XDM_CONST.URL_CATEGORY

Cortex Data Model Schema Guide

Product
Cortex XSIAM
Last date published
2024-11-27
Category
XSIAM Data Model Schema

URL category. See https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000Cm5hCAC.

Original

Mapped

Description

1

XDM_CONST.URL_CATEGORY_ABORTION

Sites that pertain to information or groups in favor of or against abortion, details regarding abortion procedures, help or support forums for or against abortion, or sites that provide information regarding the consequences/effects of pursuing (or not) an abortion.

2

XDM_CONST.URL_CATEGORY_ABUSED_DRUGS

Sites that promote the abuse of both legal and illegal drugs, use and sale of drug related paraphernalia, manufacturing and/or selling of drugs.

3

XDM_CONST.URL_CATEGORY_ADULT

Sexually explicit material, media (including language), art, and/or products, online groups or forums that are sexually explicit in nature. Sites that promote adult services such as video/telephone conferencing, escort services, strip clubs, etc. Anything containing adult content (even if it's games or comics) will be categorized as adult.

4

XDM_CONST.URL_CATEGORY_ALCOHOL_AND_TOBACCO

Sites that pertain to the sale, manufacturing, or use of alcohol and/or tobacco products and related paraphernalia. Includes sites related to electronic cigarettes.

5

XDM_CONST.URL_CATEGORY_AUCTIONS

Sites that promote the sale of goods between individuals.

6

XDM_CONST.URL_CATEGORY_BUSINESS_AND_ECONOMY

Marketing, management, economics, and sites relating to entrepreneurship or running a business. Includes advertising and marketing firms. Should not include corporate websites as they should be categorized with their technology. Also shipping sites, such as fedex.com and ups.com.

7

XDM_CONST.URL_CATEGORY_COMMAND_AND_CONTROL

Command-and-control URLs and domains used by malware and/or compromised systems to surreptitiously communicate with an attacker's remote server to receive malicious commands or exfiltrate data

8

XDM_CONST.URL_CATEGORY_COMPUTER_AND_INTERNET_INFO

General information regarding computers and the internet. Should include sites about computer science, engineering, hardware, software, security, programming, etc. Programming may have some overlap with reference, but the main category should remain computer and internet info.

9

XDM_CONST.URL_CATEGORY_CONTENT_DELIVERY_NETWORKS

Sites whose primary focus is delivering content to 3rd parties such as advertisements, media, files, etc. Also includes image servers.

10

XDM_CONST.URL_CATEGORY_COPYRIGHT_INFRINGEMENT

Domains with illegal content, such as content that allows illegal download of software or other intellectual property, which poses a potential liability risk. This category was introduced to enable adherence to child protection laws required in the education industry as well as laws in countries that require internet providers to prevent users from sharing copyrighted material through their service.

11

XDM_CONST.URL_CATEGORY_CRYPTOCURRENCY

Websites that promote cryptocurrencies, crypto mining websites (but not embedded crypto miners), cryptocurrency exchanges and vendors, and websites that manage cryptocurrency wallets and ledgers. This category does not include traditional financial services websites that reference cryptocurrencies, websites that explain and describe how cryptocurrencies and blockchains work, or websites that contain embedded crypto currency miners (grayware).

12

XDM_CONST.URL_CATEGORY_DATING

Websites offering online dating services, advice, and other personal ads

13

XDM_CONST.URL_CATEGORY_DYNAMIC_DNS

Hosts and domain names for systems with dynamically assigned IP addresses and which are oftentimes used to deliver malware payloads or C2 traffic. Also, dynamic DNS domains do not go through the same vetting process as domains that are registered by a reputable domain registration company, and are therefore less trustworthy.

14

XDM_CONST.URL_CATEGORY_EDUCATIONAL_INSTITUTIONS

Official websites for schools, colleges, universities, school districts, online classes, and other academic institutions. These refer to larger, established educational institutions such as elementary schools, high schools, universities, etc. Tutoring academies can go here as well.

15

XDM_CONST.URL_CATEGORY_ENTERTAINMENT_AND_ARTS

Sites for movies, television, radio, videos, programming guides/tools, comics, performing arts, museums, art galleries, or libraries. Includes sites for entertainment, celebrity and industry news.

16

XDM_CONST.URL_CATEGORY_EXTREMISM

Websites promoting terrorism, racism, fascism, or other extremist views discriminating against people or groups of different ethnic backgrounds, religions or other beliefs. This category was introduced to enable adherence to child protection laws required in the education industry. In some regions, laws and regulations may prohibit allowing access to extremist sites, and allowing access may pose a liability risk.

17

XDM_CONST.URL_CATEGORY_FINANCIAL_SERVICES

Websites pertaining to personal financial information or advice, such as online banking, loans, mortgages, debt management, credit card companies, and insurance companies. Does not include sites relating to stock markets, brokerages or trading services.Includes sites for foreign currency exchange. Includes sites for foreign currency exchange.

18

XDM_CONST.URL_CATEGORY_GAMBLING

Lottery or gambling websites that facilitate the exchange of real and/or virtual money. Related websites that provide information, tutorials or advice regarding gambling, including betting odds and pools. Corporate websites for hotels and casinos that do not enable gambling are categorized under Travel.

19

XDM_CONST.URL_CATEGORY_GAMES

Sites that provide online play or download of video and/or computer games, game reviews, tips, or cheats, as well as instructional sites for non-electronic games, sale/trade of board games, or related publications/media. Includes sites that support or host online sweepstakes and/or giveaways.

20

XDM_CONST.URL_CATEGORY_GOVERNMENT

Official websites for local, state, and national governments, as well as related agencies, services, or laws.

21

XDM_CONST.URL_CATEGORY_GRAYWARE

Web content that does not pose a direct security threat but that display other obtrusive behavior and tempt the end user to grant remote access or perform other unauthorized actions. Grayware includes illegal activities, criminal activities, rogueware, adware, and other unwanted or unsolicited applications, such as embedded crypto miners, clickjacking or hijackers that change the elements of the browser. Typosquatting domains that do not exhibit maliciousness and are not owned by the targeted domain will be categorized as grayware.

22

XDM_CONST.URL_CATEGORY_HACKING

Sites relating to the illegal or questionable access to or the use of communications equipment/software. Development and distribution of programs, how-to-advice and/or tips that may result in the compromise of networks and systems. Also includes sites that facilitate the bypass of licensing and digital rights systems.

23

XDM_CONST.URL_CATEGORY_HEALTH_AND_MEDICINE

Sites containing information regarding general health information, issues, and traditional and non-traditional tips, remedies, and treatments. Also includes sites for various medical specialties, practices and facilities (such as gyms and fitness clubs) as well as professionals. Sites relating to medical insurance and cosmetic surgery are also included.

24

XDM_CONST.URL_CATEGORY_HOME_AND_GARDEN

Information, products, and services regarding home repair and maintenance, architecture, design, construction, décor, and gardening.

25

XDM_CONST.URL_CATEGORY_HUNTING_AND_FISHING

Hunting and fishing tips, instructions, sale of related equipment and paraphernalia.

26

XDM_CONST.URL_CATEGORY_INSUFFICIENT_CONTENT

Websites and services that present test pages, no content, provide API access not intended for end-user display or require authentication without displaying any other content suggesting a different categorization. Should not include websites providing remote access, such as web based VPN solutions, web based email services or identified credential phishing pages.

27

XDM_CONST.URL_CATEGORY_INTERNET_COMMUNICATIONS_AND_TELEPHONY

Sites that support or provide services for video chatting, instant messaging, or telephony capabilities.

28

XDM_CONST.URL_CATEGORY_INTERNET_PORTALS

Sites that serve as a starting point for users, usually by aggregating a broad set of content and topics.

29

XDM_CONST.URL_CATEGORY_JOB_SEARCH

Sites that provide job listings and employer reviews, interview advice and tips, or related services for both employers and prospective candidates.

30

XDM_CONST.URL_CATEGORY_LEGAL

Information, analysis or advice regarding the law, legal services, legal firms, or other legal related issues.

31

XDM_CONST.URL_CATEGORY_MALWARE

Sites known to host malware or used for command and control (C2) traffic. May also exhibit Exploit Kits.

32

XDM_CONST.URL_CATEGORY_MILITARY

Information or commentary regarding military branches, recruitment, current or past operations, or any related paraphernalia.

33

XDM_CONST.URL_CATEGORY_MOTOR_VEHICLES

Information relating to reviews, sales and trading, modifications, parts, and other related discussions for automobiles, motorcycles, boats, trucks and RVs.

34

XDM_CONST.URL_CATEGORY_MUSIC

Music sales, distribution, or information. Includes websites for music artists, groups, labels, events, lyrics, and other information regarding the music business. Does not include streaming music.

35

XDM_CONST.URL_CATEGORY_NEWLY_REGISTERED_DOMAIN

Newly registered domains are often generated purposely or by domain generation algorithms and used for malicious activity.

36

XDM_CONST.URL_CATEGORY_NEWS

Online publications, newswire services, and other websites that aggregate current events, weather, or other contemporary issues. Includes newspapers, radio stations, magazines, and podcasts.

37

XDM_CONST.URL_CATEGORY_NOT_RESOLVED

Indicates that the website was not found in the local URL filtering database and the firewall was unable to connect to the cloud database to check the category. When a URL category lookup is performed, the firewall first checks the dataplane cache for the URL, if no match is found, it will then check the management plane cache, and if no match is found there, it queries the URL database in the cloud. When deciding on what action to take for traffic that is categorized as not-resolved, be aware that setting the action to block may be very disruptive to users.

38

XDM_CONST.URL_CATEGORY_NUDITY

Sites that contain nude or seminude depictions of the human body, regardless of context or intent, such as artwork. Includes nudist or naturist sites containing images of participants.

39

XDM_CONST.URL_CATEGORY_ONLINE_STORAGE_AND_BACKUP

Websites that provide online storage of files for free and as a service.

40

XDM_CONST.URL_CATEGORY_PARKED

Domains registered by individuals, oftentimes later found to be used for credential phishing. These domains may be similar to legitimate domains, for example, pal0alto0netw0rks.com, with the intent of phishing for credentials or personal identify information. Or, they may be domains that an individual purchases rights to in hopes that it may be valuable someday, such as panw.net.

41

XDM_CONST.URL_CATEGORY_PEER_TO_PEER

Sites that provide access to or clients for peer-to-peer sharing of torrents, download programs, media files, or other software applications. This is primarily for those sites that provide bittorrent download capabilities. Does not include shareware or freeware sites.

42

XDM_CONST.URL_CATEGORY_PERSONAL_SITES_AND_BLOGS

Personal websites and blogs by individuals or groups. Should try to first categorize based on content. For example, if someone has a blog just about cars, then the site should be categorized under "motor vehicles". However, if the site is a pure blog, then it should remain under "personal sites and blogs".

43

XDM_CONST.URL_CATEGORY_PHILOSOPHY_AND_POLITICAL_ADVOCACY

Sites containing information, viewpoints or campaigns regarding philosophical or political views.

44

XDM_CONST.URL_CATEGORY_PHISHING

Web content that covertly attempts to fool the user in order to harvest information, including login credentials, credit card information – voluntarily or involuntarily, account numbers, PINs, and any information considered to be personally identifiable information (PII) from victims via social engineering techniques. Technical support scams and scareware is also included as phishing.

45

XDM_CONST.URL_CATEGORY_PRIVATE_IP_ADDRESSES

This category includes IP addresses defined in RFC 1918, Address Allocation for Private Intranets? It also includes domains not registered with the public DNS system ( *.local and *.onion).

46

XDM_CONST.URL_CATEGORY_PROXY_AVOIDANCE_AND_ANONYMIZERS

URLs and services often used to bypass content filtering products.

47

XDM_CONST.URL_CATEGORY_QUESTIONABLE

Websites containing tasteless humor, offensive content targeting specific demographics of individuals or groups of people.

48

XDM_CONST.URL_CATEGORY_REAL_ESTATE

Information on property rentals, sales and related tips or information. Includes sites for real estate agents, firms, rental services, listings (and aggregates), and property improvement.

49

XDM_CONST.URL_CATEGORY_RECREATION_AND_HOBBIES

Information, forums, associations, groups, and publications on recreations and hobbies.

50

XDM_CONST.URL_CATEGORY_REFERENCE_AND_RESEARCH

Personal, professional, or academic reference portals, materials, or services. Includes online dictionaries, maps, almanacs, census information, libraries, genealogy and scientific information.

51

XDM_CONST.URL_CATEGORY_RELIGION

Information regarding various religions, related activities or events. Includes websites for religious organizations, officials and places of worship.Includes sites for fortune telling.

52

XDM_CONST.URL_CATEGORY_SEARCH_ENGINES

Sites that provide a search interface using keywords, phrases, or other parameters that may return information, websites, images or files as results.

53

XDM_CONST.URL_CATEGORY_SEX_EDUCATION

Information on reproduction, sexual development, safe sex practices, sexually transmitted diseases, birth control, tips for better sex, as well as any related products or related paraphernalia. Includes websites for related groups, forums or organizations.

54

XDM_CONST.URL_CATEGORY_SHAREWARE_AND_FREEWARE

Sites that provide access to software, screensavers, icons, wallpapers, utilities, ringtones, themes or widgets for free and/or donations. Also includes open source projects.

55

XDM_CONST.URL_CATEGORY_SHOPPING

Sites that facilitate the purchase of goods and services. Includes online merchants, websites for department stores, retail stores, catalogs, as well as sites that aggregate and monitor prices. Sites listed here should be online merchants that sell a variety of items (or whose main purpose is online sales). A webpage for a cosmetics company that also happens to allow online purchasing should be categorized with cosmetics and not shopping.

56

XDM_CONST.URL_CATEGORY_SOCIAL_NETWORKING

User communities and sites where users interact with each other, post messages, pictures, or otherwise communicate with groups of people. Does not include blogs or personal sites.

57

XDM_CONST.URL_CATEGORY_SOCIETY

Topics relating to the general population, issues that impact a large variety of people, such as fashion, beauty, philanthropic groups, societies, or children. Also includes restaurant websites.Includes websites designed for children as well as restaurants.

58

XDM_CONST.URL_CATEGORY_SPORTS

Information about sporting events, athletes, coaches, officials, teams or organizations, sports scores, schedules and related news, and any related paraphernalia. Includes websites regarding fantasy sports and other virtual sports leagues.

59

XDM_CONST.URL_CATEGORY_STOCK_ADVICE_AND_TOOLS

Information regarding the stock market, trading of stocks or options, portfolio management, investment strategies, quotes, or related news.

60

XDM_CONST.URL_CATEGORY_STREAMING_MEDIA

Sites that stream audio or video content for free and/or purchase.Includes online radio stations and other streaming music services.

61

XDM_CONST.URL_CATEGORY_SWIMSUITS_AND_INTIMATE_APPAREL

Sites that include information or images concerning swimsuits, intimate apparel or other suggestive clothing.

62

XDM_CONST.URL_CATEGORY_TRAINING_AND_TOOLS

Sites that provide online education and training and related materials.Can include driving/traffic schools, workplace training, etc.

63

XDM_CONST.URL_CATEGORY_TRANSLATION

Sites that provide translation services, including both user input and URL translations. These sites can also allow users to circumvent filtering as the target page's content is presented within the context of the translator's URL.

64

XDM_CONST.URL_CATEGORY_TRAVEL

Information regarding travel tips, deals, pricing information, destination information, tourism, and related services. Includes websites for hotels, local attractions, casinos, airlines, cruise lines, travel agencies, vehicle rentals and sites that provide booking tools such as price monitors.Includes websites for local points of interest/tourist attractions such as the Eiffel Tower, the Grand Canyon, etc.

65

XDM_CONST.URL_CATEGORY_UNKNOWN

Sites that have not yet been identified by PAN-DB. If availability is critical to your business and you must allow the traffic, alert on unknown sites, apply the best practice Security profiles to the traffic, and investigate the alerts.

66

XDM_CONST.URL_CATEGORY_WEAPONS

Sales, reviews, descriptions of or instructions regarding weapons and their use.

67

XDM_CONST.URL_CATEGORY_WEB_ADVERTISEMENTS

Advertisements, media, content, and banners.

68

XDM_CONST.URL_CATEGORY_WEB_HOSTING

Free or paid for hosting services for web pages, including information regarding web development, publication, promotion, and other methods to increase traffic.

69

XDM_CONST.URL_CATEGORY_WEB_BASED_EMAIL

Any website that provides access to an email inbox and the ability to send and receive emails.