{"ip":"216.180.246.135","total_events":344,"verdict":{"verdict":"scanner","label":"Recognized scanner","detail":"deepfield","confidence":"high","network_type":null},"first_seen":"2026-02-19T10:16:26","last_seen":"2026-06-03T21:55:08","events_24h":1,"events_7d":77,"geo":{"country_code":"US","country_name":"United States","region":"","city":"","lat":37.751,"lon":-97.822,"asn":396982,"org":"Google LLC"},"source_domain":"crawler135.deepfield.net","known_scanners":["deepfield","Deepfield (Nokia)"],"scanner_tag":{"key":"deepfield","label":"Deepfield (Nokia)","category":"vendor","url":"https://www.nokia.com/networks/products/deepfield/"},"cve_matches":[{"cve_id":"CVE-2017-5983","title":"JIRA Workflow Designer Plugin in Atlassian JIRA Server > 6.3.0 - Remote Code Execution (XXE)","severity":"critical","actively_exploited":false,"match_field":"url_path","matched_pattern":"/login.jsp"},{"cve_id":"CVE-2018-1207","title":"Dell iDRAC7/8 Devices - Remote Code Injection","severity":"critical","actively_exploited":false,"match_field":"url_path","matched_pattern":"/cgi-bin/login"},{"cve_id":"CVE-2022-31678","title":"VMWare Cloud Foundation NSX-V - XML External Entity (XXE)","severity":"critical","actively_exploited":false,"match_field":"url_path","matched_pattern":"/login.jsp"},{"cve_id":"CVE-2015-1880","title":"Fortinet FortiOS <=5.2.3 - Cross-Site Scripting","severity":"medium","actively_exploited":false,"match_field":"url_path","matched_pattern":"/remote/login"},{"cve_id":"CVE-2021-40868","title":"Cloudron 6.2 Cross-Site Scripting","severity":"medium","actively_exploited":false,"match_field":"url_path","matched_pattern":"/login.html"},{"cve_id":"CVE-2025-2709","title":"Yonyou UFIDA ERP-NC V5.0 - Cross-Site Scripting","severity":"medium","actively_exploited":false,"match_field":"url_path","matched_pattern":"/login.jsp"}],"top_ports":[{"port":80,"proto":"tcp","label":"HTTP","count":20},{"port":49153,"proto":"tcp","label":"","count":18},{"port":9898,"proto":"tcp","label":"","count":16},{"port":5005,"proto":"tcp","label":"","count":16},{"port":25500,"proto":"tcp","label":"","count":16},{"port":8800,"proto":"tcp","label":"","count":16},{"port":26554,"proto":"tcp","label":"","count":16},{"port":14801,"proto":"tcp","label":"","count":16},{"port":58167,"proto":"tcp","label":"","count":16},{"port":7021,"proto":"tcp","label":"","count":16},{"port":4080,"proto":"tcp","label":"","count":16},{"port":5280,"proto":"tcp","label":"","count":16},{"port":8092,"proto":"tcp","label":"","count":16},{"port":61289,"proto":"tcp","label":"","count":16},{"port":6443,"proto":"tcp","label":"k8s API","count":16}],"fingerprints":{"ssh_hassh":[],"tls_ja4":["t13i1909h1_9dc949149365_97f8aa674fd9"],"ja4h":["ge11nn0400_88d30a62b7ad","ge10nn0100_4740ae6347b0"]},"fingerprint_peers":{"t13i1909h1_9dc949149365_97f8aa674fd9":258,"ge10nn0100_4740ae6347b0":347,"ge11nn0400_88d30a62b7ad":5652},"user_agents":["Mozilla/5.0 (compatible; GenomeCrawlerd/1.0; +https://www.nokia.com/genomecrawler)"],"timeline":[{"date":"2026-03-09","count":16},{"date":"2026-03-14","count":20},{"date":"2026-03-17","count":16},{"date":"2026-04-02","count":16},{"date":"2026-04-04","count":21},{"date":"2026-04-06","count":7},{"date":"2026-04-07","count":16},{"date":"2026-05-15","count":5},{"date":"2026-05-19","count":32},{"date":"2026-05-20","count":3},{"date":"2026-05-23","count":16},{"date":"2026-05-29","count":16},{"date":"2026-05-31","count":3},{"date":"2026-06-01","count":4},{"date":"2026-06-02","count":53},{"date":"2026-06-03","count":1}],"recent_events":[{"timestamp":"2026-06-03T21:55:08","port":443,"proto":"tcp","app_proto":"","host":"probe","headers":"{\"host\":\"probe\"}","body":"","sni":"","tls_cipher":"","tls_version":"","alpn":[],"url_path":"/","summary":"","method":"GET","user_agent":""},{"timestamp":"2026-06-02T14:40:42","port":2869,"proto":"tcp","app_proto":"tls","host":"<HONEYPOT>","headers":"{\"accept\":\"*/*\",\"accept-encoding\":\"gzip\",\"host\":\"<HONEYPOT>:2869\",\"user-agent\":\"Mozilla/5.0 (compatible; GenomeCrawlerd/1.0; +https://www.nokia.com/genomecrawler)\"}","body":"","sni":"","tls_cipher":"TLS_CHACHA20_POLY1305_SHA256","tls_version":"TLSv1.3","alpn":["http/1.1"],"url_path":"/login","summary":"","method":"GET","user_agent":"Mozilla/5.0 (compatible; GenomeCrawlerd/1.0; +https://www.nokia.com/genomecrawler)"},{"timestamp":"2026-06-02T14:40:42","port":2869,"proto":"tcp","app_proto":"tls","host":"<HONEYPOT>","headers":"{\"accept\":\"*/*\",\"accept-encoding\":\"gzip\",\"host\":\"<HONEYPOT>:2869\",\"user-agent\":\"Mozilla/5.0 (compatible; GenomeCrawlerd/1.0; +https://www.nokia.com/genomecrawler)\"}","body":"","sni":"","tls_cipher":"TLS_CHACHA20_POLY1305_SHA256","tls_version":"TLSv1.3","alpn":["http/1.1"],"url_path":"/login.jsp","summary":"","method":"GET","user_agent":"Mozilla/5.0 (compatible; GenomeCrawlerd/1.0; +https://www.nokia.com/genomecrawler)"},{"timestamp":"2026-06-02T14:40:41","port":2869,"proto":"tcp","app_proto":"tls","host":"<HONEYPOT>","headers":"{\"accept\":\"*/*\",\"accept-encoding\":\"gzip\",\"host\":\"<HONEYPOT>:2869\",\"user-agent\":\"Mozilla/5.0 (compatible; GenomeCrawlerd/1.0; +https://www.nokia.com/genomecrawler)\"}","body":"","sni":"","tls_cipher":"TLS_CHACHA20_POLY1305_SHA256","tls_version":"TLSv1.3","alpn":["http/1.1"],"url_path":"/login.html","summary":"","method":"GET","user_agent":"Mozilla/5.0 (compatible; GenomeCrawlerd/1.0; +https://www.nokia.com/genomecrawler)"},{"timestamp":"2026-06-02T14:40:41","port":2869,"proto":"tcp","app_proto":"tls","host":"<HONEYPOT>","headers":"{\"accept\":\"*/*\",\"accept-encoding\":\"gzip\",\"host\":\"<HONEYPOT>:2869\",\"user-agent\":\"Mozilla/5.0 (compatible; GenomeCrawlerd/1.0; +https://www.nokia.com/genomecrawler)\"}","body":"","sni":"","tls_cipher":"TLS_CHACHA20_POLY1305_SHA256","tls_version":"TLSv1.3","alpn":["http/1.1"],"url_path":"/login.htm","summary":"","method":"GET","user_agent":"Mozilla/5.0 (compatible; GenomeCrawlerd/1.0; +https://www.nokia.com/genomecrawler)"},{"timestamp":"2026-06-02T14:40:41","port":2869,"proto":"tcp","app_proto":"tls","host":"<HONEYPOT>","headers":"{\"accept\":\"*/*\",\"accept-encoding\":\"gzip\",\"host\":\"<HONEYPOT>:2869\",\"user-agent\":\"Mozilla/5.0 (compatible; GenomeCrawlerd/1.0; +https://www.nokia.com/genomecrawler)\"}","body":"","sni":"","tls_cipher":"TLS_CHACHA20_POLY1305_SHA256","tls_version":"TLSv1.3","alpn":["http/1.1"],"url_path":"/cgi-bin/login.cgi","summary":"","method":"GET","user_agent":"Mozilla/5.0 (compatible; GenomeCrawlerd/1.0; +https://www.nokia.com/genomecrawler)"},{"timestamp":"2026-06-02T14:40:40","port":2869,"proto":"tcp","app_proto":"tls","host":"<HONEYPOT>","headers":"{\"accept\":\"*/*\",\"accept-encoding\":\"gzip\",\"host\":\"<HONEYPOT>:2869\",\"user-agent\":\"Mozilla/5.0 (compatible; GenomeCrawlerd/1.0; +https://www.nokia.com/genomecrawler)\"}","body":"","sni":"","tls_cipher":"TLS_CHACHA20_POLY1305_SHA256","tls_version":"TLSv1.3","alpn":["http/1.1"],"url_path":"/+CSCOE+/logon.html","summary":"","method":"GET","user_agent":"Mozilla/5.0 (compatible; GenomeCrawlerd/1.0; +https://www.nokia.com/genomecrawler)"},{"timestamp":"2026-06-02T14:40:40","port":2869,"proto":"tcp","app_proto":"tls","host":"<HONEYPOT>","headers":"{\"accept\":\"*/*\",\"accept-encoding\":\"gzip\",\"host\":\"<HONEYPOT>:2869\",\"user-agent\":\"Mozilla/5.0 (compatible; GenomeCrawlerd/1.0; +https://www.nokia.com/genomecrawler)\"}","body":"","sni":"","tls_cipher":"TLS_CHACHA20_POLY1305_SHA256","tls_version":"TLSv1.3","alpn":["http/1.1"],"url_path":"/index.html","summary":"","method":"GET","user_agent":"Mozilla/5.0 (compatible; GenomeCrawlerd/1.0; +https://www.nokia.com/genomecrawler)"},{"timestamp":"2026-06-02T14:40:40","port":2869,"proto":"tcp","app_proto":"tls","host":"<HONEYPOT>","headers":"{\"accept\":\"*/*\",\"accept-encoding\":\"gzip\",\"host\":\"<HONEYPOT>:2869\",\"user-agent\":\"Mozilla/5.0 (compatible; GenomeCrawlerd/1.0; +https://www.nokia.com/genomecrawler)\"}","body":"","sni":"","tls_cipher":"TLS_CHACHA20_POLY1305_SHA256","tls_version":"TLSv1.3","alpn":["http/1.1"],"url_path":"/admin/index.html","summary":"","method":"GET","user_agent":"Mozilla/5.0 (compatible; GenomeCrawlerd/1.0; +https://www.nokia.com/genomecrawler)"},{"timestamp":"2026-06-02T14:40:40","port":2869,"proto":"tcp","app_proto":"tls","host":"<HONEYPOT>","headers":"{\"accept\":\"*/*\",\"accept-encoding\":\"gzip\",\"host\":\"<HONEYPOT>:2869\",\"user-agent\":\"Mozilla/5.0 (compatible; GenomeCrawlerd/1.0; +https://www.nokia.com/genomecrawler)\"}","body":"","sni":"","tls_cipher":"TLS_CHACHA20_POLY1305_SHA256","tls_version":"TLSv1.3","alpn":["http/1.1"],"url_path":"/manage/account/login","summary":"","method":"GET","user_agent":"Mozilla/5.0 (compatible; GenomeCrawlerd/1.0; +https://www.nokia.com/genomecrawler)"}],"http_methods":[{"method":"GET","count":328}],"distinct_ports_total":32,"top_paths":[{"path":"/","count":30,"ports":30},{"path":"/admin/index.html","count":28,"ports":28},{"path":"/manage/account/login","count":28,"ports":28},{"path":"/index.html","count":26,"ports":26},{"path":"/+CSCOE+/logon.html","count":24,"ports":24},{"path":"/cgi-bin/login.cgi","count":23,"ports":23},{"path":"/login.htm","count":21,"ports":21},{"path":"/login","count":19,"ports":19},{"path":"/login.jsp","count":19,"ports":19},{"path":"/login.html","count":19,"ports":19},{"path":"/doc/index.html","count":17,"ports":17},{"path":"/remote/login","count":16,"ports":16},{"path":"/web/","count":15,"ports":15},{"path":"/admin/login.asp","count":15,"ports":15},{"path":"/favicon.ico","count":14,"ports":14}],"distinct_paths_total":16,"top_snis":[],"top_hosts":[{"value":"probe","count":1}],"top_alpns":[{"value":"http/1.1","count":293}],"banners":[],"credentials":[],"header_profile":{"signature":["Accept","Accept-Encoding","Host","User-Agent"],"representative":[{"name":"Accept","value":"*/*","notable":false},{"name":"Accept-Encoding","value":"gzip","notable":false},{"name":"Host","value":"<HONEYPOT>:2869","notable":false},{"name":"User-Agent","value":"Mozilla/5.0 (compatible; GenomeCrawlerd/1.0; +https://www.nokia.com/genomecrawler)","notable":false}],"distinct_sets":2,"events_with_headers":10},"tags":[{"tag_id":"CVE-2017-5983","tag_type":"cve","title":"JIRA Workflow Designer Plugin in Atlassian JIRA Server > 6.3.0 - Remote Code Execution (XXE)","severity":"critical","actively_exploited":false,"match_field":"url_path","matched_pattern":"/login.jsp","reference_urls":["https://nvd.nist.gov/vuln/detail/CVE-2017-5983","https://code-white.com/blog/2017-04-amf/"]},{"tag_id":"CVE-2018-1207","tag_type":"cve","title":"Dell iDRAC7/8 Devices - Remote Code Injection","severity":"critical","actively_exploited":false,"match_field":"url_path","matched_pattern":"/cgi-bin/login","reference_urls":["https://downloads.dell.com/solutions/dell-management-solution-resources/iDRAC_CVE%201207_1211_1000116.pdf","https://github.com/KraudSecurity/Exploits/blob/master/CVE-2018-1207/CVE-2018-1207.py","https://nvd.nist.gov/vuln/detail/CVE-2018-1207","http://en.community.dell.com/techcenter/extras/m/white_papers/20485410","https://twitter.com/nicowaisman/status/977279766792466432"]},{"tag_id":"CVE-2022-31678","tag_type":"cve","title":"VMWare Cloud Foundation NSX-V - XML External Entity (XXE)","severity":"critical","actively_exploited":false,"match_field":"url_path","matched_pattern":"/login.jsp","reference_urls":["https://srcincite.io/advisories/src-2022-0022/","https://www.vmware.com/security/advisories/VMSA-2022-0027.html","https://nvd.nist.gov/vuln/detail/cve-2022-31678"]},{"tag_id":"CVE-2015-1880","tag_type":"cve","title":"Fortinet FortiOS <=5.2.3 - Cross-Site Scripting","severity":"medium","actively_exploited":false,"match_field":"url_path","matched_pattern":"/remote/login","reference_urls":["https://www.c2.lol/articles/xss-in-fortigates-ssl-vpn-login-page","http://www.fortiguard.com/advisory/FG-IR-15-005/","https://nvd.nist.gov/vuln/detail/CVE-2015-1880","http://www.securitytracker.com/id/1032261","http://www.securitytracker.com/id/1032262"]},{"tag_id":"CVE-2021-40868","tag_type":"cve","title":"Cloudron 6.2 Cross-Site Scripting","severity":"medium","actively_exploited":false,"match_field":"url_path","matched_pattern":"/login.html","reference_urls":["https://packetstormsecurity.com/files/164255/Cloudron-6.2-Cross-Site-Scripting.html","https://nvd.nist.gov/vuln/detail/CVE-2021-40868","https://packetstormsecurity.com/files/164183/Cloudron-6.2-Cross-Site-Scripting.html","https://www.cloudron.io/","https://github.com/ARPSyndicate/cvemon"]},{"tag_id":"CVE-2025-2709","tag_type":"cve","title":"Yonyou UFIDA ERP-NC V5.0 - Cross-Site Scripting","severity":"medium","actively_exploited":false,"match_field":"url_path","matched_pattern":"/login.jsp","reference_urls":["https://github.com/Hebing123/cve/issues/84","https://nvd.nist.gov/vuln/detail/CVE-2025-2709"]}],"data_as_of":"2026-06-04T20:06:47.520939+00:00"}