...
For information on best practices when configuring feed precedence order, see Best Practices for Setting Configuring Feed Precedence.
| Feed Name | Default Action | Default Precedence |
|---|---|---|
| Default Allow List | Allow - No log | 1 |
| Default Block List | Block – No Redirect | 2 |
| Base Hostnames | Block – No Redirect | 3 |
| AntiMalware | Block – No Redirect | 4 |
| Malware DGA Hostnames | Block – No Redirect | 5 |
| Ransomware | Block – No Redirect | 6 |
| Threat Insight - Rapid Domain Triage | Block – No Redirect | 7 |
| Suspicious | Block – No Redirect | 8 |
| Suspicious Lookalikes | Block – No Redirect | 9 |
| Suspicious NOED | Block – No Redirect | 10 |
| DOH Public Hostnames | Block – No Redirect | 11 |
| DOH Public IPs | Block – No Redirect | 12 |
| Newly Observed Emergent Domains | Allow – With Log | 13 |
| Threat Insight - DGA | Allow – With Log | 14 |
| Threat Insight-Data Exfiltration | Allow – With Log | 15 |
| Threat Insight-Fast Flux | Allow – With Log | 16 |
| Threat Insight-DNS Messenger | Allow – With Log | 17 |
| AntiMalware_IP | Allow – With Log | 18 |
| Threat Insight - Notional Data Exfiltration | Allow – With Log | 19 |
| Extended Base and Anti-malware Hostnames | Allow – With Log | 20 |
| Extended Ransomware IPs | Allow – With Log | 21 |
| Extended AntiMalware IPs | Allow – With Log | 22 |
| DHS_AIS_ Hostname | Allow – With Log | 23 |
| Cryptocurrency hostnames and domains | Allow – With Log | 24 |
| TOR Exit Node IPs | Allow – With Log | 25 |
...