settings-win.data.microsoft.com

[xxcriticxx]

false positive?

Match found in https://raw.githubusercontent.com/crazy-max/WindowsSpyBlocker/master/data/hosts/spy.txt:
   db5.settings-win.data.microsoft.com.akadns.net 
   db5-eap.settings-win.data.microsoft.com.akadns.net 
   geo.settings-win.data.microsoft.com.akadns.net 

 Match found in https://raw.githubusercontent.com/crazy-max/WindowsSpyBlocker/master/data/hosts/spy.txt:
   settingsfd-geo.trafficmanager.net 

this was fixed before: https://github.com/StevenBlack/hosts/issues/1114

[xxcriticxx]

cc @beerisgood

[WaLLy3K]

Hey @xxcriticxx, thanks for pointing this out! If you could lodge a ticket over on @crazy-max's WindowsSpyBlocker repo, it should hopefully be resolved quickly because I definitely don't think Microsoft Defender Advanced Threat Protection should be blocked.

[xxcriticxx]

ok i will open ticket on his/her's repo

[beerisgood]

Yeah this is a false positive and thankfully StevenBlack / someonewhocares.org fix this.

Let's see how the WindowsSpyBlocker handle that.

Thanks @xxcriticxx for ping me.

[WaLLy3K]

https://github.com/crazy-max/WindowsSpyBlocker/issues/224#issuecomment-650396820

@p1r473 settings-win.data.microsoft.com is already in the extra rules.

Not sure what to make of that response. It looks specifically looks like settingsfd-geo.trafficmanager.net is the reason the domain is getting blocked, by Pi-hole's CNAME resolution. If their extra rules is a whitelist file, then that domain will perhaps also need to go in there.

[crazy-max]

@WaLLy3K

If their extra rules is a whitelist file

Extra rules are a bit of a catch-all and may impact certain services and third party applications like Skype, Bing, Live, Outlook, NCSI, Microsoft Office, Windows Store, ...