Skip to content

Instantly share code, notes, and snippets.

@dieechtenilente
Last active July 29, 2024 14:18
Show Gist options
  • Save dieechtenilente/ad3fc9bacc205876b2e29dcb9043c8bc to your computer and use it in GitHub Desktop.
Save dieechtenilente/ad3fc9bacc205876b2e29dcb9043c8bc to your computer and use it in GitHub Desktop.
Blocks many bad domains (pihole, host list, ...)
#
#
#
#
#
# Please use this blocklist: https://github.com/dieechtenilente/hostlist
#
#
#
#
#
# PiHole Gravity Blocklist/Host list for blocking various unpleasant domains
#
# Sources
# https://discourse.pi-hole.net/t/commonly-blacklisted-domains/305
# https://extreme.pcgameshardware.de/grafikkarten/458638-anleitung-nvidia-telemetrie-deaktivieren.html
# https://helpx.adobe.com/enterprise/kb/network-endpoints.html
# https://www.privacy-handbuch.de/handbuch_90a2.htm
# https://www.reddit.com/r/pihole/comments/9w2gcr/apple_telemetry/
# https://github.com/anudeepND/whitelist/issues/115
# https://www.reddit.com/r/pihole/comments/8bz1l1/i_blocked_a_few_amazon_domains_and_my_fire_tv/?utm_source=amp&utm_medium=&utm_content=post_body
# https://www.heise.de/news/Sony-bestaetigt-PS5-Betrug-durch-Fake-Shop-playstation-sony-eu-6009907.html
# https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Cyber-Sicherheit/SiSyPHus/Telemetrie-Endpunkte_Windows10_Build_Build_21H2.html
# https://www.golem.de/news/via-typosquatting-angreifer-verbreiten-zenrat-malware-als-bitwarden-setup-2309-178062.html
# Windows 10 Telemetry
0.0.0.0 geo.settings-win.data.microsoft.com.akadns.net
:: geo.settings-win.data.microsoft.com.akadns.net
0.0.0.0 db5-eap.settings-win.data.microsoft.com.akadns.net
:: db5-eap.settings-win.data.microsoft.com.akadns.net
0.0.0.0 settings-win.data.microsoft.com
:: settings-win.data.microsoft.com
0.0.0.0 db5.settings-win.data.microsoft.com.akadns.net
:: db5.settings-win.data.microsoft.com.akadns.net
0.0.0.0 asimov-win.settings.data.microsoft.com.akadns.net
:: asimov-win.settings.data.microsoft.com.akadns.net
0.0.0.0 db5.vortex.data.microsoft.com.akadns.net
:: db5.vortex.data.microsoft.com.akadns.net
0.0.0.0 v10-win.vortex.data.microsoft.com.akadns.net
:: v10-win.vortex.data.microsoft.com.akadns.net
0.0.0.0 geo.vortex.data.microsoft.com.akadns.net
:: geo.vortex.data.microsoft.com.akadns.net
0.0.0.0 v10.vortex-win.data.microsoft.com
:: v10.vortex-win.data.microsoft.com
0.0.0.0 v10.events.data.microsoft.com
:: v10.events.data.microsoft.com
0.0.0.0 v20.events.data.microsoft.com
:: v20.events.data.microsoft.com
0.0.0.0 us.vortex-win.data.microsoft.com
:: us.vortex-win.data.microsoft.com
0.0.0.0 eu.vortex-win.data.microsoft.com
:: eu.vortex-win.data.microsoft.com
0.0.0.0 vortex-win-sandbox.data.microsoft.com
:: vortex-win-sandbox.data.microsoft.com
0.0.0.0 alpha.telemetry.microsoft.com
:: alpha.telemetry.microsoft.com
0.0.0.0 oca.telemetry.microsoft.com
:: oca.telemetry.microsoft.com
0.0.0.0 ceuswatcab01.blob.core.windows.net
:: ceuswatcab01.blob.core.windows.net
0.0.0.0 ceuswatcab02.blob.core.windows.net
:: ceuswatcab02.blob.core.windows.net
0.0.0.0 eaus2watcab01.blob.core.windows.net
:: eaus2watcab01.blob.core.windows.net
0.0.0.0 eaus2watcab02.blob.core.windows.net
:: eaus2watcab02.blob.core.windows.net
0.0.0.0 weus2watcab01.blob.core.windows.net
:: weus2watcab01.blob.core.windows.net
0.0.0.0 weus2watcab02.blob.core.windows.net
:: weus2watcab02.blob.core.windows.net
0.0.0.0 au-v10.events.data.microsoft.com
:: au-v10.events.data.microsoft.com
0.0.0.0 au-v20.events.data.microsoft.com
:: au-v20.events.data.microsoft.com
0.0.0.0 au.vortex-win.data.microsoft.com
:: au.vortex-win.data.microsoft.com
0.0.0.0 de-v20.events.data.microsoft.com
:: de-v20.events.data.microsoft.com
0.0.0.0 de.vortex-win.data.microsoft.com
:: de.vortex-win.data.microsoft.com
0.0.0.0 eu-v10.events.data.microsoft.com
:: eu-v10.events.data.microsoft.com
0.0.0.0 eu-v20.events.data.microsoft.com
:: eu-v20.events.data.microsoft.com
0.0.0.0 events-sandbox.data.microsoft.com
:: events-sandbox.data.microsoft.com
0.0.0.0 jp-v10.events.data.microsoft.com
:: jp-v10.events.data.microsoft.com
0.0.0.0 jp-v20.events.data.microsoft.com
:: jp-v20.events.data.microsoft.com
0.0.0.0 telecommand.telemetry.microsoft.com
:: telecommand.telemetry.microsoft.com
0.0.0.0 uk-v20.events.data.microsoft.com
:: uk-v20.events.data.microsoft.com
0.0.0.0 uk.vortex-win.data.microsoft.com
:: uk.vortex-win.data.microsoft.com
0.0.0.0 us-v10.events.data.microsoft.com
:: us-v10.events.data.microsoft.com
0.0.0.0 us-v20.events.data.microsoft.com
:: us-v20.events.data.microsoft.com
0.0.0.0 us4-v20.events.data.microsoft.com
:: us4-v20.events.data.microsoft.com
0.0.0.0 us5-v20.events.data.microsoft.com
:: us5-v20.events.data.microsoft.com
0.0.0.0 v20.vortex-win.data.microsoft.com
:: v20.vortex-win.data.microsoft.com
0.0.0.0 vortex-win.data.microsoft.com
:: vortex-win.data.microsoft.com
# Waze
0.0.0.0 adsassets.waze.com
:: adsassets.waze.com
# Twitch
0.0.0.0 api.mixpanel.com
0.0.0.0 spade.twitch.com
0.0.0.0 pubads.g.doubleclick.net
0.0.0.0 sb.scorecardresearch.com
:: api.mixpanel.com
:: spade.twitch.com
:: pubads.g.doubleclick.net
:: sb.scorecardresearch.com
# Pandora
0.0.0.0 ad.pandora.tv
0.0.0.0 ads.pandora.tv.net
0.0.0.0 stats.pandora.com
0.0.0.0 adserver.pandora.com
:: ad.pandora.tv
:: ads.pandora.tv.net
:: stats.pandora.com
:: adserver.pandora.com
# Various
0.0.0.0 wsp.mgid.com
:: wsp.mgid.com
# TED app
0.0.0.0 s0.2mdn.net
:: s0.2mdn.net
# Alexa Voice Assistant
0.0.0.0 vsp-alexa-eu.amazon.com
:: vsp-alexa-eu.amazon.com
# Ads and tracking on Xiaomi devices
0.0.0.0 api.ad.xiaomi.com
0.0.0.0 api.admob.xiaomi.com
0.0.0.0 api.d.xiaomi.com
0.0.0.0 a.stat.xiaomi.com
0.0.0.0 tracking.miui.com
0.0.0.0 cdn.ad.xiaomi.com
0.0.0.0 data.mistat.xiaomi.com
0.0.0.0 e.ad.xiaomi.com
0.0.0.0 globalapi.ad.xiaomi.com
0.0.0.0 new.api.ad.xiaomi.com
0.0.0.0 sdkconfig.ad.xiaomi.com
0.0.0.0 ssp.ad.xiaomi.com
0.0.0.0 test.ad.xiaomi.com
0.0.0.0 test.e.ad.xiaomi.com
0.0.0.0 test.new.api.ad.xiaomi.com
0.0.0.0 cc.sys.intl.xiaomi.com
0.0.0.0 cc.sys.miui.com
0.0.0.0 ccc.sys.miui.com
0.0.0.0 ccc.sys.intl.xiaomi.com
0.0.0.0 data.mistat.intl.xiaomi.com
0.0.0.0 adv.sec.miui.com
0.0.0.0 geofence.sys.miui.com
0.0.0.0 abtest.mistat.xiaomi.com
0.0.0.0 logupdate.avlyun.sec.miui.com
0.0.0.0 mazu.sec.miui.com
0.0.0.0 feedback.miui.com
0.0.0.0 data.sec.miui.com
0.0.0.0 data.mistat.intl.xiaomi.com
:: api.ad.xiaomi.com
:: api.admob.xiaomi.com
:: api.d.xiaomi.com
:: a.stat.xiaomi.com
:: tracking.miui.com
:: cdn.ad.xiaomi.com
:: data.mistat.xiaomi.com
:: e.ad.xiaomi.com
:: globalapi.ad.xiaomi.com
:: new.api.ad.xiaomi.com
:: sdkconfig.ad.xiaomi.com
:: ssp.ad.xiaomi.com
:: test.ad.xiaomi.com
:: test.e.ad.xiaomi.com
:: test.new.api.ad.xiaomi.com
:: cc.sys.intl.xiaomi.com
:: cc.sys.miui.com
:: ccc.sys.miui.com
:: ccc.sys.intl.xiaomi.com
:: data.mistat.intl.xiaomi.com
:: adv.sec.miui.com
:: geofence.sys.miui.com
:: abtest.mistat.xiaomi.com
:: logupdate.avlyun.sec.miui.com
:: mazu.sec.miui.com
:: feedback.miui.com
:: data.sec.miui.com
:: data.mistat.intl.xiaomi.com
# Roku
0.0.0.0 tyler.logs.roku.com
0.0.0.0 giga.logs.roku.com
0.0.0.0 cooper.logs.roku.com
:: tyler.logs.roku.com
:: giga.logs.roku.com
:: cooper.logs.roku.com
# Sonos Metrics
0.0.0.0 msmetrics.ws.sonos.com
:: msmetrics.ws.sonos.com
# JavaScript based crypto currency mining
0.0.0.0 coin-hive.com
0.0.0.0 www.coin-hive.com
:: coin-hive.com
:: www.coin-hive.com
# Ads on sueddeutsche.de
0.0.0.0 cdn.m-pathy.com
0.0.0.0 click-de.plista.com
0.0.0.0 farm-de.plista.com
0.0.0.0 static-de.plista.com
0.0.0.0 www.plista.com
0.0.0.0 plista.com
0.0.0.0 click.plista.com
:: cdn.m-pathy.com
:: click-de.plista.com
:: farm-de.plista.com
:: static-de.plista.com
:: www.plista.com
:: plista.com
:: click.plista.com
# nVidia Telemetry
0.0.0.0 telemetry.nvidia.com
0.0.0.0 telemetry.gfe.nvidia.com
0.0.0.0 events.gfe.nvidia.com
:: telemetry.nvidia.com
:: telemetry.gfe.nvidia.com
:: events.gfe.nvidia.com
# nVidia GeForce Experience Driver Updates
0.0.0.0 gfwsl.geforce.com
:: gfwsl.geforce.com
# nVidia Telemetry - GeForce Experience Game Optimierung
0.0.0.0 gfe.nvidia.com
0.0.0.0 gfe.geforce.com
:: gfe.nvidia.com
:: gfe.geforce.com
# Adobe Analytics
0.0.0.0 omniture.com
:: omniture.com
# Adobe Licensing
0.0.0.0 licensing.adobe.com
:: licensing.adobe.com
# Microsoft Office
0.0.0.0 fp.measure.office.com
:: fp.measure.office.com
# Google
0.0.0.0 alt2-mtalk.google.com
:: alt2-mtalk.google.com
# Plex
0.0.0.0 lastfm-z.plexapp.com
:: lastfm-z.plexapp.com
# Apple Metrics
0.0.0.0 metrics.icloud.com
:: metrics.icloud.com
# Mindfactory Ads
0.0.0.0 ads.mindfactory.de
:: ads.mindfactory.de
# Snapchat Ads and Analytics
0.0.0.0 app-analytics-v2.snapchat.com
:: app-analytics-v2.snapchat.com
0.0.0.0 ads-interface.sc-cdn.net
:: ads-interface.sc-cdn.net
# Ad provider
0.0.0.0 ads2.web1tv.de
:: ads2.web1tv.de
# Amazon (Fire TV Stick) Analytics
0.0.0.0 ags-ext.amazon.com
:: ags-ext.amazon.com
0.0.0.0 cdws.eu-west-1.amazonaws.com
:: cdws.eu-west-1.amazonaws.com
0.0.0.0 cognito-identity.us-east-1.amazonaws.com
:: cognito-identity.us-east-1.amazonaws.com
0.0.0.0 cortana-gateway.amazon.com
:: cortana-gateway.amazon.com
0.0.0.0 cz15y20kg2.execute-api.us-east-1.amazonaws.com
:: cz15y20kg2.execute-api.us-east-1.amazonaws.com
0.0.0.0 device-messaging-na.amazon.com
:: device-messaging-na.amazon.com
0.0.0.0 device-metrics-us.amazon.com
:: device-metrics-us.amazon.com
0.0.0.0 digprjsurvey.amazon.eu
:: digprjsurvey.amazon.eu
0.0.0.0 dp-discovery-na-ext.amazon.com
:: dp-discovery-na-ext.amazon.com
0.0.0.0 dp-gw-na.amazon.com
:: dp-gw-na.amazon.com
0.0.0.0 dp-rsm-prod.amazon.com
:: dp-rsm-prod.amazon.com
0.0.0.0 messaging-director-us-east-1.amazon.com
:: messaging-director-us-east-1.amazon.com
0.0.0.0 msh.amazon.com
:: msh.amazon.com
0.0.0.0 prod.amazoncrl.com
:: prod.amazoncrl.com
0.0.0.0 tap-client-stats.s3-eu-west-1.amazonaws.com
:: tap-client-stats.s3-eu-west-1.amazonaws.com
0.0.0.0 todo-ta-g7g.amazon.com
:: todo-ta-g7g.amazon.com
0.0.0.0 eu.api.amazonvideo.com
:: eu.api.amazonvideo.com
0.0.0.0 dcape-na.amazon.com
:: dcape-na.amazon.com
0.0.0.0 arcus-uswest.amazon.com
:: arcus-uswest.amazon.com
# Opera Speed dial and stuff
0.0.0.0 speeddials.opera.com
:: speeddials.opera.com
0.0.0.0 weather.opera-api.com
:: weather.opera-api.com
0.0.0.0 sitecheck.opera.com
:: sitecheck.opera.com
# WD My Cloud
0.0.0.0 staging.mycloud.com
:: staging.mycloud.com
# Facebook Ads and Analytic Stuff
0.0.0.0 graph.facebook.com
:: graph.facebook.com
0.0.0.0 scontent-ber1-1.xx.fbcdn.net
:: scontent-ber1-1.xx.fbcdn.net
0.0.0.0 external-ber1-1.xx.fbcdn.net
:: external-ber1-1.xx.fbcdn.net
# Android Jodel App Analytics
0.0.0.0 analytics.jodelapis.com
:: analytics.jodelapis.com
# WhatsApp Analytics (no impact noticable)
0.0.0.0 g.whatsapp.net
:: g.whatsapp.net
# Scam and Typosquatting
0.0.0.0 audacity.de
:: audacity.de
0.0.0.0 playstation-sony.eu
:: playstation-sony.eu
0.0.0.0 playstation-sony.com
:: playstation-sony.com
0.0.0.0 playstation-sony.ru
:: playstation-sony.ru
0.0.0.0 playstation5-sony.ru
:: playstation5-sony.ru
0.0.0.0 promo-citilink.com
:: promo-citilink.com
0.0.0.0 ps5-game.ru
:: ps5-game.ru
0.0.0.0 ps5-sony.ru
:: ps5-sony.ru
0.0.0.0 psn-playstation.ru
:: psn-playstation.ru
0.0.0.0 sony-center.org
:: sony-center.org
0.0.0.0 store-playstation.eu
:: store-playstation.eu
0.0.0.0 store-playstation.ru
:: store-playstation.ru
0.0.0.0 crazygameis.com
::crazygameis.com
0.0.0.0bitwariden.com
:: bitwariden.com
# MS Teams Android App
0.0.0.0 teams.events.data.microsoft.com
:: teams.events.data.microsoft.com
# Onion Addresses resolved over classic DNS providers
0.0.0.0 (\.|^)onion$
:: (\.|^)onion$
0.0.0.0 .onion
:: .onion
# SMS Spam
0.0.0.0 me2.kr
:: me2.kr
0.0.0.0 dhl-bestatigung.com
:: dhl-bestatigung.com
0.0.0.0 wkv.com
:: wkv.com
# Amazon Alexa
0.0.0.0 traffic.alexa.com
:: traffic.alexa.com
# More ads
0.0.0.0 revenuecat.com
:: revenuecat.com
0.0.0.0 doubleclick.net
:: doubleclick.net
# Spotify unnecessary
0.0.0.0 heads-fa.spotify.com
:: heads-fa.spotify.com
0.0.0.0 spclient.wg.spotify.com
:: spclient.wg.spotify.com
# Link shortener
0.0.0.0 adf.ly
:: adf.ly
# German Bank Scam
0.0.0.0 spk-kontoeinzug-de.com
:: spk-kontoeinzug-de.com
0.0.0.0 sparka-kundeninstituten-de.com
:: sparka-kundeninstituten-de.com
0.0.0.0 sparka-kontoeinzuge-de.com
:: sparka-kontoeinzuge-de.com
0.0.0.0 arcoovinos.com.br
:: arcoovinos.com.br
0.0.0.0 spk-fingerprinting2022.com
:: spk-fingerprinting2022.com
0.0.0.0 spk-kunden-kredit2022.com
:: spk-kunden-kredit2022.com
0.0.0.0 spk-mitarbeiter-daten2022.com
:: spk-mitarbeiter-daten2022.com
0.0.0.0 spk-kundencenter2022.com
:: spk-kundencenter2022.com
0.0.0.0 spk-kunden-manager.com
:: spk-kunden-manager.com
0.0.0.0 spk-mitarbeiter-bereich2022.com
:: spk-mitarbeiter-bereich2022.com
0.0.0.0 spk-mitarbeiterportal.com
:: spk-mitarbeiterportal.com
0.0.0.0 deka-financialdepot.com
:: deka-financialdepot.com
0.0.0.0 deka-aktienfonds.com
:: deka-aktienfonds.com
0.0.0.0 deka-nachhaltig-anlegen.com
:: deka-nachhaltig-anlegen.com
0.0.0.0 deka-sofort-anlegen.com
:: deka-sofort-anlegen.com
0.0.0.0 deka-lowrisk-fonds.com
:: deka-lowrisk-fonds.com
0.0.0.0 spk-umstellung-update.com
:: spk-umstellung-update.com
0.0.0.0 sparka-kundentermin2022.com
:: sparka-kundentermin2022.com
0.0.0.0 kontribute.info
:: kontribute.info
0.0.0.0 farisleeinvestments.com
:: farisleeinvestments.com
0.0.0.0 bunburyaustralia.com
:: bunburyaustralia.com
0.0.0.0 sparka-sparen-leicht.com
:: sparka-sparen-leicht.com
0.0.0.0 blackboardconnectcorp.com
:: blackboardconnectcorp.com
0.0.0.0 struq.us
:: struq.us
0.0.0.0 recoveryassignment.org
:: recoveryassignment.org
0.0.0.0 staplesandstevens.com
:: staplesandstevens.com1
0.0.0.0 uni-t.com
:: uni-t.com
0.0.0.0 lexmd.com
:: lexmd.com
0.0.0.0 conservationva.com
:: conservationva.com
0.0.0.0 trainworks.com.au
:: trainworks.com.au
0.0.0.0 cashedgegadgets.net
:: cashedgegadgets.net
0.0.0.0 www.cashedgegadgets.net
:: www.cashedgegadgets.net
0.0.0.0 dfmbusiness.com
:: dfmbusiness.com
0.0.0.0 www.dfmbusiness.com
:: www.dfmbusiness.com
0.0.0.0 2ndgccpmf.org
:: 2ndgccpmf.org
0.0.0.0 www.2ndgccpmf.org
:: ww.2ndgccpmf.org
0.0.0.0 clickerlive.net
:: clickerlive.net
0.0.0.0 www.clickerlive.net
:: www.clickerlive.net
0.0.0.0 laminateapp.net
:: laminateapp.net
0.0.0.0 www.laminateapp.net
:: www.laminateapp.net
0.0.0.0 5tu.eu
:: 5tu.eu
0.0.0.0 sparka-bankauftrag.com
:: sparka-bankauftrag.com
0.0.0.0 sparka-kundenort.com
:: sparka-kundenort.com
0.0.0.0 wp20.ru
:: wp20.ru
0.0.0.0 keepass.de
:: keepass.de
# Probabaly never used Google Domains
0.0.0.0 google.sm
:: google.sm
0.0.0.0 google.com.pg
:: google.com.pg
# Link shortner
0.0.0.0 bom.so
:: bom.so
0.0.0.0 urltiny.ru
:: urltiny.ru
0.0.0.0 pke.to
:: pke.to
0.0.0.0 shoort.ink
:: shoort.ink
# Shady stuff hosted on Huawei Cloud
0.0.0.0 myhuaweicloud.com
:: myhuaweicloud.com
# Spam Mail
0.0.0.0 promotionproximity.com
:: promotionproximity.com
0.0.0.0 myjewishangel.com
:: myjewishangel.com
0.0.0.0 news-x-paper-website.biletblog.com
:: news-x-paper-website.biletblog.com
0.0.0.0 haokangmedical.cn
:: haokangmedical.cn
0.0.0.0 discoveredu.eu.org
:: discoveredu.eu.org
0.0.0.0 rasketreff69.sexydatesnow.online
:: rasketreff69.sexydatesnow.online
0.0.0.0 evekabley.today
:: evekabley.today
0.0.0.0 hudsonpyke.shop
:: hudsonpyke.shop
0.0.0.0 rauchendedose.site
:: rauchendedose.site
0.0.0.0 marwanebr.com
:: marwanebr.com
0.0.0.0 leodarley.today
:: leodarley.today
0.0.0.0 sports-and-casino.s3.us-east-2.amazonaws.com
:: sports-and-casino.s3.us-east-2.amazonaws.com
0.0.0.0 whyalways-me.xyz
:: whyalways-me.xyz
0.0.0.0 thefall.live
:: thefall.live
0.0.0.0 ymnpoavmvk.iť
:: ymnpoavmvk.iť
0.0.0.0 lailsolutionamarket.org
:: lailsolutionamarket.org
0.0.0.0 reellifehealthta.org
:: reellifehealthta.org
0.0.0.0 lzuhfkgq.page.link
:: lzuhfkgq.page.link
0.0.0.0 ynrw7gyvjp2g2k8e.click.mailersend.net
:: ynrw7gyvjp2g2k8e.click.mailersend.net
0.0.0.0 monzox.com
:: monzox.com
0.0.0.0 ysc.boldlygoingnowhere.org
:: ysc.boldlygoingnowhere.org
0.0.0.0 keptible.botating.us.com
:: keptible.botating.us.com
0.0.0.0 dreamobserver.com
:: dreamobserver.com
0.0.0.0 milabrtru.com
:: milabrtru.com
0.0.0.0 fv4503.ezepo.net
:: fv4503.ezepo.net
0.0.0.0 swagbucks.com
:: swagbucks.com
0.0.0.0 freebitco.in
:: freebitco.in
0.0.0.0 honeygain.me
:: honeygain.me
0.0.0.0 tcsucip.com.cn
:: tcsucip.com.cn
0.0.0.0 ladbh6fg.com
:: ladbh6fg.com
0.0.0.0 clicktime.symantec.com
:: clicktime.symantec.com
0.0.0.0 builddozer.co.uk
:: builddozer.co.uk
0.0.0.0 fier.stabrino.info
:: fier.stabrino.info
0.0.0.0 wewescascsdcdcsdvasdvcaserg.page.link
:: wewescascsdcdcsdvasdvcaserg.page.link
0.0.0.0 lemon7exor.nondeprecatorilyexor.best
:: lemon7exor.nondeprecatorilyexor.best
0.0.0.0 pake.endofinternet.org
:: pake.endofinternet.org
0.0.0.0 srv200560.hoster-test.ru
:: srv200560.hoster-test.ru
0.0.0.0 handalass.us
:: handalass.us
0.0.0.0 topsvibe.com
:: topsvibe.com
0.0.0.0 the-phoenixbox.com
:: the-phoenixbox.com
0.0.0.0 all.freelance-ma.com
:: all.freelance-ma.com
# Shady Site
0.0.0.0 bluemail.me
:: bluemail.me
# DHL Scam
0.0.0.0 batibig.com
:: batibig.com
0.0.0.0 sfndprpdev.in
:: sfndprpdev.in
0.0.0.0 cooperwieck.org.uk
:: cooperwieck.org.uk
# N26 Scam
0.0.0.0 ivanronald.com.br
:: ivanronald.com.br
# Local Domains
0.0.0.0 speedport.ip
:: speedport.ip
0.0.0.0 wpad.fritz.box
:: wpad.fritz.box
0.0.0.0 api.revenuecat.com
:: api.revenuecat.com
0.0.0.0 di-uldvnmm2.leasewebultracdn.com
:: di-uldvnmm2.leasewebultracdn.com
0.0.0.0 bit.do
:: bit.do
# Shady APKs
0.0.0.0 liteapks.com
:: liteapks.com
# Phishing
0.0.0.0 chemouis.com
:: chemouis.com
0.0.0.0 datforked.co
:: datforked.co
# Microsoft Teams Scams
0.0.0.0 msftprotection.onmicrosoft.com
:: msftprotection.onmicrosoft.com
0.0.0.0 identityVerification.onmicrosoft.com
:: identityVerification.onmicrosoft.com
0.0.0.0 accountsVerification.onmicrosoft.com
:: accountsVerification.onmicrosoft.com
0.0.0.0 azuresecuritycenter.onmicrosoft.com
:: azuresecuritycenter.onmicrosoft.com
0.0.0.0 teamsprotection.onmicrosoft.com
:: teamsprotection.onmicrosoft.com
Copy link

ghost commented Dec 8, 2021

Hi can I ask what you know about 'staging.mycloud.com'? I keep seeing this show up in my dns logs and am wondering if my NAS will have any sort of issues if I block this, e.g with firmware updates, access, etc.. Have you seen any issues having this blocked (assuming you have it blocked because you have a WD NAS. I also see 'config.mycloud.com' and am considering blocking that too.

@dieechtenilente
Copy link
Author

Hi @lproto,
I discovered this domain by checking my PiHole audit log. You still receive updates and update notifications for your WD NAS (in my case WD MyCloud EX2 Ultra). I think you should still be able to download apps. However, I don't use any apps or have any cloud synchronization active.

If you have further questions or annotations, feel free to comment :)

Copy link

ghost commented Dec 10, 2021

Thank you! Added to my blocklist.

@ferris1000
Copy link

http://lailsolutionamarket.org/ is also a scam website, i keep receiving spam/scam emails with scam products like muama ryoko, nuubu, translatore, Elon Musk Power Saver with this link.

@dieechtenilente
Copy link
Author

@ferris1000 Thank you, I've added lailsolutionamarket.org to the list!

@ferris1000
Copy link

ferris1000 commented Sep 19, 2023

dreamobserver.com is used for shipping scams, they claim to be shipping companies like "Express" and to click on the link to track the package.

I had multiple Spam emails in the past with a link to this website.

here are some additional once

http://reellifehealthta.org is related to the fake shop lailsolutionamarket.org

https://lzuhfkgq.page.link shipping scam

https://www.shoort.ink/RussiaWomenOnlineDE pedophile emails, meet teenager-girls spam.

https://ynrw7gyvjp2g2k8e.click.mailersend.net claims to be Hanseatic Bank (Phishing)

http://monzox.com Gift card scam (phishing)

https://ysc.boldlygoingnowhere.org/ Keto XP Gummies Spam (Phishing? Scam?)

http://keptible.botating.us.com/ Muama Ryoko Scam, Spam (same as lailsolutionamarket)

@dieechtenilente
Copy link
Author

Thank you @ferris1000 - I've added them, too :)

@ferris1000
Copy link

ferris1000 commented Sep 19, 2023

milabrtru.com is behind a bit.ly link who spamming with emails titled naked woman and has nasty words. it's already flagged on Scamadvisior to be a dangerous website.

Today I received some kind of crypto currency scam email, claims that you could make 500 USD per Day with Swagbucks.
fv4503.ezepo.net
swagbucks.com

And a new Scam Website just get spammed via emails.
freebitco.in

@dieechtenilente
Copy link
Author

Added them as well, thanks! @ferris1000

@ferris1000
Copy link

ferris1000 commented Sep 23, 2023

like Swagbucks i just received another spam to a fake crypto currency which the scammer boost via trustpilot to advertise it on their spam/scam email.

r.honeygain.me
honeygain.me


This scammer claims to sell Louis Vuitton with a 80% Discount, link was provided via Spam email.

tcsucip.com.cn


This link was included with an email to another fakeshop that claims to sell home security systems.

ladbh6fg.com


Male enhancer Spam, fake shop presumably

clicktime.symantec.com


builddozer.co.uk
fier.stabrino.info
t.co/2V7OFKu3XY
wewescascsdcdcsdvasdvcaserg.page.link


This is a spammer who sends about 100 spam emails every day and changes the domain with every email, i call him the "miles away" spammer because every email contains a sentence like 6.6 miles away, 26 y.o.

lemon7exor.nondeprecatorilyexor.best


This is another fakeshop

beuct.r.ag.d.sendibm3.com

this scammer claims to be a casino and claims to sell male enhancer, what a weird combination, 2 emails, same link, completely different things.

filalie.live


Claims that you won a Media Markt Gift Card.

srednuas.co.uk


Fake money making BS, same spammer/scammer as Swagbucks.

ysense.com

@dieechtenilente
Copy link
Author

Added them as well, thanks! @ferris1000

@ferris1000
Copy link

ferris1000 commented Sep 27, 2023

fake shipping notification, scam & phishing

pake.endofinternet.org


This Scammer claims to be from TFBank, it's a Scam and Phishing Attempt

srv200560.hoster-test.ru


handalass.us

Fake FedEx
topsvibe.com

Fake Edeka Gift Card
the-phoenixbox.com

Fake Gift Card Reward
all.freelance-ma.com

@dieechtenilente
Copy link
Author

Added them to the list, thanks! @ferris1000
Should I migrate this gist to an repository so anyone can add merge/push requests?

@ferris1000
Copy link

ferris1000 commented Sep 29, 2023

@dieechtenilente it would be great if I could add them to the list myself, that would make it easier to add new scam and phishing links directly.
I'm getting bombarded every day with spam and scam emails.

Daily aggressive Spam, scam, fake Dating Website and Phishing all together.
russiawomenonline.com

Fake shop emails
stats.news.sellsy-email-service-1.com

@dieechtenilente
Copy link
Author

@ferris1000
Copy link

ferris1000 commented Oct 14, 2023

i tried to fork it and submit the changes but I don't know if it worked or not, but here are some scam websites in the meanwhile until i figure it out how github woks:

everydayhealth.pro/anchor.php
healthandbeaty.pro/anchor.php
hoursflash.site/anchor.php
multi4yoffers.club/anchor.php
shoppinghouse.xyz/anchor.php
takechannse.store/anchor.php
takeyouroffer.site/anchor.php
tranddrops4y.life/anchor.php
whaitnording.online/anchor.php
whatdoclear.site/anchor.php

Shortner
cli.co
zipurl.link
urlz.fr

Spam
bannistertime.com
prosperitt.com
mandrillapp.com
Kaiyes.hologamyhamartias.ink
handalass.us

Phishing
fressnapf.theowensfamily.info
fiffggh.r.bh.d.sendibt3.com
insidethelikey.online
guitarmusicloud.com
loanusaimprovements.store
kjhkh.medialos.net
ladbh6fg.com
umiddleway.com
pandajimmys.quest
stats.news.sellsy-email-service-1.com

Anti Virus Scam
moy.iownyour.biz

Fake bitcoin
cointiply.com

Fake fast money
romepage.digital
touryabdel.cc

Fake gift card
handalass.us

fakeshop
lailmarketplace.com
betterness.news
tallhealthasolution.com
chobatmarketA.org

@dieechtenilente
Copy link
Author

@ferris1000 I've added them to the domains repository. Usually you just create a fork, update it to the latest master and edit the domains.txt file. Then you should be able to create a pull request

@ferris1000
Copy link

ferris1000 commented Oct 16, 2023

Thx for the hint, I will check it out tomorrow,

In the meantime there are a few more

practionard.com
percentres.com
germaticals.com
provisigotha.jp.net
andercloud.online/anchor.php
availabilityofferss.pro/anchor.php
browgrand.store/anchor.php
dealsfinance.online/anchor.php
desingwhave.online/anchor.php
healthandbeaty.pro/anchor.php
offerstop4you.xyz/anchor.php
outratline.store/anchor.php
spellbojlidt.live/anchor.php
top4youdeals.site/anchor.php
matadyne.com
amz.run
cornellinois.jp.net
setrubaliteuore.com
availabilityofferss.pro/anchor.php
vbmzkpzy.barrel-of-knowledge.info
transstore.site
nitricmedning.com
brandabble.club
thavaries.com
visorder.me
wadoo.cremploction.com

innovataq.com

shortener:
t.co

some scam websites like KetXplode are hidden behind t.co which is the twitter shortener, so it's best to block it too.

BTW: those anchor.php websites are really nasty, they are MITM attacks,
They claim to be everything, iCloud, MacAfee, certain sale websites, all behind a bitly link and a tracker.
Since a few weeks I'd reported those to Namecheap because 99% of those Fake shops, Scam websites are hosted on Namecheap but they don't seam to care, it took over 2 weeks for namecheap to take down lailsolutionAmarket but the scammer already created lailmarketplace as replacement and it's still up, same website, same scam.


chobatmarketa.org

arron.diploitative.me
droam.cremploction.com
bdealsfinance.online/anchor.php
currentlyoffers.click/anchor.php
showdealss.online/anchor.php

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment