Skip to content

Domain categories

Cloudflare Gateway allows you to block known and potential security risks on the public Internet, as well as specific categories of content. Domains are categorized by Cloudflare Radar.

Cloudflare categorizes domains into content categories and security categories, which cover security risks and security threats:

  • Content categories: An upstream vendor supplies content categories for domains. These categories help us organize domains into broad topic areas. However, the specific criteria and methods used by our vendor may not be disclosed.
  • Security risks: Cloudflare determines security risks for domains using internal models. These models analyze various factors, including the age of a domain and its reputation. This allows us to identify potentially risky domains.
  • Security threats: To identify malicious domains that pose security threats, Cloudflare employs a mix of internal data sources, machine learning models, commercial feeds, and open-source threat intelligence.

You can block security and content categories by creating DNS or HTTP policies. Once you have configured your policies, you will be able to inspect network activity and the associated categories in your Gateway logs.

To request changes to a domain’s categorization, refer to Change categorization. For more information on investigating potentially risky domains, refer to Investigate threats.

Security categories

CategoryDefinition
AnonymizerSites that allow users to surf the Internet anonymously.
Brand EmbeddingSites that imitate a verified brand, for example facobook.com.
Command and Control & BotnetSites that are queried by compromised devices to exfiltrate information or potentially infect other devices in a network.
CryptominingSites that mine cryptocurrency by taking over the user’s computing resources.
DGA DomainsDomains detected as generated by algorithms seen in malware.
DNS TunnelingDomains with detected DNS tunneling activity.
MalwareSites hosting malicious content and other compromised websites.
PhishingDomains that are known for stealing personal information.
Private IP AddressDomains that resolve to private IP Addresses.
SpamSites that are known for targeting users with unwanted sweepstakes, surveys, and advertisements.
SpywareSites that are known to distribute or contain code that displays unwanted advertisements or that gathers user information without the user’s knowledge.

Content categories

CategoryDefinition
Adult ThemesSites that are hosting content related to pornography, nudity, sexuality, and other adult themes.
Business & EconomySites that are related to business, economy, finance, education, science and technology.
Child AbuseSites hosting child abuse content.
CIPASites related to aiding schools and organizations in abiding by CIPA requirements.
EducationSites hosting educational content that are not included in other categories like Science, Technology or Educational institutions.
EntertainmentSites that are hosting entertaining content that are not included in other categories like Comic books, Audio streaming, Video streaming etc.
GamblingSites that are providing online gambling or are related to gambling.
Government & PoliticsSites related to government and politics.
HealthSites containing information about health and fitness.
Information TechnologySites related to information technology.
Internet CommunicationSites hosting applications that are used for communication like chat, mail etc.
Job Search & CareersSites that facilitate searching for jobs and careers.
MiscellaneousSites that are not included in the listed security and content categories.
Questionable ContentSites hosting content that are related to hacking, piracy, profanity and other questionable activities.
Real EstateSites related to real estate.
ReligionSites hosting content about religion, alternative religion, religious teachings, religious groups and spirituality.
Security RisksSites that are new or misconfigured. We recommend that you allow or isolate this content category to avoid accidentally blocking trusted domains.
Shopping & AuctionsSites that are hosting content related to ecommerce, coupons, shopping, auctions and marketplaces.
Social & FamilySites related to society and lifestyle.
Society & LifestyleSites hosting information about lifestyle that are not included in other categories like fashion, food & drink etc.
SportsSites related to sports & recreation.
TechnologySites hosting information about technology that are not included in the science category.
TravelSites that contain information about listings, reservations, services for travel.
VehiclesSites related vehicles, automobiles, including news, reviews, and other hobbyist information.
ViolenceSites hosting and/or promoting violent content.
WeatherSites related to weather.

Miscellaneous subcategories

CategoryDefinition
Login ScreensSites hosting login screens that might also be included in other categories.
MiscellaneousSites that do not belong to other content categories.
No ContentSites that have no content.
RedirectDomains that redirect to other sites.
UnreachableDomains that resolve to unreachable IP addresses.

Security risk subcategories

CategoryDefinition
New DomainsDomains registered within the past 30 days.
Newly Seen DomainsDomains that were resolved for the first time within the past 30 days.
Parked & For Sale DomainsDomains that are not connected to a hosting service.

Category and subcategory IDs

Category IDCategory NameSubcategory IDSubcategory Name
2Adult Themes67Adult Themes
2Adult Themes125Nudity
2Adult Themes133Pornography
3Business & Economy75Business
3Business & Economy89Economy & Finance
3Business & Economy183Cryptocurrency
6Education90Education
6Education91Educational Institutions
6Education144Science
6Education150Space & Astronomy
7Entertainment70Arts
7Entertainment74Audio Streaming
7Entertainment76Cartoons & Anime
7Entertainment79Comic Books
7Entertainment92Entertainment
7Entertainment96Fine Art
7Entertainment100Gaming
7Entertainment106Home Video/DVD
7Entertainment107Humor
7Entertainment116Magazines
7Entertainment120Movies
7Entertainment121Music
7Entertainment122News & Media
7Entertainment127Paranormal
7Entertainment139Radio
7Entertainment156Television
7Entertainment164Video Streaming
8Gambling99Gambling
9Government & Politics101Government
9Government & Politics137Politics, Advocacy, and Government-Related
10Health103Health & Fitness
10Health146Sex Education
12Internet Communication77Chat
12Internet Communication98Forums
12Internet Communication108Information Security
12Internet Communication110Instant Messengers
12Internet Communication111Internet Phone & VOIP
12Internet Communication118Messaging
12Internet Communication126P2P
12Internet Communication129Personal Blogs
12Internet Communication168Webmail
12Internet Communication172Photo Sharing
13Job Search & Careers113Job Search & Careers
15Miscellaneous115Login Screens
15Miscellaneous119Miscellaneous
15Miscellaneous124No Content
15Miscellaneous141Redirect
15Miscellaneous161Unreachable
17Questionable Content85Deceptive Ads
17Questionable Content87Drugs
17Questionable Content102Hacking
17Questionable Content135Profanity
17Questionable Content138Questionable Activities
17Questionable Content157Militancy, Hate & Extremism
17Questionable Content162Unreliable Information
18Real Estate140Real Estate
19Religion142Religion
20Safe for Kids143Safe for Kids
21Security threats68Anonymizer
21Security threats80Command and Control & Botnet
21Security threats83Cryptomining
21Security threats117Malware
21Security threats131Phishing
21Security threats134Private IP Address
21Security threats151Spam
21Security threats153Spyware
21Security threats175DNS Tunneling
21Security threats176Domain Generation Algorithm
21Security threats178Brand Embedding
22Shopping & Auctions73Auctions & Marketplaces
22Shopping & Auctions82Coupons
22Shopping & Auctions88Ecommerce
22Shopping & Auctions148Shopping
24Society & Lifestyle71Arts & Crafts
24Society & Lifestyle72Astrology
24Society & Lifestyle78Clothing
24Society & Lifestyle84Dating & Relationships
24Society & Lifestyle86Digital Postcards
24Society & Lifestyle93Parenting
24Society & Lifestyle94Fashion
24Society & Lifestyle97Food & Drink
24Society & Lifestyle104Hobbies & Interests
24Society & Lifestyle105Home & Garden
24Society & Lifestyle114Lifestyle
24Society & Lifestyle130Pets
24Society & Lifestyle132Photography
24Society & Lifestyle136Professional Networking
24Society & Lifestyle147Sexuality
24Society & Lifestyle149Social Networks
24Society & Lifestyle154Swimsuits
24Society & Lifestyle158Tobacco
24Society & Lifestyle173Body Art
24Society & Lifestyle174Lingerie & Bikini
24Society & Lifestyle181Alcohol
25Sports152Sports
26Technology69APIs
26Technology81Content Servers
26Technology95File Sharing
26Technology109Information Technology
26Technology123News, Portal & Search
26Technology145Search Engines
26Technology155Technology
26Technology159Translator
26Technology184Artificial Intelligence
27Travel160Travel
28Vehicles163Vehicles
29Violence165Violence
29Violence166Weapons
30Weather167Weather
31Always blocked170Child Abuse
32Security Risks128Parked & For Sale Domains
32Security Risks169New Domains
32Security Risks177Newly Seen Domains
34CIPA182CIPA Filter

Filtering options

Filter traffic by resolved IP category

When creating a DNS policy for security or content categories, you can optionally turn on Filter traffic by resolved IP category in the policy settings. When turned on, Gateway will block queries based on their resolved IP address in addition to the domain name. This setting may increase the number of false positives because domains in the blocked category can share IP addresses with legitimate domains.

Ignore CNAME domain categories

The categories for a site’s CNAME records may differ from its A record. For example, blog.example.com may be categorized under Personal Blogs, while example.com is categorized under Technology. To limit matches for a DNS policy to only the root domain’s categories, turn on Ignore CNAME domain categories.

Regardless of this setting, CNAME domain categories will still appear in your Gateway Logpush logs.

Categorization process

Cloudflare’s domain categorization engine begins with multiple data sources, including:

  1. Cloudflare’s proprietary data using our global network.

  2. Third-party intelligence feeds. Cloudflare uses data from over 30 open-source intelligence feeds and premium commercial feeds, such as Avira and Zvelo.

Then, the initial categorization is refined via:

  1. Machine learning models. Our algorithms, including DGA Domains, DNS tunneling, and phishing detection models analyze patterns and behaviors to detect new and evolving threats.

  2. Community feedback. Through a review process, Cloudflare assesses feedback by both our internal models and threat analysts. This ensures that our categorizations reflect the most current and accurate threat intelligence.