Untitled

--4b7dd91d-A--
[02/Apr/2016:17:58:43 +0200] Vv-sM38AAAEAACzPMYUAAAAV 192.168.0.100 38976 192.168.0.104 443
--4b7dd91d-B--
PROPFIND /remote.php/webdav/ HTTP/1.1
Host: two.zz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Firefox/45.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
requesttoken: ZTcgfBMTKh8jNAg3FjwMDgJgNhkhRRodfA4oOiwnBHs=:WaY4xBivddMSlPNhgTYjC1ojMxPLUQR+eVUWWZkXTsw=
Depth: 1
Content-Type: application/xml; charset=utf-8
Content-Length: 390
Cookie: oc3hg6789ldj=2rm46rf44ib1heg434mpniqrl2;
oc_sessionPassphrase=tWHbf%2Bk6IT0kF380u9uGK1vv87KNQd71ZScg7AA4YiKqjpsga9FNEZ2Ag%2FQ139rlJYk9kaZEakZRlRysfSBoLNJaRpemgFNJBckKHYI5X5B%2BSeEWEpOtdLg17eY3Hbn%2F
Connection: keep-alive

--4b7dd91d-F--
HTTP/1.1 403 Forbidden
Strict-Transport-Security: max-age=15768000; includeSubdomains; preload
Content-Length: 227
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

--4b7dd91d-H--
Message: Access denied with code 403 (phase 1). Match of "within %{tx.allowed_methods}" against "REQUEST_METHOD" required.
[file "/etc/modsecurity/base_rules/modsecurity_crs_30_http_policy.conf"] [line "31"] [id "960032"] [rev "2"]
[msg "Method is not allowed by policy"] [data "PROPFIND"] [severity "CRITICAL"] [ver "OWASP_CRS/2.2.7"] [maturity "9"]
[accuracy "9"] [tag "OWASP_CRS/POLICY/METHOD_NOT_ALLOWED"] [tag "WASCTC/WASC-15"] [tag "OWASP_TOP_10/A6"]
[tag "OWASP_AppSensor/RE1"] [tag "PCI/12.1"]
Action: Intercepted (phase 1)
Stopwatch: 1459612723769458 586 (- - -)
Stopwatch2: 1459612723769458 586; combined=216, p1=195, p2=0, p3=0, p4=0, p5=21, sr=58, sw=0, l=0, gc=0
Producer: ModSecurity for Apache/2.7.4 (http://www.modsecurity.org/); OWASP_CRS/2.2.7.
Server: Apache
Engine-Mode: "ENABLED"

--4b7dd91d-Z--