Hello
We have a UTM running 9.502-4, we are using Web Filtering in Standard Mode with AD SSO Authentication. We have several AD groups, one that is "whitelist only".
People in the whitelist only group are having trouble using the Royal Mail tracking website. The website loads, but when they click on the "Track your delivery" button nothing happens.
The URL is: https://www.royalmail.com/track-your-item#/
Using the UTM logs, I have found everything that is being blocked when visiting the website and added it to the web-filteirng exceptions list. I have attached a log to this post, the username is removed from the logs and the IP changed to 0.0.0.0
The website works fine for anyone not in the whitelist only group.
I am not convinced that anything actually happens when an affected user clicks the "Track your delivery" button, since nothing else shows up in the logs when I press it. It seems I have whitelisted a selection of cookie-tracking and CDN URLs.
I have a suspicion that the problem has something to do with the Google Recaptcha. When I go to the website as an unaffected user, there is a little "Captch" box displayed to the side of the webpage (it seems to be operating in invisible mode rather than having to click the "I'm not a robot" box). When a whitelist only user goes to the site, the Captcha box does not display. In the logs, the only line that standads out is the one where the Captcha loads, and there is no "CONNECT" but rather than a "GET".
Does anyone have any ideas as to what the problem might be or pointers for further troubleshooting?
Many thanks
2018:05:08-11:20:05 utm httpproxy[15677]: id="0003" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="CONNECT" srcip="0.0.0.0" dstip="" user="" group="" ad_domain="" statuscode="407" cached="0" profile="REF_DefaultHTTPProfile (Default Web Filter Profile)" filteraction=" ()" size="43533" request="0xc64f0000" url="https://c.webtrends.com/" referer="" error="" authtime="18" dnstime="0" cattime="0" avscantime="0" fullreqtime="1117" device="0" auth="2" ua="Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/66.0.3359.139 Safari/537.36" exceptions="content,url,ssl,certcheck,certdate" 2018:05:08-11:20:05 utm httpproxy[15677]: id="0003" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="CONNECT" srcip="0.0.0.0" dstip="" user="" group="" ad_domain="" statuscode="407" cached="0" profile="REF_DefaultHTTPProfile (Default Web Filter Profile)" filteraction=" ()" size="43533" request="0xb3d51000" url="https://tags.tiqcdn.com/" referer="" error="" authtime="16" dnstime="0" cattime="0" avscantime="0" fullreqtime="1061" device="0" auth="2" ua="Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/66.0.3359.139 Safari/537.36" exceptions="content,url,ssl,certcheck,certdate" 2018:05:08-11:20:05 utm httpproxy[15677]: id="0003" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="CONNECT" srcip="0.0.0.0" dstip="" user="" group="" ad_domain="" statuscode="407" cached="0" profile="REF_DefaultHTTPProfile (Default Web Filter Profile)" filteraction=" ()" size="43533" request="0xd2169600" url="https://www.royalmail.com/" referer="" error="" authtime="1" dnstime="0" cattime="0" avscantime="0" fullreqtime="1198" device="0" auth="2" ua="Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/66.0.3359.139 Safari/537.36" exceptions="content,url,ssl,certcheck,certdate" 2018:05:08-11:20:05 utm httpproxy[15677]: id="0003" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="CONNECT" srcip="0.0.0.0" dstip="" user="" group="" ad_domain="" statuscode="407" cached="0" profile="REF_DefaultHTTPProfile (Default Web Filter Profile)" filteraction=" ()" size="43533" request="0x873e7800" url="https://www.royalmail.com/" referer="" error="" authtime="1" dnstime="0" cattime="0" avscantime="0" fullreqtime="1239" device="0" auth="2" ua="Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/66.0.3359.139 Safari/537.36" exceptions="content,url,ssl,certcheck,certdate" 2018:05:08-11:20:05 utm httpproxy[15677]: id="0003" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="CONNECT" srcip="0.0.0.0" dstip="" user="" group="" ad_domain="" statuscode="407" cached="0" profile="REF_DefaultHTTPProfile (Default Web Filter Profile)" filteraction=" ()" size="66893" request="0x8ca74a00" url="https://s7.addthis.com/" referer="" error="" authtime="1" dnstime="0" cattime="0" avscantime="0" fullreqtime="1580" device="0" auth="2" ua="Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/66.0.3359.139 Safari/537.36" exceptions="content,url,ssl,certcheck,certdate" 2018:05:08-11:20:05 utm httpproxy[15677]: id="0003" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="CONNECT" srcip="0.0.0.0" dstip="" user="" group="" ad_domain="" statuscode="407" cached="0" profile="REF_DefaultHTTPProfile (Default Web Filter Profile)" filteraction=" ()" size="43533" request="0xcc485800" url="https://www.royalmail.com/" referer="" error="" authtime="0" dnstime="0" cattime="0" avscantime="0" fullreqtime="1674" device="0" auth="2" ua="Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/66.0.3359.139 Safari/537.36" exceptions="content,url,ssl,certcheck,certdate" 2018:05:08-11:20:05 utm httpproxy[15677]: id="0003" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="CONNECT" srcip="0.0.0.0" dstip="" user="" group="" ad_domain="" statuscode="407" cached="0" profile="REF_DefaultHTTPProfile (Default Web Filter Profile)" filteraction=" ()" size="43533" request="0x56464400" url="https://www.royalmail.com/" referer="" error="" authtime="0" dnstime="0" cattime="0" avscantime="0" fullreqtime="1656" device="0" auth="2" ua="Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/66.0.3359.139 Safari/537.36" exceptions="content,url,ssl,certcheck,certdate" 2018:05:08-11:20:05 utm httpproxy[15677]: id="0003" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="CONNECT" srcip="0.0.0.0" dstip="" user="" group="" ad_domain="" statuscode="407" cached="0" profile="REF_DefaultHTTPProfile (Default Web Filter Profile)" filteraction=" ()" size="43533" request="0xccd12400" url="https://www.royalmail.com/" referer="" error="" authtime="1" dnstime="0" cattime="0" avscantime="0" fullreqtime="1492" device="0" auth="2" ua="Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/66.0.3359.139 Safari/537.36" exceptions="content,url,ssl,certcheck,certdate" 2018:05:08-11:20:05 utm httpproxy[15677]: id="0003" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="CONNECT" srcip="0.0.0.0" dstip="" user="" group="" ad_domain="" statuscode="407" cached="0" profile="REF_DefaultHTTPProfile (Default Web Filter Profile)" filteraction=" ()" size="95951" request="0x6a4b8c00" url="https://www.royalmail.com/" referer="" error="" authtime="1" dnstime="0" cattime="0" avscantime="0" fullreqtime="3944" device="0" auth="2" ua="Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/66.0.3359.139 Safari/537.36" exceptions="content,url,ssl,certcheck,certdate" 2018:05:08-11:20:05 utm httpproxy[15677]: id="0003" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="CONNECT" srcip="0.0.0.0" dstip="" user="" group="" ad_domain="" statuscode="407" cached="0" profile="REF_DefaultHTTPProfile (Default Web Filter Profile)" filteraction=" ()" size="95951" request="0x6a4b8c00" url="https://www.royalmail.com/" referer="" error="" authtime="8" dnstime="0" cattime="0" avscantime="0" fullreqtime="910" device="0" auth="2" ua="Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/66.0.3359.139 Safari/537.36" exceptions="content,url,ssl,certcheck,certdate" 2018:05:08-11:20:05 utm httpproxy[15677]: id="0003" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="CONNECT" srcip="0.0.0.0" dstip="" user="" group="" ad_domain="" statuscode="407" cached="0" profile="REF_DefaultHTTPProfile (Default Web Filter Profile)" filteraction=" ()" size="95951" request="0x83536c00" url="https://tags.tiqcdn.com/" referer="" error="" authtime="1" dnstime="0" cattime="0" avscantime="0" fullreqtime="2061" device="0" auth="2" ua="Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/66.0.3359.139 Safari/537.36" exceptions="content,url,ssl,certcheck,certdate" 2018:05:08-11:20:05 utm httpproxy[15677]: id="0003" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="CONNECT" srcip="0.0.0.0" dstip="" user="" group="" ad_domain="" statuscode="407" cached="0" profile="REF_DefaultHTTPProfile (Default Web Filter Profile)" filteraction=" ()" size="95951" request="0xc541f800" url="https://s7.addthis.com/" referer="" error="" authtime="3" dnstime="0" cattime="0" avscantime="0" fullreqtime="2317" device="0" auth="2" ua="Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/66.0.3359.139 Safari/537.36" exceptions="content,url,ssl,certcheck,certdate" 2018:05:08-11:20:05 utm httpproxy[15677]: id="0003" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="CONNECT" srcip="0.0.0.0" dstip="" user="" group="" ad_domain="" statuscode="407" cached="0" profile="REF_DefaultHTTPProfile (Default Web Filter Profile)" filteraction=" ()" size="95951" request="0xc541f800" url="https://s7.addthis.com/" referer="" error="" authtime="8" dnstime="0" cattime="0" avscantime="0" fullreqtime="1547" device="0" auth="2" ua="Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/66.0.3359.139 Safari/537.36" exceptions="content,url,ssl,certcheck,certdate" 2018:05:08-11:20:05 utm httpproxy[15677]: id="0003" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="CONNECT" srcip="0.0.0.0" dstip="" user="" group="" ad_domain="" statuscode="407" cached="0" profile="REF_DefaultHTTPProfile (Default Web Filter Profile)" filteraction=" ()" size="95951" request="0x83536c00" url="https://tags.tiqcdn.com/" referer="" error="" authtime="5" dnstime="0" cattime="0" avscantime="0" fullreqtime="2088" device="0" auth="2" ua="Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/66.0.3359.139 Safari/537.36" exceptions="content,url,ssl,certcheck,certdate" 2018:05:08-11:20:05 utm httpproxy[15677]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="GET" srcip="0.0.0.0" dstip="216.58.212.68" user="" group="Web Filtering Level 1" ad_domain="CLIENTBASE" statuscode="200" cached="0" profile="REF_DefaultHTTPProfile (Default Web Filter Profile)" filteraction="REF_HttCffWebFilteLevel (Web Filtering Level One (Restrictive))" size="0" request="0xd96f4a00" url="https://www.google.com/recaptcha/api.js?onload=grecaptchaOnloadCallback&render=explicit" referer="https://www.royalmail.com/track-your-item" error="" authtime="95" dnstime="3" cattime="101" avscantime="0" fullreqtime="2101" device="0" auth="2" ua="Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/66.0.3359.139 Safari/537.36" exceptions="content,url,ssl,certcheck,certdate" 2018:05:08-11:20:05 utm httpproxy[15677]: id="0003" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="CONNECT" srcip="0.0.0.0" dstip="" user="" group="" ad_domain="" statuscode="407" cached="0" profile="REF_DefaultHTTPProfile (Default Web Filter Profile)" filteraction=" ()" size="95951" request="0x83963200" url="https://c.webtrends.com/" referer="" error="" authtime="1" dnstime="0" cattime="0" avscantime="0" fullreqtime="2071" device="0" auth="2" ua="Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/66.0.3359.139 Safari/537.36" exceptions="content,url,ssl,certcheck,certdate" 2018:05:08-11:20:05 utm httpproxy[15677]: id="0003" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="CONNECT" srcip="0.0.0.0" dstip="" user="" group="" ad_domain="" statuscode="407" cached="0" profile="REF_DefaultHTTPProfile (Default Web Filter Profile)" filteraction=" ()" size="95951" request="0x83963200" url="https://c.webtrends.com/" referer="" error="" authtime="8" dnstime="0" cattime="0" avscantime="0" fullreqtime="971" device="0" auth="2" ua="Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/66.0.3359.139 Safari/537.36" exceptions="content,url,ssl,certcheck,certdate" 2018:05:08-11:20:06 utm httpproxy[15677]: id="0003" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="CONNECT" srcip="0.0.0.0" dstip="" user="" group="" ad_domain="" statuscode="407" cached="0" profile="REF_DefaultHTTPProfile (Default Web Filter Profile)" filteraction=" ()" size="95951" request="0x6c4a1000" url="https://c.webtrends.com/" referer="" error="" authtime="1" dnstime="0" cattime="0" avscantime="0" fullreqtime="2344" device="0" auth="2" ua="Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/66.0.3359.139 Safari/537.36" exceptions="content,url,ssl,certcheck,certdate" 2018:05:08-11:20:06 utm httpproxy[15677]: id="0003" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="CONNECT" srcip="0.0.0.0" dstip="" user="" group="" ad_domain="" statuscode="407" cached="0" profile="REF_DefaultHTTPProfile (Default Web Filter Profile)" filteraction=" ()" size="95951" request="0x6c4a1000" url="https://c.webtrends.com/" referer="" error="" authtime="8" dnstime="0" cattime="0" avscantime="0" fullreqtime="1364" device="0" auth="2" ua="Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/66.0.3359.139 Safari/537.36" exceptions="content,url,ssl,certcheck,certdate" 2018:05:08-11:20:06 utm httpproxy[15677]: id="0003" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="CONNECT" srcip="0.0.0.0" dstip="" user="" group="" ad_domain="" statuscode="407" cached="0" profile="REF_DefaultHTTPProfile (Default Web Filter Profile)" filteraction=" ()" size="95951" request="0xc7903600" url="https://m.addthis.com/" referer="" error="" authtime="1" dnstime="0" cattime="0" avscantime="0" fullreqtime="2098" device="0" auth="2" ua="Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/66.0.3359.139 Safari/537.36" exceptions="content,url,ssl,certcheck,certdate" 2018:05:08-11:20:06 utm httpproxy[15677]: id="0003" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="CONNECT" srcip="0.0.0.0" dstip="" user="" group="" ad_domain="" statuscode="407" cached="0" profile="REF_DefaultHTTPProfile (Default Web Filter Profile)" filteraction=" ()" size="95951" request="0xc7903600" url="https://m.addthis.com/" referer="" error="" authtime="8" dnstime="0" cattime="0" avscantime="0" fullreqtime="1718" device="0" auth="2" ua="Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/66.0.3359.139 Safari/537.36" exceptions="content,url,ssl,certcheck,certdate" 2018:05:08-11:20:06 utm httpproxy[15677]: id="0003" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="CONNECT" srcip="0.0.0.0" dstip="" user="" group="" ad_domain="" statuscode="407" cached="0" profile="REF_DefaultHTTPProfile (Default Web Filter Profile)" filteraction=" ()" size="95951" request="0xd488aa00" url="https://ots.optimize.webtrends.com/" referer="" error="" authtime="1" dnstime="0" cattime="0" avscantime="0" fullreqtime="2105" device="0" auth="2" ua="Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/66.0.3359.139 Safari/537.36" exceptions="content,url,ssl,certcheck,certdate" 2018:05:08-11:20:06 utm httpproxy[15677]: id="0003" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="CONNECT" srcip="0.0.0.0" dstip="" user="" group="" ad_domain="" statuscode="407" cached="0" profile="REF_DefaultHTTPProfile (Default Web Filter Profile)" filteraction=" ()" size="95951" request="0xd488aa00" url="https://ots.optimize.webtrends.com/" referer="" error="" authtime="8" dnstime="0" cattime="0" avscantime="0" fullreqtime="1616" device="0" auth="2" ua="Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/66.0.3359.139 Safari/537.36" exceptions="content,url,ssl,certcheck,certdate" 2018:05:08-11:20:06 utm httpproxy[15677]: id="0003" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="CONNECT" srcip="0.0.0.0" dstip="" user="" group="" ad_domain="" statuscode="407" cached="0" profile="REF_DefaultHTTPProfile (Default Web Filter Profile)" filteraction=" ()" size="95951" request="0x83965600" url="https://datacloud.tealiumiq.com/" referer="" error="" authtime="1" dnstime="0" cattime="0" avscantime="0" fullreqtime="2234" device="0" auth="2" ua="Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/66.0.3359.139 Safari/537.36" exceptions="content,url,ssl,certcheck,certdate" 2018:05:08-11:20:06 utm httpproxy[15677]: id="0003" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="CONNECT" srcip="0.0.0.0" dstip="" user="" group="" ad_domain="" statuscode="407" cached="0" profile="REF_DefaultHTTPProfile (Default Web Filter Profile)" filteraction=" ()" size="95951" request="0x83965600" url="https://datacloud.tealiumiq.com/" referer="" error="" authtime="8" dnstime="0" cattime="0" avscantime="0" fullreqtime="1315" device="0" auth="2" ua="Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/66.0.3359.139 Safari/537.36" exceptions="content,url,ssl,certcheck,certdate" 2018:05:08-11:20:06 utm httpproxy[15677]: id="0003" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="CONNECT" srcip="0.0.0.0" dstip="" user="" group="" ad_domain="" statuscode="407" cached="0" profile="REF_DefaultHTTPProfile (Default Web Filter Profile)" filteraction=" ()" size="95951" request="0x68028000" url="https://metrics.royalmail.com/" referer="" error="" authtime="1" dnstime="0" cattime="0" avscantime="0" fullreqtime="2138" device="0" auth="2" ua="Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/66.0.3359.139 Safari/537.36" exceptions="content,url,ssl,certcheck,certdate" 2018:05:08-11:20:06 utm httpproxy[15677]: id="0003" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="CONNECT" srcip="0.0.0.0" dstip="" user="" group="" ad_domain="" statuscode="407" cached="0" profile="REF_DefaultHTTPProfile (Default Web Filter Profile)" filteraction=" ()" size="95951" request="0x6ccd2c00" url="https://visitor-service.tealiumiq.com/" referer="" error="" authtime="1" dnstime="0" cattime="0" avscantime="0" fullreqtime="2467" device="0" auth="2" ua="Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/66.0.3359.139 Safari/537.36" exceptions="content,url,ssl,certcheck,certdate" 2018:05:08-11:20:06 utm httpproxy[15677]: id="0003" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="CONNECT" srcip="0.0.0.0" dstip="" user="" group="" ad_domain="" statuscode="407" cached="0" profile="REF_DefaultHTTPProfile (Default Web Filter Profile)" filteraction=" ()" size="95951" request="0x68028000" url="https://metrics.royalmail.com/" referer="" error="" authtime="8" dnstime="0" cattime="0" avscantime="0" fullreqtime="2109" device="0" auth="2" ua="Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/66.0.3359.139 Safari/537.36" exceptions="content,url,ssl,certcheck,certdate" 2018:05:08-11:20:06 utm httpproxy[15677]: id="0003" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="CONNECT" srcip="0.0.0.0" dstip="" user="" group="" ad_domain="" statuscode="407" cached="0" profile="REF_DefaultHTTPProfile (Default Web Filter Profile)" filteraction=" ()" size="95951" request="0x6ccd2c00" url="https://visitor-service.tealiumiq.com/" referer="" error="" authtime="6" dnstime="0" cattime="0" avscantime="0" fullreqtime="1483" device="0" auth="2" ua="Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/66.0.3359.139 Safari/537.36" exceptions="content,url,ssl,certcheck,certdate" 2018:05:08-11:20:07 utm httpproxy[15677]: id="0003" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="CONNECT" srcip="0.0.0.0" dstip="" user="" group="" ad_domain="" statuscode="407" cached="0" profile="REF_DefaultHTTPProfile (Default Web Filter Profile)" filteraction=" ()" size="95951" request="0xd52b7600" url="https://cdn.decibelinsight.net/" referer="" error="" authtime="1" dnstime="0" cattime="0" avscantime="0" fullreqtime="2620" device="0" auth="2" ua="Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/66.0.3359.139 Safari/537.36" exceptions="content,url,ssl,certcheck,certdate" 2018:05:08-11:20:07 utm httpproxy[15677]: id="0003" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="CONNECT" srcip="0.0.0.0" dstip="" user="" group="" ad_domain="" statuscode="407" cached="0" profile="REF_DefaultHTTPProfile (Default Web Filter Profile)" filteraction=" ()" size="95951" request="0x93a6aa00" url="https://cdn.decibelinsight.net/" referer="" error="" authtime="1" dnstime="0" cattime="0" avscantime="0" fullreqtime="2910" device="0" auth="2" ua="Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/66.0.3359.139 Safari/537.36" exceptions="content,url,ssl,certcheck,certdate" 2018:05:08-11:20:07 utm httpproxy[15677]: id="0003" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="CONNECT" srcip="0.0.0.0" dstip="" user="" group="" ad_domain="" statuscode="407" cached="0" profile="REF_DefaultHTTPProfile (Default Web Filter Profile)" filteraction=" ()" size="95951" request="0xa89c400" url="https://cdn.decibelinsight.net/" referer="" error="" authtime="1" dnstime="0" cattime="0" avscantime="0" fullreqtime="3343" device="0" auth="2" ua="Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/66.0.3359.139 Safari/537.36" exceptions="content,url,ssl,certcheck,certdate" 2018:05:08-11:20:07 utm httpproxy[15677]: id="0003" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="CONNECT" srcip="0.0.0.0" dstip="" user="" group="" ad_domain="" statuscode="407" cached="0" profile="REF_DefaultHTTPProfile (Default Web Filter Profile)" filteraction=" ()" size="95951" request="0x93a6aa00" url="https://cdn.decibelinsight.net/" referer="" error="" authtime="8" dnstime="0" cattime="0" avscantime="0" fullreqtime="1251" device="0" auth="2" ua="Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/66.0.3359.139 Safari/537.36" exceptions="content,url,ssl,certcheck,certdate" 2018:05:08-11:20:07 utm httpproxy[15677]: id="0003" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="CONNECT" srcip="0.0.0.0" dstip="" user="" group="" ad_domain="" statuscode="407" cached="0" profile="REF_DefaultHTTPProfile (Default Web Filter Profile)" filteraction=" ()" size="95951" request="0xd52b7600" url="https://cdn.decibelinsight.net/" referer="" error="" authtime="6" dnstime="0" cattime="0" avscantime="0" fullreqtime="2006" device="0" auth="2" ua="Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/66.0.3359.139 Safari/537.36" exceptions="content,url,ssl,certcheck,certdate" 2018:05:08-11:20:07 utm httpproxy[15677]: id="0003" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="CONNECT" srcip="0.0.0.0" dstip="" user="" group="" ad_domain="" statuscode="407" cached="0" profile="REF_DefaultHTTPProfile (Default Web Filter Profile)" filteraction=" ()" size="95951" request="0x85087000" url="https://safebrowsing.googleapis.com/" referer="" error="" authtime="1" dnstime="0" cattime="0" avscantime="0" fullreqtime="3441" device="0" auth="2" ua="Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/66.0.3359.139 Safari/537.36" exceptions="content,url,ssl,certcheck,certdate" 2018:05:08-11:20:07 utm httpproxy[15677]: id="0003" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="CONNECT" srcip="0.0.0.0" dstip="" user="" group="" ad_domain="" statuscode="407" cached="0" profile="REF_DefaultHTTPProfile (Default Web Filter Profile)" filteraction=" ()" size="95951" request="0xa89c400" url="https://cdn.decibelinsight.net/" referer="" error="" authtime="7" dnstime="0" cattime="0" avscantime="0" fullreqtime="1787" device="0" auth="2" ua="Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/66.0.3359.139 Safari/537.36" exceptions="content,url,ssl,certcheck,certdate"
This thread was automatically locked due to age.