For the URL categories dynamic-dns (these sites are often
used to deliver malware payloads or command-and-control traffic),
unknown (sites PAN-DB has not yet identified), parked (often used
for credential phishing), grayware (malicious or questionable),
and newly-registered-domain (often used for malicious activity),
it’s best to alert initially so you can monitor the URL Filtering
logs () in case legitimate
websites trigger alerts before you move to the best practice of
blocking these categories.