info WAF Detection
Details
| Severity | info |
|---|---|
| Status | Open |
| Engine | nuclei |
| Target URL | https://easm.liifecore.com |
| First Seen | 2026-07-14 02:34:45 UTC |
| Last Seen | 2026-07-14 02:34:45 UTC |
| CWE | cwe-200 |
Description
A web application firewall was detected.
Raw Output
{
"curl-command": "curl -X \u0027POST\u0027 -d \u0027_=\u003cscript\u003ealert(1)\u003c/script\u003e\u0027 -H \u0027Content-Type: application/x-www-form-urlencoded\u0027 -H \u0027Host: easm.liifecore.com\u0027 -H \u0027User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/18.5 Mobile/15E148 Safari/604.1\u0027 \u0027https://easm.liifecore.com\u0027",
"host": "easm.liifecore.com",
"info": {
"author": [
"dwisiswant0",
"lu4nx",
"s4e-io"
],
"classification": {
"cve-id": null,
"cwe-id": [
"cwe-200"
]
},
"description": "A web application firewall was detected.",
"metadata": {
"max-request": 1
},
"name": "WAF Detection",
"reference": [
"https://github.com/Ekultek/WhatWaf"
],
"severity": "info",
"tags": [
"waf",
"tech",
"misc",
"discovery"
]
},
"ip": "10.64.5.220",
"matched-at": "https://easm.liifecore.com",
"matcher-name": "nginxgeneric",
"matcher-status": true,
"port": "443",
"request": "POST / HTTP/1.1\r\nHost: easm.liifecore.com\r\nUser-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/18.5 Mobile/15E148 Safari/604.1\r\nContent-Length: 27\r\nContent-Type: application/x-www-form-urlencoded\r\nAccept-Encoding: gzip\r\n\r\n_=\u003cscript\u003ealert(1)\u003c/script\u003e",
"response": "HTTP/1.1 302 Found\r\nContent-Length: 0\r\nConnection: keep-alive\r\nDate: Tue, 14 Jul 2026 02:32:52 GMT\r\nLocation: /login\r\nPermissions-Policy: geolocation=(), camera=(), microphone=()\r\nReferrer-Policy: strict-origin-when-cross-origin\r\nServer: nginx/1.24.0 (Ubuntu)\r\nStrict-Transport-Security: max-age=63072000; includeSubDomains\r\nX-Content-Type-Options: nosniff\r\nX-Frame-Options: DENY\r\n\r\n",
"scheme": "https",
"template": "http/technologies/waf-detect.yaml",
"template-id": "waf-detect",
"template-path": "/opt/vulture/nuclei-templates/http/technologies/waf-detect.yaml",
"template-url": "https://cloud.projectdiscovery.io/public/waf-detect",
"timestamp": "2026-07-14T02:32:52.928216116Z",
"type": "http",
"url": "https://easm.liifecore.com"
}