Dear Artem,
To monitor (Logs incidents for data transferred by temporary usb / cd users ) which of users opens specific websites you need to create a temporary user policy.
Detection Rules : Protocol is FTP, Copy to Network Share, HTTP, Email/SMTP, Removable Storage, ....
AND
- Match IP address(es)......
Please make sure to mark this as a solution to your problem,