Quantcast
Channel: All EdgeRouter posts
Viewing all articles
Browse latest Browse all 60861

Re: Squid Guard Functionality

September 14, 2016, 7:07 pm
$
0
0

If all you're trying to do is log the web activity the follow should work:

 

ubnt@ERL-1:~$ configure 
[edit]
ubnt@ERL-1# show service webproxy enable-access-log
 listen-address 192.168.1.1 {
 }
 listen-address 192.168.2.1 {
 }
[edit]

However if the webproxy (squid) is in trasparent mode, then it won't see https.  Also note that the access log will do a log of writing to flash that could cause flash to wear out quicker.

 

Below is the raw log out put from just a single access to cnn.com:

 

ubnt@ERL-1:~$ show webproxy log 
1473904473.383    163 192.168.2.10 TCP_MISS/200 2041 GET http://sr.symcd.com/MFYwVKADAgEAME0wSzBJMAkGBSsOAwIaBQAEFHQkFGcGn%2FXgmD9ePhproGUqVBV1BBQBWavn3ToLWaZkY9bPIAdX1ZHnagIQIHtlB41IS9WM52Nv0PzFZw%3D%3D - ORIGINAL_DST/23.5.251.27 apploe
1473904473.389    166 192.168.2.10 TCP_MISS/200 2041 GET http://sr.symcd.com/MFYwVKADAgEAME0wSzBJMAkGBSsOAwIaBQAEFHQkFGcGn%2FXgmD9ePhproGUqVBV1BBQBWavn3ToLWaZkY9bPIAdX1ZHnagIQIHtlB41IS9WM52Nv0PzFZw%3D%3D - ORIGINAL_DST/23.5.251.27 apploe
1473904473.462     30 192.168.2.10 TCP_MISS/200 2041 GET http://sr.symcd.com/MFYwVKADAgEAME0wSzBJMAkGBSsOAwIaBQAEFHQkFGcGn%2FXgmD9ePhproGUqVBV1BBQBWavn3ToLWaZkY9bPIAdX1ZHnagIQTOW8Xi8cH0KH6mVgfCegaQ%3D%3D - ORIGINAL_DST/23.5.251.27 apploe
1473904473.552     96 192.168.2.10 TCP_MISS/200 2207 GET http://s2.symcb.com/MFYwVKADAgEAME0wSzBJMAkGBSsOAwIaBQAEFLnpsocChQP47KX7QuE%2BD0nHJCbiBBR%2F02Wnwt3su%2FAwCfNDOfoCrzMxMwIQfuFKb2%2Fv8tN%2FP61lTTratA%3D%3D - ORIGINAL_DST/23.5.251pe
1473904473.560    101 192.168.2.10 TCP_MISS/200 2207 GET http://s2.symcb.com/MFYwVKADAgEAME0wSzBJMAkGBSsOAwIaBQAEFLnpsocChQP47KX7QuE%2BD0nHJCbiBBR%2F02Wnwt3su%2FAwCfNDOfoCrzMxMwIQfuFKb2%2Fv8tN%2FP61lTTratA%3D%3D - ORIGINAL_DST/23.5.251pe
pplication/ocsp-response
1473904474.122     27 192.168.2.10 TCP_MISS/200 2041 GET http://sr.symcd.com/MFYwVKADAgEAME0wSzBJMAkGBSsOAwIaBQAEFHQkFGcGn%2FXgmD9ePhproGUqVBV1BBQBWavn3ToLWaZkY9bPIAdX1ZHnagIQEyA4ubHXyrHK2FbDJD3q1A%3D%3D - ORIGINAL_DST/23.5.251.27 apploe
1473904478.296   2845 192.168.2.10 TCP_MISS/200 3526600 GET http://swcdn.apple.com/content/downloads/01/41/031-77795/yx8wrnbaklqxhtomo0ayr2fpx7fsieg68g/GatekeeperConfigData.pkg - ORIGINAL_DST/17.253.13.204 application/octet-stream
1473904484.436    206 192.168.2.10 TCP_MISS/200 29998 GET http://www.cnn.com/ - ORIGINAL_DST/151.101.52.73 text/html
1473904484.677    228 192.168.2.10 TCP_MISS/200 42392 GET http://www.i.cdn.cnn.com/.a/1.295.4/css/global.css - ORIGINAL_DST/151.101.52.73 text/css
1473904484.852    168 192.168.2.10 TCP_MISS/200 111678 GET http://www.i.cdn.cnn.com/.a/1.295.4/css/pages/page.css - ORIGINAL_DST/151.101.52.73 text/css
1473904484.968    107 192.168.2.10 TCP_MISS/200 58710 GET http://www.i.cdn.cnn.com/.a/bundles/cnn-header.09859e4a354c308bb7d3-first-bundle.js - ORIGINAL_DST/151.101.52.73 application/javascript
1473904485.075     99 192.168.2.10 TCP_MISS/200 48375 GET http://www.i.cdn.cnn.com/.a/1.295.4/js/cnn-header-second.min.js - ORIGINAL_DST/151.101.52.73 application/javascript
1473904485.389    303 192.168.2.10 TCP_MISS/200 115178 GET http://cdn.optimizely.com/js/131788053.js - ORIGINAL_DST/23.209.179.249 text/javascript
ect.com/header/11078.js - ORIGINAL_DST/23.5.38.39 application/javascript
1473904486.104    294 192.168.2.10 TCP_MISS/200 611 GET http://www.ugdturner.com/xd.sjs - ORIGINAL_DST/157.166.238.142 text/javascript
1473904486.358    223 192.168.2.10 TCP_MISS/200 17177 GET http://cdn.krxd.net/controltag? - ORIGINAL_DST/151.101.52.175 text/javascript
1473904486.488    118 192.168.2.10 TCP_MISS/200 2300 GET http://www.googletagservices.com/tag/js/gpt.js - ORIGINAL_DST/216.58.194.162 text/javascript
1473904486.684    145 192.168.2.10 TCP_MISS/304 469 GET http://cdn3.optimizely.com/js/geo2.js - ORIGINAL_DST/23.209.179.249 application/x-javascript
1473904486.768    168 192.168.2.10 TCP_MISS/200 83971 GET http://www.i.cdn.cnn.com/.a/1.295.4/js/cnn-footer-lib.min.js - ORIGINAL_DST/151.101.52.73 application/javascript
1473904486.788    159 192.168.2.10 TCP_MISS/200 6746 GET http://www.i.cdn.cnn.com/.a/1.295.4/js/cnn-analytics.min.js - ORIGINAL_DST/151.101.52.73 application/javascript
1473904486.876    242 192.168.2.10 TCP_MISS/200 6560 GET http://static.chartbeat.com/js/chartbeat_mab.js - ORIGINAL_DST/151.101.52.249 application/x-javascript
1473904486.964    347 192.168.2.10 TCP_MISS/200 63999 GET http://z.cdn.turner.com/analytics/cnnexpan/jsmd.min.js - ORIGINAL_DST/23.34.169.228 application/x-javascript
1473904486.992    383 192.168.2.10 TCP_MISS/304 390 GET http://i.cdn.turner.com/cnn/.e1mo/img/4.0/logos/menu_style.png - ORIGINAL_DST/23.34.169.228 image/png
om/serve/load.js? - ORIGINAL_DST/184.25.56.195 application/x-javascript
1473904487.116     53 192.168.2.10 TCP_MISS/200 4225 GET http://www.i.cdn.cnn.com/.a/1.295.4/assets/sprite-chrome.png - ORIGINAL_DST/151.101.52.73 image/png
1473904487.359     56 192.168.2.10 TCP_MISS/200 7669 GET http://www.i.cdn.cnn.com/.a/1.295.4/assets/video_buffer_square_blk.gif - ORIGINAL_DST/151.101.52.73 image/gif
1473904487.364     88 192.168.2.10 TCP_MISS/200 5398 GET http://www.cnn.com/data/ocs/section/index.html:homepage2-zone-1/views/zones/common/zone-manager.html - ORIGINAL_DST/151.101.52.73 text/html
1473904487.424    133 192.168.2.10 TCP_MISS/200 6715 GET http://www.cnn.com/data/ocs/section/index.html:homepage3-zone-1/views/zones/common/zone-manager.html - ORIGINAL_DST/151.101.52.73 text/html
1473904487.424    126 192.168.2.10 TCP_MISS/200 5098 GET http://www.cnn.com/data/ocs/section/index.html:homepage4-zone-1/views/zones/common/zone-manager.html - ORIGINAL_DST/151.101.52.73 text/html
1473904487.434    131 192.168.2.10 TCP_MISS/200 3576 GET http://www.cnn.com/data/ocs/section/index.html:homepage4-zone-2/views/zones/common/zone-manager.html - ORIGINAL_DST/151.101.52.73 text/html
1473904487.449     76 192.168.2.10 TCP_MISS/200 1092 GET http://www.cnn.com/data/ocs/section/index.html:homepage4-zone-5/views/zones/common/zone-manager.html - ORIGINAL_DST/151.101.52.73 text/html
ORIGINAL_DST/151.101.52.73 text/html
1473904487.460    143 192.168.2.10 TCP_MISS/200 3258 GET http://www.cnn.com/data/ocs/section/index.html:homepage4-zone-4/views/zones/common/zone-manager.html - ORIGINAL_DST/151.101.52.73 text/html
1473904487.506     72 192.168.2.10 TCP_MISS/200 5303 GET http://www.cnn.com/data/ocs/section/index.html:homepage4-zone-6/views/zones/common/zone-manager.html - ORIGINAL_DST/151.101.52.73 text/html
1473904487.513     78 192.168.2.10 TCP_MISS/200 3150 GET http://www.cnn.com/data/ocs/section/index.html:homepage4-zone-7/views/zones/common/zone-manager.html - ORIGINAL_DST/151.101.52.73 text/html
1473904487.525    147 192.168.2.10 TCP_MISS/200 12731 GET http://i2.cdn.turner.com/cnnnext/dam/assets/160913201217-romney-mccain-dukakis-mondale-split-small-tease.jpg - ORIGINAL_DST/23.34.169.228 image/jpeg
1473904487.525    143 192.168.2.10 TCP_MISS/200 13280 GET http://i2.cdn.turner.com/cnnnext/dam/assets/160914201453-donald-trump-pastor-0914-medium-tease.jpg - ORIGINAL_DST/23.34.169.228 image/jpeg
1473904487.561    176 192.168.2.10 TCP_MISS/200 69644 GET http://i2.cdn.turner.com/cnnnext/dam/assets/160914123422-donald-trump-dr-oz-overlay-tease.jpg - ORIGINAL_DST/23.34.169.228 image/jpeg
1473904487.674     66 192.168.2.10 TCP_MISS/200 5848 GET http://www.i.cdn.cnn.com/.a/bundles/weather.e30b0f2989205a1f559f.bundle.js - ORIGINAL_DST/151.101.52.73 application/javascript
om/cnnnext/dam/assets/160912171204-cnn-money-chipotle-workers-medium-tease.jpg - ORIGINAL_DST/23.34.169.228 image/jpeg
1473904487.701     88 192.168.2.10 TCP_MISS/200 30118 GET http://i2.cdn.turner.com/cnnnext/dam/assets/160914071826-chinese-adoption-friends-reunited-us-texas-pkg-00000215-large-tease.jpg - ORIGINAL_DST/23.34.169.228 image/jpeg
1473904487.719     60 192.168.2.10 TCP_MISS/200 1800 GET http://www.i.cdn.cnn.com/.a/bundles/usabilla.1467a99c313beb3ded5b.bundle.js - ORIGINAL_DST/151.101.52.73 application/javascript
1473904487.719    106 192.168.2.10 TCP_MISS/200 43809 GET http://i2.cdn.turner.com/cnnnext/dam/assets/160913201217-romney-mccain-dukakis-mondale-split-large-tease.jpg - ORIGINAL_DST/23.34.169.228 image/jpeg
1473904487.729    340 192.168.2.10 TCP_MISS/304 389 GET http://a.visualrevenue.com/vrs.js - ORIGINAL_DST/184.25.56.59 application/x-javascript
1473904487.748    116 192.168.2.10 TCP_MISS/200 19768 GET http://i2.cdn.turner.com/cnnnext/dam/assets/160914121250-e-vape-battery-explosion-new-jersey-pkg-00000618-large-tease.jpg - ORIGINAL_DST/23.34.169.228 image/jpeg
1473904487.760    132 192.168.2.10 TCP_MISS/200 31455 GET http://i2.cdn.turner.com/cnnnext/dam/assets/160914124820-janehainingportrait-cropped-large-tease.jpg - ORIGINAL_DST/23.34.169.228 image/jpeg
1473904487.766    144 192.168.2.10 TCP_MISS/200 42386 GET http://i2.cdn.turner.com/cnnnext/dam/assets/160912181509-01-what-a-shot-sports-0913-restricted-large-tease.jpg - ORIGINAL_DST/23.34.169.228 image/jpeg
om/cnnnext/dam/assets/160914121250-e-vape-battery-explosion-new-jersey-pkg-00000618-medium-tease.jpg - ORIGINAL_DST/23.34.169.228 image/jpeg
1473904487.902     68 192.168.2.10 TCP_MISS/200 10863 GET http://i2.cdn.turner.com/cnnnext/dam/assets/160914124820-janehainingportrait-cropped-medium-tease.jpg - ORIGINAL_DST/23.34.169.228 image/jpeg
1473904487.910     76 192.168.2.10 TCP_MISS/200 13771 GET http://i2.cdn.turner.com/cnnnext/dam/assets/160914155230-donald-trump-september-13-large-tease.jpg - ORIGINAL_DST/23.34.169.228 image/jpeg
1473904487.910     76 192.168.2.10 TCP_MISS/200 15462 GET http://i2.cdn.turner.com/cnnnext/dam/assets/160914071826-chinese-adoption-friends-reunited-us-texas-pkg-00000215-medium-tease.jpg - ORIGINAL_DST/23.34.169.228 image/jpeg
1473904487.923     72 192.168.2.10 TCP_MISS/200 19377 GET http://i2.cdn.turner.com/cnnnext/dam/assets/160912180204-mike-pence-intv-trump-hillary-clinton-deplorables-comment-insult-americans-sot-blitzer-tsr-00001724-large-tease.jpg - ORLg
1473904487.923     88 192.168.2.10 TCP_MISS/200 22705 GET http://i2.cdn.turner.com/cnnnext/dam/assets/160912181509-01-what-a-shot-sports-0913-restricted-medium-tease.jpg - ORIGINAL_DST/23.34.169.228 image/jpeg
1473904487.971     61 192.168.2.10 TCP_MISS/200 14157 GET http://i2.cdn.turner.com/cnnnext/dam/assets/111103111007-birth-control-iud-large-tease.jpg - ORIGINAL_DST/23.34.169.228 image/jpeg
 - ORIGINAL_DST/23.34.169.228 image/jpeg
1473904487.990     67 192.168.2.10 TCP_MISS/200 20024 GET http://i2.cdn.turner.com/cnnnext/dam/assets/160803122226-nnaka-halibut-cucumber-ice-cucmber-gelee---photographer-zen-sekizawa-large-tease.jpg - ORIGINAL_DST/23.34.169.228 image/jg
1473904488.004     47 192.168.2.10 TCP_MISS/200 5940 GET http://i2.cdn.turner.com/cnnnext/dam/assets/160914071826-chinese-adoption-friends-reunited-us-texas-pkg-00000215-small-11.jpg - ORIGINAL_DST/23.34.169.228 image/jpeg
1473904488.004     47 192.168.2.10 TCP_MISS/200 6341 GET http://i2.cdn.turner.com/cnnnext/dam/assets/160914105253-8-year-old-rugby-player-small-11.jpg - ORIGINAL_DST/23.34.169.228 image/jpeg
1473904488.030    107 192.168.2.10 TCP_MISS/200 35972 GET http://i2.cdn.turner.com/cnnnext/dam/assets/160914120051-bourdain-looking-at-camera-with-plate-of-food-large-tease.jpg - ORIGINAL_DST/23.34.169.228 image/jpeg
1473904488.030     53 192.168.2.10 TCP_MISS/200 4817 GET http://i2.cdn.turner.com/cnnnext/dam/assets/160910093812-uss-jackson-completes-full-ship-shock-trials-small-11.jpg - ORIGINAL_DST/23.34.169.228 image/jpeg
1473904488.030    350 192.168.2.10 TCP_MISS/304 426 GET http://data.cnn.com/1m/sp/imm.dat - ORIGINAL_DST/23.15.9.177 text/plain
1473904488.049     59 192.168.2.10 TCP_MISS/200 5271 GET http://i2.cdn.turner.com/cnnnext/dam/assets/160912204742-battle-of-body-doubles-moos-pkg-erin-00002126-small-11.jpg - ORIGINAL_DST/23.34.169.228 image/jpeg
-small-11.jpg - ORIGINAL_DST/23.34.169.228 image/jpeg
1473904488.092    339 192.168.2.10 TCP_MISS/200 1209 GET http://jadserve.postrelease.com/t? - ORIGINAL_DST/54.67.49.238 text/javascript
1473904488.113    100 192.168.2.10 TCP_MISS/200 36794 GET http://i2.cdn.turner.com/cnnnext/dam/assets/160914091626-carol-burnett-jimmy-fallon-daily-hit-newday-00004621-large-tease.jpg - ORIGINAL_DST/23.34.169.228 image/jpeg
1473904488.113     75 192.168.2.10 TCP_MISS/200 27094 GET http://i2.cdn.turner.com/cnnnext/dam/assets/160914182155-macey-react-thumb-2-overlay-tease.jpg - ORIGINAL_DST/23.34.169.228 image/jpeg
1473904488.125    112 192.168.2.10 TCP_MISS/200 42312 GET http://i2.cdn.turner.com/cnnnext/dam/assets/160914211128-heroin-couple-3-overlay-tease.jpg - ORIGINAL_DST/23.34.169.228 image/jpeg
1473904488.147    109 192.168.2.10 TCP_MISS/200 48417 GET http://i2.cdn.turner.com/cnnnext/dam/assets/160913161154-shipwreck3-overlay-tease.jpg - ORIGINAL_DST/23.34.169.228 image/jpeg
1473904488.163    104 192.168.2.10 TCP_MISS/200 31842 GET http://i2.cdn.turner.com/cnnnext/dam/assets/160914013440-plane-skid-landing-indonesia-jnd-orig-vstop-00000522-overlay-tease.jpg - ORIGINAL_DST/23.34.169.228 image/jpeg
1473904488.183    123 192.168.2.10 TCP_MISS/200 50423 GET http://i2.cdn.turner.com/cnnnext/dam/assets/160914121250-e-vape-battery-explosion-new-jersey-pkg-00000618-overlay-tease.jpg - ORIGINAL_DST/23.34.169.228 image/jpeg
1473904488.210    471 192.168.2.10 TCP_MISS/304 470 GET http://cdn.livefyre.com/Livefyre.js - ORIGINAL_DST/54.230.142.38 -
1473904488.224     51 192.168.2.10 TCP_MISS/200 7204 GET http://i2.cdn.turner.com/cnnnext/dam/assets/160830223152-cnnmoney-foxtrot-app-btm-small-11.jpg - ORIGINAL_DST/23.34.169.228 image/jpeg
1473904488.240     46 192.168.2.10 TCP_MISS/200 7299 GET http://i2.cdn.turner.com/cnnnext/dam/assets/160913173554-cnnmoney-fb-latino-small-11.jpg - ORIGINAL_DST/23.34.169.228 image/jpeg
1473904488.259    134 192.168.2.10 TCP_MISS/200 50213 GET http://i2.cdn.turner.com/cnnnext/dam/assets/160914112049-pastor-steven-anderson-file-overlay-tease.jpg - ORIGINAL_DST/23.34.169.228 image/jpeg
1473904488.264    139 192.168.2.10 TCP_MISS/200 53279 GET http://i2.cdn.turner.com/cnnnext/dam/assets/160913135541-russia-t-14-armata-1-overlay-tease.jpg - ORIGINAL_DST/23.34.169.228 image/jpeg
1473904488.274     44 192.168.2.10 TCP_MISS/200 7220 GET http://i2.cdn.turner.com/cnnnext/dam/assets/160307173203-10-bhutan-small-11.jpg - ORIGINAL_DST/23.34.169.228 image/jpeg
1473904488.290     42 192.168.2.10 TCP_MISS/200 7207 GET http://i2.cdn.turner.com/cnnnext/dam/assets/160307173503-12-bhutan-small-11.jpg - ORIGINAL_DST/23.34.169.228 image/jpeg
1473904488.294    142 192.168.2.10 TCP_MISS/200 69975 GET http://i2.cdn.turner.com/cnnnext/dam/assets/160913093102-chevy-bolt-overlay-tease.jpg - ORIGINAL_DST/23.34.169.228 image/jpeg
g - ORIGINAL_DST/23.34.169.228 image/jpeg
1473904488.324     49 192.168.2.10 TCP_MISS/200 7207 GET http://i2.cdn.turner.com/cnnnext/dam/assets/160914182155-macey-react-thumb-2-medium-tease.jpg - ORIGINAL_DST/23.34.169.228 image/jpeg
1473904488.324     59 192.168.2.10 TCP_MISS/200 10675 GET http://i2.cdn.turner.com/cnnnext/dam/assets/160914211128-heroin-couple-3-medium-tease.jpg - ORIGINAL_DST/23.34.169.228 image/jpeg
1473904488.344     62 192.168.2.10 TCP_MISS/200 12826 GET http://i2.cdn.turner.com/cnnnext/dam/assets/160913161154-shipwreck3-medium-tease.jpg - ORIGINAL_DST/23.34.169.228 image/jpeg
1473904488.354     59 192.168.2.10 TCP_MISS/200 7684 GET http://i2.cdn.turner.com/cnnnext/dam/assets/160914013440-plane-skid-landing-indonesia-jnd-orig-vstop-00000522-medium-tease.jpg - ORIGINAL_DST/23.34.169.228 image/jpeg
1473904488.366     61 192.168.2.10 TCP_MISS/200 12212 GET http://i2.cdn.turner.com/cnnnext/dam/assets/160913135541-russia-t-14-armata-1-medium-tease.jpg - ORIGINAL_DST/23.34.169.228 image/jpeg
1473904488.366     61 192.168.2.10 TCP_MISS/200 12150 GET http://i2.cdn.turner.com/cnnnext/dam/assets/160914112049-pastor-steven-anderson-file-medium-tease.jpg - ORIGINAL_DST/23.34.169.228 image/jpeg
1473904488.379     48 192.168.2.10 TCP_MISS/200 14716 GET http://i2.cdn.turner.com/cnnnext/dam/assets/160913093102-chevy-bolt-medium-tease.jpg - ORIGINAL_DST/23.34.169.228 image/jpeg
om/cnnnext/dam/assets/160913173330-cnnmoney-designer-homes-large-tease.jpg - ORIGINAL_DST/23.34.169.228 image/jpeg
1473904488.437     76 192.168.2.10 TCP_MISS/200 67595 GET http://i2.cdn.turner.com/cnnnext/dam/assets/160307172548-04-bhutan-large-tease.jpg - ORIGINAL_DST/23.34.169.228 image/jpeg
1473904488.606    275 192.168.2.10 TCP_MISS/200 17192 GET http://i2.cdn.turner.com/cnnnext/dam/assets/160911124652-rs-aaron-brown-intv-00045413-medium-tease.jpg - ORIGINAL_DST/23.34.169.228 image/jpeg
1473904488.623    156 192.168.2.10 TCP_MISS/200 93851 GET http://i2.cdn.turner.com/cnnnext/dam/assets/160912173212-01-cnnphotos-north-korea-ap-tease-restricted-super-tease.jpg - ORIGINAL_DST/23.34.169.228 image/jpeg
1473904488.691    223 192.168.2.10 TCP_MISS/200 170831 GET http://i2.cdn.turner.com/cnnnext/dam/assets/160913093228-01-knievel-snake-river-tbt-super-tease.jpg - ORIGINAL_DST/23.34.169.228 image/jpeg
1473904488.709    241 192.168.2.10 TCP_MISS/200 183566 GET http://i2.cdn.turner.com/cnnnext/dam/assets/160902131805-tease-only-01-magnum-911-restricted-super-tease.jpg - ORIGINAL_DST/23.34.169.228 image/jpeg
1473904488.715    248 192.168.2.10 TCP_MISS/200 189223 GET http://i2.cdn.turner.com/cnnnext/dam/assets/160912181509-01-what-a-shot-sports-0913-restricted-super-tease.jpg - ORIGINAL_DST/23.34.169.228 image/jpeg
1473904488.720    818 192.168.2.10 TCP_MISS/200 26231 GET http://img.bleacherreport.net/cms/media/image/35/2d/12/9f/8ed7/4503/844f/3cd58d2c06e6/crop_exact_Manziel_Columbus.jpg? - ORIGINAL_DST/23.219.88.98 image/jpeg
1473904488.843     58 192.168.2.10 TCP_MISS/200 19645 GET http://i2.cdn.turner.com/cnnnext/dam/assets/160913093228-01-knievel-snake-river-tbt-medium-tease.jpg - ORIGINAL_DST/23.34.169.228 image/jpeg
1473904488.848     59 192.168.2.10 TCP_MISS/200 11621 GET http://i2.cdn.turner.com/cnnnext/dam/assets/160912173212-01-cnnphotos-north-korea-ap-tease-restricted-medium-tease.jpg - ORIGINAL_DST/23.34.169.228 image/jpeg
1473904488.865     75 192.168.2.10 TCP_MISS/200 20867 GET http://i2.cdn.turner.com/cnnnext/dam/assets/160902131805-tease-only-01-magnum-911-restricted-medium-tease.jpg - ORIGINAL_DST/23.34.169.228 image/jpeg
1473904488.865     75 192.168.2.10 TCP_MISS/200 21449 GET http://i2.cdn.turner.com/cnnnext/dam/assets/160912133615-cnnpartnerimages-nextadvisor-cardoverkeyboard-large-tease.jpg - ORIGINAL_DST/23.34.169.228 image/jpeg
1473904488.871     82 192.168.2.10 TCP_MISS/200 26310 GET http://i2.cdn.turner.com/cnnnext/dam/assets/151115124923-cnnpartnerimages-healthgrades-woman-doctor-large-tease.jpg - ORIGINAL_DST/23.34.169.228 image/jpeg
1473904488.880     90 192.168.2.10 TCP_MISS/200 40627 GET http://i2.cdn.turner.com/cnnnext/dam/assets/160617141145-cnnpartnerimages-lendingtree-modernhouse-large-tease.jpeg - ORIGINAL_DST/23.34.169.228 image/jpeg
1473904488.996     35 192.168.2.10 TCP_MISS/200 1299 GET http://z.cdn.turner.com/ads/cnn/cnn_homepage.js - ORIGINAL_DST/23.34.169.228 application/x-javascript
1473904489.087    113 192.168.2.10 TCP_MISS/200 454 GET http://data.cnn.com/jsonp/breaking_news/domestic.json? - ORIGINAL_DST/23.15.9.177 application/javascript
/ads/cnn/singles/cnn_entitlement_hp_01.js? - ORIGINAL_DST/23.34.169.228 application/x-javascript
1473904489.198    214 192.168.2.10 TCP_MISS/200 829 GET http://z.cdn.turner.com/ads/cnn/singles/cnn_entitlement_hp_02.js? - ORIGINAL_DST/23.34.169.228 application/x-javascript
1473904490.020     87 192.168.2.10 TCP_MISS/200 71927 GET http://i2.cdn.turner.com/cnnnext/dam/assets/160914132647-01-chile-girl-police-protest-restricted-overlay-tease.jpg - ORIGINAL_DST/23.34.169.228 image/jpeg
1473904490.248    285 192.168.2.10 TCP_MISS/200 470 GET http://secure-us.imrworldwide.com/cgi-bin/m? - ORIGINAL_DST/138.108.7.20 image/gif
1473904490.387    420 192.168.2.10 TCP_MISS/302 867 GET http://metrics.cnn.com/b/ss/cnn-adbp-domestic/1/H.26.1/s27385914381589? - ORIGINAL_DST/63.140.35.161 text/plain
1473904490.613    319 192.168.2.10 TCP_MISS/304 448 GET http://d2lv4zbk7v5f93.cloudfront.net/esf.js - ORIGINAL_DST/54.230.141.129 -
1473904490.694     44 192.168.2.10 TCP_MISS/200 463 GET http://jadserve.postrelease.com/trk.gif? - ORIGINAL_DST/54.67.49.238 image/gif
1473904490.698    123 192.168.2.10 TCP_MISS/200 2507 GET http://c.go-mpulse.net/boomerang/config.js? - ORIGINAL_DST/104.16.25.190 application/javascript
1473904490.730    192 192.168.2.10 TCP_MISS/200 5059 GET http://hpr.outbrain.com/utils/get? - ORIGINAL_DST/151.101.52.68 text/x-json
ication/json
1473904490.857    200 192.168.2.10 TCP_MISS/200 1344 GET http://vrp.outbrain.com/? - ORIGINAL_DST/50.31.185.42 text/javascript
1473904490.867    140 192.168.2.10 TCP_MISS/304 357 GET http://cdn.gigya.com/js/gigya.js? - ORIGINAL_DST/184.25.56.218 text/javascript
1473904491.024    408 192.168.2.10 TCP_MISS/200 433 GET http://vrt.outbrain.com/? - ORIGINAL_DST/64.74.232.39 application/json
1473904491.182     85 192.168.2.10 TCP_MISS/200 463 GET http://jadserve.postrelease.com/trk.gif? - ORIGINAL_DST/54.67.49.238 image/gif
1473904491.246    129 192.168.2.10 TCP_MISS/200 463 GET http://jadserve.postrelease.com/trk.gif? - ORIGINAL_DST/54.67.49.238 image/gif
1473904491.253     64 192.168.2.10 TCP_MISS/200 463 GET http://jadserve.postrelease.com/trk.gif? - ORIGINAL_DST/54.67.49.238 image/gif
1473904491.253    128 192.168.2.10 TCP_MISS/200 463 GET http://jadserve.postrelease.com/trk.gif? - ORIGINAL_DST/54.67.49.238 image/gif
1473904491.266    136 192.168.2.10 TCP_MISS/200 463 GET http://jadserve.postrelease.com/trk.gif? - ORIGINAL_DST/54.67.49.238 image/gif
1473904491.277    141 192.168.2.10 TCP_MISS/200 463 GET http://jadserve.postrelease.com/trk.gif? - ORIGINAL_DST/54.67.49.238 image/gif
1473904491.277    136 192.168.2.10 TCP_MISS/200 463 GET http://jadserve.postrelease.com/trk.gif? - ORIGINAL_DST/54.67.49.238 image/gif
1473904491.298     45 192.168.2.10 TCP_MISS/200 463 GET http://jadserve.postrelease.com/trk.gif? - ORIGINAL_DST/54.67.49.238 image/gif
1473904491.315    464 192.168.2.10 TCP_MISS/200 679 GET http://beacon.krxd.net/cookie2json? - ORIGINAL_DST/54.214.28.64 text/javascript
1473904491.315     48 192.168.2.10 TCP_MISS/200 463 GET http://jadserve.postrelease.com/trk.gif? - ORIGINAL_DST/54.67.49.238 image/gif
1473904491.325     58 192.168.2.10 TCP_MISS/200 463 GET http://jadserve.postrelease.com/trk.gif? - ORIGINAL_DST/54.67.49.238 image/gif
1473904491.331     54 192.168.2.10 TCP_MISS/200 463 GET http://jadserve.postrelease.com/trk.gif? - ORIGINAL_DST/54.67.49.238 image/gif
1473904491.355    399 192.168.2.10 TCP_MISS/200 613 GET http://segment-data-us-east.zqtk.net/turner-47fcf6? - ORIGINAL_DST/52.203.162.54 application/javascript
1473904491.379    400 192.168.2.10 TCP_MISS/200 400 GET http://b.scorecardresearch.com/r? - ORIGINAL_DST/184.25.56.37 image/gif
1473904491.420    490 192.168.2.10 TCP_MISS/200 4572 GET http://optimized-by.rubiconproject.com/a/api/fastlane.json? - ORIGINAL_DST/8.39.37.31 application/json
1473904491.437    502 192.168.2.10 TCP_MISS/200 1682 GET http://optimized-by.rubiconproject.com/a/api/fastlane.json? - ORIGINAL_DST/8.39.37.31 application/json
1473904491.446    415 192.168.2.10 TCP_MISS/200 1677 GET http://flapi2.rubiconproject.com/a/api/fastlane.json? - ORIGINAL_DST/8.39.37.31 application/json
1473904491.460    435 192.168.2.10 TCP_MISS/200 6080 GET http://flapi2.rubiconproject.com/a/api/fastlane.json? - ORIGINAL_DST/8.39.37.31 application/json
1473904491.482    114 192.168.2.10 TCP_MISS/200 11209 GET http://hpr.outbrain.com/utils/get? - ORIGINAL_DST/151.101.52.68 text/x-json
t/ddm/ad/gwxcdgzui8/49vw7yp7o3k/9hnyzvkngbkc/;ord=1473904494477? - ORIGINAL_DST/172.217.5.102 image/gif
1473904491.529    546 192.168.2.10 TCP_MISS/304 296 GET http://w.usabilla.com/c3244e3d16ba.js? - ORIGINAL_DST/107.20.209.33 -
1473904491.571    459 192.168.2.10 TCP_MISS/200 1683 GET http://flapi1.rubiconproject.com/a/api/fastlane.json? - ORIGINAL_DST/8.43.72.52 application/json
1473904491.589     70 192.168.2.10 TCP_MISS/200 17178 GET http://cdn.krxd.net/controltag/ITb_4eqO.js - ORIGINAL_DST/151.101.52.175 text/javascript
1473904491.639    537 192.168.2.10 TCP_MISS/200 4358 GET http://flapi1.rubiconproject.com/a/api/fastlane.json? - ORIGINAL_DST/8.43.72.52 application/json
1473904491.689    607 192.168.2.10 TCP_MISS/200 602 GET http://cnn-weather-app.prod.services.ec2.dmtio.net/graphql? - ORIGINAL_DST/52.7.101.124 application/json
1473904491.720    613 192.168.2.10 TCP_MISS/200 6676 GET http://flapi1.rubiconproject.com/a/api/fastlane.json? - ORIGINAL_DST/8.43.72.52 application/json
1473904491.804     35 192.168.2.10 TCP_MISS/200 463 GET http://jadserve.postrelease.com/trk.gif? - ORIGINAL_DST/54.67.49.238 image/gif
1473904492.147    822 192.168.2.10 TCP_MISS/200 342 GET http://www.budgetedbauer.com/0ljpwxs - ORIGINAL_DST/52.89.16.151 text/plain
1473904492.168     36 192.168.2.10 TCP_MISS/304 468 GET http://cdn.livefyre.com/libs/fyre.conv/v3.0.0/livefyre.min.js - ORIGINAL_DST/54.230.142.38 -
1473904492.179    375 192.168.2.10 TCP_MISS/200 339 GET http://www.fallingfalcon.com/bcn? - ORIGINAL_DST/54.69.11.188 image/gif
loggerServices/widgetGlobalEvent? - ORIGINAL_DST/192.82.211.130 application/json
1473904492.240     86 192.168.2.10 TCP_MISS/200 414 GET http://log.outbrain.com/loggerServices/widgetGlobalEvent? - ORIGINAL_DST/192.82.211.130 application/json
1473904492.250    102 192.168.2.10 TCP_MISS/200 9447 GET http://hpr.outbrain.com/utils/get? - ORIGINAL_DST/151.101.52.68 text/x-json
1473904492.255    292 192.168.2.10 TCP_MISS/200 3185 GET http://rtax.criteo.com/delivery/rta/rta.js? - ORIGINAL_DST/74.119.117.100 text/javascript
1473904492.363     60 192.168.2.10 TCP_MISS/200 811 GET http://rtax.criteo.com/delivery/rta/rta.js? - ORIGINAL_DST/74.119.117.100 text/javascript
1473904492.575    271 192.168.2.10 TCP_MISS/200 1588 GET http://aax.amazon-adsystem.com/e/dtb/bid? - ORIGINAL_DST/72.21.194.87 text/javascript
1473904492.612     49 192.168.2.10 TCP_MISS/204 339 GET http://b.scorecardresearch.com/b? - ORIGINAL_DST/184.25.56.37 -
1473904492.635     81 192.168.2.10 TCP_MISS/200 414 GET http://log.outbrain.com/loggerServices/widgetGlobalEvent? - ORIGINAL_DST/192.82.211.130 application/json
1473904492.642    690 192.168.2.10 TCP_MISS/200 1587 GET http://aax.amazon-adsystem.com/e/dtb/bid? - ORIGINAL_DST/72.21.194.87 text/javascript
1473904492.653     94 192.168.2.10 TCP_MISS/200 5324 GET http://hpr.outbrain.com/utils/get? - ORIGINAL_DST/151.101.52.68 text/x-json
1473904492.769    156 192.168.2.10 TCP_MISS/200 4997 GET http://images.outbrain.com/Imaginarium/api/uuid/d127d9574d6a3546c9492a42afbfea8f4a5891028af447eb0936c55df06808f0/353/198 - ORIGINAL_DST/23.54.240.249 image/jpeg
.com/Imaginarium/api/uuid/2f4d327037a1f836e91a6c688d31a0d13329c957286b4c095a0a939bac59a61b/353/198 - ORIGINAL_DST/23.54.240.249 image/jpeg
1473904492.783    158 192.168.2.10 TCP_MISS/200 13243 GET http://images.outbrain.com/Imaginarium/api/uuid/5dd17eec1ff04b15509be2dca9d2105cfd7ddebe9dca064534843dbbb89dc8f2/353/198 - ORIGINAL_DST/23.54.240.249 image/jpeg
1473904492.790    155 192.168.2.10 TCP_MISS/200 24002 GET http://images.outbrain.com/Imaginarium/api/uuid/94c7bedf2901652bee0833af350aacbe273996484318699773e6eb815208fa27/353/198 - ORIGINAL_DST/23.54.240.249 image/jpeg
1473904492.800    169 192.168.2.10 TCP_MISS/200 33166 GET http://images.outbrain.com/Imaginarium/api/uuid/cb2f81ecbad436d20b284e2a483b015a0b3661be1f6372b7e3254d5a670815af/353/198 - ORIGINAL_DST/23.54.240.249 image/jpeg
1473904493.385     41 192.168.2.10 TCP_MISS/200 2041 GET http://sr.symcd.com/MFYwVKADAgEAME0wSzBJMAkGBSsOAwIaBQAEFHQkFGcGn%2FXgmD9ePhproGUqVBV1BBQBWavn3ToLWaZkY9bPIAdX1ZHnagIQHz%2BMQLjv1faaAy1yYZ8qGg%3D%3D - ORIGINAL_DST/23.5.251.27 apte
1473904493.400      6 192.168.2.10 TCP_MEM_HIT/200 2214 GET http://s2.symcb.com/MFYwVKADAgEAME0wSzBJMAkGBSsOAwIaBQAEFLnpsocChQP47KX7QuE%2BD0nHJCbiBBR%2F02Wnwt3su%2FAwCfNDOfoCrzMxMwIQfuFKb2%2Fv8tN%2FP61lTTratA%3D%3D - HIER_NONE/- applic/e
1473904493.546     90 192.168.2.10 TCP_MISS/200 414 GET http://log.outbrain.com/loggerServices/widgetGlobalEvent? - ORIGINAL_DST/192.82.211.130 application/json
1473904493.568    107 192.168.2.10 TCP_MISS/200 5307 GET http://hpr.outbrain.com/utils/get? - ORIGINAL_DST/151.101.52.68 text/x-json
1473904493.697  20916 192.168.2.10 TCP_MISS/200 27598728 GET http://swcdn.apple.com/content/downloads/30/62/zzzz031-77681/jc73f2byozz6q72fsdb20pk0rjgwien6cz/CoreFP.pkg - ORIGINAL_DST/17.253.13.204 application/octet-stream
1473904494.023    108 192.168.2.10 TCP_MISS/200 414 GET http://log.outbrain.com/loggerServices/widgetGlobalEvent? - ORIGINAL_DST/192.82.211.130 application/json
1473904494.118    152 192.168.2.10 TCP_MISS/200 27333 GET http://pagead2.googlesyndication.com/pagead/osd.js - ORIGINAL_DST/216.58.194.162 text/javascript
1473904494.169    194 192.168.2.10 TCP_MISS/200 63385 GET http://js.moatads.com/turnerdfpcwrefresh475219962180/moatad.js - ORIGINAL_DST/184.25.56.204 application/x-javascript
1473904494.215    271 192.168.2.10 TCP_MISS/200 1379 GET http://odb.outbrain.com/utils/get? - ORIGINAL_DST/151.101.44.68 text/x-json
1473904494.296    104 192.168.2.10 TCP_MISS/200 54344 GET http://pagead2.googlesyndication.com/pagead/expansion_embed.js? - ORIGINAL_DST/216.58.194.162 text/javascript
1473904494.394    294 192.168.2.10 TCP_MISS/200 415 POST http://stats.aws.rubiconproject.com/stats/ - ORIGINAL_DST/23.21.155.33 text/html
1473904494.828    520 192.168.2.10 TCP_MISS/200 10920 GET http://c.amazon-adsystem.com/aax2/csm.js.gz - ORIGINAL_DST/54.192.143.213 application/javascript
1473904494.931     78 192.168.2.10 TCP_MISS/200 414 GET http://log.outbrain.com/loggerServices/widgetGlobalEvent? - ORIGINAL_DST/192.82.211.130 application/json
ZkY9bPIAdX1ZHnagIQIHtlB41IS9WM52Nv0PzFZw%3D%3D - HIER_NONE/- application/ocsp-response
1473904495.985    361 192.168.2.10 TCP_MISS/200 2911 GET http://aax-us-east.amazon-adsystem.com/e/dtb/impi? - ORIGINAL_DST/72.21.194.87 text/html
1473904496.005    377 192.168.2.10 TCP_MISS/200 2911 GET http://aax-us-east.amazon-adsystem.com/e/dtb/impi? - ORIGINAL_DST/72.21.194.87 text/html
1473904496.005    277 192.168.2.10 TCP_MISS/200 2890 GET http://aax-us-east.amazon-adsystem.com/e/dtb/impi? - ORIGINAL_DST/72.21.194.87 text/html
1473904496.709    505 192.168.2.10 TCP_MISS/206 713 GET http://us-ore-00001.s3.amazonaws.com/HBbqtJoBVyroN-EAxNiZ? - ORIGINAL_DST/54.231.164.146 application/octet-stream
1473904496.716    512 192.168.2.10 TCP_MISS/206 1010 GET http://us-ore-00001.s3.amazonaws.com/x-ON6FsBVydvyHsAxNiX? - ORIGINAL_DST/54.231.164.146 application/octet-stream
1473904496.727    548 192.168.2.10 TCP_MISS/200 483 GET http://pr-bucket.ybp.yahoo.com/adxsync - ORIGINAL_DST/216.115.100.123 text/html
1473904496.727    523 192.168.2.10 TCP_MISS/206 1009 GET http://us-ore-00001.s3.amazonaws.com/8QCFiWABVyduSUkAxNfQ? - ORIGINAL_DST/54.231.164.146 application/octet-stream
1473904497.458    113 192.168.2.10 TCP_MISS/200 696 GET http://beacon.krxd.net/optout_check? - ORIGINAL_DST/54.214.28.64 text/javascript
1473904497.488    142 192.168.2.10 TCP_MISS/200 1898 GET http://cdn.krxd.net/userdata/get? - ORIGINAL_DST/151.101.52.175 text/javascript
1473904497.507    918 192.168.2.10 TCP_MISS/200 294792 GET http://swcdn.apple.com/content/downloads/30/62/zzzz031-77681/jc73f2byozz6q72fsdb20pk0rjgwien6cz/iTunesAccess.pkg - ORIGINAL_DST/17.253.15.201 application/octet-stream
1473904497.649    142 192.168.2.10 TCP_MISS/302 718 GET http://googleads.g.doubleclick.net/pagead/viewthroughconversion/925133270/? - ORIGINAL_DST/216.58.194.194 image/gif
1473904497.649    133 192.168.2.10 TCP_MISS/302 690 GET http://googleads.g.doubleclick.net/pagead/viewthroughconversion/986255830/? - ORIGINAL_DST/216.58.194.194 image/gif
1473904497.667    127 192.168.2.10 TCP_MISS/200 778 GET http://t.co/i/adsct? - ORIGINAL_DST/199.59.148.12 image/gif
1473904497.679    126 192.168.2.10 TCP_MISS/200 778 GET http://t.co/i/adsct? - ORIGINAL_DST/199.59.148.12 image/gif
1473904497.686    140 192.168.2.10 TCP_MISS/200 778 GET http://t.co/i/adsct? - ORIGINAL_DST/199.59.148.12 image/gif
1473904497.776    204 192.168.2.10 TCP_MISS/302 528 GET http://bea4.cnn.com/ad/u? - ORIGINAL_DST/74.217.66.140 -
1473904497.784    225 192.168.2.10 TCP_MISS/302 528 GET http://bea4.v.fwmrm.net/ad/u? - ORIGINAL_DST/74.217.66.140 -
1473904497.936     53 192.168.2.10 TCP_MISS/204 695 GET http://beacon.krxd.net/usermatch.gif? - ORIGINAL_DST/54.214.28.64 image/gif
1473904498.006    237 192.168.2.10 TCP_MISS/302 1029 GET http://cm.g.doubleclick.net/pixel? - ORIGINAL_DST/216.58.194.194 text/html
1473904498.015    486 192.168.2.10 TCP_MISS/302 598 GET http://tap.rubiconproject.com/oz/feeds/krux/tokens? - ORIGINAL_DST/54.225.75.127 text/plain
1473904498.024    131 192.168.2.10 TCP_MISS/204 695 GET http://beacon.krxd.net/usermatch.gif? - ORIGINAL_DST/54.214.28.64 image/gif
1473904498.056    142 192.168.2.10 TCP_MISS/204 695 GET http://beacon.krxd.net/pixel.gif? - ORIGINAL_DST/54.214.28.64 image/gif
1473904498.067    500 192.168.2.10 TCP_MISS/302 500 GET http://apiservices.krxd.net/um? - ORIGINAL_DST/50.19.223.192 text/html
1473904498.080    382 192.168.2.10 TCP_MISS/200 573 GET http://social-login.cnn.com/gscounters.sendReport? - ORIGINAL_DST/74.120.149.167 application/ecmascript
1473904498.253     61 192.168.2.10 TCP_MISS/302 983 GET http://cm.g.doubleclick.net/pixel? - ORIGINAL_DST/216.58.194.194 text/html
1473904498.319     45 192.168.2.10 TCP_MISS/204 695 GET http://beacon.krxd.net/usermatch.gif? - ORIGINAL_DST/54.214.28.64 image/gif
1473904498.480    117 192.168.2.10 TCP_MISS/200 337 GET http://aax.amazon-adsystem.com/x/px/IAtd0a-P2USxvpNPPDX_oxUAAAFXK42_6QEAAAxXhczp1g/%7B%22atf%22:%20false,%20%22left%22:%20869,%20%22top%22:%203731,%20%22wh%22:%20793,%20%22ww%22:%9f
,%20%22left%22:%20282,%20%22top%22:%205898,%20%22wh%22:%20793,%20%22ww%22:%201284,%20%22sx%22:%200,%20%22sy%22:%200,%20%22ah%22:%2090,%20%22aw%22:%20728,%20%22hf%22:%20true,%20%22vs%22:%20%22visible%22,%20%22ts%22:%201473904501706,%20%.f
1473904498.632    118 192.168.2.10 TCP_MISS/200 337 GET http://aax.amazon-adsystem.com/x/px/ICxn6tdJoks-jO_UdivEWgcAAAFXK42_4QEAAAxX3eO0zA/%7B%22atf%22:%20true,%20%22left%22:%20896,%20%22top%22:%20633,%20%22wh%22:%20793,%20%22ww%22:%208f
1473904498.885    760 192.168.2.10 TCP_MISS/200 280 GET http://pr-bh.ybp.yahoo.com/sync/improvedigital/%7BSSP_USER_ID%7D? - ORIGINAL_DST/74.6.34.27 image/gif
1473904498.980     58 192.168.2.10 TCP_MISS/200 12857 GET http://static.chartbeat.com/js/chartbeat.js - ORIGINAL_DST/151.101.52.249 application/x-javascript
1473904499.138    100 192.168.2.10 TCP_MISS/200 6048 GET http://cdn.clicktale.net/www04/ptc/342da402-a44b-4b59-aba4-8fc2310e4478.js - ORIGINAL_DST/174.35.6.10 text/javascript
%22:%200,%20%22ah%22:%20250,%20%22aw%22:%20300,%20%22hf%22:%20true,%20%22vs%22:%20%22visible%22,%20%22ttv%22:%206.93,%20%22ptv%22:%2015.39,%20%22ts%22:%201473904503069,%20%22si%22:%200.00,%20%22dcv%22:%200.72,%20%22pixelId%22:%20%22qqpif
1473904499.924     48 192.168.2.10 TCP_MISS/200 12972 GET http://cdn.clicktale.net/www04/pcc/342da402-a44b-4b59-aba4-8fc2310e4478.js? - ORIGINAL_DST/174.35.6.10 text/javascript
1473904499.950     62 192.168.2.10 TCP_MISS/200 585 GET http://pagead2.googlesyndication.com/activeview? - ORIGINAL_DST/216.58.194.162 image/gif
1473904500.114    146 192.168.2.10 TCP_MISS/204 354 POST http://36f11e2c.mpstat.us/ - ORIGINAL_DST/104.16.110.236 -
1473904500.513    372 192.168.2.10 TCP_MISS/200 341 GET http://ping.chartbeat.net/ping? - ORIGINAL_DST/54.225.216.1 image/gif
1473904500.685    548 192.168.2.10 TCP_MISS/206 2912 GET http://ussjc-edge.icloud-content.com/WD8tQggBVydkWZIAxNfQ? - ORIGINAL_DST/17.248.128.43 application/octet-stream
1473904501.053    123 192.168.2.10 TCP_MISS/200 337 GET http://aax.amazon-adsystem.com/x/px/IAtd0a-P2USxvpNPPDX_oxUAAAFXK42_6QEAAAxXhczp1g/%7B%22adCsm%22:%20[%7B%22lteu%22:%220.10%22,%22ltut%22:%220.09%22,%22ltpq%22:%220.16%22,%22ltvd%%f
em.com/x/px/IFTrWfidukUGp8hRR0VC2tgAAAFXK42_4wEAAAxXFIAHFg/%7B%22adCsm%22:%20[%7B%22lteu%22:%220.19%22,%22ltut%22:%220.14%22,%22ltpq%22:%220.20%22,%22ltvd%22:%220.63%22,%22lths%22:%220.48%22,%22ltpm%22:%220.73%22,%22ltfm%22:%221.55%22,2f
1473904501.257    238 192.168.2.10 TCP_MISS/200 337 GET http://aax.amazon-adsystem.com/x/px/ICxn6tdJoks-jO_UdivEWgcAAAFXK42_4QEAAAxX3eO0zA/%7B%22adCsm%22:%20[%7B%22lteu%22:%220.09%22,%22ltut%22:%220.14%22,%22ltpq%22:%220.10%22,%22ltvd%-f
1473904503.669   3562 192.168.2.10 TCP_MISS/200 2002819 GET http://swcdn.apple.com/content/downloads/00/63/031-75837/7hvyc0zoasu4vit0p2305afp20w7myee0t/CoreSuggestionsConfigData.pkg - ORIGINAL_DST/17.253.15.201 application/octet-stream
1473904505.097    267 192.168.2.10 TCP_MISS/206 47462 GET http://us-ore-00001.s3.amazonaws.com/EuybiTEBTifBe9kBNcOf? - ORIGINAL_DST/54.231.164.146 application/octet-stream
1473904505.175    157 192.168.2.10 TCP_MISS/200 337 GET http://aax.amazon-adsystem.com/x/px/ICxn6tdJoks-jO_UdivEWgcAAAFXK42_4QEAAAxX3eO0zA/%7B%22adCsm%22:%20[%7B%22vdr%22:4000.85,%22tdr%22:4000.85%7D],%20%22pixelId%22:%20%22qqpf2pxqitd8f
1473904505.194    381 192.168.2.10 TCP_MISS/206 118544 GET http://us-ore-00001.s3.amazonaws.com/DcFjKFcBUnU_pn4AxNiY? - ORIGINAL_DST/54.231.164.146 application/octet-stream
1473904505.281    462 192.168.2.10 TCP_MISS/206 192104 GET http://us-ore-00001.s3.amazonaws.com/EuybiTEBTifBe9kBNcOf? - ORIGINAL_DST/54.231.164.146 application/octet-stream
1473904505.314    104 192.168.2.10 TCP_MISS/206 820 GET http://us-ore-00001.s3.amazonaws.com/DcFjKFcBUnU_pn4AxNiY? - ORIGINAL_DST/54.231.164.146 application/octet-stream
1473904505.507    706 192.168.2.10 TCP_MISS/206 282248 GET http://us-ore-00001.s3.amazonaws.com/229FEB0BUHeHXRoAxNiV? - ORIGINAL_DST/54.231.164.146 application/octet-stream
1473904505.675    281 192.168.2.10 TCP_MISS/206 124078 GET http://us-ore-00001.s3.amazonaws.com/EuybiTEBTifBe9kBNcOf? - ORIGINAL_DST/54.231.164.146 application/octet-stream
1473904505.675    353 192.168.2.10 TCP_MISS/206 128359 GET http://us-ore-00001.s3.amazonaws.com/2g48_m0BVyegVCYAxNfQ? - ORIGINAL_DST/54.231.164.146 application/octet-stream
1473904505.722    388 192.168.2.10 TCP_MISS/206 93171 GET http://us-ore-00001.s3.amazonaws.com/4U9FY3QBSmfYqsoBNcFI? - ORIGINAL_DST/54.231.164.146 application/octet-stream
ctet-stream

Of course ther are several packages (such as sarg) that will parse the raw output into nice web pages.

 

Squidguard would be used to block something.  For example if I wanted to block cnn.com from the kids then I could do:

 

ubnt@ERL-1# show service webproxy 
 enable-access-log
 listen-address 192.168.1.1 {
 }
 listen-address 192.168.2.1 {
 }
 url-filtering {
     squidguard {
         default-action block
         rule 1 {
             source-group normal
         }
         rule 2 {
             local-block www.cnn.com
             log all
             source-group kids
         }
         source-group kids {
             address 192.168.2.0/24
         }
         source-group normal {
             address 192.168.1.0/24
         }
     }
 }
[edit]

Then I could see what was blocked with:

 

ubnt@ERL-1:~$ show webproxy blacklist log summary 
Blocked category                                       Count
----------------                                       -----
local-block-2                                              1
                                                       =====
                                                           1

Top 10 sites                                           Count
------------                                           -----
www.cnn.com                                                1
--
Total sites: 1

Top 10 Requestors                                     Blocks
-----------------                                     ------
192.168.2.10/-                                             1
--
Total users: 1
Search
Viewing all articles
Browse latest Browse all 60861

Trending Articles

Practice Sheet of Right form of verbs for HSC Students

September 22, 2019, 11:40 pm

Download: FK ft Shenky – Nakuyewa ”Prod by: Shenky”

February 16, 2017, 4:24 pm

How to win at Markstrat (Markstrat Tips and Tricks) – Vodites

January 5, 2014, 10:34 pm

Ominde Commission Report and Recommendations – Ominde Report of 1964

March 16, 2015, 5:14 am

Bureau of Internal Revenue: Regional Offices (Directory)

January 9, 2014, 11:06 pm

GO 53 on Enhancement of Ex-gratia upto 5 Lakhs Toddy Tappers in Telangana

March 26, 2017, 11:23 pm

Cakewalk CA-2A Leveling Amplifier v2.0.1.97 WiN, v2.0.1.96 OSX Incl Keygen

October 17, 2016, 7:20 am

Mp3 Download: Mdu - Kunjenjenjena

December 7, 2017, 8:16 am

How the kill the job , when DTP request running for long hours.

July 26, 2013, 2:41 am

Microsoft Intune から展開しているアプリのアップデートについて

October 17, 2016, 4:11 am

18-year-old girl was beaten for half an hour by two Northampton men in 'an...

September 1, 2017, 10:00 pm

Car crash in Dunton Bassett leaves driver in critical condition

October 7, 2014, 7:51 am

Macky 2, Two Others In Road Accident

March 29, 2015, 5:34 am

Application log 00000000000000089514: Could not convert queue DLVST90CLNT

May 14, 2015, 11:27 pm

Detroit mafia: D’Anna Brothers agree to plea deal

April 21, 2016, 6:56 am

Delivery block field greyed out using VA02

January 26, 2016, 2:52 pm

Muloraki Au

June 22, 2016, 1:44 am

【個人撮影】スマホのプライベート映像♪「中に出さないで///」カラオケ屋での生ハメ撮りが流出w【リベンジポルノ】@PornHub

October 12, 2017, 2:23 pm

BREAKING NEWS: Diamond Platnumz Is Reported Dead After Ghastly Car Accident

February 9, 2018, 4:56 am

FIAT 500 B0111 B0112

July 5, 2018, 10:31 am
Search