Cisco WSA v2
Cisco WSA Pack.#
This Integration is part of theSupported versions
Supported Cortex XSOAR versions: 6.2.0 and later.
Cisco Secure Web Appliance protects your organization by automatically blocking risky sites and testing unknown sites before allowing users to click on them. This integration was integrated and tested with version 14.0.3-014 of Cisco WSA V2
Some changes have been made that might affect your existing content. If you are upgrading from a previous version of this integration, see Breaking Changes.
#
Configure Cisco WSA V2 in CortexParameter | Required |
---|---|
Server URL | True |
Username | True |
Password | True |
Use system proxy settings | False |
Trust any certificate (not secure) | False |
#
CommandsYou can execute these commands from the CLI, as part of an automation, or in a playbook. After you successfully execute a command, a DBot message appears in the War Room with the command details.
#
cisco-wsa-access-policy-listRetrieve access policies. Access policies contain allowed/blocked URL categories in the network.
#
Base Commandcisco-wsa-access-policy-list
#
InputArgument Name | Description | Required |
---|---|---|
policy_names | Policy names to retrieve. | Optional |
page | The page number of the results to retrieve. Minimum value is 1. | Optional |
page_size | The number of results per page. The maximum value is 100. | Optional |
limit | The maximum number of records to retrieve. Default is 50. | Optional |
#
Context OutputPath | Type | Description |
---|---|---|
CiscoWSA.AccessPolicy.policy_expiry | String | Policy expiry date. |
CiscoWSA.AccessPolicy.policy_status | String | Policy status. |
CiscoWSA.AccessPolicy.policy_name | String | Policy name. |
CiscoWSA.AccessPolicy.policy_description | String | Policy description. |
CiscoWSA.AccessPolicy.membership | Unknown | Identification Profiles info. |
CiscoWSA.AccessPolicy.objects | Unknown | Policy custom objects blocking settings. |
CiscoWSA.AccessPolicy.protocols_user_agents | Unknown | Policy protocols and user agents settings. |
CiscoWSA.AccessPolicy.http_rewrite_profile | Unknown | Policy HTTP rewrite profile settings. |
CiscoWSA.AccessPolicy.avc | Unknown | Application visibility and control. |
CiscoWSA.AccessPolicy.url_filtering | Unknown | URL filtering settings. |
CiscoWSA.AccessPolicy.amw_reputation | Unknown | Anti-Malware and reputation settings. |
#
Command example!cisco-wsa-access-policy-list page=1 page_size=3
#
Context Example#
Human Readable Output#
Access Policies
Policy Name Policy Status Policy Description global_policy enable Default settings
#
cisco-wsa-access-policy-createCreate an access policy. This command enables you to create the access policy object. To define more settings you can use the dependencies commands: cisco-wsa-access-policy-protocols-user-agents-update (Update the Protocols and User Agents policy for access policy). cisco-wsa-access-policy-url-filtering-update (Update the URL filtering policy for access policy). cisco-wsa-access-policy-applications-update (Update the applications policy for access policy. Only applicable for global_policy). cisco-wsa-access-policy-objects-update (Update the objects policy for access policy). cisco-wsa-access-policy-anti-malware-update (Update the anti-malware policy for access policy).
#
Base Commandcisco-wsa-access-policy-create
#
InputArgument Name | Description | Required |
---|---|---|
policy_name | Policy name. | Required |
policy_status | Policy status. Possible values are: enable, disable. | Required |
policy_description | Policy description. | Optional |
policy_order | Index of the policies in the collection. | Required |
policy_expiry | Policy expiry date, format yyyy-MM-ddTHH:mm:ssZ, e.g., 2023-02-21T16:16:29Z. | Optional |
identification_profiles | Comma-separated list of valid identification profile name. (Dependencies - use cisco-wsa-identification-profiles-list command to get all the identification profiles.). | Required |
#
Context OutputThere is no context output for this command.
#
Command example!cisco-wsa-access-policy-create policy_name=test policy_status=enable policy_description=test policy_order=1 identification_profile_name=global_identification_profile identification_profiles=test7
#
Human Readable OutputCreated "test" access policy successfully.
#
cisco-wsa-access-policy-updateUpdate the access policy.
#
Base Commandcisco-wsa-access-policy-update
#
InputArgument Name | Description | Required |
---|---|---|
policy_name | Policy name to update. | Required |
new_policy_name | New policy name. | Optional |
policy_status | Policy status. Possible values are: enable, disable. | Optional |
policy_order | Index of policies in the collection. Not applicable for global_policy. | Optional |
policy_expiry | Policy expiry date, format yyyy-MM-ddTHH:mm:ssZ, e.g., 2023-02-21T16:16:29Z. | Optional |
policy_description | Policy description to update. | Optional |
#
Context OutputThere is no context output for this command.
#
Command example!cisco-wsa-access-policy-update policy_name=test policy_description=test1
#
Human Readable OutputUpdated "test" access policy successfully.
#
cisco-wsa-access-policy-protocols-user-agents-updateUpdate the Protocols and User Agents policy for access policy.
#
Base Commandcisco-wsa-access-policy-protocols-user-agents-update
#
InputArgument Name | Description | Required |
---|---|---|
policy_name | Policy name to update. | Required |
settings_status | Settings status for the Protocols and User Agents. Possible values are: custom, use_global, disable. Default is custom. | Optional |
block_custom_user_agents | Comma-separated list of custom user agents to block, in regular expression format. Pattern examples: All Firefox versions: "Mozilla/. Gecko/. Firefox/" Firefox versions 1.5.x: "Mozilla/. Gecko/. Firefox/1.5" All Internet Explorer versions: "Mozilla/.compatible; MSIE" Internet Explorer version 5.5: "Mozilla/.compatible; MSIE 5.5" Specific user agent: Mozilla/4.0 (compatible; MSIE 5.5;): "Mozilla/4.0 (compatible; MSIE 5.5;)" Relevant while settings_status is custom. | Optional |
allow_connect_ports | Comma-separated list of HTTP connect ports. HTTP CONNECT enables applications to tunnel outbound traffic over HTTP, unless the protocol is blocked above. Traffic tunneled through HTTP CONNECT will not be scanned, except for SSL ports (specified on Security Services > HTTPS Proxy) e.g. 1-65535,20,21. Relevant while settings_status is custom. | Optional |
block_protocols | Block network protocols. Relevant while settings_status is custom. Possible values are: ftp, http. | Optional |
#
Context OutputThere is no context output for this command.
#
Command example!cisco-wsa-access-policy-protocols-user-agents-update policy_name=test block_custom_user_agents=test allow_connect_ports=22,24 block_protocols=http
#
Human Readable OutputUpdated "test" access policy successfully.
#
cisco-wsa-access-policy-url-filtering-updateUpdate the URL filtering policy for access policy.
#
Base Commandcisco-wsa-access-policy-url-filtering-update
#
InputArgument Name | Description | Required |
---|---|---|
policy_name | Policy name to update. | Required |
predefined_categories_action | Predefined categories action. Possible values are: block, monitor, warn. | Optional |
predefined_categories | Comma-separated list of predefined categories. (Dependencies - use cisco-wsa-url-categories-list command to get all the custom & predefined categories.). | Optional |
youtube_categories_action | YouTube categories action. Possible values are: block, monitor, allow. | Optional |
youtube_categories | Comma-separated list of YouTube categories. | Optional |
custom_categories_action | Custom categories action. Possible values are: block, monitor, warn. | Optional |
custom_categories | Comma-separated list of custom categories. (Dependencies - use cisco-wsa-url-categories-list command to get all the custom & predefined categories.). | Optional |
uncategorized_url | Uncategorized URL action. Possible values are: use_global, block, monitor, warn. | Optional |
update_categories_action | When predefined URL categories are periodically updated, new categories may be introduced, or two (or more) existing categories may be merged. Select whether the most or least restrictive action should be applied in these cases. For new categories, in Access policies, most restrictive is always Block and least restrictive is always Monitor. For merged categories, the most or least restrictive setting will be selected out of the settings previously assigned. For instance, if category A was set to Block, and category B was set to Warn, and the two are merged into category C, the most restrictive action will be Block and the least restrictive action will be Warn. Possible values are: use_global, most restrictive, least restrictive. | Optional |
content_rating_status | When Site Content Rating is enabled, user access to web content rated as adult oriented or explicit on sites that support content rating will be denied. Supported sites include Flickr, Craigslist and YouTube. However, users can still access content on these websites that is not rated as adult oriented or explicit. Possible values are: enable, disable. | Optional |
content_rating_action | Action if site setting (content_rating_status) allows adult/explicit content. Possible values are: block, warn. | Optional |
safe_search_status | When Safe Search is enabled, non-safe content, including the cached non-safe content will be blocked from the search result from the following search engines: Dogpile, Yandex, Google, Yahoo, Bing, WebCrawler, DuckDuckGo, Dailymotion and eBay. If safe search failed to be enforced on a supported search engine, it will be blocked. Possible values are: enable, disable. | Optional |
unsupported_safe_search_engine | Action for search engines that don't support safe search. Possible values are: block, monitor. | Optional |
#
Context OutputThere is no context output for this command.
#
Command example!cisco-wsa-access-policy-url-filtering-update policy_name=test predefined_categories_action=monitor predefined_categories=Astrology custom_categories_action=block custom_categories=test
#
Human Readable OutputUpdated "test" access policy successfully.
#
cisco-wsa-access-policy-applications-updateUpdate applications policy for access policy. Only applicable for global_policy.
#
Base Commandcisco-wsa-access-policy-applications-update
#
InputArgument Name | Description | Required |
---|---|---|
policy_name | Policy name to update. | Required |
settings_status | Applications settings status. Possible values are: custom, use_global. Default is custom. | Optional |
application | Application type to perform the action on. Possible values are: Games, Enterprise Applications, Media, Collaboration, Instant Messaging, Facebook, Social Networking, Internet Utilities, Webmail, Proxies, Presentation / Conferencing, Software Updates, iTunes, Google+, File Sharing, Myspace, Blogging, LinkedIn, Office Suites. | Required |
action | Application action. Possible values are: monitor, block. | Required |
values | Comma-separated list of application values to perform the action on. | Required |
#
Context OutputThere is no context output for this command.
#
Command example!cisco-wsa-access-policy-applications-update policy_name=test application=Blogging action=block values=Blogger
#
Human Readable OutputUpdated "test" access policy successfully.
#
cisco-wsa-access-policy-objects-updateUpdate objects policy for access policy.
#
Base Commandcisco-wsa-access-policy-objects-update
#
InputArgument Name | Description | Required |
---|---|---|
policy_name | Policy name to update. | Required |
object_type | Object type to perform the action on. Possible values are: Executable Code, Web Page Content, Media, P2P Metafiles, Miscellaneous, Document Types, Archives, Installers, Inspectable Archives. | Optional |
object_action | Object action. Note: "inspect" and "allow" actions are only valid when the object type is "Inspectable Archives". Possible values are: monitor, block, allow, inspect. | Optional |
object_values | Comma-separated list of object values to perform the action on. | Optional |
block_custom_mime_types | Block custom MIME types, e.g., audio/x-mpeg3 or audio/*. | Optional |
http_or_https_max_object_size_mb | HTTP/HTTPS maximum download size. | Optional |
ftp_max_object_size_mb | FTP maximum download size. | Optional |
#
Context OutputThere is no context output for this command.
#
Command example!cisco-wsa-access-policy-objects-update policy_name=test object_type=Media object_action=block object_values=Audio http_or_https_max_object_size_mb=30 ftp_max_object_size_mb=20
#
Human Readable OutputUpdated "test" access policy successfully.
#
cisco-wsa-access-policy-anti-malware-updateUpdate the anti-malware policy for access policy.
#
Base Commandcisco-wsa-access-policy-anti-malware-update
#
InputArgument Name | Description | Required |
---|---|---|
policy_name | Policy name to update. | Required |
settings_status | Settings status for the anti-malware. Possible values are: custom, use_global. Default is custom. | Optional |
web_reputation_status | Web Reputation Filters will automatically block transactions with a low Web Reputation score. For transactions with a higher Web Reputation score, scanning will be performed using the services selected by Adaptive Scanning. If Web Reputation Filtering is disabled in this policy, transactions will not be automatically blocked based on low Web Reputation Score. Blocking of sites that contain malware or other high-risk content is controlled by the additional arguments. Possible values are: enable, disable. | Optional |
file_reputation_filtering_status | File Reputation Filters will identify transactions containing known malicious or high-risk files. Files that are unknown may be forwarded to the cloud for file analysis. Possible values are: enable, disable. | Optional |
file_reputation_action | File Reputation action. Possible values are: monitor, block. | Optional |
anti_malware_scanning_status | Anti-Malware scanning status. Possible values are: enable, disable. | Optional |
suspect_user_agent_scanning | Suspect user agent scanning action. Required while anti_malware_scanning_status is enabled. Not relevant while anti_malware_scanning_status is disabled. Possible values are: block, scan, none. | Optional |
block_malware_categories | Comma-separated list of malware categories to block. Required while anti_malware_scanning_status is enabled. Not relevant while anti_malware_scanning_status is disabled. Possible values are: Adware, Browser Helper Object, Commercial System Monitor, Dialer, Generic Spyware, Hijacker, Other Malware, Phishing URL, PUA, System Monitor, Trojan Downloader, Trojan Horse, Trojan Phisher, Virus, Worm. | Optional |
block_other_categories | Comma-separated list of other categories to block. Required while anti_malware_scanning_status is enabled. Not relevant while anti_malware_scanning_status is disabled. Possible values are: Encrypted File, Outbreak Heuristics, Unscannable. | Optional |
#
Context OutputThere is no context output for this command.
#
Command example!cisco-wsa-access-policy-anti-malware-update policy_name=test web_reputation_status=enable file_reputation_filtering_status=enable file_reputation_action=block anti_malware_scanning_status=enable suspect_user_agent_scanning=block block_malware_categories=Adware block_other_categories=Unscannable
#
Human Readable OutputUpdated "test" access policy successfully.
#
cisco-wsa-access-policy-deleteDelete access policy.
#
Base Commandcisco-wsa-access-policy-delete
#
InputArgument Name | Description | Required |
---|---|---|
policy_names | Comma-separated list of policy names to delete. | Required |
#
Context OutputThere is no context output for this command.
#
Command example!cisco-wsa-access-policy-delete policy_names=test
#
Human Readable OutputDeleted Access policy profiles successfully.
#
cisco-wsa-domain-map-listRetrieve domains mapping. Domain maps are DNS mappings of domain to IP addresses.
#
Base Commandcisco-wsa-domain-map-list
#
InputArgument Name | Description | Required |
---|---|---|
domain_names | Comma-separated list of domain names to retrieve. | Optional |
ip_addresses | Comma-separated list of IP addresses to search for. This argument will retrieve the domain map record if one of the IP addresses specified is mapped to the domain. . | Optional |
page | The page number of the results to retrieve. Minimum value is 1. | Optional |
page_size | The number of results per page. The maximum value is 100. | Optional |
limit | The maximum number of records to retrieve. Default is 50. | Optional |
#
Context OutputPath | Type | Description |
---|---|---|
CiscoWSA.DomainMap.domain_name | String | Domain name. |
CiscoWSA.DomainMap.ip_addresses | String | Mapped IP addresses. |
CiscoWSA.DomainMap.order | Number | Index of the domain map in the collection. |
#
Command example!cisco-wsa-domain-map-list limit=5
#
Context Example#
Human Readable Output#
Domain Map
Domain Name Ip Addresses Order ascxcdfdgdfgsfvd 19.23.2.23 1 ascxcdsfvd 19.23.2.23 2 ascxcvd 19.23.2.2 3 asd 19.2.2.2 4 cccc 5
#
cisco-wsa-domain-map-createCreate domain mapping for IP addresses.
#
Base Commandcisco-wsa-domain-map-create
#
InputArgument Name | Description | Required |
---|---|---|
domain_name | The domain name to create. | Required |
order | Index of the domain map in the collection. | Required |
ip_addresses | Comma-separated list of IP addresses to map for the domain. | Required |
#
Context OutputThere is no context output for this command.
#
Command example!cisco-wsa-domain-map-create domain_name=test.com order=1 ip_addresses=1.1.1.1
#
Human Readable OutputDomain "test.com" mapping created successfully.
#
cisco-wsa-domain-map-updateUpdate the domain map.
#
Base Commandcisco-wsa-domain-map-update
#
InputArgument Name | Description | Required |
---|---|---|
domain_name | The domain name to update. | Required |
new_domain_name | New domain name. | Optional |
order | Index of the domain map in the collection. | Optional |
ip_addresses | Comma-separated list of IP addresses to map for the domain. Updating this will overwrite the existing IP addresses. | Optional |
#
Context OutputThere is no context output for this command.
#
Command example!cisco-wsa-domain-map-update domain_name=test.com new_domain_name=test1.com order=2 ip_addresses=1.1.1.1,2.2.2.2
#
Human Readable OutputDomain "test.com" mapping updated successfully.
#
cisco-wsa-domain-map-deleteDelete domain map.
#
Base Commandcisco-wsa-domain-map-delete
#
InputArgument Name | Description | Required |
---|---|---|
domain_names | Comma-separated list of domain names to delete. | Required |
#
Context OutputThere is no context output for this command.
#
Command example!cisco-wsa-domain-map-delete domain_names=test1.com
#
Human Readable OutputDomain "test1.com" deleted successfully.
#
cisco-wsa-identification-profiles-listRetrieve identification profiles. Identification profiles are classifications of users, defining authentication requirements.
#
Base Commandcisco-wsa-identification-profiles-list
#
InputArgument Name | Description | Required |
---|---|---|
profile_names | Comma-separated list of profile names to retrieve. | Optional |
page | The page number of the results to retrieve. Minimum value is 1. | Optional |
page_size | The number of results per page. The maximum value is 100. | Optional |
limit | The maximum number of records to retrieve. Default is 50. | Optional |
#
Context OutputPath | Type | Description |
---|---|---|
CiscoWSA.IdentificationProfile.status | String | Identification Profile status. |
CiscoWSA.IdentificationProfile.profile_name | String | Identification Profile name. |
CiscoWSA.IdentificationProfile.description | String | Identification Profile description. |
CiscoWSA.IdentificationProfile.protocols | String | Identification Profile protocol. |
CiscoWSA.IdentificationProfile.order | Number | Identification Profile order in the list. |
CiscoWSA.IdentificationProfile.UrlCategories.predefined | String | Identification Profile predefined URL categories. |
CiscoWSA.IdentificationProfile.UrlCategories.custom | String | Identification Profile custom URL categories. |
CiscoWSA.IdentificationProfile.UrlCategories.uncategorized | String | Identification Profile uncategorized URL categories status. |
CiscoWSA.IdentificationProfile.ip | String | Identification Profile IP. |
CiscoWSA.IdentificationProfile.proxy_port | String | Identification Profile proxy port. |
CiscoWSA.IdentificationProfile.UserAgents.predefined | String | The predefined user-agent. |
CiscoWSA.IdentificationProfile.UserAgents.custom | String | User-agent custom. |
#
Command example!cisco-wsa-identification-profiles-list page=1 page_size=2
#
Context Example#
Human Readable Output#
Identification Profiles
Order Profile Name Status Description Members 1 hello enable Sample description ip: 12.2.2.6
protocols: http,
https,
ftp
proxy_ports: 4000,
50062 test123 enable test ip: 10.10.10.10
protocols: http,
https,
ftp,
socks
proxy_ports: 20-200,
966
#
cisco-wsa-identification-profiles-createCreate an identification profile.
#
Base Commandcisco-wsa-identification-profiles-create
#
InputArgument Name | Description | Required |
---|---|---|
profile_name | Profile name to create. | Required |
status | Status of new identification profile. Possible values are: enable, disable. Default is enable. | Optional |
description | Description of new identification profile. | Required |
order | Index of the identification profiles in the collection. Not applicable for global_identification_profile. Default is 1. | Optional |
protocols | Comma-separated list of network protocols of identification profile. Possible values are: HTTPS, SOCKS. Default is HTTPS. | Optional |
proxy_ports | Comma-separated list of proxy ports. Membership is defined by proxy port for forward connections, where certain clients have been configured to use a specific connecting port. For transparent connections, membership by proxy port applies to the port of the destination URL. Leave this field blank if membership by connecting proxy port is not needed. e.g., 22-1000,3331. | Optional |
members_by_subnet | Comma-separated list of members by Subnet. e.g., 10.1.1.0,10.1.1.0/24,10.1.1.1-10,2001:420:80:1::5. | Optional |
predefined_url_categories | Comma-separated list of URL categories to use as membership criteria. Leave blank if membership by URL category is not needed. (Dependencies - use cisco-wsa-url-categories-list command to get all the custom & predefined categories.). | Optional |
custom_url_categories | Comma-separated list of URL categories to use as membership criteria. Leave blank if membership by URL category is not needed. (Dependencies - use cisco-wsa-url-categories-list command to get all the custom & predefined categories.). | Optional |
#
Context OutputThere is no context output for this command.
#
Command example!cisco-wsa-identification-profiles-create profile_name=test status=enable description=test protocols=HTTPS order=1
#
Human Readable OutputCreated identification profile "test" successfully.
#
cisco-wsa-identification-profiles-updateUpdate the identification profile. This command rewrites the profile values (does not append). For example, if the proxy_ports is defined as 4000,5000 and you insert proxy_ports=8000, the proxy_ports will be 8000.
#
Base Commandcisco-wsa-identification-profiles-update
#
InputArgument Name | Description | Required |
---|---|---|
profile_name | Profile name to update. | Required |
new_profile_name | New profile name for the identification profile. | Optional |
status | Updated the status of the identification profile. Possible values are: enable, disable. | Optional |
description | Updated description of the identification profile. | Optional |
order | Index of the Identification profile in the collection. Not applicable for global_identification_profile. | Optional |
protocols | Comma-separated list of network protocols of the identification profile. Possible values are: HTTPS, SOCKS. Default is HTTPS. | Optional |
proxy_ports | Comma-separated list of proxy ports. Membership is defined by the proxy port for forward connections, where certain clients have been configured to use a specific connecting port. For transparent connections, membership by proxy port applies to the port of the destination URL. Leave this field blank if membership by connecting proxy port is not needed. e.g., 22-1000,3331. | Optional |
members_by_subnet | Comma-separated list of members by subnet. e.g., 10.1.1.0,10.1.1.0/24,10.1.1.1-10,2001:420:80:1::5. | Optional |
predefined_url_categories | Comma-separated list of URL categories to use as membership criteria. Leave blank if membership by URL category is not needed. (Dependencies - use cisco-wsa-url-categories-list command to get all the custom & predefined categories.). | Optional |
custom_url_categories | Comma-separated list of URL categories to use as membership criteria. Leave blank if membership by URL category is not needed. (Dependencies - use cisco-wsa-url-categories-list command to get all the custom & predefined categories.). | Optional |
#
Context OutputThere is no context output for this command.
#
Command example!cisco-wsa-identification-profiles-update profile_name=test description=testtest protocols=HTTPS,SOCKS order=2
#
Human Readable OutputUpdated identification profile "test" successfully.
#
cisco-wsa-identification-profiles-deleteDelete identification profiles.
#
Base Commandcisco-wsa-identification-profiles-delete
#
InputArgument Name | Description | Required |
---|---|---|
profile_names | Comma-separated list of profile names to delete. | Required |
#
Context OutputThere is no context output for this command.
#
Command example!cisco-wsa-identification-profiles-delete profile_names=test
#
Human Readable OutputDeleted identification profiles successfully.
#
cisco-wsa-url-categories-listRetrieve URL categories of available categories to allow/block in access policies.
#
Base Commandcisco-wsa-url-categories-list
#
InputArgument Name | Description | Required |
---|---|---|
contain | A string that contains the category to search for. | Optional |
type | Type of category. Possible values are: custom, predefined. | Optional |
#
Context OutputPath | Type | Description |
---|---|---|
CiscoWSA.UrlCategory.predefined | String | Predefined URL categories. |
CiscoWSA.UrlCategory.custom | String | Custom URL categories. |
#
Command example!cisco-wsa-url-categories-list
#
Context Example#
Human Readable Output#
URL categories
Custom Predefined test,
AdultAdult,
Advertisements,
Alcohol,
Animals and Pets,
Arts,
Astrology,
Auctions,
Business and Industry,
Cannabis,
Chat and Instant Messaging,
Cheating and Plagiarism,
Child Abuse Content,
Cloud and Data Centers,
Computer Security,
Computers and Internet,
Conventions, Conferences and Trade Shows,
Cryptocurrency,
Cryptomining,
DIY Projects,
DNS-Tunneling,
Dating,
Digital Postcards,
Dining and Drinking,
DoH and DoT,
Dynamic DNS Provider,
Dynamic and Residential,
Education,
Entertainment,
Extreme,
Fashion,
File Transfer Services,
Filter Avoidance,
Finance,
Freeware and Shareware,
Gambling,
Games,
Government and Law,
Hacking,
Hate Speech,
Health and Medicine,
Humor,
Hunting,
Illegal Activities,
Illegal Downloads,
Illegal Drugs,
Infrastructure and Content Delivery Networks,
Internet Telephony,
Internet of Things,
Job Search,
Lingerie and Swimsuits,
Lotteries,
Military,
Mobile Phones,
Museums,
Nature and Conservation,
News,
Non-governmental Organizations,
Non-sexual Nudity,
Not Actionable,
Online Communities,
Online Document Sharing and Collaboration,
Online Meetings,
Online Storage and Backup,
Online Trading,
Organizational Email,
Paranormal,
Parked Domains,
Peer File Transfer,
Personal Sites,
Personal VPN,
Photo Search and Images,
Politics,
Pornography,
Private IP Addresses as Host,
Professional Networking,
Real Estate,
Recipes and Food,
Reference,
Regional Restricted Sites (Germany),
Regional Restricted Sites (Great Britain),
Regional Restricted Sites (Italy),
Regional Restricted Sites (Poland),
Religion,
SaaS and B2B,
Safe for Kids,
Science and Technology,
Search Engines and Portals,
Sex Education,
Shopping,
Social Networking,
Social Science,
Society and Culture,
Software Updates,
Sports and Recreation,
Streaming Audio,
Streaming Video,
Terrorism and Violent Extremism,
Tobacco,
Transportation,
Travel,
URL Shorteners,
Weapons,
Web Cache and Archives,
Web Hosting,
Web Page Translation,
Web-based Email