This is flagged by NoScript as a potential XSS attempt:
htxp://ajax.googleapis.com/ajax/services/search/web?v=1.0&key=ABQIAAAADQJp_C6OaW6hvHOMrOnyTRSJ36dQUZSEtUNltVpyNDSTnR8ihRSMP6upCTiKY-Eecqqq5JsdgenlYg&q=Error%3A+not+well-formed+Source+File%3A+Line%3A+1%2C+Column%3A+52+Source+Code%3A+%20body+xmlns%20%20http%3A//www.w3.org/1999/xhtml%20%3E%26channel%20{flock%3Acontext}%26q%20http%3A//www.lpefund.com/%26ie%20utf-8%26oe%20utf-8%26aq%20t%20
/#41979623402091193601
Firekeeper alert details: === Triggered rule ===
alert(url_content:"%3Cbody"; nocase; msg:"<body> tags GET request cross site scripting attempt"; url_re:"/%3Cbody.*%3E/i"; reference:url,http://ha.ckers.org/xss.html; reference:url,http://en.wikipedia.org/wiki/Cross-site_scripting;)
=== Request URL ===
as given above (broken link)
polonus
