Restricting URLs or IP addresses on a per-user basis is at least difficult and
to my knowlege, no one has a technology for that.
The usual filtering (ie restrictions) are implemented at a gateway firewall
or at a specific system's firewall -- this is reasonably easy to do.
If you had a second machine for GUEST users (whom I would guess are your children), then
you create four rules in the firewall, in this order
allow tcp outbound dest ip xxx1 port 80
allow tcp outbound dest ip xxx2 port 80
allow tcp outbound dest ip xxx3 port 80
deny tcp outbound all dest
you find the xxx1,2,3 ip addresses by using
for each of the three urls (but leave off the HTTP