We noticed a strange phenomenon with at least two sites, both of which are using Adobe fonts (typenet.net), when accessed from behind our ASA with FTD.
Looking at the developer tools console in chrome, I can see that while the page is loading, the browser sits and eventually times out waiting for a response while trying to load a font from p.typekit.net, and we see this from both Windows and Mac clients on our internal network. The actual requested URL in one case is:
When analyzing the connection event logs in FMC, I am not seeing any relevant connections from the clients getting blocked, when loading these sites. Outside of our network, the issue does not come up. The client's we're seeing this from have access to http and https in our ACLs and aren't going through a proxy. Has anyone else run up against this?
Just to ensure that you have logging setup correctly, configure a rule which matches specific client source IP at the top and enable logging on it. Then look for connection events to see if there are matches.
Just ran into something similar, and what I found was that my 2120 was associating the URL https://p.typekit.net with a web application called Burnbook (an anonymous messaging app) which Cisco classifies as a Very High Risk application and was blocking it per a rule to block Very High Risk applications. I discovered this by viewing Connection Events filtered for my workstation IP while trying to load the website in question. I tried whitelisting the typekit URL with no effect. However whitelisting this Burnbook app did the trick. Not sure how/why Adobe's hosted web font service got linked with this Burnbook app by Cisco in their VDB.