OK, so replies came.
Hikvision - not our product, go to ezviz.
support.uk - not UK distribution, go to hell
support.eu - EU distribution, but security reasons (what kind of reasons? I will not have previous owner recordings) - go to hell, dont forget to return our product, maybe another deer will buy it!
Facebook - bot saying please contact support@ - meaning - go to hell.
It's crap.
But when i started playing with QR code, i've found out that security code isnt really required to connect with their servers - I was afraid it will be calculated anyhow - so maybe there is a way to change a serial number of the device and just push it with some fake ones.
Anyone anything? Knowing such devices, potentially there is some hidden RO partition there, storing such data, hopefully unencrypted.
Wondering as well whether device is validating HTTPS certificates - maybe some MITM attack would reveal something nice
No mercy for them.