AdGuardHome icon indicating copy to clipboard operation
AdGuardHome copied to clipboard
verified publisher icon AdguardTeam

HOSTS file domains are not blocked

Open BlohoJo opened this issue 3 years ago • 1 comments

Prerequisites

  • [X] I have checked the Wiki and Discussions and found no answer

  • [X] I have searched other issues and found no duplicates

  • [X] I want to report a bug and not ask a question

Operating system type

Windows

CPU architecture

AMD64

Installation

GitHub releases or script from README

Setup

On one machine

AdGuard Home version

107.18

Description

What did you do?

Blocked Apple tracking / ad domains in HOSTS file via Spybot Anti-Beacon

Expected result

Domain should be blocked, rewritten to 0.0.0.0

Actual result

In latest version of AdGuard 107.18, it blocks (rewrites) the domain once, then resolves the domain and lets data through immediately afterwards, according to the logs.

Screenshots (if applicable)

adguard01

adguard02

Additional information

OS is Windows Server 2008 R2 (up to date with final patches)

HOSTS data from Spybot Anti-Beacon:

# This list is Copyright 2000-2017 Safer-Networking Ltd.
0.0.0.0	app-sj01.marketo.com‍
0.0.0.0	appleglobal.102.112.2o7.net
0.0.0.0	appleglobal.112.2o7.net
0.0.0.0	pancake.g.aaplimg.com
0.0.0.0	zeusmedia.g.aaplimg.com
0.0.0.0	smoot-feedback.v.aaplimg.com
0.0.0.0	supportmetrics.apple-support.akadns.net
0.0.0.0	pipe.cloudapp.aria.akadns.net
0.0.0.0	dw-cbsi.cnet-basic-performance.akadns.net
0.0.0.0	cstat-lb.apple.com.akadns.net
0.0.0.0	gsas.apple.com.akadns.net
0.0.0.0	identity.apple.com.akadns.net
0.0.0.0	idiagnostics.apple.com.akadns.net
0.0.0.0	iphonesubmissions.apple.com.akadns.net
0.0.0.0	lcdn-locator-usuqo.apple.com.akadns.net
0.0.0.0	ocsp-lb.apple.com.akadns.net
0.0.0.0	outsideapple.apple.com.akadns.net
0.0.0.0	radarsubmissions.apple.com.akadns.net
0.0.0.0	tbsc.apple.com.akadns.net
0.0.0.0	wu.apple.com.akadns.net
0.0.0.0	wu-mdn.apple.com.akadns.net
0.0.0.0	wu-nwk.apple.com.akadns.net
0.0.0.0	pancake.cdn-apple.com.akadns.net
0.0.0.0	fr51p02sa.guzzoni-apple.com.akadns.net
0.0.0.0	mu21p02sa.guzzoni-apple.com.akadns.net
0.0.0.0	sp11p03sa.guzzoni-apple.com.akadns.net
0.0.0.0	isg-apple.com.akadns.net
0.0.0.0	mt-ingestion-service-mr22.itunes-apple.com.akadns.net
0.0.0.0	mt-ingestion-service-pv.itunes-apple.com.akadns.net
0.0.0.0	mt-ingestion-service-st11.itunes-apple.com.akadns.net
0.0.0.0	xp.itunes-apple.com.akadns.net
0.0.0.0	daf.xp.itunes-apple.com.akadns.net
0.0.0.0	prod-w.nexus.live.com.akadns.net
0.0.0.0	prod.omextemplates.live.com.akadns.net
0.0.0.0	gs-loc.ls-apple.com.akadns.net
0.0.0.0	gs-loc-new.ls-apple.com.akadns.net
0.0.0.0	gsp-ssl.ls-apple.com.akadns.net
0.0.0.0	gsp-ssl-dynamic.ls-apple.com.akadns.net
0.0.0.0	gsp-ssl-geomap.ls-apple.com.akadns.net
0.0.0.0	gsp10-ssl.ls-apple.com.akadns.net
0.0.0.0	gsp36-ssl.ls-apple.com.akadns.net
0.0.0.0	gsp47-ssl.ls-apple.com.akadns.net
0.0.0.0	gsp51-ssl.ls-apple.com.akadns.net
0.0.0.0	gsp57-ssl-background.ls-apple.com.akadns.net
0.0.0.0	gsp57-ssl-locus.ls-apple.com.akadns.net
0.0.0.0	gsp57-ssl-revgeo.ls-apple.com.akadns.net
0.0.0.0	gsp64-ssl.ls-apple.com.akadns.net
0.0.0.0	gsp9-ssl.ls-apple.com.akadns.net
0.0.0.0	iphone-services.ls-apple.com.akadns.net
0.0.0.0	gsp-ssl.ls2-apple.com.akadns.net
0.0.0.0	gsp-ssl-dynamic.ls4-apple.com.akadns.net
0.0.0.0	bn2-client-s.msnmessenger.msn.com.akadns.net
0.0.0.0	cl2-cdn.origin-apple.com.akadns.net
0.0.0.0	cl3-cdn.origin-apple.com.akadns.net
0.0.0.0	cl4-cdn.origin-apple.com.akadns.net
0.0.0.0	cl5-cdn.origin-apple.com.akadns.net
0.0.0.0	origin.seed-siri-apple.com.akadns.net
0.0.0.0	api.smoot-apple.com.akadns.net
0.0.0.0	dlc.nike.com.edgekey.net.globalredir.akadns.net
0.0.0.0	prd.col.aria.browser.skypedata.akadns.net
0.0.0.0	prd.col.aria.mobile.skypedata.akadns.net
0.0.0.0	pipe.prd.skypedata.akadns.net
0.0.0.0	msg-media.valueclick.akadns.net
0.0.0.0	eu-irl-00001.s3.dualstack.eu-west-1.amazonaws.com
0.0.0.0	aidc.apple.com
0.0.0.0	apsu.apple.com
0.0.0.0	basejumper.apple.com
0.0.0.0	books-analytics-events.apple.com
0.0.0.0	cds.apple.com
0.0.0.0	cdsassets.apple.com
0.0.0.0	cl1.apple.com
0.0.0.0	cl2.apple.com
0.0.0.0	cl3.apple.com
0.0.0.0	cl4.apple.com
0.0.0.0	cl5.apple.com
0.0.0.0	csig.apple.com
0.0.0.0	cstat.apple.com
0.0.0.0	static.deviceservices.apple.com
0.0.0.0	devimages-cdn.apple.com
0.0.0.0	api.edu.apple.com
0.0.0.0	gs-loc.apple.com
0.0.0.0	gsas.apple.com
0.0.0.0	gsp1.apple.com
0.0.0.0	gsp10-ssl.apple.com
0.0.0.0	gsp9-ssl.apple.com
0.0.0.0	iad.apple.com
0.0.0.0	iadcontent.apple.com
0.0.0.0	iadsdk.apple.com
0.0.0.0	ca.iadsdk.apple.com
0.0.0.0	cf.iadsdk.apple.com
0.0.0.0	cs.iadsdk.apple.com
0.0.0.0	news.iadsdk.apple.com
0.0.0.0	su.iadsdk.apple.com
0.0.0.0	tr.iadsdk.apple.com
0.0.0.0	ut.iadsdk.apple.com
0.0.0.0	www.iadsdk.apple.com
0.0.0.0	identity.apple.com
0.0.0.0	idiagnostics.apple.com
0.0.0.0	internalcheck.apple.com
0.0.0.0	iphone-ld.apple.com
0.0.0.0	iphone-services.apple.com
0.0.0.0	iphonesubmissions.apple.com
0.0.0.0	iphonesubmissions-old.apple.com
0.0.0.0	static.ips.apple.com
0.0.0.0	api.itunes.apple.com
0.0.0.0	carrierbundle.itunes.apple.com
0.0.0.0	cma.itunes.apple.com
0.0.0.0	desktop-music.itunes.apple.com
0.0.0.0	desktop-music-legacy.itunes.apple.com
0.0.0.0	desktop-store.itunes.apple.com
0.0.0.0	edge-search.itunes.apple.com
0.0.0.0	embed.itunes.apple.com
0.0.0.0	files.itunes.apple.com
0.0.0.0	itunesu.itunes.apple.com
0.0.0.0	mt-ingestion-service-pv.itunes.apple.com
0.0.0.0	radio-quickplay.itunes.apple.com
0.0.0.0	se-edge.itunes.apple.com
0.0.0.0	se2.itunes.apple.com
0.0.0.0	siri-search.itunes.apple.com
0.0.0.0	sitemaps.itunes.apple.com
0.0.0.0	tf-feedback.itunes.apple.com
0.0.0.0	uts-api-siri.itunes.apple.com
0.0.0.0	uts-preview.itunes.apple.com
0.0.0.0	vocabulary.itunes.apple.com
0.0.0.0	vpp-app.itunes.apple.com
0.0.0.0	web-experience.itunes.apple.com
0.0.0.0	itunesconnect.apple.com
0.0.0.0	lcdn-locator.apple.com
0.0.0.0	configuration.ls.apple.com
0.0.0.0	gsp-ssl.ls.apple.com
0.0.0.0	gsp10-ssl.ls.apple.com
0.0.0.0	gsp36-ssl.ls.apple.com
0.0.0.0	gsp47-ssl.ls.apple.com
0.0.0.0	gsp51-ssl.ls.apple.com
0.0.0.0	gsp57-ssl-background.ls.apple.com
0.0.0.0	gsp57-ssl-locus.ls.apple.com
0.0.0.0	gsp57-ssl-revgeo.ls.apple.com
0.0.0.0	gsp64-ssl.ls.apple.com
0.0.0.0	gsp85-ssl.ls.apple.com
0.0.0.0	metrics.apple.com
0.0.0.0	sb.music.apple.com
0.0.0.0	news-events.apple.com
0.0.0.0	notes-analytics-events.apple.com
0.0.0.0	ocsp.apple.com
0.0.0.0	outsideapple.apple.com
0.0.0.0	pancake.apple.com
0.0.0.0	pcr.apple.com
0.0.0.0	ftreporter.push.apple.com
0.0.0.0	radarsubmissions.apple.com
0.0.0.0	securemetrics.apple.com
0.0.0.0	seed.siri.apple.com
0.0.0.0	api.smoot.apple.com
0.0.0.0	api-aka.smoot.apple.com
0.0.0.0	daypass.api-aka.smoot.apple.com
0.0.0.0	api-glb.smoot.apple.com
0.0.0.0	api-glb-ams.smoot.apple.com
0.0.0.0	api-glb-ash.smoot.apple.com
0.0.0.0	api-glb-atl.smoot.apple.com
0.0.0.0	daypass.api-glb-atl.smoot.apple.com
0.0.0.0	api-glb-bln.smoot.apple.com
0.0.0.0	api-glb-dal.smoot.apple.com
0.0.0.0	api-glb-den.smoot.apple.com
0.0.0.0	api-glb-drf.smoot.apple.com
0.0.0.0	api-glb-fra.smoot.apple.com
0.0.0.0	api-glb-lon.smoot.apple.com
0.0.0.0	daypass.api-glb-lon.smoot.apple.com
0.0.0.0	api-glb-man.smoot.apple.com
0.0.0.0	api-glb-nyc.smoot.apple.com
0.0.0.0	api-glb-sea.smoot.apple.com
0.0.0.0	daypass.api-glb-sea.smoot.apple.com
0.0.0.0	daypass.api-glb-sto.smoot.apple.com
0.0.0.0	cdn.smoot.apple.com
0.0.0.0	fbs.smoot.apple.com
0.0.0.0	ssl.apple.com
0.0.0.0	stocks-analytics-events.apple.com
0.0.0.0	stocks-sparkline.apple.com
0.0.0.0	supportmetrics.apple.com
0.0.0.0	tbsc.apple.com
0.0.0.0	sb.tv.apple.com
0.0.0.0	valid.apple.com
0.0.0.0	videos.apple.com
0.0.0.0	api.videos.apple.com
0.0.0.0	weather-analytics-events.apple.com
0.0.0.0	wu-calculator.apple.com
0.0.0.0	xp.apple.com
0.0.0.0	daf.xp.apple.com
0.0.0.0	zeusmedia.apple.com
0.0.0.0	defra.ce.apple-dns.net
0.0.0.0	edge-001.defra.ce.apple-dns.net
0.0.0.0	edge-009.defra.ce.apple-dns.net
0.0.0.0	edge-012.defra.ce.apple-dns.net
0.0.0.0	edge-013.defra.ce.apple-dns.net
0.0.0.0	edge-017.defra.ce.apple-dns.net
0.0.0.0	edge-024.defra.ce.apple-dns.net
0.0.0.0	gblon.ce.apple-dns.net
0.0.0.0	edge-010.gblon.ce.apple-dns.net
0.0.0.0	edge-012.gblon.ce.apple-dns.net
0.0.0.0	edge-031.gblon.ce.apple-dns.net
0.0.0.0	edge-032.gblon.ce.apple-dns.net
0.0.0.0	edge-040.gblon.ce.apple-dns.net
0.0.0.0	edge-044.gblon.ce.apple-dns.net
0.0.0.0	edge-045.gblon.ce.apple-dns.net
0.0.0.0	gbman.ce.apple-dns.net
0.0.0.0	edge-014.gbman.ce.apple-dns.net
0.0.0.0	edge-024.gbman.ce.apple-dns.net
0.0.0.0	searn.ce.apple-dns.net
0.0.0.0	usbos.ce.apple-dns.net
0.0.0.0	usnyc.ce.apple-dns.net
0.0.0.0	edge-003.usnyc.ce.apple-dns.net
0.0.0.0	edge-035.usnyc.ce.apple-dns.net
0.0.0.0	feedbackws.fe.apple-dns.net
0.0.0.0	metrics.fe.apple-dns.net
0.0.0.0	me.apple-dns.net
0.0.0.0	books-analytics-events.news.apple-dns.net
0.0.0.0	news-events.news.apple-dns.net
0.0.0.0	notes-analytics-events.news.apple-dns.net
0.0.0.0	stocks-analytics-events.news.apple-dns.net
0.0.0.0	weather-analytics-events.news.apple-dns.net
0.0.0.0	health-assets.cdn-apple.com
0.0.0.0	iadsdk.apple.com.edgekey.net
0.0.0.0	pancake.apple.com.edgekey.net
0.0.0.0	health-assets.cdn-apple.com.edgekey.net
0.0.0.0	cstat.apple.com.edgesuite.net
0.0.0.0	gcs-eu-00002.content-storage-download.googleapis.com
0.0.0.0	feedbackws.icloud.com
0.0.0.0	metrics.icloud.com
0.0.0.0	messaging.metrics.icloud.com
0.0.0.0	apps.itunes-nocookie.com
0.0.0.0	accertify.mzstatic.com
0.0.0.0	dzc-metrics.mzstatic.com
0.0.0.0	itc.mzstatic.com
0.0.0.0	metrics.mzstatic.com
0.0.0.0	store.mzstatic.com
0.0.0.0	t.appsflyer.com
0.0.0.0	analytics.ff.avast.com
0.0.0.0	analytics.ns1.ff.avast.com
0.0.0.0	v7event.stats.avcdn.net
0.0.0.0	v7.stats.avcdn.net
0.0.0.0	ads.avocet.io
0.0.0.0	telemetry.battle.net
0.0.0.0	analytics.rollout.io
0.0.0.0	metrics.ol.epicgames.com
0.0.0.0	a.fiksu.com
0.0.0.0	sdk.fiksu.com
0.0.0.0	settings.crashlytics.com
0.0.0.0	e.crashlytics.com
0.0.0.0	firebase-settings.crashlytics.com
0.0.0.0	insights-collector.gog.com
0.0.0.0	ssl.google-analytics.com
0.0.0.0	ssl-google-analytics.l.google.com
0.0.0.0	static.hotjar.com
0.0.0.0	flow.lavasoft.com
0.0.0.0	telemetry.servers.getgo.com
0.0.0.0	telemetry.malwarebytes.com
0.0.0.0	ws.mcafee.com
0.0.0.0	analytics.ccs.mcafee.com
0.0.0.0	analyticsdcs.ccs.mcafee.com
0.0.0.0	gate.hockeyapp.net
0.0.0.0	dc.services.visualstudio.com
0.0.0.0	api.mixpanel.com
0.0.0.0	decide.mixpanel.com
0.0.0.0	ads.mopub.com
0.0.0.0	incoming.telemetry.mozilla.org
0.0.0.0	h.online-metrix.net
0.0.0.0	analytics.paddle.com
0.0.0.0	treasuredata.com
0.0.0.0	in.treasuredata.com
0.0.0.0	redshell.io
0.0.0.0	api.redshell.io
0.0.0.0	carcharodon.trendmicro.com
0.0.0.0	cdn.segment.com
0.0.0.0	api.segment.io
0.0.0.0	mobile-service.segment.com
0.0.0.0	a.ads1.msn.com
0.0.0.0	a.ads2.msads.net
0.0.0.0	a.ads2.msn.com
0.0.0.0	a.rad.msn.com
0.0.0.0	a-0001.a-msedge.net
0.0.0.0	a-0002.a-msedge.net
0.0.0.0	a-0003.a-msedge.net
0.0.0.0	a-0004.a-msedge.net
0.0.0.0	a-0005.a-msedge.net
0.0.0.0	a-0006.a-msedge.net
0.0.0.0	a-0007.a-msedge.net
0.0.0.0	a-0008.a-msedge.net
0.0.0.0	a-0009.a-msedge.net
0.0.0.0	ac3.msn.com
0.0.0.0	ad.doubleclick.net
0.0.0.0	adnexus.net
0.0.0.0	adnxs.com
0.0.0.0	ads.msn.com
0.0.0.0	ads1.msads.net
0.0.0.0	ads1.msn.com
0.0.0.0	aidps.atdmt.com
0.0.0.0	aka-cdn-ns.adtech.de
0.0.0.0	a-msedge.net
0.0.0.0	apps.skype.com
0.0.0.0	az361816.vo.msecnd.net
0.0.0.0	az512334.vo.msecnd.net
0.0.0.0	b.ads1.msn.com
0.0.0.0	b.ads2.msads.net
0.0.0.0	b.rad.msn.com
0.0.0.0	bs.serving-sys.com
0.0.0.0	c.atdmt.com
0.0.0.0	c.msn.com
0.0.0.0	cdn.atdmt.com
0.0.0.0	cds26.ams9.msecn.net
0.0.0.0	compatexchange.cloudapp.net
0.0.0.0	corpext.msitadfs.glbdns2.microsoft.com
0.0.0.0	cs1.wpc.v0cdn.net
0.0.0.0	db3aqu.atdmt.com
0.0.0.0	ec.atdmt.com
0.0.0.0	fe2.update.microsoft.com.akadns.net
0.0.0.0	feedback.microsoft-hohm.com
0.0.0.0	flex.msn.com
0.0.0.0	g.msn.com
0.0.0.0	h1.msn.com
0.0.0.0	lb1.www.ms.akadns.net
0.0.0.0	live.rads.msn.com
0.0.0.0	m.adnxs.com
0.0.0.0	m.hotmail.com
0.0.0.0	msedge.net
0.0.0.0	msftncsi.com
0.0.0.0	msnbot-65-55-108-23.search.msn.com
0.0.0.0	msntest.serving-sys.com
0.0.0.0	pre.footprintpredict.com
0.0.0.0	preview.msn.com
0.0.0.0	pricelist.skype.com
0.0.0.0	rad.live.com
0.0.0.0	rad.msn.com
0.0.0.0	s.gateway.messenger.live.com
0.0.0.0	s0.2mdn.net
0.0.0.0	schemas.microsoft.akadns.net
0.0.0.0	secure.adnxs.com
0.0.0.0	secure.flashtalking.com
0.0.0.0	sls.update.microsoft.com.akadns.net
0.0.0.0	static.2mdn.net
0.0.0.0	statsfe1.ws.microsoft.com
0.0.0.0	statsfe2.update.microsoft.com.akadns.net
0.0.0.0	statsfe2.ws.microsoft.com
0.0.0.0	survey.watson.microsoft.com
0.0.0.0	view.atdmt.com
0.0.0.0	www.msftncsi.com
0.0.0.0	choice.microsoft.com
0.0.0.0	choice.microsoft.com.nstac.net
0.0.0.0	df.telemetry.microsoft.com
0.0.0.0	oca.telemetry.microsoft.com
0.0.0.0	oca.telemetry.microsoft.com.nsatc.net
0.0.0.0	redir.metaservices.microsoft.com
0.0.0.0	reports.wes.df.telemetry.microsoft.com
0.0.0.0	services.wes.df.telemetry.microsoft.com
0.0.0.0	settings-sandbox.data.microsoft.com
0.0.0.0	settings-win.data.microsoft.com
0.0.0.0	sqm.df.telemetry.microsoft.com
0.0.0.0	sqm.telemetry.microsoft.com
0.0.0.0	sqm.telemetry.microsoft.com.nsatc.net
0.0.0.0	telecommand.telemetry.microsoft.com
0.0.0.0	telecommand.telemetry.microsoft.com.nsatc.net
0.0.0.0	telemetry.appex.bing.net
0.0.0.0	telemetry.microsoft.com
0.0.0.0	telemetry.urs.microsoft.com
0.0.0.0	vortex-sandbox.data.microsoft.com
0.0.0.0	vortex-win.data.microsoft.com
0.0.0.0	vortex.data.microsoft.com
0.0.0.0	watson.telemetry.microsoft.com
0.0.0.0	watson.telemetry.microsoft.com.nsatc.net
0.0.0.0	watson.ppe.telemetry.microsoft.com
0.0.0.0	wes.df.telemetry.microsoft.com
0.0.0.0	vortex-bn2.metron.live.com.nsatc.net
0.0.0.0	vortex-cy2.metron.live.com.nsatc.net
0.0.0.0	watson.live.com
0.0.0.0	watson.microsoft.com
0.0.0.0	feedback.search.microsoft.com
0.0.0.0	feedback.windows.com
0.0.0.0	corp.sts.microsoft.com
0.0.0.0	diagnostics.support.microsoft.com
0.0.0.0	i1.services.social.microsoft.com
0.0.0.0	i1.services.social.microsoft.com.nsatc.net
0.0.0.0	vortex-bn2.metron.live.com.nsatc.net
0.0.0.0	vortex-cy2.metron.live.com.nsatc.net
0.0.0.0	ca.telemetry.microsoft.com
0.0.0.0	cache.datamart.windows.com
0.0.0.0	diagnostics.support.microsoft.com
0.0.0.0	spynet2.microsoft.com
0.0.0.0	spynetalt.microsoft.com
# End of entries inserted by Spybot Anti-Beacon for Windows 10

BlohoJo avatar Nov 10 '22 05:11 BlohoJo

Not sure why, maybe you can enable verbose log to see what's happen.

fernvenue avatar Nov 13 '22 05:11 fernvenue

If you look at the request types, it's processing HTTPS queries, not IP records. These will not resolve to an IP for the purposes of connecting to the server in question. In that sense, there's nothing to rewrite/block. Only A and AAAA record lookups need rewriting to 0.0.0.0 here, which prevents your client(s) from connecting to the domain in question. The HTTPS lookup is simply asking for information about the domain. See here.

RainmakerRaw avatar Dec 08 '22 01:12 RainmakerRaw

RainmakerRaw is correct. We currently only rewrite A and AAAA records for system /etc/hosts files. You can add this file as a separate filtering rule list instead, which will block all types of queries.

ainar-g avatar Dec 08 '22 13:12 ainar-g

That makes sense, thanks very much for the helpful info! :)

BlohoJo avatar Dec 09 '22 03:12 BlohoJo