Ive seen this on three different servers this week. Two on a newer firmware and one on an older one (10.13.66-22). The firewall is set to only allow access to the internal networks, our IPs, the customer IPs, the carriers we use, and a couple of other ones like letsencrypt and mirror.freepbx.org.
The first server, on 10.13.66-22, took a dump when I tried to reboot it (it was having problem connecting to the database and i couldnt manually shutdown or restart mysql) so I restored a backup from a week earlier to a new virtual machine and so far hasn’t had any issues.
Server two is on 12.7.6-1904-1.sng7 and I see this