Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

HOSTS file domains are not blocked #5124

Closed
3 tasks done
BlohoJo opened this issue Nov 10, 2022 · 4 comments
Closed
3 tasks done

HOSTS file domains are not blocked #5124

BlohoJo opened this issue Nov 10, 2022 · 4 comments
Labels
question

Comments

@BlohoJo
Copy link

BlohoJo commented Nov 10, 2022

Prerequisites

  • I have checked the Wiki and Discussions and found no answer

  • I have searched other issues and found no duplicates

  • I want to report a bug and not ask a question

Operating system type

Windows

CPU architecture

AMD64

Installation

GitHub releases or script from README

Setup

On one machine

AdGuard Home version

107.18

Description

What did you do?

Blocked Apple tracking / ad domains in HOSTS file via Spybot Anti-Beacon

Expected result

Domain should be blocked, rewritten to 0.0.0.0

Actual result

In latest version of AdGuard 107.18, it blocks (rewrites) the domain once, then resolves the domain and lets data through immediately afterwards, according to the logs.

Screenshots (if applicable)

adguard01

adguard02

Additional information

OS is Windows Server 2008 R2 (up to date with final patches)

HOSTS data from Spybot Anti-Beacon:

# This list is Copyright 2000-2017 Safer-Networking Ltd.
0.0.0.0	app-sj01.marketo.com‍
0.0.0.0	appleglobal.102.112.2o7.net
0.0.0.0	appleglobal.112.2o7.net
0.0.0.0	pancake.g.aaplimg.com
0.0.0.0	zeusmedia.g.aaplimg.com
0.0.0.0	smoot-feedback.v.aaplimg.com
0.0.0.0	supportmetrics.apple-support.akadns.net
0.0.0.0	pipe.cloudapp.aria.akadns.net
0.0.0.0	dw-cbsi.cnet-basic-performance.akadns.net
0.0.0.0	cstat-lb.apple.com.akadns.net
0.0.0.0	gsas.apple.com.akadns.net
0.0.0.0	identity.apple.com.akadns.net
0.0.0.0	idiagnostics.apple.com.akadns.net
0.0.0.0	iphonesubmissions.apple.com.akadns.net
0.0.0.0	lcdn-locator-usuqo.apple.com.akadns.net
0.0.0.0	ocsp-lb.apple.com.akadns.net
0.0.0.0	outsideapple.apple.com.akadns.net
0.0.0.0	radarsubmissions.apple.com.akadns.net
0.0.0.0	tbsc.apple.com.akadns.net
0.0.0.0	wu.apple.com.akadns.net
0.0.0.0	wu-mdn.apple.com.akadns.net
0.0.0.0	wu-nwk.apple.com.akadns.net
0.0.0.0	pancake.cdn-apple.com.akadns.net
0.0.0.0	fr51p02sa.guzzoni-apple.com.akadns.net
0.0.0.0	mu21p02sa.guzzoni-apple.com.akadns.net
0.0.0.0	sp11p03sa.guzzoni-apple.com.akadns.net
0.0.0.0	isg-apple.com.akadns.net
0.0.0.0	mt-ingestion-service-mr22.itunes-apple.com.akadns.net
0.0.0.0	mt-ingestion-service-pv.itunes-apple.com.akadns.net
0.0.0.0	mt-ingestion-service-st11.itunes-apple.com.akadns.net
0.0.0.0	xp.itunes-apple.com.akadns.net
0.0.0.0	daf.xp.itunes-apple.com.akadns.net
0.0.0.0	prod-w.nexus.live.com.akadns.net
0.0.0.0	prod.omextemplates.live.com.akadns.net
0.0.0.0	gs-loc.ls-apple.com.akadns.net
0.0.0.0	gs-loc-new.ls-apple.com.akadns.net
0.0.0.0	gsp-ssl.ls-apple.com.akadns.net
0.0.0.0	gsp-ssl-dynamic.ls-apple.com.akadns.net
0.0.0.0	gsp-ssl-geomap.ls-apple.com.akadns.net
0.0.0.0	gsp10-ssl.ls-apple.com.akadns.net
0.0.0.0	gsp36-ssl.ls-apple.com.akadns.net
0.0.0.0	gsp47-ssl.ls-apple.com.akadns.net
0.0.0.0	gsp51-ssl.ls-apple.com.akadns.net
0.0.0.0	gsp57-ssl-background.ls-apple.com.akadns.net
0.0.0.0	gsp57-ssl-locus.ls-apple.com.akadns.net
0.0.0.0	gsp57-ssl-revgeo.ls-apple.com.akadns.net
0.0.0.0	gsp64-ssl.ls-apple.com.akadns.net
0.0.0.0	gsp9-ssl.ls-apple.com.akadns.net
0.0.0.0	iphone-services.ls-apple.com.akadns.net
0.0.0.0	gsp-ssl.ls2-apple.com.akadns.net
0.0.0.0	gsp-ssl-dynamic.ls4-apple.com.akadns.net
0.0.0.0	bn2-client-s.msnmessenger.msn.com.akadns.net
0.0.0.0	cl2-cdn.origin-apple.com.akadns.net
0.0.0.0	cl3-cdn.origin-apple.com.akadns.net
0.0.0.0	cl4-cdn.origin-apple.com.akadns.net
0.0.0.0	cl5-cdn.origin-apple.com.akadns.net
0.0.0.0	origin.seed-siri-apple.com.akadns.net
0.0.0.0	api.smoot-apple.com.akadns.net
0.0.0.0	dlc.nike.com.edgekey.net.globalredir.akadns.net
0.0.0.0	prd.col.aria.browser.skypedata.akadns.net
0.0.0.0	prd.col.aria.mobile.skypedata.akadns.net
0.0.0.0	pipe.prd.skypedata.akadns.net
0.0.0.0	msg-media.valueclick.akadns.net
0.0.0.0	eu-irl-00001.s3.dualstack.eu-west-1.amazonaws.com
0.0.0.0	aidc.apple.com
0.0.0.0	apsu.apple.com
0.0.0.0	basejumper.apple.com
0.0.0.0	books-analytics-events.apple.com
0.0.0.0	cds.apple.com
0.0.0.0	cdsassets.apple.com
0.0.0.0	cl1.apple.com
0.0.0.0	cl2.apple.com
0.0.0.0	cl3.apple.com
0.0.0.0	cl4.apple.com
0.0.0.0	cl5.apple.com
0.0.0.0	csig.apple.com
0.0.0.0	cstat.apple.com
0.0.0.0	static.deviceservices.apple.com
0.0.0.0	devimages-cdn.apple.com
0.0.0.0	api.edu.apple.com
0.0.0.0	gs-loc.apple.com
0.0.0.0	gsas.apple.com
0.0.0.0	gsp1.apple.com
0.0.0.0	gsp10-ssl.apple.com
0.0.0.0	gsp9-ssl.apple.com
0.0.0.0	iad.apple.com
0.0.0.0	iadcontent.apple.com
0.0.0.0	iadsdk.apple.com
0.0.0.0	ca.iadsdk.apple.com
0.0.0.0	cf.iadsdk.apple.com
0.0.0.0	cs.iadsdk.apple.com
0.0.0.0	news.iadsdk.apple.com
0.0.0.0	su.iadsdk.apple.com
0.0.0.0	tr.iadsdk.apple.com
0.0.0.0	ut.iadsdk.apple.com
0.0.0.0	www.iadsdk.apple.com
0.0.0.0	identity.apple.com
0.0.0.0	idiagnostics.apple.com
0.0.0.0	internalcheck.apple.com
0.0.0.0	iphone-ld.apple.com
0.0.0.0	iphone-services.apple.com
0.0.0.0	iphonesubmissions.apple.com
0.0.0.0	iphonesubmissions-old.apple.com
0.0.0.0	static.ips.apple.com
0.0.0.0	api.itunes.apple.com
0.0.0.0	carrierbundle.itunes.apple.com
0.0.0.0	cma.itunes.apple.com
0.0.0.0	desktop-music.itunes.apple.com
0.0.0.0	desktop-music-legacy.itunes.apple.com
0.0.0.0	desktop-store.itunes.apple.com
0.0.0.0	edge-search.itunes.apple.com
0.0.0.0	embed.itunes.apple.com
0.0.0.0	files.itunes.apple.com
0.0.0.0	itunesu.itunes.apple.com
0.0.0.0	mt-ingestion-service-pv.itunes.apple.com
0.0.0.0	radio-quickplay.itunes.apple.com
0.0.0.0	se-edge.itunes.apple.com
0.0.0.0	se2.itunes.apple.com
0.0.0.0	siri-search.itunes.apple.com
0.0.0.0	sitemaps.itunes.apple.com
0.0.0.0	tf-feedback.itunes.apple.com
0.0.0.0	uts-api-siri.itunes.apple.com
0.0.0.0	uts-preview.itunes.apple.com
0.0.0.0	vocabulary.itunes.apple.com
0.0.0.0	vpp-app.itunes.apple.com
0.0.0.0	web-experience.itunes.apple.com
0.0.0.0	itunesconnect.apple.com
0.0.0.0	lcdn-locator.apple.com
0.0.0.0	configuration.ls.apple.com
0.0.0.0	gsp-ssl.ls.apple.com
0.0.0.0	gsp10-ssl.ls.apple.com
0.0.0.0	gsp36-ssl.ls.apple.com
0.0.0.0	gsp47-ssl.ls.apple.com
0.0.0.0	gsp51-ssl.ls.apple.com
0.0.0.0	gsp57-ssl-background.ls.apple.com
0.0.0.0	gsp57-ssl-locus.ls.apple.com
0.0.0.0	gsp57-ssl-revgeo.ls.apple.com
0.0.0.0	gsp64-ssl.ls.apple.com
0.0.0.0	gsp85-ssl.ls.apple.com
0.0.0.0	metrics.apple.com
0.0.0.0	sb.music.apple.com
0.0.0.0	news-events.apple.com
0.0.0.0	notes-analytics-events.apple.com
0.0.0.0	ocsp.apple.com
0.0.0.0	outsideapple.apple.com
0.0.0.0	pancake.apple.com
0.0.0.0	pcr.apple.com
0.0.0.0	ftreporter.push.apple.com
0.0.0.0	radarsubmissions.apple.com
0.0.0.0	securemetrics.apple.com
0.0.0.0	seed.siri.apple.com
0.0.0.0	api.smoot.apple.com
0.0.0.0	api-aka.smoot.apple.com
0.0.0.0	daypass.api-aka.smoot.apple.com
0.0.0.0	api-glb.smoot.apple.com
0.0.0.0	api-glb-ams.smoot.apple.com
0.0.0.0	api-glb-ash.smoot.apple.com
0.0.0.0	api-glb-atl.smoot.apple.com
0.0.0.0	daypass.api-glb-atl.smoot.apple.com
0.0.0.0	api-glb-bln.smoot.apple.com
0.0.0.0	api-glb-dal.smoot.apple.com
0.0.0.0	api-glb-den.smoot.apple.com
0.0.0.0	api-glb-drf.smoot.apple.com
0.0.0.0	api-glb-fra.smoot.apple.com
0.0.0.0	api-glb-lon.smoot.apple.com
0.0.0.0	daypass.api-glb-lon.smoot.apple.com
0.0.0.0	api-glb-man.smoot.apple.com
0.0.0.0	api-glb-nyc.smoot.apple.com
0.0.0.0	api-glb-sea.smoot.apple.com
0.0.0.0	daypass.api-glb-sea.smoot.apple.com
0.0.0.0	daypass.api-glb-sto.smoot.apple.com
0.0.0.0	cdn.smoot.apple.com
0.0.0.0	fbs.smoot.apple.com
0.0.0.0	ssl.apple.com
0.0.0.0	stocks-analytics-events.apple.com
0.0.0.0	stocks-sparkline.apple.com
0.0.0.0	supportmetrics.apple.com
0.0.0.0	tbsc.apple.com
0.0.0.0	sb.tv.apple.com
0.0.0.0	valid.apple.com
0.0.0.0	videos.apple.com
0.0.0.0	api.videos.apple.com
0.0.0.0	weather-analytics-events.apple.com
0.0.0.0	wu-calculator.apple.com
0.0.0.0	xp.apple.com
0.0.0.0	daf.xp.apple.com
0.0.0.0	zeusmedia.apple.com
0.0.0.0	defra.ce.apple-dns.net
0.0.0.0	edge-001.defra.ce.apple-dns.net
0.0.0.0	edge-009.defra.ce.apple-dns.net
0.0.0.0	edge-012.defra.ce.apple-dns.net
0.0.0.0	edge-013.defra.ce.apple-dns.net
0.0.0.0	edge-017.defra.ce.apple-dns.net
0.0.0.0	edge-024.defra.ce.apple-dns.net
0.0.0.0	gblon.ce.apple-dns.net
0.0.0.0	edge-010.gblon.ce.apple-dns.net
0.0.0.0	edge-012.gblon.ce.apple-dns.net
0.0.0.0	edge-031.gblon.ce.apple-dns.net
0.0.0.0	edge-032.gblon.ce.apple-dns.net
0.0.0.0	edge-040.gblon.ce.apple-dns.net
0.0.0.0	edge-044.gblon.ce.apple-dns.net
0.0.0.0	edge-045.gblon.ce.apple-dns.net
0.0.0.0	gbman.ce.apple-dns.net
0.0.0.0	edge-014.gbman.ce.apple-dns.net
0.0.0.0	edge-024.gbman.ce.apple-dns.net
0.0.0.0	searn.ce.apple-dns.net
0.0.0.0	usbos.ce.apple-dns.net
0.0.0.0	usnyc.ce.apple-dns.net
0.0.0.0	edge-003.usnyc.ce.apple-dns.net
0.0.0.0	edge-035.usnyc.ce.apple-dns.net
0.0.0.0	feedbackws.fe.apple-dns.net
0.0.0.0	metrics.fe.apple-dns.net
0.0.0.0	me.apple-dns.net
0.0.0.0	books-analytics-events.news.apple-dns.net
0.0.0.0	news-events.news.apple-dns.net
0.0.0.0	notes-analytics-events.news.apple-dns.net
0.0.0.0	stocks-analytics-events.news.apple-dns.net
0.0.0.0	weather-analytics-events.news.apple-dns.net
0.0.0.0	health-assets.cdn-apple.com
0.0.0.0	iadsdk.apple.com.edgekey.net
0.0.0.0	pancake.apple.com.edgekey.net
0.0.0.0	health-assets.cdn-apple.com.edgekey.net
0.0.0.0	cstat.apple.com.edgesuite.net
0.0.0.0	gcs-eu-00002.content-storage-download.googleapis.com
0.0.0.0	feedbackws.icloud.com
0.0.0.0	metrics.icloud.com
0.0.0.0	messaging.metrics.icloud.com
0.0.0.0	apps.itunes-nocookie.com
0.0.0.0	accertify.mzstatic.com
0.0.0.0	dzc-metrics.mzstatic.com
0.0.0.0	itc.mzstatic.com
0.0.0.0	metrics.mzstatic.com
0.0.0.0	store.mzstatic.com
0.0.0.0	t.appsflyer.com
0.0.0.0	analytics.ff.avast.com
0.0.0.0	analytics.ns1.ff.avast.com
0.0.0.0	v7event.stats.avcdn.net
0.0.0.0	v7.stats.avcdn.net
0.0.0.0	ads.avocet.io
0.0.0.0	telemetry.battle.net
0.0.0.0	analytics.rollout.io
0.0.0.0	metrics.ol.epicgames.com
0.0.0.0	a.fiksu.com
0.0.0.0	sdk.fiksu.com
0.0.0.0	settings.crashlytics.com
0.0.0.0	e.crashlytics.com
0.0.0.0	firebase-settings.crashlytics.com
0.0.0.0	insights-collector.gog.com
0.0.0.0	ssl.google-analytics.com
0.0.0.0	ssl-google-analytics.l.google.com
0.0.0.0	static.hotjar.com
0.0.0.0	flow.lavasoft.com
0.0.0.0	telemetry.servers.getgo.com
0.0.0.0	telemetry.malwarebytes.com
0.0.0.0	ws.mcafee.com
0.0.0.0	analytics.ccs.mcafee.com
0.0.0.0	analyticsdcs.ccs.mcafee.com
0.0.0.0	gate.hockeyapp.net
0.0.0.0	dc.services.visualstudio.com
0.0.0.0	api.mixpanel.com
0.0.0.0	decide.mixpanel.com
0.0.0.0	ads.mopub.com
0.0.0.0	incoming.telemetry.mozilla.org
0.0.0.0	h.online-metrix.net
0.0.0.0	analytics.paddle.com
0.0.0.0	treasuredata.com
0.0.0.0	in.treasuredata.com
0.0.0.0	redshell.io
0.0.0.0	api.redshell.io
0.0.0.0	carcharodon.trendmicro.com
0.0.0.0	cdn.segment.com
0.0.0.0	api.segment.io
0.0.0.0	mobile-service.segment.com
0.0.0.0	a.ads1.msn.com
0.0.0.0	a.ads2.msads.net
0.0.0.0	a.ads2.msn.com
0.0.0.0	a.rad.msn.com
0.0.0.0	a-0001.a-msedge.net
0.0.0.0	a-0002.a-msedge.net
0.0.0.0	a-0003.a-msedge.net
0.0.0.0	a-0004.a-msedge.net
0.0.0.0	a-0005.a-msedge.net
0.0.0.0	a-0006.a-msedge.net
0.0.0.0	a-0007.a-msedge.net
0.0.0.0	a-0008.a-msedge.net
0.0.0.0	a-0009.a-msedge.net
0.0.0.0	ac3.msn.com
0.0.0.0	ad.doubleclick.net
0.0.0.0	adnexus.net
0.0.0.0	adnxs.com
0.0.0.0	ads.msn.com
0.0.0.0	ads1.msads.net
0.0.0.0	ads1.msn.com
0.0.0.0	aidps.atdmt.com
0.0.0.0	aka-cdn-ns.adtech.de
0.0.0.0	a-msedge.net
0.0.0.0	apps.skype.com
0.0.0.0	az361816.vo.msecnd.net
0.0.0.0	az512334.vo.msecnd.net
0.0.0.0	b.ads1.msn.com
0.0.0.0	b.ads2.msads.net
0.0.0.0	b.rad.msn.com
0.0.0.0	bs.serving-sys.com
0.0.0.0	c.atdmt.com
0.0.0.0	c.msn.com
0.0.0.0	cdn.atdmt.com
0.0.0.0	cds26.ams9.msecn.net
0.0.0.0	compatexchange.cloudapp.net
0.0.0.0	corpext.msitadfs.glbdns2.microsoft.com
0.0.0.0	cs1.wpc.v0cdn.net
0.0.0.0	db3aqu.atdmt.com
0.0.0.0	ec.atdmt.com
0.0.0.0	fe2.update.microsoft.com.akadns.net
0.0.0.0	feedback.microsoft-hohm.com
0.0.0.0	flex.msn.com
0.0.0.0	g.msn.com
0.0.0.0	h1.msn.com
0.0.0.0	lb1.www.ms.akadns.net
0.0.0.0	live.rads.msn.com
0.0.0.0	m.adnxs.com
0.0.0.0	m.hotmail.com
0.0.0.0	msedge.net
0.0.0.0	msftncsi.com
0.0.0.0	msnbot-65-55-108-23.search.msn.com
0.0.0.0	msntest.serving-sys.com
0.0.0.0	pre.footprintpredict.com
0.0.0.0	preview.msn.com
0.0.0.0	pricelist.skype.com
0.0.0.0	rad.live.com
0.0.0.0	rad.msn.com
0.0.0.0	s.gateway.messenger.live.com
0.0.0.0	s0.2mdn.net
0.0.0.0	schemas.microsoft.akadns.net
0.0.0.0	secure.adnxs.com
0.0.0.0	secure.flashtalking.com
0.0.0.0	sls.update.microsoft.com.akadns.net
0.0.0.0	static.2mdn.net
0.0.0.0	statsfe1.ws.microsoft.com
0.0.0.0	statsfe2.update.microsoft.com.akadns.net
0.0.0.0	statsfe2.ws.microsoft.com
0.0.0.0	survey.watson.microsoft.com
0.0.0.0	view.atdmt.com
0.0.0.0	www.msftncsi.com
0.0.0.0	choice.microsoft.com
0.0.0.0	choice.microsoft.com.nstac.net
0.0.0.0	df.telemetry.microsoft.com
0.0.0.0	oca.telemetry.microsoft.com
0.0.0.0	oca.telemetry.microsoft.com.nsatc.net
0.0.0.0	redir.metaservices.microsoft.com
0.0.0.0	reports.wes.df.telemetry.microsoft.com
0.0.0.0	services.wes.df.telemetry.microsoft.com
0.0.0.0	settings-sandbox.data.microsoft.com
0.0.0.0	settings-win.data.microsoft.com
0.0.0.0	sqm.df.telemetry.microsoft.com
0.0.0.0	sqm.telemetry.microsoft.com
0.0.0.0	sqm.telemetry.microsoft.com.nsatc.net
0.0.0.0	telecommand.telemetry.microsoft.com
0.0.0.0	telecommand.telemetry.microsoft.com.nsatc.net
0.0.0.0	telemetry.appex.bing.net
0.0.0.0	telemetry.microsoft.com
0.0.0.0	telemetry.urs.microsoft.com
0.0.0.0	vortex-sandbox.data.microsoft.com
0.0.0.0	vortex-win.data.microsoft.com
0.0.0.0	vortex.data.microsoft.com
0.0.0.0	watson.telemetry.microsoft.com
0.0.0.0	watson.telemetry.microsoft.com.nsatc.net
0.0.0.0	watson.ppe.telemetry.microsoft.com
0.0.0.0	wes.df.telemetry.microsoft.com
0.0.0.0	vortex-bn2.metron.live.com.nsatc.net
0.0.0.0	vortex-cy2.metron.live.com.nsatc.net
0.0.0.0	watson.live.com
0.0.0.0	watson.microsoft.com
0.0.0.0	feedback.search.microsoft.com
0.0.0.0	feedback.windows.com
0.0.0.0	corp.sts.microsoft.com
0.0.0.0	diagnostics.support.microsoft.com
0.0.0.0	i1.services.social.microsoft.com
0.0.0.0	i1.services.social.microsoft.com.nsatc.net
0.0.0.0	vortex-bn2.metron.live.com.nsatc.net
0.0.0.0	vortex-cy2.metron.live.com.nsatc.net
0.0.0.0	ca.telemetry.microsoft.com
0.0.0.0	cache.datamart.windows.com
0.0.0.0	diagnostics.support.microsoft.com
0.0.0.0	spynet2.microsoft.com
0.0.0.0	spynetalt.microsoft.com
# End of entries inserted by Spybot Anti-Beacon for Windows 10
@fernvenue
Copy link
Contributor

Not sure why, maybe you can enable verbose log to see what's happen.

@RainmakerRaw
Copy link

If you look at the request types, it's processing HTTPS queries, not IP records. These will not resolve to an IP for the purposes of connecting to the server in question. In that sense, there's nothing to rewrite/block. Only A and AAAA record lookups need rewriting to 0.0.0.0 here, which prevents your client(s) from connecting to the domain in question. The HTTPS lookup is simply asking for information about the domain. See here.

@ainar-g
Copy link
Contributor

ainar-g commented Dec 8, 2022

RainmakerRaw is correct. We currently only rewrite A and AAAA records for system /etc/hosts files. You can add this file as a separate filtering rule list instead, which will block all types of queries.

@ainar-g ainar-g closed this as completed Dec 8, 2022
@BlohoJo
Copy link
Author

BlohoJo commented Dec 9, 2022

That makes sense, thanks very much for the helpful info! :)

@fernvenue fernvenue mentioned this issue Jul 29, 2023
Closed
4 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
question
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@ainar-g @RainmakerRaw @BlohoJo @fernvenue