I happen to be looking at my firewall logs notice 2 of my hikvision cameras are attempting to get out to the internet using non standard UDP ports. When I do a who is on those IP address's comes back with website says to block them seem to be Chinese IP address . My security cameras are in security camera zone they don't have NAT translation out to the internet. I don't remember this happening before maybe I just haven't looked in awhile. The 3 cameras I have it's the 2 older ones which are doing this. What ever it's trying to do it's also using DNS to look these IP address's. I use a DVR to view the cameras from the internet so none of my cameras have access to the internet. I know they had some issues with these gray market cameras backdoor if you put them directly on the internet. This seems to be built into the firmware. My newer camera I got this year has no attempts to get to the internet.
Model DS-2CD2032F-I Firmware V5.3.0 build 150814 camera number 2 is using V5.2.0 build 140721
some of the IP address's it's trying to communicate with .
35.174.255.210
52.202.153.134
52.5.46.38
170.106.2.180
UDP ports
50651
58783
41311
Model DS-2CD2032F-I Firmware V5.3.0 build 150814 camera number 2 is using V5.2.0 build 140721
some of the IP address's it's trying to communicate with .
35.174.255.210
52.202.153.134
52.5.46.38
170.106.2.180
UDP ports
50651
58783
41311