| Hostnames |
videos.for-x.cn www.videos.for-x.cn default.zlmediakit.com |
| Domains | for-x.cn zlmediakit.com |
| Country | China |
| City | Hangzhou |
| Organization | CHINANET-ZJ Hangzhou node network |
| ISP | CT-HangZhou-IDC |
| ASN | AS58461 |
Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.
| CVE-2023-44487 | The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023. |
| CVE-2021-3618 | 5.8ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using compatible certificates, such as multi-domain or wildcard certificates. A MiTM attacker having access to victim's traffic at the TCP/IP layer can redirect traffic from one subdomain to another, resulting in a valid TLS session. This breaks the authentication of TLS and cross-protocol attacks may be possible where the behavior of one protocol service may compromise the other at the application layer. |
| CVE-2021-23017 | 6.8A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process crash or potential other impact. |
-1026813282 | 2024-05-09T07:14:59.05397821 / tcp
220 Microsoft FTP Service
230 User logged in.
214-The following commands are recognized (* ==>'s unimplemented).
ABOR
ACCT
ADAT *
ALLO
APPE
AUTH
CCC
CDUP
CWD
DELE
ENC *
EPRT
EPSV
FEAT
HELP
HOST
LANG
LIST
MDTM
MIC *
MKD
MODE
NLST
NOOP
OPTS
PASS
PASV
PBSZ
PORT
PROT
PWD
QUIT
REIN
REST
RETR
RMD
RNFR
RNTO
SITE
SIZE
SMNT
STAT
STOR
STOU
STRU
SYST
TYPE
USER
XCUP
XCWD
XMKD
XPWD
XRMD
214 HELP command successful.
211-Extended features supported:
LANG EN*
UTF8
AUTH TLS;TLS-C;SSL;TLS-P;
PBSZ
PROT C;P;
CCC
HOST
SIZE
MDTM
REST STREAM
211 END
-652925914 | 2024-05-31T23:10:46.211522123 / udp
NTP protocolversion: 3 stratum: 3 leap: 0 precision: -6 rootdelay: 0.0 rootdisp: 10.8977813721 refid: 1877392814 reftime: 3926109610.95 poll: 0
-948824405 | 2024-05-29T02:48:50.688627443 / tcp
HTTP/1.1 200 OK Server: nginx/1.19.3 Date: Wed, 29 May 2024 02:48:37 GMT Content-Type: text/html; charset=utf-8 Content-Length: 5270 Last-Modified: Tue, 16 Apr 2024 07:29:57 GMT Connection: keep-alive ETag: "661e28f5-1496" Accept-Ranges: bytes
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
8d:1a:84:39:0f:ae:4f:f7:26:fb:16:cf:20:a1:d1:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: C=GB, ST=Greater Manchester, L=Salford, O=Sectigo Limited, CN=Sectigo RSA Domain Validation Secure Server CA
Validity
Not Before: Mar 29 00:00:00 2024 GMT
Not After : Mar 29 23:59:59 2025 GMT
Subject: CN=videos.for-x.cn
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:b6:2e:af:12:6e:df:4d:99:57:74:ad:7c:5b:35:
0b:a2:56:a9:48:31:fb:99:37:7c:dd:55:16:5d:df:
f7:6f:46:87:0f:d6:17:9d:4f:d1:c0:c4:cb:ac:9c:
14:0d:46:ad:a3:69:05:7a:01:c0:b9:98:c1:94:3a:
cd:08:42:1a:0e:6b:d4:79:66:d8:05:99:43:c4:2c:
8c:b6:76:d7:3a:0b:41:8d:ae:00:4e:c1:10:37:3f:
62:9a:e4:7f:7f:e8:70:63:c8:70:2a:f5:b8:cb:0e:
56:8e:53:01:2a:93:93:56:ff:2b:ee:35:76:35:aa:
54:49:2d:e1:b5:ae:88:3d:e2:09:35:df:91:3c:ec:
bb:ac:5e:c5:a2:59:0c:e9:b1:9f:29:60:4f:b8:40:
11:c4:b5:ec:6a:bf:d7:b7:a8:13:09:e9:74:5f:ba:
ba:a4:9b:52:03:dd:17:56:b4:bb:31:5b:04:cc:6f:
d4:dd:7a:aa:ae:b2:28:38:c4:d3:bc:95:de:60:37:
21:84:80:37:2e:b3:43:93:b7:f1:ac:d0:fe:6d:28:
4e:6f:03:0c:33:41:c5:1b:63:ee:0d:8d:7c:1e:dc:
a7:06:bf:a8:36:ea:c5:1a:07:89:93:99:ee:d0:45:
b5:3d:df:fa:64:ea:72:fa:b6:b8:4c:fa:47:f2:f4:
7a:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Authority Key Identifier:
8D:8C:5E:C4:54:AD:8A:E1:77:E9:9B:F9:9B:05:E1:B8:01:8D:61:E1
X509v3 Subject Key Identifier:
F1:76:FF:27:E1:D1:12:7E:EA:60:9F:E4:2F:24:96:41:95:45:D6:78
X509v3 Key Usage: critical
Digital Signature, Key Encipherment
X509v3 Basic Constraints: critical
CA:FALSE
X509v3 Extended Key Usage:
TLS Web Server Authentication, TLS Web Client Authentication
X509v3 Certificate Policies:
Policy: 1.3.6.1.4.1.6449.1.2.2.7
CPS: https://sectigo.com/CPS
Policy: 2.23.140.1.2.1
Authority Information Access:
CA Issuers - URI:http://crt.sectigo.com/SectigoRSADomainValidationSecureServerCA.crt
OCSP - URI:http://ocsp.sectigo.com
X509v3 Subject Alternative Name:
DNS:videos.for-x.cn, DNS:www.videos.for-x.cn
CT Precertificate SCTs:
Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : CF:11:56:EE:D5:2E:7C:AF:F3:87:5B:D9:69:2E:9B:E9:
1A:71:67:4A:B0:17:EC:AC:01:D2:5B:77:CE:CC:3B:08
Timestamp : Mar 29 07:30:30.750 2024 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:45:02:20:73:A2:C2:A9:FC:A2:8F:92:A7:6A:01:88:
C8:6A:36:3D:21:57:D2:CE:42:66:67:E0:8A:CA:8A:8B:
4F:EF:6D:11:02:21:00:B3:CD:99:9C:F3:5D:90:ED:44:
9F:37:0C:B1:7A:00:E0:18:E9:DC:76:BC:CD:69:1D:26:
27:15:9C:F6:5F:F5:6A
Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : A2:E3:0A:E4:45:EF:BD:AD:9B:7E:38:ED:47:67:77:53:
D7:82:5B:84:94:D7:2B:5E:1B:2C:C4:B9:50:A4:47:E7
Timestamp : Mar 29 07:30:30.640 2024 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:44:02:20:66:39:88:C9:0B:A0:24:4D:4E:3D:7D:91:
F1:44:5F:AE:C3:94:D6:96:8E:F1:AE:8B:17:24:5B:83:
A1:EA:E9:E3:02:20:5F:3B:DB:A4:43:9B:78:ED:20:34:
81:FF:CC:A7:0A:9B:46:E0:84:4C:71:8D:5C:A1:0F:B3:
DA:C0:95:C6:F4:BC
Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : 4E:75:A3:27:5C:9A:10:C3:38:5B:6C:D4:DF:3F:52:EB:
1D:F0:E0:8E:1B:8D:69:C0:B1:FA:64:B1:62:9A:39:DF
Timestamp : Mar 29 07:30:30.639 2024 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:44:02:20:55:F2:56:05:AA:96:9C:A3:92:C9:20:96:
93:BF:78:05:77:C2:BF:3B:90:F9:85:20:28:4C:E1:4C:
36:7E:4D:3F:02:20:75:88:87:37:61:3B:E7:6D:5A:CC:
A2:65:0B:73:E3:D8:2F:A3:79:F0:74:BC:78:2D:EF:95:
4F:5F:2D:62:E2:8C
Signature Algorithm: sha256WithRSAEncryption
Signature Value:
4c:6a:ce:22:e9:4c:24:f0:3e:29:19:b7:2f:c4:75:d9:a3:58:
c6:5f:99:a8:64:97:64:18:75:de:55:91:92:e9:39:05:65:15:
3b:0b:99:9c:fa:19:d6:bc:cd:ba:df:e7:62:bc:ec:f8:1c:72:
85:9d:c7:a4:12:a9:68:a0:db:ff:28:e2:ad:57:c6:4a:11:36:
be:ea:ce:94:99:1a:6f:42:1d:00:dd:ef:70:9b:21:d1:4d:0c:
a6:f8:28:68:85:58:fb:50:a3:f8:65:0c:7b:db:19:2d:09:da:
f3:74:a9:56:f8:2e:88:65:75:59:16:07:10:6b:4c:2c:30:0a:
a9:db:d0:74:a0:a4:cf:6a:cd:fe:8b:be:a0:d2:15:80:27:56:
16:d0:d6:68:ff:ab:48:c0:6b:9f:ac:8e:81:39:5d:cb:ac:9d:
d9:c6:c6:73:23:98:23:8c:52:49:f1:3f:c7:8d:d3:0c:9e:7b:
58:6f:fa:2a:f2:7b:23:bc:62:be:38:37:c1:a7:8d:53:fc:a8:
25:62:11:60:53:94:5e:c6:64:a5:4f:36:7c:30:b3:24:f8:3d:
6e:50:93:f9:04:d3:2e:2c:f9:6f:01:44:1e:9e:f1:d6:5e:1d:
36:07:3d:4e:70:d5:7d:c6:e7:37:ca:23:53:13:93:0c:91:a8:
ca:1b:6e:2c
-1351362334 | 2024-05-22T11:05:48.1005471883 / tcp
MQTT Connection Code: 0 Topics:
2516931 | 2024-05-30T23:50:12.6869453306 / tcp
MySQL: Error Message: Host '224.242.125.121' is not allowed to connect to this MySQL server Error Code: 1130
2059483171 | 2024-05-31T09:27:25.5368204433 / tcp
HTTP/1.1 200 OK Connection: keep-alive Content-Length: 155 Content-Type: text/html; charset=utf-8 Date: Fri, May 31 2024 09:27:05 GMT Keep-Alive: timeout=30, max=100 Server: ZLMediaKit(git hash:154ad2e/2023-07-04T11:48:11+08:00,branch:master,build time:2023-07-10T15:16:35) Set-Cookie: ZL_COOKIE=54096f8fa9cf3ad1bad0919a85af71c9;expires=Fri, May 31 2024 09:37:05 GMT;path=/
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0b:ed:f2:1a:c3:29:7d:d7:fc:fb:fd:ea:cb:27:8a:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: C=US, O=DigiCert Inc, OU=www.digicert.com, CN=Encryption Everywhere DV TLS CA - G1
Validity
Not Before: Sep 13 00:00:00 2021 GMT
Not After : Sep 13 23:59:59 2022 GMT
Subject: CN=default.zlmediakit.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:89:3b:5b:04:b9:1f:aa:1b:e7:05:e8:47:fb:88:
60:75:a4:7e:6f:e6:37:e9:82:dc:eb:e0:7d:32:b7:
26:dd:9e:34:d3:16:cb:07:bf:71:3a:4a:55:43:75:
c3:b2:29:09:4b:7a:02:4f:08:a0:07:03:9c:a3:db:
a5:4e:79:01:db:32:a7:5a:8d:16:7a:a0:60:ca:82:
35:83:eb:a4:4b:f0:a3:9a:87:25:e0:fa:b6:6e:15:
96:4c:21:e6:3e:a8:52:92:29:04:1d:78:b1:7d:43:
c7:cc:05:21:44:34:97:9e:1c:45:9c:95:f6:1d:6f:
8b:c9:1e:6b:9e:ca:70:ec:f9:16:ba:17:a9:ba:b2:
28:2e:af:ed:54:62:a7:3b:93:97:ff:67:0e:98:89:
c0:3c:68:eb:04:6f:92:15:ad:59:d3:e0:f4:94:24:
de:c6:d3:fb:08:a8:ab:31:0c:a8:22:b5:11:d1:90:
f0:15:34:44:44:e8:f0:c5:84:d7:ad:46:70:dd:6a:
ef:d8:94:08:f8:75:bf:b1:fe:f5:32:9d:1b:d2:ac:
05:0c:0f:31:06:fb:67:f4:f0:6b:1b:cd:dd:db:41:
8c:1a:85:cc:ab:06:bc:5b:88:2c:7a:f7:33:67:1a:
b6:e1:f0:be:5b:c5:04:5f:66:08:73:e3:02:3b:0a:
b1:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Authority Key Identifier:
55:74:4F:B2:72:4F:F5:60:BA:50:D1:D7:E6:51:5C:9A:01:87:1A:D7
X509v3 Subject Key Identifier:
79:C3:85:D4:5F:E6:3E:87:DF:CF:FA:14:38:79:75:4C:52:69:F1:5E
X509v3 Subject Alternative Name:
DNS:default.zlmediakit.com
X509v3 Key Usage: critical
Digital Signature, Key Encipherment
X509v3 Extended Key Usage:
TLS Web Server Authentication, TLS Web Client Authentication
X509v3 Certificate Policies:
Policy: 2.23.140.1.2.1
CPS: http://www.digicert.com/CPS
Authority Information Access:
OCSP - URI:http://ocsp.digicert.com
CA Issuers - URI:http://cacerts.digicert.com/EncryptionEverywhereDVTLSCA-G1.crt
X509v3 Basic Constraints:
CA:FALSE
CT Precertificate SCTs:
Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : 29:79:BE:F0:9E:39:39:21:F0:56:73:9F:63:A5:77:E5:
BE:57:7D:9C:60:0A:F8:F9:4D:5D:26:5C:25:5D:C7:84
Timestamp : Sep 13 12:32:02.440 2021 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:46:02:21:00:E7:B7:39:CA:39:9E:E6:FB:EB:A5:C3:
2D:7D:62:98:97:EE:74:98:6E:D2:CA:DD:7D:A8:10:E8:
25:04:D3:D6:79:02:21:00:AB:71:B2:D5:B8:08:F5:9E:
A9:2D:2C:91:7C:B7:05:F9:77:20:D4:EE:B3:0C:32:6B:
85:7D:DC:B4:71:53:5D:6A
Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : 51:A3:B0:F5:FD:01:79:9C:56:6D:B8:37:78:8F:0C:A4:
7A:CC:1B:27:CB:F7:9E:88:42:9A:0D:FE:D4:8B:05:E5
Timestamp : Sep 13 12:32:02.547 2021 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:44:02:20:49:5C:63:1D:7B:18:6B:8C:C3:11:06:D6:
25:F0:70:13:9E:9A:F4:D7:05:7B:82:5C:2D:45:F9:D4:
E3:29:AF:05:02:20:3F:48:C8:A2:FE:C8:29:DD:CC:33:
9E:0E:3B:34:3A:97:3A:CD:EE:46:2D:C3:E0:F1:9E:4D:
76:74:C9:5D:94:99
Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : 41:C8:CA:B1:DF:22:46:4A:10:C6:A1:3A:09:42:87:5E:
4E:31:8B:1B:03:EB:EB:4B:C7:68:F0:90:62:96:06:F6
Timestamp : Sep 13 12:32:02.502 2021 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:45:02:20:36:C1:DC:F7:3E:4A:BD:EB:67:CE:28:BB:
70:1F:6D:32:BF:D4:96:74:A7:64:F6:32:E9:44:21:F8:
1F:B6:AA:AA:02:21:00:CE:C4:A6:2B:0C:22:AB:84:21:
2F:8B:FC:56:07:22:D1:9F:1C:37:99:4D:75:AA:B9:A1:
F3:69:04:65:A7:68:3F
Signature Algorithm: sha256WithRSAEncryption
Signature Value:
0f:0d:46:d7:c9:83:30:ff:81:79:2e:9f:cd:d2:42:9d:60:d9:
93:c3:20:96:00:2d:e8:14:bb:dd:1f:a5:cf:4e:cc:98:dd:14:
e7:9a:ab:0d:2c:dd:fb:ad:85:36:89:af:04:54:f0:24:48:4d:
09:cc:79:a8:fe:ea:b1:cd:5b:1b:50:a7:b0:37:13:6f:d4:d9:
1e:44:df:be:31:e1:3f:19:d1:f2:43:f9:6a:80:34:d6:15:9d:
bb:74:2b:0e:db:3a:b6:3c:95:18:b3:c8:be:4a:31:b4:a3:0c:
a8:da:b4:c8:57:02:f5:8c:4b:50:63:d0:b5:c1:40:5b:67:a0:
14:0a:a3:cd:d5:41:d0:71:29:42:b9:70:ad:c4:37:ff:e3:ad:
3d:48:51:ff:e0:e1:1d:2d:69:0d:df:1b:5f:28:48:27:35:90:
4f:e0:89:a0:e7:66:11:23:bf:c4:76:28:ba:f8:7c:e0:bd:8f:
ba:5a:8a:06:47:29:81:28:94:ee:02:32:ad:f4:84:00:d8:0d:
9d:3a:20:68:d4:bc:d8:01:d1:d9:26:72:bd:92:ef:19:50:e5:
ca:de:53:ff:2d:52:65:28:76:27:5c:37:8f:f8:3c:2a:54:57:
d5:fb:59:51:87:3b:9f:85:f0:1d:b4:e7:f8:04:c9:d5:5c:75:
db:8a:ae:39
1489525118 | 2024-05-27T12:02:57.1751945985 / tcp
HTTP/1.1 404 Not Found Content-Type: text/html; charset=us-ascii Server: Microsoft-HTTPAPI/2.0 Date: Mon, 27 May 2024 12:02:46 GMT Connection: close Content-Length: 315 WinRM NTLM Info: OS: Windows Server 2012 R2 OS Build: 6.3.9600 Target Name: WINDOWS-2012-ST NetBIOS Domain Name: WINDOWS-2012-ST NetBIOS Computer Name: WINDOWS-2012-ST DNS Domain Name: Windows-2012-standard FQDN: Windows-2012-standard
-77649157 | 2024-05-30T15:39:18.2474306379 / tcp
-DENIED Redis is running in protected mode because protected mode is enabled, no bind address was specified, no authentication password is requested to clients. In this mode connections are only accepted from the loopback interface. If you want to connect from external computers to Redis you may adopt one of the following solutions: 1) Just disable protected mode sending the command 'CONFIG SET protected-mode no' from the loopback interface by connecting to Redis from the same host the server is running, however MAKE SURE Redis is not publicly accessible from internet if you do so. Use CONFIG REWRITE to make this change permanent. 2) Alternatively you can just disable the protected mode by editing the Redis configuration file, and setting the protected mode option to 'no', and then restarting the server. 3) If you started the server manually just for testing, restart it with the '--protected-mode no' option. 4) Setup a bind address or an authentication password. NOTE: You only need to do one of the above things in order for the server to start accepting connections from the outside.
1293919354 | 2024-05-07T15:45:52.8041678083 / tcp
HTTP/1.1 404 Not Found content-length: 0 date: Tue, 07 May 2024 15:45:49 GMT server: Cowboy
-795948505 | 2024-06-01T20:16:36.52623633060 / tcp
MySQL X Protocol:
tls: False
authentication.mechanisms:
MYSQL41
SHA256_MEMORY
doc.formats: text
client.interactive: False
compression:
algorithm:
deflate_stream
lz4_message
zstd_stream
node_type: mysql
client.pwd_expire_ok: False