search

StevenBlack / hosts

πŸ”’ Consolidating and extending hosts files from several well-curated sources. Optionally pick extensions for porn, social media, and other categories.
MIT License
27.03k stars 2.24k forks source link

[ADDING] Ad domains to block #1368

Closed gracjankn closed 4 years ago

gracjankn commented 4 years ago 
cdnt1.wp.pl
cdnt2.wp.pl
cdnt3.wp.pl
cdnt4.wp.pl
cdnt5.wp.pl
cdnt6.wp.pl
cdnt7.wp.pl
cdnt8.wp.pl
cdnt9.wp.pl
cdnt10.wp.pl
y.wpimg.pl
a.wpimg.pl
x.wpimg.pl
v.wpimg.pl
erk.www.wp.pl
rek.www.wp.pl
dva.wp.pl
pixel6.wp.pl
trafficjunky.com
welcome[bot] commented 4 years ago

Hello! Thank you for opening your first issue in this repo. It’s people like you who make these host files better!

StevenBlack commented 4 years ago

Thank you @gracjankn

@hawkeye116477 and @krystian3w, given the .pl TLD, would you take these to list? Thanks!

hawkeye116477 commented 4 years ago

No, KAD list doesn't block safe advertisement or analytics domains. That's handled by https://github.com/MajkiIT/polish-ads-filter/blob/master/polish-pihole-filters/hostfile.txt.

StevenBlack commented 4 years ago

Thanks @hawkeye116477.

For interest's sake, evaluating MajkiIT/polish-ads-filter/ yields a 2,668 domain intersection with our base list.

$ ./ghosts -c https://raw.githubusercontent.com/MajkiIT/polish-ads-filter/master/polish-pihole-filters/hostfile.txt
----------------------------------------
Base hosts file summary:
----------------------------------------
Location: https://raw.githubusercontent.com/StevenBlack/hosts/master/hosts
Domains: 57,835
Bytes: 1.8 MB
----------------------------------------
----------------------------------------
Compared hosts file summary:
----------------------------------------
Location: https://raw.githubusercontent.com/MajkiIT/polish-ads-filter/master/polish-pihole-filters/hostfile.txt
Domains: 3,130
Bytes: 78 kB
----------------------------------------
Intersection: 2,668 domains
StevenBlack commented 4 years ago

@gracjankn can you tell me, where do these domains come from? How did you get, or determine, this set of 19 domains?

krystian3w commented 4 years ago

trafficjunky.com this is international porn tracking site.

StevenBlack commented 4 years ago

Keystian @krystian3w we know all about trafficjunky β€” we already list several of its .net domains. These for example:

ads.trafficjunky.net
media.trafficjunky.net
ctrack.trafficjunky.net
static.trafficjunky.net
delivery.trafficjunky.net
tracking.trafficjunky.net
pt.trafficjunky.net
viamichelin.media.trafficjunky.net
trafficjunky.net

But trafficjunky.com appears to be the home page of the company proper. Are they serving ads from their home domain? I've seen no evidence of that.

Our mission is to stop ads, tracking, and malware in all its forms. We aren't in the business of removing companies from the internet, or hindering access to them. It's a fine line. The inclusion of trafficjunky.com, absent evidence or operational use of trafficjunky.com to trade, track, or harm users, makes all the domains listed in this issue suspect, and subject to extra scrutiny.

krystian3w commented 4 years ago

Are they serving ads from their home domain? I've seen no evidence of that.

Uses subdomain "static" on few international porn sites, but no Polish on o2.pl / www.wp.pl:

Logger output about static subdomain | | | | | | | | |:--- |:--- |:--- |:--- |:--- |:--- |:--- | | +1 | \|\|trafficjunky.com^$3p | -- | `-` | 3 | script | `https://static.trafficjunky.com/invocation/popunder/production/popunder.min.js` | | +1 | \|\|trafficjunky.com^$3p | -- | `-` | 3 | script | `https://static.trafficjunky.com/invocation/embeddedads/production/embeddedads.es6.min.js` | | +1 | \|\|trafficjunky.com^$3p | -- | `-` | 3 | script | `https://static.trafficjunky.com/ab/ads_test.js` | | +1 | \|\|trafficjunky.com^$3p | -- | `-` | 3 | script | `https://static.trafficjunky.com/ab/ads_test.js` |
gracjankn commented 4 years ago

Keystian @krystian3w we know all about trafficjunky β€” we already list several of its .net domains. These for example:

ads.trafficjunky.net
media.trafficjunky.net
ctrack.trafficjunky.net
static.trafficjunky.net
delivery.trafficjunky.net
tracking.trafficjunky.net
pt.trafficjunky.net
viamichelin.media.trafficjunky.net
trafficjunky.net

But trafficjunky.com appears to be the home page of the company proper. Are they serving ads from their home domain? I've seen no evidence of that.

Our mission is to stop ads, tracking, and malware in all its forms. We aren't in the business of removing companies from the internet, or hindering access to them. It's a fine line. The inclusion of trafficjunky.com, absent evidence or operational use of trafficjunky.com to trade, track, or harm users, makes all the domains listed in this issue suspect, and subject to extra scrutiny.

I didn't know that. I set up dns blocking for a person and it showed up in their logs. I read it's related to advertising, so I reported it.

gracjankn commented 4 years ago

@gracjankn can you tell me, where do these domains come from? How did you get, or determine, this set of 19 domains?

I was setting up NextDNS for a none tech savvy user. Regarding the last site, I just seen that a few days later in their logs and it looked suspicious, so I googled it and read it's related to advertising.

All other domains I figured out immediately after setting it up, when I checked the site o2.pl, because they're using its email service and I wanted to make sure it works (horrible idea btw, but it's not easy to convince them to stop). All of these domains are used for serving ads on this website (a ton of very in-your-face ones specifically).

krystian3w commented 4 years ago

IMO block these wp.pl subdomains is danger for legit content:

o2 - Serce Internetu
Legit miniatures (thumbnails) gone due block v.wpimg.pl

trafficjunky.com on o2.pl / www.wp.pl? It doesn't show up all over my logger as a third-party element.

amusebouche commented 4 years ago

On that note, the following domains (and businesses) seem pretty legit to me:

https://amaimaging.net
https://www.demasisrl.com
https://www.drbutyonline.com/
https://www.ubezpieczenie4you.pl/
http://www.butybuffalo.pl/
https://xclusivemarine.com/

What is the reason they were added to the list?

hawkeye116477 commented 4 years ago

drbutyonline.com

They impersonate another company and don't have any rules and contact data.

krystian3w commented 4 years ago

Fake scam shops

about ubezpieczenie4you.pl:

insurance = ubezpieczenie(4you) - so why sell "normal" clothes and shoes,

They are not any mountain boots or outfits to protect against bullets / cold / heights.

about butybuffalo.pl:

smell fake, company have https://www.buffalo-boots.com/en-pl/home and may sell by big brand like Zalando / AboutYou.pl

krystian3w commented 4 years ago

banned by Online Malicious URL Blocklist

HOSTS no support block folders like:

so on DNS level needed is block all domain - I don't know if the creator has a habit of trying to deal with the owners of outdated WordPress..

StevenBlack commented 4 years ago

This issue is all over the map. There's no focus. It seems like a bunch of stuff just randomly appended to what's before.

We're mostly an aggregator of hosts files from active and reputable curators of hosts files, and we package these amalgamated hosts files in various ways.

I don't see any action arising from this particular discussion.

Closing.