Hostnames |
videos.for-x.cn www.videos.for-x.cn default.zlmediakit.com |
Domains | for-x.cn zlmediakit.com |
Country | China |
City | Hangzhou |
Organization | CHINANET-ZJ Hangzhou node network |
ISP | CT-HangZhou-IDC |
ASN | AS58461 |
Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.
CVE-2023-44487 | The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023. |
CVE-2021-3618 | 5.8ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using compatible certificates, such as multi-domain or wildcard certificates. A MiTM attacker having access to victim's traffic at the TCP/IP layer can redirect traffic from one subdomain to another, resulting in a valid TLS session. This breaks the authentication of TLS and cross-protocol attacks may be possible where the behavior of one protocol service may compromise the other at the application layer. |
CVE-2021-23017 | 6.8A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process crash or potential other impact. |
-1026813282 | 2024-05-09T07:14:59.05397821 / tcp
220 Microsoft FTP Service 230 User logged in. 214-The following commands are recognized (* ==>'s unimplemented). ABOR ACCT ADAT * ALLO APPE AUTH CCC CDUP CWD DELE ENC * EPRT EPSV FEAT HELP HOST LANG LIST MDTM MIC * MKD MODE NLST NOOP OPTS PASS PASV PBSZ PORT PROT PWD QUIT REIN REST RETR RMD RNFR RNTO SITE SIZE SMNT STAT STOR STOU STRU SYST TYPE USER XCUP XCWD XMKD XPWD XRMD 214 HELP command successful. 211-Extended features supported: LANG EN* UTF8 AUTH TLS;TLS-C;SSL;TLS-P; PBSZ PROT C;P; CCC HOST SIZE MDTM REST STREAM 211 END
-652925914 | 2024-05-31T23:10:46.211522123 / udp
NTP protocolversion: 3 stratum: 3 leap: 0 precision: -6 rootdelay: 0.0 rootdisp: 10.8977813721 refid: 1877392814 reftime: 3926109610.95 poll: 0
-948824405 | 2024-05-29T02:48:50.688627443 / tcp
HTTP/1.1 200 OK Server: nginx/1.19.3 Date: Wed, 29 May 2024 02:48:37 GMT Content-Type: text/html; charset=utf-8 Content-Length: 5270 Last-Modified: Tue, 16 Apr 2024 07:29:57 GMT Connection: keep-alive ETag: "661e28f5-1496" Accept-Ranges: bytes
Certificate: Data: Version: 3 (0x2) Serial Number: 8d:1a:84:39:0f:ae:4f:f7:26:fb:16:cf:20:a1:d1:e7 Signature Algorithm: sha256WithRSAEncryption Issuer: C=GB, ST=Greater Manchester, L=Salford, O=Sectigo Limited, CN=Sectigo RSA Domain Validation Secure Server CA Validity Not Before: Mar 29 00:00:00 2024 GMT Not After : Mar 29 23:59:59 2025 GMT Subject: CN=videos.for-x.cn Subject Public Key Info: Public Key Algorithm: rsaEncryption Public-Key: (2048 bit) Modulus: 00:b6:2e:af:12:6e:df:4d:99:57:74:ad:7c:5b:35: 0b:a2:56:a9:48:31:fb:99:37:7c:dd:55:16:5d:df: f7:6f:46:87:0f:d6:17:9d:4f:d1:c0:c4:cb:ac:9c: 14:0d:46:ad:a3:69:05:7a:01:c0:b9:98:c1:94:3a: cd:08:42:1a:0e:6b:d4:79:66:d8:05:99:43:c4:2c: 8c:b6:76:d7:3a:0b:41:8d:ae:00:4e:c1:10:37:3f: 62:9a:e4:7f:7f:e8:70:63:c8:70:2a:f5:b8:cb:0e: 56:8e:53:01:2a:93:93:56:ff:2b:ee:35:76:35:aa: 54:49:2d:e1:b5:ae:88:3d:e2:09:35:df:91:3c:ec: bb:ac:5e:c5:a2:59:0c:e9:b1:9f:29:60:4f:b8:40: 11:c4:b5:ec:6a:bf:d7:b7:a8:13:09:e9:74:5f:ba: ba:a4:9b:52:03:dd:17:56:b4:bb:31:5b:04:cc:6f: d4:dd:7a:aa:ae:b2:28:38:c4:d3:bc:95:de:60:37: 21:84:80:37:2e:b3:43:93:b7:f1:ac:d0:fe:6d:28: 4e:6f:03:0c:33:41:c5:1b:63:ee:0d:8d:7c:1e:dc: a7:06:bf:a8:36:ea:c5:1a:07:89:93:99:ee:d0:45: b5:3d:df:fa:64:ea:72:fa:b6:b8:4c:fa:47:f2:f4: 7a:19 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Authority Key Identifier: 8D:8C:5E:C4:54:AD:8A:E1:77:E9:9B:F9:9B:05:E1:B8:01:8D:61:E1 X509v3 Subject Key Identifier: F1:76:FF:27:E1:D1:12:7E:EA:60:9F:E4:2F:24:96:41:95:45:D6:78 X509v3 Key Usage: critical Digital Signature, Key Encipherment X509v3 Basic Constraints: critical CA:FALSE X509v3 Extended Key Usage: TLS Web Server Authentication, TLS Web Client Authentication X509v3 Certificate Policies: Policy: 1.3.6.1.4.1.6449.1.2.2.7 CPS: https://sectigo.com/CPS Policy: 2.23.140.1.2.1 Authority Information Access: CA Issuers - URI:http://crt.sectigo.com/SectigoRSADomainValidationSecureServerCA.crt OCSP - URI:http://ocsp.sectigo.com X509v3 Subject Alternative Name: DNS:videos.for-x.cn, DNS:www.videos.for-x.cn CT Precertificate SCTs: Signed Certificate Timestamp: Version : v1 (0x0) Log ID : CF:11:56:EE:D5:2E:7C:AF:F3:87:5B:D9:69:2E:9B:E9: 1A:71:67:4A:B0:17:EC:AC:01:D2:5B:77:CE:CC:3B:08 Timestamp : Mar 29 07:30:30.750 2024 GMT Extensions: none Signature : ecdsa-with-SHA256 30:45:02:20:73:A2:C2:A9:FC:A2:8F:92:A7:6A:01:88: C8:6A:36:3D:21:57:D2:CE:42:66:67:E0:8A:CA:8A:8B: 4F:EF:6D:11:02:21:00:B3:CD:99:9C:F3:5D:90:ED:44: 9F:37:0C:B1:7A:00:E0:18:E9:DC:76:BC:CD:69:1D:26: 27:15:9C:F6:5F:F5:6A Signed Certificate Timestamp: Version : v1 (0x0) Log ID : A2:E3:0A:E4:45:EF:BD:AD:9B:7E:38:ED:47:67:77:53: D7:82:5B:84:94:D7:2B:5E:1B:2C:C4:B9:50:A4:47:E7 Timestamp : Mar 29 07:30:30.640 2024 GMT Extensions: none Signature : ecdsa-with-SHA256 30:44:02:20:66:39:88:C9:0B:A0:24:4D:4E:3D:7D:91: F1:44:5F:AE:C3:94:D6:96:8E:F1:AE:8B:17:24:5B:83: A1:EA:E9:E3:02:20:5F:3B:DB:A4:43:9B:78:ED:20:34: 81:FF:CC:A7:0A:9B:46:E0:84:4C:71:8D:5C:A1:0F:B3: DA:C0:95:C6:F4:BC Signed Certificate Timestamp: Version : v1 (0x0) Log ID : 4E:75:A3:27:5C:9A:10:C3:38:5B:6C:D4:DF:3F:52:EB: 1D:F0:E0:8E:1B:8D:69:C0:B1:FA:64:B1:62:9A:39:DF Timestamp : Mar 29 07:30:30.639 2024 GMT Extensions: none Signature : ecdsa-with-SHA256 30:44:02:20:55:F2:56:05:AA:96:9C:A3:92:C9:20:96: 93:BF:78:05:77:C2:BF:3B:90:F9:85:20:28:4C:E1:4C: 36:7E:4D:3F:02:20:75:88:87:37:61:3B:E7:6D:5A:CC: A2:65:0B:73:E3:D8:2F:A3:79:F0:74:BC:78:2D:EF:95: 4F:5F:2D:62:E2:8C Signature Algorithm: sha256WithRSAEncryption Signature Value: 4c:6a:ce:22:e9:4c:24:f0:3e:29:19:b7:2f:c4:75:d9:a3:58: c6:5f:99:a8:64:97:64:18:75:de:55:91:92:e9:39:05:65:15: 3b:0b:99:9c:fa:19:d6:bc:cd:ba:df:e7:62:bc:ec:f8:1c:72: 85:9d:c7:a4:12:a9:68:a0:db:ff:28:e2:ad:57:c6:4a:11:36: be:ea:ce:94:99:1a:6f:42:1d:00:dd:ef:70:9b:21:d1:4d:0c: a6:f8:28:68:85:58:fb:50:a3:f8:65:0c:7b:db:19:2d:09:da: f3:74:a9:56:f8:2e:88:65:75:59:16:07:10:6b:4c:2c:30:0a: a9:db:d0:74:a0:a4:cf:6a:cd:fe:8b:be:a0:d2:15:80:27:56: 16:d0:d6:68:ff:ab:48:c0:6b:9f:ac:8e:81:39:5d:cb:ac:9d: d9:c6:c6:73:23:98:23:8c:52:49:f1:3f:c7:8d:d3:0c:9e:7b: 58:6f:fa:2a:f2:7b:23:bc:62:be:38:37:c1:a7:8d:53:fc:a8: 25:62:11:60:53:94:5e:c6:64:a5:4f:36:7c:30:b3:24:f8:3d: 6e:50:93:f9:04:d3:2e:2c:f9:6f:01:44:1e:9e:f1:d6:5e:1d: 36:07:3d:4e:70:d5:7d:c6:e7:37:ca:23:53:13:93:0c:91:a8: ca:1b:6e:2c
-1351362334 | 2024-05-22T11:05:48.1005471883 / tcp
MQTT Connection Code: 0 Topics:
2516931 | 2024-05-30T23:50:12.6869453306 / tcp
MySQL: Error Message: Host '224.242.125.121' is not allowed to connect to this MySQL server Error Code: 1130
2059483171 | 2024-05-31T09:27:25.5368204433 / tcp
HTTP/1.1 200 OK Connection: keep-alive Content-Length: 155 Content-Type: text/html; charset=utf-8 Date: Fri, May 31 2024 09:27:05 GMT Keep-Alive: timeout=30, max=100 Server: ZLMediaKit(git hash:154ad2e/2023-07-04T11:48:11+08:00,branch:master,build time:2023-07-10T15:16:35) Set-Cookie: ZL_COOKIE=54096f8fa9cf3ad1bad0919a85af71c9;expires=Fri, May 31 2024 09:37:05 GMT;path=/
Certificate: Data: Version: 3 (0x2) Serial Number: 0b:ed:f2:1a:c3:29:7d:d7:fc:fb:fd:ea:cb:27:8a:32 Signature Algorithm: sha256WithRSAEncryption Issuer: C=US, O=DigiCert Inc, OU=www.digicert.com, CN=Encryption Everywhere DV TLS CA - G1 Validity Not Before: Sep 13 00:00:00 2021 GMT Not After : Sep 13 23:59:59 2022 GMT Subject: CN=default.zlmediakit.com Subject Public Key Info: Public Key Algorithm: rsaEncryption Public-Key: (2048 bit) Modulus: 00:89:3b:5b:04:b9:1f:aa:1b:e7:05:e8:47:fb:88: 60:75:a4:7e:6f:e6:37:e9:82:dc:eb:e0:7d:32:b7: 26:dd:9e:34:d3:16:cb:07:bf:71:3a:4a:55:43:75: c3:b2:29:09:4b:7a:02:4f:08:a0:07:03:9c:a3:db: a5:4e:79:01:db:32:a7:5a:8d:16:7a:a0:60:ca:82: 35:83:eb:a4:4b:f0:a3:9a:87:25:e0:fa:b6:6e:15: 96:4c:21:e6:3e:a8:52:92:29:04:1d:78:b1:7d:43: c7:cc:05:21:44:34:97:9e:1c:45:9c:95:f6:1d:6f: 8b:c9:1e:6b:9e:ca:70:ec:f9:16:ba:17:a9:ba:b2: 28:2e:af:ed:54:62:a7:3b:93:97:ff:67:0e:98:89: c0:3c:68:eb:04:6f:92:15:ad:59:d3:e0:f4:94:24: de:c6:d3:fb:08:a8:ab:31:0c:a8:22:b5:11:d1:90: f0:15:34:44:44:e8:f0:c5:84:d7:ad:46:70:dd:6a: ef:d8:94:08:f8:75:bf:b1:fe:f5:32:9d:1b:d2:ac: 05:0c:0f:31:06:fb:67:f4:f0:6b:1b:cd:dd:db:41: 8c:1a:85:cc:ab:06:bc:5b:88:2c:7a:f7:33:67:1a: b6:e1:f0:be:5b:c5:04:5f:66:08:73:e3:02:3b:0a: b1:25 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Authority Key Identifier: 55:74:4F:B2:72:4F:F5:60:BA:50:D1:D7:E6:51:5C:9A:01:87:1A:D7 X509v3 Subject Key Identifier: 79:C3:85:D4:5F:E6:3E:87:DF:CF:FA:14:38:79:75:4C:52:69:F1:5E X509v3 Subject Alternative Name: DNS:default.zlmediakit.com X509v3 Key Usage: critical Digital Signature, Key Encipherment X509v3 Extended Key Usage: TLS Web Server Authentication, TLS Web Client Authentication X509v3 Certificate Policies: Policy: 2.23.140.1.2.1 CPS: http://www.digicert.com/CPS Authority Information Access: OCSP - URI:http://ocsp.digicert.com CA Issuers - URI:http://cacerts.digicert.com/EncryptionEverywhereDVTLSCA-G1.crt X509v3 Basic Constraints: CA:FALSE CT Precertificate SCTs: Signed Certificate Timestamp: Version : v1 (0x0) Log ID : 29:79:BE:F0:9E:39:39:21:F0:56:73:9F:63:A5:77:E5: BE:57:7D:9C:60:0A:F8:F9:4D:5D:26:5C:25:5D:C7:84 Timestamp : Sep 13 12:32:02.440 2021 GMT Extensions: none Signature : ecdsa-with-SHA256 30:46:02:21:00:E7:B7:39:CA:39:9E:E6:FB:EB:A5:C3: 2D:7D:62:98:97:EE:74:98:6E:D2:CA:DD:7D:A8:10:E8: 25:04:D3:D6:79:02:21:00:AB:71:B2:D5:B8:08:F5:9E: A9:2D:2C:91:7C:B7:05:F9:77:20:D4:EE:B3:0C:32:6B: 85:7D:DC:B4:71:53:5D:6A Signed Certificate Timestamp: Version : v1 (0x0) Log ID : 51:A3:B0:F5:FD:01:79:9C:56:6D:B8:37:78:8F:0C:A4: 7A:CC:1B:27:CB:F7:9E:88:42:9A:0D:FE:D4:8B:05:E5 Timestamp : Sep 13 12:32:02.547 2021 GMT Extensions: none Signature : ecdsa-with-SHA256 30:44:02:20:49:5C:63:1D:7B:18:6B:8C:C3:11:06:D6: 25:F0:70:13:9E:9A:F4:D7:05:7B:82:5C:2D:45:F9:D4: E3:29:AF:05:02:20:3F:48:C8:A2:FE:C8:29:DD:CC:33: 9E:0E:3B:34:3A:97:3A:CD:EE:46:2D:C3:E0:F1:9E:4D: 76:74:C9:5D:94:99 Signed Certificate Timestamp: Version : v1 (0x0) Log ID : 41:C8:CA:B1:DF:22:46:4A:10:C6:A1:3A:09:42:87:5E: 4E:31:8B:1B:03:EB:EB:4B:C7:68:F0:90:62:96:06:F6 Timestamp : Sep 13 12:32:02.502 2021 GMT Extensions: none Signature : ecdsa-with-SHA256 30:45:02:20:36:C1:DC:F7:3E:4A:BD:EB:67:CE:28:BB: 70:1F:6D:32:BF:D4:96:74:A7:64:F6:32:E9:44:21:F8: 1F:B6:AA:AA:02:21:00:CE:C4:A6:2B:0C:22:AB:84:21: 2F:8B:FC:56:07:22:D1:9F:1C:37:99:4D:75:AA:B9:A1: F3:69:04:65:A7:68:3F Signature Algorithm: sha256WithRSAEncryption Signature Value: 0f:0d:46:d7:c9:83:30:ff:81:79:2e:9f:cd:d2:42:9d:60:d9: 93:c3:20:96:00:2d:e8:14:bb:dd:1f:a5:cf:4e:cc:98:dd:14: e7:9a:ab:0d:2c:dd:fb:ad:85:36:89:af:04:54:f0:24:48:4d: 09:cc:79:a8:fe:ea:b1:cd:5b:1b:50:a7:b0:37:13:6f:d4:d9: 1e:44:df:be:31:e1:3f:19:d1:f2:43:f9:6a:80:34:d6:15:9d: bb:74:2b:0e:db:3a:b6:3c:95:18:b3:c8:be:4a:31:b4:a3:0c: a8:da:b4:c8:57:02:f5:8c:4b:50:63:d0:b5:c1:40:5b:67:a0: 14:0a:a3:cd:d5:41:d0:71:29:42:b9:70:ad:c4:37:ff:e3:ad: 3d:48:51:ff:e0:e1:1d:2d:69:0d:df:1b:5f:28:48:27:35:90: 4f:e0:89:a0:e7:66:11:23:bf:c4:76:28:ba:f8:7c:e0:bd:8f: ba:5a:8a:06:47:29:81:28:94:ee:02:32:ad:f4:84:00:d8:0d: 9d:3a:20:68:d4:bc:d8:01:d1:d9:26:72:bd:92:ef:19:50:e5: ca:de:53:ff:2d:52:65:28:76:27:5c:37:8f:f8:3c:2a:54:57: d5:fb:59:51:87:3b:9f:85:f0:1d:b4:e7:f8:04:c9:d5:5c:75: db:8a:ae:39
1489525118 | 2024-05-27T12:02:57.1751945985 / tcp
HTTP/1.1 404 Not Found Content-Type: text/html; charset=us-ascii Server: Microsoft-HTTPAPI/2.0 Date: Mon, 27 May 2024 12:02:46 GMT Connection: close Content-Length: 315 WinRM NTLM Info: OS: Windows Server 2012 R2 OS Build: 6.3.9600 Target Name: WINDOWS-2012-ST NetBIOS Domain Name: WINDOWS-2012-ST NetBIOS Computer Name: WINDOWS-2012-ST DNS Domain Name: Windows-2012-standard FQDN: Windows-2012-standard
-77649157 | 2024-06-02T06:49:55.4609156379 / tcp
-DENIED Redis is running in protected mode because protected mode is enabled, no bind address was specified, no authentication password is requested to clients. In this mode connections are only accepted from the loopback interface. If you want to connect from external computers to Redis you may adopt one of the following solutions: 1) Just disable protected mode sending the command 'CONFIG SET protected-mode no' from the loopback interface by connecting to Redis from the same host the server is running, however MAKE SURE Redis is not publicly accessible from internet if you do so. Use CONFIG REWRITE to make this change permanent. 2) Alternatively you can just disable the protected mode by editing the Redis configuration file, and setting the protected mode option to 'no', and then restarting the server. 3) If you started the server manually just for testing, restart it with the '--protected-mode no' option. 4) Setup a bind address or an authentication password. NOTE: You only need to do one of the above things in order for the server to start accepting connections from the outside.
1293919354 | 2024-05-07T15:45:52.8041678083 / tcp
HTTP/1.1 404 Not Found content-length: 0 date: Tue, 07 May 2024 15:45:49 GMT server: Cowboy
-795948505 | 2024-06-01T20:16:36.52623633060 / tcp
MySQL X Protocol: tls: False authentication.mechanisms: MYSQL41 SHA256_MEMORY doc.formats: text client.interactive: False compression: algorithm: deflate_stream lz4_message zstd_stream node_type: mysql client.pwd_expire_ok: False