feat(scenario): add JMAP HTTP brute-force scenario for boris22100

[boris22100]

Description

This PR introduces a new HTTP scenario to detect brute-force attacks targeting JMAP (JSON Meta Application Protocol - RFC 8620) endpoints.

JMAP relies fully on HTTP/HTTPS. This scenario monitors HTTP access logs (from reverse proxies like Traefik, Nginx, Caddy, etc.) and triggers a ban if a source IP accumulates multiple 401 Unauthorized or 403 Forbidden responses on the /jmap path within a short window.

This is particularly useful for protecting modern mail servers like Stalwart or Apache James that implement the JMAP specification.

Checklist

• I have read the contributing guide
• I have tested my changes locally
• For new parsers or scenarios, tests have been added
• I have run the hub linter and no issues were reported (see contributing guide)
• Automated tests are passing
• AI was used to generate any/all content of this PR

[sabban]

Hi,

Can you provide some tests in this PR, see https://docs.crowdsec.net/docs/log_processor/scenarios/create/

Regards,