web filtering with advertisements/pop ups logs


Guys, I have the following situation:

In the user's web filtering logs, I have several records of accesses to URLs that the user did not actually access. For example, in the logs there is an access by user X to a certain URL, and in fact what happened was that when opening another website, there was an advertisement on this website that generated a request in the firewall when loading the web page, and that counted as if it were a user access, because there was a request.

This often happens with betting sites, the user accesses any site, on this site there is an advertisement/advertisement for a betting site and this request generated when loading the ad, generated a kind of "false positive", in that the user did not actually access that betting site.

I wonder if anyone has experienced this and if there is a better way to filter this out? focus more on real traffic from the user itself and not on other requests that are not generated by him.

I understand that it would be enough to use the consumption verification, but there are no access details and times.

Added TAGs
[edited by: emmosophos at 12:44 AM (GMT -8) on 4 Feb 2023]