Squid proxy ignores squidguard rewrite url, domains and forwards to blocked url (squid 3.5)

I’ve squid 3 setup on ubuntu server (DISTRIB_RELEASE=18.04) squid proxy version: 3.5.27
with the below config.
When i try to access any url for example a porn site, which is blocked in squidGuard blocked domains/url list, but squid proxy forwards to the porn site.
I’ve enabled debug logs on squid proxy and i could see that this is allowed with the below acl.
The squid porxy never redirects the url to squidGuard,
Am i missing any config to redirect the url to squidGuard.
I’ve been on this for whole week, google played with install and uninstall and also copied the shared configs from github, i still see squid proxy never redirects to squidGuard.

Any help on this will be much appreciated.

 acl localnet src 192.168.0.0/16
 http_access allow localnet

My complete config:

acl localnet src fc00::/7       # RFC 4193 local private network range
acl localnet src fe80::/10      # RFC 4291 link-local (directly plugged) machines
acl to_localnet dst 10.0.0.0/8
acl to_localnet dst 192.168.0.0/24


# standard allowed outbound ports
acl SSL_ports port 443
acl Safe_ports port 80          # http
acl Safe_ports port 21          # ftp
acl Safe_ports port 443         # https
acl Safe_ports port 70          # gopher
acl Safe_ports port 210         # wais
acl Safe_ports port 1025-65535  # unregistered ports
acl Safe_ports port 280         # http-mgmt
acl Safe_ports port 488         # gss-http
acl Safe_ports port 591         # filemaker
acl Safe_ports port 777         # multiling http
acl CONNECT method CONNECT

http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports

acl manager proto cache_object
http_access allow localhost manager
http_access deny manager

# allow outbound if from on the Squid host
http_access allow localhost
http_access allow localnet
http_access allow to_localnet
# only allow outbound from the whitelist in /etc/squid/
#acl egress_domains dstdomain "/etc/squid/whitelist"
#http_access allow localnet egress_domains

# allow egress to an IP from the internal network

# And finally deny all other access to this proxy
http_access deny all

# Squid normally listens to port 3128
http_port 192.168.1.138:8888 
http_port 192.168.1.138:8889 intercept

debug_options ALL,1 33,2 33,9

# Caching patterns for squid cache objects
refresh_pattern ^ftp:           1440    20%     10080
refresh_pattern ^gopher:        1440    0%      1440
refresh_pattern -i (/cgi-bin/|?) 0     0%      0
refresh_pattern (Release|Packages(.gz)*)$      0       20%     2880
# example lin deb packages
#refresh_pattern (.deb|.udeb)$   129600 100% 129600
refresh_pattern .               0       20%     4320

shutdown_lifetime 10 seconds
error_directory /usr/share/squid/errors/en/
error_default_language en

logformat squid-cs %{%Y-%m-%d %H:%M:%S}tl %3tr %>a %Ss/%03>Hs %<st %rm %>ru %un %Sh/%<a %mt "%{User-Agent}>h" "SQUID-CS" %>st %note
access_log /var/log/squid/access.log squid-cs

url_rewrite_children 20 startup=0 idle=1 concurrency=2
url_rewrite_program /usr/bin/squidGuard –c /etc/squidguard/squidGuard.conf

sample curl call to test:

   curl -I -XGET  $http_proxy https://www.freexcafe.com/

http://devappserver-api:8888
HTTP/1.1 503 Service Unavailable
Server: squid/3.5.27
Mime-Version: 1.0
Date: Wed, 02 Dec 2020 08:07:14 GMT
Content-Type: text/html;charset=utf-8
Content-Length: 3471
X-Squid-Error: ERR_CONNECT_FAIL 111
X-Cache: MISS from devappserver-api
X-Cache-Lookup: MISS from devappserver-api:8888
Via: 1.1 devappserver-api (squid/3.5.27)
Connection: keep-alive

HTTP/1.1 200 Connection established

HTTP/2 200 
server: nginx
date: Wed, 02 Dec 2020 08:07:14 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.2.34


acces.log:



Acl.cc(138) matches: checking http_access#8
2020/12/02 03:32:29.857 kid1| 28,5| Acl.cc(138) matches: checking all
2020/12/02 03:32:29.857 kid1| 28,9| Ip.cc(95) aclIpAddrNetworkCompare: aclIpAddrNetworkCompare: compare: 192.168.1.130:55336/(::) ((::):55336)  vs (::)-(::)/(::)
2020/12/02 03:32:29.857 kid1| 28,3| Ip.cc(539) match: aclIpMatchIp: '192.168.1.130:55336' found
2020/12/02 03:32:29.857 kid1| 28,3| Acl.cc(158) matches: checked: all = 1
2020/12/02 03:32:29.857 kid1| 28,3| Acl.cc(158) matches: checked: http_access#8 = 1
2020/12/02 03:32:29.857 kid1| 28,3| InnerNode.cc(97) resumeMatchingAt: checked: http_access = 1
2020/12/02 03:32:29.858 kid1| 28,3| Checklist.cc(63) markFinished: 0x55673fdd4b88 answer ALLOWED for match
2020/12/02 03:32:29.858 kid1| 28,3| Checklist.cc(163) checkCallback: ACLChecklist::checkCallback: 0x55673fdd4b88 answer=ALLOWED
2020/12/02 03:32:29.858 kid1| 28,4| FilledChecklist.cc(66) ~ACLFilledChecklist: ACLFilledChecklist destroyed 0x55673fdd4b88
2020/12/02 03:32:29.858 kid1| 28,4| Checklist.cc(197) ~ACLChecklist: ACLChecklist::~ACLChecklist: destroyed 0x55673fdd4b88
2020/12/02 03:32:29.858 kid1| 28,4| FilledChecklist.cc(66) ~ACLFilledChecklist: ACLFilledChecklist destroyed 0x7ffddcf37af0
2020/12/02 03:32:29.858 kid1| 28,4| Checklist.cc(197) ~ACLChecklist: ACLChecklist::~ACLChecklist: destroyed 0x7ffddcf37af0
2020/12/02 03:32:29.858 kid1| 28,4| FilledChecklist.cc(66) ~ACLFilledChecklist: ACLFilledChecklist destroyed 0x7ffddcf37af0
2020/12/02 03:32:29.858 kid1| 28,4| Checklist.cc(197) ~ACLChecklist: ACLChecklist::~ACLChecklist: destroyed 0x7ffddcf37af0
2020/12/02 03:32:29.858 kid1| 28,4| FilledChecklist.cc(66) ~ACLFilledChecklist: ACLFilledChecklist destroyed 0x7ffddcf36fe0
2020/12/02 03:32:29.858 kid1| 28,4| Checklist.cc(197) ~ACLChecklist: ACLChecklist::~ACLChecklist: destroyed 0x7ffddcf36fe0
2020/12/02 03:32:30.151 kid1| 33,2| client_side.cc(3370) clientReadRequest: local=192.168.1.138:8888 remote=192.168.1.130:55334 FD 11 flags=1: got flag -1; (104) Connection reset by peer
2020/12/02 03:32:30.152 kid1| 33,2| client_side.cc(832) swanSong: local=192.168.1.138:8888 remote=192.168.1.130:55336 flags=1
2020/12/02 03:32:30.152 kid1| 28,3| Checklist.cc(70) preCheck: 0x7ffddcf37d30 checking fast ACLs
2020/12/02 03:32:30.152 kid1| 28,5| Acl.cc(138) matches: checking access_log /var/log/squid/access.log
2020/12/02 03:32:30.152 kid1| 28,5| Acl.cc(138) matches: checking (access_log /var/log/squid/access.log line)
2020/12/02 03:32:30.152 kid1| 28,3| Acl.cc(158) matches: checked: (access_log /var/log/squid/access.log line) = 1
2020/12/02 03:32:30.152 kid1| 28,3| Acl.cc(158) matches: checked: access_log /var/log/squid/access.log = 1
2020/12/02 03:32:30.152 kid1| 28,3| Checklist.cc(63) markFinished: 0x7ffddcf37d30 answer ALLOWED for match
2020/12/02 03:32:30.152 kid1| 28,4| FilledChecklist.cc(66) ~ACLFilledChecklist: ACLFilledChecklist destroyed 0x7ffddcf37d30
2020/12/02 03:32:30.152 kid1| 28,4| Checklist.cc(197) ~ACLChecklist: ACLChecklist::~ACLChecklist: destroyed 0x7ffddcf37d30
2020/12/02 03:32:30.152 kid1| 33,2| client_side.cc(832) swanSong: local=192.168.1.138:8888 remote=192.168.1.130:55334 flags=1