ndows PowerShell
Copyright (C) Microsoft Corporation. All rights reserved.

Try the new cross-platform PowerShell https://aka.ms/pscore6

PS C:\WINDOWS\system32> cd c:\
PS C:\> gc "C:\Programdata\Sophos\Sophos Network Threat Protection\logs\SophosNetFilter.log" -wait -tail 1
2022-05-01T11:30:00.715Z [ 7084: 7176] D Erasing context for flowId=8075
2022-05-01T11:30:25.482Z [ 7084: 7184] I [webengine] New connection 0x277e7fefce0
2022-05-01T11:30:25.482Z [ 7084: 7184] D Created context for flowId=8320
2022-05-01T11:30:25.482Z [ 7084: 7184] D Looking up IP: 2a00:1450:4009:817::2003
2022-05-01T11:30:25.483Z [ 7084:11124] I [check-ip] connection:0x277e7fefce0 ip:2a00:1450:4009:817::2003 flowId:8320 decision:continue
2022-05-01T11:30:25.483Z [ 7084:11124] I [clienthello] connection:0x277e7fefce0 sni:www.google.co.uk flowId:8320 decision:nodecrypt
2022-05-01T11:30:25.484Z [ 7084: 7184] D Unable to get ClientHello: Data is not a client hello handshake message
2022-05-01T11:30:25.484Z [ 7084: 7184] D  request disconnect flowId=8320 side=0 flags=65536
2022-05-01T11:30:25.484Z [ 7084:11124] D Client Hello SNI lookup: www.google.co.uk - allow=true, offload=false, nodecrypt=1
2022-05-01T11:30:25.484Z [ 7084:11124] D Client Hello - Processing WebControl policy
2022-05-01T11:30:25.484Z [ 7084:11124] D Lookup URL www.google.co.uk
2022-05-01T11:30:25.485Z [ 7084:11124] I [request] connection: 0x277e7fefce0 url:www.google.co.uk flowId:8320 decision:allowed riskLevel:2 universalCategory:42
2022-05-01T11:30:25.485Z [ 7084:11124] D WebControl::trace apply()
2022-05-01T11:30:25.485Z [ 7084:11124] D WebControl::trace !checkSiteList() category=42 risk=unknown domain=www.google.co.uk path= query= remoteIp=2a00:1450:4009:817::2003
2022-05-01T11:30:25.485Z [ 7084:11124] D WebControl::trace   - NOT found in local site list
2022-05-01T11:30:25.485Z [ 7084:11124] D WebControl::trace determinefileClass()
2022-05-01T11:30:25.485Z [ 7084:11124] D WebControl::trace   - filetype=text/plain path=
2022-05-01T11:30:25.485Z [ 7084:11124] D WebControl::trace   - using filetype text/plain
2022-05-01T11:30:25.485Z [ 7084:11124] D WebControl::trace   - using fileclass <nil>
2022-05-01T11:30:25.485Z [ 7084:11124] D WebControl::trace   - category=42 risk=unknown domain=www.google.co.uk path= query= method= uri=www.google.co.uk filetype=text/plain fileclass=nil response_content_type= user=unknown ip= blockOnSxlFailure=false epoch=1651404625 time=12:30 wday=1 mcs_endpoint_id=-1
2022-05-01T11:30:25.485Z [ 7084:11124] D WebControl::trace getPolicy()
2022-05-01T11:30:25.485Z [ 7084:11124] D WebControl::trace   - checking if policy [Base Policy] matched
2022-05-01T11:30:25.485Z [ 7084:11124] D WebControl::trace   - policy [Base Policy] added as a candidate
2022-05-01T11:30:25.485Z [ 7084:11124] D WebControl::trace Scanning with categoryscanner
2022-05-01T11:30:25.485Z [ 7084:11124] D WebControl::trace   - use action from policy [Base Policy]
2022-05-01T11:30:25.485Z [ 7084:11124] D WebControl::trace   - scan result is [allow]
2022-05-01T11:30:25.486Z [ 7084:11124] D WebControl::trace Scanning with filetypescanner
2022-05-01T11:30:25.486Z [ 7084:11124] D WebControl::trace   - fileclass is nil; skipping filetype scan
2022-05-01T11:30:25.486Z [ 7084:11124] D WebControl::trace   - scan result is [pass]
2022-05-01T11:30:25.486Z [ 7084:11124] D WebControl::trace   - result: allow
2022-05-01T11:30:25.486Z [ 7084:11124] D WebControl::trace   - use web monitoring from policy [Base Policy]
2022-05-01T11:30:25.486Z [ 7084:11124] D WebControl::trace Result: action=allow policy=[Base Policy] reason=category mute_swa_log=false mute_allow_events=true
2022-05-01T11:30:25.486Z [ 7084:11124] D WebControl::PolicyEvaluator::determineResponseAction: memoryUsed=0 memoryPeak=0
2022-05-01T11:30:25.486Z [ 7084:11124] I page allowed: www.google.co.uk
2022-05-01T11:30:25.537Z [ 7084: 7184] D  request disconnect flowId=8320 side=0 flags=589824
2022-05-01T11:30:25.538Z [ 7084: 7184] D Got Pending Close flowId=8320 flags=1073741824
2022-05-01T11:30:25.538Z [ 7084: 7176] D Erasing context for flowId=8320
2022-05-01T11:30:25.538Z [ 7084: 7176] D Storing web flow journal event for 13295878225-8320. Number of certs stored: 0
2022-05-01T11:30:25.538Z [ 7084: 7176] I [webengine] Closing connection 0x277e7fefce0 for 'www.google.co.uk': request=772b, response=786b, lifetime=56ms, firstResponse=36ms, businessLogicDelay=0ms, timeInCache=0ms, in=36ms, out=54ms, l.eos=55ms
2022-05-01T11:30:25.556Z [ 7084: 7184] I [webengine] New connection 0x277e7fce1b0
2022-05-01T11:30:25.557Z [ 7084: 7184] D Created context for flowId=8321
2022-05-01T11:30:25.557Z [ 7084: 7184] D Looking up IP: 2a00:1450:4009:817::2003
2022-05-01T11:30:25.557Z [ 7084:11124] I [check-ip] connection:0x277e7fce1b0 ip:2a00:1450:4009:817::2003 flowId:8321 decision:continue
2022-05-01T11:30:25.558Z [ 7084:11124] I [clienthello] connection:0x277e7fce1b0 sni:www.google.co.uk flowId:8321 decision:nodecrypt
2022-05-01T11:30:25.558Z [ 7084:11124] D Client Hello SNI lookup: www.google.co.uk - allow=true, offload=false, nodecrypt=1
2022-05-01T11:30:25.558Z [ 7084:11124] D Client Hello - Processing WebControl policy
2022-05-01T11:30:25.558Z [ 7084:11124] D Lookup URL www.google.co.uk
2022-05-01T11:30:25.559Z [ 7084:11124] I [request] connection: 0x277e7fce1b0 url:www.google.co.uk flowId:8321 decision:allowed riskLevel:2 universalCategory:42
2022-05-01T11:30:25.559Z [ 7084:11124] D WebControl::trace apply()
2022-05-01T11:30:25.559Z [ 7084:11124] D WebControl::trace !checkSiteList() category=42 risk=unknown domain=www.google.co.uk path= query= remoteIp=2a00:1450:4009:817::2003
2022-05-01T11:30:25.559Z [ 7084:11124] D WebControl::trace   - NOT found in local site list
2022-05-01T11:30:25.559Z [ 7084:11124] D WebControl::trace determinefileClass()
2022-05-01T11:30:25.559Z [ 7084:11124] D WebControl::trace   - filetype=text/plain path=
2022-05-01T11:30:25.559Z [ 7084:11124] D WebControl::trace   - using filetype text/plain
2022-05-01T11:30:25.559Z [ 7084:11124] D WebControl::trace   - using fileclass <nil>
2022-05-01T11:30:25.559Z [ 7084:11124] D WebControl::trace   - category=42 risk=unknown domain=www.google.co.uk path= query= method= uri=www.google.co.uk filetype=text/plain fileclass=nil response_content_type= user=unknown ip= blockOnSxlFailure=false epoch=1651404625 time=12:30 wday=1 mcs_endpoint_id=-1
2022-05-01T11:30:25.559Z [ 7084:11124] D WebControl::trace getPolicy()
2022-05-01T11:30:25.559Z [ 7084:11124] D WebControl::trace   - checking if policy [Base Policy] matched
2022-05-01T11:30:25.559Z [ 7084:11124] D WebControl::trace   - policy [Base Policy] added as a candidate
2022-05-01T11:30:25.559Z [ 7084:11124] D WebControl::trace Scanning with categoryscanner
2022-05-01T11:30:25.559Z [ 7084:11124] D WebControl::trace   - use action from policy [Base Policy]
2022-05-01T11:30:25.559Z [ 7084:11124] D WebControl::trace   - scan result is [allow]
2022-05-01T11:30:25.559Z [ 7084:11124] D WebControl::trace Scanning with filetypescanner
2022-05-01T11:30:25.559Z [ 7084:11124] D WebControl::trace   - fileclass is nil; skipping filetype scan
2022-05-01T11:30:25.559Z [ 7084:11124] D WebControl::trace   - scan result is [pass]
2022-05-01T11:30:25.559Z [ 7084:11124] D WebControl::trace   - result: allow
2022-05-01T11:30:25.559Z [ 7084:11124] D WebControl::trace   - use web monitoring from policy [Base Policy]
2022-05-01T11:30:25.559Z [ 7084:11124] D WebControl::trace Result: action=allow policy=[Base Policy] reason=category mute_swa_log=false mute_allow_events=true
2022-05-01T11:30:25.559Z [ 7084:11124] D WebControl::PolicyEvaluator::determineResponseAction: memoryUsed=0 memoryPeak=0
2022-05-01T11:30:25.559Z [ 7084:11124] I page allowed: www.google.co.uk
2022-05-01T11:30:25.598Z [ 7084: 7184] D  request disconnect flowId=8321 side=0 flags=589824
2022-05-01T11:30:25.599Z [ 7084: 7184] D Got Pending Close flowId=8321 flags=1073741824
2022-05-01T11:30:25.599Z [ 7084: 7176] D Erasing context for flowId=8321
2022-05-01T11:30:25.600Z [ 7084: 7176] D Storing web flow journal event for 13295878225-8321. Number of certs stored: 0
2022-05-01T11:30:25.600Z [ 7084: 7176] I [webengine] Closing connection 0x277e7fce1b0 for 'www.google.co.uk': request=1625b, response=786b, lifetime=43ms, firstResponse=24ms, businessLogicDelay=0ms, timeInCache=0ms, in=25ms, out=40ms, l.eos=41ms
2022-05-01T11:30:25.619Z [ 7084: 7184] I [webengine] New connection 0x277e7ff0040
2022-05-01T11:30:25.619Z [ 7084: 7184] D Created context for flowId=8322
2022-05-01T11:30:25.619Z [ 7084: 7184] D Looking up IP: 2a00:1450:4009:817::2003
2022-05-01T11:30:25.620Z [ 7084:11124] I [check-ip] connection:0x277e7ff0040 ip:2a00:1450:4009:817::2003 flowId:8322 decision:continue
2022-05-01T11:30:25.621Z [ 7084:11124] I [clienthello] connection:0x277e7ff0040 sni:www.google.co.uk flowId:8322 decision:nodecrypt
2022-05-01T11:30:25.621Z [ 7084:11124] D Client Hello SNI lookup: www.google.co.uk - allow=true, offload=false, nodecrypt=1
2022-05-01T11:30:25.621Z [ 7084:11124] D Client Hello - Processing WebControl policy
2022-05-01T11:30:25.621Z [ 7084:11124] D Lookup URL www.google.co.uk
2022-05-01T11:30:25.622Z [ 7084:11124] I [request] connection: 0x277e7ff0040 url:www.google.co.uk flowId:8322 decision:allowed riskLevel:2 universalCategory:42
2022-05-01T11:30:25.623Z [ 7084:11124] D WebControl::trace apply()
2022-05-01T11:30:25.623Z [ 7084:11124] D WebControl::trace !checkSiteList() category=42 risk=unknown domain=www.google.co.uk path= query= remoteIp=2a00:1450:4009:817::2003
2022-05-01T11:30:25.623Z [ 7084:11124] D WebControl::trace   - NOT found in local site list
2022-05-01T11:30:25.623Z [ 7084:11124] D WebControl::trace determinefileClass()
2022-05-01T11:30:25.623Z [ 7084:11124] D WebControl::trace   - filetype=text/plain path=
2022-05-01T11:30:25.623Z [ 7084:11124] D WebControl::trace   - using filetype text/plain
2022-05-01T11:30:25.623Z [ 7084:11124] D WebControl::trace   - using fileclass <nil>
2022-05-01T11:30:25.623Z [ 7084:11124] D WebControl::trace   - category=42 risk=unknown domain=www.google.co.uk path= query= method= uri=www.google.co.uk filetype=text/plain fileclass=nil response_content_type= user=unknown ip= blockOnSxlFailure=false epoch=1651404625 time=12:30 wday=1 mcs_endpoint_id=-1
2022-05-01T11:30:25.623Z [ 7084:11124] D WebControl::trace getPolicy()
2022-05-01T11:30:25.624Z [ 7084:11124] D WebControl::trace   - checking if policy [Base Policy] matched
2022-05-01T11:30:25.624Z [ 7084:11124] D WebControl::trace   - policy [Base Policy] added as a candidate
2022-05-01T11:30:25.624Z [ 7084:11124] D WebControl::trace Scanning with categoryscanner
2022-05-01T11:30:25.624Z [ 7084:11124] D WebControl::trace   - use action from policy [Base Policy]
2022-05-01T11:30:25.624Z [ 7084:11124] D WebControl::trace   - scan result is [allow]
2022-05-01T11:30:25.624Z [ 7084:11124] D WebControl::trace Scanning with filetypescanner
2022-05-01T11:30:25.624Z [ 7084:11124] D WebControl::trace   - fileclass is nil; skipping filetype scan
2022-05-01T11:30:25.624Z [ 7084:11124] D WebControl::trace   - scan result is [pass]
2022-05-01T11:30:25.624Z [ 7084:11124] D WebControl::trace   - result: allow
2022-05-01T11:30:25.624Z [ 7084:11124] D WebControl::trace   - use web monitoring from policy [Base Policy]
2022-05-01T11:30:25.625Z [ 7084:11124] D WebControl::trace Result: action=allow policy=[Base Policy] reason=category mute_swa_log=false mute_allow_events=true
2022-05-01T11:30:25.625Z [ 7084:11124] D WebControl::PolicyEvaluator::determineResponseAction: memoryUsed=0 memoryPeak=0
2022-05-01T11:30:25.625Z [ 7084:11124] I page allowed: www.google.co.uk
2022-05-01T11:30:25.661Z [ 7084: 7184] D Got Pending Close flowId=8322 flags=1073741824
2022-05-01T11:30:25.661Z [ 7084: 7176] D Erasing context for flowId=8322
2022-05-01T11:30:25.661Z [ 7084: 7176] D Storing web flow journal event for 13295878225-8322. Number of certs stored: 0
2022-05-01T11:30:25.662Z [ 7084: 7176] I [webengine] Closing connection 0x277e7ff0040 for 'www.google.co.uk': request=1601b, response=786b, lifetime=42ms, firstResponse=25ms, businessLogicDelay=0ms, timeInCache=0ms, in=25ms, out=41ms
2022-05-01T11:30:25.680Z [ 7084: 7184] I [webengine] New connection 0x277e7fce630
2022-05-01T11:30:25.680Z [ 7084: 7184] D Created context for flowId=8323
2022-05-01T11:30:25.681Z [ 7084: 7184] D Looking up IP: 2a00:1450:4009:817::2003
2022-05-01T11:30:25.681Z [ 7084:11124] I [check-ip] connection:0x277e7fce630 ip:2a00:1450:4009:817::2003 flowId:8323 decision:continue
2022-05-01T11:30:25.682Z [ 7084:11124] I [clienthello] connection:0x277e7fce630 sni:www.google.co.uk flowId:8323 decision:nodecrypt
2022-05-01T11:30:25.682Z [ 7084:11124] D Client Hello SNI lookup: www.google.co.uk - allow=true, offload=false, nodecrypt=1
2022-05-01T11:30:25.682Z [ 7084:11124] D Client Hello - Processing WebControl policy
2022-05-01T11:30:25.682Z [ 7084:11124] D Lookup URL www.google.co.uk
2022-05-01T11:30:25.683Z [ 7084:11124] I [request] connection: 0x277e7fce630 url:www.google.co.uk flowId:8323 decision:allowed riskLevel:2 universalCategory:42
2022-05-01T11:30:25.683Z [ 7084:11124] D WebControl::trace apply()
2022-05-01T11:30:25.683Z [ 7084:11124] D WebControl::trace !checkSiteList() category=42 risk=unknown domain=www.google.co.uk path= query= remoteIp=2a00:1450:4009:817::2003
2022-05-01T11:30:25.683Z [ 7084:11124] D WebControl::trace   - NOT found in local site list
2022-05-01T11:30:25.683Z [ 7084:11124] D WebControl::trace determinefileClass()
2022-05-01T11:30:25.683Z [ 7084:11124] D WebControl::trace   - filetype=text/plain path=
2022-05-01T11:30:25.683Z [ 7084:11124] D WebControl::trace   - using filetype text/plain
2022-05-01T11:30:25.683Z [ 7084:11124] D WebControl::trace   - using fileclass <nil>
2022-05-01T11:30:25.683Z [ 7084:11124] D WebControl::trace   - category=42 risk=unknown domain=www.google.co.uk path= query= method= uri=www.google.co.uk filetype=text/plain fileclass=nil response_content_type= user=unknown ip= blockOnSxlFailure=false epoch=1651404625 time=12:30 wday=1 mcs_endpoint_id=-1
2022-05-01T11:30:25.683Z [ 7084:11124] D WebControl::trace getPolicy()
2022-05-01T11:30:25.683Z [ 7084:11124] D WebControl::trace   - checking if policy [Base Policy] matched
2022-05-01T11:30:25.683Z [ 7084:11124] D WebControl::trace   - policy [Base Policy] added as a candidate
2022-05-01T11:30:25.683Z [ 7084:11124] D WebControl::trace Scanning with categoryscanner
2022-05-01T11:30:25.683Z [ 7084:11124] D WebControl::trace   - use action from policy [Base Policy]
2022-05-01T11:30:25.683Z [ 7084:11124] D WebControl::trace   - scan result is [allow]
2022-05-01T11:30:25.683Z [ 7084:11124] D WebControl::trace Scanning with filetypescanner
2022-05-01T11:30:25.683Z [ 7084:11124] D WebControl::trace   - fileclass is nil; skipping filetype scan
2022-05-01T11:30:25.683Z [ 7084:11124] D WebControl::trace   - scan result is [pass]
2022-05-01T11:30:25.683Z [ 7084:11124] D WebControl::trace   - result: allow
2022-05-01T11:30:25.683Z [ 7084:11124] D WebControl::trace   - use web monitoring from policy [Base Policy]
2022-05-01T11:30:25.683Z [ 7084:11124] D WebControl::trace Result: action=allow policy=[Base Policy] reason=category mute_swa_log=false mute_allow_events=true
2022-05-01T11:30:25.683Z [ 7084:11124] D WebControl::PolicyEvaluator::determineResponseAction: memoryUsed=0 memoryPeak=0
2022-05-01T11:30:25.683Z [ 7084:11124] I page allowed: www.google.co.uk
2022-05-01T11:30:25.722Z [ 7084: 7184] D Got Pending Close flowId=8323 flags=1073741824
2022-05-01T11:30:25.722Z [ 7084: 7176] D Erasing context for flowId=8323
2022-05-01T11:30:25.722Z [ 7084: 7176] D Storing web flow journal event for 13295878225-8323. Number of certs stored: 0
2022-05-01T11:30:25.723Z [ 7084: 7176] I [webengine] Closing connection 0x277e7fce630 for 'www.google.co.uk': request=1601b, response=786b, lifetime=42ms, firstResponse=25ms, businessLogicDelay=0ms, timeInCache=0ms, in=25ms, out=41ms
2022-05-01T11:30:25.743Z [ 7084: 7184] I [webengine] New connection 0x277e7ff0040
2022-05-01T11:30:25.743Z [ 7084: 7184] D Created context for flowId=8324
2022-05-01T11:30:25.743Z [ 7084: 7184] D Looking up IP: 2a00:1450:4009:817::2003
2022-05-01T11:30:25.744Z [ 7084:11124] I [check-ip] connection:0x277e7ff0040 ip:2a00:1450:4009:817::2003 flowId:8324 decision:continue
2022-05-01T11:30:25.749Z [ 7084:11124] I [clienthello] connection:0x277e7ff0040 sni:www.google.co.uk flowId:8324 decision:nodecrypt
2022-05-01T11:30:25.749Z [ 7084:11124] D Client Hello SNI lookup: www.google.co.uk - allow=true, offload=false, nodecrypt=1
2022-05-01T11:30:25.749Z [ 7084:11124] D Client Hello - Processing WebControl policy
2022-05-01T11:30:25.749Z [ 7084:11124] D Lookup URL www.google.co.uk
2022-05-01T11:30:25.750Z [ 7084:11124] I [request] connection: 0x277e7ff0040 url:www.google.co.uk flowId:8324 decision:allowed riskLevel:2 universalCategory:42
2022-05-01T11:30:25.750Z [ 7084:11124] D WebControl::trace apply()
2022-05-01T11:30:25.750Z [ 7084:11124] D WebControl::trace !checkSiteList() category=42 risk=unknown domain=www.google.co.uk path= query= remoteIp=2a00:1450:4009:817::2003
2022-05-01T11:30:25.750Z [ 7084:11124] D WebControl::trace   - NOT found in local site list
2022-05-01T11:30:25.750Z [ 7084:11124] D WebControl::trace determinefileClass()
2022-05-01T11:30:25.750Z [ 7084:11124] D WebControl::trace   - filetype=text/plain path=
2022-05-01T11:30:25.750Z [ 7084:11124] D WebControl::trace   - using filetype text/plain
2022-05-01T11:30:25.750Z [ 7084:11124] D WebControl::trace   - using fileclass <nil>
2022-05-01T11:30:25.750Z [ 7084:11124] D WebControl::trace   - category=42 risk=unknown domain=www.google.co.uk path= query= method= uri=www.google.co.uk filetype=text/plain fileclass=nil response_content_type= user=unknown ip= blockOnSxlFailure=false epoch=1651404625 time=12:30 wday=1 mcs_endpoint_id=-1
2022-05-01T11:30:25.750Z [ 7084:11124] D WebControl::trace getPolicy()
2022-05-01T11:30:25.750Z [ 7084:11124] D WebControl::trace   - checking if policy [Base Policy] matched
2022-05-01T11:30:25.750Z [ 7084:11124] D WebControl::trace   - policy [Base Policy] added as a candidate
2022-05-01T11:30:25.750Z [ 7084:11124] D WebControl::trace Scanning with categoryscanner
2022-05-01T11:30:25.750Z [ 7084:11124] D WebControl::trace   - use action from policy [Base Policy]
2022-05-01T11:30:25.750Z [ 7084:11124] D WebControl::trace   - scan result is [allow]
2022-05-01T11:30:25.750Z [ 7084:11124] D WebControl::trace Scanning with filetypescanner
2022-05-01T11:30:25.750Z [ 7084:11124] D WebControl::trace   - fileclass is nil; skipping filetype scan
2022-05-01T11:30:25.750Z [ 7084:11124] D WebControl::trace   - scan result is [pass]
2022-05-01T11:30:25.750Z [ 7084:11124] D WebControl::trace   - result: allow
2022-05-01T11:30:25.750Z [ 7084:11124] D WebControl::trace   - use web monitoring from policy [Base Policy]
2022-05-01T11:30:25.751Z [ 7084:11124] D WebControl::trace Result: action=allow policy=[Base Policy] reason=category mute_swa_log=false mute_allow_events=true
2022-05-01T11:30:25.751Z [ 7084:11124] D WebControl::PolicyEvaluator::determineResponseAction: memoryUsed=0 memoryPeak=0
2022-05-01T11:30:25.751Z [ 7084:11124] I page allowed: www.google.co.uk
2022-05-01T11:30:25.790Z [ 7084: 7184] D  request disconnect flowId=8324 side=0 flags=589824
2022-05-01T11:30:25.795Z [ 7084: 7184] D Got Pending Close flowId=8324 flags=1073741824
2022-05-01T11:30:25.795Z [ 7084: 7176] D Erasing context for flowId=8324
2022-05-01T11:30:25.795Z [ 7084: 7176] D Storing web flow journal event for 13295878225-8324. Number of certs stored: 0
2022-05-01T11:30:25.795Z [ 7084: 7176] I [webengine] Closing connection 0x277e7ff0040 for 'www.google.co.uk': request=1625b, response=786b, lifetime=52ms, firstResponse=30ms, businessLogicDelay=0ms, timeInCache=0ms, in=30ms, out=46ms, l.eos=46ms
2022-05-01T11:30:25.808Z [ 7084: 7184] I [webengine] New connection 0x277e7fa9870
2022-05-01T11:30:25.808Z [ 7084: 7184] D Created context for flowId=8325
2022-05-01T11:30:25.808Z [ 7084: 7184] D Looking up IP: 2a00:1450:4009:817::2003
2022-05-01T11:30:25.809Z [ 7084:11124] I [check-ip] connection:0x277e7fa9870 ip:2a00:1450:4009:817::2003 flowId:8325 decision:continue
2022-05-01T11:30:25.810Z [ 7084:11124] I [clienthello] connection:0x277e7fa9870 sni:www.google.co.uk flowId:8325 decision:nodecrypt
2022-05-01T11:30:25.810Z [ 7084:11124] D Client Hello SNI lookup: www.google.co.uk - allow=true, offload=false, nodecrypt=1
2022-05-01T11:30:25.810Z [ 7084:11124] D Client Hello - Processing WebControl policy
2022-05-01T11:30:25.810Z [ 7084:11124] D Lookup URL www.google.co.uk
2022-05-01T11:30:25.810Z [ 7084:11124] I [request] connection: 0x277e7fa9870 url:www.google.co.uk flowId:8325 decision:allowed riskLevel:2 universalCategory:42
2022-05-01T11:30:25.811Z [ 7084:11124] D WebControl::trace apply()
2022-05-01T11:30:25.811Z [ 7084:11124] D WebControl::trace !checkSiteList() category=42 risk=unknown domain=www.google.co.uk path= query= remoteIp=2a00:1450:4009:817::2003
2022-05-01T11:30:25.811Z [ 7084:11124] D WebControl::trace   - NOT found in local site list
2022-05-01T11:30:25.811Z [ 7084:11124] D WebControl::trace determinefileClass()
2022-05-01T11:30:25.811Z [ 7084:11124] D WebControl::trace   - filetype=text/plain path=
2022-05-01T11:30:25.811Z [ 7084:11124] D WebControl::trace   - using filetype text/plain
2022-05-01T11:30:25.811Z [ 7084:11124] D WebControl::trace   - using fileclass <nil>
2022-05-01T11:30:25.811Z [ 7084:11124] D WebControl::trace   - category=42 risk=unknown domain=www.google.co.uk path= query= method= uri=www.google.co.uk filetype=text/plain fileclass=nil response_content_type= user=unknown ip= blockOnSxlFailure=false epoch=1651404625 time=12:30 wday=1 mcs_endpoint_id=-1
2022-05-01T11:30:25.811Z [ 7084:11124] D WebControl::trace getPolicy()
2022-05-01T11:30:25.811Z [ 7084:11124] D WebControl::trace   - checking if policy [Base Policy] matched
2022-05-01T11:30:25.811Z [ 7084:11124] D WebControl::trace   - policy [Base Policy] added as a candidate
2022-05-01T11:30:25.811Z [ 7084:11124] D WebControl::trace Scanning with categoryscanner
2022-05-01T11:30:25.811Z [ 7084:11124] D WebControl::trace   - use action from policy [Base Policy]
2022-05-01T11:30:25.811Z [ 7084:11124] D WebControl::trace   - scan result is [allow]
2022-05-01T11:30:25.811Z [ 7084:11124] D WebControl::trace Scanning with filetypescanner
2022-05-01T11:30:25.811Z [ 7084:11124] D WebControl::trace   - fileclass is nil; skipping filetype scan
2022-05-01T11:30:25.811Z [ 7084:11124] D WebControl::trace   - scan result is [pass]
2022-05-01T11:30:25.811Z [ 7084:11124] D WebControl::trace   - result: allow
2022-05-01T11:30:25.811Z [ 7084:11124] D WebControl::trace   - use web monitoring from policy [Base Policy]
2022-05-01T11:30:25.811Z [ 7084:11124] D WebControl::trace Result: action=allow policy=[Base Policy] reason=category mute_swa_log=false mute_allow_events=true
2022-05-01T11:30:25.811Z [ 7084:11124] D WebControl::PolicyEvaluator::determineResponseAction: memoryUsed=0 memoryPeak=0
2022-05-01T11:30:25.811Z [ 7084:11124] I page allowed: www.google.co.uk
2022-05-01T11:30:25.852Z [ 7084: 7184] D  request disconnect flowId=8325 side=0 flags=589824
2022-05-01T11:30:25.853Z [ 7084: 7184] D Got Pending Close flowId=8325 flags=1073741824
2022-05-01T11:30:25.853Z [ 7084: 7176] D Erasing context for flowId=8325
2022-05-01T11:30:25.854Z [ 7084: 7176] D Storing web flow journal event for 13295878225-8325. Number of certs stored: 0
2022-05-01T11:30:25.854Z [ 7084: 7176] I [webengine] Closing connection 0x277e7fa9870 for 'www.google.co.uk': request=1625b, response=786b, lifetime=45ms, firstResponse=27ms, businessLogicDelay=0ms, timeInCache=0ms, in=27ms, out=43ms, l.eos=43ms
2022-05-01T11:30:25.870Z [ 7084: 7184] I [webengine] New connection 0x277e7fa9630
2022-05-01T11:30:25.870Z [ 7084: 7184] D Created context for flowId=8326
2022-05-01T11:30:25.870Z [ 7084: 7184] D Looking up IP: 2a00:1450:4009:817::2003
2022-05-01T11:30:25.871Z [ 7084:11124] I [check-ip] connection:0x277e7fa9630 ip:2a00:1450:4009:817::2003 flowId:8326 decision:continue
2022-05-01T11:30:25.872Z [ 7084:11124] I [clienthello] connection:0x277e7fa9630 sni:www.google.co.uk flowId:8326 decision:nodecrypt
2022-05-01T11:30:25.872Z [ 7084:11124] D Client Hello SNI lookup: www.google.co.uk - allow=true, offload=false, nodecrypt=1
2022-05-01T11:30:25.872Z [ 7084:11124] D Client Hello - Processing WebControl policy
2022-05-01T11:30:25.872Z [ 7084:11124] D Lookup URL www.google.co.uk
2022-05-01T11:30:25.873Z [ 7084:11124] I [request] connection: 0x277e7fa9630 url:www.google.co.uk flowId:8326 decision:allowed riskLevel:2 universalCategory:42
2022-05-01T11:30:25.873Z [ 7084:11124] D WebControl::trace apply()
2022-05-01T11:30:25.873Z [ 7084:11124] D WebControl::trace !checkSiteList() category=42 risk=unknown domain=www.google.co.uk path= query= remoteIp=2a00:1450:4009:817::2003
2022-05-01T11:30:25.873Z [ 7084:11124] D WebControl::trace   - NOT found in local site list
2022-05-01T11:30:25.873Z [ 7084:11124] D WebControl::trace determinefileClass()
2022-05-01T11:30:25.873Z [ 7084:11124] D WebControl::trace   - filetype=text/plain path=
2022-05-01T11:30:25.873Z [ 7084:11124] D WebControl::trace   - using filetype text/plain
2022-05-01T11:30:25.873Z [ 7084:11124] D WebControl::trace   - using fileclass <nil>
2022-05-01T11:30:25.873Z [ 7084:11124] D WebControl::trace   - category=42 risk=unknown domain=www.google.co.uk path= query= method= uri=www.google.co.uk filetype=text/plain fileclass=nil response_content_type= user=unknown ip= blockOnSxlFailure=false epoch=1651404625 time=12:30 wday=1 mcs_endpoint_id=-1
2022-05-01T11:30:25.873Z [ 7084:11124] D WebControl::trace getPolicy()
2022-05-01T11:30:25.873Z [ 7084:11124] D WebControl::trace   - checking if policy [Base Policy] matched
2022-05-01T11:30:25.873Z [ 7084:11124] D WebControl::trace   - policy [Base Policy] added as a candidate
2022-05-01T11:30:25.873Z [ 7084:11124] D WebControl::trace Scanning with categoryscanner
2022-05-01T11:30:25.873Z [ 7084:11124] D WebControl::trace   - use action from policy [Base Policy]
2022-05-01T11:30:25.873Z [ 7084:11124] D WebControl::trace   - scan result is [allow]
2022-05-01T11:30:25.873Z [ 7084:11124] D WebControl::trace Scanning with filetypescanner
2022-05-01T11:30:25.873Z [ 7084:11124] D WebControl::trace   - fileclass is nil; skipping filetype scan
2022-05-01T11:30:25.873Z [ 7084:11124] D WebControl::trace   - scan result is [pass]
2022-05-01T11:30:25.873Z [ 7084:11124] D WebControl::trace   - result: allow
2022-05-01T11:30:25.873Z [ 7084:11124] D WebControl::trace   - use web monitoring from policy [Base Policy]
2022-05-01T11:30:25.873Z [ 7084:11124] D WebControl::trace Result: action=allow policy=[Base Policy] reason=category mute_swa_log=false mute_allow_events=true
2022-05-01T11:30:25.873Z [ 7084:11124] D WebControl::PolicyEvaluator::determineResponseAction: memoryUsed=0 memoryPeak=0
2022-05-01T11:30:25.873Z [ 7084:11124] I page allowed: www.google.co.uk
2022-05-01T11:30:25.913Z [ 7084: 7184] D Got Pending Close flowId=8326 flags=1073741824
2022-05-01T11:30:25.913Z [ 7084: 7176] D Erasing context for flowId=8326
2022-05-01T11:30:25.913Z [ 7084: 7176] D Storing web flow journal event for 13295878225-8326. Number of certs stored: 0
2022-05-01T11:30:25.913Z [ 7084: 7176] I [webengine] Closing connection 0x277e7fa9630 for 'www.google.co.uk': request=1601b, response=786b, lifetime=42ms, firstResponse=25ms, businessLogicDelay=0ms, timeInCache=0ms, in=25ms, out=42ms
2022-05-01T11:30:25.932Z [ 7084: 7184] I [webengine] New connection 0x277e7fa9630
2022-05-01T11:30:25.932Z [ 7084: 7184] D Created context for flowId=8327
2022-05-01T11:30:25.932Z [ 7084: 7184] D Looking up IP: 2a00:1450:4009:817::2003
2022-05-01T11:30:25.933Z [ 7084:11124] I [check-ip] connection:0x277e7fa9630 ip:2a00:1450:4009:817::2003 flowId:8327 decision:continue
2022-05-01T11:30:25.934Z [ 7084:11124] I [clienthello] connection:0x277e7fa9630 sni:www.google.co.uk flowId:8327 decision:nodecrypt
2022-05-01T11:30:25.934Z [ 7084:11124] D Client Hello SNI lookup: www.google.co.uk - allow=true, offload=false, nodecrypt=1
2022-05-01T11:30:25.934Z [ 7084:11124] D Client Hello - Processing WebControl policy
2022-05-01T11:30:25.934Z [ 7084:11124] D Lookup URL www.google.co.uk
2022-05-01T11:30:25.934Z [ 7084:11124] I [request] connection: 0x277e7fa9630 url:www.google.co.uk flowId:8327 decision:allowed riskLevel:2 universalCategory:42
2022-05-01T11:30:25.934Z [ 7084:11124] D WebControl::trace apply()
2022-05-01T11:30:25.934Z [ 7084:11124] D WebControl::trace !checkSiteList() category=42 risk=unknown domain=www.google.co.uk path= query= remoteIp=2a00:1450:4009:817::2003
2022-05-01T11:30:25.934Z [ 7084:11124] D WebControl::trace   - NOT found in local site list
2022-05-01T11:30:25.934Z [ 7084:11124] D WebControl::trace determinefileClass()
2022-05-01T11:30:25.934Z [ 7084:11124] D WebControl::trace   - filetype=text/plain path=
2022-05-01T11:30:25.934Z [ 7084:11124] D WebControl::trace   - using filetype text/plain
2022-05-01T11:30:25.934Z [ 7084:11124] D WebControl::trace   - using fileclass <nil>
2022-05-01T11:30:25.934Z [ 7084:11124] D WebControl::trace   - category=42 risk=unknown domain=www.google.co.uk path= query= method= uri=www.google.co.uk filetype=text/plain fileclass=nil response_content_type= user=unknown ip= blockOnSxlFailure=false epoch=1651404625 time=12:30 wday=1 mcs_endpoint_id=-1
2022-05-01T11:30:25.934Z [ 7084:11124] D WebControl::trace getPolicy()
2022-05-01T11:30:25.935Z [ 7084:11124] D WebControl::trace   - checking if policy [Base Policy] matched
2022-05-01T11:30:25.935Z [ 7084:11124] D WebControl::trace   - policy [Base Policy] added as a candidate
2022-05-01T11:30:25.935Z [ 7084:11124] D WebControl::trace Scanning with categoryscanner
2022-05-01T11:30:25.935Z [ 7084:11124] D WebControl::trace   - use action from policy [Base Policy]
2022-05-01T11:30:25.935Z [ 7084:11124] D WebControl::trace   - scan result is [allow]
2022-05-01T11:30:25.935Z [ 7084:11124] D WebControl::trace Scanning with filetypescanner
2022-05-01T11:30:25.935Z [ 7084:11124] D WebControl::trace   - fileclass is nil; skipping filetype scan
2022-05-01T11:30:25.935Z [ 7084:11124] D WebControl::trace   - scan result is [pass]
2022-05-01T11:30:25.935Z [ 7084:11124] D WebControl::trace   - result: allow
2022-05-01T11:30:25.935Z [ 7084:11124] D WebControl::trace   - use web monitoring from policy [Base Policy]
2022-05-01T11:30:25.935Z [ 7084:11124] D WebControl::trace Result: action=allow policy=[Base Policy] reason=category mute_swa_log=false mute_allow_events=true
2022-05-01T11:30:25.935Z [ 7084:11124] D WebControl::PolicyEvaluator::determineResponseAction: memoryUsed=0 memoryPeak=0
2022-05-01T11:30:25.935Z [ 7084:11124] I page allowed: www.google.co.uk
2022-05-01T11:30:25.974Z [ 7084: 7184] D Got Pending Close flowId=8327 flags=1073741824
2022-05-01T11:30:25.974Z [ 7084: 7176] D Erasing context for flowId=8327
2022-05-01T11:30:25.975Z [ 7084: 7176] D Storing web flow journal event for 13295878225-8327. Number of certs stored: 0
2022-05-01T11:30:25.975Z [ 7084: 7176] I [webengine] Closing connection 0x277e7fa9630 for 'www.google.co.uk': request=1601b, response=786b, lifetime=42ms, firstResponse=25ms, businessLogicDelay=0ms, timeInCache=0ms, in=25ms, out=41ms
2022-05-01T11:30:25.994Z [ 7084: 7184] I [webengine] New connection 0x277e7fa9930
2022-05-01T11:30:25.994Z [ 7084: 7184] D Created context for flowId=8328
2022-05-01T11:30:25.994Z [ 7084: 7184] D Looking up IP: 2a00:1450:4009:817::2003
2022-05-01T11:30:25.995Z [ 7084:11124] I [check-ip] connection:0x277e7fa9930 ip:2a00:1450:4009:817::2003 flowId:8328 decision:continue
2022-05-01T11:30:25.996Z [ 7084:11124] I [clienthello] connection:0x277e7fa9930 sni:www.google.co.uk flowId:8328 decision:nodecrypt
2022-05-01T11:30:25.996Z [ 7084:11124] D Client Hello SNI lookup: www.google.co.uk - allow=true, offload=false, nodecrypt=1
2022-05-01T11:30:25.996Z [ 7084:11124] D Client Hello - Processing WebControl policy
2022-05-01T11:30:25.996Z [ 7084:11124] D Lookup URL www.google.co.uk
2022-05-01T11:30:25.997Z [ 7084:11124] I [request] connection: 0x277e7fa9930 url:www.google.co.uk flowId:8328 decision:allowed riskLevel:2 universalCategory:42
2022-05-01T11:30:25.997Z [ 7084:11124] D WebControl::trace apply()
2022-05-01T11:30:25.997Z [ 7084:11124] D WebControl::trace !checkSiteList() category=42 risk=unknown domain=www.google.co.uk path= query= remoteIp=2a00:1450:4009:817::2003
2022-05-01T11:30:25.997Z [ 7084:11124] D WebControl::trace   - NOT found in local site list
2022-05-01T11:30:25.997Z [ 7084:11124] D WebControl::trace determinefileClass()
2022-05-01T11:30:25.997Z [ 7084:11124] D WebControl::trace   - filetype=text/plain path=
2022-05-01T11:30:25.997Z [ 7084:11124] D WebControl::trace   - using filetype text/plain
2022-05-01T11:30:25.997Z [ 7084:11124] D WebControl::trace   - using fileclass <nil>
2022-05-01T11:30:25.997Z [ 7084:11124] D WebControl::trace   - category=42 risk=unknown domain=www.google.co.uk path= query= method= uri=www.google.co.uk filetype=text/plain fileclass=nil response_content_type= user=unknown ip= blockOnSxlFailure=false epoch=1651404625 time=12:30 wday=1 mcs_endpoint_id=-1
2022-05-01T11:30:25.997Z [ 7084:11124] D WebControl::trace getPolicy()
2022-05-01T11:30:25.997Z [ 7084:11124] D WebControl::trace   - checking if policy [Base Policy] matched
2022-05-01T11:30:25.997Z [ 7084:11124] D WebControl::trace   - policy [Base Policy] added as a candidate
2022-05-01T11:30:25.997Z [ 7084:11124] D WebControl::trace Scanning with categoryscanner
2022-05-01T11:30:25.997Z [ 7084:11124] D WebControl::trace   - use action from policy [Base Policy]
2022-05-01T11:30:25.997Z [ 7084:11124] D WebControl::trace   - scan result is [allow]
2022-05-01T11:30:25.997Z [ 7084:11124] D WebControl::trace Scanning with filetypescanner
2022-05-01T11:30:25.997Z [ 7084:11124] D WebControl::trace   - fileclass is nil; skipping filetype scan
2022-05-01T11:30:25.997Z [ 7084:11124] D WebControl::trace   - scan result is [pass]
2022-05-01T11:30:25.998Z [ 7084:11124] D WebControl::trace   - result: allow
2022-05-01T11:30:25.998Z [ 7084:11124] D WebControl::trace   - use web monitoring from policy [Base Policy]
2022-05-01T11:30:25.998Z [ 7084:11124] D WebControl::trace Result: action=allow policy=[Base Policy] reason=category mute_swa_log=false mute_allow_events=true
2022-05-01T11:30:25.998Z [ 7084:11124] D WebControl::PolicyEvaluator::determineResponseAction: memoryUsed=0 memoryPeak=0
2022-05-01T11:30:25.998Z [ 7084:11124] I page allowed: www.google.co.uk
2022-05-01T11:30:26.038Z [ 7084: 7184] D Got Pending Close flowId=8328 flags=1073741824
2022-05-01T11:30:26.038Z [ 7084: 7176] D Erasing context for flowId=8328
2022-05-01T11:30:26.038Z [ 7084: 7176] D Storing web flow journal event for 13295878225-8328. Number of certs stored: 0
2022-05-01T11:30:26.038Z [ 7084: 7176] I [webengine] Closing connection 0x277e7fa9930 for 'www.google.co.uk': request=1601b, response=786b, lifetime=43ms, firstResponse=26ms, businessLogicDelay=0ms, timeInCache=0ms, in=26ms, out=43ms
2022-05-01T11:30:26.057Z [ 7084: 7184] I [webengine] New connection 0x277e7fa9390
2022-05-01T11:30:26.057Z [ 7084: 7184] D Created context for flowId=8329
2022-05-01T11:30:26.057Z [ 7084: 7184] D Looking up IP: 2a00:1450:4009:817::2003
2022-05-01T11:30:26.058Z [ 7084:11124] I [check-ip] connection:0x277e7fa9390 ip:2a00:1450:4009:817::2003 flowId:8329 decision:continue
2022-05-01T11:30:26.059Z [ 7084:11124] I [clienthello] connection:0x277e7fa9390 sni:www.google.co.uk flowId:8329 decision:nodecrypt
2022-05-01T11:30:26.059Z [ 7084:11124] D Client Hello SNI lookup: www.google.co.uk - allow=true, offload=false, nodecrypt=1
2022-05-01T11:30:26.059Z [ 7084:11124] D Client Hello - Processing WebControl policy
2022-05-01T11:30:26.059Z [ 7084:11124] D Lookup URL www.google.co.uk
2022-05-01T11:30:26.059Z [ 7084:11124] I [request] connection: 0x277e7fa9390 url:www.google.co.uk flowId:8329 decision:allowed riskLevel:2 universalCategory:42
2022-05-01T11:30:26.060Z [ 7084:11124] D WebControl::trace apply()
2022-05-01T11:30:26.060Z [ 7084:11124] D WebControl::trace !checkSiteList() category=42 risk=unknown domain=www.google.co.uk path= query= remoteIp=2a00:1450:4009:817::2003
2022-05-01T11:30:26.060Z [ 7084:11124] D WebControl::trace   - NOT found in local site list
2022-05-01T11:30:26.060Z [ 7084:11124] D WebControl::trace determinefileClass()
2022-05-01T11:30:26.060Z [ 7084:11124] D WebControl::trace   - filetype=text/plain path=
2022-05-01T11:30:26.060Z [ 7084:11124] D WebControl::trace   - using filetype text/plain
2022-05-01T11:30:26.060Z [ 7084:11124] D WebControl::trace   - using fileclass <nil>
2022-05-01T11:30:26.060Z [ 7084:11124] D WebControl::trace   - category=42 risk=unknown domain=www.google.co.uk path= query= method= uri=www.google.co.uk filetype=text/plain fileclass=nil response_content_type= user=unknown ip= blockOnSxlFailure=false epoch=1651404626 time=12:30 wday=1 mcs_endpoint_id=-1
2022-05-01T11:30:26.060Z [ 7084:11124] D WebControl::trace getPolicy()
2022-05-01T11:30:26.060Z [ 7084:11124] D WebControl::trace   - checking if policy [Base Policy] matched
2022-05-01T11:30:26.060Z [ 7084:11124] D WebControl::trace   - policy [Base Policy] added as a candidate
2022-05-01T11:30:26.060Z [ 7084:11124] D WebControl::trace Scanning with categoryscanner
2022-05-01T11:30:26.060Z [ 7084:11124] D WebControl::trace   - use action from policy [Base Policy]
2022-05-01T11:30:26.060Z [ 7084:11124] D WebControl::trace   - scan result is [allow]
2022-05-01T11:30:26.060Z [ 7084:11124] D WebControl::trace Scanning with filetypescanner
2022-05-01T11:30:26.060Z [ 7084:11124] D WebControl::trace   - fileclass is nil; skipping filetype scan
2022-05-01T11:30:26.060Z [ 7084:11124] D WebControl::trace   - scan result is [pass]
2022-05-01T11:30:26.060Z [ 7084:11124] D WebControl::trace   - result: allow
2022-05-01T11:30:26.060Z [ 7084:11124] D WebControl::trace   - use web monitoring from policy [Base Policy]
2022-05-01T11:30:26.060Z [ 7084:11124] D WebControl::trace Result: action=allow policy=[Base Policy] reason=category mute_swa_log=false mute_allow_events=true
2022-05-01T11:30:26.060Z [ 7084:11124] D WebControl::PolicyEvaluator::determineResponseAction: memoryUsed=0 memoryPeak=0
2022-05-01T11:30:26.060Z [ 7084:11124] I page allowed: www.google.co.uk
2022-05-01T11:30:26.099Z [ 7084: 7184] D Got Pending Close flowId=8329 flags=1073741824
2022-05-01T11:30:26.099Z [ 7084: 7176] D Erasing context for flowId=8329
2022-05-01T11:30:26.099Z [ 7084: 7176] D Storing web flow journal event for 13295878226-8329. Number of certs stored: 0
2022-05-01T11:30:26.100Z [ 7084: 7176] I [webengine] Closing connection 0x277e7fa9390 for 'www.google.co.uk': request=1601b, response=786b, lifetime=42ms, firstResponse=25ms, businessLogicDelay=0ms, timeInCache=0ms, in=25ms, out=41ms
2022-05-01T11:30:26.170Z [ 7084: 7184] I [webengine] New connection 0x277e7fa98d0
2022-05-01T11:30:26.170Z [ 7084: 7184] D Created context for flowId=8338
2022-05-01T11:30:26.170Z [ 7084: 7184] D Looking up IP: 2600:1901:0:38d7::
2022-05-01T11:30:26.171Z [ 7084: 7184] D Lookup URL http://detectportal.firefox.com/canonical.html
2022-05-01T11:30:26.190Z [ 7084: 7184] D  XXX Scan Content 90 bytes for http://detectportal.firefox.com/canonical.html
2022-05-01T11:30:26.191Z [ 7084: 7184] D Scanning 90 bytes of uri 'http://detectportal.firefox.com/canonical.html'
2022-05-01T11:30:26.313Z [ 7084:11124] I [request] connection: 0x277e7fa98d0 url:http://detectportal.firefox.com/canonical.html flowId:8338 decision:allowed riskLevel:2 universalCategory:8
2022-05-01T11:30:26.313Z [ 7084:11124] D WebControl::trace apply()
2022-05-01T11:30:26.313Z [ 7084:11124] D WebControl::trace !checkSiteList() category=8 risk=unknown domain=detectportal.firefox.com path=canonical.html query= remoteIp=2600:1901:0:38d7::
2022-05-01T11:30:26.313Z [ 7084:11124] D WebControl::trace   - NOT found in local site list
2022-05-01T11:30:26.313Z [ 7084:11124] D WebControl::trace determinefileClass()
2022-05-01T11:30:26.313Z [ 7084:11124] D WebControl::trace   - filetype=text/plain path=canonical.html
2022-05-01T11:30:26.313Z [ 7084:11124] D WebControl::trace   - found file extension .html
2022-05-01T11:30:26.313Z [ 7084:11124] D WebControl::trace   - using filetype text/plain
2022-05-01T11:30:26.313Z [ 7084:11124] D WebControl::trace   - using fileclass <nil>
2022-05-01T11:30:26.313Z [ 7084:11124] D WebControl::trace   - category=8 risk=unknown domain=detectportal.firefox.com path=canonical.html query= method=GET uri=http://detectportal.firefox.com/canonical.html filetype=text/plain fileclass=nil response_content_type=text/html user=unknown ip= blockOnSxlFailure=false epoch=1651404626 time=12:30 wday=1 mcs_endpoint_id=-1
2022-05-01T11:30:26.313Z [ 7084:11124] D WebControl::trace getPolicy()
2022-05-01T11:30:26.313Z [ 7084:11124] D WebControl::trace   - checking if policy [Base Policy] matched
2022-05-01T11:30:26.313Z [ 7084:11124] D WebControl::trace   - policy [Base Policy] added as a candidate
2022-05-01T11:30:26.314Z [ 7084:11124] D WebControl::trace Scanning with categoryscanner
2022-05-01T11:30:26.314Z [ 7084:11124] D WebControl::trace   - use action from policy [Base Policy]
2022-05-01T11:30:26.314Z [ 7084:11124] D WebControl::trace   - scan result is [allow]
2022-05-01T11:30:26.314Z [ 7084:11124] D WebControl::trace Scanning with filetypescanner
2022-05-01T11:30:26.314Z [ 7084:11124] D WebControl::trace   - fileclass is nil; skipping filetype scan
2022-05-01T11:30:26.314Z [ 7084:11124] D WebControl::trace   - scan result is [pass]
2022-05-01T11:30:26.314Z [ 7084:11124] D WebControl::trace   - result: allow
2022-05-01T11:30:26.314Z [ 7084:11124] D WebControl::trace   - use web monitoring from policy [Base Policy]
2022-05-01T11:30:26.314Z [ 7084:11124] D WebControl::trace Result: action=allow policy=[Base Policy] reason=category mute_swa_log=false mute_allow_events=true
2022-05-01T11:30:26.314Z [ 7084:11124] D WebControl::PolicyEvaluator::determineResponseAction: memoryUsed=0 memoryPeak=0
2022-05-01T11:30:26.314Z [ 7084:11124] I page allowed: http://detectportal.firefox.com/canonical.html
2022-05-01T11:30:26.314Z [ 7084:11124] I [check-ip] connection:0x277e7fa98d0 ip:2600:1901:0:38d7:: flowId:8338 decision:continue
2022-05-01T11:30:26.356Z [ 7084:11124] I [scan] connection:0x277e7fa98d0 url:http://detectportal.firefox.com/canonical.html flowId:8338 decision:allowed
2022-05-01T11:30:26.356Z [ 7084:11124] D Allowing access to clean content, uri 'http://detectportal.firefox.com/canonical.html'
2022-05-01T11:30:26.377Z [ 7084: 7184] I [webengine] New connection 0x277e7fa9330
2022-05-01T11:30:26.377Z [ 7084: 7184] D Created context for flowId=8345
2022-05-01T11:30:26.378Z [ 7084: 7184] D Looking up IP: 34.107.221.82
2022-05-01T11:30:26.378Z [ 7084: 7184] D Lookup URL http://detectportal.firefox.com/success.txt?ipv4
2022-05-01T11:30:26.379Z [ 7084:11124] I [request] connection: 0x277e7fa9330 url:http://detectportal.firefox.com/success.txt?ipv4 flowId:8345 decision:allowed riskLevel:2 universalCategory:8
2022-05-01T11:30:26.380Z [ 7084: 7184] I [webengine] New connection 0x277e7fa9810
2022-05-01T11:30:26.380Z [ 7084: 7184] D Created context for flowId=8346
2022-05-01T11:30:26.380Z [ 7084: 7184] D Looking up IP: 2600:1901:0:38d7::
2022-05-01T11:30:26.380Z [ 7084: 7184] D Lookup URL http://detectportal.firefox.com/success.txt?ipv6
2022-05-01T11:30:26.380Z [ 7084:11124] I [check-ip] connection:0x277e7fa9810 ip:2600:1901:0:38d7:: flowId:8346 decision:continue
2022-05-01T11:30:26.381Z [ 7084:11124] I [request] connection: 0x277e7fa9810 url:http://detectportal.firefox.com/success.txt?ipv6 flowId:8346 decision:allowed riskLevel:2 universalCategory:8
2022-05-01T11:30:26.396Z [ 7084: 7184] D  XXX Scan Content 8 bytes for http://detectportal.firefox.com/success.txt?ipv4
2022-05-01T11:30:26.396Z [ 7084: 7184] D Scanning 8 bytes of uri 'http://detectportal.firefox.com/success.txt?ipv4'
2022-05-01T11:30:26.396Z [ 7084: 7184] D WebControl::trace apply()
2022-05-01T11:30:26.396Z [ 7084: 7184] D WebControl::trace !checkSiteList() category=8 risk=unknown domain=detectportal.firefox.com path=success.txt query=ipv4 remoteIp=34.107.221.82
2022-05-01T11:30:26.396Z [ 7084: 7184] D WebControl::trace   - NOT found in local site list
2022-05-01T11:30:26.396Z [ 7084: 7184] D WebControl::trace determinefileClass()
2022-05-01T11:30:26.396Z [ 7084: 7184] D WebControl::trace   - filetype=text/plain path=success.txt
2022-05-01T11:30:26.396Z [ 7084: 7184] D WebControl::trace   - found file extension .txt
2022-05-01T11:30:26.396Z [ 7084: 7184] D WebControl::trace   - using filetype text/plain
2022-05-01T11:30:26.396Z [ 7084: 7184] D WebControl::trace   - using fileclass <nil>
2022-05-01T11:30:26.396Z [ 7084: 7184] D WebControl::trace   - category=8 risk=unknown domain=detectportal.firefox.com path=success.txt query=ipv4 method=GET uri=http://detectportal.firefox.com/success.txt?ipv4 filetype=text/plain fileclass=nil response_content_type=text/plain user=unknown ip= blockOnSxlFailure=false epoch=1651404626 time=12:30 wday=1 mcs_endpoint_id=-1
2022-05-01T11:30:26.396Z [ 7084: 7184] D WebControl::trace getPolicy()
2022-05-01T11:30:26.396Z [ 7084: 7184] D WebControl::trace   - checking if policy [Base Policy] matched
2022-05-01T11:30:26.396Z [ 7084: 7184] D WebControl::trace   - policy [Base Policy] added as a candidate
2022-05-01T11:30:26.396Z [ 7084: 7184] D WebControl::trace Scanning with categoryscanner
2022-05-01T11:30:26.396Z [ 7084: 7184] D WebControl::trace   - use action from policy [Base Policy]
2022-05-01T11:30:26.397Z [ 7084: 7184] D WebControl::trace   - scan result is [allow]
2022-05-01T11:30:26.397Z [ 7084: 7184] D WebControl::trace Scanning with filetypescanner
2022-05-01T11:30:26.397Z [ 7084: 7184] D WebControl::trace   - fileclass is nil; skipping filetype scan
2022-05-01T11:30:26.397Z [ 7084: 7184] D WebControl::trace   - scan result is [pass]
2022-05-01T11:30:26.397Z [ 7084: 7184] D WebControl::trace   - result: allow
2022-05-01T11:30:26.397Z [ 7084: 7184] D WebControl::trace   - use web monitoring from policy [Base Policy]
2022-05-01T11:30:26.397Z [ 7084: 7184] D WebControl::trace Result: action=allow policy=[Base Policy] reason=category mute_swa_log=false mute_allow_events=true
2022-05-01T11:30:26.397Z [ 7084: 7184] D WebControl::PolicyEvaluator::determineResponseAction: memoryUsed=0 memoryPeak=0
2022-05-01T11:30:26.397Z [ 7084: 7184] I page allowed: http://detectportal.firefox.com/success.txt?ipv4
2022-05-01T11:30:26.397Z [ 7084: 7184] D  XXX Scan Content 8 bytes for http://detectportal.firefox.com/success.txt?ipv6
2022-05-01T11:30:26.397Z [ 7084: 7184] D Scanning 8 bytes of uri 'http://detectportal.firefox.com/success.txt?ipv6'
2022-05-01T11:30:26.398Z [ 7084: 7184] D WebControl::trace apply()
2022-05-01T11:30:26.398Z [ 7084: 7184] D WebControl::trace !checkSiteList() category=8 risk=unknown domain=detectportal.firefox.com path=success.txt query=ipv6 remoteIp=2600:1901:0:38d7::
2022-05-01T11:30:26.398Z [ 7084: 7184] D WebControl::trace   - NOT found in local site list
2022-05-01T11:30:26.398Z [ 7084: 7184] D WebControl::trace determinefileClass()
2022-05-01T11:30:26.398Z [ 7084: 7184] D WebControl::trace   - filetype=text/plain path=success.txt
2022-05-01T11:30:26.398Z [ 7084: 7184] D WebControl::trace   - found file extension .txt
2022-05-01T11:30:26.398Z [ 7084: 7184] D WebControl::trace   - using filetype text/plain
2022-05-01T11:30:26.398Z [ 7084: 7184] D WebControl::trace   - using fileclass <nil>
2022-05-01T11:30:26.398Z [ 7084: 7184] D WebControl::trace   - category=8 risk=unknown domain=detectportal.firefox.com path=success.txt query=ipv6 method=GET uri=http://detectportal.firefox.com/success.txt?ipv6 filetype=text/plain fileclass=nil response_content_type=text/plain user=unknown ip= blockOnSxlFailure=false epoch=1651404626 time=12:30 wday=1 mcs_endpoint_id=-1
2022-05-01T11:30:26.398Z [ 7084: 7184] D WebControl::trace getPolicy()
2022-05-01T11:30:26.398Z [ 7084: 7184] D WebControl::trace   - checking if policy [Base Policy] matched
2022-05-01T11:30:26.398Z [ 7084: 7184] D WebControl::trace   - policy [Base Policy] added as a candidate
2022-05-01T11:30:26.398Z [ 7084: 7184] D WebControl::trace Scanning with categoryscanner
2022-05-01T11:30:26.398Z [ 7084: 7184] D WebControl::trace   - use action from policy [Base Policy]
2022-05-01T11:30:26.398Z [ 7084: 7184] D WebControl::trace   - scan result is [allow]
2022-05-01T11:30:26.398Z [ 7084: 7184] D WebControl::trace Scanning with filetypescanner
2022-05-01T11:30:26.398Z [ 7084: 7184] D WebControl::trace   - fileclass is nil; skipping filetype scan
2022-05-01T11:30:26.398Z [ 7084: 7184] D WebControl::trace   - scan result is [pass]
2022-05-01T11:30:26.398Z [ 7084: 7184] D WebControl::trace   - result: allow
2022-05-01T11:30:26.398Z [ 7084: 7184] D WebControl::trace   - use web monitoring from policy [Base Policy]
2022-05-01T11:30:26.398Z [ 7084: 7184] D WebControl::trace Result: action=allow policy=[Base Policy] reason=category mute_swa_log=false mute_allow_events=true
2022-05-01T11:30:26.398Z [ 7084: 7184] D WebControl::PolicyEvaluator::determineResponseAction: memoryUsed=0 memoryPeak=0
2022-05-01T11:30:26.398Z [ 7084: 7184] I page allowed: http://detectportal.firefox.com/success.txt?ipv6
2022-05-01T11:30:26.398Z [ 7084:11124] I [scan] connection:0x277e7fa9330 url:http://detectportal.firefox.com/success.txt?ipv4 flowId:8345 decision:allowed
2022-05-01T11:30:26.399Z [ 7084:11124] D Allowing access to clean content, uri 'http://detectportal.firefox.com/success.txt?ipv4'
2022-05-01T11:30:26.399Z [ 7084:11124] I [scan] connection:0x277e7fa9810 url:http://detectportal.firefox.com/success.txt?ipv6 flowId:8346 decision:allowed
2022-05-01T11:30:26.399Z [ 7084:11124] D Allowing access to clean content, uri 'http://detectportal.firefox.com/success.txt?ipv6'
2022-05-01T11:30:26.408Z [ 7084:11124] I [check-ip] connection:0x277e7fa9330 ip:34.107.221.82 flowId:8345 decision:continue
2022-05-01T11:30:27.239Z [ 7084: 7184] I [webengine] New connection 0x277e7fa94b0
2022-05-01T11:30:27.240Z [ 7084: 7184] D Created context for flowId=8347
2022-05-01T11:30:27.240Z [ 7084: 7184] I [webengine] New connection 0x277e7fa93f0
2022-05-01T11:30:27.240Z [ 7084: 7184] D Created context for flowId=8348
2022-05-01T11:30:27.240Z [ 7084: 7184] D Looking up IP: 127.0.0.1
2022-05-01T11:30:27.241Z [ 7084:11124] I [check-ip] connection:0x277e7fa93f0 ip:127.0.0.1 flowId:8348 decision:continue
2022-05-01T11:30:50.694Z [ 7084: 7184] I [webengine] New connection 0x277e7fa96f0
2022-05-01T11:30:50.694Z [ 7084: 7184] D Created context for flowId=8363
2022-05-01T11:30:50.695Z [ 7084: 7184] I [webengine] New connection 0x277e7fa9930
2022-05-01T11:30:50.695Z [ 7084: 7184] D Created context for flowId=8364
2022-05-01T11:30:50.695Z [ 7084: 7184] D Looking up IP: 127.0.0.1
2022-05-01T11:30:50.695Z [ 7084:11124] I [check-ip] connection:0x277e7fa9930 ip:127.0.0.1 flowId:8364 decision:continue
2022-05-01T11:30:59.504Z [ 7084: 7184] D  request disconnect flowId=7220 side=0 flags=589824
2022-05-01T11:30:59.519Z [ 7084: 7184] D  request disconnect flowId=7220 side=1 flags=5
2022-05-01T11:30:59.520Z [ 7084: 7184] D Got Pending Close flowId=7220 flags=1073741824
2022-05-01T11:30:59.520Z [ 7084: 7176] D Erasing context for flowId=7220
2022-05-01T11:30:59.520Z [ 7084: 7176] D Storing web flow journal event for 13295877833-7220. Number of certs stored: 0
2022-05-01T11:30:59.520Z [ 7084: 7176] I [webengine] Closing connection 0x277e80700e0 for 'www.ft.com': request=367119b, response=923178b, lifetime=425592ms, firstResponse=25ms, businessLogicDelay=0ms, timeInCache=3ms, in=25ms, out=425591ms, l.eos=425576ms, r.eos=425592ms
PS C:\>