I have seen this a lot with routers and PIXs. Traffic with a source port of port 80 and destination of a dynamic port is denied on the outside interface.
The traffic is from legitimate web servers that users are browsing through the NATed inspected interface. The websites appear to be working fine though. It does produce a lot of denies in my MARS logging though.
It this normal or do I have a config problem? Is there something up with the web server not returning traffic correctly?
I have attached the sanitised config.