Guest User!

You are not Sophos Staff.

Thread Info
  • State Verified Answer
  • +1 person also asked this people also asked this
  • Locked Locked
  • Replies 11 replies
  • Answers 1 answer
  • Subscribers 7 subscribers
  • Views 9437 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

HTTPS Traffic Dropped

MichaelHess

My UTM install has been running for a little over 3 years. It is currently on Firmware version 9.405-5 and Pattern version 106631. With the last update, it started blocking YouTube and many of the Google apps, like Drive. Logging into Gmail became problematic also. I have not made any changes to the config for several months before this began. 

This is my first post. So, I apologize if I have omitted any needed info. Please let me know what else is needed and I will gladly post it.

Here is an excerpt of the live log of firewall traffic.

Live Log: Firewall
Filter:
Autoscroll
Reload
10:41:18 Default DROP ICMP  
216.58.218.14    
96.37.242.30    
 
len=576 ttl=54 tos=0x00 srcmac=00:01:5c:65:da:46 dstmac=00:50:56:03:02:0b
10:41:18 Default DROP ICMP  
216.58.218.14    
96.37.242.30    
 
len=576 ttl=54 tos=0x00 srcmac=00:01:5c:65:da:46 dstmac=00:50:56:03:02:0b
10:41:18 Default DROP ICMP  
216.58.218.14    
96.37.242.30    
 
len=576 ttl=54 tos=0x00 srcmac=00:01:5c:65:da:46 dstmac=00:50:56:03:02:0b
10:41:19 Default DROP ICMP  
216.58.218.14    
96.37.242.30    
 
len=576 ttl=54 tos=0x00 srcmac=00:01:5c:65:da:46 dstmac=00:50:56:03:02:0b
10:41:21 Default DROP ICMP  
216.58.218.14    
96.37.242.30    
 
len=576 ttl=54 tos=0x00 srcmac=00:01:5c:65:da:46 dstmac=00:50:56:03:02:0b
10:41:23 Default DROP ICMP  
216.58.218.14    
96.37.242.30    
 
len=576 ttl=54 tos=0x00 srcmac=00:01:5c:65:da:46 dstmac=00:50:56:03:02:0b
10:41:25 Default DROP ICMP  
216.58.218.14    
96.37.242.30    
 
len=576 ttl=54 tos=0x00 srcmac=00:01:5c:65:da:46 dstmac=00:50:56:03:02:0b
10:41:25 Default DROP ICMP  
216.58.218.14    
96.37.242.30    
 
len=576 ttl=54 tos=0x00 srcmac=00:01:5c:65:da:46 dstmac=00:50:56:03:02:0b
10:41:25 Default DROP ICMP  
216.58.218.14    
96.37.242.30    
 
len=576 ttl=54 tos=0x00 srcmac=00:01:5c:65:da:46 dstmac=00:50:56:03:02:0b
10:41:25 Default DROP ICMP  
216.58.218.14    
96.37.242.30    
 
len=576 ttl=54 tos=0x00 srcmac=00:01:5c:65:da:46 dstmac=00:50:56:03:02:0b
10:41:27 Default DROP ICMP  
216.58.218.14    
96.37.242.30    
 
len=576 ttl=54 tos=0x00 srcmac=00:01:5c:65:da:46 dstmac=00:50:56:03:02:0b
10:41:28 Default DROP ICMP  
216.58.218.14    
96.37.242.30    
 
len=576 ttl=54 tos=0x00 srcmac=00:01:5c:65:da:46 dstmac=00:50:56:03:02:0b
10:41:28 Default DROP UDP  
203.192.151.103 : 64281
216.58.218.14 : 443
 
len=1378 ttl=127 tos=0x00 srcmac=44:8a:5b:9a:76:8c dstmac=00:50:56:03:02:0a
10:41:28 Default DROP UDP  
203.192.151.103 : 64281
216.58.218.14 : 443
 
len=1378 ttl=127 tos=0x00 srcmac=44:8a:5b:9a:76:8c dstmac=00:50:56:03:02:0a
10:41:28 Default DROP UDP  
203.192.151.103 : 53152
216.58.218.13 : 443
 
len=1378 ttl=127 tos=0x00 srcmac=44:8a:5b:9a:76:8c dstmac=00:50:56:03:02:0a
10:41:28 Default DROP UDP  
203.192.151.103 : 64281
216.58.218.14 : 443
 
len=1378 ttl=127 tos=0x00 srcmac=44:8a:5b:9a:76:8c dstmac=00:50:56:03:02:0a
10:41:28 Default DROP UDP  
203.192.151.103 : 53152
216.58.218.13 : 443
 
len=1378 ttl=127 tos=0x00 srcmac=44:8a:5b:9a:76:8c dstmac=00:50:56:03:02:0a
10:41:28 Default DROP TCP  
216.58.218.14 : 443
96.37.242.30 : 62634
 
[ACK FIN] len=52 ttl=54 tos=0x00 srcmac=00:01:5c:65:da:46 dstmac=00:50:56:03:02:0b
10:41:29 Default DROP ICMP  
216.58.218.14    
96.37.242.30    
 
len=576 ttl=54 tos=0x00 srcmac=00:01:5c:65:da:46 dstmac=00:50:56:03:02:0b
10:41:29 Default DROP UDP  
203.192.151.103 : 53152
216.58.218.13 : 443
 
len=1378 ttl=127 tos=0x00 srcmac=44:8a:5b:9a:76:8c dstmac=00:50:56:03:02:0a
10:41:30 Default DROP UDP  
203.192.151.103 : 64281
216.58.218.14 : 443
 
len=1378 ttl=127 tos=0x00 srcmac=44:8a:5b:9a:76:8c dstmac=00:50:56:03:02:0a
10:41:30 Default DROP UDP  
203.192.151.103 : 53152
216.58.218.13 : 443
 
len=1378 ttl=127 tos=0x00 srcmac=44:8a:5b:9a:76:8c dstmac=00:50:56:03:02:0a
10:41:31 Default DROP UDP  
203.192.151.103 : 64281
216.58.218.14 : 443
 
len=1378 ttl=127 tos=0x00 srcmac=44:8a:5b:9a:76:8c dstmac=00:50:56:03:02:0a
10:41:31 Default DROP UDP  
203.192.151.103 : 53152
216.58.218.13 : 443
 
len=1378 ttl=127 tos=0x00 srcmac=44:8a:5b:9a:76:8c dstmac=00:50:56:03:02:0a
10:41:32 Default DROP UDP  
203.192.151.103 : 64281
216.58.218.14 : 443
 
len=98 ttl=127 tos=0x00 srcmac=44:8a:5b:9a:76:8c dstmac=00:50:56:03:02:0a
10:41:32 Default DROP UDP  
203.192.151.103 : 53152
216.58.218.13 : 443
 
len=98 ttl=127 tos=0x00 srcmac=44:8a:5b:9a:76:8c dstmac=00:50:56:03:02:0a
10:41:34 Default DROP ICMP  
216.58.218.14    
96.37.242.30    
 
len=576 ttl=54 tos=0x00 srcmac=00:01:5c:65:da:46 dstmac=00:50:56:03:02:0b
10:41:44 Default DROP ICMP  
216.58.218.14    
96.37.242.30    
 
len=576 ttl=54 tos=0x00 srcmac=00:01:5c:65:da:46 dstmac=00:50:56:03:02:0b
10:41:44 Default DROP ICMP  
216.58.218.14    
96.37.242.30    
 
len=576 ttl=54 tos=0x00 srcmac=00:01:5c:65:da:46 dstmac=00:50:56:03:02:0b
10:41:44 Default DROP ICMP  
216.58.218.14    
96.37.242.30    
 
len=576 ttl=54 tos=0x00 srcmac=00:01:5c:65:da:46 dstmac=00:50:56:03:02:0b
10:41:44 Default DROP ICMP  
216.58.218.14    
96.37.242.30    
 
len=576 ttl=54 tos=0x00 srcmac=00:01:5c:65:da:46 dstmac=00:50:56:03:02:0b
10:41:46 Default DROP ICMP  
216.58.218.14    
96.37.242.30    
 
len=576 ttl=54 tos=0x00 srcmac=00:01:5c:65:da:46 dstmac=00:50:56:03:02:0b
10:41:48 Default DROP ICMP  
216.58.218.14    
96.37.242.30    
 
len=576 ttl=54 tos=0x00 srcmac=00:01:5c:65:da:46 dstmac=00:50:56:03:02:0b

What do I need to change to fix this? Thanks, in advance, for your help.



This thread was automatically locked due to age.
Parents
  • 0

    Hi by just looking at your firewall log I cannot really see what might be wrong. All that gets blocked in these lines is mostly ICMP or UDP traffic. HTTPS is TCP traffic on port 443 and that's not something on this list.

    Do you use Web-protection? Is web-protection still switched on? Can you see any information in web-protection log?

  • 0 in reply to apijnappels

    Here is the web-protection live log:

    Live Log: Web Filtering
    Filter:
    		Autoscroll
    Reload
    2016:08:13-21:15:04 constable httpproxy[1245]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="GET" srcip="203.192.151.103" dstip="208.95.185.58" user="" group="" ad_domain="" statuscode="200" cached="0" profile="REF_DefaultHTTPProfile (Default Web Filter Profile)" filteraction="REF_DefaultHTTPCFFAction (Default content filter action)" size="3928" request="0xddd59e00" url="launcher.startrekonline.com/.../sto_launcher_box_top.png" referer="launcher.startrekonline.com/launcher_login" error="" authtime="0" dnstime="0" cattime="583" avscantime="1157" fullreqtime="653171" device="0" auth="0" ua="Mozilla/5.0 (Windows NT 6.2; WOW64) AppleWebKit/537.1 (KHTML, like Gecko) Chrome/21.0.1180.91 Safari/537.1" exceptions="" category="116" reputation="neutral" categoryname="Games" sandbox="-" content-type="image/png"
    2016:08:13-21:15:04 constable httpproxy[1245]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="GET" srcip="203.192.151.103" dstip="208.95.185.58" user="" group="" ad_domain="" statuscode="200" cached="0" profile="REF_DefaultHTTPProfile (Default Web Filter Profile)" filteraction="REF_DefaultHTTPCFFAction (Default content filter action)" size="29340" request="0xe13b1200" url="launcher.startrekonline.com/.../startrek.ttf" referer="launcher.startrekonline.com/launcher_login" error="" authtime="0" dnstime="0" cattime="525" avscantime="1574" fullreqtime="830897" device="0" auth="0" ua="Mozilla/5.0 (Windows NT 6.2; WOW64) AppleWebKit/537.1 (KHTML, like Gecko) Chrome/21.0.1180.91 Safari/537.1" exceptions="" category="116" reputation="neutral" categoryname="Games" sandbox="-" content-type="application/x-font-ttf"
    2016:08:13-21:15:14 constable httpproxy[1245]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="GET" srcip="203.192.151.103" dstip="54.154.54.23" user="" group="" ad_domain="" statuscode="200" cached="0" profile="REF_DefaultHTTPProfile (Default Web Filter Profile)" filteraction="REF_DefaultHTTPCFFAction (Default content filter action)" size="286" request="0xdd00fe00" url="api.better-history.com/.../bhrule referer="" error="" authtime="0" dnstime="157719" cattime="97887" avscantime="5131" fullreqtime="510390" device="0" auth="0" ua="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.82 Safari/537.36" exceptions="" category="178" reputation="neutral" categoryname="Internet Services" sandbox="-" content-type="text/plain"
    2016:08:13-21:15:17 constable httpproxy[1245]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="GET" srcip="203.192.151.115" dstip="50.115.126.70" user="" group="" ad_domain="" statuscode="404" cached="0" profile="REF_HttProContaInterNetwo (Zach Sleep)" filteraction="REF_DefaultHTTPCFFAction (Default content filter action)" size="39" request="0xe2961600" url="s.optifine.net/.../Fuzzy_Bunny95.cfg" referer="" error="" authtime="0" dnstime="265" cattime="39300" avscantime="2484" fullreqtime="186750" device="0" auth="0" ua="Java/1.8.0_91" exceptions="" category="116" reputation="neutral" categoryname="Games" sandbox="-" content-type="text/html"
    2016:08:13-21:15:17 constable httpproxy[1245]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="GET" srcip="203.192.151.115" dstip="50.115.126.70" user="" group="" ad_domain="" statuscode="404" cached="0" profile="REF_HttProContaInterNetwo (Zach Sleep)" filteraction="REF_DefaultHTTPCFFAction (Default content filter action)" size="39" request="0xa560600" url="s.optifine.net/.../Fuzzy_Bunny95.png" referer="" error="" authtime="0" dnstime="269" cattime="39354" avscantime="2627" fullreqtime="187058" device="0" auth="0" ua="Java/1.8.0_91" exceptions="" category="116" reputation="neutral" categoryname="Games" sandbox="-" content-type="text/html"
    2016:08:13-21:15:22 constable httpproxy[1245]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="CONNECT" srcip="203.192.151.115" dstip="52.85.101.127" user="" group="" ad_domain="" statuscode="200" cached="0" profile="REF_HttProContaInterNetwo (Zach Sleep)" filteraction="REF_DefaultHTTPCFFAction (Default content filter action)" size="4089" request="0xde3c6a00" url="https://api.mojang.com/" referer="" error="" authtime="0" dnstime="62211" cattime="206" avscantime="0" fullreqtime="5253079" device="0" auth="0" ua="" exceptions="" category="116" reputation="neutral" categoryname="Games"
    2016:08:13-21:15:27 constable httpproxy[1245]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="CONNECT" srcip="203.192.151.115" dstip="52.85.101.127" user="" group="" ad_domain="" statuscode="200" cached="0" profile="REF_HttProContaInterNetwo (Zach Sleep)" filteraction="REF_DefaultHTTPCFFAction (Default content filter action)" size="5139" request="0xe295fe00" url="sessionserver.mojang.com/" referer="" error="" authtime="0" dnstime="55199" cattime="219" avscantime="0" fullreqtime="9863741" device="0" auth="0" ua="" exceptions="" category="116" reputation="neutral" categoryname="Games"
    2016:08:13-21:15:47 constable httpproxy[1245]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="GET" srcip="203.192.151.217" dstip="23.7.32.29" user="" group="" ad_domain="" statuscode="304" cached="0" profile="REF_DefaultHTTPProfile (Default Web Filter Profile)" filteraction="REF_DefaultHTTPCFFAction (Default content filter action)" size="0" request="0x99e8400" url="walter-producer-cdn.api.bbci.co.uk/.../followtopics.json" referer="" error="" authtime="0" dnstime="74575" cattime="34609" avscantime="0" fullreqtime="145555" device="0" auth="0" ua="BBCNews/3.7.1.9 GNL (XT1575; Android 6.0)" exceptions="" category="134" reputation="neutral" categoryname="General News"
    2016:08:13-21:15:47 constable httpproxy[1245]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="GET" srcip="203.192.151.217" dstip="23.7.32.29" user="" group="" ad_domain="" statuscode="304" cached="0" profile="REF_DefaultHTTPProfile (Default Web Filter Profile)" filteraction="REF_DefaultHTTPCFFAction (Default content filter action)" size="0" request="0x99e7e00" url="walter-producer-cdn.api.bbci.co.uk/.../ads" referer="" error="" authtime="0" dnstime="74488" cattime="34824" avscantime="0" fullreqtime="152812" device="0" auth="0" ua="BBCNews/3.7.1.9 GNL (XT1575; Android 6.0)" exceptions="" category="134" reputation="neutral" categoryname="General News"
    2016:08:13-21:15:47 constable httpproxy[1245]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="GET" srcip="203.192.151.217" dstip="54.231.131.122" user="" group="" ad_domain="" statuscode="200" cached="0" profile="REF_DefaultHTTPProfile (Default Web Filter Profile)" filteraction="REF_DefaultHTTPCFFAction (Default content filter action)" size="1406" request="0xa9c5800" url="p3icdn.s3.amazonaws.com/favico.ico" referer="" error="" authtime="0" dnstime="49148" cattime="387" avscantime="1731" fullreqtime="285332" device="0" auth="0" ua="" exceptions="" category="177" reputation="trusted" categoryname="Content Server" sandbox="-" content-type="image/x-icon"
    2016:08:13-21:16:04 constable httpproxy[1245]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="GET" srcip="203.192.151.103" dstip="208.95.185.58" user="" group="" ad_domain="" statuscode="200" cached="0" profile="REF_DefaultHTTPProfile (Default Web Filter Profile)" filteraction="REF_DefaultHTTPCFFAction (Default content filter action)" size="2" request="0xe13b1200" url="launcher.startrekonline.com/launcher_server_status" referer="launcher.startrekonline.com/launcher_login" error="" authtime="0" dnstime="308" cattime="315" avscantime="2187" fullreqtime="59848801" device="0" auth="0" ua="Mozilla/5.0 (Windows NT 6.2; WOW64) AppleWebKit/537.1 (KHTML, like Gecko) Chrome/21.0.1180.91 Safari/537.1" exceptions="" category="116" reputation="neutral" categoryname="Games" sandbox="-" content-type="application/octet-stream"
    2016:08:13-21:16:23 constable httpproxy[1245]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="CONNECT" srcip="203.192.151.115" dstip="216.58.218.5" user="" group="" ad_domain="" statuscode="200" cached="0" profile="REF_HttProContaInterNetwo (Zach Sleep)" filteraction="REF_DefaultHTTPCFFAction (Default content filter action)" size="482982" request="0xe0a07200" url="https://mail.google.com/" referer="" error="" authtime="0" dnstime="4" cattime="192" avscantime="0" fullreqtime="536034001" device="0" auth="0" ua="" exceptions="" category="156" reputation="trusted" categoryname="Web Mail"
    2016:08:13-21:16:24 constable httpproxy[1245]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="CONNECT" srcip="203.192.151.115" dstip="216.58.218.14" user="" group="" ad_domain="" statuscode="200" cached="0" profile="REF_HttProContaInterNetwo (Zach Sleep)" filteraction="REF_DefaultHTTPCFFAction (Default content filter action)" size="9344" request="0xdca77200" url="safebrowsing.google.com/" referer="" error="" authtime="0" dnstime="2" cattime="89" avscantime="0" fullreqtime="653718101" device="0" auth="0" ua="" exceptions="" category="145" reputation="neutral" categoryname="Search Engines"
Reply
  • 0 in reply to apijnappels

    Here is the web-protection live log:

    Live Log: Web Filtering
    Filter:
    		Autoscroll
    Reload
    2016:08:13-21:15:04 constable httpproxy[1245]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="GET" srcip="203.192.151.103" dstip="208.95.185.58" user="" group="" ad_domain="" statuscode="200" cached="0" profile="REF_DefaultHTTPProfile (Default Web Filter Profile)" filteraction="REF_DefaultHTTPCFFAction (Default content filter action)" size="3928" request="0xddd59e00" url="launcher.startrekonline.com/.../sto_launcher_box_top.png" referer="launcher.startrekonline.com/launcher_login" error="" authtime="0" dnstime="0" cattime="583" avscantime="1157" fullreqtime="653171" device="0" auth="0" ua="Mozilla/5.0 (Windows NT 6.2; WOW64) AppleWebKit/537.1 (KHTML, like Gecko) Chrome/21.0.1180.91 Safari/537.1" exceptions="" category="116" reputation="neutral" categoryname="Games" sandbox="-" content-type="image/png"
    2016:08:13-21:15:04 constable httpproxy[1245]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="GET" srcip="203.192.151.103" dstip="208.95.185.58" user="" group="" ad_domain="" statuscode="200" cached="0" profile="REF_DefaultHTTPProfile (Default Web Filter Profile)" filteraction="REF_DefaultHTTPCFFAction (Default content filter action)" size="29340" request="0xe13b1200" url="launcher.startrekonline.com/.../startrek.ttf" referer="launcher.startrekonline.com/launcher_login" error="" authtime="0" dnstime="0" cattime="525" avscantime="1574" fullreqtime="830897" device="0" auth="0" ua="Mozilla/5.0 (Windows NT 6.2; WOW64) AppleWebKit/537.1 (KHTML, like Gecko) Chrome/21.0.1180.91 Safari/537.1" exceptions="" category="116" reputation="neutral" categoryname="Games" sandbox="-" content-type="application/x-font-ttf"
    2016:08:13-21:15:14 constable httpproxy[1245]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="GET" srcip="203.192.151.103" dstip="54.154.54.23" user="" group="" ad_domain="" statuscode="200" cached="0" profile="REF_DefaultHTTPProfile (Default Web Filter Profile)" filteraction="REF_DefaultHTTPCFFAction (Default content filter action)" size="286" request="0xdd00fe00" url="api.better-history.com/.../bhrule referer="" error="" authtime="0" dnstime="157719" cattime="97887" avscantime="5131" fullreqtime="510390" device="0" auth="0" ua="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.82 Safari/537.36" exceptions="" category="178" reputation="neutral" categoryname="Internet Services" sandbox="-" content-type="text/plain"
    2016:08:13-21:15:17 constable httpproxy[1245]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="GET" srcip="203.192.151.115" dstip="50.115.126.70" user="" group="" ad_domain="" statuscode="404" cached="0" profile="REF_HttProContaInterNetwo (Zach Sleep)" filteraction="REF_DefaultHTTPCFFAction (Default content filter action)" size="39" request="0xe2961600" url="s.optifine.net/.../Fuzzy_Bunny95.cfg" referer="" error="" authtime="0" dnstime="265" cattime="39300" avscantime="2484" fullreqtime="186750" device="0" auth="0" ua="Java/1.8.0_91" exceptions="" category="116" reputation="neutral" categoryname="Games" sandbox="-" content-type="text/html"
    2016:08:13-21:15:17 constable httpproxy[1245]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="GET" srcip="203.192.151.115" dstip="50.115.126.70" user="" group="" ad_domain="" statuscode="404" cached="0" profile="REF_HttProContaInterNetwo (Zach Sleep)" filteraction="REF_DefaultHTTPCFFAction (Default content filter action)" size="39" request="0xa560600" url="s.optifine.net/.../Fuzzy_Bunny95.png" referer="" error="" authtime="0" dnstime="269" cattime="39354" avscantime="2627" fullreqtime="187058" device="0" auth="0" ua="Java/1.8.0_91" exceptions="" category="116" reputation="neutral" categoryname="Games" sandbox="-" content-type="text/html"
    2016:08:13-21:15:22 constable httpproxy[1245]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="CONNECT" srcip="203.192.151.115" dstip="52.85.101.127" user="" group="" ad_domain="" statuscode="200" cached="0" profile="REF_HttProContaInterNetwo (Zach Sleep)" filteraction="REF_DefaultHTTPCFFAction (Default content filter action)" size="4089" request="0xde3c6a00" url="https://api.mojang.com/" referer="" error="" authtime="0" dnstime="62211" cattime="206" avscantime="0" fullreqtime="5253079" device="0" auth="0" ua="" exceptions="" category="116" reputation="neutral" categoryname="Games"
    2016:08:13-21:15:27 constable httpproxy[1245]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="CONNECT" srcip="203.192.151.115" dstip="52.85.101.127" user="" group="" ad_domain="" statuscode="200" cached="0" profile="REF_HttProContaInterNetwo (Zach Sleep)" filteraction="REF_DefaultHTTPCFFAction (Default content filter action)" size="5139" request="0xe295fe00" url="sessionserver.mojang.com/" referer="" error="" authtime="0" dnstime="55199" cattime="219" avscantime="0" fullreqtime="9863741" device="0" auth="0" ua="" exceptions="" category="116" reputation="neutral" categoryname="Games"
    2016:08:13-21:15:47 constable httpproxy[1245]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="GET" srcip="203.192.151.217" dstip="23.7.32.29" user="" group="" ad_domain="" statuscode="304" cached="0" profile="REF_DefaultHTTPProfile (Default Web Filter Profile)" filteraction="REF_DefaultHTTPCFFAction (Default content filter action)" size="0" request="0x99e8400" url="walter-producer-cdn.api.bbci.co.uk/.../followtopics.json" referer="" error="" authtime="0" dnstime="74575" cattime="34609" avscantime="0" fullreqtime="145555" device="0" auth="0" ua="BBCNews/3.7.1.9 GNL (XT1575; Android 6.0)" exceptions="" category="134" reputation="neutral" categoryname="General News"
    2016:08:13-21:15:47 constable httpproxy[1245]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="GET" srcip="203.192.151.217" dstip="23.7.32.29" user="" group="" ad_domain="" statuscode="304" cached="0" profile="REF_DefaultHTTPProfile (Default Web Filter Profile)" filteraction="REF_DefaultHTTPCFFAction (Default content filter action)" size="0" request="0x99e7e00" url="walter-producer-cdn.api.bbci.co.uk/.../ads" referer="" error="" authtime="0" dnstime="74488" cattime="34824" avscantime="0" fullreqtime="152812" device="0" auth="0" ua="BBCNews/3.7.1.9 GNL (XT1575; Android 6.0)" exceptions="" category="134" reputation="neutral" categoryname="General News"
    2016:08:13-21:15:47 constable httpproxy[1245]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="GET" srcip="203.192.151.217" dstip="54.231.131.122" user="" group="" ad_domain="" statuscode="200" cached="0" profile="REF_DefaultHTTPProfile (Default Web Filter Profile)" filteraction="REF_DefaultHTTPCFFAction (Default content filter action)" size="1406" request="0xa9c5800" url="p3icdn.s3.amazonaws.com/favico.ico" referer="" error="" authtime="0" dnstime="49148" cattime="387" avscantime="1731" fullreqtime="285332" device="0" auth="0" ua="" exceptions="" category="177" reputation="trusted" categoryname="Content Server" sandbox="-" content-type="image/x-icon"
    2016:08:13-21:16:04 constable httpproxy[1245]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="GET" srcip="203.192.151.103" dstip="208.95.185.58" user="" group="" ad_domain="" statuscode="200" cached="0" profile="REF_DefaultHTTPProfile (Default Web Filter Profile)" filteraction="REF_DefaultHTTPCFFAction (Default content filter action)" size="2" request="0xe13b1200" url="launcher.startrekonline.com/launcher_server_status" referer="launcher.startrekonline.com/launcher_login" error="" authtime="0" dnstime="308" cattime="315" avscantime="2187" fullreqtime="59848801" device="0" auth="0" ua="Mozilla/5.0 (Windows NT 6.2; WOW64) AppleWebKit/537.1 (KHTML, like Gecko) Chrome/21.0.1180.91 Safari/537.1" exceptions="" category="116" reputation="neutral" categoryname="Games" sandbox="-" content-type="application/octet-stream"
    2016:08:13-21:16:23 constable httpproxy[1245]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="CONNECT" srcip="203.192.151.115" dstip="216.58.218.5" user="" group="" ad_domain="" statuscode="200" cached="0" profile="REF_HttProContaInterNetwo (Zach Sleep)" filteraction="REF_DefaultHTTPCFFAction (Default content filter action)" size="482982" request="0xe0a07200" url="https://mail.google.com/" referer="" error="" authtime="0" dnstime="4" cattime="192" avscantime="0" fullreqtime="536034001" device="0" auth="0" ua="" exceptions="" category="156" reputation="trusted" categoryname="Web Mail"
    2016:08:13-21:16:24 constable httpproxy[1245]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="CONNECT" srcip="203.192.151.115" dstip="216.58.218.14" user="" group="" ad_domain="" statuscode="200" cached="0" profile="REF_HttProContaInterNetwo (Zach Sleep)" filteraction="REF_DefaultHTTPCFFAction (Default content filter action)" size="9344" request="0xdca77200" url="safebrowsing.google.com/" referer="" error="" authtime="0" dnstime="2" cattime="89" avscantime="0" fullreqtime="653718101" device="0" auth="0" ua="" exceptions="" category="145" reputation="neutral" categoryname="Search Engines"
Children
No Data