Whitelist Types
The Threat IQ whitelist contains a variety of domains that are non-malicious but may deliver content that could be annoying or risky - for example, hosting domains, advertising domains, etc. These whitelist domains are classified by type to aid you in filtering if desired.
Type Definitions
Type | Description |
---|---|
1 | White domain: the domain is white (non-malicious) and all sub-domains should be considered white without qualification. |
2 | White hosting domain: the domain is used for hosting or similar services and should be considered white. Although there is some risk that sub-domains might be used for malicious purposes, most sub-domains will be non-malicious. |
3 | Risky hosting domain: the domain is used for hosting or similar services (e.g., dynamic DNS). Although the base domain should not be considered malicious, there is a history and, thus, increased risk of sub-domains being used for malicious purposes. |
4 | Dangerous hosting domain: the domain is used for hosting or similar services (e.g., dynamic DNS, bulk domain provision). Although the base domain should not be considered malicious, malicious sub-domains are common enough that any sub-domain ought to be considered suspicious until proven non-malicious. |
5 | Advertising domain: the domain is used to deliver or facilitate online advertising and, thus, should be considered white (though any ad network can be exploited for the purposes of malvertising). |
6 | Grey list domain: the domain has not been identified by ThreatTrack as malicious and is probably white non-malicious), it has not been specifically identified as white. Thus, most "grey" domains probably are white, though a small percentage may be black (malicious). |