More than 100 million domains sit in the Web Filtering Database, each assigned one of
59 filtering categories — 58 topical
ones plus an Other catch-all — so that DNS filters, secure web gateways, parental
controls, and firewalls can enforce policy per domain. IAB Content Taxonomy 3.0
labels (703 entries with official IAB Tech Lab IDs) ride along with the filtering
data, and a crosswalk links the two vocabularies. Everything on this page is a free JSON/CSV
download; the classified domain data is the
paid product.
Reuse them freely with a link back to webfilteringdatabase.com. These URLs will not move, so build them into your tooling with confidence.
Every category below exists to answer one question: should this domain be reachable on a managed
network? That enforcement focus is why the list carries classes advertising taxonomies never needed
— Malware / Phishing / Suspicious, VPN / Proxy / Anonymizers,
Parked / For-Sale Domains, URL Shorteners. Alongside each description you
will find the nearest IAB 3.0 equivalent; a browsable version with live domain counts lives at
categories-web-filtering.php.
| Category | Description | Example domains | Closest IAB 3.0 category |
|---|---|---|---|
| Adult | Sites hosting pornography and other sexually explicit material. Nearly every acceptable-use policy blocks this category outright — in schools to protect minors, and in workplaces to reduce legal exposure and keep browsing appropriate. | redtube.com, xhamster.com, adultfriendfinder.com | Sensitive Topics > Adult & Explicit Sexual Content GARM and IAB both treat this as a brand-unsafe sensitive topic. |
| Advertising/Marketing | Ad networks, tracking pixels, marketing automation platforms, and promotional landing pages. Administrators often block or rate-limit this traffic to cut bandwidth waste, reduce tracking, and keep pages loading faster on managed networks. | mailchimp.com, hubspot.com, adroll.com | Business and Finance > Business > Marketing and Advertising |
| AI / LLM Tools | Chatbots, large language model interfaces, AI writing assistants, and machine learning platforms. Organizations increasingly police this category to prevent confidential data from being pasted into external AI services and to enforce approved-tool policies. | huggingface.co, perplexity.ai, gemini.google.com | Technology & Computing > Artificial Intelligence |
| Alcohol | Producers, retailers, and review sites centered on beer, wine, and spirits. Commonly restricted on school networks and in jurisdictions with strict alcohol advertising rules, and often age-gated in filtering products. | wine.com, bevmo.com, totalwine.com | Food & Drink > Alcoholic Beverages Ad platforms additionally handle this as a GARM/IAB sensitive topic. |
| Arts & Entertainment | Museums, galleries, cinema listings, celebrity coverage, and general entertainment portals. Rarely a security risk; typically allowed but sometimes throttled in strict productivity-focused environments. | metacritic.com, broadway.com, pitchfork.com | Fine Art Depending on the site, the better fit may be Entertainment > Movies, Entertainment > Music, or Entertainment > Television rather than Fine Art. |
| Automotive & Transportation | Car manufacturers, dealerships, parts retailers, fleet services, and transit information. A low-risk category that most policies leave open; useful mainly for analytics and audience segmentation. | motortrend.com, caranddriver.com, edmunds.com | Automotive |
| Blogs/Personal Sites | Personal homepages, hobby blogs, and self-published writing on platforms or custom domains. Content quality varies widely, so cautious deployments monitor rather than block, since topical content can range from recipes to extremism. | livejournal.com, medium.com, tumblr.com | Hobbies & Interests > Content Production Blogs normally inherit the IAB category of whatever they write about; this mapping is only the fallback. |
| Business | Corporate websites, B2B service providers, consultancies, and company information pages. Almost universally allowed; the category mostly serves whitelisting, research, and traffic-classification purposes. | inc.com, harvardbusinessreview.com, businessinsider.com | Business and Finance > Business |
| CDN / Hosting / Infrastructure | Content delivery networks, hosting providers, and other backbone infrastructure endpoints. Blocking these breaks large parts of the web, so filters typically allow them while watching for abuse hosted on shared infrastructure. | godaddy.com, digitalocean.com, akamai.com | Technology & Computing > Computing > Internet > Web Hosting |
| Cloud Storage / File Hosting | Consumer and business file-storage services such as sync-and-share drives and upload lockers. A frequent data-exfiltration channel — many corporate policies allow only the sanctioned provider and block the rest. | mega.nz, box.com, onedrive.live.com | Technology & Computing > Computing > Data Storage and Warehousing |
| Community Sites | Interest-group hubs, fan communities, and membership portals built around shared activities. Generally benign; monitored in some environments because user-generated content can drift off-policy. | tumblr.com, linkedin.com, twitter.com | Technology & Computing > Computing > Internet > Social Networking |
| Computers & Technology | Hardware vendors, software publishers, IT news, and technical documentation. A core allowed category on virtually every network; blocking it would cripple routine IT work. | zdnet.com, arstechnica.com, tomshardware.com | Technology & Computing |
| Cryptocurrency | Exchanges, wallet services, coin news, and blockchain projects. Often restricted on corporate endpoints to deter unauthorized trading and mining, and watched closely because scam sites cluster heavily here. | ethereum.org, kraken.com, coinmarketcap.com | Business and Finance > Economy > Currencies |
| Dating | Matchmaking apps and personals services for meeting romantic partners. Routinely blocked on work and school networks for productivity and safeguarding reasons, and a recurring vector for romance-scam traffic. | hinge.co, okcupid.com, bumble.com | Family and Relationships > Dating |
| Developer Tools / Code Hosting | Source repositories, package registries, CI services, and programming utilities. Essential for engineering teams, though some organizations restrict uploads to prevent proprietary code from leaving the network. | npmjs.com, stackoverflow.com, bitbucket.org | Technology & Computing > Computing > Computer Software and Applications |
| Education/Reference | Schools, universities, encyclopedias, dictionaries, and academic resources. Whitelisted almost everywhere; filtering products treat it as a trusted category for minors. | edx.org, coursera.org, study.com | Education |
| Email and Messaging | Webmail providers and browser-based chat services. Corporate policies frequently block personal webmail to close a common data-leakage path while allowing the sanctioned mail platform. | slack.com, whatsapp.com, outlook.com | Technology & Computing > Computing > Internet > Email |
| File Sharing/P2P | Torrent indexes, peer-to-peer portals, and direct-download boards. Heavily restricted because of copyright liability, malware-laced downloads, and the bandwidth these services consume. | nyaa.si, rarbg.to, torrentz2.eu | Technology & Computing > Computing > Internet Where the sharing is piracy-focused, use Sensitive Topics > Online Piracy instead. |
| Financial Services | Lenders, insurers, investment platforms, and personal-finance advice sites. Usually allowed but monitored; phishing pages imitate this category more than almost any other. | intuit.com, paypal.com, wellsfargo.com | Personal Finance For B2B financial firms the better path is Business and Finance > Industries > Financial Industry. |
| Food & Drink | Recipe collections, food blogs, beverage brands, and culinary media. A benign lifestyle category that few policies touch. | seriouseats.com, bonappetit.com, epicurious.com | Food & Drink |
| Forums / Message Boards | Discussion boards and threaded communities across every topic. Moderation quality varies enormously, so schools and conservative workplaces often block or selectively allow individual boards. | phpbb.com, discourse.org, stackexchange.com | Technology & Computing > Computing > Internet > Social Networking |
| Freeware/Software | Download portals offering free, shareware, and open-source applications. Treated with suspicion in security stacks because bundled installers and fake download buttons make these sites a classic malware delivery path. | majorgeeks.com, softpedia.com, filehippo.com | Technology & Computing > Computing > Computer Software and Applications > Shareware and Freeware |
| Gambling | Casinos, sportsbooks, poker rooms, and lottery services operating online. Blocked by default in most workplaces and schools, and subject to strict jurisdiction-specific legal requirements. | williamhill.com, 888casino.com, draftkings.com | Sports > Poker and Professional Gambling A GARM/IAB sensitive vertical; physical casino venues map to Attractions > Casinos & Gambling. |
| Gaming | Game publishers, online play services, esports coverage, and gaming communities. Commonly time-restricted rather than banned outright; bandwidth and productivity are the usual concerns. | pokernight.com, epicgames.com, steam.com | Video Gaming |
| Government & Legal | Official government portals, courts, regulators, and legal information services. A trusted, always-allow category in virtually every deployment. | irs.gov, congress.gov, nasa.gov | Law Use Politics > Civic affairs for government portals and Business and Finance > Industries > Legal Services Industry for law firms. |
| Hate/Discrimination | Sites promoting hostility toward protected groups or organized discrimination. Blocked in essentially all managed environments and flagged for safeguarding review wherever it appears in logs. | hatewatch.org, kkk.com, nazi.org | Sensitive Topics > Hate Speech and Acts of Aggression GARM classifies this as brand-unsafe. |
| Health & Medicine | Hospitals, clinics, medical reference works, and health advice portals. Allowed everywhere; some filters apply privacy-sensitive log handling because visits can reveal medical conditions. | who.int, nih.gov, healthline.com | Medical Health |
| Home & Garden | Interior design, DIY guides, gardening advice, and home improvement retail. Low-risk lifestyle content that policies rarely restrict. | homeadvisor.com, bhg.com, gardeningknowhow.com | Home & Garden |
| Illegal Drugs | Sites facilitating or promoting trade in controlled substances and drug paraphernalia. A mandatory block in schools and workplaces, and often a legal requirement for regulated industries. | illegaldrugsupply.com, drugdealers.com, buyillegaldrugs.com | Sensitive Topics > Illegal Drugs, Tobacco, eCigarettes, Vaping, Alcohol GARM classifies this as brand-unsafe. |
| Job Search/Careers | Job boards, recruiter platforms, and career advice services. Some employers quietly block this category on internal networks; schools and public networks leave it open. | glassdoor.com, careerbuilder.com, monster.com | Careers > Job Search |
| Lingerie/Swimsuits/Intimate Apparel | Retailers of underwear, swimwear, and intimate clothing. Not explicit content, but frequently age-gated or blocked in strict school deployments that err on the side of caution. | fredericks.com, hottopic.com, aerie.com | Style & Fashion > Women's Fashion > Women's Clothing > Women's Intimates and Sleepwear |
| Malware / Phishing / Suspicious | Domains observed distributing malware, hosting phishing kits, or exhibiting attack infrastructure patterns. The single most important block category in any filtering product — always deny, alert, and investigate. | abuse.ch, malwarebytes.com, phishtank.org | Sensitive Topics > Spam or Harmful Content Pure block-list class — advertising taxonomies have no counterpart. |
| Marketplaces / Classifieds / Auctions | Peer-to-peer selling platforms, classified ads, and auction sites. Usually allowed; fraud teams watch the category because counterfeit and scam listings concentrate here. | poshmark.com, mercari.com, offerup.com | Shopping |
| Military | Armed forces portals, defense ministries, and military news or veteran services. A niche informational category that filtering policies almost never restrict. | airforce.com, navy.mil, army.mil | War and Conflicts Commercial defense contractors belong under Business and Finance > Industries > Defense Industry. |
| News/Media | Newspapers, broadcasters, magazines, and digital news outlets. Kept open in nearly all environments; some products offer optional filtering of specific outlets for compliance reasons. | reuters.com, foxnews.com, nytimes.com | Business and Finance > Industries > Media Industry IAB 3.0 dropped the top-level News node — articles classify by their own topic — so Media Industry is the nearest whole-site match. |
| Online Banking | Bank login portals and account-management interfaces. Always allowed but intensively protected — filters pair this category with anti-phishing checks because fake banking pages are ubiquitous. | capitalone.com, citibank.com, wellsfargo.com | Personal Finance > Consumer Banking |
| Parked / For-Sale Domains | Registered but unused domains showing registrar placeholders or sale listings. Blocked or de-prioritized by default: they carry no legitimate content and frequently rotate into ad fraud or redirect abuse. | bodis.com, hugedomains.com, dan.com | No IAB equivalent Parked pages carry no classifiable content, so no IAB path applies. |
| Pets & Animals | Veterinary services, pet supply shops, breed guides, and animal welfare organizations. Harmless content that no mainstream policy restricts. | akc.org, animalplanet.com, thebark.com | Pets |
| Podcasts | Podcast directories, hosting platforms, and episode streaming pages. Generally allowed; large audio streams occasionally get bandwidth-shaped on constrained networks. | anchor.fm, overcast.fm, pocketcasts.com | Entertainment There is no Podcasts node in IAB 3.0; individual episodes classify by subject. |
| Political | Party sites, campaign platforms, advocacy groups, and political commentary. Sensitive in some deployments — government and school filters sometimes restrict it to remain viewpoint-neutral. | bbc.com, thehill.com, foxnews.com | Politics |
| Real Estate | Property listings, agents, and rental marketplaces. Routine commercial content with no meaningful policy risk. | loopnet.com, redfin.com, trulia.com | Real Estate |
| Religion & Spirituality | Churches, faith communities, scripture resources, and spiritual practice sites. Left open in nearly all policies; occasionally filtered in specific institutional contexts. | patheos.com, religionnews.com, huffpost.com/religion | Religion & Spirituality |
| Remote Access Tools | Remote desktop services, screen-sharing utilities, and remote administration platforms. Tightly controlled in enterprises: unauthorized remote access software is a leading ransomware entry point. | logmein.com, remotedesktop.google.com, splashtop.com | Technology & Computing > Computing > Computer Software and Applications Enterprises commonly restrict this software class by policy. |
| Restaurants & Dining | Restaurant sites, reservation platforms, delivery services, and dining reviews. Benign everyday content, universally allowed. | openTable.com, foodnetwork.com, ubereats.com | Food & Drink > Dining Out |
| Science | Research institutions, journals, and science communication sites. A trusted educational category kept open everywhere. | newscientist.com, pnas.org, scientificamerican.com | Science |
| Search Engines & Platforms | General web search engines and large platform portals. Foundational to web use — filters allow them and instead enforce safe-search settings at the query level. | baidu.com, duckduckgo.com, yahoo.com | Technology & Computing > Computing > Internet > Search |
| Shopping | Online retailers and e-commerce storefronts across all product types. Allowed almost everywhere; some workplaces time-restrict it during business hours. | etsy.com, target.com, walmart.com | Shopping |
| Social Networking | Social platforms for posting, messaging, and following other users. The most commonly time-managed category in workplace policies, and a safeguarding focus in schools. | snapchat.com, linkedin.com, instagram.com | Technology & Computing > Computing > Internet > Social Networking |
| Sports & Recreation | Team sites, league coverage, scores, and recreational activity resources. Low-risk content; occasionally bandwidth-shaped during major live events. | si.com, nbcsports.com, sports.yahoo.com | Sports |
| Streaming Media | Video and music streaming services delivering on-demand or live content. The dominant bandwidth consumer on most networks — frequently shaped or scheduled rather than blocked. | hulu.com, vimeo.com, twitch.tv | Entertainment Pick Entertainment > Movies, Entertainment > Television, or Entertainment > Music according to what the service streams. |
| Tobacco | Cigarette, cigar, vaping, and smokeless tobacco vendors and promotion. Blocked for minors everywhere and restricted in many workplaces; advertising rules make it a compliance category. | vaping.com, smokeshop.com, cigarettes.com | Sensitive Topics > Illegal Drugs, Tobacco, eCigarettes, Vaping, Alcohol GARM classifies this as brand-unsafe. |
| Travel | Airlines, hotels, booking engines, and destination guides. Ordinary commercial content that policies leave open. | travelocity.com, airbnb.com, tripadvisor.com | Travel |
| URL Shorteners | Redirection services that wrap destinations behind short links. Treated cautiously because the true destination is hidden — many security stacks resolve and re-classify the target before allowing the click. | is.gd, ow.ly, t.co | Technology & Computing > Computing > Internet Restricted in many policies since the real destination is hidden behind the redirect. |
| Violence | Sites glorifying or graphically depicting violence and physical harm. Blocked in schools and most workplaces, and flagged for review under safeguarding programs. | gorehub.com, crimescene.com, fightclub.com | Sensitive Topics > Death, Injury, or Military Conflict GARM classifies this as brand-unsafe. |
| VPN / Proxy / Anonymizers | VPN vendors, web proxies, and anonymization services. Blocked on managed networks because they exist precisely to tunnel around the filter — allowing them nullifies every other policy rule. | hidemyass.com, torproject.org, protonvpn.com | Technology & Computing > Computing > Information and Network Security Blocked by default in most school and enterprise rule sets. |
| Weapons | Firearms dealers, ammunition suppliers, and weapon-focused content. Blocked for minors and in most corporate environments; subject to regional legal restrictions. | cabelas.com, palmettostatearmory.com, cheaperthandirt.com | Sensitive Topics > Arms & Ammunition GARM classifies this as brand-unsafe. |
| Web-based Applications | Browser-delivered productivity tools, converters, editors, and SaaS utilities. Allowed by default, with data-loss-prevention teams watching uploads to unsanctioned tools. | asana.com, zoom.us, slack.com | Technology & Computing > Computing > Computer Software and Applications > Web Conferencing When the app type is identifiable, the more specific IAB software path applies. |
| Webinars/E-learning | Online course platforms, training portals, and live webinar services. A trusted category that policies keep open to support education and professional development. | webinar.net, zoom.us, udemy.com | Education > Online Education |
| Other | Catch-all category for domains whose content does not fit any of the 58 topical web filtering categories, including sites with insufficient content to classify reliably. | No IAB equivalent Residual catch-all — nothing in the IAB taxonomy corresponds to it. |
59 in total: 58 topical categories and one Other catch-all. IAB Content Taxonomy 3.0 labels (703 entries with official IAB Tech Lab IDs) are included with the data and downloadable above.
Completely — every table in the downloads section is free JSON/CSV. The commercial part is the classified domain data: 100M+ domains in tiers from 5M to 120M.
Look one up instantly with the domain checker, wire the categorization API into your product for real-time lookups, or license the offline database (CSV, scheduled refreshes) for local queries at scale.