2025-04-05 18:17:53.102098500 --- p0f 3.09b by Michal Zalewski --- 2025-04-05 18:17:53.102141500 2025-04-05 18:17:53.102142500 [+] Closed 1 file descriptor. 2025-04-05 18:17:53.102143500 [+] Loaded 322 signatures from '/etc/p0f/p0f.fp'. 2025-04-05 18:17:53.134858500 [+] Intercepting traffic on interface 'eth0'. 2025-04-05 18:17:53.142450500 [+] Custom filtering rule enabled: dst port 25 [+VLAN] 2025-04-05 18:17:53.142701500 [+] Listening on API socket '/tmp/.p0f_socket' (max 20 clients). 2025-04-05 18:17:53.144527500 [+] Privileges dropped: uid 88, gid 8, root '/home/delivery'. 2025-04-05 18:17:53.144576500 [+] Entered main event loop. 2025-04-05 18:17:53.144594500 2025-04-05 18:19:53.854828500 .-[ 178.248.62.3/41624 -> 172.17.0.4/25 (syn) ]- 2025-04-05 18:19:53.854877500 | 2025-04-05 18:19:53.854879500 | client = 178.248.62.3/41624 2025-04-05 18:19:53.855472500 | os = Linux 2.2.x-3.x 2025-04-05 18:19:53.855478500 | dist = 9 2025-04-05 18:19:53.855479500 | params = generic 2025-04-05 18:19:53.855480500 | raw_sig = 4:55+9:0:1460:mss*44,7:mss,sok,ts,nop,ws:df,id+:0 2025-04-05 18:19:53.855481500 | 2025-04-05 18:19:53.855482500 `---- 2025-04-05 18:19:53.855484500 2025-04-05 18:19:53.855485500 .-[ 178.248.62.3/41624 -> 172.17.0.4/25 (mtu) ]- 2025-04-05 18:19:53.855486500 | 2025-04-05 18:19:53.855486500 | client = 178.248.62.3/41624 2025-04-05 18:19:53.855487500 | link = Ethernet or modem 2025-04-05 18:19:53.855488500 | raw_mtu = 1500 2025-04-05 18:19:53.855489500 | 2025-04-05 18:19:53.855490500 `---- 2025-04-05 18:19:53.855491500 2025-04-05 18:19:54.406909500 .-[ 178.248.62.3/41630 -> 172.17.0.4/25 (syn) ]- 2025-04-05 18:19:54.406924500 | 2025-04-05 18:19:54.406925500 | client = 178.248.62.3/41630 2025-04-05 18:19:54.406926500 | os = Linux 2.2.x-3.x 2025-04-05 18:19:54.406927500 | dist = 9 2025-04-05 18:19:54.406928500 | params = generic 2025-04-05 18:19:54.406929500 | raw_sig = 4:55+9:0:1460:mss*44,7:mss,sok,ts,nop,ws:df,id+:0 2025-04-05 18:19:54.406930500 | 2025-04-05 18:19:54.406931500 `---- 2025-04-05 18:19:54.406932500 2025-04-05 18:19:54.406932500 .-[ 178.248.62.3/41630 -> 172.17.0.4/25 (mtu) ]- 2025-04-05 18:19:54.406933500 | 2025-04-05 18:19:54.406934500 | client = 178.248.62.3/41630 2025-04-05 18:19:54.406935500 | link = Ethernet or modem 2025-04-05 18:19:54.406936500 | raw_mtu = 1500 2025-04-05 18:19:54.406937500 | 2025-04-05 18:19:54.406939500 `---- 2025-04-05 18:19:54.406940500 2025-04-05 18:19:54.406941500 .-[ 178.248.62.3/41630 -> 172.17.0.4/25 (uptime) ]- 2025-04-05 18:19:54.406942500 | 2025-04-05 18:19:54.406942500 | client = 178.248.62.3/41630 2025-04-05 18:19:54.406943500 | uptime = 46 days 14 hrs 8 min (modulo 49 days) 2025-04-05 18:19:54.406944500 | raw_freq = 996.50 Hz 2025-04-05 18:19:54.406945500 | 2025-04-05 18:19:54.406946500 `---- 2025-04-05 18:19:54.406947500 2025-04-05 18:19:55.264068500 .-[ 172.17.0.4/51104 -> 142.250.150.27/25 (syn) ]- 2025-04-05 18:19:55.264084500 | 2025-04-05 18:19:55.264085500 | client = 172.17.0.4/51104 2025-04-05 18:19:55.264086500 | os = Linux 2.2.x-3.x 2025-04-05 18:19:55.264087500 | dist = 0 2025-04-05 18:19:55.264088500 | params = generic 2025-04-05 18:19:55.264088500 | raw_sig = 4:64+0:0:1460:mss*44,7:mss,sok,ts,nop,ws:df,id+:0 2025-04-05 18:19:55.264089500 | 2025-04-05 18:19:55.264090500 `---- 2025-04-05 18:19:55.264091500 2025-04-05 18:19:55.264091500 .-[ 172.17.0.4/51104 -> 142.250.150.27/25 (mtu) ]- 2025-04-05 18:19:55.264092500 | 2025-04-05 18:19:55.264093500 | client = 172.17.0.4/51104 2025-04-05 18:19:55.264094500 | link = Ethernet or modem 2025-04-05 18:19:55.264094500 | raw_mtu = 1500 2025-04-05 18:19:55.264095500 | 2025-04-05 18:19:55.264096500 `---- 2025-04-05 18:19:55.264097500 2025-04-05 18:22:17.419781500 .-[ 172.17.0.4/46542 -> 83.166.143.57/25 (syn) ]- 2025-04-05 18:22:17.419827500 | 2025-04-05 18:22:17.419828500 | client = 172.17.0.4/46542 2025-04-05 18:22:17.421480500 | os = Linux 2.2.x-3.x 2025-04-05 18:22:17.421501500 | dist = 0 2025-04-05 18:22:17.421502500 | params = generic 2025-04-05 18:22:17.421503500 | raw_sig = 4:64+0:0:1460:mss*44,7:mss,sok,ts,nop,ws:df,id+:0 2025-04-05 18:22:17.421503500 | 2025-04-05 18:22:17.421504500 `---- 2025-04-05 18:22:17.421505500 2025-04-05 18:22:17.421506500 .-[ 172.17.0.4/46542 -> 83.166.143.57/25 (host change) ]- 2025-04-05 18:22:17.421506500 | 2025-04-05 18:22:17.421507500 | client = 172.17.0.4/46542 2025-04-05 18:22:17.421508500 | reason = tstamp port 2025-04-05 18:22:17.421509500 | raw_hits = 0,1,1,1 2025-04-05 18:22:17.421510500 | 2025-04-05 18:22:17.421510500 `---- 2025-04-05 18:22:17.421511500 2025-04-05 18:22:17.421512500 .-[ 172.17.0.4/46542 -> 83.166.143.57/25 (mtu) ]- 2025-04-05 18:22:17.421512500 | 2025-04-05 18:22:17.421513500 | client = 172.17.0.4/46542 2025-04-05 18:22:17.421514500 | link = Ethernet or modem 2025-04-05 18:22:17.421515500 | raw_mtu = 1500 2025-04-05 18:22:17.421515500 | 2025-04-05 18:22:17.421516500 `---- 2025-04-05 18:22:17.421517500 2025-04-05 18:23:23.353512500 .-[ 172.17.0.4/34232 -> 83.166.143.57/25 (syn) ]- 2025-04-05 18:23:23.353568500 | 2025-04-05 18:23:23.353569500 | client = 172.17.0.4/34232 2025-04-05 18:23:23.353909500 | os = Linux 2.2.x-3.x 2025-04-05 18:23:23.353914500 | dist = 0 2025-04-05 18:23:23.353915500 | params = generic 2025-04-05 18:23:23.353916500 | raw_sig = 4:64+0:0:1460:mss*44,7:mss,sok,ts,nop,ws:df,id+:0 2025-04-05 18:23:23.353917500 | 2025-04-05 18:23:23.353918500 `---- 2025-04-05 18:23:23.353919500 2025-04-05 18:23:23.353920500 .-[ 172.17.0.4/34232 -> 83.166.143.57/25 (mtu) ]- 2025-04-05 18:23:23.353921500 | 2025-04-05 18:23:23.353922500 | client = 172.17.0.4/34232 2025-04-05 18:23:23.353923500 | link = Ethernet or modem 2025-04-05 18:23:23.353923500 | raw_mtu = 1500 2025-04-05 18:23:23.353924500 | 2025-04-05 18:23:23.353925500 `---- 2025-04-05 18:23:23.353926500 2025-04-05 18:23:23.353927500 .-[ 172.17.0.4/34232 -> 83.166.143.57/25 (uptime) ]- 2025-04-05 18:23:23.353927500 | 2025-04-05 18:23:23.353928500 | client = 172.17.0.4/34232 2025-04-05 18:23:23.353929500 | uptime = 25 days 9 hrs 37 min (modulo 49 days) 2025-04-05 18:23:23.353930500 | raw_freq = 999.98 Hz 2025-04-05 18:23:23.353930500 | 2025-04-05 18:23:23.353931500 `---- 2025-04-05 18:23:23.353932500 2025-04-05 18:24:13.100368500 .-[ 84.16.66.169/46099 -> 172.17.0.4/25 (syn) ]- 2025-04-05 18:24:13.101846500 | 2025-04-05 18:24:13.101849500 | client = 84.16.66.169/46099 2025-04-05 18:24:13.101850500 | os = Linux 2.2.x-3.x 2025-04-05 18:24:13.101850500 | dist = 10 2025-04-05 18:24:13.101851500 | params = generic 2025-04-05 18:24:13.101852500 | raw_sig = 4:54+10:0:1460:mss*29,11:mss,sok,ts,nop,ws:df,id+:0 2025-04-05 18:24:13.101853500 | 2025-04-05 18:24:13.101854500 `---- 2025-04-05 18:24:13.101855500 2025-04-05 18:24:13.101855500 .-[ 84.16.66.169/46099 -> 172.17.0.4/25 (mtu) ]- 2025-04-05 18:24:13.101856500 | 2025-04-05 18:24:13.101857500 | client = 84.16.66.169/46099 2025-04-05 18:24:13.101858500 | link = Ethernet or modem 2025-04-05 18:24:13.101858500 | raw_mtu = 1500 2025-04-05 18:24:13.101859500 | 2025-04-05 18:24:13.101860500 `---- 2025-04-05 18:24:13.101860500 2025-04-05 18:25:33.688284500 .-[ 172.17.0.4/49742 -> 83.166.143.57/25 (syn) ]- 2025-04-05 18:25:33.688363500 | 2025-04-05 18:25:33.688364500 | client = 172.17.0.4/49742 2025-04-05 18:25:33.688365500 | os = Linux 2.2.x-3.x 2025-04-05 18:25:33.688366500 | dist = 0 2025-04-05 18:25:33.688367500 | params = generic 2025-04-05 18:25:33.688368500 | raw_sig = 4:64+0:0:1460:mss*44,7:mss,sok,ts,nop,ws:df,id+:0 2025-04-05 18:25:33.688369500 | 2025-04-05 18:25:33.688369500 `---- 2025-04-05 18:25:33.688370500 2025-04-05 18:25:33.688371500 .-[ 172.17.0.4/49742 -> 83.166.143.57/25 (mtu) ]- 2025-04-05 18:25:33.688372500 | 2025-04-05 18:25:33.688372500 | client = 172.17.0.4/49742 2025-04-05 18:25:33.688373500 | link = Ethernet or modem 2025-04-05 18:25:33.688374500 | raw_mtu = 1500 2025-04-05 18:25:33.688375500 | 2025-04-05 18:25:33.688375500 `---- 2025-04-05 18:25:33.688376500 2025-04-05 18:25:33.688377500 .-[ 172.17.0.4/49742 -> 83.166.143.57/25 (uptime) ]- 2025-04-05 18:25:33.688378500 | 2025-04-05 18:25:33.688378500 | client = 172.17.0.4/49742 2025-04-05 18:25:33.688379500 | uptime = 25 days 9 hrs 39 min (modulo 49 days) 2025-04-05 18:25:33.688380500 | raw_freq = 1000.00 Hz 2025-04-05 18:25:33.688381500 | 2025-04-05 18:25:33.688381500 `---- 2025-04-05 18:25:33.688382500 2025-04-05 18:29:31.862775500 .-[ 193.163.125.152/57443 -> 172.17.0.4/25 (syn) ]- 2025-04-05 18:29:31.862830500 | 2025-04-05 18:29:31.862831500 | client = 193.163.125.152/57443 2025-04-05 18:29:31.862832500 | os = Linux 2.2.x-3.x (barebone) 2025-04-05 18:29:31.862833500 | dist = 7 2025-04-05 18:29:31.862833500 | params = generic fuzzy 2025-04-05 18:29:31.862834500 | raw_sig = 4:248+7:0:1460:mss*10,0:mss::0 2025-04-05 18:29:31.862835500 | 2025-04-05 18:29:31.862836500 `---- 2025-04-05 18:29:31.862836500 2025-04-05 18:29:31.862837500 .-[ 193.163.125.152/57443 -> 172.17.0.4/25 (mtu) ]- 2025-04-05 18:29:31.862838500 | 2025-04-05 18:29:31.862839500 | client = 193.163.125.152/57443 2025-04-05 18:29:31.862839500 | link = Ethernet or modem 2025-04-05 18:29:31.862840500 | raw_mtu = 1500 2025-04-05 18:29:31.862841500 | 2025-04-05 18:29:31.862842500 `---- 2025-04-05 18:29:31.862842500 2025-04-05 18:29:34.762949500 .-[ 193.163.125.254/46876 -> 172.17.0.4/25 (syn) ]- 2025-04-05 18:29:34.762964500 | 2025-04-05 18:29:34.762965500 | client = 193.163.125.254/46876 2025-04-05 18:29:34.762966500 | os = ??? 2025-04-05 18:29:34.762967500 | dist = 7 2025-04-05 18:29:34.762967500 | params = none 2025-04-05 18:29:34.762968500 | raw_sig = 4:248+7:0:1460:63335,7:mss,ws,sok,ts,eol+0::0 2025-04-05 18:29:34.762969500 | 2025-04-05 18:29:34.762969500 `---- 2025-04-05 18:29:34.762970500 2025-04-05 18:29:34.762971500 .-[ 193.163.125.254/46876 -> 172.17.0.4/25 (mtu) ]- 2025-04-05 18:29:34.762971500 | 2025-04-05 18:29:34.762972500 | client = 193.163.125.254/46876 2025-04-05 18:29:34.762973500 | link = Ethernet or modem 2025-04-05 18:29:34.762973500 | raw_mtu = 1500 2025-04-05 18:29:34.762974500 | 2025-04-05 18:29:34.762975500 `---- 2025-04-05 18:29:34.762975500 2025-04-05 18:29:52.171401500 .-[ 172.17.0.4/37006 -> 83.166.143.57/25 (syn) ]- 2025-04-05 18:29:52.171458500 | 2025-04-05 18:29:52.171459500 | client = 172.17.0.4/37006 2025-04-05 18:29:52.171461500 | os = Linux 2.2.x-3.x 2025-04-05 18:29:52.171462500 | dist = 0 2025-04-05 18:29:52.171463500 | params = generic 2025-04-05 18:29:52.171464500 | raw_sig = 4:64+0:0:1460:mss*44,7:mss,sok,ts,nop,ws:df,id+:0 2025-04-05 18:29:52.171465500 | 2025-04-05 18:29:52.171466500 `---- 2025-04-05 18:29:52.171467500 2025-04-05 18:29:52.171468500 .-[ 172.17.0.4/37006 -> 83.166.143.57/25 (mtu) ]- 2025-04-05 18:29:52.171468500 | 2025-04-05 18:29:52.171469500 | client = 172.17.0.4/37006 2025-04-05 18:29:52.171470500 | link = Ethernet or modem 2025-04-05 18:29:52.171471500 | raw_mtu = 1500 2025-04-05 18:29:52.171472500 | 2025-04-05 18:29:52.171472500 `---- 2025-04-05 18:29:52.171473500 2025-04-05 18:29:52.171474500 .-[ 172.17.0.4/37006 -> 83.166.143.57/25 (uptime) ]- 2025-04-05 18:29:52.171475500 | 2025-04-05 18:29:52.171475500 | client = 172.17.0.4/37006 2025-04-05 18:29:52.171476500 | uptime = 25 days 9 hrs 43 min (modulo 49 days) 2025-04-05 18:29:52.171477500 | raw_freq = 1000.00 Hz 2025-04-05 18:29:52.171478500 | 2025-04-05 18:29:52.171479500 `---- 2025-04-05 18:29:52.171479500 2025-04-05 18:31:00.779911500 .-[ 172.17.0.4/55858 -> 66.102.1.27/25 (syn) ]- 2025-04-05 18:31:00.779964500 | 2025-04-05 18:31:00.779965500 | client = 172.17.0.4/55858 2025-04-05 18:31:00.780615500 | os = Linux 2.2.x-3.x 2025-04-05 18:31:00.780621500 | dist = 0 2025-04-05 18:31:00.780621500 | params = generic 2025-04-05 18:31:00.780622500 | raw_sig = 4:64+0:0:1460:mss*44,7:mss,sok,ts,nop,ws:df,id+:0 2025-04-05 18:31:00.780623500 | 2025-04-05 18:31:00.780624500 `---- 2025-04-05 18:31:00.780625500 2025-04-05 18:31:00.780625500 .-[ 172.17.0.4/55858 -> 66.102.1.27/25 (mtu) ]- 2025-04-05 18:31:00.780626500 | 2025-04-05 18:31:00.780627500 | client = 172.17.0.4/55858 2025-04-05 18:31:00.780628500 | link = Ethernet or modem 2025-04-05 18:31:00.780629500 | raw_mtu = 1500 2025-04-05 18:31:00.780629500 | 2025-04-05 18:31:00.780630500 `---- 2025-04-05 18:31:00.780631500 2025-04-05 18:38:25.921603500 .-[ 172.17.0.4/51258 -> 83.166.143.57/25 (syn) ]- 2025-04-05 18:38:25.921652500 | 2025-04-05 18:38:25.921653500 | client = 172.17.0.4/51258 2025-04-05 18:38:25.921654500 | os = Linux 2.2.x-3.x 2025-04-05 18:38:25.921654500 | dist = 0 2025-04-05 18:38:25.921655500 | params = generic 2025-04-05 18:38:25.921656500 | raw_sig = 4:64+0:0:1460:mss*44,7:mss,sok,ts,nop,ws:df,id+:0 2025-04-05 18:38:25.921657500 | 2025-04-05 18:38:25.921658500 `---- 2025-04-05 18:38:25.921659500 2025-04-05 18:38:25.921659500 .-[ 172.17.0.4/51258 -> 83.166.143.57/25 (host change) ]- 2025-04-05 18:38:25.921660500 | 2025-04-05 18:38:25.921661500 | client = 172.17.0.4/51258 2025-04-05 18:38:25.921662500 | reason = tstamp port 2025-04-05 18:38:25.921663500 | raw_hits = 0,2,2,2 2025-04-05 18:38:25.921663500 | 2025-04-05 18:38:25.921664500 `---- 2025-04-05 18:38:25.921665500 2025-04-05 18:38:25.921665500 .-[ 172.17.0.4/51258 -> 83.166.143.57/25 (mtu) ]- 2025-04-05 18:38:25.921666500 | 2025-04-05 18:38:25.921667500 | client = 172.17.0.4/51258 2025-04-05 18:38:25.921668500 | link = Ethernet or modem 2025-04-05 18:38:25.921669500 | raw_mtu = 1500 2025-04-05 18:38:25.921669500 | 2025-04-05 18:38:25.921670500 `---- 2025-04-05 18:38:25.921671500 2025-04-05 18:40:36.930444500 .-[ 178.248.62.3/51460 -> 172.17.0.4/25 (syn) ]- 2025-04-05 18:40:36.930538500 | 2025-04-05 18:40:36.930540500 | client = 178.248.62.3/51460 2025-04-05 18:40:36.930540500 | os = Linux 2.2.x-3.x 2025-04-05 18:40:36.930541500 | dist = 9 2025-04-05 18:40:36.930542500 | params = generic 2025-04-05 18:40:36.930543500 | raw_sig = 4:55+9:0:1460:mss*44,7:mss,sok,ts,nop,ws:df,id+:0 2025-04-05 18:40:36.930544500 | 2025-04-05 18:40:36.930544500 `---- 2025-04-05 18:40:36.930545500 2025-04-05 18:40:36.930546500 .-[ 178.248.62.3/51460 -> 172.17.0.4/25 (mtu) ]- 2025-04-05 18:40:36.930547500 | 2025-04-05 18:40:36.930547500 | client = 178.248.62.3/51460 2025-04-05 18:40:36.930548500 | link = Ethernet or modem 2025-04-05 18:40:36.930549500 | raw_mtu = 1500 2025-04-05 18:40:36.930550500 | 2025-04-05 18:40:36.930550500 `---- 2025-04-05 18:40:36.930551500 2025-04-05 18:40:37.866921500 .-[ 172.17.0.4/37870 -> 142.250.150.26/25 (syn) ]- 2025-04-05 18:40:37.866936500 | 2025-04-05 18:40:37.866937500 | client = 172.17.0.4/37870 2025-04-05 18:40:37.866938500 | os = Linux 2.2.x-3.x 2025-04-05 18:40:37.866939500 | dist = 0 2025-04-05 18:40:37.866940500 | params = generic 2025-04-05 18:40:37.866940500 | raw_sig = 4:64+0:0:1460:mss*44,7:mss,sok,ts,nop,ws:df,id+:0 2025-04-05 18:40:37.866941500 | 2025-04-05 18:40:37.866942500 `---- 2025-04-05 18:40:37.866943500 2025-04-05 18:40:37.866943500 .-[ 172.17.0.4/37870 -> 142.250.150.26/25 (host change) ]- 2025-04-05 18:40:37.866944500 | 2025-04-05 18:40:37.867370500 | client = 172.17.0.4/37870 2025-04-05 18:40:37.867375500 | reason = tstamp port 2025-04-05 18:40:37.867376500 | raw_hits = 0,3,3,3 2025-04-05 18:40:37.867377500 | 2025-04-05 18:40:37.867377500 `---- 2025-04-05 18:40:37.867378500 2025-04-05 18:40:37.867379500 .-[ 172.17.0.4/37870 -> 142.250.150.26/25 (mtu) ]- 2025-04-05 18:40:37.867380500 | 2025-04-05 18:40:37.867380500 | client = 172.17.0.4/37870 2025-04-05 18:40:37.867381500 | link = Ethernet or modem 2025-04-05 18:40:37.867382500 | raw_mtu = 1500 2025-04-05 18:40:37.867383500 | 2025-04-05 18:40:37.867384500 `---- 2025-04-05 18:40:37.867384500 2025-04-05 18:40:37.910863500 .-[ 178.248.62.3/51462 -> 172.17.0.4/25 (syn) ]- 2025-04-05 18:40:37.910877500 | 2025-04-05 18:40:37.910879500 | client = 178.248.62.3/51462 2025-04-05 18:40:37.910880500 | os = Linux 2.2.x-3.x 2025-04-05 18:40:37.910880500 | dist = 9 2025-04-05 18:40:37.910881500 | params = generic 2025-04-05 18:40:37.910882500 | raw_sig = 4:55+9:0:1460:mss*44,7:mss,sok,ts,nop,ws:df,id+:0 2025-04-05 18:40:37.910883500 | 2025-04-05 18:40:37.910884500 `---- 2025-04-05 18:40:37.910885500 2025-04-05 18:40:37.910885500 .-[ 178.248.62.3/51462 -> 172.17.0.4/25 (mtu) ]- 2025-04-05 18:40:37.910886500 | 2025-04-05 18:40:37.910887500 | client = 178.248.62.3/51462 2025-04-05 18:40:37.910888500 | link = Ethernet or modem 2025-04-05 18:40:37.910889500 | raw_mtu = 1500 2025-04-05 18:40:37.910889500 | 2025-04-05 18:40:37.910890500 `---- 2025-04-05 18:40:37.910891500 2025-04-05 18:40:37.910892500 .-[ 178.248.62.3/51462 -> 172.17.0.4/25 (uptime) ]- 2025-04-05 18:40:37.910892500 | 2025-04-05 18:40:37.910893500 | client = 178.248.62.3/51462 2025-04-05 18:40:37.910894500 | uptime = 46 days 14 hrs 28 min (modulo 49 days) 2025-04-05 18:40:37.910895500 | raw_freq = 1000.00 Hz 2025-04-05 18:40:37.910895500 | 2025-04-05 18:40:37.910896500 `---- 2025-04-05 18:40:37.910897500 2025-04-05 18:44:31.205354500 .-[ 209.85.128.44/47281 -> 172.17.0.4/25 (syn) ]- 2025-04-05 18:44:31.205438500 | 2025-04-05 18:44:31.205439500 | client = 209.85.128.44/47281 2025-04-05 18:44:31.205440500 | os = Linux 2.2.x-3.x 2025-04-05 18:44:31.205441500 | dist = 5 2025-04-05 18:44:31.205442500 | params = generic fuzzy 2025-04-05 18:44:31.205443500 | raw_sig = 4:59+5:0:1412:65535,8:mss,sok,ts,nop,ws::0 2025-04-05 18:44:31.205444500 | 2025-04-05 18:44:31.205445500 `---- 2025-04-05 18:44:31.205446500 2025-04-05 18:44:31.205446500 .-[ 209.85.128.44/47281 -> 172.17.0.4/25 (mtu) ]- 2025-04-05 18:44:31.205447500 | 2025-04-05 18:44:31.205448500 | client = 209.85.128.44/47281 2025-04-05 18:44:31.205449500 | link = DSL 2025-04-05 18:44:31.205450500 | raw_mtu = 1452 2025-04-05 18:44:31.205450500 | 2025-04-05 18:44:31.205451500 `---- 2025-04-05 18:44:31.205452500 2025-04-05 18:44:40.654789500 .-[ 172.17.0.4/56780 -> 83.166.143.57/25 (syn) ]- 2025-04-05 18:44:40.654798500 | 2025-04-05 18:44:40.654799500 | client = 172.17.0.4/56780 2025-04-05 18:44:40.654800500 | os = Linux 2.2.x-3.x 2025-04-05 18:44:40.654801500 | dist = 0 2025-04-05 18:44:40.654802500 | params = generic 2025-04-05 18:44:40.654803500 | raw_sig = 4:64+0:0:1460:mss*44,7:mss,sok,ts,nop,ws:df,id+:0 2025-04-05 18:44:40.654804500 | 2025-04-05 18:44:40.654804500 `---- 2025-04-05 18:44:40.654805500 2025-04-05 18:44:40.654806500 .-[ 172.17.0.4/56780 -> 83.166.143.57/25 (mtu) ]- 2025-04-05 18:44:40.654807500 | 2025-04-05 18:44:40.654808500 | client = 172.17.0.4/56780 2025-04-05 18:44:40.654808500 | link = Ethernet or modem 2025-04-05 18:44:40.654809500 | raw_mtu = 1500 2025-04-05 18:44:40.654810500 | 2025-04-05 18:44:40.654811500 `---- 2025-04-05 18:44:40.654811500 2025-04-05 18:50:13.907063500 2025-04-05 18:50:13.907085500 All done. Processed 266 packets. 2025-04-05 18:50:40.596144500 --- p0f 3.09b by Michal Zalewski --- 2025-04-05 18:50:40.596305500 2025-04-05 18:50:40.596408500 [+] Closed 1 file descriptor. 2025-04-05 18:50:40.600730500 [+] Loaded 322 signatures from '/etc/p0f/p0f.fp'. 2025-04-05 18:50:40.642482500 [+] Intercepting traffic on interface 'eth0'. 2025-04-05 18:50:40.642493500 [+] Custom filtering rule enabled: dst port 25 [+VLAN] 2025-04-05 18:50:40.642495500 [+] Listening on API socket '/tmp/.p0f_socket' (max 20 clients). 2025-04-05 18:50:40.643614500 [+] Privileges dropped: uid 88, gid 8, root '/home/delivery'. 2025-04-05 18:50:40.643620500 [+] Entered main event loop. 2025-04-05 18:50:40.643621500 2025-04-05 18:50:40.659427500 2025-04-05 18:50:40.659438500 All done. Processed 0 packets. 2025-04-05 18:51:04.658715500 --- p0f 3.09b by Michal Zalewski --- 2025-04-05 18:51:04.658747500 2025-04-05 18:51:04.658748500 [+] Closed 1 file descriptor. 2025-04-05 18:51:04.659599500 [+] Loaded 322 signatures from '/etc/p0f/p0f.fp'. 2025-04-05 18:51:04.688522500 [+] Intercepting traffic on interface 'eth0'. 2025-04-05 18:51:04.688534500 [+] Custom filtering rule enabled: dst port 25 [+VLAN] 2025-04-05 18:51:04.688535500 [+] Listening on API socket '/tmp/.p0f_socket' (max 20 clients). 2025-04-05 18:51:04.688538500 [+] Privileges dropped: uid 88, gid 8, root '/home/delivery'. 2025-04-05 18:51:04.688539500 [+] Entered main event loop. 2025-04-05 18:51:04.688540500 2025-04-05 19:13:11.026700500 2025-04-05 19:13:11.029894500 All done. Processed 0 packets.