crssi / NextDNS-Config

GNU General Public License v3.0
28 stars 4 forks source link

Anudeep's Blacklist #3

Closed beerisgood closed 3 years ago

beerisgood commented 3 years ago

Thanks to your https://oisd.nl/?p=inc link i found that Anudeep's list is already integrated.

NextDNS say last update is 2 months and "oisd" remove dead domains & false positives, so why add it beside "oisd"?

crssi commented 3 years ago

OISD is super great, no doubt. But sometimes Stephan does an exclusion to many even for my taste... exclusions you will find here https://oisd.nl/excludes.php

There are a few that I would like to have blocked, even it was excluded from OISD. Not many but just enough.

For example https://oisd.nl/excludes.php?w=s7.addthis.com: Prevalence is quite high on Internet for s7.addthis.com and I really do not care about a single breakage at https://www.freubelweb.nl/category/haakpatroon/.

I don't want to chase such around and add them manually so Anudeep brings such in quite nicely... not a lot, but those are quite important and heavy on traffic. I do have a few complaints, but not important ones.

If a list was last updated long time ago that does not mean it is not good and still can be very valid... and Anudeep comes around every few months to update the list and to resolve the issues. But frankly, It makes me nervous too when he is AWOL for a longer time. 😉

I will make a diff search through a log later today and give you more examples. Will try not to forget, otherwise kick me. 😄

beerisgood commented 3 years ago

Thanks for your very good reply! Get some beer :D

crssi commented 3 years ago

As promised... domains that were blocked only by Anudeep and not any others (even OISD)... you will find at least a few that are worth to be blocked.

100009098.collect.igodigital.com
aax-us-iad.amazon.com
acs.m.taobao.com
adobe.tt.omtrdc.net
adservice.google.co.uk
advertising.amazon.com
analytics.google.com
api.amplitude.com
api.brs.intl.miui.com
api.comm.miui.com
api.device.xiaomi.net
api.leanplum.com
api.micloud.xiaomi.net
api.onesignal.com
api.parsely.com
api.sec.intl.miui.com
api.sec.miui.com
api.setting.intl.miui.com
api.yotpo.com
api1.accengage.com
api10.accengage.com
api2.accengage.com
api2.branch.io
api3.accengage.com
api4.accengage.com
api5.accengage.com
api6.accengage.com
api7.accengage.com
api8.accengage.com
api9.accengage.com
app.chat.global.xiaomi.net
authbe.sec.intl.miui.com
b.scorecardresearch.com
b.stats.paypal.com
bea4.v.fwmrm.net
bnc.lt
c.evidon.com
c.live.com
c.msn.com
c1.microsoft.com
ca-eu.cookie-script.com
cdn.branch.io
cdn.mouseflow.com
cdn.mxpnl.com
cdn.onesignal.com
cdn.refersion.com
cdn.segment.com
cdn.segment.io
cdn-gl.imrworldwide.com
cdn-swell-assets.yotpo.com
cdn-yotpo-images-production.yotpo.com
client_monitor.isnssdk.com
clientcdn.pushengage.com
connect.rom.miui.com
d.agkn.com
delivery.vidible.tv
device-api.urbanairship.com
dmtracking2.alibaba.com
doubleclick.net
e.crashlytics.com
entitlements.jwplayer.com
events.launchdarkly.com
events.mapbox.com
find.api.micloud.xiaomi.net
fitbitinc.tt.omtrdc.net
flash.sec.intl.miui.com
f-log-at.grammarly.io
fp.msedge.net
fr.app.chat.global.xiaomi.net
fundingchoicesmessages.google.com
g.ezoic.net
galleryapi.micloud.xiaomi.net
gnar.grammarly.com
googletagservices.com
graph.instagram.com
gscounters.us1.gigya.com
h.online-metrix.net
img.onesignal.com
js.hs-scripts.com
js-agent.newrelic.com
js-sec.indexww.com
jssocdn.indiatimes.com
log.quora.com
mads.amazon.com
mads-eu.amazon.com
mboxedge37.tt.omtrdc.net
mc.yandex.ru
metok-ccc.intl.xiaomi.com
nexus.ensighten.com
nvidia.tt.omtrdc.net
outbrain.com
p.typekit.net
p.yotpo.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.quantserve.com
pixel.wp.com
polldaddy.com
pubads.g.doubleclick.net
realtime.services.disqus.com
referrer.disqus.com
remote-data.urbanairship.com
reports.crashlytics.com
resolver.msg.global.xiaomi.net
s.cdn.turner.com
s0.2mdn.net
s7.addthis.com
sb.scorecardresearch.com
scorecardresearch.com
secureads.g.doubleclick.net
secure-us.imrworldwide.com
self.events.data.microsoft.com
snippets.cdn.mozilla.net
sparbusinessservices.tt.omtrdc.net
ssor.tribdss.com
sstats.adobe.com
static.chartbeat.com
static.hotjar.com
staticw2.yotpo.com
stats.redditmedia.com
stats.unity3d.com
survey.euro.confirmit.com
t.myvisualiq.net
tags.bkrtx.com
tags.tiqcdn.com
tm.paysafecard.com
track.adform.net
us.ynuf.alipay.com
us04logfiles.zoom.us
usage.trackjs.com
v2.zopim.com
v7.stats.avast.com
v7event.stats.avast.com
woodpecker.uc.cn
www.addthis.com
www.baidu.com
www.clickcease.com
www.googletagmanager.com
www.googletagservices.com
www.statcounter.com
wzrkt.com
ynuf.alipay.com
zdbb.net
zn_0pxrmhobblncaad-hpsupport.siteintercept.qualtrics.com
zn0pxrmhobblncaad-hpsupport.siteintercept.qualtrics.com
zn3aphtrmui7fnkwh-redventures.siteintercept.qualtrics.com
zn6munqcr3szvds3x-academiaconsulting.siteintercept.qualtrics.com
zn8p1dph4rgqzwv0x-move.siteintercept.qualtrics.com
beerisgood commented 3 years ago

I see. Thanks for your research. Highly appreciate it!

Question solved 👍

crssi commented 3 years ago

OT: I am also looking at AdGuard DNS filter. In a two week period I haven't noticed any breakages using it

Since without, those are slipping through (At least in 24hrs period, so there is sure some more):

beacons.gvt2.com
beacons2.gvt2.com
beacons3.gvt2.com
beacons4.gvt2.com
beacons5.gvt2.com
beacons5.gvt3.com
e2clock.gcp.gvt2.com
global.video.intl.xiaomi.com
links.e.sportpursuit.com
medals.bizrate.com
open.mkt51.net
seal.websecurity.norton.com
tracking.epicgames.com
widget.trustpilot.com

But... look at this https://help.nextdns.io/t/60hz6md/metric-gstatic-com-is-not-blocked-but-it-should-be. I really love NextDNS as an idea and a solution. But their ignorance, like this sample, and on GitHub really bothers and worries me greatly. 😞

beerisgood commented 3 years ago

In the past I got a lot false positives with AdGuard DNS and they're slowly in response and fixing.. same like NextDNS :(

On same way I agree with NextDNS whitelisting some important domains no matter if it's included in blacklist or not but I fully agree with you that they should publish this list. It also looks to me that they're overwhelmed a little.

crssi commented 3 years ago

OT: @beerisgood Do you remember which false positives did you got with AdGuard DNS? Do you know something about device-provisioning.googleapis.com? If I would expect something like that, I would expect it on Androids, but I have noticed those also on iPhones.

This is what I have found:

# prevents the first time visiting google.com in a session from being blocked
 device-provisioning.googleapis.com

Cheers

beerisgood commented 3 years ago

Do you remember which false positives did you got with AdGuard DNS?

Sadly only https://github.com/AdguardTeam/AdGuardSDNSFilter/issues/459 My decision leaving them was their bad available DNS itself.

Do you know something about device-provisioning.googleapis.com? If I would expect something like that, I would expect it on Androids, but I have noticed those also on iPhones.

i never read about that domain but wonder why an iPhone would connect it from OS level.

beerisgood commented 3 years ago

I remove his list because of https://github.com/anudeepND/blacklist/commit/73ff383d382aca15bf572c2f5a7e4c8b9a2a81e8

So, i use now only OISD, 1Hosts (Lite) and "No-Facebook"

crssi commented 3 years ago

OK, but what exactly is the problem?

beerisgood commented 3 years ago

It's Windows domain blocking. I allow needed telemetry on client side, so it doesn't make sense blocking them on DNS level.

I avoid all lists which do this nonsense.

crssi commented 3 years ago

I see. Thank you for explanation.

Wish you a nice weekend... cheers