For reputation or categorization inquiries, visit the Talos Support site. For emergency DDoS mitigation assistance, please contact the Cisco Secure DDoS Protection Team.
Talos, Cisco’s Security Intelligence and Research Group, constantly tracks a broad set of attributes to evaluate conclusions about a given host. The below tables contain alphabetical listings and descriptions of the standard categories used to classify website content and the standard threat categories used to classify attack types.
| New Generative AI category added to Talos reputation services | May 29, 2024 |
| Changes to Cisco Talos’ Content and Threat Category lists | January 11, 2021 |
| New Content Categories Released (April 2019) | March 25, 2019 |
| Category | Abbreviation | Code | Description | Example Urls |
|---|---|---|---|---|
| Adult | adlt | 1006 | Directed at adults, but not necessarily pornographic. May include adult clubs (strip clubs, swingers clubs, escort services, strippers), general information about sex, non-pornographic in nature, genital piercing, adult products or greeting cards, information about sex not in the context of health or disease. | http://www.adultentertainmentexpo.com http://www.sincerelynot.com |
| Advertisements | adv | 1027 | Banner and pop-up advertisements that often accompany a web page, other advertising websites that provide advertisement content. Advertising services and sales are classified as Business and Industry. | http://www.adforce.com http://doubleclick.com |
| Alcohol | alc | 1077 | Alcohol as a pleasurable activity, beer and wine making, cocktail recipes, liquor sellers, wineries, vineyards, breweries, alcohol distributors. Alcohol addiction is classified as Health and Medicine. Bars and restaurants are classified as Dining and Drinking. | http://www.samueladams.com http://www.whisky.com |
| Animals and Pets | pets | 1107 | Information about domestic animals, livestock, service animals, pets and their care. Veterinary services, medicines, and animal health. Pet and animal training, aquariums, zoos, and animal shows. Includes animal shelters, humane societies, animal centric charities, and sanctuaries, bee keeping, training, and animal husbandry; dinosaurs and extinct animals. | http://petmd.co http://wheaten.org.uk |
| Arts | art | 1002 | Galleries and exhibitions, artists and art, photography, literature and books, performing arts and theater, musicals, ballet, design, architecture. Cinema and television are classified as Entertainment. | http://www.rosenthalfineart.com http://www.nga.gov |
| Astrology | astr | 1074 | Astrology, horoscope, fortune telling, numerology, psychic advice, tarot. | http://www.astro.com http://www.astrology.com |
| Auctions | auct | 1088 | Online and offline auctions, auction houses, and classified advertisements. | http://www.craigslist.com http://www.ebay.com |
| Business and Industry | busi | 1019 | Marketing, commerce, corporations, business practices, workforce, human resources, transportation, payroll, security and venture capital, office supplies, industrial equipment (process equipment), machines and mechanical systems, heating equipment, cooling equipment, materials handling equipment, packaging equipment, manufacturing: solids handling, metal fabrication, construction and building, passenger transportation, commerce, industrial design, construction, building materials, shipping and freight (freight services, trucking, freight forwarders, truckload carriers, freight and transportation brokers, expedited services, load and freight matching, track and trace, rail shipping, ocean shipping, road feeder services, moving and storage). | http://www.freightcenter.com http://www.ge.com |
| Cannabis | cann | 1109 | Websites that focus on the recreational and medicinal consumption of cannabis. Sites may include marketing, discussions about legal and regulatory issues, growth and production, paraphernalia, research, and investment in the cannabis industry. Dispensaries, cannabinoid (CBD oil, THC, etc.) based products are also included. | http://localproduct.co http://oregonbc.com |
| Chat and Instant Messaging | chat | 1040 | Web-based instant messaging and chat rooms. | http://www.icq.com http://www.e-chat.co |
| Cheating and Plagiarism | plag | 1051 | Promoting cheating and selling written work, such as term papers, for plagiarism. | http://www.bestessays.com http://www.superiorpapers.com |
| Child Abuse Content | cprn | 1064 | Worldwide illegal child sexual abuse content. | |
| Cloud and Data Centers | serv | 1118 | Platforms used to serve cloud infrastructure or data center hosting to support an organization's applications, services, or data processing. Due to the de-centralized nature of these domains and IP addresses, a more specific category cannot be applied based on content or ownership. | http://azurewebsites.net http://s3.amazonaws.com |
| Computer Security | csec | 1065 | Offering security products and services for corporate and home users. | http://www.computersecurity.com http://www.symantec.com |
| Computers and Internet | comp | 1003 | Information about computers and software, such as hardware, software, software support, information for software engineers, programming and networking, website design, the web and Internet in general, computer science, and computer graphics. Freeware and Shareware is a separate category. | http://www.xml.com http://www.w3.org |
| Conventions, Conferences and Trade Shows | expo | 1110 | Seminars, trade shows, conventions and conferences themed around a particular industry, market, or common interest. May include information about acquiring tickets, registration, abstract or presentation proposal guidelines, workshops, sponsorship details, vendor or exhibitor information, and other marketing or promotional material. This category includes academic, professional, as well as pop-culture events, all of which tend to be a short-lived or annual event. | http://thesmallbusinessexpo.com http://makerfaire.com |
| Cryptocurrency | cryp | 1111 | Online brokerages and websites that enable users to trade cryptocurrencies; information regarding cryptocurrencies including analysis, commentary, advice, performance indexes, and price charts. General information about cryptomining and mining businesses are included in this category but domains and IP addresses directly involved in mining activities are categorized as Cryptomining. | http://coinbase.com http://coinsutra.com |
| Cryptomining | mine | 1112 | Hosts that are actively participating in a cryptocurrency mining pool. | http://give-me-coins.com http://slushpool.com |
| Dating | date | 1055 | Dating, online personals, matrimonial agencies. | http://www.eharmony.com http://www.match.com |
| Digital Postcards | card | 1082 | Enabling sending of digital postcards and e-cards. | http://www.hallmarkecards.com http://www.bluemountain.com |
| Dining and Drinking | food | 1061 | Eating and drinking establishments, restaurants, bars, taverns, and pubs, restaurant guides and reviews. | http://www.zagat.com http://www.experiencethepub.com |
| DIY Projects | diy | 1097 | Guidance and information to create, improve, modify, decorate and repair something without the aid of experts or professionals. | http://www.diy-tips.co.uk http://www.thisoldhouse.com |
| DNS-Tunneling | tunn | 1122 | Sites that provide DNS Tunneling as a service. These services can be for PC or mobile and create a VPN connection specifically over DNS to send traffic that may bypass corporate policies and inspection. | |
| Dynamic and Residential | dyn | 1091 | IP addresses of broadband links that usually indicates users attempting to access their home network, for example for a remote session to a home computer. | http://109.60.192.55 |
| Dynamic DNS Provider | ddns | 1114 | Users may use dynamic DNS services to make certain applications or content accessible via the web from endpoints hosted on dynamically assigned IP addresses. Access is granted through a hostname on the domain owned by the dynamic DNS service. | http://noip.com http://afraid.org |
| Education | edu | 1001 | Education-related, such as schools, colleges, universities, teaching materials, and teachers' resources; technical and vocational training; online training; education issues and policies; financial aid; school funding; standards and testing. | http://www.education.com http://www.greatschools.org |
| Encrypted DNS | doht | 1113 | Encrypted DNS requests using HTTPS (DoH), TLS (DoT), QUIC (DoQ), or similar technologies. These protocols are typically used as a layer of security and privacy by end-users, but the encryption hides the content and destination of the request, and the request is passed through a third-party. | http://cloudflare-dns.com http://dns.google.com |
| Entertainment | ent | 1093 | Details or discussion of films, music and bands, television, celebrities and fan websites, entertainment news, celebrity gossip, entertainment venues. Compare the Arts category. | http://www.eonline.com http://www.ew.com |
| Extreme | extr | 1075 | Material of a sexually violent or criminal nature, violence and violent behavior, tasteless, often gory photographs, such as autopsy photos, photos of crime scenes, crime and accident victims, excessive obscene material, shock websites. | http://www.car-accidents.com http://www.crime-scene-photos.com |
| Fashion | fash | 1076 | Clothing and fashion, hair salons, cosmetics, accessories, jewelry, perfume, pictures and text relating to body modification, tattoos and piercing, modeling agencies. Dermatological products are classified as Health and Medicine. | http://www.fashion.net http://www.styleseat.com |
| File Transfer Services | fts | 1071 | File transfer services with the primary purpose of providing download services and hosted file sharing. | http://sharefile.com http://www.wetransfer.com |
| Filter Avoidance | filt | 1025 | Promoting and aiding undetectable and anonymous web usage, including cgi, php and glype anonymous proxy services. | http://www.bypassschoolfilter.com http://www.filterbypass.com |
| Finance | fnnc | 1015 | Primarily financial in nature, such as accounting practices and accountants, taxation, taxes, banking, insurance, investing, the national economy, personal finance involving insurance of all types, credit cards, retirement and estate planning, loans, mortgages. Stock and shares are classified as Online Trading. | http://www.finance.yahoo.com http://www.bankofamerica.com |
| Freeware and Shareware | free | 1068 | Providing downloads of free and shareware software. | http://www.freewarehome.com http://www.filehippo.com |
| Gambling | gamb | 1049 | Casinos and online gambling, bookmakers and odds, gambling advice, competitive racing in a gambling context, sports booking, sports gambling, services for spread betting on stocks and shares. Websites dealing with gambling addiction are classified as Health and Medicine. Government-run lotteries are classified as Lotteries. | http://www.888.com http://www.gambling.com |
| Games | game | 1007 | Various card games, board games, word games, and video games, combat games, sports games, downloadable games, game reviews, cheat sheets, computer games and Internet games, such as role-playing games. | http://www.games.com http://www.shockwave.com |
| Generative AI | gnai | 1128 | Websites whose primary purpose is to use artificial intelligence models to generate output in the form of text, audio, video, or images based on user-supplied prompts. Technologies which tangentially use generative AI as part of their service are not included. | http://gemini.google.com http://chat.openai.com |
| Government and Law | gov | 1011 | Government websites, foreign relations, news and information relating to government and elections, information relating to the field of law, such as attorneys, law firms, law publications, legal reference material, courts, dockets, and legal associations, legislation and court decisions, civil rights issues, immigration, patents and copyrights, information relating to law enforcement and correctional systems, crime reporting, law enforcement, and crime statistics. | http://www.usa.gov http://www.law.com |
| Hacking | hack | 1050 | Discussing ways to bypass the security of websites, software, and computers. | http://www.hackthissite.org http://www.gohacking.com |
| Hate Speech | hate | 1016 | Websites promoting hatred, intolerance, or discrimination on the basis of social group, color, religion, sexual orientation, disability, class, ethnicity, nationality, age, gender, gender identity, sites promoting racism, sexism, racist theology, hate music, neo-Nazi organizations, supremacism, Holocaust denial. | http://www.kkk.com http://www.aryanunity.com |
| Health and Medicine | hmed | 1104 | Health care; diseases and disabilities; medical care; hospitals; doctors; medicinal drugs; mental health; psychiatry; pharmacology; exercise and fitness; physical disabilities; vitamins and supplements; sex in the context of health (disease and health care); tobacco use, alcohol use, drug use, and gambling in the context of health (disease and health care). | http://webmd.com http://health.com |
| Humor | lol | 1079 | Jokes, sketches, comics and other humorous content. Adult humor likely to offend is classified as Adult. | http://www.pun.me http://www.jokes.com |
| Hunting | hunt | 1098 | Professional or sport hunting, gun clubs and other hunting related sites. | http://www.bulletsafaris.com http://mfha.org |
| Illegal Activities | ilac | 1022 | Promoting crime, such as stealing, fraud, illegally accessing telephone networks, computer viruses, bombs, and anarchy, websites depicting murder and suicide as well as explaining ways to commit them. | http://www.ekran.no http://pyrobin.com |
| Illegal Downloads | ildl | 1084 | Providing the ability to download software or other materials, serial numbers, key generators, and tools for bypassing software protection in violation of copyright agreements. Torrents are classified as Peer File Transfer. | http://www.keygenninja.com http://www.rootscrack.com |
| Illegal Drugs | drug | 1047 | Information about recreational drugs, drug paraphernalia, drug purchase and manufacture. | http://www.shroomery.org http://www.planetsteroids.com |
| Infrastructure and Content Delivery Networks | infr | 1018 | Content delivery infrastructure and dynamically generated content, websites that cannot be classified more specifically because they are secured or otherwise difficult to classify. | http://www.akamai.net http://www.webstat.net |
| Internet of Things | iot | 1116 | Domains used to monitor the general health, activity, or aid in the configuration of Internet of Things (IoT) and other network-aware electronics. Additionally these sites may provide software or firmware updates or allow remote access to administer the device. IoT exists in both consumer and professional segments, in products such as printers, televisions, thermostats, system monitoring, automation, and smart appliances. | http://samsungotn.net http://transport.nest.com |
| Internet Telephony | voip | 1067 | Telephonic services using the Internet. | http://www.skype.com http://www.getvoca.com |
| Job Search | job | 1004 | Career advice, resume writing and interviewing skills, job placement services, job databanks, permanent and temporary employment agencies, employer websites. | http://www.careerbuilder.com http://www.monster.com |
| Lingerie and Swimsuits | ling | 1031 | Intimate apparel and swimwear, especially when modeled. | http://www.swimsuits.com http://www.victoriassecret.com |
| Lotteries | lotr | 1034 | Sweepstakes, contests and state-sponsored lotteries. | http://www.calottery.com http://www.flalottery.com |
| Military | mil | 1099 | Military, such as the armed forces, military bases, military organizations, anti-terrorism. | http://www.goarmy.com http://www.todaysmilitary.com |
| Mobile Phones | cell | 1070 | Short Message Services (SMS), ringtones and mobile phone downloads. Cellular carrier websites are included in the Business and Industry category. | http://www.textanywhere.com/ http://www.zedge.net |
| Museums | muse | 1117 | Museums and exhibits, both online and physical, dedicated to preserving information regarding subjects that could be of general interest or highly specialized. Subjects could range from art, history, science, or be of cultural importance. | http://ushmm.org http://museodelasmomiasdeguanajuato.negocio.site |
| Nature and Conservation | ncon | 1106 | Sites related to natural resources; ecology and conservation; forests; wilderness; plants; flowers; forest conservation; forest, wilderness, and forestry practices; forest management (reforestation, forest protection, conservation, harvesting, forest health, thinning, and prescribed burning); agricultural practices (agriculture, gardening, horticulture, landscaping, planting, weed control, irrigation, pruning, and harvesting); pollution issues (air quality, hazardous waste, pollution prevention, recycling, waste management, water quality, and the environmental cleanup industry). | http://nature.org http://thepottedgarden.co.uk |
| News | news | 1058 | News, headlines, newspapers, television stations, magazines, weather, ski conditions. | http://www.cnn.com http://news.bbc.co.uk |
| Non-governmental Organizations | ngo | 1087 | Non-governmental organizations such as clubs, lobbies, communities, non-profit organizations and labor unions. | http://www.panda.org http://www.unions.org |
| Non-sexual Nudity | nsn | 1060 | Nudism and nudity, naturism, nudist camps, artistic nudes. | http://www.1001fessesproject.com http://www.naturistsociety.com |
| Not Actionable | nact | 1103 | Sites that have been inspected but are unreachable or do not have enough content to be assigned a category. | |
| Online Communities | comm | 1024 | Affinity groups, special interest groups, web newsgroups, message boards. Excludes websites classified as Professional Networking or Social Networking. | http://www.reddit.com http://www.stackexchange.com |
| Online Document Sharing and Collaboration | docs | 1115 | Cloud-based software used to create, convert, or edit documents. Collaboration and sharing features may be available with access permissions typically configured by the author. Documents may be stored online or available to download. | http://pastebin.com http://docs.google.com |
| Online Meetings | meet | 1100 | Online meetings, desktop sharing, remote access and other tools that facilitate multi-location collaboration. | http://www.join.me http://www.teamviewer.com |
| Online Storage and Backup | osb | 1066 | Offsite and peer-to-peer storage for backup, sharing, and hosting. | http://www.adrive.com http://www.dropbox.com |
| Online Trading | trad | 1028 | Online brokerages, websites that enable the user to trade stocks online, information relating to the stock market, stocks, bonds, mutual funds, brokers, stock analysis and commentary, stock screens, stock charts, IPOs, stock splits. Services for spread betting on stocks and shares are classified as Gambling. Other financial services are classified as Finance. | http://www.tdameritrade.com http://www.etrade.com |
| Organizational Email | pem | 1085 | Websites used to access business email (often via Outlook Web Access). | http://mail.zoho.com http://webmail.edmc.edu |
| Paranormal | prnm | 1101 | UFOs, ghosts, cryptid, telekenesis, urban legends and myths. | http://www.ghoststudy.com http://www.ufocasebook.com |
| Parked Domains | park | 1092 | Websites that monetize traffic from the domain using paid listings from an ad network, or are owned by 'squatters' hoping to sell the domain name for a profit. These also include fake search websites which return paid ad links. | http://www.domainzaar.com http://www.cricketbuzz.com |
| Peer File Transfer | p2p | 1056 | Peer-to-peer file request websites. This does not track the file transfers themselves. | http://www.bittorrent.com http://www.torrentdownloads.me |
| Personal Sites | pers | 1081 | Websites about and from private individuals, personal homepage servers, websites with personal contents, personal blogs with no particular theme. | http://www.blogmaverick.com http://www.stallman.org |
| Personal VPN | pvpn | 1102 | Virtual private network (VPN) sites or tools that are typically for personal use,and, may or may not be approved for corporate usage. | http://www.openvpn.net http://www.torvpn.com |
| Photo Search and Images | img | 1090 | Facilitating the storing and searching for, images, photographs, and clip-art. | http://www.flickr.com http://www.photobucket.com |
| Politics | pol | 1083 | Websites of politicians, political parties, news and information on politics, elections, democracy, and voting. | http://www.politics.com http://www.gp.org |
| Pornography | porn | 1054 | Sexually explicit text or depictions. Includes explicit anime and cartoons, general explicit depictions, other fetish material, explicit chat rooms, sex simulators, strip poker, adult movies, lewd art, web-based explicit email. | http://www.redtube.com http://www.youporn.com |
| Private IP Addresses as Host | piah | 1121 | Private IP addresses which are used as the host part of a URL. Private IP addresses are meant for internal use behind border routers only, so they are not publicly routable. | |
| Professional Networking | pnet | 1089 | Social networking for the purpose of career or professional development. See also Social Networking. | http://www.linkedin.com http://www.europeanpwn.net |
| Real Estate | rest | 1045 | Information that would support the search for real estate, office and commercial space, real estate listings, such as rentals, apartments, and homes, house building. | http://www.realtor.com http://www.zillow.com |
| Recipes and Food | reci | 1105 | Sites dedicated to sharing or discussing information about cooking, recipes, and food or non-alcoholic beverages; cultural aspects of cuisine and food; diet descriptions and adherence tips, general nutrition information about foods. Use and instruction on cooking appliances and utensils. Food celebrity, lifestyle, and enthusiast blogs. | http://allrecipes.com http://seriouseats.com |
| Reference | ref | 1017 | City and state guides, maps, time, reference sources, dictionaries, libraries. | http://www.wikipedia.org http://www.yellowpages.com |
| Regional Restricted Sites (Germany) | xdeu | 1125 | URLs that are restricted in Germany due to content which may be unlawful as determined by the regional government. | |
| Regional Restricted Sites (Great Britain) | xgbr | 1123 | URLs that are restricted in Great Britain due to content which may be unlawful as determined by the regional government. | |
| Regional Restricted Sites (Italy) | xita | 1124 | URLs that are restricted in Italy due to content which may be unlawful as determined by the regional government. | |
| Regional Restricted Sites (Poland) | xpol | 1126 | URLs that are restricted in Poland due to content which may be unlawful as determined by the regional government. | http://betsafe62.com http://tornadobet69.com |
| Religion | rel | 1086 | Religious content, information about religions, religious communities. | http://www.religionfacts.com http://www.religioustolerance.org |
| SaaS and B2B | saas | 1080 | Web portals for online business services. | http://www.netsuite.com http://www.salesforce.com |
| Safe for Kids | kids | 1057 | Directed at, and specifically approved for, young children. | http://www.discoverykids.com http://www.nickjr.com |
| Science and Technology | sci | 1012 | Science and technology, such as aerospace, electronics, engineering, mathematics, and other similar subjects, space exploration, meteorology, geography, energy (fossil, nuclear, renewable), communications (telephones, telecommunications). | http://www.physorg.com http://www.science.gov |
| Search Engines and Portals | srch | 1020 | Search engines and other initial points of access to information on the Internet. | http://www.bing.com http://www.google.com |
| Sex Education | sxed | 1052 | Factual websites dealing with sex, sexual health, contraception, pregnancy. | http://www.avert.org http://www.scarleteen.com |
| Shopping | shop | 1005 | Bartering, online purchasing, coupons and free offers, general office supplies, online catalogs, online malls. | http://www.amazon.com http://www.shopping.com |
| Social Networking | snet | 1069 | Social networking. See also Professional Networking. | http://www.facebook.com http://www.twitter.com |
| Social Science | socs | 1014 | Sciences and history related to society, archaeology, anthropology, cultural studies, history, linguistics, geography, philosophy, psychology, women's studies. | http://www.archaeology.org http://www.anthropology.net |
| Society and Culture | scty | 1010 | Family and relationships, ethnicity, social organizations, genealogy, seniors, child-care. | http://www.childcareaware.org http://www.familysearch.org |
| Software Updates | swup | 1053 | Websites that host updates for software packages. | http://www.softwarepatch.com http://www.windowsupdate.com |
| Sports and Recreation | sprt | 1008 | All sports, professional and amateur, recreational activities, fishing, fantasy sports, public parks, amusement parks, water parks, theme parks, spas. | http://www.espn.com http://www.recreation.gov |
| Streaming Audio | aud | 1073 | Real-time streaming audio content including Internet radio and audio feeds. | http://www.live-radio.net http://www.shoutcast.com |
| Streaming Video | vid | 1072 | Real-time streaming video including Internet television, web casts, and video sharing. | http://www.hulu.com http://www.youtube.com |
| Terrorism and Violent Extremism | terr | 1119 | Terrorist or extremist websites that promote death or violence as part of their ideology. Sites may contain graphic or disturbing images, videos, and text. Some sites may not advocate terrorism but share first-hand material of a violent nature. | |
| Tobacco | tob | 1078 | Pro-tobacco websites, tobacco manufacturers, pipes and smoking products (not marketed for illegal drug use). Tobacco addiction is classified as Health and Medicine. | http://www.bat.com http://www.tobacco.org |
| Transportation | trns | 1044 | Personal transportation, information about cars and motorcycles, shopping for new and used cars and motorcycles, car clubs, boats, airplanes, recreational vehicles (RVs), and other similar items. Note, car and motorcycle racing is classified as Sports and Recreation. | http://www.cars.com http://www.motorcycles.com |
| Travel | trvl | 1046 | Business and personal travel, travel information, travel resources, travel agents, vacation packages, cruises, lodging and accommodation, travel transportation, flight booking, airfares, car rental, vacation homes. | http://www.expedia.com http://www.lonelyplanet.com |
| URL Shorteners | shrt | 1120 | Domains used to shorten long URLs, brand URLs, or may obscure the final destination of a hyperlink. | http://bit.ly http://tinyurl.com |
| Weapons | weap | 1036 | Information relating to the purchase or use of conventional weapons such as gun sellers, gun auctions, gun classified ads, gun accessories, gun shows, and gun training, general information about guns, other weapons may be included. Government military websites are classified as Military. | http://www.coldsteel.com http://www.gunbroker.com |
| Web Cache and Archives | cach | 1108 | Cached or archived web content often stored for preservation or to decrease load times. | http://archive.org http://webcache.googleusercontent.com |
| Web Hosting | whst | 1037 | Website hosting, bandwidth services. | http://www.bluehost.com http://www.godaddy.com |
| Web Page Translation | tran | 1063 | Translation of web pages between languages. | http://babelfish.com http://translate.google.com |
| Web-based Email | 1038 | Public web-based email services. Websites enabling individuals to access their company or organizations email service are classified as Organizational Email. | http://mail.yahoo.com http://outlook.com |
| Category | Description |
|---|---|
| Bogon | Bogons are IP Addresses that are known to belong to reserved IP address spaces that is supposedly unallocated or undelegated. Sites in this category are bogons that are known to be sending traffic. |
| Botnets | Known to participate in a Bot network. These include Command and Control (CNC, C2) Servers and sites that deliver or receive data as part of the malicious transaction (bots, zombies). |
| Cryptojacking | Websites with embedded scripts to mine cryptocurrency which use the visitor's web browser. The script may belong to the owner of the web site, or injected by a malicious third-party, and is used as a method of generating revenue. |
| DNS Tunneling | Sites that provide DNS Tunneling as a service. These services can be for PC or mobile and create a VPN connection specifically over DNS to send traffic that may bypass corporate policies and inspection. |
| Domain Generated Algorithm | Domains that are extracted from malware that employ algorithms that generate domains for potential use in future malicious activities such as hosting malware or as an exfiltration destination. |
| Dynamic DNS | Sites that are hosting dynamic DNS services. Attackers can use this technology as an evasion technique against IP blacklisting. |
| Ebanking Fraud | Known to engage in fraudulent activities that relate to electronic banking. |
| Exploits | Sites that are known to host or aide in exploits, drive-by-downloads and other activities that identifies and compromises vulnerable systems. |
| High Risk Sites and Locations | Domains and hostnames that match against the OpenDNS predictive security algorithms from security graph. |
| Indicators of Compromise (IOC) | Hosts that have been observed to engage in Indicators of Compromise. |
| Linkshare | Websites that share copyrighted files without permission. The web site may be compromised, or otherwise involved in illegal file sharing. |
| Malicious Sites | Sites exhibiting malicious behavior that do not necessarily fit into another, more granular, threat category. |
| Malware Sites | Websites that are known to contain, serve, or support malware in its delivery, propagation, or in carrying out its malicious intent. |
| Newly Seen Domains | Domains that have recently been registered, or not yet seen via telemetry. The behavior of these URLs has not been observed enough to establish the appropriate reputation. Spammers and malicious actors may rely on newly registered, or previously unused domains to disguise their activities, and avoid interdiction due to low reputation. Some legitimate URLs may briefly appear in this threat category as they become visible. |
| Open HTTP Proxy | Hosts that are known to run Open Web Proxies and offer anonymous web browsing services. |
| Open Mail Relay | Commonly used by Spam and Phishing attackers, sites in this category are hosts that are known to offer anonymous email relaying services. |
| Phishing | Phishing and other fraudulent sites that copy or mimic legitimate sites for the purposes of surreptitiously acquiring sensitive information, such as user names, passwords, credit card numbers, etc..., for use in malicious activities. |
| Spam | Known to serve, deliver or aide in the propagation of Spam. |
| Spyware and Adware | Sites that are known to contain, serve, or support Spyware and Adware activities. |
| TOR exit Nodes | Hosts known to offer exit node services for the Tor Anonymizer network. |