Skip to content

Instantly share code, notes, and snippets.

@itsnikolayy

itsnikolayy/Barracuda-cloudgen-waf-config.txt

Last active August 5, 2023 06:59
Show Gist options
  • Save itsnikolayy/e0b74268f45f571924df2196aa0b5efb to your computer and use it in GitHub Desktop.
Save itsnikolayy/e0b74268f45f571924df2196aa0b5efb to your computer and use it in GitHub Desktop.
Download ZIP
Raw
Barracuda-cloudgen-waf-config.txt
# global config file for Barracuda WebApplication Firewall
# product=bws
# The above line is used to check for the correct product upon restoring a
# config. Do not change or remove it.
#
# each line below may be one of the following:
# blank line
# comment: any line beginning with a "#" sign - please note
# that # in the middle of the line will not be considered a comment
# key = value pair
# continuation: any line that contains text, but begins with white space
# is assumed to be a continuation of a list started with the previous
# key/value pair
#scope:<global>::scope_data:<>
# user own format of storing the logs
access_logs_custom_format = %t %un %lt %ai %ap %ci %cp %id %cu %m %p %h %v %s %bs %br %ch %tt %si %sp %st %sid %rtf %pmf %pf %wmf %u %q %r %c %ua %px %pp %au %cs1 %cs2 %cs3 %uid
access_standard_log_formats = bcaccessdef
action_for_stale_server = 0
adaptive_browse_count_high_contenttype_postbody = 10
adaptive_browse_count_high_crosssite_req_forgery_attack = 10
adaptive_browse_count_high_deny_acl_match = 3
adaptive_browse_count_high_forbidden_method = 10
adaptive_browse_count_high_forbiddenfile_ext = 10
adaptive_browse_count_high_hiddenparam_tampered = 10
adaptive_browse_count_high_mandatoryparam_missing = 10
adaptive_browse_count_high_maxinstances_param = 10
adaptive_browse_count_high_no_domainmatch = 10
adaptive_browse_count_high_no_paramprofile = 10
adaptive_browse_count_high_no_urlprofile = 10
adaptive_browse_count_high_sessioncontext_notfound = 10
adaptive_browse_count_high_url_encryption = 3
adaptive_browse_count_low_contenttype_postbody = 3
adaptive_browse_count_low_crosssite_req_forgery_attack = 3
adaptive_browse_count_low_deny_acl_match = 3
adaptive_browse_count_low_forbidden_method = 3
adaptive_browse_count_low_forbiddenfile_ext = 3
adaptive_browse_count_low_hiddenparam_tampered = 3
adaptive_browse_count_low_mandatoryparam_missing = 3
adaptive_browse_count_low_maxinstances_param = 3
adaptive_browse_count_low_no_domainmatch = 3
adaptive_browse_count_low_no_paramprofile = 3
adaptive_browse_count_low_no_urlprofile = 3
adaptive_browse_count_low_sessioncontext_notfound = 3
adaptive_browse_count_low_url_encryption = 3
adaptive_browse_count_medium_contenttype_postbody = 5
adaptive_browse_count_medium_crosssite_req_forgery_attack = 5
adaptive_browse_count_medium_deny_acl_match = 3
adaptive_browse_count_medium_forbidden_method = 5
adaptive_browse_count_medium_forbiddenfile_ext = 5
adaptive_browse_count_medium_hiddenparam_tampered = 5
adaptive_browse_count_medium_mandatoryparam_missing = 5
adaptive_browse_count_medium_maxinstances_param = 5
adaptive_browse_count_medium_no_domainmatch = 5
adaptive_browse_count_medium_no_paramprofile = 5
adaptive_browse_count_medium_no_urlprofile = 5
adaptive_browse_count_medium_sessioncontext_notfound = 5
adaptive_browse_count_medium_url_encryption = 3
adaptive_browse_newvalue_high_contenttype_postbody = 0
adaptive_browse_newvalue_high_crosssite_req_forgery_attack = 0
adaptive_browse_newvalue_high_deny_acl_match = 0
adaptive_browse_newvalue_high_forbidden_method = 0
adaptive_browse_newvalue_high_forbiddenfile_ext = 0
adaptive_browse_newvalue_high_hiddenparam_tampered = 0
adaptive_browse_newvalue_high_mandatoryparam_missing = 0
adaptive_browse_newvalue_high_maxinstances_param = 0
adaptive_browse_newvalue_high_no_domainmatch = 0
adaptive_browse_newvalue_high_no_paramprofile = 0
adaptive_browse_newvalue_high_no_urlprofile = 0
adaptive_browse_newvalue_high_sessioncontext_notfound = 0
adaptive_browse_newvalue_high_url_encryption = 0
adaptive_browse_newvalue_low_contenttype_postbody = 0
adaptive_browse_newvalue_low_crosssite_req_forgery_attack = 0
adaptive_browse_newvalue_low_deny_acl_match = 0
adaptive_browse_newvalue_low_forbidden_method = 0
adaptive_browse_newvalue_low_forbiddenfile_ext = 0
adaptive_browse_newvalue_low_hiddenparam_tampered = 0
adaptive_browse_newvalue_low_mandatoryparam_missing = 0
adaptive_browse_newvalue_low_maxinstances_param = 2
adaptive_browse_newvalue_low_no_domainmatch = 0
adaptive_browse_newvalue_low_no_paramprofile = 0
adaptive_browse_newvalue_low_no_urlprofile = 0
adaptive_browse_newvalue_low_sessioncontext_notfound = 0
adaptive_browse_newvalue_low_url_encryption = 0
adaptive_browse_newvalue_medium_contenttype_postbody = 0
adaptive_browse_newvalue_medium_crosssite_req_forgery_attack = 0
adaptive_browse_newvalue_medium_deny_acl_match = 0
adaptive_browse_newvalue_medium_forbidden_method = 0
adaptive_browse_newvalue_medium_forbiddenfile_ext = 0
adaptive_browse_newvalue_medium_hiddenparam_tampered = 0
adaptive_browse_newvalue_medium_mandatoryparam_missing = 0
adaptive_browse_newvalue_medium_maxinstances_param = 1
adaptive_browse_newvalue_medium_no_domainmatch = 0
adaptive_browse_newvalue_medium_no_paramprofile = 0
adaptive_browse_newvalue_medium_no_urlprofile = 0
adaptive_browse_newvalue_medium_sessioncontext_notfound = 0
adaptive_browse_newvalue_medium_url_encryption = 0
adaptive_browse_newvalue_trusted_contenttype_postbody = 0
adaptive_browse_newvalue_trusted_crosssite_req_forgery_attack = 0
adaptive_browse_newvalue_trusted_deny_acl_match = 0
adaptive_browse_newvalue_trusted_forbidden_method = 0
adaptive_browse_newvalue_trusted_forbiddenfile_ext = 0
adaptive_browse_newvalue_trusted_hiddenparam_tampered = 0
adaptive_browse_newvalue_trusted_mandatoryparam_missing = 0
adaptive_browse_newvalue_trusted_maxinstances_param = 0
adaptive_browse_newvalue_trusted_no_domainmatch = 0
adaptive_browse_newvalue_trusted_no_paramprofile = 0
adaptive_browse_newvalue_trusted_no_urlprofile = 0
adaptive_browse_newvalue_trusted_sessioncontext_notfound = 0
adaptive_browse_newvalue_trusted_url_encryption = 0
adaptive_browse_setting_high_contenttype_postbody = 0
adaptive_browse_setting_high_crosssite_req_forgery_attack = 0
adaptive_browse_setting_high_deny_acl_match = 0
adaptive_browse_setting_high_forbidden_method = 2
adaptive_browse_setting_high_forbiddenfile_ext = 2
adaptive_browse_setting_high_hiddenparam_tampered = 2
adaptive_browse_setting_high_mandatoryparam_missing = 2
adaptive_browse_setting_high_maxinstances_param = 2
adaptive_browse_setting_high_no_domainmatch = 2
adaptive_browse_setting_high_no_paramprofile = 0
adaptive_browse_setting_high_no_urlprofile = 0
adaptive_browse_setting_high_sessioncontext_notfound = 0
adaptive_browse_setting_high_url_encryption = 0
adaptive_browse_setting_low_contenttype_postbody = 0
adaptive_browse_setting_low_crosssite_req_forgery_attack = 0
adaptive_browse_setting_low_deny_acl_match = 0
adaptive_browse_setting_low_forbidden_method = 0
adaptive_browse_setting_low_forbiddenfile_ext = 0
adaptive_browse_setting_low_hiddenparam_tampered = 0
adaptive_browse_setting_low_mandatoryparam_missing = 0
adaptive_browse_setting_low_maxinstances_param = 0
adaptive_browse_setting_low_no_domainmatch = 0
adaptive_browse_setting_low_no_paramprofile = 0
adaptive_browse_setting_low_no_urlprofile = 0
adaptive_browse_setting_low_sessioncontext_notfound = 0
adaptive_browse_setting_low_url_encryption = 0
adaptive_browse_setting_medium_contenttype_postbody = 0
adaptive_browse_setting_medium_crosssite_req_forgery_attack = 0
adaptive_browse_setting_medium_deny_acl_match = 0
adaptive_browse_setting_medium_forbidden_method = 0
adaptive_browse_setting_medium_forbiddenfile_ext = 0
adaptive_browse_setting_medium_hiddenparam_tampered = 0
adaptive_browse_setting_medium_mandatoryparam_missing = 0
adaptive_browse_setting_medium_maxinstances_param = 0
adaptive_browse_setting_medium_no_domainmatch = 0
adaptive_browse_setting_medium_no_paramprofile = 0
adaptive_browse_setting_medium_no_urlprofile = 0
adaptive_browse_setting_medium_sessioncontext_notfound = 0
adaptive_browse_setting_medium_url_encryption = 0
adaptive_browse_setting_trusted_contenttype_postbody = 0
adaptive_browse_setting_trusted_crosssite_req_forgery_attack = 0
adaptive_browse_setting_trusted_deny_acl_match = 0
adaptive_browse_setting_trusted_forbidden_method = 0
adaptive_browse_setting_trusted_forbiddenfile_ext = 0
adaptive_browse_setting_trusted_hiddenparam_tampered = 0
adaptive_browse_setting_trusted_mandatoryparam_missing = 0
adaptive_browse_setting_trusted_maxinstances_param = 0
adaptive_browse_setting_trusted_no_domainmatch = 0
adaptive_browse_setting_trusted_no_paramprofile = 0
adaptive_browse_setting_trusted_no_urlprofile = 0
adaptive_browse_setting_trusted_sessioncontext_notfound = 0
adaptive_browse_setting_trusted_url_encryption = 0
adaptive_cookie_count_high_cookie_expired = 10
adaptive_cookie_count_high_cookie_tampered = 10
adaptive_cookie_count_high_count_exceeded = 10
adaptive_cookie_count_high_header_replayattack = 10
adaptive_cookie_count_high_ip_replayattack = 10
adaptive_cookie_count_high_length_exceeded = 10
adaptive_cookie_count_high_namelength_exceeded = 10
adaptive_cookie_count_high_unrecognized_cookie = 10
adaptive_cookie_count_low_cookie_expired = 3
adaptive_cookie_count_low_cookie_tampered = 3
adaptive_cookie_count_low_count_exceeded = 3
adaptive_cookie_count_low_header_replayattack = 3
adaptive_cookie_count_low_ip_replayattack = 3
adaptive_cookie_count_low_length_exceeded = 3
adaptive_cookie_count_low_namelength_exceeded = 3
adaptive_cookie_count_low_unrecognized_cookie = 3
adaptive_cookie_count_medium_cookie_expired = 5
adaptive_cookie_count_medium_cookie_tampered = 5
adaptive_cookie_count_medium_count_exceeded = 5
adaptive_cookie_count_medium_header_replayattack = 5
adaptive_cookie_count_medium_ip_replayattack = 5
adaptive_cookie_count_medium_length_exceeded = 5
adaptive_cookie_count_medium_namelength_exceeded = 5
adaptive_cookie_count_medium_unrecognized_cookie = 5
adaptive_cookie_newvalue_high_cookie_expired = 0
adaptive_cookie_newvalue_high_count_exceeded = 0
adaptive_cookie_newvalue_high_header_replayattack = 0
adaptive_cookie_newvalue_high_ip_replayattack = 0
adaptive_cookie_newvalue_high_length_exceeded = 0
adaptive_cookie_newvalue_high_namelength_exceeded = 0
adaptive_cookie_newvalue_high_unrecognized_cookie = 0
adaptive_cookie_newvalue_low_cookie_expired = 0
adaptive_cookie_newvalue_low_count_exceeded = 2
adaptive_cookie_newvalue_low_header_replayattack = 0
adaptive_cookie_newvalue_low_ip_replayattack = 0
adaptive_cookie_newvalue_low_length_exceeded = 2
adaptive_cookie_newvalue_low_namelength_exceeded = 2
adaptive_cookie_newvalue_low_unrecognized_cookie = 0
adaptive_cookie_newvalue_medium_cookie_expired = 0
adaptive_cookie_newvalue_medium_count_exceeded = 1
adaptive_cookie_newvalue_medium_header_replayattack = 0
adaptive_cookie_newvalue_medium_ip_replayattack = 0
adaptive_cookie_newvalue_medium_length_exceeded = 1
adaptive_cookie_newvalue_medium_namelength_exceeded = 1
adaptive_cookie_newvalue_medium_unrecognized_cookie = 0
adaptive_cookie_newvalue_trusted_cookie_expired = 0
adaptive_cookie_newvalue_trusted_count_exceeded = 0
adaptive_cookie_newvalue_trusted_header_replayattack = 0
adaptive_cookie_newvalue_trusted_ip_replayattack = 0
adaptive_cookie_newvalue_trusted_length_exceeded = 0
adaptive_cookie_newvalue_trusted_namelength_exceeded = 0
adaptive_cookie_newvalue_trusted_unrecognized_cookie = 0
adaptive_cookie_setting_high_cookie_expired = 0
adaptive_cookie_setting_high_cookie_tampered = 2
adaptive_cookie_setting_high_count_exceeded = 0
adaptive_cookie_setting_high_header_replayattack = 2
adaptive_cookie_setting_high_ip_replayattack = 2
adaptive_cookie_setting_high_length_exceeded = 0
adaptive_cookie_setting_high_namelength_exceeded = 0
adaptive_cookie_setting_high_unrecognized_cookie = 0
adaptive_cookie_setting_low_cookie_expired = 0
adaptive_cookie_setting_low_cookie_tampered = 2
adaptive_cookie_setting_low_count_exceeded = 0
adaptive_cookie_setting_low_header_replayattack = 2
adaptive_cookie_setting_low_ip_replayattack = 2
adaptive_cookie_setting_low_length_exceeded = 0
adaptive_cookie_setting_low_namelength_exceeded = 0
adaptive_cookie_setting_low_unrecognized_cookie = 0
adaptive_cookie_setting_medium_cookie_expired = 0
adaptive_cookie_setting_medium_cookie_tampered = 2
adaptive_cookie_setting_medium_count_exceeded = 0
adaptive_cookie_setting_medium_header_replayattack = 2
adaptive_cookie_setting_medium_ip_replayattack = 2
adaptive_cookie_setting_medium_length_exceeded = 0
adaptive_cookie_setting_medium_namelength_exceeded = 0
adaptive_cookie_setting_medium_unrecognized_cookie = 0
adaptive_cookie_setting_trusted_cookie_expired = 0
adaptive_cookie_setting_trusted_cookie_tampered = 0
adaptive_cookie_setting_trusted_count_exceeded = 0
adaptive_cookie_setting_trusted_header_replayattack = 0
adaptive_cookie_setting_trusted_ip_replayattack = 0
adaptive_cookie_setting_trusted_length_exceeded = 0
adaptive_cookie_setting_trusted_namelength_exceeded = 0
adaptive_cookie_setting_trusted_unrecognized_cookie = 0
adaptive_header_count_high_apachestruts_header = 10
adaptive_header_count_high_crosssite_header = 10
adaptive_header_count_high_customattack_header = 10
adaptive_header_count_high_dirtraversal_header = 10
adaptive_header_count_high_header_count = 10
adaptive_header_count_high_header_name = 10
adaptive_header_count_high_header_value = 10
adaptive_header_count_high_httpspec_header = 10
adaptive_header_count_high_ldap_header = 10
adaptive_header_count_high_metachar_header = 10
adaptive_header_count_high_oscommand_header = 10
adaptive_header_count_high_pythonphp_header = 10
adaptive_header_count_high_sql_header = 10
adaptive_header_count_low_apachestruts_header = 3
adaptive_header_count_low_crosssite_header = 3
adaptive_header_count_low_customattack_header = 3
adaptive_header_count_low_dirtraversal_header = 3
adaptive_header_count_low_header_count = 3
adaptive_header_count_low_header_name = 3
adaptive_header_count_low_header_value = 3
adaptive_header_count_low_httpspec_header = 3
adaptive_header_count_low_ldap_header = 3
adaptive_header_count_low_metachar_header = 3
adaptive_header_count_low_oscommand_header = 3
adaptive_header_count_low_pythonphp_header = 3
adaptive_header_count_low_sql_header = 3
adaptive_header_count_medium_apachestruts_header = 5
adaptive_header_count_medium_crosssite_header = 5
adaptive_header_count_medium_customattack_header = 5
adaptive_header_count_medium_dirtraversal_header = 5
adaptive_header_count_medium_header_count = 5
adaptive_header_count_medium_header_name = 5
adaptive_header_count_medium_header_value = 5
adaptive_header_count_medium_httpspec_header = 5
adaptive_header_count_medium_ldap_header = 5
adaptive_header_count_medium_metachar_header = 5
adaptive_header_count_medium_oscommand_header = 5
adaptive_header_count_medium_pythonphp_header = 5
adaptive_header_count_medium_sql_header = 5
adaptive_header_newvalue_high_apachestruts_header = 0
adaptive_header_newvalue_high_crosssite_header = 0
adaptive_header_newvalue_high_customattack_header = 0
adaptive_header_newvalue_high_dirtraversal_header = 0
adaptive_header_newvalue_high_header_count = 0
adaptive_header_newvalue_high_header_name = 0
adaptive_header_newvalue_high_header_value = 0
adaptive_header_newvalue_high_httpspec_header = 0
adaptive_header_newvalue_high_ldap_header = 0
adaptive_header_newvalue_high_metachar_header = 0
adaptive_header_newvalue_high_oscommand_header = 0
adaptive_header_newvalue_high_pythonphp_header = 0
adaptive_header_newvalue_high_sql_header = 0
adaptive_header_newvalue_low_apachestruts_header = 0
adaptive_header_newvalue_low_crosssite_header = 0
adaptive_header_newvalue_low_customattack_header = 0
adaptive_header_newvalue_low_dirtraversal_header = 0
adaptive_header_newvalue_low_header_count = 2
adaptive_header_newvalue_low_header_name = 2
adaptive_header_newvalue_low_header_value = 2
adaptive_header_newvalue_low_httpspec_header = 0
adaptive_header_newvalue_low_ldap_header = 0
adaptive_header_newvalue_low_metachar_header = 0
adaptive_header_newvalue_low_oscommand_header = 0
adaptive_header_newvalue_low_pythonphp_header = 0
adaptive_header_newvalue_low_sql_header = 0
adaptive_header_newvalue_medium_apachestruts_header = 0
adaptive_header_newvalue_medium_crosssite_header = 0
adaptive_header_newvalue_medium_customattack_header = 0
adaptive_header_newvalue_medium_dirtraversal_header = 0
adaptive_header_newvalue_medium_header_count = 1
adaptive_header_newvalue_medium_header_name = 1
adaptive_header_newvalue_medium_header_value = 1
adaptive_header_newvalue_medium_httpspec_header = 0
adaptive_header_newvalue_medium_ldap_header = 0
adaptive_header_newvalue_medium_metachar_header = 0
adaptive_header_newvalue_medium_oscommand_header = 0
adaptive_header_newvalue_medium_pythonphp_header = 0
adaptive_header_newvalue_medium_sql_header = 0
adaptive_header_newvalue_trusted_apachestruts_header = 0
adaptive_header_newvalue_trusted_crosssite_header = 0
adaptive_header_newvalue_trusted_customattack_header = 0
adaptive_header_newvalue_trusted_dirtraversal_header = 0
adaptive_header_newvalue_trusted_header_count = 0
adaptive_header_newvalue_trusted_header_name = 0
adaptive_header_newvalue_trusted_header_value = 0
adaptive_header_newvalue_trusted_httpspec_header = 0
adaptive_header_newvalue_trusted_ldap_header = 0
adaptive_header_newvalue_trusted_metachar_header = 0
adaptive_header_newvalue_trusted_oscommand_header = 0
adaptive_header_newvalue_trusted_pythonphp_header = 0
adaptive_header_newvalue_trusted_sql_header = 0
adaptive_header_setting_high_apachestruts_header = 2
adaptive_header_setting_high_crosssite_header = 2
adaptive_header_setting_high_customattack_header = 2
adaptive_header_setting_high_dirtraversal_header = 2
adaptive_header_setting_high_header_count = 0
adaptive_header_setting_high_header_name = 2
adaptive_header_setting_high_header_value = 0
adaptive_header_setting_high_httpspec_header = 2
adaptive_header_setting_high_ldap_header = 2
adaptive_header_setting_high_metachar_header = 2
adaptive_header_setting_high_oscommand_header = 2
adaptive_header_setting_high_pythonphp_header = 2
adaptive_header_setting_high_sql_header = 2
adaptive_header_setting_low_apachestruts_header = 0
adaptive_header_setting_low_crosssite_header = 0
adaptive_header_setting_low_customattack_header = 0
adaptive_header_setting_low_dirtraversal_header = 0
adaptive_header_setting_low_header_count = 0
adaptive_header_setting_low_header_name = 0
adaptive_header_setting_low_header_value = 0
adaptive_header_setting_low_httpspec_header = 0
adaptive_header_setting_low_ldap_header = 0
adaptive_header_setting_low_metachar_header = 0
adaptive_header_setting_low_oscommand_header = 0
adaptive_header_setting_low_pythonphp_header = 0
adaptive_header_setting_low_sql_header = 0
adaptive_header_setting_medium_apachestruts_header = 0
adaptive_header_setting_medium_crosssite_header = 2
adaptive_header_setting_medium_customattack_header = 2
adaptive_header_setting_medium_dirtraversal_header = 0
adaptive_header_setting_medium_header_count = 0
adaptive_header_setting_medium_header_name = 0
adaptive_header_setting_medium_header_value = 0
adaptive_header_setting_medium_httpspec_header = 0
adaptive_header_setting_medium_ldap_header = 0
adaptive_header_setting_medium_metachar_header = 2
adaptive_header_setting_medium_oscommand_header = 0
adaptive_header_setting_medium_pythonphp_header = 0
adaptive_header_setting_medium_sql_header = 2
adaptive_header_setting_trusted_apachestruts_header = 0
adaptive_header_setting_trusted_crosssite_header = 0
adaptive_header_setting_trusted_customattack_header = 0
adaptive_header_setting_trusted_dirtraversal_header = 0
adaptive_header_setting_trusted_header_count = 0
adaptive_header_setting_trusted_header_name = 0
adaptive_header_setting_trusted_header_value = 0
adaptive_header_setting_trusted_httpspec_header = 0
adaptive_header_setting_trusted_ldap_header = 0
adaptive_header_setting_trusted_metachar_header = 0
adaptive_header_setting_trusted_oscommand_header = 0
adaptive_header_setting_trusted_pythonphp_header = 0
adaptive_header_setting_trusted_sql_header = 0
adaptive_input_count_high_apachestruts_param = 10
adaptive_input_count_high_apachestruts_url = 10
adaptive_input_count_high_crosssite_param = 10
adaptive_input_count_high_crosssite_url = 10
adaptive_input_count_high_customattack_param = 10
adaptive_input_count_high_customattack_url = 10
adaptive_input_count_high_dirtraversal_param = 10
adaptive_input_count_high_httpspec_param = 10
adaptive_input_count_high_httpspec_url = 10
adaptive_input_count_high_ldap_param = 10
adaptive_input_count_high_ldap_url = 10
adaptive_input_count_high_metachar_param = 10
adaptive_input_count_high_oscommand_param = 10
adaptive_input_count_high_oscommand_url = 10
adaptive_input_count_high_param_notallowed = 10
adaptive_input_count_high_paramvalidation_failed = 10
adaptive_input_count_high_pythonphp_param = 10
adaptive_input_count_high_pythonphp_url = 10
adaptive_input_count_high_query_notallowed = 10
adaptive_input_count_high_remotefile_param = 10
adaptive_input_count_high_remotefile_url = 10
adaptive_input_count_high_sessionchoice_tampered = 10
adaptive_input_count_high_sessioninvariant_tampered = 10
adaptive_input_count_high_sql_param = 10
adaptive_input_count_high_sql_url = 10
adaptive_input_count_high_virus_found = 10
adaptive_input_count_low_apachestruts_param = 3
adaptive_input_count_low_apachestruts_url = 3
adaptive_input_count_low_crosssite_param = 3
adaptive_input_count_low_crosssite_url = 3
adaptive_input_count_low_customattack_param = 3
adaptive_input_count_low_customattack_url = 3
adaptive_input_count_low_dirtraversal_param = 3
adaptive_input_count_low_httpspec_param = 3
adaptive_input_count_low_httpspec_url = 3
adaptive_input_count_low_ldap_param = 3
adaptive_input_count_low_ldap_url = 3
adaptive_input_count_low_metachar_param = 3
adaptive_input_count_low_oscommand_param = 3
adaptive_input_count_low_oscommand_url = 3
adaptive_input_count_low_param_notallowed = 3
adaptive_input_count_low_pythonphp_param = 3
adaptive_input_count_low_pythonphp_url = 3
adaptive_input_count_low_query_notallowed = 3
adaptive_input_count_low_remotefile_param = 3
adaptive_input_count_low_remotefile_url = 3
adaptive_input_count_low_sessionchoice_tampered = 3
adaptive_input_count_low_sessioninvariant_tampered = 3
adaptive_input_count_low_sql_param = 3
adaptive_input_count_low_sql_url = 3
adaptive_input_count_low_virus_found = 3
adaptive_input_count_medium_apachestruts_param = 5
adaptive_input_count_medium_apachestruts_url = 5
adaptive_input_count_medium_crosssite_param = 5
adaptive_input_count_medium_crosssite_url = 5
adaptive_input_count_medium_customattack_param = 5
adaptive_input_count_medium_customattack_url = 5
adaptive_input_count_medium_dirtraversal_param = 5
adaptive_input_count_medium_httpspec_param = 5
adaptive_input_count_medium_httpspec_url = 5
adaptive_input_count_medium_ldap_param = 5
adaptive_input_count_medium_ldap_url = 5
adaptive_input_count_medium_metachar_param = 5
adaptive_input_count_medium_oscommand_param = 5
adaptive_input_count_medium_oscommand_url = 5
adaptive_input_count_medium_paramvalidation_failed = 5
adaptive_input_count_medium_pythonphp_param = 5
adaptive_input_count_medium_pythonphp_url = 5
adaptive_input_count_medium_query_notallowed = 5
adaptive_input_count_medium_remotefile_param = 5
adaptive_input_count_medium_remotefile_url = 5
adaptive_input_count_medium_sessionchoice_tampered = 5
adaptive_input_count_medium_sessioninvariant_tampered = 5
adaptive_input_count_medium_sql_param = 5
adaptive_input_count_medium_sql_url = 5
adaptive_input_count_medium_virus_found = 5
adaptive_input_newvalue_high_apachestruts_param = 0
adaptive_input_newvalue_high_apachestruts_url = 0
adaptive_input_newvalue_high_crosssite_param = 0
adaptive_input_newvalue_high_crosssite_url = 0
adaptive_input_newvalue_high_customattack_param = 0
adaptive_input_newvalue_high_customattack_url = 0
adaptive_input_newvalue_high_dirtraversal_param = 0
adaptive_input_newvalue_high_httpspec_param = 0
adaptive_input_newvalue_high_httpspec_url = 0
adaptive_input_newvalue_high_ldap_param = 0
adaptive_input_newvalue_high_ldap_url = 0
adaptive_input_newvalue_high_metachar_param = 0
adaptive_input_newvalue_high_oscommand_param = 0
adaptive_input_newvalue_high_oscommand_url = 0
adaptive_input_newvalue_high_param_notallowed = 0
adaptive_input_newvalue_high_paramvalidation_failed = 0
adaptive_input_newvalue_high_pythonphp_param = 0
adaptive_input_newvalue_high_pythonphp_url = 0
adaptive_input_newvalue_high_query_notallowed = 0
adaptive_input_newvalue_high_remotefile_param = 0
adaptive_input_newvalue_high_remotefile_url = 0
adaptive_input_newvalue_high_sessionchoice_tampered = 0
adaptive_input_newvalue_high_sessioninvariant_tampered = 0
adaptive_input_newvalue_high_sql_param = 0
adaptive_input_newvalue_high_sql_url = 0
adaptive_input_newvalue_high_virus_found = 0
adaptive_input_newvalue_low_apachestruts_param = 0
adaptive_input_newvalue_low_apachestruts_url = 0
adaptive_input_newvalue_low_crosssite_param = 0
adaptive_input_newvalue_low_crosssite_url = 0
adaptive_input_newvalue_low_customattack_param = 0
adaptive_input_newvalue_low_customattack_url = 0
adaptive_input_newvalue_low_dirtraversal_param = 0
adaptive_input_newvalue_low_httpspec_param = 0
adaptive_input_newvalue_low_httpspec_url = 0
adaptive_input_newvalue_low_ldap_param = 0
adaptive_input_newvalue_low_ldap_url = 0
adaptive_input_newvalue_low_metachar_param = 0
adaptive_input_newvalue_low_oscommand_param = 0
adaptive_input_newvalue_low_oscommand_url = 0
adaptive_input_newvalue_low_param_notallowed = 0
adaptive_input_newvalue_low_paramvalidation_failed = 0
adaptive_input_newvalue_low_pythonphp_param = 0
adaptive_input_newvalue_low_pythonphp_url = 0
adaptive_input_newvalue_low_query_notallowed = 0
adaptive_input_newvalue_low_remotefile_param = 0
adaptive_input_newvalue_low_remotefile_url = 0
adaptive_input_newvalue_low_sessionchoice_tampered = 0
adaptive_input_newvalue_low_sessioninvariant_tampered = 0
adaptive_input_newvalue_low_sql_param = 0
adaptive_input_newvalue_low_sql_url = 0
adaptive_input_newvalue_low_virus_found = 0
adaptive_input_newvalue_medium_apachestruts_param = 0
adaptive_input_newvalue_medium_apachestruts_url = 0
adaptive_input_newvalue_medium_crosssite_param = 0
adaptive_input_newvalue_medium_crosssite_url = 0
adaptive_input_newvalue_medium_customattack_param = 0
adaptive_input_newvalue_medium_customattack_url = 0
adaptive_input_newvalue_medium_dirtraversal_param = 0
adaptive_input_newvalue_medium_httpspec_param = 0
adaptive_input_newvalue_medium_httpspec_url = 0
adaptive_input_newvalue_medium_ldap_param = 0
adaptive_input_newvalue_medium_ldap_url = 0
adaptive_input_newvalue_medium_metachar_param = 0
adaptive_input_newvalue_medium_oscommand_param = 0
adaptive_input_newvalue_medium_oscommand_url = 0
adaptive_input_newvalue_medium_param_notallowed = 0
adaptive_input_newvalue_medium_paramvalidation_failed = 0
adaptive_input_newvalue_medium_pythonphp_param = 0
adaptive_input_newvalue_medium_pythonphp_url = 0
adaptive_input_newvalue_medium_query_notallowed = 0
adaptive_input_newvalue_medium_remotefile_param = 0
adaptive_input_newvalue_medium_remotefile_url = 0
adaptive_input_newvalue_medium_sessionchoice_tampered = 0
adaptive_input_newvalue_medium_sessioninvariant_tampered = 0
adaptive_input_newvalue_medium_sql_param = 0
adaptive_input_newvalue_medium_sql_url = 0
adaptive_input_newvalue_medium_virus_found = 0
adaptive_input_newvalue_trusted_apachestruts_param = 0
adaptive_input_newvalue_trusted_apachestruts_url = 0
adaptive_input_newvalue_trusted_crosssite_param = 0
adaptive_input_newvalue_trusted_crosssite_url = 0
adaptive_input_newvalue_trusted_customattack_param = 0
adaptive_input_newvalue_trusted_customattack_url = 0
adaptive_input_newvalue_trusted_dirtraversal_param = 0
adaptive_input_newvalue_trusted_httpspec_param = 0
adaptive_input_newvalue_trusted_httpspec_url = 0
adaptive_input_newvalue_trusted_ldap_param = 0
adaptive_input_newvalue_trusted_ldap_url = 0
adaptive_input_newvalue_trusted_metachar_param = 0
adaptive_input_newvalue_trusted_oscommand_param = 0
adaptive_input_newvalue_trusted_oscommand_url = 0
adaptive_input_newvalue_trusted_param_notallowed = 0
adaptive_input_newvalue_trusted_paramvalidation_failed = 0
adaptive_input_newvalue_trusted_pythonphp_param = 0
adaptive_input_newvalue_trusted_pythonphp_url = 0
adaptive_input_newvalue_trusted_query_notallowed = 0
adaptive_input_newvalue_trusted_remotefile_param = 0
adaptive_input_newvalue_trusted_remotefile_url = 0
adaptive_input_newvalue_trusted_sessionchoice_tampered = 0
adaptive_input_newvalue_trusted_sessioninvariant_tampered = 0
adaptive_input_newvalue_trusted_sql_param = 0
adaptive_input_newvalue_trusted_sql_url = 0
adaptive_input_newvalue_trusted_virus_found = 0
adaptive_input_setting_high_apachestruts_param = 2
adaptive_input_setting_high_apachestruts_url = 2
adaptive_input_setting_high_crosssite_param = 2
adaptive_input_setting_high_crosssite_url = 0
adaptive_input_setting_high_customattack_param = 0
adaptive_input_setting_high_customattack_url = 2
adaptive_input_setting_high_dirtraversal_param = 0
adaptive_input_setting_high_httpspec_param = 2
adaptive_input_setting_high_httpspec_url = 2
adaptive_input_setting_high_ldap_param = 2
adaptive_input_setting_high_ldap_url = 2
adaptive_input_setting_high_metachar_param = 0
adaptive_input_setting_high_oscommand_param = 2
adaptive_input_setting_high_oscommand_url = 2
adaptive_input_setting_high_param_notallowed = 0
adaptive_input_setting_high_paramvalidation_failed = 0
adaptive_input_setting_high_pythonphp_param = 2
adaptive_input_setting_high_pythonphp_url = 2
adaptive_input_setting_high_query_notallowed = 0
adaptive_input_setting_high_remotefile_param = 2
adaptive_input_setting_high_remotefile_url = 2
adaptive_input_setting_high_sessionchoice_tampered = 0
adaptive_input_setting_high_sessioninvariant_tampered = 0
adaptive_input_setting_high_sql_param = 2
adaptive_input_setting_high_sql_url = 2
adaptive_input_setting_high_virus_found = 0
adaptive_input_setting_low_apachestruts_param = 0
adaptive_input_setting_low_apachestruts_url = 0
adaptive_input_setting_low_crosssite_param = 0
adaptive_input_setting_low_crosssite_url = 0
adaptive_input_setting_low_customattack_param = 0
adaptive_input_setting_low_customattack_url = 0
adaptive_input_setting_low_dirtraversal_param = 0
adaptive_input_setting_low_httpspec_param = 0
adaptive_input_setting_low_httpspec_url = 0
adaptive_input_setting_low_ldap_param = 0
adaptive_input_setting_low_ldap_url = 0
adaptive_input_setting_low_metachar_param = 0
adaptive_input_setting_low_oscommand_param = 0
adaptive_input_setting_low_oscommand_url = 0
adaptive_input_setting_low_param_notallowed = 0
adaptive_input_setting_low_paramvalidation_failed = 0
adaptive_input_setting_low_pythonphp_param = 0
adaptive_input_setting_low_pythonphp_url = 0
adaptive_input_setting_low_query_notallowed = 0
adaptive_input_setting_low_remotefile_param = 0
adaptive_input_setting_low_remotefile_url = 0
adaptive_input_setting_low_sessionchoice_tampered = 0
adaptive_input_setting_low_sessioninvariant_tampered = 0
adaptive_input_setting_low_sql_param = 0
adaptive_input_setting_low_sql_url = 0
adaptive_input_setting_low_virus_found = 0
adaptive_input_setting_medium_apachestruts_param = 0
adaptive_input_setting_medium_apachestruts_url = 2
adaptive_input_setting_medium_crosssite_param = 0
adaptive_input_setting_medium_crosssite_url = 0
adaptive_input_setting_medium_customattack_param = 0
adaptive_input_setting_medium_customattack_url = 0
adaptive_input_setting_medium_dirtraversal_param = 0
adaptive_input_setting_medium_httpspec_param = 0
adaptive_input_setting_medium_httpspec_url = 2
adaptive_input_setting_medium_ldap_param = 0
adaptive_input_setting_medium_ldap_url = 2
adaptive_input_setting_medium_metachar_param = 0
adaptive_input_setting_medium_oscommand_param = 0
adaptive_input_setting_medium_oscommand_url = 2
adaptive_input_setting_medium_param_notallowed = 0
adaptive_input_setting_medium_paramvalidation_failed = 0
adaptive_input_setting_medium_pythonphp_param = 0
adaptive_input_setting_medium_pythonphp_url = 2
adaptive_input_setting_medium_query_notallowed = 0
adaptive_input_setting_medium_remotefile_param = 0
adaptive_input_setting_medium_remotefile_url = 2
adaptive_input_setting_medium_sessionchoice_tampered = 0
adaptive_input_setting_medium_sessioninvariant_tampered = 0
adaptive_input_setting_medium_sql_param = 0
adaptive_input_setting_medium_sql_url = 2
adaptive_input_setting_medium_virus_found = 0
adaptive_input_setting_trusted_apachestruts_param = 2
adaptive_input_setting_trusted_apachestruts_url = 0
adaptive_input_setting_trusted_crosssite_param = 0
adaptive_input_setting_trusted_crosssite_url = 0
adaptive_input_setting_trusted_customattack_param = 0
adaptive_input_setting_trusted_customattack_url = 2
adaptive_input_setting_trusted_dirtraversal_param = 0
adaptive_input_setting_trusted_httpspec_param = 2
adaptive_input_setting_trusted_httpspec_url = 0
adaptive_input_setting_trusted_ldap_param = 2
adaptive_input_setting_trusted_ldap_url = 0
adaptive_input_setting_trusted_metachar_param = 0
adaptive_input_setting_trusted_oscommand_param = 2
adaptive_input_setting_trusted_oscommand_url = 0
adaptive_input_setting_trusted_param_notallowed = 0
adaptive_input_setting_trusted_paramvalidation_failed = 0
adaptive_input_setting_trusted_pythonphp_param = 2
adaptive_input_setting_trusted_pythonphp_url = 0
adaptive_input_setting_trusted_query_notallowed = 0
adaptive_input_setting_trusted_remotefile_param = 2
adaptive_input_setting_trusted_remotefile_url = 0
adaptive_input_setting_trusted_sessioninvariant_tampered = 0
adaptive_input_setting_trusted_sql_param = 2
adaptive_input_setting_trusted_sql_url = 0
adaptive_input_setting_trusted_virus_found = 0
adaptive_length_count_high_content_length = 10
adaptive_length_count_high_fileupload_size = 10
adaptive_length_count_high_max_array_values = 10
adaptive_length_count_high_max_key_length = 10
adaptive_length_count_high_max_number_value = 10
adaptive_length_count_high_max_object_child = 10
adaptive_length_count_high_max_object_depth = 10
adaptive_length_count_high_max_object_keys = 10
adaptive_length_count_high_max_value_length = 10
adaptive_length_count_high_param_length = 10
adaptive_length_count_high_paramname_length = 10
adaptive_length_count_high_query_length = 10
adaptive_length_count_high_req_length = 10
adaptive_length_count_high_req_line_length = 10
adaptive_length_count_high_toomany_params = 10
adaptive_length_count_high_toomany_uploadfiles = 10
adaptive_length_count_high_url_length = 10
adaptive_length_count_low_content_length = 3
adaptive_length_count_low_fileupload_size = 3
adaptive_length_count_low_max_array_values = 3
adaptive_length_count_low_max_key_length = 3
adaptive_length_count_low_max_number_value = 3
adaptive_length_count_low_max_object_child = 3
adaptive_length_count_low_max_object_depth = 3
adaptive_length_count_low_max_object_keys = 3
adaptive_length_count_low_max_value_length = 3
adaptive_length_count_low_param_length = 3
adaptive_length_count_low_paramname_length = 3
adaptive_length_count_low_query_length = 3
adaptive_length_count_low_req_length = 3
adaptive_length_count_low_req_line_length = 3
adaptive_length_count_low_toomany_params = 3
adaptive_length_count_low_toomany_uploadfiles = 3
adaptive_length_count_low_url_length = 3
adaptive_length_count_medium_content_length = 5
adaptive_length_count_medium_fileupload_size = 5
adaptive_length_count_medium_max_array_values = 5
adaptive_length_count_medium_max_key_length = 5
adaptive_length_count_medium_max_number_value = 5
adaptive_length_count_medium_max_object_child = 5
adaptive_length_count_medium_max_object_depth = 5
adaptive_length_count_medium_max_object_keys = 5
adaptive_length_count_medium_max_value_length = 5
adaptive_length_count_medium_param_length = 5
adaptive_length_count_medium_paramname_length = 5
adaptive_length_count_medium_query_length = 5
adaptive_length_count_medium_req_length = 5
adaptive_length_count_medium_req_line_length = 5
adaptive_length_count_medium_toomany_params = 5
adaptive_length_count_medium_toomany_uploadfiles = 5
adaptive_length_count_medium_url_length = 5
adaptive_length_newvalue_high_content_length = 0
adaptive_length_newvalue_high_fileupload_size = 0
adaptive_length_newvalue_high_max_array_values = 0
adaptive_length_newvalue_high_max_key_length = 0
adaptive_length_newvalue_high_max_number_value = 0
adaptive_length_newvalue_high_max_object_child = 0
adaptive_length_newvalue_high_max_object_depth = 0
adaptive_length_newvalue_high_max_object_keys = 0
adaptive_length_newvalue_high_max_value_length = 0
adaptive_length_newvalue_high_param_length = 0
adaptive_length_newvalue_high_paramname_length = 0
adaptive_length_newvalue_high_query_length = 0
adaptive_length_newvalue_high_req_length = 0
adaptive_length_newvalue_high_req_line_length = 0
adaptive_length_newvalue_high_toomany_params = 0
adaptive_length_newvalue_high_toomany_uploadfiles = 0
adaptive_length_newvalue_high_url_length = 0
adaptive_length_newvalue_low_content_length = 2
adaptive_length_newvalue_low_fileupload_size = 2
adaptive_length_newvalue_low_max_array_values = 2
adaptive_length_newvalue_low_max_key_length = 2
adaptive_length_newvalue_low_max_number_value = 2
adaptive_length_newvalue_low_max_object_child = 2
adaptive_length_newvalue_low_max_object_depth = 2
adaptive_length_newvalue_low_max_object_keys = 2
adaptive_length_newvalue_low_max_value_length = 2
adaptive_length_newvalue_low_param_length = 2
adaptive_length_newvalue_low_paramname_length = 2
adaptive_length_newvalue_low_query_length = 2
adaptive_length_newvalue_low_req_length = 2
adaptive_length_newvalue_low_req_line_length = 2
adaptive_length_newvalue_low_toomany_params = 2
adaptive_length_newvalue_low_toomany_uploadfiles = 2
adaptive_length_newvalue_low_url_length = 2
adaptive_length_newvalue_medium_content_length = 1
adaptive_length_newvalue_medium_fileupload_size = 1
adaptive_length_newvalue_medium_max_array_values = 1
adaptive_length_newvalue_medium_max_key_length = 1
adaptive_length_newvalue_medium_max_number_value = 1
adaptive_length_newvalue_medium_max_object_child = 1
adaptive_length_newvalue_medium_max_object_depth = 1
adaptive_length_newvalue_medium_max_object_keys = 1
adaptive_length_newvalue_medium_max_value_length = 1
adaptive_length_newvalue_medium_param_length = 1
adaptive_length_newvalue_medium_paramname_length = 1
adaptive_length_newvalue_medium_query_length = 1
adaptive_length_newvalue_medium_req_length = 1
adaptive_length_newvalue_medium_req_line_length = 1
adaptive_length_newvalue_medium_toomany_params = 1
adaptive_length_newvalue_medium_toomany_uploadfiles = 1
adaptive_length_newvalue_medium_url_length = 1
adaptive_length_newvalue_trusted_content_length = 0
adaptive_length_newvalue_trusted_fileupload_size = 0
adaptive_length_newvalue_trusted_max_array_values = 0
adaptive_length_newvalue_trusted_max_key_length = 0
adaptive_length_newvalue_trusted_max_number_value = 0
adaptive_length_newvalue_trusted_max_object_child = 0
adaptive_length_newvalue_trusted_max_object_depth = 0
adaptive_length_newvalue_trusted_max_object_keys = 0
adaptive_length_newvalue_trusted_max_value_length = 0
adaptive_length_newvalue_trusted_param_length = 0
adaptive_length_newvalue_trusted_paramname_length = 0
adaptive_length_newvalue_trusted_query_length = 0
adaptive_length_newvalue_trusted_req_length = 0
adaptive_length_newvalue_trusted_req_line_length = 0
adaptive_length_newvalue_trusted_toomany_params = 0
adaptive_length_newvalue_trusted_toomany_uploadfiles = 0
adaptive_length_newvalue_trusted_url_length = 0
adaptive_length_setting_high_content_length = 0
adaptive_length_setting_high_fileupload_size = 2
adaptive_length_setting_high_max_array_values = 0
adaptive_length_setting_high_max_key_length = 0
adaptive_length_setting_high_max_number_value = 0
adaptive_length_setting_high_max_object_child = 0
adaptive_length_setting_high_max_object_depth = 0
adaptive_length_setting_high_max_object_keys = 0
adaptive_length_setting_high_max_value_length = 0
adaptive_length_setting_high_param_length = 0
adaptive_length_setting_high_paramname_length = 0
adaptive_length_setting_high_query_length = 0
adaptive_length_setting_high_req_length = 0
adaptive_length_setting_high_req_line_length = 0
adaptive_length_setting_high_toomany_params = 0
adaptive_length_setting_high_toomany_uploadfiles = 2
adaptive_length_setting_high_url_length = 0
adaptive_length_setting_low_content_length = 0
adaptive_length_setting_low_fileupload_size = 0
adaptive_length_setting_low_max_array_values = 0
adaptive_length_setting_low_max_key_length = 0
adaptive_length_setting_low_max_number_value = 0
adaptive_length_setting_low_max_object_child = 0
adaptive_length_setting_low_max_object_depth = 0
adaptive_length_setting_low_max_object_keys = 0
adaptive_length_setting_low_max_value_length = 0
adaptive_length_setting_low_param_length = 0
adaptive_length_setting_low_paramname_length = 0
adaptive_length_setting_low_query_length = 0
adaptive_length_setting_low_req_length = 0
adaptive_length_setting_low_req_line_length = 0
adaptive_length_setting_low_toomany_params = 0
adaptive_length_setting_low_toomany_uploadfiles = 0
adaptive_length_setting_low_url_length = 0
adaptive_length_setting_medium_content_length = 0
adaptive_length_setting_medium_fileupload_size = 2
adaptive_length_setting_medium_max_array_values = 0
adaptive_length_setting_medium_max_key_length = 0
adaptive_length_setting_medium_max_number_value = 0
adaptive_length_setting_medium_max_object_child = 0
adaptive_length_setting_medium_max_object_depth = 0
adaptive_length_setting_medium_max_object_keys = 0
adaptive_length_setting_medium_max_value_length = 0
adaptive_length_setting_medium_param_length = 0
adaptive_length_setting_medium_paramname_length = 0
adaptive_length_setting_medium_query_length = 0
adaptive_length_setting_medium_req_length = 0
adaptive_length_setting_medium_req_line_length = 0
adaptive_length_setting_medium_toomany_params = 0
adaptive_length_setting_medium_toomany_uploadfiles = 0
adaptive_length_setting_medium_url_length = 0
adaptive_length_setting_trusted_content_length = 0
adaptive_length_setting_trusted_fileupload_size = 0
adaptive_length_setting_trusted_max_array_values = 0
adaptive_length_setting_trusted_max_key_length = 0
adaptive_length_setting_trusted_max_number_value = 0
adaptive_length_setting_trusted_max_object_child = 0
adaptive_length_setting_trusted_max_object_depth = 0
adaptive_length_setting_trusted_max_object_keys = 0
adaptive_length_setting_trusted_max_value_length = 0
adaptive_length_setting_trusted_param_length = 0
adaptive_length_setting_trusted_paramname_length = 0
adaptive_length_setting_trusted_query_length = 0
adaptive_length_setting_trusted_req_length = 0
adaptive_length_setting_trusted_req_line_length = 0
adaptive_length_setting_trusted_toomany_params = 0
adaptive_length_setting_trusted_toomany_uploadfiles = 0
adaptive_length_setting_trusted_url_length = 0
adaptive_profiles_per_page = 15
adaptive_profiling_sensitivity = 0
adaptive_protocol_content_length = 2
adaptive_protocol_count_content_length = 5
adaptive_protocol_count_directory = 5
adaptive_protocol_count_get_req = 5
adaptive_protocol_count_invalid_http = 5
adaptive_protocol_count_invalid_method = 5
adaptive_protocol_count_malformed_content = 5
adaptive_protocol_count_malformed_cookie = 5
adaptive_protocol_count_malformed_header = 5
adaptive_protocol_count_malformed_param = 5
adaptive_protocol_count_malformed_req = 5
adaptive_protocol_count_malformed_ver = 5
adaptive_protocol_count_missing_host = 5
adaptive_protocol_count_parameter_lagre = 5
adaptive_protocol_count_post_without_content = 5
adaptive_protocol_count_pre10_req = 5
adaptive_protocol_directory = 2
adaptive_protocol_get_request = 2
adaptive_protocol_invalid_http = 2
adaptive_protocol_invalid_method = 2
adaptive_protocol_malformed_content = 2
adaptive_protocol_malformed_cookie = 2
adaptive_protocol_malformed_header = 2
adaptive_protocol_malformed_param = 2
adaptive_protocol_malformed_req = 2
adaptive_protocol_malformed_ver = 2
adaptive_protocol_missing_host = 2
adaptive_protocol_newvalue_content_length = 0
adaptive_protocol_newvalue_directory = 0
adaptive_protocol_newvalue_get_req = 0
adaptive_protocol_newvalue_invalid_http = 0
adaptive_protocol_newvalue_invalid_method = 0
adaptive_protocol_newvalue_malformed_content = 0
adaptive_protocol_newvalue_malformed_cookie = 0
adaptive_protocol_newvalue_malformed_header = 0
adaptive_protocol_newvalue_malformed_param = 0
adaptive_protocol_newvalue_malformed_req = 0
adaptive_protocol_newvalue_malformed_ver = 0
adaptive_protocol_newvalue_missing_host = 0
adaptive_protocol_newvalue_parameter_large = 0
adaptive_protocol_newvalue_post_without_content = 0
adaptive_protocol_newvalue_pre10_req = 0
adaptive_protocol_parameter_large = 2
adaptive_protocol_post_without_content = 2
adaptive_protocol_pre10_req = 2
admin_role_name = admin
audit-manager
certificate-manager
service-manager
policy-manager
network-manager
monitoring-manager
guest
allow_multiple_user_sessions = 0
attackdef_applied = 0
attackdef_update_frequency = Hourly
attacks_display = 1
audit_log_enable_export = 1
audit_log_export_to_csv = 50000
audit_log_facility = 16
audit_log_messages_per_page = 20
# user own format of storing the logs
audit_logs_custom_format = %t %un %lt %an %ct %li %lp %trt %tri %cn %cht %ot %on %var %ov %nv %add
audit_standard_log_formats = bcauditdef
auth_ldap_svc_user_realm_name = internal
authorization_cache_timeout = 30
auto_apply_attackdef = No
# Enable SNAT for LAN Servers
auto_nat_status = no
automated_cloud_backup_hour = 4
available_ports = LAN
WAN
WAN
backfeed_patch_update_frequency = Off
backup2_source_selection = cloud
# Backup global config
backup_config = 1
# Format of backup files
backup_consolidate = 1
# Exclude Management ACLs, VLAN, Routes, Interface from the backup file while restoring
backup_exclude_mgmt_acls = yes
backup_json_export_status = 1
backup_json_export_time = 2023-08-04 19:33:53
# Number of backups to keep on the remote server
backup_life = 5
# Default Backup Server Connection Port
backup_port = 21
backup_schedule_Bws_Config_day = off
backup_schedule_Bws_Config_hour = 00
backup_schedule_Bws_Config_minute = 00
# Type of server to backup to
backup_type = ftp
bandwidth_threshold = 85
bcrypt_passwords = Yes
# Azure Cloud Type
blob_restore_cloud_type = AZURE_PUBLIC_CLOUD
bot_mitigation_per_page = 15
branding_device_name = CloudGen WAF
# Number of Bridge Interfaces on the Box
bridge_count = 1
bridge_interfaces = br0
bridge_mode = ACTIVE
bridge_switch_all = 0
bruteforce_captcha_exempt_policy = 0
caching_per_page = 15
captcha_idle_time = 300
captcha_max_relegated_time = 900
captcha_validation_success_policy = 1
clickjacking_data_per_page = 15
client_ip_from_header = 0
cluster_dead_time_interval = 2
cluster_heartbeat_udp_port = 32576
cluster_heartbeat_version = 3
cluster_keep_alive_interval = 3
cluster_keep_alive_on_lan_link = 0
cluster_keep_alive_on_mgmt_link = 0
cluster_keep_alive_on_wan_link = 1
cluster_monitor_link = WAN
cluster_send_hb_lan_link = 0
cluster_send_hb_links = WAN
cluster_send_hb_mgmt_link = 0
cluster_send_hb_wan_link = 1
cluster_systems_quarantine =
cluster_warm_up_interval = 5
comment_spam_acl_per_page = 15
compression_per_page = 15
config_db_version = 1000
content_rules_per_page = 15
cookie_encryption_expiry_timezone = 0
cookie_encryption_key = 41RhDmupqDtafcjpLnC2I8SoocT4aP4HsiNpvavC7mAtPd8Ip4QlFenyD60K9KSmWU0F7Jvqi22dFEB2e2EEAhh5AOuf+gSbDctcA2HDDyNVmp7H3aXKPbjTSPeejRQk
cookie_encryption_key_expiry = 2019-09-26 00:00:00
csrf_token_validity_period = 60
custom_param_class_name = CommentSpam
ddos_policy_per_page = 15
default_locale = en_US
default_log_level = 7
dps_status = 0
enable_bypass_mode = 0
enable_client_fingerprinting = 1
encrypt_backup = 0
enforced_password_history_lookup = 1
event_module_disabled =
event_module_email = No
No
No
No
No
No
No
No
No
No
No
No
No
No
No
No
No
No
Yes
No
No
No
No
No
No
No
No
No
No
Yes
No
No
Yes
No
No
No
No
No
Yes
No
Yes
No
No
No
No
Yes
No
No
No
Yes
No
No
event_module_name = BRIDGE
FEHCMON
CONTROL_CENTER
EVM
WATREWR
COMMANDS
SSL
SFO
APS
CRYPTO
CHKMONLINK
AZURE
JSON_CONFIG_EXPORT
COOKIE
SERVICE
HEARTBEAT
PRFL_AGENT
CACHE
CLRMGR
BACKUP
SSKEY
BATD
PROCESS_SCHEDULE
NTP
HTTPSVC
WEBLOG
CHECK_MON_LINK
DNS
RPC
PROCMON
NET
POLICYTUNE
ADMIN_MGMT
CERT
REPORTING
MGMT
WEBFIREWALL
STM_WRAPPER
THRSHLD
COMPR
UPDATE
BYPASS
CRL
CPOOL
CONFIG
LB
NETINET
FTPSVC
STM
ABP_CLOUD_SERVICES
WEBAUTH
CFGSYNC
event_module_slack =
event_module_snmp =
event_severity = ALERT
exception_learning_update_interval = 600
exception_profiles_per_page = 15
failback_mode = 0
firewall_log_export_to_csv = 50000
firewall_log_messages_per_page = 20
# Numeric ID
ftp_backup2_port = 21
# FTP Custom Logs transport through ssl support
ftp_server_ssl_status = 1
# Numeric ID
ftps_backup2_port = 21
geoip_blocking_per_page = 15
geoipdef_update_frequency = Hourly
hard_bypass_mode = 0
header_acl_per_page = 15
heartbeat_recv_interval = 9
hide_getting_started_note = 1
higher_precedence_for_acl = 1
# HTTP Interface Port
http_port = 8000
# HTTP Interface Session Length
http_session_length = 20
# Allow The SSL Protocol v2 To Be Used In HTTPS
https_allow_ssl2 = Yes
# Use HTTPS Links In Quarantine Notifications
https_links = No
# Use HTTPS Only Flag
https_only = No
# HTTPS Web Interface Port
https_port = 8443
# Number of Physical Interfaces on the Box
interface_count = 4
internal_attack_pattern_mode = 1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
2
2
2
2
2
2
2
2
2
2
2
2
2
2
2
2
2
2
2
2
2
2
2
2
2
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
internal_attack_pattern_name = opening-html-tag
closing-html-tag
arbitrary-tag-injection
script-string-concat
script-comments
script-in-tag-attribute
unsafe-tag
script-tag
script-tag-utf-7
url-references
onevent-references
onevent-references-misc-1
onevent-references-misc-2
onevent-references-misc-3
onevent-references-misc-generic
xss-style-attr
evasion-via-data-uri-scheme
evasion-via-html-named-char-ref
external-file-reference
php-file-inclusion
sql-comments-strict
sql-union-command-strict
sql-select-command-strict
sql-sleep-dos-attempt-strict
asp-search-manipulation
sql-tautology-conditions-string-strict
sql-tautology-conditions-like-dbcmd-strict
sql-comments
sql-quote
sql-quote-variant
sql-blind-injection
sql-tautology-conditions-simple
sql-tautology-conditions-extract
sql-declare-simple
sql-exec-simple
sql-cast-simple
sql-tautology-conditions-simple-string
sql-tautology-conditions-in-dbcmd
sql-tautology-conditions-between-dbcmd
sql-tautology-conditions-like-dbcmd
sql-command-injection
sql-select-command
sql-union-command
ms-sql-procedures
oracle-command-injection
dot-dot-slash-strict
tilde-strict
dot-dot-slash
tilde
unix-shell-commands
arbitrary-unix-shell-commands
arbitrary-string-concatenation
c-language-functions
python-commands
php-injection
misc-commands-injections
misc-commands-injections-end
misc-commands
misc-commands-start
arbitrary-cmd-injection-dollar-ifs
arbitrary-cmd-injection-substrings
c-language-function-substrings
unix-shell-command-substrings
windows-commands
windows-command-substrings
perl-language-functions
perl-language-function-substrings
misc-command-substrings
SSI-injection-command
bash-shell-shock-injection-vulnerability
ldap-injection-command-substrings
ldap-injection-command
php-commands
php-command-substrings
python-cfm-command-substrings
HTTP-response-splitting-attempt
web-client-commands
aws-server-metadata-check
apache-struts-vulnerability-java
apache-struts-vulnerability-http
apache-struts-method-vulnerability
apache-struts-redirect-vulnerability
apache-struts-java-lang-vulnerability
referer-spam-pattern-1
referer-spam-pattern-2
referer-spam-pattern-3
referer-spam-pattern-4
referer-spam-pattern-5
referer-spam-pattern-6
referer-spam-pattern-7
referer-spam-pattern-8
referer-spam-pattern-9
referer-spam-pattern-10
referer-spam-pattern-11
referer-spam-pattern-12
referer-spam-pattern-13
referer-spam-pattern-14
referer-spam-pattern-15
referer-spam-pattern-16
referer-spam-pattern-17
referer-spam-pattern-18
referer-spam-pattern-19
referer-spam-pattern-20
referer-spam-pattern-21
referer-spam-pattern-22
referer-spam-pattern-23
referer-spam-pattern-24
referer-spam-pattern-25
referer-spam-pattern-26
referer-spam-pattern-27
referer-spam-pattern-28
referer-spam-pattern-29
referer-spam-pattern-30
referer-spam-pattern-31
referer-spam-pattern-32
referer-spam-pattern-33
referer-spam-pattern-34
referer-spam-pattern-35
referer-spam-pattern-36
referer-spam-pattern-37
referer-spam-pattern-38
referer-spam-pattern-39
referer-spam-pattern-40
referer-spam-pattern-41
referer-spam-pattern-42
referer-spam-pattern-43
referer-spam-pattern-44
referer-spam-pattern-45
referer-spam-pattern-46
referer-spam-pattern-47
referer-spam-pattern-48
referer-spam-pattern-49
referer-spam-pattern-50
referer-spam-pattern-51
referer-spam-pattern-52
referer-spam-pattern-53
referer-spam-pattern-54
referer-spam-pattern-55
referer-spam-pattern-56
referer-spam-pattern-57
referer-spam-pattern-58
referer-spam-pattern-59
referer-spam-pattern-60
referer-spam-pattern-61
referer-spam-pattern-62
referer-spam-pattern-63
referer-spam-pattern-64
referer-spam-pattern-65
referer-spam-pattern-66
referer-spam-pattern-67
referer-spam-pattern-68
referer-spam-pattern-69
referer-spam-pattern-70
referer-spam-pattern-71
referer-spam-pattern-72
referer-spam-pattern-73
referer-spam-pattern-74
referer-spam-pattern-75
referer-spam-pattern-76
referer-spam-pattern-77
referer-spam-pattern-78
referer-spam-pattern-79
referer-spam-pattern-80
referer-spam-pattern-81
referer-spam-pattern-82
referer-spam-pattern-83
referer-spam-pattern-84
referer-spam-pattern-85
referer-spam-pattern-86
referer-spam-pattern-87
referer-spam-pattern-88
referer-spam-pattern-89
referer-spam-pattern-90
referer-spam-pattern-91
referer-spam-pattern-92
referer-spam-pattern-93
referer-spam-pattern-94
referer-spam-pattern-95
referer-spam-pattern-96
referer-spam-pattern-97
referer-spam-pattern-98
referer-spam-pattern-99
referer-spam-pattern-100
referer-spam-pattern-101
referer-spam-pattern-102
referer-spam-pattern-103
referer-spam-pattern-104
referer-spam-pattern-105
referer-spam-pattern-106
referer-spam-pattern-107
referer-spam-pattern-108
referer-spam-pattern-109
referer-spam-pattern-110
referer-spam-pattern-111
referer-spam-pattern-112
referer-spam-pattern-113
referer-spam-pattern-114
referer-spam-pattern-115
referer-spam-pattern-116
referer-spam-pattern-117
referer-spam-pattern-118
referer-spam-pattern-119
referer-spam-pattern-120
referer-spam-pattern-121
referer-spam-pattern-122
referer-spam-pattern-123
referer-spam-pattern-124
referer-spam-pattern-125
referer-spam-pattern-126
referer-spam-pattern-127
referer-spam-pattern-128
referer-spam-pattern-129
referer-spam-pattern-130
referer-spam-pattern-131
referer-spam-pattern-132
referer-spam-pattern-133
referer-spam-pattern-134
referer-spam-pattern-135
referer-spam-pattern-136
referer-spam-pattern-137
referer-spam-pattern-138
referer-spam-pattern-139
referer-spam-pattern-140
referer-spam-pattern-141
referer-spam-pattern-142
referer-spam-pattern-143
referer-spam-pattern-144
referer-spam-pattern-145
referer-spam-pattern-146
referer-spam-pattern-147
referer-spam-pattern-148
referer-spam-pattern-149
referer-spam-pattern-150
referer-spam-pattern-151
referer-spam-pattern-152
referer-spam-pattern-153
referer-spam-pattern-154
referer-spam-pattern-155
referer-spam-pattern-156
referer-spam-pattern-157
referer-spam-pattern-158
referer-spam-pattern-159
referer-spam-pattern-160
referer-spam-pattern-161
referer-spam-pattern-162
referer-spam-pattern-163
referer-spam-pattern-164
referer-spam-pattern-165
referer-spam-pattern-166
referer-spam-pattern-167
referer-spam-pattern-168
referer-spam-pattern-169
referer-spam-pattern-170
referer-spam-pattern-171
referer-spam-pattern-172
referer-spam-pattern-173
referer-spam-pattern-174
referer-spam-pattern-175
referer-spam-pattern-176
referer-spam-pattern-177
referer-spam-pattern-178
referer-spam-pattern-179
referer-spam-pattern-180
referer-spam-pattern-181
referer-spam-pattern-182
referer-spam-pattern-183
referer-spam-pattern-184
referer-spam-pattern-185
referer-spam-pattern-186
referer-spam-pattern-187
referer-spam-pattern-188
referer-spam-pattern-189
referer-spam-pattern-190
referer-spam-pattern-191
referer-spam-pattern-192
referer-spam-pattern-193
referer-spam-pattern-194
referer-spam-pattern-195
referer-spam-pattern-196
referer-spam-pattern-197
referer-spam-pattern-198
referer-spam-pattern-199
referer-spam-pattern-200
referer-spam-pattern-201
referer-spam-pattern-202
referer-spam-pattern-203
referer-spam-pattern-204
referer-spam-pattern-205
referer-spam-pattern-206
referer-spam-pattern-207
referer-spam-pattern-208
referer-spam-pattern-209
referer-spam-pattern-210
referer-spam-pattern-211
referer-spam-pattern-212
referer-spam-pattern-213
referer-spam-pattern-214
referer-spam-pattern-215
referer-spam-pattern-216
referer-spam-pattern-217
referer-spam-pattern-218
referer-spam-pattern-219
referer-spam-pattern-220
referer-spam-pattern-221
referer-spam-pattern-222
referer-spam-pattern-223
referer-spam-pattern-224
referer-spam-pattern-225
referer-spam-pattern-226
referer-spam-pattern-227
referer-spam-pattern-228
referer-spam-pattern-229
referer-spam-pattern-230
referer-spam-pattern-231
referer-spam-pattern-232
referer-spam-pattern-233
referer-spam-pattern-234
referer-spam-pattern-235
referer-spam-pattern-236
referer-spam-pattern-237
referer-spam-pattern-238
referer-spam-pattern-239
referer-spam-pattern-240
referer-spam-pattern-241
referer-spam-pattern-242
referer-spam-pattern-243
referer-spam-pattern-244
referer-spam-pattern-245
referer-spam-pattern-246
referer-spam-pattern-247
referer-spam-pattern-248
referer-spam-pattern-249
referer-spam-pattern-250
referer-spam-pattern-251
referer-spam-pattern-252
referer-spam-pattern-253
referer-spam-pattern-254
referer-spam-pattern-255
referer-spam-pattern-256
referer-spam-pattern-257
referer-spam-pattern-258
referer-spam-pattern-259
referer-spam-pattern-260
referer-spam-pattern-261
referer-spam-pattern-262
referer-spam-pattern-263
referer-spam-pattern-264
referer-spam-pattern-265
referer-spam-pattern-266
referer-spam-pattern-267
referer-spam-pattern-268
referer-spam-pattern-269
referer-spam-pattern-270
referer-spam-pattern-271
referer-spam-pattern-272
referer-spam-pattern-273
referer-spam-pattern-274
referer-spam-pattern-275
referer-spam-pattern-276
referer-spam-pattern-277
referer-spam-pattern-278
referer-spam-pattern-279
referer-spam-pattern-280
referer-spam-pattern-281
referer-spam-pattern-282
referer-spam-pattern-283
referer-spam-pattern-284
referer-spam-pattern-285
referer-spam-pattern-286
referer-spam-pattern-287
referer-spam-pattern-288
referer-spam-pattern-289
referer-spam-pattern-290
referer-spam-pattern-291
referer-spam-pattern-292
referer-spam-pattern-293
referer-spam-pattern-294
referer-spam-pattern-295
referer-spam-pattern-296
referer-spam-pattern-297
referer-spam-pattern-298
referer-spam-pattern-299
referer-spam-pattern-300
referer-spam-pattern-301
referer-spam-pattern-302
referer-spam-pattern-303
referer-spam-pattern-304
referer-spam-pattern-305
referer-spam-pattern-306
referer-spam-pattern-307
referer-spam-pattern-308
referer-spam-pattern-309
referer-spam-pattern-310
referer-spam-pattern-311
referer-spam-pattern-312
referer-spam-pattern-313
referer-spam-pattern-314
referer-spam-pattern-315
referer-spam-pattern-316
referer-spam-pattern-317
referer-spam-pattern-318
referer-spam-pattern-319
referer-spam-pattern-320
referer-spam-pattern-321
referer-spam-pattern-322
referer-spam-pattern-323
referer-spam-pattern-324
referer-spam-pattern-325
referer-spam-pattern-326
referer-spam-pattern-327
referer-spam-pattern-328
referer-spam-pattern-329
referer-spam-pattern-330
referer-spam-pattern-331
referer-spam-pattern-332
referer-spam-pattern-333
referer-spam-pattern-334
referer-spam-pattern-335
referer-spam-pattern-336
referer-spam-pattern-337
referer-spam-pattern-338
referer-spam-pattern-339
referer-spam-pattern-340
referer-spam-pattern-341
referer-spam-pattern-342
referer-spam-pattern-343
referer-spam-pattern-344
referer-spam-pattern-345
referer-spam-pattern-346
referer-spam-pattern-347
referer-spam-pattern-348
referer-spam-pattern-349
referer-spam-pattern-350
referer-spam-pattern-351
referer-spam-pattern-352
referer-spam-pattern-353
referer-spam-pattern-354
referer-spam-pattern-355
referer-spam-pattern-356
referer-spam-pattern-357
referer-spam-pattern-358
referer-spam-pattern-359
referer-spam-pattern-360
referer-spam-pattern-361
referer-spam-pattern-362
referer-spam-pattern-363
referer-spam-pattern-364
referer-spam-pattern-365
referer-spam-pattern-366
referer-spam-pattern-367
referer-spam-pattern-368
referer-spam-pattern-369
referer-spam-pattern-370
referer-spam-pattern-371
referer-spam-pattern-372
referer-spam-pattern-373
referer-spam-pattern-374
referer-spam-pattern-375
referer-spam-pattern-376
referer-spam-pattern-377
referer-spam-pattern-378
referer-spam-pattern-379
referer-spam-pattern-380
referer-spam-pattern-381
referer-spam-pattern-382
referer-spam-pattern-383
referer-spam-pattern-384
referer-spam-pattern-385
referer-spam-pattern-386
referer-spam-pattern-387
referer-spam-pattern-388
referer-spam-pattern-389
referer-spam-pattern-390
referer-spam-pattern-391
referer-spam-pattern-392
referer-spam-pattern-393
referer-spam-pattern-394
referer-spam-pattern-395
referer-spam-pattern-396
referer-spam-pattern-397
referer-spam-pattern-398
referer-spam-pattern-399
referer-spam-pattern-400
referer-spam-pattern-401
referer-spam-pattern-402
referer-spam-pattern-403
referer-spam-pattern-404
referer-spam-pattern-405
referer-spam-pattern-406
referer-spam-pattern-407
referer-spam-pattern-408
referer-spam-pattern-409
referer-spam-pattern-410
referer-spam-pattern-411
referer-spam-pattern-412
referer-spam-pattern-413
referer-spam-pattern-414
referer-spam-pattern-415
referer-spam-pattern-416
referer-spam-pattern-417
referer-spam-pattern-418
referer-spam-pattern-419
referer-spam-pattern-420
referer-spam-pattern-421
referer-spam-pattern-422
referer-spam-pattern-423
referer-spam-pattern-424
referer-spam-pattern-425
referer-spam-pattern-426
referer-spam-pattern-427
referer-spam-pattern-428
referer-spam-pattern-429
referer-spam-pattern-430
referer-spam-pattern-431
referer-spam-pattern-432
referer-spam-pattern-433
referer-spam-pattern-434
referer-spam-pattern-435
referer-spam-pattern-436
referer-spam-pattern-437
referer-spam-pattern-438
referer-spam-pattern-439
referer-spam-pattern-440
referer-spam-pattern-441
referer-spam-pattern-442
referer-spam-pattern-443
referer-spam-pattern-444
referer-spam-pattern-445
referer-spam-pattern-446
referer-spam-pattern-447
referer-spam-pattern-448
referer-spam-pattern-449
referer-spam-pattern-450
referer-spam-pattern-451
referer-spam-pattern-452
referer-spam-pattern-453
referer-spam-pattern-454
referer-spam-pattern-455
referer-spam-pattern-456
referer-spam-pattern-457
referer-spam-pattern-458
referer-spam-pattern-459
referer-spam-pattern-460
referer-spam-pattern-461
referer-spam-pattern-462
referer-spam-pattern-463
referer-spam-pattern-464
referer-spam-pattern-465
referer-spam-pattern-466
referer-spam-pattern-467
referer-spam-pattern-468
referer-spam-pattern-469
referer-spam-pattern-470
referer-spam-pattern-471
referer-spam-pattern-472
referer-spam-pattern-473
referer-spam-pattern-474
referer-spam-pattern-475
referer-spam-pattern-476
referer-spam-pattern-477
referer-spam-pattern-478
referer-spam-pattern-479
referer-spam-pattern-480
referer-spam-pattern-481
referer-spam-pattern-482
referer-spam-pattern-483
referer-spam-pattern-484
referer-spam-pattern-485
referer-spam-pattern-486
referer-spam-pattern-487
referer-spam-pattern-488
referer-spam-pattern-489
referer-spam-pattern-490
referer-spam-pattern-491
referer-spam-pattern-492
referer-spam-pattern-493
referer-spam-pattern-494
referer-spam-pattern-495
referer-spam-pattern-496
referer-spam-pattern-497
referer-spam-pattern-498
referer-spam-pattern-499
referer-spam-pattern-500
referer-spam-pattern-501
referer-spam-pattern-502
referer-spam-pattern-503
referer-spam-pattern-504
referer-spam-pattern-505
referer-spam-pattern-506
referer-spam-pattern-507
referer-spam-pattern-508
referer-spam-pattern-509
referer-spam-pattern-510
referer-spam-pattern-511
referer-spam-pattern-512
referer-spam-pattern-513
referer-spam-pattern-514
referer-spam-pattern-515
referer-spam-pattern-516
referer-spam-pattern-517
referer-spam-pattern-518
referer-spam-pattern-519
referer-spam-pattern-520
referer-spam-pattern-521
referer-spam-pattern-522
referer-spam-pattern-523
referer-spam-pattern-524
referer-spam-pattern-525
referer-spam-pattern-526
referer-spam-pattern-527
referer-spam-pattern-528
referer-spam-pattern-529
referer-spam-pattern-530
referer-spam-pattern-531
referer-spam-pattern-532
referer-spam-pattern-533
referer-spam-pattern-534
referer-spam-pattern-535
referer-spam-pattern-536
referer-spam-pattern-537
referer-spam-pattern-538
referer-spam-pattern-539
referer-spam-pattern-540
referer-spam-pattern-541
referer-spam-pattern-542
referer-spam-pattern-543
referer-spam-pattern-544
referer-spam-pattern-545
referer-spam-pattern-546
referer-spam-pattern-547
referer-spam-pattern-548
referer-spam-pattern-549
referer-spam-pattern-550
referer-spam-pattern-551
referer-spam-pattern-552
referer-spam-pattern-553
referer-spam-pattern-554
referer-spam-pattern-555
referer-spam-pattern-556
referer-spam-pattern-557
referer-spam-pattern-558
referer-spam-pattern-559
referer-spam-pattern-560
referer-spam-pattern-561
referer-spam-pattern-562
referer-spam-pattern-563
referer-spam-pattern-564
referer-spam-pattern-565
referer-spam-pattern-566
referer-spam-pattern-567
referer-spam-pattern-568
referer-spam-pattern-569
referer-spam-pattern-570
referer-spam-pattern-571
referer-spam-pattern-572
referer-spam-pattern-573
referer-spam-pattern-574
referer-spam-pattern-575
referer-spam-pattern-576
referer-spam-pattern-577
referer-spam-pattern-578
referer-spam-pattern-579
referer-spam-pattern-580
referer-spam-pattern-581
referer-spam-pattern-582
referer-spam-pattern-583
referer-spam-pattern-584
referer-spam-pattern-585
referer-spam-pattern-586
referer-spam-pattern-587
referer-spam-pattern-588
referer-spam-pattern-589
referer-spam-pattern-590
referer-spam-pattern-591
referer-spam-pattern-592
referer-spam-pattern-593
referer-spam-pattern-594
referer-spam-pattern-595
referer-spam-pattern-596
referer-spam-pattern-597
referer-spam-pattern-598
referer-spam-pattern-599
referer-spam-pattern-600
referer-spam-pattern-601
referer-spam-pattern-602
referer-spam-pattern-603
referer-spam-pattern-604
referer-spam-pattern-605
referer-spam-pattern-606
referer-spam-pattern-607
referer-spam-pattern-608
referer-spam-pattern-609
referer-spam-pattern-610
referer-spam-pattern-611
referer-spam-pattern-612
referer-spam-pattern-613
referer-spam-pattern-614
referer-spam-pattern-615
referer-spam-pattern-616
referer-spam-pattern-617
referer-spam-pattern-618
referer-spam-pattern-619
referer-spam-pattern-620
referer-spam-pattern-621
referer-spam-pattern-622
referer-spam-pattern-623
referer-spam-pattern-624
referer-spam-pattern-625
referer-spam-pattern-626
referer-spam-pattern-627
referer-spam-pattern-628
referer-spam-pattern-629
referer-spam-pattern-630
referer-spam-pattern-631
referer-spam-pattern-632
referer-spam-pattern-633
referer-spam-pattern-634
referer-spam-pattern-635
referer-spam-pattern-636
referer-spam-pattern-637
referer-spam-pattern-638
referer-spam-pattern-639
referer-spam-pattern-640
referer-spam-pattern-641
referer-spam-pattern-642
referer-spam-pattern-643
referer-spam-pattern-644
referer-spam-pattern-645
referer-spam-pattern-646
referer-spam-pattern-647
referer-spam-pattern-648
referer-spam-pattern-649
referer-spam-pattern-650
referer-spam-pattern-651
referer-spam-pattern-652
referer-spam-pattern-653
referer-spam-pattern-654
referer-spam-pattern-655
referer-spam-pattern-656
referer-spam-pattern-657
referer-spam-pattern-658
referer-spam-pattern-659
referer-spam-pattern-660
referer-spam-pattern-661
referer-spam-pattern-662
referer-spam-pattern-663
referer-spam-pattern-664
referer-spam-pattern-665
referer-spam-pattern-666
referer-spam-pattern-667
referer-spam-pattern-668
referer-spam-pattern-669
referer-spam-pattern-670
referer-spam-pattern-671
referer-spam-pattern-672
referer-spam-pattern-673
referer-spam-pattern-674
referer-spam-pattern-675
referer-spam-pattern-676
referer-spam-pattern-677
referer-spam-pattern-678
referer-spam-pattern-679
referer-spam-pattern-680
referer-spam-pattern-681
referer-spam-pattern-682
referer-spam-pattern-683
referer-spam-pattern-684
referer-spam-pattern-685
referer-spam-pattern-686
referer-spam-pattern-687
referer-spam-pattern-688
referer-spam-pattern-689
referer-spam-pattern-690
referer-spam-pattern-691
referer-spam-pattern-692
referer-spam-pattern-693
referer-spam-pattern-694
referer-spam-pattern-695
referer-spam-pattern-696
referer-spam-pattern-697
referer-spam-pattern-698
referer-spam-pattern-699
referer-spam-pattern-700
referer-spam-pattern-701
referer-spam-pattern-702
referer-spam-pattern-703
referer-spam-pattern-704
referer-spam-pattern-705
referer-spam-pattern-706
referer-spam-pattern-707
referer-spam-pattern-708
referer-spam-pattern-709
referer-spam-pattern-710
referer-spam-pattern-711
referer-spam-pattern-712
referer-spam-pattern-713
referer-spam-pattern-714
referer-spam-pattern-715
referer-spam-pattern-716
referer-spam-pattern-717
referer-spam-pattern-718
referer-spam-pattern-719
referer-spam-pattern-720
referer-spam-pattern-721
referer-spam-pattern-722
referer-spam-pattern-723
referer-spam-pattern-724
referer-spam-pattern-725
referer-spam-pattern-726
referer-spam-pattern-727
referer-spam-pattern-728
referer-spam-pattern-729
referer-spam-pattern-730
referer-spam-pattern-731
referer-spam-pattern-732
referer-spam-pattern-733
referer-spam-pattern-734
referer-spam-pattern-735
referer-spam-pattern-736
referer-spam-pattern-737
referer-spam-pattern-738
referer-spam-pattern-739
referer-spam-pattern-740
referer-spam-pattern-741
referer-spam-pattern-742
referer-spam-pattern-743
referer-spam-pattern-744
referer-spam-pattern-745
referer-spam-pattern-746
referer-spam-pattern-747
referer-spam-pattern-748
referer-spam-pattern-749
referer-spam-pattern-750
referer-spam-pattern-751
referer-spam-pattern-752
referer-spam-pattern-753
referer-spam-pattern-754
referer-spam-pattern-755
referer-spam-pattern-756
referer-spam-pattern-757
referer-spam-pattern-758
referer-spam-pattern-759
referer-spam-pattern-760
referer-spam-pattern-761
referer-spam-pattern-762
referer-spam-pattern-763
referer-spam-pattern-764
referer-spam-pattern-765
referer-spam-pattern-766
referer-spam-pattern-767
referer-spam-pattern-768
referer-spam-pattern-769
referer-spam-pattern-770
referer-spam-pattern-771
referer-spam-pattern-772
referer-spam-pattern-773
referer-spam-pattern-774
referer-spam-pattern-775
referer-spam-pattern-776
referer-spam-pattern-777
referer-spam-pattern-778
referer-spam-pattern-779
referer-spam-pattern-780
referer-spam-pattern-781
referer-spam-pattern-782
referer-spam-pattern-783
referer-spam-pattern-784
referer-spam-pattern-785
referer-spam-pattern-786
referer-spam-pattern-787
referer-spam-pattern-788
referer-spam-pattern-789
referer-spam-pattern-790
referer-spam-pattern-791
referer-spam-pattern-792
referer-spam-pattern-793
referer-spam-pattern-794
referer-spam-pattern-795
referer-spam-pattern-796
referer-spam-pattern-797
referer-spam-pattern-798
referer-spam-pattern-799
referer-spam-pattern-800
referer-spam-pattern-801
referer-spam-pattern-802
referer-spam-pattern-803
referer-spam-pattern-804
referer-spam-pattern-805
referer-spam-pattern-806
referer-spam-pattern-807
referer-spam-pattern-808
referer-spam-pattern-809
referer-spam-pattern-810
referer-spam-pattern-811
referer-spam-pattern-812
referer-spam-pattern-813
referer-spam-pattern-814
referer-spam-pattern-815
referer-spam-pattern-816
referer-spam-pattern-817
referer-spam-pattern-818
referer-spam-pattern-819
referer-spam-pattern-820
referer-spam-pattern-821
referer-spam-pattern-822
referer-spam-pattern-823
referer-spam-pattern-824
referer-spam-pattern-825
referer-spam-pattern-826
referer-spam-pattern-827
referer-spam-pattern-828
referer-spam-pattern-829
referer-spam-pattern-830
referer-spam-pattern-831
referer-spam-pattern-832
referer-spam-pattern-833
referer-spam-pattern-834
referer-spam-pattern-835
referer-spam-pattern-836
referer-spam-pattern-837
referer-spam-pattern-838
referer-spam-pattern-839
referer-spam-pattern-840
referer-spam-pattern-841
referer-spam-pattern-842
referer-spam-pattern-843
referer-spam-pattern-844
referer-spam-pattern-845
referer-spam-pattern-846
referer-spam-pattern-847
referer-spam-pattern-848
referer-spam-pattern-849
referer-spam-pattern-850
referer-spam-pattern-851
referer-spam-pattern-852
referer-spam-pattern-853
referer-spam-pattern-854
referer-spam-pattern-855
referer-spam-pattern-856
referer-spam-pattern-857
referer-spam-pattern-858
referer-spam-pattern-859
referer-spam-pattern-860
referer-spam-pattern-861
referer-spam-pattern-862
referer-spam-pattern-863
referer-spam-pattern-864
referer-spam-pattern-865
referer-spam-pattern-866
referer-spam-pattern-867
referer-spam-pattern-868
referer-spam-pattern-869
referer-spam-pattern-870
referer-spam-pattern-871
referer-spam-pattern-872
referer-spam-pattern-873
referer-spam-pattern-874
referer-spam-pattern-875
referer-spam-pattern-876
referer-spam-pattern-877
referer-spam-pattern-878
referer-spam-pattern-879
referer-spam-pattern-880
referer-spam-pattern-881
referer-spam-pattern-882
referer-spam-pattern-883
referer-spam-pattern-884
referer-spam-pattern-885
referer-spam-pattern-886
referer-spam-pattern-887
referer-spam-pattern-888
referer-spam-pattern-889
referer-spam-pattern-890
referer-spam-pattern-891
referer-spam-pattern-892
referer-spam-pattern-893
referer-spam-pattern-894
referer-spam-pattern-895
referer-spam-pattern-896
referer-spam-pattern-897
referer-spam-pattern-898
referer-spam-pattern-899
referer-spam-pattern-900
referer-spam-pattern-901
referer-spam-pattern-902
referer-spam-pattern-903
referer-spam-pattern-904
referer-spam-pattern-905
referer-spam-pattern-906
referer-spam-pattern-907
referer-spam-pattern-908
referer-spam-pattern-909
referer-spam-pattern-910
referer-spam-pattern-911
referer-spam-pattern-912
referer-spam-pattern-913
io_connections_threshold = 85
io_requests_threshold = 85
ipv6_dynamic_support = no
is_legacy_box = 0
js_failure_threshold = 64
json_conf_checkpoint_comment = This is the base configuration
json_conf_checkpoint_date = 2023-08-04 23:56:42
json_conf_checkpoint_name = base_config
json_conf_checkpoint_version = 1000
json_limit_policy_name = default-policy
json_security_per_page = 15
lan_interface_link_status = 1
lan_ip_as_mgmt = 0
last_attackdef_release_notes_version_read = 1.160
lb_ckins_persist_across_services = 0
learning_profile_update_interval = 300
live_sessions_threshold = 85
llcf_enabled = 0
local_adr_per_page = 15
lockout_data_per_page = 15
lockout_table_config = 1
log_pr_encryption_enable = 0
# Enable Generic IP Lockdown For Web GUI Flag
login_enable_lockdown = Yes
# user own format of storing the logs
logs_custom_format = %h %id %u %t %r %s %br
# FTP Server Port
logs_ftp_server_port = 21
machine_id = rTHTei20tbu5vGlOh9SQa7-safe1
mask_sensitive_data_per_page = 15
max_cache_size_percent = 20
max_param_profile_limit = 20000
max_profile_created = 0
max_url_profile_limit = 10000
# Management Gateway
mgmt_gateway =
# MGMT IP Port
mgmt_interface = eth2
mgmt_ip =
mgmt_ip_as_mgmt = 0
mgmt_netmask =
# MGMT VLAN ID
mgmt_vlan_id =
namemon_master_node = 2473849
network_firewall_log_enable_export = 1
network_firewall_log_facility = 16
# user own format of storing the logs
network_logs_custom_format = %t %un %lt %sl %p %srci %srcp %di %dp %act %acl %dsc
network_standard_log_formats = def
notify_attack_id = 0
1
2
3
4
5
6
7
8
9
10
11
12
13
14
14
600
0
3
4
5
6
7
notify_attack_service = Global Threshold
Global Threshold
Global Threshold
Global Threshold
Global Threshold
Global Threshold
Global Threshold
Global Threshold
Global Threshold
Global Threshold
Global Threshold
Global Threshold
Global Threshold
Global Threshold
Global Threshold
Global Threshold
Global Threshold
Hardware Threshold
Hardware Threshold
Hardware Threshold
Hardware Threshold
Hardware Threshold
Hardware Threshold
notify_attack_threshold =
70
85
85
85
85
85
nw_firewall_log_export_to_csv = 50000
nw_firewall_log_messages_per_page = 20
offline_updates_enable = No
operational_mode = proxy
pagination_object_type = service
param_profiles_per_page = 15
pattern_updated = 0
port_name = WAN
LAN
MGMT
pr_report = 1
product_patch_update_frequency = Off
rate_control_pool_name = default-pool
request_buffer_size = 1
request_buffer_size_unlimited = 0
resp_filter_content_type_list = text/html
text/plain
response_chunked_encoding = 1
response_page_name = default
default-virus
default-error-resp
default-captcha-tries-error-page
default-captcha-sessions-error-page
default-suspected-activity-error-page
default-captcha-response-page
default-login-page
default-dual-login-page
default-challenge-page
default-access-denied-page
default-login-failed-page
default-dual-login-failed-page
default-login-success-page
default-logout-success-page
default-idp-selection-page
default-json-response-page
default-hsts-redirect-page
default-fingerprint-challenges-exceeded-page
default-fingerprint-challenges-exceeded-page
rsupport_enable = No
scana_update_virus_defs = Yes
scana_update_virus_defs_frequency = Hourly
secdef_update_frequency = Hourly
services_per_page = 15
session_information_name = ASP-DOT-NET-session
ColdFusion-session
J2EE-session
J2EE-JSESSIONID-Cookie-session
J2EE-JSESSIONID-URL-session
JWS-ID-session
PHPSESSID-session
PHPSESSIONID-session
PHP-BB-MYSQL-session
ASPSESSIONID-session
SAP-session
session_tracking_per_page = 15
show_advanced_settings = 1
slowloris_services_per_page = 15
# Use NTLMv2:
smb_backup2_ntlmv2 = no
# Numeric ID
smb_backup2_port = 445
soap_allow_additional_hdrs = 1
soap_val_envelope = 1
soap_val_wsdl_headers = 1
soap_val_wsdl_schema_body = 1
ssh_through_lan = 0
ssh_through_mgmt = 0
ssh_through_wan = 0
ssl_enable_ocsp = 0
ssl_use_private_ca = Default
standard_log_formats = clf
stm_failure_action = 1
# Support tunnel timeout in seconds
support_tunnel_timeout = 432000
syslog_enable_export = 1
syslog_facility = 16
syslog_headers = custom
system_back_ip = 0.0.0.0
# System Default Domain
system_default_domain = bc.com
# System Hostname
system_default_hostname = barracuda
# System Gateway
system_gateway = 10.128.0.1
system_interfaces = WAN
LAN
MGMT
system_interfaces_duplexity = Full
Full
Half
system_interfaces_negotiation_status = 1
1
1
system_interfaces_speed = 100
100
10
# System IP Address
system_ip = 10.128.0.3
system_ip_as_mgmt = 1
system_ip_static_route_address = 0.0.0.0
system_ip_static_route_comments =
system_ip_static_route_gateway = 10.128.0.1
system_ip_static_route_ip_version = IPv4
system_ip_static_route_netmask = 0.0.0.0
system_ip_static_route_vsite = local_vsite:2473849
system_log_export_to_csv = 50000
system_log_messages_per_page = 20
# user own format of storing the logs
system_logs_custom_format = %t %un %lt %md %ll %ei %ms
system_netmask = 255.255.255.255
system_ntp = Yes
system_ntp_server = ntp.barracudacentral.com
# NTP Server Name
system_ntp_server_name = default
system_password_crypt = $2a$05$gOxWUQXhI7ljyYQGtWRhReL0DtsOJuS6tcrF7B1v/AatN/4qnb8Ce
# Primary DNS Server
system_primary_dns_server = 169.254.169.254
# Secondary DNS Server
system_secondary_dns_server =
system_serial = 2473849
system_ssh_allow_ip = 0/32
system_ssh_allow_ip2 = 0/32
system_ssh_enable = Yes
system_ssh_enable_admin = No
system_standard_log_formats = bcsysdef
# System Timezone
system_timezone = America/Los_Angeles
system_use_backport = no
system_use_ipv6 = no
# System VLAN ID
system_vlan_id =
telemetry_category = system
system
system
Configuration_Statistics
Configuration_Statistics
Configuration_Statistics
Configuration_Statistics
system
Configuration_Statistics
system
Configuration_Statistics
Configuration_Statistics
Configuration_Statistics
system
Configuration_Statistics
system
system
Data_Statistics
system
system
Data_Statistics
system
Configuration_Statistics
system
Data_Statistics
Configuration_Statistics
Global_Attack_Counters
Configuration_Statistics
Configuration_Statistics
Configuration_Statistics
Configuration_Statistics
Configuration_Statistics
system
Configuration_Statistics
system
system
system
system
Configuration_Statistics
Configuration_Statistics
Configuration_Statistics
Configuration_Statistics
system
Configuration_Statistics
Configuration_Statistics
system
Data_Statistics
Data_Statistics
system
Configuration_Statistics
Data_Statistics
Data_Statistics
Configuration_Statistics
Configuration_Statistics
Configuration_Statistics
Configuration_Statistics
Data_Statistics
system
system
system
Configuration_Statistics
system
Data_Statistics
Configuration_Statistics
Global_Attack_Counters
system
Configuration_Statistics
Configuration_Statistics
Configuration_Statistics
system
Configuration_Statistics
Global_Attack_Counters
system
Configuration_Statistics
system
Global_Attack_Counters
system
system
system
Configuration_Statistics
system
Configuration_Statistics
system
Data_Statistics
Configuration_Statistics
system
Configuration_Statistics
Configuration_Statistics
Data_Statistics
Configuration_Statistics
system
Configuration_Statistics
system
Configuration_Statistics
system
Global Attack Counters
Global Attack Counters
Global Attack Counters
Global Attack Counters
Global Attack Counters
Global Attack Counters
Global Attack Counters
Global Attack Counters
Global Attack Counters
Global Attack Counters
Global Attack Counters
Global Attack Counters
Global Attack Counters
Global Attack Counters
Global Attack Counters
telemetry_enable = Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
Yes
telemetry_name = io_writes
kernel_rel
instance_id
learning_services
ftp_services
num_exception_heuristics
num_services_with_one_server
io_device
num_service_groups
pcc
authorization_policy
num_ip_reputation_filter
num_datatheft_policy
raid
num_web_scraping_policy
swp
tz
BE_https_servers
bridge_mode
number of 1G ports
total_template_count
VERS
fe_http_services
cluster_status
time_since_first_crash
authentication_policy
total_attacks_except_cookie_poisoning
num_services_ldap_auth
FE_https_services
num_strict_profile_check
num_IPv6_services
num_rc_policy
mem
num_services_radius_auth
cores
number of 10G ports
CSK
autoscaled_instance
service_caching
trusted_host_group
resp_body_rewrite
service_compression
kernel_plat
num_secure_browsing
num_adrs
firmts
BE_http_servers
time_since_last_crash
ts
num_st_policy
total_requests
days_since_last_weblog
http_resp_rewrite
num_url_profiles
instant_ssl_services
content_rules
days_since_first_crash
eth
bcc_state
io_wrrate
num_services_with_two_servers
instance_availability_zone
days_since_last_webfwlog
num_pre_dnat_destination
num_crashes
df
num_services_with_three_or_more_servers
url_translations
ftps_services
in_cluster
num_pre_snat_source
total_attacks
vm_core_extra_expiration
num_services_mask_sensitive_data
arch
xml_protection
ld
nps
flgs
num_slowloris_prevention
upt
num_bruteforce_policy
instance_boot_time
time_since_last_weblog
http_req_rewrite
kernel
num_param_profiles
custom_ssl_services
days_since_last_crash
num_wf_active_global
vm_core_extra_capacity
custom_services
ssd_firmware_version
number of bonds
ramdisk
file_attacks
injection_attacks
xss_injections
forceful_browsing
limits_violation
other_attacks
json_violations
auth_attacks
sql_attacks
outbound_attacks
protocol_violations
bot_mitigation
ddos_attacks
xml_violations
session_tamper_attacks
telemetry_value = 120188
4.19.46-barracuda1
0
0
0
0
sda
0
0
0
0
0
0
0:1046524
America/Los_Angeles
0
0
4
0
2
0
ACTIVE
1691206252
0
0
0
0
0
0
3772660
0
1
0
2473849,
No
0
0
0
0
x86_64
0
0
1691193292
0
1691206252
1691206253
0
0
unknown
0
0
0
0
19574
not_connected
95.75
0
unknown
0
0
Firmware:27:Log8:
0
0
0
0
0
0
0
x86_64
0
2.65
230
0
1263
0
unknown
0
4.19.46-barracuda1
0
0
19574
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
total_bw_display = 1
tps_last_updated_http = 1691214613
tps_last_updated_https = 1691214617
updated_attack_patterns = php-file-inclusion
referer-spam-pattern-1
referer-spam-pattern-2
referer-spam-pattern-3
referer-spam-pattern-4
referer-spam-pattern-5
referer-spam-pattern-6
referer-spam-pattern-7
referer-spam-pattern-8
referer-spam-pattern-9
referer-spam-pattern-10
referer-spam-pattern-11
referer-spam-pattern-12
referer-spam-pattern-13
referer-spam-pattern-14
referer-spam-pattern-15
referer-spam-pattern-16
referer-spam-pattern-17
referer-spam-pattern-18
referer-spam-pattern-19
referer-spam-pattern-20
referer-spam-pattern-21
referer-spam-pattern-22
referer-spam-pattern-23
referer-spam-pattern-24
referer-spam-pattern-25
referer-spam-pattern-26
referer-spam-pattern-27
referer-spam-pattern-28
referer-spam-pattern-29
referer-spam-pattern-30
referer-spam-pattern-31
referer-spam-pattern-32
referer-spam-pattern-33
referer-spam-pattern-34
referer-spam-pattern-35
referer-spam-pattern-36
referer-spam-pattern-37
referer-spam-pattern-38
referer-spam-pattern-39
referer-spam-pattern-40
referer-spam-pattern-41
referer-spam-pattern-42
referer-spam-pattern-43
referer-spam-pattern-44
referer-spam-pattern-45
referer-spam-pattern-46
referer-spam-pattern-47
referer-spam-pattern-48
referer-spam-pattern-49
referer-spam-pattern-50
referer-spam-pattern-51
referer-spam-pattern-52
referer-spam-pattern-53
referer-spam-pattern-54
referer-spam-pattern-55
referer-spam-pattern-56
referer-spam-pattern-57
referer-spam-pattern-58
referer-spam-pattern-59
referer-spam-pattern-60
referer-spam-pattern-61
referer-spam-pattern-62
referer-spam-pattern-63
referer-spam-pattern-64
referer-spam-pattern-65
referer-spam-pattern-66
referer-spam-pattern-67
referer-spam-pattern-68
referer-spam-pattern-69
referer-spam-pattern-70
referer-spam-pattern-71
referer-spam-pattern-72
referer-spam-pattern-73
referer-spam-pattern-74
referer-spam-pattern-75
referer-spam-pattern-76
referer-spam-pattern-77
referer-spam-pattern-78
referer-spam-pattern-79
referer-spam-pattern-80
referer-spam-pattern-81
referer-spam-pattern-82
referer-spam-pattern-83
referer-spam-pattern-84
referer-spam-pattern-85
referer-spam-pattern-86
referer-spam-pattern-87
referer-spam-pattern-88
referer-spam-pattern-89
referer-spam-pattern-90
referer-spam-pattern-91
referer-spam-pattern-92
referer-spam-pattern-93
referer-spam-pattern-94
referer-spam-pattern-95
referer-spam-pattern-96
referer-spam-pattern-97
referer-spam-pattern-98
referer-spam-pattern-99
referer-spam-pattern-100
referer-spam-pattern-101
referer-spam-pattern-102
referer-spam-pattern-103
referer-spam-pattern-104
referer-spam-pattern-105
referer-spam-pattern-106
referer-spam-pattern-107
referer-spam-pattern-108
referer-spam-pattern-109
referer-spam-pattern-110
referer-spam-pattern-111
referer-spam-pattern-112
referer-spam-pattern-113
referer-spam-pattern-114
referer-spam-pattern-115
referer-spam-pattern-116
referer-spam-pattern-117
referer-spam-pattern-118
referer-spam-pattern-119
referer-spam-pattern-120
referer-spam-pattern-121
referer-spam-pattern-122
referer-spam-pattern-123
referer-spam-pattern-124
referer-spam-pattern-125
referer-spam-pattern-126
referer-spam-pattern-127
referer-spam-pattern-128
referer-spam-pattern-129
referer-spam-pattern-130
referer-spam-pattern-131
referer-spam-pattern-132
referer-spam-pattern-133
referer-spam-pattern-134
referer-spam-pattern-135
referer-spam-pattern-136
referer-spam-pattern-137
referer-spam-pattern-138
referer-spam-pattern-139
referer-spam-pattern-140
referer-spam-pattern-141
referer-spam-pattern-142
referer-spam-pattern-143
referer-spam-pattern-144
referer-spam-pattern-145
referer-spam-pattern-146
referer-spam-pattern-147
referer-spam-pattern-148
referer-spam-pattern-149
referer-spam-pattern-150
referer-spam-pattern-151
referer-spam-pattern-152
referer-spam-pattern-153
referer-spam-pattern-154
referer-spam-pattern-155
referer-spam-pattern-156
referer-spam-pattern-157
referer-spam-pattern-158
referer-spam-pattern-159
referer-spam-pattern-160
referer-spam-pattern-161
referer-spam-pattern-162
referer-spam-pattern-163
referer-spam-pattern-164
referer-spam-pattern-165
referer-spam-pattern-166
referer-spam-pattern-167
referer-spam-pattern-168
referer-spam-pattern-169
referer-spam-pattern-170
referer-spam-pattern-171
referer-spam-pattern-172
referer-spam-pattern-173
referer-spam-pattern-174
referer-spam-pattern-175
referer-spam-pattern-176
referer-spam-pattern-177
referer-spam-pattern-178
referer-spam-pattern-179
referer-spam-pattern-180
referer-spam-pattern-181
referer-spam-pattern-182
referer-spam-pattern-183
referer-spam-pattern-184
referer-spam-pattern-185
referer-spam-pattern-186
referer-spam-pattern-187
referer-spam-pattern-188
referer-spam-pattern-189
referer-spam-pattern-190
referer-spam-pattern-191
referer-spam-pattern-192
referer-spam-pattern-193
referer-spam-pattern-194
referer-spam-pattern-195
referer-spam-pattern-196
referer-spam-pattern-197
referer-spam-pattern-198
referer-spam-pattern-199
referer-spam-pattern-200
referer-spam-pattern-201
referer-spam-pattern-202
referer-spam-pattern-203
referer-spam-pattern-204
referer-spam-pattern-205
referer-spam-pattern-206
referer-spam-pattern-207
referer-spam-pattern-208
referer-spam-pattern-209
referer-spam-pattern-210
referer-spam-pattern-211
referer-spam-pattern-212
referer-spam-pattern-213
referer-spam-pattern-214
referer-spam-pattern-215
referer-spam-pattern-216
referer-spam-pattern-217
referer-spam-pattern-218
referer-spam-pattern-219
referer-spam-pattern-220
referer-spam-pattern-221
referer-spam-pattern-222
referer-spam-pattern-223
referer-spam-pattern-224
referer-spam-pattern-225
referer-spam-pattern-226
referer-spam-pattern-227
referer-spam-pattern-228
referer-spam-pattern-229
referer-spam-pattern-230
referer-spam-pattern-231
referer-spam-pattern-232
referer-spam-pattern-233
referer-spam-pattern-234
referer-spam-pattern-235
referer-spam-pattern-236
referer-spam-pattern-237
referer-spam-pattern-238
referer-spam-pattern-239
referer-spam-pattern-240
referer-spam-pattern-241
referer-spam-pattern-242
referer-spam-pattern-243
referer-spam-pattern-244
referer-spam-pattern-245
referer-spam-pattern-246
referer-spam-pattern-247
referer-spam-pattern-248
referer-spam-pattern-249
referer-spam-pattern-250
referer-spam-pattern-251
referer-spam-pattern-252
referer-spam-pattern-253
referer-spam-pattern-254
referer-spam-pattern-255
referer-spam-pattern-256
referer-spam-pattern-257
referer-spam-pattern-258
referer-spam-pattern-259
referer-spam-pattern-260
referer-spam-pattern-261
referer-spam-pattern-262
referer-spam-pattern-263
referer-spam-pattern-264
referer-spam-pattern-265
referer-spam-pattern-266
referer-spam-pattern-267
referer-spam-pattern-268
referer-spam-pattern-269
referer-spam-pattern-270
referer-spam-pattern-271
referer-spam-pattern-272
referer-spam-pattern-273
referer-spam-pattern-274
referer-spam-pattern-275
referer-spam-pattern-276
referer-spam-pattern-277
referer-spam-pattern-278
referer-spam-pattern-279
referer-spam-pattern-280
referer-spam-pattern-281
referer-spam-pattern-282
referer-spam-pattern-283
referer-spam-pattern-284
referer-spam-pattern-285
referer-spam-pattern-286
referer-spam-pattern-287
referer-spam-pattern-288
referer-spam-pattern-289
referer-spam-pattern-290
referer-spam-pattern-291
referer-spam-pattern-292
referer-spam-pattern-293
referer-spam-pattern-294
referer-spam-pattern-295
referer-spam-pattern-296
referer-spam-pattern-297
referer-spam-pattern-298
referer-spam-pattern-299
referer-spam-pattern-300
referer-spam-pattern-301
referer-spam-pattern-302
referer-spam-pattern-303
referer-spam-pattern-304
referer-spam-pattern-305
referer-spam-pattern-306
referer-spam-pattern-307
referer-spam-pattern-308
referer-spam-pattern-309
referer-spam-pattern-310
referer-spam-pattern-311
referer-spam-pattern-312
referer-spam-pattern-313
referer-spam-pattern-314
referer-spam-pattern-315
referer-spam-pattern-316
referer-spam-pattern-317
referer-spam-pattern-318
referer-spam-pattern-319
referer-spam-pattern-320
referer-spam-pattern-321
referer-spam-pattern-322
referer-spam-pattern-323
referer-spam-pattern-324
referer-spam-pattern-325
referer-spam-pattern-326
referer-spam-pattern-327
referer-spam-pattern-328
referer-spam-pattern-329
referer-spam-pattern-330
referer-spam-pattern-331
referer-spam-pattern-332
referer-spam-pattern-333
referer-spam-pattern-334
referer-spam-pattern-335
referer-spam-pattern-336
referer-spam-pattern-337
referer-spam-pattern-338
referer-spam-pattern-339
referer-spam-pattern-340
referer-spam-pattern-341
referer-spam-pattern-342
referer-spam-pattern-343
referer-spam-pattern-344
referer-spam-pattern-345
referer-spam-pattern-346
referer-spam-pattern-347
referer-spam-pattern-348
referer-spam-pattern-349
referer-spam-pattern-350
referer-spam-pattern-351
referer-spam-pattern-352
referer-spam-pattern-353
referer-spam-pattern-354
referer-spam-pattern-355
referer-spam-pattern-356
referer-spam-pattern-357
referer-spam-pattern-358
referer-spam-pattern-359
referer-spam-pattern-360
referer-spam-pattern-361
referer-spam-pattern-362
referer-spam-pattern-363
referer-spam-pattern-364
referer-spam-pattern-365
referer-spam-pattern-366
referer-spam-pattern-367
referer-spam-pattern-368
referer-spam-pattern-369
referer-spam-pattern-370
referer-spam-pattern-371
referer-spam-pattern-372
referer-spam-pattern-373
referer-spam-pattern-374
referer-spam-pattern-375
referer-spam-pattern-376
referer-spam-pattern-377
referer-spam-pattern-378
referer-spam-pattern-379
referer-spam-pattern-380
referer-spam-pattern-381
referer-spam-pattern-382
referer-spam-pattern-383
referer-spam-pattern-384
referer-spam-pattern-385
referer-spam-pattern-386
referer-spam-pattern-387
referer-spam-pattern-388
referer-spam-pattern-389
referer-spam-pattern-390
referer-spam-pattern-391
referer-spam-pattern-392
referer-spam-pattern-393
referer-spam-pattern-394
referer-spam-pattern-395
referer-spam-pattern-396
referer-spam-pattern-397
referer-spam-pattern-398
referer-spam-pattern-399
referer-spam-pattern-400
referer-spam-pattern-401
referer-spam-pattern-402
referer-spam-pattern-403
referer-spam-pattern-404
referer-spam-pattern-405
referer-spam-pattern-406
referer-spam-pattern-407
referer-spam-pattern-408
referer-spam-pattern-409
referer-spam-pattern-410
referer-spam-pattern-411
referer-spam-pattern-412
referer-spam-pattern-413
referer-spam-pattern-414
referer-spam-pattern-415
referer-spam-pattern-416
referer-spam-pattern-417
referer-spam-pattern-418
referer-spam-pattern-419
referer-spam-pattern-420
referer-spam-pattern-421
referer-spam-pattern-422
referer-spam-pattern-423
referer-spam-pattern-424
referer-spam-pattern-425
referer-spam-pattern-426
referer-spam-pattern-427
referer-spam-pattern-428
referer-spam-pattern-429
referer-spam-pattern-430
referer-spam-pattern-431
referer-spam-pattern-432
referer-spam-pattern-433
referer-spam-pattern-434
referer-spam-pattern-435
referer-spam-pattern-436
referer-spam-pattern-437
referer-spam-pattern-438
referer-spam-pattern-439
referer-spam-pattern-440
referer-spam-pattern-441
referer-spam-pattern-442
referer-spam-pattern-443
referer-spam-pattern-444
referer-spam-pattern-445
referer-spam-pattern-446
referer-spam-pattern-447
referer-spam-pattern-448
referer-spam-pattern-449
referer-spam-pattern-450
referer-spam-pattern-451
referer-spam-pattern-452
referer-spam-pattern-453
referer-spam-pattern-454
referer-spam-pattern-455
referer-spam-pattern-456
referer-spam-pattern-457
referer-spam-pattern-458
referer-spam-pattern-459
referer-spam-pattern-460
referer-spam-pattern-461
referer-spam-pattern-462
referer-spam-pattern-463
referer-spam-pattern-464
referer-spam-pattern-465
referer-spam-pattern-466
referer-spam-pattern-467
referer-spam-pattern-468
referer-spam-pattern-469
referer-spam-pattern-470
referer-spam-pattern-471
referer-spam-pattern-472
referer-spam-pattern-473
referer-spam-pattern-474
referer-spam-pattern-475
referer-spam-pattern-476
referer-spam-pattern-477
referer-spam-pattern-478
referer-spam-pattern-479
referer-spam-pattern-480
referer-spam-pattern-481
referer-spam-pattern-482
referer-spam-pattern-483
referer-spam-pattern-484
referer-spam-pattern-485
referer-spam-pattern-486
referer-spam-pattern-487
referer-spam-pattern-488
referer-spam-pattern-489
referer-spam-pattern-490
referer-spam-pattern-491
referer-spam-pattern-492
referer-spam-pattern-493
referer-spam-pattern-494
referer-spam-pattern-495
referer-spam-pattern-496
referer-spam-pattern-497
referer-spam-pattern-498
referer-spam-pattern-499
referer-spam-pattern-500
referer-spam-pattern-501
referer-spam-pattern-502
referer-spam-pattern-503
referer-spam-pattern-504
referer-spam-pattern-505
referer-spam-pattern-506
referer-spam-pattern-507
referer-spam-pattern-508
referer-spam-pattern-509
referer-spam-pattern-510
referer-spam-pattern-511
referer-spam-pattern-512
referer-spam-pattern-513
referer-spam-pattern-514
referer-spam-pattern-515
referer-spam-pattern-516
referer-spam-pattern-517
referer-spam-pattern-518
referer-spam-pattern-519
referer-spam-pattern-520
referer-spam-pattern-521
referer-spam-pattern-522
referer-spam-pattern-523
referer-spam-pattern-524
referer-spam-pattern-525
referer-spam-pattern-526
referer-spam-pattern-527
referer-spam-pattern-528
referer-spam-pattern-529
referer-spam-pattern-530
referer-spam-pattern-531
referer-spam-pattern-532
referer-spam-pattern-533
referer-spam-pattern-534
referer-spam-pattern-535
referer-spam-pattern-536
referer-spam-pattern-537
referer-spam-pattern-538
referer-spam-pattern-539
referer-spam-pattern-540
referer-spam-pattern-541
referer-spam-pattern-542
referer-spam-pattern-543
referer-spam-pattern-544
referer-spam-pattern-545
referer-spam-pattern-546
referer-spam-pattern-547
referer-spam-pattern-548
referer-spam-pattern-549
referer-spam-pattern-550
referer-spam-pattern-551
referer-spam-pattern-552
referer-spam-pattern-553
referer-spam-pattern-554
referer-spam-pattern-555
referer-spam-pattern-556
referer-spam-pattern-557
referer-spam-pattern-558
referer-spam-pattern-559
referer-spam-pattern-560
referer-spam-pattern-561
referer-spam-pattern-562
referer-spam-pattern-563
referer-spam-pattern-564
referer-spam-pattern-565
referer-spam-pattern-566
referer-spam-pattern-567
referer-spam-pattern-568
referer-spam-pattern-569
referer-spam-pattern-570
referer-spam-pattern-571
referer-spam-pattern-572
referer-spam-pattern-573
referer-spam-pattern-574
referer-spam-pattern-575
referer-spam-pattern-576
referer-spam-pattern-577
referer-spam-pattern-578
referer-spam-pattern-579
referer-spam-pattern-580
referer-spam-pattern-581
referer-spam-pattern-582
referer-spam-pattern-583
referer-spam-pattern-584
referer-spam-pattern-585
referer-spam-pattern-586
referer-spam-pattern-587
referer-spam-pattern-588
referer-spam-pattern-589
referer-spam-pattern-590
referer-spam-pattern-591
referer-spam-pattern-592
referer-spam-pattern-593
referer-spam-pattern-594
referer-spam-pattern-595
referer-spam-pattern-596
referer-spam-pattern-597
referer-spam-pattern-598
referer-spam-pattern-599
referer-spam-pattern-600
referer-spam-pattern-601
referer-spam-pattern-602
referer-spam-pattern-603
referer-spam-pattern-604
referer-spam-pattern-605
referer-spam-pattern-606
referer-spam-pattern-607
referer-spam-pattern-608
referer-spam-pattern-609
referer-spam-pattern-610
referer-spam-pattern-611
referer-spam-pattern-612
referer-spam-pattern-613
referer-spam-pattern-614
referer-spam-pattern-615
referer-spam-pattern-616
referer-spam-pattern-617
referer-spam-pattern-618
referer-spam-pattern-619
referer-spam-pattern-620
referer-spam-pattern-621
referer-spam-pattern-622
referer-spam-pattern-623
referer-spam-pattern-624
referer-spam-pattern-625
referer-spam-pattern-626
referer-spam-pattern-627
referer-spam-pattern-628
referer-spam-pattern-629
referer-spam-pattern-630
referer-spam-pattern-631
referer-spam-pattern-632
referer-spam-pattern-633
referer-spam-pattern-634
referer-spam-pattern-635
referer-spam-pattern-636
referer-spam-pattern-637
referer-spam-pattern-638
referer-spam-pattern-639
referer-spam-pattern-640
referer-spam-pattern-641
referer-spam-pattern-642
referer-spam-pattern-643
referer-spam-pattern-644
referer-spam-pattern-645
referer-spam-pattern-646
referer-spam-pattern-647
referer-spam-pattern-648
referer-spam-pattern-649
referer-spam-pattern-650
referer-spam-pattern-651
referer-spam-pattern-652
referer-spam-pattern-653
referer-spam-pattern-654
referer-spam-pattern-655
referer-spam-pattern-656
referer-spam-pattern-657
referer-spam-pattern-658
referer-spam-pattern-659
referer-spam-pattern-660
referer-spam-pattern-661
referer-spam-pattern-662
referer-spam-pattern-663
referer-spam-pattern-664
referer-spam-pattern-665
referer-spam-pattern-666
referer-spam-pattern-667
referer-spam-pattern-668
referer-spam-pattern-669
referer-spam-pattern-670
referer-spam-pattern-671
referer-spam-pattern-672
referer-spam-pattern-673
referer-spam-pattern-674
referer-spam-pattern-675
referer-spam-pattern-676
referer-spam-pattern-677
referer-spam-pattern-678
referer-spam-pattern-679
referer-spam-pattern-680
referer-spam-pattern-681
referer-spam-pattern-682
referer-spam-pattern-683
referer-spam-pattern-684
referer-spam-pattern-685
referer-spam-pattern-686
referer-spam-pattern-687
referer-spam-pattern-688
referer-spam-pattern-689
referer-spam-pattern-690
referer-spam-pattern-691
referer-spam-pattern-692
referer-spam-pattern-693
referer-spam-pattern-694
referer-spam-pattern-695
referer-spam-pattern-696
referer-spam-pattern-697
referer-spam-pattern-698
referer-spam-pattern-699
referer-spam-pattern-700
referer-spam-pattern-701
referer-spam-pattern-702
referer-spam-pattern-703
referer-spam-pattern-704
referer-spam-pattern-705
referer-spam-pattern-706
referer-spam-pattern-707
referer-spam-pattern-708
referer-spam-pattern-709
referer-spam-pattern-710
referer-spam-pattern-711
referer-spam-pattern-712
referer-spam-pattern-713
referer-spam-pattern-714
referer-spam-pattern-715
referer-spam-pattern-716
referer-spam-pattern-717
referer-spam-pattern-718
referer-spam-pattern-719
referer-spam-pattern-720
referer-spam-pattern-721
referer-spam-pattern-722
referer-spam-pattern-723
referer-spam-pattern-724
referer-spam-pattern-725
referer-spam-pattern-726
referer-spam-pattern-727
referer-spam-pattern-728
referer-spam-pattern-729
referer-spam-pattern-730
referer-spam-pattern-731
referer-spam-pattern-732
referer-spam-pattern-733
referer-spam-pattern-734
referer-spam-pattern-735
referer-spam-pattern-736
referer-spam-pattern-737
referer-spam-pattern-738
referer-spam-pattern-739
referer-spam-pattern-740
referer-spam-pattern-741
referer-spam-pattern-742
referer-spam-pattern-743
referer-spam-pattern-744
referer-spam-pattern-745
referer-spam-pattern-746
referer-spam-pattern-747
referer-spam-pattern-748
referer-spam-pattern-749
referer-spam-pattern-750
referer-spam-pattern-751
referer-spam-pattern-752
referer-spam-pattern-753
referer-spam-pattern-754
referer-spam-pattern-755
referer-spam-pattern-756
referer-spam-pattern-757
referer-spam-pattern-758
referer-spam-pattern-759
referer-spam-pattern-760
referer-spam-pattern-761
referer-spam-pattern-762
referer-spam-pattern-763
referer-spam-pattern-764
referer-spam-pattern-765
referer-spam-pattern-766
referer-spam-pattern-767
referer-spam-pattern-768
referer-spam-pattern-769
referer-spam-pattern-770
referer-spam-pattern-771
referer-spam-pattern-772
referer-spam-pattern-773
referer-spam-pattern-774
referer-spam-pattern-775
referer-spam-pattern-776
referer-spam-pattern-777
referer-spam-pattern-778
referer-spam-pattern-779
referer-spam-pattern-780
referer-spam-pattern-781
referer-spam-pattern-782
referer-spam-pattern-783
referer-spam-pattern-784
referer-spam-pattern-785
referer-spam-pattern-786
referer-spam-pattern-787
referer-spam-pattern-788
referer-spam-pattern-789
referer-spam-pattern-790
referer-spam-pattern-791
referer-spam-pattern-792
referer-spam-pattern-793
referer-spam-pattern-794
referer-spam-pattern-795
referer-spam-pattern-796
referer-spam-pattern-797
referer-spam-pattern-798
referer-spam-pattern-799
referer-spam-pattern-800
referer-spam-pattern-801
referer-spam-pattern-802
referer-spam-pattern-803
referer-spam-pattern-804
referer-spam-pattern-805
referer-spam-pattern-806
referer-spam-pattern-807
referer-spam-pattern-808
referer-spam-pattern-809
referer-spam-pattern-810
referer-spam-pattern-811
referer-spam-pattern-812
referer-spam-pattern-813
referer-spam-pattern-814
referer-spam-pattern-815
referer-spam-pattern-816
referer-spam-pattern-817
referer-spam-pattern-818
referer-spam-pattern-819
referer-spam-pattern-820
referer-spam-pattern-821
referer-spam-pattern-822
referer-spam-pattern-823
referer-spam-pattern-824
referer-spam-pattern-825
referer-spam-pattern-826
referer-spam-pattern-827
referer-spam-pattern-828
referer-spam-pattern-829
referer-spam-pattern-830
referer-spam-pattern-831
referer-spam-pattern-832
referer-spam-pattern-833
referer-spam-pattern-834
referer-spam-pattern-835
referer-spam-pattern-836
referer-spam-pattern-837
referer-spam-pattern-838
referer-spam-pattern-839
referer-spam-pattern-840
referer-spam-pattern-841
referer-spam-pattern-842
referer-spam-pattern-843
referer-spam-pattern-844
referer-spam-pattern-845
referer-spam-pattern-846
referer-spam-pattern-847
referer-spam-pattern-848
referer-spam-pattern-849
referer-spam-pattern-850
referer-spam-pattern-851
referer-spam-pattern-852
referer-spam-pattern-853
referer-spam-pattern-854
referer-spam-pattern-855
referer-spam-pattern-856
referer-spam-pattern-857
referer-spam-pattern-858
referer-spam-pattern-859
referer-spam-pattern-860
referer-spam-pattern-861
referer-spam-pattern-862
referer-spam-pattern-863
referer-spam-pattern-864
referer-spam-pattern-865
referer-spam-pattern-866
referer-spam-pattern-867
referer-spam-pattern-868
referer-spam-pattern-869
referer-spam-pattern-870
referer-spam-pattern-871
referer-spam-pattern-872
referer-spam-pattern-873
referer-spam-pattern-874
referer-spam-pattern-875
referer-spam-pattern-876
referer-spam-pattern-877
referer-spam-pattern-878
referer-spam-pattern-879
referer-spam-pattern-880
referer-spam-pattern-881
referer-spam-pattern-882
referer-spam-pattern-883
referer-spam-pattern-884
referer-spam-pattern-885
referer-spam-pattern-886
referer-spam-pattern-887
referer-spam-pattern-888
referer-spam-pattern-889
referer-spam-pattern-890
referer-spam-pattern-891
referer-spam-pattern-892
referer-spam-pattern-893
referer-spam-pattern-894
referer-spam-pattern-895
referer-spam-pattern-896
referer-spam-pattern-897
referer-spam-pattern-898
referer-spam-pattern-899
referer-spam-pattern-900
referer-spam-pattern-901
referer-spam-pattern-902
referer-spam-pattern-903
referer-spam-pattern-904
referer-spam-pattern-905
referer-spam-pattern-906
referer-spam-pattern-907
referer-spam-pattern-908
referer-spam-pattern-909
referer-spam-pattern-910
referer-spam-pattern-911
referer-spam-pattern-912
referer-spam-pattern-913
url_acl_per_page = 15
url_encryption_per_page = 15
url_extension_list = dll
exe
asp
pdf
fdf
au
bmp
z
gif
html
htm
shtml
js
mocha
jpeg
jpg
jpe
jfif
pjpeg
pjp
mp2
mpa
abs
mpeg
mpg
mpe
mpv
vbs
mlv
pcx
txt
text
mov
tiff
tar
avi
wav
gz
zip
gzip
pl
jsp
nsf
swf
css
aspx
cgi
do
sh
php
tcl
py
pyc
bat
bin
vb
cs
action
swe
cfm
php3
axd
dwr
php4
url_profiles_per_page = 15
use_bridge_on_server_failure = 0
use_default_restore_location = yes
user_name = admin
user_session_timeout = 15
user_system_ip_acl_incoming_interface = Any
Any
Any
Any
Any
Any
Any
Any
Any
MGMT
MGMT
MGMT
MGMT
WAN
WAN
WAN
WAN
user_system_ip_acl_ip_version = IPV4
IPV4
IPV4
IPV4
IPV4
IPV4
IPV4
IPV4
IPV6
IPV4
IPV6
IPV4
IPV6
IPV4
IPV6
IPV4
IPV6
user_system_ip_acl_type = INPUT
INPUT
INPUT
INPUT
INPUT
INPUT
INPUT
INPUT
INPUT
INPUT
INPUT
FORWARD
FORWARD
INPUT
INPUT
FORWARD
FORWARD
user_system_ip_action_taken = ACCEPT
ACCEPT
ACCEPT
ACCEPT
ACCEPT
ACCEPT
ACCEPT
ACCEPT
ACCEPT
REJECT
REJECT
REJECT
REJECT
REJECT
REJECT
REJECT
REJECT
user_system_ip_dest_port = 42832
7070
8002
32576
32575
8889
22
1-65535
1-65535
1-65535
1-65535
1-65535
1-65535
1-65535
1-65535
user_system_ip_from_hosts_networks = 0.0.0.0
0.0.0.0
0.0.0.0
0.0.0.0
0.0.0.0
0.0.0.0
0.0.0.0
0.0.0.0
0::0
0.0.0.0
0::0
0.0.0.0
0::0
0.0.0.0
0::0
0.0.0.0
0::0
user_system_ip_from_hosts_networks_netmask = 0.0.0.0
0.0.0.0
0.0.0.0
0.0.0.0
0.0.0.0
0.0.0.0
0.0.0.0
0.0.0.0
0
0.0.0.0
0
0.0.0.0
0
0.0.0.0
0
0.0.0.0
0
user_system_ip_log = Off
Off
Off
Off
Off
Off
Off
Off
Off
Off
Off
Off
Off
Off
Off
Off
Off
user_system_ip_name = Webconsconf
Siteminder Session Sync
HA Communication
HA Heartbeat
HA Config Sync
Profile Agent
SSH
ICMP
ICMPv6
MGMT Deny IPv4
MGMT Deny IPv6
Forward MGMT Deny IPv4
Forward MGMT Deny IPv6
WAN Deny IPv4
WAN Deny IPv6
Forward WAN Deny IPv4
Forward WAN Deny IPv6
user_system_ip_priority = 0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
user_system_ip_protocol_allow_deny = TCP
TCP
TCP
UDP
TCP
UDP
TCP
ICMP
IPv6-ICMP
ALL-PROTOCOLS
ALL-PROTOCOLS
ALL-PROTOCOLS
ALL-PROTOCOLS
ALL-PROTOCOLS
ALL-PROTOCOLS
ALL-PROTOCOLS
ALL-PROTOCOLS
user_system_ip_source_port = 1-65535
1-65535
1-65535
1-65535
1-65535
1-65535
1-65535
1-65535
1-65535
1-65535
1-65535
1-65535
1-65535
1-65535
1-65535
user_system_ip_status = 1
0
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
user_system_ip_to_hosts_networks = 0.0.0.0
0.0.0.0
0.0.0.0
0.0.0.0
0.0.0.0
0.0.0.0
0.0.0.0
0.0.0.0
0::0
0.0.0.0
0::0
0.0.0.0
0::0
0.0.0.0
0::0
0.0.0.0
0::0
user_system_ip_to_hosts_networks_netmask = 0.0.0.0
0.0.0.0
0.0.0.0
0.0.0.0
0.0.0.0
0.0.0.0
0.0.0.0
0.0.0.0
0
0.0.0.0
0
0.0.0.0
0
0.0.0.0
0
0.0.0.0
0
user_system_ip_vsite = common_vsite
common_vsite
common_vsite
common_vsite
common_vsite
common_vsite
common_vsite
common_vsite
common_vsite
common_vsite
common_vsite
common_vsite
common_vsite
common_vsite
common_vsite
common_vsite
common_vsite
virtual_ip_config_address = 10.128.0.3
virtual_ip_config_comments =
virtual_ip_config_interface = WAN
virtual_ip_config_ip_version = IPv4
virtual_ip_config_netmask = 255.255.255.255
virtual_ip_config_service_id = 00000000-0000-0000-0000-000000000000
virtual_ip_config_service_name = WAN__IP
virtual_ip_config_vsite = local_vsite:2473849
virus_scan_allow_large_files = 0
vm_license_token = F23NG-UH45M-C5FWY
vsite_name = default
vsite_type = 0
wan_interface_link_status = 1
web_firewall_log_enable_export = 1
web_firewall_log_facility = 16
web_firewall_policy_name = default
saml
sharepoint
sharepoint2013
owa
owa2010
owa2013
oracle
web_log_enable_export = 1
web_log_export_to_csv = 50000
web_log_facility = 16
web_log_messages_per_page = 20
web_scraping_wl_parent_name = Google
Baidu
Microsoft
Yandex
Twitter
Yahoo
# user own format of storing the logs
wf_logs_custom_format = %t %un %lt %sl %ad %ci %cp %ai %ap %ri %rt %at %fa %adl %m %u %p %sid %ua %px %pp %au %r %uid
wf_standard_log_formats = bcwfdef
wsi1001 = 1
wsi1002 = 1
wsi1003 = 1
wsi1004 = 1
wsi1005 = 1
wsi1006 = 1
wsi1007 = 1
wsi1008 = 1
wsi1009 = 0
wsi1010 = 1
wsi1011 = 1
wsi1012 = 1
wsi1013 = 1
wsi1031 = 1
wsi1032 = 1
wsi1033 = 1
wsi1100 = 1
wsi1101 = 1
wsi1103 = 1
wsi1104 = 1
wsi1107 = 1
wsi1109 = 1
wsi1110 = 1
wsi1111 = 1
wsi1116 = 1
wsi1201 = 1
wsi1202 = 1
wsi1203 = 1
wsi1204 = 1
wsi1208 = 1
wsi1211 = 1
wsi1301 = 1
wsi1302 = 1
wsi1305 = 1
wsi1306 = 1
wsi1307 = 1
wsi1308 = 1
wsi1309 = 1
wsi1316 = 1
wsi1318 = 1
wsi1601 = 1
wsi1701 = 1
xdos_block_dtds = 1
xdos_block_ext_uri_ref = 1
xdos_block_proc_inst = 1
xdos_max_attr_namelen = 64
xdos_max_attr_valuelen = 1024
xdos_max_doc_sz = 16K
xdos_max_elm_attrs = 32
xdos_max_elm_children = 100
xdos_max_elm_intree = 10000
xdos_max_elm_namelen = 64
xdos_max_nodes = 1024
xdos_max_tree_depth = 20
xdos_max_txtlen = 1024
xdos_min_doc_sz = 4
xmlfw_db_path = /data/product/xmlfw/xmldb/
xmlfw_enable = 0
#scope:<service>::scope_data:<>
address_version_service = 4
anonymous_proxy_blocking_status = 0
app_profile_check_default_policy = 1
app_profile_session_cookie_timeout = 15
app_profile_state = 1
app_profile_use_profile = 1
aps_attack_prevention_log = 5
aps_attack_prevention_passive = 1
aps_attack_prevention_status = 1
aps_attack_prevention_trusted_hosts_action = 2
aps_auto_correct_ignore_case = 1
aps_instant_ssl_status = 0
aps_redirect_status = 0
aps_rewrite_sharepoint_support = 0
aps_rewrite_status = 0
auth_domain_required = 0
auth_dual_authentication = 0
auth_siteminder_cookie_source_ip_check = 1
auth_siteminder_enable_webauth_log = 0
auth_siteminder_one_session_per_user = 0
auth_siteminder_sso_handle_cookie_provider_url = 0
auth_siteminder_sso_status = 0
auth_status = 0
auth_svc_access_denied_page = default-access-denied-page
auth_svc_active_sync_session_timeout = 480
auth_svc_basic_idp_selection_page = default-idp-selection-page
auth_svc_cookie_path = /
auth_svc_dual_login_page = default-dual-login-page
auth_svc_idle_timeout = 15
auth_svc_login_challenge_page = default-challenge-page
auth_svc_login_failed_page = default-login-failed-page
auth_svc_login_page = default-login-page
auth_svc_login_processor = /nclogin.submit
auth_svc_login_successful_page = default-login-success-page
auth_svc_logout_page = default-login-success-page
auth_svc_logout_processor = /saml.sso/slo/redirect
auth_svc_logout_successful_page = default-logout-success-page
auth_svc_post_processor = /saml.sso/saml2/post
auth_svc_trusted_hosts_action = 0
auth_svc_update_interval = 30
bbl_blocking_status = 0
bf_max_allowed_per_ip_auth = 10
bf_total_interval_auth = 60
bf_url_acl_status_auth = 0
cache_expiry_age = 60
cache_max_objsize = 256
cache_min_objsize = 256
cache_negative_response = 0
cache_req_cachehdrs_ignore = 0
cache_resp_cachehdrs_ignore = 0
cache_status = 0
cipher_input = 1
client_accept_list_status = 0
client_proxy_list_status = 0
compress_min_obj_size = 8192
compress_status = 0
compress_unknown_content_type = 0
custom_blacklisted_ip_status = 0
datacenter_ip_blocking_status = 0
fake_crawler_blocking_status = 0
fingerprint_status = 1
ftp_aps_authentication = 0
geoip_apply_at = 0
geoip_blocking_action = 0
geoip_blocking_status = 0
geoip_logging_status = 0
header_acl_name = referer-acl
http2_status = 0
http_attack_sources_blocking_status = 0
json_last_extm_sequence = 1000
keepalive_requests = 64
keepalive_timeout = 60
krb_debug_status = 0
lb_algorithm = 0
lb_max_req_slow_start = 0
lb_mode = 0
lb_redirect_msg = Moved
lb_redirect_status = 0
lb_redirect_status_code = 302
lb_status = 1
learn_trusted_host_status = 0
learning_max_changes_before_update = 10
learning_request_learning = 1
learning_response_learning = 1
learning_status = 0
log_status = 1
param_profile_filter_options = 0
param_profile_other_options = 0
parseproxy_status = 0
persistency_cookie_name = persistence
persistency_cookie_security = 0
persistency_failover_method = LB
persistency_idle_timeout = 600
persistency_method = NONE
persistency_use_imode = 0
policy_is_default = 0
public_proxy_blocking_status = 0
rate_pol_binding = NONE
rate_pol_status = 0
referer_spam_status = 0
rsa_am_cookie_ip_check = 1
satellite_provider_blocking_status = 0
selected_cipher_list = ECDHE-ECDSA-AES256-GCM-SHA384,ECDHE-RSA-AES256-GCM-SHA384,ECDHE-ECDSA-AES128-GCM-SHA256,ECDHE-RSA-AES128-GCM-SHA256,ECDHE-ECDSA-AES256-SHA384,ECDHE-RSA-AES256-SHA384,ECDHE-ECDSA-AES128-SHA256,ECDHE-RSA-AES128-SHA256,AES256-GCM-SHA384,AES128-GCM-SHA256,AES256-SHA256,AES128-SHA256,ECDHE-ECDSA-AES256-SHA,ECDHE-RSA-AES256-SHA,ECDHE-ECDSA-DES-CBC3-SHA,ECDHE-RSA-DES-CBC3-SHA,ECDHE-ECDSA-AES128-SHA,ECDHE-RSA-AES128-SHA,AES256-SHA,DHE-RSA-AES256-GCM-SHA384,DHE-RSA-AES256-SHA256,DHE-RSA-AES256-SHA,DHE-RSA-CAMELLIA256-SHA,DHE-RSA-AES128-GCM-SHA256,DHE-RSA-AES128-SHA256,DHE-RSA-AES128-SHA,DHE-RSA-CAMELLIA128-SHA,EDH-RSA-DES-CBC3-SHA,CAMELLIA256-SHA,DES-CBC3-SHA,AES128-SHA,CAMELLIA128-SHA,TLS_AES_256_GCM_SHA384,TLS_CHACHA20_POLY1305_SHA256,TLS_AES_128_GCM_SHA256
service_app_protocol = NONE
service_is_vdi = 0
service_port = 80
service_status = 1
service_switch_mode = 0
service_type = HTTP
slowloris_data_transfer_rate = 10
slowloris_incremental_request_timeout = 30
slowloris_incremental_response_timeout = 30
slowloris_max_request_timeout = 600
slowloris_max_response_timeout = 600
slowloris_prevention_status = 0
ssh_attack_sources_blocking_status = 0
ssl_accept_any_policy = 1
ssl_accept_explicit_policy = 0
ssl_des3_sha_enable = 1
ssl_enable_ocsp = 0
ssl_enable_pfs = 0
ssl_enable_ssl3 = 0
ssl_enable_tls = 0
ssl_enable_tls_1_1 = 1
ssl_enable_tls_1_2 = 1
ssl_enable_tls_1_3 = 0
ssl_export_ciphers_enable = 0
ssl_hsts_enabled = 0
ssl_inhibit_any_policy = 0
ssl_inhibit_policy_mapping = 1
ssl_max_active_sessions = 2048
ssl_rc4_md5_enable = 1
ssl_req_client_auth = 0
ssl_req_client_auth_enforce_cert = 1
ssl_session_resumption = 1
ssl_session_timeout = 300
ssl_sni_enabled = 0
ssl_status = 0
st_max_interval = 60
st_status = 0
tor_blocking_status = 0
tranparent_persistency_idle_timeout = 600
transparent_persistency_failover_method = LB
transparent_persistency_method = NONE
url_encryption_status = 0
url_profile_app_structure_options = 0
url_profile_other_exception_options_app_structure = 0
url_profile_other_options = 0
use_xecure = 0
web_firewall_policy_binding = default
websocket_status = 0
x_frame_clickjacking_options = 1
x_frame_clickjacking_status = 0
#scope:<admin_role>::scope_data:<audit-manager>
admin_role_allowed_screens = write:BASIC
write:BASIC:firewall_logs
write:BASIC:access_logs
write:BASIC:audit_logs
write:BASIC:reports
write:BASIC:azure
write:BASIC:ui_search
admin_role_auth_services =
admin_role_denied_screens = BASIC:status
BASIC:services
BASIC:global_security
BASIC:server_certs
BASIC:ip_config
BASIC:notification
BASIC:administration
SECURITY POLICIES
WEBSITES
BOT MITIGATION
ACCESS CONTROL
NETWORKS
ADVANCED
admin_role_objects = write:system/azure-config
read:system_name
write:report_template_name
admin_role_operations = view-traffic-logs
view-aps-logs
view-audit-logs
export-to-CSV-access
export-to-CSV-firewall
export-to-CSV-audit
execute-reports
admin_role_security_policies =
admin_role_services = read:*
admin_role_type = Factory
#scope:<admin_role>::scope_data:<certificate-manager>
admin_role_allowed_screens = write:BASIC
write:BASIC:server_certs
write:BASIC:azure
write:BASIC:ui_search
admin_role_auth_services =
admin_role_denied_screens = BASIC:status
BASIC:services
BASIC:global_security
BASIC:ip_config
BASIC:notification
BASIC:administration
BASIC:firewall_logs
BASIC:access_logs
BASIC:audit_logs
BASIC:reports
SECURITY POLICIES
WEBSITES
BOT MITIGATION
ACCESS CONTROL
NETWORKS
ADVANCED
admin_role_objects = write:multi_cert_name
write:ca_backend_trusted_cert_name
write:multi_cert_trusted
write:system/azure-config
read:system_name
write:ca_trusted_cert_name
admin_role_operations = certificate-management
admin_role_security_policies =
admin_role_services =
admin_role_type = Factory
#scope:<admin_role>::scope_data:<guest>
admin_role_allowed_screens = read:BASIC
read:SECURITY_POLICIES
read:WEBSITES
read:BOT_MITIGATION
read:ACCESS_CONTROL
read:NETWORKS
read:ADVANCED
read:BASIC:status
read:BASIC:services
read:BASIC:global_security
read:BASIC:server_certs
read:BASIC:ip_config
read:BASIC:administration
read:BASIC:firewall_logs
read:BASIC:access_logs
read:BASIC:audit_logs
read:BASIC:notification
read:BASIC:reports
read:BASIC:azure
read:BASIC:ui_search
read:SECURITY_POLICIES:policy_manager
read:SECURITY_POLICIES:request_limits
read:SECURITY_POLICIES:cookie_security
read:SECURITY_POLICIES:url_protection
read:SECURITY_POLICIES:param_protection
read:SECURITY_POLICIES:cloaking
read:SECURITY_POLICIES:data_protection
read:SECURITY_POLICIES:url_normalization
read:SECURITY_POLICIES:global_acls
read:SECURITY_POLICIES:action_policy
read:WEBSITES:website_manager
read:WEBSITES:website_profiles
read:WEBSITES:website_security
read:WEBSITES:json_security
read:WEBSITES:ip_reputation
read:WEBSITES:url_encryption
read:WEBSITES:website_translations
read:WEBSITES:trusted_hosts
read:WEBSITES:adaptive_profiling
read:WEBSITES:exception_profiling
read:WEBSITES:adaptive_profile_config
read:WEBSITES:xml_validations
read:WEBSITES:xml_protection
read:WEBSITES:traffic_management
read:WEBSITES:ftp_block_verb
read:WEBSITES:armored_browser
read:BOT_MITIGATION:bot_mitigation
read:BOT_MITIGATION:bot_spam_mitigation
read:BOT_MITIGATION:ddos_prevention
read:BOT_MITIGATION:bot_libraries
read:ACCESS_CONTROL:external_dir_service
read:ACCESS_CONTROL:authentication
read:ACCESS_CONTROL:local_dir_service
read:ACCESS_CONTROL:client_certs
read:NETWORKS:nw_vsite
read:NETWORKS:interfaces
read:NETWORKS:nw_vlan
read:NETWORKS:nw_interfaces
read:NETWORKS:nw_nat
read:NETWORKS:nw_routes
read:NETWORKS:nw_acl
read:NETWORKS:nw_configuration
read:NETWORKS:nw_firewall_logs
read:ADVANCED:backup_configuration
read:ADVANCED:definition_update
read:ADVANCED:firmware_update
read:ADVANCED:external_syslog
read:ADVANCED:system_logs
read:ADVANCED:templates
read:ADVANCED:view_internal_patterns
read:ADVANCED:libraries
read:ADVANCED:clustering
read:ADVANCED:appearance
read:ADVANCED:advanced_system
read:ADVANCED:ssl
read:ADVANCED:troubleshooting
read:ADVANCED:va_management
read:ADVANCED:ngfirewallsettings
read:ADVANCED:control_center
read:ADVANCED:offline_activation
read:ADVANCED:jobctrl
admin_role_auth_services = read:*
admin_role_denied_screens =
admin_role_objects = read:system/management-configuration
read:system_name
read:backup
read:access_control_name
read:parameter_profile_name
read:auth_rsasecid_svc_user_realm_name
read:access_rule_name
read:trusted_host_group_name
read:vsite_service_groups
read:auth_ldap_svc_user_realm_name
read:security-policies/url-protection
read:web_firewall_policy_name
read:armored_server_name
read:system/lan-configuration
read:armored_browser_policy_name
read:server_name
read:allow_deny_client_name
read:system/logs-format
read:url_profile_optimizer_name
read:services/caching
read:service_name
read:aps_app_map_rule_policy_name
read:auth_radius_svc_user_realm_name
read:rg_web_server_name
read:aps_req_rewrite_policy_name
read:attack_action_name
read:multi_cert_name
read:client_weights_name
read:ca_backend_trusted_cert_name
read:system_ip_pre_dnat_destination_address
read:GEOIP_region_name
read:services/exception-profiling
read:internal_ldap_user_name
read:services/basic-security
read:system_interfaces
read:json_limit_policy_name
read:services/comment-spam
read:internal_ldap_group_name
read:param_profile_optimizer_name
read:system/export-log-settings
read:httpd_acl_ip_admin_address
read:security-policies/parameter-protection
read:services/url-encryption
read:system/secure-administration
read:system/gdpr-compliance
read:rule_group_name
read:aps_content_protection_name
read:header_acl_name
read:id_theft_pattern_name
read:custom_input_data_type_name
read:custom_attack_data_type_name
read:response_page_name
read:bond_id
read:services/compression
read:system/energize-updates
read:GEOIP_block_ip
read:system/exception-heuristics
read:system/network-hsm
read:system/pattern-mode
read:system/email-notifications
read:system_ip_interface_route_address
read:aps_response_rewrite_policy_name
read:system/export-log-filters
read:services/ssl-ocsp
read:session_information_name
read:system/dns
read:services/ip-reputation
read:auth_samlsp_svc_user_realm_name
read:security-policies/request-limits
read:global_adr_name
read:url_encryption_rule_name
read:system_ip_vlan_name
read:system/proxy-server
read:web_scraping_policy_name
read:internal_attack_pattern_name
read:system_host_names
read:system/cookies-and-parameters
read:virtual_ip_config_address
read:services/adaptive-profiling
read:ddos_policy_name
read:learn_rule_name
read:multi_cert_trusted
read:input_pattern_name
read:services/slow-client-attack
read:vsite_name
read:rate_control_pool_name
read:system/ng-firewall
read:system/advanced-settings
read:GEOIP_allow_ip
read:system/azure-config
read:json_url_profile_name
read:url_profile_name
read:system/wan-configuration
read:trap_config_ip_address
read:custom_param_class_name
read:ca_trusted_cert_name
read:report_template_name
read:ssl_crl_name
read:system/syslog-settings
read:aps_url_acl_name
read:system/location
read:security-policies/cloaking
read:web_scraping_wl_parent_name
read:system_ip_name
read:services/authentication
read:system_ntp_server_name
read:custom_id_theft_data_type_name
read:system_ip_static_route_address
read:services/session-tracking
read:services/clickjacking
read:services/website-profile
read:cluster_name
read:cluster_systems
read:auth_krb_svc_user_realm_name
read:attack_pattern_name
read:local_adr_name
read:security-policies/cookie-security
read:trusted_host_name
read:system/custom-headers
read:system/network-configuration
read:cluster/nodes
read:json_key_profile_name
read:user_system_ip_name
read:security-policies/url-normalization
read:system/ftp-access-logs
read:system/snmp
read:syslog_server_name
read:system/appearance
read:system/web-interface
read:system_ip_pre_snat_source_address
read:services/sensitive-parameter-names
read:aps_resp_body_rewrite_policy_name
read:services/ftp-security
read:system/encryption-key
read:module_log_level_name
admin_role_operations = view-traffic-logs
view-aps-logs
view-audit-logs
admin_role_security_policies = read:*
admin_role_service_group = read:*
admin_role_services = read:*
admin_role_type = Factory
admin_role_vsites = read:*
#scope:<admin_role>::scope_data:<monitoring-manager>
admin_role_allowed_screens = write:BASIC
write:ADVANCED
write:BASIC:status
write:BASIC:administration
write:BASIC:firewall_logs
write:BASIC:access_logs
write:BASIC:audit_logs
write:BASIC:notification
write:BASIC:reports
write:BASIC:azure
write:BASIC:ui_search
write:ADVANCED:external_syslog
write:ADVANCED:system_logs
write:ADVANCED:templates
write:ADVANCED:va_management
write:ADVANCED:ngfirewallsettings
write:ADVANCED:control_center
write:ADVANCED:offline_activation
admin_role_auth_services =
admin_role_denied_screens = BASIC:services
BASIC:global_security
BASIC:server_certs
BASIC:ip_config
SECURITY POLICIES
WEBSITES
BOT MITIGATION
ACCESS CONTROL
NETWORKS
ADVANCED:definition_update
ADVANCED:backup_configuration
ADVANCED:clustering
ADVANCED:ssl
ADVANCED:firmware_update
ADVANCED:advanced_system
ADVANCED:troubleshooting
ADVANCED:appearance
ADVANCED:jobctrl
ADVANCED:xml_protection
ADVANCED:admin_access_control
ADVANCED:view_internal_patterns
ADVANCED:libraries
ADVANCED:adaptive_profile_config
admin_role_objects = write:system/logs-format
write:system/export-log-settings
write:httpd_acl_ip_admin_address
write:system/email-notifications
write:system/export-log-filters
write:system_name
write:system/ng-firewall
write:system/azure-config
write:trap_config_ip_address
write:report_template_name
write:system/syslog-settings
write:system/location
write:system/custom-headers
write:system/ftp-access-logs
write:system/snmp
write:syslog_server_name
write:system/web-interface
write:module_log_level_name
admin_role_operations = view-traffic-logs
view-aps-logs
view-audit-logs
export-to-CSV-access
export-to-CSV-audit
export-to-CSV-firewall
configure-syslog
monitor-syslog
configure-export-logs
configure-email-notifications
schedule-reports
execute-reports
configure-notifications
admin_role_security_policies =
admin_role_services = read:*
admin_role_type = Factory
#scope:<admin_role>::scope_data:<network-manager>
admin_role_allowed_screens = write:BASIC
write:NETWORKS
write:ADVANCED
write:BASIC:ip_config
write:BASIC:azure
write:BASIC:ui_search
write:NETWORKS:nw_vsite
write:NETWORKS:interfaces
write:NETWORKS:nw_vlan
write:NETWORKS:nw_interfaces
write:NETWORKS:nw_nat
write:NETWORKS:nw_routes
write:NETWORKS:nw_acl
write:NETWORKS:nw_configuration
write:NETWORKS:nw_firewall_logs
write:ADVANCED:system_logs
write:ADVANCED:templates
write:ADVANCED:troubleshooting
write:ADVANCED:va_management
write:ADVANCED:ngfirewallsettings
write:ADVANCED:control_center
write:ADVANCED:offline_activation
admin_role_auth_services =
admin_role_denied_screens = BASIC:status
BASIC:services
BASIC:global_security
BASIC:notification
BASIC:administration
BASIC:server_certs
BASIC:firewall_logs
BASIC:access_logs
BASIC:audit_logs
BASIC:reports
SECURITY POLICIES
WEBSITES
BOT MITIGATION
ACCESS CONTROL
ADVANCED:definition_update
ADVANCED:external_syslog
ADVANCED:backup_configuration
ADVANCED:clustering
ADVANCED:ssl
ADVANCED:firmware_update
ADVANCED:advanced_system
ADVANCED:appearance
ADVANCED:jobctrl
ADVANCED:xml_protection
ADVANCED:admin_access_control
ADVANCED:view_internal_patterns
ADVANCED:libraries
ADVANCED:adaptive_profile_config
admin_role_objects = write:system/management-configuration
write:system/lan-configuration
write:system_ip_pre_dnat_destination_address
write:system_interfaces
write:bond_id
write:system_ip_interface_route_address
write:system/dns
write:system_name
write:system_ip_vlan_name
write:system/proxy-server
write:system_host_names
write:virtual_ip_config_address
write:vsite_name
write:system/ng-firewall
write:system/azure-config
write:system/wan-configuration
write:system_ip_name
write:system_ip_static_route_address
write:system/network-configuration
write:user_system_ip_name
write:system_ip_pre_snat_source_address
write:vsite_service_groups
admin_role_operations = wan-ip-configuration
lan-ip-configuration
management-ip-configuration
operation-mode
dns-configuration
domain-configuration
proxy-server-configuration
configure-nat
advanced-network-configuration
configure-network-acls
configure-multiple-ip-address
configure-route
configure-vlan
advanced-system-configuration
ping
telnet
dig
tcpdump
traceroute
wget
show-arp
show-route
pktdump
admin_role_security_policies =
admin_role_service_group = **:*
admin_role_services =
admin_role_type = Factory
admin_role_vsites = **:*
#scope:<admin_role>::scope_data:<policy-manager>
admin_role_allowed_screens = write:BASIC
write:SECURITY_POLICIES
write:ADVANCED
write:BASIC:global_security
write:BASIC:azure
write:BASIC:ui_search
write:SECURITY_POLICIES:policy_manager
write:SECURITY_POLICIES:request_limits
write:SECURITY_POLICIES:cookie_security
write:SECURITY_POLICIES:url_protection
write:SECURITY_POLICIES:param_protection
write:SECURITY_POLICIES:cloaking
write:SECURITY_POLICIES:data_protection
write:SECURITY_POLICIES:url_normalization
write:SECURITY_POLICIES:global_acls
write:SECURITY_POLICIES:action_policy
write:ADVANCED:system_logs
write:ADVANCED:templates
write:ADVANCED:view_internal_patterns
write:ADVANCED:libraries
write:ADVANCED:va_management
write:ADVANCED:ngfirewallsettings
write:ADVANCED:control_center
write:ADVANCED:offline_activation
admin_role_auth_services =
admin_role_denied_screens = BASIC:status
BASIC:services
BASIC:server_certs
BASIC:ip_config
BASIC:notification
BASIC:administration
BASIC:firewall_logs
BASIC:access_logs
BASIC:audit_logs
BASIC:reports
WEBSITES
BOT MITIGATION
ACCESS CONTROL
NETWORKS
ADVANCED:definition_update
ADVANCED:external_syslog
ADVANCED:backup_configuration
ADVANCED:clustering
ADVANCED:ssl
ADVANCED:firmware_update
ADVANCED:advanced_system
ADVANCED:troubleshooting
ADVANCED:appearance
ADVANCED:jobctrl
ADVANCED:xml_protection
ADVANCED:admin_access_control
ADVANCED:adaptive_profile_config
admin_role_objects = write:security-policies/url-protection
write:attack_action_name
write:client_weights_name
write:security-policies/parameter-protection
write:aps_content_protection_name
write:id_theft_pattern_name
write:custom_input_data_type_name
write:custom_attack_data_type_name
write:response_page_name
write:security-policies/request-limits
write:global_adr_name
write:internal_attack_pattern_name
write:input_pattern_name
write:rate_control_pool_name
write:system/ng-firewall
read:system_name
write:system/azure-config
write:custom_param_class_name
write:security-policies/cloaking
write:custom_id_theft_data_type_name
write:attack_pattern_name
write:security-policies/cookie-security
write:web_firewall_policy_name
write:security-policies/url-normalization
admin_role_operations = libraries
admin_role_security_policies = **:*
admin_role_services =
admin_role_type = Factory
#scope:<admin_role>::scope_data:<service-manager>
admin_role_allowed_screens = write:BASIC
write:SECURITY_POLICIES
write:WEBSITES
write:BOT_MITIGATION
write:ACCESS_CONTROL
write:ADVANCED
write:BASIC:services
write:BASIC:global_security
write:BASIC:azure
write:BASIC:ui_search
write:SECURITY_POLICIES:policy_manager
write:SECURITY_POLICIES:request_limits
write:SECURITY_POLICIES:cookie_security
write:SECURITY_POLICIES:url_protection
write:SECURITY_POLICIES:param_protection
write:SECURITY_POLICIES:cloaking
write:SECURITY_POLICIES:data_protection
write:SECURITY_POLICIES:url_normalization
write:SECURITY_POLICIES:global_acls
write:SECURITY_POLICIES:action_policy
write:WEBSITES:website_manager
write:WEBSITES:website_profiles
write:WEBSITES:website_security
write:WEBSITES:json_security
write:WEBSITES:ip_reputation
write:WEBSITES:url_encryption
write:WEBSITES:website_translations
write:WEBSITES:trusted_hosts
write:WEBSITES:adaptive_profiling
write:WEBSITES:exception_profiling
write:WEBSITES:adaptive_profile_config
write:WEBSITES:xml_validations
write:WEBSITES:xml_protection
write:WEBSITES:traffic_management
write:WEBSITES:ftp_block_verb
write:WEBSITES:armored_browser
write:BOT_MITIGATION:bot_mitigation
write:BOT_MITIGATION:bot_spam_mitigation
write:BOT_MITIGATION:ddos_prevention
write:BOT_MITIGATION:bot_libraries
write:ACCESS_CONTROL:external_dir_service
write:ACCESS_CONTROL:authentication
write:ACCESS_CONTROL:client_certs
write:ADVANCED:system_logs
write:ADVANCED:templates
write:ADVANCED:view_internal_patterns
write:ADVANCED:libraries
write:ADVANCED:va_management
write:ADVANCED:ngfirewallsettings
write:ADVANCED:control_center
write:ADVANCED:offline_activation
admin_role_auth_services =
admin_role_denied_screens = BASIC:status
BASIC:server_certs
BASIC:ip_config
BASIC:notification
BASIC:administration
BASIC:firewall_logs
BASIC:access_logs
BASIC:audit_logs
BASIC:reports
ACCESS CONTROL:local_dir_service
NETWORKS
ADVANCED:definition_update
ADVANCED:external_syslog
ADVANCED:backup_configuration
ADVANCED:clustering
ADVANCED:ssl
ADVANCED:firmware_update
ADVANCED:advanced_system
ADVANCED:troubleshooting
ADVANCED:appearance
ADVANCED:jobctrl
ADVANCED:xml_protection
ADVANCED:admin_access_control
ADVANCED:adaptive_profile_config
admin_role_objects = write:access_control_name
write:parameter_profile_name
write:auth_rsasecid_svc_user_realm_name
write:access_rule_name
write:trusted_host_group_name
write:vsite_service_groups
write:auth_ldap_svc_user_realm_name
write:security-policies/url-protection
write:armored_server_name
write:armored_browser_policy_name
read:server_name
write:allow_deny_client_name
write:url_profile_optimizer_name
write:services/caching
write:aps_app_map_rule_policy_name
write:auth_radius_svc_user_realm_name
read:rg_web_server_name
write:aps_req_rewrite_policy_name
write:attack_action_name
write:client_weights_name
write:GEOIP_region_name
write:services/exception-profiling
write:services/basic-security
write:json_limit_policy_name
write:services/comment-spam
write:param_profile_optimizer_name
write:security-policies/parameter-protection
write:services/url-encryption
read:rule_group_name
write:aps_content_protection_name
write:header_acl_name
write:id_theft_pattern_name
write:custom_input_data_type_name
write:custom_attack_data_type_name
write:response_page_name
write:services/compression
write:GEOIP_block_ip
write:system/exception-heuristics
read:system_name
write:aps_response_rewrite_policy_name
write:services/ssl-ocsp
write:session_information_name
write:services/ip-reputation
write:auth_samlsp_svc_user_realm_name
write:security-policies/request-limits
write:global_adr_name
write:url_encryption_rule_name
write:web_scraping_policy_name
write:internal_attack_pattern_name
write:services/adaptive-profiling
write:ddos_policy_name
write:learn_rule_name
write:input_pattern_name
write:services/slow-client-attack
write:rate_control_pool_name
write:system/ng-firewall
write:GEOIP_allow_ip
write:system/azure-config
write:json_url_profile_name
write:url_profile_name
write:custom_param_class_name
write:ssl_crl_name
write:aps_url_acl_name
write:security-policies/cloaking
write:web_scraping_wl_parent_name
write:services/authentication
write:custom_id_theft_data_type_name
write:services/session-tracking
write:services/clickjacking
write:services/website-profile
write:auth_krb_svc_user_realm_name
write:attack_pattern_name
write:local_adr_name
write:security-policies/cookie-security
write:web_firewall_policy_name
write:trusted_host_name
write:service_name
write:json_key_profile_name
write:security-policies/url-normalization
write:services/sensitive-parameter-names
write:aps_resp_body_rewrite_policy_name
write:services/ftp-security
read:vsite_name
write:virtual_ip_config_address
admin_role_operations = libraries
configure-multiple-ip-address
admin_role_security_policies = *:*
admin_role_service_group = **:*
admin_role_services = **:*
admin_role_type = Factory
admin_role_vsites = read:*
#scope:<admin_role>::scope_data:<admin>
admin_role_api_privilege = 1
admin_role_auth_services = **:*
admin_role_denied_screens =
admin_role_objects = write:*
admin_role_operations = *:*
admin_role_security_policies = **:*
admin_role_service_group = **:*
admin_role_services = **:*
admin_role_type = Factory
admin_role_vsites = **:*
#scope:<web_firewall_policy>::scope_data:<default>
aps_allow_unrecognized_cookie = 2
aps_allow_unrecognized_cookie_days = 7
aps_charset = 2
aps_cloaking_status = 1
aps_content_protection_action = 1
1
0
aps_content_protection_keep_first = 0
0
0
aps_content_protection_keep_last = 4
4
4
aps_content_protection_name = credit-cards
ssn
directory-indexing
aps_content_protection_pattern =
aps_content_protection_status = 1
1
0
aps_content_protection_type = credit-cards
social-security-numbers
directory-indexing
aps_cookie_exceptions = __utma
__utmc
__utmz
__utmb
AuthSuccessURL
CTSESSION
SMSESSION
SMCHALLENGE
aps_cookie_httponly = 0
aps_cookie_max_age = 1440
aps_cookie_mode = 1
aps_cookie_secure = 0
aps_cookie_status = 1
aps_detect_charset = 0
aps_double_encoding = 0
aps_filter_resp_header = Server
X-Powered-By
X-AspNet-Version
aps_filter_resp_status = 1
aps_limit_max_cookie_name_length = 64
aps_limit_max_cookies = 40
aps_limit_max_header_name_length = 32
aps_limit_max_req_line_length = 4096
aps_limit_num_req_headers = 20
aps_limit_query_length = 4096
aps_limit_req_cookie_length = 4096
aps_limit_req_headers_length = 1024
aps_limit_req_length = 32768
aps_limit_req_url_length = 4096
aps_limit_status = 1
aps_param_separators = &
aps_suppress_return_code = 1
attack_action_action = 0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
1
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
1
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
1
1
1
1
attack_action_deny_response = 1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
attack_action_follow_up_action = 0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
1
1
0
1
1
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
2
2
2
0
0
0
2
2
2
2
2
0
0
0
0
attack_action_follow_up_action_time = 60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
600
600
60
120
120
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
attack_action_name = message-is-not-HTTP1.1
message-is-not-HTTP1.0-or-HTTP1.1
message-is-not-UTF8-or-UTF16
request-is-not-HTTP-POST
resp-has-no-wrapper-named-op
soapaction-hdr-is-not-quoted
DOCTYPE-element
msg-part-accessors-have-no-ns
msg-does-not-include-allhdrs
oneway-resp-non-empty-body
req-matches-wsdl
no-fault-for-bad-env-ns
resp-matches-wsdl
faults-use-dot-notation
atts-in-soap-env-hdr-body
env-ns-is-1998
good-resp-is-not-200ok
processed-resp-status-is-nither-200-nor-202
non-POST-req-does-not-get-405
non-XML-req-does-not-get-415
fault-resp-is-not-defined-in-wsdl-binding
WSI-confirmance-not-in-soap-hdr
WSI-confirmance-is-not-well-formed
WSI-confirmance-claims-are-not-mustunderstand
soapaction-hdr-does-not-match-op-soapaction
msg-body-is-not-soap-env-with-ns
soap-body-children-are-not-ns-qualified
soap-fault-has-envelope-ns
soapenc-arraytype-attr
xml-processing-instructions-in-body
part-accessors-has-xsi-nil
mustunderstand-is-nither-1-nor-0
soap-faultcode-is-not-std
soap-fault-is-not-in-HTTP500-resp
soap-fault-does-not-have-allowed-children
encodingStyle-in-envelope-ns-elements
soap-encodingStyle-in-body-children
envelope-have-children-after-body
soap-fault-children-are-qualified
encodingStyle-in-rpc-literal-grand-children
envelope-and-body-are-not-xml1.0
envelope-does-not-confirm-to-schema
max-tree-depth-exceeded
max-element-name-length-exceeded
max-elements-in-tree-exceeded
max-element-children-exceeded
max-element-attributes-exceeded
max-attribute-name-length-exceeded
max-attribute-value-length-exceeded
max-text-size-exceeded
max-document-size-exceeded
min-document-size-limit
processing-instructions-found
dtd-found
external-uri-ref-found
malformed-xml
invalid-soap-envelope
invalid-soap-header
invalid-soap-body
additional-soap-headers-rcvd
metacharacter-matched-in-header
custom-attack-pattern-in-header
sql-injection-in-header
cross-site-scripting-in-header
os-command-injection-in-header
directory-traversal-in-header
error-response-suppressed
identity-theft-pattern-matched-in-response
response-header-suppressed
custom-error-response-page
directory-traversal-beyond-root
post-request-without-content-length
pre-1.0-request
invalid-method
malformed-version
malformed-end-of-request-line
malformed-header
invalid-header
malformed-cookie
get-request-with-content-length-header
http-1.1-request-without-host
multiple-content-length-headers
malformed-parameter
large-parameter-in-post-data
invalid-or-malformed-http-request
malformed-content-length
domain-not-found-in-profile
no-url-profile-match
total-request-length-exceeded
header-value-length-exceeded
invalid-url-encoding
slash-dot-in-url-path
tilde-in-url-path
cookie-length-exceeded
url-length-exceeded
url-query-length-exceeded
header-count-exceeded
total-request-line-length-exceeded
cookie-count-exceeded
cookie-name-length-exceeded
header-name-length-exceeded
too-many-sessions-for-ip
unrecognized-cookie
cookie-tampered
cookie-expired
mismatched-header-cookie-replay-attack
mismatched-ip-cookie-replay-attack
rate-control-intrusion
brute-force-from-ip
brute-force-from-fingerprint
brute-force-from-all-sources
invalid-url-character-set
url-encryption
virus-found-in-post-request
secure-browsing
slow-client-attack
slow-read-attack
captcha-tries-exceeded
captcha-max-sessions-exceeded
captcha-max-unanswered-exceeded
captcha-response-page
forbidden-method
unknown-content-type-in-post-body
content-length-exceeded
query-string-not-allowed
parameter-name-length-exceeded
too-many-uploaded-files
too-many-parameters
session-not-found
no-param-profile-match
custom-attack-pattern-in-url
sql-injection-pattern-in-url
cross-site-scripting-pattern-in-url
os-command-injection-pattern-in-url
remote-file-inclusion-pattern-in-url
read-only-or-hidden-parameter-tampered
session-invariant-parameter-tampered
session-choice-parameter-tampered
max-instances-of-parameter-exceeded
mandatory-parameter-missing
parameter-value-not-allowed
forbidden-file-extension
forbidden-file-mime-type
file-upload-size-exceeded
metacharacter-in-parameter
parameter-length-exceeded
custom-attack-pattern-in-parameter
parameter-input-validation-failed
sql-injection-pattern-in-parameter
cross-site-scripting-pattern-in-parameter
os-command-injection-pattern-in-parameter
directory-traversal-pattern-in-parameter
session-context-not-found
remote-file-inclusion-pattern-in-parameter
cross-site-request-forgery-attack-detected
keepalive-timeout-exceeded
max-object-depth-exceeded
max-key-length-exceeded
max-keys-in-object-exceeded
max-object-children-exceeded
max-value-length-exceeded
max-values-in-array-exceeded
max-number-limit-exceeded
malformed-json
sql-injection-pattern-in-json
cross-site-scripting-pattern-in-json
os-command-injection-pattern-in-json
directory-traversal-pattern-in-json
remote-file-inclusion-pattern-in-json
custom-attack-pattern-in-json
ldap-injection-in-json
python-php-attack-in-json
http-specific-attack-in-json
apache-struts-attack-in-json
json-key-validation-failed
ldap-injection-medium-in-param
python-php-attacks-medium-in-param
http-specific-attacks-medium-in-param
apache-struts-attacks-medium-in-param
ldap-injection-medium-in-url
python-php-attacks-medium-in-url
http-specific-attacks-medium-in-url
apache-struts-attacks-medium-in-url
ldap-injection-medium-in-header
python-php-attacks-medium-in-header
http-specific-attacks-medium-in-header
apache-struts-attacks-medium-in-header
remote-file-inclusion-pattern-in-header
ws_attack_bots
ws_bots
ws_fake_bots
grip-validation-failed
geo-ip-blocked
tor-ip-blocked
referer-spam-detected
comment-spam-detected
ws_blocked_category
credential-stuffing-detected
fingerprint-challenges-exceeded
missing-referer-header
missing-referer-domain
referer-domain-not-matching-host
missing-useragent-header
attack_action_redirect_url =
attack_action_response_page = default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default-error-resp
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default-virus
default
default
default
default-captcha-tries-error-page
default-captcha-sessions-error-page
default-suspected-activity-error-page
default-captcha-response-page
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default-json-response-page
default-json-response-page
default-json-response-page
default-json-response-page
default-json-response-page
default-json-response-page
default-json-response-page
default-json-response-page
default-json-response-page
default-json-response-page
default-json-response-page
default-json-response-page
default-json-response-page
default-json-response-page
default-json-response-page
default-json-response-page
default-json-response-page
default-json-response-page
default-json-response-page
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default-fingerprint-challenges-exceeded-page
default
default
default
default
attack_action_risk_score = 60
80
80
80
100
100
100
60
80
80
100
80
100
60
60
60
60
60
80
80
100
80
80
80
80
80
80
80
80
100
100
100
100
80
80
80
80
80
100
80
100
100
60
60
60
60
60
60
60
60
60
60
80
80
80
100
100
100
100
80
20
80
90
80
80
80
100
100
100
20
100
100
100
100
100
100
100
100
100
100
60
60
80
100
100
100
60
60
100
100
60
80
100
100
100
100
100
100
100
100
100
100
40
60
40
80
80
80
100
100
100
60
80
100
60
100
100
100
100
100
60
80
60
100
100
40
100
100
100
100
80
90
80
80
80
90
100
100
100
90
90
90
100
100
40
100
80
90
90
80
80
80
100
80
80
100
60
60
60
60
60
60
60
80
80
80
80
80
80
80
80
80
80
80
80
80
80
80
80
80
80
80
80
80
80
80
80
80
80
60
80
80
80
80
90
90
80
90
100
60
80
80
80
attack_description = 205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
174
175
176
184
177
178
179
181
182
183
186
185
187
188
190
191
192
193
7
35
36
37
38
39
17
63
61
62
16
25
60
118
119
120
122
121
124
125
126
127
128
129
77
123
130
131
0
6
11
14
15
41
42
43
44
140
141
142
143
144
30
31
32
116
117
75
145
346
146
12
301
204
293
295
302
297
298
299
300
5
26
40
132
147
148
149
161
163
171
166
167
168
170
134
135
136
137
138
139
150
296
151
152
154
155
156
157
158
159
160
162
164
165
303
304
305
306
307
308
309
310
313
314
315
316
317
318
319
333
334
335
336
340
320
321
322
323
324
325
326
327
328
329
330
331
332
337
338
339
341
342
343
401
402
403
404
421
422
423
424
425
attack_group = xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-dos-violations
xmlfw-dos-violations
xmlfw-dos-violations
xmlfw-dos-violations
xmlfw-dos-violations
xmlfw-dos-violations
xmlfw-dos-violations
xmlfw-dos-violations
xmlfw-dos-violations
xmlfw-dos-violations
xmlfw-dos-violations
xmlfw-dos-violations
xmlfw-dos-violations
xmlfw-dos-violations
xmlfw-soap-violations
xmlfw-soap-violations
xmlfw-soap-violations
xmlfw-soap-violations
header-violations
header-violations
header-violations
header-violations
header-violations
header-violations
response-violations
response-violations
response-violations
response-violations
protocol-violations
protocol-violations
protocol-violations
protocol-violations
protocol-violations
protocol-violations
protocol-violations
protocol-violations
protocol-violations
protocol-violations
protocol-violations
protocol-violations
protocol-violations
protocol-violations
protocol-violations
protocol-violations
application-profile-violations
application-profile-violations
request-policy-violations
request-policy-violations
request-policy-violations
request-policy-violations
request-policy-violations
request-policy-violations
request-policy-violations
request-policy-violations
request-policy-violations
request-policy-violations
request-policy-violations
request-policy-violations
request-policy-violations
request-policy-violations
request-policy-violations
request-policy-violations
request-policy-violations
request-policy-violations
request-policy-violations
advanced-policy-violations
advanced-policy-violations
advanced-policy-violations
advanced-policy-violations
advanced-policy-violations
advanced-policy-violations
advanced-policy-violations
advanced-policy-violations
advanced-policy-violations
advanced-policy-violations
advanced-policy-violations
advanced-policy-violations
advanced-policy-violations
response-violations
url-profile-violations
url-profile-violations
url-profile-violations
url-profile-violations
url-profile-violations
url-profile-violations
url-profile-violations
url-profile-violations
url-profile-violations
url-profile-violations
url-profile-violations
url-profile-violations
url-profile-violations
url-profile-violations
param-profile-violations
param-profile-violations
param-profile-violations
param-profile-violations
param-profile-violations
param-profile-violations
param-profile-violations
param-profile-violations
param-profile-violations
param-profile-violations
param-profile-violations
param-profile-violations
param-profile-violations
param-profile-violations
param-profile-violations
param-profile-violations
param-profile-violations
param-profile-violations
param-profile-violations
param-profile-violations
request-policy-violations
json-limit-violations
json-limit-violations
json-limit-violations
json-limit-violations
json-limit-violations
json-limit-violations
json-limit-violations
json-limit-violations
json-violations
json-violations
json-violations
json-violations
json-violations
json-violations
json-violations
json-violations
json-violations
json-violations
json-violations
param-profile-violations
param-profile-violations
param-profile-violations
param-profile-violations
url-profile-violations
url-profile-violations
url-profile-violations
url-profile-violations
header-violations
header-violations
header-violations
header-violations
header-violations
advanced-policy-violations
advanced-policy-violations
advanced-policy-violations
advanced-policy-violations
advanced-policy-violations
advanced-policy-violations
bot-mitigation-violations
bot-mitigation-violations
bot-mitigation-violations
bot-mitigation-violations
bot-mitigation-violations
protocol-violations
protocol-violations
protocol-violations
protocol-violations
cookie_replay_protection_type = 1
global_adr_action = 0
1
2
2
2
2
2
2
2
0
2
global_adr_comment =
global_adr_deny_response = 1
1
1
1
1
1
1
1
1
1
1
global_adr_extended_match = *
*
(URI-Path req \/.*%23[^/]*)
(URI-Path req "\/.*copy(%20|%09)[^/]*")
*
*
*
*
(Header Translate eq F)
*
(Header Range rco "bytes=[[:blank:]]*[[:digit:]]+-[[:blank:]]*[[:digit:]]+(,[[:blank:]]*[[:digit:]]+-[[:blank:]]*[[:digit:]]+){5}")
global_adr_extended_match_sequence = 1
1
1
2
1
1
1
1
1
1
3
global_adr_follow_up_action = 0
0
0
0
0
0
0
0
0
0
0
global_adr_follow_up_action_time = 60
60
60
60
60
60
60
60
60
60
60
global_adr_name = robots.txt
favicon.ico
backups-prefix-hash
backups-prefix-copy
backups-suffix-sav
backups-suffix-bak
backups-suffix-old
phpinfo
translate-f-vulnerability
access-control-login-url
apache_range_header_vulnerability
global_adr_redirect_url =
global_adr_response_page = default
default
default
default
default
default
default
default
default
default
default
global_adr_status = 1
1
0
1
1
1
1
1
1
1
1
global_adr_url = /*/robots.txt
/*/favicon.ico
/*
/*
/*.sav
/*.bak
/*.old
/*/phpinfo.php
/*.asp
/nclogin.submit
/*
param_protection_internal_attack_types = cross-site-scripting
sql-injection-medium
os-command-injection
ldap-injection-medium
python-php-attacks-medium
http-specific-attacks-medium
apache-struts-attacks-medium
parameter_protection_base64_decode_value = 0
parameter_protection_check_file_mime_type = 0
parameter_protection_denied_meta_characters = %00%01%04%1b%08%5c%7f
parameter_protection_file_upload_extensions = JPG
GIF
PDF
parameter_protection_file_upload_mime_types = image/jpeg
image/gif
application/pdf
parameter_protection_max_param_value_length = 1000
parameter_protection_max_upload_file_size = 1024
parameter_protection_status = 1
parameter_protection_validate_param_name = 0
parameter_protection_white_listed_parameters = __VIEWSTATE
url_protection_allow_methods = GET
POST
HEAD
url_protection_allowed_content_types = application/x-www-form-urlencoded
multipart/form-data
text/xml
application/json
url_protection_internal_attack_types = cross-site-scripting
sql-injection-medium
os-command-injection
ldap-injection-medium
python-php-attacks-medium
http-specific-attacks-medium
apache-struts-attacks-medium
url_protection_max_content_length = 32768
url_protection_max_parameter_name_length = 64
url_protection_max_parameters = 40
url_protection_max_upload_files = 5
url_protection_prevent_csrf = 0
url_protection_status = 1
#scope:<web_firewall_policy>::scope_data:<oracle>
aps_allow_unrecognized_cookie = 2
aps_allow_unrecognized_cookie_days = 7
aps_charset = 2
aps_cloaking_status = 1
aps_content_protection_action = 1
1
0
aps_content_protection_keep_first = 0
0
0
aps_content_protection_keep_last = 4
4
4
aps_content_protection_name = credit-cards
ssn
directory-indexing
aps_content_protection_pattern =
aps_content_protection_status = 1
1
0
aps_content_protection_type = credit-cards
social-security-numbers
directory-indexing
aps_cookie_exceptions = __utma
__utmc
__utmz
__utmb
AuthSuccessURL
CTSESSION
SMSESSION
SMCHALLENGE
aps_cookie_httponly = 0
aps_cookie_max_age = 1440
aps_cookie_mode = 1
aps_cookie_secure = 0
aps_cookie_status = 1
aps_detect_charset = 0
aps_double_encoding = 0
aps_filter_resp_header = Server
X-Powered-By
X-AspNet-Version
aps_filter_resp_status = 1
aps_limit_max_cookie_name_length = 64
aps_limit_max_cookies = 40
aps_limit_max_header_name_length = 32
aps_limit_max_req_line_length = 4096
aps_limit_num_req_headers = 20
aps_limit_query_length = 4096
aps_limit_req_cookie_length = 4096
aps_limit_req_headers_length = 1024
aps_limit_req_length = 32768
aps_limit_req_url_length = 4096
aps_limit_status = 1
aps_param_separators = &
aps_suppress_return_code = 1
attack_action_action = 0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
1
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
1
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
1
1
1
1
attack_action_deny_response = 1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
attack_action_follow_up_action = 0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
1
1
0
1
1
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
2
2
2
0
0
0
2
2
2
2
2
0
0
0
0
attack_action_follow_up_action_time = 60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
600
600
60
120
120
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
attack_action_name = message-is-not-HTTP1.1
message-is-not-HTTP1.0-or-HTTP1.1
message-is-not-UTF8-or-UTF16
request-is-not-HTTP-POST
resp-has-no-wrapper-named-op
soapaction-hdr-is-not-quoted
DOCTYPE-element
msg-part-accessors-have-no-ns
msg-does-not-include-allhdrs
oneway-resp-non-empty-body
req-matches-wsdl
no-fault-for-bad-env-ns
resp-matches-wsdl
faults-use-dot-notation
atts-in-soap-env-hdr-body
env-ns-is-1998
good-resp-is-not-200ok
processed-resp-status-is-nither-200-nor-202
non-POST-req-does-not-get-405
non-XML-req-does-not-get-415
fault-resp-is-not-defined-in-wsdl-binding
WSI-confirmance-not-in-soap-hdr
WSI-confirmance-is-not-well-formed
WSI-confirmance-claims-are-not-mustunderstand
soapaction-hdr-does-not-match-op-soapaction
msg-body-is-not-soap-env-with-ns
soap-body-children-are-not-ns-qualified
soap-fault-has-envelope-ns
soapenc-arraytype-attr
xml-processing-instructions-in-body
part-accessors-has-xsi-nil
mustunderstand-is-nither-1-nor-0
soap-faultcode-is-not-std
soap-fault-is-not-in-HTTP500-resp
soap-fault-does-not-have-allowed-children
encodingStyle-in-envelope-ns-elements
soap-encodingStyle-in-body-children
envelope-have-children-after-body
soap-fault-children-are-qualified
encodingStyle-in-rpc-literal-grand-children
envelope-and-body-are-not-xml1.0
envelope-does-not-confirm-to-schema
max-tree-depth-exceeded
max-element-name-length-exceeded
max-elements-in-tree-exceeded
max-element-children-exceeded
max-element-attributes-exceeded
max-attribute-name-length-exceeded
max-attribute-value-length-exceeded
max-text-size-exceeded
max-document-size-exceeded
min-document-size-limit
processing-instructions-found
dtd-found
external-uri-ref-found
malformed-xml
invalid-soap-envelope
invalid-soap-header
invalid-soap-body
additional-soap-headers-rcvd
metacharacter-matched-in-header
custom-attack-pattern-in-header
sql-injection-in-header
cross-site-scripting-in-header
os-command-injection-in-header
directory-traversal-in-header
error-response-suppressed
identity-theft-pattern-matched-in-response
response-header-suppressed
custom-error-response-page
directory-traversal-beyond-root
post-request-without-content-length
pre-1.0-request
invalid-method
malformed-version
malformed-end-of-request-line
malformed-header
invalid-header
malformed-cookie
get-request-with-content-length-header
http-1.1-request-without-host
multiple-content-length-headers
malformed-parameter
large-parameter-in-post-data
invalid-or-malformed-http-request
malformed-content-length
domain-not-found-in-profile
no-url-profile-match
total-request-length-exceeded
header-value-length-exceeded
invalid-url-encoding
slash-dot-in-url-path
tilde-in-url-path
cookie-length-exceeded
url-length-exceeded
url-query-length-exceeded
header-count-exceeded
total-request-line-length-exceeded
cookie-count-exceeded
cookie-name-length-exceeded
header-name-length-exceeded
too-many-sessions-for-ip
unrecognized-cookie
cookie-tampered
cookie-expired
mismatched-header-cookie-replay-attack
mismatched-ip-cookie-replay-attack
rate-control-intrusion
brute-force-from-ip
brute-force-from-fingerprint
brute-force-from-all-sources
invalid-url-character-set
url-encryption
virus-found-in-post-request
secure-browsing
slow-client-attack
slow-read-attack
captcha-tries-exceeded
captcha-max-sessions-exceeded
captcha-max-unanswered-exceeded
captcha-response-page
forbidden-method
unknown-content-type-in-post-body
content-length-exceeded
query-string-not-allowed
parameter-name-length-exceeded
too-many-uploaded-files
too-many-parameters
session-not-found
no-param-profile-match
custom-attack-pattern-in-url
sql-injection-pattern-in-url
cross-site-scripting-pattern-in-url
os-command-injection-pattern-in-url
remote-file-inclusion-pattern-in-url
read-only-or-hidden-parameter-tampered
session-invariant-parameter-tampered
session-choice-parameter-tampered
max-instances-of-parameter-exceeded
mandatory-parameter-missing
parameter-value-not-allowed
forbidden-file-extension
forbidden-file-mime-type
file-upload-size-exceeded
metacharacter-in-parameter
parameter-length-exceeded
custom-attack-pattern-in-parameter
parameter-input-validation-failed
sql-injection-pattern-in-parameter
cross-site-scripting-pattern-in-parameter
os-command-injection-pattern-in-parameter
directory-traversal-pattern-in-parameter
session-context-not-found
remote-file-inclusion-pattern-in-parameter
cross-site-request-forgery-attack-detected
keepalive-timeout-exceeded
max-object-depth-exceeded
max-key-length-exceeded
max-keys-in-object-exceeded
max-object-children-exceeded
max-value-length-exceeded
max-values-in-array-exceeded
max-number-limit-exceeded
malformed-json
sql-injection-pattern-in-json
cross-site-scripting-pattern-in-json
os-command-injection-pattern-in-json
directory-traversal-pattern-in-json
remote-file-inclusion-pattern-in-json
custom-attack-pattern-in-json
ldap-injection-in-json
python-php-attack-in-json
http-specific-attack-in-json
apache-struts-attack-in-json
json-key-validation-failed
ldap-injection-medium-in-param
python-php-attacks-medium-in-param
http-specific-attacks-medium-in-param
apache-struts-attacks-medium-in-param
ldap-injection-medium-in-url
python-php-attacks-medium-in-url
http-specific-attacks-medium-in-url
apache-struts-attacks-medium-in-url
ldap-injection-medium-in-header
python-php-attacks-medium-in-header
http-specific-attacks-medium-in-header
apache-struts-attacks-medium-in-header
remote-file-inclusion-pattern-in-header
ws_attack_bots
ws_bots
ws_fake_bots
grip-validation-failed
geo-ip-blocked
tor-ip-blocked
referer-spam-detected
comment-spam-detected
ws_blocked_category
credential-stuffing-detected
fingerprint-challenges-exceeded
missing-referer-header
missing-referer-domain
referer-domain-not-matching-host
missing-useragent-header
attack_action_redirect_url =
attack_action_response_page = default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default-error-resp
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default-virus
default
default
default
default-captcha-tries-error-page
default-captcha-sessions-error-page
default-suspected-activity-error-page
default-captcha-response-page
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default-json-response-page
default-json-response-page
default-json-response-page
default-json-response-page
default-json-response-page
default-json-response-page
default-json-response-page
default-json-response-page
default-json-response-page
default-json-response-page
default-json-response-page
default-json-response-page
default-json-response-page
default-json-response-page
default-json-response-page
default-json-response-page
default-json-response-page
default-json-response-page
default-json-response-page
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default-fingerprint-challenges-exceeded-page
default
default
default
default
attack_action_risk_score = 60
80
80
80
100
100
100
60
80
80
100
80
100
60
60
60
60
60
80
80
100
80
80
80
80
80
80
80
80
100
100
100
100
80
80
80
80
80
100
80
100
100
60
60
60
60
60
60
60
60
60
60
80
80
80
100
100
100
100
80
20
80
90
80
80
80
100
100
100
20
100
100
100
100
100
100
100
100
100
100
60
60
80
100
100
100
60
60
100
100
60
80
100
100
100
100
100
100
100
100
100
100
40
60
40
80
80
80
100
100
100
60
80
100
60
100
100
100
100
100
60
80
60
100
100
40
100
100
100
100
80
90
80
80
80
90
100
100
100
90
90
90
100
100
40
100
80
90
90
80
80
80
100
80
80
100
60
60
60
60
60
60
60
80
80
80
80
80
80
80
80
80
80
80
80
80
80
80
80
80
80
80
80
80
80
80
80
80
80
60
80
80
80
80
90
90
80
90
100
60
80
80
80
attack_description = 205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
174
175
176
184
177
178
179
181
182
183
186
185
187
188
190
191
192
193
7
35
36
37
38
39
17
63
61
62
16
25
60
118
119
120
122
121
124
125
126
127
128
129
77
123
130
131
0
6
11
14
15
41
42
43
44
140
141
142
143
144
30
31
32
116
117
75
145
346
146
12
301
204
293
295
302
297
298
299
300
5
26
40
132
147
148
149
161
163
171
166
167
168
170
134
135
136
137
138
139
150
296
151
152
154
155
156
157
158
159
160
162
164
165
303
304
305
306
307
308
309
310
313
314
315
316
317
318
319
333
334
335
336
340
320
321
322
323
324
325
326
327
328
329
330
331
332
337
338
339
341
342
343
401
402
403
404
421
422
423
424
425
attack_group = xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-dos-violations
xmlfw-dos-violations
xmlfw-dos-violations
xmlfw-dos-violations
xmlfw-dos-violations
xmlfw-dos-violations
xmlfw-dos-violations
xmlfw-dos-violations
xmlfw-dos-violations
xmlfw-dos-violations
xmlfw-dos-violations
xmlfw-dos-violations
xmlfw-dos-violations
xmlfw-dos-violations
xmlfw-soap-violations
xmlfw-soap-violations
xmlfw-soap-violations
xmlfw-soap-violations
header-violations
header-violations
header-violations
header-violations
header-violations
header-violations
response-violations
response-violations
response-violations
response-violations
protocol-violations
protocol-violations
protocol-violations
protocol-violations
protocol-violations
protocol-violations
protocol-violations
protocol-violations
protocol-violations
protocol-violations
protocol-violations
protocol-violations
protocol-violations
protocol-violations
protocol-violations
protocol-violations
application-profile-violations
application-profile-violations
request-policy-violations
request-policy-violations
request-policy-violations
request-policy-violations
request-policy-violations
request-policy-violations
request-policy-violations
request-policy-violations
request-policy-violations
request-policy-violations
request-policy-violations
request-policy-violations
request-policy-violations
request-policy-violations
request-policy-violations
request-policy-violations
request-policy-violations
request-policy-violations
request-policy-violations
advanced-policy-violations
advanced-policy-violations
advanced-policy-violations
advanced-policy-violations
advanced-policy-violations
advanced-policy-violations
advanced-policy-violations
advanced-policy-violations
advanced-policy-violations
advanced-policy-violations
advanced-policy-violations
advanced-policy-violations
advanced-policy-violations
response-violations
url-profile-violations
url-profile-violations
url-profile-violations
url-profile-violations
url-profile-violations
url-profile-violations
url-profile-violations
url-profile-violations
url-profile-violations
url-profile-violations
url-profile-violations
url-profile-violations
url-profile-violations
url-profile-violations
param-profile-violations
param-profile-violations
param-profile-violations
param-profile-violations
param-profile-violations
param-profile-violations
param-profile-violations
param-profile-violations
param-profile-violations
param-profile-violations
param-profile-violations
param-profile-violations
param-profile-violations
param-profile-violations
param-profile-violations
param-profile-violations
param-profile-violations
param-profile-violations
param-profile-violations
param-profile-violations
request-policy-violations
json-limit-violations
json-limit-violations
json-limit-violations
json-limit-violations
json-limit-violations
json-limit-violations
json-limit-violations
json-limit-violations
json-violations
json-violations
json-violations
json-violations
json-violations
json-violations
json-violations
json-violations
json-violations
json-violations
json-violations
param-profile-violations
param-profile-violations
param-profile-violations
param-profile-violations
url-profile-violations
url-profile-violations
url-profile-violations
url-profile-violations
header-violations
header-violations
header-violations
header-violations
header-violations
advanced-policy-violations
advanced-policy-violations
advanced-policy-violations
advanced-policy-violations
advanced-policy-violations
advanced-policy-violations
bot-mitigation-violations
bot-mitigation-violations
bot-mitigation-violations
bot-mitigation-violations
bot-mitigation-violations
protocol-violations
protocol-violations
protocol-violations
protocol-violations
cookie_replay_protection_type = 1
global_adr_action = 2
1
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
3
0
0
0
0
0
0
0
0
0
0
0
0
3
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
global_adr_comment =
global_adr_deny_response = 1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
global_adr_extended_match = *
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
*
global_adr_extended_match_sequence = 1000
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
global_adr_follow_up_action = 0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
global_adr_follow_up_action_time = 60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
global_adr_name = catch-all-deny
diag-pack-vuln
oa-media-gif
oa-media-jpg
oa-media-jpeg
oa-media-bmp
oa-html-gif
oa-html-jpg
oa-html-jpeg
oa-html-bmp
oa-html-js
oa-html-css
oa-html-xss
oa-html-xls
oa-html-avi
oa-html-htm
oa-html-html
robots.txt
favicon.ico
access-control-login-url
one.jsp
a.jsp
calendarDialog.jsp
frameRedirect.jsp
fred.jsp
gr.jsp
fnderror.jsp
redirect-root
oracle.jsp
OA.jsp
RF.jsp
AppsLocalLogin.jsp
AppsLocalLogout.jsp
OALogout.jsp
OAErrorPage.jsp
OAErrorDetailPage.jsp
fndvalid.jsp
AppsLogin
sso.AppsLogin
sso.AppsLogout
redirect-help
oajinit.exe
j-oajinit.exe
f60cgi
find_icx_launch.launch
find_icx_launch.runforms
OA_JAVA.gif
OA_JAVA.jpg
OA_JAVA.jpeg
OA_JAVA.bmp
fndforms.jar
fndformsi18n.jar
fndewt.jar
fndswing.jar
fndbalishare.jar
fndaol.jar
fndctx.jar
fndlist.jar
fndutil.jar
KeyboardFocusManager.class
MainBeanInfo.class
SunMainBeanInfo.class
JBufferedAppletBeanInfo.class
SunJBufferedAppletBeanInfo.class
BufferedAppletBeanInfo.class
SunBufferedAppletBeanInfo.class
PopupAppletBeanInfo.class
SunPopupAppletBeanInfo.class
Sensor.class
Registry.dat
OracleApplications.dat
properties
formservlet
glhelib.jar
glahelib.jar
global_adr_redirect_url =
/OA_HTML/AppsLocalLogin.jsp
/help/
global_adr_response_page = default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
global_adr_status = 1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
global_adr_url = /*
/OA_HTML/jtfqa*
/OA_MEDIA/*.gif
/OA_MEDIA/*.jpg
/OA_MEDIA/*.jpeg
/OA_MEDIA/*.bmp
/OA_HTML/*.gif
/OA_HTML/*.jpg
/OA_HTML/*.jpeg
/OA_HTML/*.bmp
/OA_HTML/*.js
/OA_HTML/*.css
/OA_HTML/*.xss
/OA_HTML/*.xls
/OA_HTML/*.avi
/OA_HTML/*.htm
/OA_HTML/*.html
/*/robots.txt
/*/favicon.ico
/nclogin.submit
/OA_HTML/cabo/jsps/1.jsp
/OA_HTML/cabo/jsps/a.jsp
/OA_HTML/cabo/jsps/calendarDialog.jsp
/OA_HTML/cabo/jsps/frameRedirect.jsp
/OA_HTML/cabo/jsps/fred.jsp
/OA_HTML/cabo/jsps/gr.jsp
/OA_HTML/fnderror.jsp
/
/oa_servlets/oracle.jsp.JspServlet
/OA_HTML/OA.jsp
/OA_HTML/RF.jsp
/OA_HTML/AppsLocalLogin.jsp
/OA_HTML/AppsLocalLogout.jsp
/OA_HTML/OALogout.jsp
/OA_HTML/OAErrorPage.jsp
/OA_HTML/OAErrorDetailPage.jsp
/OA_HTML/fndvald.jsp
/oa_servelets/AppsLogin
/oa_servelets/oracle.apps.find.sso.AppsLogin
/oa_servelets/oracle.apps.find.sso.AppsLogout
/OA_HTML/jsp/fnd/fndhelp.jsp
/html/oajinit.exe
/jinitiator/oajinit.exe
/dev60cgi/f60cgi
/pls/*/fnd_icx_launch.launch
/pls/*/fnd_icx_launch.runforms
/OA_JAVA/*.gif
/OA_JAVA/*.jpg
/OA_JAVA/*.jpeg
/OA_JAVA/*.bmp
/OA_JAVA/oracle/apps/fnd/jar/fndforms.jar
/OA_JAVA/oracle/apps/fnd/jar/fndformsi18n.jar
/OA_JAVA/oracle/apps/fnd/jar/fndewt.jar
/OA_JAVA/oracle/apps/fnd/jar/fndswing.jar
/OA_JAVA/oracle/apps/fnd/jar/fndbalishare.jar
/OA_JAVA/oracle/apps/fnd/jar/fndaol.jar
/OA_JAVA/oracle/apps/fnd/jar/fndctx.jar
/OA_JAVA/oracle/apps/fnd/jar/fndlist.jar
/OA_JAVA/oracle/apps/fnd/jar/fndutil.jar
/OA_JAVA/java/awt/KeyboardFocusManager.class
/OA_JAVA/oracle/forms/engine/MainBeanInfo.class
/OA_JAVA/sun/beans/infos/MainBeanInfo.class
/OA_JAVA/oracle/ewt/swing/JBufferedAppletBeanInfo.class
/OA_JAVA/sun/beans/infos/JBufferedAppletBeanInfo.class
/OA_JAVA/oracle/ewt/lwAWT/BufferedAppletBeanInfo.class
/OA_JAVA/sun/beans/infos/BufferedAppletBeanInfo.class
/OA_JAVA/oracle/ewt/popup/PopupAppletBeanInfo.class
/OA_JAVA/sun/beans/infos/PopupAppletBeanInfo.class
/OA_JAVA/oracle/dms/instrument/Sensor.class
/OA_JAVA/oracle/forms/registry/Registry.dat
/OA_JAVA/oracle/apps/fnd/formsClient/OracleApplications.dat
/OA_JAVA/oracle/*.properties
/forms/formservlet
/OA_JAVA/oracle/apps/gl/jar/glhelib.jar
/OA_JAVA/oracle/apps/gl/jar/glahelib.jar
param_protection_internal_attack_types = cross-site-scripting
sql-injection-medium
os-command-injection
ldap-injection-medium
python-php-attacks-medium
http-specific-attacks-medium
apache-struts-attacks-medium
parameter_protection_base64_decode_value = 0
parameter_protection_check_file_mime_type = 0
parameter_protection_denied_meta_characters = %00%01%04%1b%08%5c%7f
parameter_protection_file_upload_extensions = JPG
GIF
PDF
parameter_protection_file_upload_mime_types = image/jpeg
image/gif
application/pdf
parameter_protection_max_param_value_length = 1000
parameter_protection_max_upload_file_size = 1024
parameter_protection_status = 1
parameter_protection_validate_param_name = 0
parameter_protection_white_listed_parameters = __VIEWSTATE
url_protection_allow_methods = GET
POST
HEAD
url_protection_allowed_content_types = application/x-www-form-urlencoded
multipart/form-data
text/xml
application/json
url_protection_internal_attack_types = cross-site-scripting
sql-injection-medium
os-command-injection
ldap-injection-medium
python-php-attacks-medium
http-specific-attacks-medium
apache-struts-attacks-medium
url_protection_max_content_length = 32768
url_protection_max_parameter_name_length = 64
url_protection_max_parameters = 40
url_protection_max_upload_files = 5
url_protection_prevent_csrf = 0
url_protection_status = 1
#scope:<web_firewall_policy>::scope_data:<owa>
aps_allow_unrecognized_cookie = 2
aps_allow_unrecognized_cookie_days = 7
aps_charset = 2
aps_cloaking_status = 1
aps_content_protection_action = 1
1
0
aps_content_protection_keep_first = 0
0
0
aps_content_protection_keep_last = 4
4
4
aps_content_protection_name = credit-cards
ssn
directory-indexing
aps_content_protection_pattern =
aps_content_protection_status = 1
1
0
aps_content_protection_type = credit-cards
social-security-numbers
directory-indexing
aps_cookie_exceptions = __utma
__utmc
__utmz
__utmb
AuthSuccessURL
CTSESSION
SMSESSION
SMCHALLENGE
aps_cookie_httponly = 0
aps_cookie_max_age = 1440
aps_cookie_mode = 1
aps_cookie_secure = 0
aps_cookie_status = 1
aps_detect_charset = 0
aps_double_encoding = 0
aps_filter_resp_header = Server
X-Powered-By
X-AspNet-Version
aps_filter_resp_status = 1
aps_limit_max_cookie_name_length = 64
aps_limit_max_cookies = 40
aps_limit_max_header_name_length = 32
aps_limit_max_req_line_length = 4096
aps_limit_num_req_headers = 20
aps_limit_query_length = 4096
aps_limit_req_cookie_length = 4096
aps_limit_req_headers_length = 1024
aps_limit_req_length = 32768
aps_limit_req_url_length = 4096
aps_limit_status = 1
aps_param_separators = &
aps_suppress_return_code = 0
attack_action_action = 0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
1
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
1
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
1
1
1
1
attack_action_deny_response = 1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
attack_action_follow_up_action = 0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
1
1
0
1
1
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
2
2
2
0
0
0
2
2
2
2
2
0
0
0
0
attack_action_follow_up_action_time = 60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
600
600
60
120
120
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
attack_action_name = message-is-not-HTTP1.1
message-is-not-HTTP1.0-or-HTTP1.1
message-is-not-UTF8-or-UTF16
request-is-not-HTTP-POST
resp-has-no-wrapper-named-op
soapaction-hdr-is-not-quoted
DOCTYPE-element
msg-part-accessors-have-no-ns
msg-does-not-include-allhdrs
oneway-resp-non-empty-body
req-matches-wsdl
no-fault-for-bad-env-ns
resp-matches-wsdl
faults-use-dot-notation
atts-in-soap-env-hdr-body
env-ns-is-1998
good-resp-is-not-200ok
processed-resp-status-is-nither-200-nor-202
non-POST-req-does-not-get-405
non-XML-req-does-not-get-415
fault-resp-is-not-defined-in-wsdl-binding
WSI-confirmance-not-in-soap-hdr
WSI-confirmance-is-not-well-formed
WSI-confirmance-claims-are-not-mustunderstand
soapaction-hdr-does-not-match-op-soapaction
msg-body-is-not-soap-env-with-ns
soap-body-children-are-not-ns-qualified
soap-fault-has-envelope-ns
soapenc-arraytype-attr
xml-processing-instructions-in-body
part-accessors-has-xsi-nil
mustunderstand-is-nither-1-nor-0
soap-faultcode-is-not-std
soap-fault-is-not-in-HTTP500-resp
soap-fault-does-not-have-allowed-children
encodingStyle-in-envelope-ns-elements
soap-encodingStyle-in-body-children
envelope-have-children-after-body
soap-fault-children-are-qualified
encodingStyle-in-rpc-literal-grand-children
envelope-and-body-are-not-xml1.0
envelope-does-not-confirm-to-schema
max-tree-depth-exceeded
max-element-name-length-exceeded
max-elements-in-tree-exceeded
max-element-children-exceeded
max-element-attributes-exceeded
max-attribute-name-length-exceeded
max-attribute-value-length-exceeded
max-text-size-exceeded
max-document-size-exceeded
min-document-size-limit
processing-instructions-found
dtd-found
external-uri-ref-found
malformed-xml
invalid-soap-envelope
invalid-soap-header
invalid-soap-body
additional-soap-headers-rcvd
metacharacter-matched-in-header
custom-attack-pattern-in-header
sql-injection-in-header
cross-site-scripting-in-header
os-command-injection-in-header
directory-traversal-in-header
error-response-suppressed
identity-theft-pattern-matched-in-response
response-header-suppressed
custom-error-response-page
directory-traversal-beyond-root
post-request-without-content-length
pre-1.0-request
invalid-method
malformed-version
malformed-end-of-request-line
malformed-header
invalid-header
malformed-cookie
get-request-with-content-length-header
http-1.1-request-without-host
multiple-content-length-headers
malformed-parameter
large-parameter-in-post-data
invalid-or-malformed-http-request
malformed-content-length
domain-not-found-in-profile
no-url-profile-match
total-request-length-exceeded
header-value-length-exceeded
invalid-url-encoding
slash-dot-in-url-path
tilde-in-url-path
cookie-length-exceeded
url-length-exceeded
url-query-length-exceeded
header-count-exceeded
total-request-line-length-exceeded
cookie-count-exceeded
cookie-name-length-exceeded
header-name-length-exceeded
too-many-sessions-for-ip
unrecognized-cookie
cookie-tampered
cookie-expired
mismatched-header-cookie-replay-attack
mismatched-ip-cookie-replay-attack
rate-control-intrusion
brute-force-from-ip
brute-force-from-fingerprint
brute-force-from-all-sources
invalid-url-character-set
url-encryption
virus-found-in-post-request
secure-browsing
slow-client-attack
slow-read-attack
captcha-tries-exceeded
captcha-max-sessions-exceeded
captcha-max-unanswered-exceeded
captcha-response-page
forbidden-method
unknown-content-type-in-post-body
content-length-exceeded
query-string-not-allowed
parameter-name-length-exceeded
too-many-uploaded-files
too-many-parameters
session-not-found
no-param-profile-match
custom-attack-pattern-in-url
sql-injection-pattern-in-url
cross-site-scripting-pattern-in-url
os-command-injection-pattern-in-url
remote-file-inclusion-pattern-in-url
read-only-or-hidden-parameter-tampered
session-invariant-parameter-tampered
session-choice-parameter-tampered
max-instances-of-parameter-exceeded
mandatory-parameter-missing
parameter-value-not-allowed
forbidden-file-extension
forbidden-file-mime-type
file-upload-size-exceeded
metacharacter-in-parameter
parameter-length-exceeded
custom-attack-pattern-in-parameter
parameter-input-validation-failed
sql-injection-pattern-in-parameter
cross-site-scripting-pattern-in-parameter
os-command-injection-pattern-in-parameter
directory-traversal-pattern-in-parameter
session-context-not-found
remote-file-inclusion-pattern-in-parameter
cross-site-request-forgery-attack-detected
keepalive-timeout-exceeded
max-object-depth-exceeded
max-key-length-exceeded
max-keys-in-object-exceeded
max-object-children-exceeded
max-value-length-exceeded
max-values-in-array-exceeded
max-number-limit-exceeded
malformed-json
sql-injection-pattern-in-json
cross-site-scripting-pattern-in-json
os-command-injection-pattern-in-json
directory-traversal-pattern-in-json
remote-file-inclusion-pattern-in-json
custom-attack-pattern-in-json
ldap-injection-in-json
python-php-attack-in-json
http-specific-attack-in-json
apache-struts-attack-in-json
json-key-validation-failed
ldap-injection-medium-in-param
python-php-attacks-medium-in-param
http-specific-attacks-medium-in-param
apache-struts-attacks-medium-in-param
ldap-injection-medium-in-url
python-php-attacks-medium-in-url
http-specific-attacks-medium-in-url
apache-struts-attacks-medium-in-url
ldap-injection-medium-in-header
python-php-attacks-medium-in-header
http-specific-attacks-medium-in-header
apache-struts-attacks-medium-in-header
remote-file-inclusion-pattern-in-header
ws_attack_bots
ws_bots
ws_fake_bots
grip-validation-failed
geo-ip-blocked
tor-ip-blocked
referer-spam-detected
comment-spam-detected
ws_blocked_category
credential-stuffing-detected
fingerprint-challenges-exceeded
missing-referer-header
missing-referer-domain
referer-domain-not-matching-host
missing-useragent-header
attack_action_redirect_url =
attack_action_response_page = default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default-error-resp
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default-virus
default
default
default
default-captcha-tries-error-page
default-captcha-sessions-error-page
default-suspected-activity-error-page
default-captcha-response-page
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default-json-response-page
default-json-response-page
default-json-response-page
default-json-response-page
default-json-response-page
default-json-response-page
default-json-response-page
default-json-response-page
default-json-response-page
default-json-response-page
default-json-response-page
default-json-response-page
default-json-response-page
default-json-response-page
default-json-response-page
default-json-response-page
default-json-response-page
default-json-response-page
default-json-response-page
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default-fingerprint-challenges-exceeded-page
default
default
default
default
attack_action_risk_score = 60
80
80
80
100
100
100
60
80
80
100
80
100
60
60
60
60
60
80
80
100
80
80
80
80
80
80
80
80
100
100
100
100
80
80
80
80
80
100
80
100
100
60
60
60
60
60
60
60
60
60
60
80
80
80
100
100
100
100
80
20
80
90
80
80
80
100
100
100
20
100
100
100
100
100
100
100
100
100
100
60
60
80
100
100
100
60
60
100
100
60
80
100
100
100
100
100
100
100
100
100
100
40
60
40
80
80
80
100
100
100
60
80
100
60
100
100
100
100
100
60
80
60
100
100
40
100
100
100
100
80
90
80
80
80
90
100
100
100
90
90
90
100
100
40
100
80
90
90
80
80
80
100
80
80
100
60
60
60
60
60
60
60
80
80
80
80
80
80
80
80
80
80
80
80
80
80
80
80
80
80
80
80
80
80
80
80
80
80
60
80
80
80
80
90
90
80
90
100
60
80
80
80
attack_description = 205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
174
175
176
184
177
178
179
181
182
183
186
185
187
188
190
191
192
193
7
35
36
37
38
39
17
63
61
62
16
25
60
118
119
120
122
121
124
125
126
127
128
129
77
123
130
131
0
6
11
14
15
41
42
43
44
140
141
142
143
144
30
31
32
116
117
75
145
346
146
12
301
204
293
295
302
297
298
299
300
5
26
40
132
147
148
149
161
163
171
166
167
168
170
134
135
136
137
138
139
150
296
151
152
154
155
156
157
158
159
160
162
164
165
303
304
305
306
307
308
309
310
313
314
315
316
317
318
319
333
334
335
336
340
320
321
322
323
324
325
326
327
328
329
330
331
332
337
338
339
341
342
343
401
402
403
404
421
422
423
424
425
attack_group = xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-dos-violations
xmlfw-dos-violations
xmlfw-dos-violations
xmlfw-dos-violations
xmlfw-dos-violations
xmlfw-dos-violations
xmlfw-dos-violations
xmlfw-dos-violations
xmlfw-dos-violations
xmlfw-dos-violations
xmlfw-dos-violations
xmlfw-dos-violations
xmlfw-dos-violations
xmlfw-dos-violations
xmlfw-soap-violations
xmlfw-soap-violations
xmlfw-soap-violations
xmlfw-soap-violations
header-violations
header-violations
header-violations
header-violations
header-violations
header-violations
response-violations
response-violations
response-violations
response-violations
protocol-violations
protocol-violations
protocol-violations
protocol-violations
protocol-violations
protocol-violations
protocol-violations
protocol-violations
protocol-violations
protocol-violations
protocol-violations
protocol-violations
protocol-violations
protocol-violations
protocol-violations
protocol-violations
application-profile-violations
application-profile-violations
request-policy-violations
request-policy-violations
request-policy-violations
request-policy-violations
request-policy-violations
request-policy-violations
request-policy-violations
request-policy-violations
request-policy-violations
request-policy-violations
request-policy-violations
request-policy-violations
request-policy-violations
request-policy-violations
request-policy-violations
request-policy-violations
request-policy-violations
request-policy-violations
request-policy-violations
advanced-policy-violations
advanced-policy-violations
advanced-policy-violations
advanced-policy-violations
advanced-policy-violations
advanced-policy-violations
advanced-policy-violations
advanced-policy-violations
advanced-policy-violations
advanced-policy-violations
advanced-policy-violations
advanced-policy-violations
advanced-policy-violations
response-violations
url-profile-violations
url-profile-violations
url-profile-violations
url-profile-violations
url-profile-violations
url-profile-violations
url-profile-violations
url-profile-violations
url-profile-violations
url-profile-violations
url-profile-violations
url-profile-violations
url-profile-violations
url-profile-violations
param-profile-violations
param-profile-violations
param-profile-violations
param-profile-violations
param-profile-violations
param-profile-violations
param-profile-violations
param-profile-violations
param-profile-violations
param-profile-violations
param-profile-violations
param-profile-violations
param-profile-violations
param-profile-violations
param-profile-violations
param-profile-violations
param-profile-violations
param-profile-violations
param-profile-violations
param-profile-violations
request-policy-violations
json-limit-violations
json-limit-violations
json-limit-violations
json-limit-violations
json-limit-violations
json-limit-violations
json-limit-violations
json-limit-violations
json-violations
json-violations
json-violations
json-violations
json-violations
json-violations
json-violations
json-violations
json-violations
json-violations
json-violations
param-profile-violations
param-profile-violations
param-profile-violations
param-profile-violations
url-profile-violations
url-profile-violations
url-profile-violations
url-profile-violations
header-violations
header-violations
header-violations
header-violations
header-violations
advanced-policy-violations
advanced-policy-violations
advanced-policy-violations
advanced-policy-violations
advanced-policy-violations
advanced-policy-violations
bot-mitigation-violations
bot-mitigation-violations
bot-mitigation-violations
bot-mitigation-violations
bot-mitigation-violations
protocol-violations
protocol-violations
protocol-violations
protocol-violations
cookie_replay_protection_type = 1
global_adr_action = 1
0
1
2
2
2
2
2
2
2
0
global_adr_comment =
global_adr_deny_response = 1
1
1
1
1
1
1
1
1
1
1
global_adr_extended_match = *
*
*
(URI-Path req \/.*%23[^/]*)
(URI-Path req "\/.*copy(%20|%09)[^/]*")
*
*
*
*
(Header Translate eq F)
*
global_adr_extended_match_sequence = 1
1
1
1
2
1
1
1
1
1
1
global_adr_follow_up_action = 0
0
0
0
0
0
0
0
0
0
0
global_adr_follow_up_action_time = 60
60
60
60
60
60
60
60
60
60
60
global_adr_name = rpcproxy
robots.txt
favicon.ico
backups-prefix-hash
backups-prefix-copy
backups-suffix-sav
backups-suffix-bak
backups-suffix-old
phpinfo
translate-f-vulnerability
access-control-login-url
global_adr_redirect_url =
global_adr_response_page = default
default
default
default
default
default
default
default
default
default
default
global_adr_status = 1
1
1
0
1
1
1
1
1
1
1
global_adr_url = /rpc/rpcproxy.dll
/*/robots.txt
/*/favicon.ico
/*
/*
/*.sav
/*.bak
/*.old
/*/phpinfo.php
/*.asp
/nclogin.submit
param_protection_internal_attack_types = cross-site-scripting
sql-injection-medium
os-command-injection
ldap-injection-medium
python-php-attacks-medium
http-specific-attacks-medium
apache-struts-attacks-medium
parameter_protection_base64_decode_value = 0
parameter_protection_check_file_mime_type = 0
parameter_protection_denied_meta_characters = %00%01%04%1b%08%5c%7f
parameter_protection_file_upload_extensions = JPG
GIF
PDF
parameter_protection_file_upload_mime_types = image/jpeg
image/gif
application/pdf
parameter_protection_max_param_value_length = 1024
parameter_protection_max_upload_file_size = 1024
parameter_protection_status = 1
parameter_protection_validate_param_name = 0
parameter_protection_white_listed_parameters = __VIEWSTATE
url_protection_allow_methods = GET
POST
PUT
HEAD
CONNECT
OPTIONS
DELETE
SEARCH
POLL
PROPFIND
BMOVE
BCOPY
SUBSCRIBE
MOVE
PROPPATCH
BPROPPATCH
BDELETE
MKCOL
RPC_OUT_DATA
RPC_IN_DATA
COPY
ERROR
LOCK
PURGE
TRACE
UNLOCK
url_protection_allowed_content_types = application/x-www-form-urlencoded
multipart/form-data
application/x-www-UTF8-encoded
text/xml
text/plain
application/vnd.ms-sync.wbxml
message/rfc822
application/json
application/mapi-http
url_protection_internal_attack_types = cross-site-scripting
sql-injection-medium
os-command-injection
ldap-injection-medium
python-php-attacks-medium
http-specific-attacks-medium
apache-struts-attacks-medium
url_protection_max_content_length = 32768
url_protection_max_parameter_name_length = 64
url_protection_max_parameters = 40
url_protection_max_upload_files = 5
url_protection_prevent_csrf = 0
url_protection_status = 1
#scope:<web_firewall_policy>::scope_data:<owa2010>
aps_allow_unrecognized_cookie = 2
aps_allow_unrecognized_cookie_days = 7
aps_charset = 2
aps_cloaking_status = 1
aps_content_protection_action = 1
1
0
aps_content_protection_keep_first = 0
0
0
aps_content_protection_keep_last = 4
4
4
aps_content_protection_name = credit-cards
ssn
directory-indexing
aps_content_protection_pattern =
aps_content_protection_status = 1
1
0
aps_content_protection_type = credit-cards
social-security-numbers
directory-indexing
aps_cookie_exceptions = __utma
__utmc
__utmz
__utmb
AuthSuccessURL
CTSESSION
SMSESSION
SMCHALLENGE
MstrPgLd1
MstrPgLd2
aps_cookie_httponly = 0
aps_cookie_max_age = 1440
aps_cookie_mode = 1
aps_cookie_secure = 0
aps_cookie_status = 1
aps_detect_charset = 0
aps_double_encoding = 0
aps_filter_resp_header = Server
X-Powered-By
X-AspNet-Version
aps_filter_resp_status = 1
aps_limit_max_cookie_name_length = 64
aps_limit_max_cookies = 40
aps_limit_max_header_name_length = 32
aps_limit_max_req_line_length = 4096
aps_limit_num_req_headers = 20
aps_limit_query_length = 4096
aps_limit_req_cookie_length = 4096
aps_limit_req_headers_length = 1024
aps_limit_req_length = 32768
aps_limit_req_url_length = 4096
aps_limit_status = 1
aps_param_separators = &
aps_suppress_return_code = 0
attack_action_action = 0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
1
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
1
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
1
1
1
1
attack_action_deny_response = 1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
attack_action_follow_up_action = 0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
1
1
0
1
1
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
2
2
2
0
0
0
2
2
2
2
2
0
0
0
0
attack_action_follow_up_action_time = 60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
600
600
60
120
120
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
attack_action_name = message-is-not-HTTP1.1
message-is-not-HTTP1.0-or-HTTP1.1
message-is-not-UTF8-or-UTF16
request-is-not-HTTP-POST
resp-has-no-wrapper-named-op
soapaction-hdr-is-not-quoted
DOCTYPE-element
msg-part-accessors-have-no-ns
msg-does-not-include-allhdrs
oneway-resp-non-empty-body
req-matches-wsdl
no-fault-for-bad-env-ns
resp-matches-wsdl
faults-use-dot-notation
atts-in-soap-env-hdr-body
env-ns-is-1998
good-resp-is-not-200ok
processed-resp-status-is-nither-200-nor-202
non-POST-req-does-not-get-405
non-XML-req-does-not-get-415
fault-resp-is-not-defined-in-wsdl-binding
WSI-confirmance-not-in-soap-hdr
WSI-confirmance-is-not-well-formed
WSI-confirmance-claims-are-not-mustunderstand
soapaction-hdr-does-not-match-op-soapaction
msg-body-is-not-soap-env-with-ns
soap-body-children-are-not-ns-qualified
soap-fault-has-envelope-ns
soapenc-arraytype-attr
xml-processing-instructions-in-body
part-accessors-has-xsi-nil
mustunderstand-is-nither-1-nor-0
soap-faultcode-is-not-std
soap-fault-is-not-in-HTTP500-resp
soap-fault-does-not-have-allowed-children
encodingStyle-in-envelope-ns-elements
soap-encodingStyle-in-body-children
envelope-have-children-after-body
soap-fault-children-are-qualified
encodingStyle-in-rpc-literal-grand-children
envelope-and-body-are-not-xml1.0
envelope-does-not-confirm-to-schema
max-tree-depth-exceeded
max-element-name-length-exceeded
max-elements-in-tree-exceeded
max-element-children-exceeded
max-element-attributes-exceeded
max-attribute-name-length-exceeded
max-attribute-value-length-exceeded
max-text-size-exceeded
max-document-size-exceeded
min-document-size-limit
processing-instructions-found
dtd-found
external-uri-ref-found
malformed-xml
invalid-soap-envelope
invalid-soap-header
invalid-soap-body
additional-soap-headers-rcvd
metacharacter-matched-in-header
custom-attack-pattern-in-header
sql-injection-in-header
cross-site-scripting-in-header
os-command-injection-in-header
directory-traversal-in-header
error-response-suppressed
identity-theft-pattern-matched-in-response
response-header-suppressed
custom-error-response-page
directory-traversal-beyond-root
post-request-without-content-length
pre-1.0-request
invalid-method
malformed-version
malformed-end-of-request-line
malformed-header
invalid-header
malformed-cookie
get-request-with-content-length-header
http-1.1-request-without-host
multiple-content-length-headers
malformed-parameter
large-parameter-in-post-data
invalid-or-malformed-http-request
malformed-content-length
domain-not-found-in-profile
no-url-profile-match
total-request-length-exceeded
header-value-length-exceeded
invalid-url-encoding
slash-dot-in-url-path
tilde-in-url-path
cookie-length-exceeded
url-length-exceeded
url-query-length-exceeded
header-count-exceeded
total-request-line-length-exceeded
cookie-count-exceeded
cookie-name-length-exceeded
header-name-length-exceeded
too-many-sessions-for-ip
unrecognized-cookie
cookie-tampered
cookie-expired
mismatched-header-cookie-replay-attack
mismatched-ip-cookie-replay-attack
rate-control-intrusion
brute-force-from-ip
brute-force-from-fingerprint
brute-force-from-all-sources
invalid-url-character-set
url-encryption
virus-found-in-post-request
secure-browsing
slow-client-attack
slow-read-attack
captcha-tries-exceeded
captcha-max-sessions-exceeded
captcha-max-unanswered-exceeded
captcha-response-page
forbidden-method
unknown-content-type-in-post-body
content-length-exceeded
query-string-not-allowed
parameter-name-length-exceeded
too-many-uploaded-files
too-many-parameters
session-not-found
no-param-profile-match
custom-attack-pattern-in-url
sql-injection-pattern-in-url
cross-site-scripting-pattern-in-url
os-command-injection-pattern-in-url
remote-file-inclusion-pattern-in-url
read-only-or-hidden-parameter-tampered
session-invariant-parameter-tampered
session-choice-parameter-tampered
max-instances-of-parameter-exceeded
mandatory-parameter-missing
parameter-value-not-allowed
forbidden-file-extension
file-upload-size-exceeded
metacharacter-in-parameter
parameter-length-exceeded
custom-attack-pattern-in-parameter
parameter-input-validation-failed
sql-injection-pattern-in-parameter
cross-site-scripting-pattern-in-parameter
os-command-injection-pattern-in-parameter
directory-traversal-pattern-in-parameter
session-context-not-found
remote-file-inclusion-pattern-in-parameter
cross-site-request-forgery-attack-detected
keepalive-timeout-exceeded
max-object-depth-exceeded
max-key-length-exceeded
max-keys-in-object-exceeded
max-object-children-exceeded
max-value-length-exceeded
max-values-in-array-exceeded
max-number-limit-exceeded
malformed-json
sql-injection-pattern-in-json
cross-site-scripting-pattern-in-json
os-command-injection-pattern-in-json
directory-traversal-pattern-in-json
remote-file-inclusion-pattern-in-json
custom-attack-pattern-in-json
ldap-injection-in-json
python-php-attack-in-json
http-specific-attack-in-json
apache-struts-attack-in-json
json-key-validation-failed
ldap-injection-medium-in-param
python-php-attacks-medium-in-param
http-specific-attacks-medium-in-param
apache-struts-attacks-medium-in-param
ldap-injection-medium-in-url
python-php-attacks-medium-in-url
http-specific-attacks-medium-in-url
apache-struts-attacks-medium-in-url
ldap-injection-medium-in-header
python-php-attacks-medium-in-header
http-specific-attacks-medium-in-header
apache-struts-attacks-medium-in-header
remote-file-inclusion-pattern-in-header
ws_attack_bots
ws_bots
ws_fake_bots
grip-validation-failed
geo-ip-blocked
tor-ip-blocked
referer-spam-detected
comment-spam-detected
ws_blocked_category
credential-stuffing-detected
fingerprint-challenges-exceeded
missing-referer-header
missing-referer-domain
referer-domain-not-matching-host
missing-useragent-header
attack_action_redirect_url =
attack_action_response_page = default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default-error-resp
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default-virus
default
default
default
default-captcha-tries-error-page
default-captcha-sessions-error-page
default-suspected-activity-error-page
default-captcha-response-page
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default-json-response-page
default-json-response-page
default-json-response-page
default-json-response-page
default-json-response-page
default-json-response-page
default-json-response-page
default-json-response-page
default-json-response-page
default-json-response-page
default-json-response-page
default-json-response-page
default-json-response-page
default-json-response-page
default-json-response-page
default-json-response-page
default-json-response-page
default-json-response-page
default-json-response-page
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default-fingerprint-challenges-exceeded-page
default
default
default
default
attack_action_risk_score = 60
80
80
80
100
100
100
60
80
80
100
80
100
60
60
60
60
60
80
80
100
80
80
80
80
80
80
80
80
100
100
100
100
80
80
80
80
80
100
80
100
100
60
60
60
60
60
60
60
60
60
60
80
80
80
100
100
100
100
80
20
80
90
80
80
80
100
100
100
20
100
100
100
100
100
100
100
100
100
100
60
60
80
100
100
100
60
60
100
100
60
80
100
100
100
100
100
100
100
100
100
100
40
60
40
80
80
80
100
100
100
60
80
100
60
100
100
100
100
100
60
80
60
100
100
40
100
100
100
100
80
90
80
80
80
90
100
100
100
90
90
90
100
40
100
80
90
90
80
80
80
100
80
80
100
60
60
60
60
60
60
60
80
80
80
80
80
80
80
80
80
80
80
80
80
80
80
80
80
80
80
80
80
80
80
80
80
80
60
80
80
80
80
90
90
80
90
100
60
80
80
80
attack_description = 205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
174
175
176
184
177
178
179
181
182
183
186
185
187
188
190
191
192
193
7
35
36
37
38
39
17
63
61
62
16
25
60
118
119
120
122
121
124
125
126
127
128
129
77
123
130
131
0
6
11
14
15
41
42
43
44
140
141
142
143
144
30
31
32
116
117
75
145
346
146
12
301
204
293
295
302
297
298
299
300
5
26
40
132
147
148
149
161
163
171
166
167
168
170
134
135
136
137
138
139
150
151
152
154
155
156
157
158
159
160
162
164
165
303
304
305
306
307
308
309
310
313
314
315
316
317
318
319
333
334
335
336
340
320
321
322
323
324
325
326
327
328
329
330
331
332
337
338
339
341
342
343
401
402
403
404
421
422
423
424
425
attack_group = xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-dos-violations
xmlfw-dos-violations
xmlfw-dos-violations
xmlfw-dos-violations
xmlfw-dos-violations
xmlfw-dos-violations
xmlfw-dos-violations
xmlfw-dos-violations
xmlfw-dos-violations
xmlfw-dos-violations
xmlfw-dos-violations
xmlfw-dos-violations
xmlfw-dos-violations
xmlfw-dos-violations
xmlfw-soap-violations
xmlfw-soap-violations
xmlfw-soap-violations
xmlfw-soap-violations
header-violations
header-violations
header-violations
header-violations
header-violations
header-violations
response-violations
response-violations
response-violations
response-violations
protocol-violations
protocol-violations
protocol-violations
protocol-violations
protocol-violations
protocol-violations
protocol-violations
protocol-violations
protocol-violations
protocol-violations
protocol-violations
protocol-violations
protocol-violations
protocol-violations
protocol-violations
protocol-violations
application-profile-violations
application-profile-violations
request-policy-violations
request-policy-violations
request-policy-violations
request-policy-violations
request-policy-violations
request-policy-violations
request-policy-violations
request-policy-violations
request-policy-violations
request-policy-violations
request-policy-violations
request-policy-violations
request-policy-violations
request-policy-violations
request-policy-violations
request-policy-violations
request-policy-violations
request-policy-violations
request-policy-violations
advanced-policy-violations
advanced-policy-violations
advanced-policy-violations
advanced-policy-violations
advanced-policy-violations
advanced-policy-violations
advanced-policy-violations
advanced-policy-violations
advanced-policy-violations
advanced-policy-violations
advanced-policy-violations
advanced-policy-violations
advanced-policy-violations
response-violations
url-profile-violations
url-profile-violations
url-profile-violations
url-profile-violations
url-profile-violations
url-profile-violations
url-profile-violations
url-profile-violations
url-profile-violations
url-profile-violations
url-profile-violations
url-profile-violations
url-profile-violations
url-profile-violations
param-profile-violations
param-profile-violations
param-profile-violations
param-profile-violations
param-profile-violations
param-profile-violations
param-profile-violations
param-profile-violations
param-profile-violations
param-profile-violations
param-profile-violations
param-profile-violations
param-profile-violations
param-profile-violations
param-profile-violations
param-profile-violations
param-profile-violations
param-profile-violations
param-profile-violations
request-policy-violations
json-limit-violations
json-limit-violations
json-limit-violations
json-limit-violations
json-limit-violations-json-response-page
json-limit-violations
json-limit-violations
json-limit-violations
json-violations
json-violations
json-violations
json-violations
json-violations
json-violations
json-violations
json-violations
json-violations
json-violations
json-violations
param-profile-violations
param-profile-violations
param-profile-violations
param-profile-violations
url-profile-violations
url-profile-violations
url-profile-violations
url-profile-violations
header-violations
header-violations
header-violations
header-violations
header-violations
advanced-policy-violations
advanced-policy-violations
advanced-policy-violations
advanced-policy-violations
advanced-policy-violations
advanced-policy-violations
bot-mitigation-violations
bot-mitigation-violations
bot-mitigation-violations
bot-mitigation-violations
bot-mitigation-violations
protocol-violations
protocol-violations
protocol-violations
protocol-violations
cookie_replay_protection_type = 1
global_adr_action = 1
0
1
2
2
2
2
2
2
2
0
global_adr_comment =
global_adr_deny_response = 1
1
1
1
1
1
1
1
1
1
1
global_adr_extended_match = *
*
*
(URI-Path req \/.*%23[^/]*)
(URI-Path req "\/.*copy(%20|%09)[^/]*")
*
*
*
*
(Header Translate eq F)
*
global_adr_extended_match_sequence = 1
1
1
1
2
1
1
1
1
1
1
global_adr_follow_up_action = 0
0
0
0
0
0
0
0
0
0
0
global_adr_follow_up_action_time = 60
60
60
60
60
60
60
60
60
60
60
global_adr_name = rpcproxy
robots.txt
favicon.ico
backups-prefix-hash
backups-prefix-copy
backups-suffix-sav
backups-suffix-bak
backups-suffix-old
phpinfo
translate-f-vulnerability
access-control-login-url
global_adr_redirect_url =
global_adr_response_page = default
default
default
default
default
default
default
default
default
default
default
global_adr_status = 1
1
1
0
1
1
1
1
1
1
1
global_adr_url = /rpc/rpcproxy.dll
/*/robots.txt
/*/favicon.ico
/*
/*
/*.sav
/*.bak
/*.old
/*/phpinfo.php
/*.asp
/nclogin.submit
param_protection_internal_attack_types = cross-site-scripting
sql-injection-medium
os-command-injection
ldap-injection-medium
python-php-attacks-medium
http-specific-attacks-medium
apache-struts-attacks-medium
parameter_protection_base64_decode_value = 0
parameter_protection_check_file_mime_type = 0
parameter_protection_denied_meta_characters = %00%01%04%1b%08%5c%7f
parameter_protection_file_upload_extensions = JPG
GIF
PDF
RAR
ZIP
PPT
RTF
DOC
parameter_protection_max_param_value_length = 1024
parameter_protection_max_upload_file_size = 8192
parameter_protection_status = 1
parameter_protection_validate_param_name = 0
parameter_protection_white_listed_parameters = __VIEWSTATE
url_protection_allow_methods = GET
POST
PUT
HEAD
CONNECT
OPTIONS
DELETE
SEARCH
POLL
PROPFIND
BMOVE
BCOPY
SUBSCRIBE
MOVE
PROPPATCH
BPROPPATCH
BDELETE
MKCOL
RPC_OUT_DATA
RPC_IN_DATA
COPY
ERROR
LOCK
PURGE
TRACE
UNLOCK
url_protection_allowed_content_types = application/x-www-form-urlencoded
multipart/form-data
application/x-www-UTF8-encoded
text/xml
text/plain
application/vnd.ms-sync.wbxml
message/rfc822
application/json
application/mapi-http
url_protection_internal_attack_types = cross-site-scripting
sql-injection-medium
os-command-injection
ldap-injection-medium
python-php-attacks-medium
http-specific-attacks-medium
apache-struts-attacks-medium
url_protection_max_content_length = 8388608
url_protection_max_parameter_name_length = 64
url_protection_max_parameters = 40
url_protection_max_upload_files = 5
url_protection_prevent_csrf = 0
url_protection_status = 1
#scope:<web_firewall_policy>::scope_data:<owa2013>
aps_allow_unrecognized_cookie = 2
aps_allow_unrecognized_cookie_days = 7
aps_charset = 2
aps_cloaking_status = 1
aps_content_protection_action = 1
1
0
aps_content_protection_keep_first = 0
0
0
aps_content_protection_keep_last = 4
4
4
aps_content_protection_name = credit-cards
ssn
directory-indexing
aps_content_protection_pattern =
aps_content_protection_status = 1
1
0
aps_content_protection_type = credit-cards
social-security-numbers
directory-indexing
aps_cookie_exceptions = __utma
__utmc
__utmz
__utmb
AuthSuccessURL
CTSESSION
SMSESSION
SMCHALLENGE
MstrPgLd1
MstrPgLd2
EcpUpdatedUserSettings
UpdatedUserSettings
aps_cookie_httponly = 0
aps_cookie_max_age = 1440
aps_cookie_mode = 1
aps_cookie_secure = 0
aps_cookie_status = 1
aps_detect_charset = 0
aps_double_encoding = 0
aps_filter_resp_header = Server
X-Powered-By
X-AspNet-Version
aps_filter_resp_status = 1
aps_limit_max_cookie_name_length = 64
aps_limit_max_cookies = 40
aps_limit_max_header_name_length = 32
aps_limit_max_req_line_length = 4096
aps_limit_num_req_headers = 20
aps_limit_query_length = 4096
aps_limit_req_cookie_length = 4096
aps_limit_req_headers_length = 1024
aps_limit_req_length = 32768
aps_limit_req_url_length = 4096
aps_limit_status = 1
aps_param_separators = &
aps_suppress_return_code = 0
attack_action_action = 0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
1
0
1
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
1
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
1
1
1
1
attack_action_deny_response = 1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
attack_action_follow_up_action = 0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
1
1
0
1
1
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
2
2
2
0
0
0
2
2
2
2
2
0
0
0
0
attack_action_follow_up_action_time = 60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
600
600
60
120
120
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
attack_action_name = message-is-not-HTTP1.1
message-is-not-HTTP1.0-or-HTTP1.1
message-is-not-UTF8-or-UTF16
request-is-not-HTTP-POST
resp-has-no-wrapper-named-op
soapaction-hdr-is-not-quoted
DOCTYPE-element
msg-part-accessors-have-no-ns
msg-does-not-include-allhdrs
oneway-resp-non-empty-body
req-matches-wsdl
no-fault-for-bad-env-ns
resp-matches-wsdl
faults-use-dot-notation
atts-in-soap-env-hdr-body
env-ns-is-1998
good-resp-is-not-200ok
processed-resp-status-is-nither-200-nor-202
non-POST-req-does-not-get-405
non-XML-req-does-not-get-415
fault-resp-is-not-defined-in-wsdl-binding
WSI-confirmance-not-in-soap-hdr
WSI-confirmance-is-not-well-formed
WSI-confirmance-claims-are-not-mustunderstand
soapaction-hdr-does-not-match-op-soapaction
msg-body-is-not-soap-env-with-ns
soap-body-children-are-not-ns-qualified
soap-fault-has-envelope-ns
soapenc-arraytype-attr
xml-processing-instructions-in-body
part-accessors-has-xsi-nil
mustunderstand-is-nither-1-nor-0
soap-faultcode-is-not-std
soap-fault-is-not-in-HTTP500-resp
soap-fault-does-not-have-allowed-children
encodingStyle-in-envelope-ns-elements
soap-encodingStyle-in-body-children
envelope-have-children-after-body
soap-fault-children-are-qualified
encodingStyle-in-rpc-literal-grand-children
envelope-and-body-are-not-xml1.0
envelope-does-not-confirm-to-schema
max-tree-depth-exceeded
max-element-name-length-exceeded
max-elements-in-tree-exceeded
max-element-children-exceeded
max-element-attributes-exceeded
max-attribute-name-length-exceeded
max-attribute-value-length-exceeded
max-text-size-exceeded
max-document-size-exceeded
min-document-size-limit
processing-instructions-found
dtd-found
external-uri-ref-found
malformed-xml
invalid-soap-envelope
invalid-soap-header
invalid-soap-body
additional-soap-headers-rcvd
metacharacter-matched-in-header
custom-attack-pattern-in-header
sql-injection-in-header
cross-site-scripting-in-header
os-command-injection-in-header
directory-traversal-in-header
error-response-suppressed
identity-theft-pattern-matched-in-response
response-header-suppressed
custom-error-response-page
directory-traversal-beyond-root
post-request-without-content-length
pre-1.0-request
invalid-method
malformed-version
malformed-end-of-request-line
malformed-header
invalid-header
malformed-cookie
get-request-with-content-length-header
http-1.1-request-without-host
multiple-content-length-headers
malformed-parameter
large-parameter-in-post-data
invalid-or-malformed-http-request
malformed-content-length
domain-not-found-in-profile
no-url-profile-match
total-request-length-exceeded
header-value-length-exceeded
invalid-url-encoding
slash-dot-in-url-path
tilde-in-url-path
cookie-length-exceeded
url-length-exceeded
url-query-length-exceeded
header-count-exceeded
total-request-line-length-exceeded
cookie-count-exceeded
cookie-name-length-exceeded
header-name-length-exceeded
too-many-sessions-for-ip
unrecognized-cookie
cookie-tampered
cookie-expired
mismatched-header-cookie-replay-attack
mismatched-ip-cookie-replay-attack
rate-control-intrusion
brute-force-from-ip
brute-force-from-fingerprint
brute-force-from-all-sources
invalid-url-character-set
url-encryption
virus-found-in-post-request
secure-browsing
slow-client-attack
slow-read-attack
captcha-tries-exceeded
captcha-max-sessions-exceeded
captcha-max-unanswered-exceeded
captcha-response-page
forbidden-method
unknown-content-type-in-post-body
content-length-exceeded
query-string-not-allowed
parameter-name-length-exceeded
too-many-uploaded-files
too-many-parameters
session-not-found
no-param-profile-match
custom-attack-pattern-in-url
sql-injection-pattern-in-url
cross-site-scripting-pattern-in-url
os-command-injection-pattern-in-url
remote-file-inclusion-pattern-in-url
read-only-or-hidden-parameter-tampered
session-invariant-parameter-tampered
session-choice-parameter-tampered
max-instances-of-parameter-exceeded
mandatory-parameter-missing
parameter-value-not-allowed
forbidden-file-extension
file-upload-size-exceeded
metacharacter-in-parameter
parameter-length-exceeded
custom-attack-pattern-in-parameter
parameter-input-validation-failed
sql-injection-pattern-in-parameter
cross-site-scripting-pattern-in-parameter
os-command-injection-pattern-in-parameter
directory-traversal-pattern-in-parameter
session-context-not-found
remote-file-inclusion-pattern-in-parameter
cross-site-request-forgery-attack-detected
keepalive-timeout-exceeded
max-object-depth-exceeded
max-key-length-exceeded
max-keys-in-object-exceeded
max-object-children-exceeded
max-value-length-exceeded
max-values-in-array-exceeded
max-number-limit-exceeded
malformed-json
sql-injection-pattern-in-json
cross-site-scripting-pattern-in-json
os-command-injection-pattern-in-json
directory-traversal-pattern-in-json
remote-file-inclusion-pattern-in-json
custom-attack-pattern-in-json
ldap-injection-in-json
python-php-attack-in-json
http-specific-attack-in-json
apache-struts-attack-in-json
json-key-validation-failed
ldap-injection-medium-in-param
python-php-attacks-medium-in-param
http-specific-attacks-medium-in-param
apache-struts-attacks-medium-in-param
ldap-injection-medium-in-url
python-php-attacks-medium-in-url
http-specific-attacks-medium-in-url
apache-struts-attacks-medium-in-url
ldap-injection-medium-in-header
python-php-attacks-medium-in-header
http-specific-attacks-medium-in-header
apache-struts-attacks-medium-in-header
remote-file-inclusion-pattern-in-header
ws_attack_bots
ws_bots
ws_fake_bots
grip-validation-failed
geo-ip-blocked
tor-ip-blocked
referer-spam-detected
comment-spam-detected
ws_blocked_category
credential-stuffing-detected
fingerprint-challenges-exceeded
missing-referer-header
missing-referer-domain
referer-domain-not-matching-host
missing-useragent-header
attack_action_redirect_url =
attack_action_response_page = default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default-error-resp
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default-virus
default
default
default
default-captcha-tries-error-page
default-captcha-sessions-error-page
default-suspected-activity-error-page
default-captcha-response-page
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default-json-response-page
default-json-response-page
default-json-response-page
default-json-response-page
default-json-response-page
default-json-response-page
default-json-response-page
default-json-response-page
default-json-response-page
default-json-response-page
default-json-response-page
default-json-response-page
default-json-response-page
default-json-response-page
default-json-response-page
default-json-response-page
default-json-response-page
default-json-response-page
default-json-response-page
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default-fingerprint-challenges-exceeded-page
default
default
default
default
attack_action_risk_score = 60
80
80
80
100
100
100
60
80
80
100
80
100
60
60
60
60
60
80
80
100
80
80
80
80
80
80
80
80
100
100
100
100
80
80
80
80
80
100
80
100
100
60
60
60
60
60
60
60
60
60
60
80
80
80
100
100
100
100
80
20
80
90
80
80
80
100
100
100
20
100
100
100
100
100
100
100
100
100
100
60
60
80
100
100
100
60
60
100
100
60
80
100
100
100
100
100
100
100
100
100
100
40
60
40
80
80
80
100
100
100
60
80
100
60
100
100
100
100
100
60
80
60
100
100
40
100
100
100
100
80
90
80
80
80
90
100
100
100
90
90
90
100
40
100
80
90
90
80
80
80
100
80
80
100
60
60
60
60
60
60
60
80
80
80
80
80
80
80
80
80
80
80
80
80
80
80
80
80
80
80
80
80
80
80
80
80
80
60
80
80
80
80
90
90
80
90
100
60
80
80
80
attack_description = 205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
174
175
176
184
177
178
179
181
182
183
186
185
187
188
190
191
192
193
7
35
36
37
38
39
17
63
61
62
16
25
60
118
119
120
122
121
124
125
126
127
128
129
77
123
130
131
0
6
11
14
15
41
42
43
44
140
141
142
143
144
30
31
32
116
117
75
145
346
146
12
301
204
293
295
302
297
298
299
300
5
26
40
132
147
148
149
161
163
171
166
167
168
170
134
135
136
137
138
139
150
151
152
154
155
156
157
158
159
160
162
164
165
303
304
305
306
307
308
309
310
313
314
315
316
317
318
319
333
334
335
336
340
320
321
322
323
324
325
326
327
328
329
330
331
332
337
338
339
341
342
343
401
402
403
404
421
422
423
424
425
attack_group = xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-dos-violations
xmlfw-dos-violations
xmlfw-dos-violations
xmlfw-dos-violations
xmlfw-dos-violations
xmlfw-dos-violations
xmlfw-dos-violations
xmlfw-dos-violations
xmlfw-dos-violations
xmlfw-dos-violations
xmlfw-dos-violations
xmlfw-dos-violations
xmlfw-dos-violations
xmlfw-dos-violations
xmlfw-soap-violations
xmlfw-soap-violations
xmlfw-soap-violations
xmlfw-soap-violations
header-violations
header-violations
header-violations
header-violations
header-violations
header-violations
response-violations
response-violations
response-violations
response-violations
protocol-violations
protocol-violations
protocol-violations
protocol-violations
protocol-violations
protocol-violations
protocol-violations
protocol-violations
protocol-violations
protocol-violations
protocol-violations
protocol-violations
protocol-violations
protocol-violations
protocol-violations
protocol-violations
application-profile-violations
application-profile-violations
request-policy-violations
request-policy-violations
request-policy-violations
request-policy-violations
request-policy-violations
request-policy-violations
request-policy-violations
request-policy-violations
request-policy-violations
request-policy-violations
request-policy-violations
request-policy-violations
request-policy-violations
request-policy-violations
request-policy-violations
request-policy-violations
request-policy-violations
request-policy-violations
request-policy-violations
advanced-policy-violations
advanced-policy-violations
advanced-policy-violations
advanced-policy-violations
advanced-policy-violations
advanced-policy-violations
advanced-policy-violations
advanced-policy-violations
advanced-policy-violations
advanced-policy-violations
advanced-policy-violations
advanced-policy-violations
advanced-policy-violations
response-violations
url-profile-violations
url-profile-violations
url-profile-violations
url-profile-violations
url-profile-violations
url-profile-violations
url-profile-violations
url-profile-violations
url-profile-violations
url-profile-violations
url-profile-violations
url-profile-violations
url-profile-violations
url-profile-violations
param-profile-violations
param-profile-violations
param-profile-violations
param-profile-violations
param-profile-violations
param-profile-violations
param-profile-violations
param-profile-violations
param-profile-violations
param-profile-violations
param-profile-violations
param-profile-violations
param-profile-violations
param-profile-violations
param-profile-violations
param-profile-violations
param-profile-violations
param-profile-violations
param-profile-violations
request-policy-violations
json-limit-violations
json-limit-violations
json-limit-violations
json-limit-violations
json-limit-violations
json-limit-violations
json-limit-violations
json-limit-violations
json-violations
json-violations
json-violations
json-violations
json-violations
json-violations
json-violations
json-violations
json-violations
json-violations
json-violations
param-profile-violations
param-profile-violations
param-profile-violations
param-profile-violations
url-profile-violations
url-profile-violations
url-profile-violations
url-profile-violations
header-violations
header-violations
header-violations
header-violations
header-violations
advanced-policy-violations
advanced-policy-violations
advanced-policy-violations
advanced-policy-violations
advanced-policy-violations
advanced-policy-violations
bot-mitigation-violations
bot-mitigation-violations
bot-mitigation-violations
bot-mitigation-violations
bot-mitigation-violations
protocol-violations
protocol-violations
protocol-violations
protocol-violations
cookie_replay_protection_type = 1
global_adr_action = 1
0
1
2
2
2
2
2
2
2
0
global_adr_comment =
global_adr_deny_response = 1
1
1
1
1
1
1
1
1
1
1
global_adr_extended_match = *
*
*
(URI-Path req \/.*%23[^/]*)
(URI-Path req "\/.*copy(%20|%09)[^/]*")
*
*
*
*
(Header Translate eq F)
*
global_adr_extended_match_sequence = 1
1
1
1
2
1
1
1
1
1
1
global_adr_follow_up_action = 0
0
0
0
0
0
0
0
0
0
0
global_adr_follow_up_action_time = 60
60
60
60
60
60
60
60
60
60
60
global_adr_name = rpcproxy
robots.txt
favicon.ico
backups-prefix-hash
backups-prefix-copy
backups-suffix-sav
backups-suffix-bak
backups-suffix-old
phpinfo
translate-f-vulnerability
access-control-login-url
global_adr_redirect_url =
global_adr_response_page = default
default
default
default
default
default
default
default
default
default
default
global_adr_status = 1
1
1
0
1
1
1
1
1
1
1
global_adr_url = /rpc/rpcproxy.dll
/*/robots.txt
/*/favicon.ico
/*
/*
/*.sav
/*.bak
/*.old
/*/phpinfo.php
/*.asp
/nclogin.submit
param_protection_internal_attack_types = cross-site-scripting
sql-injection-medium
os-command-injection
ldap-injection-medium
python-php-attacks-medium
http-specific-attacks-medium
apache-struts-attacks-medium
parameter_protection_base64_decode_value = 0
parameter_protection_check_file_mime_type = 0
parameter_protection_denied_meta_characters = %00%01%04%1b%08%5c%7f
parameter_protection_file_upload_extensions = JPG
GIF
PDF
RAR
ZIP
PPT
RTF
DOC
parameter_protection_max_param_value_length = 1024
parameter_protection_max_upload_file_size = 8192
parameter_protection_status = 1
parameter_protection_validate_param_name = 0
parameter_protection_white_listed_parameters = __VIEWSTATE
url_protection_allow_methods = GET
POST
PUT
HEAD
CONNECT
OPTIONS
DELETE
SEARCH
POLL
PROPFIND
BMOVE
BCOPY
SUBSCRIBE
MOVE
PROPPATCH
BPROPPATCH
BDELETE
MKCOL
RPC_OUT_DATA
RPC_IN_DATA
COPY
ERROR
LOCK
PURGE
TRACE
UNLOCK
url_protection_allowed_content_types = application/x-www-form-urlencoded
multipart/form-data
application/x-www-UTF8-encoded
text/xml
text/plain
application/vnd.ms-sync.wbxml
message/rfc822
application/json
application/mapi-http
url_protection_internal_attack_types = cross-site-scripting
sql-injection-medium
os-command-injection
ldap-injection-medium
python-php-attacks-medium
http-specific-attacks-medium
apache-struts-attacks-medium
url_protection_max_content_length = 8388608
url_protection_max_parameter_name_length = 64
url_protection_max_parameters = 40
url_protection_max_upload_files = 5
url_protection_prevent_csrf = 0
url_protection_status = 1
#scope:<web_firewall_policy>::scope_data:<saml>
aps_allow_unrecognized_cookie = 2
aps_allow_unrecognized_cookie_days = 7
aps_charset = 2
aps_cloaking_status = 1
aps_content_protection_action = 1
1
0
aps_content_protection_keep_first = 0
0
0
aps_content_protection_keep_last = 4
4
4
aps_content_protection_name = credit-cards
ssn
directory-indexing
aps_content_protection_pattern =
aps_content_protection_status = 1
1
0
aps_content_protection_type = credit-cards
social-security-numbers
directory-indexing
aps_cookie_exceptions = __utma
__utmc
__utmz
__utmb
AuthSuccessURL
CTSESSION
SMSESSION
SMCHALLENGE
_shibsession_
_shibstate_
aps_cookie_httponly = 0
aps_cookie_max_age = 1440
aps_cookie_mode = 1
aps_cookie_secure = 0
aps_cookie_status = 1
aps_detect_charset = 0
aps_double_encoding = 0
aps_filter_resp_header = Server
X-Powered-By
X-AspNet-Version
aps_filter_resp_status = 1
aps_limit_max_cookie_name_length = 64
aps_limit_max_cookies = 40
aps_limit_max_header_name_length = 32
aps_limit_max_req_line_length = 4096
aps_limit_num_req_headers = 20
aps_limit_query_length = 4096
aps_limit_req_cookie_length = 4096
aps_limit_req_headers_length = 2048
aps_limit_req_length = 32768
aps_limit_req_url_length = 4096
aps_limit_status = 1
aps_param_separators = &
aps_suppress_return_code = 1
attack_action_action = 0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
1
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
1
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
1
1
1
1
attack_action_deny_response = 1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
attack_action_follow_up_action = 0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
1
1
0
1
1
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
2
2
2
0
0
0
2
2
2
2
2
0
0
0
0
attack_action_follow_up_action_time = 60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
600
600
60
120
120
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
attack_action_name = message-is-not-HTTP1.1
message-is-not-HTTP1.0-or-HTTP1.1
message-is-not-UTF8-or-UTF16
request-is-not-HTTP-POST
resp-has-no-wrapper-named-op
soapaction-hdr-is-not-quoted
DOCTYPE-element
msg-part-accessors-have-no-ns
msg-does-not-include-allhdrs
oneway-resp-non-empty-body
req-matches-wsdl
no-fault-for-bad-env-ns
resp-matches-wsdl
faults-use-dot-notation
atts-in-soap-env-hdr-body
env-ns-is-1998
good-resp-is-not-200ok
processed-resp-status-is-nither-200-nor-202
non-POST-req-does-not-get-405
non-XML-req-does-not-get-415
fault-resp-is-not-defined-in-wsdl-binding
WSI-confirmance-not-in-soap-hdr
WSI-confirmance-is-not-well-formed
WSI-confirmance-claims-are-not-mustunderstand
soapaction-hdr-does-not-match-op-soapaction
msg-body-is-not-soap-env-with-ns
soap-body-children-are-not-ns-qualified
soap-fault-has-envelope-ns
soapenc-arraytype-attr
xml-processing-instructions-in-body
part-accessors-has-xsi-nil
mustunderstand-is-nither-1-nor-0
soap-faultcode-is-not-std
soap-fault-is-not-in-HTTP500-resp
soap-fault-does-not-have-allowed-children
encodingStyle-in-envelope-ns-elements
soap-encodingStyle-in-body-children
envelope-have-children-after-body
soap-fault-children-are-qualified
encodingStyle-in-rpc-literal-grand-children
envelope-and-body-are-not-xml1.0
envelope-does-not-confirm-to-schema
max-tree-depth-exceeded
max-element-name-length-exceeded
max-elements-in-tree-exceeded
max-element-children-exceeded
max-element-attributes-exceeded
max-attribute-name-length-exceeded
max-attribute-value-length-exceeded
max-text-size-exceeded
max-document-size-exceeded
min-document-size-limit
processing-instructions-found
dtd-found
external-uri-ref-found
malformed-xml
invalid-soap-envelope
invalid-soap-header
invalid-soap-body
additional-soap-headers-rcvd
metacharacter-matched-in-header
custom-attack-pattern-in-header
sql-injection-in-header
cross-site-scripting-in-header
os-command-injection-in-header
directory-traversal-in-header
error-response-suppressed
identity-theft-pattern-matched-in-response
response-header-suppressed
custom-error-response-page
directory-traversal-beyond-root
post-request-without-content-length
pre-1.0-request
invalid-method
malformed-version
malformed-end-of-request-line
malformed-header
invalid-header
malformed-cookie
get-request-with-content-length-header
http-1.1-request-without-host
multiple-content-length-headers
malformed-parameter
large-parameter-in-post-data
invalid-or-malformed-http-request
malformed-content-length
domain-not-found-in-profile
no-url-profile-match
total-request-length-exceeded
header-value-length-exceeded
invalid-url-encoding
slash-dot-in-url-path
tilde-in-url-path
cookie-length-exceeded
url-length-exceeded
url-query-length-exceeded
header-count-exceeded
total-request-line-length-exceeded
cookie-count-exceeded
cookie-name-length-exceeded
header-name-length-exceeded
too-many-sessions-for-ip
unrecognized-cookie
cookie-tampered
cookie-expired
mismatched-header-cookie-replay-attack
mismatched-ip-cookie-replay-attack
rate-control-intrusion
brute-force-from-ip
brute-force-from-fingerprint
brute-force-from-all-sources
invalid-url-character-set
url-encryption
virus-found-in-post-request
secure-browsing
slow-client-attack
slow-read-attack
captcha-tries-exceeded
captcha-max-sessions-exceeded
captcha-max-unanswered-exceeded
captcha-response-page
forbidden-method
unknown-content-type-in-post-body
content-length-exceeded
query-string-not-allowed
parameter-name-length-exceeded
too-many-uploaded-files
too-many-parameters
session-not-found
no-param-profile-match
custom-attack-pattern-in-url
sql-injection-pattern-in-url
cross-site-scripting-pattern-in-url
os-command-injection-pattern-in-url
remote-file-inclusion-pattern-in-url
read-only-or-hidden-parameter-tampered
session-invariant-parameter-tampered
session-choice-parameter-tampered
max-instances-of-parameter-exceeded
mandatory-parameter-missing
parameter-value-not-allowed
forbidden-file-extension
forbidden-file-mime-type
file-upload-size-exceeded
metacharacter-in-parameter
parameter-length-exceeded
custom-attack-pattern-in-parameter
parameter-input-validation-failed
sql-injection-pattern-in-parameter
cross-site-scripting-pattern-in-parameter
os-command-injection-pattern-in-parameter
directory-traversal-pattern-in-parameter
session-context-not-found
remote-file-inclusion-pattern-in-parameter
cross-site-request-forgery-attack-detected
keepalive-timeout-exceeded
max-object-depth-exceeded
max-key-length-exceeded
max-keys-in-object-exceeded
max-object-children-exceeded
max-value-length-exceeded
max-values-in-array-exceeded
max-number-limit-exceeded
malformed-json
sql-injection-pattern-in-json
cross-site-scripting-pattern-in-json
os-command-injection-pattern-in-json
directory-traversal-pattern-in-json
remote-file-inclusion-pattern-in-json
custom-attack-pattern-in-json
ldap-injection-in-json
python-php-attack-in-json
http-specific-attack-in-json
apache-struts-attack-in-json
json-key-validation-failed
ldap-injection-medium-in-param
python-php-attacks-medium-in-param
http-specific-attacks-medium-in-param
apache-struts-attacks-medium-in-param
ldap-injection-medium-in-url
python-php-attacks-medium-in-url
http-specific-attacks-medium-in-url
apache-struts-attacks-medium-in-url
ldap-injection-medium-in-header
python-php-attacks-medium-in-header
http-specific-attacks-medium-in-header
apache-struts-attacks-medium-in-header
remote-file-inclusion-pattern-in-header
ws_attack_bots
ws_bots
ws_fake_bots
grip-validation-failed
geo-ip-blocked
tor-ip-blocked
referer-spam-detected
comment-spam-detected
ws_blocked_category
credential-stuffing-detected
fingerprint-challenges-exceeded
missing-referer-header
missing-referer-domain
referer-domain-not-matching-host
missing-useragent-header
attack_action_redirect_url =
attack_action_response_page = default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default-error-resp
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default-virus
default
default
default
default-captcha-tries-error-page
default-captcha-sessions-error-page
default-suspected-activity-error-page
default-captcha-response-page
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default-json-response-page
default-json-response-page
default-json-response-page
default-json-response-page
default-json-response-page
default-json-response-page
default-json-response-page
default-json-response-page
default-json-response-page
default-json-response-page
default-json-response-page
default-json-response-page
default-json-response-page
default-json-response-page
default-json-response-page
default-json-response-page
default-json-response-page
default-json-response-page
default-json-response-page
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default-fingerprint-challenges-exceeded-page
default
default
default
default
attack_action_risk_score = 60
80
80
80
100
100
100
60
80
80
100
80
100
60
60
60
60
60
80
80
100
80
80
80
80
80
80
80
80
100
100
100
100
80
80
80
80
80
100
80
100
100
60
60
60
60
60
60
60
60
60
60
80
80
80
100
100
100
100
80
20
80
90
80
80
80
100
100
100
20
100
100
100
100
100
100
100
100
100
100
60
60
80
100
100
100
60
60
100
100
60
80
100
100
100
100
100
100
100
100
100
100
40
60
40
80
80
80
100
100
100
60
80
100
60
100
100
100
100
100
60
80
60
100
100
40
100
100
100
100
80
90
80
80
80
90
100
100
100
90
90
90
100
100
40
100
80
90
90
80
80
80
100
80
80
100
60
60
60
60
60
60
60
80
80
80
80
80
80
80
80
80
80
80
80
80
80
80
80
80
80
80
80
80
80
80
80
80
80
60
80
80
80
80
90
90
80
90
100
60
80
80
80
attack_description = 205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
174
175
176
184
177
178
179
181
182
183
186
185
187
188
190
191
192
193
7
35
36
37
38
39
17
63
61
62
16
25
60
118
119
120
122
121
124
125
126
127
128
129
77
123
130
131
0
6
11
14
15
41
42
43
44
140
141
142
143
144
30
31
32
116
117
75
145
346
146
12
301
204
293
295
302
297
298
299
300
5
26
40
132
147
148
149
161
163
171
166
167
168
170
134
135
136
137
138
139
150
296
151
152
154
155
156
157
158
159
160
162
164
165
303
304
305
306
307
308
309
310
313
314
315
316
317
318
319
333
334
335
336
340
320
321
322
323
324
325
326
327
328
329
330
331
332
337
338
339
341
342
343
401
402
403
404
421
422
423
424
425
attack_group = xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-dos-violations
xmlfw-dos-violations
xmlfw-dos-violations
xmlfw-dos-violations
xmlfw-dos-violations
xmlfw-dos-violations
xmlfw-dos-violations
xmlfw-dos-violations
xmlfw-dos-violations
xmlfw-dos-violations
xmlfw-dos-violations
xmlfw-dos-violations
xmlfw-dos-violations
xmlfw-dos-violations
xmlfw-soap-violations
xmlfw-soap-violations
xmlfw-soap-violations
xmlfw-soap-violations
header-violations
header-violations
header-violations
header-violations
header-violations
header-violations
response-violations
response-violations
response-violations
response-violations
protocol-violations
protocol-violations
protocol-violations
protocol-violations
protocol-violations
protocol-violations
protocol-violations
protocol-violations
protocol-violations
protocol-violations
protocol-violations
protocol-violations
protocol-violations
protocol-violations
protocol-violations
protocol-violations
application-profile-violations
application-profile-violations
request-policy-violations
request-policy-violations
request-policy-violations
request-policy-violations
request-policy-violations
request-policy-violations
request-policy-violations
request-policy-violations
request-policy-violations
request-policy-violations
request-policy-violations
request-policy-violations
request-policy-violations
request-policy-violations
request-policy-violations
request-policy-violations
request-policy-violations
request-policy-violations
request-policy-violations
advanced-policy-violations
advanced-policy-violations
advanced-policy-violations
advanced-policy-violations
advanced-policy-violations
advanced-policy-violations
advanced-policy-violations
advanced-policy-violations
advanced-policy-violations
advanced-policy-violations
advanced-policy-violations
advanced-policy-violations
advanced-policy-violations
response-violations
url-profile-violations
url-profile-violations
url-profile-violations
url-profile-violations
url-profile-violations
url-profile-violations
url-profile-violations
url-profile-violations
url-profile-violations
url-profile-violations
url-profile-violations
url-profile-violations
url-profile-violations
url-profile-violations
param-profile-violations
param-profile-violations
param-profile-violations
param-profile-violations
param-profile-violations
param-profile-violations
param-profile-violations
param-profile-violations
param-profile-violations
param-profile-violations
param-profile-violations
param-profile-violations
param-profile-violations
param-profile-violations
param-profile-violations
param-profile-violations
param-profile-violations
param-profile-violations
param-profile-violations
param-profile-violations
request-policy-violations
json-limit-violations
json-limit-violations
json-limit-violations
json-limit-violations
json-limit-violations
json-limit-violations
json-limit-violations
json-limit-violations
json-violations
json-violations
json-violations
json-violations
json-violations
json-violations
json-violations
json-violations
json-violations
json-violations
json-violations
param-profile-violations
param-profile-violations
param-profile-violations
param-profile-violations
url-profile-violations
url-profile-violations
url-profile-violations
url-profile-violations
header-violations
header-violations
header-violations
header-violations
header-violations
advanced-policy-violations
advanced-policy-violations
advanced-policy-violations
advanced-policy-violations
advanced-policy-violations
advanced-policy-violations
bot-mitigation-violations
bot-mitigation-violations
bot-mitigation-violations
bot-mitigation-violations
bot-mitigation-violations
protocol-violations
protocol-violations
protocol-violations
protocol-violations
cookie_replay_protection_type = 1
global_adr_action = 0
1
2
2
2
2
2
2
2
0
2
global_adr_comment =
global_adr_deny_response = 1
1
1
1
1
1
1
1
1
1
1
global_adr_extended_match = *
*
(URI-Path req \/.*%23[^/]*)
(URI-Path req "\/.*copy(%20|%09)[^/]*")
*
*
*
*
(Header Translate eq F)
*
(Header Range rco "bytes=[[:blank:]]*[[:digit:]]+-[[:blank:]]*[[:digit:]]+(,[[:blank:]]*[[:digit:]]+-[[:blank:]]*[[:digit:]]+){5}")
global_adr_extended_match_sequence = 1
1
1
2
1
1
1
1
1
1
3
global_adr_follow_up_action = 0
0
0
0
0
0
0
0
0
0
0
global_adr_follow_up_action_time = 60
60
60
60
60
60
60
60
60
60
60
global_adr_name = robots.txt
favicon.ico
backups-prefix-hash
backups-prefix-copy
backups-suffix-sav
backups-suffix-bak
backups-suffix-old
phpinfo
translate-f-vulnerability
access-control-login-url
apache_range_header_vulnerability
global_adr_redirect_url =
global_adr_response_page = default
default
default
default
default
default
default
default
default
default
default
global_adr_status = 1
1
0
1
1
1
1
1
1
1
1
global_adr_url = /*/robots.txt
/*/favicon.ico
/*
/*
/*.sav
/*.bak
/*.old
/*/phpinfo.php
/*.asp
/nclogin.submit
/*
param_protection_internal_attack_types = cross-site-scripting
sql-injection-medium
os-command-injection
ldap-injection-medium
python-php-attacks-medium
http-specific-attacks-medium
apache-struts-attacks-medium
parameter_protection_base64_decode_value = 0
parameter_protection_check_file_mime_type = 0
parameter_protection_denied_meta_characters = %00%01%04%1b%08%5c%7f
parameter_protection_file_upload_extensions = JPG
GIF
PDF
parameter_protection_file_upload_mime_types = image/jpeg
image/gif
application/pdf
parameter_protection_max_param_value_length = 4096
parameter_protection_max_upload_file_size = 1024
parameter_protection_status = 1
parameter_protection_validate_param_name = 0
parameter_protection_white_listed_parameters = __VIEWSTATE
SAMLResponse
SAMLRequest
url_protection_allow_methods = GET
POST
HEAD
url_protection_allowed_content_types = application/x-www-form-urlencoded
multipart/form-data
text/xml
application/json
url_protection_internal_attack_types = cross-site-scripting
sql-injection-medium
os-command-injection
ldap-injection-medium
python-php-attacks-medium
http-specific-attacks-medium
apache-struts-attacks-medium
url_protection_max_content_length = 32768
url_protection_max_parameter_name_length = 64
url_protection_max_parameters = 40
url_protection_max_upload_files = 5
url_protection_prevent_csrf = 0
url_protection_status = 1
#scope:<web_firewall_policy>::scope_data:<sharepoint>
aps_allow_unrecognized_cookie = 2
aps_allow_unrecognized_cookie_days = 7
aps_charset = 2
aps_cloaking_status = 1
aps_content_protection_action = 1
1
0
aps_content_protection_keep_first = 0
0
0
aps_content_protection_keep_last = 4
4
4
aps_content_protection_name = credit-cards
ssn
directory-indexing
aps_content_protection_pattern =
aps_content_protection_status = 1
1
0
aps_content_protection_type = credit-cards
social-security-numbers
directory-indexing
aps_cookie_exceptions = __utma
__utmc
__utmz
__utmb
AuthSuccessURL
CTSESSION
SMSESSION
SMCHALLENGE
aps_cookie_httponly = 0
aps_cookie_max_age = 1440
aps_cookie_mode = 1
aps_cookie_secure = 0
aps_cookie_status = 1
aps_detect_charset = 0
aps_double_encoding = 0
aps_filter_resp_code = 403
aps_filter_resp_header = Server
X-Powered-By
X-AspNet-Version
MicrosoftSharePointTeamServices
aps_filter_resp_status = 1
aps_limit_max_cookie_name_length = 64
aps_limit_max_cookies = 40
aps_limit_max_header_name_length = 32
aps_limit_max_req_line_length = 4096
aps_limit_num_req_headers = 20
aps_limit_query_length = 4096
aps_limit_req_cookie_length = 4096
aps_limit_req_headers_length = 1024
aps_limit_req_length = 32768
aps_limit_req_url_length = 4096
aps_limit_status = 1
aps_param_separators = &
aps_suppress_return_code = 1
attack_action_action = 0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
1
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
1
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
1
1
1
1
attack_action_deny_response = 1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
attack_action_follow_up_action = 0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
1
1
0
1
1
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
2
2
2
0
0
0
2
2
2
2
2
0
0
0
0
attack_action_follow_up_action_time = 60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
600
600
60
120
120
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
attack_action_name = message-is-not-HTTP1.1
message-is-not-HTTP1.0-or-HTTP1.1
message-is-not-UTF8-or-UTF16
request-is-not-HTTP-POST
resp-has-no-wrapper-named-op
soapaction-hdr-is-not-quoted
DOCTYPE-element
msg-part-accessors-have-no-ns
msg-does-not-include-allhdrs
oneway-resp-non-empty-body
req-matches-wsdl
no-fault-for-bad-env-ns
resp-matches-wsdl
faults-use-dot-notation
atts-in-soap-env-hdr-body
env-ns-is-1998
good-resp-is-not-200ok
processed-resp-status-is-nither-200-nor-202
non-POST-req-does-not-get-405
non-XML-req-does-not-get-415
fault-resp-is-not-defined-in-wsdl-binding
WSI-confirmance-not-in-soap-hdr
WSI-confirmance-is-not-well-formed
WSI-confirmance-claims-are-not-mustunderstand
soapaction-hdr-does-not-match-op-soapaction
msg-body-is-not-soap-env-with-ns
soap-body-children-are-not-ns-qualified
soap-fault-has-envelope-ns
soapenc-arraytype-attr
xml-processing-instructions-in-body
part-accessors-has-xsi-nil
mustunderstand-is-nither-1-nor-0
soap-faultcode-is-not-std
soap-fault-is-not-in-HTTP500-resp
soap-fault-does-not-have-allowed-children
encodingStyle-in-envelope-ns-elements
soap-encodingStyle-in-body-children
envelope-have-children-after-body
soap-fault-children-are-qualified
encodingStyle-in-rpc-literal-grand-children
envelope-and-body-are-not-xml1.0
envelope-does-not-confirm-to-schema
max-tree-depth-exceeded
max-element-name-length-exceeded
max-elements-in-tree-exceeded
max-element-children-exceeded
max-element-attributes-exceeded
max-attribute-name-length-exceeded
max-attribute-value-length-exceeded
max-text-size-exceeded
max-document-size-exceeded
min-document-size-limit
processing-instructions-found
dtd-found
external-uri-ref-found
malformed-xml
invalid-soap-envelope
invalid-soap-header
invalid-soap-body
additional-soap-headers-rcvd
metacharacter-matched-in-header
custom-attack-pattern-in-header
sql-injection-in-header
cross-site-scripting-in-header
os-command-injection-in-header
directory-traversal-in-header
error-response-suppressed
identity-theft-pattern-matched-in-response
response-header-suppressed
custom-error-response-page
directory-traversal-beyond-root
post-request-without-content-length
pre-1.0-request
invalid-method
malformed-version
malformed-end-of-request-line
malformed-header
invalid-header
malformed-cookie
get-request-with-content-length-header
http-1.1-request-without-host
multiple-content-length-headers
malformed-parameter
large-parameter-in-post-data
invalid-or-malformed-http-request
malformed-content-length
domain-not-found-in-profile
no-url-profile-match
total-request-length-exceeded
header-value-length-exceeded
invalid-url-encoding
slash-dot-in-url-path
tilde-in-url-path
cookie-length-exceeded
url-length-exceeded
url-query-length-exceeded
header-count-exceeded
total-request-line-length-exceeded
cookie-count-exceeded
cookie-name-length-exceeded
header-name-length-exceeded
too-many-sessions-for-ip
unrecognized-cookie
cookie-tampered
cookie-expired
mismatched-header-cookie-replay-attack
mismatched-ip-cookie-replay-attack
rate-control-intrusion
brute-force-from-ip
brute-force-from-fingerprint
brute-force-from-all-sources
invalid-url-character-set
url-encryption
virus-found-in-post-request
secure-browsing
slow-client-attack
slow-read-attack
captcha-tries-exceeded
captcha-max-sessions-exceeded
captcha-max-unanswered-exceeded
captcha-response-page
forbidden-method
unknown-content-type-in-post-body
content-length-exceeded
query-string-not-allowed
parameter-name-length-exceeded
too-many-uploaded-files
too-many-parameters
session-not-found
no-param-profile-match
custom-attack-pattern-in-url
sql-injection-pattern-in-url
cross-site-scripting-pattern-in-url
os-command-injection-pattern-in-url
remote-file-inclusion-pattern-in-url
read-only-or-hidden-parameter-tampered
session-invariant-parameter-tampered
session-choice-parameter-tampered
max-instances-of-parameter-exceeded
mandatory-parameter-missing
parameter-value-not-allowed
forbidden-file-extension
forbidden-file-mime-type
file-upload-size-exceeded
metacharacter-in-parameter
parameter-length-exceeded
custom-attack-pattern-in-parameter
parameter-input-validation-failed
sql-injection-pattern-in-parameter
cross-site-scripting-pattern-in-parameter
os-command-injection-pattern-in-parameter
directory-traversal-pattern-in-parameter
session-context-not-found
remote-file-inclusion-pattern-in-parameter
cross-site-request-forgery-attack-detected
keepalive-timeout-exceeded
max-object-depth-exceeded
max-key-length-exceeded
max-keys-in-object-exceeded
max-object-children-exceeded
max-value-length-exceeded
max-values-in-array-exceeded
max-number-limit-exceeded
malformed-json
sql-injection-pattern-in-json
cross-site-scripting-pattern-in-json
os-command-injection-pattern-in-json
directory-traversal-pattern-in-json
remote-file-inclusion-pattern-in-json
custom-attack-pattern-in-json
ldap-injection-in-json
python-php-attack-in-json
http-specific-attack-in-json
apache-struts-attack-in-json
json-key-validation-failed
ldap-injection-medium-in-param
python-php-attacks-medium-in-param
http-specific-attacks-medium-in-param
apache-struts-attacks-medium-in-param
ldap-injection-medium-in-url
python-php-attacks-medium-in-url
http-specific-attacks-medium-in-url
apache-struts-attacks-medium-in-url
ldap-injection-medium-in-header
python-php-attacks-medium-in-header
http-specific-attacks-medium-in-header
apache-struts-attacks-medium-in-header
remote-file-inclusion-pattern-in-header
ws_attack_bots
ws_bots
ws_fake_bots
grip-validation-failed
geo-ip-blocked
tor-ip-blocked
referer-spam-detected
comment-spam-detected
ws_blocked_category
credential-stuffing-detected
fingerprint-challenges-exceeded
missing-referer-header
missing-referer-domain
referer-domain-not-matching-host
missing-useragent-header
attack_action_redirect_url =
attack_action_response_page = default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default-error-resp
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default-virus
default
default
default
default-captcha-tries-error-page
default-captcha-sessions-error-page
default-suspected-activity-error-page
default-captcha-response-page
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default-json-response-page
default-json-response-page
default-json-response-page
default-json-response-page
default-json-response-page
default-json-response-page
default-json-response-page
default-json-response-page
default-json-response-page
default-json-response-page
default-json-response-page
default-json-response-page
default-json-response-page
default-json-response-page
default-json-response-page
default-json-response-page
default-json-response-page
default-json-response-page
default-json-response-page
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default-fingerprint-challenges-exceeded-page
default
default
default
default
attack_action_risk_score = 60
80
80
80
100
100
100
60
80
80
100
80
100
60
60
60
60
60
80
80
100
80
80
80
80
80
80
80
80
100
100
100
100
80
80
80
80
80
100
80
100
100
60
60
60
60
60
60
60
60
60
60
80
80
80
100
100
100
100
80
20
80
90
80
80
80
100
100
100
20
100
100
100
100
100
100
100
100
100
100
60
60
80
100
100
100
60
60
100
100
60
80
100
100
100
100
100
100
100
100
100
100
40
60
40
80
80
80
100
100
100
60
80
100
60
100
100
100
100
100
60
80
60
100
100
40
100
100
100
100
80
90
80
80
80
90
100
100
100
90
90
90
100
100
40
100
80
90
90
80
80
80
100
80
80
100
60
60
60
60
60
60
60
80
80
80
80
80
80
80
80
80
80
80
80
80
80
80
80
80
80
80
80
80
80
80
80
80
80
60
80
80
80
80
90
90
80
90
100
60
80
80
80
attack_description = 205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
174
175
176
184
177
178
179
181
182
183
186
185
187
188
190
191
192
193
7
35
36
37
38
39
17
63
61
62
16
25
60
118
119
120
122
121
124
125
126
127
128
129
77
123
130
131
0
6
11
14
15
41
42
43
44
140
141
142
143
144
30
31
32
116
117
75
145
346
146
12
301
204
293
295
302
297
298
299
300
5
26
40
132
147
148
149
161
163
171
166
167
168
170
134
135
136
137
138
139
150
296
151
152
154
155
156
157
158
159
160
162
164
165
303
304
305
306
307
308
309
310
313
314
315
316
317
318
319
333
334
335
336
340
320
321
322
323
324
325
326
327
328
329
330
331
332
337
338
339
341
342
343
401
402
403
404
421
422
423
424
425
attack_group = xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-dos-violations
xmlfw-dos-violations
xmlfw-dos-violations
xmlfw-dos-violations
xmlfw-dos-violations
xmlfw-dos-violations
xmlfw-dos-violations
xmlfw-dos-violations
xmlfw-dos-violations
xmlfw-dos-violations
xmlfw-dos-violations
xmlfw-dos-violations
xmlfw-dos-violations
xmlfw-dos-violations
xmlfw-soap-violations
xmlfw-soap-violations
xmlfw-soap-violations
xmlfw-soap-violations
header-violations
header-violations
header-violations
header-violations
header-violations
header-violations
response-violations
response-violations
response-violations
response-violations
protocol-violations
protocol-violations
protocol-violations
protocol-violations
protocol-violations
protocol-violations
protocol-violations
protocol-violations
protocol-violations
protocol-violations
protocol-violations
protocol-violations
protocol-violations
protocol-violations
protocol-violations
protocol-violations
application-profile-violations
application-profile-violations
request-policy-violations
request-policy-violations
request-policy-violations
request-policy-violations
request-policy-violations
request-policy-violations
request-policy-violations
request-policy-violations
request-policy-violations
request-policy-violations
request-policy-violations
request-policy-violations
request-policy-violations
request-policy-violations
request-policy-violations
request-policy-violations
request-policy-violations
request-policy-violations
request-policy-violations
advanced-policy-violations
advanced-policy-violations
advanced-policy-violations
advanced-policy-violations
advanced-policy-violations
advanced-policy-violations
advanced-policy-violations
advanced-policy-violations
advanced-policy-violations
advanced-policy-violations
advanced-policy-violations
advanced-policy-violations
advanced-policy-violations
response-violations
url-profile-violations
url-profile-violations
url-profile-violations
url-profile-violations
url-profile-violations
url-profile-violations
url-profile-violations
url-profile-violations
url-profile-violations
url-profile-violations
url-profile-violations
url-profile-violations
url-profile-violations
url-profile-violations
param-profile-violations
param-profile-violations
param-profile-violations
param-profile-violations
param-profile-violations
param-profile-violations
param-profile-violations
param-profile-violations
param-profile-violations
param-profile-violations
param-profile-violations
param-profile-violations
param-profile-violations
param-profile-violations
param-profile-violations
param-profile-violations
param-profile-violations
param-profile-violations
param-profile-violations
param-profile-violations
request-policy-violations
json-limit-violations
json-limit-violations
json-limit-violations
json-limit-violations
json-limit-violations
json-limit-violations
json-limit-violations
json-limit-violations
json-violations
json-violations
json-violations
json-violations
json-violations
json-violations
json-violations
json-violations
json-violations
json-violations
json-violations
param-profile-violations
param-profile-violations
param-profile-violations
param-profile-violations
url-profile-violations
url-profile-violations
url-profile-violations
url-profile-violations
header-violations
header-violations
header-violations
header-violations
header-violations
advanced-policy-violations
advanced-policy-violations
advanced-policy-violations
advanced-policy-violations
advanced-policy-violations
advanced-policy-violations
bot-mitigation-violations
bot-mitigation-violations
bot-mitigation-violations
bot-mitigation-violations
bot-mitigation-violations
protocol-violations
protocol-violations
protocol-violations
protocol-violations
cookie_replay_protection_type = 1
global_adr_action = 0
1
2
2
2
2
2
2
2
0
global_adr_comment =
global_adr_deny_response = 1
1
1
1
1
1
1
1
1
1
global_adr_extended_match = *
*
(URI-Path req \/.*%23[^/]*)
(URI-Path req "\/.*copy(%20|%09)[^/]*")
*
*
*
*
(Header Translate eq F)
*
global_adr_extended_match_sequence = 1
1
1
2
1
1
1
1
1
1
global_adr_follow_up_action = 0
0
0
0
0
0
0
0
0
0
global_adr_follow_up_action_time = 60
60
60
60
60
60
60
60
60
60
global_adr_name = robots.txt
favicon.ico
backups-prefix-hash
backups-prefix-copy
backups-suffix-sav
backups-suffix-bak
backups-suffix-old
phpinfo
translate-f-vulnerability
access-control-login-url
global_adr_redirect_url =
global_adr_response_page = default
default
default
default
default
default
default
default
default
default
global_adr_status = 1
1
0
1
1
1
1
1
1
1
global_adr_url = /*/robots.txt
/*/favicon.ico
/*
/*
/*.sav
/*.bak
/*.old
/*/phpinfo.php
/*.asp
/nclogin.submit
param_protection_internal_attack_types = cross-site-scripting
sql-injection-medium
os-command-injection
ldap-injection-medium
python-php-attacks-medium
http-specific-attacks-medium
apache-struts-attacks-medium
parameter_protection_base64_decode_value = 0
parameter_protection_check_file_mime_type = 0
parameter_protection_denied_meta_characters = %00%01%04%1b%08%5c%7f
parameter_protection_file_upload_extensions = JPG
GIF
PDF
parameter_protection_file_upload_mime_types = image/jpeg
image/gif
application/pdf
parameter_protection_max_param_value_length = 4096
parameter_protection_max_upload_file_size = 1024
parameter_protection_status = 1
parameter_protection_validate_param_name = 0
parameter_protection_white_listed_parameters = __VIEWSTATE
PostBody
url_protection_allow_methods = GET
POST
PUT
HEAD
CONNECT
OPTIONS
BDELETE
BMOVE
COPY
DELETE
ERROR
LOCK
MKCOL
MOVE
PROPFIND
PROPPATCH
PURGE
TRACE
UNLOCK
url_protection_allowed_content_types = application/x-www-form-urlencoded
multipart/form-data
text/xml
application/x-www-UTF8-encoded
application/x-vermeer-urlencoded
application/json
url_protection_internal_attack_types = cross-site-scripting
sql-injection-medium
os-command-injection
ldap-injection-medium
python-php-attacks-medium
http-specific-attacks-medium
apache-struts-attacks-medium
url_protection_max_content_length = 32768
url_protection_max_parameter_name_length = 64
url_protection_max_parameters = 40
url_protection_max_upload_files = 5
url_protection_prevent_csrf = 0
url_protection_status = 1
#scope:<web_firewall_policy>::scope_data:<sharepoint2013>
aps_allow_unrecognized_cookie = 2
aps_allow_unrecognized_cookie_days = 7
aps_charset = 2
aps_cloaking_status = 1
aps_content_protection_action = 1
1
0
aps_content_protection_keep_first = 0
0
0
aps_content_protection_keep_last = 4
4
4
aps_content_protection_name = credit-cards
ssn
directory-indexing
aps_content_protection_pattern =
aps_content_protection_status = 1
1
0
aps_content_protection_type = credit-cards
social-security-numbers
directory-indexing
aps_cookie_exceptions = __utma
__utmc
__utmz
__utmb
AuthSuccessURL
CTSESSION
SMSESSION
SMCHALLENGE
Ribbon.ListForm.Edit
Ribbon.Read
WSS_FullScreenMode
databaseBtnText
databaseBtnDesc
stsSyncAppName
stsSyncIconPath
Ribbon.ListForm.Display
Ribbon.Timeline
aps_cookie_httponly = 0
aps_cookie_max_age = 1440
aps_cookie_mode = 1
aps_cookie_secure = 0
aps_cookie_status = 1
aps_detect_charset = 0
aps_double_encoding = 0
aps_filter_resp_code = 403
aps_filter_resp_header = Server
X-Powered-By
X-AspNet-Version
MicrosoftSharePointTeamServices
aps_filter_resp_status = 1
aps_limit_max_cookie_name_length = 128
aps_limit_max_cookies = 40
aps_limit_max_header_name_length = 32
aps_limit_max_req_line_length = 4096
aps_limit_num_req_headers = 20
aps_limit_query_length = 4096
aps_limit_req_cookie_length = 4096
aps_limit_req_headers_length = 1024
aps_limit_req_length = 32768
aps_limit_req_url_length = 4096
aps_limit_status = 1
aps_param_separators = &
aps_suppress_return_code = 1
attack_action_action = 0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
1
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
1
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
1
1
1
1
attack_action_deny_response = 1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
attack_action_follow_up_action = 0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
1
1
0
1
1
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
2
2
2
0
0
0
2
2
2
2
2
0
0
0
0
attack_action_follow_up_action_time = 60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
600
600
60
120
120
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
60
attack_action_name = message-is-not-HTTP1.1
message-is-not-HTTP1.0-or-HTTP1.1
message-is-not-UTF8-or-UTF16
request-is-not-HTTP-POST
resp-has-no-wrapper-named-op
soapaction-hdr-is-not-quoted
DOCTYPE-element
msg-part-accessors-have-no-ns
msg-does-not-include-allhdrs
oneway-resp-non-empty-body
req-matches-wsdl
no-fault-for-bad-env-ns
resp-matches-wsdl
faults-use-dot-notation
atts-in-soap-env-hdr-body
env-ns-is-1998
good-resp-is-not-200ok
processed-resp-status-is-nither-200-nor-202
non-POST-req-does-not-get-405
non-XML-req-does-not-get-415
fault-resp-is-not-defined-in-wsdl-binding
WSI-confirmance-not-in-soap-hdr
WSI-confirmance-is-not-well-formed
WSI-confirmance-claims-are-not-mustunderstand
soapaction-hdr-does-not-match-op-soapaction
msg-body-is-not-soap-env-with-ns
soap-body-children-are-not-ns-qualified
soap-fault-has-envelope-ns
soapenc-arraytype-attr
xml-processing-instructions-in-body
part-accessors-has-xsi-nil
mustunderstand-is-nither-1-nor-0
soap-faultcode-is-not-std
soap-fault-is-not-in-HTTP500-resp
soap-fault-does-not-have-allowed-children
encodingStyle-in-envelope-ns-elements
soap-encodingStyle-in-body-children
envelope-have-children-after-body
soap-fault-children-are-qualified
encodingStyle-in-rpc-literal-grand-children
envelope-and-body-are-not-xml1.0
envelope-does-not-confirm-to-schema
max-tree-depth-exceeded
max-element-name-length-exceeded
max-elements-in-tree-exceeded
max-element-children-exceeded
max-element-attributes-exceeded
max-attribute-name-length-exceeded
max-attribute-value-length-exceeded
max-text-size-exceeded
max-document-size-exceeded
min-document-size-limit
processing-instructions-found
dtd-found
external-uri-ref-found
malformed-xml
invalid-soap-envelope
invalid-soap-header
invalid-soap-body
additional-soap-headers-rcvd
metacharacter-matched-in-header
custom-attack-pattern-in-header
sql-injection-in-header
cross-site-scripting-in-header
os-command-injection-in-header
directory-traversal-in-header
error-response-suppressed
identity-theft-pattern-matched-in-response
response-header-suppressed
custom-error-response-page
directory-traversal-beyond-root
post-request-without-content-length
pre-1.0-request
invalid-method
malformed-version
malformed-end-of-request-line
malformed-header
invalid-header
malformed-cookie
get-request-with-content-length-header
http-1.1-request-without-host
multiple-content-length-headers
malformed-parameter
large-parameter-in-post-data
invalid-or-malformed-http-request
malformed-content-length
domain-not-found-in-profile
no-url-profile-match
total-request-length-exceeded
header-value-length-exceeded
invalid-url-encoding
slash-dot-in-url-path
tilde-in-url-path
cookie-length-exceeded
url-length-exceeded
url-query-length-exceeded
header-count-exceeded
total-request-line-length-exceeded
cookie-count-exceeded
cookie-name-length-exceeded
header-name-length-exceeded
too-many-sessions-for-ip
unrecognized-cookie
cookie-tampered
cookie-expired
mismatched-header-cookie-replay-attack
mismatched-ip-cookie-replay-attack
rate-control-intrusion
brute-force-from-ip
brute-force-from-fingerprint
brute-force-from-all-sources
invalid-url-character-set
url-encryption
virus-found-in-post-request
secure-browsing
slow-client-attack
slow-read-attack
captcha-tries-exceeded
captcha-max-sessions-exceeded
captcha-max-unanswered-exceeded
captcha-response-page
forbidden-method
unknown-content-type-in-post-body
content-length-exceeded
query-string-not-allowed
parameter-name-length-exceeded
too-many-uploaded-files
too-many-parameters
session-not-found
no-param-profile-match
custom-attack-pattern-in-url
sql-injection-pattern-in-url
cross-site-scripting-pattern-in-url
os-command-injection-pattern-in-url
remote-file-inclusion-pattern-in-url
read-only-or-hidden-parameter-tampered
session-invariant-parameter-tampered
session-choice-parameter-tampered
max-instances-of-parameter-exceeded
mandatory-parameter-missing
parameter-value-not-allowed
forbidden-file-extension
file-upload-size-exceeded
metacharacter-in-parameter
parameter-length-exceeded
custom-attack-pattern-in-parameter
parameter-input-validation-failed
sql-injection-pattern-in-parameter
cross-site-scripting-pattern-in-parameter
os-command-injection-pattern-in-parameter
directory-traversal-pattern-in-parameter
session-context-not-found
remote-file-inclusion-pattern-in-parameter
cross-site-request-forgery-attack-detected
keepalive-timeout-exceeded
max-object-depth-exceeded
max-key-length-exceeded
max-keys-in-object-exceeded
max-object-children-exceeded
max-value-length-exceeded
max-values-in-array-exceeded
max-number-limit-exceeded
malformed-json
sql-injection-pattern-in-json
cross-site-scripting-pattern-in-json
os-command-injection-pattern-in-json
directory-traversal-pattern-in-json
remote-file-inclusion-pattern-in-json
custom-attack-pattern-in-json
ldap-injection-in-json
python-php-attack-in-json
http-specific-attack-in-json
apache-struts-attack-in-json
json-key-validation-failed
ldap-injection-medium-in-param
python-php-attacks-medium-in-param
http-specific-attacks-medium-in-param
apache-struts-attacks-medium-in-param
ldap-injection-medium-in-url
python-php-attacks-medium-in-url
http-specific-attacks-medium-in-url
apache-struts-attacks-medium-in-url
ldap-injection-medium-in-header
python-php-attacks-medium-in-header
http-specific-attacks-medium-in-header
apache-struts-attacks-medium-in-header
remote-file-inclusion-pattern-in-header
ws_attack_bots
ws_bots
ws_fake_bots
grip-validation-failed
geo-ip-blocked
tor-ip-blocked
referer-spam-detected
comment-spam-detected
ws_blocked_category
credential-stuffing-detected
fingerprint-challenges-exceeded
missing-referer-header
missing-referer-domain
referer-domain-not-matching-host
missing-useragent-header
attack_action_redirect_url =
attack_action_response_page = default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default-error-resp
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default-virus
default
default
default
default-captcha-tries-error-page
default-captcha-sessions-error-page
default-suspected-activity-error-page
default-captcha-response-page
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default-json-response-page
default-json-response-page
default-json-response-page
default-json-response-page
default-json-response-page
default-json-response-page
default-json-response-page
default-json-response-page
default-json-response-page
default-json-response-page
default-json-response-page
default-json-response-page
default-json-response-page
default-json-response-page
default-json-response-page
default-json-response-page
default-json-response-page
default-json-response-page
default-json-response-page
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default
default-fingerprint-challenges-exceeded-page
default
default
default
default
attack_action_risk_score = 60
80
80
80
100
100
100
60
80
80
100
80
100
60
60
60
60
60
80
80
100
80
80
80
80
80
80
80
80
100
100
100
100
80
80
80
80
80
100
80
100
100
60
60
60
60
60
60
60
60
60
60
80
80
80
100
100
100
100
80
20
80
90
80
80
80
100
100
100
20
100
100
100
100
100
100
100
100
100
100
60
60
80
100
100
100
60
60
100
100
60
80
100
100
100
100
100
100
100
100
100
100
40
60
40
80
80
80
100
100
100
60
80
100
60
100
100
100
100
100
60
80
60
100
100
40
100
100
100
100
80
90
80
80
80
90
100
100
100
90
90
90
100
40
100
80
90
90
80
80
80
100
80
80
100
60
60
60
60
60
60
60
80
80
80
80
80
80
80
80
80
80
80
80
80
80
80
80
80
80
80
80
80
80
80
80
80
80
60
80
80
80
80
90
90
80
90
100
60
80
80
80
attack_description = 205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
174
175
176
184
177
178
179
181
182
183
186
185
187
188
190
191
192
193
7
35
36
37
38
39
17
63
61
62
16
25
60
118
119
120
122
121
124
125
126
127
128
129
77
123
130
131
0
6
11
14
15
41
42
43
44
140
141
142
143
144
30
31
32
116
117
75
145
346
146
12
301
204
293
295
302
297
298
299
300
5
26
40
132
147
148
149
161
163
171
166
167
168
170
134
135
136
137
138
139
150
151
152
154
155
156
157
158
159
160
162
164
165
303
304
305
306
307
308
309
310
313
314
315
316
317
318
319
333
334
335
336
340
320
321
322
323
324
325
326
327
328
329
330
331
332
337
338
339
341
342
343
401
402
403
404
421
422
423
424
425
attack_group = xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-wsi-assertion-failures
xmlfw-dos-violations
xmlfw-dos-violations
xmlfw-dos-violations
xmlfw-dos-violations
xmlfw-dos-violations
xmlfw-dos-violations
xmlfw-dos-violations
xmlfw-dos-violations
xmlfw-dos-violations
xmlfw-dos-violations
xmlfw-dos-violations
xmlfw-dos-violations
xmlfw-dos-violations
xmlfw-dos-violations
xmlfw-soap-violations
xmlfw-soap-violations
xmlfw-soap-violations
xmlfw-soap-violations
header-violations
header-violations
header-violations
header-violations
header-violations
header-violations
response-violations
response-violations
response-violations
response-violations
protocol-violations
protocol-violations
protocol-violations
protocol-violations
protocol-violations
protocol-violations
protocol-violations
protocol-violations
protocol-violations
protocol-violations
protocol-violations
protocol-violations
protocol-violations
protocol-violations
protocol-violations
protocol-violations
application-profile-violations
application-profile-violations
request-policy-violations
request-policy-violations
request-policy-violations
request-policy-violations
request-policy-violations
request-policy-violations
request-policy-violations
request-policy-violations
request-policy-violations
request-policy-violations
request-policy-violations
request-policy-violations
request-policy-violations
request-policy-violations
request-policy-violations
request-policy-violations
request-policy-violations
request-policy-violations
request-policy-violations
advanced-policy-violations
advanced-policy-violations
advanced-policy-violations
advanced-policy-violations
advanced-policy-violations
advanced-policy-violations
advanced-policy-violations
advanced-policy-violations
advanced-policy-violations
advanced-policy-violations
advanced-policy-violations
advanced-policy-violations
advanced-policy-violations
response-violations
url-profile-violations
url-profile-violations
url-profile-violations
url-profile-violations
url-profile-violations
url-profile-violations
url-profile-violations
url-profile-violations
url-profile-violations
url-profile-violations
url-profile-violations
url-profile-violations
url-profile-violations
url-profile-violations
param-profile-violations
param-profile-violations
param-profile-violations
param-profile-violations
param-profile-violations
param-profile-violations
param-profile-violations
param-profile-violations
param-profile-violations
param-profile-violations
param-profile-violations
param-profile-violations
param-profile-violations
param-profile-violations
param-profile-violations
param-profile-violations
param-profile-violations
param-profile-violations
param-profile-violations
request-policy-violations
json-limit-violations
json-limit-violations
json-limit-violations
json-limit-violations
json-limit-violations
json-limit-violations
json-limit-violations
json-limit-violations
json-violations
json-violations
json-violations
json-violations
json-violations
json-violations
json-violations
json-violations
json-violations
json-violations
json-violations
param-profile-violations
param-profile-violations
param-profile-violations
param-profile-violations
url-profile-violations
url-profile-violations
url-profile-violations
url-profile-violations
header-violations
header-violations
header-violations
header-violations
header-violations
advanced-policy-violations
advanced-policy-violations
advanced-policy-violations
advanced-policy-violations
advanced-policy-violations
advanced-policy-violations
bot-mitigation-violations
bot-mitigation-violations
bot-mitigation-violations
bot-mitigation-violations
bot-mitigation-violations
protocol-violations
protocol-violations
protocol-violations
protocol-violations
cookie_replay_protection_type = 1
global_adr_action = 0
1
2
2
2
2
2
2
2
0
global_adr_comment =
global_adr_deny_response = 1
1
1
1
1
1
1
1
1
1
global_adr_extended_match = *
*
(URI-Path req \/.*%23[^/]*)
(URI-Path req "\/.*copy(%20|%09)[^/]*")
*
*
*
*
(Header Translate eq F)
*
global_adr_extended_match_sequence = 1
1
1
2
1
1
1
1
1
1
global_adr_follow_up_action = 0
0
0
0
0
0
0
0
0
0
global_adr_follow_up_action_time = 60
60
60
60
60
60
60
60
60
60
global_adr_name = robots.txt
favicon.ico
backups-prefix-hash
backups-prefix-copy
backups-suffix-sav
backups-suffix-bak
backups-suffix-old
phpinfo
translate-f-vulnerability
access-control-login-url
global_adr_redirect_url =
global_adr_response_page = default
default
default
default
default
default
default
default
default
default
global_adr_status = 1
1
0
1
1
1
1
1
1
1
global_adr_url = /*/robots.txt
/*/favicon.ico
/*
/*
/*.sav
/*.bak
/*.old
/*/phpinfo.php
/*.asp
/nclogin.submit
param_protection_internal_attack_types = cross-site-scripting
sql-injection-medium
os-command-injection
ldap-injection-medium
python-php-attacks-medium
http-specific-attacks-medium
apache-struts-attacks-medium
parameter_protection_base64_decode_value = 0
parameter_protection_check_file_mime_type = 0
parameter_protection_denied_meta_characters = %00%01%04%1b%08%5c%7f
parameter_protection_file_upload_extensions = JPG
GIF
PDF
DOC
DOCX
TXT
parameter_protection_max_param_value_length = 4096
parameter_protection_max_upload_file_size = 1024
parameter_protection_status = 1
parameter_protection_validate_param_name = 0
parameter_protection_white_listed_parameters = __VIEWSTATE
PostBody
url_protection_allow_methods = GET
POST
PUT
HEAD
CONNECT
OPTIONS
BDELETE
BMOVE
COPY
DELETE
ERROR
LOCK
MKCOL
MOVE
PROPFIND
PROPPATCH
PURGE
TRACE
UNLOCK
url_protection_allowed_content_types = application/x-www-form-urlencoded
multipart/form-data
text/xml
application/x-www-UTF8-encoded
application/x-vermeer-urlencoded
application/json
url_protection_internal_attack_types = cross-site-scripting
sql-injection-medium
os-command-injection
ldap-injection-medium
python-php-attacks-medium
http-specific-attacks-medium
apache-struts-attacks-medium
url_protection_max_content_length = 32768
url_protection_max_parameter_name_length = 150
url_protection_max_parameters = 64
url_protection_max_upload_files = 5
url_protection_prevent_csrf = 0
url_protection_status = 1
#scope:<header_acl>::scope_data:<:referer-acl>
aps_header_acl_comment = Auto created header acl for Referer Spam mitigation.
aps_header_acl_header_length = 512
aps_header_acl_header_name = Referer
aps_header_acl_internal_attack_types = sql-injection-medium
os-command-injection
cross-site-scripting
ldap-injection-medium
python-php-attacks-medium
http-specific-attacks-medium
apache-struts-attacks-medium
referer-spam
aps_header_acl_metachars = %00%01%04%1b%08%5c%7f
aps_header_acl_monitor = 0
aps_header_acl_status = 1
#scope:<attackdef>::scope_data:<1259644>
attackdef_version = 1.160
#scope:<auth_ldap_svc_user_realm>::scope_data:<internal>
auth_ldap_realm_all_params =
auth_ldap_realm_host_domain_name =
auth_ldap_realm_svr_ip = 127.0.0.1
auth_ldap_realm_svr_port = 389
auth_realm_allow_nested_groups = 0
auth_realm_base_dn = ou=Engineering,o=barracudanetworks,c=us
auth_realm_bind_dn = cn=Manager
auth_realm_bind_passwd = c:1ejs/Vf41l2ORpFa+fzQRw==
auth_realm_group_filter = (&(objectClass=posixGroup)(memberUid=%user))
auth_realm_login_attribute = uid
auth_realm_member_attribute = cn
auth_realm_query_for_group = 1
auth_realm_secure_ldap_connection = none
auth_realm_type_ldap = 0
#scope:<bridge_interfaces>::scope_data:<br0>
bridge_ports = eth0 eth1
#scope:<user>::scope_data:<admin>
failed_login_count = 0
last_failed_login_ts = 0
old_passwords_list = $2a$05$/ga99xHBEwnwKar.MslesezhR8f2rIJHvaeJzTLXy5e9tC6d1E8tK
user_default_email_address = -
user_password_crypt = $2a$05$/ga99xHBEwnwKar.MslesezhR8f2rIJHvaeJzTLXy5e9tC6d1E8tK
user_role = admin
user_type = Factory
#scope:<json_limit_policy>::scope_data:<default-policy>
json_max_array_elements = 64
json_max_child_objects = 64
json_max_document_size = 10000
json_max_keys = 256
json_max_keys_length = 64
json_max_number_value = 32768
json_max_tree_depth = 16
json_max_value_length = 1024
#scope:<custom_param_class>::scope_data:<commentspam>
param_class_custom_validation = none
param_class_denied_metachars =
param_class_input_validation = none
param_class_internal_attack_types = cross-site-scripting
sql-injection-medium
os-command-injection
ldap-injection-medium
python-php-attacks-medium
http-specific-attacks-medium
apache-struts-attacks-medium
referer-spam
#scope:<port>::scope_data:<lan>
port_bonded = 0
port_duplexity = Auto
port_mtu = 1500
port_speed = Auto
port_status = 1
#scope:<port>::scope_data:<mgmt>
port_bonded = 0
port_duplexity = Auto
port_mtu = 1500
port_speed = Auto
port_status = 1
#scope:<port>::scope_data:<wan>
port_bonded = 0
port_duplexity = Auto
port_mtu = 1500
port_speed = Auto
port_status = 1
#scope:<rate_control_pool>::scope_data:<default-pool>
rate_max_active_requests = 1
rate_max_per_client_backlog = 32
rate_max_unconfigured_clients = 100
#scope:<response_page>::scope_data:<default>
rp_body = <div style="border: 3px solid #4991C5; font:1.5em; font-family:tahoma,calibri,arial; font-weight:bold; color:#1A4369; padding:5px; margin:10px; text-align:center"> The specified URL cannot be found. </div>
rp_headers = Connection: Close
Content-Type: text/html
rp_status_code = 404 Not Found
rp_type = 0
#scope:<response_page>::scope_data:<default-access-denied-page>
rp_body = <!DOCTYPE html><cr><html><cr><head><cr> <title>Authentication and Access Control</title><cr> <style type="text/css"><cr> html {<cr> height: 100%;<cr> }<cr> html body {<cr> background: none repeat scroll 0 0 #999999;<cr> margin: 0;<cr> height: 100%;<cr> }<cr> html body #form-body {<cr> margin: 0 auto;<cr> min-height: 100%;<cr> overflow: auto;<cr> position: relative;<cr> background-color: #405F8D;<cr> background-image: -moz-linear-gradient(center top , #405F8D, #001133);<cr> }<cr><cr> html .form-signin-logo {<cr> height: 35%;<cr> left: 0;<cr> position: absolute;<cr> right: 0;<cr> top: 15px;<cr> z-index: 103; <cr> }<cr><cr> html .form-signin-outer {<cr> bottom: 0;<cr> left: 0;<cr> position: absolute;<cr> right: 0;<cr> top: 35%;<cr> width: 100%;<cr> z-index: 103; <cr> }<cr><cr> table {<cr> border-collapse: collapse;<cr> border-spacing: 0;<cr> }<cr><cr> html .form-signin-wrapper {<cr> vertical-align: top;<cr> width: 100%;<cr> }<cr><cr> html .form-signin {<cr> background-color: #F7F7F7;<cr> background-image: -moz-linear-gradient(center top , #F8F8F8, #E7E7E7);<cr> border-radius: 10px 10px 10px 10px;<cr> box-shadow: 0 0 10px rgba(0, 0, 0, 0.75);<cr> font: 12px helvetica neue,helvetica,arial;<cr> left: 50%;<cr> margin-left: -260px;<cr> position: relative;<cr> width: 520px;<cr> }<cr><cr> html .form-page-title {<cr> background-color: #D8D8DD;<cr> background-image: -moz-linear-gradient(center top , #D8D8DD, #E3E3E6);<cr> color: #000000;<cr> font: bold 18px/20px arial !important;<cr> height: 20px;<cr> margin-bottom: -1px;<cr> padding: 10px 15px;<cr> }<cr><cr> html .form-signin h2 {<cr> border-top-left-radius: 10px;<cr> border-top-right-radius: 10px;<cr> }<cr><cr> input[type="text"], input[type="password"] {<cr> border: 1px solid #DDDDDD;<cr> border-radius: 3px 3px 3px 3px;<cr> }<cr><cr> html #form-login-page {<cr> overflow: hidden;<cr> padding: 15px 30px !important;<cr> }<cr><cr> html .form-field-text, .form-field-password {<cr> background-image: -webkit-gradient(linear,left top,left bottom,from(#f8f8f8),to(#fff));<cr> background-image: -moz-linear-gradient(top,#f8f8f8,#fff);<cr> cursor: text;<cr> display: block;<cr> font: 18px/24px helvetica neue,helvetica,arial;<cr> margin: 15px 0;<cr> padding: 5px 10px;<cr> position: relative;<cr> width: 95%;<cr> z-index: 1;<cr> }<cr><cr> html .form-field-submit[type="submit"] {<cr> background: #004e9e;<cr> background: -webkit-gradient(linear, left top, left bottom, from(#0079be), to(#004e9e));<cr> background: -moz-linear-gradient(top, #0079be, #004e9e);<cr> border: medium none;<cr> border-radius: 5px 5px 5px 5px;<cr> color: #FFFFFF;<cr> display: inline-block;<cr> font: 18px/38px helvetica neue,helvetica,arial;<cr> height: 40px;<cr> opacity: 0.9;<cr> padding: 0 20px;<cr> margin: 0 0 10px;<cr> cursor: pointer;<cr> position: relative;<cr> text-decoration: none;<cr> text-shadow: 0 -1px 1px rgba(0, 0, 0, 0.75);<cr> }<cr><cr> html .form-field-submit[type="submit"]:hover, .form-field-submit:hover, .form-field-submit:focus, .form-field-submit:active {<cr> opacity: 1;<cr> }<cr><cr> html .form-field-align-right {<cr> float: right;<cr> }<cr><cr> html .form-field-submit .form-field-align-right {<cr> margin: 15px 0;<cr> }<cr><cr> html .success-message {<cr> color: #333333;<cr> font: 16px arial;<cr> position: relative;<cr> text-align: center;<cr> padding: 15px 0 10px 0;<cr> }<cr><cr> html .desc-message {<cr> color: #333333;<cr> font: 14px arial;<cr> position: relative;<cr> padding: 10px 0 24px 0;<cr> }<cr><cr> html .icn-success {<cr> vertical-align: bottom;<cr> }<cr><cr> html .icn-message {<cr> margin-left: 5px;<cr> line-height: 24px;<cr> }<cr> </style><cr></head><cr><body><cr> <div id="form-body"><cr> <div id="form-content"><cr> <div class="form-signin-logo"><cr> </div><cr> <table class="form-signin-outer"><cr> <tr><cr> <td class="form-signin-wrapper"><cr> <div class="form-signin"><cr> <h2 class="form-page-title">Authentication and Access Control</h2><cr> <div id="form-page-content" class="form-page-content"><cr> <form id="form-login-page"><cr> <div class="success-message" style="display: block;"><cr> <span class="icn-success"><cr> <img src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABgAAAAYCAYAAADgdz34AAAABHNCSVQICAgIfAhkiAAAAAlwSFlzAAALEgAACxIB0t1+/AAAABx0RVh0U29mdHdhcmUAQWRvYmUgRmlyZXdvcmtzIENTNui8sowAAAAVdEVYdENyZWF0aW9uIFRpbWUAMTAvMy8xNKPrw1UAAAIeSURBVEiJvZY7bNNQFIY/O62zRpF4mEdUyQWcqkOzszDDXgV1LSUTYmgnOkERUgfULW33WN2DGDvAbiGFNkhEgvBwEiHI0AqchJbB167j+BGqqv92H/7+e889PvdKxKiRK+SBInAHmAUyYqgL1IBdwNCa5n4UQ4oA68A6cC9uAT5VgWWtadYTDRq5whKwAaTHhLuygUda09z0d8oB+DOgfAo44puyYHjydiBWXj4FOEwP3Z3IAq7jhMWTkr/J1VcVJtRLkRQlfyNqzoZgeiFaxxeWSW0KtVImPauj7myHmij6NGplM2pOWjCRRCru+UevvTZQZm557cH3FlZxif6nLydwY4tUNuPNsWt1vt29H1zHjIyT50PqPF7l78+u1564chl1Z5vJqeuh8KODQ348eT6yS6AoNXKFN8Dt0BAEQINWB0lRRuDWQgnbrIUZvJUaucIvTv7QRBO/EuAAXTkKDtCrf8QqPhgK13/AATJy3Gicjnt9jn//SZwn4xSuUMWFKJXNoBpbKPp0HL8r41TFseBHB4dD4RrDpCbjlNyx4NZCaeRMEkx2ZcAI9l54sRqZimEHn8pmuPjyaZiBIYvLourvbZdW6H/+OgJ3FTQZtDq0SytBeFVrmvtuFi3j1HPnA6uNNb+I/e59ZCq6Jr29D1jzi14ZEbIF85zKNYDoWDsD+Jr/VjvfKxO8ncwROPgEVYG5IBwiXhWuzuLZ8g/bxQTJnkIpigAAAABJRU5ErkJggg==" align="top"/><cr> </span><cr> <span class="icn-message">Access Denied</span><cr> </div><cr> <div class="desc-message" style="display: block;"><cr> You do not have permission to access this resource. Please sign in or contact your administrator for access to this resource.<cr> </div><cr> </form><cr> </div><cr> </div><cr> </td><cr> </tr><cr> </table><cr> </div><cr> </div><cr></body><cr></html>
rp_headers = Connection: Close
Content-Type: text/html
Cache-Control: no-store, no-cache, must-revalidate
rp_status_code = 200 OK
rp_type = 2
#scope:<response_page>::scope_data:<default-captcha-response-page>
rp_body = <html><body style="font-family:times;color:white;font-size:15px;" bgcolor="#405f8d"><title>Validation request</title><h3 align="center">User validation required to continue..</h3><hr>Please type the text you see in the image into the text box and submit<p><img src = "/captcha.gif"></p><form name="input" action="/captcha_resp" method="POST" enctype="application/x-www-form-urlencoded"><input type="text" name="captcha_resp_txt" /><input type="submit" value="Submit" /></form></p></body></html><p>[ Refresh the page to generate a new image. ]</p><p>Note:<ul><li>If you get here while trying to submit a form, you may have to re-submit the form.</li><li>Access to this domain may need the browser to have javascript and cookie support enabled. </li></ul></p><hr>
rp_headers = Connection: Close
Content-Type: text/html
rp_status_code = 200 OK
rp_type = 1
#scope:<response_page>::scope_data:<default-captcha-sessions-error-page>
rp_body = <div style="border: 3px solid #4991C5; font:1.5em; font-family:tahoma,calibri,arial; font-weight:bold; color:#0A4369; padding:5px; margin:10px; text-align:center"> The specified URL is inaccessible at this time due to the load on the website from the same IP address. Please try after some time or from a different IP address.</div>
rp_headers = Connection: Close
Content-Type: text/html
rp_status_code = 404 Not Found
rp_type = 1
#scope:<response_page>::scope_data:<default-captcha-tries-error-page>
rp_body = <div style="border: 3px solid #4991C5; font:1.5em; font-family:tahoma,calibri,arial; font-weight:bold; color:#0A4369; padding:5px; margin:10px; text-align:center"> The specified URL is inaccessible at this time. Please try after some time.</div>
rp_headers = Connection: Close
Content-Type: text/html
rp_status_code = 404 Not Found
rp_type = 1
#scope:<response_page>::scope_data:<default-challenge-page>
rp_body = <!DOCTYPE html><cr><html><cr><head><cr> <title>Authentication and Access Control</title><cr> <style type="text/css"><cr> html {<cr> height: 100%;<cr> }<cr> html body {<cr> background: none repeat scroll 0 0 #999999;<cr> margin: 0;<cr> height: 100%;<cr> }<cr> html body #form-body {<cr> margin: 0 auto;<cr> min-height: 100%;<cr> overflow: auto;<cr> position: relative;<cr> background-color: #405F8D;<cr> background-image: -moz-linear-gradient(center top , #405F8D, #001133);<cr> }<cr><cr> html .form-signin-logo {<cr> height: 35%;<cr> left: 0;<cr> position: absolute;<cr> right: 0;<cr> top: 15px;<cr> z-index: 103; <cr> }<cr><cr> html .form-signin-outer {<cr> bottom: 0;<cr> left: 0;<cr> position: absolute;<cr> right: 0;<cr> top: 35%;<cr> width: 100%;<cr> z-index: 103; <cr> }<cr><cr> table {<cr> border-collapse: collapse;<cr> border-spacing: 0;<cr> }<cr><cr> html .form-signin-wrapper {<cr> vertical-align: top;<cr> width: 100%;<cr> }<cr><cr> html .form-signin {<cr> background-color: #F7F7F7;<cr> background-image: -moz-linear-gradient(center top , #F8F8F8, #E7E7E7);<cr> border-radius: 10px 10px 10px 10px;<cr> box-shadow: 0 0 10px rgba(0, 0, 0, 0.75);<cr> font: 12px helvetica neue,helvetica,arial;<cr> left: 50%;<cr> margin-left: -260px;<cr> position: relative;<cr> width: 520px;<cr> }<cr><cr> html .form-page-title {<cr> background-color: #D8D8DD;<cr> background-image: -moz-linear-gradient(center top , #D8D8DD, #E3E3E6);<cr> color: #000000;<cr> font: bold 18px/20px arial !important;<cr> height: 20px;<cr> margin-bottom: -1px;<cr> padding: 10px 15px;<cr> }<cr><cr> html .form-signin h2 {<cr> border-top-left-radius: 10px;<cr> border-top-right-radius: 10px;<cr> }<cr><cr> input[type="text"], input[type="password"] {<cr> border: 1px solid #DDDDDD;<cr> border-radius: 3px 3px 3px 3px;<cr> /*color: #333333;*/<cr> }<cr><cr>/* html .form-signin .form-page-content, html .form-signin .page_content {<cr> position: static;<cr> }<cr>*/<cr> html #form-login-page {<cr> overflow: hidden;<cr> padding: 15px 30px !important;<cr> }<cr><cr> html .form-field-text, .form-field-password {<cr> background-image: -webkit-gradient(linear,left top,left bottom,from(#f8f8f8),to(#fff));<cr> background-image: -moz-linear-gradient(top,#f8f8f8,#fff);<cr> cursor: text;<cr> display: block;<cr> font: 18px/24px helvetica neue,helvetica,arial;<cr> margin: 15px 0;<cr> padding: 5px 10px;<cr> position: relative;<cr> width: 95%;<cr> z-index: 1;<cr> }<cr><cr> html .form-field-submit[type="submit"] {<cr> background: #004e9e;<cr> background: -webkit-gradient(linear, left top, left bottom, from(#0079be), to(#004e9e));<cr> background: -moz-linear-gradient(top, #0079be, #004e9e);<cr> border: medium none;<cr> border-radius: 5px 5px 5px 5px;<cr> color: #FFFFFF;<cr> display: inline-block;<cr> font: 18px/38px helvetica neue,helvetica,arial;<cr> height: 40px;<cr> opacity: 0.9;<cr> padding: 0 20px;<cr> margin: 0 0 10px;<cr> cursor: pointer;<cr> position: relative;<cr> text-decoration: none;<cr> text-shadow: 0 -1px 1px rgba(0, 0, 0, 0.75);<cr> }<cr><cr> html .form-field-submit[type="submit"]:hover, .form-field-submit:hover, .form-field-submit:focus, .form-field-submit:active {<cr> opacity: 1;<cr> }<cr><cr> html .form-field-align-right {<cr> float: right;<cr> }<cr><cr> html .form-field-submit .form-field-align-right {<cr> margin: 15px 0;<cr> }<cr><cr> </style><cr></head><cr><body><cr> <div id="form-body"><cr> <div id="form-content"><cr> <!-- <style><cr> html .form-signin-logo { background:url(/barracuda-660.png) center center no-repeat !important;}<cr> </style><cr> --><cr> <div class="form-signin-logo"><cr> </div><cr> <table class="form-signin-outer"><cr> <tr><cr> <td class="form-signin-wrapper"><cr> <div class="form-signin"><cr> <h2 class="form-page-title">Authentication and Access Control</h2><cr> <div id="form-page-content" class="form-page-content"><cr> <form id="form-login-page" action="/nclogin.submit" method="POST"><cr> <div id="form-page-fields"><cr> %s<cr> <input type="hidden" name="f_username" id="username_entry" value="%s" class="form-field-text" placeholder="Username" autocomplete="off"><cr> <input type="password" name="f_passwd" id="password_entry" value="" class="form-field-password" placeholder="" autocomplete="off"><cr> <input type="hidden" name="f_method" id="method_entry" value="LOGIN" class="form-field-text" placeholder="Method" autocomplete="off"><cr> <input id="Submit" class="form-field-submit form-field-align-right" type="submit" value="Sign in" name="Submit"><cr> </div><cr> </form><cr> </div><cr> </div><cr> </td><cr> </tr><cr> </table><cr> </div><cr> </div><cr></body><cr></html>
rp_headers = Connection: Close
Content-Type: text/html
Cache-Control: no-store, no-cache, must-revalidate
rp_status_code = 200 OK
rp_type = 2
#scope:<response_page>::scope_data:<default-dual-login-failed-page>
rp_body = <!DOCTYPE html><cr><html><cr><head><cr> <title>Authentication and Access Control</title><cr> <style type="text/css"><cr> html {<cr> height: 100%;<cr> }<cr> html body {<cr> background: none repeat scroll 0 0 #999999;<cr> margin: 0;<cr> height: 100%;<cr> }<cr> html body #form-body {<cr> margin: 0 auto;<cr> min-height: 100%;<cr> overflow: auto;<cr> position: relative;<cr> background-color: #405F8D;<cr> background-image: -moz-linear-gradient(center top , #405F8D, #001133);<cr> }<cr><cr> html .form-signin-logo {<cr> height: 35%;<cr> left: 0;<cr> position: absolute;<cr> right: 0;<cr> top: 15px;<cr> z-index: 103; <cr> }<cr><cr> html .form-signin-outer {<cr> bottom: 0;<cr> left: 0;<cr> position: absolute;<cr> right: 0;<cr> top: 35%;<cr> width: 100%;<cr> z-index: 103; <cr> }<cr><cr> table {<cr> border-collapse: collapse;<cr> border-spacing: 0;<cr> }<cr><cr> html .form-signin-wrapper {<cr> vertical-align: top;<cr> width: 100%;<cr> }<cr><cr> html .form-signin {<cr> background-color: #F7F7F7;<cr> background-image: -moz-linear-gradient(center top , #F8F8F8, #E7E7E7);<cr> border-radius: 10px 10px 10px 10px;<cr> box-shadow: 0 0 10px rgba(0, 0, 0, 0.75);<cr> font: 12px helvetica neue,helvetica,arial;<cr> left: 50%;<cr> margin-left: -260px;<cr> position: relative;<cr> width: 520px;<cr> }<cr><cr> html .form-page-title {<cr> background-color: #D8D8DD;<cr> background-image: -moz-linear-gradient(center top , #D8D8DD, #E3E3E6);<cr> color: #000000;<cr> font: bold 18px/20px arial !important;<cr> height: 20px;<cr> margin-bottom: -1px;<cr> padding: 10px 15px;<cr> }<cr><cr> html .form-signin h2 {<cr> border-top-left-radius: 10px;<cr> border-top-right-radius: 10px;<cr> }<cr><cr> input[type="text"], input[type="password"] {<cr> border: 1px solid #DDDDDD;<cr> border-radius: 3px 3px 3px 3px;<cr> }<cr><cr> html #form-login-page {<cr> overflow: hidden;<cr> padding: 15px 30px !important;<cr> }<cr><cr> html .form-field-text, .form-field-password {<cr> background-image: -webkit-gradient(linear,left top,left bottom,from(#f8f8f8),to(#fff));<cr> background-image: -moz-linear-gradient(top,#f8f8f8,#fff);<cr> cursor: text;<cr> display: block;<cr> font: 18px/24px helvetica neue,helvetica,arial;<cr> margin: 15px 0;<cr> padding: 5px 10px;<cr> position: relative;<cr> width: 95%;<cr> z-index: 1;<cr> }<cr><cr> html .form-field-submit[type="submit"] {<cr> background: #004e9e;<cr> background: -webkit-gradient(linear, left top, left bottom, from(#0079be), to(#004e9e));<cr> background: -moz-linear-gradient(top, #0079be, #004e9e);<cr> border: medium none;<cr> border-radius: 5px 5px 5px 5px;<cr> color: #FFFFFF;<cr> display: inline-block;<cr> font: 18px/38px helvetica neue,helvetica,arial;<cr> height: 40px;<cr> opacity: 0.9;<cr> padding: 0 20px;<cr> margin: 0 0 10px;<cr> cursor: pointer;<cr> position: relative;<cr> text-decoration: none;<cr> text-shadow: 0 -1px 1px rgba(0, 0, 0, 0.75);<cr> }<cr><cr> html .form-field-submit[type="submit"]:hover, .form-field-submit:hover, .form-field-submit:focus, .form-field-submit:active {<cr> opacity: 1;<cr> }<cr><cr> html .form-field-align-right {<cr> float: right;<cr> }<cr><cr> html .form-field-submit .form-field-align-right {<cr> margin: 15px 0;<cr> }<cr><cr> html .message {<cr> color: #DD1E31;<cr> font: 12px/15px arial;<cr> position: relative;<cr> padding-bottom: 8px;<cr> }<cr><cr> html .icn-success {<cr> vertical-align: bottom;<cr> }<cr><cr> html .icn-message {<cr> margin-left: 5px;<cr> line-height: 22px;<cr> }<cr><cr> </style><cr></head><cr><body><cr> <div id="form-body"><cr> <div id="form-content"><cr> <div class="form-signin-logo"><cr> </div><cr> <table class="form-signin-outer"><cr> <tr><cr> <td class="form-signin-wrapper"><cr> <div class="form-signin"><cr> <h2 class="form-page-title">Authentication and Access Control</h2><cr> <div id="form-page-content" class="form-page-content"><cr> <form id="form-login-page" action="/nclogin.submit" method="POST"><cr> <div class="message" style="display: block;"><cr> <span class="icn-success"><cr> <img src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABQAAAAUCAYAAACNiR0NAAAABHNCSVQICAgIfAhkiAAAAAlwSFlzAAALEgAACxIB0t1+/AAAABx0RVh0U29mdHdhcmUAQWRvYmUgRmlyZXdvcmtzIENTNui8sowAAAAVdEVYdENyZWF0aW9uIFRpbWUAMTAvMy8xNKPrw1UAAAJRSURBVDiNnZRLaBNhEMd/uxvjwfSVlmB9LOJiEUQhV0EQ8RKQRkvwRe1NKXoQpQFFo5haikUa8KqiBA9W9GBFKhKK5OLNxZxECOhqNU0T2gYTStPNesiD3c3aEv/HmW9+38x8842Ag9KyXwROACHgICDXXAXgM/AWeKxoas4eKzjAjgKTwH6ny0xaBqK6rsf65lKGIzAt+68BY4C4AcysV8CQoqklCzAt+6NApAWQWdO6rh/vm0sZYg0WMMM279uLd+QSCE0dAUmk+9YIm3btNFv7JUm6CCCkZb8L+AIoAO49u+l98QjJ20nh2UtyN8fBMBowX2wUTzDAWibL71PnKX/7UYcuArIIDNRhAG1nBpC8nQC0D4bouXu9mqkJBuDa6qPjwpA5yy7grAs4abbmxyaReroage2DIQDEti0NG0ApkSR/e8LekH4hLfs1wNIQezZ2lRJJ5ofDGOWy3fVLbIIB6BWyVyL8eT3TCgxgWyvzBkClWMSo6P/0i8BSk3Wdkj3BAL7YKEiOuRRE4NNGsFIiaSl/HWjKBbwBjtQt3TeuNsHmh8ONMus+TzCAnlskH71vBs6IwFOqH72ac3yK8vefVli53PRQa5kshfiUGbYCPJEeLGdWLnf0FoEAQGWpQOndLILbzUL4jvU1DYPi+w+IHg/5yLj5lwDcUzR1WgD4uv2AIEnSc2xD3oI+AocVTV0VAWr77Bzw8D9gs0BA0dRVcF6wp4EJnAbeqmLt3JiiqY3BdNhPkJb9bqrr/xhwCNhRcxUAlepkxBVNXbDH/gXF7d0DYUvrGgAAAABJRU5ErkJggg==" align="top"/><cr> </span><cr> <span class="icn-message"><b>Error</b>: Invalid Username/Password/Passcode</span><cr> </div><cr> <div id="form-page-fields"><cr> Please provide your username and password to access restricted applications.<cr> <input type="text" name="f_username" id="username_entry" value="" class="form-field-text" placeholder="Username" autocomplete="off"><cr> <input type="password" name="f_passwd" id="password_entry" value="" class="form-field-password" placeholder="Password" autocomplete="off"><cr> <input type="password" name="f_passcode" id="passcode_entry" value="" class="form-field-password" placeholder="Passcode" autocomplete="off"><cr> <input type="hidden" name="f_method" id="method_entry" value="LOGIN" class="form-field-text" placeholder="Method" autocomplete="off"><cr> <input id="Submit" class="form-field-submit form-field-align-right" type="submit" value="Sign in" name="Submit"><cr> </div><cr> </form><cr> </div><cr> </div><cr> </td><cr> </tr><cr> </table><cr> </div><cr> </div><cr></body><cr></html>
rp_headers = Connection: Close
Content-Type: text/html
Cache-Control: no-store, no-cache, must-revalidate
rp_status_code = 200 OK
rp_type = 2
#scope:<response_page>::scope_data:<default-dual-login-page>
rp_body = <!DOCTYPE html><cr><html><cr><head><cr> <title>Authentication and Access Control</title><cr> <style type="text/css"><cr> html {<cr> height: 100%;<cr> }<cr> html body {<cr> background: none repeat scroll 0 0 #999999;<cr> margin: 0;<cr> height: 100%;<cr> }<cr> html body #form-body {<cr> margin: 0 auto;<cr> min-height: 100%;<cr> overflow: auto;<cr> position: relative;<cr> background-color: #405F8D;<cr> background-image: -moz-linear-gradient(center top , #405F8D, #001133);<cr> }<cr><cr> html .form-signin-logo {<cr> height: 35%;<cr> left: 0;<cr> position: absolute;<cr> right: 0;<cr> top: 15px;<cr> z-index: 103; <cr> }<cr><cr> html .form-signin-outer {<cr> bottom: 0;<cr> left: 0;<cr> position: absolute;<cr> right: 0;<cr> top: 35%;<cr> width: 100%;<cr> z-index: 103; <cr> }<cr><cr> table {<cr> border-collapse: collapse;<cr> border-spacing: 0;<cr> }<cr><cr> html .form-signin-wrapper {<cr> vertical-align: top;<cr> width: 100%;<cr> }<cr><cr> html .form-signin {<cr> background-color: #F7F7F7;<cr> background-image: -moz-linear-gradient(center top , #F8F8F8, #E7E7E7);<cr> border-radius: 10px 10px 10px 10px;<cr> box-shadow: 0 0 10px rgba(0, 0, 0, 0.75);<cr> font: 12px helvetica neue,helvetica,arial;<cr> left: 50%;<cr> margin-left: -260px;<cr> position: relative;<cr> width: 520px;<cr> }<cr><cr> html .form-page-title {<cr> background-color: #D8D8DD;<cr> background-image: -moz-linear-gradient(center top , #D8D8DD, #E3E3E6);<cr> color: #000000;<cr> font: bold 18px/20px arial !important;<cr> height: 20px;<cr> margin-bottom: -1px;<cr> padding: 10px 15px;<cr> }<cr><cr> html .form-signin h2 {<cr> border-top-left-radius: 10px;<cr> border-top-right-radius: 10px;<cr> }<cr><cr> input[type="text"], input[type="password"] {<cr> border: 1px solid #DDDDDD;<cr> border-radius: 3px 3px 3px 3px;<cr> /*color: #333333;*/<cr> }<cr><cr>/* html .form-signin .form-page-content, html .form-signin .page_content {<cr> position: static;<cr> }<cr>*/<cr> html #form-login-page {<cr> overflow: hidden;<cr> padding: 15px 30px !important;<cr> }<cr><cr> html .form-field-text, .form-field-password {<cr> background-image: -webkit-gradient(linear,left top,left bottom,from(#f8f8f8),to(#fff));<cr> background-image: -moz-linear-gradient(top,#f8f8f8,#fff);<cr> cursor: text;<cr> display: block;<cr> font: 18px/24px helvetica neue,helvetica,arial;<cr> margin: 15px 0;<cr> padding: 5px 10px;<cr> position: relative;<cr> width: 95%;<cr> z-index: 1;<cr> }<cr><cr> html .form-field-submit[type="submit"] {<cr> background: #004e9e;<cr> background: -webkit-gradient(linear, left top, left bottom, from(#0079be), to(#004e9e));<cr> background: -moz-linear-gradient(top, #0079be, #004e9e);<cr> border: medium none;<cr> border-radius: 5px 5px 5px 5px;<cr> color: #FFFFFF;<cr> display: inline-block;<cr> font: 18px/38px helvetica neue,helvetica,arial;<cr> height: 40px;<cr> opacity: 0.9;<cr> padding: 0 20px;<cr> margin: 0 0 10px;<cr> cursor: pointer;<cr> position: relative;<cr> text-decoration: none;<cr> text-shadow: 0 -1px 1px rgba(0, 0, 0, 0.75);<cr> }<cr><cr> html .form-field-submit[type="submit"]:hover, .form-field-submit:hover, .form-field-submit:focus, .form-field-submit:active {<cr> opacity: 1;<cr> }<cr><cr> html .form-field-align-right {<cr> float: right;<cr> }<cr><cr> html .form-field-submit .form-field-align-right {<cr> margin: 15px 0;<cr> }<cr><cr> </style><cr></head><cr><body><cr> <div id="form-body"><cr> <div id="form-content"><cr> <!-- <style><cr> html .form-signin-logo { background:url(/barracuda-660.png) center center no-repeat !important;}<cr> </style><cr> --><cr> <div class="form-signin-logo"><cr> </div><cr> <table class="form-signin-outer"><cr> <tr><cr> <td class="form-signin-wrapper"><cr> <div class="form-signin"><cr> <h2 class="form-page-title">Authentication and Access Control</h2><cr> <div id="form-page-content" class="form-page-content"><cr> <form id="form-login-page" action="/nclogin.submit" method="POST"><cr> <div id="form-page-fields"><cr> Please provide your username and password to access restricted applications.<cr> <input type="text" name="f_username" id="username_entry" value="" class="form-field-text" placeholder="Username" autocomplete="off"><cr> <input type="password" name="f_passwd" id="password_entry" value="" class="form-field-password" placeholder="Password" autocomplete="off"><cr> <input type="password" name="f_passcode" id="passcode_entry" value="" class="form-field-password" placeholder="Passcode" autocomplete="off"><cr> <input type="hidden" name="f_method" id="method_entry" value="LOGIN" class="form-field-text" placeholder="Method" autocomplete="off"><cr> <input id="Submit" class="form-field-submit form-field-align-right" type="submit" value="Sign in" name="Submit"><cr> </div><cr> </form><cr> </div><cr> </div><cr> </td><cr> </tr><cr> </table><cr> </div><cr> </div><cr></body><cr></html>
rp_headers = Connection: Close
Content-Type: text/html
Cache-Control: no-store, no-cache, must-revalidate
rp_status_code = 200 OK
rp_type = 2
#scope:<response_page>::scope_data:<default-error-resp>
rp_body = <div style="border: 3px solid #4991C5; font:1.5em; font-family:tahoma,calibri,arial; font-weight:bold; color:#0A4369; padding:5px; margin:10px; text-align:center"> The requested service is temporarily unavailable. It is either overloaded or under maintenance. Please try later.</div>
rp_headers = Connection: Close
Content-Type: text/html
rp_status_code = 503 Service Unavailable
rp_type = 0
#scope:<response_page>::scope_data:<default-fingerprint-challenges-exceeded-page>
rp_body = <html><body style="font-family:times;color:white;font-size:15px;"><div style="border: 3px solid #4991C5; font:1.5em; font-family:tahoma,calibri,arial; font-weight:bold; color:#0A4369; padding:5px; margin:10px; text-align:center">The specified URL cannot be found.<p align="center">You should enable JavaScript and cookies to have access to this website [Id: %log-id].</p></div></body></html>
rp_headers = Connection: Close
Content-Type: text/html
rp_status_code = 404 Not Found
rp_type = 0
#scope:<response_page>::scope_data:<default-hsts-redirect-page>
rp_body = <div style="border: 3px solid #4991C5; font:1.5em; font-family:tahoma,calibri,arial; font-weight:bold; color:#1A4369; padding:5px; margin:10px; text-align:center"> The requested service can be accessed over HTTPS only. <br>URL to access the service would be https://%host:443%s </div>
rp_headers = Connection: Close
Content-Type: text/html
rp_status_code = 301 Moved Permanently
rp_type = 0
#scope:<response_page>::scope_data:<default-idp-selection-page>
rp_body = <!DOCTYPE html><cr><html><cr><head><cr> <title>Authentication and Access Control</title><cr> <style type="text/css"><cr> html {<cr> height: 100%;<cr> }<cr> html body {<cr> background: none repeat scroll 0 0 #999999;<cr> margin: 0;<cr> height: 100%;<cr> }<cr> html body #form-body {<cr> margin: 0 auto;<cr> min-height: 100%;<cr> overflow: auto;<cr> position: relative;<cr> background-color: #405f8d;<cr> background-image: -moz-linear-gradient(center top , #405f8d, #001133);<cr> }<cr><cr> html .form-signin-logo {<cr> height: 35%;<cr> left: 0;<cr> position: absolute;<cr> right: 0;<cr> top: 15px;<cr> z-index: 103; <cr> }<cr><cr> html .form-signin-outer {<cr> bottom: 0;<cr> left: 0;<cr> position: absolute;<cr> right: 0;<cr> top: 35%;<cr> width: 100%;<cr> z-index: 103; <cr> }<cr><cr> table {<cr> border-collapse: collapse;<cr> border-spacing: 0;<cr> }<cr><cr> html .form-signin-wrapper {<cr> vertical-align: top;<cr> width: 100%;<cr> }<cr><cr> html .form-signin {<cr> background-color: #F7F7F7;<cr> background-image: -moz-linear-gradient(center top , #F8F8F8, #E7E7E7);<cr> border-radius: 10px 10px 10px 10px;<cr> box-shadow: 0 0 10px rgba(0, 0, 0, 0.75);<cr> font: 12px helvetica neue,helvetica,arial;<cr> left: 50%;<cr> margin-left: -260px;<cr> position: relative;<cr> width: 520px;<cr> }<cr><cr> html .form-page-title {<cr> background-color: #D8D8DD;<cr> background-image: -moz-linear-gradient(center top , #D8D8DD, #E3E3E6);<cr> color: #000000;<cr> font: bold 18px/20px arial !important;<cr> height: 20px;<cr> margin-bottom: -1px;<cr> padding: 10px 15px;<cr> }<cr><cr> html .form-signin h2 {<cr> border-top-left-radius: 10px;<cr> border-top-right-radius: 10px;<cr> }<cr><cr> input[type="text"], input[type="password"] {<cr> border: 1px solid #DDDDDD;<cr> border-radius: 3px 3px 3px 3px;<cr> /*color: #333333;*/<cr> }<cr><cr>/* html .form-signin .form-page-content, html .form-signin .page_content {<cr> position: static;<cr> }<cr>*/<cr> html #idp-login-page {<cr> overflow: hidden;<cr> padding: 15px 30px !important;<cr> }<cr><cr> html .form-field-text, .form-field-password {<cr> background-image: -webkit-gradient(linear,left top,left bottom,from(#f8f8f8),to(#fff));<cr> background-image: -moz-linear-gradient(top,#f8f8f8,#fff);<cr> cursor: text;<cr> display: block;<cr> font: 18px/24px helvetica neue,helvetica,arial;<cr> margin: 15px 0;<cr> padding: 5px 10px;<cr> position: relative;<cr> width: 95%;<cr> z-index: 1;<cr> }<cr><cr> html .form-field-submit[type="submit"] {<cr> background: #004e9e;<cr> background: -webkit-gradient(linear, left top, left bottom, from(#0079be), to(#004e9e));<cr> background: -moz-linear-gradient(top, #0079be, #004e9e);<cr> border: medium none;<cr> border-radius: 5px 5px 5px 5px;<cr> color: #FFFFFF;<cr> display: inline-block;<cr> font: 18px/38px helvetica neue,helvetica,arial;<cr> height: 40px;<cr> opacity: 0.9;<cr> padding: 0 20px;<cr> margin: 0 0 10px;<cr> cursor: pointer;<cr> position: relative;<cr> text-decoration: none;<cr> text-shadow: 0 -1px 1px rgba(0, 0, 0, 0.75);<cr> }<cr><cr> html .form-field-submit[type="submit"]:hover, .form-field-submit:hover, .form-field-submit:focus, .form-<cr><cr>field-submit:active {<cr> opacity: 1;<cr> }<cr><cr> html .form-field-align-right {<cr> float: right;<cr> }<cr><cr> html .form-field-submit .form-field-align-right {<cr> margin: 15px 0;<cr> }<cr> </style><cr></head><cr><body><cr> <div id="form-body"><cr> <div id="form-content"><cr> <!-- <style><cr> html .form-signin-logo { background:url(/barracuda-660.png) center center no-repeat !important;}<cr> </style><cr> --><cr> <div class="form-signin-logo"><cr> </div><cr> <table class="form-signin-outer"><cr> <tr><cr> <td class="form-signin-wrapper"><cr> <div class="form-signin"><cr> <h2 class="form-page-title">Authentication and Access Control</h2><cr> <div id="form-page-content" class="form-page-content"><cr> <form id="idp-login-page" action="/saml.sso/login" method="GET"><cr> <div id="form-page-fields"><cr> Please select an IDP for authentication to access restricted applications.<cr> <hr><cr> <input type="radio" name="f_idpname" value="MS Azure AD">MS Azure AD<cr> <br><cr> <input type="radio" name="f_idpname" value="Open IDP">Open IDP<cr> <br><cr> <hr><cr> <input id="Submit" class="form-field-submit form-field-align-right" <cr><cr>type="submit" value="Submit" name="f_login"><cr> </div><cr> </form><cr> </div><cr> </div><cr> </td><cr> </tr><cr> </table><cr> </div><cr> </div><cr></body><cr></html>
rp_headers = Connection: Close
Content-Type: text/html
Cache-Control: no-store, no-cache, must-revalidate
rp_status_code = 200 OK
rp_type = 2
#scope:<response_page>::scope_data:<default-json-response-page>
rp_body = { <cr>"Log-Id" : "%log-id",<cr>"Request Time" : "%attack-time",<cr>"Error" : "The specified URL cannot be found " <cr>}<cr>
rp_headers = Connection: Close
Content-Type: application/json
rp_status_code = 404 Not Found
rp_type = 0
#scope:<response_page>::scope_data:<default-login-failed-page>
rp_body = <!DOCTYPE html><cr><html><cr><head><cr> <title>Authentication and Access Control</title><cr> <style type="text/css"><cr> html {<cr> height: 100%;<cr> }<cr> html body {<cr> background: none repeat scroll 0 0 #999999;<cr> margin: 0;<cr> height: 100%;<cr> }<cr> html body #form-body {<cr> margin: 0 auto;<cr> min-height: 100%;<cr> overflow: auto;<cr> position: relative;<cr> background-color: #405F8D;<cr> background-image: -moz-linear-gradient(center top , #405F8D, #001133);<cr> }<cr><cr> html .form-signin-logo {<cr> height: 35%;<cr> left: 0;<cr> position: absolute;<cr> right: 0;<cr> top: 15px;<cr> z-index: 103; <cr> }<cr><cr> html .form-signin-outer {<cr> bottom: 0;<cr> left: 0;<cr> position: absolute;<cr> right: 0;<cr> top: 35%;<cr> width: 100%;<cr> z-index: 103; <cr> }<cr><cr> table {<cr> border-collapse: collapse;<cr> border-spacing: 0;<cr> }<cr><cr> html .form-signin-wrapper {<cr> vertical-align: top;<cr> width: 100%;<cr> }<cr><cr> html .form-signin {<cr> background-color: #F7F7F7;<cr> background-image: -moz-linear-gradient(center top , #F8F8F8, #E7E7E7);<cr> border-radius: 10px 10px 10px 10px;<cr> box-shadow: 0 0 10px rgba(0, 0, 0, 0.75);<cr> font: 12px helvetica neue,helvetica,arial;<cr> left: 50%;<cr> margin-left: -260px;<cr> position: relative;<cr> width: 520px;<cr> }<cr><cr> html .form-page-title {<cr> background-color: #D8D8DD;<cr> background-image: -moz-linear-gradient(center top , #D8D8DD, #E3E3E6);<cr> color: #000000;<cr> font: bold 18px/20px arial !important;<cr> height: 20px;<cr> margin-bottom: -1px;<cr> padding: 10px 15px;<cr> }<cr><cr> html .form-signin h2 {<cr> border-top-left-radius: 10px;<cr> border-top-right-radius: 10px;<cr> }<cr><cr> input[type="text"], input[type="password"] {<cr> border: 1px solid #DDDDDD;<cr> border-radius: 3px 3px 3px 3px;<cr> }<cr><cr> html #form-login-page {<cr> overflow: hidden;<cr> padding: 15px 30px !important;<cr> }<cr><cr> html .form-field-text, .form-field-password {<cr> background-image: -webkit-gradient(linear,left top,left bottom,from(#f8f8f8),to(#fff));<cr> background-image: -moz-linear-gradient(top,#f8f8f8,#fff);<cr> cursor: text;<cr> display: block;<cr> font: 18px/24px helvetica neue,helvetica,arial;<cr> margin: 15px 0;<cr> padding: 5px 10px;<cr> position: relative;<cr> width: 95%;<cr> z-index: 1;<cr> }<cr><cr> html .form-field-submit[type="submit"] {<cr> background: #004e9e;<cr> background: -webkit-gradient(linear, left top, left bottom, from(#0079be), to(#004e9e));<cr> background: -moz-linear-gradient(top, #0079be, #004e9e);<cr> border: medium none;<cr> border-radius: 5px 5px 5px 5px;<cr> color: #FFFFFF;<cr> display: inline-block;<cr> font: 18px/38px helvetica neue,helvetica,arial;<cr> height: 40px;<cr> opacity: 0.9;<cr> padding: 0 20px;<cr> margin: 0 0 10px;<cr> cursor: pointer;<cr> position: relative;<cr> text-decoration: none;<cr> text-shadow: 0 -1px 1px rgba(0, 0, 0, 0.75);<cr> }<cr><cr> html .form-field-submit[type="submit"]:hover, .form-field-submit:hover, .form-field-submit:focus, .form-field-submit:active {<cr> opacity: 1;<cr> }<cr><cr> html .form-field-align-right {<cr> float: right;<cr> }<cr><cr> html .form-field-submit .form-field-align-right {<cr> margin: 15px 0;<cr> }<cr><cr> html .message {<cr> color: #DD1E31;<cr> font: 12px/15px arial;<cr> position: relative;<cr> padding-bottom: 8px;<cr> }<cr><cr> html .icn-success {<cr> vertical-align: bottom;<cr> }<cr><cr> html .icn-message {<cr> margin-left: 5px;<cr> line-height: 22px;<cr> }<cr><cr> </style><cr></head><cr><body><cr> <div id="form-body"><cr> <div id="form-content"><cr> <div class="form-signin-logo"><cr> </div><cr> <table class="form-signin-outer"><cr> <tr><cr> <td class="form-signin-wrapper"><cr> <div class="form-signin"><cr> <h2 class="form-page-title">Authentication and Access Control</h2><cr> <div id="form-page-content" class="form-page-content"><cr> <form id="form-login-page" action="/nclogin.submit" method="POST"><cr> <div class="message" style="display: block;"><cr> <span class="icn-success"><cr> <img src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABQAAAAUCAYAAACNiR0NAAAABHNCSVQICAgIfAhkiAAAAAlwSFlzAAALEgAACxIB0t1+/AAAABx0RVh0U29mdHdhcmUAQWRvYmUgRmlyZXdvcmtzIENTNui8sowAAAAVdEVYdENyZWF0aW9uIFRpbWUAMTAvMy8xNKPrw1UAAAJRSURBVDiNnZRLaBNhEMd/uxvjwfSVlmB9LOJiEUQhV0EQ8RKQRkvwRe1NKXoQpQFFo5haikUa8KqiBA9W9GBFKhKK5OLNxZxECOhqNU0T2gYTStPNesiD3c3aEv/HmW9+38x8842Ag9KyXwROACHgICDXXAXgM/AWeKxoas4eKzjAjgKTwH6ny0xaBqK6rsf65lKGIzAt+68BY4C4AcysV8CQoqklCzAt+6NApAWQWdO6rh/vm0sZYg0WMMM279uLd+QSCE0dAUmk+9YIm3btNFv7JUm6CCCkZb8L+AIoAO49u+l98QjJ20nh2UtyN8fBMBowX2wUTzDAWibL71PnKX/7UYcuArIIDNRhAG1nBpC8nQC0D4bouXu9mqkJBuDa6qPjwpA5yy7grAs4abbmxyaReroage2DIQDEti0NG0ApkSR/e8LekH4hLfs1wNIQezZ2lRJJ5ofDGOWy3fVLbIIB6BWyVyL8eT3TCgxgWyvzBkClWMSo6P/0i8BSk3Wdkj3BAL7YKEiOuRRE4NNGsFIiaSl/HWjKBbwBjtQt3TeuNsHmh8ONMus+TzCAnlskH71vBs6IwFOqH72ac3yK8vefVli53PRQa5kshfiUGbYCPJEeLGdWLnf0FoEAQGWpQOndLILbzUL4jvU1DYPi+w+IHg/5yLj5lwDcUzR1WgD4uv2AIEnSc2xD3oI+AocVTV0VAWr77Bzw8D9gs0BA0dRVcF6wp4EJnAbeqmLt3JiiqY3BdNhPkJb9bqrr/xhwCNhRcxUAlepkxBVNXbDH/gXF7d0DYUvrGgAAAABJRU5ErkJggg==" align="top"/><cr> </span><cr> <span class="icn-message"><b>Error</b>: Invalid Username or Password</span><cr> </div><cr> <div id="form-page-fields"><cr> Please provide your username and password to access restricted applications.<cr> <input type="text" name="f_username" id="username_entry" value="" class="form-field-text" placeholder="Username" autocomplete="off"><cr> <input type="password" name="f_passwd" id="password_entry" value="" class="form-field-password" placeholder="Password" autocomplete="off"><cr> <input type="hidden" name="f_method" id="method_entry" value="LOGIN" class="form-field-text" placeholder="Method" autocomplete="off"><cr> <input id="Submit" class="form-field-submit form-field-align-right" type="submit" value="Sign in" name="Submit"><cr> </div><cr> </form><cr> </div><cr> </div><cr> </td><cr> </tr><cr> </table><cr> </div><cr> </div><cr></body><cr></html>
rp_headers = Connection: Close
Content-Type: text/html
Cache-Control: no-store, no-cache, must-revalidate
rp_status_code = 200 OK
rp_type = 2
#scope:<response_page>::scope_data:<default-login-page>
rp_body = <!DOCTYPE html><cr><html><cr><head><cr> <title>Authentication and Access Control</title><cr> <style type="text/css"><cr> html {<cr> height: 100%;<cr> }<cr> html body {<cr> background: none repeat scroll 0 0 #999999;<cr> margin: 0;<cr> height: 100%;<cr> }<cr> html body #form-body {<cr> margin: 0 auto;<cr> min-height: 100%;<cr> overflow: auto;<cr> position: relative;<cr> background-color: #405F8D;<cr> background-image: -moz-linear-gradient(center top , #405F8D, #001133);<cr> }<cr><cr> html .form-signin-logo {<cr> height: 35%;<cr> left: 0;<cr> position: absolute;<cr> right: 0;<cr> top: 15px;<cr> z-index: 103; <cr> }<cr><cr> html .form-signin-outer {<cr> bottom: 0;<cr> left: 0;<cr> position: absolute;<cr> right: 0;<cr> top: 35%;<cr> width: 100%;<cr> z-index: 103; <cr> }<cr><cr> table {<cr> border-collapse: collapse;<cr> border-spacing: 0;<cr> }<cr><cr> html .form-signin-wrapper {<cr> vertical-align: top;<cr> width: 100%;<cr> }<cr><cr> html .form-signin {<cr> background-color: #F7F7F7;<cr> background-image: -moz-linear-gradient(center top , #F8F8F8, #E7E7E7);<cr> border-radius: 10px 10px 10px 10px;<cr> box-shadow: 0 0 10px rgba(0, 0, 0, 0.75);<cr> font: 12px helvetica neue,helvetica,arial;<cr> left: 50%;<cr> margin-left: -260px;<cr> position: relative;<cr> width: 520px;<cr> }<cr><cr> html .form-page-title {<cr> background-color: #D8D8DD;<cr> background-image: -moz-linear-gradient(center top , #D8D8DD, #E3E3E6);<cr> color: #000000;<cr> font: bold 18px/20px arial !important;<cr> height: 20px;<cr> margin-bottom: -1px;<cr> padding: 10px 15px;<cr> }<cr><cr> html .form-signin h2 {<cr> border-top-left-radius: 10px;<cr> border-top-right-radius: 10px;<cr> }<cr><cr> input[type="text"], input[type="password"] {<cr> border: 1px solid #DDDDDD;<cr> border-radius: 3px 3px 3px 3px;<cr> /*color: #333333;*/<cr> }<cr><cr>/* html .form-signin .form-page-content, html .form-signin .page_content {<cr> position: static;<cr> }<cr>*/<cr> html #form-login-page {<cr> overflow: hidden;<cr> padding: 15px 30px !important;<cr> }<cr><cr> html .form-field-text, .form-field-password {<cr> background-image: -webkit-gradient(linear,left top,left bottom,from(#f8f8f8),to(#fff));<cr> background-image: -moz-linear-gradient(top,#f8f8f8,#fff);<cr> cursor: text;<cr> display: block;<cr> font: 18px/24px helvetica neue,helvetica,arial;<cr> margin: 15px 0;<cr> padding: 5px 10px;<cr> position: relative;<cr> width: 95%;<cr> z-index: 1;<cr> }<cr><cr> html .form-field-submit[type="submit"] {<cr> background: #004e9e;<cr> background: -webkit-gradient(linear, left top, left bottom, from(#0079be), to(#004e9e));<cr> background: -moz-linear-gradient(top, #0079be, #004e9e);<cr> border: medium none;<cr> border-radius: 5px 5px 5px 5px;<cr> color: #FFFFFF;<cr> display: inline-block;<cr> font: 18px/38px helvetica neue,helvetica,arial;<cr> height: 40px;<cr> opacity: 0.9;<cr> padding: 0 20px;<cr> margin: 0 0 10px;<cr> cursor: pointer;<cr> position: relative;<cr> text-decoration: none;<cr> text-shadow: 0 -1px 1px rgba(0, 0, 0, 0.75);<cr> }<cr><cr> html .form-field-submit[type="submit"]:hover, .form-field-submit:hover, .form-field-submit:focus, .form-field-submit:active {<cr> opacity: 1;<cr> }<cr><cr> html .form-field-align-right {<cr> float: right;<cr> }<cr><cr> html .form-field-submit .form-field-align-right {<cr> margin: 15px 0;<cr> }<cr><cr> </style><cr></head><cr><body><cr> <div id="form-body"><cr> <div id="form-content"><cr> <!-- <style><cr> html .form-signin-logo { background:url(/barracuda-660.png) center center no-repeat !important;}<cr> </style><cr> --><cr> <div class="form-signin-logo"><cr> </div><cr> <table class="form-signin-outer"><cr> <tr><cr> <td class="form-signin-wrapper"><cr> <div class="form-signin"><cr> <h2 class="form-page-title">Authentication and Access Control</h2><cr> <div id="form-page-content" class="form-page-content"><cr> <form id="form-login-page" action="/nclogin.submit" method="POST"><cr> <div id="form-page-fields"><cr> Please provide your username and password to access restricted applications.<cr> <input type="text" name="f_username" id="username_entry" value="" class="form-field-text" placeholder="Username" autocomplete="off"><cr> <input type="password" name="f_passwd" id="password_entry" value="" class="form-field-password" placeholder="Password" autocomplete="off"><cr> <input type="hidden" name="f_method" id="method_entry" value="LOGIN" class="form-field-text" placeholder="Method" autocomplete="off"><cr> <input id="Submit" class="form-field-submit form-field-align-right" type="submit" value="Sign in" name="Submit"><cr> </div><cr> </form><cr> </div><cr> </div><cr> </td><cr> </tr><cr> </table><cr> </div><cr> </div><cr></body><cr></html>
rp_headers = Connection: Close
Content-Type: text/html
Cache-Control: no-store, no-cache, must-revalidate
rp_status_code = 200 OK
rp_type = 2
#scope:<response_page>::scope_data:<default-login-success-page>
rp_body = <!DOCTYPE html><cr><html><cr><head><cr> <title>Authentication and Access Control</title><cr> <style type="text/css"><cr> html {<cr> height: 100%;<cr> }<cr> html body {<cr> background: none repeat scroll 0 0 #999999;<cr> margin: 0;<cr> height: 100%;<cr> }<cr> html body #form-body {<cr> margin: 0 auto;<cr> min-height: 100%;<cr> overflow: auto;<cr> position: relative;<cr> background-color: #405F8D;<cr> background-image: -moz-linear-gradient(center top , #405F8D, #001133);<cr> }<cr><cr> html .form-signin-logo {<cr> height: 35%;<cr> left: 0;<cr> position: absolute;<cr> right: 0;<cr> top: 15px;<cr> z-index: 103; <cr> }<cr><cr> html .form-signin-outer {<cr> bottom: 0;<cr> left: 0;<cr> position: absolute;<cr> right: 0;<cr> top: 35%;<cr> width: 100%;<cr> z-index: 103; <cr> }<cr><cr> table {<cr> border-collapse: collapse;<cr> border-spacing: 0;<cr> }<cr><cr> html .form-signin-wrapper {<cr> vertical-align: top;<cr> width: 100%;<cr> }<cr><cr> html .form-signin {<cr> background-color: #F7F7F7;<cr> background-image: -moz-linear-gradient(center top , #F8F8F8, #E7E7E7);<cr> border-radius: 10px 10px 10px 10px;<cr> box-shadow: 0 0 10px rgba(0, 0, 0, 0.75);<cr> font: 12px helvetica neue,helvetica,arial;<cr> left: 50%;<cr> margin-left: -260px;<cr> position: relative;<cr> width: 520px;<cr> }<cr><cr> html .form-page-title {<cr> background-color: #D8D8DD;<cr> background-image: -moz-linear-gradient(center top , #D8D8DD, #E3E3E6);<cr> color: #000000;<cr> font: bold 18px/20px arial !important;<cr> height: 20px;<cr> margin-bottom: -1px;<cr> padding: 10px 15px;<cr> }<cr><cr> html .form-signin h2 {<cr> border-top-left-radius: 10px;<cr> border-top-right-radius: 10px;<cr> }<cr><cr> input[type="text"], input[type="password"] {<cr> border: 1px solid #DDDDDD;<cr> border-radius: 3px 3px 3px 3px;<cr> }<cr><cr> html #form-login-page {<cr> overflow: hidden;<cr> padding: 15px 30px !important;<cr> }<cr><cr> html .form-field-text, .form-field-password {<cr> background-image: -webkit-gradient(linear,left top,left bottom,from(#f8f8f8),to(#fff));<cr> background-image: -moz-linear-gradient(top,#f8f8f8,#fff);<cr> cursor: text;<cr> display: block;<cr> font: 18px/24px helvetica neue,helvetica,arial;<cr> margin: 15px 0;<cr> padding: 5px 10px;<cr> position: relative;<cr> width: 95%;<cr> z-index: 1;<cr> }<cr><cr> html .form-field-submit[type="submit"] {<cr> background: #004e9e;<cr> background: -webkit-gradient(linear, left top, left bottom, from(#0079be), to(#004e9e));<cr> background: -moz-linear-gradient(top, #0079be, #004e9e);<cr> border: medium none;<cr> border-radius: 5px 5px 5px 5px;<cr> color: #FFFFFF;<cr> display: inline-block;<cr> font: 18px/38px helvetica neue,helvetica,arial;<cr> height: 40px;<cr> opacity: 0.9;<cr> padding: 0 20px;<cr> margin: 0 0 10px;<cr> cursor: pointer;<cr> position: relative;<cr> text-decoration: none;<cr> text-shadow: 0 -1px 1px rgba(0, 0, 0, 0.75);<cr> }<cr><cr> html .form-field-submit[type="submit"]:hover, .form-field-submit:hover, .form-field-submit:focus, .form-field-submit:active {<cr> opacity: 1;<cr> }<cr><cr> html .form-field-align-right {<cr> float: right;<cr> }<cr><cr> html .form-field-submit .form-field-align-right {<cr> margin: 15px 0;<cr> }<cr><cr> html .success-message {<cr> color: #333333;<cr> font: 16px arial;<cr> position: relative;<cr> text-align: center;<cr> line-height: 24px;<cr> padding: 15px 0 10px 0;<cr> }<cr><cr> html .desc-message {<cr> color: #333333;<cr> font: 14px arial;<cr> position: relative;<cr> padding: 10px 0 24px 0;<cr> }<cr><cr> html .icn-success {<cr> vertical-align: bottom;<cr> }<cr><cr> html .icn-message {<cr> margin-left: 5px;<cr> }<cr> </style><cr></head><cr><body><cr> <div id="form-body"><cr> <div id="form-content"><cr> <div class="form-signin-logo"><cr> </div><cr> <table class="form-signin-outer"><cr> <tr><cr> <td class="form-signin-wrapper"><cr> <div class="form-signin"><cr> <h2 class="form-page-title">Authentication and Access Control</h2><cr> <div id="form-page-content" class="form-page-content"><cr> <form id="form-login-page" action="/nclogin.submit" method="POST"><cr> <div class="success-message" style="display: block;"><cr> <span class="icn-success"><cr> <img src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABgAAAAYCAYAAADgdz34AAAABHNCSVQICAgIfAhkiAAAAAlwSFlzAAALEgAACxIB0t1+/AAAABx0RVh0U29mdHdhcmUAQWRvYmUgRmlyZXdvcmtzIENTNui8sowAAAAVdEVYdENyZWF0aW9uIFRpbWUAMTAvMy8xNKPrw1UAAAIhSURBVEiJvZYxaFNBGMd/eTFtiRhT0CxVS7amDaXgEBVaaKYOupRGeHRzMG6RQKcKLtYlYHBLA07yeFDrZAZ1CVRQMlQEG1NEKIE+hCKktFiILg53F+t7L+nLU/xv9913v+/u+O77LkAPLZojCUAHZoEkEJVT+8AWUAVMQ7ca3RiBLuAxoABc77WBY6oAS4ZubZ8YYNEcyQKPgUGPcKU2kDN0a/W4UbPBHwAlH3DkmpJkdNQ5gdx5yQfYTXfUSQISPgZ8wN/O3dQGpgzd2lZXVPALn4nfZHR4wm4elEwCMhU/+YXfTj3i6OchxTe3aOy9s7uMa4g89w0HCIfOsJx+xuULc3Y3XUM8It9wpWarTmPvrd11VkO8UIeyqSIP514THoj8YZ9P5h3wjZ01VqoZjn4c2DFJjd/PH4DwQITl9DrT8QyXouPcS693gmRTReaTeQe8XMu7wQGip+yWROwaidiVzlgFabbqTMczrvBeCk4uRO4CQ8rw9eAL377vkohdJRQUmXt26LwjFb3AgX0NURUdi7vcKQBP39/3AgfY0hAl16Fmq+4apFzL8+rzEy9wgKoGmN1m7UHKtTwbO2te4QCmqkUv6FH7R4cnOHf6Ipu7L/uBVwzduqFq0RKiQLmq2ar3C29LpugHshPl+iGcoJzqbkFl+fj8cHNyIRICZv4SvmLoVkEN/m/LBJAOU4hG7lUVRINZtU+4/iqU/sW35RchvsT4V18mrwAAAABJRU5ErkJggg==" align="top"/><cr> </span><cr> <span class="icn-message">You have successfully signed in.</span><cr> </div><cr> <div class="desc-message" style="display: block;"><cr> You now have access to restricted resources on this site based on your account permissions. Please remember to sign out.<cr> </div><cr> <div id="form-page-fields"><cr> <input type="hidden" name="f_method" id="method_entry" value="LOGOUT" class="form-field-text" placeholder="Method" autocomplete="off"><cr> <input id="Submit" class="form-field-submit form-field-align-right" type="submit" value="Sign out" name="Submit"><cr> </div><cr> </form><cr> </div><cr> </div><cr> </td><cr> </tr><cr> </table><cr> </div><cr> </div><cr></body><cr></html>
rp_headers = Connection: Close
Content-Type: text/html
Cache-Control: no-store, no-cache, must-revalidate
rp_status_code = 200 OK
rp_type = 2
#scope:<response_page>::scope_data:<default-logout-success-page>
rp_body = <!DOCTYPE html><cr><html><cr><head><cr> <title>Authentication and Access Control</title><cr> <style type="text/css"><cr> html {<cr> height: 100%;<cr> }<cr> html body {<cr> background: none repeat scroll 0 0 #999999;<cr> margin: 0;<cr> height: 100%;<cr> }<cr> html body #form-body {<cr> margin: 0 auto;<cr> min-height: 100%;<cr> overflow: auto;<cr> position: relative;<cr> background-color: #405F8D;<cr> background-image: -moz-linear-gradient(center top , #405F8D, #001133);<cr> }<cr><cr> html .form-signin-logo {<cr> height: 35%;<cr> left: 0;<cr> position: absolute;<cr> right: 0;<cr> top: 15px;<cr> z-index: 103; <cr> }<cr><cr> html .form-signin-outer {<cr> bottom: 0;<cr> left: 0;<cr> position: absolute;<cr> right: 0;<cr> top: 35%;<cr> width: 100%;<cr> z-index: 103; <cr> }<cr><cr> table {<cr> border-collapse: collapse;<cr> border-spacing: 0;<cr> }<cr><cr> html .form-signin-wrapper {<cr> vertical-align: top;<cr> width: 100%;<cr> }<cr><cr> html .form-signin {<cr> background-color: #F7F7F7;<cr> background-image: -moz-linear-gradient(center top , #F8F8F8, #E7E7E7);<cr> border-radius: 10px 10px 10px 10px;<cr> box-shadow: 0 0 10px rgba(0, 0, 0, 0.75);<cr> font: 12px helvetica neue,helvetica,arial;<cr> left: 50%;<cr> margin-left: -260px;<cr> position: relative;<cr> width: 520px;<cr> }<cr><cr> html .form-page-title {<cr> background-color: #D8D8DD;<cr> background-image: -moz-linear-gradient(center top , #D8D8DD, #E3E3E6);<cr> color: #000000;<cr> font: bold 18px/20px arial !important;<cr> height: 20px;<cr> margin-bottom: -1px;<cr> padding: 10px 15px;<cr> }<cr><cr> html .form-signin h2 {<cr> border-top-left-radius: 10px;<cr> border-top-right-radius: 10px;<cr> }<cr><cr> input[type="text"], input[type="password"] {<cr> border: 1px solid #DDDDDD;<cr> border-radius: 3px 3px 3px 3px;<cr> }<cr><cr> html #form-login-page {<cr> overflow: hidden;<cr> padding: 15px 30px !important;<cr> }<cr><cr> html .form-field-text, .form-field-password {<cr> background-image: -webkit-gradient(linear,left top,left bottom,from(#f8f8f8),to(#fff));<cr> background-image: -moz-linear-gradient(top,#f8f8f8,#fff);<cr> cursor: text;<cr> display: block;<cr> font: 18px/24px helvetica neue,helvetica,arial;<cr> margin: 15px 0;<cr> padding: 5px 10px;<cr> position: relative;<cr> width: 95%;<cr> z-index: 1;<cr> }<cr><cr> html .form-field-submit[type="submit"] {<cr> background: #004e9e;<cr> background: -webkit-gradient(linear, left top, left bottom, from(#0079be), to(#004e9e));<cr> background: -moz-linear-gradient(top, #0079be, #004e9e);<cr> border: medium none;<cr> border-radius: 5px 5px 5px 5px;<cr> color: #FFFFFF;<cr> display: inline-block;<cr> font: 18px/38px helvetica neue,helvetica,arial;<cr> height: 40px;<cr> opacity: 0.9;<cr> padding: 0 20px;<cr> margin: 0 0 10px;<cr> cursor: pointer;<cr> position: relative;<cr> text-decoration: none;<cr> text-shadow: 0 -1px 1px rgba(0, 0, 0, 0.75);<cr> }<cr><cr> html .form-field-submit[type="submit"]:hover, .form-field-submit:hover, .form-field-submit:focus, .form-field-submit:active {<cr> opacity: 1;<cr> }<cr><cr> html .form-field-align-right {<cr> float: right;<cr> }<cr><cr> html .form-field-submit .form-field-align-right {<cr> margin: 15px 0;<cr> }<cr><cr> html .success-message {<cr> color: #333333;<cr> font: 16px arial;<cr> position: relative;<cr> text-align: center;<cr> padding: 15px 0 10px 0;<cr> }<cr><cr> html .desc-message {<cr> color: #333333;<cr> font: 14px arial;<cr> position: relative;<cr> padding: 10px 0 24px 0;<cr> }<cr><cr> html .icn-success {<cr> vertical-align: bottom;<cr> }<cr><cr> html .icn-message {<cr> margin-left: 5px;<cr> line-height: 24px;<cr> }<cr> </style><cr></head><cr><body><cr> <div id="form-body"><cr> <div id="form-content"><cr> <div class="form-signin-logo"><cr> </div><cr> <table class="form-signin-outer"><cr> <tr><cr> <td class="form-signin-wrapper"><cr> <div class="form-signin"><cr> <h2 class="form-page-title">Authentication and Access Control</h2><cr> <div id="form-page-content" class="form-page-content"><cr> <form id="form-login-page"><cr> <div class="success-message" style="display: block;"><cr> <span class="icn-success"><cr> <img src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABgAAAAYCAYAAADgdz34AAAABHNCSVQICAgIfAhkiAAAAAlwSFlzAAALEgAACxIB0t1+/AAAABx0RVh0U29mdHdhcmUAQWRvYmUgRmlyZXdvcmtzIENTNui8sowAAAAVdEVYdENyZWF0aW9uIFRpbWUAMTAvMy8xNKPrw1UAAAIhSURBVEiJvZYxaFNBGMd/eTFtiRhT0CxVS7amDaXgEBVaaKYOupRGeHRzMG6RQKcKLtYlYHBLA07yeFDrZAZ1CVRQMlQEG1NEKIE+hCKktFiILg53F+t7L+nLU/xv9913v+/u+O77LkAPLZojCUAHZoEkEJVT+8AWUAVMQ7ca3RiBLuAxoABc77WBY6oAS4ZubZ8YYNEcyQKPgUGPcKU2kDN0a/W4UbPBHwAlH3DkmpJkdNQ5gdx5yQfYTXfUSQISPgZ8wN/O3dQGpgzd2lZXVPALn4nfZHR4wm4elEwCMhU/+YXfTj3i6OchxTe3aOy9s7uMa4g89w0HCIfOsJx+xuULc3Y3XUM8It9wpWarTmPvrd11VkO8UIeyqSIP514THoj8YZ9P5h3wjZ01VqoZjn4c2DFJjd/PH4DwQITl9DrT8QyXouPcS693gmRTReaTeQe8XMu7wQGip+yWROwaidiVzlgFabbqTMczrvBeCk4uRO4CQ8rw9eAL377vkohdJRQUmXt26LwjFb3AgX0NURUdi7vcKQBP39/3AgfY0hAl16Fmq+4apFzL8+rzEy9wgKoGmN1m7UHKtTwbO2te4QCmqkUv6FH7R4cnOHf6Ipu7L/uBVwzduqFq0RKiQLmq2ar3C29LpugHshPl+iGcoJzqbkFl+fj8cHNyIRICZv4SvmLoVkEN/m/LBJAOU4hG7lUVRINZtU+4/iqU/sW35RchvsT4V18mrwAAAABJRU5ErkJggg==" align="top"/><cr> </span><cr> <span class="icn-message">You have successfully signed out.</span><cr> </div><cr> <div class="desc-message" style="display: block;"><cr> Please sign in to access restricted resources on this site based on your account permissions.<cr> </div><cr> </form><cr> </div><cr> </div><cr> </td><cr> </tr><cr> </table><cr> </div><cr> </div><cr></body><cr></html>
rp_headers = Connection: Close
Content-Type: text/html
Cache-Control: no-store, no-cache, must-revalidate
rp_status_code = 200 OK
rp_type = 2
#scope:<response_page>::scope_data:<default-suspected-activity-error-page>
rp_body = <div style="border: 3px solid #4991C5; font:1.5em; font-family:tahoma,calibri,arial; font-weight:bold; color:#0A4369; padding:5px; margin:10px; text-align:center"> Suspected activity on the website, the URL requested is inaccessible at this time. Please try after some time or close and relaunch the browser and try again.</div>
rp_headers = Connection: Close
Content-Type: text/html
rp_status_code = 404 Not Found
rp_type = 0
#scope:<response_page>::scope_data:<default-virus>
rp_body = <div style="border: 3px solid #4991C5; font:1.5em; font-family:tahoma,calibri,arial; font-weight:bold; color:#0A4369; padding:5px; margin:10px; text-align:center"> The file uploaded to %host%s is found to be infected with a virus. Upload aborted.</div>
rp_headers = Connection: Close
Content-Type: text/html
rp_status_code = 404 Not Found
rp_type = 0
#scope:<session_information>::scope_data:<asp-dot-net-session>
si_session_token_name = ASP.Net_SessionID
si_session_token_type = 3
#scope:<session_information>::scope_data:<aspsessionid-session>
si_session_token_name = ASPSESSIONID
si_session_token_type = 3
#scope:<session_information>::scope_data:<coldfusion-session>
si_session_token_name = CFID
si_session_token_type = 3
#scope:<session_information>::scope_data:<j2ee-jsessionid-cookie-session>
si_session_token_name = JSESSIONID
si_session_token_type = 3
#scope:<session_information>::scope_data:<j2ee-jsessionid-url-session>
si_session_token_name = ;JSESSIONID
si_session_token_type = 6
si_url_session_token_end_delimiter = ;
si_url_session_token_start_delimiter = =
#scope:<session_information>::scope_data:<j2ee-session>
si_session_token_name = JSESSION
si_session_token_type = 3
#scope:<session_information>::scope_data:<jws-id-session>
si_session_token_name = jwssessionid
si_session_token_type = 3
#scope:<session_information>::scope_data:<php-bb-mysql-session>
si_session_token_name = phpbb2mysqlsession
si_session_token_type = 5
#scope:<session_information>::scope_data:<phpsessid-session>
si_session_token_name = phpsessid
si_session_token_type = 3
#scope:<session_information>::scope_data:<phpsessionid-session>
si_session_token_name = phpsessionid
si_session_token_type = 3
#scope:<session_information>::scope_data:<sap-session>
si_session_token_name = sid
si_session_token_type = 6
si_url_session_token_end_delimiter = )
si_url_session_token_start_delimiter = (
#scope:<vsite>::scope_data:<default>
vsite_configured_active_on = 2473849
vsite_id = 10
vsite_interface = WAN
vsite_service_groups = default
#scope:<web_scraping_wl_parent>::scope_data:<baidu>
web_scraping_wl_host = *.baidu.com
*.baidu.jp
web_scraping_wl_identifier = 1
web_scraping_wl_user_agent = (Header User-Agent co baiduspider)
#scope:<web_scraping_wl_parent>::scope_data:<google>
web_scraping_wl_host = *.googlebot.com
*.google.com
web_scraping_wl_identifier = 1
web_scraping_wl_user_agent = (Header User-Agent co googlebot) || (Header User-Agent co adsbot) || (Header User-Agent co mediapartners-google)
#scope:<web_scraping_wl_parent>::scope_data:<microsoft>
web_scraping_wl_host = *.search.msn.com
web_scraping_wl_identifier = 1
web_scraping_wl_user_agent = (Header User-Agent co bingbot) || (Header User-Agent co msnbot)
#scope:<web_scraping_wl_parent>::scope_data:<yahoo>
web_scraping_wl_host = *.yahoo.net
web_scraping_wl_identifier = 1
web_scraping_wl_user_agent = (Header User-Agent co slurp)
#scope:<web_scraping_wl_parent>::scope_data:<yandex>
web_scraping_wl_host = *.yandex.ru
*.yandex.net
*.yandex.com
web_scraping_wl_identifier = 1
web_scraping_wl_user_agent = (Header User-Agent co yandex)
#scope:<web_scraping_wl_parent>::scope_data:<twitter>
web_scraping_wl_identifier = 0
web_scraping_wl_ip = 199.59.148.209,199.59.148.210,199.59.148.211,199.16.156.124,199.16.156.125,199.16.156.126
web_scraping_wl_user_agent = (Header User-Agent co twitterbot)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment