search

hagezi / dns-blocklists

DNS-Blocklists: For a better internet - keep the internet clean!
GNU General Public License v3.0
4.7k stars 150 forks source link

Facebook Netseer Domains #3010

Closed Retold3202 closed 4 days ago

Retold3202 commented 4 days ago

Which domain(s) should be blocked?

167db6c2-36d1-4a99-b3c6-83cabdec8876-netseer-ipaddr-assoc.xz.fbcdn.net 167db6c2-36d1-4a99-b3c6-83cabdec8876-netseer-ipaddr-assoc.xy.fbcdn.net 628c0130-8d2b-427b-8df8-5670dffeb313-netseer-ipaddr-assoc.xy.fbcdn.net 628c0130-8d2b-427b-8df8-5670dffeb313-netseer-ipaddr-assoc.xz.fbcdn.net 01e6c6ea-2e3c-4021-8155-36bc65c28c09-netseer-ipaddr-assoc.xy.fbcdn.net 01e6c6ea-2e3c-4021-8155-36bc65c28c09-netseer-ipaddr-assoc.xz.fbcdn.net 56ea1a1b-e2d4-4a60-86f6-a21305688d5e-netseer-ipaddr-assoc.xz.fbcdn.net 56ea1a1b-e2d4-4a60-86f6-a21305688d5e-netseer-ipaddr-assoc.xy.fbcdn.net a761b540-3575-4fcc-8795-28cdfcd2e7c6-netseer-ipaddr-assoc.xz.fbcdn.net a761b540-3575-4fcc-8795-28cdfcd2e7c6-netseer-ipaddr-assoc.xy.fbcdn.net 35d6d111-2bc3-4845-ba76-d732812b1a9e-netseer-ipaddr-assoc.xy.fbcdn.net 35d6d111-2bc3-4845-ba76-d732812b1a9e-netseer-ipaddr-assoc.xz.fbcdn.net 2806a65c-1aa4-4e30-8338-f79d676c29fa-netseer-ipaddr-assoc.xz.fbcdn.net 2806a65c-1aa4-4e30-8338-f79d676c29fa-netseer-ipaddr-assoc.xy.fbcdn.net f736c80e-46f4-4ded-9055-c12c8a268321-netseer-ipaddr-assoc.xz.fbcdn.net f736c80e-46f4-4ded-9055-c12c8a268321-netseer-ipaddr-assoc.xy.fbcdn.net c66ca2a5-51f4-4ab7-b3dd-2c0cdba61723-netseer-ipaddr-assoc.xy.fbcdn.net c66ca2a5-51f4-4ab7-b3dd-2c0cdba61723-netseer-ipaddr-assoc.xz.fbcdn.net d34b9117-aee5-4e54-a581-966d4ae4f97f-netseer-ipaddr-assoc.xy.fbcdn.net d34b9117-aee5-4e54-a581-966d4ae4f97f-netseer-ipaddr-assoc.xz.fbcdn.net 50b9559e-b570-49ee-b7da-fa85bdbcaa3c-netseer-ipaddr-assoc.xy.fbcdn.net 50b9559e-b570-49ee-b7da-fa85bdbcaa3c-netseer-ipaddr-assoc.xz.fbcdn.net 733d2c87-b233-421b-80a8-58d83a75d0c1-netseer-ipaddr-assoc.xy.fbcdn.net 733d2c87-b233-421b-80a8-58d83a75d0c1-netseer-ipaddr-assoc.xz.fbcdn.net 99d95526-8bd5-4249-92cb-c32450244843-netseer-ipaddr-assoc.xz.fbcdn.net 99d95526-8bd5-4249-92cb-c32450244843-netseer-ipaddr-assoc.xy.fbcdn.net 8ca12388-cfbe-4a2d-9a9d-e74a8262ec9f-netseer-ipaddr-assoc.xy.fbcdn.net 8ca12388-cfbe-4a2d-9a9d-e74a8262ec9f-netseer-ipaddr-assoc.xz.fbcdn.net 3e2f0610-490c-4c31-b0a3-44ca265718cc-netseer-ipaddr-assoc.xy.fbcdn.net 3e2f0610-490c-4c31-b0a3-44ca265718cc-netseer-ipaddr-assoc.xz.fbcdn.net be02d387-7871-49d8-ac43-31340b79ca8b-netseer-ipaddr-assoc.xz.fbcdn.net be02d387-7871-49d8-ac43-31340b79ca8b-netseer-ipaddr-assoc.xy.fbcdn.net d8d1fba3-b984-4b70-bac1-d4ca16d9cca4-netseer-ipaddr-assoc.xz.fbcdn.net d8d1fba3-b984-4b70-bac1-d4ca16d9cca4-netseer-ipaddr-assoc.xy.fbcdn.net 7981e7c3-193b-4ec1-85ad-0d0af3b9cd74-netseer-ipaddr-assoc.xy.fbcdn.net 7981e7c3-193b-4ec1-85ad-0d0af3b9cd74-netseer-ipaddr-assoc.xz.fbcdn.net 955b41ce-9134-4ced-9cb2-63fcd008ce6a-netseer-ipaddr-assoc.xy.fbcdn.net 955b41ce-9134-4ced-9cb2-63fcd008ce6a-netseer-ipaddr-assoc.xz.fbcdn.net f1d3c16f-a13b-4873-aba1-c390fbba328c-netseer-ipaddr-assoc.xy.fbcdn.net f1d3c16f-a13b-4873-aba1-c390fbba328c-netseer-ipaddr-assoc.xz.fbcdn.net

Why should these domain(s) be blocked?

I've noticed all of these domains being called, likely in attempt to get around DNS blocking like this, they're similar to netseer-ipaddr-assoc.xy.fbcdn.net & netseer-ipaddr-assoc.xz.fbcdn.net, which we're currently blocking on Multi Pro++ & Ultimate.

I'm tempted to suggest we just block xy.fbcdn.net & xz.fbcdn.net, but unclear whether this would cause any breakage or not. (I myself don't use any Facebook services at all, so this is just going off what I'm observing from my network/from others).

This should act as your daily reminder to stop using Facebook services :)

hagezi commented 4 days ago

These are generic domains that are always different, so it's not worth including them. Since I cannot use Asterisk rules in Adblock format, because the lists would otherwise be incompatible for some adblockers, the only option is a personal rule in the form ||*netseer-ipaddr-assoc.*.fbcdn.net^.

I also don't know if completely blocking xz and xy will have any other effects. In the family log I only see the netseer domains, so worth a try.

On my merged top 1/10M lists:

netseer-ipaddr-assoc.xz.fbcdn.net
netseer.xz.fbcdn.net
traffic-nts-ip-assoc.xz.fbcdn.net
xz.fbcdn.net
a.ns.xy.fbcdn.net
netseer-ipaddr-assoc.xy.fbcdn.net
netseer.xy.fbcdn.net
ns.xy.fbcdn.net
sonar6.xy.fbcdn.net
traffic-nts-ip-assoc.xy.fbcdn.net
xy.fbcdn.net
Retold3202 commented 4 days ago

These are generic domains that are always different, so it's not worth including them.

Yeah, I almost thought about this as well, but didn't have enough data to confirm. I think you're right, it seems to always be random.

In the family log I only see the netseer domains, so worth a try.

Same here, those are the only domains I see called attached to the xy & xz domains. I went ahead and blocked them on my network so we'll see if there's any complaints or issues...

hagezi commented 4 days ago

Blocked in aggressive Lists since last release.

github-actions[bot] commented 4 days ago

The issue has been resolved.