← Back to Findings

info WAF Detection

Details

Severityinfo
StatusOpen
Enginenuclei
Target URLhttps://easm.liifecore.com
First Seen2026-07-14 02:05:45 UTC
Last Seen2026-07-14 02:05:45 UTC
CWEcwe-200

Description

A web application firewall was detected.

Raw Output

{
  "curl-command": "curl -X \u0027POST\u0027 -d \u0027_=\u003cscript\u003ealert(1)\u003c/script\u003e\u0027 -H \u0027Content-Type: application/x-www-form-urlencoded\u0027 -H \u0027Host: easm.liifecore.com\u0027 -H \u0027User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:132.0) Gecko/20100101 Firefox/132.0\u0027 \u0027https://easm.liifecore.com\u0027",
  "host": "easm.liifecore.com",
  "info": {
    "author": [
      "dwisiswant0",
      "lu4nx",
      "s4e-io"
    ],
    "classification": {
      "cve-id": null,
      "cwe-id": [
        "cwe-200"
      ]
    },
    "description": "A web application firewall was detected.",
    "metadata": {
      "max-request": 1
    },
    "name": "WAF Detection",
    "reference": [
      "https://github.com/Ekultek/WhatWaf"
    ],
    "severity": "info",
    "tags": [
      "waf",
      "tech",
      "misc",
      "discovery"
    ]
  },
  "ip": "10.64.5.220",
  "matched-at": "https://easm.liifecore.com",
  "matcher-name": "nginxgeneric",
  "matcher-status": true,
  "port": "443",
  "request": "POST / HTTP/1.1\r\nHost: easm.liifecore.com\r\nUser-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:132.0) Gecko/20100101 Firefox/132.0\r\nContent-Length: 27\r\nContent-Type: application/x-www-form-urlencoded\r\nAccept-Encoding: gzip\r\n\r\n_=\u003cscript\u003ealert(1)\u003c/script\u003e",
  "response": "HTTP/1.1 302 Found\r\nContent-Length: 0\r\nConnection: keep-alive\r\nDate: Tue, 14 Jul 2026 02:03:53 GMT\r\nLocation: /login\r\nPermissions-Policy: geolocation=(), camera=(), microphone=()\r\nReferrer-Policy: strict-origin-when-cross-origin\r\nServer: nginx/1.24.0 (Ubuntu)\r\nStrict-Transport-Security: max-age=63072000; includeSubDomains\r\nX-Content-Type-Options: nosniff\r\nX-Frame-Options: DENY\r\n\r\n",
  "scheme": "https",
  "template": "http/technologies/waf-detect.yaml",
  "template-id": "waf-detect",
  "template-path": "/opt/vulture/nuclei-templates/http/technologies/waf-detect.yaml",
  "template-url": "https://cloud.projectdiscovery.io/public/waf-detect",
  "timestamp": "2026-07-14T02:03:53.996586053Z",
  "type": "http",
  "url": "https://easm.liifecore.com"
}

Update Status