Skip to content

FQDN / URL Filtering Categories

Valtix uses threat intelligence from WebRootTM BrightCloud to categorize web sites based on their risk score. This includes fully qualified domain names (FQDNs), sometimes referred to as domain names, and URLs. This provides sites across 84 categories when traffic from your public cloud environment makes outbound connections (egress) to these sites:

  • FQDN / Domains - 842+ Million domains
  • URL - 37+ Billion URLs

Valtix considers the following categories to be particularly malicious:

Malicious Categories

Category Name Category Description
Malware Sites Sites hosting malicious content including executables, drive-by infection sites, malicious scripts, viruses, trojans, and code.
Phishing and Other Frauds Phishing, pharming, and other sites that pose as a reputable site, usually to harvest personal information from a user. These sites are typically quite short-lived, so they don’t last long in terms of uptime.
Proxy Avoidance and Anonymizers Proxy servers and other methods to gain access to URLs in any way that bypasses URL filtering or monitoring. Web-based translation sites that circumvent filtering.
Keyloggers and Monitoring Software agents that track a user's keystrokes or monitor their web surfing habits. Often used for collecting sensitive data such as usernames and passwords.
SPAM URLs Sites known to distribute unsolicited email (spam) messages.
Spyware & Adware Spyware or Adware sites that provide or promote information gathering or tracking that is unknown to, or without the explicit consent of, the end user or the organization, also unsolicited advertising popups and programs that may be installed on a user's computer.
Bot Nets These are URLs, often IP addresses, which are determined to be part of a Bot network, from which network attacks are launched. Attacks may include SPAM messages, DOS, SQL injections, proxy jacking, and other unsolicited contacts.

Valtix offers traffic analysis when viewing traffic via Discover -> Traffic -> DNS and Investigate -> Flow Analytics -> Traffic Summary, where a pre-defined Malicious Categories filter can be selected to show instances and VPCs communicating with these Malicious Category FQDNs and URLs.

The full list of categories is shown below.

Full List of Categories

Category Name Category Name Category Name Category Name
Abortion Games Motor Vehicles Sex Education
Abused Drugs Government Music Shareware and Freeware
Adult and Pornography Gross News and Media Shopping
Alcohol and Tobacco Hacking Nudity Social Networking
Auctions Hate and Racism Online Greeting Cards Society
Bot Nets Health and Medicine Open HTTP Proxies SPAM URLs
Business and Economy Home and Garden Parked Domains Sports
Cheating Hunting and Fishing Pay to Surf Spyware and Adware
Computer and Internet Info Illegal Peer to Peer Streaming Media
Computer and Internet Security Image and Video Search Personal sites and Blogs Swimsuits and Intimate Apparel
Confirmed SPAM Sources Individual Stock Advice and Tools Personal Storage Training and Tools
Content Delivery Networks Internet Communications Philosophy and Political Advocacy Translation
Cult and Occult Internet Portals Phishing and Other Frauds Travel
Dating Job Search Private IP Addresses Uncategorized
Dead Sites Keyloggers and Monitoring Proxy Avoidance and Anonymizers Unconfirmed SPAM Sources
Dynamically Generated Content Kids Questionable Violence
Educational Institutions Legal Real Estate Weapons
Entertainment and Arts Local Information Recreation and Hobbies Web Advertisements
Fashion and Beauty Malware Sites Reference and Research Web Hosting
Financial Services Marijuana Religion Web-based Email
Gambling Military Search Engines Services

Associating a Filtering Profile with a Policy Ruleset Rule

BrightCloud URL / IP Lookup Tool

BrightCloud offers an online URL / IP Lookup Tool that can be used to understand what category a particular FQDN / URL is classified as along with its Web Reputation.