,"sent_data":835,"comment":"","tags":null,"fingerprints":[{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"123754360001f4a38299b3a524d7daa3.eu.r2.cloudflarestorage.com","ip":{"addr":"141.101.90.97","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2018-07-31","domain_rank":0,"first_seen":"2025-10-23T01:03:33.5431Z","last_seen":"2025-10-23T01:03:33.5431Z","alert_count":0,"request_count":3,"received_data":1083,"sent_data":2586,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"tracker.btorrent.xyz","ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"domain_registered":"2015-11-27","domain_rank":1851469,"first_seen":"2016-01-06T11:12:52Z","last_seen":"2025-10-28T11:50:54.371339Z","alert_count":1,"request_count":1,"received_data":0,"sent_data":560,"comment":"","tags":null,"fingerprints":null},{"fqdn":"tracker.ghostchu-services.top","ip":{"addr":"172.67.181.132","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2023-02-06","domain_rank":1359222,"first_seen":"2025-05-11T21:41:20.992577Z","last_seen":"2025-10-23T01:03:35.332911Z","alert_count":1,"request_count":1,"received_data":835,"sent_data":577,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:55Z","timestamp":1763664775,"ip_dst":{"addr":"74.125.250.129","port":19302,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.8","port":52251,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:55.691462+0000\",\"flow_id\":2089466752109830,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":52251,\"dest_ip\":\"74.125.250.129\",\"dest_port\":19302,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":62,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:55.691462+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:55Z","timestamp":1763664775,"ip_dst":{"addr":"74.125.250.129","port":19302,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.8","port":39606,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:55.691596+0000\",\"flow_id\":757365465386380,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":39606,\"dest_ip\":\"74.125.250.129\",\"dest_port\":19302,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":62,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:55.691596+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:55Z","timestamp":1763664775,"ip_dst":{"addr":"74.125.250.129","port":19302,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.8","port":43041,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:55.691640+0000\",\"flow_id\":1440784956493240,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":43041,\"dest_ip\":\"74.125.250.129\",\"dest_port\":19302,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":62,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:55.691640+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:55Z","timestamp":1763664775,"ip_dst":{"addr":"74.125.250.129","port":19302,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.8","port":46885,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:55.691676+0000\",\"flow_id\":1728547765325276,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":46885,\"dest_ip\":\"74.125.250.129\",\"dest_port\":19302,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":62,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:55.691676+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:55Z","timestamp":1763664775,"ip_dst":{"addr":"74.125.250.129","port":19302,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.8","port":39891,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:55.691765+0000\",\"flow_id\":221564000243253,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":39891,\"dest_ip\":\"74.125.250.129\",\"dest_port\":19302,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":62,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:55.691765+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:55Z","timestamp":1763664775,"ip_dst":{"addr":"74.125.250.129","port":19302,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.8","port":43034,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:55.691845+0000\",\"flow_id\":1223425251577477,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":43034,\"dest_ip\":\"74.125.250.129\",\"dest_port\":19302,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":62,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:55.691845+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:55Z","timestamp":1763664775,"ip_dst":{"addr":"74.125.250.129","port":19302,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.8","port":60679,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:55.691808+0000\",\"flow_id\":1904523312860768,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":60679,\"dest_ip\":\"74.125.250.129\",\"dest_port\":19302,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":62,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:55.691808+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:55Z","timestamp":1763664775,"ip_dst":{"addr":"74.125.250.129","port":19302,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.8","port":57185,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:55.691896+0000\",\"flow_id\":24783631126200,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":57185,\"dest_ip\":\"74.125.250.129\",\"dest_port\":19302,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":62,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:55.691896+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:55Z","timestamp":1763664775,"ip_dst":{"addr":"74.125.250.129","port":19302,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.8","port":60491,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:55.691935+0000\",\"flow_id\":1998757042818783,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":60491,\"dest_ip\":\"74.125.250.129\",\"dest_port\":19302,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":62,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:55.691935+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:55Z","timestamp":1763664775,"ip_dst":{"addr":"74.125.250.129","port":19302,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.8","port":50213,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:55.691998+0000\",\"flow_id\":413856128536350,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":50213,\"dest_ip\":\"74.125.250.129\",\"dest_port\":19302,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":62,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:55.691998+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:55Z","timestamp":1763664775,"ip_dst":{"addr":"74.125.250.129","port":19302,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.8","port":48276,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:55.692034+0000\",\"flow_id\":2203055752187714,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":48276,\"dest_ip\":\"74.125.250.129\",\"dest_port\":19302,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":62,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:55.692034+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:55Z","timestamp":1763664775,"ip_dst":{"addr":"74.125.250.129","port":19302,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.8","port":57948,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:55.691970+0000\",\"flow_id\":2186906675154690,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":57948,\"dest_ip\":\"74.125.250.129\",\"dest_port\":19302,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":62,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:55.691970+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:55Z","timestamp":1763664775,"ip_dst":{"addr":"74.125.250.129","port":19302,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.8","port":38573,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:55.692069+0000\",\"flow_id\":845206136524645,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":38573,\"dest_ip\":\"74.125.250.129\",\"dest_port\":19302,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":62,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:55.692069+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:55Z","timestamp":1763664775,"ip_dst":{"addr":"74.125.250.129","port":19302,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.8","port":54200,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:55.692104+0000\",\"flow_id\":571391233986440,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":54200,\"dest_ip\":\"74.125.250.129\",\"dest_port\":19302,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":62,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:55.692104+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:55Z","timestamp":1763664775,"ip_dst":{"addr":"74.125.250.129","port":19302,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.8","port":38634,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:55.692143+0000\",\"flow_id\":1381471458135983,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":38634,\"dest_ip\":\"74.125.250.129\",\"dest_port\":19302,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":62,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:55.692143+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:55Z","timestamp":1763664775,"ip_dst":{"addr":"74.125.250.129","port":19302,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.8","port":43218,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:55.692183+0000\",\"flow_id\":971201149636567,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":43218,\"dest_ip\":\"74.125.250.129\",\"dest_port\":19302,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":62,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:55.692183+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:55Z","timestamp":1763664775,"ip_dst":{"addr":"74.125.250.129","port":19302,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.8","port":58148,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:55.692215+0000\",\"flow_id\":1636586073067511,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":58148,\"dest_ip\":\"74.125.250.129\",\"dest_port\":19302,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":62,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:55.692215+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:55Z","timestamp":1763664775,"ip_dst":{"addr":"74.125.250.129","port":19302,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.8","port":56116,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:55.692251+0000\",\"flow_id\":1793184875647003,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":56116,\"dest_ip\":\"74.125.250.129\",\"dest_port\":19302,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":62,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:55.692251+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:55Z","timestamp":1763664775,"ip_dst":{"addr":"74.125.250.129","port":19302,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.8","port":50353,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:55.692282+0000\",\"flow_id\":612326567284794,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":50353,\"dest_ip\":\"74.125.250.129\",\"dest_port\":19302,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":62,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:55.692282+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:55Z","timestamp":1763664775,"ip_dst":{"addr":"74.125.250.129","port":19302,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.8","port":58968,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:55.692316+0000\",\"flow_id\":2120149998473308,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":58968,\"dest_ip\":\"74.125.250.129\",\"dest_port\":19302,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":62,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:55.692316+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:55Z","timestamp":1763664775,"ip_dst":{"addr":"74.125.250.129","port":19302,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.8","port":52251,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:55.712557+0000\",\"flow_id\":2089466752109830,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":52251,\"dest_ip\":\"74.125.250.129\",\"dest_port\":19302,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":2,\"pkts_toclient\":1,\"bytes_toserver\":124,\"bytes_toclient\":74,\"start\":\"2025-11-20T18:52:55.691462+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:55Z","timestamp":1763664775,"ip_dst":{"addr":"74.125.250.129","port":19302,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.8","port":39606,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:55.712650+0000\",\"flow_id\":757365465386380,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":39606,\"dest_ip\":\"74.125.250.129\",\"dest_port\":19302,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":2,\"pkts_toclient\":1,\"bytes_toserver\":124,\"bytes_toclient\":74,\"start\":\"2025-11-20T18:52:55.691596+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:55Z","timestamp":1763664775,"ip_dst":{"addr":"74.125.250.129","port":19302,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.8","port":43041,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:55.712688+0000\",\"flow_id\":1440784956493240,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":43041,\"dest_ip\":\"74.125.250.129\",\"dest_port\":19302,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":2,\"pkts_toclient\":0,\"bytes_toserver\":124,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:55.691640+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:55Z","timestamp":1763664775,"ip_dst":{"addr":"74.125.250.129","port":19302,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.8","port":46885,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:55.712733+0000\",\"flow_id\":1728547765325276,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":46885,\"dest_ip\":\"74.125.250.129\",\"dest_port\":19302,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":2,\"pkts_toclient\":0,\"bytes_toserver\":124,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:55.691676+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:55Z","timestamp":1763664775,"ip_dst":{"addr":"74.125.250.129","port":19302,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.8","port":39891,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:55.712773+0000\",\"flow_id\":221564000243253,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":39891,\"dest_ip\":\"74.125.250.129\",\"dest_port\":19302,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":2,\"pkts_toclient\":1,\"bytes_toserver\":124,\"bytes_toclient\":74,\"start\":\"2025-11-20T18:52:55.691765+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:55Z","timestamp":1763664775,"ip_dst":{"addr":"74.125.250.129","port":19302,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.8","port":60679,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:55.712812+0000\",\"flow_id\":1904523312860768,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":60679,\"dest_ip\":\"74.125.250.129\",\"dest_port\":19302,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":2,\"pkts_toclient\":0,\"bytes_toserver\":124,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:55.691808+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:55Z","timestamp":1763664775,"ip_dst":{"addr":"74.125.250.129","port":19302,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.8","port":43034,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:55.712848+0000\",\"flow_id\":1223425251577477,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":43034,\"dest_ip\":\"74.125.250.129\",\"dest_port\":19302,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":2,\"pkts_toclient\":1,\"bytes_toserver\":124,\"bytes_toclient\":74,\"start\":\"2025-11-20T18:52:55.691845+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:55Z","timestamp":1763664775,"ip_dst":{"addr":"74.125.250.129","port":19302,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.8","port":57185,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:55.712889+0000\",\"flow_id\":24783631126200,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":57185,\"dest_ip\":\"74.125.250.129\",\"dest_port\":19302,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":2,\"pkts_toclient\":1,\"bytes_toserver\":124,\"bytes_toclient\":74,\"start\":\"2025-11-20T18:52:55.691896+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:55Z","timestamp":1763664775,"ip_dst":{"addr":"74.125.250.129","port":19302,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.8","port":60491,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:55.712928+0000\",\"flow_id\":1998757042818783,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":60491,\"dest_ip\":\"74.125.250.129\",\"dest_port\":19302,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":2,\"pkts_toclient\":1,\"bytes_toserver\":124,\"bytes_toclient\":74,\"start\":\"2025-11-20T18:52:55.691935+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:55Z","timestamp":1763664775,"ip_dst":{"addr":"74.125.250.129","port":19302,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.8","port":57948,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:55.712969+0000\",\"flow_id\":2186906675154690,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":57948,\"dest_ip\":\"74.125.250.129\",\"dest_port\":19302,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":2,\"pkts_toclient\":0,\"bytes_toserver\":124,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:55.691970+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:55Z","timestamp":1763664775,"ip_dst":{"addr":"74.125.250.129","port":19302,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.8","port":50213,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:55.713003+0000\",\"flow_id\":413856128536350,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":50213,\"dest_ip\":\"74.125.250.129\",\"dest_port\":19302,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":2,\"pkts_toclient\":1,\"bytes_toserver\":124,\"bytes_toclient\":74,\"start\":\"2025-11-20T18:52:55.691998+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:55Z","timestamp":1763664775,"ip_dst":{"addr":"74.125.250.129","port":19302,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.8","port":48276,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:55.713042+0000\",\"flow_id\":2203055752187714,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":48276,\"dest_ip\":\"74.125.250.129\",\"dest_port\":19302,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":2,\"pkts_toclient\":1,\"bytes_toserver\":124,\"bytes_toclient\":74,\"start\":\"2025-11-20T18:52:55.692034+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:55Z","timestamp":1763664775,"ip_dst":{"addr":"74.125.250.129","port":19302,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.8","port":38573,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:55.713079+0000\",\"flow_id\":845206136524645,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":38573,\"dest_ip\":\"74.125.250.129\",\"dest_port\":19302,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":2,\"pkts_toclient\":1,\"bytes_toserver\":124,\"bytes_toclient\":74,\"start\":\"2025-11-20T18:52:55.692069+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:55Z","timestamp":1763664775,"ip_dst":{"addr":"74.125.250.129","port":19302,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.8","port":54200,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:55.713118+0000\",\"flow_id\":571391233986440,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":54200,\"dest_ip\":\"74.125.250.129\",\"dest_port\":19302,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":2,\"pkts_toclient\":1,\"bytes_toserver\":124,\"bytes_toclient\":74,\"start\":\"2025-11-20T18:52:55.692104+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:55Z","timestamp":1763664775,"ip_dst":{"addr":"74.125.250.129","port":19302,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.8","port":38634,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:55.713158+0000\",\"flow_id\":1381471458135983,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":38634,\"dest_ip\":\"74.125.250.129\",\"dest_port\":19302,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":2,\"pkts_toclient\":1,\"bytes_toserver\":124,\"bytes_toclient\":74,\"start\":\"2025-11-20T18:52:55.692143+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:55Z","timestamp":1763664775,"ip_dst":{"addr":"74.125.250.129","port":19302,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.8","port":43218,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:55.713197+0000\",\"flow_id\":971201149636567,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":43218,\"dest_ip\":\"74.125.250.129\",\"dest_port\":19302,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":2,\"pkts_toclient\":0,\"bytes_toserver\":124,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:55.692183+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:55Z","timestamp":1763664775,"ip_dst":{"addr":"74.125.250.129","port":19302,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.8","port":58148,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:55.713233+0000\",\"flow_id\":1636586073067511,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":58148,\"dest_ip\":\"74.125.250.129\",\"dest_port\":19302,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":2,\"pkts_toclient\":1,\"bytes_toserver\":124,\"bytes_toclient\":74,\"start\":\"2025-11-20T18:52:55.692215+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:55Z","timestamp":1763664775,"ip_dst":{"addr":"74.125.250.129","port":19302,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.8","port":56116,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:55.713272+0000\",\"flow_id\":1793184875647003,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":56116,\"dest_ip\":\"74.125.250.129\",\"dest_port\":19302,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":2,\"pkts_toclient\":1,\"bytes_toserver\":124,\"bytes_toclient\":74,\"start\":\"2025-11-20T18:52:55.692251+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:55Z","timestamp":1763664775,"ip_dst":{"addr":"74.125.250.129","port":19302,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.8","port":50353,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:55.713308+0000\",\"flow_id\":612326567284794,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":50353,\"dest_ip\":\"74.125.250.129\",\"dest_port\":19302,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":2,\"pkts_toclient\":0,\"bytes_toserver\":124,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:55.692282+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:55Z","timestamp":1763664775,"ip_dst":{"addr":"74.125.250.129","port":19302,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.8","port":58968,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:55.713345+0000\",\"flow_id\":2120149998473308,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":58968,\"dest_ip\":\"74.125.250.129\",\"dest_port\":19302,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":2,\"pkts_toclient\":0,\"bytes_toserver\":124,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:55.692316+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:55Z","timestamp":1763664775,"ip_dst":{"addr":"74.125.250.129","port":19302,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.8","port":52251,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:55.732926+0000\",\"flow_id\":2089466752109830,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":52251,\"dest_ip\":\"74.125.250.129\",\"dest_port\":19302,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":3,\"pkts_toclient\":2,\"bytes_toserver\":186,\"bytes_toclient\":148,\"start\":\"2025-11-20T18:52:55.691462+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:55Z","timestamp":1763664775,"ip_dst":{"addr":"74.125.250.129","port":19302,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.8","port":39606,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:55.733034+0000\",\"flow_id\":757365465386380,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":39606,\"dest_ip\":\"74.125.250.129\",\"dest_port\":19302,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":3,\"pkts_toclient\":2,\"bytes_toserver\":186,\"bytes_toclient\":148,\"start\":\"2025-11-20T18:52:55.691596+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:55Z","timestamp":1763664775,"ip_dst":{"addr":"74.125.250.129","port":19302,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.8","port":46885,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:55.733120+0000\",\"flow_id\":1728547765325276,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":46885,\"dest_ip\":\"74.125.250.129\",\"dest_port\":19302,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":3,\"pkts_toclient\":1,\"bytes_toserver\":186,\"bytes_toclient\":74,\"start\":\"2025-11-20T18:52:55.691676+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:55Z","timestamp":1763664775,"ip_dst":{"addr":"74.125.250.129","port":19302,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.8","port":43041,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:55.733082+0000\",\"flow_id\":1440784956493240,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":43041,\"dest_ip\":\"74.125.250.129\",\"dest_port\":19302,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":3,\"pkts_toclient\":1,\"bytes_toserver\":186,\"bytes_toclient\":74,\"start\":\"2025-11-20T18:52:55.691640+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:55Z","timestamp":1763664775,"ip_dst":{"addr":"74.125.250.129","port":19302,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.8","port":39891,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:55.733165+0000\",\"flow_id\":221564000243253,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":39891,\"dest_ip\":\"74.125.250.129\",\"dest_port\":19302,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":3,\"pkts_toclient\":2,\"bytes_toserver\":186,\"bytes_toclient\":148,\"start\":\"2025-11-20T18:52:55.691765+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:55Z","timestamp":1763664775,"ip_dst":{"addr":"74.125.250.129","port":19302,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.8","port":43034,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:55.733254+0000\",\"flow_id\":1223425251577477,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":43034,\"dest_ip\":\"74.125.250.129\",\"dest_port\":19302,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":3,\"pkts_toclient\":2,\"bytes_toserver\":186,\"bytes_toclient\":148,\"start\":\"2025-11-20T18:52:55.691845+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:55Z","timestamp":1763664775,"ip_dst":{"addr":"74.125.250.129","port":19302,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.8","port":60679,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:55.733213+0000\",\"flow_id\":1904523312860768,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":60679,\"dest_ip\":\"74.125.250.129\",\"dest_port\":19302,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":3,\"pkts_toclient\":1,\"bytes_toserver\":186,\"bytes_toclient\":74,\"start\":\"2025-11-20T18:52:55.691808+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:55Z","timestamp":1763664775,"ip_dst":{"addr":"74.125.250.129","port":19302,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.8","port":57185,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:55.733385+0000\",\"flow_id\":24783631126200,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":57185,\"dest_ip\":\"74.125.250.129\",\"dest_port\":19302,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":3,\"pkts_toclient\":2,\"bytes_toserver\":186,\"bytes_toclient\":148,\"start\":\"2025-11-20T18:52:55.691896+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:55Z","timestamp":1763664775,"ip_dst":{"addr":"74.125.250.129","port":19302,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.8","port":60491,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:55.733427+0000\",\"flow_id\":1998757042818783,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":60491,\"dest_ip\":\"74.125.250.129\",\"dest_port\":19302,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":3,\"pkts_toclient\":2,\"bytes_toserver\":186,\"bytes_toclient\":148,\"start\":\"2025-11-20T18:52:55.691935+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:55Z","timestamp":1763664775,"ip_dst":{"addr":"74.125.250.129","port":19302,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.8","port":50213,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:55.733493+0000\",\"flow_id\":413856128536350,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":50213,\"dest_ip\":\"74.125.250.129\",\"dest_port\":19302,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":3,\"pkts_toclient\":2,\"bytes_toserver\":186,\"bytes_toclient\":148,\"start\":\"2025-11-20T18:52:55.691998+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:55Z","timestamp":1763664775,"ip_dst":{"addr":"74.125.250.129","port":19302,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.8","port":57948,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:55.733463+0000\",\"flow_id\":2186906675154690,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":57948,\"dest_ip\":\"74.125.250.129\",\"dest_port\":19302,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":3,\"pkts_toclient\":1,\"bytes_toserver\":186,\"bytes_toclient\":74,\"start\":\"2025-11-20T18:52:55.691970+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:55Z","timestamp":1763664775,"ip_dst":{"addr":"74.125.250.129","port":19302,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.8","port":38573,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:55.733560+0000\",\"flow_id\":845206136524645,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":38573,\"dest_ip\":\"74.125.250.129\",\"dest_port\":19302,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":3,\"pkts_toclient\":2,\"bytes_toserver\":186,\"bytes_toclient\":148,\"start\":\"2025-11-20T18:52:55.692069+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:55Z","timestamp":1763664775,"ip_dst":{"addr":"74.125.250.129","port":19302,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.8","port":38634,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:55.733630+0000\",\"flow_id\":1381471458135983,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":38634,\"dest_ip\":\"74.125.250.129\",\"dest_port\":19302,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":3,\"pkts_toclient\":2,\"bytes_toserver\":186,\"bytes_toclient\":148,\"start\":\"2025-11-20T18:52:55.692143+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:55Z","timestamp":1763664775,"ip_dst":{"addr":"74.125.250.129","port":19302,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.8","port":54200,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:55.733595+0000\",\"flow_id\":571391233986440,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":54200,\"dest_ip\":\"74.125.250.129\",\"dest_port\":19302,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":3,\"pkts_toclient\":2,\"bytes_toserver\":186,\"bytes_toclient\":148,\"start\":\"2025-11-20T18:52:55.692104+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:55Z","timestamp":1763664775,"ip_dst":{"addr":"74.125.250.129","port":19302,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.8","port":48276,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:55.733529+0000\",\"flow_id\":2203055752187714,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":48276,\"dest_ip\":\"74.125.250.129\",\"dest_port\":19302,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":3,\"pkts_toclient\":2,\"bytes_toserver\":186,\"bytes_toclient\":148,\"start\":\"2025-11-20T18:52:55.692034+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:55Z","timestamp":1763664775,"ip_dst":{"addr":"74.125.250.129","port":19302,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.8","port":43218,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:55.733752+0000\",\"flow_id\":971201149636567,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":43218,\"dest_ip\":\"74.125.250.129\",\"dest_port\":19302,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":3,\"pkts_toclient\":1,\"bytes_toserver\":186,\"bytes_toclient\":74,\"start\":\"2025-11-20T18:52:55.692183+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:55Z","timestamp":1763664775,"ip_dst":{"addr":"74.125.250.129","port":19302,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.8","port":58148,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:55.733790+0000\",\"flow_id\":1636586073067511,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":58148,\"dest_ip\":\"74.125.250.129\",\"dest_port\":19302,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":3,\"pkts_toclient\":2,\"bytes_toserver\":186,\"bytes_toclient\":148,\"start\":\"2025-11-20T18:52:55.692215+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:55Z","timestamp":1763664775,"ip_dst":{"addr":"74.125.250.129","port":19302,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.8","port":56116,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:55.733824+0000\",\"flow_id\":1793184875647003,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":56116,\"dest_ip\":\"74.125.250.129\",\"dest_port\":19302,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":3,\"pkts_toclient\":2,\"bytes_toserver\":186,\"bytes_toclient\":148,\"start\":\"2025-11-20T18:52:55.692251+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:55Z","timestamp":1763664775,"ip_dst":{"addr":"74.125.250.129","port":19302,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.8","port":50353,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:55.733855+0000\",\"flow_id\":612326567284794,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":50353,\"dest_ip\":\"74.125.250.129\",\"dest_port\":19302,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":3,\"pkts_toclient\":1,\"bytes_toserver\":186,\"bytes_toclient\":74,\"start\":\"2025-11-20T18:52:55.692282+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:55Z","timestamp":1763664775,"ip_dst":{"addr":"74.125.250.129","port":19302,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.8","port":58968,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:55.733888+0000\",\"flow_id\":2120149998473308,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":58968,\"dest_ip\":\"74.125.250.129\",\"dest_port\":19302,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":3,\"pkts_toclient\":1,\"bytes_toserver\":186,\"bytes_toclient\":74,\"start\":\"2025-11-20T18:52:55.692316+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:55Z","timestamp":1763664775,"ip_dst":{"addr":"74.125.250.129","port":19302,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.8","port":52251,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:55.766823+0000\",\"flow_id\":2089466752109830,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":52251,\"dest_ip\":\"74.125.250.129\",\"dest_port\":19302,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":248,\"bytes_toclient\":222,\"start\":\"2025-11-20T18:52:55.691462+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:55Z","timestamp":1763664775,"ip_dst":{"addr":"74.125.250.129","port":19302,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.8","port":39606,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:55.766905+0000\",\"flow_id\":757365465386380,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":39606,\"dest_ip\":\"74.125.250.129\",\"dest_port\":19302,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":248,\"bytes_toclient\":222,\"start\":\"2025-11-20T18:52:55.691596+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:55Z","timestamp":1763664775,"ip_dst":{"addr":"74.125.250.129","port":19302,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.8","port":43041,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:55.766946+0000\",\"flow_id\":1440784956493240,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":43041,\"dest_ip\":\"74.125.250.129\",\"dest_port\":19302,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":248,\"bytes_toclient\":222,\"start\":\"2025-11-20T18:52:55.691640+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:55Z","timestamp":1763664775,"ip_dst":{"addr":"74.125.250.129","port":19302,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.8","port":46885,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:55.766985+0000\",\"flow_id\":1728547765325276,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":46885,\"dest_ip\":\"74.125.250.129\",\"dest_port\":19302,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":248,\"bytes_toclient\":222,\"start\":\"2025-11-20T18:52:55.691676+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:55Z","timestamp":1763664775,"ip_dst":{"addr":"74.125.250.129","port":19302,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.8","port":39891,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:55.767019+0000\",\"flow_id\":221564000243253,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":39891,\"dest_ip\":\"74.125.250.129\",\"dest_port\":19302,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":248,\"bytes_toclient\":222,\"start\":\"2025-11-20T18:52:55.691765+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:55Z","timestamp":1763664775,"ip_dst":{"addr":"74.125.250.129","port":19302,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.8","port":60679,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:55.767059+0000\",\"flow_id\":1904523312860768,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":60679,\"dest_ip\":\"74.125.250.129\",\"dest_port\":19302,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":248,\"bytes_toclient\":222,\"start\":\"2025-11-20T18:52:55.691808+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:55Z","timestamp":1763664775,"ip_dst":{"addr":"74.125.250.129","port":19302,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.8","port":43034,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:55.767096+0000\",\"flow_id\":1223425251577477,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":43034,\"dest_ip\":\"74.125.250.129\",\"dest_port\":19302,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":248,\"bytes_toclient\":222,\"start\":\"2025-11-20T18:52:55.691845+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:55Z","timestamp":1763664775,"ip_dst":{"addr":"74.125.250.129","port":19302,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.8","port":57185,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:55.767135+0000\",\"flow_id\":24783631126200,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":57185,\"dest_ip\":\"74.125.250.129\",\"dest_port\":19302,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":248,\"bytes_toclient\":222,\"start\":\"2025-11-20T18:52:55.691896+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:55Z","timestamp":1763664775,"ip_dst":{"addr":"74.125.250.129","port":19302,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.8","port":60491,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:55.767169+0000\",\"flow_id\":1998757042818783,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":60491,\"dest_ip\":\"74.125.250.129\",\"dest_port\":19302,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":248,\"bytes_toclient\":222,\"start\":\"2025-11-20T18:52:55.691935+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:55Z","timestamp":1763664775,"ip_dst":{"addr":"74.125.250.129","port":19302,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.8","port":50213,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:55.767237+0000\",\"flow_id\":413856128536350,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":50213,\"dest_ip\":\"74.125.250.129\",\"dest_port\":19302,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":248,\"bytes_toclient\":222,\"start\":\"2025-11-20T18:52:55.691998+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:55Z","timestamp":1763664775,"ip_dst":{"addr":"74.125.250.129","port":19302,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.8","port":57948,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:55.767206+0000\",\"flow_id\":2186906675154690,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":57948,\"dest_ip\":\"74.125.250.129\",\"dest_port\":19302,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":248,\"bytes_toclient\":222,\"start\":\"2025-11-20T18:52:55.691970+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:55Z","timestamp":1763664775,"ip_dst":{"addr":"74.125.250.129","port":19302,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.8","port":48276,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:55.767274+0000\",\"flow_id\":2203055752187714,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":48276,\"dest_ip\":\"74.125.250.129\",\"dest_port\":19302,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":248,\"bytes_toclient\":222,\"start\":\"2025-11-20T18:52:55.692034+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:55Z","timestamp":1763664775,"ip_dst":{"addr":"74.125.250.129","port":19302,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.8","port":38573,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:55.767308+0000\",\"flow_id\":845206136524645,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":38573,\"dest_ip\":\"74.125.250.129\",\"dest_port\":19302,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":248,\"bytes_toclient\":222,\"start\":\"2025-11-20T18:52:55.692069+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:55Z","timestamp":1763664775,"ip_dst":{"addr":"74.125.250.129","port":19302,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.8","port":54200,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:55.767345+0000\",\"flow_id\":571391233986440,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":54200,\"dest_ip\":\"74.125.250.129\",\"dest_port\":19302,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":248,\"bytes_toclient\":222,\"start\":\"2025-11-20T18:52:55.692104+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:55Z","timestamp":1763664775,"ip_dst":{"addr":"74.125.250.129","port":19302,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.8","port":38634,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:55.767382+0000\",\"flow_id\":1381471458135983,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":38634,\"dest_ip\":\"74.125.250.129\",\"dest_port\":19302,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":248,\"bytes_toclient\":222,\"start\":\"2025-11-20T18:52:55.692143+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:55Z","timestamp":1763664775,"ip_dst":{"addr":"74.125.250.129","port":19302,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.8","port":58148,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:55.767454+0000\",\"flow_id\":1636586073067511,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":58148,\"dest_ip\":\"74.125.250.129\",\"dest_port\":19302,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":248,\"bytes_toclient\":222,\"start\":\"2025-11-20T18:52:55.692215+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:55Z","timestamp":1763664775,"ip_dst":{"addr":"74.125.250.129","port":19302,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.8","port":43218,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:55.767419+0000\",\"flow_id\":971201149636567,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":43218,\"dest_ip\":\"74.125.250.129\",\"dest_port\":19302,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":248,\"bytes_toclient\":222,\"start\":\"2025-11-20T18:52:55.692183+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:55Z","timestamp":1763664775,"ip_dst":{"addr":"74.125.250.129","port":19302,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.8","port":56116,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:55.767491+0000\",\"flow_id\":1793184875647003,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":56116,\"dest_ip\":\"74.125.250.129\",\"dest_port\":19302,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":248,\"bytes_toclient\":222,\"start\":\"2025-11-20T18:52:55.692251+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:55Z","timestamp":1763664775,"ip_dst":{"addr":"74.125.250.129","port":19302,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.8","port":50353,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:55.767527+0000\",\"flow_id\":612326567284794,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":50353,\"dest_ip\":\"74.125.250.129\",\"dest_port\":19302,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":248,\"bytes_toclient\":222,\"start\":\"2025-11-20T18:52:55.692282+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:55Z","timestamp":1763664775,"ip_dst":{"addr":"74.125.250.129","port":19302,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.8","port":58968,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:55.767586+0000\",\"flow_id\":2120149998473308,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":58968,\"dest_ip\":\"74.125.250.129\",\"dest_port\":19302,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":248,\"bytes_toclient\":222,\"start\":\"2025-11-20T18:52:55.692316+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:56Z","timestamp":1763664776,"ip_dst":{"addr":"45.229.120.79","port":23185,"asn":267114,"as":"LINK NET BANDA LARGA EIRELI - ME","country":"Brazil","country_code":"BR"},"ip_src":{"addr":"172.18.0.8","port":60491,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:56.163190+0000\",\"flow_id\":932857829162358,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":60491,\"dest_ip\":\"45.229.120.79\",\"dest_port\":23185,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":138,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.163190+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:56Z","timestamp":1763664776,"ip_dst":{"addr":"187.73.12.211","port":52375,"asn":28201,"as":"Companhia Itabirana Telecomunicacoes Ltda","country":"Brazil","country_code":"BR"},"ip_src":{"addr":"172.18.0.8","port":39606,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:56.174443+0000\",\"flow_id\":2093175456442731,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":39606,\"dest_ip\":\"187.73.12.211\",\"dest_port\":52375,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":138,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.174443+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:56Z","timestamp":1763664776,"ip_dst":{"addr":"186.216.220.5","port":64539,"asn":52999,"as":"START TELECOM LTDA","country":"Brazil","country_code":"BR"},"ip_src":{"addr":"172.18.0.8","port":60679,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:56.192646+0000\",\"flow_id\":522643355267206,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":60679,\"dest_ip\":\"186.216.220.5\",\"dest_port\":64539,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":138,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.192646+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:56Z","timestamp":1763664776,"ip_dst":{"addr":"170.81.211.236","port":48461,"asn":266423,"as":"CONNECTVY TELECOMUNICACOES LTDA","country":"Brazil","country_code":"BR"},"ip_src":{"addr":"172.18.0.8","port":48276,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:56.225429+0000\",\"flow_id\":1074089238753429,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":48276,\"dest_ip\":\"170.81.211.236\",\"dest_port\":48461,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":138,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.225429+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:56Z","timestamp":1763664776,"ip_dst":{"addr":"197.235.239.210","port":33540,"asn":37223,"as":"VODACOM","country":"Mozambique","country_code":"MZ"},"ip_src":{"addr":"172.18.0.8","port":52251,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:56.229419+0000\",\"flow_id\":1104766042669099,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":52251,\"dest_ip\":\"197.235.239.210\",\"dest_port\":33540,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":138,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.229419+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:56Z","timestamp":1763664776,"ip_dst":{"addr":"177.125.223.162","port":28607,"asn":262391,"as":"ACESSOLINE TELECOMUNICACOES LTDA","country":"Brazil","country_code":"BR"},"ip_src":{"addr":"172.18.0.8","port":39891,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:56.233659+0000\",\"flow_id\":145405640216763,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":39891,\"dest_ip\":\"177.125.223.162\",\"dest_port\":28607,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":138,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.233659+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:56Z","timestamp":1763664776,"ip_dst":{"addr":"187.73.12.211","port":52373,"asn":28201,"as":"Companhia Itabirana Telecomunicacoes Ltda","country":"Brazil","country_code":"BR"},"ip_src":{"addr":"172.18.0.8","port":38634,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:56.236660+0000\",\"flow_id\":317726170586228,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":38634,\"dest_ip\":\"187.73.12.211\",\"dest_port\":52373,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":138,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.236660+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:56Z","timestamp":1763664776,"ip_dst":{"addr":"186.216.220.5","port":64537,"asn":52999,"as":"START TELECOM LTDA","country":"Brazil","country_code":"BR"},"ip_src":{"addr":"172.18.0.8","port":54200,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:56.245116+0000\",\"flow_id\":116399578594684,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":54200,\"dest_ip\":\"186.216.220.5\",\"dest_port\":64537,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":138,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.245116+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:56Z","timestamp":1763664776,"ip_dst":{"addr":"168.196.85.91","port":50992,"asn":265447,"as":"Hilink Comunicacoes","country":"Brazil","country_code":"BR"},"ip_src":{"addr":"172.18.0.8","port":46885,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:56.249184+0000\",\"flow_id\":507823570603360,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":46885,\"dest_ip\":\"168.196.85.91\",\"dest_port\":50992,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":138,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.249184+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:56Z","timestamp":1763664776,"ip_dst":{"addr":"189.6.36.74","port":24167,"asn":28573,"as":"Claro NXT Telecomunicacoes Ltda","country":"Brazil","country_code":"BR"},"ip_src":{"addr":"172.18.0.8","port":57185,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:56.252959+0000\",\"flow_id\":1902590577663007,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":57185,\"dest_ip\":\"189.6.36.74\",\"dest_port\":24167,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":138,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.252959+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:56Z","timestamp":1763664776,"ip_dst":{"addr":"45.229.120.79","port":23185,"asn":267114,"as":"LINK NET BANDA LARGA EIRELI - ME","country":"Brazil","country_code":"BR"},"ip_src":{"addr":"172.18.0.8","port":60491,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:56.263408+0000\",\"flow_id\":932857829162358,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":60491,\"dest_ip\":\"45.229.120.79\",\"dest_port\":23185,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":2,\"pkts_toclient\":0,\"bytes_toserver\":276,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.163190+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:56Z","timestamp":1763664776,"ip_dst":{"addr":"197.235.239.210","port":33538,"asn":37223,"as":"VODACOM","country":"Mozambique","country_code":"MZ"},"ip_src":{"addr":"172.18.0.8","port":58148,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:56.266216+0000\",\"flow_id\":1396095821811688,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":58148,\"dest_ip\":\"197.235.239.210\",\"dest_port\":33538,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":138,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.266216+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:56Z","timestamp":1763664776,"ip_dst":{"addr":"177.125.223.162","port":28450,"asn":262391,"as":"ACESSOLINE TELECOMUNICACOES LTDA","country":"Brazil","country_code":"BR"},"ip_src":{"addr":"172.18.0.8","port":58968,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:56.268940+0000\",\"flow_id\":1159305684851340,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":58968,\"dest_ip\":\"177.125.223.162\",\"dest_port\":28450,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":138,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.268940+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:56Z","timestamp":1763664776,"ip_dst":{"addr":"187.73.12.211","port":52375,"asn":28201,"as":"Companhia Itabirana Telecomunicacoes Ltda","country":"Brazil","country_code":"BR"},"ip_src":{"addr":"172.18.0.8","port":39606,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:56.274642+0000\",\"flow_id\":2093175456442731,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":39606,\"dest_ip\":\"187.73.12.211\",\"dest_port\":52375,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":2,\"pkts_toclient\":0,\"bytes_toserver\":276,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.174443+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:56Z","timestamp":1763664776,"ip_dst":{"addr":"189.6.36.74","port":24168,"asn":28573,"as":"Claro NXT Telecomunicacoes Ltda","country":"Brazil","country_code":"BR"},"ip_src":{"addr":"172.18.0.8","port":56116,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:56.277170+0000\",\"flow_id\":212005550570162,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":56116,\"dest_ip\":\"189.6.36.74\",\"dest_port\":24168,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":138,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.277170+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:56Z","timestamp":1763664776,"ip_dst":{"addr":"177.129.45.60","port":6061,"asn":28257,"as":"CONCEITOS NET SERVICOS DE COMUNICACAO E MULTIMIDIA","country":"Brazil","country_code":"BR"},"ip_src":{"addr":"172.18.0.8","port":43041,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:56.279725+0000\",\"flow_id\":2200079339898029,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":43041,\"dest_ip\":\"177.129.45.60\",\"dest_port\":6061,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":138,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.279725+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:56Z","timestamp":1763664776,"ip_dst":{"addr":"168.196.85.91","port":50892,"asn":265447,"as":"Hilink Comunicacoes","country":"Brazil","country_code":"BR"},"ip_src":{"addr":"172.18.0.8","port":50213,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:56.282676+0000\",\"flow_id\":1652709380345908,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":50213,\"dest_ip\":\"168.196.85.91\",\"dest_port\":50892,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":138,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.282676+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:56Z","timestamp":1763664776,"ip_dst":{"addr":"189.28.83.233","port":45616,"asn":27882,"as":"Telefonica Celular de Bolivia S.A.","country":"Bolivia","country_code":"BO"},"ip_src":{"addr":"172.18.0.8","port":43034,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:56.283408+0000\",\"flow_id\":1749910932706064,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":43034,\"dest_ip\":\"189.28.83.233\",\"dest_port\":45616,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":138,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.283408+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:56Z","timestamp":1763664776,"ip_dst":{"addr":"186.216.220.5","port":64539,"asn":52999,"as":"START TELECOM LTDA","country":"Brazil","country_code":"BR"},"ip_src":{"addr":"172.18.0.8","port":60679,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:56.292872+0000\",\"flow_id\":522643355267206,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":60679,\"dest_ip\":\"186.216.220.5\",\"dest_port\":64539,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":2,\"pkts_toclient\":0,\"bytes_toserver\":276,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.192646+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:56Z","timestamp":1763664776,"ip_dst":{"addr":"189.28.83.233","port":45588,"asn":27882,"as":"Telefonica Celular de Bolivia S.A.","country":"Bolivia","country_code":"BO"},"ip_src":{"addr":"172.18.0.8","port":43218,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:56.308767+0000\",\"flow_id\":2080823130502687,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":43218,\"dest_ip\":\"189.28.83.233\",\"dest_port\":45588,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":138,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.308767+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:56Z","timestamp":1763664776,"ip_dst":{"addr":"170.81.211.236","port":48461,"asn":266423,"as":"CONNECTVY TELECOMUNICACOES LTDA","country":"Brazil","country_code":"BR"},"ip_src":{"addr":"172.18.0.8","port":48276,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:56.325652+0000\",\"flow_id\":1074089238753429,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":48276,\"dest_ip\":\"170.81.211.236\",\"dest_port\":48461,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":2,\"pkts_toclient\":0,\"bytes_toserver\":276,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.225429+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:56Z","timestamp":1763664776,"ip_dst":{"addr":"197.235.239.210","port":33540,"asn":37223,"as":"VODACOM","country":"Mozambique","country_code":"MZ"},"ip_src":{"addr":"172.18.0.8","port":52251,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:56.329572+0000\",\"flow_id\":1104766042669099,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":52251,\"dest_ip\":\"197.235.239.210\",\"dest_port\":33540,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":2,\"pkts_toclient\":0,\"bytes_toserver\":276,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.229419+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:56Z","timestamp":1763664776,"ip_dst":{"addr":"177.129.45.60","port":5543,"asn":28257,"as":"CONCEITOS NET SERVICOS DE COMUNICACAO E MULTIMIDIA","country":"Brazil","country_code":"BR"},"ip_src":{"addr":"172.18.0.8","port":38573,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:56.332280+0000\",\"flow_id\":890296850715128,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":38573,\"dest_ip\":\"177.129.45.60\",\"dest_port\":5543,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":138,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.332280+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:56Z","timestamp":1763664776,"ip_dst":{"addr":"177.125.223.162","port":28607,"asn":262391,"as":"ACESSOLINE TELECOMUNICACOES LTDA","country":"Brazil","country_code":"BR"},"ip_src":{"addr":"172.18.0.8","port":39891,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:56.333851+0000\",\"flow_id\":145405640216763,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":39891,\"dest_ip\":\"177.125.223.162\",\"dest_port\":28607,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":2,\"pkts_toclient\":0,\"bytes_toserver\":276,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.233659+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:56Z","timestamp":1763664776,"ip_dst":{"addr":"187.73.12.211","port":52373,"asn":28201,"as":"Companhia Itabirana Telecomunicacoes Ltda","country":"Brazil","country_code":"BR"},"ip_src":{"addr":"172.18.0.8","port":38634,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:56.336834+0000\",\"flow_id\":317726170586228,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":38634,\"dest_ip\":\"187.73.12.211\",\"dest_port\":52373,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":2,\"pkts_toclient\":0,\"bytes_toserver\":276,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.236660+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:56Z","timestamp":1763664776,"ip_dst":{"addr":"186.216.220.5","port":64537,"asn":52999,"as":"START TELECOM LTDA","country":"Brazil","country_code":"BR"},"ip_src":{"addr":"172.18.0.8","port":54200,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:56.345319+0000\",\"flow_id\":116399578594684,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":54200,\"dest_ip\":\"186.216.220.5\",\"dest_port\":64537,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":2,\"pkts_toclient\":0,\"bytes_toserver\":276,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.245116+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:56Z","timestamp":1763664776,"ip_dst":{"addr":"168.196.85.91","port":50992,"asn":265447,"as":"Hilink Comunicacoes","country":"Brazil","country_code":"BR"},"ip_src":{"addr":"172.18.0.8","port":46885,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:56.349371+0000\",\"flow_id\":507823570603360,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":46885,\"dest_ip\":\"168.196.85.91\",\"dest_port\":50992,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":2,\"pkts_toclient\":0,\"bytes_toserver\":276,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.249184+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:56Z","timestamp":1763664776,"ip_dst":{"addr":"189.6.36.74","port":24167,"asn":28573,"as":"Claro NXT Telecomunicacoes Ltda","country":"Brazil","country_code":"BR"},"ip_src":{"addr":"172.18.0.8","port":57185,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:56.353170+0000\",\"flow_id\":1902590577663007,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":57185,\"dest_ip\":\"189.6.36.74\",\"dest_port\":24167,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":2,\"pkts_toclient\":0,\"bytes_toserver\":276,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.252959+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:56Z","timestamp":1763664776,"ip_dst":{"addr":"197.235.239.210","port":33538,"asn":37223,"as":"VODACOM","country":"Mozambique","country_code":"MZ"},"ip_src":{"addr":"172.18.0.8","port":58148,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:56.366464+0000\",\"flow_id\":1396095821811688,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":58148,\"dest_ip\":\"197.235.239.210\",\"dest_port\":33538,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":2,\"pkts_toclient\":0,\"bytes_toserver\":276,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.266216+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:56Z","timestamp":1763664776,"ip_dst":{"addr":"177.125.223.162","port":28450,"asn":262391,"as":"ACESSOLINE TELECOMUNICACOES LTDA","country":"Brazil","country_code":"BR"},"ip_src":{"addr":"172.18.0.8","port":58968,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:56.369160+0000\",\"flow_id\":1159305684851340,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":58968,\"dest_ip\":\"177.125.223.162\",\"dest_port\":28450,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":2,\"pkts_toclient\":0,\"bytes_toserver\":276,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.268940+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:56Z","timestamp":1763664776,"ip_dst":{"addr":"189.6.36.74","port":24168,"asn":28573,"as":"Claro NXT Telecomunicacoes Ltda","country":"Brazil","country_code":"BR"},"ip_src":{"addr":"172.18.0.8","port":56116,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:56.377420+0000\",\"flow_id\":212005550570162,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":56116,\"dest_ip\":\"189.6.36.74\",\"dest_port\":24168,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":2,\"pkts_toclient\":0,\"bytes_toserver\":276,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.277170+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:56Z","timestamp":1763664776,"ip_dst":{"addr":"177.129.45.60","port":6061,"asn":28257,"as":"CONCEITOS NET SERVICOS DE COMUNICACAO E MULTIMIDIA","country":"Brazil","country_code":"BR"},"ip_src":{"addr":"172.18.0.8","port":43041,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:56.379942+0000\",\"flow_id\":2200079339898029,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":43041,\"dest_ip\":\"177.129.45.60\",\"dest_port\":6061,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":2,\"pkts_toclient\":0,\"bytes_toserver\":276,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.279725+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:56Z","timestamp":1763664776,"ip_dst":{"addr":"168.196.85.91","port":50892,"asn":265447,"as":"Hilink Comunicacoes","country":"Brazil","country_code":"BR"},"ip_src":{"addr":"172.18.0.8","port":50213,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:56.382889+0000\",\"flow_id\":1652709380345908,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":50213,\"dest_ip\":\"168.196.85.91\",\"dest_port\":50892,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":2,\"pkts_toclient\":0,\"bytes_toserver\":276,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.282676+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:56Z","timestamp":1763664776,"ip_dst":{"addr":"189.28.83.233","port":45616,"asn":27882,"as":"Telefonica Celular de Bolivia S.A.","country":"Bolivia","country_code":"BO"},"ip_src":{"addr":"172.18.0.8","port":43034,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:56.383550+0000\",\"flow_id\":1749910932706064,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":43034,\"dest_ip\":\"189.28.83.233\",\"dest_port\":45616,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":2,\"pkts_toclient\":0,\"bytes_toserver\":276,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.283408+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:56Z","timestamp":1763664776,"ip_dst":{"addr":"189.28.83.233","port":45588,"asn":27882,"as":"Telefonica Celular de Bolivia S.A.","country":"Bolivia","country_code":"BO"},"ip_src":{"addr":"172.18.0.8","port":43218,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:56.409016+0000\",\"flow_id\":2080823130502687,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":43218,\"dest_ip\":\"189.28.83.233\",\"dest_port\":45588,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":2,\"pkts_toclient\":0,\"bytes_toserver\":276,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.308767+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:56Z","timestamp":1763664776,"ip_dst":{"addr":"177.129.45.60","port":5543,"asn":28257,"as":"CONCEITOS NET SERVICOS DE COMUNICACAO E MULTIMIDIA","country":"Brazil","country_code":"BR"},"ip_src":{"addr":"172.18.0.8","port":38573,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:56.432503+0000\",\"flow_id\":890296850715128,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":38573,\"dest_ip\":\"177.129.45.60\",\"dest_port\":5543,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":2,\"pkts_toclient\":0,\"bytes_toserver\":276,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.332280+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:56Z","timestamp":1763664776,"ip_dst":{"addr":"45.229.120.79","port":23185,"asn":267114,"as":"LINK NET BANDA LARGA EIRELI - ME","country":"Brazil","country_code":"BR"},"ip_src":{"addr":"172.18.0.8","port":60491,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:56.463677+0000\",\"flow_id\":932857829162358,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":60491,\"dest_ip\":\"45.229.120.79\",\"dest_port\":23185,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":3,\"pkts_toclient\":0,\"bytes_toserver\":414,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.163190+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:56Z","timestamp":1763664776,"ip_dst":{"addr":"187.73.12.211","port":52375,"asn":28201,"as":"Companhia Itabirana Telecomunicacoes Ltda","country":"Brazil","country_code":"BR"},"ip_src":{"addr":"172.18.0.8","port":39606,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:56.474855+0000\",\"flow_id\":2093175456442731,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":39606,\"dest_ip\":\"187.73.12.211\",\"dest_port\":52375,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":3,\"pkts_toclient\":0,\"bytes_toserver\":414,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.174443+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:56Z","timestamp":1763664776,"ip_dst":{"addr":"186.216.220.5","port":64539,"asn":52999,"as":"START TELECOM LTDA","country":"Brazil","country_code":"BR"},"ip_src":{"addr":"172.18.0.8","port":60679,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:56.493157+0000\",\"flow_id\":522643355267206,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":60679,\"dest_ip\":\"186.216.220.5\",\"dest_port\":64539,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":3,\"pkts_toclient\":0,\"bytes_toserver\":414,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.192646+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:56Z","timestamp":1763664776,"ip_dst":{"addr":"170.81.211.236","port":48461,"asn":266423,"as":"CONNECTVY TELECOMUNICACOES LTDA","country":"Brazil","country_code":"BR"},"ip_src":{"addr":"172.18.0.8","port":48276,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:56.525871+0000\",\"flow_id\":1074089238753429,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":48276,\"dest_ip\":\"170.81.211.236\",\"dest_port\":48461,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":3,\"pkts_toclient\":0,\"bytes_toserver\":414,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.225429+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:56Z","timestamp":1763664776,"ip_dst":{"addr":"197.235.239.210","port":33540,"asn":37223,"as":"VODACOM","country":"Mozambique","country_code":"MZ"},"ip_src":{"addr":"172.18.0.8","port":52251,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:56.529792+0000\",\"flow_id\":1104766042669099,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":52251,\"dest_ip\":\"197.235.239.210\",\"dest_port\":33540,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":3,\"pkts_toclient\":0,\"bytes_toserver\":414,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.229419+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:56Z","timestamp":1763664776,"ip_dst":{"addr":"177.125.223.162","port":28607,"asn":262391,"as":"ACESSOLINE TELECOMUNICACOES LTDA","country":"Brazil","country_code":"BR"},"ip_src":{"addr":"172.18.0.8","port":39891,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:56.534058+0000\",\"flow_id\":145405640216763,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":39891,\"dest_ip\":\"177.125.223.162\",\"dest_port\":28607,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":3,\"pkts_toclient\":0,\"bytes_toserver\":414,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.233659+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:56Z","timestamp":1763664776,"ip_dst":{"addr":"187.73.12.211","port":52373,"asn":28201,"as":"Companhia Itabirana Telecomunicacoes Ltda","country":"Brazil","country_code":"BR"},"ip_src":{"addr":"172.18.0.8","port":38634,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:56.537079+0000\",\"flow_id\":317726170586228,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":38634,\"dest_ip\":\"187.73.12.211\",\"dest_port\":52373,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":3,\"pkts_toclient\":0,\"bytes_toserver\":414,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.236660+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:56Z","timestamp":1763664776,"ip_dst":{"addr":"186.216.220.5","port":64537,"asn":52999,"as":"START TELECOM LTDA","country":"Brazil","country_code":"BR"},"ip_src":{"addr":"172.18.0.8","port":54200,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:56.545549+0000\",\"flow_id\":116399578594684,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":54200,\"dest_ip\":\"186.216.220.5\",\"dest_port\":64537,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":3,\"pkts_toclient\":0,\"bytes_toserver\":414,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.245116+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:56Z","timestamp":1763664776,"ip_dst":{"addr":"168.196.85.91","port":50992,"asn":265447,"as":"Hilink Comunicacoes","country":"Brazil","country_code":"BR"},"ip_src":{"addr":"172.18.0.8","port":46885,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:56.549552+0000\",\"flow_id\":507823570603360,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":46885,\"dest_ip\":\"168.196.85.91\",\"dest_port\":50992,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":3,\"pkts_toclient\":0,\"bytes_toserver\":414,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.249184+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:56Z","timestamp":1763664776,"ip_dst":{"addr":"189.6.36.74","port":24167,"asn":28573,"as":"Claro NXT Telecomunicacoes Ltda","country":"Brazil","country_code":"BR"},"ip_src":{"addr":"172.18.0.8","port":57185,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:56.553379+0000\",\"flow_id\":1902590577663007,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":57185,\"dest_ip\":\"189.6.36.74\",\"dest_port\":24167,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":3,\"pkts_toclient\":0,\"bytes_toserver\":414,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.252959+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:56Z","timestamp":1763664776,"ip_dst":{"addr":"197.235.239.210","port":33538,"asn":37223,"as":"VODACOM","country":"Mozambique","country_code":"MZ"},"ip_src":{"addr":"172.18.0.8","port":58148,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:56.566703+0000\",\"flow_id\":1396095821811688,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":58148,\"dest_ip\":\"197.235.239.210\",\"dest_port\":33538,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":3,\"pkts_toclient\":0,\"bytes_toserver\":414,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.266216+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:56Z","timestamp":1763664776,"ip_dst":{"addr":"177.125.223.162","port":28450,"asn":262391,"as":"ACESSOLINE TELECOMUNICACOES LTDA","country":"Brazil","country_code":"BR"},"ip_src":{"addr":"172.18.0.8","port":58968,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:56.569349+0000\",\"flow_id\":1159305684851340,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":58968,\"dest_ip\":\"177.125.223.162\",\"dest_port\":28450,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":3,\"pkts_toclient\":0,\"bytes_toserver\":414,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.268940+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:56Z","timestamp":1763664776,"ip_dst":{"addr":"189.6.36.74","port":24168,"asn":28573,"as":"Claro NXT Telecomunicacoes Ltda","country":"Brazil","country_code":"BR"},"ip_src":{"addr":"172.18.0.8","port":56116,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:56.577687+0000\",\"flow_id\":212005550570162,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":56116,\"dest_ip\":\"189.6.36.74\",\"dest_port\":24168,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":3,\"pkts_toclient\":0,\"bytes_toserver\":414,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.277170+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:56Z","timestamp":1763664776,"ip_dst":{"addr":"177.129.45.60","port":6061,"asn":28257,"as":"CONCEITOS NET SERVICOS DE COMUNICACAO E MULTIMIDIA","country":"Brazil","country_code":"BR"},"ip_src":{"addr":"172.18.0.8","port":43041,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:56.580166+0000\",\"flow_id\":2200079339898029,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":43041,\"dest_ip\":\"177.129.45.60\",\"dest_port\":6061,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":3,\"pkts_toclient\":2,\"bytes_toserver\":414,\"bytes_toclient\":332,\"start\":\"2025-11-20T18:52:56.279725+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:56Z","timestamp":1763664776,"ip_dst":{"addr":"168.196.85.91","port":50892,"asn":265447,"as":"Hilink Comunicacoes","country":"Brazil","country_code":"BR"},"ip_src":{"addr":"172.18.0.8","port":50213,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:56.583090+0000\",\"flow_id\":1652709380345908,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":50213,\"dest_ip\":\"168.196.85.91\",\"dest_port\":50892,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":3,\"pkts_toclient\":0,\"bytes_toserver\":414,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.282676+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:56Z","timestamp":1763664776,"ip_dst":{"addr":"189.28.83.233","port":45616,"asn":27882,"as":"Telefonica Celular de Bolivia S.A.","country":"Bolivia","country_code":"BO"},"ip_src":{"addr":"172.18.0.8","port":43034,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:56.583717+0000\",\"flow_id\":1749910932706064,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":43034,\"dest_ip\":\"189.28.83.233\",\"dest_port\":45616,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":3,\"pkts_toclient\":0,\"bytes_toserver\":414,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.283408+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:56Z","timestamp":1763664776,"ip_dst":{"addr":"189.28.83.233","port":45588,"asn":27882,"as":"Telefonica Celular de Bolivia S.A.","country":"Bolivia","country_code":"BO"},"ip_src":{"addr":"172.18.0.8","port":43218,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:56.609279+0000\",\"flow_id\":2080823130502687,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":43218,\"dest_ip\":\"189.28.83.233\",\"dest_port\":45588,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":3,\"pkts_toclient\":0,\"bytes_toserver\":414,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.308767+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:56Z","timestamp":1763664776,"ip_dst":{"addr":"177.129.45.60","port":5543,"asn":28257,"as":"CONCEITOS NET SERVICOS DE COMUNICACAO E MULTIMIDIA","country":"Brazil","country_code":"BR"},"ip_src":{"addr":"172.18.0.8","port":38573,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:56.632751+0000\",\"flow_id\":890296850715128,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":38573,\"dest_ip\":\"177.129.45.60\",\"dest_port\":5543,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":3,\"pkts_toclient\":2,\"bytes_toserver\":414,\"bytes_toclient\":332,\"start\":\"2025-11-20T18:52:56.332280+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:56Z","timestamp":1763664776,"ip_dst":{"addr":"45.229.120.79","port":23185,"asn":267114,"as":"LINK NET BANDA LARGA EIRELI - ME","country":"Brazil","country_code":"BR"},"ip_src":{"addr":"172.18.0.8","port":60491,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:56.863930+0000\",\"flow_id\":932857829162358,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":60491,\"dest_ip\":\"45.229.120.79\",\"dest_port\":23185,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":0,\"bytes_toserver\":552,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.163190+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:56Z","timestamp":1763664776,"ip_dst":{"addr":"187.73.12.211","port":52375,"asn":28201,"as":"Companhia Itabirana Telecomunicacoes Ltda","country":"Brazil","country_code":"BR"},"ip_src":{"addr":"172.18.0.8","port":39606,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:56.875125+0000\",\"flow_id\":2093175456442731,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":39606,\"dest_ip\":\"187.73.12.211\",\"dest_port\":52375,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":0,\"bytes_toserver\":552,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.174443+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:56Z","timestamp":1763664776,"ip_dst":{"addr":"186.216.220.5","port":64539,"asn":52999,"as":"START TELECOM LTDA","country":"Brazil","country_code":"BR"},"ip_src":{"addr":"172.18.0.8","port":60679,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:56.893388+0000\",\"flow_id\":522643355267206,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":60679,\"dest_ip\":\"186.216.220.5\",\"dest_port\":64539,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":0,\"bytes_toserver\":552,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.192646+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:56Z","timestamp":1763664776,"ip_dst":{"addr":"170.81.211.236","port":48461,"asn":266423,"as":"CONNECTVY TELECOMUNICACOES LTDA","country":"Brazil","country_code":"BR"},"ip_src":{"addr":"172.18.0.8","port":48276,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:56.926173+0000\",\"flow_id\":1074089238753429,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":48276,\"dest_ip\":\"170.81.211.236\",\"dest_port\":48461,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":0,\"bytes_toserver\":552,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.225429+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:56Z","timestamp":1763664776,"ip_dst":{"addr":"197.235.239.210","port":33540,"asn":37223,"as":"VODACOM","country":"Mozambique","country_code":"MZ"},"ip_src":{"addr":"172.18.0.8","port":52251,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:56.930029+0000\",\"flow_id\":1104766042669099,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":52251,\"dest_ip\":\"197.235.239.210\",\"dest_port\":33540,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":0,\"bytes_toserver\":552,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.229419+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:56Z","timestamp":1763664776,"ip_dst":{"addr":"177.125.223.162","port":28607,"asn":262391,"as":"ACESSOLINE TELECOMUNICACOES LTDA","country":"Brazil","country_code":"BR"},"ip_src":{"addr":"172.18.0.8","port":39891,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:56.934266+0000\",\"flow_id\":145405640216763,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":39891,\"dest_ip\":\"177.125.223.162\",\"dest_port\":28607,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":0,\"bytes_toserver\":552,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.233659+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:56Z","timestamp":1763664776,"ip_dst":{"addr":"187.73.12.211","port":52373,"asn":28201,"as":"Companhia Itabirana Telecomunicacoes Ltda","country":"Brazil","country_code":"BR"},"ip_src":{"addr":"172.18.0.8","port":38634,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:56.937278+0000\",\"flow_id\":317726170586228,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":38634,\"dest_ip\":\"187.73.12.211\",\"dest_port\":52373,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":0,\"bytes_toserver\":552,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.236660+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:56Z","timestamp":1763664776,"ip_dst":{"addr":"186.216.220.5","port":64537,"asn":52999,"as":"START TELECOM LTDA","country":"Brazil","country_code":"BR"},"ip_src":{"addr":"172.18.0.8","port":54200,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:56.945862+0000\",\"flow_id\":116399578594684,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":54200,\"dest_ip\":\"186.216.220.5\",\"dest_port\":64537,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":0,\"bytes_toserver\":552,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.245116+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:56Z","timestamp":1763664776,"ip_dst":{"addr":"168.196.85.91","port":50992,"asn":265447,"as":"Hilink Comunicacoes","country":"Brazil","country_code":"BR"},"ip_src":{"addr":"172.18.0.8","port":46885,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:56.949763+0000\",\"flow_id\":507823570603360,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":46885,\"dest_ip\":\"168.196.85.91\",\"dest_port\":50992,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":0,\"bytes_toserver\":552,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.249184+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:56Z","timestamp":1763664776,"ip_dst":{"addr":"189.6.36.74","port":24167,"asn":28573,"as":"Claro NXT Telecomunicacoes Ltda","country":"Brazil","country_code":"BR"},"ip_src":{"addr":"172.18.0.8","port":57185,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:56.953592+0000\",\"flow_id\":1902590577663007,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":57185,\"dest_ip\":\"189.6.36.74\",\"dest_port\":24167,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":0,\"bytes_toserver\":552,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.252959+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:56Z","timestamp":1763664776,"ip_dst":{"addr":"197.235.239.210","port":33538,"asn":37223,"as":"VODACOM","country":"Mozambique","country_code":"MZ"},"ip_src":{"addr":"172.18.0.8","port":58148,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:56.966976+0000\",\"flow_id\":1396095821811688,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":58148,\"dest_ip\":\"197.235.239.210\",\"dest_port\":33538,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":0,\"bytes_toserver\":552,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.266216+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:56Z","timestamp":1763664776,"ip_dst":{"addr":"177.125.223.162","port":28450,"asn":262391,"as":"ACESSOLINE TELECOMUNICACOES LTDA","country":"Brazil","country_code":"BR"},"ip_src":{"addr":"172.18.0.8","port":58968,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:56.969562+0000\",\"flow_id\":1159305684851340,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":58968,\"dest_ip\":\"177.125.223.162\",\"dest_port\":28450,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":0,\"bytes_toserver\":552,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.268940+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:56Z","timestamp":1763664776,"ip_dst":{"addr":"189.6.36.74","port":24168,"asn":28573,"as":"Claro NXT Telecomunicacoes Ltda","country":"Brazil","country_code":"BR"},"ip_src":{"addr":"172.18.0.8","port":56116,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:56.977949+0000\",\"flow_id\":212005550570162,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":56116,\"dest_ip\":\"189.6.36.74\",\"dest_port\":24168,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":0,\"bytes_toserver\":552,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.277170+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:56Z","timestamp":1763664776,"ip_dst":{"addr":"177.129.45.60","port":6061,"asn":28257,"as":"CONCEITOS NET SERVICOS DE COMUNICACAO E MULTIMIDIA","country":"Brazil","country_code":"BR"},"ip_src":{"addr":"172.18.0.8","port":43041,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:56.980361+0000\",\"flow_id\":2200079339898029,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":43041,\"dest_ip\":\"177.129.45.60\",\"dest_port\":6061,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":552,\"bytes_toclient\":498,\"start\":\"2025-11-20T18:52:56.279725+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:56Z","timestamp":1763664776,"ip_dst":{"addr":"168.196.85.91","port":50892,"asn":265447,"as":"Hilink Comunicacoes","country":"Brazil","country_code":"BR"},"ip_src":{"addr":"172.18.0.8","port":50213,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:56.983274+0000\",\"flow_id\":1652709380345908,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":50213,\"dest_ip\":\"168.196.85.91\",\"dest_port\":50892,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":0,\"bytes_toserver\":552,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.282676+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:56Z","timestamp":1763664776,"ip_dst":{"addr":"189.28.83.233","port":45616,"asn":27882,"as":"Telefonica Celular de Bolivia S.A.","country":"Bolivia","country_code":"BO"},"ip_src":{"addr":"172.18.0.8","port":43034,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:56.983857+0000\",\"flow_id\":1749910932706064,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":43034,\"dest_ip\":\"189.28.83.233\",\"dest_port\":45616,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":0,\"bytes_toserver\":552,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.283408+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:57Z","timestamp":1763664777,"ip_dst":{"addr":"189.28.83.233","port":45588,"asn":27882,"as":"Telefonica Celular de Bolivia S.A.","country":"Bolivia","country_code":"BO"},"ip_src":{"addr":"172.18.0.8","port":43218,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:57.009548+0000\",\"flow_id\":2080823130502687,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":43218,\"dest_ip\":\"189.28.83.233\",\"dest_port\":45588,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":0,\"bytes_toserver\":552,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.308767+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:57Z","timestamp":1763664777,"ip_dst":{"addr":"177.129.45.60","port":5543,"asn":28257,"as":"CONCEITOS NET SERVICOS DE COMUNICACAO E MULTIMIDIA","country":"Brazil","country_code":"BR"},"ip_src":{"addr":"172.18.0.8","port":38573,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:57.032973+0000\",\"flow_id\":890296850715128,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":38573,\"dest_ip\":\"177.129.45.60\",\"dest_port\":5543,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":552,\"bytes_toclient\":498,\"start\":\"2025-11-20T18:52:56.332280+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:57Z","timestamp":1763664777,"ip_dst":{"addr":"45.229.120.79","port":23185,"asn":267114,"as":"LINK NET BANDA LARGA EIRELI - ME","country":"Brazil","country_code":"BR"},"ip_src":{"addr":"172.18.0.8","port":60491,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:57.664179+0000\",\"flow_id\":932857829162358,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":60491,\"dest_ip\":\"45.229.120.79\",\"dest_port\":23185,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":5,\"pkts_toclient\":0,\"bytes_toserver\":690,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.163190+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:57Z","timestamp":1763664777,"ip_dst":{"addr":"187.73.12.211","port":52375,"asn":28201,"as":"Companhia Itabirana Telecomunicacoes Ltda","country":"Brazil","country_code":"BR"},"ip_src":{"addr":"172.18.0.8","port":39606,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:57.675367+0000\",\"flow_id\":2093175456442731,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":39606,\"dest_ip\":\"187.73.12.211\",\"dest_port\":52375,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":5,\"pkts_toclient\":0,\"bytes_toserver\":690,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.174443+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:57Z","timestamp":1763664777,"ip_dst":{"addr":"186.216.220.5","port":64539,"asn":52999,"as":"START TELECOM LTDA","country":"Brazil","country_code":"BR"},"ip_src":{"addr":"172.18.0.8","port":60679,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:57.693657+0000\",\"flow_id\":522643355267206,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":60679,\"dest_ip\":\"186.216.220.5\",\"dest_port\":64539,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":5,\"pkts_toclient\":0,\"bytes_toserver\":690,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.192646+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:57Z","timestamp":1763664777,"ip_dst":{"addr":"170.81.211.236","port":48461,"asn":266423,"as":"CONNECTVY TELECOMUNICACOES LTDA","country":"Brazil","country_code":"BR"},"ip_src":{"addr":"172.18.0.8","port":48276,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:57.726424+0000\",\"flow_id\":1074089238753429,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":48276,\"dest_ip\":\"170.81.211.236\",\"dest_port\":48461,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":5,\"pkts_toclient\":0,\"bytes_toserver\":690,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.225429+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:57Z","timestamp":1763664777,"ip_dst":{"addr":"197.235.239.210","port":33540,"asn":37223,"as":"VODACOM","country":"Mozambique","country_code":"MZ"},"ip_src":{"addr":"172.18.0.8","port":52251,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:57.730267+0000\",\"flow_id\":1104766042669099,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":52251,\"dest_ip\":\"197.235.239.210\",\"dest_port\":33540,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":5,\"pkts_toclient\":0,\"bytes_toserver\":690,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.229419+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:57Z","timestamp":1763664777,"ip_dst":{"addr":"177.125.223.162","port":28607,"asn":262391,"as":"ACESSOLINE TELECOMUNICACOES LTDA","country":"Brazil","country_code":"BR"},"ip_src":{"addr":"172.18.0.8","port":39891,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:57.734453+0000\",\"flow_id\":145405640216763,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":39891,\"dest_ip\":\"177.125.223.162\",\"dest_port\":28607,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":5,\"pkts_toclient\":0,\"bytes_toserver\":690,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.233659+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:57Z","timestamp":1763664777,"ip_dst":{"addr":"187.73.12.211","port":52373,"asn":28201,"as":"Companhia Itabirana Telecomunicacoes Ltda","country":"Brazil","country_code":"BR"},"ip_src":{"addr":"172.18.0.8","port":38634,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:57.737438+0000\",\"flow_id\":317726170586228,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":38634,\"dest_ip\":\"187.73.12.211\",\"dest_port\":52373,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":5,\"pkts_toclient\":0,\"bytes_toserver\":690,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.236660+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:57Z","timestamp":1763664777,"ip_dst":{"addr":"186.216.220.5","port":64537,"asn":52999,"as":"START TELECOM LTDA","country":"Brazil","country_code":"BR"},"ip_src":{"addr":"172.18.0.8","port":54200,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:57.746072+0000\",\"flow_id\":116399578594684,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":54200,\"dest_ip\":\"186.216.220.5\",\"dest_port\":64537,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":5,\"pkts_toclient\":0,\"bytes_toserver\":690,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.245116+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:57Z","timestamp":1763664777,"ip_dst":{"addr":"168.196.85.91","port":50992,"asn":265447,"as":"Hilink Comunicacoes","country":"Brazil","country_code":"BR"},"ip_src":{"addr":"172.18.0.8","port":46885,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:57.749944+0000\",\"flow_id\":507823570603360,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":46885,\"dest_ip\":\"168.196.85.91\",\"dest_port\":50992,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":5,\"pkts_toclient\":0,\"bytes_toserver\":690,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.249184+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:57Z","timestamp":1763664777,"ip_dst":{"addr":"189.6.36.74","port":24167,"asn":28573,"as":"Claro NXT Telecomunicacoes Ltda","country":"Brazil","country_code":"BR"},"ip_src":{"addr":"172.18.0.8","port":57185,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:57.753808+0000\",\"flow_id\":1902590577663007,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":57185,\"dest_ip\":\"189.6.36.74\",\"dest_port\":24167,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":5,\"pkts_toclient\":0,\"bytes_toserver\":690,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.252959+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:57Z","timestamp":1763664777,"ip_dst":{"addr":"197.235.239.210","port":33538,"asn":37223,"as":"VODACOM","country":"Mozambique","country_code":"MZ"},"ip_src":{"addr":"172.18.0.8","port":58148,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:57.767208+0000\",\"flow_id\":1396095821811688,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":58148,\"dest_ip\":\"197.235.239.210\",\"dest_port\":33538,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":5,\"pkts_toclient\":0,\"bytes_toserver\":690,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.266216+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:57Z","timestamp":1763664777,"ip_dst":{"addr":"177.125.223.162","port":28450,"asn":262391,"as":"ACESSOLINE TELECOMUNICACOES LTDA","country":"Brazil","country_code":"BR"},"ip_src":{"addr":"172.18.0.8","port":58968,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:57.769816+0000\",\"flow_id\":1159305684851340,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":58968,\"dest_ip\":\"177.125.223.162\",\"dest_port\":28450,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":5,\"pkts_toclient\":0,\"bytes_toserver\":690,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.268940+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:57Z","timestamp":1763664777,"ip_dst":{"addr":"189.6.36.74","port":24168,"asn":28573,"as":"Claro NXT Telecomunicacoes Ltda","country":"Brazil","country_code":"BR"},"ip_src":{"addr":"172.18.0.8","port":56116,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:57.778227+0000\",\"flow_id\":212005550570162,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":56116,\"dest_ip\":\"189.6.36.74\",\"dest_port\":24168,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":5,\"pkts_toclient\":0,\"bytes_toserver\":690,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.277170+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:57Z","timestamp":1763664777,"ip_dst":{"addr":"177.129.45.60","port":6061,"asn":28257,"as":"CONCEITOS NET SERVICOS DE COMUNICACAO E MULTIMIDIA","country":"Brazil","country_code":"BR"},"ip_src":{"addr":"172.18.0.8","port":43041,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:57.780526+0000\",\"flow_id\":2200079339898029,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":43041,\"dest_ip\":\"177.129.45.60\",\"dest_port\":6061,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":5,\"pkts_toclient\":3,\"bytes_toserver\":690,\"bytes_toclient\":498,\"start\":\"2025-11-20T18:52:56.279725+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:57Z","timestamp":1763664777,"ip_dst":{"addr":"168.196.85.91","port":50892,"asn":265447,"as":"Hilink Comunicacoes","country":"Brazil","country_code":"BR"},"ip_src":{"addr":"172.18.0.8","port":50213,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:57.783480+0000\",\"flow_id\":1652709380345908,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":50213,\"dest_ip\":\"168.196.85.91\",\"dest_port\":50892,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":5,\"pkts_toclient\":0,\"bytes_toserver\":690,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.282676+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:57Z","timestamp":1763664777,"ip_dst":{"addr":"189.28.83.233","port":45616,"asn":27882,"as":"Telefonica Celular de Bolivia S.A.","country":"Bolivia","country_code":"BO"},"ip_src":{"addr":"172.18.0.8","port":43034,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:57.784005+0000\",\"flow_id\":1749910932706064,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":43034,\"dest_ip\":\"189.28.83.233\",\"dest_port\":45616,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":5,\"pkts_toclient\":0,\"bytes_toserver\":690,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.283408+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:57Z","timestamp":1763664777,"ip_dst":{"addr":"189.28.83.233","port":45588,"asn":27882,"as":"Telefonica Celular de Bolivia S.A.","country":"Bolivia","country_code":"BO"},"ip_src":{"addr":"172.18.0.8","port":43218,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:57.809791+0000\",\"flow_id\":2080823130502687,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":43218,\"dest_ip\":\"189.28.83.233\",\"dest_port\":45588,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":5,\"pkts_toclient\":0,\"bytes_toserver\":690,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.308767+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:57Z","timestamp":1763664777,"ip_dst":{"addr":"177.129.45.60","port":5543,"asn":28257,"as":"CONCEITOS NET SERVICOS DE COMUNICACAO E MULTIMIDIA","country":"Brazil","country_code":"BR"},"ip_src":{"addr":"172.18.0.8","port":38573,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:57.833237+0000\",\"flow_id\":890296850715128,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":38573,\"dest_ip\":\"177.129.45.60\",\"dest_port\":5543,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":5,\"pkts_toclient\":3,\"bytes_toserver\":690,\"bytes_toclient\":498,\"start\":\"2025-11-20T18:52:56.332280+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:59Z","timestamp":1763664779,"ip_dst":{"addr":"45.229.120.79","port":23185,"asn":267114,"as":"LINK NET BANDA LARGA EIRELI - ME","country":"Brazil","country_code":"BR"},"ip_src":{"addr":"172.18.0.8","port":60491,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:59.264416+0000\",\"flow_id\":932857829162358,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":60491,\"dest_ip\":\"45.229.120.79\",\"dest_port\":23185,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":6,\"pkts_toclient\":0,\"bytes_toserver\":828,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.163190+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:59Z","timestamp":1763664779,"ip_dst":{"addr":"187.73.12.211","port":52375,"asn":28201,"as":"Companhia Itabirana Telecomunicacoes Ltda","country":"Brazil","country_code":"BR"},"ip_src":{"addr":"172.18.0.8","port":39606,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:59.275602+0000\",\"flow_id\":2093175456442731,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":39606,\"dest_ip\":\"187.73.12.211\",\"dest_port\":52375,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":6,\"pkts_toclient\":0,\"bytes_toserver\":828,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.174443+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:59Z","timestamp":1763664779,"ip_dst":{"addr":"186.216.220.5","port":64539,"asn":52999,"as":"START TELECOM LTDA","country":"Brazil","country_code":"BR"},"ip_src":{"addr":"172.18.0.8","port":60679,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:59.293898+0000\",\"flow_id\":522643355267206,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":60679,\"dest_ip\":\"186.216.220.5\",\"dest_port\":64539,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":6,\"pkts_toclient\":0,\"bytes_toserver\":828,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.192646+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:59Z","timestamp":1763664779,"ip_dst":{"addr":"170.81.211.236","port":48461,"asn":266423,"as":"CONNECTVY TELECOMUNICACOES LTDA","country":"Brazil","country_code":"BR"},"ip_src":{"addr":"172.18.0.8","port":48276,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:59.326632+0000\",\"flow_id\":1074089238753429,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":48276,\"dest_ip\":\"170.81.211.236\",\"dest_port\":48461,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":6,\"pkts_toclient\":0,\"bytes_toserver\":828,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.225429+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:59Z","timestamp":1763664779,"ip_dst":{"addr":"197.235.239.210","port":33540,"asn":37223,"as":"VODACOM","country":"Mozambique","country_code":"MZ"},"ip_src":{"addr":"172.18.0.8","port":52251,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:59.330519+0000\",\"flow_id\":1104766042669099,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":52251,\"dest_ip\":\"197.235.239.210\",\"dest_port\":33540,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":6,\"pkts_toclient\":0,\"bytes_toserver\":828,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.229419+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:59Z","timestamp":1763664779,"ip_dst":{"addr":"177.125.223.162","port":28607,"asn":262391,"as":"ACESSOLINE TELECOMUNICACOES LTDA","country":"Brazil","country_code":"BR"},"ip_src":{"addr":"172.18.0.8","port":39891,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:59.334654+0000\",\"flow_id\":145405640216763,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":39891,\"dest_ip\":\"177.125.223.162\",\"dest_port\":28607,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":6,\"pkts_toclient\":0,\"bytes_toserver\":828,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.233659+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:59Z","timestamp":1763664779,"ip_dst":{"addr":"187.73.12.211","port":52373,"asn":28201,"as":"Companhia Itabirana Telecomunicacoes Ltda","country":"Brazil","country_code":"BR"},"ip_src":{"addr":"172.18.0.8","port":38634,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:59.337588+0000\",\"flow_id\":317726170586228,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":38634,\"dest_ip\":\"187.73.12.211\",\"dest_port\":52373,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":6,\"pkts_toclient\":0,\"bytes_toserver\":828,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.236660+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:59Z","timestamp":1763664779,"ip_dst":{"addr":"186.216.220.5","port":64537,"asn":52999,"as":"START TELECOM LTDA","country":"Brazil","country_code":"BR"},"ip_src":{"addr":"172.18.0.8","port":54200,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:59.346311+0000\",\"flow_id\":116399578594684,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":54200,\"dest_ip\":\"186.216.220.5\",\"dest_port\":64537,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":6,\"pkts_toclient\":0,\"bytes_toserver\":828,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.245116+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:59Z","timestamp":1763664779,"ip_dst":{"addr":"168.196.85.91","port":50992,"asn":265447,"as":"Hilink Comunicacoes","country":"Brazil","country_code":"BR"},"ip_src":{"addr":"172.18.0.8","port":46885,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:59.350159+0000\",\"flow_id\":507823570603360,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":46885,\"dest_ip\":\"168.196.85.91\",\"dest_port\":50992,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":6,\"pkts_toclient\":0,\"bytes_toserver\":828,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.249184+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:59Z","timestamp":1763664779,"ip_dst":{"addr":"189.6.36.74","port":24167,"asn":28573,"as":"Claro NXT Telecomunicacoes Ltda","country":"Brazil","country_code":"BR"},"ip_src":{"addr":"172.18.0.8","port":57185,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:59.354037+0000\",\"flow_id\":1902590577663007,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":57185,\"dest_ip\":\"189.6.36.74\",\"dest_port\":24167,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":6,\"pkts_toclient\":0,\"bytes_toserver\":828,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.252959+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:59Z","timestamp":1763664779,"ip_dst":{"addr":"197.235.239.210","port":33538,"asn":37223,"as":"VODACOM","country":"Mozambique","country_code":"MZ"},"ip_src":{"addr":"172.18.0.8","port":58148,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:59.367430+0000\",\"flow_id\":1396095821811688,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":58148,\"dest_ip\":\"197.235.239.210\",\"dest_port\":33538,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":6,\"pkts_toclient\":0,\"bytes_toserver\":828,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.266216+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:59Z","timestamp":1763664779,"ip_dst":{"addr":"177.125.223.162","port":28450,"asn":262391,"as":"ACESSOLINE TELECOMUNICACOES LTDA","country":"Brazil","country_code":"BR"},"ip_src":{"addr":"172.18.0.8","port":58968,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:59.370009+0000\",\"flow_id\":1159305684851340,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":58968,\"dest_ip\":\"177.125.223.162\",\"dest_port\":28450,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":6,\"pkts_toclient\":0,\"bytes_toserver\":828,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.268940+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:59Z","timestamp":1763664779,"ip_dst":{"addr":"189.6.36.74","port":24168,"asn":28573,"as":"Claro NXT Telecomunicacoes Ltda","country":"Brazil","country_code":"BR"},"ip_src":{"addr":"172.18.0.8","port":56116,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:59.378479+0000\",\"flow_id\":212005550570162,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":56116,\"dest_ip\":\"189.6.36.74\",\"dest_port\":24168,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":6,\"pkts_toclient\":0,\"bytes_toserver\":828,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.277170+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:59Z","timestamp":1763664779,"ip_dst":{"addr":"177.129.45.60","port":6061,"asn":28257,"as":"CONCEITOS NET SERVICOS DE COMUNICACAO E MULTIMIDIA","country":"Brazil","country_code":"BR"},"ip_src":{"addr":"172.18.0.8","port":43041,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:59.380707+0000\",\"flow_id\":2200079339898029,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":43041,\"dest_ip\":\"177.129.45.60\",\"dest_port\":6061,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":6,\"pkts_toclient\":4,\"bytes_toserver\":828,\"bytes_toclient\":664,\"start\":\"2025-11-20T18:52:56.279725+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:59Z","timestamp":1763664779,"ip_dst":{"addr":"168.196.85.91","port":50892,"asn":265447,"as":"Hilink Comunicacoes","country":"Brazil","country_code":"BR"},"ip_src":{"addr":"172.18.0.8","port":50213,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:59.383678+0000\",\"flow_id\":1652709380345908,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":50213,\"dest_ip\":\"168.196.85.91\",\"dest_port\":50892,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":6,\"pkts_toclient\":0,\"bytes_toserver\":828,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.282676+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:59Z","timestamp":1763664779,"ip_dst":{"addr":"189.28.83.233","port":45616,"asn":27882,"as":"Telefonica Celular de Bolivia S.A.","country":"Bolivia","country_code":"BO"},"ip_src":{"addr":"172.18.0.8","port":43034,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:59.384188+0000\",\"flow_id\":1749910932706064,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":43034,\"dest_ip\":\"189.28.83.233\",\"dest_port\":45616,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":6,\"pkts_toclient\":0,\"bytes_toserver\":828,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.283408+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:59Z","timestamp":1763664779,"ip_dst":{"addr":"189.28.83.233","port":45588,"asn":27882,"as":"Telefonica Celular de Bolivia S.A.","country":"Bolivia","country_code":"BO"},"ip_src":{"addr":"172.18.0.8","port":43218,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:59.410094+0000\",\"flow_id\":2080823130502687,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":43218,\"dest_ip\":\"189.28.83.233\",\"dest_port\":45588,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":6,\"pkts_toclient\":0,\"bytes_toserver\":828,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.308767+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:52:59Z","timestamp":1763664779,"ip_dst":{"addr":"177.129.45.60","port":5543,"asn":28257,"as":"CONCEITOS NET SERVICOS DE COMUNICACAO E MULTIMIDIA","country":"Brazil","country_code":"BR"},"ip_src":{"addr":"172.18.0.8","port":38573,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:52:59.433511+0000\",\"flow_id\":890296850715128,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":38573,\"dest_ip\":\"177.129.45.60\",\"dest_port\":5543,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":6,\"pkts_toclient\":3,\"bytes_toserver\":828,\"bytes_toclient\":498,\"start\":\"2025-11-20T18:52:56.332280+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:53:02Z","timestamp":1763664782,"ip_dst":{"addr":"45.229.120.79","port":23185,"asn":267114,"as":"LINK NET BANDA LARGA EIRELI - ME","country":"Brazil","country_code":"BR"},"ip_src":{"addr":"172.18.0.8","port":60491,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:53:02.464620+0000\",\"flow_id\":932857829162358,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":60491,\"dest_ip\":\"45.229.120.79\",\"dest_port\":23185,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":7,\"pkts_toclient\":0,\"bytes_toserver\":966,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.163190+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:53:02Z","timestamp":1763664782,"ip_dst":{"addr":"187.73.12.211","port":52375,"asn":28201,"as":"Companhia Itabirana Telecomunicacoes Ltda","country":"Brazil","country_code":"BR"},"ip_src":{"addr":"172.18.0.8","port":39606,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:53:02.475823+0000\",\"flow_id\":2093175456442731,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":39606,\"dest_ip\":\"187.73.12.211\",\"dest_port\":52375,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":7,\"pkts_toclient\":0,\"bytes_toserver\":966,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.174443+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:53:02Z","timestamp":1763664782,"ip_dst":{"addr":"186.216.220.5","port":64539,"asn":52999,"as":"START TELECOM LTDA","country":"Brazil","country_code":"BR"},"ip_src":{"addr":"172.18.0.8","port":60679,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:53:02.494127+0000\",\"flow_id\":522643355267206,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":60679,\"dest_ip\":\"186.216.220.5\",\"dest_port\":64539,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":7,\"pkts_toclient\":0,\"bytes_toserver\":966,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.192646+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:53:02Z","timestamp":1763664782,"ip_dst":{"addr":"170.81.211.236","port":48461,"asn":266423,"as":"CONNECTVY TELECOMUNICACOES LTDA","country":"Brazil","country_code":"BR"},"ip_src":{"addr":"172.18.0.8","port":48276,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:53:02.526872+0000\",\"flow_id\":1074089238753429,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":48276,\"dest_ip\":\"170.81.211.236\",\"dest_port\":48461,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":7,\"pkts_toclient\":0,\"bytes_toserver\":966,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.225429+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:53:02Z","timestamp":1763664782,"ip_dst":{"addr":"197.235.239.210","port":33540,"asn":37223,"as":"VODACOM","country":"Mozambique","country_code":"MZ"},"ip_src":{"addr":"172.18.0.8","port":52251,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:53:02.530719+0000\",\"flow_id\":1104766042669099,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":52251,\"dest_ip\":\"197.235.239.210\",\"dest_port\":33540,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":7,\"pkts_toclient\":0,\"bytes_toserver\":966,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.229419+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:53:02Z","timestamp":1763664782,"ip_dst":{"addr":"177.125.223.162","port":28607,"asn":262391,"as":"ACESSOLINE TELECOMUNICACOES LTDA","country":"Brazil","country_code":"BR"},"ip_src":{"addr":"172.18.0.8","port":39891,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:53:02.534865+0000\",\"flow_id\":145405640216763,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":39891,\"dest_ip\":\"177.125.223.162\",\"dest_port\":28607,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":7,\"pkts_toclient\":0,\"bytes_toserver\":966,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.233659+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:53:02Z","timestamp":1763664782,"ip_dst":{"addr":"187.73.12.211","port":52373,"asn":28201,"as":"Companhia Itabirana Telecomunicacoes Ltda","country":"Brazil","country_code":"BR"},"ip_src":{"addr":"172.18.0.8","port":38634,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:53:02.537725+0000\",\"flow_id\":317726170586228,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":38634,\"dest_ip\":\"187.73.12.211\",\"dest_port\":52373,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":7,\"pkts_toclient\":0,\"bytes_toserver\":966,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.236660+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:53:02Z","timestamp":1763664782,"ip_dst":{"addr":"186.216.220.5","port":64537,"asn":52999,"as":"START TELECOM LTDA","country":"Brazil","country_code":"BR"},"ip_src":{"addr":"172.18.0.8","port":54200,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:53:02.546546+0000\",\"flow_id\":116399578594684,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":54200,\"dest_ip\":\"186.216.220.5\",\"dest_port\":64537,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":7,\"pkts_toclient\":0,\"bytes_toserver\":966,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.245116+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:53:02Z","timestamp":1763664782,"ip_dst":{"addr":"168.196.85.91","port":50992,"asn":265447,"as":"Hilink Comunicacoes","country":"Brazil","country_code":"BR"},"ip_src":{"addr":"172.18.0.8","port":46885,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:53:02.550331+0000\",\"flow_id\":507823570603360,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":46885,\"dest_ip\":\"168.196.85.91\",\"dest_port\":50992,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":7,\"pkts_toclient\":0,\"bytes_toserver\":966,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.249184+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:53:02Z","timestamp":1763664782,"ip_dst":{"addr":"189.6.36.74","port":24167,"asn":28573,"as":"Claro NXT Telecomunicacoes Ltda","country":"Brazil","country_code":"BR"},"ip_src":{"addr":"172.18.0.8","port":57185,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:53:02.554227+0000\",\"flow_id\":1902590577663007,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":57185,\"dest_ip\":\"189.6.36.74\",\"dest_port\":24167,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":7,\"pkts_toclient\":0,\"bytes_toserver\":966,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.252959+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:53:02Z","timestamp":1763664782,"ip_dst":{"addr":"197.235.239.210","port":33538,"asn":37223,"as":"VODACOM","country":"Mozambique","country_code":"MZ"},"ip_src":{"addr":"172.18.0.8","port":58148,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:53:02.567669+0000\",\"flow_id\":1396095821811688,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":58148,\"dest_ip\":\"197.235.239.210\",\"dest_port\":33538,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":7,\"pkts_toclient\":0,\"bytes_toserver\":966,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.266216+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:53:02Z","timestamp":1763664782,"ip_dst":{"addr":"177.125.223.162","port":28450,"asn":262391,"as":"ACESSOLINE TELECOMUNICACOES LTDA","country":"Brazil","country_code":"BR"},"ip_src":{"addr":"172.18.0.8","port":58968,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:53:02.570203+0000\",\"flow_id\":1159305684851340,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":58968,\"dest_ip\":\"177.125.223.162\",\"dest_port\":28450,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":7,\"pkts_toclient\":0,\"bytes_toserver\":966,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.268940+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:53:02Z","timestamp":1763664782,"ip_dst":{"addr":"189.6.36.74","port":24168,"asn":28573,"as":"Claro NXT Telecomunicacoes Ltda","country":"Brazil","country_code":"BR"},"ip_src":{"addr":"172.18.0.8","port":56116,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:53:02.578716+0000\",\"flow_id\":212005550570162,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":56116,\"dest_ip\":\"189.6.36.74\",\"dest_port\":24168,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":7,\"pkts_toclient\":0,\"bytes_toserver\":966,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.277170+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:53:02Z","timestamp":1763664782,"ip_dst":{"addr":"177.129.45.60","port":6061,"asn":28257,"as":"CONCEITOS NET SERVICOS DE COMUNICACAO E MULTIMIDIA","country":"Brazil","country_code":"BR"},"ip_src":{"addr":"172.18.0.8","port":43041,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:53:02.580891+0000\",\"flow_id\":2200079339898029,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":43041,\"dest_ip\":\"177.129.45.60\",\"dest_port\":6061,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":7,\"pkts_toclient\":5,\"bytes_toserver\":966,\"bytes_toclient\":830,\"start\":\"2025-11-20T18:52:56.279725+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:53:02Z","timestamp":1763664782,"ip_dst":{"addr":"168.196.85.91","port":50892,"asn":265447,"as":"Hilink Comunicacoes","country":"Brazil","country_code":"BR"},"ip_src":{"addr":"172.18.0.8","port":50213,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:53:02.583861+0000\",\"flow_id\":1652709380345908,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":50213,\"dest_ip\":\"168.196.85.91\",\"dest_port\":50892,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":7,\"pkts_toclient\":0,\"bytes_toserver\":966,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.282676+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:53:02Z","timestamp":1763664782,"ip_dst":{"addr":"189.28.83.233","port":45616,"asn":27882,"as":"Telefonica Celular de Bolivia S.A.","country":"Bolivia","country_code":"BO"},"ip_src":{"addr":"172.18.0.8","port":43034,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:53:02.584327+0000\",\"flow_id\":1749910932706064,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":43034,\"dest_ip\":\"189.28.83.233\",\"dest_port\":45616,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":7,\"pkts_toclient\":0,\"bytes_toserver\":966,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.283408+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:53:02Z","timestamp":1763664782,"ip_dst":{"addr":"189.28.83.233","port":45588,"asn":27882,"as":"Telefonica Celular de Bolivia S.A.","country":"Bolivia","country_code":"BO"},"ip_src":{"addr":"172.18.0.8","port":43218,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:53:02.610365+0000\",\"flow_id\":2080823130502687,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":43218,\"dest_ip\":\"189.28.83.233\",\"dest_port\":45588,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":7,\"pkts_toclient\":0,\"bytes_toserver\":966,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:52:56.308767+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:53:02Z","timestamp":1763664782,"ip_dst":{"addr":"177.129.45.60","port":5543,"asn":28257,"as":"CONCEITOS NET SERVICOS DE COMUNICACAO E MULTIMIDIA","country":"Brazil","country_code":"BR"},"ip_src":{"addr":"172.18.0.8","port":38573,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:53:02.633761+0000\",\"flow_id\":890296850715128,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":38573,\"dest_ip\":\"177.129.45.60\",\"dest_port\":5543,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":7,\"pkts_toclient\":4,\"bytes_toserver\":966,\"bytes_toclient\":664,\"start\":\"2025-11-20T18:52:56.332280+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:53:12Z","timestamp":1763664792,"ip_dst":{"addr":"74.125.250.129","port":19302,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.8","port":33631,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:53:12.785309+0000\",\"flow_id\":1103550568004509,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":33631,\"dest_ip\":\"74.125.250.129\",\"dest_port\":19302,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":62,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:53:12.785309+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:53:12Z","timestamp":1763664792,"ip_dst":{"addr":"74.125.250.129","port":19302,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.8","port":33631,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:53:12.805357+0000\",\"flow_id\":1103550568004509,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":33631,\"dest_ip\":\"74.125.250.129\",\"dest_port\":19302,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":2,\"pkts_toclient\":1,\"bytes_toserver\":124,\"bytes_toclient\":74,\"start\":\"2025-11-20T18:53:12.785309+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:53:12Z","timestamp":1763664792,"ip_dst":{"addr":"45.179.148.136","port":27994,"asn":269107,"as":"J L TELECOMUNICACAO E MULTIMIDIA COMERCIO E SERVIC","country":"Brazil","country_code":"BR"},"ip_src":{"addr":"172.18.0.8","port":33631,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:53:12.805490+0000\",\"flow_id\":1557408352062066,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":33631,\"dest_ip\":\"45.179.148.136\",\"dest_port\":27994,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":134,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:53:12.805490+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:53:12Z","timestamp":1763664792,"ip_dst":{"addr":"74.125.250.129","port":19302,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.8","port":33631,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:53:12.825365+0000\",\"flow_id\":1103550568004509,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":33631,\"dest_ip\":\"74.125.250.129\",\"dest_port\":19302,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":3,\"pkts_toclient\":2,\"bytes_toserver\":186,\"bytes_toclient\":148,\"start\":\"2025-11-20T18:53:12.785309+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:53:12Z","timestamp":1763664792,"ip_dst":{"addr":"74.125.250.129","port":19302,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.8","port":33631,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:53:12.845365+0000\",\"flow_id\":1103550568004509,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":33631,\"dest_ip\":\"74.125.250.129\",\"dest_port\":19302,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":248,\"bytes_toclient\":222,\"start\":\"2025-11-20T18:53:12.785309+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:53:12Z","timestamp":1763664792,"ip_dst":{"addr":"45.179.148.136","port":27994,"asn":269107,"as":"J L TELECOMUNICACAO E MULTIMIDIA COMERCIO E SERVIC","country":"Brazil","country_code":"BR"},"ip_src":{"addr":"172.18.0.8","port":33631,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:53:12.905730+0000\",\"flow_id\":1557408352062066,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":33631,\"dest_ip\":\"45.179.148.136\",\"dest_port\":27994,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":2,\"pkts_toclient\":0,\"bytes_toserver\":268,\"bytes_toclient\":0,\"start\":\"2025-11-20T18:53:12.805490+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:53:13Z","timestamp":1763664793,"ip_dst":{"addr":"45.179.148.136","port":27994,"asn":269107,"as":"J L TELECOMUNICACAO E MULTIMIDIA COMERCIO E SERVIC","country":"Brazil","country_code":"BR"},"ip_src":{"addr":"172.18.0.8","port":33631,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:53:13.105987+0000\",\"flow_id\":1557408352062066,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":33631,\"dest_ip\":\"45.179.148.136\",\"dest_port\":27994,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":3,\"pkts_toclient\":2,\"bytes_toserver\":402,\"bytes_toclient\":324,\"start\":\"2025-11-20T18:53:12.805490+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-11-20T18:53:13Z","timestamp":1763664793,"ip_dst":{"addr":"45.179.148.136","port":27994,"asn":269107,"as":"J L TELECOMUNICACAO E MULTIMIDIA COMERCIO E SERVIC","country":"Brazil","country_code":"BR"},"ip_src":{"addr":"172.18.0.8","port":33631,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2025-11-20T18:53:13.506222+0000\",\"flow_id\":1557408352062066,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":33631,\"dest_ip\":\"45.179.148.136\",\"dest_port\":27994,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":536,\"bytes_toclient\":486,\"start\":\"2025-11-20T18:53:12.805490+0000\"}}"}]}],"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"cdn.jsdelivr.net/npm/clappr-chromecast-plugin@latest/dist/clappr-chromecast-plugin.min.js","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"151.101.65.229","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"e5d13c4d7c790f7dfa01d86cd6c2419b","sha1":"0d5e7500ba0cea98d5fc014918d7cd1a48b5a668","sha256":"1ce773865196b7bfd386873ca7eebaf8f9e903b56ca2e2ce45127e0699c0da90","sha512":"cb13cbc35ed6947a7c99e9a4ccabc01ba68a2c361c30e26d88cf622f3a212118f3357bacf9fb425e44727ec605ad779b0cdb3fb78ae0aead2eb593c05ce16b70","ssdeep":"384:/E2XN8iOGY9mVm4Vg5gUxvRHxwjY0Oa9M2o1AUmgaVlSEiuOV16U9kgLxL:BVVmAe5xvRRUY0Oa9i1xmzVlSMs9kgtL","tlshash":"4eb2a69cb1d1b135969390b8943f110ab23a75aa3089c1dcf73dd8e1aeb051d643bfb8","size":25448,"data":"","first_seen":"2023-03-07T01:18:54Z","last_seen":"2026-03-28T23:44:53.268525Z","times_seen":262,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/gh/ewwink/clappr-quality-selector-plugin@latest/quality-selector.js","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"151.101.65.229","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"b52f2ec6294229be62652a8f6dd37c0f","sha1":"9c3c3728f1832044f5059edf09dc2cd87ad6777a","sha256":"141ebd315cab53235f67c2e977f702745818b7ca316d7cae7067a7a4476f9eee","sha512":"1d609b5b52ea534ee111781f4dfce9a2832e14a99e26c145b64a63934699b99ed0400a4cc7c5ad67a6734ac48e0115947454bbd5901e95e38c555d424280fc15","ssdeep":"192:mVkxXFPDBHza4ad31ytzmJUHyTylqKyysd2OCpSxfQf:mVkf3UbUHZCs","tlshash":"d332321c2af60237d56ba06eae6f1105f175518f240ee5ed7c2c63c05f600aa12b5fbb","size":11089,"data":"","first_seen":"2024-01-26T12:22:07Z","last_seen":"2025-11-25T23:58:08.220332Z","times_seen":10,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rdcplayer.online/microtemplates/source[12]","fqdn":"rdcplayer.online","domain":"rdcplayer.online","tld":"online"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"aa12f600db7a50ab0dad75575b70dcba","sha1":"24b77c51286f871b3dd5671efbcfb593cb41ed83","sha256":"0c55fa5fe64856fe28f3b309892aaa6f016c9e7a501a7049bfebc1bd7bdf0ea0","sha512":"12bdd09a290e11539aeddd049dad9b4eb799b3ddd4f40394fbee434b5fe8f5d74609ac5f3b9d69784c22d491b359f042498f3fb6932573ba1174a6e2df6ece79","ssdeep":"","tlshash":"5901cef400ec12fea35a03a8290ee11f554dd056d1d8254ef5788a70c6bc3b94c1863f","size":791,"data":"","first_seen":"2023-06-18T01:47:12Z","last_seen":"2026-02-10T17:01:05.295246Z","times_seen":19,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rdcplayer.online/microtemplates/source[11]","fqdn":"rdcplayer.online","domain":"rdcplayer.online","tld":"online"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"d68be4ff3e8a3a6d73d63b3c037a66e2","sha1":"eea7fddb7d5f0b52c00d867f44a6d57a2ac96800","sha256":"48a9a27a8e846feb8153f05230365ed5255396775644803b3398a4f40b36bd94","sha512":"9413053cdd92642fec2e667ec286a4725dc49688ce757be7ba03641fdb02e0be88a08ca264bc4e6c4efe79e75bc1e5625355b88c28ae20eb32a8fc733c318dfc","ssdeep":"","tlshash":"2bd02b86b47122dc627316e8022685771168e52dd0606a48ca4dd630d47fb276e0d53e","size":265,"data":"","first_seen":"2023-05-18T23:42:25Z","last_seen":"2026-03-28T13:31:17.887298Z","times_seen":83,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rdcplayer.online/microtemplates/source[13]","fqdn":"rdcplayer.online","domain":"rdcplayer.online","tld":"online"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"1c33859b0765491235e14f9ad090ae54","sha1":"12929c02ca7579b3e0f811d35d12e77b8167edd5","sha256":"251c916b5b4f438fc4ac163a42bef1a2adb6d93ab3b892f7cfb2a3ef7fb10f8c","sha512":"9418b82707ebac57e949aa4e4cfdb5093c230b65f718c201223e96abf55afbbebffb18a96a189df2bddbc8aa3911f70c0459c6c6aab41b52714130c2dc77dca2","ssdeep":"","tlshash":"1ce023e0d0f422ec23050228110b9617214cc14290c8354fc9bac6b0cdb7dd50d0c23f","size":421,"data":"","first_seen":"2023-09-21T12:30:33Z","last_seen":"2025-11-25T23:58:08.225774Z","times_seen":12,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rdcplayer.online/microtemplates/source[0]","fqdn":"rdcplayer.online","domain":"rdcplayer.online","tld":"online"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"8ea87b7730adfbb1e4f322d5fdbfc796","sha1":"322eea08d62718d662b4f2894f802e37db48bac5","sha256":"a81c93b392738ee799bb9ae0838d19bcbbc203026c08c337fab2af72e9a9472a","sha512":"861ad9c2ec68f2b080608d2239602c5efc24c85590853c0db0f470e1c52120801ffe64f54c6f5faa7e69e83547b5b7f75153ebdd6b78362007c27425ebf81791","ssdeep":"","tlshash":"9321afb850e0215cba29ce6882119dd12939b01763da390e735d557049f336fb9ae3c5","size":1147,"data":"","first_seen":"2023-04-21T16:21:38Z","last_seen":"2026-01-28T07:51:44.575687Z","times_seen":53,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rdcplayer.online/microtemplates/source[4]","fqdn":"rdcplayer.online","domain":"rdcplayer.online","tld":"online"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"486158165321d921fb388101d2bf4483","sha1":"ba156a31e28d86c1c0ef9b1f008ba80af1452eda","sha256":"ea765f553d9d9b3240448ba6c80400cb77eb5b84c79561b25fdc9220b019d9d1","sha512":"16c00f994c42ff1dd14fa7a6b40392ae1f2234438494a2f1fec1c914486c709de5c93507ed186bac6361b43ca1731897aede8f15c4d5b0d70429821af9a79a72","ssdeep":"","tlshash":"a5d02b86f4b132e80553267c02264657216dc71c55512d89c68cd5605677e518e09479","size":251,"data":"","first_seen":"2023-04-18T02:32:56Z","last_seen":"2026-04-03T20:42:09.889605Z","times_seen":620,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rdcplayer.online/microtemplates/source[8]","fqdn":"rdcplayer.online","domain":"rdcplayer.online","tld":"online"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"306cbe790874ec93aa961e3048781460","sha1":"94fc251ece2ea937cd31694783a35c9867fc6f8b","sha256":"6d25989fc6e09bb477bf92cbdb52e01c8d5487811d3eb06e1984df37a721ccc5","sha512":"7688b269273918ed325e740a2405be3524577ece5328b7c75d37723b9bee00f6d12197cba3d1c714bc631df417576530f19e063169f5592a7881a5f3ab2a9312","ssdeep":"","tlshash":"65d02b86b47122d8527316ec022685771168e52dd0506948ca4dd630947fb276e0d53d","size":264,"data":"","first_seen":"2023-05-08T12:47:57Z","last_seen":"2026-03-28T23:44:53.39168Z","times_seen":224,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rdcplayer.online/microtemplates/source[10]","fqdn":"rdcplayer.online","domain":"rdcplayer.online","tld":"online"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"5b938e1308fb24b89c7019212078e884","sha1":"330a7590fbad56c19164a439a1f5b014f3839262","sha256":"bf429566b7fd48014496194370b698020a3158d97c54fba9348439ea0c651940","sha512":"ffb7f4b18b3008a760a34f15fa48da189626fdfb4431f2353463f2f730093f23d519969cdac265e146190719a074339facf0a27a11185be571c680a2347294db","ssdeep":"","tlshash":"7871c07010e910bba34f11f4496eba1b5b42d001c6d9d54e757e1ba08ffefa6c81e2e6","size":3546,"data":"","first_seen":"2023-07-05T00:21:36Z","last_seen":"2026-03-28T13:31:17.891399Z","times_seen":20,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"esportesembed.top/juventude-x-cruzeiro-3","fqdn":"esportesembed.top","domain":"esportesembed.top","tld":"top"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"3aa1e9b7a602bc8451dd88a7d12993dd","sha1":"a6e217283fee7e1b98e472ff498ddd26574c41b6","sha256":"92497051be012184398766262f5de2e596c3bb04382e52d7fa4690a7fec2ffaf","sha512":"0bd61671aad82c583a26efb5b8506a2c373b80cad584db4f0f9761862355fd2a97aaabc7d69126ca925a55b93c46146ea229b5d79eea164a972206e02ff9373b","ssdeep":"","tlshash":"f921cefd18f7106142237169b75ea584b82698436a08d91bbbdd1301ef5891269a2bcc","size":1365,"data":"","first_seen":"2025-10-18T21:27:30.128492Z","last_seen":"2025-12-03T23:28:52.562027Z","times_seen":10,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rdcplayer.online/microtemplates/source[3]","fqdn":"rdcplayer.online","domain":"rdcplayer.online","tld":"online"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"ae0d372be1872e42b9be7995c02ff21e","sha1":"7ec75fddcc7f6d1012aa4d8dc21a647de01d3933","sha256":"f7728856d9dd5c8b3136fd81d3785b3d906e4e68a702361ebfe23a3be362be0b","sha512":"d7c53a8d401c1e63b9369714a556ead8bcf4b990eea1140c8d1d0c9e28449a3eb3255956c4ccf8a0855c4bd0186b26f0c2454cf364cfc29e2b95007ea4ca016f","ssdeep":"","tlshash":"a6d02b86b47122d8527316e8022645771168e52dd0506958ca4dd630987fb276f0d53d","size":264,"data":"","first_seen":"2023-04-21T16:21:38Z","last_seen":"2026-03-15T16:54:42.401435Z","times_seen":139,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rdcplayer.online/microtemplates/source[1]","fqdn":"rdcplayer.online","domain":"rdcplayer.online","tld":"online"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"8aacb3b1ac8b0c11c86b639e776a4284","sha1":"dce5da440449a93575e7425d7bb60c254fb18a94","sha256":"bd29cce2c08198c14fe1ce3e938f509c11193060e3e90ffb38a1265b334d008b","sha512":"4eae8296696c8f0c54f8aa4f8277a4176088ccf6b5397bce16ee16eeaa107450b5d3a05cc9ebc2b6c93fa2e2e70e902c1fd7cdbe2d03b92d99ba1d625db16675","ssdeep":"","tlshash":"5ce0a3e5d4f562ed23051268110b9617215cc54690d8754fd9bac6b0ddbbd95490c23f","size":420,"data":"","first_seen":"2023-04-21T16:21:38Z","last_seen":"2026-03-22T20:04:46.409622Z","times_seen":162,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rdcplayer.online/microtemplates/source[7]","fqdn":"rdcplayer.online","domain":"rdcplayer.online","tld":"online"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"499ce3323f8d31ed6336171c4db2cd95","sha1":"77d669b86c1d3459d4708be869018524824b760f","sha256":"9505eaff944cfa0eaadc558b402f6f69f69d559a8a1682a51b796f76df79b807","sha512":"100e9f87924fabe72a8bec9ba9f70b7095aef86b664626b38d60e37528f17349e9f28be1c52925a1aab40fea799733eb737722fcd0e9717be88259bcbe18b247","ssdeep":"","tlshash":"f601cef400ec12fea35a03a8290ee11f554dd056d1d8294ef5788a7086bc3b94c1863f","size":790,"data":"","first_seen":"2023-05-08T12:47:57Z","last_seen":"2026-03-15T16:54:42.479375Z","times_seen":139,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rdcplayer.online/microtemplates/source[5]","fqdn":"rdcplayer.online","domain":"rdcplayer.online","tld":"online"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"356029ad719c60b47651834acdbd9ce6","sha1":"8c02e2be632dfa2ed56f5775bc22e91d4bc2e7a3","sha256":"4313a7ed126e0323c28517f8182b4996da434ea045fd1d25d550cb5108384e99","sha512":"f39782cfbf04ef46556b15ca80c77fdbe993b4d99c592928d99b4eaf82932c06f56d8f5f6100eda26d10560d135b47c8a85b03a92efe0e9f67a2da6992a2093c","ssdeep":"","tlshash":"32d02bc6b4a021e882a35968513a761f3129d70c5055ad4dcf4cc5a059f7aeafd094f8","size":279,"data":"","first_seen":"2023-05-21T19:38:57Z","last_seen":"2026-01-25T11:43:54.112915Z","times_seen":13,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"esportesembed.top/juventude-x-cruzeiro-3","fqdn":"esportesembed.top","domain":"esportesembed.top","tld":"top"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"f84214a77478b57510b1b29692924f75","sha1":"e0d619a956c43953fed7b22cbd4d27c7dfd7ed65","sha256":"1082116331902527279943d8af14dc0c1bda9a40af34530fd7e019248c71c753","sha512":"354c4b7eb1d82504a8fd2b26aacce6833f2cd36858bc536018b9c7e67b39b14240e83ec8810e0147ad33c0a4c2e92b566d86a2263062127f6721f904c13601af","ssdeep":"6144:GYO3Dj+1jn3BFVBC4jscT1bji/FUKOxsRUyhZnHVkj:GYO3DjQj3BFVBC4dlji/FUKOSRhnmj","tlshash":"e2345c153352777a7a95809aac3a5330b335015a760ac02cb1ddcde372afdc97636bb8","size":234683,"data":"","first_seen":"2025-11-20T18:53:22.284741Z","last_seen":"2025-11-20T18:53:22.284741Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"esportesembed.top/juventude-x-cruzeiro-3","fqdn":"esportesembed.top","domain":"esportesembed.top","tld":"top"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"23c9e1cbec42dc50963a30c155a67c41","sha1":"3ce7c9567e5577f57b17370afdeca2671017adbe","sha256":"cf9426393d8c5e9544d74d55275208dfa916a14ef3a5033950e1320cf4b7fb84","sha512":"4b92c4bc320234f51e435085a3e1c83f9fdf8e931771892969fdaef1f067a6be12582c58fa6c8eb75b8fb5044afb2855cfa9839b310b5cfb03b623ba55ba48e3","ssdeep":"","tlshash":"7da0026a41a6c0151663740c4e5e8d79505b0517c904a5d67b8c42a48f540a49456506","size":60,"data":"","first_seen":"2025-10-18T21:27:30.146257Z","last_seen":"2025-12-03T23:28:52.563382Z","times_seen":10,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"esportesembed.top/juventude-x-cruzeiro-3","fqdn":"esportesembed.top","domain":"esportesembed.top","tld":"top"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"00952c14295ab99d9940517b5447a715","sha1":"67ccefb5583e26d5d79ab4357c8929e2debc4873","sha256":"b3f9836f1460927587139b17edb6afbc5fab0893f8373fbaa31bcee417c3e2c9","sha512":"a4dc0b94e5e1c15d1012a32bb41f0afcb9845ddf2de4ff7ad46a70974ce5f47f977d984c9677f1c3c34090f960b45493755b96faae33fa5cdb6aec71e4624169","ssdeep":"","tlshash":"e2e0ab299ce706384cf63a441038ca7930f838a0aab3d027525cc83cce39fc54c04aec","size":426,"data":"","first_seen":"2025-08-10T22:42:16.802316Z","last_seen":"2026-01-22T02:16:07.95017Z","times_seen":17,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/npm/clappr@latest","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"151.101.65.229","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"f55c6c796275a41ce7d97bd160e648ff","sha1":"936285f9c8c85a749a1ef8cfc4d5e84b7ea2bc89","sha256":"db7ce4b1edd2c3701c3f2585f7cbd70857173195489a99703ab39de16fa45b6c","sha512":"3b01da86fa5b757041d7c03a186faad290c34f12fea78cc5ec53e4396491b16393c03e794bbead5a726f21c49f80894824eb65a87122c68a22cb2043ec6eda0e","ssdeep":"6144:q2ffwZI3wKqMSxeUKn5+q4Qc7vije4RDgv7VTG:qSoKqM9Upbz6R","tlshash":"c5b41b9876e5b0654393a0b8503f020b723bad6e7005a1ecf76de9e95db884d6037f78","size":525081,"data":"","first_seen":"2023-03-07T01:14:45Z","last_seen":"2026-04-03T22:34:53.930262Z","times_seen":2295,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rdcplayer.online/microtemplates/source[2]","fqdn":"rdcplayer.online","domain":"rdcplayer.online","tld":"online"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"7e5b16f1a8e1a982372e2fc1e7c9d395","sha1":"bf8c22c739fe0656b68b47a305543b87e500eccf","sha256":"9c89f40b1f71e4a857cc7f43c8afe559616fe59deea436c65e8776421d9bd8ca","sha512":"4857bb9d81acf5becf0bec962cd00a9ecc6216f4e217e372ba5f057dfb4406db370a0e899e976d6ced1da3c33f1868e06160d6c30b4119ad5bf7e9eafff11c91","ssdeep":"","tlshash":"fd01cef400ec12fea35a03a8290ee11f554dd056d1d8294ef5788a7086bc3b94c1863f","size":790,"data":"","first_seen":"2023-04-21T16:21:38Z","last_seen":"2026-03-28T13:31:17.849949Z","times_seen":153,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rdcplayer.online/hls/premiereclubes.html","fqdn":"rdcplayer.online","domain":"rdcplayer.online","tld":"online"},"ip":{"addr":"104.21.56.33","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"1b23d3c435f5a230ea05ed79f22fd62e","sha1":"7509439fcc116cf2fd072a59bace0c7c1bdf57c5","sha256":"17538d72cb07546497fc9aeb8938682f88ccef6d79381570ea9f4b9b392cb398","sha512":"b8de2ea7ce7f2d8ec3ea5202f98da65e09f8ed9af4f3e75e78b6370a52c193d02f4f0fe976694f196b37a374029696bfec49a0cdb4033e7382e3d253c3632617","ssdeep":"48:VUcFRlZorS5j8b8W8LUD2Xj7iiGIpl5OsJZdR51UuJ6ZkpqIR4WH4qSf8NTHMkNQ:ucnVpKnK7i1IplZ5FaCbH4qSeTHb+Si","tlshash":"b3022f1ad9f910323223e235512f92883631414bcd08ff54ba9eb1649f8c75de8b6aec","size":8315,"data":"","first_seen":"2025-11-20T18:53:22.287519Z","last_seen":"2025-11-20T18:53:22.287519Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rdcplayer.online/microtemplates/source[9]","fqdn":"rdcplayer.online","domain":"rdcplayer.online","tld":"online"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"6b19aaa3510d084484e46e10c5ef48fd","sha1":"7ce07fc2a3dcd99021e700e89ef8bfbe850b463c","sha256":"a9731e4424ff9fb11587f9adc551388af832bf2591bfe6c29a12b4bb172760d4","sha512":"e817247faaa367fec0b2deab0d40e4579aac422bc69e4b4135862a23634d0491cfc336a4ddce2da5747493487e25a85bd825cdd434e2415083763ec6d5852e08","ssdeep":"","tlshash":"23e0ab45a4f962e82aa61b2c100b6a27691c8b0d5464984ac4bd9d74c9bba6f0609b39","size":411,"data":"","first_seen":"2023-05-21T16:08:01Z","last_seen":"2026-01-28T07:51:44.577113Z","times_seen":55,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/npm/p2p-media-loader-core@latest/build/p2p-media-loader-core.min.js","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"151.101.65.229","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"c9a8b05945fce050129e32f96c4c9344","sha1":"732e594daaae33e3141c4401eeb00e24d6255489","sha256":"6169aae21cd0ef9813b6bda9ec902dee165c4c70202c37af6eb0bc45ced0a872","sha512":"6fd7879ecde5094ac89348b57f853b7a1143e2a9366ddce50d267261b168a7513c2b72a14026bc4309584bd11906f6dc2830be515a7e8f92f3f19eb7968d659f","ssdeep":"3072:nD3fpQc9nd2HRI5pFtpEgB5thhppAiph/cVreihq:nD3AqpEStzsQ","tlshash":"6ae329cdb7a2701213d361b6502f560bb33568266c0d443cb354e8f9ad7ee89a17af78","size":143751,"data":"","first_seen":"2023-03-07T01:23:53Z","last_seen":"2026-04-04T04:00:19.811947Z","times_seen":703,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rdcplayer.online/hls/premiereclubes.html","fqdn":"rdcplayer.online","domain":"rdcplayer.online","tld":"online"},"ip":{"addr":"104.21.56.33","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"a64911cc26de61a23163c69718184142","sha1":"51bc13458b5ef0fd9ced80f2a1c5b17077993974","sha256":"e341fc45fd2638197cd08503413ae27e75130f2b0a96b2e8a7be20f285a6ef89","sha512":"2a91dce38e6ef6f5db0d7bc53bd1533bdaa5a3dd68bde6d3bb60d62bee9a0f63c647275c99678a1dfef1c381039e1ca2506c213cfc6219f29eeace9a6b980d96","ssdeep":"3072:6Lls9/7eqCXBQ+mU719kWXq3tGDoCD9i5DozOMS:OO5eqg7B3G","tlshash":"d6e3da6ba9cc251726282b05d2c657c0e77f3e31b2bae4807c0d2cd645ee29d5cf5a87","size":153616,"data":"","first_seen":"2025-11-20T18:53:22.288965Z","last_seen":"2025-11-20T18:53:22.288965Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rdcplayer.online/microtemplates/source[6]","fqdn":"rdcplayer.online","domain":"rdcplayer.online","tld":"online"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"Function","is_inline":false,"md5":"c7607d7da9ad2b3e6f79c54923d55021","sha1":"d4e6bf4148d2788c182159d163030636a0a7bdfe","sha256":"23bf5e1650fc1f5a994c9b83a14d019cc3d0a37045e3e498610bb12e0323d2d7","sha512":"2dbbcfcf312851b2fdc3c681880532cb5b5e7405eaa80e3169517f48a201c499cbaee088edfa15ffdfe1c8f37900e9db2c6e11c8635deffd02a1900e47a789ce","ssdeep":"","tlshash":"b071c07010e910bba34f11f4496eba1b5b42d001c6d9d54e757e1ba08ffefa6c81e2e6","size":3545,"data":"","first_seen":"2023-05-08T12:47:57Z","last_seen":"2026-03-15T16:54:42.464099Z","times_seen":140,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/npm/p2p-media-loader-hlsjs@latest/build/p2p-media-loader-hlsjs.min.js","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"151.101.65.229","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"835f1f7feab838f171c6334abc3d14da","sha1":"68b97b433d37600647338e57f4344e5e1faf6246","sha256":"189334d0a898e2aa16794cdd1ea47a0e7c1750578173b25033049fafdf55f2a4","sha512":"4688a35bf0917776321c371677d32c03b841a7f5433ca588301e880e52d0b2560e96d9de4b110ec4d311db7c708748a04de071ca997a57cab2440276450b9346","ssdeep":"384:Gc4t/GAcXYGv6phc685vDB8vezigse+i3GTDZTQB3rErjrLqxxR8EQx3HHdTHTHQ:Gc4pGAcoQOhe5B8hgs/DGwH2/KNrPs","tlshash":"ccc2c789798511734fce50a7d43f47022632a91a6046c87cb82df4deaca8f0e60b67bd","size":26815,"data":"","first_seen":"2023-03-07T01:03:07Z","last_seen":"2026-03-26T02:29:51.426286Z","times_seen":694,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":[{"md5":"e40d1173fe9b92d29fdddafb1073a580","sha1":"fc3fe126df912e672b96c6e8a1a8ab4617295ef2","sha256":"8dca4980aff280e452f1b16b4c2d650d0b43027c903792c13e89bf2147546888","sha512":"3a807eff93e2f5083d07f700dcfe73b99443b3ea1d5dc14d10116d1894b9a9259267c36321e6fe84422726f7fab6ed743119cabbb13f44cd37d12b3b0f03ce32","ssdeep":"96:5yq1uz1hN4hNYeUCLkYZDl8OgzZE4qqISu5T:5yqozH5eUCLk03gV8J","tlshash":"3ed1655e5d9a10223133e3759426978cfa3253270200c356bbfdb0665f7869dd8abeec","size":6254,"data":"","first_seen":"2025-11-20T18:53:22.290517Z","last_seen":"2025-11-20T18:53:22.290517Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]},"http":[{"url":{"schema":"https","addr":"esportesembed.top/juventude-x-cruzeiro-3","fqdn":"esportesembed.top","domain":"esportesembed.top","tld":"top"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-11-20T18:52:53.049Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"esportesembed.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 08 Nov 2025 16:24:52 GMT","end":"Fri, 06 Feb 2026 17:22:39 GMT"},"fingerprint":{"sha1":"C5:74:84:B0:44:4E:DD:DA:7A:D3:F3:91:27:BA:17:69:1F:B6:E1:92","sha256":"95:FD:1E:B9:81:EC:35:50:41:1C:98:9B:F0:CC:9B:AA:6F:36:59:EE:E3:FF:A8:1F:73:1F:0B:70:42:78:51:87"}}},"request":{"raw":"GET /juventude-x-cruzeiro-3 HTTP/1.1\r\nHost: esportesembed.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 20 Nov 2025 18:52:53 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Accept-Encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=5cvMO4ENY9hjN4Y29DGGsDj%2Bqi74PiZr3yYyX42ZZ9oQ9LkJ7XPsbF4AGS4SnfyN4bPQmfDNH82mZncDKh0J%2FWoxKb6rc1lO4ONP4rNDGkIp\"}]}\r\ncache-control: max-age=300\r\ncf-cache-status: MISS\r\nlast-modified: Thu, 20 Nov 2025 18:52:53 GMT\r\ncontent-encoding: br\r\ncf-ray: 9a1a25a18e9cc272-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":240733,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (60472)","md5":"61874609ed2ad203a826b7b9180e538e","sha1":"bba4f96f14a8619108b1d66dd1d2df898bbeacdb","sha256":"b8e990f08a21a4f485709e0b99b0097390c8fe4234f4594e61f45bc69a185dcd","sha512":"b09c07ee5a30de873fd696e9ac91165c362d579d349110c2b6c26ab7384225968da135a1d5b2165411a5c3d80c8479a46ba47c3af353abb944e93b659c8b0039","ssdeep":"6144:pYO3Dj+1jn3BFVBC4jscT1bji/FUKOxsRUyhZnHVk6:pYO3DjQj3BFVBC4dlji/FUKOSRhnm6","tlshash":"ce345c153352773a7a91809aac3a5330b235015a760ac02cb1ddcde377afdc97636bb8","first_seen":"2025-11-20T18:53:22.2665Z","last_seen":"2025-11-20T18:53:22.2665Z","times_seen":1,"resource_available":false,"data":null}},"time_used":982,"timings":{"blocked":319,"dns":294,"connect":1,"send":0,"wait":344,"receive":0,"ssl":20},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-11-20","alert":"Sinkholed","trigger":"esportesembed.top","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-20","alert":"Sinkholed","trigger":"esportesembed.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/npm/38861cba61c66739c1452c3a71e39852.ttf","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"151.101.65.229","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://rdcplayer.online/hls/premiereclubes.html","date":"2025-11-20T18:52:54.877Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jsdelivr.net","organization":""},"issuer":{"commonName":"GlobalSign Atlas R3 DV TLS CA 2025 Q2","organization":"GlobalSign nv-sa"},"validity":{"start":"Mon, 02 Jun 2025 15:43:52 GMT","end":"Sat, 04 Jul 2026 15:43:51 GMT"},"fingerprint":{"sha1":"21:17:81:78:41:C6:8F:86:D6:CF:8D:98:CC:74:A8:F1:03:F8:C9:D4","sha256":"D0:E6:8D:08:11:05:7E:0C:2A:0D:C7:E0:ED:AE:9E:18:C8:74:32:12:3D:56:43:98:62:CD:A2:08:6F:64:5B:B0"}}},"request":{"raw":"GET /npm/38861cba61c66739c1452c3a71e39852.ttf HTTP/1.1\r\nHost: cdn.jsdelivr.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://rdcplayer.online\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rdcplayer.online/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 404 Not Found\r\ncontent-length: 42\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: *\r\ntiming-allow-origin: *\r\ncache-control: public, max-age=30, s-maxage=30\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-type: text/plain; charset=utf-8\r\netag: W/\"25-junAq5RuYhRu8VSd3vtDZ10zD7Y\"\r\ncontent-encoding: br\r\naccept-ranges: bytes\r\nage: 27\r\ndate: Thu, 20 Nov 2025 18:52:54 GMT\r\nx-served-by: cache-fra-eddf8230074-FRA, cache-hel1410030-HEL\r\nx-cache: HIT, MISS\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\";ma=86400,h3-29=\":443\";ma=86400,h3-27=\":443\";ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":37,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"ASCII text, with no line terminators","md5":"9901c74ca4b98ad1c4c6252a799efef3","sha1":"8ee9c0ab946e62146ef1549ddefb43675d330fb6","sha256":"9cf9b281599860f0a2abcea5fdb554ea3d736d9f84c8a9c85e79dc90f5f1d9bf","sha512":"7a7ab275c38d5c7fc9caa89a9d87cea8509337e3c4bc4596d0c9eb03620ff0814e537dbe3f2356791fd6f13efc8b212c319af38a9d1c450c8a3a0498c2366072","ssdeep":"","tlshash":"f1800471044c313d4d135441f5075570c741d04c530110704005054c300f54031c10c0","first_seen":"2023-04-28T14:52:46Z","last_seen":"2026-01-28T07:51:44.547435Z","times_seen":42,"resource_available":false,"data":null}},"time_used":103,"timings":{"blocked":25,"dns":0,"connect":0,"send":0,"wait":78,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"9052bea686a7549fe738d20b0ff7636f.eu.r2.cloudflarestorage.com/files/IMG_1755708577986.png?X-Amz-Algorithm=AWS4-HMAC-SHA256\u0026X-Amz-Content-Sha256=UNSIGNED-PAYLOAD\u0026X-Amz-Credential=a4bf1b929e4b983c34d26e25419ba60d%2F20251120%2Fauto%2Fs3%2Faws4_request\u0026X-Amz-Date=20251120T134350Z\u0026X-Amz-Expires=900\u0026X-Amz-Signature=5cdfb4270a9791ada9ae0dc7daadf095af8f44b273b4f58cbc973ffb2a62b455\u0026X-Amz-SignedHeaders=host\u0026x-amz-checksum-mode=ENABLED\u0026x-id=GetObject","fqdn":"9052bea686a7549fe738d20b0ff7636f.eu.r2.cloudflarestorage.com","domain":"cloudflarestorage.com","tld":"com"},"ip":{"addr":"141.101.90.97","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://rdcplayer.online/hls/premiereclubes.html","date":"2025-11-20T18:53:00.253Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"r2.cloudflarestorage.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 17 Oct 2025 00:15:00 GMT","end":"Thu, 15 Jan 2026 01:14:48 GMT"},"fingerprint":{"sha1":"82:59:7F:E2:28:40:36:49:23:45:00:94:42:63:65:FD:25:8D:E6:99","sha256":"4A:92:E0:04:53:8F:11:5F:45:73:27:8B:5A:50:86:A6:DC:DF:73:6C:0F:4B:E8:D6:65:55:60:CB:80:A6:BF:5D"}}},"request":{"raw":"GET /files/IMG_1755708577986.png?X-Amz-Algorithm=AWS4-HMAC-SHA256\u0026X-Amz-Content-Sha256=UNSIGNED-PAYLOAD\u0026X-Amz-Credential=a4bf1b929e4b983c34d26e25419ba60d%2F20251120%2Fauto%2Fs3%2Faws4_request\u0026X-Amz-Date=20251120T134350Z\u0026X-Amz-Expires=900\u0026X-Amz-Signature=5cdfb4270a9791ada9ae0dc7daadf095af8f44b273b4f58cbc973ffb2a62b455\u0026X-Amz-SignedHeaders=host\u0026x-amz-checksum-mode=ENABLED\u0026x-id=GetObject HTTP/1.1\r\nHost: 9052bea686a7549fe738d20b0ff7636f.eu.r2.cloudflarestorage.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://rdcplayer.online\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rdcplayer.online/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 403 Forbidden\r\nDate: Thu, 20 Nov 2025 18:53:00 GMT\r\nContent-Type: application/xml\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nServer: cloudflare\r\nCF-RAY: 9a1a25cd0ccb1255-CPH\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":118,"size_decoded":0,"mime_type":"application/xml","magic":"XML 1.0 document, ASCII text, with no line terminators","md5":"bcc5a6397f002672cfc2f1f5a592bfca","sha1":"ec196ead1ec69bdcef08961fa2b4fbeea69e6883","sha256":"fe009e849d5d4d7b5a7a2b07167ea3be2b582a0122f75bcf1aaec6dbd0b27441","sha512":"6411141aec0426851b4e7ce5031ad026521b5af807a6c0577c05460e8ff86df41e800fab38cee56267ec2fa2edb1665fb4886a98910a029f6382d8047ecbb5d8","ssdeep":"","tlshash":"b2b012057385b82a81a08737ff38f715f710513253d05036c4d905e72bc21838e1336e","first_seen":"2023-11-28T00:09:24Z","last_seen":"2025-11-23T21:38:38.277613Z","times_seen":20,"resource_available":false,"data":null}},"time_used":169,"timings":{"blocked":71,"dns":23,"connect":4,"send":0,"wait":26,"receive":1,"ssl":41},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"agropesca.live/live/premiereclubes/index.m3u8","fqdn":"agropesca.live","domain":"agropesca.live","tld":"live"},"ip":{"addr":"172.67.160.183","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://rdcplayer.online/hls/premiereclubes.html","date":"2025-11-20T18:53:13.009Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"agropesca.live","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 17 Oct 2025 03:21:26 GMT","end":"Thu, 15 Jan 2026 04:18:55 GMT"},"fingerprint":{"sha1":"3F:90:30:D4:50:5C:CA:9A:F4:06:34:03:D7:49:F4:3E:4E:01:8E:95","sha256":"F9:F5:B9:BD:D0:CA:FA:D3:2F:F3:E1:52:7F:85:A5:9D:C5:5F:FB:80:19:27:5A:F1:BC:DD:C3:82:82:FD:8E:EE"}}},"request":{"raw":"GET /live/premiereclubes/index.m3u8 HTTP/1.1\r\nHost: agropesca.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://rdcplayer.online\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rdcplayer.online/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 20 Nov 2025 18:53:13 GMT\r\ncontent-type: application/vnd.apple.mpegurl; charset=utf-8\r\ncontent-length: 2851\r\npriority: u=3,i=?0\r\nx-powered-by: Express\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET, POST, DELETE, OPTIONS\r\naccess-control-allow-headers: Content-Type, Authorization\r\ncache-control: max-age=14400, must-revalidate\r\npragma: no-cache\r\nexpires: 0\r\netag: W/\"b23-eueWueCAcrI/PQ7dGEGPl/fy8AA\"\r\nage: 0\r\naccept-ranges: bytes\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ndreCsx0gTDqb0YZnhv9wmJipMTFyyrFCylwF7SPXCaEEckEoh7n%2Flrp1YJ9%2FQ3PpD5XANinrXl9uS5ydJhe4SMb%2B7B4NlIGNDq9rA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9a1a261c4e33b4f4-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":2851,"size_decoded":0,"mime_type":"application/vnd.apple.mpegurl; charset=utf-8","magic":"M3U playlist, ASCII text, with very long lines (453)","md5":"1030ca17bec1eab543b78fdacd41d621","sha1":"7ae796b9e08072b23f3d0edd18418f97f7f2f000","sha256":"e600021b58babc57bff36c6e938264ec00411c1f20ab192b8f4fac37929ed909","sha512":"5f63df2b567f0c9063ff760ea401df6048700fcbac93054c9b963f23c8d32a435b15aac27e5d63431ac16c4ba97f88f373917d613ca60f7055d6dddd02135bf7","ssdeep":"","tlshash":"bb5122bf5da0b184220d0da66211b2b4f877525375f34dae1c23a4abb0d23a8d9c1c55","first_seen":"2025-11-20T18:53:22.269518Z","last_seen":"2025-11-20T18:53:22.269518Z","times_seen":1,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":5,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"usrpubtrk.com/ut/hb.php?cb=0.996246647799147\u0026v=1","fqdn":"usrpubtrk.com","domain":"usrpubtrk.com","tld":"com"},"ip":{"addr":"104.21.92.33","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"beacon","requested_by":"https://esportesembed.top/juventude-x-cruzeiro-3","date":"2025-11-20T18:52:54.094Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"usrpubtrk.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 12 Oct 2025 12:29:00 GMT","end":"Sat, 10 Jan 2026 13:27:25 GMT"},"fingerprint":{"sha1":"2D:85:E1:CC:5C:69:E9:00:F0:2A:D7:4D:EC:27:FD:E4:0E:99:3F:1F","sha256":"FF:B8:FC:07:03:69:0B:74:AC:FD:81:98:21:29:56:B1:D8:28:5E:79:5B:0B:DF:E3:6B:94:DB:9F:B8:AF:5B:7F"}}},"request":{"raw":"POST /ut/hb.php?cb=0.996246647799147\u0026v=1 HTTP/1.1\r\nHost: usrpubtrk.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: text/plain; charset=utf-8\r\nContent-Length: 816\r\nOrigin: https://esportesembed.top\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://esportesembed.top/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 204 No Content\r\ndate: Thu, 20 Nov 2025 18:52:54 GMT\r\nserver: cloudflare\r\naccess-control-allow-origin: *\r\nvia: 1.1 google\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=GnYo7KNiGonGC0RPdrYpBRo3EACxg7F%2B2XcxyjA07uzdt7nntkLLrqaBZ%2F%2B%2BldE8G24CAAtLoC7Fef3oiFY9Q2FJ1frqs%2BC06jZx\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9a1a25a65f1a5694-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T05:45:54.968102Z","times_seen":13318572,"resource_available":true,"data":null}},"time_used":240,"timings":{"blocked":45,"dns":21,"connect":2,"send":0,"wait":149,"receive":0,"ssl":20},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-11-20","alert":"Sinkholed","trigger":"usrpubtrk.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-20","alert":"Sinkholed","trigger":"usrpubtrk.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-11-20","alert":"Sinkholed","trigger":"usrpubtrk.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-11-20","alert":"Sinkholed","trigger":"usrpubtrk.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-20","alert":"Sinkholed","trigger":"usrpubtrk.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/npm/clappr-chromecast-plugin@latest/dist/clappr-chromecast-plugin.min.js","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"151.101.65.229","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://rdcplayer.online/hls/premiereclubes.html","date":"2025-11-20T18:52:54.496Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jsdelivr.net","organization":""},"issuer":{"commonName":"GlobalSign Atlas R3 DV TLS CA 2025 Q2","organization":"GlobalSign nv-sa"},"validity":{"start":"Mon, 02 Jun 2025 15:43:52 GMT","end":"Sat, 04 Jul 2026 15:43:51 GMT"},"fingerprint":{"sha1":"21:17:81:78:41:C6:8F:86:D6:CF:8D:98:CC:74:A8:F1:03:F8:C9:D4","sha256":"D0:E6:8D:08:11:05:7E:0C:2A:0D:C7:E0:ED:AE:9E:18:C8:74:32:12:3D:56:43:98:62:CD:A2:08:6F:64:5B:B0"}}},"request":{"raw":"GET /npm/clappr-chromecast-plugin@latest/dist/clappr-chromecast-plugin.min.js HTTP/1.1\r\nHost: cdn.jsdelivr.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rdcplayer.online/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: *\r\ntiming-allow-origin: *\r\ncache-control: public, max-age=604800, s-maxage=43200\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-type: application/javascript; charset=utf-8\r\nx-jsd-version: 0.1.1\r\nx-jsd-version-type: version\r\netag: W/\"6368-DV51ALoM6pjV/AFJGNfNGki1pmg\"\r\ncontent-encoding: br\r\naccept-ranges: bytes\r\nage: 33527\r\ndate: Thu, 20 Nov 2025 18:52:54 GMT\r\nx-served-by: cache-fra-etou8220065-FRA, cache-hel1410032-HEL\r\nx-cache: HIT, HIT\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\";ma=86400,h3-29=\":443\";ma=86400,h3-27=\":443\";ma=86400\r\ncontent-length: 7109\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":25448,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (25391)","md5":"e5d13c4d7c790f7dfa01d86cd6c2419b","sha1":"0d5e7500ba0cea98d5fc014918d7cd1a48b5a668","sha256":"1ce773865196b7bfd386873ca7eebaf8f9e903b56ca2e2ce45127e0699c0da90","sha512":"cb13cbc35ed6947a7c99e9a4ccabc01ba68a2c361c30e26d88cf622f3a212118f3357bacf9fb425e44727ec605ad779b0cdb3fb78ae0aead2eb593c05ce16b70","ssdeep":"384:/E2XN8iOGY9mVm4Vg5gUxvRHxwjY0Oa9M2o1AUmgaVlSEiuOV16U9kgLxL:BVVmAe5xvRRUY0Oa9i1xmzVlSMs9kgtL","tlshash":"4eb2a69cb1d1b135969390b8943f110ab23a75aa3089c1dcf73dd8e1aeb051d643bfb8","first_seen":"2023-03-07T01:18:54Z","last_seen":"2026-03-28T23:44:53.268525Z","times_seen":262,"resource_available":true,"data":null}},"time_used":178,"timings":{"blocked":77,"dns":0,"connect":30,"send":0,"wait":17,"receive":1,"ssl":44},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/gh/ewwink/clappr-quality-selector-plugin@latest/quality-selector.js","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"151.101.65.229","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://rdcplayer.online/hls/premiereclubes.html","date":"2025-11-20T18:52:54.498Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jsdelivr.net","organization":""},"issuer":{"commonName":"GlobalSign Atlas R3 DV TLS CA 2025 Q2","organization":"GlobalSign nv-sa"},"validity":{"start":"Mon, 02 Jun 2025 15:43:52 GMT","end":"Sat, 04 Jul 2026 15:43:51 GMT"},"fingerprint":{"sha1":"21:17:81:78:41:C6:8F:86:D6:CF:8D:98:CC:74:A8:F1:03:F8:C9:D4","sha256":"D0:E6:8D:08:11:05:7E:0C:2A:0D:C7:E0:ED:AE:9E:18:C8:74:32:12:3D:56:43:98:62:CD:A2:08:6F:64:5B:B0"}}},"request":{"raw":"GET /gh/ewwink/clappr-quality-selector-plugin@latest/quality-selector.js HTTP/1.1\r\nHost: cdn.jsdelivr.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rdcplayer.online/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: *\r\ntiming-allow-origin: *\r\ncache-control: public, max-age=604800, s-maxage=43200\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-type: application/javascript; charset=utf-8\r\nx-jsd-version: 2.0.1\r\nx-jsd-version-type: version\r\netag: W/\"2b51-nDw3KPGDIET1BZ7fCdws2HrWd3o\"\r\ncontent-encoding: br\r\naccept-ranges: bytes\r\nage: 10056\r\ndate: Thu, 20 Nov 2025 18:52:54 GMT\r\nx-served-by: cache-fra-etou8220160-FRA, cache-hel1410032-HEL\r\nx-cache: HIT, HIT\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\";ma=86400,h3-29=\":443\";ma=86400,h3-27=\":443\";ma=86400\r\ncontent-length: 2908\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":11089,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (1397)","md5":"b52f2ec6294229be62652a8f6dd37c0f","sha1":"9c3c3728f1832044f5059edf09dc2cd87ad6777a","sha256":"141ebd315cab53235f67c2e977f702745818b7ca316d7cae7067a7a4476f9eee","sha512":"1d609b5b52ea534ee111781f4dfce9a2832e14a99e26c145b64a63934699b99ed0400a4cc7c5ad67a6734ac48e0115947454bbd5901e95e38c555d424280fc15","ssdeep":"192:mVkxXFPDBHza4ad31ytzmJUHyTylqKyysd2OCpSxfQf:mVkf3UbUHZCs","tlshash":"d332321c2af60237d56ba06eae6f1105f175518f240ee5ed7c2c63c05f600aa12b5fbb","first_seen":"2024-01-26T12:22:07Z","last_seen":"2025-11-25T23:58:08.220332Z","times_seen":10,"resource_available":true,"data":null}},"time_used":181,"timings":{"blocked":76,"dns":1,"connect":28,"send":0,"wait":22,"receive":0,"ssl":42},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"wss","addr":"tracker.openwebtorrent.com/","fqdn":"tracker.openwebtorrent.com","domain":"openwebtorrent.com","tld":"com"},"ip":{"addr":"104.21.31.24","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"websocket","requested_by":"https://rdcplayer.online/hls/premiereclubes.html","date":"2025-11-20T18:52:55.289Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"openwebtorrent.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 10 Oct 2025 01:54:01 GMT","end":"Thu, 08 Jan 2026 02:52:47 GMT"},"fingerprint":{"sha1":"84:43:B2:D7:B0:39:30:A2:BB:FE:90:B2:36:22:F2:78:95:19:B5:64","sha256":"CE:2C:DA:90:EB:30:0C:4C:16:DA:6D:4E:F4:A6:BA:1D:C5:15:21:91:AA:9F:71:E7:7E:18:EC:82:E5:AE:EF:EE"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: tracker.openwebtorrent.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nSec-WebSocket-Version: 13\r\nOrigin: https://rdcplayer.online\r\nSec-WebSocket-Extensions: permessage-deflate\r\nSec-WebSocket-Key: UUsvoLI8zcngtJPD/2XGfw==\r\nDNT: 1\r\nConnection: keep-alive, Upgrade\r\nSec-Fetch-Dest: websocket\r\nSec-Fetch-Mode: websocket\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nUpgrade: websocket\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 101 Switching Protocols\r\nDate: Thu, 20 Nov 2025 18:52:55 GMT\r\nConnection: upgrade\r\nUpgrade: websocket\r\nSec-WebSocket-Accept: Thb40BmMJSh3YSYC4gMjU6xoqts=\r\nSec-WebSocket-Extensions: permessage-deflate; client_no_context_takeover; server_no_context_takeover\r\nuWebSockets: 20\r\ncf-cache-status: DYNAMIC\r\nReport-To: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=X1zRdnNPzXdJtX%2FoB9JoyDZyqrcqJR4u4t3jJZLLH1uQP18b7vYX5VDfFped5IaKSBzFUl%2BNeH9kD9cgB2M0OuLkXi%2BPDP4fveUOjNDw0fTYC5IOsPxf16EZtsdkm%2FPTmvNGM9C4lRchLJGqQQ%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nNEL: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nServer: cloudflare\r\nCF-RAY: 9a1a25ade9e8c759-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfL4;desc=\"?proto=TCP\u0026rtt=489\u0026min_rtt=447\u0026rtt_var=159\u0026sent=5\u0026recv=8\u0026lost=0\u0026retrans=0\u0026sent_bytes=3135\u0026recv_bytes=1169\u0026delivery_rate=7463917\u0026cwnd=252\u0026unsent_bytes=0\u0026cid=1a974e026434f5ec\u0026ts=127\u0026x=0\"\r\n\r\n","headers":null,"cookies":null,"status_code":"101","status_text":"Switching Protocols","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T05:45:54.968102Z","times_seen":13318572,"resource_available":true,"data":null}},"time_used":192,"timings":{"blocked":1,"dns":27,"connect":33,"send":0,"wait":109,"receive":0,"ssl":54},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-11-20","alert":"Sinkholed","trigger":"tracker.openwebtorrent.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"agropesca.live/live/premiereclubes/index.m3u8","fqdn":"agropesca.live","domain":"agropesca.live","tld":"live"},"ip":{"addr":"172.67.160.183","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://rdcplayer.online/hls/premiereclubes.html","date":"2025-11-20T18:53:06.976Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"agropesca.live","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 17 Oct 2025 03:21:26 GMT","end":"Thu, 15 Jan 2026 04:18:55 GMT"},"fingerprint":{"sha1":"3F:90:30:D4:50:5C:CA:9A:F4:06:34:03:D7:49:F4:3E:4E:01:8E:95","sha256":"F9:F5:B9:BD:D0:CA:FA:D3:2F:F3:E1:52:7F:85:A5:9D:C5:5F:FB:80:19:27:5A:F1:BC:DD:C3:82:82:FD:8E:EE"}}},"request":{"raw":"GET /live/premiereclubes/index.m3u8 HTTP/1.1\r\nHost: agropesca.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://rdcplayer.online\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rdcplayer.online/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 20 Nov 2025 18:53:06 GMT\r\ncontent-type: application/vnd.apple.mpegurl; charset=utf-8\r\ncontent-length: 2851\r\npriority: u=3,i=?0\r\nx-powered-by: Express\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET, POST, DELETE, OPTIONS\r\naccess-control-allow-headers: Content-Type, Authorization\r\ncache-control: max-age=14400, must-revalidate\r\npragma: no-cache\r\nexpires: 0\r\netag: W/\"b23-eueWueCAcrI/PQ7dGEGPl/fy8AA\"\r\nage: 0\r\naccept-ranges: bytes\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=j4TgJivNXvz77lgVMcwvPphR43KsBNMjpWSP2cEf7y%2BP6oTw7LrPOrQ49IWzfJk2OwHVJh0PpZkmTQYAPpRqBt9ElUuMirrNKuocNg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9a1a25f69b54b4f4-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]}],"data":{"size":2851,"size_decoded":0,"mime_type":"application/vnd.apple.mpegurl; charset=utf-8","magic":"M3U playlist, ASCII text, with very long lines (453)","md5":"1030ca17bec1eab543b78fdacd41d621","sha1":"7ae796b9e08072b23f3d0edd18418f97f7f2f000","sha256":"e600021b58babc57bff36c6e938264ec00411c1f20ab192b8f4fac37929ed909","sha512":"5f63df2b567f0c9063ff760ea401df6048700fcbac93054c9b963f23c8d32a435b15aac27e5d63431ac16c4ba97f88f373917d613ca60f7055d6dddd02135bf7","ssdeep":"","tlshash":"bb5122bf5da0b184220d0da66211b2b4f877525375f34dae1c23a4abb0d23a8d9c1c55","first_seen":"2025-11-20T18:53:22.269518Z","last_seen":"2025-11-20T18:53:22.269518Z","times_seen":1,"resource_available":false,"data":null}},"time_used":8,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":7,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"932aa9b73656f4979c91ac15dd86e976.eu.r2.cloudflarestorage.com/pictures/IMG_1755708577988.png?X-Amz-Algorithm=AWS4-HMAC-SHA256\u0026X-Amz-Content-Sha256=UNSIGNED-PAYLOAD\u0026X-Amz-Credential=122ebbaef39f300eee19148c2d94fb9f%2F20251120%2Fauto%2Fs3%2Faws4_request\u0026X-Amz-Date=20251120T134402Z\u0026X-Amz-Expires=900\u0026X-Amz-Signature=25af2b51236d6b15b10f55d4d6502ec55ccc772e170b282fa0d40526b4c25b5d\u0026X-Amz-SignedHeaders=host\u0026x-amz-checksum-mode=ENABLED\u0026x-id=GetObject","fqdn":"932aa9b73656f4979c91ac15dd86e976.eu.r2.cloudflarestorage.com","domain":"cloudflarestorage.com","tld":"com"},"ip":{"addr":"141.101.90.96","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://rdcplayer.online/hls/premiereclubes.html","date":"2025-11-20T18:53:09.260Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"r2.cloudflarestorage.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 16 Oct 2025 22:12:03 GMT","end":"Wed, 14 Jan 2026 23:11:59 GMT"},"fingerprint":{"sha1":"16:01:EF:92:1A:71:D8:BD:0A:FF:67:51:25:C1:4E:99:61:B9:B6:37","sha256":"2A:4D:F2:9F:25:E8:85:60:23:21:9D:46:4A:21:5B:78:F4:1A:2A:B7:E7:0F:F2:F6:74:24:0E:45:56:89:69:F4"}}},"request":{"raw":"GET /pictures/IMG_1755708577988.png?X-Amz-Algorithm=AWS4-HMAC-SHA256\u0026X-Amz-Content-Sha256=UNSIGNED-PAYLOAD\u0026X-Amz-Credential=122ebbaef39f300eee19148c2d94fb9f%2F20251120%2Fauto%2Fs3%2Faws4_request\u0026X-Amz-Date=20251120T134402Z\u0026X-Amz-Expires=900\u0026X-Amz-Signature=25af2b51236d6b15b10f55d4d6502ec55ccc772e170b282fa0d40526b4c25b5d\u0026X-Amz-SignedHeaders=host\u0026x-amz-checksum-mode=ENABLED\u0026x-id=GetObject HTTP/1.1\r\nHost: 932aa9b73656f4979c91ac15dd86e976.eu.r2.cloudflarestorage.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://rdcplayer.online\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rdcplayer.online/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 403 Forbidden\r\nDate: Thu, 20 Nov 2025 18:53:09 GMT\r\nContent-Type: application/xml\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nServer: cloudflare\r\nCF-RAY: 9a1a26055a3175f0-CPH\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":118,"size_decoded":0,"mime_type":"application/xml","magic":"XML 1.0 document, ASCII text, with no line terminators","md5":"bcc5a6397f002672cfc2f1f5a592bfca","sha1":"ec196ead1ec69bdcef08961fa2b4fbeea69e6883","sha256":"fe009e849d5d4d7b5a7a2b07167ea3be2b582a0122f75bcf1aaec6dbd0b27441","sha512":"6411141aec0426851b4e7ce5031ad026521b5af807a6c0577c05460e8ff86df41e800fab38cee56267ec2fa2edb1665fb4886a98910a029f6382d8047ecbb5d8","ssdeep":"","tlshash":"b2b012057385b82a81a08737ff38f715f710513253d05036c4d905e72bc21838e1336e","first_seen":"2023-11-28T00:09:24Z","last_seen":"2025-11-23T21:38:38.277613Z","times_seen":20,"resource_available":false,"data":null}},"time_used":159,"timings":{"blocked":66,"dns":22,"connect":1,"send":0,"wait":25,"receive":1,"ssl":42},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"adexchangeclear.com/script/suurl5.php?r=10407054\u0026cbur=0.2311949233670717\u0026cbiframe=0\u0026cbWidth=1280\u0026cbHeight=1024\u0026cbtitle=Player\u0026cbpage=https%3A%2F%2Fesportesembed.top%2Fjuventude-x-cruzeiro-3\u0026cbref=\u0026cbdescription=\u0026cbkeywords=\u0026cbcdn=rpyztjadsbonh.store\u0026ufp=Win32%2FMozilla%2FNetscape%2Ftrue%2Ffalse%2F1280x10240en-USunknown4824%20bits\u0026ts=1763664773988\u0026srs=8a4c84a260d5c04a2d383333f4e55268\u0026atv=71.2-b\u0026abtg=1\u0026adbv=3-cdn","fqdn":"adexchangeclear.com","domain":"adexchangeclear.com","tld":"com"},"ip":{"addr":"172.67.223.87","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://esportesembed.top/juventude-x-cruzeiro-3","date":"2025-11-20T18:52:53.997Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"adexchangeclear.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 08 Oct 2025 20:14:35 GMT","end":"Tue, 06 Jan 2026 21:12:18 GMT"},"fingerprint":{"sha1":"7C:B6:62:0F:43:12:2D:86:DD:92:D1:44:95:36:24:C7:2F:BA:B0:B6","sha256":"06:21:18:21:3A:A8:90:A4:4D:D0:A6:7B:7B:C8:4A:3B:31:47:C3:5D:48:A5:94:AC:08:75:A0:A1:DF:D6:B9:3C"}}},"request":{"raw":"GET /script/suurl5.php?r=10407054\u0026cbur=0.2311949233670717\u0026cbiframe=0\u0026cbWidth=1280\u0026cbHeight=1024\u0026cbtitle=Player\u0026cbpage=https%3A%2F%2Fesportesembed.top%2Fjuventude-x-cruzeiro-3\u0026cbref=\u0026cbdescription=\u0026cbkeywords=\u0026cbcdn=rpyztjadsbonh.store\u0026ufp=Win32%2FMozilla%2FNetscape%2Ftrue%2Ffalse%2F1280x10240en-USunknown4824%20bits\u0026ts=1763664773988\u0026srs=8a4c84a260d5c04a2d383333f4e55268\u0026atv=71.2-b\u0026abtg=1\u0026adbv=3-cdn HTTP/1.1\r\nHost: adexchangeclear.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://esportesembed.top/\r\nOrigin: https://esportesembed.top\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 20 Nov 2025 18:52:54 GMT\r\ncontent-type: application/json; charset=utf-8\r\nserver: cloudflare\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: Content-Type\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\ncontent-encoding: gzip\r\nvia: 1.1 google\r\ncf-cache-status: DYNAMIC\r\nvary: accept-encoding\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=cngVnS25LhcOwMOBilirTXazpcm1IDCRfC0mR1pMQQiEasjViwFYFjr9wKnnMla37NRXtxIeJQDYyz985DH%2FWKWECNAP93vmyHmTSi933iRE\"}]}\r\ncf-ray: 9a1a25a5c8950b31-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":998,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"61a365489f1df3f20b47049631b45ae0","sha1":"7e5e31e0fea91611beec839d5563c24236f0991b","sha256":"2bf3bd3d466d5cd8c2e43c8d66681b86ccdb2e6511aad973d39eef0fb33eb397","sha512":"c137af02b1a8c076047e4e8afa674f8e43f5e63e412f6cabb85c023fd816202293bc5387d86f05e408aa62ae5aa2b4b644f461af54666d45c08c47de76c3337e","ssdeep":"","tlshash":"4311c81706dec17ab94e01c9152bfddecc657402c9b0f0564789fd73032ace0080e892","first_seen":"2025-11-20T18:53:22.272355Z","last_seen":"2025-11-20T18:53:22.272355Z","times_seen":1,"resource_available":false,"data":null}},"time_used":312,"timings":{"blocked":47,"dns":22,"connect":4,"send":0,"wait":217,"receive":0,"ssl":19},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-11-20","alert":"Sinkholed","trigger":"adexchangeclear.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"agropesca.live/live/premiereclubes/index.m3u8","fqdn":"agropesca.live","domain":"agropesca.live","tld":"live"},"ip":{"addr":"172.67.160.183","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://rdcplayer.online/hls/premiereclubes.html","date":"2025-11-20T18:52:58.275Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"agropesca.live","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 17 Oct 2025 03:21:26 GMT","end":"Thu, 15 Jan 2026 04:18:55 GMT"},"fingerprint":{"sha1":"3F:90:30:D4:50:5C:CA:9A:F4:06:34:03:D7:49:F4:3E:4E:01:8E:95","sha256":"F9:F5:B9:BD:D0:CA:FA:D3:2F:F3:E1:52:7F:85:A5:9D:C5:5F:FB:80:19:27:5A:F1:BC:DD:C3:82:82:FD:8E:EE"}}},"request":{"raw":"GET /live/premiereclubes/index.m3u8 HTTP/1.1\r\nHost: agropesca.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://rdcplayer.online\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rdcplayer.online/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 20 Nov 2025 18:52:58 GMT\r\ncontent-type: application/vnd.apple.mpegurl; charset=utf-8\r\ncontent-length: 2851\r\npriority: u=3,i=?0\r\nx-powered-by: Express\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET, POST, DELETE, OPTIONS\r\naccess-control-allow-headers: Content-Type, Authorization\r\ncache-control: max-age=14400, must-revalidate\r\npragma: no-cache\r\nexpires: 0\r\netag: W/\"b23-eueWueCAcrI/PQ7dGEGPl/fy8AA\"\r\naccept-ranges: bytes\r\ncf-cache-status: EXPIRED\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=6mRhfKisrEaJAVcQf8GgGthfzHC79lfuFBjHlqs6pxr%2B4w2dq3qv8xNKI6XY0tZTDP31seLw8WUA%2FWJwAdEC5gfEqPzi200rhVIQ7w%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9a1a25c03855b4f4-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]}],"data":{"size":2851,"size_decoded":0,"mime_type":"application/vnd.apple.mpegurl; charset=utf-8","magic":"M3U playlist, ASCII text, with very long lines (453)","md5":"1030ca17bec1eab543b78fdacd41d621","sha1":"7ae796b9e08072b23f3d0edd18418f97f7f2f000","sha256":"e600021b58babc57bff36c6e938264ec00411c1f20ab192b8f4fac37929ed909","sha512":"5f63df2b567f0c9063ff760ea401df6048700fcbac93054c9b963f23c8d32a435b15aac27e5d63431ac16c4ba97f88f373917d613ca60f7055d6dddd02135bf7","ssdeep":"","tlshash":"bb5122bf5da0b184220d0da66211b2b4f877525375f34dae1c23a4abb0d23a8d9c1c55","first_seen":"2025-11-20T18:53:22.269518Z","last_seen":"2025-11-20T18:53:22.269518Z","times_seen":1,"resource_available":false,"data":null}},"time_used":94,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":93,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"agropesca.live/live/premiereclubes/index.m3u8","fqdn":"agropesca.live","domain":"agropesca.live","tld":"live"},"ip":{"addr":"172.67.160.183","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://rdcplayer.online/hls/premiereclubes.html","date":"2025-11-20T18:53:01.386Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"agropesca.live","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 17 Oct 2025 03:21:26 GMT","end":"Thu, 15 Jan 2026 04:18:55 GMT"},"fingerprint":{"sha1":"3F:90:30:D4:50:5C:CA:9A:F4:06:34:03:D7:49:F4:3E:4E:01:8E:95","sha256":"F9:F5:B9:BD:D0:CA:FA:D3:2F:F3:E1:52:7F:85:A5:9D:C5:5F:FB:80:19:27:5A:F1:BC:DD:C3:82:82:FD:8E:EE"}}},"request":{"raw":"GET /live/premiereclubes/index.m3u8 HTTP/1.1\r\nHost: agropesca.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://rdcplayer.online\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rdcplayer.online/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 20 Nov 2025 18:53:01 GMT\r\ncontent-type: application/vnd.apple.mpegurl; charset=utf-8\r\ncontent-length: 2851\r\npriority: u=3,i=?0\r\nx-powered-by: Express\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET, POST, DELETE, OPTIONS\r\naccess-control-allow-headers: Content-Type, Authorization\r\ncache-control: max-age=14400, must-revalidate\r\npragma: no-cache\r\nexpires: 0\r\netag: W/\"b23-eueWueCAcrI/PQ7dGEGPl/fy8AA\"\r\naccept-ranges: bytes\r\ncf-cache-status: EXPIRED\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=2fJQEG%2FdWUHOmA0i%2BzbUSv56BfW8m9BCEEWS67Xsqz287oZS8wA3cn237l7W4QRfbDGyy0ahz9mGcP4MP%2BX4RVZU2CjPLzfDXh9X0A%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9a1a25d3a999b4f4-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2851,"size_decoded":0,"mime_type":"application/vnd.apple.mpegurl; charset=utf-8","magic":"M3U playlist, ASCII text, with very long lines (453)","md5":"1030ca17bec1eab543b78fdacd41d621","sha1":"7ae796b9e08072b23f3d0edd18418f97f7f2f000","sha256":"e600021b58babc57bff36c6e938264ec00411c1f20ab192b8f4fac37929ed909","sha512":"5f63df2b567f0c9063ff760ea401df6048700fcbac93054c9b963f23c8d32a435b15aac27e5d63431ac16c4ba97f88f373917d613ca60f7055d6dddd02135bf7","ssdeep":"","tlshash":"bb5122bf5da0b184220d0da66211b2b4f877525375f34dae1c23a4abb0d23a8d9c1c55","first_seen":"2025-11-20T18:53:22.269518Z","last_seen":"2025-11-20T18:53:22.269518Z","times_seen":1,"resource_available":false,"data":null}},"time_used":87,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":87,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"9f0d527d48adc98459ac08f2722ffb39.eu.r2.cloudflarestorage.com/photos/IMG_1755708577984.png?X-Amz-Algorithm=AWS4-HMAC-SHA256\u0026X-Amz-Content-Sha256=UNSIGNED-PAYLOAD\u0026X-Amz-Credential=daac638cbd2be25a7cae956d951f685b%2F20251120%2Fauto%2Fs3%2Faws4_request\u0026X-Amz-Date=20251120T134338Z\u0026X-Amz-Expires=900\u0026X-Amz-Signature=4a3f4ea3b2d6272be15772422fb0774b2eb8563ab3cc73dd2733e15c9fc56af8\u0026X-Amz-SignedHeaders=host\u0026x-amz-checksum-mode=ENABLED\u0026x-id=GetObject","fqdn":"9f0d527d48adc98459ac08f2722ffb39.eu.r2.cloudflarestorage.com","domain":"cloudflarestorage.com","tld":"com"},"ip":{"addr":"141.101.90.96","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://rdcplayer.online/hls/premiereclubes.html","date":"2025-11-20T18:53:06.256Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"r2.cloudflarestorage.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 16 Oct 2025 22:27:54 GMT","end":"Wed, 14 Jan 2026 23:27:49 GMT"},"fingerprint":{"sha1":"42:BE:A2:9C:6F:B6:D1:0E:FF:78:6A:C4:EA:CB:F9:64:BD:91:9A:C4","sha256":"6F:C2:49:73:0D:87:00:A3:DF:70:87:5A:E0:F8:E7:85:82:09:16:09:6E:78:E4:7E:17:7C:5F:AE:E9:B8:10:E7"}}},"request":{"raw":"GET /photos/IMG_1755708577984.png?X-Amz-Algorithm=AWS4-HMAC-SHA256\u0026X-Amz-Content-Sha256=UNSIGNED-PAYLOAD\u0026X-Amz-Credential=daac638cbd2be25a7cae956d951f685b%2F20251120%2Fauto%2Fs3%2Faws4_request\u0026X-Amz-Date=20251120T134338Z\u0026X-Amz-Expires=900\u0026X-Amz-Signature=4a3f4ea3b2d6272be15772422fb0774b2eb8563ab3cc73dd2733e15c9fc56af8\u0026X-Amz-SignedHeaders=host\u0026x-amz-checksum-mode=ENABLED\u0026x-id=GetObject HTTP/1.1\r\nHost: 9f0d527d48adc98459ac08f2722ffb39.eu.r2.cloudflarestorage.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://rdcplayer.online\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rdcplayer.online/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 403 Forbidden\r\nDate: Thu, 20 Nov 2025 18:53:06 GMT\r\nContent-Type: application/xml\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nServer: cloudflare\r\nCF-RAY: 9a1a25f23bc11911-FRA\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":118,"size_decoded":0,"mime_type":"application/xml","magic":"XML 1.0 document, ASCII text, with no line terminators","md5":"bcc5a6397f002672cfc2f1f5a592bfca","sha1":"ec196ead1ec69bdcef08961fa2b4fbeea69e6883","sha256":"fe009e849d5d4d7b5a7a2b07167ea3be2b582a0122f75bcf1aaec6dbd0b27441","sha512":"6411141aec0426851b4e7ce5031ad026521b5af807a6c0577c05460e8ff86df41e800fab38cee56267ec2fa2edb1665fb4886a98910a029f6382d8047ecbb5d8","ssdeep":"","tlshash":"b2b012057385b82a81a08737ff38f715f710513253d05036c4d905e72bc21838e1336e","first_seen":"2023-11-28T00:09:24Z","last_seen":"2025-11-23T21:38:38.277613Z","times_seen":20,"resource_available":false,"data":null}},"time_used":58,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":58,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"53080c823891e21c76bd11880812a6e2.r2.cloudflarestorage.com/imgs/IMG_1755708577989.png?X-Amz-Algorithm=AWS4-HMAC-SHA256\u0026X-Amz-Content-Sha256=UNSIGNED-PAYLOAD\u0026X-Amz-Credential=2135ee6278d0d9f254081e4ebecc5ba3%2F20251120%2Fauto%2Fs3%2Faws4_request\u0026X-Amz-Date=20251120T134411Z\u0026X-Amz-Expires=900\u0026X-Amz-Signature=b1fd10111ebc0b67d2ed1466fdf4e3d893f99ed7f18954aba4a64a1b629493c7\u0026X-Amz-SignedHeaders=host\u0026x-amz-checksum-mode=ENABLED\u0026x-id=GetObject","fqdn":"53080c823891e21c76bd11880812a6e2.r2.cloudflarestorage.com","domain":"cloudflarestorage.com","tld":"com"},"ip":{"addr":"172.64.66.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://rdcplayer.online/hls/premiereclubes.html","date":"2025-11-20T18:53:07.256Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"r2.cloudflarestorage.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 16 Oct 2025 15:30:52 GMT","end":"Wed, 14 Jan 2026 16:30:08 GMT"},"fingerprint":{"sha1":"48:D0:95:EC:9A:68:30:8C:A3:1A:AB:7D:64:93:20:B0:4D:2B:3D:F8","sha256":"F3:31:56:29:64:54:BA:D1:CE:A3:0F:B2:EF:D1:1D:A5:78:30:19:18:70:2F:40:9E:A1:82:97:BF:F7:E1:1C:7A"}}},"request":{"raw":"GET /imgs/IMG_1755708577989.png?X-Amz-Algorithm=AWS4-HMAC-SHA256\u0026X-Amz-Content-Sha256=UNSIGNED-PAYLOAD\u0026X-Amz-Credential=2135ee6278d0d9f254081e4ebecc5ba3%2F20251120%2Fauto%2Fs3%2Faws4_request\u0026X-Amz-Date=20251120T134411Z\u0026X-Amz-Expires=900\u0026X-Amz-Signature=b1fd10111ebc0b67d2ed1466fdf4e3d893f99ed7f18954aba4a64a1b629493c7\u0026X-Amz-SignedHeaders=host\u0026x-amz-checksum-mode=ENABLED\u0026x-id=GetObject HTTP/1.1\r\nHost: 53080c823891e21c76bd11880812a6e2.r2.cloudflarestorage.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://rdcplayer.online\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rdcplayer.online/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 403 Forbidden\r\nDate: Thu, 20 Nov 2025 18:53:07 GMT\r\nContent-Type: application/xml\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nServer: cloudflare\r\nCF-RAY: 9a1a25f89fec8be6-OSL\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":118,"size_decoded":0,"mime_type":"application/xml","magic":"XML 1.0 document, ASCII text, with no line terminators","md5":"bcc5a6397f002672cfc2f1f5a592bfca","sha1":"ec196ead1ec69bdcef08961fa2b4fbeea69e6883","sha256":"fe009e849d5d4d7b5a7a2b07167ea3be2b582a0122f75bcf1aaec6dbd0b27441","sha512":"6411141aec0426851b4e7ce5031ad026521b5af807a6c0577c05460e8ff86df41e800fab38cee56267ec2fa2edb1665fb4886a98910a029f6382d8047ecbb5d8","ssdeep":"","tlshash":"b2b012057385b82a81a08737ff38f715f710513253d05036c4d905e72bc21838e1336e","first_seen":"2023-11-28T00:09:24Z","last_seen":"2025-11-23T21:38:38.277613Z","times_seen":20,"resource_available":false,"data":null}},"time_used":95,"timings":{"blocked":40,"dns":21,"connect":1,"send":0,"wait":14,"receive":0,"ssl":17},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"agropesca.live/live/premiereclubes/index.m3u8","fqdn":"agropesca.live","domain":"agropesca.live","tld":"live"},"ip":{"addr":"172.67.160.183","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://rdcplayer.online/hls/premiereclubes.html","date":"2025-11-20T18:53:12.359Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"agropesca.live","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 17 Oct 2025 03:21:26 GMT","end":"Thu, 15 Jan 2026 04:18:55 GMT"},"fingerprint":{"sha1":"3F:90:30:D4:50:5C:CA:9A:F4:06:34:03:D7:49:F4:3E:4E:01:8E:95","sha256":"F9:F5:B9:BD:D0:CA:FA:D3:2F:F3:E1:52:7F:85:A5:9D:C5:5F:FB:80:19:27:5A:F1:BC:DD:C3:82:82:FD:8E:EE"}}},"request":{"raw":"GET /live/premiereclubes/index.m3u8 HTTP/1.1\r\nHost: agropesca.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://rdcplayer.online\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rdcplayer.online/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 20 Nov 2025 18:53:12 GMT\r\ncontent-type: application/vnd.apple.mpegurl; charset=utf-8\r\ncontent-length: 2851\r\npriority: u=3,i=?0\r\nx-powered-by: Express\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET, POST, DELETE, OPTIONS\r\naccess-control-allow-headers: Content-Type, Authorization\r\ncache-control: max-age=14400, must-revalidate\r\npragma: no-cache\r\nexpires: 0\r\netag: W/\"b23-eueWueCAcrI/PQ7dGEGPl/fy8AA\"\r\naccept-ranges: bytes\r\ncf-cache-status: EXPIRED\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=7NttrTKZ3JMDIRgaeI36DdSuZDUq%2BA8D8dJwdcm%2BKwXAjQJHJC7ohQp2a%2F%2F6%2FJqhpHjT3h71UI8SSFvrN0d9bN7x6%2BfWrpJBHZvtvA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9a1a26183e02b4f4-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2851,"size_decoded":0,"mime_type":"application/vnd.apple.mpegurl; charset=utf-8","magic":"M3U playlist, ASCII text, with very long lines (453)","md5":"1030ca17bec1eab543b78fdacd41d621","sha1":"7ae796b9e08072b23f3d0edd18418f97f7f2f000","sha256":"e600021b58babc57bff36c6e938264ec00411c1f20ab192b8f4fac37929ed909","sha512":"5f63df2b567f0c9063ff760ea401df6048700fcbac93054c9b963f23c8d32a435b15aac27e5d63431ac16c4ba97f88f373917d613ca60f7055d6dddd02135bf7","ssdeep":"","tlshash":"bb5122bf5da0b184220d0da66211b2b4f877525375f34dae1c23a4abb0d23a8d9c1c55","first_seen":"2025-11-20T18:53:22.269518Z","last_seen":"2025-11-20T18:53:22.269518Z","times_seen":1,"resource_available":false,"data":null}},"time_used":106,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":105,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rdcplayer.online/hls/premiereclubes.html","fqdn":"rdcplayer.online","domain":"rdcplayer.online","tld":"online"},"ip":{"addr":"104.21.56.33","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://esportesembed.top/juventude-x-cruzeiro-3","date":"2025-11-20T18:52:54.015Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rdcplayer.online","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 13 Oct 2025 11:21:23 GMT","end":"Sun, 11 Jan 2026 12:21:02 GMT"},"fingerprint":{"sha1":"1A:AD:48:A9:B0:F7:9B:EA:2A:EA:5B:25:E0:49:EF:40:53:DE:C3:6F","sha256":"41:4E:16:78:A3:D6:54:80:17:EC:A5:76:12:24:A6:18:22:B2:B2:0D:0A:4B:58:31:B7:64:40:BD:98:FE:78:97"}}},"request":{"raw":"GET /hls/premiereclubes.html HTTP/1.1\r\nHost: rdcplayer.online\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://esportesembed.top/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 20 Nov 2025 18:52:54 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Accept-Encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=sa%2FZxRkSQdVnn4yQRhvGKCRV1p4CiHO3x2PFMe2bimgWcvG1Ajoy%2FlGur6KKJ9VZiAfqi503vgVYe7N9PXBzsiSAKQ%2FJm04sKtzzDECR\"}]}\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-headers: Content-Type\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nlast-modified: Thu, 20 Nov 2025 18:52:54 GMT\r\ncontent-encoding: br\r\ncf-ray: 9a1a25a6193ab512-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":153633,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text","md5":"24649f6065497923f8c8330a72290d31","sha1":"b44f69ac7fc4faa0550b23b1558d0dc128a34ec3","sha256":"1c6c12f6840f060483ff37d90a5172f9f33d61e11a3d470d5e790bb0211e7980","sha512":"91e7cb7a8fef98105c211cd4bb01902a3237e53f046fcba473df44b79263c0a52b5da38fd8161c210654cf87d7c80036e208c7e981fd590d3b0319eb1fabfc9c","ssdeep":"3072:FLls9/7eqCXBQ+mU719kWXq3tGDoCD9i5DozOM6:1O5eqg7B3W","tlshash":"90e3da6ba9cc251726282b05d2c657c0e77f3e31b2bae4807c0d2cd645ee29d5cf5a87","first_seen":"2025-11-20T18:53:22.273307Z","last_seen":"2025-11-20T18:53:22.273307Z","times_seen":1,"resource_available":false,"data":null}},"time_used":392,"timings":{"blocked":75,"dns":53,"connect":3,"send":0,"wait":232,"receive":0,"ssl":25},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"agropesca.live/live/premiereclubes/index.m3u8","fqdn":"agropesca.live","domain":"agropesca.live","tld":"live"},"ip":{"addr":"172.67.160.183","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://rdcplayer.online/hls/premiereclubes.html","date":"2025-11-20T18:52:54.943Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"agropesca.live","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 17 Oct 2025 03:21:26 GMT","end":"Thu, 15 Jan 2026 04:18:55 GMT"},"fingerprint":{"sha1":"3F:90:30:D4:50:5C:CA:9A:F4:06:34:03:D7:49:F4:3E:4E:01:8E:95","sha256":"F9:F5:B9:BD:D0:CA:FA:D3:2F:F3:E1:52:7F:85:A5:9D:C5:5F:FB:80:19:27:5A:F1:BC:DD:C3:82:82:FD:8E:EE"}}},"request":{"raw":"GET /live/premiereclubes/index.m3u8 HTTP/1.1\r\nHost: agropesca.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://rdcplayer.online\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rdcplayer.online/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 20 Nov 2025 18:52:55 GMT\r\ncontent-type: application/vnd.apple.mpegurl; charset=utf-8\r\ncontent-length: 2851\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nx-powered-by: Express\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET, POST, DELETE, OPTIONS\r\naccess-control-allow-headers: Content-Type, Authorization\r\ncache-control: max-age=14400, must-revalidate\r\npragma: no-cache\r\nexpires: 0\r\netag: W/\"b23-eueWueCAcrI/PQ7dGEGPl/fy8AA\"\r\naccept-ranges: bytes\r\ncf-cache-status: EXPIRED\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=lrqvLKQydpOqCUhGXk9c4mV5jeBpTDDxS6wAgI8QCjiTyFkBZhBfI1AUTkiXFvmw0EyUzUnXOvMWHtxNdbzffTk1l8zD5DOgX8IQy%2FDB\"}]}\r\ncf-ray: 9a1a25abdbab4e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":2851,"size_decoded":0,"mime_type":"application/vnd.apple.mpegurl; charset=utf-8","magic":"M3U playlist, ASCII text, with very long lines (453)","md5":"1030ca17bec1eab543b78fdacd41d621","sha1":"7ae796b9e08072b23f3d0edd18418f97f7f2f000","sha256":"e600021b58babc57bff36c6e938264ec00411c1f20ab192b8f4fac37929ed909","sha512":"5f63df2b567f0c9063ff760ea401df6048700fcbac93054c9b963f23c8d32a435b15aac27e5d63431ac16c4ba97f88f373917d613ca60f7055d6dddd02135bf7","ssdeep":"","tlshash":"bb5122bf5da0b184220d0da66211b2b4f877525375f34dae1c23a4abb0d23a8d9c1c55","first_seen":"2025-11-20T18:53:22.269518Z","last_seen":"2025-11-20T18:53:22.269518Z","times_seen":1,"resource_available":false,"data":null}},"time_used":343,"timings":{"blocked":76,"dns":64,"connect":1,"send":0,"wait":185,"receive":0,"ssl":14},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"agropesca.live/live/premiereclubes/index.m3u8","fqdn":"agropesca.live","domain":"agropesca.live","tld":"live"},"ip":{"addr":"172.67.160.183","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://rdcplayer.online/hls/premiereclubes.html","date":"2025-11-20T18:53:03.961Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"agropesca.live","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 17 Oct 2025 03:21:26 GMT","end":"Thu, 15 Jan 2026 04:18:55 GMT"},"fingerprint":{"sha1":"3F:90:30:D4:50:5C:CA:9A:F4:06:34:03:D7:49:F4:3E:4E:01:8E:95","sha256":"F9:F5:B9:BD:D0:CA:FA:D3:2F:F3:E1:52:7F:85:A5:9D:C5:5F:FB:80:19:27:5A:F1:BC:DD:C3:82:82:FD:8E:EE"}}},"request":{"raw":"GET /live/premiereclubes/index.m3u8 HTTP/1.1\r\nHost: agropesca.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://rdcplayer.online\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rdcplayer.online/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 20 Nov 2025 18:53:03 GMT\r\ncontent-type: application/vnd.apple.mpegurl; charset=utf-8\r\ncontent-length: 2851\r\npriority: u=3,i=?0\r\nx-powered-by: Express\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET, POST, DELETE, OPTIONS\r\naccess-control-allow-headers: Content-Type, Authorization\r\ncache-control: max-age=14400, must-revalidate\r\npragma: no-cache\r\nexpires: 0\r\netag: W/\"b23-eueWueCAcrI/PQ7dGEGPl/fy8AA\"\r\nage: 2\r\naccept-ranges: bytes\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=11GOXOhP8mdeCez%2B6b1zUe0qj68In1MX6FazpCQF9OQ3ZkGD5llle7CJsminNE%2Bqdx0s9QckTemX6mTQS8uqxiJuqt1B8bdcktbhcg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9a1a25e3baabb4f4-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2851,"size_decoded":0,"mime_type":"application/vnd.apple.mpegurl; charset=utf-8","magic":"M3U playlist, ASCII text, with very long lines (453)","md5":"1030ca17bec1eab543b78fdacd41d621","sha1":"7ae796b9e08072b23f3d0edd18418f97f7f2f000","sha256":"e600021b58babc57bff36c6e938264ec00411c1f20ab192b8f4fac37929ed909","sha512":"5f63df2b567f0c9063ff760ea401df6048700fcbac93054c9b963f23c8d32a435b15aac27e5d63431ac16c4ba97f88f373917d613ca60f7055d6dddd02135bf7","ssdeep":"","tlshash":"bb5122bf5da0b184220d0da66211b2b4f877525375f34dae1c23a4abb0d23a8d9c1c55","first_seen":"2025-11-20T18:53:22.269518Z","last_seen":"2025-11-20T18:53:22.269518Z","times_seen":1,"resource_available":false,"data":null}},"time_used":7,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":6,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"agropesca.live/live/premiereclubes/index.m3u8","fqdn":"agropesca.live","domain":"agropesca.live","tld":"live"},"ip":{"addr":"172.67.160.183","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://rdcplayer.online/hls/premiereclubes.html","date":"2025-11-20T18:53:04.482Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"agropesca.live","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 17 Oct 2025 03:21:26 GMT","end":"Thu, 15 Jan 2026 04:18:55 GMT"},"fingerprint":{"sha1":"3F:90:30:D4:50:5C:CA:9A:F4:06:34:03:D7:49:F4:3E:4E:01:8E:95","sha256":"F9:F5:B9:BD:D0:CA:FA:D3:2F:F3:E1:52:7F:85:A5:9D:C5:5F:FB:80:19:27:5A:F1:BC:DD:C3:82:82:FD:8E:EE"}}},"request":{"raw":"GET /live/premiereclubes/index.m3u8 HTTP/1.1\r\nHost: agropesca.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://rdcplayer.online\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rdcplayer.online/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 20 Nov 2025 18:53:06 GMT\r\ncontent-type: application/vnd.apple.mpegurl; charset=utf-8\r\ncontent-length: 2851\r\npriority: u=3,i=?0\r\nx-powered-by: Express\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET, POST, DELETE, OPTIONS\r\naccess-control-allow-headers: Content-Type, Authorization\r\ncache-control: max-age=14400, must-revalidate\r\npragma: no-cache\r\nexpires: 0\r\netag: W/\"b23-eueWueCAcrI/PQ7dGEGPl/fy8AA\"\r\naccept-ranges: bytes\r\ncf-cache-status: EXPIRED\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=TSQyB%2BhmkDm5PLiaGdId6nekmyeJz91j9ek3D1NJDP9Bza8fkIBm9fzFQW43Y4MQToGnw%2BXl6IPkJ1S9VFIR%2FH5Y0Walw%2B9EoejsaA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9a1a25e70ac4b4f4-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":2851,"size_decoded":0,"mime_type":"application/vnd.apple.mpegurl; charset=utf-8","magic":"M3U playlist, ASCII text, with very long lines (453)","md5":"1030ca17bec1eab543b78fdacd41d621","sha1":"7ae796b9e08072b23f3d0edd18418f97f7f2f000","sha256":"e600021b58babc57bff36c6e938264ec00411c1f20ab192b8f4fac37929ed909","sha512":"5f63df2b567f0c9063ff760ea401df6048700fcbac93054c9b963f23c8d32a435b15aac27e5d63431ac16c4ba97f88f373917d613ca60f7055d6dddd02135bf7","ssdeep":"","tlshash":"bb5122bf5da0b184220d0da66211b2b4f877525375f34dae1c23a4abb0d23a8d9c1c55","first_seen":"2025-11-20T18:53:22.269518Z","last_seen":"2025-11-20T18:53:22.269518Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1764,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":1764,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"123754360001f4a38299b3a524d7daa3.eu.r2.cloudflarestorage.com/imgcdn/IMG_1755708577987.png?X-Amz-Algorithm=AWS4-HMAC-SHA256\u0026X-Amz-Content-Sha256=UNSIGNED-PAYLOAD\u0026X-Amz-Credential=b3d78a07191ae42de4f385d1dc31f153%2F20251120%2Fauto%2Fs3%2Faws4_request\u0026X-Amz-Date=20251120T134356Z\u0026X-Amz-Expires=900\u0026X-Amz-Signature=9de44f9e758543dcac69dfcdcaa969042e7b304985cbacb5a56ac6bf799894b2\u0026X-Amz-SignedHeaders=host\u0026x-amz-checksum-mode=ENABLED\u0026x-id=GetObject","fqdn":"123754360001f4a38299b3a524d7daa3.eu.r2.cloudflarestorage.com","domain":"cloudflarestorage.com","tld":"com"},"ip":{"addr":"141.101.90.97","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://rdcplayer.online/hls/premiereclubes.html","date":"2025-11-20T18:53:05.253Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"r2.cloudflarestorage.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 17 Oct 2025 00:46:04 GMT","end":"Thu, 15 Jan 2026 01:45:36 GMT"},"fingerprint":{"sha1":"4E:AA:13:56:C1:FF:5E:F7:40:EF:3D:18:7F:55:28:07:FB:E6:FD:94","sha256":"7A:73:88:94:95:56:67:7A:93:3C:C4:4E:0D:6F:45:3E:D0:2C:DF:52:5A:CC:64:2B:71:22:7F:BD:C9:17:83:58"}}},"request":{"raw":"GET /imgcdn/IMG_1755708577987.png?X-Amz-Algorithm=AWS4-HMAC-SHA256\u0026X-Amz-Content-Sha256=UNSIGNED-PAYLOAD\u0026X-Amz-Credential=b3d78a07191ae42de4f385d1dc31f153%2F20251120%2Fauto%2Fs3%2Faws4_request\u0026X-Amz-Date=20251120T134356Z\u0026X-Amz-Expires=900\u0026X-Amz-Signature=9de44f9e758543dcac69dfcdcaa969042e7b304985cbacb5a56ac6bf799894b2\u0026X-Amz-SignedHeaders=host\u0026x-amz-checksum-mode=ENABLED\u0026x-id=GetObject HTTP/1.1\r\nHost: 123754360001f4a38299b3a524d7daa3.eu.r2.cloudflarestorage.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://rdcplayer.online\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rdcplayer.online/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 403 Forbidden\r\nDate: Thu, 20 Nov 2025 18:53:05 GMT\r\nContent-Type: application/xml\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nServer: cloudflare\r\nCF-RAY: 9a1a25ebfc986fdc-CDG\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":118,"size_decoded":0,"mime_type":"application/xml","magic":"XML 1.0 document, ASCII text, with no line terminators","md5":"bcc5a6397f002672cfc2f1f5a592bfca","sha1":"ec196ead1ec69bdcef08961fa2b4fbeea69e6883","sha256":"fe009e849d5d4d7b5a7a2b07167ea3be2b582a0122f75bcf1aaec6dbd0b27441","sha512":"6411141aec0426851b4e7ce5031ad026521b5af807a6c0577c05460e8ff86df41e800fab38cee56267ec2fa2edb1665fb4886a98910a029f6382d8047ecbb5d8","ssdeep":"","tlshash":"b2b012057385b82a81a08737ff38f715f710513253d05036c4d905e72bc21838e1336e","first_seen":"2023-11-28T00:09:24Z","last_seen":"2025-11-23T21:38:38.277613Z","times_seen":20,"resource_available":false,"data":null}},"time_used":52,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":52,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"esportesembed.top/favicon.ico","fqdn":"esportesembed.top","domain":"esportesembed.top","tld":"top"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://esportesembed.top/juventude-x-cruzeiro-3","date":"2025-11-20T18:52:54.196Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"esportesembed.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 08 Nov 2025 16:24:52 GMT","end":"Fri, 06 Feb 2026 17:22:39 GMT"},"fingerprint":{"sha1":"C5:74:84:B0:44:4E:DD:DA:7A:D3:F3:91:27:BA:17:69:1F:B6:E1:92","sha256":"95:FD:1E:B9:81:EC:35:50:41:1C:98:9B:F0:CC:9B:AA:6F:36:59:EE:E3:FF:A8:1F:73:1F:0B:70:42:78:51:87"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: esportesembed.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://esportesembed.top/juventude-x-cruzeiro-3\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 404 Not Found\r\ndate: Thu, 20 Nov 2025 18:52:54 GMT\r\ncontent-type: text/html; charset=iso-8859-1\r\nserver: cloudflare\r\npriority: u=6,i=?0\r\ncache-control: max-age=300\r\ncf-cache-status: MISS\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=gmqW1ZIWfdjJHUpeLhfymJTZu3HpHeP5V0sw9uqOtxWF0RcbyYseTVJRloE%2BY7cjy47pbOgeuNeGdHGsfdSFChyvv6sRVubQDXA%2FC4bbcQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\ncf-ray: 9a1a25a6a85756c7-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":280,"size_decoded":0,"mime_type":"text/html; charset=iso-8859-1","magic":"HTML document, ASCII text","md5":"fab9787cfbec6a9d301ab03748afd8fa","sha1":"09f1b59a0d9861c855cbdcc3e065f49b81bec3fc","sha256":"ebc33b3477952ecaa4730d51338bedd7b1ef3539c9ea38450066075f6a2c6869","sha512":"5dd9b60bf8bb941a96521632ac0436a681f19b20bbf65ed1f2edfa4b4560a28c3652ded9dbbc71f52a375b6b1f96f8a978cad5421beb5c22c28e0ad7124fd07f","ssdeep":"","tlshash":"83d02bae9043b3874812249079c215d2368d12e6a57a82e82dc6d4cb529893ededaedd","first_seen":"2025-10-18T21:27:29.731165Z","last_seen":"2025-12-03T23:28:52.549303Z","times_seen":10,"resource_available":false,"data":null}},"time_used":173,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":173,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-11-20","alert":"Sinkholed","trigger":"esportesembed.top","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-20","alert":"Sinkholed","trigger":"esportesembed.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/npm/p2p-media-loader-hlsjs@latest/build/p2p-media-loader-hlsjs.min.js","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"151.101.65.229","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://rdcplayer.online/hls/premiereclubes.html","date":"2025-11-20T18:52:54.493Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jsdelivr.net","organization":""},"issuer":{"commonName":"GlobalSign Atlas R3 DV TLS CA 2025 Q2","organization":"GlobalSign nv-sa"},"validity":{"start":"Mon, 02 Jun 2025 15:43:52 GMT","end":"Sat, 04 Jul 2026 15:43:51 GMT"},"fingerprint":{"sha1":"21:17:81:78:41:C6:8F:86:D6:CF:8D:98:CC:74:A8:F1:03:F8:C9:D4","sha256":"D0:E6:8D:08:11:05:7E:0C:2A:0D:C7:E0:ED:AE:9E:18:C8:74:32:12:3D:56:43:98:62:CD:A2:08:6F:64:5B:B0"}}},"request":{"raw":"GET /npm/p2p-media-loader-hlsjs@latest/build/p2p-media-loader-hlsjs.min.js HTTP/1.1\r\nHost: cdn.jsdelivr.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rdcplayer.online/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: *\r\ntiming-allow-origin: *\r\ncache-control: public, max-age=604800, s-maxage=43200\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-type: application/javascript; charset=utf-8\r\nx-jsd-version: 0.6.2\r\nx-jsd-version-type: version\r\netag: W/\"68bf-aLl7Qz03YAZHM45X9DROXh+vYkY\"\r\ncontent-encoding: br\r\naccept-ranges: bytes\r\ndate: Thu, 20 Nov 2025 18:52:54 GMT\r\nage: 35797\r\nx-served-by: cache-fra-etou8220033-FRA, cache-hel1410032-HEL\r\nx-cache: HIT, HIT\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\";ma=86400,h3-29=\":443\";ma=86400,h3-27=\":443\";ma=86400\r\ncontent-length: 7869\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":26815,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (26814)","md5":"835f1f7feab838f171c6334abc3d14da","sha1":"68b97b433d37600647338e57f4344e5e1faf6246","sha256":"189334d0a898e2aa16794cdd1ea47a0e7c1750578173b25033049fafdf55f2a4","sha512":"4688a35bf0917776321c371677d32c03b841a7f5433ca588301e880e52d0b2560e96d9de4b110ec4d311db7c708748a04de071ca997a57cab2440276450b9346","ssdeep":"384:Gc4t/GAcXYGv6phc685vDB8vezigse+i3GTDZTQB3rErjrLqxxR8EQx3HHdTHTHQ:Gc4pGAcoQOhe5B8hgs/DGwH2/KNrPs","tlshash":"ccc2c789798511734fce50a7d43f47022632a91a6046c87cb82df4deaca8f0e60b67bd","first_seen":"2023-03-07T01:03:07Z","last_seen":"2026-03-26T02:29:51.426286Z","times_seen":694,"resource_available":true,"data":null}},"time_used":175,"timings":{"blocked":75,"dns":0,"connect":30,"send":0,"wait":21,"receive":1,"ssl":42},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"9f0d527d48adc98459ac08f2722ffb39.eu.r2.cloudflarestorage.com/photos/IMG_1755708577984.png?X-Amz-Algorithm=AWS4-HMAC-SHA256\u0026X-Amz-Content-Sha256=UNSIGNED-PAYLOAD\u0026X-Amz-Credential=daac638cbd2be25a7cae956d951f685b%2F20251120%2Fauto%2Fs3%2Faws4_request\u0026X-Amz-Date=20251120T134338Z\u0026X-Amz-Expires=900\u0026X-Amz-Signature=4a3f4ea3b2d6272be15772422fb0774b2eb8563ab3cc73dd2733e15c9fc56af8\u0026X-Amz-SignedHeaders=host\u0026x-amz-checksum-mode=ENABLED\u0026x-id=GetObject","fqdn":"9f0d527d48adc98459ac08f2722ffb39.eu.r2.cloudflarestorage.com","domain":"cloudflarestorage.com","tld":"com"},"ip":{"addr":"141.101.90.96","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://rdcplayer.online/hls/premiereclubes.html","date":"2025-11-20T18:52:55.277Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"r2.cloudflarestorage.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 16 Oct 2025 22:27:54 GMT","end":"Wed, 14 Jan 2026 23:27:49 GMT"},"fingerprint":{"sha1":"42:BE:A2:9C:6F:B6:D1:0E:FF:78:6A:C4:EA:CB:F9:64:BD:91:9A:C4","sha256":"6F:C2:49:73:0D:87:00:A3:DF:70:87:5A:E0:F8:E7:85:82:09:16:09:6E:78:E4:7E:17:7C:5F:AE:E9:B8:10:E7"}}},"request":{"raw":"GET /photos/IMG_1755708577984.png?X-Amz-Algorithm=AWS4-HMAC-SHA256\u0026X-Amz-Content-Sha256=UNSIGNED-PAYLOAD\u0026X-Amz-Credential=daac638cbd2be25a7cae956d951f685b%2F20251120%2Fauto%2Fs3%2Faws4_request\u0026X-Amz-Date=20251120T134338Z\u0026X-Amz-Expires=900\u0026X-Amz-Signature=4a3f4ea3b2d6272be15772422fb0774b2eb8563ab3cc73dd2733e15c9fc56af8\u0026X-Amz-SignedHeaders=host\u0026x-amz-checksum-mode=ENABLED\u0026x-id=GetObject HTTP/1.1\r\nHost: 9f0d527d48adc98459ac08f2722ffb39.eu.r2.cloudflarestorage.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://rdcplayer.online\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rdcplayer.online/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 403 Forbidden\r\nDate: Thu, 20 Nov 2025 18:52:55 GMT\r\nContent-Type: application/xml\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nServer: cloudflare\r\nCF-RAY: 9a1a25ae7b8c1911-FRA\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":118,"size_decoded":0,"mime_type":"application/xml","magic":"XML 1.0 document, ASCII text, with no line terminators","md5":"bcc5a6397f002672cfc2f1f5a592bfca","sha1":"ec196ead1ec69bdcef08961fa2b4fbeea69e6883","sha256":"fe009e849d5d4d7b5a7a2b07167ea3be2b582a0122f75bcf1aaec6dbd0b27441","sha512":"6411141aec0426851b4e7ce5031ad026521b5af807a6c0577c05460e8ff86df41e800fab38cee56267ec2fa2edb1665fb4886a98910a029f6382d8047ecbb5d8","ssdeep":"","tlshash":"b2b012057385b82a81a08737ff38f715f710513253d05036c4d905e72bc21838e1336e","first_seen":"2023-11-28T00:09:24Z","last_seen":"2025-11-23T21:38:38.277613Z","times_seen":20,"resource_available":false,"data":null}},"time_used":349,"timings":{"blocked":143,"dns":36,"connect":1,"send":0,"wait":59,"receive":0,"ssl":107},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"wss","addr":"tracker.btorrent.xyz/","fqdn":"tracker.btorrent.xyz","domain":"btorrent.xyz","tld":"xyz"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"websocket","requested_by":"https://rdcplayer.online/hls/premiereclubes.html","date":"2025-11-20T18:52:55.294Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET / HTTP/1.1\r\nHost: tracker.btorrent.xyz\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nSec-WebSocket-Version: 13\r\nOrigin: https://rdcplayer.online\r\nSec-WebSocket-Extensions: permessage-deflate\r\nSec-WebSocket-Key: fHhe5AlXCV76IYYmChYFYQ==\r\nDNT: 1\r\nConnection: keep-alive, Upgrade\r\nSec-Fetch-Dest: websocket\r\nSec-Fetch-Mode: websocket\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nUpgrade: websocket\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T05:45:54.968102Z","times_seen":13318572,"resource_available":true,"data":null}},"time_used":5,"timings":{"blocked":1,"dns":4,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2025-11-20","alert":"Sinkholed","trigger":"tracker.btorrent.xyz","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"agropesca.live/live/premiereclubes/index.m3u8","fqdn":"agropesca.live","domain":"agropesca.live","tld":"live"},"ip":{"addr":"172.67.160.183","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://rdcplayer.online/hls/premiereclubes.html","date":"2025-11-20T18:53:09.993Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"agropesca.live","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 17 Oct 2025 03:21:26 GMT","end":"Thu, 15 Jan 2026 04:18:55 GMT"},"fingerprint":{"sha1":"3F:90:30:D4:50:5C:CA:9A:F4:06:34:03:D7:49:F4:3E:4E:01:8E:95","sha256":"F9:F5:B9:BD:D0:CA:FA:D3:2F:F3:E1:52:7F:85:A5:9D:C5:5F:FB:80:19:27:5A:F1:BC:DD:C3:82:82:FD:8E:EE"}}},"request":{"raw":"GET /live/premiereclubes/index.m3u8 HTTP/1.1\r\nHost: agropesca.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://rdcplayer.online\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rdcplayer.online/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 20 Nov 2025 18:53:09 GMT\r\ncontent-type: application/vnd.apple.mpegurl; charset=utf-8\r\ncontent-length: 2851\r\npriority: u=3,i=?0\r\nx-powered-by: Express\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET, POST, DELETE, OPTIONS\r\naccess-control-allow-headers: Content-Type, Authorization\r\ncache-control: max-age=14400, must-revalidate\r\npragma: no-cache\r\nexpires: 0\r\netag: W/\"b23-eueWueCAcrI/PQ7dGEGPl/fy8AA\"\r\nage: 0\r\naccept-ranges: bytes\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=bjel%2BUZmiXmMFws91ReEmmS4kFtj42TN%2FKqmnLqg4Hfm13lIWISRj5RSfTlWXxlJIKE6C6n5hogTZUq0xZB%2BK3O93YOJt8WYbVClcg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9a1a26097cd7b4f4-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2851,"size_decoded":0,"mime_type":"application/vnd.apple.mpegurl; charset=utf-8","magic":"M3U playlist, ASCII text, with very long lines (453)","md5":"1030ca17bec1eab543b78fdacd41d621","sha1":"7ae796b9e08072b23f3d0edd18418f97f7f2f000","sha256":"e600021b58babc57bff36c6e938264ec00411c1f20ab192b8f4fac37929ed909","sha512":"5f63df2b567f0c9063ff760ea401df6048700fcbac93054c9b963f23c8d32a435b15aac27e5d63431ac16c4ba97f88f373917d613ca60f7055d6dddd02135bf7","ssdeep":"","tlshash":"bb5122bf5da0b184220d0da66211b2b4f877525375f34dae1c23a4abb0d23a8d9c1c55","first_seen":"2025-11-20T18:53:22.269518Z","last_seen":"2025-11-20T18:53:22.269518Z","times_seen":1,"resource_available":false,"data":null}},"time_used":8,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":7,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/npm/p2p-media-loader-core@latest/build/p2p-media-loader-core.min.js","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"151.101.65.229","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://rdcplayer.online/hls/premiereclubes.html","date":"2025-11-20T18:52:54.492Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jsdelivr.net","organization":""},"issuer":{"commonName":"GlobalSign Atlas R3 DV TLS CA 2025 Q2","organization":"GlobalSign nv-sa"},"validity":{"start":"Mon, 02 Jun 2025 15:43:52 GMT","end":"Sat, 04 Jul 2026 15:43:51 GMT"},"fingerprint":{"sha1":"21:17:81:78:41:C6:8F:86:D6:CF:8D:98:CC:74:A8:F1:03:F8:C9:D4","sha256":"D0:E6:8D:08:11:05:7E:0C:2A:0D:C7:E0:ED:AE:9E:18:C8:74:32:12:3D:56:43:98:62:CD:A2:08:6F:64:5B:B0"}}},"request":{"raw":"GET /npm/p2p-media-loader-core@latest/build/p2p-media-loader-core.min.js HTTP/1.1\r\nHost: cdn.jsdelivr.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rdcplayer.online/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: *\r\ntiming-allow-origin: *\r\ncache-control: public, max-age=604800, s-maxage=43200\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-type: application/javascript; charset=utf-8\r\nx-jsd-version: 0.6.2\r\nx-jsd-version-type: version\r\netag: W/\"23187-cy5ZTaquM+MUHEQB7rAOJNYlVIk\"\r\ncontent-encoding: br\r\naccept-ranges: bytes\r\ndate: Thu, 20 Nov 2025 18:52:54 GMT\r\nage: 25789\r\nx-served-by: cache-fra-eddf8230132-FRA, cache-hel1410032-HEL\r\nx-cache: HIT, HIT\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\";ma=86400,h3-29=\":443\";ma=86400,h3-27=\":443\";ma=86400\r\ncontent-length: 40772\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":143751,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"c9a8b05945fce050129e32f96c4c9344","sha1":"732e594daaae33e3141c4401eeb00e24d6255489","sha256":"6169aae21cd0ef9813b6bda9ec902dee165c4c70202c37af6eb0bc45ced0a872","sha512":"6fd7879ecde5094ac89348b57f853b7a1143e2a9366ddce50d267261b168a7513c2b72a14026bc4309584bd11906f6dc2830be515a7e8f92f3f19eb7968d659f","ssdeep":"3072:nD3fpQc9nd2HRI5pFtpEgB5thhppAiph/cVreihq:nD3AqpEStzsQ","tlshash":"6ae329cdb7a2701213d361b6502f560bb33568266c0d443cb354e8f9ad7ee89a17af78","first_seen":"2023-03-07T01:23:53Z","last_seen":"2026-04-04T04:00:19.811947Z","times_seen":703,"resource_available":true,"data":null}},"time_used":165,"timings":{"blocked":64,"dns":1,"connect":27,"send":0,"wait":31,"receive":1,"ssl":35},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"123754360001f4a38299b3a524d7daa3.eu.r2.cloudflarestorage.com/imgcdn/IMG_1755708577985.png?X-Amz-Algorithm=AWS4-HMAC-SHA256\u0026X-Amz-Content-Sha256=UNSIGNED-PAYLOAD\u0026X-Amz-Credential=b3d78a07191ae42de4f385d1dc31f153%2F20251120%2Fauto%2Fs3%2Faws4_request\u0026X-Amz-Date=20251120T134345Z\u0026X-Amz-Expires=900\u0026X-Amz-Signature=5d3e20279dc55d100c778c7226b2520f4545bf67704b6661ba73829af9729545\u0026X-Amz-SignedHeaders=host\u0026x-amz-checksum-mode=ENABLED\u0026x-id=GetObject","fqdn":"123754360001f4a38299b3a524d7daa3.eu.r2.cloudflarestorage.com","domain":"cloudflarestorage.com","tld":"com"},"ip":{"addr":"141.101.90.97","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://rdcplayer.online/hls/premiereclubes.html","date":"2025-11-20T18:52:55.280Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"r2.cloudflarestorage.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 17 Oct 2025 00:46:04 GMT","end":"Thu, 15 Jan 2026 01:45:36 GMT"},"fingerprint":{"sha1":"4E:AA:13:56:C1:FF:5E:F7:40:EF:3D:18:7F:55:28:07:FB:E6:FD:94","sha256":"7A:73:88:94:95:56:67:7A:93:3C:C4:4E:0D:6F:45:3E:D0:2C:DF:52:5A:CC:64:2B:71:22:7F:BD:C9:17:83:58"}}},"request":{"raw":"GET /imgcdn/IMG_1755708577985.png?X-Amz-Algorithm=AWS4-HMAC-SHA256\u0026X-Amz-Content-Sha256=UNSIGNED-PAYLOAD\u0026X-Amz-Credential=b3d78a07191ae42de4f385d1dc31f153%2F20251120%2Fauto%2Fs3%2Faws4_request\u0026X-Amz-Date=20251120T134345Z\u0026X-Amz-Expires=900\u0026X-Amz-Signature=5d3e20279dc55d100c778c7226b2520f4545bf67704b6661ba73829af9729545\u0026X-Amz-SignedHeaders=host\u0026x-amz-checksum-mode=ENABLED\u0026x-id=GetObject HTTP/1.1\r\nHost: 123754360001f4a38299b3a524d7daa3.eu.r2.cloudflarestorage.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://rdcplayer.online\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rdcplayer.online/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 403 Forbidden\r\nDate: Thu, 20 Nov 2025 18:52:55 GMT\r\nContent-Type: application/xml\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nServer: cloudflare\r\nCF-RAY: 9a1a25ae69ef6fdc-CDG\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":118,"size_decoded":0,"mime_type":"application/xml","magic":"XML 1.0 document, ASCII text, with no line terminators","md5":"bcc5a6397f002672cfc2f1f5a592bfca","sha1":"ec196ead1ec69bdcef08961fa2b4fbeea69e6883","sha256":"fe009e849d5d4d7b5a7a2b07167ea3be2b582a0122f75bcf1aaec6dbd0b27441","sha512":"6411141aec0426851b4e7ce5031ad026521b5af807a6c0577c05460e8ff86df41e800fab38cee56267ec2fa2edb1665fb4886a98910a029f6382d8047ecbb5d8","ssdeep":"","tlshash":"b2b012057385b82a81a08737ff38f715f710513253d05036c4d905e72bc21838e1336e","first_seen":"2023-11-28T00:09:24Z","last_seen":"2025-11-23T21:38:38.277613Z","times_seen":20,"resource_available":false,"data":null}},"time_used":321,"timings":{"blocked":133,"dns":35,"connect":2,"send":0,"wait":55,"receive":0,"ssl":93},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"wss","addr":"tracker.ghostchu-services.top/announce","fqdn":"tracker.ghostchu-services.top","domain":"ghostchu-services.top","tld":"top"},"ip":{"addr":"172.67.181.132","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"websocket","requested_by":"https://rdcplayer.online/hls/premiereclubes.html","date":"2025-11-20T18:52:55.284Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ghostchu-services.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 16 Oct 2025 12:32:34 GMT","end":"Wed, 14 Jan 2026 13:28:41 GMT"},"fingerprint":{"sha1":"A2:9D:71:6A:22:21:2B:03:FF:65:14:6C:D3:34:08:AC:30:9E:D2:CF","sha256":"20:BB:0B:34:7E:C9:C5:92:0F:92:7F:79:8C:90:2C:CE:79:F9:56:71:4D:CE:B5:28:DB:E0:B0:44:B8:59:72:06"}}},"request":{"raw":"GET /announce HTTP/1.1\r\nHost: tracker.ghostchu-services.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nSec-WebSocket-Version: 13\r\nOrigin: https://rdcplayer.online\r\nSec-WebSocket-Extensions: permessage-deflate\r\nSec-WebSocket-Key: B8PFRaBS+W6Ou0QxiSRjXQ==\r\nDNT: 1\r\nConnection: keep-alive, Upgrade\r\nSec-Fetch-Dest: websocket\r\nSec-Fetch-Mode: websocket\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nUpgrade: websocket\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 101 Switching Protocols\r\nDate: Thu, 20 Nov 2025 18:52:55 GMT\r\nConnection: upgrade\r\nUpgrade: websocket\r\nSec-Websocket-Accept: pG/kexr7Rv0K+sDpP0yiMuMUq7A=\r\ncf-cache-status: DYNAMIC\r\nReport-To: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=jGI%2F5A9ZK%2F6EFBQwseEGSDERNmHeI1TK%2BMQEk9OXXKN6lPUd65auMPJjOz3TQsRTW6R%2BQsZ1pj09h721kdBNPHIckBllikW87VSGUW6eXp6msnJu1QSU1leIL6J4Lt5O%2BgV5jazbh0mFK6cKRs3MuQ%3D%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nNEL: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nServer: cloudflare\r\nCF-RAY: 9a1a25adeb0e56ab-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfL4;desc=\"?proto=TCP\u0026rtt=460\u0026min_rtt=426\u0026rtt_var=145\u0026sent=5\u0026recv=8\u0026lost=0\u0026retrans=0\u0026sent_bytes=3144\u0026recv_bytes=1180\u0026delivery_rate=7855334\u0026cwnd=252\u0026unsent_bytes=0\u0026cid=ba6f0433513e370b\u0026ts=154\u0026x=0\"\r\n\r\n","headers":null,"cookies":null,"status_code":"101","status_text":"Switching Protocols","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T05:45:54.968102Z","times_seen":13318572,"resource_available":true,"data":null}},"time_used":226,"timings":{"blocked":0,"dns":33,"connect":35,"send":0,"wait":135,"receive":1,"ssl":56},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-20","alert":"Sinkholed","trigger":"tracker.ghostchu-services.top","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"123754360001f4a38299b3a524d7daa3.eu.r2.cloudflarestorage.com/imgcdn/IMG_1755708577985.png?X-Amz-Algorithm=AWS4-HMAC-SHA256\u0026X-Amz-Content-Sha256=UNSIGNED-PAYLOAD\u0026X-Amz-Credential=b3d78a07191ae42de4f385d1dc31f153%2F20251120%2Fauto%2Fs3%2Faws4_request\u0026X-Amz-Date=20251120T134345Z\u0026X-Amz-Expires=900\u0026X-Amz-Signature=5d3e20279dc55d100c778c7226b2520f4545bf67704b6661ba73829af9729545\u0026X-Amz-SignedHeaders=host\u0026x-amz-checksum-mode=ENABLED\u0026x-id=GetObject","fqdn":"123754360001f4a38299b3a524d7daa3.eu.r2.cloudflarestorage.com","domain":"cloudflarestorage.com","tld":"com"},"ip":{"addr":"141.101.90.97","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://rdcplayer.online/hls/premiereclubes.html","date":"2025-11-20T18:53:06.258Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"r2.cloudflarestorage.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 17 Oct 2025 00:46:04 GMT","end":"Thu, 15 Jan 2026 01:45:36 GMT"},"fingerprint":{"sha1":"4E:AA:13:56:C1:FF:5E:F7:40:EF:3D:18:7F:55:28:07:FB:E6:FD:94","sha256":"7A:73:88:94:95:56:67:7A:93:3C:C4:4E:0D:6F:45:3E:D0:2C:DF:52:5A:CC:64:2B:71:22:7F:BD:C9:17:83:58"}}},"request":{"raw":"GET /imgcdn/IMG_1755708577985.png?X-Amz-Algorithm=AWS4-HMAC-SHA256\u0026X-Amz-Content-Sha256=UNSIGNED-PAYLOAD\u0026X-Amz-Credential=b3d78a07191ae42de4f385d1dc31f153%2F20251120%2Fauto%2Fs3%2Faws4_request\u0026X-Amz-Date=20251120T134345Z\u0026X-Amz-Expires=900\u0026X-Amz-Signature=5d3e20279dc55d100c778c7226b2520f4545bf67704b6661ba73829af9729545\u0026X-Amz-SignedHeaders=host\u0026x-amz-checksum-mode=ENABLED\u0026x-id=GetObject HTTP/1.1\r\nHost: 123754360001f4a38299b3a524d7daa3.eu.r2.cloudflarestorage.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://rdcplayer.online\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rdcplayer.online/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 403 Forbidden\r\nDate: Thu, 20 Nov 2025 18:53:06 GMT\r\nContent-Type: application/xml\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nServer: cloudflare\r\nCF-RAY: 9a1a25f239646fdc-CDG\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":118,"size_decoded":0,"mime_type":"application/xml","magic":"XML 1.0 document, ASCII text, with no line terminators","md5":"bcc5a6397f002672cfc2f1f5a592bfca","sha1":"ec196ead1ec69bdcef08961fa2b4fbeea69e6883","sha256":"fe009e849d5d4d7b5a7a2b07167ea3be2b582a0122f75bcf1aaec6dbd0b27441","sha512":"6411141aec0426851b4e7ce5031ad026521b5af807a6c0577c05460e8ff86df41e800fab38cee56267ec2fa2edb1665fb4886a98910a029f6382d8047ecbb5d8","ssdeep":"","tlshash":"b2b012057385b82a81a08737ff38f715f710513253d05036c4d905e72bc21838e1336e","first_seen":"2023-11-28T00:09:24Z","last_seen":"2025-11-23T21:38:38.277613Z","times_seen":20,"resource_available":false,"data":null}},"time_used":51,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":51,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"agropesca.live/live/premiereclubes/index.m3u8","fqdn":"agropesca.live","domain":"agropesca.live","tld":"live"},"ip":{"addr":"172.67.160.183","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://rdcplayer.online/hls/premiereclubes.html","date":"2025-11-20T18:53:09.256Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"agropesca.live","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 17 Oct 2025 03:21:26 GMT","end":"Thu, 15 Jan 2026 04:18:55 GMT"},"fingerprint":{"sha1":"3F:90:30:D4:50:5C:CA:9A:F4:06:34:03:D7:49:F4:3E:4E:01:8E:95","sha256":"F9:F5:B9:BD:D0:CA:FA:D3:2F:F3:E1:52:7F:85:A5:9D:C5:5F:FB:80:19:27:5A:F1:BC:DD:C3:82:82:FD:8E:EE"}}},"request":{"raw":"GET /live/premiereclubes/index.m3u8 HTTP/1.1\r\nHost: agropesca.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://rdcplayer.online\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rdcplayer.online/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 20 Nov 2025 18:53:09 GMT\r\ncontent-type: application/vnd.apple.mpegurl; charset=utf-8\r\ncontent-length: 2851\r\npriority: u=3,i=?0\r\nx-powered-by: Express\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET, POST, DELETE, OPTIONS\r\naccess-control-allow-headers: Content-Type, Authorization\r\ncache-control: max-age=14400, must-revalidate\r\npragma: no-cache\r\nexpires: 0\r\netag: W/\"b23-eueWueCAcrI/PQ7dGEGPl/fy8AA\"\r\naccept-ranges: bytes\r\ncf-cache-status: EXPIRED\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=BRTIABeMyl5XzNbjWUGEbnuVO4VkPLQGxf%2B9nUgQI47WHWI7D8ElC%2FZdAEiVa%2FurA%2BjnQx7NUbaT4WMd0E0WM85cDS0s6Nj89PpKRg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9a1a2604dc78b4f4-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2851,"size_decoded":0,"mime_type":"application/vnd.apple.mpegurl; charset=utf-8","magic":"M3U playlist, ASCII text, with very long lines (453)","md5":"1030ca17bec1eab543b78fdacd41d621","sha1":"7ae796b9e08072b23f3d0edd18418f97f7f2f000","sha256":"e600021b58babc57bff36c6e938264ec00411c1f20ab192b8f4fac37929ed909","sha512":"5f63df2b567f0c9063ff760ea401df6048700fcbac93054c9b963f23c8d32a435b15aac27e5d63431ac16c4ba97f88f373917d613ca60f7055d6dddd02135bf7","ssdeep":"","tlshash":"bb5122bf5da0b184220d0da66211b2b4f877525375f34dae1c23a4abb0d23a8d9c1c55","first_seen":"2025-11-20T18:53:22.269518Z","last_seen":"2025-11-20T18:53:22.269518Z","times_seen":1,"resource_available":false,"data":null}},"time_used":89,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":89,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/npm/clappr@latest","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"151.101.65.229","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://rdcplayer.online/hls/premiereclubes.html","date":"2025-11-20T18:52:54.489Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jsdelivr.net","organization":""},"issuer":{"commonName":"GlobalSign Atlas R3 DV TLS CA 2025 Q2","organization":"GlobalSign nv-sa"},"validity":{"start":"Mon, 02 Jun 2025 15:43:52 GMT","end":"Sat, 04 Jul 2026 15:43:51 GMT"},"fingerprint":{"sha1":"21:17:81:78:41:C6:8F:86:D6:CF:8D:98:CC:74:A8:F1:03:F8:C9:D4","sha256":"D0:E6:8D:08:11:05:7E:0C:2A:0D:C7:E0:ED:AE:9E:18:C8:74:32:12:3D:56:43:98:62:CD:A2:08:6F:64:5B:B0"}}},"request":{"raw":"GET /npm/clappr@latest HTTP/1.1\r\nHost: cdn.jsdelivr.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rdcplayer.online/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: *\r\ntiming-allow-origin: *\r\ncache-control: public, max-age=604800, s-maxage=43200\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-type: application/javascript; charset=utf-8\r\nx-jsd-version: 0.3.13\r\nx-jsd-version-type: version\r\netag: W/\"80319-k2KF+cjIWnSaHvjPxNXoS36ivIk\"\r\ncontent-encoding: br\r\naccept-ranges: bytes\r\nage: 8102\r\ndate: Thu, 20 Nov 2025 18:52:54 GMT\r\nx-served-by: cache-fra-etou8220086-FRA, cache-hel1410032-HEL\r\nx-cache: HIT, HIT\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\";ma=86400,h3-29=\":443\";ma=86400,h3-27=\":443\";ma=86400\r\ncontent-length: 141008\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":525081,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"f55c6c796275a41ce7d97bd160e648ff","sha1":"936285f9c8c85a749a1ef8cfc4d5e84b7ea2bc89","sha256":"db7ce4b1edd2c3701c3f2585f7cbd70857173195489a99703ab39de16fa45b6c","sha512":"3b01da86fa5b757041d7c03a186faad290c34f12fea78cc5ec53e4396491b16393c03e794bbead5a726f21c49f80894824eb65a87122c68a22cb2043ec6eda0e","ssdeep":"6144:q2ffwZI3wKqMSxeUKn5+q4Qc7vije4RDgv7VTG:qSoKqM9Upbz6R","tlshash":"c5b41b9876e5b0654393a0b8503f020b723bad6e7005a1ecf76de9e95db884d6037f78","first_seen":"2023-03-07T01:14:45Z","last_seen":"2026-04-03T22:34:53.930262Z","times_seen":2295,"resource_available":true,"data":null}},"time_used":144,"timings":{"blocked":49,"dns":5,"connect":13,"send":0,"wait":15,"receive":33,"ssl":24},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"agropesca.live/live/premiereclubes/index.m3u8","fqdn":"agropesca.live","domain":"agropesca.live","tld":"live"},"ip":{"addr":"172.67.160.183","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://rdcplayer.online/hls/premiereclubes.html","date":"2025-11-20T18:52:55.248Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"agropesca.live","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 17 Oct 2025 03:21:26 GMT","end":"Thu, 15 Jan 2026 04:18:55 GMT"},"fingerprint":{"sha1":"3F:90:30:D4:50:5C:CA:9A:F4:06:34:03:D7:49:F4:3E:4E:01:8E:95","sha256":"F9:F5:B9:BD:D0:CA:FA:D3:2F:F3:E1:52:7F:85:A5:9D:C5:5F:FB:80:19:27:5A:F1:BC:DD:C3:82:82:FD:8E:EE"}}},"request":{"raw":"GET /live/premiereclubes/index.m3u8 HTTP/1.1\r\nHost: agropesca.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://rdcplayer.online\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rdcplayer.online/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 20 Nov 2025 18:52:55 GMT\r\ncontent-type: application/vnd.apple.mpegurl; charset=utf-8\r\ncontent-length: 2851\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nx-powered-by: Express\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET, POST, DELETE, OPTIONS\r\naccess-control-allow-headers: Content-Type, Authorization\r\ncache-control: max-age=14400, must-revalidate\r\npragma: no-cache\r\nexpires: 0\r\netag: W/\"b23-eueWueCAcrI/PQ7dGEGPl/fy8AA\"\r\nage: 0\r\naccept-ranges: bytes\r\ncf-cache-status: HIT\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=MW1yRxFl9Ajpqm0WukLQ9XjNUILin5xxs4OLPNUjgXMn2gHvngCsMJnROPuDs2%2F3ISz5KqrO%2Ff3CTPRXDH4ZodaKgYyVpxyGGNc1IPZR\"}]}\r\ncf-ray: 9a1a25ad486e4e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]}],"data":{"size":2851,"size_decoded":0,"mime_type":"application/vnd.apple.mpegurl; charset=utf-8","magic":"M3U playlist, ASCII text, with very long lines (453)","md5":"1030ca17bec1eab543b78fdacd41d621","sha1":"7ae796b9e08072b23f3d0edd18418f97f7f2f000","sha256":"e600021b58babc57bff36c6e938264ec00411c1f20ab192b8f4fac37929ed909","sha512":"5f63df2b567f0c9063ff760ea401df6048700fcbac93054c9b963f23c8d32a435b15aac27e5d63431ac16c4ba97f88f373917d613ca60f7055d6dddd02135bf7","ssdeep":"","tlshash":"bb5122bf5da0b184220d0da66211b2b4f877525375f34dae1c23a4abb0d23a8d9c1c55","first_seen":"2025-11-20T18:53:22.269518Z","last_seen":"2025-11-20T18:53:22.269518Z","times_seen":1,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":1,"dns":0,"connect":0,"send":0,"wait":4,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"agropesca.live/live/premiereclubes/index.m3u8","fqdn":"agropesca.live","domain":"agropesca.live","tld":"live"},"ip":{"addr":"172.67.160.183","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://rdcplayer.online/hls/premiereclubes.html","date":"2025-11-20T18:53:00.944Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"agropesca.live","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 17 Oct 2025 03:21:26 GMT","end":"Thu, 15 Jan 2026 04:18:55 GMT"},"fingerprint":{"sha1":"3F:90:30:D4:50:5C:CA:9A:F4:06:34:03:D7:49:F4:3E:4E:01:8E:95","sha256":"F9:F5:B9:BD:D0:CA:FA:D3:2F:F3:E1:52:7F:85:A5:9D:C5:5F:FB:80:19:27:5A:F1:BC:DD:C3:82:82:FD:8E:EE"}}},"request":{"raw":"GET /live/premiereclubes/index.m3u8 HTTP/1.1\r\nHost: agropesca.live\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://rdcplayer.online\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://rdcplayer.online/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Thu, 20 Nov 2025 18:53:00 GMT\r\ncontent-type: application/vnd.apple.mpegurl; charset=utf-8\r\ncontent-length: 2851\r\npriority: u=3,i=?0\r\nx-powered-by: Express\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET, POST, DELETE, OPTIONS\r\naccess-control-allow-headers: Content-Type, Authorization\r\ncache-control: max-age=14400, must-revalidate\r\npragma: no-cache\r\nexpires: 0\r\netag: W/\"b23-eueWueCAcrI/PQ7dGEGPl/fy8AA\"\r\nage: 2\r\naccept-ranges: bytes\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=YQaQi6iA8mP1S5jNbPVp4spNpPagXEi4Xh2LQ1HCNIi95GEYY6zHGVO4uchqQcJpoOOtH%2BbeAPLZRlAzy7%2F83qBMKglDGzwEKw5%2FJg%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\ncf-ray: 9a1a25d0e97bb4f4-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2851,"size_decoded":0,"mime_type":"application/vnd.apple.mpegurl; charset=utf-8","magic":"M3U playlist, ASCII text, with very long lines (453)","md5":"1030ca17bec1eab543b78fdacd41d621","sha1":"7ae796b9e08072b23f3d0edd18418f97f7f2f000","sha256":"e600021b58babc57bff36c6e938264ec00411c1f20ab192b8f4fac37929ed909","sha512":"5f63df2b567f0c9063ff760ea401df6048700fcbac93054c9b963f23c8d32a435b15aac27e5d63431ac16c4ba97f88f373917d613ca60f7055d6dddd02135bf7","ssdeep":"","tlshash":"bb5122bf5da0b184220d0da66211b2b4f877525375f34dae1c23a4abb0d23a8d9c1c55","first_seen":"2025-11-20T18:53:22.269518Z","last_seen":"2025-11-20T18:53:22.269518Z","times_seen":1,"resource_available":false,"data":null}},"time_used":8,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":7,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}