Closed gchamon closed 4 years ago
Hello! Thank you for opening your first issue in this repo. It’s people like you who make these host files better!
Hi Gabriel @gchamon the inesis.us-east-1.amazonaws.com
domain comes to us via AdAway.
Ping @jawz101, can you have a look at this one? Thanks.
Thanks for the quick reply! Love the project btw!!
I'll think about it. Looking into the product Amazon Kinesis involves realtime analytics processing and I can see that be for ads and tracking
Nielsen TV ratings, Salesforce, Zeta, Quantcast use cases
Amazon Prime Video advertising at scale
more Amazon vids demoing it for realtime analytics
Someone can whitelist it but I'm not interested in doing so unless it affects me on my phone. When I see my phone churning out connections to it because Amazon wants to analyze everything I do, read from logcat logs and whatnot- I really don't have interest in helping them because their whole platform is built on your phone being a portable cash register you buy.
Certainly they sell the infrastructure to others to use in other solutions but I'm not inclined to simply remove it for those few use cases when the majority of its service is for analyzing end users sentiments and interactions.
Thanks @jawz101 I appreciate the thorough assessment here.
Gabriel @gchamon I trust the judgment our curators — they are Good People.
Closing.
@StevenBlack
Thanks for the feedback, it was interesting to see ways kinesis is used directly to handle ads streams.
I will have to whitelist it, but I am happy to know this is not a wrongly blacklisted domain.
Just one more thought...
Kinesis is also available in the following regions: [1]
It might be interesting to discuss with the curators to add those regions to the list. As it stands now, only data streams based in North Virginia will be blocked. If ads streams are set in São Paulo, for instance, they will not be blocked by this list because kinesis.sa-east-1.amazonaws.com
is not in the list. [2]
[1] https://aws.amazon.com/about-aws/global-infrastructure/regional-product-services/
[2] https://docs.aws.amazon.com/general/latest/gr/rande.html
@jawz101 you got dis ⬆️ ?
0.0.0.0 firehose.ap-east-1.amazonaws.com
0.0.0.0 kinesis.ap-east-1.amazonaws.com
0.0.0.0 logs.ap-east-1.amazonaws.com
0.0.0.0 firehose.ap-northeast-1.amazonaws.com
0.0.0.0 kinesis.ap-northeast-1.amazonaws.com
0.0.0.0 logs.ap-northeast-1.amazonaws.com
0.0.0.0 firehose.ap-northeast-2.amazonaws.com
0.0.0.0 kinesis.ap-northeast-2.amazonaws.com
0.0.0.0 logs.ap-northeast-2.amazonaws.com
0.0.0.0 kinesis.ap-northeast-3.amazonaws.com
0.0.0.0 logs.ap-northeast-3.amazonaws.com
0.0.0.0 firehose.ap-south-1.amazonaws.com
0.0.0.0 kinesis.ap-south-1.amazonaws.com
0.0.0.0 logs.ap-south-1.amazonaws.com
0.0.0.0 firehose.ap-southeast-1.amazonaws.com
0.0.0.0 kinesis.ap-southeast-1.amazonaws.com
0.0.0.0 logs.ap-southeast-1.amazonaws.com
0.0.0.0 firehose.ap-southeast-2.amazonaws.com
0.0.0.0 kinesis.ap-southeast-2.amazonaws.com
0.0.0.0 logs.ap-southeast-2.amazonaws.com
0.0.0.0 firehose.ca-central-1.amazonaws.com
0.0.0.0 kinesis.ca-central-1.amazonaws.com
0.0.0.0 logs.ca-central-1.amazonaws.com
0.0.0.0 firehose.eu-central-1.amazonaws.com
0.0.0.0 kinesis.eu-central-1.amazonaws.com
0.0.0.0 logs.eu-central-1.amazonaws.com
0.0.0.0 firehose.eu-north-1.amazonaws.com
0.0.0.0 kinesis.eu-north-1.amazonaws.com
0.0.0.0 logs.eu-north-1.amazonaws.com
0.0.0.0 firehose.eu-west-1.amazonaws.com
0.0.0.0 kinesis.eu-west-1.amazonaws.com
0.0.0.0 logs.eu-west-1.amazonaws.com
0.0.0.0 firehose.eu-west-2.amazonaws.com
0.0.0.0 kinesis.eu-west-2.amazonaws.com
0.0.0.0 logs.eu-west-2.amazonaws.com
0.0.0.0 firehose.eu-west-3.amazonaws.com
0.0.0.0 kinesis.eu-west-3.amazonaws.com
0.0.0.0 logs.eu-west-3.amazonaws.com
0.0.0.0 firehose.me-south-1.amazonaws.com
0.0.0.0 kinesis.me-south-1.amazonaws.com
0.0.0.0 logs.me-south-1.amazonaws.com
0.0.0.0 firehose.sa-east-1.amazonaws.com
0.0.0.0 kinesis.sa-east-1.amazonaws.com
0.0.0.0 logs.sa-east-1.amazonaws.com
0.0.0.0 firehose.us-east-1.amazonaws.com
0.0.0.0 firehose-fips.us-east-1.amazonaws.com
0.0.0.0 kinesis.us-east-1.amazonaws.com
0.0.0.0 kinesis-fips.us-east-1.amazonaws.com
0.0.0.0 logs.us-east-1.amazonaws.com
0.0.0.0 firehose.us-east-2.amazonaws.com
0.0.0.0 firehose-fips.us-east-2.amazonaws.com
0.0.0.0 kinesis.us-east-2.amazonaws.com
0.0.0.0 kinesis-fips.us-east-2.amazonaws.com
0.0.0.0 logs.us-east-2.amazonaws.com
0.0.0.0 firehose.us-gov-east-1.amazonaws.com
0.0.0.0 firehose-fips.us-gov-east-1.amazonaws.com
0.0.0.0 kinesis.us-gov-east-1.amazonaws.com
0.0.0.0 logs.us-gov-east-1.amazonaws.com
0.0.0.0 firehose.us-gov-west-1.amazonaws.com
0.0.0.0 firehose-fips.us-gov-west-1.amazonaws.com
0.0.0.0 kinesis.us-gov-west-1.amazonaws.com
0.0.0.0 logs.us-gov-west-1.amazonaws.com
0.0.0.0 firehose.us-west-1.amazonaws.com
0.0.0.0 firehose-fips.us-west-1.amazonaws.com
0.0.0.0 kinesis.us-west-1.amazonaws.com
0.0.0.0 kinesis-fips.us-west-1.amazonaws.com
0.0.0.0 logs.us-west-1.amazonaws.com
0.0.0.0 firehose.us-west-2.amazonaws.com
0.0.0.0 firehose-fips.us-west-2.amazonaws.com
0.0.0.0 kinesis.us-west-2.amazonaws.com
0.0.0.0 kinesis-fips.us-west-2.amazonaws.com
kinesis
- Kinesis Data Streams
firehose
- Kinesis Data Firehose
logs
- Amazon CloudWatch
hmm.... well maybe I need to just remove it. When I see something like FIPS I feel like I would be causing some sort of crypto/authentication mechanism.
I went ahead and removed them. If anyone has any more insight into the whole enchilada I'd be interested to know what they may be used for.
Has kinesis.us-east-1.amazonaws.com
recently been added back to the list? Last night my Phyn water leak detector stopped working and I got it to work again by whitelisting kinesis.us-east-1.amazonaws.com
based on the instructions at https://www.phyn.com/help/why-am-i-not-seeing-water-usage-events-in-water-use-plus-i-cant-run-plumbing-checks-and-im-getting-phyn-is-having-trouble-communicating-with-your-device-messages/.
Is it possible to whitelisting a domain only for a specific client?
Edit: I found the answer to the latter question here: https://docs.pi-hole.net/database/gravity/example/
ping @jawz101 for assist ☝️
Removed. Thanks
Thanks Jawz @jawz101!
@jawz101 So do I understand correctly that those kinesis domains are used both for adds and more essential stuff, which forces us to unblock it? If so, is this a general trend for corporations to circumvent adblockers?
@tophee I don't know. People kept talking about it so I removed it.
@jawz101 the FIPS domains are AWS locations that only use FIPS cryptography. They're usually only used by government services or by companies selling to the government.
@ericlagergren old post. It's not in adaway
@jawz101 I understand, just wanted to clarify that for you.
Today I was left puzzled as to why
kinesis.us-east-1.amazonaws.com
was resolving to0.0.0.0
as I was producing a plan with terraform to check out a production bug in our infrastructure.It turns out that the DNS is in the hosts file. It didn't really take me too long to find, because of the handy DNS Query List tool in pihole, but still, why is this domain blocked here in the first place?
I managed to workaround it by whitelisting it in pihole, but is there some serious security consideration to justify blocking this domain? Is this abused somehow by shady domains?
Thanks!