[frederikvs]

correct, among others it checks youporn. For this check it needs send a request to that domain, which may get flagged in certain corporate IT systems.

[jacquesm]

That would be a pretty crappy check then. After all any webpage could embed that favicon.

[ghurtado]

Any page could also embed anything else NSFW, such as actual porn videos. The assumption is that these sites are generally NSFW by association.

What would you propose instead?

[jacquesm]

If a filter is set up to not just block access to but also flag based on something as trivial to embed as a URL one would hope the technology would be a little bit more involved than a single hit on a .ico file for a flag.

[ghurtado]

A web filter / proxy does not have any way to tell whether any individual HTTP request was requested as a result of HTML embedding, bookmarking, user entry or clicking on a link.

[jacquesm]

Exactly. So it shouldn't be used to 'flag' any employees.

[ghurtado]

If your position is that monitoring HTTP traffic is useless because favicons can be embedded into webpages, what method would you propose to monitor employees browsing habits then?

Furthermore, how would you monitor the HTTP traffic of suspected terrorists? After all, anyone can embed an image to "www.isis.com/blackflag.jpg" into any webpage, so shouldn't we stop monitoring all such traffic?

Your original assertion was that "it's a pretty crappy check", but I think what you are missing here is that it's the only possible check, minor irrelevant flaws and all.