--f2987a25-A--
[15/Mar/2010:12:40:19 --0400] iVnUykggRhIAAGitJFoAAAAF 173.13.209.209 57156 72.32.70.18 80
--f2987a25-B--
GET /misc/jquery.cookie.js HTTP/1.1
Host: www.beta.fiercecio.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/532.5 (KHTML, like Gecko) Chrome/4.0.249.89 Safari/532.5
Referer: http://www.beta.fiercecio.com/
Cache-Control: max-age=0
If-Modified-Since: Wed, 08 Apr 2009 16:47:06 GMT
Accept: */*
If-None-Match: "13aaf59-1113-4670de1b7d680"
Accept-Encoding: gzip,deflate,sdch
Cookie: SESS9a25c75ea95eb2a4cadc482b310acd1c=jpqc7qcs5e9ha0i3g31t3c5jm7; __utma=25780394.1473196723.1267626156.1267626156.1267626156.1; __utmz=25780394.1267626156.1.1.utmccn=(direct)|utmcsr=(direc t)|utmcmd=(none); SESS81f7e5ff20901dae9737a17524e83d1a=j537lht5sd9t9nrk55s0jhj691; __utma=101955090.1558543083.1268670313.1268670313.1268670313.1; __utmc=101955090; __utmz=101955090.1268670313.1.1 .utmccn=(direct)|utmcsr=(direct)|utmcmd=(none); pushsub-box-viewed=yes; __utmb=101955090
Accept-Language: en-US,en;q=0.8
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

--f2987a25-F--
HTTP/1.1 304 Not Modified
Last-Modified: Wed, 08 Apr 2009 16:47:06 GMT
ETag: "13aaf59-1113-4670de1b7d680"
Accept-Ranges: bytes
Content-Length: 0
Cache-Control: max-age=1209600
Expires: Mon, 29 Mar 2010 16:40:19 GMT
Connection: close
Content-Type: application/x-javascript

--f2987a25-E--

--f2987a25-H--
Message: Pattern match "\.cookie\b" at REQUEST_FILENAME. [file "/etc/httpd/modsecurity.d/base_rules/modsecurity_crs_41_xss_attacks.conf"] [line "111"] [id "958001"] [rev "2.0.5"] [msg "Cross-site  Scripting (XSS) Attack"] [data ".cookie"] [severity "CRITICAL"] [tag "WEB_ATTACK/XSS"] [tag "WASCTC/WASC-8"] [tag "WASCTC/WASC-22"] [tag "OWASP_TOP_10/A2"] [tag "OWASP_AppSensor/IE1"] [tag "PCI/6. 5.1"]
Message: Operator GE matched 20 at TX:anomaly_score. [file "/etc/httpd/modsecurity.d/base_rules/modsecurity_crs_49_enforcement.conf"] [line "25"] [msg "Anomaly Score Exceeded (score 20): Cross-sit e Scripting (XSS) Attack"]
Message: Operator GE matched 20 at TX:anomaly_score. [file "/etc/httpd/modsecurity.d/base_rules/modsecurity_crs_49_inbound_blocking.conf"] [line "18"] [msg "Inbound Anomaly Score Exceeded (Total S core: 20, SQLi=, XSS=20): Cross-site Scripting (XSS) Attack"]
Message: Warning. Operator GE matched 20 at TX:inbound_anomaly_score. [file "/etc/httpd/modsecurity.d/base_rules/modsecurity_crs_60_correlation.conf"] [line "35"] [msg "Inbound Anomaly Score Excee ded (Total Inbound Score: 20, SQLi=, XSS=20): Cross-site Scripting (XSS) Attack"]
Stopwatch: 1268671219094730 8657 (4268 7183 -)
Response-Body-Transformed: Dechunked
Producer: ModSecurity for Apache/2.5.12 (http://www.modsecurity.org/); core ruleset/2.0.5.
Server: Apache/2.2.3 (Red Hat)

--f2987a25-Z--